公开(公告)号：US20100268933A1

公开(公告)日：2010-10-21

申请号：US12732356

申请日：2010-03-26

Applicant: David E. FRATTURA ,  Richard W. Graham ,  John Roese

Inventor： David E. FRATTURA ,  Richard W. Graham ,  John Roese

IPC: G06F21/00 ,  H04L9/00

CPC classification number: H04L63/0407 ,  G06F21/6263 ,  H04L63/0428 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/16 ,  Y10S707/99955

Abstract: Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the minor destination point.

Abstract translation: 提供了系统和方法，用于保护镜像网络流量中包含的数据的隐私。 镜像网络流量可以包括可被认为是机密，特权，私有或其他敏感数据的数据。 例如，镜像网络业务帧的数据有效载荷可以包括在一个或多个网络上的用户之间的专用IP语音（VoIP）通信。 本发明提供了用于保护包含在镜像网络业务中的数据的隐私的各种技术。 使用本发明的技术，包括机密，特权，私有或其他敏感数据的网络业务可以以这样的方式被镜像，以便通过至少一部分（如果不是全部）的所有镜像通信提供这样的数据的隐私， 镜像源点和次要目标点。

公开(公告)号：US08819213B2

公开(公告)日：2014-08-26

申请号：US11208372

申请日：2005-08-19

Applicant: David E. Frattura ,  Richard W. Graham ,  John Roese

Inventor： David E. Frattura ,  Richard W. Graham ,  John Roese

IPC: G06F15/173 ,  H04L12/26 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L12/2602 ,  H04L12/4633 ,  H04L43/00 ,  H04L43/0882 ,  H04L43/16 ,  H04L63/00 ,  H04L63/14 ,  H04L63/1416 ,  H04L63/166 ,  H04L63/30 ,  H04L67/1095

Abstract: The present invention provides method and systems for dynamically mirroring network traffic. The mirroring of network traffic may comprise data that may be considered of particular interest. The network traffic may be mirrored by a mirror service portal from a mirror sender, referred to as a mirror source, to a mirror receiver, referred to as a mirror destination, locally or remotely over various network segments, such as private and public networks and the Internet. The network traffic may be mirrored to locations not involved in the network communications being mirrored. The present invention provides various techniques for dynamically mirroring data contained in the network traffic from a mirror source to a mirror destination.

Abstract translation: 本发明提供了用于动态镜像网络业务的方法和系统。 网络流量的镜像可以包括可被认为特别感兴趣的数据。 网络流量可以由镜像服务门户从称为镜像源的镜像服务器镜像到本地或远程通过各种网段（如私有和公共网络）的镜像接收器（称为镜像目的地），以及 互联网。 可以将网络流量镜像到不涉及正在镜像的网络通信中的位置。 本发明提供了用于动态镜像从镜像源到镜像目的地的网络流量中包含的数据的各种技术。

公开(公告)号：US08239960B2

公开(公告)日：2012-08-07

申请号：US12732356

申请日：2010-03-26

Applicant: David E. Frattura ,  Richard W. Graham ,  John Roese

Inventor： David E. Frattura ,  Richard W. Graham ,  John Roese

IPC: G06F21/00 ,  G06F12/14 ,  G06F17/30 ,  H04L29/06 ,  H04L9/00

CPC classification number: H04L63/0407 ,  G06F21/6263 ,  H04L63/0428 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/16 ,  Y10S707/99955

Abstract: Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the mirror destination point.

Abstract translation: 提供了系统和方法，用于保护镜像网络流量中包含的数据的隐私。 镜像网络流量可以包括可被认为是机密，特权，私有或其他敏感数据的数据。 例如，镜像网络业务帧的数据有效载荷可以包括在一个或多个网络上的用户之间的专用IP语音（VoIP）通信。 本发明提供了用于保护包含在镜像网络业务中的数据的隐私的各种技术。 使用本发明的技术，包括机密，特权，私有或其他敏感数据的网络业务可以以这样的方式被镜像，以便通过至少一部分（如果不是全部）的所有镜像通信提供这样的数据的隐私， 镜像源点和镜像目标点。

公开(公告)号：US07690040B2

公开(公告)日：2010-03-30

申请号：US11075936

申请日：2005-03-08

Applicant: David E. Frattura ,  Richard W. Graham ,  John Roese

Inventor： David E. Frattura ,  Richard W. Graham ,  John Roese

IPC: G06F21/00 ,  H04L29/06 ,  H04L9/00 ,  G06F12/14 ,  G06F17/30

CPC classification number: H04L63/0407 ,  G06F21/6263 ,  H04L63/0428 ,  H04L63/14 ,  H04L63/1441 ,  H04L63/16 ,  Y10S707/99955

Abstract: Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the mirror destination point.

Abstract translation: 提供了系统和方法，用于保护镜像网络流量中包含的数据的隐私。 镜像网络流量可以包括可被认为是机密，特权，私有或其他敏感数据的数据。 例如，镜像网络业务帧的数据有效载荷可以包括在一个或多个网络上的用户之间的专用IP语音（VoIP）通信。 本发明提供了用于保护包含在镜像网络业务中的数据的隐私的各种技术。 使用本发明的技术，包括机密，特权，私有或其他敏感数据的网络业务可以以这样的方式被镜像，以便通过至少一部分（如果不是全部）的所有镜像通信提供这样的数据的隐私， 镜像源点和镜像目标点。

公开(公告)号：US08191107B1

公开(公告)日：2012-05-29

申请号：US12750484

申请日：2010-03-30

Applicant: David E. Frattura ,  Richard W. Graham

Inventor： David E. Frattura ,  Richard W. Graham

IPC: H04L29/06

CPC classification number: H04L41/0663 ,  H04L41/0893 ,  H04L41/24 ,  H04L43/0811 ,  H04L43/0817 ,  H04L69/40

Abstract: A lost contact policy response system and related method for adjusting the operation of one or more network infrastructure devices upon detection of a loss of contact with a policy server function. The response system includes a policy enforcement function (“PEF”), a policy manager function, and either or both of policy set(s) and policy enforcement rule (“PER”) set(s). The PEF implements stored or generated PER set(s). The policy manager function includes a monitoring function and an analysis function. The monitoring function monitors for continuing connectivity or signal exchange contact with a network policy server function. The analysis function selects a designated policy, policy set, PER or PER set, and instructs the PEF to implement the selected policy, PER or set. The policy and/or PER sets may be pre-installed, updated, re-installed, revised, or otherwise changed when and as desired. The related method includes corresponding steps for implementing the operations of the functions described.

Abstract translation: 一种丢失的联系人策略响应系统和相关方法，用于在检测到与策略服务器功能的联系丢失时调整一个或多个网络基础设施设备的操作。 响应系统包括策略执行功能（“PEF”），策略管理器功能以及策略集和策略执行规则（“PER”）集合中的一个或两个。 PEF实现存储或生成的PER集。 策略管理功能包括监控功能和分析功能。 监视功能监视与网络策略服务器功能的连续连接或信号交换联系。 分析功能选择指定的策略，策略集，PER或PER集，并指示PEF实现所选策略PER或设置。 可以根据需要预先安装，更新，重新安装，修改或以其他方式更改策略和/或PER集。 相关方法包括用于实现所述功能的操作的相应步骤。

公开(公告)号：US07898977B2

公开(公告)日：2011-03-01

申请号：US10377299

申请日：2003-02-28

Applicant: John J. Roese ,  Richard W. Graham ,  Roger P. Durand ,  John-Paul Gorsky

Inventor： John J. Roese ,  Richard W. Graham ,  Roger P. Durand ,  John-Paul Gorsky

IPC: H04L12/28

CPC classification number: H04L67/16 ,  G01S5/02 ,  H04L29/06 ,  H04L29/12018 ,  H04L41/0213 ,  H04L41/12 ,  H04L61/10 ,  H04L63/02 ,  H04L63/0492 ,  H04L63/08 ,  H04L63/10 ,  H04L63/104 ,  H04L63/107 ,  H04L63/126 ,  H04L67/04 ,  H04L67/18 ,  H04L67/327 ,  H04L69/329 ,  H04W4/02 ,  H04W4/04 ,  H04W4/20 ,  H04W4/50 ,  H04W8/26 ,  H04W64/00 ,  Y10S707/99932 ,  Y10S707/99939

Abstract: A method of determining a physical location of a device connected to a data network infrastructure including a plurality of connection points at different physical locations, the method including establishing a connection with the data network infrastructure via a cable-based transmission medium, wherein a communication signal passes via the cable-based transmission medium including at least one of the plurality of connection points. A connection point identifier is determined based, at least in part, upon the at least one of the plurality of connection points. A signal characteristic of the communication signal passing via the cable-based transmission medium between the device and the data network infrastructure through the at least one of the plurality of connection points is measured. A first physical location of the device is determined based on the determined connection point identifier, including accessing stored information associating the determined connection point identifier with location information. A second physical location of the device is determined based on the determined first physical location and the measured signal characteristic, including accessing stored information associating signal characteristics with location information.

Abstract translation: 一种确定连接到包括不同物理位置处的多个连接点的数据网络基础设施的设备的物理位置的方法，所述方法包括经由基于电缆的传输介质建立与数据网络基础设施的连接，其中通信信号 经由基于电缆的传输介质包括多个连接点中的至少一个。 至少部分地基于多个连接点中的至少一个来确定连接点识别符。 测量通过多个连接点中的至少一个通过基于电缆的传输介质在设备和数据网络基础设施之间通信的通信信号的信号特性。 基于所确定的连接点标识来确定设备的第一物理位置，包括访问与确定的连接点标识符与位置信息相关联的存储信息。 基于所确定的第一物理位置和所测量的信号特性来确定设备的第二物理位置，包括访问将信号特征与位置信息相关联的存储信息。

公开(公告)号：US07756544B1

公开(公告)日：2010-07-13

申请号：US11332703

申请日：2006-01-13

Applicant: Richard W. Graham

Inventor： Richard W. Graham

IPC: H04Q7/20

CPC classification number: H04W52/0258 ,  G06F1/32 ,  G06F11/0751 ,  G06F11/3676 ,  H04Q2011/0081 ,  H04W40/246 ,  H04W52/02 ,  H04W52/0251 ,  H04W72/082 ,  H04W84/12 ,  H04W88/08 ,  Y02D70/166 ,  Y02D70/23

Abstract: The present invention provides method and systems for activating or deactivating network devices by managing the power of the network device. By controlling the power for network devices, the size and coverage of the network can be adjusted to meet the needs for the current usage. This can be particularly advantageous in wireless networks where multiple wireless access points may be provided to provide coverage during peak usage but present the additional security concern of the network being accessible to unauthorized users. Being able to power down unneeded wireless access points during off-peak usage allows for the minimization of such potential security concerns.

Abstract translation: 本发明提供了通过管理网络设备的功率来激活或去激活网络设备的方法和系统。 通过控制网络设备的功率，可以调整网络的大小和覆盖范围，以满足当前使用需求。 这可以在无线网络中是特别有利的，其中可以提供多个无线接入点以在峰值使用期间提供覆盖，但是呈现未授权用户可访问的网络的附加安全性问题。 能够在非高峰期间使用不需要的无线接入点，从而最大限度地减少这种潜在的安全问题。

公开(公告)号：US20080138012A1

公开(公告)日：2008-06-12

申请号：US12033811

申请日：2008-02-19

Applicant: Richard W. Graham ,  John J. Roese

Inventor： Richard W. Graham ,  John J. Roese

IPC: G02B6/32

CPC classification number: G02B6/3895 ,  G02B6/3817 ,  G02B6/3827 ,  G02B6/3845 ,  G02B6/3894

Abstract: A connector assembly, configured to releasably couple a socket assembly, includes zero or more data conductors. An optical pathway is configured to: receive an optical signal from an optical light source positioned within the socket assembly; and provide at least a portion of the optical signal to an optical light target positioned within the socket assembly.

Abstract translation: 配置成可释放地联接插座组件的连接器组件包括零个或多个数据导体。 光路被配置为：从位于插座组件内的光学光源接收光信号; 并且将光信号的至少一部分提供给定位在插座组件内的光学目标。

公开(公告)号：US08347375B2

公开(公告)日：2013-01-01

申请号：US10956304

申请日：2004-10-01

Applicant: Richard W. Graham ,  John J. Roese

Inventor： Richard W. Graham ,  John J. Roese

IPC: G06F9/00 ,  G06F15/16 ,  G06F17/00

CPC classification number: H04L63/20 ,  G06F21/552 ,  H04L63/0218 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/145

Abstract: The intrusion detection function monitors for and reports detected intrusion signatures. The dynamic intrusion signatures function determines whether reported intrusion signatures exist in a library of signatures associated with a particular intrusion detection function. If the reported signature does not exist in the library, the library is updated. Detected intrusion signatures are reported to similarly enabled devices for library analysis and updating, if necessary. The related method includes the steps of monitoring for intrusion signatures or other triggering events, analyzing the events and updating IDS signature libraries as necessary.

Abstract translation: 入侵检测功能监控并报告检测到的入侵签名。 动态入侵签名功能确定报告的入侵签名是否存在于与特定入侵检测功能相关联的签名库中。 如果报告的签名在库中不存在，则库将被更新。 如果需要，检测到的入侵签名被报告给类似启用的设备进行库分析和更新。 相关方法包括监视入侵签名或其他触发事件，分析事件和根据需要更新IDS签名库的步骤。

公开(公告)号：US20090187968A1

公开(公告)日：2009-07-23

申请号：US12408289

申请日：2009-03-20

Applicant: John J. Roese ,  Richard W. Graham

Inventor： John J. Roese ,  Richard W. Graham

IPC: H04L29/06 ,  G06F15/173 ,  G06F17/00

CPC classification number: H04L41/0893 ,  H04L41/0213

Abstract: A system and method that provides dynamic network policy management. The system enables a network administrator to regulate usage of network services upon initiation of and throughout network sessions. The system employs a method of identifying selectable characteristics of attached functions to establish static and dynamic policies, which policies may be amended before, during and after any session throughout the network based on the monitored detection of any of a number of specified triggering events or activities. Particular policies associated with a particular identified attached function in prior sessions may be cached or saved and employed in subsequent sessions to provide network usage permissions more rapidly in such subsequent sessions. The cached or saved policy information may also be used to identify network usage, control, and security. The system and method of the present invention provides static and dynamic policy allocation for network usage provisioning.

Abstract translation: 提供动态网络策略管理的系统和方法。 该系统使网络管理员能够在网络会话开始和整个过程中调节网络服务的使用。 该系统采用一种识别附加功能的可选特征以建立静态和动态策略的方法，该策略可以在整个网络中的任何会话之前，之中和之后基于监视到的多个指定的触发事件或活动中的任一个的检测来修改 。 与先前会话中的特定标识的附加功能相关联的特定策略可以被缓存或保存并在随后的会话中被采用以在这样的后续会话中更快地提供网络使用许可。 缓存或保存的策略信息也可以用于标识网络使用，控制和安全性。 本发明的系统和方法提供用于网络使用配置的静态和动态策略分配。