Patents by Inventor Bashar Bou-Diab
Bashar Bou-Diab has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20090089408Abstract: A system and method are provided for creating an XML network. As each XML router is added to the XML network, the new XML router registers with a group of existing XML routers in the network, and thereafter regularly exchanges hello messages with other XML routers in order to announce its initial and continued presence. Once an XML router is added to the group of routers forming the network, the adjacency of the new XML router is determined. The new XML router selects its adjacency based on a prioritized set of metrics, including TCP hops, IP cost, and fanout, along with specific parameters relating to fanout and IP cost. The order of priority of the metrics and the specific parameters can be set by an operator, allowing flexibility in creating an optimum XML network topology.Type: ApplicationFiled: September 28, 2007Publication date: April 2, 2009Applicant: ALCATEL LUCENTInventors: Bashar Bou-Diab, Khurram Masood, Ashraf Matrawy
-
Publication number: 20070204339Abstract: Publish-subscribe XML multicast service within a VPN service is described. A backbone such as an IP/MPLS backbone connects multiple subscriber sites using VPN technology and VPN edge routers. XML publish-subscribe modules are addressable within the VPN and form an overlay network between the edge routers participating in the VPN. The XML publish-subscribe modules may perform either topic-based multicast or content-based multicast services. The multicast service is self-managed.Type: ApplicationFiled: December 2, 2005Publication date: August 30, 2007Applicant: AlcatelInventor: Bashar Bou-Diab
-
Publication number: 20070153689Abstract: A method and apparatus for monitoring data traffic in a communication network are provided. A router connected to the communication network monitors information contained in the data traffic, and based on the information determines whether data in the traffic is indicative of a malicious threat to one or more resources connected to the network. Parameters which control monitoring of traffic at the router, such as the sampling rate and what information is to be extracted from the data is varied according to the condition of the network so that the monitoring can be adapted to focus on traffic which relates to a particular suspected or detected threat.Type: ApplicationFiled: January 3, 2006Publication date: July 5, 2007Applicant: ALCATELInventors: Lyle Strub, Adrian Grah, Bashar Bou-Diab
-
Publication number: 20070081459Abstract: A Session Admission Control (SAC) for negotiating admission control in a multi-services communications network including multicast services is described. The module distributes the admission process between a centralized decision function (SAC-PDP) and a distributed decision function (SAC-M) in a fashion that solves admission control scaling problems. The mechanism for interaction between the SAC-PDP and SAC-M is defined. Mechanisms are defined for the SAC-PDP to discover or learn the network capacity against which the admission control decisions will be made. Systems are also described for incorporating SAC-M in multicast replication points in the network, allowing multicast replication points to participate in the admission control process.Type: ApplicationFiled: October 11, 2005Publication date: April 12, 2007Applicant: ALCATELInventors: Jonathan Segel, Bashar Bou-Diab
-
Publication number: 20070047545Abstract: Instead of implementing per flow measurement at every interface of every IGMP Router or Snooping Proxy in the aggregation network, as in the prior art “per flow measurement” approaches, the present invention relates to a scheme where the IGMP Router or Snooping Proxy tracks the multicast subscription of each host (for IGMPv3) or subnet (for IGMPv1 and IGMPv2) and stores the information such as host id, the time the host joined a channel, the duration of the channel delivery, etc. in a database. This database (MIB) can then be pulled by a network management tool using SNMP or WSDM MUWS. According to the invention a mechanism for multicast host authorization is also provided.Type: ApplicationFiled: August 29, 2005Publication date: March 1, 2007Applicant: ALCATELInventors: Bashar Bou-Diab, Bijan Raahemi, Jonathan Segel
-
Publication number: 20070047556Abstract: A system for providing resilient multimedia broadcasting services over a VPLS network is described. A network Management System (NMS) calculates disjoint minimum cost trees using the Steiner algorithm executed with extra steps to result in the disjoint trees. Destination PE routers in the VPLS network are connected to the disjoint trees so that they can be serviced by either tree in the case of a fault. Each of the disjoint trees is provisioned with enough bandwidth to carry all of the services provided by the VPLS network. Under normal operation, however, the services are distributed evenly over the trees. In the event of a fault, the services on the faulty tree are switched to the other tree using split horizon bridging. Each Steiner tree can also be realized using poin-to-multipoint LSPs which is fully protected by a precomputed point-to-mulltipoint LSP.Type: ApplicationFiled: August 29, 2005Publication date: March 1, 2007Applicant: ALCATELInventors: Bijan Raahemi, Bashar Bou-Diab, Fernando Cuervo
-
Publication number: 20060235973Abstract: Network services infrastructure systems and methods are disclosed. Policies for client access to a services network and network services available in the services network are enforced at client gateways. Once authenticated and authorized at a client gateway, a client of the services network may make its own network service(s) available in the services network, use network services provided by other clients of the services network, or both. The policies are centrally managed within a services network and distributed to the client gateways. Various registries which store policies, information associated with network services, and possibly other information may also be provided.Type: ApplicationFiled: April 14, 2005Publication date: October 19, 2006Inventors: Brian McBride, Bashar Bou-Diab, Laura Serghi
-
Publication number: 20060233166Abstract: Public and private network service management systems and methods are disclosed. Rules for accessing a private services network in which network services are available are enforced so as to restrict access to the services network through a public network in accordance with policies of the services network. Use of network services by a client of the private services network through the public network is controlled according to network service access policies associated with the network services. Network services provided by clients of the services network which access the services network through a public network may also be offered to other clients of the services network through the services network and the public network.Type: ApplicationFiled: April 14, 2005Publication date: October 19, 2006Inventors: Bashar Bou-Diab, Laura Serghi, Brian McBride
-
Publication number: 20060233180Abstract: Systems and methods for managing network services between private networks are disclosed. Advertisement of network services which are available in a services network is controlled in accordance with a policy associated with each network service. Network service information is advertised to an external services network only for those network services which have associated policies permitting distribution of the network services through external networks. External network services may also or instead be advertised to a services network from one or more external services networks and subsequently made available in the services network.Type: ApplicationFiled: April 14, 2005Publication date: October 19, 2006Applicant: AlcatelInventors: Laura Serghi, Brian McBride, Bashar Bou-Diab
-
Publication number: 20060187950Abstract: Methods, tools, and a multicast connectivity architecture are provided for provisioning bundled high bandwidth multi-channel multimedia broadcast services over a packet switched communications network. Multicast group membership join/prune requests generated by the destination network nodes are processed on edge. Multicast tree connectivity in the core of the communications network is static and centrally provisioned based on multicast group member edge network nodes associated with subscribers, while dynamic multicasting techniques are employed over the distribution portion of the service provider's communications network to deliver requested content to each destination network node. The methods and tools compute multicast trees, configure on-tree branching network nodes, and establish Virtual Private LAN network overlays for channel bundles to convey multi-channel content in the core of the managed communications network between edge network nodes.Type: ApplicationFiled: February 18, 2005Publication date: August 24, 2006Applicant: ALCATELInventors: Bashar Bou-Diab, Bijan Raahemi
-
Publication number: 20060165049Abstract: A selective, flow-based datapath architecture is described. A Flow Control Block Manager (FCBM) is located in a flow-based datapath for selectively and intelligently processing packets in the Flow Path. If, according to the FCBM, efficiency gains can be achieved by creating a flow control block and employing flow-based processing on a packet stream, the packets are processed accordingly. If, however, insufficient gains are anticipated the packets are processed in a flow-unaware manner. The FCBM determines the manner in which to process packets based on a set of criteria.Type: ApplicationFiled: October 28, 2004Publication date: July 27, 2006Applicant: ALCATELInventors: Bashar Bou-Diab, Lyle Strub, Milan Zoranovic, Gerard Damm, Jerome Cornet
-
Publication number: 20050175010Abstract: Methods directed to longest prefix matching and systems directed to IP address lookups are presented. The methods and systems relate in particular to IPv6 and comprise finding the longest prefix match (LPM) for an IP address. The method of the invention results in the use of filters to perform LPM. In embodiments of the invention, partial address filtering is used to further reduce filtering requirements. Reducing the number of filtering operations has the advantage of making the LPM algorithm faster and less costly to implement than prior art approaches. Also described is an “ideal offset filter” that extracts a fixed sized sliding window of bits from the IP address being processed.Type: ApplicationFiled: February 9, 2004Publication date: August 11, 2005Applicant: AlcatelInventors: David Wilson, Bashar Bou-Diab
-
Publication number: 20050050060Abstract: A disjoint graph structure for packet classification in communication systems is presented. The disjoint graph is comprised of two types of data structures; an elementary interval tree (EIT) and a disjoint interval tree (DIT). The disjoint graph is constructed based on a range-specified rule set finding particular application in the classification of data packets. Each rule in the rule set has an equal number of fields and each field specifies a range referred to as an integer interval having a lower and an upper bound. The disjoint graph has the same number of layers as there are fields in each rule. The layers are comprised of nodes, and each node has an associated rule set selected from the range-specified rule set. The disjoint graph enables packet classification in only one pass through the tree. The EIT and DIT structures are also presented in detail.Type: ApplicationFiled: August 27, 2003Publication date: March 3, 2005Inventors: Gerard Damm, Bashar Bou-Diab, Yuke Wang, Yun Zhang, Yiyan Tang, Anand Krishnamurthy, Lie Qian