公开(公告)号：US07898977B2

公开(公告)日：2011-03-01

申请号：US10377299

申请日：2003-02-28

Applicant: John J. Roese ,  Richard W. Graham ,  Roger P. Durand ,  John-Paul Gorsky

Inventor： John J. Roese ,  Richard W. Graham ,  Roger P. Durand ,  John-Paul Gorsky

IPC: H04L12/28

CPC classification number: H04L67/16 ,  G01S5/02 ,  H04L29/06 ,  H04L29/12018 ,  H04L41/0213 ,  H04L41/12 ,  H04L61/10 ,  H04L63/02 ,  H04L63/0492 ,  H04L63/08 ,  H04L63/10 ,  H04L63/104 ,  H04L63/107 ,  H04L63/126 ,  H04L67/04 ,  H04L67/18 ,  H04L67/327 ,  H04L69/329 ,  H04W4/02 ,  H04W4/04 ,  H04W4/20 ,  H04W4/50 ,  H04W8/26 ,  H04W64/00 ,  Y10S707/99932 ,  Y10S707/99939

Abstract: A method of determining a physical location of a device connected to a data network infrastructure including a plurality of connection points at different physical locations, the method including establishing a connection with the data network infrastructure via a cable-based transmission medium, wherein a communication signal passes via the cable-based transmission medium including at least one of the plurality of connection points. A connection point identifier is determined based, at least in part, upon the at least one of the plurality of connection points. A signal characteristic of the communication signal passing via the cable-based transmission medium between the device and the data network infrastructure through the at least one of the plurality of connection points is measured. A first physical location of the device is determined based on the determined connection point identifier, including accessing stored information associating the determined connection point identifier with location information. A second physical location of the device is determined based on the determined first physical location and the measured signal characteristic, including accessing stored information associating signal characteristics with location information.

Abstract translation: 一种确定连接到包括不同物理位置处的多个连接点的数据网络基础设施的设备的物理位置的方法，所述方法包括经由基于电缆的传输介质建立与数据网络基础设施的连接，其中通信信号 经由基于电缆的传输介质包括多个连接点中的至少一个。 至少部分地基于多个连接点中的至少一个来确定连接点识别符。 测量通过多个连接点中的至少一个通过基于电缆的传输介质在设备和数据网络基础设施之间通信的通信信号的信号特性。 基于所确定的连接点标识来确定设备的第一物理位置，包括访问与确定的连接点标识符与位置信息相关联的存储信息。 基于所确定的第一物理位置和所测量的信号特性来确定设备的第二物理位置，包括访问将信号特征与位置信息相关联的存储信息。

公开(公告)号：US20080138012A1

公开(公告)日：2008-06-12

申请号：US12033811

申请日：2008-02-19

Applicant: Richard W. Graham ,  John J. Roese

Inventor： Richard W. Graham ,  John J. Roese

IPC: G02B6/32

CPC classification number: G02B6/3895 ,  G02B6/3817 ,  G02B6/3827 ,  G02B6/3845 ,  G02B6/3894

Abstract: A connector assembly, configured to releasably couple a socket assembly, includes zero or more data conductors. An optical pathway is configured to: receive an optical signal from an optical light source positioned within the socket assembly; and provide at least a portion of the optical signal to an optical light target positioned within the socket assembly.

Abstract translation: 配置成可释放地联接插座组件的连接器组件包括零个或多个数据导体。 光路被配置为：从位于插座组件内的光学光源接收光信号; 并且将光信号的至少一部分提供给定位在插座组件内的光学目标。

公开(公告)号：US07706369B2

公开(公告)日：2010-04-27

申请号：US11938518

申请日：2007-11-12

Applicant: John J. Roese ,  Richard W. Graham ,  David Frattura ,  Anja A. Allen ,  Brendan J. Fee

Inventor： John J. Roese ,  Richard W. Graham ,  David Frattura ,  Anja A. Allen ,  Brendan J. Fee

IPC: H04L12/28

CPC classification number: H04L67/16 ,  G01S5/02 ,  H04L29/06 ,  H04L29/12018 ,  H04L41/0213 ,  H04L41/12 ,  H04L61/10 ,  H04L63/02 ,  H04L63/0492 ,  H04L63/08 ,  H04L63/10 ,  H04L63/104 ,  H04L63/107 ,  H04L63/126 ,  H04L67/04 ,  H04L67/18 ,  H04L67/327 ,  H04L69/329 ,  H04W4/02 ,  H04W4/04 ,  H04W4/20 ,  H04W4/50 ,  H04W8/26 ,  H04W64/00 ,  Y10S707/99932 ,  Y10S707/99939

Abstract: A method for location discovery in a data network includes receiving, at a first device, connection information from a neighboring network device and determining a physical location of the first device based on the connection information. The method can include receiving, at the first device, the physical location transmitted from the neighboring network device. The method can further include associating a level of trust with the physical location based on the neighboring network device. The first device be one of a variety of devices, such as a router, a switch, a network entry device, a firewall device, or a gateway.

Abstract translation: 一种用于数据网络中的位置发现的方法包括在第一设备处接收来自相邻网络设备的连接信息，并且基于所述连接信息确定所述第一设备的物理位置。 该方法可以包括在第一设备处接收从相邻网络设备发送的物理位置。 该方法还可以包括将信任级与基于相邻网络设备的物理位置相关联。 第一个设备是各种设备之一，如路由器，交换机，网络入口设备，防火墙设备或网关。

公开(公告)号：US07611292B2

公开(公告)日：2009-11-03

申请号：US12033811

申请日：2008-02-19

Applicant: Richard W. Graham ,  John J. Roese

Inventor： Richard W. Graham ,  John J. Roese

IPC: G02B6/36

CPC classification number: G02B6/3895 ,  G02B6/3817 ,  G02B6/3827 ,  G02B6/3845 ,  G02B6/3894

Abstract: A connector assembly, configured to releasably couple a socket assembly, includes zero or more data conductors. An optical pathway is configured to: receive an optical signal from an optical light source positioned within the socket assembly; and provide at least a portion of the optical signal to an optical light target positioned within the socket assembly.

Abstract translation: 配置成可释放地联接插座组件的连接器组件包括零个或多个数据导体。 光路被配置为：从位于插座组件内的光学光源接收光信号; 并且将光信号的至少一部分提供给定位在插座组件内的光学目标。

公开(公告)号：US07526541B2

公开(公告)日：2009-04-28

申请号：US10629331

申请日：2003-07-29

Applicant: John J. Roese ,  Richard W. Graham

Inventor： John J. Roese ,  Richard W. Graham

IPC: G06F15/173 ,  G06F17/00

CPC classification number: H04L41/0893 ,  H04L41/0213

Abstract: A system and method that provides dynamic network policy management. The system enables a network administrator to regulate usage of network services upon initiation of and throughout network sessions. The system employs a method of identifying selectable characteristics of attached functions to establish static and dynamic policies, which policies may be amended before, during and after any session throughout the network based on the monitored detection of any of a number of specified triggering events or activities. Particular policies associated with a particular identified attached function in prior sessions may be cached or saved and employed in subsequent sessions to provide network usage permissions more rapidly in such subsequent sessions. The cached or saved policy information may also be used to identify network usage, control, and security. The system and method of the present invention provides static and dynamic policy allocation for network usage provisioning.

Abstract translation: 提供动态网络策略管理的系统和方法。 该系统使网络管理员能够在网络会话开始和整个过程中调节网络服务的使用。 该系统采用一种识别附加功能的可选特征以建立静态和动态策略的方法，该策略可以在整个网络中的任何会话之前，之中和之后基于监视到的多个指定的触发事件或活动中的任一个的检测来修改 。 与先前会话中的特定标识的附加功能相关联的特定策略可以被缓存或保存并在随后的会话中被采用以在这样的后续会话中更快地提供网络使用许可。 缓存或保存的策略信息也可以用于标识网络使用，控制和安全性。 本发明的系统和方法提供用于网络使用配置的静态和动态策略分配。

公开(公告)号：US08347375B2

公开(公告)日：2013-01-01

申请号：US10956304

申请日：2004-10-01

Applicant: Richard W. Graham ,  John J. Roese

Inventor： Richard W. Graham ,  John J. Roese

IPC: G06F9/00 ,  G06F15/16 ,  G06F17/00

CPC classification number: H04L63/20 ,  G06F21/552 ,  H04L63/0218 ,  H04L63/0263 ,  H04L63/1416 ,  H04L63/145

Abstract: The intrusion detection function monitors for and reports detected intrusion signatures. The dynamic intrusion signatures function determines whether reported intrusion signatures exist in a library of signatures associated with a particular intrusion detection function. If the reported signature does not exist in the library, the library is updated. Detected intrusion signatures are reported to similarly enabled devices for library analysis and updating, if necessary. The related method includes the steps of monitoring for intrusion signatures or other triggering events, analyzing the events and updating IDS signature libraries as necessary.

Abstract translation: 入侵检测功能监控并报告检测到的入侵签名。 动态入侵签名功能确定报告的入侵签名是否存在于与特定入侵检测功能相关联的签名库中。 如果报告的签名在库中不存在，则库将被更新。 如果需要，检测到的入侵签名被报告给类似启用的设备进行库分析和更新。 相关方法包括监视入侵签名或其他触发事件，分析事件和根据需要更新IDS签名库的步骤。

公开(公告)号：US20090187968A1

公开(公告)日：2009-07-23

申请号：US12408289

申请日：2009-03-20

Applicant: John J. Roese ,  Richard W. Graham

Inventor： John J. Roese ,  Richard W. Graham

IPC: H04L29/06 ,  G06F15/173 ,  G06F17/00

CPC classification number: H04L41/0893 ,  H04L41/0213

Abstract: A system and method that provides dynamic network policy management. The system enables a network administrator to regulate usage of network services upon initiation of and throughout network sessions. The system employs a method of identifying selectable characteristics of attached functions to establish static and dynamic policies, which policies may be amended before, during and after any session throughout the network based on the monitored detection of any of a number of specified triggering events or activities. Particular policies associated with a particular identified attached function in prior sessions may be cached or saved and employed in subsequent sessions to provide network usage permissions more rapidly in such subsequent sessions. The cached or saved policy information may also be used to identify network usage, control, and security. The system and method of the present invention provides static and dynamic policy allocation for network usage provisioning.

Abstract translation: 提供动态网络策略管理的系统和方法。 该系统使网络管理员能够在网络会话开始和整个过程中调节网络服务的使用。 该系统采用一种识别附加功能的可选特征以建立静态和动态策略的方法，该策略可以在整个网络中的任何会话之前，之中和之后基于监视到的多个指定的触发事件或活动中的任一个的检测来修改 。 与先前会话中的特定标识的附加功能相关联的特定策略可以被缓存或保存并在随后的会话中被采用以在这样的后续会话中更快地提供网络使用许可。 缓存或保存的策略信息也可以用于标识网络使用，控制和安全性。 本发明的系统和方法提供用于网络使用配置的静态和动态策略分配。

公开(公告)号：US07092943B2

公开(公告)日：2006-08-15

申请号：US10377177

申请日：2003-02-28

Applicant: John J. Roese ,  Richard W. Graham ,  David Frattura ,  David Harrington

Inventor： John J. Roese ,  Richard W. Graham ,  David Frattura ,  David Harrington

IPC: G06F17/30

CPC classification number: H04L67/16 ,  G01S5/02 ,  H04L29/06 ,  H04L29/12018 ,  H04L41/0213 ,  H04L41/12 ,  H04L61/10 ,  H04L63/02 ,  H04L63/0492 ,  H04L63/08 ,  H04L63/10 ,  H04L63/104 ,  H04L63/107 ,  H04L63/126 ,  H04L67/04 ,  H04L67/18 ,  H04L67/327 ,  H04L69/329 ,  H04W4/02 ,  H04W4/04 ,  H04W4/20 ,  H04W4/50 ,  H04W8/26 ,  H04W64/00 ,  Y10S707/99932 ,  Y10S707/99939

Abstract: Data is provided with location-based access control information. Access to the data at a physical location is then limited according to the location-based access control information. A physical location of a device accessing the data can be determined, and the limiting of the access is then according to the determined physical location. The data can be provided in encrypted form, and limiting access to the data includes enabling decryption of the data according to the physical location.

公开(公告)号：US07739402B2

公开(公告)日：2010-06-15

申请号：US10377180

申请日：2003-02-28

Applicant: John J. Roese ,  Richard W. Graham ,  David Frattura ,  Roger P. Durand ,  John-Paul Gorsky ,  David Harrington

Inventor： John J. Roese ,  Richard W. Graham ,  David Frattura ,  Roger P. Durand ,  John-Paul Gorsky ,  David Harrington

IPC: G06F15/173 ,  G06F7/04 ,  H04L9/32

CPC classification number: H04L67/16 ,  G01S5/02 ,  H04L29/06 ,  H04L29/12018 ,  H04L41/0213 ,  H04L41/12 ,  H04L61/10 ,  H04L63/02 ,  H04L63/0492 ,  H04L63/08 ,  H04L63/10 ,  H04L63/104 ,  H04L63/107 ,  H04L63/126 ,  H04L67/04 ,  H04L67/18 ,  H04L67/327 ,  H04L69/329 ,  H04W4/02 ,  H04W4/04 ,  H04W4/20 ,  H04W4/50 ,  H04W8/26 ,  H04W64/00 ,  Y10S707/99932 ,  Y10S707/99939

Abstract: A system that associates physical locations with network-linked devices in a network to which such devices are connected. This system employs a variety of techniques for establishing device location. The system configuration can vary and can include any type of data network, including LANs, MANs, Wide Area Networks (WANs), Personal Area Networks (PANs), and Home Networks. The system provides location information for particular devices to the network devices and management, and may be used in any of a variety of ways to improve configuration accuracy, control, and security. The location information may also be used to control or secure a device itself.

Abstract translation: 将物理位置与这些设备连接到的网络中的网络链接设备相关联的系统。 该系统采用各种技术来建立设备位置。 系统配置可以变化，并且可以包括任何类型的数据网络，包括LAN，MAN，广域网（WAN），个人局域网（PAN）和家庭网络。 该系统为网络设备和管理提供特定设备的位置信息，并且可以以各种方式中的任何一种来使用，以提高配置精度，控制和安全性。 位置信息也可以用于控制或保护设备本身。

公开(公告)号：US07739372B2

公开(公告)日：2010-06-15

申请号：US12408289

申请日：2009-03-20

Applicant: John J. Roese ,  Richard W. Graham

Inventor： John J. Roese ,  Richard W. Graham

IPC: G06F15/173 ,  G06F17/00

CPC classification number: H04L41/0893 ,  H04L41/0213

Abstract: A system and method that provides dynamic network policy management. The system enables a network administrator to regulate usage of network services upon initiation of and throughout network sessions. The system employs a method of identifying selectable characteristics of attached functions to establish static and dynamic policies, which policies may be amended before, during and after any session throughout the network based on the monitored detection of any of a number of specified triggering events or activities. Particular policies associated with a particular identified attached function in prior sessions may be cached or saved and employed in subsequent sessions to provide network usage permissions more rapidly in such subsequent sessions. The cached or saved policy information may also be used to identify network usage, control, and security. The system and method of the present invention provides static and dynamic policy allocation for network usage provisioning.

Abstract translation: 提供动态网络策略管理的系统和方法。 该系统使网络管理员能够在网络会话开始和整个过程中调节网络服务的使用。 该系统采用一种识别附加功能的可选特征以建立静态和动态策略的方法，该策略可以在整个网络中的任何会话之前，之中和之后基于监视到的多个指定的触发事件或活动中的任一个的检测来修改 。 与先前会话中的特定标识的附加功能相关联的特定策略可以被缓存或保存并在随后的会话中被采用以在这样的后续会话中更快地提供网络使用许可。 缓存或保存的策略信息也可以用于标识网络使用，控制和安全性。 本发明的系统和方法提供用于网络使用配置的静态和动态策略分配。