公开(公告)号：US08719937B2

公开(公告)日：2014-05-06

申请号：US13040030

申请日：2011-03-03

申请人： Ravi Sundaram ,  Walter Clark Milliken

发明人： Ravi Sundaram ,  Walter Clark Milliken

IPC分类号： H04L29/06 ,  H04L29/12

CPC分类号： H04L63/1466 ,  H04L29/12056 ,  H04L29/12226 ,  H04L61/15 ,  H04L61/1505 ,  H04L61/20 ,  H04L61/2015 ,  H04L63/0227 ,  H04L63/108 ,  H04L63/1416 ,  H04L63/1441 ,  H04L63/1491 ,  H04L63/16

摘要： Methods and systems for detection and/or prevention of network attacks can include the use of multiple and/or time-dependent addresses coupled with filtering by the directory or naming service. The directory service can respond to requests for the address of a resource by returning an address that can be relocated over time by coordinating the directory service entry with the host and network address configuration data and/or by returning an address specific to the requestor. Thus, the directory service can track and build profiles of matches between requestors and accesses. The methods and systems can use the time dependent addresses and profiles to distinguish legitimate accesses from unauthorized or malicious ones. Requests for non-valid addresses can be misdirected to “empty” addresses or to detection devices.

摘要翻译： 用于检测和/或防止网络攻击的方法和系统可以包括使用多个和/或与时间相关的地址，以及通过目录或命名服务的过滤。 目录服务可以通过使用主机和网络地址配置数据协调目录服务条目和/或返回特定于请求者的地址来返回可以随时间重新定位的地址来响应对资源的地址的请求。 因此，目录服务可以跟踪和构建请求者和访问之间的匹配的配置文件。 方法和系统可以使用与时间相关的地址和配置文件来区分合法访问与未经授权的或恶意的访问。 对非有效地址的请求可能被误导到“空”地址或检测设备。

公开(公告)号：US20130132549A1

公开(公告)日：2013-05-23

申请号：US13699117

申请日：2011-05-19

申请人： Pablo Rodriguez ,  Parminder Chhabra ,  Vijay Erramilli ,  Nikolaos Laoutaris ,  Ravi Sundaram

发明人： Pablo Rodriguez ,  Parminder Chhabra ,  Vijay Erramilli ,  Nikolaos Laoutaris ,  Ravi Sundaram

IPC分类号： H04L12/24

CPC分类号： H04L41/14 ,  H04L45/00 ,  H04L45/125

摘要： The method comprises modelling a delay-tolerant dynamic network comprising time-varying links transforming it into a static time-expanded network graph, and managing bulk data transfer on the basis of said static time-expanded network graph.The device comprises a scheduler unit with processing capabilities implementing an algorithm which processes arc costs (cijt) and storage costs (pit) as per the method of the first aspect of the invention.

摘要翻译： 该方法包括对包含时变链路的延迟容忍动态网络进行建模，将其变换为静态时间扩展网络图，以及基于所述静态时间扩展网络图来管理批量数据传输。 该装置包括具有处理能力的调度器单元，该处理能力实现根据本发明第一方面的方法处理电弧成本（cijt）和存储成本（凹坑）的算法。

公开(公告)号：US20120303804A1

公开(公告)日：2012-11-29

申请号：US13567351

申请日：2012-08-06

申请人： Ravi Sundaram ,  Hariharan S. Rahul

发明人： Ravi Sundaram ,  Hariharan S. Rahul

IPC分类号： G06F15/16

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L41/046 ,  H04L41/06 ,  H04L41/0896 ,  H04L61/1511 ,  H04L61/1552 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L69/329 ,  H04L69/40

摘要： An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.

摘要翻译： 基础设施保险机制使网站能够在网站发生特定事件时将内容转发网络（CDN）故障转移。 在这种情况下，站点的内容的至少一部分优先地从CDN提供，使得期望内容的最终用户仍然可以得到它，即使内容不是从原始站点可用。 在操作中，例如通过将DNS查询解析为站点的IP地址，直到检测到给定的事件为止，以通常的方式从站点服务内容请求。 此后，DNS查询由基于CDN动态DNS的请求路由机制进行管理，以便将这些查询解析为最佳的CDN边缘服务器。 在导致事件发生的事件已经过去之后，站点的DNS的控制可以从CDN返回到原始服务器的DNS机制。

公开(公告)号：US20120096116A1

公开(公告)日：2012-04-19

申请号：US13274705

申请日：2011-10-17

申请人： Alan Mislove ,  Ravi Sundaram

发明人： Alan Mislove ,  Ravi Sundaram

IPC分类号： G06F15/16

CPC分类号： H04L67/2814 ,  G06F17/3089 ,  H04L67/02 ,  H04L67/2842 ,  H04L67/289

摘要： In one embodiment, program code is added to a social network's web pages or site such that the content a first user accesses is locally stored at the first user's system. When another user, who is a friend of the first user, as defined by the social networking site, browses to that same content, the program code fetches it from the first user, instead of directly from the social networking site. The content is thus directly exchanged between the users without a transaction at the website. The present invention leverages the storage and bandwidth resources of social networking users to help serve content.

摘要翻译： 在一个实施例中，将程序代码添加到社交网络的网页或站点，使得第一用户访问的内容被本地存储在第一用户的系统。 当由社交网站定义的第一用户的朋友的另一个用户浏览相同的内容时，程序代码从第一个用户而不是直接从社交网站获取。 因此，内容直接在用户之间交换，而无需在网站上进行交易。 本发明利用社交网络用户的存储和带宽资源来帮助服务内容。

公开(公告)号：US20100250742A1

公开(公告)日：2010-09-30

申请号：US12794504

申请日：2010-06-04

申请人： F. Thomson Leighton ,  Daniel M. Lewin ,  Ravi Sundaram ,  Rizwan S. Dhanidina ,  Robert Kleinberg ,  Matthew Levine ,  Adrian M. Soviani ,  Bruce Maggs ,  Hariharan Shankar Rahul ,  Srikanth Thirumalai ,  Jay Gunvantrai Parikh ,  Yoav O. Yerushalmi

发明人： F. Thomson Leighton ,  Daniel M. Lewin ,  Ravi Sundaram ,  Rizwan S. Dhanidina ,  Robert Kleinberg ,  Matthew Levine ,  Adrian M. Soviani ,  Bruce Maggs ,  Hariharan Shankar Rahul ,  Srikanth Thirumalai ,  Jay Gunvantrai Parikh ,  Yoav O. Yerushalmi

IPC分类号： G06F15/173

CPC分类号： H04L29/12066 ,  H04L43/0829 ,  H04L43/0864 ,  H04L43/10 ,  H04L43/12 ,  H04L45/00 ,  H04L47/10 ,  H04L47/125 ,  H04L47/283 ,  H04L61/1511 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/101

摘要： An intelligent traffic redirection system that performs global load balancing can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site.

摘要翻译： 执行全局负载平衡的智能流量重定向系统可以用于最终用户需要访问复制资源的任何情况。 该方法将最终用户指向适当的副本，以便从网络的角度来看，复制副本的路由是不错的，并且副本没有超载。 该技术优选地使用域名服务（DNS）来为适当的副本提供IP地址。 最常见的用途是将流量引导到镜像网站。

公开(公告)号：US20080215730A1

公开(公告)日：2008-09-04

申请号：US12122796

申请日：2008-05-19

申请人： Ravi Sundaram ,  Hariharan S. Rahul

发明人： Ravi Sundaram ,  Hariharan S. Rahul

IPC分类号： G06F15/173

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L41/046 ,  H04L41/06 ,  H04L41/0896 ,  H04L61/1511 ,  H04L61/1552 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L69/329 ,  H04L69/40

摘要： An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.

摘要翻译： 基础设施“保险”机制使得网站能够在站点发生特定事件时故障切换到内容传送网络（CDN）。 在这种情况下，站点的内容的至少一部分优先地从CDN提供，使得期望内容的最终用户仍然可以得到它，即使内容不是从原始站点可用。 在操作中，例如通过将DNS查询解析为站点的IP地址，直到检测到给定的事件为止，以通常的方式从站点服务内容请求。 此后，DNS查询由基于CDN动态DNS的请求路由机制进行管理，以便将这些查询解析为最佳的CDN边缘服务器。 在导致事件发生的事件已经过去之后，站点的DNS的控制可以从CDN返回到原始服务器的DNS机制。

公开(公告)号：US07376736B2

公开(公告)日：2008-05-20

申请号：US11598400

申请日：2006-11-13

申请人： Ravi Sundaram ,  Hariharan S. Rahul

发明人： Ravi Sundaram ,  Hariharan S. Rahul

IPC分类号： G06F15/173

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L41/046 ,  H04L41/06 ,  H04L41/0896 ,  H04L61/1511 ,  H04L61/1552 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L69/329 ,  H04L69/40

摘要： An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.

公开(公告)号：US07245718B2

公开(公告)日：2007-07-17

申请号：US10649855

申请日：2003-08-26

申请人： Ravi Sundaram ,  William S. Yerazunis

发明人： Ravi Sundaram ,  William S. Yerazunis

IPC分类号： H04K1/00 ,  H04L9/00 ,  H04L9/28

CPC分类号： H04L9/3218 ,  H04L9/002 ,  H04L9/3013

摘要： A method authenticates di identities in parallel using two prime numbers p and q such that q|p−1. Each identity includes a private key si and a public key vi, and a publicly known generator is α such that αq≡1 (mod p). A verifier is provided with an ordered list of the public keys vi. A prover selects uniformly at random a non-negative number r less than q. A number x=αr (mod p) is sent from the prover to a verifier. The verifier selects uniformly at random a non-negative number e less than 2(t+logd), where log is base 2, and a number t is a predetermined security parameter. The prover receives from the verifier the number e. A number y=r+Σi si*ei (mod q) is generated by the prover, and the number Y is sent to the verifier, who then determines if an equality x=αy*Πi(vi)ei (mod p) is true. The prover is accepted as having the di identities if and only if the equality is true. In a preferred embodiment the communications between the prover and the verifier is via a low-bandwidth optical channel.

摘要翻译： 一种方法使用两个素数p和q并行地验证d i个体的身份，使得q | p-1。 每个身份包括一个私人密钥和一个公共密钥v i i，，，，，（（（≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡≡ mod p）。 验证者被提供有公钥的有序列表v 。 证明者随机选择小于q的非负数r。 数字x =α（mod p）从证明者发送到验证者。 验证者随机选择小于2（t + logd）的非负数e，其中log为基数2，数t为预定的安全参数。 证明者从验证者那里收到数字e。 由证明者产生数字y = r +Σi（i mod i）（mod q），并且发送号码Y 到验证者，然后他们确定是否相等x =α （mod p）为真。 当且仅当相等是真的时，证明者被接受为具有d i 身份。 在优选实施例中，证明者和验证者之间的通信是经由低带宽光信道。

公开(公告)号：US07136922B2

公开(公告)日：2006-11-14

申请号：US10272368

申请日：2002-10-15

申请人： Ravi Sundaram ,  Hariharan S. Rahul

发明人： Ravi Sundaram ,  Hariharan S. Rahul

IPC分类号： G06F15/173

CPC分类号： H04L29/12132 ,  H04L29/12066 ,  H04L41/046 ,  H04L41/06 ,  H04L41/0896 ,  H04L61/1511 ,  H04L61/1552 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L69/329 ,  H04L69/40

摘要： An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.

摘要翻译： 基础设施“保险”机制使得网站能够在站点发生特定事件时故障切换到内容传送网络（CDN）。 在这种情况下，站点的内容的至少一部分优先地从CDN提供，使得期望内容的最终用户仍然可以得到它，即使内容不是从原始站点可用。 在操作中，例如通过将DNS查询解析为站点的IP地址，直到检测到给定的事件为止，以通常的方式从站点服务内容请求。 此后，DNS查询由基于CDN动态DNS的请求路由机制进行管理，以便将这些查询解析为最佳的CDN边缘服务器。 在导致事件发生的事件已经过去之后，站点的DNS的控制可以从CDN返回到原始服务器的DNS机制。

公开(公告)号：US07111061B2

公开(公告)日：2006-09-19

申请号：US09866897

申请日：2001-05-29

申请人： F. Thomson Leighton ,  Anne E. Lewin, legal representative ,  Ravi Sundaram ,  Rizwan S. Dhanidina ,  Robert Kleinberg ,  Matthew Levine ,  Adrian M. Soviani ,  Bruce Maggs ,  Hariharan Shankar Rahul ,  Srikanth Thirumalai ,  Jay Gunvantrai Parikh ,  Yoav O. Yerushalmi

发明人： Daniel M. Lewin, deceased

IPC分类号： G06F15/173 ,  G06F15/16

CPC分类号： H04L69/329 ,  G06F19/00 ,  H04L29/12009 ,  H04L29/12047 ,  H04L29/12066 ,  H04L43/50 ,  H04L61/1511 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/101 ,  H04L67/1034 ,  H04L67/1038 ,  H04L67/2814

摘要： The invention is an intelligent traffic redirection system that does global load balancing. It can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site.