Multicast Patents (Class 713/163)
  • Patent number: 10790978
    Abstract: Technologies for secure collective authorization include multiple computing devices in communication over a network. A computing device may perform a join protocol with a group leader to receive a group private key that is associated with an interface implemented by the computing device. The interface may be an instance of an object model implemented by the computing device or membership of the computing device in a subsystem. The computing device receives a request for attestation to the interface, selects the group private key for the interface, and sends an attestation in response to the request. Another computing device may receive the attestation and verify the attestation with a group public key corresponding to the group private key. The group private key may be an enhanced privacy identifier (EPID) private key, and the group public key may be an EPID public key. Other embodiments are described and claimed.
    Type: Grant
    Filed: September 21, 2016
    Date of Patent: September 29, 2020
    Assignee: Intel Corporation
    Inventors: Ned M. Smith, Omer Ben-Shalom, Alex Nayshtut
  • Patent number: 10778658
    Abstract: The present disclosure relates to a communication server and a method for secured transmission of messages from an enterprise server to a telecom server for delivering to end users. The enterprise server comprises a first gateway hosted therein to encrypt and transmit the encrypted messages to the communication server. The communication server comprises a routing unit for routing the encrypted messages from the enterprise server to the user devices via the telecom server. The telecom server comprises a second gateway hosted therein to retrieve the encrypted messages. The user device comprises a third gateway hosted therein to retrieve the encrypted messages from the telecom server in case the decryption is taking place at user device.
    Type: Grant
    Filed: February 3, 2020
    Date of Patent: September 15, 2020
    Assignee: Tanla Digital Labs Private Limited
    Inventor: Konda Venkata Papi Reddy
  • Patent number: 10764341
    Abstract: A gateway is configured to be situated in a local area network (LAN) of Internet Protocol (IP)-based units having a serverless page party (SP2) function that employs multicast technology for page/party audio. The gateway converts multicast call traffic to unicast call traffic for transmission over the Internet to one or more IP units with SP2 function in different LANs. These different LANs are each provided with respective gateways that are configured to convert the unicast traffic back to multicast traffic to connect the page/party audio of an SP2 system among disparate facilities having different LANs, obviating the need for a dedicated and expensive wide area network for inter-LAN communication among IP units with SP2 function. A license and configuration server is configured to maintain a database of IP addresses of each gateway assigned to the respective inter-LAN or Internet groups and to communicate group IP addresses to the gateways.
    Type: Grant
    Filed: June 18, 2019
    Date of Patent: September 1, 2020
    Assignee: Hubbell Incorporated
    Inventors: Jeffrey T. Reid, Keith Youndt, Jason Fox
  • Patent number: 10764046
    Abstract: A network node and a method of updating and distributing secret keys in a distributed network is suggested. The network comprises a plurality of nodes connected to a shared medium of the distributed network. Each node of the plurality of nodes is member of at least one group of a plurality of groups. Each group is associated with a secret group key. Each node of the plurality of nodes stores only the one or more secret group keys, of which it is member. A first node of the plurality of nodes generates an authenticated update key request. The authenticated update key request comprises an indication of a membership, of which the first node is member. The first node broadcasts the authenticated update key request on the shared medium of the distributed network. Each remaining nodes of the plurality of nodes receives the authenticated key update.
    Type: Grant
    Filed: December 12, 2017
    Date of Patent: September 1, 2020
    Assignee: NXP B.V.
    Inventor: Thierry G. C. Walrant
  • Patent number: 10742624
    Abstract: There is disclosed in one example a sentinel device, including: a hardware platform including at least a processor and configured to provide a trusted execution environment (TEE); and a security engine operable to instruct the hardware platform to: determine that an internet of things (IoT) device in a first realm R1 requires a secure communication channel with a second device in a second realm R2; query a key server for a service appliance key for the secure communication channel; establish a secure communication channel with the endpoint device using the service appliance key and the TEE; and provide a security service function within R1 including brokering communication via the secure communication channel between the IoT device and the second device.
    Type: Grant
    Filed: February 12, 2019
    Date of Patent: August 11, 2020
    Assignee: McAfee, LLC.
    Inventors: Ned M. Smith, Simon Hunt, Venkata Ramanan Sambandam
  • Patent number: 10693866
    Abstract: In one embodiment, a system includes a hardware processor having at least one core to execute instructions; and a logic to generate a group public key for a subnet having a plurality of computing devices and generate a plurality of group private credentials for the plurality of computing devices, provide the group public key to the plurality of computing devices and provide each of the group private credentials to one of the plurality of computing devices, to enable communication between the plurality of computing devices of the subnet without validation messaging with the system. Other embodiments are described and claimed.
    Type: Grant
    Filed: April 1, 2016
    Date of Patent: June 23, 2020
    Assignee: Intel Corporation
    Inventors: Omer Ben-Shalom, Ned M. Smith, Alex Nayshtut
  • Patent number: 10678891
    Abstract: The invention relates to a method for the identification of security processors in a system for delivering protected multimedia content, in which: upon request from an identification device, a network head-end transmits (136) a command to suspend a first identified pre-determined security processor which, in response, switches (136) from an active state to an idle state; the sharing server detects (120) that the first security processor is in the idle state and then transmits (120) access control messages to a second security processor instead of the first security processor; in response to the identification of at least the second security processor, upon request from the identification device, the network head-end transmits (134) a command to re-establish the first security processor, and, subsequently, in response, the first security processor switches (134) from the idle state to the active state.
    Type: Grant
    Filed: November 24, 2016
    Date of Patent: June 9, 2020
    Assignee: VIACCESS
    Inventor: Bruno Tronel
  • Patent number: 10650129
    Abstract: A server device (100) receives access from an application (31) running on a terminal device (200). The server device (100) authenticates the application (31) of the terminal device (200) with a user name and a password and if successful, transmits an access token to the application (31) and approves access. Issuing an access token, the server device (100) postpones the expiration date given to other access tokens associated with the terminal device (200). When an access token received from the application (31) of the terminal device (200) is associated with the terminal device (200) and stored as being unexpired, the server device (100) approves access from the application (31) and postpones the expiration dates given to all access tokens associated with the terminal device (200).
    Type: Grant
    Filed: May 30, 2016
    Date of Patent: May 12, 2020
    Assignee: Rakuten, Inc.
    Inventors: Kohei Kawai, Sonny Kurniawan
  • Patent number: 10650161
    Abstract: An alias key is generated for each person identification (ID) in a database table. The alias key us used to lookup the corresponding person ID in the database table. In addition, for each alias key, a temporary alias key is generated that is used to lookup the corresponding alias key in the database table. A plurality of queries are received from at least one remote client that each specify at least one of the temporary alias keys. Data is later transmitted to the at least one remote client that is responsive to the queries. Related apparatus, systems, techniques and articles are also described.
    Type: Grant
    Filed: January 5, 2018
    Date of Patent: May 12, 2020
    Assignee: SAP SE
    Inventors: Udo Klein, Michael Kusber
  • Patent number: 10628384
    Abstract: The system tokenizes values stored by records' fields, creates trie from tokenized values, each branch labeled with tokenized value, each node storing count indicating number of records associated with tokenized value sequence beginning from trie root. The system tokenizes value stored by record field, identifies nodes, beginning from trie root, corresponding to token value sequence associated with tokenized value, until node is identified that stores count that is less than node threshold. The system identifies branch sequence comprising each identified node as record's key, and associates key with node storing count less than node threshold, and record with key. The system tokenizes prospective value stored by prospective record's field, identifies nodes, beginning from trie root, corresponding to another token value sequence associated with tokenized prospective value, until another node is identified that stores another count that is less than node threshold.
    Type: Grant
    Filed: December 9, 2016
    Date of Patent: April 21, 2020
    Assignee: salesforce.com, inc.
    Inventors: Arun Kumar Jagota, Dmytro Kudriavtsev, Pawan Nachnani
  • Patent number: 10609549
    Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method of providing a profile package by a profile server and the profile server includes generating a profile package, dividing the profile package in a unit installable in a UICC of an electronic device, reconfiguring the divided profile information in an encryptable unit, and transmitting the reconfigured profile information to the electronic device. Further, provided is an operating method and apparatus of an electronic device communicating with the profile server.
    Type: Grant
    Filed: March 25, 2019
    Date of Patent: March 31, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jonghan Park, Duckey Lee
  • Patent number: 10600038
    Abstract: A system, apparatus, and methods are provided for facilitating payment for a third party's use of an application by a current user. The current user, or payor, initiates the process within the application by selecting one or more recipients. The system that hosts the application then determines which of the third parties are eligible. A target recipient may be ineligible because her application subscription never expires, because it doesn't expire within a threshold period of time, or for some other reason. The system identifies the target recipients that are eligible, and the payor may configure the gift payment (e.g., by choosing a duration of the subscription). The payor then chooses a method of electronic payment and, depending on the method selected, may redeem a coupon with the application host system, or the process may complete automatically. The payor and/or the recipient(s) may be notified of successful activation of the subscription(s).
    Type: Grant
    Filed: October 3, 2017
    Date of Patent: March 24, 2020
    Assignee: WHATSAPP INC.
    Inventors: Vicki W. Lee, Eugene Fooksman, Brian L. Acton, Michael B. Donohue
  • Patent number: 10581774
    Abstract: Provided is a method for group sending message in instant communication, including following steps: acquiring a request for group sending message, accessing a first contact list, and then acquiring information of multiple contacts selected from said first contact list; acquiring inputted message to be group sent; and sending said inputted message to a respective receiving terminal of each of said contacts by sending said inputted message to a respective receiving terminal corresponding to each of the contact identifications. By implementing the technical scheme of the present disclosure, the user's time in operating is reduced, the efficiency of group sending message is improved, especially when the method is applied in a mobile terminal, the duration time of the mobile terminal is prolonged, and the security of group sending message is improved. The disclosure also provides a terminal and a computer storage medium for group sending message in instant communication.
    Type: Grant
    Filed: May 9, 2018
    Date of Patent: March 3, 2020
    Assignee: TENCENT TECHNOLOGY (SHENZHEN) COMPANY LIMITED
    Inventor: Dong Xie
  • Patent number: 10567353
    Abstract: A master apparatus generates a frame encryption key by using a session ID unique to communication with a slave apparatus, and an apparatus common key common to the master apparatus and the slave apparatus, encrypts data of an encryption part of an action frame by using the frame encryption key, and transmits, by broadcast, the action frame including the encryption part. Upon receiving the action frame, the slave apparatus transmits a participation request to the master apparatus, and participates in the network of the master apparatus. Then, the master apparatus and the slave apparatus execute a communication application.
    Type: Grant
    Filed: September 7, 2017
    Date of Patent: February 18, 2020
    Assignee: NINTENDO CO., LTD.
    Inventors: Takumi Kanaya, Masayoshi Matsuoka
  • Patent number: 10540344
    Abstract: Implementations of the present disclosure include initializing a nonce table comprising a plurality of nonce slots, each nonce slot being associated with a nonce index and a status, and storing a respective nonce value; receiving a request for a nonce value from an application, and in response, requesting a nonce value from the nonce table; receiving a nonce value in response to the request, a status of a nonce slot corresponding to the nonce value being set to occupied; and in response to a transaction using the nonce value being one of successful and failed, executing one of: releasing the nonce value within the nonce slot and setting the status to unoccupied, if the transaction is successful, and setting the status to unoccupied, if the transaction failed.
    Type: Grant
    Filed: April 22, 2019
    Date of Patent: January 21, 2020
    Assignee: Alibaba Group Holding Limited
    Inventors: Chao Shen, Kailai Shao, Xuming Lu
  • Patent number: 10491562
    Abstract: A router node for a network is described. The router node comprises: a transceiver; an interface operably coupled to the transceiver; and a signal processor operably coupled to the transceiver and configured to support a consensus protocol. The signal processor is operably coupled to a cache and configured to receive and distribute resource records to other nodes in the network via the interface and store the resource records in the cache.
    Type: Grant
    Filed: December 4, 2017
    Date of Patent: November 26, 2019
    Assignee: Veea Systems Ltd.
    Inventor: Timothy James Speight
  • Patent number: 10454910
    Abstract: According to an embodiment, a management apparatus manages pieces of information held by a plurality of devices. The apparatus includes storage, one or more processors, and a transmitter. The storage stores therein the pieces of information held by the devices. The processors generate a list of inspection values indicating the pieces of information stored in the storage. The processors generate determination information for determining, in a state where the list is concealed, whether a provided value is included in the list. The transmitter transmits the determination information to the respective devices.
    Type: Grant
    Filed: March 2, 2017
    Date of Patent: October 22, 2019
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yoshikazu Hanatani, Yoshihiro Oba
  • Patent number: 10454890
    Abstract: Methods of communicatively connecting first and second endpoints are disclosed. One method includes transmitting from a first endpoint to a second endpoint a connection request, the connection request including an IP address of the second endpoint. The method further includes, based at least in part on the IP address of the second endpoint, selecting IPsec from among a plurality of available security protocols to first attempt to use in forming a tunnel between the first and second endpoints, and forming the tunnel between the first and second endpoints based on the connection request.
    Type: Grant
    Filed: September 30, 2013
    Date of Patent: October 22, 2019
    Assignee: Unisys Corporation
    Inventors: Robert A Johnson, Kathleen Wild, Sarah K Inforzato, Ted Hinaman
  • Patent number: 10410228
    Abstract: Embodiments of the present invention provide a system for a managing entity to automatically provide alerts based on tail event analysis. The system may receive input data in real time from vendor data feeds, social media data feeds, and a tail event ledger. The system may then automatically populate surveys, transmit the surveys to responders, and receive survey results from the responders. The survey results may be transmitted to specialists that return a predicted tail event outcome. This predicted tail event outcome is then automatically transmitted to partners, or decision makers, that provide action steps for responding to the predicted tail event outcome. The system may then continuously monitor the input data, identify an indicator of an occurrence of the tail event, and then automatically transmit the action steps to appropriate parties.
    Type: Grant
    Filed: June 16, 2016
    Date of Patent: September 10, 2019
    Assignee: Bank of America Corporation
    Inventors: Carol Ann Boyer, Jeffrey Pierre Dell
  • Patent number: 10244384
    Abstract: The present disclosure relates to a communication method and system for converging a 5th-Generation (5G) communication system for supporting higher data rates beyond a 4th-Generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technologies, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. A method of providing a profile package by a profile server and the profile server includes generating a profile package, dividing the profile package in a unit installable in a UICC of an electronic device, reconfiguring the divided profile information in an encryptable unit, and transmitting the reconfigured profile information to the electronic device. Further, provided is an operating method and apparatus of an electronic device communicating with the profile server.
    Type: Grant
    Filed: March 26, 2018
    Date of Patent: March 26, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Jonghan Park, Duckey Lee
  • Patent number: 10212582
    Abstract: A communication apparatus includes a transmission unit that, when providing communication parameters for communication in a wireless network, transmits an authentication request message for requesting authentication by unicast in a case where a transmission destination of the authentication request message is identified and transmits the authentication request message by broadcast in a case where a transmission destination of the authentication request message is not identified, a reception unit that receives a response message responding to the authentication request message from another communication apparatus, and a provision unit that provides the another communication apparatus with the communication parameters upon receipt of the response message.
    Type: Grant
    Filed: July 18, 2016
    Date of Patent: February 19, 2019
    Assignee: Canon Kabushiki Kaisha
    Inventor: Tatsuhiko Sakai
  • Patent number: 10205712
    Abstract: In an example, there is disclosed a computing apparatus, comprising: a trusted execution environment (TEE); and a security engine operable to: identify a key negotiation for an encrypted connection between a first device and a second device; request a service appliance key for the key negotiation; receive the service appliance key; and perform a service appliance function on traffic between the first device and the second device. There is also disclosed a method of providing the security engine, and a computer-readable medium having stored thereon executable instructions for providing the security engine.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: February 12, 2019
    Assignee: McAfee, LLC
    Inventors: Ned M. Smith, Simon Hunt, Venkata Ramanan Sambandam
  • Patent number: 10178095
    Abstract: A computer system for authenticating and managing network traffic may comprise a network link providing a connection to a network, an authentication, authorization, and accounting (AAA) server configured to provide AAA management for the network link, an access controller configured to communicate with the AAA server and to control access to the network link, and a subnetwork of client devices connected to an intermediate relay node. The client devices may be configured to communicate with the access controller and the network link through the intermediate relay node. Also methods and processes by which an intermediate relay node and an access controller may operate in the network for authentication of client devices and routing of network traffic.
    Type: Grant
    Filed: January 2, 2017
    Date of Patent: January 8, 2019
    Assignee: Vivint, Inc.
    Inventors: Pravin Bathija, Venkat Kalkunte
  • Patent number: 10142325
    Abstract: A method by a management server is described. The method includes receiving a credentials request from a requesting management node. The credentials request includes a public key of the requesting management node. The method also includes determining whether the management server has credentials encrypted for the requesting management node in a local cache. The credentials are encrypted using the public key of the requesting management node and cannot be decrypted by the management server. The method further includes sending the encrypted credentials to the requesting management node when the management server has the encrypted credentials. The requesting management node can decrypt the encrypted credentials using a private key.
    Type: Grant
    Filed: August 29, 2016
    Date of Patent: November 27, 2018
    Assignee: Ivanti, Inc.
    Inventors: Mark Tempel, Andrew Moravec
  • Patent number: 10079822
    Abstract: Examples may include techniques for securely receiving critical communication content associated with a critical communication service. Examples may include a network providing the critical communication being capable of establishing a secure connection to remote user equipment (UE) through a relay UE in order for the remote UE to securely receive critical communication content from the network. The critical communication service may include a mission critical push to talk (MCPTT) service.
    Type: Grant
    Filed: March 26, 2015
    Date of Patent: September 18, 2018
    Assignee: Intel IP Corporation
    Inventors: Alexandre S. Stojanovski, Muthaiah Venkatachalam
  • Patent number: 10019452
    Abstract: A topology aware distributed storage system includes a plurality of storage nodes, at least one client node, and a storage manager and metadata store. A user-defined storage policy specifies where data is stored within a topological hierarchy of nodes within the network. A hierarchical ring topology including a hierarchical structure of rings representing an organizational structure of nodes is computed and flattened into a single global ring divided into segments corresponding to a unique range of integers and associated with a replica set responsible for storing a key corresponding to one of the integers. A hash function is performed on a user key received from the client node, and the hashed key is looked up on the flattened global ring stored on each storage node to identify the replica set responsible for storing data corresponding to the hashed key.
    Type: Grant
    Filed: May 19, 2016
    Date of Patent: July 10, 2018
    Assignee: MORGAN STANLEY
    Inventor: Glenn M. Judd
  • Patent number: 9992669
    Abstract: Embodiments of the present application provide an encryption method, a decryption method, and a related apparatus. The encryption method includes: generating a keystream, where the keystream is used to encrypt a part of data to be encrypted in an initial layer-3 message, and the part of data to be encrypted includes small data; generating, by performing an exclusive OR operation on the keystream and the initial layer-3 message, an initial layer-3 message in which the part of data is encrypted; and sending the initial layer-3 message in which the part of data is encrypted, where the initial layer-3 message includes an added encryption indication, and the encryption indication is used to indicate that the part of data to be encrypted in the initial layer-3 message is encrypted.
    Type: Grant
    Filed: April 28, 2014
    Date of Patent: June 5, 2018
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Lijia Zhang, Jing Chen
  • Patent number: 9979704
    Abstract: A first virtual machine is established in a virtual private service chain to provide a first network service to virtual private service chain traffic. A second virtual machine is also established the virtual private service chain to provide a second network service to the virtual private service chain traffic. The virtual private service chain traffic is encrypted for transmission within the virtual private service chain from the first virtual machine to the second virtual machine, wherein the encryption uses a key shared by the first and second virtual machines.
    Type: Grant
    Filed: December 17, 2014
    Date of Patent: May 22, 2018
    Assignee: Cisco Technology, Inc.
    Inventors: Kevin D. Shatzkamer, Hendrikus G. P. Bosch, Warren Scott Wainner, James N. Guichard, Surendra M. Kumar
  • Patent number: 9967252
    Abstract: A communication and security device for a portable computer is disclosed including a housing, a connector provided on the housing for physical connection to the portable computer, a computer interface coupled to the connector for communicating data with the portable computer, a wireless modem coupled to the computer interface for communicating data between the portable computer and a remote device via a wireless network, a controller configured to control access to the data storage based on an identifier in a security message received via the wireless network.
    Type: Grant
    Filed: December 9, 2015
    Date of Patent: May 8, 2018
    Assignee: ExactTrak Limited
    Inventors: Norman Shaw, John Pragnell
  • Patent number: 9954765
    Abstract: A method is provided that is implemented by a network device to simplify a topology graph of a network to generate a multicast distribution tree, the method to reduce the complexity of the topology graph while enabling a creation of the multicast distribution tree such that the computational complexity of generating the multicast distribution tree is reduced, the method including computing a shortest path to all nodes of the topology graph rooted at a source node S, determining a metric for each adjacency on each shortest path of the topology graph for the multicast group G, construct an (S, G) graph with only source node S, leaves and candidate replication points, and prune the (S, G) graph using a set of pruning processes to fully resolve the multicast distribution tree, where full resolution can be determined, and the first set of pruning processes if successful are known to produce a minimum cost tree.
    Type: Grant
    Filed: March 21, 2016
    Date of Patent: April 24, 2018
    Assignee: TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)
    Inventor: David Ian Allan
  • Patent number: 9948625
    Abstract: Embodiments herein include, for example, a method, comprising: generating a shared symmetric key to begin a communication session among a group of users by a first user; distributing, by the first user, the generated shared symmetric key to each user in the group of users; communicating within the communication session among a group of users, where each user encrypts a message to the group of users to be distributed through the communication session using the generated shared symmetric key, and each user decrypts a message received from the communication session using the generated shared symmetric key.
    Type: Grant
    Filed: August 31, 2015
    Date of Patent: April 17, 2018
    Assignee: CYPH, INC.
    Inventors: Ryan Lester, Bryant Zadegan
  • Patent number: 9948457
    Abstract: An optical line terminal (OLT) including a processor coupled to a transmitter. The processor is configured to send a first encrypted fiber to coax unit (FCU) message containing an optical domain multicast key to an FCU via an optical network. The optical domain multicast key is associated with encryption in an optical domain associated with the optical network. The processor is also configured to send a second encrypted FCU message containing an electrical domain multicast key to the FCU, and to send an encrypted coax network unit (CNU) message containing the electrical domain multicast key to a CNU via the FCU and a coaxial network. The electrical domain multicast key is associated with encryption in an electrical domain associated with the coaxial network. The first and second encrypted FCU messages and the encrypted CNU message may be operations, administration and maintenance (OAM) messages.
    Type: Grant
    Filed: May 4, 2017
    Date of Patent: April 17, 2018
    Assignee: Futurewei Technologies, Inc.
    Inventors: Yanbin Sun, Guangsheng Wu, Li Zhang, Fanglin Sun, Jim Chen
  • Patent number: 9940300
    Abstract: A board portal system provides the ability to manage multiple boards, where each of the boards may be a separate legal entity. The board portal may provide the ability to establish links between the multiple boards and create parent-child relationships with subsidiary boards. With the board portal, users can create content and make it viewable and accessible across multiple boards that related through a parent-child relationship. At the same time, the board portal maintains a requisite level of separation between the related boards in the portal using encryption and/or other separation techniques. As a result, the board portal facilitates flexible workflow patterns and communication processes based on the proper hierarchical structure that exists between the parent organization and its subsidiaries.
    Type: Grant
    Filed: March 1, 2011
    Date of Patent: April 10, 2018
    Assignee: NASDAQ, INC.
    Inventors: Bret Beresford-Wood, Christina Buringa
  • Patent number: 9930149
    Abstract: An example method for to multicast traffic distribution in a multi-pod network environment is provided and includes provisioning a block of multicast group addresses for broadcast, unknown unicast and multicast (BUM) traffic distribution between pods in the multi-pod network, calculating a hash corresponding to a bridge domain (BD) extending across a plurality of pods in the multi-pod network, the hash being identically calculated at each one of the plurality of pod, indexing with the hash into the block of multicast group addresses designated for inter-pod BUM traffic to derive a global multicast group identical for the broadcast domain across the plurality of pods, and associating a local multicast group at the translator with the derived global multicast group.
    Type: Grant
    Filed: March 24, 2015
    Date of Patent: March 27, 2018
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Sanjay Thyamagundalu, Mahesh Shirshyad, Nikhil Gopinath Shetty, Siva Gaggara, Bharat Kumar Bandaru
  • Patent number: 9881435
    Abstract: Site based clustered APB security systems and methods are provided. Some systems can include a first plurality of access controllers located at a first site, a second plurality of access controllers located at a second site, and a host system supporting each of the first and second plurality of access controllers. A triggering event at a first of the first plurality of access controllers can cause the first of the first plurality of access controllers to transmit a triggering signal to the host system. Responsive thereto, the host system can identify the remaining access controllers in the first plurality of access controllers, transmit a status update to the remaining access controllers in the first plurality of access controllers, and avoid transmitting the status update to the second plurality of access controllers.
    Type: Grant
    Filed: July 14, 2015
    Date of Patent: January 30, 2018
    Assignee: HONEYWELL INTERNATIONAL INC.
    Inventor: Rajesh Gopalakrishna
  • Patent number: 9871754
    Abstract: A system that communicates across a network is described. During operation, the system receives a subscription request from a subscriber requesting to subscribe to receive information published to a service name. The system applies a function to the service name to generate a value that maps to a root-node associated with the service name. The system forwards the subscription request through the network to the root-node and logs information associated with the subscription request in a subscription table at the root-node, so that the root-node can forward messages that are subsequently published to the service name to the subscriber. Upon receiving a publication request from a publisher requesting to publish a message to the service name, the system first determines the root-node from the service name. The system forwards the publication request to the root-node to be forwarded to one or more subscribers for the service name.
    Type: Grant
    Filed: July 13, 2015
    Date of Patent: January 16, 2018
    Inventors: Sohrab F. Modi, Kevin C. Fox
  • Patent number: 9825759
    Abstract: In one embodiment, a tunnel to be affected by configuration of a service in a network is identified and key information for the identified tunnel is obtained from a corresponding router. The tunnel is assigned to a key group based on the key information, and provisioning information associated with the tunnel on the router is updated based on the assigned key group in conjunction with configuration of the service. The updating of the provisioning information may comprise altering the key information on the router to include a key associated with the assigned key group. Also, one or more keys not associated with the assigned key group may be deleted from the router and from a management entity of the network.
    Type: Grant
    Filed: July 8, 2013
    Date of Patent: November 21, 2017
    Assignee: Alcatel Lucent
    Inventors: Denis A. Proulx, Carl Rajsic
  • Patent number: 9792591
    Abstract: A system, apparatus, and methods are provided for facilitating payment for a third party's use of an application by a current user. The current user, or payor, initiates the process within the application by selecting one or more recipients. The system that hosts the application then determines which of the third parties are eligible. A target recipient may be ineligible because her application subscription never expires, because it doesn't expire within a threshold period of time, or for some other reason. The system identifies the target recipients that are eligible, and the payor may configure the gift payment (e.g., by choosing a duration of the subscription). The payor then chooses a method of electronic payment and, depending on the method selected, may redeem a coupon with the application host system, or the process may complete automatically. The payor and/or the recipient(s) may be notified of successful activation of the subscription(s).
    Type: Grant
    Filed: January 29, 2014
    Date of Patent: October 17, 2017
    Assignee: WHATSAPP INC.
    Inventors: Vicki W. Lee, Eugene Fooksman, Brian L. Acton, Michael B. Donohue
  • Patent number: 9787767
    Abstract: An information processing terminal is connected to an external server via the information sharing system (WEB) so as to implement Twitter, social networking services, and text posting services. The information processing terminal is used to receive a desired content (e.g. a television broadcast content), to browse the posted information posted on the WEB from the external server, to select at least one classified information (e.g. hash tags) used to classify the posted information from among a plurality of classified information, to obtain at least one classified information with reference to the external server, and to simultaneously display at least one classified information linked with the desired content. The information processing terminal simultaneously displays a content display screen used to display the desired content and a posting service display screen used to display a plurality of posted information browsed from the external server.
    Type: Grant
    Filed: February 27, 2013
    Date of Patent: October 10, 2017
    Assignee: NEC Corporation
    Inventors: Shinichi Itamoto, Ryo Taya
  • Patent number: 9755898
    Abstract: Some embodiments provide an elastic architecture for providing a service in a computing system. To perform a service on the data messages, the service architecture uses a service node (SN) group that includes one primary service node (PSN) and zero or more secondary service nodes (SSNs). The service can be performed on a data message by either the PSN or one of the SSN. However, in addition to performing the service, the PSN also performs a load balancing operation that assesses the load on each service node (i.e., on the PSN or each SSN), and based on this assessment, has the data messages distributed to the service node(s) in its SN group. Based on the assessed load, the PSN in some embodiments also has one or more SSNs added to or removed from its SN group. To add or remove an SSN to or from the service node group, the PSN in some embodiments directs a set of controllers to add (e.g., instantiate or allocate) or remove the SSN to or from the SN group.
    Type: Grant
    Filed: December 12, 2014
    Date of Patent: September 5, 2017
    Assignee: NICIRA, INC.
    Inventors: Jayant Jain, Anirban Sengupta, Mohan Parthasarathy
  • Patent number: 9736061
    Abstract: A method performed by a network node. The method includes detecting a loss of connection at an incoming interface to an upstream neighbor of the network node, where the network node is in a multicast communication network that includes a multicast tree to provide connectivity from a common source node to one or more multicast recipient nodes. The multicast communication network further includes a set of one or more secondary paths to provide redundancy to the multicast tree, and sending a notification packet downstream toward the one or more multicast recipient nodes when the network node cannot re-route the multicast data traffic to allow the multicast data traffic to be received by the multicast recipient nodes, wherein the notification packet causes one or more downstream nodes to switch multicast reception to one or more of the set of one or more secondary paths to re-route the multicast data traffic.
    Type: Grant
    Filed: November 17, 2014
    Date of Patent: August 15, 2017
    Assignee: TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)
    Inventors: András Császár, Evgeny Tantsura, Gábor Sándor Enyedi
  • Patent number: 9721087
    Abstract: Disclosed herein are techniques for use in user authentication. In one embodiment, the technique comprises collecting information in connection with a plurality of authentication methods. The technique also comprises determining a score for each authentication method based on the collected information. The technique further comprises selecting an authentication method from the plurality of authentication methods based on the determined score.
    Type: Grant
    Filed: September 30, 2014
    Date of Patent: August 1, 2017
    Assignee: EMC IP Holding Company LLC
    Inventors: Zohar Duchin, Alon Kaufman, Marcelo Blatt, Yedidya Dotan
  • Patent number: 9722791
    Abstract: A computing system, method, and computer program product provide cryptographic isolation between a client device and a server computer for providing a network service to the client device. The computing system stores encrypted user authentication data of the client device and its user, and encrypted service authorization data of the server computer in such a way that neither the client device nor the server computer can obtain information about the other. Upon subsequent receipt in the computing system of purported user authentication data and a request to access the network service, the computing system encrypts the purported authentication data and compares it against the stored, encrypted data. Only when these encrypted data match is the computing system able to decrypt the service authorization data and provide it to the server computer to gain access to the network service.
    Type: Grant
    Filed: May 14, 2015
    Date of Patent: August 1, 2017
    Inventor: Norman Schibuk
  • Patent number: 9706399
    Abstract: Systems and techniques for key management in mobile ad hoc networks are described. Pseudonyms are defined for group members of mobile ad hoc networks such that a pseudonym in a message can be deterministically identified with the sending device only by the sending device and the message recipient. Key management for a group is performed by a group manager, and key management may include key renewal and revocation. Key renewal is performed by a group manager, with the group manager using a set of couple pseudonyms, including a couple pseudonym between the manger and each group member. Key renewal employs a renewal key used to encrypt the updated group key, and the group manager updates the group key be transmitting a message to each group member in proximity, with the message being identified using the couple pseudonym of the manager and the group member.
    Type: Grant
    Filed: October 25, 2013
    Date of Patent: July 11, 2017
    Assignee: Nokia Technologies Oy
    Inventors: Kari J. Leppänen, Markku T. Turunen, Philip Ginzboorg, Pentti Valtteri Niemi, Hamza Harkous
  • Patent number: 9692609
    Abstract: A local router stores a content distribution map that specifies a plurality of permitted multicast groups. The local router receives communications from user devices on an access-network side of the local router. Those received communications identify multicast groups for which user devices wish to receive data. The local router ascertains if those identified multicast groups are permitted multicast groups specified by the stored content distribution map. For multicast groups ascertained to be permitted multicast groups, the local router sends communications across a network-side interface requesting membership in those multicast groups. The local router may then receive data for those multicast groups and forward that data to user devices. For multicast groups identified in user device communications ascertained not to be permitted multicast groups, the local router sends no communications across the network-side interface requesting membership.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: June 27, 2017
    Assignee: Comcast Cable Communications, LLC
    Inventor: Brian E. Field
  • Patent number: 9628459
    Abstract: A method includes receiving a request to initiate secure communications from a first client and authenticating the first client. The authenticating includes communicating with a second client using a second communication channel, and receiving a response from the first client, the response being transmitted over a first communication channel. The method also includes receiving a first set of message data from the first client, the first set of message data being transmitted over the first communication channel, and receiving a second set of message data from the second client, the second set of message data being transmitted over the second communication channel. The method additionally includes constructing the message using the first set of message data and the second set of message data.
    Type: Grant
    Filed: March 18, 2014
    Date of Patent: April 18, 2017
    Assignee: CA, Inc.
    Inventors: Steven L. Greenspan, James Donald Reno, Ralf Dieter Saborowski, Charley Chell
  • Patent number: 9608945
    Abstract: The described embodiments include a message server that is configured to send, to multiple receiving electronic devices, corresponding messages that each include a payload acquired from a single request message received from a client electronic device. In these embodiments, the request message received from the client electronic device includes a push token for each of the receiving electronic devices and the payload. Upon receiving the request message, the message server generates, for a receiving electronic device associated with each push token, a message that includes the payload. The message server then sends each message to the corresponding receiving electronic device. In this way, the message server “fans out,” to the multiple receiving electronic devices, corresponding messages that each include the payload from the single request message.
    Type: Grant
    Filed: December 30, 2014
    Date of Patent: March 28, 2017
    Assignee: APPLE INC.
    Inventors: Gokul P. Thirumalai, Justin M. N. Wood, Roberto Garcia, Jr.
  • Patent number: 9602425
    Abstract: A authenticating system and process for authenticating user devices to a access a media service where access to certain portions of the media service may be limited according to a gateway or other device used by a user device to facilitate interfacing a user with the media service. The authentication may be achieved without directly assessing a trustworthiness of the user devices, and optionally, without requiring a user thereof to complete a sign-on operation.
    Type: Grant
    Filed: June 26, 2014
    Date of Patent: March 21, 2017
    Assignee: Cable Television Laboratories, Inc.
    Inventors: Seetharama R. Durbha, Oscar Marcia, Stuart Hoggan, Simon Krauss
  • Patent number: 9596301
    Abstract: Embodiments of the present invention provide methods and systems for leadership allocation in a distributed computer system. In certain embodiments of the present invention, a leader-election-service process runs within each node of a distributed computer system, together cooperatively providing a distributed-leader-election service. The distributed-leader-election service employs a distributed consensus service to manage distributed state information related to roles and leadership allocation within a distributed computer system. Client processes within each node interface with the leader-election-service process of the node in order to assume leadership of particular roles within the distributed computer system. Leadership-allocation management is thus centralized, within each node. In alternative embodiments, the distributed-leader-election service may be implemented as a collection of library routines that run in the context of client processes.
    Type: Grant
    Filed: September 18, 2006
    Date of Patent: March 14, 2017
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Timothy J. Mosier, Douglas L. Voigt, Michael E. Lutz
  • Patent number: 9571378
    Abstract: A system, method, and apparatus for a synchronized wireless data concentrator are provided for facilitating a precisely synchronized system of nodes in a wireless sensor network for airborne data systems. The wireless data concentrator contains a plurality of IEEE 802.15.4 radio/micro-processor subsystems, which are connected to a local host microprocessor, which is in turn connected to an aircraft data network. The airplane data network also contains a precision clock source and a plurality of specialized network switches, which have a low-jitter data-path routing capability.
    Type: Grant
    Filed: June 28, 2011
    Date of Patent: February 14, 2017
    Assignee: THE BOEING COMPANY
    Inventor: Stephen G. Dame