Patents by Inventor Thomas Joseph Killian
Thomas Joseph Killian has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8676916Abstract: A system and method are provided for use in establishing secure end-to-end communication links over a VPN gateway via a network interface unit. Illustrative embodiments include establishing and providing secure communication relationships between users (customers) and companies for e-commerce and other business purposes. Each company's data and linkage to users remaining private and secure from the other participating companies as well as from the general public over the Internet. Login by user with network interface units, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Required authentication exchanges and required encryption key exchanges facilitate the secure communications. Financial arrangements regarding the provisioning and use of network interface units are also disclosed.Type: GrantFiled: June 22, 2012Date of Patent: March 18, 2014Assignee: AT&T Intellectual Property II, L.P.Inventors: Steven Michael Bellovin, Thomas Joseph Killian, Bruce LaRose, Aviel D. Rubin, Norman Loren Schryer
-
Publication number: 20130163757Abstract: A system and method are provided for use in establishing secure end-to-end communication links over a VPN gateway via a network interface unit. Illustrative embodiments include establishing and providing secure communication relationships between users (customers) and companies for e-commerce and other business purposes. Each company's data and linkage to users remaining private and secure from the other participating companies as well as from the general public over the Internet. Login by user with network interface units, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Required authentication exchanges and required encryption key exchanges facilitate the secure communications. Financial arrangements regarding the provisioning and use of network interface units are also disclosed.Type: ApplicationFiled: June 22, 2012Publication date: June 27, 2013Inventors: Steven Michael Bellovin, Thomas Joseph Killian, Bruce LaRose, Aviel D. Rubin, Norman Loren Schryer
-
Patent number: 8239531Abstract: A system and method are provided for use in establishing secure end-to-end communication links over a VPN gateway via a network interface unit. Illustrative embodiments include establishing and providing secure communication relationships between users (customers) and companies for e-commerce and other business purposes. Each company's data and linkage to users remaining private and secure from the other participating companies as well as from the general public over the Internet. Login by user with network interface units, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Required authentication exchanges and required encryption key exchanges facilitate the secure communications. Financial arrangements regarding the provisioning and use of network interface units are also disclosed.Type: GrantFiled: September 16, 2002Date of Patent: August 7, 2012Assignee: AT&T Intellectual Property II, L.P.Inventors: Steven Michael Bellovin, Thomas Joseph Killian, Bruce LaRose, Aviel D. Rubin, Norman Loren Schryer
-
Patent number: 8194685Abstract: A system has a switch that allows virtual private networks to be created dynamically. The system includes at least one network. The system also includes a computer having an address. The system also includes a plurality of ports for coupling to the computer. The system also includes a switch that assigns one of the plurality of ports to a private network according to the address of the computer. The switch assigns the port by correlating the address with an address list.Type: GrantFiled: November 10, 2008Date of Patent: June 5, 2012Assignee: AT&T Intellectual Property II, L.P.Inventor: Thomas Joseph Killian
-
Patent number: 8107479Abstract: A system and method for providing telephony and high-speed data access over a broadband access network, comprising a network interface unit (NIU) coupled to a backup local exchange carrier (LEC) line, the broadband access network coupled to the NIU, an intermediate point-of-presence (IPOP) coupled to the broadband access network, and at least one external access network coupled to the IPOP. The system also provides for a fail-safe mode in which the NIU supports the LEC line for lifeline services.Type: GrantFiled: November 10, 2003Date of Patent: January 31, 2012Assignee: AT&T Intellectual Property II, L.P.Inventors: Steven Michael Bellovin, Joseph Henry Condon, Richard Vandervoort Cox, Alexander Gibson Fraser, Charles Robert Kalmanek, Jr., Alan Edward Kaplan, Thomas Joseph Killian, William Todd Marshall, Peter Z. Onufryk, Kadangode K. Ramakrishnan, Norman Loren Schryer
-
Patent number: 7827278Abstract: A network interface unit is provided for use intermediate a LAN and a public or private network, or a combination of both, for establishing secure links to a VPN gateway. Login by a LAN client with the network interface unit, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Illustrative network interface units include a DHCP server and provide encryption-decryption and encapsulation-decapsulation of data packets for communication with VPN nodes. Configuration and connection of a client are further enhanced by a built-in DNS server and other functional servers to provide a high degree of autonomy in establishing connections to a desired VPN gateway via an ISP or other public and/or private network links to. The interface unit then performs required authentication exchanges, and required encryption key exchanges.Type: GrantFiled: July 23, 2001Date of Patent: November 2, 2010Assignee: AT&T Intellectual Property II, L.P.Inventors: Yihsiu Chen, Mark Jeffrey Foladare, Shelley B. Goldman, Thomas Joseph Killian, Norman Loren Schryer, Kevin Stone, Roy Philip Weber
-
Patent number: 7827292Abstract: A network interface unit is provided for use intermediate a LAN and a public or private network, or a combination of both, for establishing secure links to a VPN gateway. Login by a LAN client with the network interface unit, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Illustrative network interface units include a DHCP server and provide encryption-decryption and encapsulation-decapsulation of data packets for communication with VPN nodes. Configuration and connection of a client are further enhanced by a built-in DNS server and other functional servers to provide a high degree of autonomy in establishing connections to a desired VPN gateway via an ISP or other public and/or private network links to. The interface unit then performs required authentication exchanges, and required encryption key exchanges.Type: GrantFiled: July 23, 2001Date of Patent: November 2, 2010Assignee: AT&T Intellectual Property II, L.P.Inventors: Yihsiu Chen, Mark Jeffrey Foladare, Shelley B. Goldman, Thomas Joseph Killian, Norman Loren Schryer, Kevin Stone, Roy Philip Weber
-
Patent number: 7545745Abstract: A terminal adapter for guaranteeing the quality of service of both voice and data packets is disclosed. Such quality is ensured by inserting gaps between successive data packets in a stream of multiplexed data and/or voice packets. A gap after a particular data packet is proportional to the size of that particular data packet. In this way, bandwidth is preserved for any voice packets that may have arrived during the transfer of the data packet as well as for any voice packets that arrive during the gap. The unconstrained upstream data bandwidth and the bandwidth used by voice calls may each be estimated by taking a plurality of instantaneous measurements of the available bandwidth and/or taking individual direct measurements. The size of data packets may be limited to a maximum size in order to ensure that time-sensitive voice packets experience only an acceptable delay in queue for transmission.Type: GrantFiled: January 14, 2005Date of Patent: June 9, 2009Assignee: AT&T Intellectual Property II, L.P.Inventors: Ali M. Cherchali, Gagan Lal Choudhury, Gerald Murray Ezrol, Marius Jonas Gudelis, Thomas Joseph Killian, Jerry A. Leger, Norman L. Schryer
-
Publication number: 20090067442Abstract: A system has a switch that allows virtual private networks to be created dynamically. The system includes at least one network. The system also includes a computer having an address. The system also includes a plurality of ports for coupling to the computer. The system also includes a switch that assigns one of the plurality of ports to a private network according to the address of the computer. The switch assigns the port by correlating the address with an address list.Type: ApplicationFiled: November 10, 2008Publication date: March 12, 2009Inventor: Thomas Joseph Killian
-
Patent number: 7450595Abstract: A system has a switch that allows virtual private networks to be created dynamically. The system includes at least one network. The system also includes a computer having an address. The system also includes a plurality of ports for coupling to the computer. The system also includes a switch that assigns one of the plurality of ports to a private network according to the address of the computer. The switch assigns the port by correlating the address with an address list.Type: GrantFiled: May 1, 2001Date of Patent: November 11, 2008Assignee: AT&T Corp.Inventor: Thomas Joseph Killian
-
Patent number: 6665299Abstract: A system and method for providing telephony and high speed data access over a broadband access network, comprising a network interface unit (NIU) coupled to a backup local exchange carrier (LEC) line, the broadband access network coupled to the NIU, an intermediate point-of-presence (IPOP) coupled to the broadband access network, and at least one external access network coupled to the IPOP. The system also provides for a fail-safe mode in which the NIU supports the LEC line for lifeline services.Type: GrantFiled: January 14, 1999Date of Patent: December 16, 2003Assignee: AT&T Corp.Inventors: Steven Michael Bellovin, Joseph Henry Condon, Richard Vandervoort Cox, Alexander Gibson Fraser, Charles Robert Kalmanek, Jr., Alan Edward Kaplan, Thomas Joseph Killian, William Todd Marshall, Peter Z. Onufryk, Kadangode K. Ramakrishnan, Norman Loren Schryer
-
Publication number: 20030200321Abstract: A network interface unit is provided for use intermediate a LAN and a public or private network, or a combination of both, for establishing secure links to a VPN gateway. Login by a LAN client with the network interface unit, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Illustrative network interface units include a DHCP server and provide encryption-decryption and encapsulation-decapsulation of data packets for communication with VPN nodes. Configuration and connection of a client are further enhanced by a built-in DNS server and other functional servers to provide a high degree of autonomy in establishing connections to a desired VPN gateway via an ISP or other public and/or private network links to. The interface unit then performs required authentication exchanges, and required encryption key exchanges.Type: ApplicationFiled: July 23, 2001Publication date: October 23, 2003Inventors: Yihsiu Chen, Mark Jeffrey Foladare, Shelley B. Goldman, Thomas Joseph Killian, Norman Loren Schryer, Kevin Stone, Roy Philip Weber
-
Patent number: 6598082Abstract: In an arrangement where users are connected to an ISP through a bank of modems, a time-out threshold is then selected for the user based on the user's connection pattern. The threshold is varied dynamically in response to access patterns, in an attempt to trade the benefit accrued by using the ISP's modem and phone line for a shorter period of time, against the inconvenience to the user from having to reestablish a connection to the ISP. Specifically, the time interval between the last disconnection by the user and the time of reconnection is evaluated, and when this time interval is shorter than a preselected threshold, then the time-out threshold is increased. When this time interval is longer than the preselected threshold, then the time-out threshold is decreased. Typically, when the time-out threshold is decreased, it is decreased by a significantly smaller amount that the amount by which it is increased, when it is increased.Type: GrantFiled: August 30, 2002Date of Patent: July 22, 2003Assignee: AT&T Corp.Inventors: Frederick Douglis, Thomas Joseph Killian
-
Publication number: 20030028650Abstract: A network interface unit is provided for use intermediate a LAN and a public or private network, or a combination of both, for establishing secure links to a VPN gateway. Login by a LAN client with the network interface unit, addressing, authentication, and other configuration operations achieved using a web page-based GUI are applied in establishing tunnels from LAN clients to desired VPN destinations. Illustrative network interface units include a DHCP server and provide encryption-decryption and encapsulation-decapsulation of data packets for communication with VPN nodes. Configuration and connection of a client are further enhanced by a built-in DNS server and other functional servers to provide a high degree of autonomy in establishing connections to a desired VPN gateway via an ISP or other public and/or private network links to. The interface unit then performs required authentication exchanges, and required encryption key exchanges.Type: ApplicationFiled: July 23, 2001Publication date: February 6, 2003Inventors: Yihsiu Chen, Mark Jeffrey Foladare, Shelley B. Goldman, Thomas Joseph Killian, Norman Loren Schryer, Kevin Stone, Roy Philip Weber
-
Patent number: 6487596Abstract: In an arrangement where users are connected to an ISP through a bank of modems, a time-out threshold is then selected for the user based on the user's connection pattern. The threshold is varied dynamically in response to access patterns, in an attempt to trade the benefit accrued by using the ISP's modem and phone line for a shorter period of time, against the inconvenience to the user from having to reestablish a connection to the ISP. Specifically, the time interval between the last disconnection by the user and the time of reconnection is evaluated, and when this time interval is shorter than a preselected threshold, then the time-out threshold is increased. When this time interval is longer than the preselected threshold, then the time-out threshold is decreased. Typically, when the time-out threshold is decreased, it is decreased by a significantly smaller amount that the amount by which it is increased, when it is increased.Type: GrantFiled: June 5, 1999Date of Patent: November 26, 2002Assignee: AT&T Corp.Inventors: Frederick Douglis, Thomas Joseph Killian
-
Patent number: 6473426Abstract: Techniques employed in packet networks for transferring a packet across subnetworks with different namespaces. When a packet enters a given subnetwork and has a destination in a subnetwork with a different namespace, the given subnetwork encapsulates the packet by adding a header which specifies a decapsulator in the namespace. When the packet arrives at the decapsulator, the decapsulator strips the header and provides the packet to a subnetwork with a different namespace. A particular use of the technique is in a network used for broad-band interactive service. The network has two sub-networks. The first subnetwork is a TV channel which functions as a high-bandwidth forward channel and the second subnetwork is a packet network accessible via a public modem pool which functions as a lower-bandwidth return channel. The encapsulator establishes a connection with the public modem pool and receives an address in the second subnetwork which is temporarily associated with the connection.Type: GrantFiled: July 21, 1999Date of Patent: October 29, 2002Assignee: AT&T Corp.Inventor: Thomas Joseph Killian
-
Publication number: 20020067815Abstract: Including a coupler that is connected to the customer's line provides a capability for routing calls that are destined to different called numbers to a single customer line. The coupler includes a module for detecting called number ID signals received at the customer line, a switch interposed between the customer's line and port to which customer premises equipment may be connected, and circuitry for detecting when the customer premises equipment goes off hook. The coupler can also be embedded within the customer premises equipment. Alerting signals are applied to the port to which the customer premises equipment may be connected based on the called number ID signals and on the off hook state of the port to which the customer premises equipment may be connected. In some embodiments, the alerting signals also depend on additional criteria. Also, the alerting signals may be provided by the customer's line, or generated within the coupler.Type: ApplicationFiled: December 6, 2000Publication date: June 6, 2002Inventors: Alan Edward Kaplan, Thomas Joseph Killian
-
Patent number: 5940394Abstract: Techniques employed in packet networks for transferring a packet across subnetworks with different namespaces. When a packet enters a given subnetwork and has a destination in a subnetwork with a different namespace, the given subnetwork encapsulates the packet by adding a header which specifies a decapsulator in the namespace. When the packet arrives at the decapsulator, the decapsulator strips the header and provides the packet to a subnetwork with a different namespace. A particular use of the technique is in a network used for broad-band interactive service. The network has two sub-networks. The first subnetwork is a TV channel which functions as a high-bandwidth forward channel and the second subnetwork is a packet network accessible via a public modem pool which functions as a lower-bandwidth return channel. The encapsulator establishes a connection with the public modem pool and receives an address in the second subnetwork which is temporarily associated with the connection.Type: GrantFiled: August 8, 1996Date of Patent: August 17, 1999Assignee: AT&T CorpInventor: Thomas Joseph Killian
-
Patent number: 5886991Abstract: A system to deliver data at very high data transmission speeds to many units in a distributed processing system simultaneously. A distributed processing system is supplied with a local area network (LAN) which is connected to each unit of the distributed processing system. Each unit is also equipped with a LAN interface card so that it may receive messages (and send messages if necessary) between itself and the system supplying the data. Speed of data delivery is increased to the speed of the LAN, which may be many times greater than is currently possible.Type: GrantFiled: December 13, 1995Date of Patent: March 23, 1999Assignee: Lucent Technologies Inc.Inventors: Paul Joseph Guarneri, Thomas Joseph Killian, Venkata Chalapathi Majeti, Norman Loren Schryer
-
Patent number: 5724345Abstract: A system and method which delivers data at very high data transmission speeds to many locations simultaneously. A SCANS system is supplied with a satellite uplink communication module which transmits data to an earth orbiting satellite. The satellite then retransmits the data over a wide geographical area. Each receiving location is equipped with a small satellite dish to receive data from the satellite. Advantageously, the satellite dish is connected to a work station in the switching office which then processes the received data and delivers all information in a form that is ready for use by the modules' switching office. Errors during data transmission are noted for further processing. After the data is broadcast from the beginning to the end, the SCANS system pauses for a brief interval during which time each receiving station performs error detection, error correction, and other recovery procedures on the data it just received.Type: GrantFiled: December 13, 1995Date of Patent: March 3, 1998Assignee: Lucent Technologies Inc.Inventors: Paul Joseph Guarneri, Thomas Joseph Killian, Venkata Chalapathi Majeti, Norman Loren Schryer