-
公开(公告)号:US12034707B2
公开(公告)日:2024-07-09
申请号:US18104603
申请日:2023-02-01
发明人: David A. Maluf , Srinath Gundavelli , Pascal Thubert , Pradeep Kumar Kathail , Eric Levy-Abegnoli , Eric Voit , Ali Sajassi
IPC分类号: H04L9/40 , H04L61/2521 , H04L61/2539 , H04L61/4511
CPC分类号: H04L63/0421 , H04L61/2525 , H04L61/2539 , H04L61/4511
摘要: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.
-
公开(公告)号:US11956270B2
公开(公告)日:2024-04-09
申请号:US17670242
申请日:2022-02-11
发明人: Borhan Hosseini , Vlad George Coman
IPC分类号: H04L9/40 , H04L61/2539 , H04L61/2592
CPC分类号: H04L63/1433 , H04L61/2539 , H04L61/2592
摘要: A computing device may receive a plurality of scanning requests with at least one scanning request in the plurality identifying a target address of a target network. The computing device may for at least a subset of the plurality of scanning requests: generate a scanner instance and a virtual network interface card (VNIC) in response to the scanning request. The scanner instance and the VNIC communicating with a routing namespace that can communicate with two or more scanner instances simultaneously. Until the target address has been scanned: one or more packets can be sent from the scanner instance to the target address via the routing namespace and VNIC. The one or more packets can be wrapped in one or more packet wrappers identifying the target address and the target network. In response to the target address being scanned, the scanner instance and VNIC can be decommissioned.
-
公开(公告)号:US11418512B2
公开(公告)日:2022-08-16
申请号:US15931217
申请日:2020-05-13
IPC分类号: H04L9/40 , H04L61/00 , G06F9/455 , H04L61/4511 , H04L61/2539 , H04L61/2557 , H04L61/2575
摘要: In a method for providing access to a service provided by a physical server in a cloud computing system, a cloud platform allocates to the service a publishing IP address and a publishing port, and sends a NAT rule to an access network element associated with the virtual machine. Upon receiving a service access request from the virtual machine for accessing the service, the access network element modifies, according to the NAT rule, a destination address of the service access request into the IP address and the port of the physical server that provides the service, and routes the modified service access request to the physical server.
-
公开(公告)号:US12058514B2
公开(公告)日:2024-08-06
申请号:US17355337
申请日:2021-06-23
IPC分类号: H04W12/02 , H04L9/40 , H04L12/24 , H04L12/46 , H04L29/06 , H04L29/12 , H04L41/5054 , H04L61/2539 , H04L61/4541 , H04W12/06 , H04W12/08 , H04L41/50 , H04W84/12 , H04W92/02
CPC分类号: H04W12/02 , H04L12/4641 , H04L41/5054 , H04L61/2539 , H04L61/4541 , H04L63/0272 , H04L63/0892 , H04L63/104 , H04W12/06 , H04W12/08 , H04L41/5077 , H04W84/12 , H04W92/02
摘要: An apparatus and method provide personal networks to a plurality of tenant entities on a property network, which has a captive portal and a property identification (ID). Virtual Local Area Network (VLAN) are assigned to each of the plurality of tenant entities to define a plurality of personal networks on the property network using dynamic VLAN assignment. Onboarding requests are received from one or more user devices on a specific personal network of the plurality of personal networks. The onboarding requests are processed in a manner permitting intercommunication among the one or more user devices within the specific personal network, to take place across the property network.
-
公开(公告)号:US20230370245A1
公开(公告)日:2023-11-16
申请号:US18357521
申请日:2023-07-24
发明人: Bogdan C. CEBERE , Elena BURCEANU , Madalina BOLBOCEANU , Emanuela HALLER , Georgiana M. ROSCA , Radu TITIU
IPC分类号: H04L9/00 , G06F16/22 , H04L61/2539 , H04L9/32 , H04L61/4511
CPC分类号: H04L9/008 , G06F16/2255 , H04L9/3213 , H04L61/2539 , H04L61/4511
摘要: Described systems and methods allow carrying out privacy-preserving DNS exchanges. In some embodiments, a client machine engages in a private information retrieval (PIR) exchange with a nameserver. In response to receiving an encrypted query from the client, the query formulated according to a domain name, the nameserver may extract a record (e.g., an IP address) from a domain name database without decrypting the respective query. Some embodiments achieve such information retrieval by the use of homomorphic encryption.
-
公开(公告)号:US11611536B2
公开(公告)日:2023-03-21
申请号:US16898374
申请日:2020-06-10
申请人: 360 IT, UAB
IPC分类号: H04L9/40 , H04L9/30 , H04L12/46 , H04L45/7453 , H04L61/2539 , H04L61/2592
摘要: Systems and methods for effectively managing security and privacy measures during a user's connectivity session with a VPN service are provided. The systems and methods use a computer program that introduces a double-NAT feature at the network layer and a temporary hash table containing the minimally necessary temporary data to link two NAT sessions together in a secure manner. The systems and methods avoid including the dynamic management of IP addresses or requiring each client to have an IP address assigned beforehand to avoid compromising the user's identity by hard linking the session traces with the client.
-
公开(公告)号:US20220201469A1
公开(公告)日:2022-06-23
申请号:US17690112
申请日:2022-03-09
发明人: James Brook Longdon
IPC分类号: H04W12/02 , H04L61/4541 , H04W12/08 , H04L61/2539 , H04L9/40 , H04W12/06 , H04L12/46 , H04L41/5054
摘要: A computer that segments traffic associated with different entities across heterogeneous networks is described. During operation, the computer may provide, addressed to a second computer, information that specifies a mapping of an identifier of an electronic device in a wireless network and a second identifier of a virtual container for traffic associated with the electronic device in the wireless network to a third identifier of the electronic device in a cellular-telephone network, where the electronic device and the virtual container are associated with an entity. Then, the computer may communicate the traffic between the wireless network and the cellular-telephone network within the virtual container based at least in part on the mapping, where the virtual container isolates the traffic from other traffic in the wireless network. Note that the identifier may include a MAC address and the third identifier may include an IMSI.
-
公开(公告)号:US11750363B2
公开(公告)日:2023-09-05
申请号:US16949587
申请日:2020-11-04
发明人: Bogdan C. Cebere , Elena Burceanu , Madalina Bolboceanu , Emanuela Haller , Georgiana M. Rosca , Radu Titiu
IPC分类号: H04L9/00 , G06F16/22 , H04L9/32 , H04L61/2539 , H04L61/4511
CPC分类号: H04L9/008 , G06F16/2255 , H04L9/3213 , H04L61/2539 , H04L61/4511
摘要: Described systems and methods allow carrying out privacy-preserving DNS exchanges. In some embodiments, a client machine engages in a private information retrieval (PIR) exchange with a nameserver. In response to receiving an encrypted query from the client, the query formulated according to a domain name, the nameserver may extract a record (e.g., an IP address) from a domain name database without decrypting the respective query. Some embodiments achieve such information retrieval by the use of homomorphic encryption.
-
公开(公告)号:US20230262085A1
公开(公告)日:2023-08-17
申请号:US17670242
申请日:2022-02-11
发明人: Borhan Hosseini , Vlad George Coman
IPC分类号: H04L9/40 , H04L61/2592 , H04L61/2539
CPC分类号: H04L63/1433 , H04L61/2539 , H04L61/2592
摘要: A computing device may receive a plurality of scanning requests with at least one scanning request in the plurality identifying a target address of a target network. The computing device may for at least a subset of the plurality of scanning requests: generate a scanner instance and a virtual network interface card (VNIC) in response to the scanning request. The scanner instance and the VNIC communicating with a routing namespace that can communicate with two or more scanner instances simultaneously. Until the target address has been scanned: one or more packets can be sent from the scanner instance to the target address via the routing namespace and VNIC. The one or more packets can be wrapped in one or more packet wrappers identifying the target address and the target network. In response to the target address being scanned, the scanner instance and VNIC can be decommissioned.
-
10.发明授权公开(公告)号:US11711340B2
公开(公告)日:2023-07-25
申请号:US16853083
申请日:2020-04-20
申请人: Fastly Inc.
发明人: Sean A. Leach , Artur Bergman , Thomas J. Daly
IPC分类号: H04L9/40 , H04L61/5092 , H04L61/2539 , H04L67/02 , H04L61/5007 , H04L61/5038 , H04L61/5061
CPC分类号: H04L63/02 , H04L61/2539 , H04L61/5092 , H04L61/5007 , H04L61/5038 , H04L61/5061 , H04L63/1441 , H04L67/02
摘要: A privatized link between an origin server and a content delivery network is provided. A privatized link can be a direct connection that does not route over the internet. Another privatized link is one that rotates IP addresses. An origin server may be assigned to use a set of multiple IP addresses for communication with the content delivery network. However, at any given time, the origin server is only using a small number of IP addresses. When one of the IP addresses being used to communicate with the content delivery network comes under attack, the origin server switches to another IP address in the set in order to continue serving content to the content delivery network via an IP address that is not under attack.
-
-
-
-
-
-
-
-
-
搜索结果
22 条记录 (耗时 0.016 秒)
