Abstract: Systems and methods are described herein for managing peering relationships and applying peering policy between service providers and content distribution networks. Aspects discussed herein relate to establishing secure peering connections between service providers to exchange application and/or network information. In some embodiments, an application peering manager may apply peering policy based on token information or other suitable information configured to uniquely identify an application and/or subscriber. In other embodiments, policy enforcement points or other elements residing within a network may be configured to accept and/or apply peering policy to application sessions.

Abstract: Systems and methods for providing secure communications in an open network are provided. One method can comprise storing first information associated with a user device and a first network device. The first network device can be at a first location and can be configured to establish a secure connection between the user device and a first network. The user device can be detected via a second network device. A secure connection between the user device and a second network can be established via the second network device based upon at least a portion of the first information.

Abstract: Various examples described herein are directed to identifying a particular computing device, such as a computing device having malware. A DNS query may be received with a token identifying an originating computing device. The DNS query may be compared to a list of domain names associated with particular characteristics, such as having malware. The token may be used to identify the originating computing device and perform further actions.

Abstract: Systems and methods are described herein for managing peering relationships and applying peering policy between service providers and content distribution networks. Aspects discussed herein relate to establishing secure peering connections between service providers to exchange application and/or network information. In some embodiments, an application peering manager may apply peering policy based on token information or other suitable information configured to uniquely identify an application and/or subscriber. In other embodiments, policy enforcement points or other elements residing within a network may be configured to accept and/or apply peering policy to application sessions.

Abstract: The disclosure relates to provisioning end devices, such as wireless end devices. In one aspect, a wireless end device may be provisioned with a backend system without requiring a user to enter information to connect the wireless end device to a local wireless network. Moreover, the wireless end device may be provisioned with a single user action. In one example, the single action may be a single click on an activation portal. The single action may trigger the backend system to detect the wireless end device with the help of one or more gateways at one or more premises, and to associate the wireless end device with a user account. The backend system may also facilitate configuring the wireless end device to connect to the proper or desired network at a premises.

Abstract: An authentication server may use secure messaging with a remote device prior to authorizing non-secure communications between the remote device and a content server, thereby preventing unauthorized access to the content server. The secure messaging uses such security features as encryption, signatures with authentication certificates, a realm, and/or a nonce. Once non-secure communication is authorized, the remote device may act as a proxy between the content server and a user device connected to the remote device. The authentication server sends timeout notices to the remote device containing an interval and a key. To continue non-secure communications with the content server, the remote device must respond prior to the expiration of the interval by sending a keep-alive message containing the key to the authentication server.

Abstract: An authentication server may use secure messaging with a remote device prior to authorizing non-secure communications between the remote device and a content server, thereby preventing unauthorized access to the content server. The secure messaging uses such security features as encryption, signatures with authentication certificates, a realm, and/or a nonce. Once non-secure communication is authorized, the remote device may act as a proxy between the content server and a user device connected to the remote device. The authentication server sends timeout notices to the remote device containing an interval and a key. To continue non-secure communications with the content server, the remote device must respond prior to the expiration of the interval by sending a keep-alive message containing the key to the authentication server.

Abstract: An apparatus, method, system, and computer-readable medium are described for permitting communications between devices complying with different communication protocols or versions. For example, a computing device may store a map indicative of associations between one or more tunnels or channels and one or more destination addresses. In some examples, a destination address may be associated with a user device. One or more messages may include an address that may be extracted by a device, such as a router, to determine which channel to use in transmitting the message to the user device. One or more messages may include an indication of a channel that may be extracted by the device to determine a destination address of the message.

Abstract: The disclosure relates to provisioning end devices, such as wireless end devices. In one aspect, a wireless end device may be provisioned with a backend system without requiring a user to enter information to connect the wireless end device to a local wireless network. Moreover, the wireless end device may be provisioned with a single user action. In one example, the single action may be a single click on an activation portal. The single action may trigger the backend system to detect the wireless end device with the help of one or more gateways at one or more premises, and to associate the wireless end device with a user account. The backend system may also facilitate configuring the wireless end device to connect to the proper or desired network at a premises.

Abstract: Systems and methods are described for connecting to a wireless network. In an aspect, when a wireless device is brought to an area in which two wireless networks are accessible, for example a public network and a private network, the device can reject a connection to the public network and connect to the private network based on an association between the device and the user.

Abstract: Systems for network based control of wireless gateway communications are described. Each network wireless gateway and secondary network device may collect parameters and data regarding communications with connected wireless devices. The collected data may be aggregated at a Network Traffic Scheduler (“NTS”), which may use the data to identify conflicts in communications with wireless devices. If the NTS determines there are conflicts in the communications with particular wireless devices, the NTS may communicate instructions for adjusting the operations of the network so as to avoid or mitigate continued conflicting communications. In response to user requests for a particular level or quality of service, the NTS may communicate instructions for adjusting the operations of the network so as to satisfy the requested level of service.

Abstract: A method, device, computer readable medium, and system are disclosed that in one aspect may calculate a data rate and a latency of a packet flowing through a buffer, compare the data rate to a provisioned data rate, compare the latency to a threshold, and adapt a size of the buffer in response to results of the comparisons.

Abstract: An apparatus, method, system and computer-readable medium are provided for converting traffic of a first communication type to traffic of one or more additional communication types. In some embodiments, the communication types may comprise IP communications, such as IPv4 and IPv6 communications. In some embodiments, multicast communications may be supported. For example, one or more tunnels or channels may be established to support transmitting data, such as content, to one or more destination addresses. In some embodiments, a destination address may be associated with a user device. One or more messages may comprise an address that may be extracted by a device, such as a router, to determine a destination. The one or more messages may comprise a request for service or a request to join a service group.

Abstract: Systems and methods are described for extending the trust relationship established with a network interface device that provides access to a service provider network that includes an IP-based overlay network. The trust relationship is extended to a consumer premises equipment (CPE) device operating on the overlay network. A network element of the service provider network may authenticate the CPE device when communicating via the overlay network. The service provider network may store an association between network configuration data of the network interface device and the CPE device provisioned via the network interface device and may provide the CPE device with an identity token that encodes this network configuration data. The CPE device may provide the identity token to a network element of the service provider network, and the service provider network may authenticate the identity of the CPE device using the identity token provided.

Abstract: The disclosure relates to provisioning end devices, such as wireless end devices. In one aspect, a wireless end device may be provisioned with a backend system without requiring a user to enter information to connect the wireless end device to a local wireless network. Moreover, the wireless end device may be provisioned with a single user action. In one example, the single action may be a single click on an activation portal. The single action may trigger the backend system to detect the wireless end device with the help of one or more gateways at one or more premises, and to associate the wireless end device with a user account. The backend system may also facilitate configuring the wireless end device to connect to the proper or desired network at a premises.

Abstract: A method, device, computer readable medium, and system are disclosed that in one aspect may calculate a data rate and a latency of a packet flowing through a buffer, compare the data rate to a provisioned data rate, compare the latency to a threshold, and adapt a size of the buffer in response to results of the comparisons.

Abstract: Systems and methods are described herein for managing peering relationships and applying peering policy between service providers and content distribution networks. Aspects discussed herein relate to establishing secure peering connections between service providers to exchange application and/or network information. In some embodiments, an application peering manager may apply peering policy based on token information or other suitable information configured to uniquely identify an application and/or subscriber. In other embodiments, policy enforcement points or other elements residing within a network may be configured to accept and/or apply peering policy to application sessions.

Abstract: Systems and methods for provisioning and managing resources are disclosed. Methods can comprise determining whether a first condition is met based upon a first characteristic relating to one or more of a user device and a first network device. Association between the user device and the first network device can be granted if the first condition is met; association can be denied otherwise. Service can be provided to the user device via the first network device if the first network device is configured to meet a second condition. The second condition can be based upon a second characteristic relating to one or more of the user device and the first network device. The user device can be caused to associate with a second network device if the first network device is not configured to meet the second condition.

Abstract: Systems and methods for providing secure communications in an open network are provided. One method can comprise storing first information associated with a user device and a first network device. The first network device can be at a first location and can be configured to establish a secure connection between the user device and a first network. The user device can be detected via a second network device. A secure connection between the user device and a second network can be established via the second network device based upon at least a portion of the first information.

Abstract: The disclosure relates to provisioning end devices, such as wireless end devices. In one aspect, a wireless end device may be provisioned with a backend system without requiring a user to enter information to connect the wireless end device to a local wireless network. Moreover, the wireless end device may be provisioned with a single user action. In one example, the single action may be a single click on an activation portal. The single action may trigger the backend system to detect the wireless end device with the help of one or more gateways at one or more premises, and to associate the wireless end device with a user account. The backend system may also facilitate configuring the wireless end device to connect to the proper or desired network at a premises.