1048 results about "Proxy service" patented technology

An exemplary method includes a computer-implemented cloud service brokering system that provides a cloud service brokering service 1) registering a plurality of cloud services with the cloud service brokering service, the plurality of cloud services provided by a plurality of cloud service providers and configured to provide distinct sets of cloud computing resources as a service, 2) receiving, from a customer of the cloud service brokering service, cloud service request information, 3) selecting, based on the cloud service request information, a cloud computing resource from the distinct sets of cloud computing resources provided by the plurality of cloud services registered with the cloud service brokering service, and 4) allocating the selected cloud computing resource for use by the customer. In certain examples, the allocating may be supported by the system configuring a customer network to support implicit and/or explicit transport requirements. Corresponding systems and methods are also described.

An aspect of the present invention is a method for routing content information to a mobile user or client application. The method preferably comprises re-directing a user request to one or more gateway servers provided via an overlay network. In another aspect, the present invention is an apparatus that includes a proxy service that intercepts content information requests to the Internet and re-directs the content requests to an overlay. Another aspect of the present invention comprises a location-based Uniform Resource Locator that includes a protocol semantic portion and a location-based resolver address portion that identifies one or more resources on a network based on the geographical location of the resources.

A communication system in which multiple protocols and proxy services are executed by an access point. In one embodiment of the invention, GVRP and GMRP registrations are combined in a single packet when a wireless device roams to a different VLAN. In addition, outbound GVRP and GMRP multicast messages are handled by an access point (also referred to as a GVRP and GMRP “gateway”) such that the wireless device is not burdened with the associated computational overhead. In a further embodiment, a wireless device may dynamically switch between a VLAN-aware state and a VLAN-unaware state depending on the nature of a detected access point. For example, if a relevant access point supports GVRP, the wireless device may operate as a VLAN terminal. If a wireless device is not attached to an access point with a matching VLAN ID, the wireless device sends and receives VLAN tagged frames. If a wireless device configured with a VLAN ID is attached to an access point with a matching VLAN ID, or if the wireless device is attached to a non-VLAN access point, then the wireless device may send and receive raw/untagged frames. In addition to the gateways described below, the ability of a wireless device to detect when it can send untagged frames is considered novel. In another embodiment of the invention, a special ID that is different than the native VLAN ID for a switch port is used for VLAN-unaware devices. This allows such devices that do not issue tagged frames to belong to a single VLAN ID.

A NAS (Network Attaches Storage) switch authenticates a client on multiple file servers for proxy services. The NAS switch enables proxy services by successively authenticating the client on the file servers using referrals. The NAS switch further comprises a connection manager to establish connections to the client and the file servers, a referral manager to redirect the client for successive authentications, and a transaction manager to perform data transfers with the file servers on behalf of the client. The system components support DFS (Distributed File System), and communicate using a protocol dialect that supports referral mechanisms such as NFSv4 (Network File Server version 4) or CIFS (Common Internet File System). The transaction manager also performs a protocol dialect translation service when the connection manager negotiates one protocol dialect with the client, and a different protocol dialect with the file server.

Methods, signals, devices, and systems are provided for using proxy servers to transparently forward messages between clients and origin servers if, and only if doing so does not violate network policies. In some systems, a transparent proxy uses a combination of standard-format HTTP commands, embedding auxiliary information in URLs and other tools and techniques to redirect an initial client request to one or more policy modules, such as a login server or an identity broker or an access control server. The policy module authenticates the request, and uses HTTP redirection to have the client transmit authorization data to the proxy. The proxy extracts the authorization data, directs the client to use a corresponding cookie, and subsequently provides the implicitly requested proxy services to the client in response to the client's subsequently providing the authorization data in a cookie. This is accomplished without requiring installation of any invention-specific software or hardware on either the client or the origin server, and also works with proxy servers that are known to the client. Unless the client request violates network policy, a person using the client will generally perceive no reduction of services, and will instead benefit from the proxy's caching and/or other performance enhancements.

The present invention extends to methods, systems, and computer program products for integrating external and cluster heat map data. Embodiments of the invention include a proxy service that manages (e.g., asynchronous) communication with cloud nodes. The proxy service simulates packets to on-premise services to simplify the integration with an existing heat map infrastructure. The proxy maintains a cache of performance counter mappings and timestamps on the on-premise head node to minimize the impact of latency into heat map infrastructure. In addition, data transfer is minimized by mapping a fixed set of resource based performance counters into a variable set of performance counters compatible with the on premise heat map infrastructure.

The present invention relates to a P2P network system. The P2P network system includes: multiple local overlay networks, each comprising multiple proxy service peers; a global overlay network composed of the proxy service peers of all local overlay networks. The proxy service peer is adapted to respond to the request of the requesting peer, query the local overlay network or global overlay network, and return the address information of the requested peer or the requested proxy service peer to the requesting peer. The present invention also relates to a proxy service peer applicable to the foregoing network system, and a method of peer interworking between P2P overlay networks based on the foregoing system. The present invention relieves the load of the proxy service peer, avoids blindness of the requesting peer in selecting the proxy service peer, and achieves load balance between proxy service peers.

A system and methods for building and executing intelligent agents are disclosed. This system allows the automatic invocation of computerized software services using Boolean conditions to determine if and when a specific service or task is executed. Intelligent agents within the platform can communicate with each other through a message-handling infrastructure. The message-handing system includes methods for data encoding/decoding, encryption and transport across multiple protocols. This system also includes methods for event handling, task selection, agent mobility, and agent persistence. A graphical user interface helps individuals define and monitor agent activity. This system is highly extendible, providing methods for the addition or inclusion of alternative agent services, message-handling approaches, event-handling systems and task-handling approaches.

A method and apparatus for improving the scalability of H.323 systems is described. An H.323 gateway can be modified to store call state information associated with a call on at least one of the ports of the modified H.323 gateway. The modified H.323 gateway can send registration, admission, and status requests to a modified H.323 gatekeeper. This relieves the modified H.323 gatekeeper of the need to maintain call status information for that call. If the modified H.323 gatekeeper fails, there is no disruption of the call or the billing information associated with the call. The modified H.323 gateway and the modified H.323 gatekeeper can be embodied in interface cards suitable for IP telephony gateways. Additionally, the modified H.323 gateway can support a standard network address translation protocol and an H.323 proxy service. These features help prevent users of the modified H.323 gateway from bypassing the billing and user authentication systems while also conserving the IP address space.

An approach for establishing secure multicast communication among multiple multicast proxy service nodes is disclosed. The multicast proxy service nodes, which can be distributed throughout an enterprise domain, are organized in a logical tree that mimics the logical tree arrangement of domains in a directory server system. The attributes of the multicast proxy service nodes include the group session keys that are members of the secure multicast or broadcast groups. Because keys as well as key version information are housed in the directory, multicast security can be achieved over any number of network domains across the entire enterprise. Key information is stored in, and the logical tree is supported by, a directory service. Replication of the directory accomplishes distribution of keys. Multicast proxy service nodes may obtain current key information from a local copy of the replicated directory.

In accordance with an embodiment, described herein are systems and methods for implementing a distributed ledger a blockchain cloud service. The blockchain cloud service can include nodes of the distributed ledger and a REST proxy service component. The REST proxy service uses a service development kit for the distributed ledger to communicate with the distributed ledger, and can provide REST APIs for use by client applications to query through chaincodes, synchronously or asynchronously invoke transactions through the chaincodes, get transaction statuses, and get BCS proxy versions. The REST proxy service component can authenticate REST calls, and translate the REST calls into remote procedural calls, for use in interfacing with the distributed ledger. The REST proxy service component can further provide REST APIs that support the same functions which are provided by the BCS management console component, and provide a user interface for client applications to consume the BCS instance.

Provided in a proxy server which enables a plurality of SIP servers to copy registration information after presenting, to an SIP server requesting SIP Digest authentication, properness of one who makes an access and of a REGISTER request to be transmitted. With a REGISTER request generation function provided in addition to a function that a common SIP proxy server holds, a proxy server disposed between a user agent and an SIP server generates a REGISTER request to a spare SIP server and transmits the same to the spare SIP server, thereby realizing registration information copying, and holds a user identifier and a password of the proxy server to execute Digest authentication with the spare SIP server. Moreover, after confirming a REGISTER request processing completion response (200 OK) from a working SIP server from which registration information is copied, the proxy server transmits a copied REGISTER request to the spare SIP server.

The invention discloses a peer-to-peer network-based heterogeneous database synchronization method. The method is realized based on a heterogeneous database synchronization device composed of routing nodes and a global proxy server. The method comprises the steps of detecting the information charging condition of a database, feeding back the information changing condition to the global proxy server, broadcasting the changed information to the routing proxies of all nodes by the global proxy server, updating the resource information of each node, recording the timestamp of the updated information, updating the recorded timestamp in a block chain, updating the proxy synchronization state of each node, recording the timestamp thereof and the-be-changed information, and feeding back the updating state to a global proxy. According to the invention, through the decentration process, the self-management of each node is realized. Therefore, the reliability and the usability of database synchronization are greatly improved. The above method is conducted based on the block chain technology and enables the complete data exchange record. Meanwhile, the problem in the prior art that the data exchange in the traditional goal-centered approach cannot be traced is solved.

Systems and methods implemented by a unified agent application executed on a mobile device, for unified service discovery and secure availability include authenticating a user into a plurality of cloud services including a proxy service and a Virtual Private Network (VPN) service, wherein the proxy service is utilized for Internet traffic and the VPN service is for Intranet traffic; creating and operating a link local network at the mobile device with a virtual network interface and multiple listening sockets; and intercepting traffic at the virtual network interface from one or more client applications on the mobile device and splitting the traffic between the proxy service, the VPN service, and the Internet based on a type of the traffic, a destination, and the one or more client applications.

Systems and methods for multi-hop service discovery within a mobile device cluster are disclosed. A seeker station may be seeking or may have found a desired service available from a provider station. The seeker station may receive the service announcement from the provider station, and become a proxy station, expanding the service area of the provider station. The proxy station may selectively transmit services and advertisements for services on behalf of the provider station based on restrictions placed on selection as a proxy station. Restrictions or conditions may be placed on the proxy station limiting the number of stations that may become proxy stations, limiting traffic within the cluster. Some restrictions may require a proxy station to be a member of the cluster or a member of a group within the cluster. Selection as a proxy station and frequency of transmission of service announcements by proxy stations may also be conditioned on various specific parameters or combinations of parameters as specified by the provider station.

Architecture for controlling access by a Light Extensible Authentication Protocol (LEAP)-compatible wireless client to a network that utilizes a challenge/handshake authentication protocol (CHAP). A proxy service is hosted on a network server disposed on the network, and accessed in response to receiving access information from the client. The access information is processed with the proxy service into CHAP-compatible access information, and forwarded to a CHAP-based access control server disposed on the network to determine whether to grant network access to the client.

A system and method of accessing services from end terminals disposed in an integrated telecommunications network having a packet-switched network (PSN) portion such as, for example, a network portion using the Internet Protocol (IP) and a circuit-switched network (CSN) portion such as, for example, a wireless telephony network portion. A generalized service invocation and realization architecture includes one or more call control modules modified to include service-related Detection Points (DPs), a Service Access component or instance that is created when a new DP is encountered, and one or several service proxies which invoke services on behalf of the Service Access component and mediate between the call control modules and services. A common Service Logic Environment is implemented for local services, mobile agent services, and remote services. The PSN portion is preferably realized as a Voice-over-IP (VoIP) network having a gateway connected to the CSN portion.

A system and method for providing implementing proxy handling of instant messages and the like, wherein proxy recipients are designated by an original recipient, and one or more redirection rules are established indicating conditions under which said designated proxy recipients are to be sent redirected messages. When an instant message is received directed towards the original recipient, the redirection rules are evaluated and the message is redirect to a designated proxy recipient according to the redirection rules, with the display of the received message being suppressed or blocked on the intended original recipient's user interface.

A method for authenticating, by a trusted component, a user of a desktop appliance to a remote machine includes executing, by a desktop appliance, a user interaction component, responsive to receiving a secure attention sequence from a user. The user interaction component receives authentication credentials associated with the user. The desktop appliance transmits, to a broker service, the received authentication credentials. The broker service authenticates the user, responsive to the received authentication credentials. The broker service transmits, to a remote machine, authentication data associated with the received authentication credentials. The remote machine authenticates the user, responsive to the received authentication data. The remote machine provides, to the desktop appliance, access to a resource requested by the user. In another aspect, a trusted component provides, to a user of a desktop appliance, access to secure desktop functionality provided by a remote machine.

In an internet having a server for providing service, a client for receiving the service, plural proxy servers for standing proxy for an access to the server done by the client, and a proxy server selecting server for noticing an IP (Internet Protocol) corresponding to a domain name of the client in response to an inquiry with the domain name added thereon, the proxy server selecting server receives a request message with the domain name of the server for providing the target service from the client. Then, the proxy server selecting server notifies the client of the IP address of the most approximate server to the client in place of the IP address of the server, based on the physical/logical location information, and if necessary, the periodically obtained load information of the proxy servers. The client recognizes the proxy server of the IP address given thereto as the server for providing the target service and then makes access to the proxy server.