Patents by Inventor Frank Kastenholz
Frank Kastenholz has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11856027Abstract: A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.Type: GrantFiled: November 6, 2020Date of Patent: December 26, 2023Assignee: APPLIED INVENTION, LLCInventors: W. Daniel Hillis, David C. Douglas, Mathias Kolehmainen, Steven Willis, Frank Kastenholz, Michael Dubno
-
Publication number: 20230171228Abstract: Methods, devices, and system related to secure communication systems are disclosed. In one example aspect, a secure communication system enabling secure transport of information includes a secure network comprising one or more nodes communicatively coupled by an internal communication system and a set of policies. The secure network internally transports the information in the form of internal packets. Each of the internal packets is associated with a visa that references the policies. A node among said one or more nodes transmits an internal packet of said information only if allowed by said policies as referenced by said visa.Type: ApplicationFiled: January 27, 2023Publication date: June 1, 2023Inventors: W. Daniel Hillis, David C. Douglas, Mathias Kolehmainen, Steven Willis, Frank Kastenholz, Michael Dubno
-
Publication number: 20220368688Abstract: A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.Type: ApplicationFiled: July 22, 2022Publication date: November 17, 2022Inventors: W. Daniel HILLIS, David C. DOUGLAS, Mathias KOLEHMAINEN, Steven WILLIS, Frank KASTENHOLZ, Michael DUBNO
-
Publication number: 20220232000Abstract: A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.Type: ApplicationFiled: April 5, 2022Publication date: July 21, 2022Inventors: W. Daniel HILLIS, David C. DOUGLAS, Mathias KOLEHMAINEN, Steven WILLIS, Frank KASTENHOLZ, Michael DUBNO
-
Publication number: 20210058369Abstract: A secure communication system enabling secure transport of information is disclosed. The system comprises a secure network with one or more packet processing units connected by links through an internal communication system. The secure network transports packets of information between credentialed and authenticated agents. Each packet is associated with a visa issued by a visa service. The visa specifies the procedures governing the processing of the packet by the packet processing units as it is transported along a compliant flow, between agents thorough the network, according to a set of policies specified in a network configuration. Packet processing units include docks and forwarders. Adaptors serving the agents communicate with the network through tie-ins to docks. The system also includes and admin service, accessible to one more admins, that facilitates configuration and management of the network.Type: ApplicationFiled: November 6, 2020Publication date: February 25, 2021Inventors: W. Daniel HILLIS, David C. DOUGLAS, Mathias KOLEHMAINEN, Steven WILLIS, Frank KASTENHOLZ, Michael DUBNO
-
Patent number: 9077777Abstract: A forwarding node decapsulates and encapsulates data. The decapsulation may be performed using pattern matching techniques and the encapsulation may be performed using pattern insertion techniques. The decapsulation and encapsulation are preferably performed by hardware devices such as application specific integrated circuits (ASICs) to enhance the speed of such operations. The decapsulation and encapsulation may be independent of each other and performed on a per virtual circuit basis.Type: GrantFiled: April 29, 2013Date of Patent: July 7, 2015Assignee: Juniper Networks, Inc.Inventors: Steven R Willis, Gregg F Bromley, Eric S Crawley, Frank Kastenholz
-
Publication number: 20130238810Abstract: A forwarding node decapsulates and encapsulates data. The decapsulation may be performed using pattern matching techniques and the encapsulation may be performed using pattern insertion techniques. The decapsulation and encapsulation are preferably performed by hardware devices such as application specific integrated circuits (ASICs) to enhance the speed of such operations. The decapsulation and encapsulation may be independent of each other and performed on a per virtual circuit basis.Type: ApplicationFiled: April 29, 2013Publication date: September 12, 2013Applicant: JUNIPER NETWORKS, INC.Inventors: Steven R. WILLIS, Gregg F. BROMLEY, Eric S. CRAWLEY, Frank KASTENHOLZ
-
Patent number: 8468590Abstract: A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.Type: GrantFiled: February 25, 2011Date of Patent: June 18, 2013Assignee: Juniper Networks, Inc.Inventors: Ross W Callon, Frank Kastenholz
-
Patent number: 8432921Abstract: A forwarding node decapsulates and encapsulates data. The decapsulation may be performed using pattern matching techniques and the encapsulation may be performed using pattern insertion techniques. The decapsulation and encapsulation are preferably performed by hardware devices such as application specific integrated circuits (ASICs) to enhance the speed of such operations. The decapsulation and encapsulation may be independent of each other and performed on a per virtual circuit basis.Type: GrantFiled: August 26, 2010Date of Patent: April 30, 2013Assignee: Juniper Networks, Inc.Inventors: Steven R. Willis, Gregg F. Bromley, Eric S. Crawley, Frank Kastenholz
-
Patent number: 8306028Abstract: An interconnect network for operation within communication node, wherein the interconnect network may have features including the ability to transfer a variety of communication protocols, scalable bandwidth and reduced down-time. According to one embodiment of the invention, the communication node includes a plurality of I/O channels for coupling information into and out of the node, and the interconnect network includes at least one local interconnect module having local transfer elements for transferring information between the plurality of I/O channels; and scaling elements for expanding the interconnect network to include additional local interconnect modules, such that information can be transferred between the local interconnect modules included in the interconnect network.Type: GrantFiled: September 18, 2009Date of Patent: November 6, 2012Assignee: Juniper Networks, Inc.Inventors: Frank Kastenholz, Tom Westberg, Steven R. Willis
-
Publication number: 20110197274Abstract: A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.Type: ApplicationFiled: February 25, 2011Publication date: August 11, 2011Applicant: JUNIPER NETWORKS, INC.Inventors: Ross W. CALLON, Frank Kastenholz
-
Patent number: 7921460Abstract: A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.Type: GrantFiled: May 15, 2008Date of Patent: April 5, 2011Assignee: Juniper Networks, Inc.Inventors: Ross W. Callon, Frank Kastenholz
-
Publication number: 20100322242Abstract: A forwarding node decapsulates and encapsulates data. The decapsulation may be performed using pattern matching techniques and the encapsulation may be performed using pattern insertion techniques. The decapsulation and encapsulation are preferably performed by hardware devices such as application specific integrated circuits (ASICs) to enhance the speed of such operations. The decapsulation and encapsulation may be independent of each other and performed on a per virtual circuit basis.Type: ApplicationFiled: August 26, 2010Publication date: December 23, 2010Applicant: JUNIPER NETWORKS, INC.Inventors: Steven R. WILLIS, Gregg F. BROMLEY, Eric S. CRAWLEY, Frank KASTENHOLZ
-
Patent number: 7809015Abstract: A network device bundles packet over synchronous optical network (POS) data stream and asynchronous transfer mode (ATM) data stream into a synchronous optical network (SONET) data stream. The POS data stream and the ATM data stream are virtual channels or tributaries of the SONET data stream. The SONET data stream may be transmitted over a single optical fiber.Type: GrantFiled: September 22, 2003Date of Patent: October 5, 2010Assignee: Juniper Networks, Inc.Inventors: Steven R. Willis, Gregg F. Bromley, Eric S. Crawley, Frank Kastenholz
-
Publication number: 20100067523Abstract: An interconnect network for operation within communication node, wherein the interconnect network may have features including the ability to transfer a variety of communication protocols, scalable bandwidth and reduced down-time. According to one embodiment of the invention, the communication node includes a plurality of I/O channels for coupling information into and out of the node, and the interconnect network includes at least one local interconnect module having local transfer elements for transferring information between the plurality of I/O channels; and scaling elements for expanding the interconnect network to include additional local interconnect modules, such that information can be transferred between the local interconnect modules included in the interconnect network.Type: ApplicationFiled: September 18, 2009Publication date: March 18, 2010Applicant: JUNIPER NETWORKS, INC.Inventors: Frank KASTENHOLZ, Tom WESTBERG, Steven R. WILLIS
-
Patent number: 7613173Abstract: An interconnect network for operation within communication node, wherein the interconnect network may have features including the ability to transfer a variety of communication protocols, scalable bandwidth and reduced down-time. According to one embodiment of the invention, the communication node includes a plurality of I/O channels for coupling information into and out of the node, and the interconnect network includes at least one local interconnect module having local transfer elements for transferring information between the plurality of I/O channels; and scaling elements for expanding the interconnect network to include additional local interconnect modules, such that information can be transferred between the local interconnect modules included in the interconnect network.Type: GrantFiled: September 14, 2005Date of Patent: November 3, 2009Assignee: Juniper Networks, Inc.Inventors: Frank Kastenholz, Tom Westberg, Steven R. Willis
-
Patent number: 7389537Abstract: A network device coordinates with other devices in a network to create a distributed filtering system. The device detects an attack in the network, such as a distributed denial of service attack, and forwards attack information to the other devices. The devices may categorize data into one or more groups and rate limit the amount of data being forwarded based on rate limits for the particular categories. The rate limits may also be updated based on the network conditions. The rate limits may further be used to guarantee bandwidth for certain categories of data.Type: GrantFiled: May 8, 2003Date of Patent: June 17, 2008Assignee: Juniper Networks, Inc.Inventors: Ross W. Callon, Frank Kastenholz
-
Publication number: 20060007946Abstract: An interconnect network for operation within communication node, wherein the interconnect network may have features including the ability to transfer a variety of communication protocols, scalable bandwidth and reduced down-time. According to one embodiment of the invention, the communication node includes a plurality of I/O channels for coupling information into and out of the node, and the interconnect network includes at least one local interconnect module having local transfer elements for transferring information between the plurality of I/O channels; and scaling elements for expanding the interconnect network to include additional local interconnect modules, such that information can be transferred between the local interconnect modules included in the interconnect network.Type: ApplicationFiled: September 14, 2005Publication date: January 12, 2006Inventors: Frank Kastenholz, Tom Westberg, Steven Willis
-
Patent number: 6980543Abstract: An interconnect network for operation within communication node, wherein the interconnect network may have features including the ability to transfer a variety of communication protocols, scalable bandwidth and reduced down-time. According to one embodiment of the invention, the communication node includes a plurality of I/O channels for coupling information into and out of the node, and the interconnect network includes at least one local interconnect module having local transfer elements for transferring information between the plurality of I/O channels; and scaling elements for expanding the interconnect network to include additional local interconnect modules, such that information can be transferred between the local interconnect modules included in the interconnect network.Type: GrantFiled: June 18, 1999Date of Patent: December 27, 2005Assignee: Juniper Networks, Inc.Inventors: Frank Kastenholz, Tom Westberg, Steven R. Willis
-
Patent number: 6975631Abstract: A switch/router contains intelligence for more quickly determining a next hop for an network layer packet. A network forwarding lookup table or array structure is configured so as to minimize the number of memory accesses required. This results in a decrease in time due to memory access and a decrease in computational overhead due to the memory accesses. In one embodiment, a first forwarding lookup is indexed by the first 16 bits of a destination address. A second forwarding lookup is indexed by the subsequent 8 bits of the destination address, and a final third forwarding lookup is indexed by the last 8 bits of the destination address. Each entry within a forwarding lookup contains either direction as to how properly forward the packet or reference to a next subsequent forwarding lookup.Type: GrantFiled: January 25, 1999Date of Patent: December 13, 2005Assignee: Juniper Networks, Inc.Inventor: Frank Kastenholz