Patents by Inventor Ravi Sundaram
Ravi Sundaram has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20090198817Abstract: A first virtual server is moved from a first network location to a second network location without interrupting service to users of the first virtual server. The state and data of the first virtual server are copied and transmitted to the second network location to create a copy of the first virtual server. The first virtual server copy is then updated to duplicate the first virtual server and all connections or packets directed to the first virtual server are intercepted and directed to the first virtual server copy at the second network location. A DNS entry for the symbolic name of the first virtual server is updated to reflect a shortened TTL value and then the address field of the DNS entry is set to the address of the first virtual server copy after the changeover and subsequent connections are directed to the first virtual server copy.Type: ApplicationFiled: July 28, 2008Publication date: August 6, 2009Applicant: NORTHEASTERN UNIVERSITYInventors: Ravi Sundaram, Nathan Faber
-
Publication number: 20080215730Abstract: An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.Type: ApplicationFiled: May 19, 2008Publication date: September 4, 2008Inventors: Ravi Sundaram, Hariharan S. Rahul
-
Patent number: 7376736Abstract: An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.Type: GrantFiled: November 13, 2006Date of Patent: May 20, 2008Assignee: Akamai Technologies, Inc.Inventors: Ravi Sundaram, Hariharan S. Rahul
-
Publication number: 20080071925Abstract: The invention is an intelligent traffic redirection system that does global load balancing. It can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site.Type: ApplicationFiled: September 18, 2006Publication date: March 20, 2008Inventors: F. Thomson Leighton, Daniel M. Lewin, Anne E. Lewin, Ravi Sundaram, Rizwan S. Dhanidina, Robert Kleinberg, Matthew Levine, Adrian M. Soviani, Bruce Maggs, Hariharan Shankar Rahul, Srikanth Thirumalai, Jay Gunvantrai Parikh, Yoav O. Yerushalmi
-
Publication number: 20080008089Abstract: A routing mechanism, service or system operable in a distributed networking environment. One preferred environment is a content delivery network (CDN) wherein the present invention provides improved connectivity back to an origin server, especially for HTTP traffic. In a CDN, edge servers are typically organized into regions, with each region comprising a set of content servers that preferably operate in a peer-to-peer manner and share data across a common backbone such as a local area network (LAN). The inventive routing technique enables an edge server operating within a given CDN region to retrieve content (cacheable, non-cacheable and the like) from an origin server more efficiently by selectively routing through the CDN's own nodes, thereby avoiding network congestion and hot spots.Type: ApplicationFiled: September 20, 2007Publication date: January 10, 2008Applicant: AKAMAI TECHNOLOGIES, INC.Inventors: Claudson Bornstein, Timothy Canfield, Gary Miller, Satish Rao, Ravi Sundaram
-
Publication number: 20070283419Abstract: The present invention addresses the known vulnerabilities of Web site infrastructure by making an origin server substantially inaccessible via Internet Protocol traffic. In particular, according to a preferred embodiment, the origin server is “shielded” from the publicly-routable IP address space. Preferably, only given machines (acting as clients) can access the origin server, and then only under restricted, secure circumstances. In a preferred embodiment, these clients are the servers located in a “parent” region of a content delivery network (CDN) tiered distribution hierarchy. The invention implements an origin server shield that protects a site against security breaches and the high cost of Web site downtime by ensuring that the only traffic sent to an enterprise's origin infrastructure preferably originates from CDN servers.Type: ApplicationFiled: August 20, 2007Publication date: December 6, 2007Applicant: AKAMAI TECHNOLOGIES, INC.Inventors: Michael Afergan, Andrew Ellis, Ravi Sundaram, Hariharan Rahul
-
Patent number: 7274658Abstract: A routing mechanism, service or system operable in a distributed networking environment. One preferred environment is a content delivery network (CDN) wherein the present invention provides improved connectivity back to an origin server, especially for HTTP traffic. In a CDN, edge servers are typically organized into regions, with each region comprising a set of content servers that preferably operate in a peer-to-peer manner and share data across a common backbone such as a local area network (LAN). The inventive routing technique enables an edge server operating within a given CDN region to retrieve content (cacheable, non-cacheable and the like) from an origin server more efficiently by selectively routing through the CDN's own nodes, thereby avoiding network congestion and hot spots.Type: GrantFiled: March 1, 2002Date of Patent: September 25, 2007Assignee: Akamai Technologies, Inc.Inventors: Claudson F. Bornstein, Timothy K. Canfield, Gary L. Miller, Satish B. Rao, Ravi Sundaram
-
Patent number: 7260639Abstract: The present invention addresses the known vulnerabilities of Web site infrastructure by making an origin server substantially inaccessible via Internet Protocol traffic. In particular, according to a preferred embodiment, the origin server is “shielded” from the publicly-routable IP address space. Preferably, only given machines (acting as clients) can access the origin server, and then only under restricted, secure circumstances. In a preferred embodiment, these clients are the servers located in a “parent” region of a content delivery network (CDN) tiered distribution hierarchy. The invention implements an origin server shield that protects a site against security breaches and the high cost of Web site downtime by ensuring that the only traffic sent to an enterprise's origin infrastructure preferably originates from CDN servers.Type: GrantFiled: July 9, 2002Date of Patent: August 21, 2007Assignee: Akamai Technologies, Inc.Inventors: Michael M. Afergan, Andrew B. Ellis, Ravi Sundaram, Hariharan S. Rahul
-
Patent number: 7251688Abstract: An intelligent traffic redirection system performs global load balancing for Web sites located at mirrored data centers. The system relies on a network map that is generated continuously, preferably for the user-base of the entire Internet. Instead of probing each local name server (or other host) that is connectable to the mirrored data centers, the network map identifies connectivity with respect to a much smaller set of proxy points, called “core” (or “common”) points. A core point is representative of a set of local name servers (or other hosts) that, from a data center's perspective, share the point. To discover a core point, an incremental trace route is executed from each of the set of mirrored data centers to a local name server that may be used by client to resolve a request for a replica stored at the data centers. An intersection of the trace routes at a common routing point is then identified.Type: GrantFiled: May 29, 2001Date of Patent: July 31, 2007Assignee: Akamai Technologies, Inc.Inventors: F. Thomson Leighton, Ravi Sundaram, Matthew Levine, Adrian Soviani
-
Patent number: 7245718Abstract: A method authenticates di identities in parallel using two prime numbers p and q such that q|p?1. Each identity includes a private key si and a public key vi, and a publicly known generator is ? such that ?q?1 (mod p). A verifier is provided with an ordered list of the public keys vi. A prover selects uniformly at random a non-negative number r less than q. A number x=?r (mod p) is sent from the prover to a verifier. The verifier selects uniformly at random a non-negative number e less than 2(t+logd), where log is base 2, and a number t is a predetermined security parameter. The prover receives from the verifier the number e. A number y=r+?i si*ei (mod q) is generated by the prover, and the number Y is sent to the verifier, who then determines if an equality x=?y*?i(vi)ei (mod p) is true. The prover is accepted as having the di identities if and only if the equality is true. In a preferred embodiment the communications between the prover and the verifier is via a low-bandwidth optical channel.Type: GrantFiled: August 26, 2003Date of Patent: July 17, 2007Assignee: Mitsubishi Electric Research Laboratories, Inc.Inventors: Ravi Sundaram, William S. Yerazunis
-
Publication number: 20070061440Abstract: An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.Type: ApplicationFiled: November 13, 2006Publication date: March 15, 2007Inventors: Ravi Sundaram, Hariharan Rahul
-
Patent number: 7136922Abstract: An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.Type: GrantFiled: October 15, 2002Date of Patent: November 14, 2006Assignee: Akamai Technologies, Inc.Inventors: Ravi Sundaram, Hariharan S. Rahul
-
Patent number: 7111061Abstract: The invention is an intelligent traffic redirection system that does global load balancing. It can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site.Type: GrantFiled: May 29, 2001Date of Patent: September 19, 2006Assignee: Akamai Technologies, Inc.Inventors: F. Thomson Leighton, Anne E. Lewin, legal representative, Ravi Sundaram, Rizwan S. Dhanidina, Robert Kleinberg, Matthew Levine, Adrian M. Soviani, Bruce Maggs, Hariharan Shankar Rahul, Srikanth Thirumalai, Jay Gunvantrai Parikh, Yoav O. Yerushalmi, Daniel M. Lewin, deceased
-
Patent number: 7096263Abstract: An intelligent traffic redirection system performs global load balancing for Web sites located at mirrored data centers. The system relies on a network map that is generated continuously for the user-base of the entire Internet. Instead of probing each local name server (or other host) that is connectable to the mirrored data centers, the network map identifies connectivity with respect to a much smaller set of proxy points, called “core” (or “common”) points. A core point then becomes representative of a set of local name servers (or other hosts) that, from a data center's perspective, share the point. Once core points are identified, a systematic methodology is used to estimate predicted actual download times to a given core point from each of the mirrored data centers. Preferably, ICMP (or so-called “ping” packets) are used to measure roundtrip time (RTT) and latency between a data center and a core point.Type: GrantFiled: May 30, 2001Date of Patent: August 22, 2006Assignee: Akamai Technologies, Inc.Inventors: F. Thomson Leighton, Ravi Sundaram, Adrian Soviani, Matthew Levine, Andrew Parker, Silvina Hanono-Wachman, Arthur W. Berger
-
Publication number: 20050058288Abstract: A method authenticates di identities in parallel using two prime numbers p and q such that q|p?1. Each identity includes a private key si and a public key vi, and a publicly known generator is ? such that ?q?1 (mod p). A verifier is provided with an ordered list of the public keys vi. A prover selects uniformly at random a non-negative number r less than q. A number x=?r (mod p) is sent from the prover to a verifier. The verifier selects uniformly at random a non-negative number e less than 2(t+logd), where log is base 2, and a number t is a predetermined security parameter. The prover receives from the verifier the number e. A number y=r+?i si*ei (mod q) is generated by the prover, and the number Y is sent to the verifier, who then determines if an equality x=?y*?i(vi)ei (mod p) is true. The prover is accepted as having the di identities if and only if the equality is true. In a preferred embodiment the communications between the prover and the verifier is via a low-bandwidth optical channel.Type: ApplicationFiled: August 26, 2003Publication date: March 17, 2005Inventors: Ravi Sundaram, William Yerazunis
-
Publication number: 20040083283Abstract: An infrastructure “insurance” mechanism enables a Web site to fail over to a content delivery network (CDN) upon a given occurrence at the site. Upon such occurrence, at least some portion of the site's content is served preferentially from the CDN so that end users that desire the content can still get it, even if the content is not then available from the origin site. In operation, content requests are serviced from the site in the usual manner, e.g., by resolving DNS queries to the site's IP address, until detection of the given occurrence. Thereafter, DNS queries are managed by a CDN dynamic DNS-based request routing mechanism so that such queries are resolved to optimal CDN edge servers. After the event that caused the occurrence has passed, control of the site's DNS may be returned from the CDN back to the origin server's DNS mechanism.Type: ApplicationFiled: October 15, 2002Publication date: April 29, 2004Inventors: Ravi Sundaram, Hariharan S. Rahul
-
Publication number: 20040010601Abstract: The present invention addresses the known vulnerabilities of Web site infrastructure by making an origin server substantially inaccessible via Internet Protocol traffic. In particular, according to a preferred embodiment, the origin server is “shielded” from the publicly-routable IP address space. Preferably, only given machines (acting as clients) can access the origin server, and then only under restricted, secure circumstances. In a preferred embodiment, these clients are the servers located in a “parent” region of a content delivery network (CDN) tiered distribution hierarchy. The invention implements an origin server shield that protects a site against security breaches and the high cost of Web site downtime by ensuring that the only traffic sent to an enterprise's origin infrastructure preferably originates from CDN servers.Type: ApplicationFiled: July 9, 2002Publication date: January 15, 2004Inventors: Michael M. Afergan, Andrew B. Ellis, Ravi Sundaram, Hariharan S. Rahul
-
Publication number: 20020129134Abstract: The invention is an intelligent traffic redirection system that does global load balancing. It can be used in any situation where an end-user requires access to a replicated resource. The method directs end-users to the appropriate replica so that the route to the replica is good from a network standpoint and the replica is not overloaded. The technique preferably uses a Domain Name Service (DNS) to provide IP addresses for the appropriate replica. The most common use is to direct traffic to a mirrored web site.Type: ApplicationFiled: May 29, 2001Publication date: September 12, 2002Inventors: F. Thomson Leighton, Daniel M. Lewin, Ravi Sundaram, Rizwan S. Dhanidina, Robert Kleinberg, Matthew Levine, Adrian M. Soviani, Bruce Maggs, Hariharan Shankar Rahul, Srikanth Thirumalai, Jay Gunvantrai Parikh, Yoav O. Yerushalmi
-
Publication number: 20020124080Abstract: An intelligent traffic redirection system performs global load balancing for Web sites located at mirrored data centers. The system relies on a network map that is generated continuously for the user-base of the entire Internet. Instead of probing each local name server (or other host) that is connectable to the mirrored data centers, the network map identifies connectivity with respect to a much smaller set of proxy points, called “core” (or “common”) points. A core point then becomes representative of a set of local name servers (or other hosts) that, from a data center's perspective, share the point. Once core points are identified, a systematic methodology is used to estimate predicted actual download times to a given core point from each of the mirrored data centers. Preferably, ICMP (or so-called “ping” packets) are used to measure roundtrip time (RTT) and latency between a data center and a core point.Type: ApplicationFiled: May 30, 2001Publication date: September 5, 2002Inventors: F. Thomson Leighton, Ravi Sundaram, Andrian Soviani, Matthew Levine, Andrew Parker, Silvina Hanono-Wachman, Arthur W. Berger
-
Publication number: 20020078237Abstract: An intelligent traffic redirection system performs global load balancing for Web sites located at mirrored data centers. The system relies on a network map that is generated continuously, preferably for the user-base of the entire Internet. Instead of probing each local name server (or other host) that is connectable to the mirrored data centers, the network map identifies connectivity with respect to a much smaller set of proxy points, called “core” (or “common”) points. A core point is representative of a set of local name servers (or other hosts) that, from a data center's perspective, share the point. To discover a core point, an incremental trace route is executed from each of the set of mirrored data centers to a local name server that may be used by client to resolve a request for a replica stored at the data centers. An intersection of the trace routes at a common routing point is then identified.Type: ApplicationFiled: May 29, 2001Publication date: June 20, 2002Inventors: F. Thomson Leighton, Ravi Sundaram, Matthew Levine, Adrian Soviani