8377 results about "Protocol Application" patented technology

A runtime adaptable search processor is disclosed. The search processor provides high speed content search capability to meet the performance need of network line rates growing to 1 Gbps, 10 Gbps and higher. he search processor provides a unique combination of NFA and DFA based search engines that can process incoming data in parallel to perform the search against the specific rules programmed in the search engines. The processor architecture also provides capabilities to transport and process Internet Protocol (IP) packets from Layer 2 through transport protocol layer and may also provide packet inspection through Layer 7. Further, a runtime adaptable processor is coupled to the protocol processing hardware and may be dynamically adapted to perform hardware tasks as per the needs of the network traffic being sent or received and/or the policies programmed or services or applications being supported. A set of engines may perform pass-through packet classification, policy processing and/or security processing enabling packet streaming through the architecture at nearly the full line rate. A high performance content search and rules processing security processor is disclosed which may be used for application layer and network layer security. scheduler schedules packets to packet processors for processing. An internal memory or local session database cache stores a session information database for a certain number of active sessions. The session information that is not in the internal memory is stored and retrieved to/from an additional memory. An application running on an initiator or target can in certain instantiations register a region of memory, which is made available to its peer(s) for access directly without substantial host intervention through RDMA data transfer. A security system is also disclosed that enables a new way of implementing security capabilities inside enterprise networks in a distributed manner using a protocol processing hardware with appropriate security features.

Method, system and computer program product for detecting at least one of security threats and undesirable computer files are provided. A first method includes receiving a data stream which represents outbound, application layer messages from a first computer process to at least one second computer process. The computer processes are implemented on one or more computers. The method further includes monitoring the data stream to detect a security threat based on a whitelist having entries which contain metadata. The whitelist describes legitimate application layer messages based on a set of heuristics. The method still further includes generating a signal if a security threat is detected. A second method includes comparing a set of computer files with a whitelist which characterizes all legitimate computer files. The whitelist contains one or more entries. Each of the entries describe a plurality of legitimate computer files.

A runtime adaptable security processor is disclosed. The processor architecture provides capabilities to transport and process Internet Protocol (IP) packets from Layer 2 through transport protocol layer and may also provide packet inspection through Layer 7. Further, a runtime adaptable processor is coupled to the protocol processing hardware and may be dynamically adapted to perform hardware tasks as per the needs of the network traffic being sent or received and/or the policies programmed or services or applications being supported. A set of engines may perform pass-through packet classification, policy processing and/or security processing enabling packet streaming through the architecture at nearly the full line rate. A high performance content search and rules processing security processor is disclosed which may be used for application layer and network layer security. A scheduler schedules packets to packet processors for processing. An internal memory or local session database cache stores a session information database for a certain number of active sessions. The session information that is not in the internal memory is stored and retrieved to/from an additional memory. An application running on an initiator or target can in certain instantiations register a region of memory, which is made available to its peer(s) for access directly without substantial host intervention through RDMA data transfer. A security system is also disclosed that enables a new way of implementing security capabilities inside enterprise networks in a distributed manner using a protocol processing hardware with appropriate security features.

A Quality of Experience (QoE) framework provides a technique to assess the end user experience in a mobile wireless communication environment, such as 2.5G or 3G networks, or in any other wireless or hardwired communication environment. The framework is usable in conjunction with media streaming applications and enables a combination of network layer, transport layer, codec layer, and application layer measurements in extracting results. The extracted results can be used to monitor and improve, if necessary, the end user experience over severely variable network conditions.

A method, apparatus and system are provided for acquiring an access point name for an application employing a local Internet protocol breakout service. In one embodiment, the apparatus includes a user management subsystem (820) configured to initiate an Internet protocol application. The apparatus also includes a local breakout service monitoring subsystem (810) configured to monitor availability of a local Internet protocol local breakout service and to obtain an access point name from the local Internet protocol local breakout service when the local Internet protocol local breakout service is available. The apparatus also includes an access point name selection control subsystem (830) configured to bind the access point name to the Internet protocol application.

Methods and systems for universal, automatic service selection are disclosed. A method for universal, automatic service selection includes receiving signaling messages and identifying signaling connection control part (SCCP) messages from the signaling messages. The SCCP messages are decoded to extract SCCP parameters and application layer parameters from the messages. A routing address translation service is selected for each of the SCCP messages based on application identifiers that identify application layer message types alone or in combination with other parameters. Selecting the routing address translation service in this manner makes the service selection more robust and universally applicable, especially in networks where different or non-standard selector parameters are utilized.

A system, apparatus, and method for maintaining a socket connection over a wireless network. For example, one embodiment of the invention is a wireless data processing device for emulating a socket connection comprising: a wireless radio for establishing a wireless communication channel with a wireless service provider over a wireless network; a network protocol stack including at least one layer configured to establish a socket connection with a remote server over the wireless network, the network protocol stack further including an application layer for executing applications capable of transmitting and receiving data over the socket connection; and a resumable socket module configured to emulate an open socket connection transparently to applications within the application layer, even when the wireless communication channel is temporarily lost, the resumable socket module counting a number of bytes transmitted or to be transmitted to the remote server and maintaining a buffer containing the bytes transmitted or to be transmitted.

A packet processing device in which a receiving buffer free space notifying portion notifies a free space of a receiving buffer, an accumulation condition determining portion determines a size of a big packet based on the free space, and a reassembly buffer processor reassembles a plurality of receiving packets into a single big packet to be transmitted to the receiving buffer. A backward packet inclusive information reading circuit for detecting the free space based on information within a backward packet from the upper layer may be used as the receiving buffer free space notifying portion. Also, an application layer may be used as the upper layer so that the big packet is transmitted not through a buffer of a transport layer but directly to the receiving buffer.

Clients that are connected on a private network and which are assigned a private IP address that is not routable on the Internet can connect to the Internet through a router/server that includes a network address translator (NAT). For outgoing packets, the NAT translates the client's private source IP address and generalized port number (GPN) to the NAT's global IP address and GPN. For incoming packets sent to the NAT's global IP address and GPN, the NAT translates the global destination IP address and GPN to the client's private IP address and GPN. For protocols which cannot be directly supported by the NAT, such as those in the IPSec security protocol suite, the NAT is extended by creating in the NAT's translation table an entry that associates, for a specific unsupported protocol, a client's private IP address and GPN, the NAT's global IP address and GPN, and a foreign address on the Internet, that is valid until a specified or default expiration time. Outgoing packets from the client to that foreign address and incoming packets from that foreign address to the NAT's global IP address and GPN are translated according to the entry until the entry expires. In associations with these translations to outgoing and incoming packets, the client implements any Application Layer Gateway (ALG) that would otherwise be implemented at the NAT. Further, at the client, outgoing packets are modified before being transmitted so as to pre-compensate for the effects of the translations. Incoming packets at the client from the NAT are similarly modified so as to post-compensate for the effects of the translations. For the IPSec protocol, these modification include adjusting the checksum in the TCP or UDP header to account for IP address and TCP or UDP port number translations.

A virtual environment can be configured to coordinate life cycles of virtual machines and application programs executing therein. In one implementation, the virtual environment includes an application layer and a virtual machine layer. The application layer communicates with the virtual machine layer to coordinate and directs virtual machine creation and deletion in a coordinated fashion with application programs. For example, the application layer receives a request to initiate an application program. The application layer determines from associated application properties the type and/or number of virtual machines to be created. The application layer then directs creation of the appropriate virtual machines (through the virtual machine layer), and further directs installation of the requested application programs therein. When detecting removal of the application program from the created virtual machines, the application layer can automatically direct removal or decommissioning of the corresponding virtual machine.

A method for compressing a stream of application layer network traffic communicated over a transport layer connection of a virtual private network connection between a client and a server using an appliance. The appliance intercepts one or more transport layer packets of a stream of application network traffic communicated via a transport layer connection of a virtual private network connection between a client and a server. The appliance accumulates data from a payload of the intercepted transport layer packets, determines data accumulated for transmission should be compressed based on one or more compression trigger, and compresses the accumulated data into a self-contained compression block for transmission.

A method for removing redundant data from a backup storage system is presented. In one example, the method may include receiving the application layer data object, selecting a de-duplication domain from a plurality of de-duplication domains based at least in part on a data object characteristic associated with the de-duplication domain, determining that the application layer data object has the characteristic and directing the application layer data object to the de-duplication domain.

The present disclosure is directed towards tracking application layer flow via a multi-connection intermediary. Transaction level or application layer information may be tracked via the intermediary, including one or more of: (i) the request method; (ii) response codes; (iii) URLs; (iv) HTTP cookies; (v) RTT of both ends of the transaction in a quad flow arrangement; (vi) server time to provide first byte of a communication; (vii) server time to provide the last byte of a communication; (viii) flow flags; or any other type and form of transaction level data may be captured, exported, and analyzed. The application layer flow or transaction level information may be provided in an IPFIX-compliant data record. This may be done to provide template-based data record definition, as well as providing data on an application or transaction level of granularity.

An RFID device is disclosed. The RFID device can include a transceiver; and a processor coupled to the transceiver. The processor can operate a Physical (PHY) layer with the transceiver, a Media Access Control (MAC) layer over the PHY layer, and an RFID application layer over the MAC layer. The MAC layer and the PHY layer can operate according to a non-RFID wireless protocol.

An automation network includes automation network devices connected to the network and a system layer interface that interfaces with a transport layer and an application layer of the home automation network. The system layer interface includes command libraries configured to upgrade a remote network device. The automation network queries the network devices to determine if there are lost network devices or newly added network devices. The automation network may update a new remote device with scene information related to any lost network devices.

A system and method are provided for detecting fraud and/or misuse in a computer environment through tracking users activities at the application layer for known users. Application layer data and other data are normalized and records are created. The normalized data is correlated to user identities to produce correlated information that is analyzed against modeling information. The modeling information is generated using rules, algorithms, and/or database queries to define fraud scenarios and misuse scenarios. Reports and/or alerts may be generated if fraud and/or misuse are detected.

A network selection system that includes a mobile terminal in communication with a first network, a second network in communication with the first network and an application layer triggering mechanism that determines which one of a plurality of triggers is required in a certain set of circumstances to provide a particular application.

A system includes first and second hubs. The first hub is configured to communicate data with a medical device through a Local Area Network and package the data into at least one application-layer packet. The second hub is configured to receive the at least one application-layer packet from the first hub operatively through at least one cellular network.

This invention provides methods and apparatus for web switching without connection termination while providing content routing functionality. Content-aware web switches terminate incoming TCP connections and inspect the HTTP header to recognize the URL (content) being requested from a web server farm. This invention maps application layer information (URLs) to MPLS labels. This allows a standard MPLS switch to provide web switching functionality without terminating TCP connections. In addition to content routing, this method is applied for client session affinity, server load balancing and service differentiation. This invention also relates to using TCP port numbers instead of MPLS labels to achieve web-switching functionality through the use of a TCP router that translates IP address and port numbers.

The invention relates to a real-time data distribution system with a distributed network architecture and a working method thereof, the system adopts a publication/subscription communication mechanism to transfer information in Internet and a mobile network, and the system comprises a server sub-system, a proxy sub-system, a terminal sub-system and a distributed database, wherein, the server sub-system is used for completing the operations of topic storage, topic matching and the like; the proxy sub-system is used for completing the operations of receiving a topic from a terminal, transmitting a matching event to a subscriber, submitting the publication/subscription topic and the like; the terminal sub-system is used for completing the publication/subscription information of a user; and a distributed database which is used for storing the publication/subscription information and the system information. The system can automatically, quickly and safely provide real-time data transmission service against the subscription information of the user, provide the publication/subscription service of a variety of types of data, such as text information, streaming media, geographic position information and the like, provide up to 20 QoS control parameters, realize the QoS hierarchy configuration of an application layer and provide the convenience for function expansion of the data distribution system.

A tablet computer comprises an operating system, including an application framework layer and an application layer, and an overlay system. The overlay system controls access to application programs and provides a first user interface and a second operating environment associated with a second user interface. Optionally, the overlay system provides a first operating environment associated with the first user interface. The overlay system includes an access control configured to permit or deny a request for access in the second operating environment to resources and/or data. Optionally, the overlay system is executed in the application framework layer of the operating system and may comprise a hypervisor providing an operating platform comprising the first user interface, the second operating environment, and an application space providing access to the application layer.