Patent•
Agile network protocol for secure communications with assured system availability
29 Oct 1999-
TL;DR: In this article, a load balancer that distributes packets across different transmission paths according to transmission path quality is introduced, along with a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry.
Abstract: A plurality of computer nodes communicate using seemingly random Internet Protocol source and destination addresses. Data packets matching criteria defined by a moving window of valid addresses are accepted for further processing, while those that do not meet the criteria are quickly rejected. Improvements to the basic design include (1) a load balancer that distributes packets across different transmission paths according to transmission path quality; (2) a DNS proxy server that transparently creates a virtual private network in response to a domain name inquiry; (3) a large-to-small link bandwidth management feature that prevents denial-of-service attacks at system chokepoints; (4) a traffic limiter that regulates incoming packets by limiting the rate at which a transmitter can be synchronized with a receiver; and (5) a signaling synchronizer that allows a large number of nodes to communicate with a central node by partitioning the communication function between two separate entities.
Citations
More filters
Patent•
22 Jun 2001
TL;DR: In this paper, a payment portal processor (Web Broker), an Internet Pay Anyone (IPA) account (1202), a Virtual Private Lockbox (VPL) and an Account Reporter, the existing EFT networks, and a cash card for accessing a VPL or IP account.
Abstract: A system and method for effectuating Electronic Funds Transfer credit messages (see Fig. 12) is disclosed. The main structural components of the system include a Payment Portal Processor (Web Broker), an Internet Pay Anyone (IPA) Account (1202), a Virtual Private Lockbox (VPL) and an Account Reporter, the existing EFT networks, and a cash card for accessing a VPL or IP account. The Web Broker is a software application that provides a secure portal for accessing the user's Demand Deposit Account (DDA) or an IPA account and can be combined with the functionality of a traditional digital Wallet. Consumers use a Web Broker enhanced Wallet to fund their account, shop on the web, pay bills, store electronic receipts and transaction history, and check their recent Web Broker enhanced Wallet activity. The IPA is a special purpose account with limited functionality for making electronic payments in the form of EFT credit messages. The VPL is a limited function receive only account for receiving electronic payments through the EFT. The Account Reporter is a portal to view transaction history and the balance in IPA and VPL accounts, and provide online, real-time transaction reports and reconcile accounts receivable/purchase records against incoming EFT payment records. A physical card can be associated with either an IPA or VPL account in order to provide PIN debit capability.
366 citations
Patent•
27 Jun 2006
TL;DR: In this article, a proxy software is provided for user computers, one or more proxy computers, or both, for users to communicate with vendors anonymously over the network, provide for delivery of an ordered good and provide for electronic payment, while securing the user's private information.
Abstract: E-commerce which secures private and personal information of purchaser/users. E-commerce which may include delivery of a good ordered or purchased over a network (e.g., the Internet) to a purchaser/user, and/or arranging for electronic payment of the good is accomplished while securing private and personal information of purchaser/users, which may include the user's identity and address (and those of the user's computer), and financial information. E-commerce transactions include the purchasing or otherwise ordering of goods electronically by user, who may be a consumer or retail customer, and for delivery of goods to a shipping or electronic address designated by the user or to a physical or virtual depot for pick-up by the user, while providing complete anonymity of the user with respect to an electronic vendor, who may be a merchant or retailer. Proxy software is provided for user computers, one or more proxy computers, or both, for users to communicate with vendors anonymously over the network, provide for delivery of an ordered good and provide for electronic payment, while securing the user's private information. Delivery of a good includes shipping from a vendor to a depot using the depot name and address, and then either re-shipping from the depot to an address designated by the user which is withheld from the vendor, or held at the depot for anonymous pick-up. The proxy software provides for a proxy party to deal with a vendor and arrange payment from a bank or credit card company to the vendor based on an account that the proxy party has with the bank. The proxy party is not required where the purchaser/user is provided with a transaction identity by a third party bank, for example, which masks the true identity of the purchaser who, however, is known to the bank, as is his, her or its shipping address.
364 citations
Patent•
AT&T1
TL;DR: In this paper, the authors describe a system that receives, by a feed point of a dielectric antenna, electromagnetic waves from a core coupled to the feed point without an electrical return path, and radiates a wireless signal responsive to the electromagnetic waves being received at the aperture.
Abstract: Aspects of the subject disclosure may include, for example, receiving, by a feed point of a dielectric antenna, electromagnetic waves from a dielectric core coupled to the feed point without an electrical return path, where at least a portion of the dielectric antenna comprises a conductive surface, directing, by the feed point, the electromagnetic waves to a proximal portion of the dielectric antenna, and radiating, via an aperture of the dielectric antenna, a wireless signal responsive to the electromagnetic waves being received at the aperture. Other embodiments are disclosed.
330 citations
Patent•
13 Feb 2001
TL;DR: In this paper, the authors propose a cache having copies distributed among a plurality of different locations, where the cache stores state information for a session with any of the server devices so that it is accessible to at least one other server device.
Abstract: A network arrangement that employs a cache having copies distributed among a plurality of different locations. The cache stores state information for a session with any of the server devices so that it is accessible to at least one other server device. Using this arrangement, when a client device switches from a connection with a first server device to a connection with a second server device, the second server device can retrieve state information from the cache corresponding to the session between the client device and the first server device. The second server device can then use the retrieved state information to accept a session with the client device.
328 citations
Patent•
29 Jun 2009
TL;DR: In this article, a packet interceptor/processor is coupled with the network so as to be able to intercept and process packets flowing over the network and provides external connectivity to other devices that wish to intercept packets as well.
Abstract: An apparatus and method for enhancing the infrastructure of a network such as the Internet is disclosed. A packet interceptor/processor apparatus is coupled with the network so as to be able to intercept and process packets flowing over the network. Further, the apparatus provides external connectivity to other devices that wish to intercept packets as well. The apparatus applies one or more rules to the intercepted packets which execute one or more functions on a dynamically specified portion of the packet and take one or more actions with the packets. The apparatus is capable of analyzing any portion of the packet including the header and payload. Actions include releasing the packet unmodified, deleting the packet, modifying the packet, logging/storing information about the packet or forwarding the packet to an external device for subsequent processing. Further, the rules may be dynamically modified by the external devices.
307 citations
References
More filters
TL;DR: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key.
Abstract: An encryption method is presented with the novel property that publicly revealing an encryption key does not thereby reveal the corresponding decryption key. This has two important consequences: (1) Couriers or other secure means are not needed to transmit keys, since a message can be enciphered using an encryption key publicly revealed by the intented recipient. Only he can decipher the message, since only he knows the corresponding decryption key. (2) A message can be “signed” using a privately held decryption key. Anyone can verify this signature using the corresponding publicly revealed encryption key. Signatures cannot be forged, and a signer cannot later deny the validity of his signature. This has obvious applications in “electronic mail” and “electronic funds transfer” systems. A message is encrypted by representing it as a number M, raising M to a publicly specified power e, and then taking the remainder when the result is divided by the publicly specified product, n, of two large secret primer numbers p and q. Decryption is similar; only a different, secret, power d is used, where e * d ≡ 1(mod (p - 1) * (q - 1)). The security of the system rests in part on the difficulty of factoring the published divisor, n.
14,659 citations
TL;DR: In this paper, a new treatment is presented of a classical economic problem, one which occurs in many forms, as bargaining, bilateral monopoly, etc It may also be regarded as a nonzero-sum two-person game in which a few general assumptions are made concerning the behavior of a single individual and of a group of two individuals in certain economic environments.
Abstract: A new treatment is presented of a classical economic problem, one which occurs in many forms, as bargaining, bilateral monopoly, etc It may also be regarded as a nonzero-sum two-person game In this treatment a few general assumptions are made concerning the behavior of a single individual and of a group of two individuals in certain economic environments From these, the solution (in the sense of this paper) of classical problem may be obtained In the terms of game theory, values are found for the game См также: Two-person cooperative games, автор - Джо Нэш
7,600 citations
01 Dec 1998
TL;DR: An architecture for implementing scalable service differentiation in the Internet achieves scalability by aggregating traffic classification state which is conveyed by means of IP-layer packet marking using the DS field [DSFIELD].
Abstract: This document defines an architecture for implementing scalable service differentiation in the Internet. This architecture achieves scalability by aggregating traffic classification state which is conveyed by means of IP-layer packet marking using the DS field [DSFIELD]. Packets are classified and marked to receive a particular per-hop forwarding behavior on nodes along their path. Sophisticated classification, marking, policing, and shaping operations need only be implemented at network boundaries or hosts. Network resources are allocated to traffic streams by service provisioning policies which govern how traffic is marked and conditioned upon entry to a differentiated services-capable network, and how that traffic is forwarded within that network. A wide variety of services can be implemented on top of these building blocks.
6,226 citations
Proceedings Article•
01 Jan 1997
TL;DR: The Hypertext Transfer Protocol is an application-level protocol for distributed, collaborative, hypermedia information systems, which can be used for many tasks beyond its use for hypertext through extension of its request methods, error codes and headers.
Abstract: The Hypertext Transfer Protocol (HTTP) is an application-level protocol for distributed, collaborative, hypermedia information systems. It is a generic, stateless, protocol which can be used for many tasks beyond its use for hypertext, such as name servers and distributed object management systems, through extension of its request methods, error codes and headers [47]. A feature of HTTP is the typing and negotiation of data representation, allowing systems to be built independently of the data being transferred.
3,881 citations
Book•
19 Aug 1998
TL;DR: The new edition of William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students.
Abstract: William Stallings' Cryptography and Network Security: Principles and Practice, 5e is a practical survey of cryptography and network security with unmatched support for instructors and students. In this age of universal electronic connectivity, viruses and hackers, electronic eavesdropping, and electronic fraud, security is paramount. This text provides a practical survey of both the principles and practice of cryptography and network security. First, the basic issues to be addressed by a network security capability are explored through a tutorial and survey of cryptography and network security technology. Then, the practice of network security is explored via practical applications that have been implemented and are in use today. An unparalleled support package for instructors and students ensures a successful teaching and learning experience. The new edition has been updated to include coverage of the latest topics including expanded coverage of block cipher modes of operation, including authenticated encryption; revised and expanded coverage of AES; expanded coverage of pseudorandom number generation; new coverage of federated identity, HTTPS, Secure Shell (SSH) and wireless network security; completely rewritten and updated coverage of IPsec; and a new chapter on legal and ethical issues.
3,787 citations