1003 results about "Inter-domain" patented technology

An approach provides interdomain traversal to support packetized voice transmissions. A request is received from a first endpoint of a first domain for establishing a communication session with a second endpoint of a second domain. Encrypted user credential information is retrieved from a credentials database resident within the first domain, wherein the encrypted user credential includes a password associated with a user associated with the first endpoint. Further, the encrypted user credential information is transmitted to a tunneling server in response to the request, wherein the tunneling server is configured to selectively setup a tunnel to support the communication session based on the encrypted user credential information. The tunnel traverses a first firewall and a first network address translator of the first domain and a second firewall and a second network address translator of the second domain to reach the second endpoint.

A network management system for a multi-layer network having multiple architectural or technological domains includes an inter-domain configuration manager arranged between a set of one or more network service management applications and a set of network element domain managers, each of the domain managers being associated with a particular domain of the multi-layer network. The configuration manager implements network service design and provisioning functions across the domains of the network in conjunction with stored connectivity information characterizing the multi-layer network. The network management system further includes an inter-domain fault manager and an inter-domain capacity manager, which provide respective fault management and transport capacity management functions across the domains of the multi-layer network. The inter-domain configuration manager, inter-domain fault manager and inter-domain capacity manager may be interfaced to the set of network service management applications and the set of network element domain managers through corresponding published Common Object Request Broker Architecture (CORBA) Application Programming Interfaces (APIs).

An approach for supporting inter-domain routing of a packet is provided. A communication system includes a plurality of terminals having full meshed connectivity, in which each of the terminals is configured to route the packet to one of a plurality of address domains (i.e., terminal is multi-homed) and to notify a source terminal originating the packet of a correct one of the terminals. An address server assigns a network address corresponding to the one address domain based on a destination address associated with the packet, wherein the source terminal routes the packet according to the assigned network address. The present invention has particular applicability to a fully meshed satellite network.

The present invention features improved in vitro RNA display libraries to allow reliable expression and selection of scFv antibody molecules from expression libraries. The scFv antibody libraries of the invention contain an optimized, shortened inter-domain linker that improves expression scFv antibody expression. The scFv antibody libraries also include short nucleic acid barcodes that allow for identification of individual library clones, libraries or subsets thereof. Primers for generating, amplifying and spectratyping the scFv antibody libraries of the invention are also provided.

A fast reroute (FRR) technique that may be deployed at the edge of a network having first and second edge devices coupled to a neighboring routing domain. If the first edge device detects a node or link failure that prevents it from communicating with the neighboring domain, the first edge device reroutes at least some data packets addressed to the neighboring domain to the second edge device. The second edge device receives the rerouted packets and then forwards the packets to the neighboring domain. Notably, the second edge device is not permitted to reroute the received packets a second time, e.g., upon identifying another inter-domain node or link failure. As such, loops are avoided at the edge of the network and packets are rerouted to the neighboring routing domain faster and more efficiently than in prior implementations.

A copyright protection method (150) and apparatus (190) employs (151) a first protection scheme (160) within a single authorized domain (195), in which all interfaces (194a-c) are protected with digital rights management system and employs (152) a second protection scheme (170) for use in inter-domain file transfers. The method (150) and apparatus (190) may employ (153) a third protection scheme (180) for external outputs (197a-c) not protected by a digital rights management system. The first protection scheme (160) includes specifying (161) whether a copy of files is allowed to be stored anywhere within the single authorized domain; specifying (162) whether files may be stored only on specific devices within the single authorized domain; or specifying (163) how many simultaneous rendering devices are permitted when rendering files. The second protection scheme (170) may include: specifying (171) if the files may be copied to other domains; and explicitly identifying (172) domains to which copies are allowed; specifying (173) if files may be moved to other domains, and optionally allowing movement of files to any other domain; specifying (174) a list of specific domains to which content may be copied, and preserving content rights during content transfer to another domain; or specifying (175) specific domains to which content may be moved, and preserving content rights during content transfer. The third protection scheme (180) may include: specifying (181) copy protection information separately for analog, digital uncompressed and digital compressed outputs; specifying (182) a CGMS Copy protection state; specifying (183) MACROVISION parameters for analog outputs; specifying (184) if a particular type of output is allowed at all; or disabling (185) the particular type of output if the particular output type is not allowed.

Maintenance entities may be defined between customer and provider flow points to allow performance management to take place on an Ethernet network. The maintenance entities may be defined for access link, intra-domain, and inter-domain, and may be defined on a link or service basis. Performance parameters, including availability metrics, may be collected for the maintenance entities. The provision of such availability metrics in an Ethernet based solution to facilitate consistency of service management and operations for carriers transitioning to the Ethernet solution.

An approach provides interdomain traversal to support packetized voice transmissions. A request for establishing a voice call is received from a source endpoint behind a first network address translator of a first domain, wherein the request specifies a directory number of a destination endpoint within a second domain. A network address is determined for communicating with the destination endpoint based on the directory number. Additionally, existence of a second network address translator within the second domain is determined. If the network address can be determined, a media path is established between the source endpoint and the destination endpoint based on the network address to support the voice call.

Maintenance entities may be defined between customer and provider flow points to allow performance management to take place on an Ethernet network. The maintenance entities may be defined for access link, intra-domain, and inter-domain, and may be defined on a link or service basis. The maintenance entities may be used to monitor performance within a network or across networks, and may be used to monitor various performance parameters, such as frame loss, frame delay, frame delay variation, availability, errored frame seconds, service status, frame throughput, the number of frames transmitted, received or dropped, the status of a loopback interface, the amount of time a service has been unavailable, and many other parameters. Several management mechanisms may be used, and the measurements may be collected using a solicited collection method, in which a responses are required and collected, or an unsolicited collection method in which a response is not required.

The invention discloses a framework system of a grade software defined network software controller and an implementation method thereof. The framework system and the implementation method are applied in a multi-domain optical transport network (OTN); an inter-domain mapping relation of a whole network view and a physical device network is established according to whole network topologic information by a primary (SDNOTN) controller; an inter-domain mapping processing request of the whole network view and the physical device network in each domain is sent to each auxiliary SDNOTN; and the domain mapping relation of the whole network view and the physical device network is established by the auxiliary SDNOTN controllers. Grade structures of the primary SDNOTN controller and the auxiliary SDNOTN controllers are arranged in the framework system, so that the mapping relation of the multi-domain whole network view and the overall physical device network in real sense is realized, and a whole network resource optimizing algorithm is realized in the real sense, so that the problem that the inter-domain link resource conflict occurs in a cross-domain service connection signaling process can be thoroughly solved.

A fast reroute (FRR) technique is implemented at the edge of a network. In accordance with the technique, if an edge device detects a node or link failure that prevents it from communicating with a neighboring routing domain, the edge device reroutes at least some data packets addressed to that domain to a backup edge device which, in turn, forwards the packets to the neighboring domain. The rerouted packets are designated as being “protected” (i.e., rerouted) data packets before they are forwarded to the backup edge device. To differentiate which data packets are protected and which are not, the backup edge device employs different sets of VPN label values for protected and non-protected network traffic. That is, the backup edge device may allocate two different VPN label values for at least some destination address prefixes that are reachable through the neighboring domain: a first VPN label value for FRR protected traffic and a second VPN label value for non-protected traffic. Upon receiving a data packet containing a protected VPN label value, the backup edge device is not permitted to reroute the packet a second time, e.g., in response to another inter-domain node or link failure, thereby preventing loops from developing at the edge of the network.

A technique calculates a shortest path for a traffic engineering (TE) label switched path (LSP) from a head-end node in a local domain to a tail-end node of a remote domain in a computer network. The novel path calculation technique determines a set of different remote domains through which the TE-LSP may traverse to reach the tail-end node (e.g., along “domain routes”). Once the set of possible routes is determined, the head-end node sends a path computation request to one or more path computation elements (PCEs) of its local domain requesting a computed path for each domain route. Upon receiving path responses for each possible domain route, the head-end node selects the optimal (shortest) path, and establishes the TE-LSP accordingly.

An approach provides interdomain traversal to support packetized voice transmissions. A signaling message is received for establishing a voice call from a first endpoint associated with a first domain to a second endpoint associated with a second domain. The first endpoint queries a STUN (Simple Traversal of UDP (User Datagram Protocol)) server to determine information relating to a firewall and network address translator that the first endpoint is behind, and to log into a TURN (Traversal Using Relay NAT (Network Address Translation)) server configured to establish a media path between the first endpoint and the second endpoint. A first proxy server serving the first endpoint communicates with an ENUM (Electronic Number) server to convert a directory number corresponding to the second endpoint to a network address. The first proxy server communicates with a second proxy server serving the second endpoint to establish the voice call. The STUN server, the TURN server and the ENUM server are maintained by service provider. The first endpoint is authenticated to permit exchange of a media stream over the media path. The media stream is relayed, if the first endpoint is successfully authenticated.

An approach provides interdomain traversal to support packetized voice transmissions. A request is received and specifies a directory number for establishing a communication session from a first endpoint to a second endpoint. The first endpoint is behind a first network address translator of a first domain, and the second endpoint is within a second domain. A service provider network is accessed to determine a network address for communicating with the second endpoint based on the directory number, to determine existence of a second network address translator within the second domain, and to establish, if the network address can be determined, a media path between the first endpoint and the second endpoint based on the network address to support the communication session. An encrypted session is established with a proxy server according to a cryptographic protocol to support the media path. The proxy server resides within the second domain.

The invention discloses a network system of Internet of things and a data processing method thereof, mainly solving the problems of unavailable heterogeneous network integrated access, difficult resource sharing and poor security control of the existing network of Internet of things. The network system mainly comprises an Internet of things processing center, a distributed Internet of things domain processing and servicing subsystem, a multimode Internet of things gateway, and Internet of things devices. The Internet of things processing center provides service and a development platform for the public, the distributed Internet of things domain processing and servicing subsystem assists the Internet of things processing center to provide the service for the user, the multimode Internet of things gateway provides the protocol conversion and the security service, and the Internet of things devices are used to receive and transmit the Internet of things data or to execute instruction, and perform the inter-domain processing or the intra-domain processing on the network data according to different services when processing the network data in the network system of Internet of things. According to the invention, the problem of heterogeneous network integrated access is solved, the resource sharing rate of the Internet of things is enhanced, and the security control of the Internet of things information is strengthened, therefore, the system and the method can be used in designing and building of the Internet of things network.

A method of managing forwarding of data in a first autonomous system (AS) is described. The first AS includes a plurality of border routers having inter-domain links to one or more remote AS's and an associated exterior communications protocol. The border routers use an interior communications protocol with other border routers in the first AS using primary tunnels. The method comprises the steps, performed at a first border router having a primary route via an inter-domain link to a remote AS, of constructing an alternate route to the remote AS via second border router in the first AS, instigating a backup tunnel to the second border router upon failure of the primary route and sending a failure message to the other border routers.

A technique computes a traffic engineering (TE) label switched path (LSP) that spans multiple domains of a computer network from a head-end node of a local domain to a tail-end node of a remote domain. The novel inter-domain TE-LSP computation technique comprises a computation algorithm executed by the head-end node, which utilizes Path Computation Elements (PCEs) located within the remote domains (i.e., other than the local domain). Specifically, the head-end node requests path segments from a PCE in each of the remote domains, in which the path segments represent paths between all entry border routers to either all exit border routers of the particular remote domain (i.e., through the domain), or to the tail-end node. Upon receiving path segments from each remote domain, the head-end node combines the path segments with local domain information, and performs a forward path computation from the head-end node to the tail-end node to find the best (i.e., “shortest”) path.

The invention discloses a method and device for binding and mapping control of inter-domain links and intra-domain channels for cross-domain services, and is mainly designed for the defects existing in the linkage mapping relationship established between existing inter-domain links and intra-domain channels. The control method of the present invention includes: when establishing the first cross-domain service passing through the inter-domain link, selecting a large-grained intra-domain channel according to a preset strategy, and automatically binding its mapping relationship with the inter-domain link. When subsequently establishing cross-domain services passing through the inter-domain link, the routing calculation policy of the control plane is associated with the mapping relationship, and automatically converges the cross-domain services into the intra-domain channels specified in the mapping relationship. The binding mapping relationship lasts until all service connections carried on the inter-domain link are released after being torn down. The method proposed by the invention can correctly control the establishment and aggregation of cross-domain services without adding hardware network equipment.

A technique dynamically triggers an exchange of reachability information between a tail-end (remote) domain target node (e.g., a tail-end node) of a traffic engineering (TE) label switched path (LSP) and a local domain head-end node of the TE-LSP in a computer network. The inter-domain information retrieval technique is illustratively based on triggering a Border Gateway Protocol (BGP) session whereby at least a portion of the reachability, i.e., routing, information of the tail-end node is transmitted to the head-end node of the TE-LSP in accordance with BGP. Specifically, once a TE-LSP is established between the head-end node and the tail-end node, the head-end node triggers the tail-end node, e.g., through extensions to a request/response signaling exchange, to establish the BGP session. Establishment of the BGP session enables transmission of the routing information from the tail-end node to the head-end node. The head-end node uses the routing information to calculate routes, i.e., address prefixes and associated attributes, reachable from the tail-end node for insertion into its routing table.