公开(公告)号：WO2021252078A1

公开(公告)日：2021-12-16

申请号：PCT/US2021/028330

申请日：2021-04-21

申请人： MICROSOFT TECHNOLOGY LICENSING, LLC

发明人： THANGAPANDI, Shivakumar ,  GUPTA, Abhishek ,  ARORA, Vikrant

IPC分类号： H04L29/06 ,  H04L29/08 ,  G06F2009/45595 ,  G06F9/45558 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0485 ,  H04L63/061 ,  H04L63/0876 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L67/148

摘要： Techniques are disclosed for live migrating an existing connection between a local gateway in a virtualized computing environment and a remote gateway. The existing IKE and IPSec connection are frozen. MMSA and QMSA data for the IKE and IPSec connection are saved. Data for the existing IKE and IPSec connection is cleared at the local gateway without sending a message to the remote gateway. The saved MMSA and QMSA data are transferred to a new local gateway. Using the saved MMSA and QMSA data, a state for the existing IKE and IPSec connection is reconstructed at the new local gateway. The existing IKE and IPSec connection is enabled.

公开(公告)号：WO2021203126A1

公开(公告)日：2021-10-07

申请号：PCT/US2021/070328

申请日：2021-03-29

申请人： BMC SOFTWARE, INC.

发明人： ANDERSON, Eric Michael ,  FARRELL, Brendan ,  RANGWALA, Saifuddin Fazlehusen ,  KUMAR, Ajoy

IPC分类号： H04L29/08 ,  G06F2009/45595 ,  G06F9/45558 ,  G06F9/5072 ,  G06F9/547 ,  H04L12/4633 ,  H04L12/66 ,  H04L63/0272 ,  H04L67/10 ,  H04L67/28

摘要： A cloud-native proxy gateway is reachable from a central server and from an isolated cloud VM. A method allows legacy (non-cloud native) solutions to establish a secure connection to the isolated cloud VM, even when incoming port flows are not enabled. The method involves transforming a TCP/IP network connection request into a cloud API call, ignoring IP addresses, and instead using a unique cloud resource identifier as the primary network routing methodology. In response to a communication connection request by the central server, the isolated VM establishes a reverse tunnel to the cloud-native proxy gateway. Communication flow initiated by the central server proceeds through the reverse tunnel to the isolated VM, avoiding an issue of duplicate IP addresses in the cloud.

公开(公告)号：WO2023278851A1

公开(公告)日：2023-01-05

申请号：PCT/US2022/035975

申请日：2022-07-01

申请人： COMMSCOPE TECHNOLOGIES LLC

发明人： NI, James J ,  RAMAKRISHNAN, Shanthakumar ,  CHAN, Tat Keung ,  MEDVINSKY, Alexander ,  VENKATESH, Prashanth ,  SAMBANDAN, Devaraj

IPC分类号： H04L9/40 ,  H04L41/342 ,  H04L9/32 ,  H04W24/04 ,  H04L67/289 ,  H04L63/0272 ,  H04W12/0431 ,  H04W12/069

摘要： In one embodiment, a method for secure virtualized wireless base station orchestration comprises: obtaining a node certificate and private key from a global CA defining a PKI signing certificate/private key; obtaining a sub CA certificate/private key from either an edge cloud node cluster or the global CA, using a PKI request signed using the PKI signing certificate/private key; establishing an orchestration access IPsec tunnel to a cloud comprising edge cloud orchestration functions; utilizing the orchestration functions to deploy on the node virtualized entities comprising VNFs of a wireless base station; obtaining at least one VNF certificate and private key for the VNFs from the global CA using a PKI request signed using the global certificate/private key; utilizing the VNF certificate/private key, establishing IPsec tunnels between the VNFs and a wireless network services operator network and/or to an OAM secure gateway for a DMS.

公开(公告)号：WO2022208411A1

公开(公告)日：2022-10-06

申请号：PCT/IB2022/052986

申请日：2022-03-30

申请人： NETSWEEPER (BARBADOS) INC.

发明人： ERB, Jeremy D. ,  GORUK, James W.

IPC分类号： H04L9/40 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/0272 ,  H04L63/0281

摘要： A user application is executed with an operating system. The operating system enables access to a remote network resource via a network interface and enables a virtual private network (VPN) connection. The operating system enforces use of the VPN connection by the user application. A network-access application is set as a remote endpoint of the VPN connection. The network-access application communicates with the remote network resource on behalf of the user application.

公开(公告)号：WO2022072862A1

公开(公告)日：2022-04-07

申请号：PCT/US2021/053218

申请日：2021-10-01

申请人： PRIVACYCHAIN, LLC

发明人： FEOLA, Christopher J. ,  HAYDEN, Geoffrey M.

IPC分类号： H04L29/06 ,  G06Q20/40 ,  G06F16/27 ,  G06F9/547 ,  G06Q20/123 ,  G06Q20/223 ,  G06Q20/389 ,  H04L63/0236 ,  H04L63/0272 ,  H04L67/1093 ,  H04L9/0819 ,  H04L9/0894 ,  H04L9/14

摘要： A peer-to-peer (P2P) distributed data management system (DDMS) may operate as an operating system on which P2P distributed applications are utilized to manage data on distributed ledgers, such as blockchains. The DDMS may enable fast development of secure and scalable enterprise P2P distributed applications that support permanent control of every piece of data on a distributed ledger, synchronization, normalization of the data, and encryption of the data. Security of the data in the distributed ledger means that even if someone hacks into the distributed ledger, access is only gained to one block of data (e.g., single email) and not all blocks of data (e.g., entire email account). The DDMS may be integrated into Internet-of-Things (IoT) devices. The DDMS further automatically supports sequential smart contracts on the distributed ledger.

公开(公告)号：WO2021118910A2

公开(公告)日：2021-06-17

申请号：PCT/US2020/063553

申请日：2020-12-07

申请人： ROSE, Evan, C.

发明人： ROSE, Evan, C.

IPC分类号： H04L29/06 ,  G06F21/32 ,  G06F21/6218 ,  G06F21/64 ,  G06F3/0481 ,  G06F3/0482 ,  G06F3/0488 ,  G06F3/04883 ,  G06F9/30 ,  G06F9/451 ,  G06N20/00 ,  G06Q10/10 ,  G06Q20/065 ,  G06Q20/1085 ,  G06Q20/18 ,  G06Q20/202 ,  G06Q20/206 ,  G06Q20/36 ,  G06Q20/367 ,  G06Q20/3823 ,  G06Q20/3825 ,  G06Q20/3829 ,  G06Q20/401 ,  G06Q20/4012 ,  G06Q20/40145 ,  G06Q20/4016 ,  G06Q20/405 ,  G07F19/202 ,  G07F19/211 ,  G07F9/002 ,  H04L2209/38 ,  H04L63/0272 ,  H04L63/0861 ,  H04L63/123 ,  H04L63/166 ,  H04L67/36

摘要： Distributed terminals network management, systems, devices, interfaces and workflows are described. In some embodiments, the terminals may be hardware terminals, kiosks, or clients. In some embodiments, a security analysis may be performed, and security scores may be determined, for visitors requesting operations at terminals based on an operator configuration. Security scores may be determined by a provider, in communication with the operator terminals, based on aggregation of a plurality of factors, wherein each factor may be weighted. The factors may incorporate operator settings or preferences. In one embodiment, the factors include one or more facial recognition factors. The one or more facial recognition factors may be used for biometric authentication. The provider may use the security scores to determine user privileges or permissions for the operations. The provider may deliver instructions or messages to the terminals based on the determinations.

公开(公告)号：WO2022240522A1

公开(公告)日：2022-11-17

申请号：PCT/US2022/024170

申请日：2022-04-10

申请人： MICROSOFT TECHNOLOGY LICENSING, LLC

发明人： NARULA, Deepak ,  THANGAPANDI, Shivakumar ,  ARORA, Vikrant ,  GUPTA, Abhishek ,  WATE, Amol ,  NAGRANI, Simran Rajkumar ,  DESHPANDE, Nilambari Narayan ,  WEI, Ning

IPC分类号： H04L12/46 ,  H04L12/4641 ,  H04L43/0817 ,  H04L61/5007 ,  H04L63/0272 ,  H04L63/166

摘要： The techniques described herein enable the establishment of two simultaneous virtual private network (VPN) connections for a VPN client operating on a remote computing device. The VPN client can establish first VPN connection with a first VPN server instance of a VPN gateway and a second VPN connection with a second VPN server instance of the VPN gateway. To establish two simultaneous VPN connections, the VPN client is configured to create and/or use two Transmission Control Protocol (TCP) sockets. In one example, a first VPN connection can be a primary VPN connection and a second VPN connection can be a dormant VPN connection configured as a backup in case of a service interruption with the first VPN connection. In another example, a data flow can be split across the first and second VPN connections, or alternate between using the first and second VPN connections, based on performance parameters.

公开(公告)号：WO2022005602A1

公开(公告)日：2022-01-06

申请号：PCT/US2021/030802

申请日：2021-05-05

申请人： MICROSOFT TECHNOLOGY LICENSING, LLC

发明人： JOWETT, Alan, Thomas, Gavin ,  HODGKINSON, Andrew, Albert ,  CRANDALL, Lance, Vernon ,  PINKSTON, Jeffrey, Scott

IPC分类号： G06F21/33 ,  H04L9/32 ,  H04L29/06 ,  H04W12/06 ,  G06F21/335 ,  H04L63/0272 ,  H04L63/0435 ,  H04L63/08 ,  H04L63/0807 ,  H04L63/0876 ,  H04L63/10 ,  H04L63/20 ,  H04L9/3213

摘要： A method of and system for utilizing an access token to authenticate a client device for accessing a resource server include generating a session key for a communication session between the device and a resource server, deriving a nonce from the session key, and transmitting a request to an identity platform for authenticating the device to access the resource server, where the request includes the nonce. Upon confirmation of authentication, the method and system may include receiving an access token from the identity platform, the access token including information that confirms authentication of the device, and transmitting the access token to the resource server to enable access to the resource server, where the access token includes the nonce.

公开(公告)号：WO2021257111A1

公开(公告)日：2021-12-23

申请号：PCT/US2020/064670

申请日：2020-12-11

申请人： INTEL CORPORATION

发明人： CONNOR, Patrick ,  HEARN, James R. ,  LIEDTKE, Kevin ,  DUBAL, Scott P.

IPC分类号： H04L12/931 ,  G06F9/455 ,  H04L12/803 ,  H04L12/823 ,  H04L29/08 ,  H04L29/06 ,  G06F2009/4557 ,  G06F2009/45583 ,  G06F2009/45595 ,  G06F9/45558 ,  H04L12/4645 ,  H04L47/125 ,  H04L47/32 ,  H04L49/356 ,  H04L63/0227 ,  H04L63/0272 ,  H04L63/1408 ,  H04L63/166 ,  H04L67/02 ,  H04L67/1097 ,  H04L67/34 ,  H04L69/161 ,  H04L69/22

摘要： Examples described herein relate to a switch device for a rack of two or more physical servers, wherein the switch device is coupled to the two or more physical servers and the switch device performs packet protocol processing termination for received packets and provides payload data from the received packets without a received packet header to a destination buffer of a destination physical server in the rack. In some examples, the switch device comprises at least one central processing unit, the at least one central processing unit is to execute packet processing operations on the received packets. In some examples, a physical server executes at least one virtualized execution environments (VEE) and the at least one central processing unit executes a VEE for packet processing of packets with data to be accessed by the physical server that executes the VEE.

公开(公告)号：WO2021231065A1

公开(公告)日：2021-11-18

申请号：PCT/US2021/028911

申请日：2021-04-23

申请人： CITRIX SYSTEMS, INC.

发明人： MOMCHILOV, Georgy ,  PAGE, James ,  SAMPATH, Santosh

IPC分类号： G06F21/32 ,  H04L29/06 ,  H04L63/0272 ,  H04L63/0807 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0884 ,  H04L63/10 ,  H04W12/06

摘要： A computer system is provided. The computer system includes a memory, a network interface, and at least one processor coupled to the memory and the network interface. The processor is configured to intercept a request transmitted by an application hosted within a virtual computing session, the request being a request to be authorized to access a resource; pass the request to a virtualization agent hosted outside the virtual computing session; receive a response to the request, the response including a credential granting authorization to access the resource; and pass the response to the application to authorize the application to access the resource through use of the credential.