Patents by Inventor Charles Helfinstine
Charles Helfinstine has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240106811Abstract: A privacy gateway may communicate with user devices located at a plurality of premises. The privacy gateway may receive a data packet, from one of the user devices, indicating destinations, such as other computing devices, located external to the premises. The privacy gateway may decrypt at least a portion of the data packet to determine that at least a portion of data in the packet is associated with the user device. The privacy gateway may remove the data associated with the user device from the data packet and replace the removed data with data associated with the privacy gateway. The privacy gateway may send the data packet with the replaced data to a destination device. The privacy gateway may receive a response to the data packet from the destination device. The privacy gateway may encrypt a portion of the response and send the response to the user device.Type: ApplicationFiled: June 23, 2023Publication date: March 28, 2024Inventor: Charles A. Helfinstine
-
Patent number: 11729154Abstract: A privacy gateway may communicate with user devices located at a plurality of premises. The privacy gateway may receive a data packet, from one of the user devices, indicating destinations, such as other computing devices, located external to the premises. The privacy gateway may decrypt at least a portion of the data packet to determine that at least a portion of data in the packet is associated with the user device. The privacy gateway may remove the data associated with the user device from the data packet and replace the removed data with data associated with the privacy gateway. The privacy gateway may send the data packet with the replaced data to a destination device. The privacy gateway may receive a response to the data packet from the destination device. The privacy gateway may encrypt a portion of the response and send the response to the user device.Type: GrantFiled: February 25, 2021Date of Patent: August 15, 2023Assignee: Comcast Cable Communications, LLCInventor: Charles A. Helfinstine
-
Publication number: 20230224271Abstract: Described herein are methods and systems for improved domain name resolution/routing. Routing data associated with domain names (e.g., websites) may be cached by a Domain Name System (DNS) based on historical domain name queries. The historical domain name queries may be analyzed to determine a ranking (e.g., popularity) for the domain names at multiple time intervals throughout a day, week, etc. Routing data for the highest ranked domain names during one or more time intervals may be cached for a period(s) of time corresponding to the one or more time intervals (e.g., times during which those domain names are most popular).Type: ApplicationFiled: January 11, 2022Publication date: July 13, 2023Inventors: Yiu Leung Lee, Charles A. Helfinstine, Thomas Modayil Jacob
-
Publication number: 20220385474Abstract: An encrypted message comprising a DNS request may be received from a client device. The DNS request may be decrypted to determine an IP address and a port associated with the client device. A security token may be determined based on the IP address and the port. A message comprising an indication of the DNS request and the security token may be sent to a DNS server. A reply comprising a payload and the security token may be received from the DNS server. Based on the security token, an indication of the payload of the reply may be sent to the client device.Type: ApplicationFiled: May 28, 2021Publication date: December 1, 2022Inventors: Charles A. Helfinstine, Yiu Leung Lee, Joseph Crowe, Thomas Modayil Jacob
-
Publication number: 20220353233Abstract: An identifier, for example, an identifier of a domain and/or a host of the domain (e.g., a fully qualified domain name (FQDN), etc.), such as a service management device (e.g., a server, a web server, a computing device, a web host device, a webpage, etc.), may be modified (e.g., hashed, encrypted, etc.) by a network device (e.g., a server, a domain name system (DNS) server, a DNS over hypertext transfer protocol secure (HTTPS) server/gateway (DoH server), DNS over Transport Layer Security (TLS) server/gateway (DoT server), a network management device, a computing device, etc.), sent to a user device (e.g., a client device, a smart device, a mobile device, a content output device, a computing device, a web browser, a search engine, etc.), and reused by the user device to request a service (e.g., a web service, a webpage, a file, content, a content item, etc.).Type: ApplicationFiled: April 29, 2021Publication date: November 3, 2022Inventors: Charles Helfinstine, Yiu Lee, Thomas Modayil Jacob
-
Publication number: 20220272078Abstract: A privacy gateway may communicate with user devices located at a plurality of premises. The privacy gateway may receive a data packet, from one of the user devices, indicating destinations, such as other computing devices, located external to the premises. The privacy gateway may decrypt at least a portion of the data packet to determine that at least a portion of data in the packet is associated with the user device. The privacy gateway may remove the data associated with the user device from the data packet and replace the removed data with data associated with the privacy gateway. The privacy gateway may send the data packet with the replaced data to a destination device. The privacy gateway may receive a response to the data packet from the destination device. The privacy gateway may encrypt a portion of the response and send the response to the user device.Type: ApplicationFiled: February 25, 2021Publication date: August 25, 2022Inventor: Charles A. Helfinstine
-
Publication number: 20220182419Abstract: A destination host on a first network may attempt to initiate a communication session with a source host on a second network. The attempt may be intercepted by a first policy enforcement point, which may forward a message to the source host associated with the communication session. The source host may send an acknowledgment to the destination host via the first policy enforcement point. A policy decision point may determine that the communication session is permissible. The policy decision point may send a response to the first policy enforcement point and a second policy enforcement point. The response may indicate an approval of the communication session. The source host may respond to the destination host through either a first connection path and the first policy enforcement point or a second connection and the second policy enforcement point.Type: ApplicationFiled: February 24, 2022Publication date: June 9, 2022Inventors: Charles A. Helfinstine, Yiu Lee, Bin Wen
-
Patent number: 11297108Abstract: A destination host on a first network may attempt to initiate a communication session with a source host on a second network. The attempt may be intercepted by a first policy enforcement point, which may forward a message to the source host associated with the communication session. The source host may send an acknowledgment to the destination host via the first policy enforcement point. A policy decision point may determine that the communication session is permissible. The policy decision point may send a response to the first policy enforcement point and a second policy enforcement point. The response may indicate an approval of the communication session. The source host may respond to the destination host through either a first connection path and the first policy enforcement point or a second connection and the second policy enforcement point.Type: GrantFiled: December 28, 2018Date of Patent: April 5, 2022Assignee: COMCAST CABLE COMMUNICATIONS, LLCInventors: Charles A. Helfinstine, Yiu Lee, Bin Wen
-
Publication number: 20200213358Abstract: A destination host on a first network may attempt to initiate a communication session with a source host on a second network. The attempt may be intercepted by a first policy enforcement point, which may forward a message to the source host associated with the communication session. The source host may send an acknowledgment to the destination host via the first policy enforcement point. A policy decision point may determine that the communication session is permissible. The policy decision point may send a response to the first policy enforcement point and a second policy enforcement point. The response may indicate an approval of the communication session. The source host may respond to the destination host through either a first connection path and the first policy enforcement point or a second connection and the second policy enforcement point.Type: ApplicationFiled: December 28, 2018Publication date: July 2, 2020Inventors: Charles A. Helfinstine, Yiu Lee, Bin Wen
-
Patent number: 9479415Abstract: Provided are methods, non-transitory computer-readable medium, and network devices for duplicating network traffic through transparent VLAN flooding. In some implementations, a network device comprises a plurality of ports. The plurality of ports may include a first port configured as a receiving port for a VLAN configured for the network device. The plurality of ports may further include a set of ports configured as I/O ports of the VLAN. MAC learning may be disabled for the receiving port. In some implementations, the network device is configured to determine, based on contents of a packet received at the receiving port, that the packet is to be sent to one or more monitoring devices. The network device may further be configure to, upon receiving the packet at the receiving port of the VLAN, cause a copy of the packet to be sent to each of one or more I/O ports of the VLAN.Type: GrantFiled: February 12, 2016Date of Patent: October 25, 2016Assignee: Foundry Networks, LLCInventors: Hari Natarajan, Eskinder Sahle, Charles Helfinstine, Chris Oskuie
-
Publication number: 20160164768Abstract: Provided are methods, non-transitory computer-readable medium, and network devices for duplicating network traffic through transparent VLAN flooding. In some implementations, a network device comprises a plurality of ports. The plurality of ports may include a first port configured as a receiving port for a VLAN configured for the network device. The plurality of ports may further include a set of ports configured as I/O ports of the VLAN. MAC learning may be disabled for the receiving port. In some implementations, the network device is configured to determine, based on contents of a packet received at the receiving port, that the packet is to be sent to one or more monitoring devices. The network device may further be configure to, upon receiving the packet at the receiving port of the VLAN, cause a copy of the packet to be sent to each of one or more I/O ports of the VLAN.Type: ApplicationFiled: February 12, 2016Publication date: June 9, 2016Inventors: Hari NATARAJAN, Eskinder SAHLE, Charles HELFINSTINE, Chris OSKUIE
-
Patent number: 9294367Abstract: An approach to duplicating network traffic is described. In one approach, a method of creating multiple copies of network traffic is detailed. The method involves receiving network traffic, producing a duplicate copy of the network traffic, and forwarding the duplicate copy to a monitoring port. The monitoring port forwards copies to a number of indicated ports.Type: GrantFiled: September 18, 2013Date of Patent: March 22, 2016Assignee: Foundry Networks, LLCInventors: Hari Natarajan, Eskinder Sahle, Charles Helfinstine, Chris Oskuie
-
Publication number: 20140022916Abstract: An approach to duplicating network traffic is described. In one approach, a method of creating multiple copies of network traffic is detailed. The method involves receiving network traffic, producing a duplicate copy of the network traffic, and forwarding the duplicate copy to a monitoring port. The monitoring port forwards copies to a number of indicated ports.Type: ApplicationFiled: September 18, 2013Publication date: January 23, 2014Applicant: Foundry Networks, LLCInventors: Hari NATARAJAN, Eskinder SAHLE, Charles HELFINSTINE, Chris OSKUIE
-
Patent number: 8615008Abstract: An approach to duplicating network traffic is described. In one approach, a method of creating multiple copies of network traffic is detailed. The method involves receiving network traffic, producing a duplicate copy of the network traffic, and forwarding the duplicate copy to a monitoring port. The monitoring port forwards copies to a number of indicated ports.Type: GrantFiled: July 11, 2007Date of Patent: December 24, 2013Assignee: Foundry Networks LLCInventors: Hari Natarajan, Eskinder Sahle, Charles Helfinstine, Chris Oskuie
-
Publication number: 20130259037Abstract: An approach to duplicating network traffic is described. In one approach, a method of creating multiple copies of network traffic is detailed. The method involves receiving network traffic, producing a duplicate copy of the network traffic, and forwarding the duplicate copy to a monitoring port. The monitoring port forwards copies to a number of indicated ports.Type: ApplicationFiled: July 11, 2007Publication date: October 3, 2013Inventors: Hari Natarajan, Eskinder Sahle, Charles Helfinstine, Chris Oskuie
-
Publication number: 20080072081Abstract: A system and method for dynamically managing groups of power supplies for a computer system has a plurality of first circuits, each of the first circuits responsive to an electrical condition of each of the plurality of power sources. A second circuit is coupled to the plurality of first circuits, and is responsive to the plurality of first circuits. The second circuit identifies a state associated with any one of the plurality of power supplies. A third circuit is coupled and responsive to the second circuit. The third circuit communicates the states of the plurality of power supplies to a user.Type: ApplicationFiled: November 6, 2007Publication date: March 20, 2008Inventors: Charle Helfinstine, Chang-Pen Tai
-
Patent number: 7313714Abstract: A system and method for dynamically managing a plurality of power supplies for a computer system has a plurality of first circuits, each of the first circuits responsive to an electrical condition of each of the plurality of power sources. A second circuit is coupled to the plurality of first circuits, and is responsive to the plurality of first circuits. The second circuit identifies a state associated with any one of the plurality of power sources. A third circuit is coupled and responsive to the second circuit. The third circuit communicates the states of the plurality of power source to a user.Type: GrantFiled: September 24, 2003Date of Patent: December 25, 2007Assignee: Foundry Networks, Inc.Inventors: Charles A. Helfinstine, Chang-Pen Tai