公开(公告)号：US20100217819A1

公开(公告)日：2010-08-26

申请号：US12771491

申请日：2010-04-30

申请人： Lee Chen ,  John Chiong ,  Xin Wang

发明人： Lee Chen ,  John Chiong ,  Xin Wang

IPC分类号： G06F15/16

CPC分类号： H04L63/102 ,  H04L12/66 ,  H04L29/06 ,  H04L61/6022 ,  H04L61/6068 ,  H04L63/02 ,  H04L63/0281 ,  H04L63/04 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/30 ,  H04L63/308 ,  H04L65/1003 ,  H04L65/1006 ,  H04L65/1069 ,  H04L65/4007 ,  H04L67/14 ,  H04L67/141 ,  H04L67/146

摘要： The inventive system includes a host, a network including a security gateway, and a public application. Established are an access session between the network and the host and an application session between the public application and the network. An application session record is created for the application session, and includes the user's public user identity used to access the public application, the user's private user identity used to access the network, a host identity, and an application session time. To determine the private user identity for the application session, the security gateway sends a query with the host identity and the application session time. These are compared with the host identity and access session time in an access session record. If they match, then the private user identity in the access session record is returned, and it is stored as the private user identity in the application session record.

摘要翻译： 本发明的系统包括主机，包括安全网关的网络和公共应用。 建立在网络和主机之间的访问会话以及公共应用程序和网络之间的应用程序会话。 为应用会话创建应用会话记录，并且包括用于访问公共应用的用户的公共用户标识，用于访问网络的用户的私有用户标识，主机标识和应用会话时间。 为了确定应用程序会话的私有用户身份，安全网关发送具有主机标识和应用程序会话时间的查询。 这些与访问会话记录中的主机身份和访问会话时间进行比较。 如果匹配，则返回访问会话记录中的私有用户身份，并将其作为私有用户身份存储在应用程序会话记录中。

公开(公告)号：US07716378B2

公开(公告)日：2010-05-11

申请号：US11582613

申请日：2006-10-17

申请人： Lee Chen ,  John Chiong ,  Xin Wang

发明人： Lee Chen ,  John Chiong ,  Xin Wang

IPC分类号： G06F15/16 ,  G06F15/173 ,  H04W4/00

CPC分类号： H04L63/102 ,  H04L12/66 ,  H04L29/06 ,  H04L61/6022 ,  H04L61/6068 ,  H04L63/02 ,  H04L63/0281 ,  H04L63/04 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/30 ,  H04L63/308 ,  H04L65/1003 ,  H04L65/1006 ,  H04L65/1069 ,  H04L65/4007 ,  H04L67/14 ,  H04L67/141 ,  H04L67/146

摘要： The inventive system includes a host, a network including a security gateway, and a public application. Established are an access session between the network and the host and an application session between the public application and the network. An application session record is created for the application session, and includes the user's public user identity used to access the public application, the user's private user identity used to access the network, a host identity, and an application session time. To determine the private user identity for the application session, the security gateway sends a query with the host identity and the application session time. These are compared with the host identity and access session time in an access session record. If they match, then the private user identity in the access session record is returned, and it is stored as the private user identity in the application session record.

摘要翻译： 本发明的系统包括主机，包括安全网关的网络和公共应用。 建立在网络和主机之间的访问会话以及公共应用程序和网络之间的应用程序会话。 为应用会话创建应用会话记录，并且包括用于访问公共应用的用户的公共用户标识，用于访问网络的用户的私有用户标识，主机标识和应用会话时间。 为了确定应用程序会话的私有用户身份，安全网关发送具有主机标识和应用程序会话时间的查询。 这些与访问会话记录中的主机身份和访问会话时间进行比较。 如果匹配，则返回访问会话记录中的私有用户身份，并将其作为私有用户身份存储在应用程序会话记录中。

公开(公告)号：US20070271598A1

公开(公告)日：2007-11-22

申请号：US11435043

申请日：2006-05-16

申请人： Lee Chen ,  John Chiong ,  Yang Yu

发明人： Lee Chen ,  John Chiong ,  Yang Yu

IPC分类号： H04L9/32 ,  G06F15/16 ,  G06F12/14 ,  H04L9/00 ,  H04K1/00 ,  G06K9/00 ,  G06F17/00 ,  G06F17/30 ,  G06F9/00 ,  G06F12/00 ,  G06F13/00 ,  G06F7/04 ,  G06F7/58 ,  G06K19/00 ,  G11C7/00

CPC分类号： H04L63/08 ,  G11C7/24 ,  H04L63/107 ,  H04W12/06 ,  H04W12/08

摘要： Systems and methods of authenticating user access based on an access point to a secure data network include a secure data network having a plurality of a network access points serving as entry points for a user to access the secure data network using a user device. The user is associated with a user identity, each network access point with a network access point identity. The user uses a user device to send an access request, requesting access to the secure data network, to the network access point, which then sends an authentication request to an identity server. The identity server processes the authentication request, by validating the combination of the user identity and the network access point identity, and responds with an authentication response, granting or denying access, as communicated to the user device via an access response. The secure data network may comprise an application level secure data network, in which the user uses the user device to request access to a network application. Furthermore, the identity server may validate the combined user identity and network access point identity data in conjunction with time information, access allowance data, and/or traffic volume data.

摘要翻译： 基于对安全数据网络的接入点认证用户接入的系统和方法包括具有多个网络接入点的安全数据网络，该网络接入点用作用户使用用户设备访问安全数据网络的入口点。 用户与用户身份相关联，每个网络接入点具有网络接入点身份。 用户使用用户设备向网络接入点发送访问安全数据网络的访问请求，网络接入点然后向认证服务器发送认证请求。 身份服务器通过验证用户身份和网络接入点身份的组合来处理身份验证请求，并通过访问响应传达给用户设备的认证响应，授予或拒绝访问进行响应。 安全数据网络可以包括应用级安全数据网络，其中用户使用用户设备来请求对网络应用的访问。 此外，身份服务器可以结合时间信息，访问允许数据和/或业务量数据来验证组合的用户身份和网络接入点身份数据。

公开(公告)号：US20070180101A1

公开(公告)日：2007-08-02

申请号：US11328823

申请日：2006-01-10

申请人： Lee Chen ,  Rishi Sampat ,  John Chiong ,  Dennis Oshiba

发明人： Lee Chen ,  Rishi Sampat ,  John Chiong ,  Dennis Oshiba

IPC分类号： G06F17/00 ,  G06F15/173

CPC分类号： H04L67/22 ,  H04L63/0227

摘要： A system and method are disclosed that may include receiving a first event log for a data network user; identifying the user that is the subject of the first event log; updating a user activity record, within stored user activity records, with activity information included in the first event log, the activity information being represented in a first format in the first event log; and repeating the steps of receiving, identifying, and updating for at least one additional event log having activity information stored therein in at least one format other than the first format.

摘要翻译： 公开了一种可以包括接收数据网络用户的第一事件日志的系统和方法; 识别作为第一事件日志主题的用户; 在所存储的用户活动记录中，使用包括在所述第一事件日志中的活动信息来更新用户活动记录，所述活动信息以所述第一事件日志中的第一格式表示; 并且以除了第一格式之外的至少一种格式重复对存储有活动信息的至少一个附加事件日志进行接收，识别和更新的步骤。

公开(公告)号：US11928240B2

公开(公告)日：2024-03-12

申请号：US17588165

申请日：2022-01-28

申请人： Greg Richmond ,  Bihama Vedaste ,  Dean Hamilton ,  John Chiong

发明人： Greg Richmond ,  Bihama Vedaste ,  Dean Hamilton ,  John Chiong

IPC分类号： G06F21/62 ,  G06F21/60

CPC分类号： G06F21/6245 ,  G06F21/604 ,  G06F2221/2141

摘要： The present invention provides a means for efficiently and securely collecting, storing, and sharing all types of personal, electronic information from, for and between individuals and business users using software that runs on multiple personal, business and cloud computing systems. The information of a primary user is stored in an encrypted relational database which associates the private data with private data fields needed by secondary users or various business users. Each entity is assigned one unique user identity to ensure consistency in data privacy and sharing. Attributes for data groups exist to define the secondary users and business users who the primary user has authorized for access to or master sourcing of certified data. Change lists, including conditions for implementation, are created to facilitate management, scheduling and distribution of changes. Collection, storage, and distribution of personal data is assisted by robotic process automation algorithms.

公开(公告)号：US09060003B2

公开(公告)日：2015-06-16

申请号：US14056785

申请日：2013-10-17

申请人： Xin Wang ,  Lee Chen ,  John Chiong

发明人： Xin Wang ,  Lee Chen ,  John Chiong

IPC分类号： H04L29/06 ,  H04L29/08

CPC分类号： H04L63/102 ,  H04L12/66 ,  H04L29/06 ,  H04L61/6022 ,  H04L61/6068 ,  H04L63/02 ,  H04L63/0281 ,  H04L63/04 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/10 ,  H04L63/30 ,  H04L63/308 ,  H04L65/1003 ,  H04L65/1006 ,  H04L65/1069 ,  H04L65/4007 ,  H04L67/14 ,  H04L67/141 ,  H04L67/146

摘要： The inventive system includes a host, a network including a security gateway, and a public application. Established are an access session between the network and the host and an application session between the public application and the network. An application session record is created for the application session, and includes the user's public user identity used to access the public application, the user's private user identity used to access the network, a host identity, and an application session time, To determine the private user identity for the application session, the security gateway sends a query with the host identity and the application session time. These are compared with the host identity and access session time in an access session record, if they match, then the private user identity in the access session record is returned, and it is stored as the private user identity in the application session record.

摘要翻译： 本发明的系统包括主机，包括安全网关的网络和公共应用。 建立在网络和主机之间的访问会话以及公共应用程序和网络之间的应用程序会话。 为应用程序会话创建应用程序会话记录，并且包括用于访问公共应用程序的用户的公共用户身份，用于访问网络的用户的私人用户身份，主机身份和应用程序会话时间。要确定私人 应用程序会话的用户身份，安全网关发送具有主机身份和应用程序会话时间的查询。 将这些与访问会话记录中的主机身份和访问会话时间进行比较，如果匹配，则返回访问会话记录中的私有用户身份，并将其作为私有用户身份存储在应用程序会话记录中。

公开(公告)号：US20140258536A1

公开(公告)日：2014-09-11

申请号：US13791760

申请日：2013-03-08

申请人： John Chiong

发明人： John Chiong

IPC分类号： H04L12/70

CPC分类号： H04L47/125 ,  H04L47/28

摘要： Application Delivery Controller (ADC), Global Server Load Balancer (GSLB), and methods for their operation in data networks are disclosed. The methods for load balancing may include receiving a query concerning a host name from a client, determining that there are two or more host servers associated with the host name, measuring various metrics associated with each of the two or more host servers and a local Domain Name Server (DNS), and based at least in part on the measurement, selecting a host server among the two or more host servers. The load balancing may also be based on a measured round trip time.

摘要翻译： 应用传送控制器（ADC），全局服务器负载平衡器（GSLB）及其在数据网络中的操作方法被公开。 用于负载平衡的方法可以包括从客户端接收关于主机名的查询，确定存在与主机名相关联的两个或多个主机服务器，测量与两个或多个主机服务器中的每一个相关联的各种度量以及本地域 名称服务器（DNS），至少部分地基于测量，在两个或多个主机服务器之间选择主机服务器。 负载平衡也可以基于测量的往返时间。

公开(公告)号：US08806531B1

公开(公告)日：2014-08-12

申请号：US11701291

申请日：2007-01-31

申请人： Chi Fai Ho ,  Shin Cheung Simon Chiu ,  John Chiong

发明人： Chi Fai Ho ,  Shin Cheung Simon Chiu ,  John Chiong

IPC分类号： H04N7/10 ,  H04N7/025

CPC分类号： H04N21/4668 ,  H04N21/2407 ,  H04N21/25841 ,  H04N21/25883 ,  H04N21/2668 ,  H04N21/437 ,  H04N21/4524 ,  H04N21/4532 ,  H04N21/4622 ,  H04N21/4667 ,  H04N21/4756 ,  H04N21/812

摘要： In a method and system for selecting an advertisement for video on demand, a video player is connected to a video content provider over a network via an access gateway. The video content provider receives a request for a video content from the video player, determines a popularity count for the video content and a geographical area for the video player, selects the advertisement based on the popularity count and the geographical area, and sends the video content combined with the advertisement to the video player. In one embodiment, the advertisement has a corresponding advertisement rule with an advertising condition which specifies a required popularity count and geographical area. If the advertisement condition is satisfied, then the advertisement is selected. In this manner, an advertisement for video on demand is selected based upon both demographics information and location of the video player increasing the effectiveness of the advertisement.

摘要翻译： 在用于根据需要选择用于视频的广告的方法和系统中，视频播放器经由接入网关通过网络连接到视频内容提供商。 视频内容提供者从视频播放器接收视频内容的请求，确定视频内容的流行度计数和视频播放器的地理区域，基于流行度计数和地理区域选择广告，并发送视频 内容结合广告给视频播放器。 在一个实施例中，广告具有相应的广告规则，其具有指定所需流行度计数和地理区域的广告条件。 如果广告条件满足，则选择广告。 以这种方式，基于人口统计信息和视频播放器的位置增加广告的有效性来选择视频点播广告。

公开(公告)号：US08312507B2

公开(公告)日：2012-11-13

申请号：US12788339

申请日：2010-05-27

申请人： Lee Chen ,  John Chiong ,  Dennis Oshiba

发明人： Lee Chen ,  John Chiong ,  Dennis Oshiba

IPC分类号： H04L29/06

CPC分类号： H04L63/0263 ,  G06F21/00 ,  G06F21/44 ,  H04L12/66 ,  H04L51/04 ,  H04L63/02 ,  H04L63/0227 ,  H04L63/0236 ,  H04L63/0245 ,  H04L63/0254 ,  H04L63/029 ,  H04L63/0407 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/105 ,  H04L63/164 ,  H04L63/168 ,  H04L63/20 ,  H04L63/30 ,  H04L65/1026 ,  H04L67/10 ,  H04L67/1004 ,  H04L67/104 ,  H04L67/141 ,  H04L67/22 ,  H04L67/306 ,  H04L67/42 ,  H04L69/28 ,  H04L69/329 ,  H04M1/72547 ,  H04W12/00

摘要： Method for applying a security policy to an application session, includes: recognizing the application session between a network and an application via a security gateway; determining by the security gateway a user identity of the application session using information about the application session; obtaining by the security gateway the security policy comprising network parameters mapped to the user identity; and applying the security policy to the application session by the security gateway. The user identity may be a network user identity or an application user identity recognized from packets of the application session. The security policy may comprise a network traffic policy mapped and/or a document access policy mapped to the user identity, where the network traffic policy is applied to the application session. The security gateway may further generate a security report concerning the application of the security policy to the application session.

摘要翻译： 将安全策略应用于应用会话的方法包括：通过安全网关识别网络与应用之间的应用会话; 使用关于应用会话的信息由安全网关确定应用会话的用户身份; 由安全网关获取包括映射到用户身份的网络参数的安全策略; 并将安全策略应用于安全网关的应用会话。 用户身份可以是从应用会话的分组识别的网络用户身份或应用用户身份。 安全策略可以包括被映射的网络流量策略和/或映射到用户身份的文档访问策略，其中将网络流量策略应用于应用会话。 安全网关还可以生成关于安全策略应用于应用会话的安全报告。

公开(公告)号：US08151322B2

公开(公告)日：2012-04-03

申请号：US11435043

申请日：2006-05-16

申请人： Lee Chen ,  John Chiong ,  Yang Yu

发明人： Lee Chen ,  John Chiong ,  Yang Yu

IPC分类号： G06F7/04

CPC分类号： H04L63/08 ,  G11C7/24 ,  H04L63/107 ,  H04W12/06 ,  H04W12/08

摘要： Systems and methods of authenticating user access based on an access point to a secure data network include a secure data network having a plurality of a network access points serving as entry points for a user to access the secure data network using a user device. The user is associated with a user identity, each network access point with a network access point identity. The user uses a user device to send an access request, requesting access to the secure data network, to the network access point, which then sends an authentication request to an identity server. The identity server processes the authentication request, by validating the combination of the user identity and the network access point identity, and responds with an authentication response, granting or denying access, as communicated to the user device via an access response. The secure data network may comprise an application level secure data network, in which the user uses the user device to request access to a network application. Furthermore, the identity server may validate the combined user identity and network access point identity data in conjunction with time information, access allowance data, and/or traffic volume data.

摘要翻译： 基于对安全数据网络的接入点认证用户接入的系统和方法包括具有多个网络接入点的安全数据网络，该网络接入点用作用户使用用户设备访问安全数据网络的入口点。 用户与用户身份相关联，每个网络接入点具有网络接入点身份。 用户使用用户设备向网络接入点发送访问安全数据网络的访问请求，网络接入点然后向认证服务器发送认证请求。 身份服务器通过验证用户身份和网络接入点身份的组合来处理身份验证请求，并通过访问响应传达给用户设备的认证响应，授予或拒绝访问进行响应。 安全数据网络可以包括应用级安全数据网络，其中用户使用用户设备来请求对网络应用的访问。 此外，身份服务器可以结合时间信息，访问允许数据和/或业务量数据来验证组合的用户身份和网络接入点身份数据。