公开(公告)号：US20120036238A1

公开(公告)日：2012-02-09

申请号：US13274706

申请日：2011-10-17

申请人： Ravi Sundaram ,  Hariharan S. Rahul

发明人： Ravi Sundaram ,  Hariharan S. Rahul

IPC分类号： G06F15/177

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L41/046 ,  H04L41/06 ,  H04L41/0896 ,  H04L61/1511 ,  H04L61/1552 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L69/329 ,  H04L69/40

摘要： An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.

摘要翻译： 基础设施“保险”机制使得网站能够在站点发生特定事件时故障切换到内容传送网络（CDN）。 在这种情况下，站点的内容的至少一部分优先地从CDN提供，使得期望内容的最终用户仍然可以得到它，即使内容不是从原始站点可用。 在操作中，例如通过将DNS查询解析为站点的IP地址，直到检测到给定的事件为止，以通常的方式从站点服务内容请求。 此后，DNS查询由基于CDN动态DNS的请求路由机制进行管理，以便将这些查询解析为最佳的CDN边缘服务器。 在导致事件发生的事件已经过去之后，站点的DNS的控制可以从CDN返回到原始服务器的DNS机制。

公开(公告)号：US07929429B2

公开(公告)日：2011-04-19

申请号：US11858261

申请日：2007-09-20

申请人： Claudson F. Bornstein ,  Timothy K. Canfield ,  Gary L. Miller ,  Satish B. Rao ,  Ravi Sundaram

发明人： Claudson F. Bornstein ,  Timothy K. Canfield ,  Gary L. Miller ,  Satish B. Rao ,  Ravi Sundaram

IPC分类号： H04J1/16

CPC分类号： H04L67/06 ,  H04L29/06 ,  H04L45/00 ,  H04L45/22 ,  H04L45/26 ,  H04L67/26 ,  H04L67/2814 ,  H04L67/2842 ,  H04L67/289 ,  H04L67/322 ,  H04L69/329 ,  H04L69/40

摘要： A routing mechanism, service or system operable in a distributed networking environment. One preferred environment is a content delivery network (CDN) wherein the present invention provides improved connectivity back to an origin server, especially for HTTP traffic. In a CDN, edge servers are typically organized into regions, with each region comprising a set of content servers that preferably operate in a peer-to-peer manner and share data across a common backbone such as a local area network (LAN). The inventive routing technique enables an edge server operating within a given CDN region to retrieve content (cacheable, non-cacheable and the like) from an origin server more efficiently by selectively routing through the CDN's own nodes, thereby avoiding network congestion and hot spots. The invention enables an edge server to fetch content from an origin server through an intermediate CDN server or, more generally, enables an edge server within a given first region to fetch content from the origin server through an intermediate CDN region.

摘要翻译： 在分布式网络环境中可操作的路由机制，业务或系统。 一个优选的环境是内容传送网络（CDN），其中本发明提供了到原始服务器的改进的连接，特别是对于HTTP流量。 在CDN中，边缘服务器通常被组织成区域，每个区域包括一组内容服务器，其优选地以点对点的方式操作，并且通过诸如局域网（LAN）的公共骨干网共享数据。 本发明的路由技术使得在给定CDN区域内的边缘服务器能够通过选择性地路由通过CDN自己的节点更有效地从原始服务器检索内容（可高速缓存，不可缓存等），从而避免网络拥塞和热点。 本发明使得边缘服务器能够通过中间CDN服务器从原始服务器获取内容，或者更一般地，允许给定第一区域内的边缘服务器通过中间CDN区域从原始服务器获取内容。

公开(公告)号：US07926104B1

公开(公告)日：2011-04-12

申请号：US10826897

申请日：2004-04-16

申请人： Ravi Sundaram ,  Walter C. Milliken

发明人： Ravi Sundaram ,  Walter C. Milliken

IPC分类号： G06F12/14 ,  G06F11/30 ,  G06F15/16 ,  H04L29/06

CPC分类号： H04L63/1466 ,  H04L29/12056 ,  H04L29/12226 ,  H04L61/15 ,  H04L61/1505 ,  H04L61/20 ,  H04L61/2015 ,  H04L63/0227 ,  H04L63/108 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1491 ,  H04L63/16

摘要： Methods and systems for detection and/or prevention of network attacks can include the use of multiple and/or time-dependent addresses coupled with filtering by the directory or naming service. The directory service can respond to requests for the address of a resource by returning an address that can be relocated over time by coordinating the directory service entry with the host and network address configuration data and/or by returning an address specific to the requestor. Thus, the directory service can track and build profiles of matches between requestors and accesses. The methods and systems can use the time dependent addresses and profiles to distinguish legitimate accesses from unauthorized or malicious ones. Requests for non-valid addresses can be misdirected to “empty” addresses or to detection devices.

摘要翻译： 用于检测和/或防止网络攻击的方法和系统可以包括使用多个和/或与时间相关的地址，以及通过目录或命名服务的过滤。 目录服务可以通过使用主机和网络地址配置数据协调目录服务条目和/或返回特定于请求者的地址来返回可以随时间重新定位的地址来响应对资源的地址的请求。 因此，目录服务可以跟踪和构建请求者和访问之间的匹配的配置文件。 方法和系统可以使用与时间相关的地址和配置文件来区分合法访问与未经授权的或恶意的访问。 对非有效地址的请求可能被误导到“空”地址或检测设备。

公开(公告)号：US20080071925A1

公开(公告)日：2008-03-20

申请号：US11522579

申请日：2006-09-18

申请人： F. Thomson Leighton ,  Daniel M. Lewin ,  Anne E. Lewin ,  Ravi Sundaram ,  Rizwan S. Dhanidina ,  Robert Kleinberg ,  Matthew Levine ,  Adrian M. Soviani ,  Bruce Maggs ,  Hariharan Shankar Rahul ,  Srikanth Thirumalai ,  Jay Gunvantrai Parikh ,  Yoav O. Yerushalmi

发明人： F. Thomson Leighton ,  Daniel M. Lewin ,  Anne E. Lewin ,  Ravi Sundaram ,  Rizwan S. Dhanidina ,  Robert Kleinberg ,  Matthew Levine ,  Adrian M. Soviani ,  Bruce Maggs ,  Hariharan Shankar Rahul ,  Srikanth Thirumalai ,  Jay Gunvantrai Parikh ,  Yoav O. Yerushalmi

IPC分类号： G06F15/173

CPC分类号： H04L29/12066 ,  H04L43/0829 ,  H04L43/0864 ,  H04L43/10 ,  H04L43/12 ,  H04L45/00 ,  H04L47/10 ,  H04L47/125 ,  H04L47/283 ,  H04L61/1511 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/101

摘要： The invention is an intelligent traffic redirection system that does global load balancing. It can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site.

摘要翻译： 本发明是实现全局负载平衡的智能流量重定向系统。 它可以用于最终用户需要访问复制资源的任何情况。 该方法将最终用户指向适当的副本，以便从网络的角度来看，复制副本的路由是不错的，并且副本没有超载。 该技术优选地使用域名服务（DNS）来为适当的副本提供IP地址。 最常见的用途是将流量引导到镜像网站。

公开(公告)号：US20050058288A1

公开(公告)日：2005-03-17

申请号：US10649855

申请日：2003-08-26

申请人： Ravi Sundaram ,  William Yerazunis

发明人： Ravi Sundaram ,  William Yerazunis

IPC分类号： G06K19/10 ,  H04L9/10 ,  H04L9/32 ,  H04K1/00

CPC分类号： H04L9/3218 ,  H04L9/002 ,  H04L9/3013

摘要： A method authenticates di identities in parallel using two prime numbers p and q such that q|p−1. Each identity includes a private key si and a public key vi, and a publicly known generator is α such that αq≡1 (mod p). A verifier is provided with an ordered list of the public keys vi. A prover selects uniformly at random a non-negative number r less than q. A number x=αr (mod p) is sent from the prover to a verifier. The verifier selects uniformly at random a non-negative number e less than 2(t+logd), where log is base 2, and a number t is a predetermined security parameter. The prover receives from the verifier the number e. A number y=r+Σi si*ei (mod q) is generated by the prover, and the number Y is sent to the verifier, who then determines if an equality x=αy*Πi(vi)ei (mod p) is true. The prover is accepted as having the di identities if and only if the equality is true. In a preferred embodiment the communications between the prover and the verifier is via a low-bandwidth optical channel.

摘要翻译： 一种方法使用两个质数p和q并行地验证二个身份，使得q | p-1。 每个身份包括私钥si和公开密钥vi，并且公知的生成器是α，使得alpha = 1（mod p）。 验证者具有公钥的有序列表vi。 证明者随机选择小于q的非负数r。 数字x = alpha（mod p）从证明者发送到验证者。 验证者随机选择小于2 <（t + logd）>的非负数e，其中log为基数2，数t为预定的安全参数。 证明者从验证者那里收到数字e。 编号y = r + Sigmai si * e（mod q）由证明者生成，并且将数字Y发送给验证者，验证者然后确定是否相等x =α * Pii（vi） << i >>（mod p）为真。 当且仅当平等是真实的，证明者被接受为具有二重身份。 在优选实施例中，证明者和验证者之间的通信是经由低带宽光信道。

公开(公告)号：US08239530B2

公开(公告)日：2012-08-07

申请号：US13274706

申请日：2011-10-17

申请人： Ravi Sundaram ,  Hariharan S. Rahul

发明人： Ravi Sundaram ,  Hariharan S. Rahul

IPC分类号： G06F15/173

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L41/046 ,  H04L41/06 ,  H04L41/0896 ,  H04L61/1511 ,  H04L61/1552 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L69/329 ,  H04L69/40

摘要： An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.

摘要翻译： 基础设施“保险”机制使得网站能够在站点发生特定事件时故障切换到内容传送网络（CDN）。 在这种情况下，站点的内容的至少一部分优先地从CDN提供，使得期望内容的最终用户仍然可以得到它，即使内容不是从原始站点可用。 在操作中，例如通过将DNS查询解析为站点的IP地址，直到检测到给定的事件为止，以通常的方式从站点服务内容请求。 此后，DNS查询由基于CDN动态DNS的请求路由机制进行管理，以便将这些查询解析为最佳的CDN边缘服务器。 在导致事件发生的事件已经过去之后，站点的DNS的控制可以从CDN返回到原始服务器的DNS机制。

公开(公告)号：US20120008494A1

公开(公告)日：2012-01-12

申请号：US12832417

申请日：2010-07-08

申请人： Nikolaos Laoutaris ,  Parminder Chhabra ,  Pablo Rodriguez Rodriguez ,  Ravi Sundaram

发明人： Nikolaos Laoutaris ,  Parminder Chhabra ,  Pablo Rodriguez Rodriguez ,  Ravi Sundaram

IPC分类号： H04L12/56

CPC分类号： H04L41/0896 ,  H04L12/14 ,  H04L43/067 ,  H04L47/822 ,  H04L47/826

摘要： The invention describes a method of providing incentives to users via supporting mechanisms and algorithms for facilitating the move of DT traffic to off-peak hours. It proposes an efficient utilization of the network resources during peak hour under a flat-rate pricing scheme with the cooperation and blessing of the users and without adding complexity to billing.

摘要翻译： 本发明描述了一种通过支持机制和算法为用户提供激励以便于将DT流量移动到非高峰时间的方法。 提出在高峰时段，在统一费率定价方案下，通过用户的合作和祝福，有效利用网络资源，不增加计费的复杂性。

公开(公告)号：US20110196943A1

公开(公告)日：2011-08-11

申请号：US13088517

申请日：2011-04-18

申请人： Claudson F. Bornstein ,  Timothy K. Canfield ,  Gary L. Miller ,  Satish B. Rao ,  Ravi Sundaram

发明人： Claudson F. Bornstein ,  Timothy K. Canfield ,  Gary L. Miller ,  Satish B. Rao ,  Ravi Sundaram

IPC分类号： G06F15/16

CPC分类号： H04L67/06 ,  H04L29/06 ,  H04L45/00 ,  H04L45/22 ,  H04L45/26 ,  H04L67/26 ,  H04L67/2814 ,  H04L67/2842 ,  H04L67/289 ,  H04L67/322 ,  H04L69/329 ,  H04L69/40

摘要： A routing mechanism, service or system operable in a distributed networking environment. One preferred environment is a content delivery network (CDN) wherein the present invention provides improved connectivity back to an origin server, especially for HTTP traffic. In a CDN, edge servers are typically organized into regions, with each region comprising a set of content servers that preferably operate in a peer-to-peer manner and share data across a common backbone such as a local area network (LAN). The inventive routing technique enables an edge server operating within a given CDN region to retrieve content (cacheable, non-cacheable and the like) from an origin server more efficiently by selectively routing through the CDN's own nodes, thereby avoiding network congestion and hot spots. The invention enables an edge server to fetch content from an origin server through an intermediate CDN server or, more generally, enables an edge server within a given first region to fetch content from the origin server through an intermediate CDN region.

公开(公告)号：US07716367B1

公开(公告)日：2010-05-11

申请号：US10779691

申请日：2004-02-18

申请人： F. Thomson Leighton ,  Rizwan S. Dhanldina ,  Robert Kleinberg ,  Matthew Levine ,  Daniel M. Lewin ,  Andrew Parker ,  Adrian Soviani ,  Ravi Sundaram

发明人： F. Thomson Leighton ,  Rizwan S. Dhanldina ,  Robert Kleinberg ,  Matthew Levine ,  Daniel M. Lewin ,  Andrew Parker ,  Adrian Soviani ,  Ravi Sundaram

IPC分类号： G06F15/173

CPC分类号： H04L43/0876 ,  H04L29/12066 ,  H04L41/5058 ,  H04L41/509 ,  H04L61/1511 ,  H04L61/303 ,  H04L61/609 ,  H04L67/1002 ,  H04L67/18 ,  H04L67/289 ,  H04W4/02 ,  H04W4/04

摘要： A network architecture or framework that supports hosting and content distribution on a truly global scale allows a Content Provider to replicate and serve its most popular content at an unlimited number of points throughout the world. The inventive framework comprises a set of servers operating in a distributed manner. The actual content to be served is preferably supported on a set of hosting servers (sometimes referred to as ghost servers). This content comprises HTML page objects that, conventionally, are served from a Content Provider site. A base HTML document portion of a Web page is served from the Content Provider's site while one or more embedded objects for the page are served from the hosting servers, preferably, those hosting servers near the client machine. By serving the base HTML document from the Content Provider's site, the Content Provider maintains control over the content.

摘要翻译： 支持在全球范围内托管和内容分发的网络架构或框架允许内容提供商在全球范围内无限次地复制和提供其最受欢迎的内容。 本发明的框架包括以分布式方式操作的一组服务器。 要提供的实际内容最好支持在一组主机服务器（有时称为ghost服务器）上。 该内容包括常规地从内容提供商站点提供的HTML页面对象。 Web页面的基本HTML文档部分从内容提供商的站点提供，而一个或多个页面的嵌入对象从托管服务器（优选地，在客户机附近的托管服务器）提供。 通过从内容提供商的网站提供基础HTML文档，内容提供商维护对内容的控制。

公开(公告)号：US20090198817A1

公开(公告)日：2009-08-06

申请号：US12180813

申请日：2008-07-28

申请人： Ravi Sundaram ,  Nathan Faber

发明人： Ravi Sundaram ,  Nathan Faber

IPC分类号： G06F15/16

CPC分类号： H04L67/1095 ,  H04L29/12301 ,  H04L61/2076 ,  H04L67/327

摘要： A first virtual server is moved from a first network location to a second network location without interrupting service to users of the first virtual server. The state and data of the first virtual server are copied and transmitted to the second network location to create a copy of the first virtual server. The first virtual server copy is then updated to duplicate the first virtual server and all connections or packets directed to the first virtual server are intercepted and directed to the first virtual server copy at the second network location. A DNS entry for the symbolic name of the first virtual server is updated to reflect a shortened TTL value and then the address field of the DNS entry is set to the address of the first virtual server copy after the changeover and subsequent connections are directed to the first virtual server copy.

摘要翻译： 第一虚拟服务器从第一网络位置移动到第二网络位置，而不中断对第一虚拟服务器的用户的服务。 将第一虚拟服务器的状态和数据复制并发送到第二网络位置以创建第一虚拟服务器的副本。 然后更新第一个虚拟服务器副本以复制第一个虚拟服务器，并且拦截指向第一个虚拟服务器的所有连接或数据包，并定向到第二个网络位置的第一个虚拟服务器副本。 更新第一个虚拟服务器的符号名称的DNS条目以反映一个缩短的TTL值，然后将DNS条目的地址字段设置为转换后的第一个虚拟服务器副本的地址，并将后续连接指向 第一个虚拟服务器副本。