Patents by Inventor Lyle Strub
Lyle Strub has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9794272Abstract: A method and apparatus for monitoring data traffic in a communication network are provided. A router connected to the communication network monitors information contained in the data traffic, and based on the information determines whether data in the traffic is indicative of a malicious threat to one or more resources connected to the network. Parameters which control monitoring of traffic at the router, such as the sampling rate and what information is to be extracted from the data is varied according to the condition of the network so that the monitoring can be adapted to focus on traffic which relates to a particular suspected or detected threat.Type: GrantFiled: January 3, 2006Date of Patent: October 17, 2017Assignee: Alcatel LucentInventors: Lyle Strub, Adrian Grah, Bashar Said Bou-Diab
-
Patent number: 8817675Abstract: Service-centric communication network monitoring apparatus and methods are provided. Service traffic, associated with a third-party service provided by an external service provider that is controlled independently of a communication network, is identified in communication traffic that is being transferred through that communication network. The identified service traffic is monitored, for example, to compile service usage statistics, to police usage of the service, to generate billing records for usage of the service, and/or to mirror the identified service traffic. A registry in which the service is registered may interact with a monitoring system of the communication network so as to establish monitoring for the service traffic.Type: GrantFiled: August 13, 2012Date of Patent: August 26, 2014Assignee: Alcatel LucentInventors: Lyle Strub, Brian McBride, Laura Mihaela Serghi
-
Patent number: 8346265Abstract: Secure communication network user mobility apparatus and methods are disclosed. A mobile user that is locally connected to a first communication network in which a service is provided, but is associated with an independently controlled second secure communication network, may be authenticated for access to the service by the second communication network. This allows seamless user mobility between networks in a partner extranet or other collection of trusted networks based on existing inter-network user mobility relationships. Access control, monitoring, and reporting, for example, and possibly other functions, may also be provided.Type: GrantFiled: August 17, 2006Date of Patent: January 1, 2013Assignee: Alcatel LucentInventors: Lyle Strub, Clifford Grossner, Laura Mihaela Serghi
-
Publication number: 20120311146Abstract: Service-centric communication network monitoring apparatus and methods are provided. Service traffic, associated with a third-party service provided by an external service provider that is controlled independently of a communication network, is identified in communication traffic that is being transferred through that communication network. The identified service traffic is monitored, for example, to compile service usage statistics, to police usage of the service, to generate billing records for usage of the service, and/or to mirror the identified service traffic. A registry in which the service is registered may interact with a monitoring system of the communication network so as to establish monitoring for the service traffic.Type: ApplicationFiled: August 13, 2012Publication date: December 6, 2012Inventors: LYLE STRUB, BRIAN MCBRIDE, LAURA MIHAELA SERGHI
-
Patent number: 8300529Abstract: Service-centric communication network monitoring apparatus and methods are provided. Service traffic, associated with a third-party service provided by an external service provider that is controlled independently of a communication network, is identified in communication traffic that is being transferred through that communication network. The identified service traffic is monitored, for example, to compile service usage statistics, to police usage of the service, to generate billing records for usage of the service, and/or to mirror the identified service traffic. A registry in which the service is registered may interact with a monitoring system of the communication network so as to establish monitoring for the service traffic.Type: GrantFiled: June 14, 2006Date of Patent: October 30, 2012Assignee: Alcatel LucentInventors: Lyle Strub, Brian McBride, Laura Mihaela Serghi
-
Patent number: 8239520Abstract: Network service operational status monitoring methods and apparatus are disclosed. Responsive to a service status request associated with a network service, an operational status of the network service is determined by an intermediary between a service status requester and the network service. The operational status is a service-specific operational status of the network service in some embodiments. Operational status may be determined through a multi-level procedure in which subsequent levels after a first level of the multi-level procedure are or are not performed depending on a result of a preceding level of the procedure. A multi-level procedure may involve a service connectivity check and a service operational check, for instance.Type: GrantFiled: April 5, 2007Date of Patent: August 7, 2012Assignee: Alcatel LucentInventors: Adrian Grah, George Papandreou, Lyle Strub
-
Patent number: 7912975Abstract: Methods and systems are presented for controlling application layer message traffic at a central web services resource in which a web services gateway associated with the central resource sends a backoff message to a gateway associated with a remote web service client, which in turn slows the application layer message traffic to the central resource.Type: GrantFiled: March 3, 2008Date of Patent: March 22, 2011Assignee: Alcatel LucentInventors: Clifford Grossner, Laura Serghi, Lyle Strub
-
Patent number: 7769877Abstract: The WS-Mobile Gateway is the interworking gateway between users of a mobile network and a WS extranet. The mobile gateway comprises a mobile end-user interface on the side of the mobile network, for user authentication and for separating the web services (WS) traffic from the non-WS traffic. A logic unit performs protocol conversion, address resolution, policy enforcement/definition and publishing operations on the WS traffic. An extranet interface processor routes the WS packets carrying control messages between the gateway and a WS controller which maintains the services registry, while the WS packets carrying data are routed between the mobile gateway and the WS provider.Type: GrantFiled: April 27, 2006Date of Patent: August 3, 2010Assignee: Alcatel LucentInventors: Brian McBride, Laura Mihaela Serghi, Lyle Strub
-
Publication number: 20090222573Abstract: Methods and systems are presented for controlling application layer message traffic at a central web services resource in which a web services gateway associated with the central resource sends a backoff message to a gateway associated with a remote web service client, which in turn slows the application layer message traffic to the central resource.Type: ApplicationFiled: March 3, 2008Publication date: September 3, 2009Applicant: Alcatel-LucentInventors: Clifford Grossner, Laura Serghi, Lyle Strub
-
Publication number: 20090138511Abstract: A system for service access exception tracking and related method including an exception detection engine that receives a web services request message, the web services request message associated with at least one web service and a controller that sends a script to the exception detection engine, the script comprising a set of rules for the at least one web service. In various exemplary embodiments, the exception detection engine detects at least one exception in the web services request message by applying the set of rules and drops the web services request message.Type: ApplicationFiled: November 28, 2007Publication date: May 28, 2009Applicant: ALCATEL LUCENTInventors: Lyle Strub, Laura Serghi, Piragash Velummylum
-
Patent number: 7535845Abstract: A selective, flow-based datapath architecture is described. A Flow Control Block Manager (FCBM) is located in a flow-based datapath for selectively and intelligently processing packets in the Flow Path. If, according to the FCBM, efficiency gains can be achieved by creating a flow control block and employing flow-based processing on a packet stream, the packets are processed accordingly. If, however, insufficient gains are anticipated the packets are processed in a flow-unaware manner. The FCBM determines the manner in which to process packets based on a set of criteria.Type: GrantFiled: October 28, 2004Date of Patent: May 19, 2009Assignee: Alcatel LucentInventors: Bashar Said Bou-Diab, Lyle Strub, Milan Zoranovic, Gerard Damm, Jerome Cornet
-
Publication number: 20090089365Abstract: A method of web services replica management and associated web service gateways, the method including one or more of the following: sending a web service request from a client application through a local web service gateway; discovering a plurality of remote web service gateways offering replicas of the requested web service; determining a communication delay between the discovered plurality of remote web service gateways and the local web service gateway; creating a cluster manager in a local web service gateway; creating a cluster for a replica web services composite client application; adding a plurality of replica web services to the cluster; adding at least one policy to the cluster; calculating a community of web service replicas based on the at least one policy, such as a replica selection policy that may include an information policy and a load estimation method; and determining an optimum web service replica among the discovered plurality of remote web service gateways.Type: ApplicationFiled: September 27, 2007Publication date: April 2, 2009Applicant: Alcatel LucentInventors: Laura Serghi, Lyle Strub
-
Publication number: 20080247320Abstract: Network service operational status monitoring methods and apparatus are disclosed. Responsive to a service status request associated with a network service, an operational status of the network service is determined by an intermediary between a service status requester and the network service. The operational status is a service-specific operational status of the network service in some embodiments. Operational status may be determined through a multi-level procedure in which subsequent levels after a first level of the multi-level procedure are or are not performed depending on a result of a preceding level of the procedure. A multi-level procedure may involve a service connectivity check and a service operational check, for instance.Type: ApplicationFiled: April 5, 2007Publication date: October 9, 2008Inventors: ADRIAN GRAH, George Papandreou, Lyle Strub
-
Publication number: 20080091807Abstract: Network service usage management systems and methods are disclosed. Associations between network services and network service user groups are used to enable usage of network services by members of the network service user groups. The network service user groups are independently and separately manageable, to form respective virtual extranets for instance. Actual usage of the network services may be controlled in accordance with the associations, and possibly also in accordance with respective group policies for the network service user groups. Network service user groups may be self-managed within an administrative domain in which service provider systems supporting the network services are located, or externally managed. Group and service information for externally managed groups may be exchanged between equipment that is within and outside an administrative domain.Type: ApplicationFiled: October 13, 2006Publication date: April 17, 2008Inventors: Lyle Strub, Laura Mihaela Serghi, Ming Yu Yao
-
Publication number: 20080033845Abstract: Publication subscription service apparatus and methods are disclosed. Restricted forwarding of an electronic publication that is made available to a publication subscription service by a publishing entity may be provided by determining, based on a forwarding restriction established for the electronic publication by the publishing entity, whether the electronic publication is to be forwarded to subscriber systems that are associated with respective subscriptions to the publication subscription service. In a distributed publication subscription service, electronic publication forwarding decisions are independently made at gateway devices or access points that provide access to the service for subscriber systems.Type: ApplicationFiled: July 21, 2006Publication date: February 7, 2008Inventors: Brian McBride, Laura Mihaela Serghi, Lyle Strub
-
Publication number: 20070294395Abstract: Service-centric communication network monitoring apparatus and methods are provided. Service traffic, associated with a third-party service provided by an external service provider that is controlled independently of a communication network, is identified in communication traffic that is being transferred through that communication network. The identified service traffic is monitored, for example, to compile service usage statistics, to police usage of the service, to generate billing records for usage of the service, and/or to mirror the identified service traffic. A registry in which the service is registered may interact with a monitoring system of the communication network so as to establish monitoring for the service traffic.Type: ApplicationFiled: June 14, 2006Publication date: December 20, 2007Inventors: Lyle Strub, Brian McBride, Laura Mihaela Serghi
-
Publication number: 20070294209Abstract: Communication network application activity monitoring and control apparatus, methods, and data structures are disclosed. A communication network user that initiates access to an application provided in a communication network is identified. Records are dynamically created and maintained to reflect accesses by the user to the application and other applications that are provided in the communication network. The records track application activity by the user. Policies may be established and enforced to control application activity that the user may conduct in the communication network. Conformance with application access restrictions and regulations may be verified or demonstrated by reporting the records, and ensured through policy enforcement.Type: ApplicationFiled: July 28, 2006Publication date: December 20, 2007Inventors: Lyle Strub, Clifford Grossner, Adrian Grah
-
Publication number: 20070293210Abstract: Secure communication network user mobility apparatus and methods are disclosed. A mobile user that is locally connected to a first communication network in which a service is provided, but is associated with an independently controlled second secure communication network, may be authenticated for access to the service by the second communication network. This allows seamless user mobility between networks in a partner extranet or other collection of trusted networks based on existing inter-network user mobility relationships. Access control, monitoring, and reporting, for example, and possibly other functions, may also be provided.Type: ApplicationFiled: August 17, 2006Publication date: December 20, 2007Inventors: Lyle Strub, Clifford Grossner, Laura Mihaela Serghi
-
Publication number: 20070294253Abstract: Secure domain information protection apparatus and methods are disclosed. Service access information associated with access, by an external user that is outside a secure domain, to a service that is provided in the secure domain is processed to determine whether it includes sensitive information. If so, a protection action is performed on the service access information, on an entire service message or to one or more portions thereof, for example, to protect the sensitive information. A specification language and execution environment are also proposed to provide for high speed processing. Sensitive information detection criteria, protection actions, and possibly targets on which the protection actions are to be performed, may be identified in a data structure stored on a machine-readable medium.Type: ApplicationFiled: August 25, 2006Publication date: December 20, 2007Inventors: Lyle Strub, Brad James Whitehead, George Papandreou
-
Publication number: 20070255852Abstract: The WS-Mobile Gateway is the interworking gateway between users of a mobile network and a WS extranet. The mobile gateway comprises a mobile end-user interface on the side of the mobile network, for user authentication and for separating the web services (WS) traffic from the non-WS traffic. A logic unit performs protocol conversion, address resolution, policy enforcement/definition and publishing operations on the WS traffic. An extranet interface processor routes the WS packets carrying control messages between the gateway and a WS controller which maintains the services registry, while the WS packets carrying data are routed between the mobile gateway and the WS provider.Type: ApplicationFiled: April 27, 2006Publication date: November 1, 2007Inventors: Brian McBride, Laura Serghi, Lyle Strub