Abstract: A computing device may request service from a service provider, and authorization to receive the service may be based, at least in part, on a network access device that is providing the computing device with network access. The service provider may request a value from the computing device, and the value may be based on address information of the computing device and the network access device.

Abstract: Methods and apparatus are disclosed that enable information about devices connected behind a gateway, such as a home gateway, to be made available to and used by other entities, such as servers and routers, on a communications network.

Abstract: Various examples described herein are directed to identifying a particular computing device, such as a computing device having malware. A DNS query may be received with a token identifying an originating computing device. The DNS query may be compared to a list of domain names associated with particular characteristics, such as having malware. The token may be used to identify the originating computing device and perform further actions.

Abstract: An authentication server may use secure messaging with a remote device prior to authorizing non-secure communications between the remote device and a content server, thereby preventing unauthorized access to the content server. The secure messaging uses such security features as encryption, signatures with authentication certificates, a realm, and/or a nonce. Once non-secure communication is authorized, the remote device may act as a proxy between the content server and a user device connected to the remote device. The authentication server sends timeout notices to the remote device containing an interval and a key. To continue non-secure communications with the content server, the remote device must respond prior to the expiration of the interval by sending a keep-alive message containing the key to the authentication server.

Abstract: A computing device may receive, based on a scan of a bar code associated with a device, information associated with the bar code. The information may be used to retrieve a dedicated activation service set identifier (SSID), which may be sent to one or more gateways. A first gateway may indicate that it is connected to the device using the dedicated activation SSID, and the device may be connected to the first gateway using a specific SSID that is different from the dedicated activation SSID.

Abstract: Systems and methods are described herein for managing peering relationships and applying peering policy between service providers and content distribution networks. Aspects discussed herein relate to establishing secure peering connections between service providers to exchange application and/or network information. In some embodiments, an application peering manager may apply peering policy based on token information or other suitable information configured to uniquely identify an application and/or subscriber. In other embodiments, policy enforcement points or other elements residing within a network may be configured to accept and/or apply peering policy to application sessions.

Abstract: A computing device may request service from a service provider, and authorization to receive the service may be based, at least in part, on a network access device that is providing the computing device with network access. The service provider may request a value from the computing device, and the value may be based on address information of the computing device and the network access device.

Abstract: An apparatus, method, system and computer-readable medium are provided for converting traffic of a first communication type to traffic of one or more additional communication types. Multicast communications may be supported. One or more communication paths may be established to support transmitting data to one or more client devices in the multicast group.

Abstract: A firewall service for a cloud computing environment is described that uses an application identifier-based ruleset to process data packets. An application identifier-based rule may provide an action to be taken on a received packet based on the source application identifier, the destination application identifier, and/or an identification token associated with the source application. A firewall controller may verify applications of the computing environment, provide unique application identifiers, and manage the application identifier rules for one or more firewalls of the computing environments.

Abstract: An apparatus, method, system and computer-readable medium are provided for converting traffic of a first communication type to traffic of one or more additional communication types. Multicast communications may be supported. One or more communication paths may be established to support transmitting data to one or more client devices in the multicast group.

Abstract: An authentication server may use secure messaging with a remote device prior to authorizing non-secure communications between the remote device and a content server, thereby preventing unauthorized access to the content server. The secure messaging uses such security features as encryption, signatures with authentication certificates, a realm, and/or a nonce. Once non-secure communication is authorized, the remote device may act as a proxy between the content server and a user device connected to the remote device. The authentication server sends timeout notices to the remote device containing an interval and a key. To continue non-secure communications with the content server, the remote device must respond prior to the expiration of the interval by sending a keep-alive message containing the key to the authentication server.

Abstract: A computing device may receive, based on a scan of a bar code associated with a device, information associated with the bar code. The information may be used to retrieve a dedicated activation service set identifier (SSID), which may be sent to one or more gateways. A first gateway may indicate that it is connected to the device using the dedicated activation SSID, and the device may be connected to the first gateway using a specific SSID that is different from the dedicated activation SSID.

Abstract: Described herein are methods and systems for improved domain name resolution/routing. Routing data associated with domain names (e.g., websites) may be cached by a Domain Name System (DNS) based on historical domain name queries. The historical domain name queries may be analyzed to determine a ranking (e.g., popularity) for the domain names at multiple time intervals throughout a day, week, etc. Routing data for the highest ranked domain names during one or more time intervals may be cached for a period(s) of time corresponding to the one or more time intervals (e.g., times during which those domain names are most popular).

Abstract: Methods and apparatus are disclosed that enable information about devices connected behind a gateway, such as a home gateway, to be made available to and used by other entities, such as servers and routers, on a communications network.

Abstract: Various examples described herein are directed to identifying a particular computing device, such as a computing device having malware. A DNS query may be received with a token identifying an originating computing device. The DNS query may be compared to a list of domain names associated with particular characteristics, such as having malware. The token may be used to identify the originating computing device and perform further actions.

Abstract: Systems and methods are described for connecting to a wireless network. In an aspect, when a wireless device is brought to an area in which two wireless networks are accessible, for example a public network and a private network, the device can reject a connection to the public network and connect to the private network based on an association between the device and the user.

Abstract: A firewall service for a cloud computing environment is described that uses an application identifier-based ruleset to process data packets. An application identifier-based rule may provide an action to be taken on a received packet based on the source application identifier, the destination application identifier, and/or an identification token associated with the source application. A firewall controller may verify applications of the computing environment, provide unique application identifiers, and manage the application identifier rules for one or more firewalls of the computing environments.

Abstract: An encrypted message comprising a DNS request may be received from a client device. The DNS request may be decrypted to determine an IP address and a port associated with the client device. A security token may be determined based on the IP address and the port. A message comprising an indication of the DNS request and the security token may be sent to a DNS server. A reply comprising a payload and the security token may be received from the DNS server. Based on the security token, an indication of the payload of the reply may be sent to the client device.

Abstract: Aspects of the disclosure include determining a data rate and a latency of one or more packets associated with a buffer, and adapting a size of the buffer based on the data rate or latency. The size of the buffer may also be adjusted differently based on its current size. For example, the size of the buffer may be increased by a greater amount if its current size is relatively small, or it may be decreased by a greater amount if its current size is relatively large. To determine how to adjust the buffer, the data rate may be compared to a data rate threshold and the latency may be compared to a latency threshold.

Abstract: Methods and apparatus are disclosed that enable information about devices connected behind a gateway, such as a home gateway, to be made available to and used by other entities, such as servers and routers, on a communications network.