-
公开(公告)号:US09369491B2
公开(公告)日:2016-06-14
申请号:US14537336
申请日:2014-11-10
发明人: Tirumaleswar Reddy , Daniel Wing , Prashanth Patil
CPC分类号: H04L63/20 , H04L61/2514 , H04L61/2575 , H04L61/2589 , H04L63/0245 , H04L63/0428 , H04L63/061 , H04L63/1408 , H04L63/166 , H04L63/30 , H04L67/02
摘要: In one implementation, two or more endpoints or client devices communication uses a peer-to-peer, browser based, real time communication protocol. One example of such a protocol is Web Real-Time Communication (WebRTC). An intermediary device receives from a first endpoint, a request for communication with a second endpoint, using the browser based real time communication. The intermediary device identifies a control protocol based on the request for communication, and receives one or more write keys from the first endpoint. The intermediary device monitors communication between the first endpoint and the second endpoint using the one or more write keys. Examples for the intermediary devices include servers, firewalls, and other network devices.
摘要翻译: 在一个实现中,两个或多个端点或客户端设备通信使用基于浏览器的基于对等的实时通信协议。 这种协议的一个例子是Web实时通信(WebRTC)。 中间设备使用基于浏览器的实时通信从第一端点接收与第二端点通信的请求。 中间设备基于通信请求识别控制协议,并从第一端点接收一个或多个写入密钥。 中间设备使用一个或多个写入密钥监视第一端点和第二端点之间的通信。 中间设备的示例包括服务器,防火墙和其他网络设备。
-
公开(公告)号:US20160134659A1
公开(公告)日:2016-05-12
申请号:US14537336
申请日:2014-11-10
发明人: Tirumaleswar Reddy , Daniel Wing , Prashanth Patil
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , H04L61/2514 , H04L61/2575 , H04L61/2589 , H04L63/0245 , H04L63/0428 , H04L63/061 , H04L63/1408 , H04L63/166 , H04L63/30 , H04L67/02
摘要: In one implementation, two or more endpoints or client devices communication uses a peer-to-peer, browser based, real time communication protocol. One example of such a protocol is Web Real-Time Communication (WebRTC). An intermediary device receives from a first endpoint, a request for communication with a second endpoint, using the browser based real time communication. The intermediary device identifies a control protocol based on the request for communication, and receives one or more write keys from the first endpoint. The intermediary device monitors communication between the first endpoint and the second endpoint using the one or more write keys. Examples for the intermediary devices include servers, firewalls, and other network devices.
摘要翻译: 在一个实现中,两个或多个端点或客户端设备通信使用基于浏览器的基于对等的实时通信协议。 这种协议的一个例子是Web实时通信(WebRTC)。 中间设备使用基于浏览器的实时通信从第一端点接收与第二端点通信的请求。 中间设备基于通信请求识别控制协议,并从第一端点接收一个或多个写入密钥。 中间设备使用一个或多个写入密钥监视第一端点和第二端点之间的通信。 中间设备的示例包括服务器,防火墙和其他网络设备。
-
公开(公告)号:US09300538B2
公开(公告)日:2016-03-29
申请号:US14328421
申请日:2014-07-10
发明人: K. Tirumaleswar Reddy , Prashanth Patil , Daniel G. Wing , William C. VerSteeg , Christopher Wild
CPC分类号: H04L41/0896 , H04L41/18 , H04L41/5003 , H04L43/10 , H04L47/25 , H04L63/0807 , H04L63/0892 , H04L67/42
摘要: An example method for facilitating on-demand bandwidth provisioning in a network environment is provided and includes receiving a request from a client at a first network for accommodating flow characteristics at a second network that is associated with executing an application at the first network, determining that the request cannot be fulfilled with available network resources allocated to the client by the second network, advising the client of additional cost for accommodating the flow characteristics, and authorizing additional network resources in the second network to accommodate the flow characteristics after receiving notification from the client of payment of the additional cost.
摘要翻译: 提供了一种用于促进网络环境中的按需带宽供应的示例性方法,并且包括从第一网络的客户端接收请求,以便在与在第一网络处执行应用相关联的第二网络处容纳流特性, 无法通过第二网络分配给客户端的可用网络资源来满足该请求,向客户端通知用于适应流量特性的附加成本,以及在从客户端接收到通知之后授权第二网络中的附加网络资源以适应流量特性 支付额外费用。
-
54.发明申请ACCESS NETWORK CAPACITY MONITORING AND PLANNING BASED ON FLOW CHARACTERISTICS IN A NETWORK ENVIRONMENT 审中-公开基于网络环境中的流量特性的访问网络容量监控和规划公开(公告)号:US20160065476A1
公开(公告)日:2016-03-03
申请号:US14476336
申请日:2014-09-03
IPC分类号: H04L12/803 , H04L12/26
CPC分类号: H04L47/122 , H04L41/06 , H04L41/0896 , H04L43/026 , H04L43/0888 , H04L43/0894
摘要: An example method for access network capacity monitoring and planning based on flow characteristics in a network environment is provided and includes receiving, at a server in a first network, a request from a client at a second network for accommodating flow characteristics for a flow through the first network between the client and a remote destination, accommodating the flow characteristics if the request can be fulfilled with available network resources allocated to the client by the first network, measuring the flow at the first network between the client and the remote destination, exporting flow details including flow measurements and the requested flow characteristics to a flow collector, and denying the request if the flow collector determines that the flow measurements do not match the requested flow characteristics. In some embodiments, the flow measurements include fine-grain flow measurements, wherein the method further comprises receiving a request for the fine-grain flow measurements.
摘要翻译: 提供了一种基于网络环境中的流量特性的接入网络容量监测和规划的示例性方法,包括在第一网络中的服务器处接收来自第二网络的客户端的请求,以容纳流经 客户端和远程目的地之间的第一网络,如果请求可以由第一网络分配给客户端的可用网络资源来满足流量特性,测量客户端和远程目的地之间的第一网络处的流量,导出流 详细信息,包括流量测量和对流收集器的所请求的流量特性,以及如果流量收集器确定流量测量值与所请求的流量特性不匹配,则拒绝该请求。 在一些实施例中,流量测量包括细粒度流量测量,其中该方法还包括接收对细粒度流量测量的请求。
-
公开(公告)号:US20150026756A1
公开(公告)日:2015-01-22
申请号:US13944607
申请日:2013-07-17
发明人: Tirumaleswar Reddy , Prashanth Patil , Daniel Wing
IPC分类号: H04L29/06
摘要: In one implementation, traffic in a mobile network is directed across multiple paths to a single cloud server or security server (e.g., a security as a service). The mobile device detects a cloud connector through a primary connection based on an attachment or connection via a first interface of a mobile device. The mobile device sends a request to the cloud connector for an identification of a cloud security server associated with the cloud connector. After receiving the identification of the cloud security server, the mobile device directs one or more subsequent data flows or subflows for a second interface or another interface of the mobile device to the cloud server or security server. The second data flow and the second interface are associated with another network that is external to the enterprise network and trusted network connection or not associated with the enterprise network and the trusted network connection.
摘要翻译: 在一个实现中,移动网络中的流量被定向到单个云服务器或安全服务器(例如,作为服务的安全性)的多个路径。 移动设备通过基于通过移动设备的第一接口的附件或连接的主连接来检测云连接器。 移动设备向云连接器发送请求以识别与云连接器相关联的云安全服务器。 在接收到云安全服务器的标识之后,移动设备将用于移动设备的第二接口或另一接口的一个或多个后续数据流或子流引导到云服务器或安全服务器。 第二数据流和第二接口与企业网络外部的另一网络和可信网络连接相关联,或者与企业网络和可信网络连接不相关联。
-
公开(公告)号:US20230118375A1
公开(公告)日:2023-04-20
申请号:US18068470
申请日:2022-12-19
摘要: A method for resuming a Transport Layer Security (TLS) session in a Service Function Chain comprising a plurality of Service Function nodes coupled to a Service Function Forwarder. A request is received at a first Service Function node to establish a TLS session, and a Pre-Shared Key (PSK) and a PSK identifier that uniquely correspond to the first Service Function node and the TLS session are generated. The PSK identifier is forwarded to one or more of the Service Function Forwarder and the plurality of Service Function nodes. A request to resume the TLS session is received from a client device that previously disconnected. It is determined that the connection request contains the PSK identifier, a second Service Function node is selected, and the TLS session is re-established between the client device and the second Service Function node using the same PSK as the prior TLS session.
-
公开(公告)号:US11070575B2
公开(公告)日:2021-07-20
申请号:US16293937
申请日:2019-03-06
IPC分类号: H04L12/00 , H04L29/06 , G06N20/00 , H04L12/741 , G06F16/28
摘要: Systems, methods, computer-readable media, and devices are disclosed for verifying traffic classification. At a first node, a classification to a received packet is designated according to a local model. The classification of the packet by the first node is verified by sending packet information describing the packet to a distributed network comprising multiple nodes, where the packet information includes attributes of the packet. The classification of the packet is verified from receiving results from a second node that, based on the attributes, independently classifies the packet. Based on the verified classification, decentralized information for classifying packets is updated.
-
公开(公告)号:US20210185529A1
公开(公告)日:2021-06-17
申请号:US16716786
申请日:2019-12-17
摘要: In one example, a home network associated with a user equipment obtains an authentication request to authenticate the user equipment to a serving network. The home network generates an authentication vector of a mobile security protocol. The authentication vector includes an indication that the user equipment is to be authenticated using a multi-factor authentication process. The home network provides the authentication vector to the serving network to prompt a response from the user equipment that is in accordance with the multi-factor authentication process. The home network authenticates the user equipment to the serving network based on the response.
-
59.发明授权公开(公告)号:US10999312B2
公开(公告)日:2021-05-04
申请号:US16406585
申请日:2019-05-08
摘要: Systems and method handling software vulnerabilities in service meshes can include receiving information on software vulnerabilities from external feeds. From a services catalog which maintains data associated with service instances supported by a service mesh, one or more vulnerable service instances supported by the service mesh are identified. Notifications are provided to sidecar proxies associated with vulnerable service instances. The notifications include criteria such as criticality levels and categories associated with the software vulnerabilities. Based on destination policies for the vulnerable service instances, instructions are provided to the sidecar proxies to trip circuit breakers associated with the vulnerable service instances and thus prevent further access and cascading impact of the software vulnerabilities. The software vulnerabilities are reported to an orchestration system for the service mesh and a fix or different version of the vulnerable service instance is installed where possible.
-
公开(公告)号:US10949557B2
公开(公告)日:2021-03-16
申请号:US16105910
申请日:2018-08-20
摘要: Disclosed herein is a distributed ledger method for a fifth-generation (5G) network. A network slice is created in the 5G network and a root block is generated in response, containing parameters of the network slice and contracts between participants in the network slice. A blockID of the root block is transmitted to identified participants in the network slice, who sequentially commit a plurality of new blocks to a blockchain beginning from the root block. The plurality of new blocks comprises auditing information of the network slice, wherein the information is collected by the participants in the network slice. The blockchain is stored in a blockchain network of a plurality of disparate blockchains. Desired auditing information for the network slice is retrieved by using the blockID of the root block to traverse the blockchain beginning at the root block until all blocks with the desired auditing information have been read.
-
-
-
-
-
-
-
-
-
搜索结果
111 条记录 (耗时 0.02 秒)
