-
公开(公告)号:US20100054241A1
公开(公告)日:2010-03-04
申请号:US12199496
申请日:2008-08-27
申请人: Pritam Shah , Kerry E. Lynn , Rahul G. Patel
发明人: Pritam Shah , Kerry E. Lynn , Rahul G. Patel
IPC分类号: H04L12/28
摘要: In one embodiment, a first set of one or more control policies at a control server of a network domain may be transmitted to a routing master controller of the network domain, which uses a second set of one or more traffic policies to determine optimal paths for directing traffic through the domain. The routing master controller may then generate a third set of one or more integrated policies based on the first and second sets of policies, e.g., based on the knowledge and policies of both the control server and the routing master controller.
摘要翻译: 在一个实施例中,在网络域的控制服务器处的第一组一个或多个控制策略可以被发送到网络域的路由主控制器,网络域的路由主控制器使用第二组一个或多个流量策略来确定用于 引导流量通过域。 然后,例如基于控制服务器和路由主控制器的知识和策略,路由主控制器可以基于第一组策略和第二组策略生成第一组一个或多个集成策略。
-
公开(公告)号:US08023504B2
公开(公告)日:2011-09-20
申请号:US12199496
申请日:2008-08-27
申请人: Pritam Shah , Kerry E. Lynn , Rahul G. Patel
发明人: Pritam Shah , Kerry E. Lynn , Rahul G. Patel
IPC分类号: H04L12/28 , H04L12/56 , G06F15/173
摘要: In one embodiment, a first set of one or more control policies at a control server of a network domain may be transmitted to a routing master controller of the network domain, which uses a second set of one or more traffic policies to determine optimal paths for directing traffic through the domain. The routing master controller may then generate a third set of one or more integrated policies based on the first and second sets of policies, e.g., based on the knowledge and policies of both the control server and the routing master controller.
摘要翻译: 在一个实施例中,在网络域的控制服务器处的第一组一个或多个控制策略可以被发送到网络域的路由主控制器,网络域的路由主控制器使用第二组一个或多个流量策略来确定用于 引导流量通过域。 然后,例如基于控制服务器和路由主控制器的知识和策略,路由主控制器可以基于第一组策略和第二组策略生成第一组一个或多个集成策略。
-
公开(公告)号:US5408506A
公开(公告)日:1995-04-18
申请号:US89431
申请日:1993-07-09
申请人: Richard W. Mincher , Kerry E. Lynn
发明人: Richard W. Mincher , Kerry E. Lynn
IPC分类号: H04B1/7156 , H04J3/06 , H04L12/28 , H04L7/00
CPC分类号: H04W56/0015 , H04B1/7156 , H04J3/0661 , H04W56/002 , H04J3/0664 , H04W84/12
摘要: A distributed time synchronization system and method synchronizes nodes within a frequency hopping spread spectrum (FHSS) local area network (LAN) group to a virtual master clock value. Each node system of the present invention comprises a CPU, an input device, a display device, a printer or hard copy device, a given amount of RAM and ROM memory, a data storage device, a local clock, a transmitter/receiver, an antenna, a virtual master clock processor, and a common data bus. The method of the present invention comprises the inclusion of a node's local clock value in a message just prior to transmission over the network, storage of a node's local clock value in RAM after an incoming message has been received, and the calculation of the time delay between the sending node and the receiving node by the virtual master clock processor. The virtual master clock processor utilizes this time delay in maintaining a virtual master clock value, which it uses in adjusting the value of the node's local clock at periodic intervals. This synchronizes the receiving node to the virtual master clock value. If the magnitude of the time delay exceeds a maximum allowed value, the magnitude is clamped to the maximum allowed value, thereby maintaining synchronization within a predetermined tolerance. A node can receive a message transmitted over the FHSS LAN regardless of the message address. Synchronization is therefore maintained without requiring a node to be able to communicate with any specific node within the FHSS LAN group.
摘要翻译: 分布式时间同步系统和方法将跳频扩频(FHSS)局域网(LAN)组内的节点同步到虚拟主时钟值。 本发明的每个节点系统包括CPU,输入设备,显示设备,打印机或硬拷贝设备,给定量的RAM和ROM存储器,数据存储设备,本地时钟,发送器/接收器, 天线,虚拟主时钟处理器和公共数据总线。 本发明的方法包括:在通过网络发送之前,将消息中的节点本地时钟值包含在消息中,在接收到传入消息之后,将节点本地时钟值存储在RAM中,并计算延迟时间 在虚拟主时钟处理器之间在发送节点和接收节点之间。 虚拟主时钟处理器利用该时间延迟来维持虚拟主时钟值,其用于以周期性间隔调整节点本地时钟的值。 这将接收节点同步到虚拟主时钟值。 如果时间延迟的大小超过最大允许值,则将幅度钳位到最大允许值,从而在同一预定公差内保持同步。 无论消息地址如何,节点都可以接收通过FHSS LAN发送的消息。 因此,不需要节点能够与FHSS LAN组内的任何特定节点进行通信,从而维护同步。
-
公开(公告)号:US5345508A
公开(公告)日:1994-09-06
申请号:US110402
申请日:1993-08-23
CPC分类号: H04L9/0662 , H04L9/12 , H04L2209/12
摘要: A digital encryption structure allows the varying of the computational overhead by selectively reusing, according to the desired level of security, a pseudorandom encoding sequence at the transmitter end and by storing and reusing pseudorandom decoding sequences, associated with one or more transmitters at the receiver end. A public initialization vector is combined with a secret key to produce a deterministic sequence from a pseudorandom number generator. This pseudorandom sequence in turn, is used to convert plaintext to ciphertext. The sequence may be selectively reused by storing the sequence to a transmitter memory cache and iteratively reading the sequence from memory according to a counter which controls the level of security of the encryption system. The ciphertext is decrypted on the receiver end by invertibly combining the ciphertext with the same pseudorandom sequence used by the transmitter to originally encode the plaintext. The pseudorandom sequence is independently generated by the receiver end using the original key and initialization vector used in the transmitter end. Once generated in the receiver, the pseudorandom sequence is stored in a receiver cache for reuse with each iterative use of the stored transmitter pseudorandom sequence.
摘要翻译: 数字加密结构允许通过根据期望的安全级别有选择地重用计算开销来改变发射机端的伪随机编码序列,并通过存储和重用与接收机端的一个或多个发射机相关联的伪随机解码序列 。 将公共初始化向量与秘密密钥组合以从伪随机数发生器产生确定性序列。 这个伪随机序列依次用于将明文转换为密文。 可以通过将序列存储到发送器存储器高速缓存中并且根据控制加密系统的安全级别的计数器从存储器迭代地读取序列来选择性地重新使用该序列。 通过将密文与发射机使用的相同的伪随机序列可逆地组合以对原始的明文进行编码,在接收者端解密密文。 伪随机序列由接收机端使用发射机端使用的原始密钥和初始化向量独立生成。 一旦在接收机中产生,则伪随机序列被存储在接收器高速缓存中以便重复使用所存储的发射机伪随机序列的每个迭代使用。
-
5.发明授权公开(公告)号:US07774498B1
公开(公告)日:2010-08-10
申请号:US11593289
申请日:2006-11-06
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: H04L63/20
摘要: A security agent extends the trust barrier, or trust point, from network gateway nodes to end user devices. A security agent operable to scrutinize network traffic executes on the user device and compares QoS marking attempts with the established QoS marking policy in effect. The security agent examines network traffic attributes deterministic of connection attempts by user processes. Attempts to apply inappropriate or disallowed QoS markings, as dictated by the QoS marking policy, are detected and disallowed. Therefore, only user connections consistent with the QoS marking policy are permitted into the network. Network admission control (NAC) mechanisms ensure that the security agent is the only access point from the user device to the secure network, and the security agent communicates the establishment of the trusted access point to the network gateway, thus ensuring that the network gateway may trust service level designations emanating from the user device executing the security agent.
摘要翻译: 安全代理将信任障碍或信任点从网络网关节点扩展到最终用户设备。 可以在用户设备上执行检查网络流量的安全代理,并将QoS标记尝试与已建立的QoS标记策略进行比较。 安全代理检查用户进程确定连接尝试的网络流量属性。 检测并禁止尝试根据QoS标记策略规定应用不当或不允许的QoS标记。 因此,仅允许与QoS标记策略一致的用户连接进入网络。 网络准入控制(NAC)机制确保安全代理是从用户设备到安全网络的唯一接入点,安全代理将信任接入点的建立通信给网络网关,从而确保网络网关 从执行安全代理的用户设备发出的信任服务级别指定。
-
公开(公告)号:US5444781A
公开(公告)日:1995-08-22
申请号:US254774
申请日:1994-06-06
CPC分类号: H04L9/0662 , H04L9/0894 , H04L9/12 , H04L2209/12 , H04L2209/34
摘要: A method and apparatus for decryption using cache storage wherein imported ciphertext is decrypted to produce unencrypted plaintext data. As a communication sequence containing an initialization vector and a block of ciphertext is imported, the initialization vector is applied to a cache and to a decoder. The initialization vector is then compared with other initialization vectors stored in the cache to determine whether the specific initialization vector has previously been received and stored. If the specific initialization vector is found to be stored in the cache, then the PN sequence associated with that initialization vector is written to the decoder, and the stored PN sequence is used to decode the imported ciphertext.If a determination is made that the initialization vector has not been previously received, then the read cache signal instructs the multiplexer to connect the PN generator to the decoder, and the initialization vector is used to generate a new PN sequence. In order to improve the efficiency of future ciphertext decoding utilizing this specific initialization vector, the PN sequence associated with the initialization vector is then stored in the cache together with its corresponding initialization vector. When the next block of ciphertext is received using the same initialization vector, the PN sequence need not be regenerated by the PN generator, but rather may be read from the cache as a stored sequence.
摘要翻译: 一种使用高速缓冲存储器进行解密的方法和装置,其中导入的密文被解密以产生未加密的明文数据。 作为包含初始化向量和密文块的通信序列,将初始化向量应用于缓存和解码器。 然后将初始化向量与存储在高速缓存中的其他初始化向量进行比较,以确定特定初始化向量是否先前已被接收和存储。 如果发现特定的初始化向量被存储在高速缓存中,则将与该初始化向量相关联的PN序列写入解码器,并且使用存储的PN序列对导入的密文进行解码。 如果确定先前没有接收到初始化向量,则读取的高速缓存信号指示多路复用器将PN发生器连接到解码器,并且使用初始化向量来生成新的PN序列。 为了提高利用该特定初始化向量的未来密文解码的效率,与初始化向量相关联的PN序列与其对应的初始化向量一起存储在高速缓存中。 当使用相同的初始化向量接收到下一个密文块时,PN序列不需要由PN发生器重新生成,而是可以作为存储的序列从高速缓存读取。
-
7.发明授权System and method for sending and responding to information requests in a communications network 失效用于在通信网络中发送和响应信息请求的系统和方法
公开(公告)号:US5604869A
公开(公告)日:1997-02-18
申请号:US579094
申请日:1995-12-20
申请人: Richard W. Mincher , Kerry E. Lynn
发明人: Richard W. Mincher , Kerry E. Lynn
摘要: A system for sending and responding to information requests in a wireless communications network includes a display device, a central processing unit, memory means including random access memory and read-only memory, an input device, and a transmitter/receiver. The random access memory further comprises routines for processing, sending and receiving messages over the wireless network.The present invention also comprises a method for requesting information and a method for responding to requests for information. The preferred method for handling information requests comprises the steps of: monitoring the communications channel for availability; sending an information request over the channel; receiving the information request at each node within the network; preparing responses to the information request at each node; and sending the response to the information request over the channel if it is available. The method for responding to a request for information advantageously uses the minimum number of request to solicit the minimum number of replies to the information request.
摘要翻译: 用于在无线通信网络中发送和响应信息请求的系统包括显示设备,中央处理单元,包括随机存取存储器和只读存储器,输入设备和发送器/接收器的存储器件。 随机存取存储器还包括用于通过无线网络处理,发送和接收消息的例程。 本发明还包括用于请求信息的方法和用于响应信息请求的方法。 处理信息请求的优选方法包括以下步骤:监视通信信道的可用性; 通过频道发送信息请求; 在网络内的每个节点处接收信息请求; 准备对每个节点的信息请求的响应; 并且如果可用,则通过该信道将响应发送到信息请求。 用于响应信息请求的方法有利地使用最小数量的请求来请求对信息请求的最小答复数量。
-
-
-
-
-
-
搜索结果
7 条记录 (耗时 0.02 秒)
