Inventors list

Assignees list

Classification tree browser

Top 100 Inventors

Top 100 Assignees


Computer network access regulating

Subclass of:

709 - Electrical computers and digital processing systems: multicomputer data transferring

709223000 - COMPUTER NETWORK MANAGING

Patent class list (only not empty are listed)

Deeper subclasses:

Entries
DocumentTitleDate
20110179167RELAY SERVER, RELAY COMMUNICATION SYSTEM, AND COMMUNICATION APPARATUS - In a relay communication system in which remote LANs communicate with one another beyond a WAN, a method and apparatus prevent crossover among a plurality of call controls in each of a plurality of sections and crossover among a plurality of communication routes in each of the plurality of sections. Relay servers relay communication between client terminals. A relay server creates information described below, and allows a whole of a relay communication system to share the information: relay group information indicating that the relay servers constitute a relay group; and relay server information indicating a client terminal capable of communicating with the relay server. The relay servers and the client terminals collate identification information of call control, which is transmitted when the call control is executed for a destination for communication in each section, and identification information of call control, which is received from the destination for communication in each section when a communication route is established, with each other, and allows the call controls and the communication routes to correspond to each other.07-21-2011
20130185428System and Method for Network Path Validation - In a server device, a method for validating a network path in a network includes receiving a listing of ports from a client device, each port in the listing of ports associated with the server device and receiving a request message from the client device via a first identified port in the listing of ports. The method includes, in response to receiving the request message, opening a subsequent identified port in the listing of ports for communication with the client device and, following opening of the subsequent identified port in the listing of ports, transmitting a response message to the client device via the first identified port.07-18-2013
20130031254Sharing A Transmission Control Protocol Port By A Plurality Of Applications - Methods, apparatuses, and computer program products for sharing a transmission control protocol (TCP) port by a plurality of applications are provided. Embodiments include receiving, by a transmission controller from a client, a first TCP packet that includes an indication of a new TCP connection for a TCP port; determining, by the transmission controller, an origination of the first TCP packet; identifying, by the transmission controller, a TCP sequence number range associated with the determined origination; selecting, by the transmission controller, an initial sequence number (ISN) within the identified TCP sequence number range; and sending, by the transmission controller to the client, a second TCP packet that includes the selected ISN.01-31-2013
20130031252FAIL-OPEN NETWORK TECHNIQUES - A network device may receive, from a user device, a request for network access to a network and communicate a request, to a subscriber data storage, for subscriber data, corresponding to the user device, to verify whether the user device may be granted network access. The network platform may determine, in response to communicating the request to the subscriber data storage, that the subscriber data storage is non-responsive and executing a fail-open function in response to determining that the subscriber data storage is non-responsive. The fail-open function may include processing the request for network access without subscriber data from the subscriber data storage and granting network access to the user device without verifying that the user device is permitted to access the network.01-31-2013
20100017511METHOD OF CONSTRUCTING TREE NETWORK - Provided is a method of constructing a tree network which includes a first node. The method comprises: (a) the first node determining if there is a child node and requesting a parent node to allow the first node to withdraw if there is no child node; (b) selecting a child node based on remaining amounts of battery power of each child node if there are child nodes of the first node; (c) exchanging positions of the first node and the selected child node and requesting the parent node to allow the first node to withdraw if the child node selected in operation (b) does not have child nodes; and (d) repeating operations (b) and (c) if the child node selected in operation (b) has child nodes. The present invention solves the problem of decreasing lifetimes of upper nodes that consume more battery power than lower nodes due to more traffic transmission and reception.01-21-2010
20090083422Apparatus and method for improving network infrastructure - An apparatus for improving network infrastructure includes multiple network components. The network components include a Firewall and a Domain Name Service server. The network components may also include a Network Attached Storage device, an On-Demand Ad Hoc Network service provider, a Local Load Balancer, a Global Load Balancer, a Multi-Protocol Reverse Proxy, a Forward Proxy, a Secure Socket Layer Virtual Private Network Appliance, and/or a Network Optimizer Appliance. The apparatus also includes one or more routers that provide the only external connectivity to the apparatus, and a switch through which some or all of the network components communicate. The apparatus may be made part of a network of like apparatuses, where each router of each of the apparatuses executes electronic instructions for providing an on-demand private network with the other apparatuses. The apparatus may be configured so that the private network complies with guidelines for government, military, or business security.03-26-2009
20100057910Concept for trusting client-side storage and distribution of asynchronous includes in an application server environment - The ability to leverage a publish/subscribe functionality in an application server environment has allowed the storage of cached entries to be stored over multiple clients rather than on a single application server, freeing up valuable resources. However, in this arrangement it is not possible for the originating server to validate shared content originating from client-side storage. The present invention provides a system and method for securing and validating content from asynchronous include request by allowing a subscribing client to set trusted clients from which they will accept content.03-04-2010
20090193121Critical Resource Management - In one embodiment, a method of managing critical resource usage in a storage network comprises receiving, in a storage controller, an input/output operation from a host, wherein the input/output operation identifies a storage unit, placing the input/output operation in a waiting queue, determining a maximum queue depth for at least one critical resource in the storage network required to execute the input/output command against the storage unit, and blocking one or more subsequent input/output commands from the host for the storage unit when the wait queue for the critical resource exceeds the maximum queue depth.07-30-2009
20090193120Critical Resource Management - In one embodiment, a method of managing critical resource usage in a storage network comprises receiving, in a storage controller, an input/output operation from a host, wherein the input/output operation identifies a storage unit, placing the input/output operation in a waiting queue, determining a maximum queue depth for at least one critical resource in the storage network required to execute the input/output command against the storage unit, and blocking one or more subsequent input/output commands from the host for the storage unit when the wait queue for the critical resource exceeds the maximum queue depth.07-30-2009
20110196967COMMUNICATION CONTROL APPARATUS, COMMUNICATION CONTROL SYSTEM, AND COMMUNICATION CONTROL METHOD - A communication control system includes a terminal apparatus and a maintenance terminal apparatus. The terminal apparatus includes a determining unit that selects an address of the terminal apparatus from addresses other than an address of a communication destination to determine the address used for the transmission and reception of data, the communication destination defining network positional information of the maintenance terminal apparatus; a discarding unit that discards an address resolution request; and a communication unit that transmits data only to the address of the communication destination and receives only the data from the address of the communication destination. The maintenance terminal apparatus includes a communication unit that provides maintenance data through the communication with the terminal apparatus; and a setting unit that stops an address resolution process for the address of the terminal apparatus during the communication with the terminal apparatus.08-11-2011
20110196966METHOD AND DEVICE FOR TERMINAL DEVICE MANAGEMENT BASED ON RIGHT CONTROL - A method and a device for terminal device management based on right control are provided. The method includes the following steps. A Get command on an access control list (ACL) of a managed node in a device management tree (DMT) from a device management (DM) server is received, where the Get command includes a Unified Resource Identity (URI) of the managed node. It is determined whether the DM server has a direct right of executing the Get command on the managed node. The Get command is processed when it is determined that the DM server has the direct right of executing the Get command on the managed node. The method and the device simplify the complexity of right management, and reduce the number of times of message interaction between the DM server and a terminal device, thereby improving the efficiency and performance of terminal device management.08-11-2011
20110196965SYSTEMS AND METHODS TO PREVENT DENIAL OF SERVICE ATTACKS - Systems and methods are presented to prevent denial of service attacks through the use of an interleaved pseudo-random sequence that is generated from two or more pseudo-random codes. Portions of the pseudo-random codes are interleaved with each other using a pre-determined instruction pattern. A message incorporating the interleaved sequence is transmitted to a receiver, which identifies the interleaved bit sequence in the message and, if the interleaved bit sequence is identified in the message, allows access to the service.08-11-2011
20100082811Filtering unwanted data traffic via a per-customer blacklist - Traffic flow from a traffic source with a source IP address to a customer system with a destination IP address is filtered by comparing the source IP address to a customer blacklist. If the source IP address is on the customer blacklist, then traffic to the customer system is blocked; else, traffic to the customer system is allowed. The customer blacklist is generated from a network blacklist, comprising IP addresses of unwanted traffic sources, and a customer whitelist, comprising IP addresses of wanted traffic sources. The customer blacklist is generated by removing from the network blacklist any IP address also on the customer whitelist. The network blacklist is generated by acquiring raw blacklists from reputation systems. IP addresses on the raw blacklists are sorted by prefix groups, which are rank ordered by traffic frequency. Top prefix groups are selected for the network blacklist.04-01-2010
20130031253NETWORK MANAGEMENT SYSTEM SCHEDULING FOR LOW POWER AND LOSSY NETWORKS - In one embodiment, a network management system (NMS) determines an intent to initialize a request-response exchange with a plurality of clients in a low power and lossy network (LLN). In response, the NMS adaptively schedules corresponding responses from the clients to distribute the responses across a period of time based on a network state of the LLN. Accordingly, requests may be generated by the NMS with an indication of a corresponding schedule to be used by the clients to respond, and transmitted into the LLN to solicit the responses, which are then received at the NMS according to the indicated schedule.01-31-2013
20120179821METHOD AND SYSTEM FOR USING TEMPORARY EXCLUSIVE BLOCKS FOR PARALLEL ACCESSES TO OPERATING MEANS - In at least one example embodiment, the invention relates to a computer-implemented method, a computer-implemented system and a computer program product for controlling the access to splittable resources in a distributed client server system operating in parallel. The resource control system is designed for a plurality of clients connected to the system and is used to maintain consistency of the data. When a client makes a first attempt to access a resource of the server, an exclusive lock for the requested resource is allocated to the accessing client, that blocks the access to the resource for other clients, said exclusive lock only being allocated for a pre-determinable period of time and then automatically discontinued.07-12-2012
20120246315INTERNET INFRASTRUCTURE SURVEY - A system for surveying Internet access quality includes a nameserver, registered to be authoritative for a domain name and configured to receive a DNS query to resolve a pseudo-hostname and to extract from the pseudo-hostname an access quality indicator, and a web portal configured to transmit a data survey code to a web browser, the data survey code being configured to access a resource, to determine the access quality indicator responsively to the resource access, to generate the pseudo-hostname including the access quality indicator and the domain name, and to initiate the DNS query.09-27-2012
20120246312Transforming HTTP Requests Into Web Services Trust Messages For Security Processing - An approach is provided where an HTTP request is received and a Request for Security Token (RST) is created. Parameters are selected from the request and mappings are retrieved corresponding to the parameters. Context attributes are created in the RST corresponding to the parameters. A context attribute type value is set based on an HTTP section where the parameter is located within the HTTP request. The RST is sent to a security token service for processing. In another approach, a Request Security Token Response (RSTR) is received and an HTTP response is created. RSTR parameters are selected and parameter mappings are retrieved corresponding to the selected RSTR parameters from a mapping table with a TYPE value being identified based on the retrieved parameter mapping. Context attributes are added to the HTTP response based on the identified TYPE values. The HTTP response is transmitted to a remote computer system.09-27-2012
20130086267ADMISSION CONTROL IN A SELF AWARE NETWORK - A method of admission control in a Self Aware Network carrying at least one existing user specifying at least one Quality of Service metric. The method includes receiving a user request for admission of a connection from a source node to a destination node in the network specifying at least one Quality of Service metric. The source node then finds paths; creates link Quality of Service matrices; sends probe traffic over the network; and uses the traffic to obtain a Quality of Service matrix. The source node computes estimated link Quality of Service matrices and computes path Quality of Service matrices for the Quality of Service metrics, based on the estimated link Quality of Service matrices. The user request is rejected or accepted based on the path Quality of Service matrix.04-04-2013
20130086265NETWORK USAGE THROTTLING SYSTEMS AND METHODS - Systems and methods for throttling network usage are disclosed. An exemplary method includes an access device maintaining throttling command interpretation data, receiving a throttling command broadcast over a wide area network, interpreting the throttling command based on the throttling command interpretation data, and conforming at least one operation of the access device to a network usage throttling level in accordance with the interpretation of the throttling command. Corresponding systems and methods are also disclosed.04-04-2013
20130086264Optimized Prefetching of Compound Data - Access to compound data over a wide-area network is optimized by analyzing metadata within compound data to identify internal and external data streams to be prefetched. Upon receiving or intercepting a network packet including an access request for a data resource, metadata in this data resource is analyzed to identify associated data streams and their storage locations within and/or outside of the data resource. Data streams may be proactively or reactively prefetched. Proactive prefetching identifies and retrieves data streams or portions thereof likely to be accessed by a client based on attributes associated with the data resource. Reactive prefetching identifies portions of data streams associated with received access requests and retrieves additional portions of these data streams. Prefetched data streams or portions thereof are stored in a data storage on the same local network or near to the local network including the client.04-04-2013
20130080635Massively Scalable Electronic Gating System - Access by users to transaction servers is restricted or gated by an access-control network, in situations in which a large number of users need to access the servers in a short amount of time. A user's computing device establishes a place in a wait process by contacting a wait server in the access control network and receiving a cookie file with an arrival stamp. The user's computing device periodically contacts with the wait node with the cookie file to determine if the user's turn is up. Each wait server maintains a model of estimated arrival times of users to provide a dynamically updated estimated wait time, and increments a demarcation value which dictates when a user is allowed to access a transaction server. When the user's turn is up, the wait server provides a URL of a transaction server to the user's computing device.03-28-2013
20130080637METHOD FOR OPERATING MULTI-DOMAIN PROVIDER ETHERNET NETWORKS - A method of enabling extension of a network service of a first domain to a remote customer site hosted by an Access Gateway (AG) in a Provider Ethernet domain. In the first domain, the remote customer site is represented as being hosted by a border gateway (BG) connected to the Provider Ethernet domain, such that subscriber packets associated with the network service are forwarded to or from the remote customer site via the BG. In the Provider Ethernet domain, a trunk connection is instantiated through the Provider Ethernet domain between the host AG and the BG. A trunk cross-connection function is installed in the host AG, for transferring subscriber packets associated with the network service between a respective attachment virtual circuit (AVC) through which the remote customer site is connected to the host AG and an extended AVC tunnelled through the trunk connection. A common service instance identifier (I-SID) is used to identify both the AVC between the host AG and the remote customer site and the extended AVC between the host AG and the BG.03-28-2013
20130080636CONVEYANCE OF CONFIGURATION INFORMATION IN A NETWORK - According to example configurations, a user of a client device accesses an authentication server to retrieve configuration information. The user belongs to an organization that receives services from a third party service provider. The client device forwards the configuration information to a server controlled by the third party service provider. The server maintained by the third party service provider provides access to services, resources, data, etc., depending on the configuration information forwarded by the client device.03-28-2013
20130086266APPARATUS AND METHOD FOR APPLYING NETWORK POLICY AT A NETWORK DEVICE - This document discusses, among other things, applying network policy at a network device. In an example embodiment fibre channel hard zoning information may be received that indicates whether a fibre channel frame is permitted to be communicated between two fibre channel ports. Some example embodiments include identifying a media access control addresses associated with the fibre channel ports. An example embodiment may include generating one or more access control entries based on the fibre channel identifications of the fibre channel ports and the zoning information. The access control entries may be distributes to an Ethernet port to be inserted into an existing access control list and used to enforce a zoning policy upon fibre channel over Ethernet frames.04-04-2013
20130036225Systems and Methods for Rule Inheritance - Systems and methods for automating and increasing the efficiency of access to data using inheritance of access rules within an organization based upon the relationship of positions within the organization and the roles associated with the positions. In one embodiment, a role structure is used in conjunction with a hierarchical organization structure to allow access rules to be inherited by some of the positions from other positions based upon the relationship of positions within the organization and the roles associated with the positions. Access rules can be applied across equivalent or similar positions, yet differentiated between distinct portions of the organization and the distinct roles associated with the positions. Consequently, particular access rules are not necessarily inherited by all of the positions subordinate to a particular position with which the rule originates, and are not necessarily inherited by all of the positions that are associated with a particular role.02-07-2013
20130036224AUTOMATED BILLING AND DISTRIBUTION PLATFORM FOR APPLICATION PROVIDERS - Integrating a network-enabled application with a platform having a plurality of users and a plurality of communication channels with a respective plurality of wireless network carriers, including receiving a request from a third-party provider to integrate a network-enabled application with the platform, receiving a set of registration data corresponding to the network-enabled application from the third-party provider, the set of registration data including a link to an application location for accessing the network-enabled application, receiving a set of pricing structure data corresponding to the network-enabled application from the third-party provider, updating a system database in the platform to include the set of registration data and the pricing structure data corresponding to the network-enabled application, and enabling the network-enabled application to be accessible to the plurality of users via a networked interface operated by the platform.02-07-2013
20130036223Facilitating authentication of access terminal identity - Methods and apparatuses are provided for facilitating authentication of access terminal identities and for recording a usage relationship between a valid access terminal identity and a user identity. An access terminal and a validation server are both provisioned with corresponding validation keys. The access terminal may determine that a user identity is not recorded for use with the access terminal, and may send a report message to report a usage relationship between the access terminal identity and the user identity, where the report message is signed with a signature based on the validation key. The validation server authenticates the signature using the validation key in the validation server. The validation server may record the usage relationship between the authenticated access terminal identity and the user identity in a database, which database records may be employed to determine whether an access terminal requesting network access is authorized or unauthorized.02-07-2013
20130042002METHOD AND APPARATUS FOR POLICY-BASED NETWORK ACCESS CONTROL WITH ARBITRARY NETWORK ACCESS CONTROL FRAMEWORKS - A method and apparatus for integrating various network access control frameworks under the control of a single policy decision point (PDP). The apparatus supports pluggable protocol terminators to interface to any number of access protocols or backend support services. The apparatus contains Trust and Identity Mediators to mediate between the protocol terminators and a canonical policy subsystem, translating attributes between framework representations, and a canonical representation using extensible data-driven dictionaries.02-14-2013
20100042719Content access to virtual machine resource - The storage system extracts virtual machine resource files based on sources of accesses. In one embodiment, a storage system comprises a network attached storage (NAS) device which is connected to a plurality of computer devices via a network. The NAS device is configured, (i) in response to a request to access a virtual machine resource which is recognized by the NAS device through identification information associated with the request as one that does not require content access to the virtual machine resource, to show the virtual machine resource without content access; and (ii) in response to a request to access a virtual machine resource which is recognized by the NAS device through identification information associated with the request as one that requires content access to the virtual machine resource, to show the virtual machine resource with content access.02-18-2010
20090157878METHOD AND SYSTEM FOR CONNECTING LOWER NODES TO ONE ANOTHER TO INCREASE SCALABILITY IN ZIGBEE NETWORK - Disclosed are a method and system for connecting lower nodes to one another to increase scalability in a ZigBee network. The method includes approving a participation request to excess lower nodes requesting participation in higher nodes where network addresses set with respect to the higher nodes are allocated to all of the lower nodes; when a transmission message is received from the excess lower nodes, analyzing the received transmission message and determining a node for transmitting the transmission message; and transmitting the transmitted transmission message to the determined node.06-18-2009
20090157876Methods, Systems, And Computer Readable Media For Managing User Access To An Electronic Media Sharing Environment - Managing user access to an electronic media sharing environment is described. An account balance representing a data volume authorized for download via the electronic client is maintained for a user of an electronic client,. The account balance is increased/decreased by a predetermined amount as the electronic client uploads/downloads electronic data to/from a common datastore sharing accessibility of the electronic data among a plurality of users. The predetermined amount is based on at least one of a data quantity and a data quality of the electronic data being uploaded or downloaded. When the account balance is less than a predetermined amount associated with a requested download, an alternate version of the electronic data having at least one of lesser data quantity and a lesser data quality than the electronic data requested to be downloaded in the user request is provided for the electronic client to download.06-18-2009
20090157877Sensing Information Management Apparatus and Method of Sensor Based Home Network System - An apparatus of managing sensing information for a sensor based home network and a method thereof are disclosed. The apparatus includes a sensor network to collect sensing information from multifunctional sensor nodes, a sensing information processing and managing unit for deciding the optimized context information through controlling and managing the collected sensing information according to all of the context information and providing services suitable to user's intention and environment. Therefore, the apparatus prevents collision and minimizes the interference generated between sensing information.06-18-2009
20100106831BOOTSTRAP RENDEZVOUS FEDERATION - Systems and methods that ensure formation of a single ring from a seed node at any given time. A “bootstrap” phase is included in a node's life cycle, to mitigate adverse affects of split-brain conditions in a network. During such bootstrap phase, if an existing ring is found, the seed node can join the existing ring in a same manner as a non-seed node does. If no ring is detected, the bootstrap phase attempts to elect a seed node to be the “super-seed node”, wherein a new ring can then be formed with such new super-seed node as the first node.04-29-2010
20120166643SYSTEMS AND METHODS FOR CONTROLLING AND MANAGING PERSONAL DATA COMMUNICATIONS - Disclosed herein are systems and methods for controlling and managing personal data communications. According to an aspect, a method may be computer-implemented for controlling data communications. The computer-implemented method may include receiving and storing data from at least one electronic device. Further, the computer-implemented method may include controlling access to the data using at least one user control space. The computer-implemented method may also include managing the data using the at least one user control space. Further, the computer-implemented method may include communicating with at least one other electronic device using the at least one user control space.06-28-2012
20120166642System and Method for Control and Monitoring of Multiple Devices and Inter-Device Connections - A system and method for control and monitoring of devices and inter-device connections located within an environment using a control client is provided. A user creates commands via the control client to a server that maintains a representation of the environment and the devices within the environment. The server utilizes a set of policies associated with the devices to control the devices in a default manner. The user can modify or use exceptions from the policies to achieve specific tasks other than the default tasks associated with the policy. The server may further monitor and report the current states of the devices in the environment and historical changes of the devices to monitor the environment and provide reporting for such tasks such as environment monitoring.06-28-2012
20130046889METHODS AND APPARATUSES FOR SCHEDULING USERS IN WIRELESS NETWORKS - In a method for scheduling a set of active users for transmission in a wireless network, a plurality of scheduling metrics are calculated based on system state information for the wireless network, and the set of active users are scheduled for transmission according to the candidate transmission schedule corresponding to a maximum scheduling metric from among the calculated scheduling metrics. Each of the plurality of scheduling metrics corresponding to a candidate transmission schedule among a plurality of candidate transmission schedules.02-21-2013
20090043891Mobile WiMax network system including private network and control method thereof - A mobile Worldwide Interoperability for Microwave Access (WiMax) network system is provided with a private network including a WiMax Control Management (WCM) server managing identification information of terminals, and a private access control router. When an arbitrary terminal requests Internet protocol address assignment after an authentication procedure of the mobile WiMax network system is performed, the private access control router determines whether the arbitrary terminal is registered in the WiMax Control Management (WCM) server in dependence upon identification information of the terminal acquired by communicating with the WiMax Control Management (WCM) server. If the arbitrary terminal is registered in the WiMax Control Management (WCM) server, the private access control router assigns preset private network information to the terminal and to the private network.02-12-2009
20090043890METHODS AND SYSTEMS FOR DEPLOYING HARDWARE FILES TO A COMPUTER - A method and system may include deploying a base system image to a computer, identifying a hardware device associated with the computer, and analyzing an archive comprising a node and a hardware file, the node comprising a deployment condition for determining whether to deploy the hardware file to the computer. The method and system may further include analyzing the hardware device to determine whether the hardware device complies with the deployment condition, and deploying the hardware file to the computer if the hardware device complies with the deployment condition.02-12-2009
20090313372APPARATUS, METHODS, AND COMPUTER PROGRAM PRODUCTS FOR MANAGING NETWORK ELEMENTS AND ASSOCIATED NETWORK ELEMENT RESOURCES BY MULTIPLE MANAGEMENT SYSTEMS - Network elements and resources associated with the network elements are manageable by multiple management systems. A request for network element resource management information is transmitted to at least two network management systems, and a reply identifying the network elements that are managed by the respective network management systems from the at least two network management systems is received.12-17-2009
20090113051METHOD AND SYSTEM FOR HOSTING MULTIPLE, CUSTOMIZED COMPUTING CLUSTERS - A computer system for hosting computing clusters for clients. The system includes clusters each including a set of computing resources and each implemented in custom or differing configurations. Each of the configurations provides a customized computing environment for performing particular client tasks. The configurations may differ due to configuration of the processing nodes, the data storage, or the private cluster network or its connections. The system includes a monitoring system that monitors the clusters for operational problems on a cluster level and also on a per-node basis such as with monitors provided for each node. The system controls client access to the clusters via a public communications by only allowing clients to access their assigned cluster or the cluster configured per their specifications and performing their computing task. Gateway mechanisms isolate each cluster such that communications within a cluster or on a private cluster communications network are maintained separate.04-30-2009
20120191855SYSTEMS AND METHOD OF IDENTIFYING AND MANAGING ABUSIVE REQUESTS - Aspects relate to categorizing requests for online resources as originating from spiders or not. Such resources are associated with respective contacts, and if a non-spider requests a resource, then a contact associated with that resource can be notified. One example method for determining whether to notify a user associated with a network resource includes identifying, via a processor, an entity making a request for a resource associated with a network address, wherein the entity has extracted the network address from a machine-readable code. The method then includes serving the resource to the entity in response to the request. The method then includes determining if request is not abusive, and only if the request is not abusive sending a notification to a user associated with the resource that the resource has been accessed.07-26-2012
20120191854METHOD AND SYSTEM FOR SERVICE DENIAL AND TERMINATION ON A WIRELESS NETWORK - A method and system are provided for denying an application service request, such as a Multimedia Messaging Service (MMS) request, on wireless and wireline Internet Protocol (IP) Multimedia Subsystem (IMS) networks or Session Initiation Protocol (SIP) networks. In one example, the method includes receiving a request for an application service from a user via a transport network, determining to deny the request, and providing a response corresponding to the denial of the request to the user via the transport network.07-26-2012
20130073729USER TERMINAL, AND METHOD AND APPARATUS FOR CONTROLLING THE SOFTWARE MANAGEMENT THEREOF - The present invention relates to a method and apparatus for software management and control and, more particularly, to a method and apparatus for software management and control that control multiple office computers or user terminals connected to an internal corporate network in various ways, for example, by forcing an idle user terminal occupying a connection to software running on a central server to release the connection wherein the central server performs such control operations by providing control messages that control processes running on user terminals. In the present invention, an idle user terminal, which is connected to software running on the central server but does not use the software for a given time or more, is monitored and forced to release the connection to the software. Hence, it is possible to effectively increase the number of users capable of accessing the software.03-21-2013
20130073728VALIDATING USER EXPERIENCE TYPE SETTINGS - A home gateway accesses a host system that differentially routes messages over a communication network to a destination system. The selection of a communication pathway from multiple possible communication pathways through a communication network is based on a user experience type (e.g., gaming user experience, streaming user experience, or browsing user experience) that generally reflects network resource consumption preferences of the user of the access account for the home gateway. Examples of user experience types include a gaming user experience, a streaming user experience and a browsing user experience. The user experience type generally reflects the online experience desired by the user.03-21-2013
20130060940NETWORK VIRTUALIZATION - Some embodiments of the invention provide a robust scaling-out of network functionality by providing a software layer, called the network hypervisor, that sits between the network forwarding functions (i.e., the forwarding plane) and the network control interfaces (i.e., the control plane). The network hypervisor of some embodiments provides a logical abstraction of the network's forwarding functionality, so that network operators make their control decisions in terms of this abstraction, independent of the details of the underlying networking hardware. The network hypervisor of some embodiments may then “compile” commands placed against this abstraction into configurations of the underlying hardware. Accordingly, in some embodiments, there are two design challenges: (1) the choice of the network abstraction, and (2) the technology needed to compile the logical “abstract” controls into low-level configurations.03-07-2013
20130060944CONTROLLING ACCESS TO A RESOURCE IN A DISTRIBUTED COMPUTING SYSTEM WITH A DISTRIBUTED ACCESS REQUEST QUEUE - Controlling access to a resource in a distributed computing system that includes nodes having a status field, a next field, a source data buffer, and that are characterized by a unique node identifier, where controlling access includes receiving a request for access to the resource implemented as an active message that includes the requesting node's unique node identifier, the value stored in the requesting node's source data buffer, and an instruction to perform a reduction operation with the value stored in the requesting node's source data buffer and the value stored in the receiving node's source data buffer; returning the requesting node's unique node identifier as a result of the reduction operation; and updating the status and next fields to identify the requesting node as a next node to have sole access to the resource.03-07-2013
20130060943SYSTEM, METHOD AND COMPUTER PROGRAM PRODUCT FOR CONTROLLING NETWORK COMMUNICATIONS BASED ON POLICY COMPLIANCE - A policy management system, method and computer program product are provided. In use, information is received over a network relating to at least one subset of computers that are at least potentially out of compliance with a policy. Further, such information is sent to a plurality of the computers, utilizing the network. To this end, network communication involving the at least one subset of computers is capable of being controlled utilizing the information.03-07-2013
20130060942SYSTEM AND METHOD FOR PROVIDING NETWORK SUPPORT SERVICES AND PREMISES GATEWAY SUPPORT INFRASTRUCTURE - A service management system communicates via wide area network with gateway devices located at respective user premises. The service management system remotely manages delivery of application services by the gateway device(s), e.g. by selectively activating or deactivating service logic modules in the gateway devices. The service management system also may selectively provide secure communications and exchange of information among gateway devices and among associated endpoint devices. An exemplary service management system includes a router connected to the network and one or more computer platforms, for implementing management functions. Examples of the functions include a connection manager for controlling system communications with the gateway devices, an authentication manager for authenticating each gateway device and controlling the connection manager and a subscription manager for managing applications services and/or features offered by the gateway devices. A service manager, controlled by the subscription manager, distributes service specific configuration data to authenticated gateway devices.03-07-2013
20130060941Registration Redirect Server - Systems and methods for dynamically registering a communication device are disclosed. As one example, a communication network architecture is disclosed that includes multiple feature servers, multiple registration redirect servers (RRSs), and multiple communication devices. The feature servers provide services to the communication devices. The RRSs each service a shared virtual Internet Protocol (IP) address and perform load balancing of registration requests on behalf of multiple feature servers located geographically proximate to the RRS. The communication devices are configured to issue initial registration requests intended for any of the feature servers to the shared virtual IP address, whereby upon issuing an initial registration request, a communication device is directed to a particular feature server that is associated with a RRS that is closest to the communication device, and where the particular feature server is selected by a load balancing routine executing on the RRS.03-07-2013
20080294773METHOD AND APPARATUS FOR MIGRATING ACCESS TO BLOCK STORAGE - A computer implemented method, apparatus, and computer usable program code for providing access to block storage. A source virtual input/output server is retrieved, parameters are used by the source virtual input/output server to provide a client access to the block storage when the client is located on a first logical partitioned data processing system with the source virtual input/output server, wherein the client accesses the block storage through the source virtual input/output server. Access for the client to the block storage is migrated to a target virtual input/output server located on a second logical partitioned data processing system using the parameters, wherein the parameters are used on the target virtual input/output server to provide the client access to the block storage when the client is migrated to the second data processing system.11-27-2008
20130067084SYSTEM AND METHOD FOR ACCESSING A DEVICE HAVING AN ASSIGNED NETWORK ADDRESS - A communications system includes a mobile computing device having a dynamic address and mobile web server software. A network web server has a portal web page at which a web client can reliably and consistently establish an internet connection. In response to receiving a request from the web client to access the mobile computing device, the network web server re-routes the web client from a static address of the network web server to the assigned address of the mobile computing device. The mobile computing device repeatedly registers the current version of its address with the network web server. The mobile computing device, network web server and web client are commercially available, off-the-shelf components that require only targeted configuration changes to perform the disclosed re-routing operations.03-14-2013
20130067080Storage and Communication De-Duplication - Storage and communication de-duplication are described. In one or more implementations, a system comprises one or more modules that are implemented at least partially in hardware, the one or more modules configured to utilize one or more algorithms to calculate hashes of chunks of data, the hashes used to replace the chunks in the data for storage locally in the system as well as to communicate the hashes in response to a request received via a network for the data to avoid communicating at least one of the chunks of the data via the network.03-14-2013
20130067087THIRD PARTY VPN CERTIFICATION - A virtual private network (VPN) over a telecommunications network is created by sending a request from a first VPN device to a second VPN device for establishing a VPN between the first and second VPN devices. The request includes a first signed certificate having a verified VPN parameter for the first VPN device. A reply is received at the first VPN device from the second VPN device that includes a second signed certificate having a verified VPN parameter for the second VPN device. The VPN is established between the first and second VPN devices based on each verified VPN parameter for each of the first and second VPN devices.03-14-2013
20130067083Transmitting Data Over Multiple Networks - The invention relates to method and apparatus for transmitting data from a device in a communications system, including at the device, executing an application which generates data according to an application layer protocol and supplies the data to an access layer for transmission in a communication session over a first channel using a first wireless network interface; and receiving at the application an indication from the access layer of an alternate, second channel for transmission of the data, the second channel using a second network interface. On receipt of the indication, the application determines whether or not to take action responsive to the indication and, if it determines to do so, opens a second channel for the communication session and supplies data to the access layer for transmission over the second channel.03-14-2013
20130067082INTER-POLICY SERVER COMMUNICATION VIA A POLICY BROKER - A device receives policy parameters for a user equipment moving from a first access network to a second access network. The device also translates the policy parameters to parameters understood by the second access network, and provides the translated policy parameters to the second access network. When the translated policy parameters are accepted by the second access network, the user equipment connects to the second access network in accordance with the translated policy parameters.03-14-2013
20130067081Mobile Device Authentication and Access to a Social Network - Disclosed is an apparatus, system, and method to allow a user of a mobile device to access a social network through a router. The mobile device may comprise a user interface and a processor. The processor may be used to: command transmitting a social profile associated with the mobile device to the router to bind the mobile device to the router and to command transmitting social network credentials requested by the router to the router to authenticate the mobile device to the router. Based upon authentication by the router, the mobile device may be permitted to access a social network in accordance with control rules set by the router.03-14-2013
20130067085SYSTEM AND METHOD USING A CLIENT-LOCAL PROXY-SERVER TO ACCESS A DEVICE HAVING AN ASSIGNED NETWORK ADDRESS - A communications system includes a mobile computing device having a dynamic address and mobile web server software. A client-local proxy-server has an IP address to which a web client can reliably and consistently establish an internet connection. In response to receiving a request from the web client to access the mobile computing device, the client-local proxy-server acts as an intermediary opening up a communications path between the web client and the assigned address of the mobile computing device. The mobile computing device repeatedly registers the current version of its address with the client-local proxy-server. The mobile computing device and proxy-server software require only targeted configuration changes to perform the disclosed intermediary routing operations.03-14-2013
20110022711DYNAMICALLY MIGRATING COMPUTER NETWORKS - Techniques are described for providing capabilities to dynamically migrate computing nodes between two or more computer networks while the computer networks are in use, such as to dynamically and incrementally migrate an entire originating first computer network to a destination second computer network at a remote location. For example, the first computer network may include one or more physically connected computer networks, while the second computer network may be a virtual computer network at a remote geographical location (e.g., under control of a network-accessible service available to remote users). The provided capabilities may further include facilitating the ongoing operations of the originating first computer network while a subset of the first computer network computing nodes have been migrated to the remote destination second computer network, such as by forwarding communications between the first and second computer networks in a manner that is transparent to the various computing nodes.01-27-2011
20120117238MANAGEMENT SERVER, CLIENT TERMINAL, TERMINAL MANAGEMENT SYSTEM, TERMINAL MANAGEMENT METHOD, PROGRAM, AND RECORDING MEDIUM - A management server which is connected to a plurality of client terminals via a network, includes a storage unit adapted to store a management policy including usage-permitted time periods of the plurality of client terminals, and an application unit adapted to read out from the storage unit the management policy including the usage-permitted time period of the client terminal to be managed, output the readout management policy to the client terminal, and apply the usage-permitted time period to the client terminal, and extends the usage-permitted time period of the client terminal in accordance with a state of the client terminal.05-10-2012
20120117237SYSTEM AND METHOD EMPLOYING AN AGILE NETWORK PROTOCOL FOR SECURE COMMUNICATIONS USING SECURE DOMAIN NAMES - A network device comprises a storage device storing an application program for a secure communications service; and at least one processor configured to execute the application program enabling the network device to: (a) send a request to look up a network address of a second network device based on an identifier; (b) receive an indication that the second network device is available for the secure communications service, the indication including the requested network address of the second network device and provisioning information for a secure communication link; (c) connect to the second network device over the secure communication link, using the received network address of the second network device and the provisioning information for the secure communication link; and (d) communicate at least one of video data and audio data with the second network device using the secure communications service via the secure communication link.05-10-2012
20120117236NETWORK CONNECTION COMMUNICATION SYSTEM - Network connection systems and methods for managing a variety of services over different kinds of networks. A network connection and communication system is provided that monitors and displays units of network usage over a selected network. The information can be displayed in terms of usage units that are easy to understand from the viewpoint of a user. For instance, a display screen can indicate the number of available or used usage units, eg, connection minutes (time), the number of books purchased and downloaded over the network, the number of connections to a communicating partner. Multiple conversions can occur between various services that are available depending on the type of service and selected network.05-10-2012
20080288638METHOD AND SYSTEM FOR MANAGING NETWORK RESOURCES IN AUDIO/VIDEO BRIDGING ENABLED NETWORKS - Aspects of a method and system for managing network resources in audio/video bridging enabled networks are provided. In this regard, network resources reserved via AVB may be allocated for administrative and/or control traffic. Additionally, administrative and/or control data may be assigned highest priority for routing in the network. In this regard, priority of traffic may be determined via one or more bits of a VLAN tag associated with the traffic. For each AVB stream registered in the network, there may be a corresponding portion of the reserved network resources allocated for administrative and/or control data. The portion of reserved network resources allocated for administrative and/or control data may be based on past, present, or expected network statistics. Portions of the reserved resources not allocated for administrative and/or control data may be utilized for communicating one or more multimedia streams. In this regard, the unallocated resources may be distributed amongst the one or more multimedia streams. Allocating reserved resources for administrative and/or control traffic may ensure reliable communication of the administrative and/or control traffic, by preventing one or more multimedia streams from monopolizing network resources.11-20-2008
20130067079TRANSIENT MARKET RESOURCE LOCATOR - Technologies and implementations for locating transient transaction resources are generally disclosed.03-14-2013
20130067086SYSTEM AND METHOD USING A WEB PROXY-SERVER TO ACCESS A DEVICE HAVING AN ASSIGNED NETWORK ADDRESS - A communications system includes a mobile computing device having a dynamic address and mobile web server software. A network web proxy-server has a portal web page at which a web client can reliably and consistently establish an internet connection. In response to receiving a request from the web client to access the mobile computing device, the network web proxy-server forwards the request to the mobile computing device by opening an indirect or virtual communications link between the web client, the network web proxy-server and the assigned address of the mobile computing device. The mobile computing device repeatedly registers the current version of its address with the proxy-server. The mobile computing device, network web proxy-server and web client are commercially available, off-the-shelf components that require only targeted configuration changes to perform the disclosed intermediary forwarding operations.03-14-2013
20090234950Service discovery - The invention can be used for enabling service discovery. Service discovery can be enabled by requesting, by a first apparatus from a gateway entity, information on apparatuses capable of providing a predetermined service and being located in proximity of the first apparatus, receiving, by the first apparatus from the gateway entity, a predetermined resource identifier associated with a second apparatus capable of providing the predetermined service and being located in proximity of the first apparatus, the predetermined resource identifier being received as a response to the request, and sending, by the first apparatus, a resource request to the second apparatus using the predetermined resource identifier associated with the second apparatus. Service discovery can also be enabled by receiving, by a first apparatus, a resource request sent by a second apparatus using a predetermined resource identifier associated with a wireless service of the first apparatus, wherein the second apparatus is located in proximity of the first apparatus, determining whether the wireless service of the first apparatus is to be made available to the second apparatus, initiating the wireless service at the first apparatus in case it is determined, that the wireless service is to be made available to the second apparatus, creating a response to the resource request, inserting into the response a parameter required for establishing a connection to the wireless service of the first apparatus, and sending the response to the second apparatus.09-17-2009
20090234948Using Multiple Servers to Divide a Virtual World - Embodiments of the invention provide a method for distributing data from within a virtual world to multiple hosts. In one embodiment, primary areas within the virtual world may be hosted on servers controlled by the provider of the virtual world. At the same time, some areas within the virtual world may be controlled by a second party and hosted by a secondary server. In the virtual environment, an interface may be provided to access the area controlled by the second party.09-17-2009
20090019155TOKEN-BASED CREDITING OF NETWORK USAGE - A method may include providing content or a service accessible via a network to a user, and issuing a usage token having a usage credit that corresponds to a usage restriction associated with the user's network access subscription.01-15-2009
20090013076Systems and methods to provide and bill for internet access - Systems for regulating Internet access at libraries are provided herein. In one embodiment, the system comprises a first computer having a user interface in communication with a network and a library card database, wherein the first computer is configured to compare library card information stored in the library card database. This system further comprises a second computer having a second interface in communication with the network and a transaction database, wherein the second computer is configured to compare user information stored in the transaction database. Also provided are methods for using the same.01-08-2009
20090006620Method and system for securing a commercial grid network over non-trusted routes - A method for securing a commercial grid network over non-trusted routes involves receiving, by an administrative node in the commercial grid network, a lease request from a client to lease one of multiple resource nodes in the commercial grid network, wherein the client is separated from the resource node by a non-trusted route. The method further involves transmitting, by the administrative node, a network security key associated with the client to the resource node, storing, by the resource node, the network security key in a network security key repository specific to the resource node, establishing, by the resource node, a secure network tunnel over the non-trusted route using the network security key, transmitting a network packet securely between the client and the resource node over the secure network tunnel, and destroying, by the resource node, the secure network tunnel when a lease term associated with the client and the resource node expires.01-01-2009
20090006622Ultimate client development system - A client development system is provided that includes creating a plurality of hosts and host databases. A host contact is identified, qualified, and cultivated. The system provides for three levels of users: hosts, experts, and members. The system permits a host's member contacts and experts to search the expert directories of other hosts for an expert that matches a particular profile. The system also provides automatic communications to a host contact from the host as well as and other contact interface notifications for the host.01-01-2009
20090006621Recoverable error detection for concurrent computing programs - A system and method detects communication error among multiple nodes in a concurrent computing environment. One or more barrier synchronization points/checkpoints or regions are used to check for a communication mismatch. The barrier synchronization point(s)/checkpoint(s) can be placed anywhere in the concurrent computing program. Once a node reaches a barrier synchronization point/checkpoint, it is not allowed to communicate with another node regarding data that is needed to execute the concurrent computing program, even if the other node has not reached the barrier synchronization point/checkpoint. Regions can also, or alternatively, be used to detect a communication mismatch instead of barrier synchronization points/checkpoints. A concurrent program on each node is separated into one or more regions. Two nodes communicate with each other when their regions are compatible. If their regions are not compatible, a communication mismatch occurs.01-01-2009
20090006619Directory Snapshot Browser - Embodiments of the systems and methods expose a form of backup data, referred to as snapshot data, to an online server. The snapshot data is copy of the directory system at a time in the past. The snapshot data, in embodiments, is exposed as an LDAP server database, which can be manipulated by one or more tools. Thus, the snapshot data is available to online servers to view, to compare, to restore, or to accomplish other actions on the data within the snapshot without server downtime.01-01-2009
20090006618METHODS AND SYSTEMS FOR ACCESS ROUTING AND RESOURCE MAPPING USING FILTERS - A method for access routing and resource mapping using filters includes the step of receiving a request from a client for access to a resource. A rule is identified, the rule having a rule priority level and associated with: i) a filter, ii) at least one method for providing access to the resource, and iii) a server in a plurality of servers. The filter is applied, the filter identifying at least one pre-requisite to accessing the resource. A determination is made that the client satisfies the at least one pre-requisite, responsive to applying the filter. A determination is made regarding whether to provide access to the resource to the client by the server in the plurality of servers according to the at least one method for providing access to the resource. The server in the plurality of servers provides access to the resource for the client according to the at least one method for providing access to the resource.01-01-2009
20130166746SYSTEM AND METHOD FOR POLICY SELECTION AND SWITCHING FUNCTION IN A NETWORK ENVIRONMENT - A method is provided in one example embodiment and includes receiving a request for a service for a subscriber at an access gateway; receiving a default subscriber policy and a default service policy at the access gateway; receiving a subscriber policy and a service policy for the service being requested at the access gateway; receiving the service being requested at the access gateway; and communicating the service being requested from the access gateway to the subscriber in response to the request.06-27-2013
20130166747SYSTEMS, APPARATUS, AND METHODS FOR IDENTIFYING STORED DATA THAT MAY BE ACCESSED BY A HOST ENTITY AND PROVIDING DATA MANAGEMENT SERVICES - A first device in a network, having a first port, receives an identifier of a second port of a second device in the network, the network comprising a host entity, a switch, and a storage system. The first port of the first device spoofs the second port of the second device, during a communication with the switch. The first device receives information identifying a third port of a third device in the network that is zoned to the second port of the second device. The device identifies data stored in the storage system that may be accessed by the host entity, based at least on the information.06-27-2013
20080294775EXPANDED MEDIA CONTENT ACCESS SYSTEMS AND METHODS - In one of many possible embodiments, a system includes a content provider subsystem providing media content over a closed media network and an open network. At least a subset of the media content provided over the closed media network is provided over the open network. The system further includes a user access subsystem communicatively connected to the closed media network and the open network. The user access subsystem is configured to access the media content over the closed media network and the open network and to process and provide at least a component of the accessed media content for presentation to a user. The user access subsystem includes a content processing device configured to decode the media content accessed over the closed media network and an expansion content processing device configured to decode the media content accessed over the open network.11-27-2008
20080294774Controlling Access to Digital Images Based on Device Proximity - Embodiments of the invention provide techniques for controlling access to digital images based physical and temporal proximity to the image capture event. In one embodiment, an imaging device capturing a digital image broadcasts an invitation to wireless devices in the surrounding area. The wireless devices respond with an acceptance, including the email address (or some other network address) of the device owner. The digital image is made available at a network location with restricted access. Access to the image is controlled with an access list based on the acceptances received by the imaging device.11-27-2008
20120102197 TECHNIQUE FOR DETERMINING A CHAIN OF INDIVIDUAL FUNCTIONS ASSOCIATED WITH A SERVICE - A method and apparatus are provided for determining a chain of individual functions associated with a service. The functions are designed to be interconnected in order to supply the service to a client entity in a communications network. The method includes the following steps implemented by a determination device: receiving from an access node to the service a temporary chain of individual functions associated with the service requested by the client entity together with a context associated with the client entity; determining an action to be performed on the temporary chain of individual functions associated with the service as a function of the context associated with the client entity; implementing the determined action on the temporary chain in order to obtain a final chain of individual functions; and sending the final chain to the service access node. This method can be implemented for supplying the service to the client entity.04-26-2012
20090300179METHOD AND SYSTEM FOR OPTIMIZING NETWORK ACCESS CONTROL - A method and system for optimizing network access control are disclosed. For example, the method includes receiving an access request to a network from a device. Then, the method determines if each one of one or more critical updates of said device is current and if each one of one or more non-critical updates of the device is current. The method concludes by granting the access request to the network if each one of the one or more critical updates of the device is current, even if at least one non-critical update of the one or more non-critical updates of the device is not current.12-03-2009
20110055391MULTIFACTOR VALIDATION OF REQUESTS TO THWART CROSS-SITE ATTACKS - An apparatus and a method for validating requests to thwart cross-site attacks is described. A user identifier token, a request identifier token, and a timestamp, are generated at a web application of a server. A Message Authentication Code (MAC) value is formed based on the user identifier token, the request identifier token, and the timestamp using a secret key of the web application. The form is sent with the MAC value and the time stamp to a client. A completed form comprising a returned MAC value and a returned timestamp is received from the client. The completed form is validated at the server based on the returned MAC value and the returned timestamp.03-03-2011
20130024572Method and system for terminal access and management in cloud computing - The disclosure discloses a method for terminal access and management in cloud computing, including: a terminal with a management and control module accesses a bidirectional data transmission network and acts as a node; the node searches for a first responding control node or agent control node and connects with a network management server via an agent control node connected to the found control node or via the found agent control node; a management and control module of a node at each level collects running information of the terminal and reports the running information level by level, and a nearest super-ordinate node performs a management operation. The disclosure further discloses a system for terminal access and management in cloud computing. With the method and the system, the problems that the system status has to be pre-estimated and a proper node has to be selected when new equipment access an original system can be solved, and after the access, a super-ordinate node can perform actively a control operation on the topological structure.01-24-2013
20100036948ZONING SCHEME FOR ALLOCATING SAS STORAGE WITHIN A BLADE SERVER CHASSIS - In a method for partitioning SAS storage within a blade server chassis, where the blade server chassis may include one of a plurality (N) of server blades, the same plurality (N) of SAS storage blades or any combination thereof up to a total of N blades, in order for the plurality of SAS storage blades to be securely shared by the plurality of server blades, a pair-based zoning scheme may be implemented whereby if a server blade and a disk blade occupy neighboring slots in the blade server chassis, a pair of the server blade and the disk blade may be set to belong in the same zone. Partitioning of SAS expansion ports within the blade server chassis may be accomplished by providing exclusive access of a single SAS expansion port to a server blade located in an even slot.02-11-2010
20110282994Method and Apparatus for Controlling Double-Ended Soft Permanent Virtual Circuit/Path Connections - A method and apparatus control a double-ended soft permanent virtual circuit (SPVC) connection coupling from a source end to a destination end via a communications network. The method includes (a) receiving an SPVC connection message from a first network device for the source end, (b) accepting an SPVC connection in accordance with the SPVC connection message if a second network device receiving the SPVC connection has an association with the first network device, and (c) rejecting the SPVC connection if the second network device does not have an association with the first network device. The network device for the destination end includes a database memory adapted to store an access identifier of at least one predetermined source network device from which the network device is allowed to accept an SPVC connection.11-17-2011
20090113052Troubleshooting of Wireless Client Connectivity Problems in Wireless Networks - A troubleshooting system. In particular implementations, a method includes receiving a request for troubleshooting, where the request comprises identifying information for a wireless client having a connection problem. The method further includes identifying network nodes that are sources of log data associated with connection activity of the wireless client, and invoking troubleshoot logging on one or more central controllers for the wireless client. The method further includes polling the identified network nodes for the log data, and identifying one or more potential causes of the connection problem based on correlating the data logs.04-30-2009
20090019157Storage area network with target side recognition and routing table upload - A network of data processors for providing access to a resource, such as implemented a Storage Area Network that uses iSCSI and Microsoft MPIO-based network communication protocols. In preferred embodiments, the system or method uses (a) target-side consideration of MPIO disk structures, such as by having iSCSI initiators in from iSCSI targets via an iSCSI session object that is settable by a service action; and/or (b) uploading of routing tables from iSCSI targets to iSCSI initiator(s), such as to a Device Specific Module (DSM). Implementations may also involve, in a preferred embodiment: (1) requesting that the contents of the routing table be provided from the iSCSI target side storage servers to the iSCSI initiators, and using this as one of the factors influencing path selection as performed in the MPIO DSM on the initiator side; and/or (2) transmitting information from the iSCSI initiator to the iSCSI target storage server identifying connections as belonging to the same MPIO disk, and then receiving back from the iSCSI target storage server, information about the connections that should be created, and further then having a connection load balancer on the storage server handle those connections as related connections that need to be assigned each to a different Network Interface (NIC) on the storage servers.01-15-2009
20110302310LAYERED ACCESS CONTROL FOR MACHINE TYPE COMMUNICATION DEVICES - A layered approach to access control is used where each access control layer implements a set of access control rules. The access control rules in each layer are applied in order beginning with the first access control layer. To gain access to the network, the access attempt must not be barred by any access control layer.12-08-2011
20110302309METHOD AND SYSTEM FOR OPTIMIZING POWER CONSUMPTION IN A HOME NETWORK VIA A BROADBAND GATEWAY - A broadband gateway, which enables communication with a plurality of devices, handles at least one physical layer connection to at least one corresponding network access service provider. Before allowing the devices to access content from the service provider, the broadband gateway may identify a device power profile for each of the devices, and a network power profile for the content to select a corresponding content delivery mechanism to optimize power consumption. The content may be communicated to the devices utilizing the corresponding selected content delivery mechanism. Depending on configuration, content transcoding may be performed at the broadband gateway and/or at the devices. The content may be burst downloaded and stored in a local storage to be consumed by the devices thereafter. Upon completion of download, the broadband gateway may shut down receiving components to save resources and power. The receiving components may be tuned on to receive additional content when needed.12-08-2011
20110289216System and Method for Generating Subnets and Using Such Subnets for Controlling Access to Web Content - A system and a method are provided for generating a subnet and using the subnet to control access to web content. An Open Subnet (OSN) server is provided to receive proposed web pages to be added to a white list on the subnet, as well as votes from one or more users whether or not to add one or more of the web pages to the white list. A sync server is connected to the OSN through an intermediary. The sync server obtains a copy of the white list and, based on a user's license to the subnet, a user is allowed access to web pages on the white list.11-24-2011
20110289215ACCESSING A GLOBAL VAULT IN MULTIPLE DISPERSED STORAGE NETWORKS - A method begins by a processing module receiving a dispersed storage network (DSN) access request and determining whether the DSN access request is associated with a local DSN vault or a global DSN vault, wherein the local DSN vault is contained within a DSN of a plurality of DSNs and the global DSN vault is contained within at least some of the plurality of DSNs. The method continues with the processing module identifying a primary DSN of the plurality of DSNs and facilitating processing of the DSN access request by the primary DSN when the DSN access request is associated with the global DSN vault.11-24-2011
20120016989Advanced Gateway Device - The present disclosure is directed to an advanced gateway device (“gateway”) for enabling communications between devices operating on or in communication with a communications network. The gateway includes a universal integrated circuit card (“UICC”), a router for interfacing with a number of devices, a network interface for communicating with the communications network, and one or more applications for managing associated devices and communications between the devices and the communications network. The gateway is registered with the communications network by transmitting information generated by the UICC to the communications network. Devices communicating with the gateway can access services provided by components of the communications network, and remote devices can access the devices communicating with the gateway based upon a trust relationship established between the gateway and the communications network.01-19-2012
20110296017METHOD AND SYSTEM FOR PREVENTION OF APPLICATIONS FROM INITIATING DATA CONNECTION ESTABLISHMENT - A method and apparatus for prevention of user-level applications from initiating data connection establishment using signaling from radio code, the method including receiving a request from an application on a mobile device at a tunnel management module on the mobile device, the request being to establish a data connection with a network; checking a state of a tunnel for the data connection at the tunnel management module; blocking the connection request if the tunnel for the data connection is in a stalled state; and allowing the connection request to proceed to a networking access interface module if the tunnel for the data connection is not in a stalled state.12-01-2011
20100153551METHOD OF MANAGING NON-IP BASED SENSOR NETWORK USING SIMPLE NETWORK MANAGEMENT PROTOCOL - Provided is a method of managing a non-IP sensor network using a simple network management protocol (SNMP), and more particularly, a method of remotely managing a non-IP based sensor network, such as Zigbee, from the Internet of a sensor network manager.06-17-2010
20120191853COMPUTER - A computer includes an enclosure, a network card connected to an external network, a time limit control device, a power module, and a switch. The time limit control device is used to set a connection time of the computer with the external network, and control a network switch module to enable the network card to connect the computer to the external network according the set connection time. The time limit control device is used to count down the connection time, and control a display module to display a remaining connection time. When a countdown of the connection time is zero, the time limit control device controls the network switch module to disable the network card and thereby disconnecting the computer from the external network.07-26-2012
20110219119ACCESS RIGHT MANAGING METHOD FOR ACCESSING MULTIPLE PROGRAMS - Provided is an access right managing method for a resource of a storage system, in which a management computer stores access right definition information of the resource, and resource correspondence information including information on a management program which manages another resource related to the resource managed by the management program. In case of which receiving an updating request of an access right of the resource, the management computer updates an access right based on the updating request of the access right, selects a management program of the resource whose access right is requested to be updated based on the resource correspondence information, transmits an updating request of an access right for a relative resource to a management computer which executes the selected management program, and in case of which the access right updating request of the related resource is received, updates the access right of the relative resource.09-08-2011
20090248869System for provisioning, allocating, and managing virtual and physical desktop computers in a network computing environment - A system for provisioning, allocating, and managing virtual and physical desktop computers in an enterprise network computing environment allows for these physical and desktop computers to be grouped logically based on personnel, organizational, or networking efficiencies without regard to the hardware or server that will ultimately run the virtual machine terminal once it is accessed. A connection broker connects incoming connections to one desktop in a desktop group, based on information relating to that incoming connection.10-01-2009
20110191474SYSTEM AND METHOD OF A RELAY SERVER FOR MANAGING COMMUNICATIONS AND NOTIFICATION BETWEEN A MOBILE DEVICE AND APPLICATION SERVER - Providing a mobile device with web-based access to data objects is disclosed. Authentication information is sent from a mobile device to a relay server. The relay server executes a connection application to establish a connection to a web access server. The authentication information is provided to the web access server associated with a data store hosting a data object. Upon authentication, the data object is provided to the relay server from the data store. The data object is then provided to the mobile device.08-04-2011
20100268824SYSTEM AND METHOD FOR CROSS-AUTHORITATIVE CONFIGURATION MANAGEMENT - A system and method for cross-authoritative, user-based network configuration management is provided. Users log-in to a network using any device coupled to the network, and an identity manager may provide the user with a custom computing environment by verifying the user's identity and identifying content, assignments, and other configuration information associated with the user. For instance, the identity manager may retrieve a unique identifier assigned to the user, query one or more authoritative source domains based on the unique identifier, and deliver a computing environment assigned to the user. By seamlessly integrating multiple authoritative sources, administrators can make assignments to users across multiple authoritative source domains, and queries to the sources will always be up-to-date without having to perform synchronization processes.10-21-2010
20100268821SEQUENCED TRANSMISSION OF DIGITAL CONTENT ITEMS - The disclosure provides a system and method for managing and sequencing the transmission of digital content items from a network-accessible content service to a portable digital content device. The content service includes a cache management subsystem and provides storage for a plurality of playlists which are variously associated with user accounts and which each contain one or more digital content items. The cache management subsystem is configured to sequence transmission of digital content items to a given portable device based on attributes associated with the playlists containing the digital content items to be transmitted to the device.10-21-2010
20120110180Objects in a Virtual Computing Infrastructure - An action is performed on an object in a cloud computing environment having a plurality of computing nodes. A policy path is determined from at least one permission within a policy of a customer. A first delegation path is determined from within the determined policy path. The first delegation path is directed to at least one object permission for the object upon which the action is to be performed. An authorized user is assigned from a second delegation path from within the determined policy path. The second delegation path is directed to at least one user permission for the action to be performed.05-03-2012
20080288639UDP BRODCAST FOR USER INTERFACE IN A DOWNLOAD AND CONFIGURATION GAMING METHOD - A modified form of the UDP multicast protocol is disclosed to implement a one-way notification method between a server and one or more clients. The UDP multicast notification method enables UDP messages to be sent only to registered clients, not broadcasted to all clients. This architecture minimizes network traffic and enhances system security, since only registered clients receive the UDP message. The configuration of the UDP multicast notification method does not require the configuration of network devices in order to support a UDP multicast. Furthermore, any number of the clients may be on a different network domain than the DCM engine.11-20-2008
20130219065SMARTLINK SYSTEM AND METHOD - Multiple applications may be targeted via key/value data associated with a resource identified by a primary Uniform Resource Locator (“URL”). By parsing the key/value data, an alternative application for accessing the resource may be identified. When the alternative application is installed on a device, the alternative application may be invoked to access the resource.08-22-2013
20120036263System and Method for Monitoring and Controlling Access to Web Content - A system and a method are provided for controlling access to web pages. It includes receiving an input to access a web page, and then determining if the Web page is on a work list or a recreation list. The work list includes one or more web pages related to work and the recreation list includes one or more web pages related to recreation. If the web page is not on either list, then a request is issued for a categorization of the web page. Upon receiving the categorization, the web page is stored in the work list or the recreation list, and access is provided to the web page.02-09-2012
20120036261COMMUNICATION MANAGEMENT UTILIZING DESTINATION DEVICE USER PRESENCE PROBABILITY - An apparatus, system and method for forwarding a communication from a communication receiving device to a destination device based upon the identity of the user of the destination device.02-09-2012
20100082810METHOD AND SYSTEM FOR TRANSFERRING A COMMUNICATION SESSION - A method and system for transferring an ongoing communication session from one application server (AS) to another is described. Multiple ASs are monitored and serviced by a Transfer Management Module (TMM). Each of the ASs serves a different network and each network includes various end devices. During an ongoing communication session, whether the session is to continue using the current AS is determined based on a set of rules. If the session is to be transferred, an alternative AS that provides the same application as the current AS is selected using a set of conditions. Upon selection of the alternative AS, the current AS transfers the control and/or media state of the ongoing session for one to all users through the TMM to the selected AS, and the session is continued.04-01-2010
20120271947System And Method Of Communication Control for Wireless Mobile Communication Devices - Systems and methods of connection control for wireless mobile communication devices enabled for communication via a plurality of communication connections are provided. Connection control information associates software applications with communication connections. When a connection request specifying a requested connection is received from a software application, it is determined whether the requested connection is permitted by the connection control information. Where the requested connection is permitted by the connection control information, the requested connection is opened. If the requested connection is a first connection opened by the software application, then the software application is associated with the requested connection in the connection control information.10-25-2012
20120271946SYSTEM FOR VERIFYING ACCESS BASED ON A DETERMINED GEOGRAPHIC LOCATION OF A SUBSCRIBER OF A SERVICE PROVIDED VIA A COMPUTER NETWORK - A method of limiting presentation of rules based events includes receiving a request to view a rules based event at a computer. A first estimate of a first geographic location of the computer is obtained. The first estimate includes a first confidence determination. If the first confidence determination is less than a first established confidence level, a second estimate of the first geographic location of the computer is obtained. The second estimate includes a second confidence determination for comparison to a second established confidence level. The first estimate and the second estimate define a composite estimated geographic location of the computer. Information on a second geographic location of the rules based event is retrieved. The retrieved information is compared with the composite estimated geographic location of the computer. Access to the rules based event is provided based on access rules, the comparison, and the composite estimated geographic location.10-25-2012
20120271945Obtaining Server Address when Domain Name System Proxy Solution Fails - The subject disclosure is directed towards establishing communication between a client computer and a network resource on a computer network when DNS resolution has failed because of a DNS proxy solution. A user may request that the client use a tool as an alternative to DNS resolution. The client may monitor the network for a broadcast from the network resource, which contains information needed for the client to access the network resource. The network resource may broadcast the information from time to time, or it may broadcast it in response to a specific request from the client.10-25-2012
20110173324METHOD, APPARATUS, AND SYSTEM FOR ACCESSING SERVICES OVER THE EXTENSIBLE MESSAGING AND PRESENCE PROTOCOL - An XMPP server in a home domain that an XMPP client belongs to receives a service access request over XMPP; the XMPP server selects a routing path for the service access request, and forwards the service access request to a next hop XMPP server according to the selected routing path, and forwards the service access request in turn, to an XMPP gateway connected to a service server; after the XMPP gateway receives the service access request, the XMPP gateway invokes the service server to obtain a service access response, and forwards the service access response to the XMPP server in the home domain that the XMPP client belongs to; the XMPP server in the home domain that the XMPP client belongs to sends the service access response to the XMPP client.07-14-2011
20090089425Systems, Methods and Computer Program Products for Coordinated Session Termination in an IMS Network - A network connectivity status of user equipment (UE) is detected. Detection of the network connectivity status of the UE may include, for example, detecting termination of network connectivity of the UE responsive to a communication to the network by the UE, receiving a termination message from the UE at the bootstrapping server function (BSF), receiving notification of de-registration of the UE from a home subscriber server (HSS) and/or detecting a loss of communications between the UE and the network. A bootstrapping server function (BSF) communicates with at least one network application function (NAF) responsive to detection of the network connectivity status to terminate a plurality of sessions associated with the UE.04-02-2009
20090089426Security Management Device, Communication System, and Access Control Method - The present invention provides a technique of preventing a user from being tricked into revealing personal information by pharming.04-02-2009
20090164632WEB SERVICE MULTI-KEY RATE LIMITING METHOD AND SYSTEM - The present invention provides a method and computer system for limiting a number of web service programming calls including intercepting a web request for web service programming from a client and extracting call specific data from the web request. The method and computing system further includes transmitting call specific data to a plurality of rate limiter servers and on the rate limiter servers, calculating a total number of web requests, where the web requests are identified by the call specific data. The method and computing system further includes receiving web request totals from the rate limiter servers and thereby determining accessibility of the client to the web request based on a comparison of the number of web requests for the web service programming relative to a predetermined access limit.06-25-2009
20100125666SERVICE FACADE DESIGN AND IMPLEMENTATION - In one embodiment, a computer system receives registration information for available services provided by a service provider. The registration information includes information identifying functionality provided by the available services, and the registration information is used to register the available services with the intermediary service. The computer system receives a service request from a client computer system identifying a function that is to be performed by at least one of the available services registered at the intermediary service. The computer system determines which of the registered available services is configured to provide the functionality requested by the client and processes the received service request using various system functionality components, so that the service request is configured for service-specific processing provided by a registered available service. The computer system also sends the processed service request to the registered service determined to be configured to provide the functionality requested by the client.05-20-2010
20090292808SERVER HAVING AN INTERFACE FOR CONNECTING TO A SERVER SYSTEM AND SERVER SYSTEM - A server with an interface for connecting to a server system and server system is provided.11-26-2009
20080209038Methods and systems for optimizing placement on a clock signal distribution network - Methods for optimizing an initial placement a number of features over a clock signal distribution network on an integrated circuit (IC), wherein the plurality of features includes a plurality of registers and a corresponding plurality of local drivers are presented, the methods including: characterizing the number of features by a number of register groupings, the number of register groupings defined by similarity of corresponding local drivers, wherein each of the number of register groupings is physically delimited by a defined region on the clock signal distribution network in the initial placement; and iteratively moving the number of register groupings in accordance with a number of exception based rules over an increasingly widening area of comparison to create an optimized placement of the number of features.08-28-2008
20080209037System and method for enforcing in real time corporate business rules on web users - The invention relates to a method for enforcing corporate rules in real time at a user end within a business web application operated from the corporate site server, wherein said web application conveys to a user browser a form to fill in, and wherein said form includes one or more pages, each page comprises one or more fields for receiving user entries, the method comprising: (a) providing a monitoring server at the corporate side; (b) providing a corporate rule base accessible by said monitoring server, wherein each rule within the base comprises at least: (i) a scenario definition, each scenario definition comprises at least one condition depending on a user behavior within a form; and (ii) a predefined action to be activated in real-time when said scenario definition is met; (c) upon accessing the corporate server to receive a form, sending to a user terminal a first page of the form, including an RT monitoring program for monitoring the meeting of one or more rule scenarios at the user terminal and at least a reference to said monitoring server; (d) upon receipt of the form at the user side, activating said RT monitoring program at the user terminal including said reference, thereby to access said monitoring server; (e) upon accessing said monitoring server, sending by the monitoring server to said user terminal one or more rules from said rule base; (f) monitoring by said RT program the user behavior within at least one of the form pages; and (g) upon detection that a rule scenario is met, immediately activating the action which corresponds to said rule scenario.08-28-2008
20110173325System and Method for Management of Remotely Shared Data - Systems and methods for reducing latency on a remotely-booted information handling system are disclosed. A method for access and management of remote data may include receiving from a host a standard input-output instruction including a persistent image update (PIU) parameter indicating a request by the host to access a shared computer-readable medium storing an image shared by the host and one or more other hosts. The method may further include determining a value of the PIU parameter and determining whether to allow the host to access the shared computer readable medium based at least on the value of the PIU parameter.07-14-2011
20090276526Access Control List Endpoint Implementation - A method, system, and computer program product for providing direct communications between FCoE endpoint devices within the same fibre channel network zone. A direct fibre channel (DFC) utility provides an FCoE stack with an exclusive ability to define an Ethertype within an ethertype field of an Ethernet packet with “FCoE”. In addition, the DFC utility enables storage of access control lists (ACLs) containing allowed destination addresses and allowed source addresses within the adapter of an FCoE endpoint. Additionally, the DFC utility initiates an exchange of messages with an Ethernet switch to determine a feasibility of establishing direct connections between endpoints. In particular, the DFC utility determines whether the Ethernet switch supports FCoE ACL checking. Further, the DFC utility creates a zone ID for the FCoE endpoint device. The DFC utility allows direct communication between FCoE endpoints within the same fibre zone.11-05-2009
20090287820INFORMATION PROCESSING DEVICE - An information processing device is configured to communicate with a network device via a network using UPnP (Universal Plug and Play). The information processing device includes a management component and a memory component. The management component is configured to manage a plurality of service URLs (Uniform Resource Locator) of the network device with the service URLs specifying locations of XML (Extensive Markup Language) files that indicate different services provided by the network device. The memory component is configured to store a management record of the service URLs of the network device with the management record having a common record that includes a MAC (Media Access Control) address, an IP (Internet Protocol) address and a port number of the network device, and a plurality of service records that includes a plurality of directory file paths to the XML files.11-19-2009
20090287819SYSTEM FROM REPUTATION SHAPING A PEER-TO-PEER NETWORK - A method of managing access to resources in a network. A reputation for each network participant is evaluated by querying a data source for the reputation associated with the network participant. Based on the evaluated reputation, an appropriate level of access to network resources is determined from a plurality of levels of access to network resources for the corresponding network participant. An access control action is then performed to correspond to the determined level of access for the participant.11-19-2009
20120185596METHOD AND SYSTEM FOR MANAGING ACCESS TO A RESOURCE - The present invention relates to a method and a system for managing access to a resource, copies of which are hosted in apparatuses of one or more networks. The method comprises obtaining a list comprising a plurality of references pointing to the plurality of copies of the resource; for each of said references, determining at least one accessibility rating representing the accessibility of the corresponding copy for the given user device, and, based on the at least one accessibility rating, deciding between keeping the corresponding reference in the list or deleting it therefrom, to obtain an updated list; and selecting a reference from the updated list for the given user device to access the resource.07-19-2012
20080275990METHOD AND SYSTEM FOR SELECTING, IN A VEHICLE, AN ACTIVE PREFERENCE GROUP - An occupant of a vehicle is presented with discussion groups of interest to the occupant. The discussion groups are selected based on the degree to which interests of friends of the occupant coincide with the interests of the occupant. Once a discussion group is chosen, a telematics gateway connects the occupant to the discussion group.11-06-2008
20080275989OPTIMIZING VIRTUAL INTERFACE ARCHITECTURE (VIA) ON MULTIPROCESSOR SERVERS AND PHYSICALLY INDEPENDENT CONSOLIDATED NICS - Optimization of the Virtual Interface Architecture (VIA) on Multiprocessor Servers using Physically Independent Consolidated NICs (Network Interface Cards) allows for improved throughput, increased resiliency and transparent fail-over; and also by hiding the actual NICs involved in particular data transactions, enables operations with substantially unmodified applications software.11-06-2008
20080275991GROUP FORMATION/MANAGEMENT SYSTEM, GROUP MANAGEMENT DEVICE, AND MEMBER DEVICE - A group management device provides with a content a device included in a group managed by the group management device. The group management device includes a storage unit that stores a total number of remote device that the group management device currently registers, a maximum number of remote devices that the group management device is permitted to register, a total number of local device that the group management device currently registers, and a maximum number of local devices that the group management device is permitted to register. The group management device also includes a judging unit that judges whether the total number of the remote device exceeds the maximum number of the remote devices when it is judged that the one device is the remote device. The judging unit judges whether the total number of the local device exceeds the maximum number of the local devices when it is judged that the one device is the local device.11-06-2008
20110270985METHOD OF AUTOMATICALLY IDENTIFYING MULTISERVICE AND METHOD OF PROVIDING MULTISERVICE USING THE SAME - An open access node receives a dynamic IP address corresponding to a terminal that requests a connection from a specific server, and provides the dynamic IP address to the terminal. Next, the open access node receives a service that is requested by a user from the terminal that is connected using the dynamic IP address, and stores a MAC address of the terminal and a service in a database. When the terminal again requests a connection, the open access node identifies a service that is requested by a user of the terminal based on the MAC address of the terminal.11-03-2011
20100131646POLICY-MANAGED DNS SERVER FOR TO CONTROL NETWORK TRAFFIC - Disclosed is a method, a computer system, and a computer-readable media product that contains a set of computer executable software instructions for directing the computer to execute a process for policy-based operation of a DNS server apparatus to manage traffic due to undesirable mail or requests for electronic documents. The policies operate according to owners, regions, or countries controlling source IP addresses and deterministically select from a plurality of non-equivalent replies to be sent to the source IP address. Accumulating previous activity records may assist in determining which traffic may be usefully deferred or suppressed. The process includes withholding certain information from certain DNS servers seeking IP addresses to improve overall security and integrity of the Internet.05-27-2010
20100161797BALANCING USER REGISTRATION LIFETIMES IN A NETWORK - A method of balancing user registration lifetimes in a network is disclosed for smoothing the load of the registration server. The method of balancing user registration lifetimes in a network includes providing an initial registration lifetime for a registration request that is calculated using the time of the request and the previous history of registration requests, and in a particular embodiment, using the cumulative distribution function of the history of registration requests. The method of balancing user registration lifetimes in a network is particularly useful for handling spikes in registration traffic, and can accommodate user-specified variable lifetimes, as well dynamic user arrivals and departures. It provides effective load balancing over time for a single server, at the expense of a constant factor additive load per user, which can be amortized to near zero over the long run.06-24-2010
20080244070SYSTEM, METHOD AND PROGRAM FOR NETWORK MANAGEMENT - A network management system transmits/receives an email via a network; saves, in a database, first history information including the address of at least one of the destination and the source of the email written in the email; receives transmission information in which access information for accessing a web page via a network is written; saves, in the database, second history information including the access information written in the transmission information; inputs authentication information for identifying a user; and selectively displays the first history information saved in the first saving unit and the second history information saved in the second saving unit in a predetermined display format on a display unit by switching between the first history information and the second history information based on an instruction inputted by a user when the inputted authentication information is identical to previously registered information.10-02-2008
20100138536DOWNLOAD CONTROL DEVICE - When download operations get started in unison in conformity to RSS metafile delivery time-and-date information, the traffic is temporarily concentrated to a server, resulting in the risk of a system failure or else. In addition, it is inevitable to periodically check whether an RSS file on Web server is updated or not; so, users must delete update-unnecessary RSS files from those objects to be monitored. In view of this, the periodical update check timing of download control information is dispersed, thereby scattering download requests to the server. The download control information is provided with the information indicating whether such download control information is put under update management and/or expire time-and-date information in case the update management is to be done, whereby an information processing apparatus performs, based on the information, erase processing of the download control information when the download processing is completed.06-03-2010
20090063682METHOD FOR REDIRECTION OF WEB STREAMING CLIENTS USING LIGHTWEIGHT AVAILABLE BANDWIDTH MEASUREMENT - In accordance with the teachings of the present invention, a method for selecting a server to provide content to a client is presented. A media controller receives a request from a client for content. The media controller instructs a plurality of servers each storing the content required by the client to perform a bandwidth measurement referred to in the disclosure as a bandwidth probe. The result of the bandwidth probe is communicated to the media controller. The media controller selects a server (i.e., an identified server) for communication with the client based on the result and communicates the selection in the form of a redirect command to the client. The client then communicates directly with the identified server.03-05-2009
20080281966METHOD AND SYSTEM OF NETWORK COMMUNICATION PRIVACY BETWEEN NETWORK DEVICES - A method for network communication privacy between network devices includes communicating first and second network enabled devices with a network, the first and second network devices in communication via a main communication channel. Respective network addresses of the first and second network enabled devices are dynamically and automatically changed while maintaining the main communication channel between the first and second network enabled devices. Subsequent network addresses of the first and second network enabled devices are created in one of a symmetric manner using a secret key or predetermined list shared between the first and second network enabled devices or created in an asymmetric manner. The asymmetric manner includes communicating the subsequent network addresses of the first and second network enabled devices over a back channel separate from the main communication channel.11-13-2008
20080288637HIGHLY AVAILABLE CENTRAL CONTROLLER TO STORE AND ENFORCE VALID STATE TRANSITIONS OF DISTRIBUTED COMPONENTS - A highly available central controller to store and enforce valid state transitions of distributed components is provided for centrally controlling access to a service. Central control is provided by a database with an API according to a set of stored procedures, which provides a virtual view to requesters that seek to read or manipulate service entities.11-20-2008
20100057909SYSTEM AND METHOD FOR EFFICIENT DELIVERY IN A MULTI-SOURCE, MULTI DESTINATION NETWORK - Real-time delivery of multimedia content puts extreme demand on both computational and network resources. Many a times, the requirement is to handle multiple such delivery requirements and as a consequence, the overall delivery efficiency gets affected. Another dimension of complexity is that (a) the multimedia content to be delivered may not always be highly reliable, and (b) the network may also be not highly reliable. In such a situation, it becomes even more difficult to satisfy the quality of service requirements. When content to be delivered to multiple destinations is available at multiple sources, there is an opportunity to overcome the above mentioned complexity. The system and method for efficient delivery in a multi-source multi-destination network involves pulling of data from the multiple sources by measuring quality of service and reliability parameters, and efficiently loading the systems and the network in a cooperative manner.03-04-2010
20080313330Hidden Group Membership in Clustered Computer System - An apparatus, program product and method utilize hidden group membership to facilitate the processing of originator requests to a group in a clustered computer system. With hidden group membership, a requesting originator is temporarily joined to a group in such a manner that the originator is both hidden and provided with limited access rights., e.g., so that some of the messages sent by the members of a group when processing the request are neither sent to nor received by the originator.12-18-2008
20080270608COMPUTER SYSTEM - The Computer System consists of components including more than one Computer and Storage Subsystem to which more than one Computer are connected. The Storage Subsystem is equipped with more than one Storage Unit, Management Table registering information to manage Storage Units accessible by each of the Computers and Controller to control accesses by more than one Computer to more than one Storage Unit. The controller controls the accesses according to the information set in the Management Table when the Storage Unit is accessed by the Computer.10-30-2008
20120297065PRIORITIZATION OF THIRD PARTY ACCESS TO AN ONLINE COMMERCE SITE - Providing prioritization of user online access to an online commerce site. Third party applications using API function calls to access an online commerce site are restricted to specific services by an access rule, An access rule defines which API server on the online commerce site a specific third party application may access when using a specific API function call. In this way, the operator of the online commerce site may prioritize server access per service level agreements based on a specific third party application and API function call.11-22-2012
20080270606Remote client remediation - Embodiments of the invention may include network devices, systems, and methods, including executable instructions and/or logic, for remote client remediation. One method includes identifying a client needing remediation, tunnel-encapsulating packets originating from the client during remediation, and forwarding the tunnel-encapsulated packets to a remote remediation functionality different from an original destination address of the packets and having membership in a remediation VLAN different from the original VLAN.10-30-2008
20080235377Aggregation system - An aggregation system includes: a load balancer for distributing accesses to a plurality of user proxy server devices, the accesses including operation information and ID numbers; a plurality of user proxy server devices, wherein the user proxy server devices include program device for identifying a user management server device where a user management server device number corresponds to a remainder M based on the remainder M obtained by dividing the ID number by a number N of the user management server devices, and for transferring the accesses to an identified user management server device; and a plurality of user administration server devices. The user administration server devices include computers sequentially assigned with the user management server device number, and program devices for functioning as a memory device and as a user management device for memorizing the operation information together with elapse time information.09-25-2008
20080235376Access Selection Method - A method of access management in a communication system comprising a terminal, a first access point, a second access point and a network is described. The first access point offers a first access connection to the terminal and the second access point offers a second access connection to the terminal. A first network connection is provided between the network and the first access point and a second network connection is provided between the network and the second access point. Access connection information associated with at least one of the first and second access connections is monitored, and network connection information associated with at least one of the first and second network connections is monitored. An access connection selection decision is based on the monitored access connection information and the monitored network connection information.09-25-2008
20080235375SOCIAL NETWORKING ONLINE COMMUNITY - Access to a network resource, such as an Internet web site, may be controlled by a server receiving requests for the web site and responding by presenting users with a survey question that must be answered before site access is permitted. The users of the web site may be members of a virtual community corresponding to a business, educational institution, or other organization providing the web site. Thus, the web site provider may gather demographic, user preferences, and other information relevant to their business or organization. The content and number of survey questions that a user may be required to answer may depend on factors including user information, previous user responses, and the content of the web site or other requested resources.09-25-2008
20080301297Information Management System - An information management system is described comprising one or more workstations running applications which allow a user of the workstation to connect to a network, such as the Internet. Each application has an analyzer, which monitors transmission data that the application is about to transmit to the network or has just received from the network, and which determines an appropriate action to take regarding that data. The analyzer may consult policy data containing a supervisor-defined policy to govern the workstations in order to determine what action to take. Such actions may be extracting data from the transmission data, such as passwords and usernames, digital certificates or eCommerce transaction details for storage and record keeping; ensuring that the transmission data is transmitted at an encryption strength appropriate to the contents of the transmission data; determining whether a check needs to be made as to whether a digital certificate received in transmission is valid; determining whether a transaction about to be made by a user of one of the workstations needs third party approval before it is made; and controlling the transmission of messages, such as e-mails according to a policy.12-04-2008
20110270984MODIFIED ACCESS CLASSES FOR MACHINE TYPE COMMUNICATION (MTC) DEVICES DURING EMERGENCIES - A method for determining whether to attempt to attach to a network by a machine type communication (MTC) device is described. A triggering event is detected. A radio frame is received from a base station. The radio frame includes a current access class of the base station. The radio frame is the first radio frame to include the current access class after the triggering event. It is determined if the MTC device has access privileges to the base station. It is then decided whether to attempt to attach to a network based on if the MTC device has access privileges.11-03-2011
20080270607METHOD FOR MANAGING WIRELESS NETWORK AND WIRELESS DEVICE EMPLOYING THE SAME - A method for managing a wireless network and a wireless device employing the same are provided. The method for managing a wireless network disassociates a wireless device determined to be disassociatable from the wireless network. Accordingly, since an existing wireless device is forcedly disassociated, the configuration of the wireless network can be artificially changed.10-30-2008
20080270609COMPUTER-READABLE MEDIUM TO MULTIPLEX MULTIPLE APPLICATION SERVER REQUESTS OVER A SINGLE DATABASE CONNECTION - In a system for avoiding section collision for application server requests over a single database connection, the database server assigns query identifiers to each instance of the same cursor opened for the same processing level within an application, allowing multiple instances of the same cursor to be processed in parallel without section collision. The application server assigns a command source identifier to each statement sent over a single database connection to uniquely identify the application source of the statement. This applies for multiples of the same statement sent by different application sources within the same application, for a single statement containing multiple application sources, and for multiple statements from different applications multiplexed over a single database connection. These statements can be processed separately from and in parallel with the each other without section collision.10-30-2008
20100146118MANAGING INTERACTIONS IN A NETWORK COMMUNICATIONS ENVIRONMENT - A network communications environment has advanced interaction management functionality that enables the opportunities for users to interact with one another to be expanded beyond the opportunities that exist with closed interaction management approaches while still providing reasonable privacy and security protections that are not available with open interaction management approaches. The advanced interaction management functionality also encourages the proliferation of trust-based interactions.06-10-2010
20100138538PROXY, METHOD AND SYSTEM FOR SESSION KEEP-ALIVE DETECTION - A proxy includes a session keep-alive detection converting unit, configured to perform conversion between a first session keep-alive detection message supported by a first session communication peer and a second session keep-alive detection message supported by a second session communication peer. Another proxy includes a session group keep-alive detection processing unit, configured to act as an intermediate agent for the session group keep-alive detection between a session group communication peer and a session communication peer. A method and network system for session keep-alive detection based on two proxies is also provided. The present invention can implement conversion between different session keep-alive detection mechanisms, and perform keep-alive detection on the session group, thus reducing the message traffic in the session keep-alive detection.06-03-2010
20100138537METHOD, SYSTEM AND TERMINAL FOR ACCESS CONTROL IN DEVICE MANAGEMENT - A method for access control in device management includes: by a terminal, receiving a command that includes a node identifier of a target ID from a server; judging whether the server rights meet preset rights; running the command when the server rights meet the preset rights and the server has an access right (ACL) of the target node identified by the node identifier. The present invention solves the problem that the MOs are beyond control because any server can create any type of MOs in the terminal, thus improving the security of the system. A system and terminal for access control in device management are also provided.06-03-2010
20100005171METHOD AND SYSTEM FOR TRANSMITTING DATA IN A COMPUTER NETWORK - An optimization service discovery method for optimizing data transmission by multi-session applications, includes: receiving an optimization service lookup query from one of a plurality of user clients in a network, each of said user clients executing a multi-session application; and identifying an optimization service and responding to the query with a network address of one or more servers providing said optimization service.01-07-2010
20090125624SYSTEM FOR BILLING NETWORK ACCESS CAPACITIES SHARED BETWEEN INTERNET SERVICE PROVIDERS - For optimizing Internet access resources, a system for billing network access capacities shared across Internet service providers is disclosed. A Client Service Provider (CSP) may rent access on Points Of Presence belonging to a Master Service Provider (MSP) while maintaining a constant security level and providing connection accounting. When a CSP's subscriber sends an access request to a MSP, the MSP analyzes the subscriber's realm and checks the capacities allocated to the subscriber's CSP. If connection is allowed, the MSP sends an authentication request to the CSP. If the subscriber is authenticated, the MSP launches an accounting process based on the subscriber's realm while the CSP may launch an accounting process associated with the subscriber identifier. The cost of rented Points Of Presence capacity is based on total connection time and on the number of simultaneous connections established by the MSP for the CSP, combined with predetermined thresholds.05-14-2009
20110208863Remote Network Access via a Visited Network - Remote access for a terminal to a first network via a second network is managed; the first network being linked to the second network via a network apparatus. At the level of the network apparatus, there is received, from the terminal via the second network, a request for remote access to the first network indicating access information comprising a first parameter corresponding to a physical address of the terminal and a second parameter corresponding to a secret key of the gateway. The network apparatus thereafter decides whether the terminal is authorized to remotely access the first network on the basis of said access information. This network apparatus subsequently emits, bound for the terminal via the second network, a message indicating whether the terminal is authorized to remotely access the first network.08-25-2011
20090089427Secure personal content server - A local content server system (LCS) for creating a secure environment for digital content is disclosed, which system comprises: a communications port in communication for connecting the LCS via a network to at least one Secure Electronic Content Distributor (SECD), which SECD is capable of storing a plurality of data sets, is capable of receiving a request to transfer at least one content data set, and is capable of transmitting the at least one content data set in a secured transmission; a rewritable storage medium whereby content received from outside the LCS may be stored and retrieved; a domain processor that imposes rules and procedures for content being transferred between the LCS and devices outside the LCS; and a programmable address module which can be programmed with an identification code uniquely associated with the LCS. The LCS is provided with rules and procedures for accepting and transmitting content data. Optionally, the system may further comprise: an interface to permit the LCS to communicate with one or more Satellite Units (SU) which may be connected to the system through the interface, which SUs are capable of receiving and transmitting digital content; at least one SU; and/or at least one SECD. The SECD may have a storage device for storing a plurality of data sets, as well as a transaction processor for validating the request to purchase and for processing payment for a request to retrieve one of the data sets. The SECD typically includes a security module for encrypting or otherwise securitizing data which the SECD may transmit.04-02-2009
20110125899IMAGE PROCESSING APPARATUS, CONTROL METHOD FOR IMAGE PROCESSING APPARATUS, AND PROGRAM - An image processing apparatus connected to a Web server and including a Web browser for displaying an operation screen provided by the Web server and a processing unit that, when requested to execute image processing by the Web server based on access from the Web browser, executes the requested image processing, where it is determined, depending on a destination of access by the Web browser, whether or not to supply information about the image processing apparatus to the destination of access, and if it is determined that the information about the image processing apparatus should be supplied, the information about the image processing apparatus is supplied to the destination of access made by the Web browser.05-26-2011
20120198066UTILIZING A DISPERSED STORAGE NETWORK ACCESS TOKEN MODULE TO ACQUIRE DIGITAL CONTENT FROM A DIGITAL CONTENT PROVIDER - A method begins with a computing device receiving a request to acquire digital content from a digital content provider and forwarding the request to a dispersed storage network (DSN) pre-paid module. The method continues with the DSN pre-paid module validating the request, generating a plurality of sets of at least a threshold number of digital content read requests, and sending the plurality of sets of the at least a threshold number of digital content read requests to the digital content provider via the computing device when the request to acquire the digital content is validated. The method continues with at least one of the DSN pre-paid module and the computing device receiving a plurality of sets of at least a decoded threshold number of encoded data slices and decoding the plurality of sets of the at least a decoded threshold number of encoded data slices to produce the digital content.08-02-2012
20090164630NETWORK ADAPTER BASED ZONING ENFORCEMENT - Embodiments of the present invention are directed to enforcing zoning at a network adapter of an end point device. Thus, a network adapter can monitor the communications that are sent and/or received by the adapter and discard communications that are prohibited based on the zoning rules applicable to the adapter. In some embodiments, zoning configuration information can be defined and stored at a central entity and sent to the various network adapters. Alternatively, or in addition, each network adapter can also check outgoing communications to ensure that they include a proper source address. More specifically, outgoing communications may be checked to ensure that their source address is the address (or one of the addresses) that are associated with the network adapter. This can be used to detect and/or prevent malfunctions and/or intentional tampering or hacking.06-25-2009
20090138596METHOD FOR CHANGING SERVICE QUALITY OF A CONTENT ADAPTIVELY - The present invention relates to a method for changing service quality of a content adaptively. When service quality updating action for a connection is received the present method invokes an action, used for requesting allowance of a new access to a network, to a device conducting traffic transfer services in order that service quality of the connection may be changed. The invoked action carries input arguments including traffic descriptor of the connection, carried by the service quality updating action, which a traffic handle for identifying the traffic descriptor uniquely has been allocated in.05-28-2009
20100005172NETWORK MANAGEMENT IN A MEDIA NETWORK ENVIRONMENT - Methods and apparatus for managing devices and content in a network environment. In one implementation, a method of adding a client as a member of a hub network includes: detecting a client connected to a server in a hub network; authenticating said client; authorizing said client; and adding said client as a member in said hub network.01-07-2010
20090177774NETWORK MASS OPERATION INFRASTRUCTURE - In various embodiments, a method for managing edge processors includes providing an interface that allows a user to define a network operation associated with a edge processor. A network operation is generated based on input received via the interface. An action defined by the network operation is then performed at one or more edge processors.07-09-2009
20090187657CONTENT ASSET MANAGEMENT SYSTEM, METHOD AND CONTROL PROGRAM - A content asset management system, a method and a control program capable of managing a content asset of each person while protecting benefit as property of these content assets are provided. Each person deposits a content subject that he or she owns in an object storage warehouse 07-23-2009
20090055532SYSTEM AND METHOD FOR CONTROLLING SIP-SPECIFIC EVENT NOTIFICATION ACCORDING TO PREFERENCE OF SUBSCRIBER - Disclosed is a system and method for controlling Session Initiation Protocol (SIP)-specific event notification corresponding to an event subscription according to a preference of a subscriber. The system includes the subscriber requesting an event subscription through an event notification controller; a subscription target for notifying the subscriber of the event through the event notification controller in response to the event subscription request; and the event notification controller for controlling whether the event notification is forwarded to the subscriber according to the preference rules of the subscriber on event notifications. Accordingly, the event notifications to the subscriber can be effectively controlled according to the preference rules of the subscriber on event notifications, and it is possible to prevent the generation of unnecessary event notification that the subscriber does not desire.02-26-2009
20130219063METHOD AND SYSTEM FOR NETWORK MANAGEMENT IN A HYBRID WIRED/WIRELESS NETWORK - Aspects of the invention may provide a system and method for network management in a hybrid wired/wireless local area network. A method for network management in a hybrid wired/wireless local area network may include receiving from a first access point and/or a first switch, a first messaging protocol message containing quality of service (QoS) information. Responsive to the first messaging protocol message, at least a minimum QoS level for operation of the first switch, the first access point, a second access point and/or a second switch, may be determined. QoS information corresponding to at least the minimum QoS level may be distributed to the first switch, the first access point, the second access point and the second switch, using a second messaging protocol message. QoS information may be distributed to at least a portion of the hybrid wired/wireless local area network.08-22-2013
20130219061CLOUD COMPUTING DEVICE AND DISTRIBUTED DATA MANAGEMENT METHOD - A distributed data management method implemented by a cloud computing device, the cloud computing device is in communication with a plurality of client devices through a network. Basic information of various data of the client devices are received and stored by the cloud computing device through the network. Whether a first client device is authorized to access a target data is verified, when the first client device requests access to the target data through the cloud computing device. The target data is acquired from a second client device according to the basic information of the target data, and the acquired data is transmitted to the first client device through the network, upon the condition that the first client device is authorized to access the target data.08-22-2013
20090024739ENDPOINT DISCRIMINATOR IN NETWORK TRANSPORT PROTOCOL STARTUP PACKETS - The subject matter disclosed herein relates to communication between a client and a server or between peers in a communications network. In one particular example, only a desired server from a plurality of servers addressable through a socket address may respond to a client request to initiate a session.01-22-2009
20090024741SYSTEM AND METHOD FOR ELECTRONIC SOCIAL NETWORKING - According to one embodiment, a system for controlling access to data on an electronic communication network is provided. The system includes at least one server connectable for communication on the network. The at least one server is configured for: receiving data from at least one user of a plurality of users, via the network; storing the received data; generating control levels corresponding to one or more portions of the stored data; receiving selected modifications to at least one of the generated control levels from the at least one user, via the network; providing controlled access to the one or more portions of the stored data according to the generated control levels and the modified at least one of the generated control levels.01-22-2009
20090024740Neighborhood block communication method and system - A method and system of neighborhood block communication is disclosed. In one embodiment, a method of communication in a neighborhood block includes obtaining member data associated with a first member of the community network, determining a first location associated with the first member based on the member data, storing the member data in a member repository, determining a first number of points associated with the first member, and obtaining a first region of communication for the first member based on the first location and the first number of points. The method may further include displaying the first region of communication on a geo-spatial map. The method may also include bounding the first region of communication based on a connectedness of the first member in the first region of communication.01-22-2009
20090198816DIGITAL SIGNAGE NETWORK - A digital signage network employs a common data model and a subscription system to disseminate data gathered from a plurality of data sources to a number of displays. The network nodes interact with each other as content sources, content consumers, or both, with some systems acting as consumers to upstream sources and acting as sources to downstream consumers. The presentation of the data on a digital signage display allows for real-time binding of live data to provide a rich display effect.08-06-2009
20090198815Criteria-based creation of organizational hierarchies in a group-centric network - Exemplary systems and method for creating organizational hierarchies in a group-centric network are provided. In exemplary embodiments, a request from a user to establish a new group within the organization on the group-centric network is received by the group-centric network host. The group-centric network host retrieves an applicable, predetermined set of criteria for group creation, and determines if terms in the request match the predetermined set of criteria. If there is a match, the new group is created and one or more relationships of the new group may be activated.08-06-2009
20090049172Concurrent Node Self-Start in a Peer Cluster - A method and apparatus for joining a plurality of nodes to a cluster. Each node in the cluster maintains a respective membership list identifying each active member node of the cluster. Membership change messaging is managed relative to multiple concurrent start requests to ensure that a first node is added to the respective membership lists before broadcasting a membership change message (MCM) in response to which, the nodes of the cluster, inclusive of the first node, add the second node to the respective membership lists.02-19-2009
20110145409Method For Applying Macro-Controls Onto IP Networks Using Intelligent Route Indexing - Systems and methods are described that manage routing information in an IP network using extensible indexing and use the indexing to control the network. The indexing and associated controls apply to any router within the routing domain.06-16-2011
20090063681Systems and methods for distributing video on demand - A method of providing content comprises making the content available on a central server, and surveying a plurality of peers for a portion of the content. The portion of the content from one of the peers is obtained when the portion of the content is available from the one of the peers, and obtained from the central server when the portion of the content is not available from the plurality of peers.03-05-2009
20090055533Administering Devices Including Allowed Action Lists - Exemplary embodiments of the present invention include a method for administering devices in a network. The method includes creating a user metric vector comprising a plurality of disparate user metrics, creating a user metric space comprising a plurality of metric ranges and determining whether the user metric vector is outside the user metric space. If the user metric vector is outside a user metric space, identifying an action in dependence upon the user metric vector the method includes determining whether the action is allowed. If the action is allowed, the method includes executing the action. Many embodiments include receiving an allowed action list, such as for example, receiving an allowed action list from a moderator DML.02-26-2009
20090055531IDENTITY BASED NETWORK MAPPING - Techniques for identity-based network mapping are provided. A principal is associated with a resource identifier via a mapping. Conditions of a network are dynamically evaluated in response to policy and actions taken against a resource associated with the resource identifier of the mapping.02-26-2009
20120079114PRIORITIZATION OF THIRD PARTY ACCESS TO AN ONLINE COMMERCE SITE - Providing prioritization of user online access to an online commerce site. Third party applications using API function calls to access an online commerce site are restricted to specific services by an access rule. An access rule defines which API server on the online commerce site a specific third party application may access when using a specific API function call. In this way, the operator of the online commerce site may prioritize server access per service level agreements based on a specific third party application and API function call.03-29-2012
20120079113Method, Apparatus, and System for Mobile Virtual Private Network Communication - A mobile packet gateway obtains a network address of the terminal and a network address of a gateway virtual interface. The network address of the gateway virtual interface and the network address of the terminal belong to a same network segment. A virtual interface is created for a Packet Data Protocol Context (PDP context) of the MS according to the network address of the gateway virtual interface. A network segment address of a branch network served by the MS is obtained from the MS through the virtual interface according to a dynamic routing protocol.03-29-2012
20120079112Method And System For Enabling Rendering Of Electronic Media Content Via A Secure Ad Hoc Network Configuration Utilizing A Handheld Wireless Communication Device - A handheld wireless communication device (HWCD) establishes an ad hoc network comprising interconnected networks for a user. The HWCD gains access to content on a first device and controls communication of the content from the first device via the HWCD to a second device. The HWCD enables the second device to consume the content. The content may be streamed from the first device via the HWCD to the second device. The first device is a service provider network device or other network device. The access may be authenticated and/or secure. Secure access to the content is extended from the first device to the second device. The ad hoc network is configured and/or reconfigured until communication is complete. The HWCD comprises multiple wireless interfaces. The ad hoc network comprises a PAN, WLAN, WAN and/or cellular network. The HWCD may hand-off among base stations during communication of the content.03-29-2012
20120079111METHOD AND APPARATUS FOR PROVIDING SHARED CONNECTIVITY - An approach is provided for providing shared path connectivity among devices. A connection sharing platform determines to specify at least one group of devices, the at least one group including at least a first path to establish a network connection and a second path to establish a local connection among the devices. The connection sharing platform also determines to cause at least in part an activation of one or more of the devices to establish the network connection, wherein one or more unactivated devices share the network connection over the local connection.03-29-2012
20120079110METHOD AND APPARATUS FOR DIFFERENTIATED ACCESS CONTROL - A method for differentiated access control on a computing device having a connection with a second device, the method checking whether a timer has expired on the second device or if a connection is lost to the second device; and preventing at least one of the plurality of application subsets from being launched or enabled if the timer has expired on the second device or the connection is lost to the second device.03-29-2012
20080263204METHOD AND APPARATUS FOR USER MODERATION OF ONLINE CHAT ROOMS - One embodiment of the present method and apparatus for user-moderation of an online chat room in which a plurality of users are exchanging messages includes providing the chat room and controlling a manner in which the users send and receive the messages in the chat room in accordance with user feedback relating to the messages. In one embodiment, the user feedback is received in the form of user chat profiles, which describe the respective users' participation in the chat room, and flags, which users may be given in response to messages that are deemed inappropriate for the chat room.10-23-2008
20090037582Method And System For Managing Access To A Resource Over A Network Using Status Information Of A Principal - Methods and systems are described for managing access to a resource over a network using status information of a principal. One method includes receiving status information for a principal that is allowed to access a resource available via a network communication session with a network service and determining whether the received status information is inconsistent with allowing access to the resource. When the received status information of the principal is inconsistent with allowing access to the resource, the method includes preventing an initiation of a network communication session with the network service for accessing the resource.02-05-2009
20110231548Systems and Methods for Mediating the Delivery of Internet Service to At Least One User Device Coupled to the Internet Service - Systems and methods for mediating the delivery of Internet service to at least one user device coupled to the Internet service are provided herein. A method for mediating the delivery of Internet service to at least one user device coupled to the Internet service includes executing instructions stored in memory by a processor to prevent the delivery of Internet service to the at least one user device for a predetermined period of time after an occurrence of a triggering event.09-22-2011
20090204710DEVICE MANAGEMENT SYSTEM, DEVICE MANAGEMENT METHOD, INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD, PROGRAM, AND STORAGE MEDIUM - A device management system includes a network device and an information processing apparatus. The network device generates request information including the information used to identify the user, and requests to issue access control information including access restriction information indicating whether or not each of the functions of the network device can be used. The information processing apparatus generates access control information which associates the access restriction information with the user information. The network device further controls the use of the respective functions with respect to the operation input in accordance with the access restriction information included in the generated access control information.08-13-2009
20090210529REWARD SYSTEM AND METHOD FOR A USER OF A COMPUTING SYSTEM - A method for controlling reward for a user of a computing system, the method comprising monitoring use level of a first tool provided in a computing environment, wherein the first tool provides at least a first service; and rewarding a first entity according to the use level, such that the reward is determined based on the use level of the first tool over a second tool that provides at least the first service.08-20-2009
20090222559Address Management in a Connectivity Platform - Disclosed are an approach form managing and assigning addresses in a connectivity platform that allows for proprietary connectivity modules (Providers) to plug into the operating system. In this disclosure, when a user/application/computing device, connects to another user on another computing device an address is generated for that user. However, because of a limited number of addresses that are available in an address space, it is necessary to ensure that a conflicting address is not present. To ensure this the connectivity platform determines if the address assigned is in conflict with another address associated with users that are located on the other computing devices. If an address is found to be in conflict the connectivity platform reassigns the address until a non-conflicting address is found. If a non-conflicting address cannot be found the connectivity platform blocks the connection between the user and the other user.09-03-2009
20090254659Delayed Downloading Video Service Using Peer-to-Peer (P2P) Content Distribution Network - A system and method for downloading content in a peer-to-peer network are described including receiving, by a first peer, a list of content available in the peer-to-peer network, requesting, by the first peer, content availability information for a unit of content and receiving, by the first peer, content availability information. A system and method for downloading content in a peer-to-peer network are also described including forwarding, content availability information in response to a request for the content availability information, wherein the content availability information includes a location of a unit of content and a status of each peer in the peer-to-peer network having the unit of content available and receiving a reservation to schedule a download of the unit of content. The system and method also include the ability to allow delayed downloading of the in accordance with a reservation for said content.10-08-2009
20090248870SERVER SYSTEM AND CONTROL METHOD FOR SAME - The server system includes a server apparatus transmitting and receiving file data based on an access request transmitted from a client apparatus; and a management apparatus managing the server apparatus, wherein the server apparatus includes a plurality of virtual server parts controlling transmission and reception of the data independently for each of the predetermined client apparatuses; a data flow configuration part configuring a data flow for each of the file data transmitted to and received by the virtual server parts based on a command from the management apparatus; and a load control part controlling a data flow for each of the file data to control load of the virtual server parts based on the data flow for each of the file data configured by the data flow configuration part.10-01-2009
20090240806WIRELESS LOCAL AREA NETWORK - The present invention relates to a wireless local area network comprising: a base transceiver station (09-24-2009
20100180027CONTROLLING TRANSMISSION OF UNAUTHORIZED UNOBSERVABLE CONTENT IN EMAIL USING POLICY - A system, method, and apparatus is disclosed to control mail server in handling encrypted messages.07-15-2010
20100161798UDP BROADCAST FOR USER INTERFACE IN A DOWNLOAD AND CONFIGURATION GAMING METHOD - A method for sending a notification message using a modified form of User Datagram Protocol (UDP) multicast notification system in a client-server architecture that otherwise allows only client initiated messages. The method includes: identifying information at a server that has potential for inclusion in a notification message; querying a database for a list of clients that have registered for a particular type of notification by a UDP broadcast processor; receiving a reply with a list of clients that have registered for a particular type of notification from the database; and sending notification to all clients on the list using an assigned port number from the UDP broadcast processor.06-24-2010
20090070466System and Method for Securely Managing Data in a Client-Server Application Environment - Systems and methods for securely managing data in a client-server application environment are provided. According to a method for securely managing data in the client-server environment, a network connection of a client device is monitored. It is determined when one of a plurality of IP addresses is accessed by the client device, and a process ID of the application (web browser, thin-client, etc.) used to access the accessed IP address is sent to a client application. A criteria is created based on the process ID, and the criteria is sent to a file system driver for controlling access of the client device to information from the IP address.03-12-2009
20100153550PLUGGABLE DEVICE THAT ENABLES AN ADDITION OF SECURITY FUNCTIONALITY IN A NETWORK - A pluggable device that enables an addition of security functionality in a particular network/application. In one example, MACSec functionality can be incorporated into a small form factor pluggable module. This enables new functionality to be added to a network in an incremental fashion. This results due to the inclusion of circuitry within the pluggable module that supports the new functionality.06-17-2010
20080307092METHOD AND APPARATUS FOR DETERMINING WHETHER CONTENT IS USABLE - Provided is a method of determining whether content provided from a first device is available to a second device in a network including the first and second devices. In the method, content domain information indicating a domain in which use of content provided from a first device is allowed is obtained from the first device, device domain information indicating a domain to which the second device belongs is obtained from the second device, the content domain information and the device domain information are compared to determine whether they are identical to each other, whether the content is available to the second device is determined based on the result of comparing.12-11-2008
20080307091Information processing apparatus, website access permission method - According to an aspect of an embodiment, an information processing apparatus for restricting accesses of websites comprises: a storage unit for storing information of access restricted websites; and a processor for performing a process of access permission comprising the steps of: receiving a request of access to one of the websites from a user; determining whether the requested websites is restricted or not by reference to the stored information of the access restricted websites; warning the user when the request has been made for the access to one of the restricted websites; and permitting the access to said one of the restricted websites upon confirmation of the warning by the user and reporting the access of the restricted websites to an administrator.12-11-2008
20080307090SYSTEM AND METHOD FOR MANAGING PUBLICATIONS - A system and method of managing publications is disclosed. A system that incorporates teachings of the present disclosure may include, for example, a Address Book System (ABS) having a controller element to adjust publication privileges of a publisher of a portion of an address book stored in the ABS responsive to detecting that a number of recipients of an invitation to subscribe to the portion of the address book have declined the invitation and the number of declined invitations exceeds a first threshold. Additional embodiments are disclosed.12-11-2008
20100180029CONTENT DELIVERY SYSTEM AND METHOD OF DELIVERING CONTENT - A content delivery system (07-15-2010
20100185764DLNA-COMPLIANT DEVICE, DLNA CONNECTION SETTING METHOD, AND PROGRAM - [Problem] To enhance the ease of use of a network by a DLNA-compliant device.07-22-2010
20080215732MULTI-SITE SCENARIOS IN THE STORAGE AND ARCHIVING OF MEDICAL DATA OBJECTS - In a method, an administration system and a computer program product (computer-readable medium) for storage and archiving of medical image data and metadata in a distributed system or clinical facility, with a central server, a central archive and a number of decentralized nodes, the image data are decentrally stored at the respective nodes, and the metadata are only stored centrally on the central server.09-04-2008
20080215733TECHNIQUES FOR SUPPORTING MULTIPLE DEVICES IN MOBILE APPLICATIONS - Techniques for interacting with a client process on a mobile device connected to a network over a wireless link includes managing information at a mobile applications server executing on a platform connected to the network. The information includes device profile information about the mobile device. First data is received from an application. The first data describes graphical elements for display on the mobile device. It is determined whether the first data exceeds a capacity of the mobile device based on the device profile information. If it is determined that the first data exceeds the capacity, then a subset of the first data is formed that does not exceed the capacity of the mobile device. The subset of the first data is sent to the client process. If it is determined that an external converter does not convert using a particular format, then a first description of graphical elements is converted internally into a second description using the particular format. Second data including the second description is sent to the client process. These techniques allow network-based services to be made readily available to a wide range of mobile devices without having to explicitly program each application for providing one or more network-based services to support all forms of mobile devices.09-04-2008
20090300180SYSTEMS AND METHODS FOR REMOTE MANAGEMENT OF NETWORKED SYSTEMS USING SECURE MODULAR PLATFORM - Embodiments relate to systems and methods for the remote configuration of networked systems using a secure modular platform. A network management engine communicates with a set of remote machines, such as a collection of clients or servers on a network. The network management engine can present a systems administrator with a set of compact network commands to permit the administrator to interrogate, configure, and manage the set of controlled machines on a dynamic basis. The network management engine can, for instance, install or update software, detect viruses on the controlled machines, perform an inventory of installed hardware on the controlled machines, and perform other network management functions using pre-configured functions and APIs built into a network library or command directory. Besides incorporating pre-configured management modules, the network management engine further allows a systems administrator to add custom modules in the command directory, using efficient modular interfaces compatible with network-level management processing.12-03-2009
20100185763METHOD FOR EXCHANGING USER INFORMATION IN A TELECOMMUNICATION NETWORK - The invention relates to a method for exchanging user information between a control entity of an access network accessible by a user client and a service entity connected to the access network, the method comprising the steps of: transmitting user information from the user client to a control entity of the access network in order to register with the access network, checking in the control entity the user information versus a user profile stored at the control entity, generating a global identifier assigned to the client, storing the global identifier in the control entity, transmitting the global identifier to the service entity, and using the global identifier to register the client with the service entity.07-22-2010
20100262693BOTTOM-UP ANALYSIS OF NETWORK SITES - An approach for identifying suspect network sites in a network environment entails using one or more malware analysis modules to identify distribution sites that host malicious content and/or benign content. The approach then uses a linking analysis module to identify landing sites that are linked to the distribution sites. These linked sites are identified as suspect sites for further analysis. This analysis can be characterized as “bottom up” because it is initiated by the detection of potentially problematic distribution sites. The approach can also perform linking analysis to identify a suspect network site based on a number of alternating paths between that network site and a set of distribution sites that are known to host malicious content. The approach can also train a classifier module to predict whether an unknown landing site is a malicious landing site or a benign landing site.10-14-2010
20100191852SOURCE CONFIGURATION BASED ON CONNECTION PROFILE - Connection profiles are created and stored. The connection profiles are for connections for sources to connect to a network. The connection profiles identify network attributes and server attributes for the connections and each connection profile includes a status of available or subscribed. A connection profile is assigned to a requested connection for a source. The source is authenticated using a credential, and server attributes from the connection profile are sent to the source to configure the source to use the connection.07-29-2010
20100169484Unauthorized Communication Program Regulation System and Associated Program - A server controlling each computer is provided with means for distributing file patterns for identifying unauthorized communication programs. Said computer is provided with a filtering module for performing monitoring and regulation processing on communications originating from the computer. Said filtering module is provided with a database for storing the file patterns acquired from the server, means for monitoring the communications of a communication module started by the computer and detecting the occurrence of a communication start request to other computers, means for comparing the file pattern of the communication module to the file patterns within the database and inspecting whether or not the communication module is an unauthorized communication program, and means for regulating the communications of the communication module when the inspection means has judged it to be an unauthorized communication program.07-01-2010
20100223382EMBEDDED COLLECTION AND INVENTORY SYSTEM AND METHOD FOR FACILITATING NETWORK SUPPORT FOR AN INSTALL-BASE NETWORK - A system, method and application for facilitating network support for an install-base network is provided. The method includes performing, at an access node of the install-base network, network discovery to discover one or more nodes of the install-base network. The method also includes collecting, at the nodes, their respective inventories (“network-node inventories”). The method further includes collecting the network-node inventories at the access node, and sending the network-node inventories from the access node to a back-office system external to the install-base network. The method may, optionally, include the access node aggregating the network-node inventories to form aggregate information, and sending the aggregate information to the back-office system in addition to or in lieu of the of network-node inventories.09-02-2010
20100228859METHOD AND APPARATUS FOR PROVIDING ACCESS FOR A LIMITED SET OF MOBILE STATIONS TO A RESTRICTED LOCAL ACCESS POINT - The invention concerns methods, a device and computer program products for simplifying handover back to a restricted local access point from an unrestricted global access point as well as to a device implementing a restricted local access point for provision in a wireless network and a wireless network. In the network a restricted local access point hands over a mobile station to an unrestricted global access point and provides data enabling the restricted local access point to be identified as a candidate access point. A device for simplifying handover back determines that the restricted local access point is a candidate for further handover based on this data and informs the mobile station about the restricted local access point via the unrestricted glob access point. Thereby hand over may be considered also to the restricted local access point in addition to other surrounding access points.09-09-2010
20120198064USING CONTEXT LABELS TO SCALE MAC TABLES ON COMPUTER NETWORK EDGE DEVICES - In one embodiment, an access component of a local network edge device receives traffic, and generates a frame for the traffic that includes a remote context label that identifies an access component of the remote network edge device to which the traffic is to be forwarded upon arrival at the remote network edge device, and a virtual circuit label corresponding to a particular virtual service of the traffic. The local network edge device forwards the frame towards the remote network edge device. In another embodiment, the frame may be received at a core component of the remote network edge device, an in response to the remote context label identifying an access component of the remote network edge device, forwarded to the access component, which determines the particular virtual service, and forwards the traffic from the frame out the access component towards an endpoint for the traffic.08-02-2012
20120246314Application Verification for Hosted Services - In a client-server environment providing hosted services, an application service server receives from a client a first request for hosted services associated with a user-specified domain name. If the server does not provide hosted services for that domain name, the server designates the first request as pending and provides a limited set of the hosted services in association with the first request. The server provides a complete set of the hosted services requested in the first request if it can be established that a first user associated with the first request has appropriate authority to make administrative changes for the network domain designated by the domain-name. In some embodiments, the server denies the first request and cancels the limited services if it is not shown within a predetermined period of time that the first user has the appropriate authority.09-27-2012
20100146114Methods, Systems, And Computer Program Products For Accessing A Resource Based On Metadata Associated With A Location On A Map - Methods and systems are described for accessing a resource based on metadata associated with a location on a map. In one aspect, a map is provided representing a geospatial region. A resource accessible via a network address identifying a network interface of a resource provider node has a geospatial location in the geospatial region and the location is associated with the network address. Resource information identifying the resource to the resource provider and location information identifying a map location representing the geospatial location in the map representing the geospatial region is received. The resource information is associated as resource metadata with the map location. Accessing the resource via the map with the network address of the resource provider determined based on the geospatial location represented by the map location and the resource metadata identifying the resource to the resource provider.06-10-2010
20090077234SERVER AND SERVER PROGRAM - A server comprises a content database for storing content files of a plurality of contents; a content information database for storing the content information of the content; a sharing section for sharing the content information with other server connected to a network; an access control section which permits or prohibits an access from other terminal connected to the network based on access permission information in which terminal specifying information for specifying a terminal to be permitted to access is registered; and a request response section which sends content information to the client in response to a request from the client for the content information. the sharing section shares the access permission information with other server connected to the network, the request response section, when the content information is requested from a client, determines a server which permits the client to access based on the shared access permission information and sends only the content information of the server which permits the client to access, of the shared content information to the client.03-19-2009
20100180030Apparatus and method for uniform network access - According to some embodiments, a registry is displayed. The registry may, for example, indicate resources available from a plurality of remote network access devices via a communications network. Moreover, a personal network address may be associated with each available resource, the personal network address including an destination address portion and an application program identifier portion. A direct communications link may then be established between a first network access device hosting an available resource and a second network address device using the personal network address associated with the resource.07-15-2010
20100235507CONNECTION RATE LIMITING FOR SERVER LOAD BALANCING AND TRANSPARENT CACHE SWITCHING - Each service in a computer network may have a connection rate limit. The number of new connections per time period may be limited by using a series of rules. In a specific embodiment of the present invention, a counter is increased each time a server is selected to handle a connection request. For each service, connections coming in are tracked. Therefore, the source of connection-request packets need not be examined. Only the destination service is important. This saves significant time in the examination of the incoming requests. Each service may have its own set of rules to best handle the new traffic for its particular situation. For server load balancing, a reset may be sent to the source address of the new connection request. For transparent cache switching, the connection request may be forwarded to the Internet.09-16-2010
20100241748SYSTEM AND METHOD FOR PROVIDING NETWORK SUPPORT SERVICES AND PREMISES GATEWAY SUPPORT INFRASTRUCTURE - A disclosed, service management system (09-23-2010
20100235506SECURING AN ACCESSIBLE COMPUTER SYSTEM - To secure an accessible computer system, the computer system is monitored for connection transactions. An access requestor is denied access to the computer system when the access requestor initiates a number of connection transactions that exceed a configurable threshold number during a first configurable period of time. The monitoring may include detecting connection transactions initiated by the access requestor, counting the number of connection transactions initiated by the access requestor during the first configurable period of time, and comparing the number of connection transactions initiated by the access requestor during the first configurable period of time to the configurable threshold number.09-16-2010
20100235505SYNDICATED PRESENCE AND ACTIVITY FEED FEDERATED VIA EXTENDED INTEROPERABLE FORMAT - Architecture for extending a presence document into additional formats and protocols. An aggregator federates the presence document into a standardized schema that can be consumed at a standardized endpoint. The standardized schema can be a web feed that is interoperably consumed by a web feed consumer, for example, an RSS/Atom schema. Access of the presence document content is controlled based on a relationship between the user and a subscriber. Categories are specified for the presence document content, and access is controlled according to the categories. The specified categories can correspond to user authentication levels. The categories can include multiple syndicated channels corresponding to multiple subscriber access levels. In this way, levels of access are defined for various categories of availability information and activity information, based on the relationship of the user to the subscriber.09-16-2010
20090043888SYSTEM AND METHOD OF PROVIDING RESERVATION MASKS WITHIN A COMPUTE ENVIRONMENT - A system, method and computer-readable media for providing a reservation mask for compute resources such as a cluster or a grid. The method aspect comprises identifying a need type and a group of available resources, creating a reservation mask over the identified group of resources and if a request from a consumer matches the need type, then constraining the creation of a reservation for the consumer to only use resources within the reservation mask.02-12-2009
20100146117Access control for M2M devices in a mobile communication network - A method of controlling an access to a public mobile communication network by a device for transmission of data is provided. The method comprises the step of accessing the mobile communication network by the device at a predetermined time and date. For this purpose a network traffic load information is transmitted from an entity connected to the mobile communication network to the device. Subsequently the time and date of an access to the mobile communication network by the device is determined with consideration of the received network load information. A corresponding system for controlling an access of a device to a public mobile communication network for transmitting data is also provided.06-10-2010
20100146115CONTENT SHARING - Content can be shared between devices by transmitting an encoded signal that indicates, to each capable device within range, instructions for accessing the content. For example, a first device can emit an encoded audio signal that can be received by any capable device within audio range of the device. Any device receiving the signal can decode the information included in the signal and obtain a location to access the content from that information. Using such an approach, a first user can quickly and easily share content with several users at the same time without any of the receiving users having to determine or navigate to the content being shared. Further, using signals, such as audio signals, provides the ability for most existing devices to easily share content without significant hardware modification or additional expense.06-10-2010
20100241747Admission control for performance aware peer-to-peer video-on-demand - A method and apparatus for performing admission control in a peer-to-peer video-on-demand system are described including determining if there is sufficient bandwidth to support leading sub-clip streaming for a new request from a video playback device, determining if there is sufficient bandwidth to admit the request without sacrificing quality of service for existing requests, accepting admission of the new request if both determining acts are positive and rejecting admission of the new request if either of the determining acts are negative. Also described is an apparatus for providing content to a video playback device in a peer-to-peer video-on-demand system including an admission control unit and a data engine component.09-23-2010
20100235508LOCATION-BASED REGULATION OF ACCESS - Generally, access to content may be regulated by receiving a content request initiated at a jukebox for access to a content selection, identifying a jukebox location corresponding to a location of the jukebox, determining a permissible location for rendering the content selection, relating the jukebox location to the permissible location, and enabling the content request when the permissible location supports access to the content selection from the jukebox location.09-16-2010
20100211679SYSTEM FOR DISTRIBUTED PERSONAL DEVICE MANAGEMENT - A personal device management server device comprises a processing device, first and second communication interfaces, and a memory. The first communication interface is coupled with the processing device and is arranged to communicate with a wireless communication network. The second communication interface is coupled with the processing device and is arranged to communicate with a client device. The memory is coupled with the processing device and arranged to store instructions comprising a personal device management system. The personal device management system is arranged to control allocation of one or more components of a communication service with the individual client device elements via the second communication interface.08-19-2010
20100211678EXTERNAL PROCESSOR FOR A DISTRIBUTED NETWORK ACCESS SYSTEM - An external processor for a network access system having a programmable access device includes a service controller that provides at least one service for network traffic, a message processor that processes network messages for service processing by the service controller, and a programmable access device controller that programs the programmable access device in response to service controller processing. It is advantageous for the external processor to include primary and secondary service controllers for a particular service so that, if the primary service controller fails, the secondary service controller can provide the particular service for message received from the programmable access device. In preferred embodiments, the service controller further includes a reporting processor that provides an interface through which reporting messages received from the programmable access device can be communicated to the service controller and a signaling controller that transmits signals to configure network hardware to establish requested network connections. The external processor preferably further supports a service policy interface through which the service controller can request policy decisions from a possibly remote policy server.08-19-2010
20130219062CONFIDENTIAL OR PROTECTED ACCESS TO A NETWORK OF NODES DISTRIBUTED OVER A COMMUNICATION ARCHITECTURE WITH THE AID OF A TOPOLOGY SERVER - System for access to an application distributed over a network of nodes deployed on a communication architecture (A), by a client (C) connected to this architecture. It comprises a server (S) having means for providing on the request of the client information about a set of nodes of the network (Np) taking into account the topology of the network within the communication architecture. It furthermore comprises at least one relay device (R) able to receive the information and at least one mediation device (M) suitable for establishing communications between the client (C) and at least some of the nodes of the set which are determined on the basis of the information provided by the relay device or devices (R).08-22-2013
20130219064DEVICE MANAGEMENT METHOD, MIDDLEWARE, AND MACHINE-TO-MACHINE COMMUNICATIONS PLATFORM, DEVICE, AND SYSTEM - Example embodiments of the present invention disclose a device management method, middleware, computer-program products, system, and apparatuses. The method includes: a resource access request is received by using a resource access interface, where the resource access request includes: a URI that is used to indicate a storage location of an accessed management object MO data resource; according to pre-created mapping between the resource access request of the MO data resource and a DM command, the resource access request of the MO data resource is converted into corresponding DM command, and according to pre-created mapping between the MO data resource and MO information, the MO information corresponding to accessed MO data is determined; and the DM command is sent to a target device corresponding to the URI to manage the MO information corresponding to the accessed MO data, so that the M2M applications may access different M2M platforms to manage devices, implementing end-to-end device management and related service applications.08-22-2013
20120246313Systems and Methods to Provide Digital Amenities for Local Access - One embodiment includes a network apparatus at a store for allowing digital amenities to be accessed at the store by a mobile device of a user. The network apparatus includes a network interface, a storage module to keep digital amenities and a computing module. The network interface can be designed to couple to the mobile device at the store, and to a computing device outside the store. The network interface can be designed to recognize the mobile device at the store based on a piece of software related to the store in the mobile device. The computing module can be designed to help the mobile device to access a first digital amenity from the storage module in view of the piece of software. Based on the access, a second digital amenity from the computing device can be pre-stored at the storage module.09-27-2012
20100023620ACCESS CONTROLLER - An access controller not requiring a large amount of resources such as a memory device and not needing to change the list of secure host devices each time the configuration of a network is changed. On receiving a DNS response through an access control section (01-28-2010
20120144036NETWORK LOCATION BASED PROCESSING OF DATA COMMUNICATION CONNECTION REQUESTS - Responsive to receiving a request for a data communications connection, a data communications module of a receiver determines whether a sender of the request is local or remote with respect to the receiver. The data communications module also determines whether a location response flag indicates local or remote. If the relative location of the sender with respect to the receiver corresponds with the location response flag, then the data communications connection is allowed. Otherwise, the connection is not allowed.06-07-2012
20120144035Automatic Reauthentication in a Media Device - A system and method is presented for verifying the ability to use stored authentication information when accessing a remote media service. A media device, such as a television, is described that stores authentication information for a remote media service. Such authentication information may include a user name and a password. Because media devices may be re-sold, returned for re-sale, or refurbished, it is necessary to automatically disable the authentication information to prevent a second owner from accessing the services and accounts belonging to a first owner. The ability to use authentication information is disabled upon a long delay in accessing the service, a complete power down cycle, a change in IP address, or a change in network interfaces used to access the network.06-07-2012
20120144034Method and system for identity provider instance discovery - An identity provider service comprises a plurality of identity provider instances, with at least one identity provider instance being remote from at least one other identity provider instance. A method of discovering an identity provider instance according to this disclosure begins upon receipt from a service provider (or from a discovery service to which the service provider redirects the user) of a request for an IdP instance. Preferably, the request for an IdP instance is received as a Web services request following receipt at the service provider of an end user client request to access an application. In response to receiving the request, an IdP instance is selected, preferably using one or more criteria, such as user proximity, instance load, instance availability, the existence of a prior IdP binding, or the like. Following the selection, a response to the request is generated and returned to the requesting service provider. Preferably, the response is a redirect to the selected IdP instance.06-07-2012
20100198969Deep Packet Scan Hacker Identification - Securing an accessible computer system typically includes receiving a data packet that includes a payload portion and an attribute portion, where the data packet is communicated between at least one access requestor and at least one access provider. At least the payload portion of the received data packet typically is monitored, where monitoring includes scanning the payload portion for at least one predetermined pattern. When the payload portion is determined to include at least one predetermined pattern, access by the access requestor to the access provider may be controlled . Monitoring the data packet may include scanning the payload portion while handling the data packet with a switch. Controlling access may include denying access by the access requestor to the access provider.08-05-2010
20090234949SYSTEM AND METHOD FOR DISTRIBUTING A CLIENT LOAD FROM A FAILED SERVER AMONG REMAINING SERVERS IN A STORAGE AREA NETWORK (SAN) - A system delivers data and includes a plurality of data storage devices. A plurality of servers such as video servers are connected to the plurality of data storage devices and access the data storage devices to provide streaming data to a plurality of clients upon request therefrom. Upon failure of one of the servers, the load on the remaining servers is distributed equally among remaining servers using a distribution algorithm that assigns dual client network connections to server groupings such that the failure of any one server will increase the client load on any remaining server by no more than ceil (C/P) loads, where C is the total number of configured clients that access the plurality of servers in the system and P is the total number of server pairs.09-17-2009
20100268822SYSTEM AND METHOD FOR DETERMINING A MAXIMUM PACKET DATA UNIT (PDU) PAYLOAD TRANSMISSION SIZE FOR COMMUNICATING IN A MANAGED COMPUTER NETWORK SYSTEM - A system and method for substantially preventing firewall generated communication losses in regard to communications by authorized users in a managed computer network system is provided. The method comprises transmitting one or more status inquiry commands to at least one node in the managed computer network system, wherein the status inquiry command requests a first quantity of objects from the at least one node; receiving a non-zero quantity of objects response from the at least one node; and limiting communications through the firewall in the managed computer network system with the at least one node to a message size substantially equivalent to the received non-zero quantity of objects response from the at least one node, thereby substantially preventing firewall generated communication losses in the managed computer network system.10-21-2010
20090319660GENERALIZED ARCHITECTURE TO SUPPORT REPRESENTATION OF MULTI-TRANSPORT DEVICES - A computer system that accesses multi-transport devices and associates device instances of the multi-transport device with each other. Devices provide the same device identifier such as a device unique identifier regardless of the transport over which the device is accessed. A visual representation for the multi-transport device may be provided to a user using the device identifier. Also, a single functional representation for the multi-transport device may be provided based on an identifier provided by each function of the device. The functional representation may be independent of the addition and removal of transports and allows abstracting device access via multiple transports from a user and an application. Transports may be selected at an application and/or a system level. Operating characteristics of available transports may be used to select a desired transport, based on transport requirements specified by the application, the user or the system.12-24-2009
20100268823BROADBAND WIRELESS NETWORK - Disclosed herein are methods and apparatus for operating and deploying a broadband wireless network having at least one data transmission node and a plurality of CPE units, wherein there is a wireless data link at least in part between the data transmission node and the CPE units, and further wherein the management and configuration of the network is managed centrally and at least one of authorization, authentication, data stream prioritization or queuing is accomplished through the operation of the CPE units. According to one embodiment there is provided a user group manager that provides a user interface for at least one local service provider to manage information about end users served by the local service provider. In another embodiment, management and configuration of the network is managed using a device that communicates with CPE units and the data transmission nodes. The system and method further provides a data transmission node that includes routing capability, wherein the data transmission node is located with at least one CPE unit. In another embodiment, a network supervision and management device holds an original configuration file for each CPE unit wherein each CPE unit further includes a configuration file that includes an address reference to one or more of the supervision and management devices thereby providing for connectivity to the supervision and management devices and capability of redundancy when more than one supervision and management device is referenced.10-21-2010
20090319661CLUSTER NODE CONTROL APPARATUS OF FILE SERVER - When a network file service is transferred from a transfer source node to a transfer target node, a file service state utilized by a client in the transfer source node is transferred to the transfer target node. Then, after the file service state is transferred to the transfer target node, a file service request (I/O request) reached from the client to the transfer source node is transmitted to the transfer target node.12-24-2009
20090138597 SYSTEM AND METHOD FOR ACCESSING MEMORY - A storage system and method for storing information in memory nodes. The storage or memory nodes include a communication buffer. Flow of information to the storage nodes is controlled based upon constraints on the communication buffer. In one embodiment, communications between a master controller and a storage node have a determined maximum latency.05-28-2009
20100223381IDENTIFICATION MANAGING SYSTEM FOR AUTHENTICATION OF ELECTRONIC DEVICE - In operation of a conventional vertical integration system a primary user cannot provide services to a secondary user belonging to other service group. An identification managing server is proposed to carry out the retrieval of a master-slave relation information by using common identification information as a key and outputs an assurance including its result when the identification managing server receives an assurance request output from a first judgment server at a request of a second judgment server from a first electronic device used by a primary user. Further, the first judgment server outputs an assured service based on such assurance to the second judgment server in order for the primary user to have services from the other vertical integration system to which the secondary user belongs.09-02-2010
20120198065Method of Accessing a Cloud Service and Related Device - A cloud service is accessed by an access module. The access module receives a simple control code from an electronic device that is electrically connected to the access module, and the access module utilizes high-level protocols and software stacks to send/receive data to/from the cloud service according to the simple control code.08-02-2012
20090106422METHODS, APPARATUS AND TECHNIQUES FOR SUSPENDING, RESUMING, AND SHARING SESSIONS USING OBJECT SERIALIZATION - An X display may be dynamically rerouted to a different graphics terminal, or to several graphics terminals, without disrupting X clients. The corresponding X server architecture includes a static, protocol router part which acts as an endpoint for client connections and which routes X protocol to one or more X server displays, and a dynamic X display part which maintains the state and contents of the display. An X display may maintain its state and display contents entirely in memory without any need for physical display or input devices, in which case it is termed a “headless X display” and provides a virtual X server display that appears to the host as if it were a user-interactive display. The architecture allows for any number of X displays to be attached to the protocol router for multi-user, fault tolerant or suspend/resume functionality.04-23-2009
20080228918DOWNLOAD SERVER DETERMINATION METHOD AND RECORD MEDIUM BEARING DOWNLOAD SERVER DETERMINATION PROGRAM - A computer determines a download server for downloading contents into a terminal device from among a plurality of servers storing the identical contents therein, by accepting a download request for the contents from the terminal device, detecting a time at which the download request was accepted and determining the download server in accordance with the detected time.09-18-2008
20090070467Enabling access to remote entities in access controlled networks - In network access control networks, it may be difficult to provide certain remote accesses such as remote boot or remote storage access. An available network connection established through chipset firmware (e.g. active management technology (AMT)) may be utilized to establish a connection and to enable the remote access. Then as soon the completion of the activity is detected, such as remote booting, then the connection may be immediately terminated to prevent access by improper agents.03-12-2009
20090037583DETECTION AND CONTROL OF PEER-TO-PEER COMMUNICATION - A method and apparatus are provided for detecting peer-to-peer communication on a data communication network, between an internal client machine within an internal address space and an external client machine. The method includes routing all messages addressed to internal client machines to an analysis device. The analysis device identifies messages pertaining to peer-to-peer communication and identifies the internal client machine to which the messages of a specified nature were addressed. The analysis device terminates the connection with the external client machine if the establishing of the peer-to-peer communication is in violation of a pre-determined internal network rule.02-05-2009
20110106946NETWORK USAGE THROTTLING SYSTEMS AND METHODS - Systems and methods for throttling network usage are disclosed. An exemplary method includes at least one network device monitoring usage of a wide area network, selecting a throttling command based on the monitored usage of the wide area network, and broadcasting the throttling command to a plurality of access devices connected to the wide area network. The throttling command is configured for interpretation and use by each access device within the plurality of access devices to conform at least one operation to a network usage throttling level in accordance with the interpretation of the throttling command. Corresponding systems and methods are also disclosed.05-05-2011
20130138810Systems and Methods for Workspace Interaction with Cloud-Based Applications - Various systems and methods described herein relate to server-based computing, where the systems and methods provide a client with access to an application executing remotely from the client device and having access to data (e.g., one or more files) residing on a cloud-based storage (e.g., provided by a third-party cloud-based storage service, such as Dropbox, Box, or Google® Docs). For some systems and methods, the application may be remotely executed and provided to the client such that the application has in-application/embedded access (hereafter, referred to as “native access”) to the cloud-based storage and files residing on the cloud-based storage.05-30-2013
20130138811Distributed Network Communication System Which Selectively Provides Data to Different Network Destinations - A method comprising storing identification information in a memory medium of a portable computing device, communicating with a network access point to gain access to a network, sending the identification information from the portable computing device to the network access point, and receiving at the portable computing device access to the network through the network access point based on the identification information.05-30-2013
20130013777DELEGATED NETWORK MANAGEMENT SYSTEM AND METHOD OF USING THE SAME - A method for providing a management function requested by a user that uses a managed device includes establishing a session on a managed device in response to a user logging into an account on the managed device, establishing a delegated management session on a management device, the delegated management session corresponding to the session on the managed device, receiving a management message on the management device, the management message being related to a management function requested by the user, and in response to the received management message, performing the management function using the management device.01-10-2013
20130145027REGULATORY COMPLIANCE ACROSS DIVERSE ENTITIES - Regulatory compliance techniques are provided for dynamically modifying access to data based on the jurisdiction a user seeking access to the data is located within. Dynamically modifying access to data provides for a more efficient and accurate solution to regulatory compliance issues faced when hosting data in a central repository. Users can be notified when their access to data is modified due to a compliance issue. In addition, an audit history can be associated with data packets that allow an administrator or the like to view the history of data packet access. Finally, signatures associated with a data packet can be used to search data store(s) to track access to information within the data packet that may have been subsequently modified.06-06-2013
20100325275GROUP ACCESS TO IP MULTIMEDIA SUBSYSTEM SERVICE - A method of facilitating access to services of an IP Multimedia Subsystem network by user terminals located behind an access point to said network. The access point is associated with a subscription to the IP Multimedia Subsystem network. The method comprises including within an Implicit Registration Set defined for said subscription, a wildcarded Public User Identity or Public User Identity sub-domain representative of a range of Public User Identities. At IP Multimedia Subsystem registration of said access point with the IP Multimedia Subsystem network, the Public User Identities contained in the Implicit Registration Set are distributed to a Serving Call Session Control Function allocated to said access point and to a Proxy Call Session Control Function to which said access point is attached.12-23-2010
20100332656NETWORK ACCESS USING NETWORK IDENTIFICATION - A network system that identifies a home network of a user by a network identification in an access request. When the access request is received in a network, the accessed network extracts a network identification from the access request and determines whether the access request is received from a subscriber or non-subscriber. If a non-subscriber, then a foreign network is identified and a network identification database is consulted to retrieve contact information for the foreign network. If the contact information is successfully retrieved, then the user may be routed to the foreign network (home network of the user). Otherwise (if the contact information is not in the network identification database), the user may be denied any access, and a purchase agreement for connect services may be offered.12-30-2010
20110010453PEER TO PEER SUBSCRIPTION SERVICE - Peer-to-peer approaches to servicing subscriptions to information feeds are generally disclosed. Network nodes may exchange information about information feeds that they can provide to other nodes, and other information about information feeds to which they may be interested in subscribing. Any of a variety of techniques may then be applied to allow the nodes to negotiate for feeds to which they may be interested in subscribing. For example, each node may apply algorithms that service feed subscriptions of other nodes on a prioritized basis, prioritized for example based on which other nodes service subscriptions in return.01-13-2011
20130159520SYSTEM AND METHOD FOR NON-IMS APPLICATION SERVICE ACCESS OVER IP MULTIMEDIA SUBSYSTEM - A system and method to enable mobile devices to access non-IMS application services over an IP Multimedia Subsystem (IMS) is described herein. In order to access a non-IMS application service via the IMS, messages in a format that are suitable for exchange with the non-IMS application service are encapsulated by the mobile device user agent into SIP messages. The SIP messages are then routed by the IMS to a services gateway. The services gateway extracts the application service messages from the SIP messages and provides the extracted messages to the appropriate application service. In this fashion, the mobile device is able to request services from an application service via SIP messaging, even if the requested application service does not support SIP messaging.06-20-2013
20130159526Method of handling access control information and related communication device - A method of handling access control information of a management object in a device management (DM) client of a service system is disclosed. The method comprises creating a management tree for storing the access control information of the management object; arranging a first node in the management tree, for storing an identifier of the management object; arranging a second node in the management tree, for storing an identifier of a DM server of the service system; arranging a third node in the management tree, for storing a path of a node in the management object; and arranging a fourth node in the management tree, for storing access right of the DM server related to the node.06-20-2013
20110010454GRAPHICAL USER INTERFACE FOR PERFORMING ADMINISTRATION ON WEB COMPONENTS OF WEB SITES IN A PORTAL FRAMEWORK - Graphical user interfaces are provided for administrators to perform administration type operations. Sets of users granted administrative privileges may further grant and delegate administrative privileges to other sets of users to perform administration type operations on site objects over which they have administrative privileges. The types of graphical user interfaces includes server consoles and site consoles. Server consoles enable the performance of administration on all objects within the framework. Site consoles enable the performance of administration within a respective site.01-13-2011
20110029670ADAPTING PUSHED CONTENT DELIVERY BASED ON PREDICTIVENESS - Correlating user activity and location-based prediction of network access events with the delivery of pushed content to a computing device. Location information for the computing device is received by the computing device. One or more network access events are predicted, or network access characteristics are determined, based on the location information and user activity on the computing device. The computing device adjusts delivery or receipt of the pushed content based on the predicted network access events or the determined network access characteristics. For example, data is pre-fetched prior to occurrence of the predicted network access events, or data retrieval requests are postponed until after the occurrence of the predicted network access events.02-03-2011
20110029671TERMINAL AND METHOD FOR MANAGING SECURE DEVICES - A mobile terminal and method for managing secure devices associated with the terminal are discussed. According to an embodiment, the method includes acquiring at least one of availability information and delegation information from each of at least one secure device associated with the mobile terminal; establishing a secure device delegation rule set for the at least one secure device based on the acquired information; receiving a request for establishing a communication connection with a secure device from a server; and establishing a communication connection between the server and one of the at least one secure device based on the secure device delegation rule set.02-03-2011
20110035495METHOD AND DEVICES FOR FILTERING DATA PACKETS IN A TRANSMISSION - A method for associating a data packet (DP) with a packet bearer (PB) in a user equipment (UE02-10-2011
20110035496AUTOMATIC HARDWARE FAILURE DETECTION AND RECOVERY FOR DISTRIBUTED MAX SESSIONS SERVER - A Max Sessions Server (MSS) automatically detects hardware and communications failures. Upon detection, counters are adjusted accordingly to maintain an accurate count of users or groups of users on a system. A database of unique identifiers for each connection is maintained, where the unique identifier is a concatenation of a Network Access Server (NAS) and the connection's incoming NAS node number. If a user requests permission to log into the system, the MSS first checks the database to determine if the unique identifier is already logged in. If so, then a hardware or communications failure has occurred and the MSS must make the appropriate adjustments to the database and counter.02-10-2011
20110119379GEO-POSITIONALLY BASED DATA ACCESS SECURITY - Methods, systems, and computer program products for implementing geo-positionally based data access security is provided. A method includes receiving a request at a computer to verify a geographic location of a segment of data stored in a storage device. The method further includes receiving, at the computer, an actual geographic location of the storage device from a geographic location device connected to the storage device. The method additionally includes accessing, at the computer, a location tag including an expected geographic location of the segment of data, and comparing, at the computer, the expected geographic location to the actual geographic location. The method also includes returning a value indicating that an error has occurred when the comparing indicates that the expected geographic location does not match the actual geographic location.05-19-2011
20100146116METHOD OF CONTROLLING DOWNLOAD LOAD OF SECURE MICRO CLIENT IN DOWNLOADABLE CONDITIONAL ACCESS SYSTEM - A method of controlling a download load of a Secure Micro (SM) client in a Downloadable Conditional Access System (DCAS) is provided. The method of controlling a download load of an SM client including: analyzing version information of SMs and version information of SM clients to control the download load generated in the DCAS, the version information of the SMs and the version information of the SM clients being provided from an Authentication Proxy (AP) server, and the SM clients being installed in the SMs; determining a download policy associated with a download time of a target SM client for the SMs based on a result of the analysis; and providing the AP server with the determined download policy.06-10-2010
20110087781REAL-TIME HARMFUL WEBSITE BLOCKING METHOD USING OBJECT ATTRIBUTE ACCESS ENGINE - A real-time harmful website blocking method using an object attribute access engine is disclosed. In one embodiment, information about visual objects, currently being displayed on a screen by processes currently being executed, is obtained from a client. Attributes of the visual objects are extracted from the obtained information about the visual objects. Whether harmfulness is present is determined based on the extracted object attributes, and thus whether to block access to a server being connected thereto is decided. The client is requested to terminate a process for displaying the visual objects.04-14-2011
20110213882Method and system for handling computer network attacks - A method and apparatus for serving content requests using global and local load balancing techniques is provided. Web site content is cached using two or more point of presences (POPs), wherein each POP has at least one DNS server. Each DNS server is associated with the same anycast IP address. A domain name resolution request is transmitted to the POP in closest network proximity for resolution based on the anycast IP address. Once the domain name resolution request is received at a particular POP, local load balancing techniques are performed to dynamically select the appropriate Web server at the POP for use in resolving the domain name resolution request. Approaches are described for handling bursts of traffic at a particular POP, security, and recovering from the failure of various components of the system.09-01-2011
20100153552METHOD AND SYSTEM FOR GEO-TARGETED CONTENT DELIVERY - A method and server for providing geo-targeted content delivery are provided. The method may include receiving, by a web server, a request for information from an Internet user; determining, by the web server, a geographic location of the Internet user; and tailoring information provided to the Internet user based at least in part on the geographic location of the Internet user. Determining the geographic location of the Internet user may involve obtaining a route through the Internet to a target host for an IP address associated with the Internet user, wherein the route may include one or more intermediate hosts; deriving a geographic location of one or more of the intermediate hosts within the route; and automatically determining the geographic location of the Internet user by analysis of the route and the geographic location of the one or more intermediate hosts.06-17-2010
20110145408SERVICE ENABLEMENT/DISABLEMENT BASED ON SERVICE RELATIONSHIPS - A network (06-16-2011
20110145407METHODS, SYSTEMS, AND COMPUTER READABLE MEDIA FOR COMMUNICATING MEDIA SERVER CAPABILITIES AND STATUS INFORMATION BETWEEN MEDIA SERVERS AND A MEDIA RESOURCE BROKER - Methods, systems, and computer readable media for communicating media server capabilities and status information between a plurality of media servers and a media resource broker are disclosed. According to one method, messages are received at a media resource broker from a plurality of media servers, where the messages include information indicating capabilities and status of the media servers. The information regarding the capabilities and status of the media servers is cached at the media resource broker, which receives call setup requests and, in response, selects a media server from the plurality of media servers based on the cached media server capabilities and status information.06-16-2011
20110078311Network communication device and automatic reconnection method - As a defense against cyber attacks, a network communication device permits other communication devices to associate and undergo entity authentication, registers the identifiers of devices that pass entity authentication in a memory, and communicates only with those devices. As a further defense, the network communication device may also impose association control by normally refusing to let other communication devices even associate. The network communication device monitors the communicability of devices with identifiers registered in the memory. If communication with a device becomes disabled, its identifier is removed from the memory and placed in a whitelist. Whitelisted devices may re-associate even while association control is in effect. A device that experiences outage may therefore re-associate autonomously, without requiring human intervention.03-31-2011
20110087782IMPROVEMENTS IN OR RELATING TO COMMUNICATIONS - According to one embodiment of present invention, there is provided a method of controlling access to a communication network. The method comprises receiving a request from a communication device to connect to the communication network, the request including a substantially unique identifier of the device, and determining whether the identifier is contained in a local device database of the network. Where it is determined that the identifier is not contained in the local database, the method further comprises authorizing the device to connect to the network, and at a subsequent update of the local device database, determining the status of the identifier from a shared device database, and updating the status of the determined identifier in the local device database with the determined status.04-14-2011
20110087780DETERMINING CLIENT SYSTEM ATTRIBUTES - In general, webpage or other resource accesses by client systems may be recorded, and those accesses may be analyzed to develop audience measurement reports. At times, it may be desirable to segment those reports according to classes of client systems (e.g., work vs. home client systems). A given client system can be classed into one of the reporting classes based on one or more classes of network service providers that provide the client with access to a network. The recorded resource accesses and classes of the client systems can then be used to generate audience measurement reports that are segmented according to one or more of the client system classes.04-14-2011
20100131647Enhanced Media Control - The present invention is aimed to provide an enhanced mechanism for conflict resolution between authorized services in respect of selective authorization criteria, such as service incompatibilities, subscribed bandwidth QoS assigned per subscriber and pre-emption priority value assigned per service. To this end, the present invention provides for a new method that allows the authorization of a subsequent service as a result of applying a selective authorization criterion for the subscriber at a policy control rules server to determine those previously authorized services to be put on hold, notifying about said previously authorized services to be on hold towards application devices handling such services, and inactivating at a policy enforcement device those control rules applicable to the media associated with said previously authorized services. In addition, the method as well as the policy control rules server, the application devices and the policy enforcement device may be also arranged for re-activating said previously authorized services still on hold when the reason for being on hold has ceased.05-27-2010
20090254658ACCESS CONTROL DEVICE, AND ACCESS CONTROL METHOD - An access control unit and an access control method are provided for controlling an access to a secure host efficiently by reducing the consumption of resources such as a memory. In this access control device, an access control unit (10-08-2009
20090259752DYNAMIC DISTRIBUTED ADJUSTMENT OF MAXIMUM USE OF A SHARED STORAGE RESOURCE - A method, system, computer program product, and computer program storage device for dynamically adjusting a maximum limit of concurrent service requests directed to a shared storage resource that can be issued by a plurality of host devices is disclosed. The method, system, computer program product, and computer program storage device operate based on a rotating turn, in which a host device has a chance to be able to increase its currently available maximum number of concurrent service requests.10-15-2009
20090313373NETWORK POLICY EVALUATION - A device may include an interface to send policy information to an evaluation module, where the policy information is related to a group of policies, and receive a group of results from the evaluation module, where the group of results indicates whether the status of a source device complies with the croup of policies. The interface may send an instruction to a destination device configured to implement at least a subset of the policies with respect to the source device based on the instruction.12-17-2009
20100036950METHOD AND APPARATUS FOR PROVIDING HOME CONTENTS - The present invention relates to a method and apparatus for providing home contents, which shares contents between contents storage devices within a home network and provides the contents shared on a home network to an external contents sharing device. The present invention shares the contents based on an existing home network middleware in a home network environment that is configured to allow a plurality of contents storage devices to commonly use the same home network middleware, such that the contents information shared within the home network can be shared outside, making it possible to use the contents in the home without regard to time and place.02-11-2010
20100036949Centralized Scheduler for Content Delivery Network - A method for performing centralized scheduling of content delivery is described including performing admission control, locating a server that is a source of content, determining a content delivery schedule and reordering the content delivery schedule over a content delivery network (CDN). Also described is a method for performing admission control including reordering a request queue based on partially served committed requests for content and newly arrived requests for content and determining if the newly arrived request for content can be admitted to the request queue.02-11-2010
20100036946SYSTEM AND PROCESS FOR PROVIDING ONLINE SERVICES - The present invention provides a system and process for providing online services. In general, the system provides a plurality of users access to an online service via one or more user modules communicatively linked to the system over a communication network. The system generally comprises a registration module for enabling one or more individualised domain names, each one of which comprising identifying information related to one or more of the users a service provider module configured to provide the one or more user modules access to the online service over the communication network, wherein access is provided to a given one of said users via a corresponding one or more of said individualised domain names comprising identifying information related thereto; and a monitoring module configured to monitor new domain names enabled by said registration module to provide a desired level of uniqueness for each of the one or more individualized domain names.02-11-2010
20100036947METHOD AND APPARATUS FOR REDUCING UNWANTED TRAFFIC BETWEEN PEER NETWORKS - A method and apparatus for enabling peer networks to reduce the exchange of unwanted traffic are disclosed. For example, the method receives at least one of: a source Internet Protocol (IP) address or a source IP address prefix that has been identified as a source of the unwanted traffic, by an originating peer network from a terminating peer network. The method then blocks the unwanted traffic destined to the terminating peer network by the originating peer network.02-11-2010
20100070631System and Method for Management of Remotely Shared Data - Systems and methods for reducing latency on a remotely-booted information handling system are disclosed. A method for access and management of remote data may include receiving from a host a standard input-output instruction including a persistent image update (PIU) parameter indicating a request by the host to access a shared computer-readable medium storing an image shared by the host and one or more other hosts. The method may further include determining a value of the PIU parameter and determining whether to allow the host to access the shared computer readable medium based at least on the value of the PIU parameter.03-18-2010
20100064042Hash-Based Resource Matching - In various embodiments, techniques can be provided for identifying and filtering network resources. The filtering may occur not only on the type of network traffic (e.g., HTTP traffic) but also with resources identified by the network traffic. In some embodiments, one or more hash functions may be used to facilitate the identification, searching, and matching of network resources. The network resources may be identified as a unique domain, unique network host, unique URL, or the like.03-11-2010
20100057908CENTRALIZED CONTROL PLANE APPLIANCE FOR VIRTUAL INFRASTRUCTURE - In a virtual infrastructure, a single appliance is provided that hosts a centralized virtual machine monitor (VMM) control plane to effectively establish a single virtual switch across all virtual machines within one or more clusters of servers, thereby reducing the number of management points for the network administrator and facilitating easier VM migration.03-04-2010
20110082934REPLENISHING A USER ACCOUNT WITH MORE ACCESS RESOURCES NEEDED FOR ACCESSING NETWORK SERVICES - A network access server (NAS) determines the status of availability (e.g., how much more quota is unused) of an access resource, and sends a notification embedded in a point-to-point protocol (PPP) packet. The format of the packet is chosen such that definition/use of higher layers (e.g., HTTP) is not required to communicate the status to a client system. As a result, the user may be notified even if software such as web browser is not being executed on the client system.04-07-2011
20110082933AUTOMATIC INTERNET CONNECTION SHARING AMONG RELATED DEVICES - Internet connection may come through a single host computer and sent to appliance computers, as in a laptop or camera. This application intends to automatically connect the appliances to the Internet established by the host computer by means of either electronic communication or preprogramming both computers with the same network access information.04-07-2011
20120303812SYSTEMS AND METHODS FOR PROVIDING CONTENT AND SERVICES ON A NETWORK SYSTEM - Systems and methods for managing and providing content and services on a network system. Aspects of the invention include location-based determination of network content and services that may be provided to client computers. Other aspects of the invention include authorization and authentication components that determine access rights of client computers. Additional aspects include systems and methods for redirecting client computers to different network content. The disclosed systems and methods may be used in numerous network system applications.11-29-2012
20120303811SERVICE ACCESS - The present invention relates to methods and apparatus for configuring end user equipment. A service broker may transmit access settings to an access node where the access settings are for a predetermined service provider. The access settings may be transmitted to end user equipment so that the predetermined service provider can access the end user equipment in order to configure the end user equipment to receive a service provided by the service provider.11-29-2012
20120303810System and Method for Optimizing Secured Internet Small Computer System Interface Storage Area Networks - A network device includes a port coupled to a device, another port coupled to another device, and an access control list with an access control entry that causes the network device to permit log in frames to be forwarded from the first device to the second device. The network device receives a frame addressed to the second device and determines the frame type. If the frame type is a log in frame, then the frame is forwarded to the second device and another access control entry is added to the access control list. The second access control entry causes the network device to permit data frames to be forwarded from the first device to the second device. If not, then the frame is dropped based upon the first access control entry.11-29-2012
20120303809OFFLOADING LOAD BALANCING PACKET MODIFICATION - The present invention extends to methods, systems, and computer program products for off loading load balancing packet modification. Embodiments of the invention can be used to offload the load of forwarding packets back to packet senders. Load balancers and/or the NAT devices can handle the first few packets of a connection to formulate connection mappings and then are removed from further communication for the connections. For example, a load balancer or NAT device makes the corresponding load balancing or the NAT decision based on a first packet and then informs the sender of the data of the decision. From then on, the sender can directly send the data to the receiver without having to go through the load balancer or NAT.11-29-2012
20120303808USING DNS COMMUNICATIONS TO FILTER DOMAIN NAMES - Using DNS communications to filter domain names is disclosed. A domain name is extracted from a received DNS request. The received DNS request is blocked in response to determining based on a policy that access to the domain name of the DNS request is not permitted. In some cases, such a DNS request is responded to with a spoofed DNS response.11-29-2012
20130159519CONTENT ACCESS MANAGEMENT IN A SOCIAL NETWORKING SYSTEM FOR EXTERNALLY STORED CONTENT - A content access management system receives an access determination requested identifying an access rule and a requesting user. The access rule may be created in advance by the content owner at the content access management system. The access rule may allow access to content objects based on the requesting user's biographic information, geographic information, affiliation information, payment information, or any other user characteristic. The user information may be entered by the requesting user at a social networking system interface for purposes unrelated to the content object or content owner. The content access management system retrieves the identified access rule and retrieves requesting user information based on the access rule. An access determination is made based on the retrieved access rule and requesting user information, and is transmitted to the content owner.06-20-2013
20110072136METHOD OF MANAGING LIFE STORIES - System, method, and apparatus for users in an online computer system to write and keep in perpetuity their life Stories, Legacies, and Memorials and tie them together with relationships within social networks. A computer system collects data in the form of text or uploaded files entered by an individual who in turn can indicate other individuals to whom they have a relationship and include them in networks. The individual may cross reference chronological chapters with categories for referencing. The individual may select Guardians to control their data after they are deceased or otherwise incapacitated. A separate Foundation ensures storing the data in to ensure there is enough money to store the data in perpetuity.03-24-2011
20120203907CONTENT DISTRIBUTION SYSTEM, CONTENT DISTRIBUTION METHOD, AND CLIENT TERMINAL - The user of any one portable terminal sends a content information request including a user ID to a distribution server. In response, the distribution server distributes a stream data of content that can be used on the user's terminal. If the user of a first portable terminal intends to let a second portable terminal try out a certain content, the user sends to the distribution server the trial permission information including the user's own user ID, a content ID of the content of interest, and a digital signature. The distribution server authenticates the received information before distributing a streaming data of a trial-oriented content with the content ID and user ID attached to it as search keys. This allows the content that can be used on a given user terminal to be tried out on another user terminal without the latter user having recourse to the steps of searching for the content in question.08-09-2012
20120203905M2M SERVCE PROVIDING SYSTEM, M2M TERMINAL, AND OPERATION METHODS THEREOF - Provided are a machine to machine (M2M) service providing system, M2M terminals, and operation methods thereof. The M2M service providing system may include a location registration server and a M2M managing server. The location registration server may be configured to receive a location registration request from a M2M terminal and transmit a location registration response to the at least one M2M terminal, thereby allowing the at least one M2M terminal to access a mobile communication network. The M2M managing server may be configured to provide one of inactivation timer information and M2M server access period timer information in the M2M terminal according to a M2M service enrollment status of the M2M terminal.08-09-2012
20120203904Controlling Internet Access Using DNS Root Server Reputation - A method of controlling internet access on a client computer. The method comprises identifying a DNS request generated on the client computer and which is addressed to a specific DNS root server, and sending an information request to a central server identifying said DNS root server. Then, at the central server, reputation information for said DNS root server is determined, and said reputation information is provided from the central server to the client computer. The reputation information is then used at the client computer to handle the DNS request or a response to that request.08-09-2012
20110060833DEVICE CONNECTABLE TO WIRELESS NETWORK AND COMPUTER READABLE MEDIUM - A device disclosed here is connectable to a first type of wireless network and a second type of wireless network. The device includes a communication section, a function section, a determination section and a function control section. If the determination section determines an external device to be included in one of the first type of wireless network and the second type of wireless network, the function control section permits the external device to use a first function, and if the determination section determines the external device to be included in the other of the first type of wireless network and the second type of wireless network, the function control section prohibits the external device from using the first function.03-10-2011
20110153823METHOD AND APPARATUS FOR MANAGING DOMAIN - A method and an apparatus for managing domains are provided. The method of managing one or more domains performed by a domain manager located in a home network includes determining whether to register a first device located in the home network to a domain, and providing data required to share content between the first device and a second device registered to the domain according to the determination. In the method and apparatus, content can be shared by connecting the devices with one another including a user, and the burden of content providers for management can be reduced.06-23-2011
20100036951SYSTEMS AND METHODS FOR DYNAMIC DECENTRALIZED LOAD BALANCING ACROSS MULTIPLE SITES - A method for enabling decentralized dynamic load balancing among a plurality of appliances providing access to a plurality of sites, each site comprising a local area network and at least one server includes: determining, by a first appliance, a first number of services currently available for access via a local area network connected to the first appliance; receiving, by the first appliance from a second appliance, a communication indicating a second number of services currently available for access via a local area network connected to the second appliance; receiving, by the first appliance, a plurality of requests to connect to a service; determining, by the first appliance, a weight to be assigned to the second appliance, wherein the determination is responsive to the second number; and forwarding, by the first appliance to the second appliance, a subset of the plurality of requests, wherein the number of requests comprising the subset is determined in response to the determined weight. Corresponding systems are also described.02-11-2010
20100005170MAPPING HUMAN-MEANINGFUL PARAMETERS TO NETWORK-MEANINGFUL PARAMETERS TO PERMIT USER TO ESTABLISH TRAFFIC IMPORTANCE IN HOME NETWORK - A method of describing highly valued traffic in a home network in terms that are meaningful for a human and that are translated to useful network parameters.01-07-2010
20110258316SYSTEM AND METHOD FOR MANAGING RELATIONSHIPS WITH INDEPENDENT MULTI-DIMENSIONAL GROUPING, INDIVIDUALIZED PRIVILEGES, AND INTERACTIVE FEEDBACK IN A SOCIAL NETWORK - A system and method for managing relationships in a social network with independent multi-dimensional groupings, individualized privileges & interactive feedback. The contributing member can assign a privilege level from a sliding scale of at least three levels for each item of information, represented as C10-20-2011
20110153822SYSTEMS AND METHODS FOR MANAGING PREFERRED CLIENT CONNECTIVITY TO SERVERS VIA MULTI-CORE SYSTEM - The present application is directed towards systems and methods for providing a cookie by an intermediary device comprising a plurality of packet processing engines executing on a corresponding plurality of cores, the cookie identifying a session of a user that was redirected responsive to a service exceeding a response time limit. The cookie may be generated with identifiers based off a name of a virtual server managing a service of a server, and a name of a policy associated with the virtual server. Each packet processing engine of the plurality of packet processing engines may interpret cookies generated by other packet processing engines due to the name of the virtual server and name of the policy, and may provide preferred client connectivity based on cookies included in requests for access to a service.06-23-2011
20090164631Centralized Services Management (CSM) System - In this presentation, we show a system and method for in-depth tracking and information, reporting capabilities, and maintaining a high level of availability for its customer information and tracking database facility. The purpose is to show an effective and economical way to automate and monitor/manage the whole operation for centralized services management. Automating the whole process and tracking all the components and issues provide efficiency and saving to the users, with less chance of error, down-time, and under-estimating/over-estimating the resources or inventories.06-25-2009
20080320137FIELD DEVICE - Disclosed is a field device which constitutes a plurality of distributed systems to perform a data communication with another field device on a network. The field device includes: an application execution section to execute a distributed application based on each distributed system; a storage section to store setting information on virtual communication addresses allocated to each field device constituting the plurality of distributed systems for each distributed system; and a control section to determine whether a requested data communication is in a same distributed system based on the stored setting information on the virtual communication addresses when the data communication is requested by the application execution section. If the data communication is in the same distributed system, the control section notifies a management section of a virtual communication address of a destination device, and requests the management section to perform the data communication with the destination device.12-25-2008
20090177773DETERMINING POLICY FOLLOW-UP ACTION BASED ON USER-SPECIFIED CODES - A system, method and computer program product for determining policy follow-up action based on user-specified codes are set forth. When determining policy follow up action based upon user specified codes, a policy system receives function templates for permissible actions on a given resource type; each function template is annotated with indications of success and failure; the policy system performs an action on the resource; the policy system receives a status indication (or exception); the status indication is compared against the annotated function template; and, the policy system determines its next action based on that comparison.07-09-2009
20120203906Pre-Access Location-Based Rule Initiation in a Virtual Computing Environment - Methods, systems, and devices are described for updating resource access permissions in a virtual computing environment. In these methods, systems, and devices, a host computer system determines that a user associated with an existing session has moved from a first location to a second location, identifies at least one pre-access rule based on the second location, applies the at least one pre-access rule to the existing session before authenticating the user for access to the existing session in response to the determination that the user has moved to the second location, and authenticates the user at the second location for access to the existing session after the at least one pre-access rule has been applied to the existing session.08-09-2012
20110047270Network connection service providing device - A network connection service providing device capable of making not only a connection to the Internet, but also, if necessary, a connection to a private network A so-called hotspot service provides a network connection service wirelessly at a station, an airport, a shop, or the like, and a control unit 02-24-2011
20080256236System, method and computer program product for monitoring and controlling network connections from a supervisory operating system - A system, method and computer program product that is designed to support high-availability, rapid fault recovery, out of band condition signaling and/or other quality of service assurances and security in a networked environment. In one aspect, a method of the invention includes the step of providing a processing system with a dual-kernel or multi-kernel software operating system. The operating system includes a supervisory operating system and a secondary operating system that provides network functions to user applications. The method also includes the step of providing a Network Control Software (NCS) in the supervisory operating system. The NCS is configured to transparently monitor and control network operations in the secondary operating system.10-16-2008
20110055393NETWORK SYSTEM, COMMUNICATION TERMINAL, COMMUNICATION METHOD, AND COMMUNICATION PROGRAM - A first communication terminal includes a first storage unit for storing first and second identification information for identifying first and second communication terminals, respectively, a first generation unit for generating a room name based on the first and second identification information, and a first communication unit for transmitting to a server device a request to generate a room for communicating data, and the room name The first communication unit transmits information indicating an invitation to the room and the first identification information to the second communication terminal via a network in accordance with the second identification information, and accesses the room corresponding to the room name. The second communication terminal includes a second storage unit for storing the second identification information, a second generation unit for generating the room name based on the first and second identification information, and a second communication unit receiving the information from the first communication terminal for accessing the room corresponding to the room name.03-03-2011
20110055392NETWORK TRAVERSAL METHOD AND NETWORK COMMUNICATION SYSTEM - A network traversal method is provided. A plurality of endpoints in a plurality of network address translators (NATs) is grouped into a plurality of groups, and an on-line server is deployed for managing information related to the groups and information related to connections that have traversed the NATs, wherein the endpoints in the same NAT are grouped into the same group. In addition, when one of the endpoints is about to establish a connection with another one of the endpoints, whether there is a peer-to-peer direct connection between the groups corresponding to the two endpoints is determined. If there is the peer-to-peer direct connection between the groups corresponding to the two endpoints, the connection between the two endpoints is established by using the peer-to-peer direct connection. Thereby, the network traversal method can effectively reduce the time, cost, and complexity for traversing the NATs.03-03-2011
20080250142Access Node Selection in a Network - The invention is directed towards determining an access node (10-09-2008
20110264804CLOUD-BASED WEB CONTENT FILTERING - A method of filtering web content including maintaining a data store including a plurality of web content filtering rules. A filtering rules query is received from a client device via a network in response to the client device requesting web content. One or more web content filtering rules are transmitted to the client device via the network.10-27-2011
20110264803CONFIGURATOR - A configurator is provided that connects with various disparate elements in a telecommunication system. The configurator is adapted to receive a traffic plan that has a plurality of different aspects that are implemented across the disparate elements. The configurator is adapted to generate processing schemas and/or databases that can be used by the disparate elements in order to implement the traffic plan.10-27-2011
20110072137INTEGRATED APPLICATION ACCESS - An integration portal provides a user with access to application entities of a plurality of remote applications. An authorization layer included in the integration portal includes a permission map indicating an association between the user and at least one of the application entities of the plurality of remote applications that the user is permitted to access. The authorization layer in the integration portal is synchronized with an authorization layer included in an application portal that provides the user with access to a subset of the remote applications, whereby the permission map is updated with information about at least one of the application entities that the user is permitted to access through the integration portal. Corresponding systems and methods are also disclosed.03-24-2011
20110119380Device and method for controlling dissemination of contents between peers having wireless communication capacities, depending on impatience reaction functions - A method is intended for controlling dissemination of content in a peer-to-peer mode between peers having wireless communication capacities. This method consists, each time a peer receives a content item it had requested and which is associated to a request counter, in creating at least one set of instructions intended for allowing replication of this content item by this peer, and in authorizing this peer to generate at most N replications of this content item for other peers it will meet and which does not possess it, where N is an integer value depending on the current value of this request counter and of an impatience reaction function which is representative of the mean time these peers are ready to wait for obtaining this content item.05-19-2011
20110138044WAKE ON LOCAL AREA NETWORK SIGNALLING IN A MULTI-ROOT I/O VIRTUALIZATION - Wake on local area network (LAN) functionality is provided in a multi-root environment. An I/O device, which is share by a plurality of physical hosts, receives the MAC address contained in the wake up packet, then prepares and sends an appropriate wake signal to the targeted host. In one embodiment, the shared I/O device sends an out-of-band wake up signal to each of the physical host computers, wherein the wake up signal is a serial bit stream encoded with the MAC address so that only the physical host having a MAC address matching the MAC address in the wake up signal will be turned on. In another embodiment, the shared I/O device sends a binary ON/OFF signal directly to the targeted physical host computer over a signal line associated with the MAC address.06-09-2011
20120311152SYSTEMS AND METHODS FOR PROVIDING CONTENT AND SERVICES ON A NETWORK SYSTEM - Systems and methods for managing and providing content and services on a network system. Aspects of the invention include location-based determination of network content and services that may be provided to client computers. Other aspects of the invention include authorization and authentication components that determine access rights of client computers. Additional aspects include systems and methods for redirecting client computers to different network content. The disclosed systems and methods may be used in numerous network system applications.12-06-2012
20120311151SYSTEMS AND METHODS FOR ESTABLISHING AND ENFORCING USER EXCLUSION CRITERIA ACROSS MULTIPLE WEBSITES - Various embodiments provide systems and methods for monitoring a user over at least two websites. The systems and methods are configured to: (a) receive self-exclusion information from the user; (b) after receiving the self-exclusion information: (1) associate a unique user identifier that identifies the user with the self-exclusion information; and (2) store the unique user identifier and the self-exclusion information; (c) receive a first request from a first website to validate whether the user can engage in one or more first types of transaction activities; (d) after receiving the first request: (1) query the memory based on the unique user identifier; and (2) in response, send the first website a first indication that the user is excluded from engaging in the at least one of the first types of transaction activities. Second requests for a second website are then handled analogously. Associated methods are likewise provided.12-06-2012
20120311150INDICATION OF URL PREREQUISTE TO NETWORK COMMUNICATION - A network device includes a processor and a memory communicatively coupled to the processor. The memory stores instructions causing the processor, after execution of the instructions by the processor, to detect the presence of a client connecting to a network and send a packet to the client indicating that access to a Universal Resource Locator (URL) is a prerequisite to the client communicating over the network in response to the client connecting to the network. The packet includes the URL.12-06-2012
20100180032AUTHORIZATION AND AUTHENTICATION BASED ON AN INDIVIDUAL'S SOCIAL NETWORK - An individual's social network is used to authorize information flow to the individual and to authenticate the individual for access to certain information or services. Information flow to the individual is authorized if the source of the information is a member of the individual's social network who is connected to the individual along a path that does not traverse through anyone on a gray list of the individual. The black list identifies those members who previously sent unwanted communication to the individual or posted content that was deemed offensive by the individual. The gray list identifies those members who are one degree separated from any black list member. The individual is authenticated for access to certain information or services if a member of the individual's social network already has access and this member is connected to the individual along a path that does not traverse through anyone on a gray list of the individual, or if members of the individual's social network who are connected to the individual along a path that does not traverse through anyone on a gray list of the individual have an average authentication rating that is at least a minimum value.07-15-2010
20100180028POLICY SERVICE SYSTEM ARCHITECTURE FOR SESSIONS CREATED USING STUN - Described herein are embodiments for setting, managing, and monitoring connection policies for a plurality of network paths from a first endpoint to a second endpoint. In embodiments, a set of candidate addresses from a first endpoint and a set of candidate addresses from a second endpoint are received. Each candidate address of the first endpoint is paired with each candidate address of the second endpoint to create a plurality of candidate address pairs. Each candidate address pair has an associated network path. The network path is the route by which data flows to and from the various endpoints. Once all network paths between each candidate address pair have been determined, a connection policy is set for each network address pair and the associated network path.07-15-2010
20100121954Communication Method and System Using User ID-Based Domain Name - A method of communication is provided, which comprises assigning a first domain name by a server to a first user when the first user logs onto the server using a first device, the first domain name being associated with a first device identifier of the first device and a first user identifier of the first user; and negotiating communication for the first device based on the first domain name despite of the IP address of the first device. Other embodiments are disclosed. By way of the present invention, a secure and convenient resource sharing and access control may be achieved.05-13-2010
20120210003Fair Usage Enforcement in Roaming Packet Based Access - Means and methodology for a Policy and Charging Rule Function, in a network visited by a roaming terminal, to determine its role and mode of operation in concurrence with a Policy and Charging Rule Function in the home network of that terminal. The role is determined base on the fact the terminal is roaming, a roaming agreement exists between both networks or can be established and visitor network's operator rules. Determining mode of operation comprises negotiation and possible rule transfer between visited network and home network Policy and Charging Rule Functions.08-16-2012
20100228860Supporting a Community of Subscribers in an Environment Using a Service Selection Gateway (SSG) - A service policy manager may be used to enable a first subscriber in a community to administer rules on another subscriber in the same community. A service selection gateway (SSG) may then be configured according to the rules to provides services according to the rules. As a result, the services provided to a subscriber depend not just on the individual profile of the subscriber, but also potentially on the rules administered by other members of the communities the subscriber is a part of.09-09-2010
20090292807MULTIMEDIA DATA TRANSFERRING METHOD AND SYSTEM THEREOF - A multimedia data transferring method includes the following steps. Receive a browsing command from a controller, wherein the controller is in a first domain. Obtain the transfer protocol and data format supported by a multimedia content item from a media server based on the browsing command, wherein the media server is in a second domain. Obtain the transfer protocol and data format supported by a media renderer, wherein the media renderer is in the first domain. Decide a desired transfer protocol and a desired data format from the transfer protocol and data format supported by multimedia content item and the media renderer. Notify the media renderer and the media server the desired transfer protocol and the desired data format. Create the data transferring connection between the media renderer and the media server based on the desired transfer protocol and data format.11-26-2009
20090292806Management of Remotely Hosted Services - A management system for remote services may use an administrative server within a local area network to manage the remote services for many manageable entities. The administrative server may connect to a clearinghouse server outside the local area network to obtain information about available remote services and to consolidate some operations for interfacing to the remote services. In some embodiments, the clearinghouse server may act as a proxy for many different remote services and may enable some functions to be aggregated across different remote services, such as billing, authentication, provisioning, and other functions. The administrative server may configure the managed entities to access the remote services as well as other functions.11-26-2009
20120066387METHOD, APPARATUS AND SYSTEM FOR PROVIDING CONTENTS TO MULTIPLE DEVICES - In some examples, a contents providing apparatus that provides contents to multiple devices may include a user information management unit, a contents management unit, a contents usage information management unit, and a contents usage information searching unit.03-15-2012
20110179168Systems and Methods for Managing Temporary Users of a Wireless Communication Network - In some embodiments, the present invention relates to systems and methods for providing temporary access to a wireless communication network to user equipment (UE). More particularly, the present invention relates to systems and methods of handling a UE's access to a wireless communication network upon expiry of permission to access the network.07-21-2011
20100030897Method and System for Installing a Root Certificate on a Computer With a Root Update Mechanism - The invention discloses a method of installing or updating a root certificate on a computer with a root update mechanism by sending a client computer at least one root certificate and a legacy certificate chain. This method can be used to enable extended validation certificates on a computer with a root update mechanism.02-04-2010
20100017512Method and System For Improvements In or Relating to Off-Line Virtual Environments - The compliance of a virtual machine image to a set of requirements is determined during a process to potentially introduce the virtual machine image into a network. One or more virtual machine images are identified. During compliance testing, the identified virtual machine image is controlled such that it cannot connect to the network. One or more tests are carried out to determine if the virtual machine image is compliant with one or more predetermined requirements. If a virtual machine is compliant with said one or more predetermined requirements, the virtual machine image is connected to the network.01-21-2010
20110153821Mechanical Proximity Sensor Enabled eService Connector System - An eService connector system includes an eService consumer for receiving an eService from an eService source. The eService may, for example, be any wave form of illumination, acoustic or thermal service. A service switch is provided for selectively transferring the eService from the eService source to the eService consumer. The service switch is activated to transfer an eService from the eService source to the eService consumer in response to a proximity sensor engaging a proximity target.06-23-2011
20110307609LOAD BASED PROBE RESPONSE SCHEDULING - In an example embodiment, an apparatus comprising an interface configured to communicate with at least one wireless transceiver, and a controller coupled to the interface. The controller is configured to determine a predefined characteristic such as current load and/or interference for a wireless channel associated with the at least one wireless transceiver. The controller is operable to suppress sending a probe response in response to the at least one wireless transceiver receiving a probe request, wherein how often probe responses are suppressed is based on the predefined characteristic for the wireless channel.12-15-2011
20110138045TECHNIQUES TO ENABLE FIREWALL BYPASS FOR OPEN MOBILE ALLIANCE DEVICE MANAGEMENT SERVER-INITIATED NOTIFICATIONS IN WIRELESS NETWORKS - An embodiment of the present invention provides a method, comprising enabling firewall bypass for open mobile alliance device management (OMA DM) server-initiated notifications in wireless networks by requiring that a certain OMA DM packet is captured by a modem associated with a OMA DM client and routed via a predetermined driver interface, wherein the OMA DM server initiates connection with the OMA DM client by sending a UDP packet to the OMA DM client inside a wireless device, and wherein the OMA DM packet is transferred over RF channel into a the modem, and through the wireless device OS's IP stack delivered to an application of the OMA DM client.06-09-2011
20110307610INFORMATION PROCESSING DEVICE AND INFORMATION PROCESSING PROGRAM - An information processing device includes a communication section performing communication with other devices on a network, an image generation section generating image information for each of contents stored in another device on the network or in the information processing device itself, with use of address information of the contents, network identification information, and process instruction information provided for each of the contents, the image information representing the three kinds of information, and the network identification information being used for authentication which allows a wireless device to participate in a wireless network configured to include an access point on the network, and a display request section requesting a display device to display, on a screen thereof and together with a content list, the image information generated by the image generation section.12-15-2011
20120042074HOME NETWORK, METHOD FOR SHARING DEVICE INFORMATION AMONG HOME NETWORKS AND HOME NETWORK SYSTEM - In the field of communications technologies, a home network, a method for sharing device information among home networks and a home network system are provided. The home network system includes a first home network, and a second home network having a first secure channel established with the first home network, so as to obtain an access policy and device information of the first home network through the first secure channel and provide the device information for a third home network having a second secure channel established with the second home network according to the access policy. Therefore, the device information is shared among the home networks, and the number of the secure channels to be established is reduced, and thereby the amount of information required to be stored and maintained is reduced.02-16-2012
20120042071LIMITING RESOURCES CONSUMED BY REJECTED SUBSCRIBER END STATIONS - A method performed in a network element coupled between a subscriber end station and an AAA server for avoiding AAA processing by at least temporarily suppressing AAA access-request messages for a rejected subscriber end station. The network element receives subscriber session-request messages from the subscriber end station. Subscriber session-request messages include information for verifying an identity that the network element transmits to the AAA server as AAA access-request messages. The network element receives AAA access-response messages corresponding to the AAA access-request messages. Responsive to an AAA access-response message, the network element determines that additional AAA access-request messages should be, at least temporarily, suppressed with regards to the subscriber end station. Responsive to determining, the network element suppresses any additional AAA access-request messages from being transmitted to the AAA server. The suppression of AAA access-request messages conserves execution resources in the network element and the AAA server.02-16-2012
20120042073Method and Nodes for Transmitting User Context between Communication Networks - A method of managing a subscription request at a originating network node of a first network operator is provided, where a subscription request originating from, or on behalf of a user being a subscriber of the first network operator is provided with user context that is specifying an agreement between the first network operator and the subscriber. The subscription request is then transmitted to a terminating network node of a second network operator, with which the first network operator has established an interoperability agreement. The described procedure enables the second network operator to authorize the subscription request taking the user context into consideration, such that the interoperability agreement between the two network operators is applied for the subscriber also by the second network operator.02-16-2012
20120042072SYSTEM AND METHOD FOR COMMUNICATING WITH ELECTED OFFICIALS - A system and method for communicating with elected officials and/or candidate for office is provided. One method comprises: storing, at a server operatively connected to a communication network, information associated with at least one official, wherein the information defines a constituency group for each elected official and for each candidate for election for which information is stored on the server; qualifying a user for one or more of the constituency groups when the user accesses the server through a computing device, the qualifying comprising determining which of the at least one official represents the user based on a voting based geographic parameter of the user; and providing the user access through a common portal to information associated with the at least one official for which the user is a qualified member of the respective constituency group.02-16-2012
20090172161System and methods for web-based interactive training content development, management, and distribution - System and methods for integrated web-based interactive training content development, management and distribution including a network for remote access by users to a content distribution server having privilege-based user access to content in at least one delivery format, wherein the content is stored on a content server in a format-neutral manner and delivered to the users in dynamically recombinable formats based upon user profiles.07-02-2009
20090172160LOADING OF SERVER-STORED USER PROFILE DATA - One or more computer-implemented methods provided by computer-readable media for providing and loading user profile data from a server computer system to a client computer system may be used together with the server and client computer systems. The client computer system may be caused to initiate a login process for a user on the client computer system and to send login information to the server during the login process. After reception of the login information from the client, the server evaluates the received login information to obtain user information corresponding to a user identified in the login information. Based on the obtained user information, the server finds user profile data stored on the server computer system. Finally, metadata relating to the user profile data may be determined by the client computer system by pulling corresponding data from the server computer system.07-02-2009
20120151060USE OF INFORMATION CHANNELS TO PROVIDE COMMUNICATIONS IN A VIRTUAL ENVIRONMENT - The invention generally relates to virtual environments, and more particularly to systems and methods for communicating in virtual environments. A method of providing communication in a virtual universe (VU) includes instantiating and assigning an information channel to a first client of the VU, associating at least one additional client of the VU to the information channel, and conveying data placed on the information channel to the first client and the at least one additional client.06-14-2012
20120151058METHOD AND APPARATUS FOR CONTROLLING HOME NETWORK ACCESS USING PHONE NUMBERS, AND SYSTEM THEREOF - A method and apparatus for controlling a home network access using phone numbers, and a system thereof, which enables a sharing user to simply set and manage sharing environment based on a telephone number capable of being easily recognized by the sharing user, and enables sharing users to simply access a sharing device inside a home using telephone numbers previously recognized by the sharing users when sharing contents of a UPnP device connected to a home network with the sharing users outside the home. The system includes a phone number management server for managing phone number information and a linked home gateway identifier, an access list management server for managing an access list, a home gateway management server for managing state information and access information of a home gateway, and a service server for receiving a service request from a remoter terminal and processing the received service request.06-14-2012
20120151057VIRTUALIZED CONNECTIVITY IN A CLOUD SERVICES ENVIRONMENT - A system and method of providing virtualized connectivity in a cloud services environment. A service provider network defines at least a first virtual private network and a second virtual private network for a respective first customer network and a second customer network. The service provider network includes at least one physical connection with a cloud services provider network where the at least one physical connection includes a first private virtual connection between the first virtual private network and the cloud services provider and a second private virtual connection between the second virtual private network and the cloud services provider.06-14-2012
20120151056NETWORK SERVICE ADMISSION CONTROL USING DYNAMIC NETWORK TOPOLOGY AND CAPACITY UPDATES - A network device implements resource admission policy management related to controlling the denial or grant of a delivery of a network service to a customer device. The network device receives a notification related to a change in network topology or network capacity of a network that delivers the network service. The network device identifies changes in the network topology or the network capacity based on the notification, and applies resource admission control to deny or grant the customer device access, to resources of the network to receive delivery of the network service, based on the identified changes in the network topology and/or the network capacity.06-14-2012
20120151055Low Energy Mobile Information Delivery - The subject disclosure is directed towards delivering information to mobile devices in an energy and bandwidth efficient manner by sending information only when the device user is likely to use the information. The information is delivered proactively based on user attention being paid to the device or the user's anticipated attention, corresponding to sensed state data and other state data. Also described is a proxy that interfaces with legacy information servers or the like, such as to emulate the mobile device, so that information delivery from such sources can be deferred until needed by the user. Device energy is conserved and user disruptions reduced by computing an inference as to when the user is likely to be interested in the communicated information, and downloading based upon the inference.06-14-2012
20120151054LOAD BALANCING METHOD FOR CLUSTER SYSTEM - A load balancing method for a cluster system is presented. A load record is firstly established in each server, and the load record has an access connection number of each server. An access channel is then established, and one of the servers is specified as a first server. The first server determines whether the first server specified by the access channel needs to be changed according to the load records. When it is determined that the first server needs to be changed, another server is specified as a second server according to a configuration strategy. The first server sends a reply signal to a user terminal, and the user terminal establishes an access connection with the second server according to the reply signal. Finally, the load records of all the servers are synchronously updated so that all the servers in the cluster system know load conditions of other servers.06-14-2012
20110093595Customer Premise Equipment Device-Specific Access-Limiting for a Cable Modem and a Customer Premise Equipment Device - A method of initializing, provisioning, and managing a cable modem and a customer premise equipment device includes, prior to receiving the configuration file for the cable modem, providing an equipment identification message containing a description of the customer premise equipment device connected to the cable modem. In the case where the cable modem has yet to be provisioned, the configuration file received from the network server is a particular access-limiting configuration file that is selected from a group of access-limiting configuration files. The selection of the particular access-limiting configuration file is based on the description of the customer premise equipment device in the equipment identification message. This allows different devices to have different network restrictions or different walled gardens.04-21-2011
20110093594Real-Time Storage Area Network - A cluster of computing systems is provided with guaranteed real-time access to data storage in a storage area network. Processes issue request for bandwidth reservation which are initially handled by a daemon on the same node as the requesting processes. The local daemon determines whether bandwidth is available and, if so, reserves the bandwidth in common hardware on the local node, then forwards requests for shared resources to a master daemon for the cluster. The master daemon makes similar determinations and reservations for resources shared by the cluster, including data storage elements in the storage area network and grants admission to the requests that don't exceed total available bandwidth.04-21-2011
20110093593WIRELESS COMMUNICATION SYSTEM, COMMUNICATION TERMINAL, MANAGEMENT TERMINAL, COMMUNICATION METHOD, AND INTEGRATED CIRCUIT - A beacon is transmitted and received among a plurality of terminals STA. A terminal STA which transmits the beacon is assigned as a representative terminal MSTA which manages a group, and a terminal STA which receives the beacon is assigned as a belonging terminal SSTA of the group. The representative terminal MSTA obtains identification information from the belonging terminal SSTA and stores the identification information. Then, when receiving an AP beacon from a management terminal AP, the representative terminal MSTA collectively transmits, to the management terminal AP, the identification information of the representative terminal MSTA and the belonging terminal SSTA. The management terminal AP performs an authentication procedure, by using the collectively transmitted identification information, for each of all of the communication terminals which form the group.04-21-2011
20120047262Managing Undesired Service Requests in a Network - A Method and a system for managing undesired service requests sent from at least one terminal to a network are described, wherein the network comprises a network node for storing trusted service-information. The method comprises the steps of: the network receiving a service request from a terminal, the request comprising service request information; and, sending, preferably via a secure communication channel, a user verification request for requesting the user to verify the service requested by the terminal if at least part of the service request information is not listed in the trusted service-information.02-23-2012
20120047259WEB HOSTED SECURITY SYSTEM COMMUNICATION - A distributed proxy server system is operable to receive a request for Internet data from a user, obtain the user's identity, store at least one cookie on the user's web browser identifying the user, and filter undesired content before forwarding requested Internet data to the user. A master cookie is associated with the proxy server including user identity information, and an injected domain cookie is associated with the domain of the requested Internet data including user identity information.02-23-2012
20120047263ATTRIBUTE DRIVEN MOBILE SERVICE CONTROL LOGIC - The disclosed embodiments enable service policies to be provisioned for a Mobile Node dynamically. A network device receives a message including at least one of one or more attributes of a Mobile IP session and one or more user preferences associated with the Mobile Node. One or more rules to be applied to the Mobile Node may then be identified. One or more of the identified rules are executed according to at least one of one or more of the attributes of the Mobile IP session and one or more of the user preferences associated with the Mobile Node.02-23-2012
20120047261METHOD FOR UNIFORM NETWORK ACCESS - According to some embodiments, a registry is displayed. The registry may, for example, indicate resources available from a plurality of remote network access devices via a communications network. Moreover, a personal network address May be associated with each available resource, the personal network address including an destination address portion and an application program identifier portion. A direct communications link may then be established between a first network access device hosting an available resource and a second network address device using the personal network address associated with the resource.02-23-2012
20120047260Data Synchronization For Circuit Resources Without Using A Resource Buffer - A resource synchronizer synchronizes transmission of data to a SerDes of a device so that the SerDes is capable of providing the data to a resource of the device without buffering the data between the SerDes and the resource.02-23-2012
20120005343COMMUNICATION ACCESS CONTROL SYSTEM OF VEHICLE - A communication access control system of a vehicle that selectively operates one accessible module with a higher access priority in a current location of a first wireless communication module or a second wireless communication module receiving contents from a contents server in a wireless manner is provided. The communication access control system of a vehicle includes: a first wireless communication module and a second wireless communication module accessing a contents server to receive contents from the contents server in a wireless manner; and an access controller selectively operating one accessible module of the first wireless communication module or the second wireless communication module with a higher access priority in a current location of the vehicle.01-05-2012
20120005342Cloud Service Cost-Optimal Data Center Assignment - A method for service creation and mapping between at least two support systems includes provisioning a service based on a service requirement and a plurality of available data centers, collecting a value of the service requirement and a cost associated with the service, matching resource types of the data centers to resource availability, determining at least one valid data center from the plurality of data centers, and selecting a valid data center with a minimum cost for service placement and provisioning.01-05-2012
20120005341SYSTEM AND METHOD FOR DIVIDING CLOUD RESOURCES - A method and apparatus for dividing resources provided by cloud computing systems is described. In one embodiment, the method includes receiving a specification of a subset of cloud computing systems from among a plurality of cloud computing systems. The method may also include joining the subset of cloud computing systems into a pool of cloud computing resources. Furthermore, the method may include providing access to the pool of cloud computing resources.01-05-2012
20120047258Managing and Securing Manageable Resources in Stateless Web Server Architecture Using Servlet Filters - Access is controlled to managed resources in a stateless web server architecture including a stateless web server computing platform; a resource locator map portion of the stateless web server computing platform providing a unique resource locator code representing each managed resource in a stateless web server architecture, wherein the managed resource is assigned to a plurality of application program components; a set of servlet filters disposed in a portion of the stateless web server computing platform, each servlet filter associated with one of the application program components; a resource locator matcher portion of the stateless web server computing platform, responsive to a user request to a unique resource locator, matching a pattern in the user request to one or more of the application program components using a corresponding servlet filter; and a request dispatcher portion of the stateless web server computing platform sending the user request to the matched application program component, wherein the application program component receives and processes the user request.02-23-2012
20110167157METHOD AND SYSTEM OF ASSIGNING ACCESS CONNECTIONS - A method and system for load balancing network access solutions, for example Provider Edger (PE) routers and network interface cards within said routers, based on characteristics of the destination device to which the assigned network access solutions connect. This enables a service provider to load balance access connections of a particular customer across a number of different network access solutions, based on who the customer is and where the customer is located. In addition, such a system can balance network access solutions based on capacity and utilization of the network access solutions.07-07-2011
20090043889COMMUNICATION SYSTEM, DATA PROCESSING APPARATUS, SERVER, DATA PROCESSING METHOD, PROGRAM THAT EXECUTES THE DATA PROCESSING METHOD, AND RECORDING MEDIUM TO RECORD THE PROGRAM - Disclosed is a communication system wherein, in a case wherein peer-to-peer communication channels are established between data processing apparatuses using a plurality of passing-via-NAT methods, a channel employed for communication between the apparatuses can be quickly selected, and peer-to-peer communication can be performed via the selected channel. This communication system includes first and second data processing apparatuses, so that at the least, either the first or the second data processing apparatus performs communication via a communication processing apparatus, and two or more peer-to-peer communication channels are established between the first and second data processing apparatuses. At the least, either the first data processing apparatus, or the second data processing apparatus, selects a channel to be employed for communication between the first and second data processing apparatuses, and communicates along the selected channel.02-12-2009
20120023232METHOD FOR CONFIGURING ACCESS RIGHTS, CONTROL POINT, DEVICE AND COMMUNICATION SYSTEM - In a method for configuring access rights, a UPnP (Universal Plug and Play) device receives CPID information sent by a first CP without administrator rights, wherein the CPID information comprises an ID of another CP obtained by the first CP. Then the UPnP device sends a CPID list that carries the CPID information to a second CP with administrator rights. And the UPnP device receives a CP right configuration command sent by the second CP, and configures access rights for at least one CP corresponding to a CPID in the CPID list.01-26-2012
20120023231Network system, control method for the same, and controller - In a network system, each server is assigned to at least one relay processing devices. A plurality of switches are arranged in a network and a controller controls the switches. Specifically, the controller designs, in response to a request from a request source switch, a route of a flow from the request source switch to a destination address. Here, the controller refers to assignment information indicating an assignment relationship between servers and relay processing devices to select, as a target, any one relay processing device assigned to a server specified by the destination address, and designs the route so as to include the target. Then, the controller instructs each switch on the designed route to set the flow table such that a packet is forwarded along the designed route.01-26-2012
20130185427TRAFFIC SHAPING BASED ON REQUEST RESOURCE USAGE - A current request for a server to perform work for a user profile can be received and processed at the server. It can be determined whether server usage by the profile exhibits a sufficient trend toward a threshold value to warrant performing traffic shaping for the user profile. If so, then a delay time can be calculated based on, or as a function of, server resources used in processing the current request, and a response to the current request can be delayed by the delay time.07-18-2013
20120059934SYSTEMS AND METHODS FOR SELF-LOADING BALANCING ACCESS GATEWAYS - The present invention is directed towards systems and methods for self-load balancing access gateways. The systems and methods include a master access gateway that receives load metrics and capabilities from a plurality of access gateways. The master access gateway also receives requests to determine if a request to start a new session is to be redirected to an access gateways. The master access gateways uses the load metrics and capabilities to select an access gateway to service the request.03-08-2012
20120210001SYSTEM AND METHOD FOR MANAGING ACCESS TO A COMMUNICATION NETWORK - The disclosure recites a system and method for selecting a client device for a server device managing communications for a wireless network. The method comprises: identifying a set of wireless devices that are communicating in the network; and identifying a set of client of devices in the set of wireless devices to communicate with the network through the server device by evaluating members in the set wireless for their communication characteristics for the network.08-16-2012
20120210002DYNAMIC WALLED GARDEN - A dynamic walled garden access method, apparatus, and system for a local area network. The walled garden access method comprises configuring an indexer to automatically and periodically populate a list of additional permitted locations in a predefined fashion based on a list of initial permitted locations; intercepting, by a network controller/gateway, an access request from a user device; and configuring the network controller/gateway to allow the access request if the access request is on the list of initial permitted locations or the list of additional permitted locations.08-16-2012
20120210000Registering Devices For Network Access - Methods, systems, and computer program products are disclosed for registering devices for network access. Embodiments include receiving, by a registration module, a media access control (MAC) address associated with a network adapter of a device; registering, by the registration module, the device, including associating the MAC address with a guest account at or before the time of registration of a guest; and allowing, by the registration module, the registered device to access a network.08-16-2012
20120209999Time Based Access Control in Social Software - An embodiment of the invention provides a method for controlling access to content in a social networking website, wherein a connection is established between a first user and a second user on the social networking website. Content on the profile pages of the first user is categorized into a first content category and a second content category. The first content category includes content created before the connection between the first user and the second user was established. The second content category includes content created after the connection between the first user and the second user was established. Content in the first content category is also categorized into a first subcategory and at least one second subcategory. Access by the second user is restricted to the first content category. Specifically, the second user is prevented from viewing content in the first subcategory and permitted to view content in the second subcategory.08-16-2012
20120209998METHOD AND APPARATUS FOR PROVIDING ACCESS TO SOCIAL CONTENT BASED ON MEMBERSHIP ACTIVITY - A method for providing access to social content based on membership activity may include receiving information providing corresponding identities of a plurality of members of a group and receiving an indication of a presence threshold defining a number of members of the group that when present enables access to a group related function. The presence threshold may be defined relative to an entirety of a size of the group. The method may further include modifying the presence threshold to determine a quorum value of members that when present enables access to the group related function where the quorum value is determined based on activity of the members of the group over at least a defined time period, and enabling access to the group related function by the members based on presence information related to the members indicating that the quorum value is met. A corresponding apparatus and computer program product are also provided.08-16-2012
20120158965Methods And Apparatus For Protecting Digital Content - An embodiment of the invention includes a processing system to provide protected digital content, the processing system comprising a processor and control logic which, when used by the processor, results in the processing system performing operations comprising determining first and second receivers, which are coupled to the processing system, are within a predetermined acceptable proximity to the processing system. The processing system is upstream to the first receiver and the first receiver is upstream to the second receiver. Other embodiments are provided herein.06-21-2012
20120110178LOCATION PROCESSING METHOD, ADDRESS DUPLICATION PROCESSING METHOD AND APPARATUS - The present invention discloses a location processing method, an address duplication processing method and apparatus based on an integrated service access gateway/Parlay X gateway. The location processing method includes that: the integrated service access gateway/Parlay X gateway receives location operation requests for multiple terminals by a provided network service interface, wherein the location operation requests are location requests simultaneously initiated for the addresses of multiple terminals; and the integrated service access gateway/Parlay X gateway processes the location operation requests via a service logic processing module, processes the location operation requests according to a predetermined policy in a case that address duplication occurs in the addresses of multiple terminals, and returns policy duplication abnormality and/or location results via the network service interface. The present invention solves the problems of low system developing efficiency and low service processing speed resulting from the processing of user's address duplication in the ISAG/Parlay X gateway, and further achieves the effects of improving the execution efficiency of location service, shortening the response time, and improving the efficiency of developing.05-03-2012
20120072594SYSTEM AND METHOD FOR MANAGING REGISTRATION OF SERVICES FOR AN ELECTRONIC DEVICE - The present disclosure described herein relates to a device and method for managing access to a server. The method comprises: receiving information regarding a current capability of the wireless electronic device from the electronic wireless device; analyzing the information with operating parameters of the servers to identify a second set of servers in the network that are compatible with the current capability; generating and sending access requests to the second set of servers; monitoring for responses from the second set of servers to the access requests; and generating and sending a response to the wireless electronic device providing information relating to the second responses from the second set of servers.03-22-2012
20110072135Generalized Policy Server - A scalable access filter that is used together with others like it in a virtual private network to control access by users at clients in the network to information resources provided by servers in the network. Each access filter use a local copy of an access control database to determine whether an access request made by a user. Changes made by administrators in the local copies are propagated to all of the other local copies. Each user belongs to one or more user groups and each information resource belongs to one or more information sets. Access is permitted or denied according to of access policies which define access in terms of the user groups and information sets. The rights of administrators are similarly determined by administrative policies. Access is further permitted only if the trust levels of a mode of identification of the user and of the path in the network by which the access is made are sufficient for the sensitivity level of the information resource. If necessary, the access filter automatically encrypts the request with an encryption method whose trust level is sufficient. The first access filter in the path performs the access check and encrypts and authenticates the request; the other access filters in the path do not repeat the access check. A policy server component of the access filter has been separated from the access filter and the policies have been generalized to permit administrators of the policy server to define new types of actions and new types of entities for which policies can be made. Policies may now further have specifications for time intervals during which the policies are in force and the entities may be associated with attributes that specify how the entity is to be used when the policy applies.03-24-2011
20120110179METHOD AND APPARATUS FOR DISTRIBUTED UPLOAD OF CONTENT - A system for accurately modeling of buyer/purchaser psychology and ranking of content objects within a channel for user initiated browsing and presentation contains a neuropsychological modeling engine, a ranking application, and a behavior modeler which communicate with each other and a presentation system over communication networks. The neuropsychological modeling engine utilizes metafiles associated with content objects, a purchaser/viewer model and a channel model to derive a value Ψ representing an individual's mood and a value m representing an individual's motivational strength to select a content object. If the value Ψ is within an acceptable predetermined range, the value m is used to determine a ranking for the content object relative to other content objects associated with the channel model. Also disclosed are a system and technique for simultaneously presenting multiple, s content object data streams on the user interface in a manner which encourages multidimensional browsing using traditional navigation commands.05-03-2012
20120110177VPN FOR ACCESSING FILES STORED ON REMOTE COMPUTER - Systems and methods that enable the user to access user's files located on a remote computers via network in a secure manner. One or more implementations incorporate various components operating together to allow discovery of the hosts and enable secure access to the documents. At a higher level, various embodiments of the inventive concept may contain a client component and a server component. The server primarily contains two components—a web server component and component designed to assist with connectivity between different computers. In one or more embodiments of the inventive concept, the client may also include two components. Similar to the server, the client may incorporate a web component and the core component, which is configured to allow computers to be discovered and to share data.05-03-2012
20120158964GROUP ACCESS TO IP MULTIMEDIA SUBSYSTEM SERVICE - A method of facilitating access to services of an IP Multimedia Subsystem network by services located behind an access point to said network. The access point is associated with a subscription to the IP Multimedia Subsystem network. The method comprises including within an Implicit Registration Set defined for said subscription, a wildcarded Public Service Identity or Public Service Identity sub-domain representative of a range of Public Service Identities. At IP Multimedia Subsystem registration of said access point with the IP Multimedia Subsystem network, the Public Service Identities contained in the Implicit Registration Set are distributed to a Serving Call Session Control Function allocated to said access point and to a Proxy Call Session Control Function to which said access point is attached.06-21-2012
20110106948Running Internet Applications with Low Rights - In various embodiments, applications that are configured to interact with the Internet in some way are executed in a restricted process with a reduced privilege level that can prohibit the application from accessing portions of an associated computing device. For example, in some embodiments, the restricted process can prohibit applications from read and write access to portions of a system's computer-readable media, such as the hard disk, that contains administrative data and settings information and user data and settings. In these embodiments, a special portion of the disk, termed a “containment zone”, is designated and used by applications in this restricted process.05-05-2011
20110106947Method and Apparatus for Dual Stack Access - The present invention discloses a method of dual stack access, wherein a network device authenticates the first protocol address of a requesting client, stores the user name, first protocol address, and address status information of the client in the user information table if the authentication succeeds, assigns a second protocol address to the client, stores this second protocol address and address status information in the user information table, generates control rules for the client according to its user information, and controls dual stack access of the client according to the rules. This invention provides effective authentication-based access control of dual stack users.05-05-2011
20100094999LIMITING SIMULTANEOUS DATA TRANSFERS AND EFFICIENT THROTTLE MANAGEMENT - A network storage server implements a method to limit simultaneous data transfers and efficient throttle management. The number of processes that can be simultaneously performed in the network storage server is limited. For the processes that do not exceed the limiting number, and are therefore allowed to be simultaneously performed, a throttle control is implemented on each of the processes to limit the amount of system resources that can be allocated to each of the processes. The processes are performed on the network storage server, and a total amount of system resources allocated to these processes does not exceed the available system resources of the network storage server.04-15-2010
20090132706Interpersonal Communication Enhancer - A system for enhancing interpersonal communication is disclosed. The system includes one or more personal computer devices capable of broadcasting and receiving select messages based on overlapping user interests. The device shares identity credentials with other devices to ensure credibility of the information being broadcast and maintains user interests in a portable secure database on the device.05-21-2009
20090132705SERVER, TERMINAL APPARATUS, DEVICE REGISTERING SYSTEM, REGISTERING METHOD, REGISTERING PROGRAM AND RECORDING MEDIUM - A device registration system including a server which holds content and a terminal apparatus which uses content, whereby the terminal apparatus is registered in the server if a communication time between the terminal apparatus and the server is less than or equal to a reference value. A measuring unit of the server measures the communication time, being a time period from transmitting measuring information to the terminal apparatus until receiving response information from the terminal apparatus, and repeats the transmission, the reception, and the measurement until the measured communication time is less than or equal to the reference value. An elapsed-time measuring unit measures an elapsed time from when the measuring unit first begins measuring the communication time, and a transmission unit transmits, to the terminal apparatus, status notification information showing a processing status which depends on the elapsed time. A response unit of the terminal apparatus receives measuring information from the server and transmits response information to the server when the measuring information is received, and a display unit displays a message based on status notification information received from the server.05-21-2009
20120317286MANAGEMENT APPARATUS, MANAGEMENT METHOD, AND COMPUTER-READABLE MEDIUM - A management apparatus that causes control unit to execute first management software for managing a plurality of devices on a network comprises: a first storing unit which stores authentication information to be used to access a device using a function of the first management software; a second storing unit configured to store authentication information to be used to access the device using a function of second management software that is added to the first management software to add a new function; a registration unit configured to register the device to be managed by the second management software; and a second setting unit configured to set the authentication information to be used to access the device using the function of the second management software.12-13-2012
20120124210Regulatory Compliant Transmission of Medical Data Employing a Patient Implantable Medical Device and a Generic Network Access Device - Various embodiments concern a method which may include communicating medical information between a PIMD and an interface module via a first channel in compliance with a predetermined medical information regulatory standard, preventing access to the PIMD via the interface module other than through the first channel, detecting a communication protocol used by an available generic network access device, selecting a communication protocol rule set from a plurality of communication protocol rule sets to effect communication between the interface device and an available generic network access device of a plurality of generic network access devices, and transferring at least some of the medical information to the remote network via a second channel established between the interface module and the available generic network access device using the selected communication protocol rule set.05-17-2012
20120124209MECHANISM TO DETECT RESTRICTED ACCESS VIA INTERNET HOTSPOT - A wireless device automatically detects the redirection of its internet access via a wireless hotspot network. An algorithm in the device provides the flexibility to detect either or both of DNS redirection and HTTP redirection, as well as to automatically accommodate such internet redirection. The algorithm allows a wireless device user to be alerted and account for internet redirection when such internet redirection is automatically detected upon entering service via a hotspot. Alternatively, the wireless device may attempt to automatically meet the hotspot requirements and complete the internet access through the hotspot.05-17-2012
20120124208APPARATUS AND METHOD FOR TRANSMITTING CONTENTS ON A RELAY NODE BETWEEN SENDING END AND RECEIVING END - An apparatus and method for transmitting contents on a relay node disposed between a sending end and a receiving end is provided. If a content, which is identical to a content requested by a user terminal, is currently being transmitted or is in a waiting mode for content transmission, a relay node, for example, a router, disposed between a sending end and a receiving end duplicates the content and transmits the duplicated content to the user terminal, thereby reducing the work load of a service terminal and the network traffic load.05-17-2012
20120221726NETWORK COMMUNICATION SYSTEMS AND METHODS - Systems and methods for communicating via a network may employ communication devices capable of functioning in a server mode and a client mode. Communication may begin by activating a server mode for a first communication device. The first communication device in the server mode may receive a message from a second communication device, the message comprising an identity associated with the second communication device. The first communication device may retrieve a key associated with the second communication device and verify the identity associated with the second communication device by comparing data in the message from the second communication device with data in the key. A client mode may be activated for the first communication device. The first communication device in client mode may send a message to an address associated with the second communication device, the message comprising an identity associated with the first communication device.08-30-2012
20120221725SYSTEM AND METHOD TO CONTROL APPLICATION TO APPLICATION COMMUNICATION OVER A NETWORK - A method is provided to control communication between applications that communicate over a network comprising: designating a different respective application identifier (AppID) for each of a multiplicity of A2A enabled applications suitable to run on endpoint devices coupled to a network suitable for delivery of multimedia information; providing in non-transitory media a registry that indicates authorized AppIDs; receiving over the network a request originating from a first endpoint device for authorization for a media connection; wherein the authorization request includes an AppID; in response to the authorization request, determining whether the AppID within the authorization request matches an authorized AppID indicated within the registry; rejecting the authorization request in response to a determination that the AppID does not match an authorized AppID indicated within the registry.08-30-2012
20120221723TRANSIENT SUBSCRIPTION RECORDS - Various exemplary embodiments relate to a method and related network node including one or more of the following: receiving, at the session management node, an initial request message, the initial request message including at least one subscription identifier; determining that the session management node does not have access to a subscription record associated with the at least one subscription identifier; generating a transient subscription record based on the initial request message; and processing the initial request message based on the initial request message and the transient subscription record.08-30-2012
20120131189APPARATUS AND METHOD FOR INFORMATION SHARING AND PRIVACY ASSURANCE - An apparatus for information privacy assurance includes a data processing engine to restrict access to data received from a plurality of data sources and to a predefined data relationship query. The data processing engine includes a data input component restricted to receive the data from the plurality of data sources, a data relationship component configured to generate data relationships associated with the data, a query input component restricted to receive the predefined data relationship query associated with the data relationships, a query execution component configured to execute the predefined data relationship query, and a data output component restricted to render a result including information associated with an execution of the predefined data relationship query.05-24-2012
20120131190VALUE PROCESSING NETWORK AND METHODS - Various arrangements for processing a transaction involving at least two parties are provided. Rules may be established that define transaction processing between combinations of a plurality of origination entities and a plurality of destination entities. Transaction information may be received relating to the transaction between the two parties. One of the parties is an origination entity and one of the parties is a destination entity. The transaction information contains at least an identifier from which at least one of the parties may be identified. The transaction information may be used to identify at least one of the parties. The rules may be used to define transaction processing for the at least one party. Processing of the transaction may be at least partially based on the rules.05-24-2012
20100205301Demarcation Between Service Provider And User In Multi-Services Gateway Device At User Premises - The disclosed examples of a multi-services gateway device (08-12-2010
20120136999LOAD BALANCING HASH COMPUTATION FOR NETWORK SWITCHES - Techniques to avoid polarization in a communication network include a network switch or device having a first interface to receive a data unit or packet, and a second interface via which the packet is transmitted from the network device. The network device includes a hash value generator configured to generate, using a depolarizer, a depolarized key from an initial key (where the initial key is based on contents of the packet and the depolarizer is unique to the network device), and to generate a hash value based on the depolarized key and the packet by using a hash function that is common to all network devices in the network. The hash value may be optionally modified to load balance egress traffic of the network device. The network device selects an egress link or port, such as by determining an index into an egress table based on the (modified) hash value.05-31-2012
20120136997Method and Apparatus for Sharing and Managing Resource Availability Data - An example approach is provided for sharing and managing resource availability information. One or more resource availability information is received. Further, one or more requests to access the one or more resource availability messages are received from at least one consuming device. Access to the one or more resource availability messages is reserved based, at least in part, on the one or more requests.05-31-2012
20110185061System and method for Quarantining IP Service Devices - A system and method for quarantining IP service devices (ISDs). When an ISD is placed into a quarantined environment, any request from the ISD will be re-directed to a quarantine alert server in a quarantine sub-system. In response to the request, the quarantine alert server may provide the user with information about the quarantine and may redirect, or instruct the user to redirect, the request to a quarantine response server. The quarantine response server may provide additional information that is not in the quarantine video message as to how the user may end the quarantine.07-28-2011
20120137000CHANNEL MANAGER FOR ACCESSING ELEMENTS FOR A SECURE WEB PAGE THROUGH A NON-SECURE CHANNEL - Particular embodiments generally relate to allowing access of non-secure elements through a non-secure channel when a top-level page was accessed through a secure connection. In one embodiment, a webpage is accessed over a secure channel. The webpage includes secure and non-secure elements. When a non-secure element for the webpage is determined, a client may message with the server to open a non-secure channel for accessing the non-secure element. For example, the client may request port information in the request. The server then can respond with port information for a non-secure channel. The client then accesses data for the non-secure element through the non-secure channel using the port information.05-31-2012
20120173725DISTRIBUTED TOPOLOGY ENABLER FOR IDENTITY MANAGER - Provided are techniques for combining existing identity management information from multiple Identity Manager (IM) nodes. The combined information from the multiple IM nodes is presented. A provisioning request to change the identity management information is received. The provisioning request is decomposed to form multiple, separate sub-requests. One or more IM nodes are identified to process the sub-requests. The sub-requests are issued to the one or more IM nodes in parallel. A status of each of the sub-requests is received from each of the one or more IM nodes that is processing that sub-request. The received statuses are combined. The combined statuses are returned as a status of the provisioning request.07-05-2012
20120173727Internet Access Control Apparatus, Method and Gateway Thereof - The present invention relates to an Internet access control apparatus, including: an proxy module, which is configured to intercept and parse a request sent by a terminal to Internet; a policy management module, is configured to determine whether the user information contained in the request matches a control policy; wherein, the proxy module is further configured to determine whether to permit the terminal to access to the Internet according to a matching result. The present invention further provides an Internet access control method and gateway correspondingly. The present invention performs a policy control for the information which can distinguish users and is contained in the domain name parsing request and for the time period, which can conveniently and effectively control the terminal accessing to the Internet.07-05-2012
20120173726Apparatus and Method for Resource Contention - An apparatus and a method. The apparatus comprises a resource access module arranged to: receive a request one of a plurality of clients for access to a resource in which the clients each include an associated priority; establish a resource access point to provide access to the resource and to associate the client priority with the resource access point; establish a resource manager to manage access to the resource; and pass the priority associated with the resource access point to the manager; wherein in the event of contention for a resource by two or more clients, the resource manager is further arranged to resolve the contention, based on the passed priorities, to enable the resource access point having the highest associated priority to access the resource.07-05-2012
20120317285Limited-operation electronic mail accounts with set functions - In one aspect, a method related to a limited-operation electronic mail account. In addition to the foregoing, other method and system and program product aspects are described in the claims, drawings, and text forming a part of the present application.12-13-2012
20100299435COMMUNICATION DEVICE, CONTROL METHOD FOR COMMUNICATION DEVICE, AND STORAGE MEDIUM - [Object] To enable a device that is a target for denial of communication to be shared over a network.11-25-2010
20100049850 BROWSER-PLUGIN BASED METHOD FOR ADVANCED HTTPS DATA PROCESSING - The invention described here deals with implementing custom data processing of HTTPS based on a Browser-Plugin Method. Such custom data processing may include, but is not limited to, custom data compression, custom data encryption, data monitoring, data modification. There are two distinct methods to implement the Browser-Plugin Method for Advanced HTTPS Data Processing of the subject invention (BPAHDP). In both cases, BPAHDP provides the option of conducting custom data processing that co-exists with data compression, data encryption, or other types of data processing operations supported by the HTTP standard. Additionally, both BPAHDP methods ensure that the web-browser still implements and executes the underlying SSL/TLS channel setup and encryption operations. In both embodiments of BPAHDP, the most critical functionality is the ability to modify HTTP request/response headers and data sent over a TLS/SSL channel. In the regular HTTP case (HTTP over TCP) headers and data are sent as clear-text (i.e., as unencrypted data). Therefore, any HTTP proxy component can intercept and modify header/data as it chooses—allowing custom data processing operations (including a custom compression operation) to be implemented. For HTTPS traffic, the data leaving a web-browser is encrypted. Therefore, a proxy cannot modify encrypted data, hence the novelty of the BPAHDP methodology. Both methods require specific implementation methods that are described. In particular, both embodiments of BPAHDP require specific techniques to facilitate the use of Microsoft Internet Explorer as a BPAHDP enabled web-browser. Microsoft COM (Component Object Model) interfaces and IE's Pluggable Protocol capabilities are utilized to meet all requirements of both BPAHDP embodiments.02-25-2010
20120179819METHOD AND APPARATUS FOR PROVIDING MOBILE AND OTHER INTERMITTENT CONNECTIVITY IN A COMPUTING ENVIORNMENT - Method and device for managing resource consumption in a computer network providing communication between plural devices, in which resources are provided to the plural devices. The method includes enforcing at least one of globally, per-device, per-device group, per-user group, and per-user policy management for managing consumption of the resources by the devices, distributing a task of managing of the resource consumption between the devices, and proxying in at least one proxy server communications between peers and the devices even when a device becomes temporarily disconnected from the network environment.07-12-2012
20120179820Providing Virtual Desktops Using Resources Accessed on Public Computer Networks - A computer system supports hosting of virtual desktops using resources available in the cloud. Connections to various resources used by a desktop configuration are made dynamically using authentication information associated with the user assigned to the desktop configuration. In addition to using file storage, directory services and user management information on private resources on a private network, these resources may also be accessed through a public network.07-12-2012
20120179818System and Method for Controlled Access to Up-To-Date Contact Information - A method and system for controlling a recipient's access to a user's information. The method includes receiving a plurality of contact information, registration information and access information from the user. Only person's knowing the user's registration information can update the contact and access information of the user. The contact information entered by a user is about that user. The access information defines accessible sets of contact information to be made accessible to recipients. A telephone exchange is associated with each recipient; and a local server is associated with each telephone exchange. The accessible set of information is stored in the local server for access by the recipient. The system handles updates to information on the local servers when a user updates their contact information. The system can automatically place calls for a recipient to a user that has granted the recipient access to a number for communicating with the user.07-12-2012
20120179817TECHNIQUES FOR ADDRESSING GEOGRAPHICAL LOCATION ISSUES IN COMPUTING ENVIRONMENTS - A technique for addressing geographical location issues in a computing environment includes receiving, at a data processing system, location information indicating a permissible geographical location in which a virtual machine image for a consumer may be deployed. A request for an exception to deploy the virtual machine image outside of the permissible geographical location is issued, from the data processing system. An exception grant or an exception denial is received, at the data processing system, from the consumer in response to the request. The virtual machine image is deployed, using the data processing system, to one or more servers in the computing environment that are outside of the permissible geographical location in response to receipt of the exception grant. The virtual machine image is deployed, using the data processing system, to one or more servers in the computing environment that are within the permissible geographical location in response to receipt of the exception denial.07-12-2012
20120233326Efficient Message Distribution for Directed Acyclic Graphs - In one embodiment, a particular node in a primary DAG receives a distributed message from distributing nodes, and from this, deterministically selects a distributing node as a distributing parent in a secondary DAG from which distributed messages are to be received. The particular node may then inform the deterministically selected distributing parent that it is being used by the particular node as its distributing parent, and if the selected distributing parent is not the particular node's primary DAG parent, then the primary DAG parent is informed that it need not send distributed messages for the particular node. In another embodiment, a distributing node continues to repeat distributed messages in response to receiving notification that it is being used as a distributing parent, and if a primary DAG parent, prevents the repeating in response to receiving a notification from all of its child nodes that it need not send distributed messages.09-13-2012
20120233327SIP DEVICE-LEVEL CALL/SESSION/SERVICE MANAGEMENT - Systems, methods, and computer readable media for session initiation protocol (SIP) device-level call/session/service management are disclosed. According to one aspect, a system for SIP device-level management includes a SIP service node that makes available to a user the unique device identifier of a SIP device, where the SIP device is one of multiple devices that register using the same SIP identity, and that allows the user to use the unique device identifier to manage calls, sessions, or services on a SIP device-level basis, which may include performing screening, routing, or logging operations. In one embodiment, the SIP service node is configured to receive SIP device-level management rules for managing SIP calls, sessions, or services on a SIP device-level basis and to use the rules to manage calls, sessions, or services on a SIP device-level basis.09-13-2012
20120254430METHOD, APPARATUS AND COMPUTER PROGRAM - An approach is provided for enabling access to content in a network service. Location information is received, at a server, relating to a first remote apparatus and another remote apparatus. The received location information is utilized to determine that the first remote apparatus and the another remote apparatus are proximal to each other. Access rights are updated within a network service to enable the user of the another remote apparatus to access content associated with the user of the first remote apparatus.10-04-2012
20120254429Non-Intrusive Single Sign-On Mechanism in Cloud Services - A method and apparatus for Single Sign-on, wherein the user accesses a platform server and at least one service provider on the platform server. The method includes intercepting a request sent by the user via a client browser and extracting a domain name included in the request. If the domain name is an original domain name of the platform server, a global session ID is generated for uniquely identifying a session between the user and the platform server. A new domain name of the platform server associated with the global session ID is generated and the URL in the request is redirected to a new URL including the new domain name of the platform server. The request, including the new URL of the platform server, is forwarded to the platform server.10-04-2012
20120254428SERVER DEVICE AND SERVICE PROVISION METHOD - A server device is provided, which includes a reception unit receiving device identification information of a client device and user identification information of a user of the client device from the client device; a device determination unit determining whether or not it is possible to grant the user authorization to use a service on the basis of the device identification information; a user determination unit determining whether or not it is possible to grant the user the authorization to use on the basis of the user identification information; and a transmission unit transmitting information on the authorizable services of the services, for which it is determined that it is possible to grant the user the authorization to use on the basis of the device identification information and the user identification information, to the client device.10-04-2012
20120254427Method And Apparatus For Enhancing QoS During Home Network Remote Access - A manner of enhancing QoS when facilitating remote access to a home network. An HA in the home network is provided with QoS parameters, for example when registering with an SG (signaling gateway), which parameters include a bandwidth allocation for communications via a network. These parameters may be dictated, for example, but an OSS/BSS associated with the network. The HA then determines the bandwidth requirement for each application request it receives, and compares it with the bandwidth allocation of the QoS parameters. Execution of applications that do not exceed the bandwidth allocation is permitted, while execution of others are rejected, at least until agreement to proceed at a lower bandwidth is obtained or currently executing applications are re-prioritized. The bandwidth allocation may be adjusted while applications are executing so that available bandwidth may be used to determine how to respond to future application requests.10-04-2012
20120317288SYSTEM AND METHOD FOR PUBLISHING CONTENT ON THE INTERNET - A method and system enables sharing content between a plurality of users over a communications network. A link to content that has been shared by a user is selected, the link includes at least one access characteristic defining a set of users able to access the content. A request signal including the at least one access characteristic associated with the content and at least one user characteristic associated with a requesting user over the communications network is transmitted for receipt by an authorization processor. A level of access available is determined for the content by comparing the at least one access characteristic and the at least one user characteristic in the request signal with a source of content specific authentication information including data representing content-specific access levels. Access to the requested content is provided via an internet interface to an output device in accordance with the determined level of access.12-13-2012
20120317287SYSTEM AND METHOD FOR MANAGEMENT OF DEVICES ACCESSING A NETWORK INFRASTRUCTURE VIA UNMANAGED NETWORK ELEMENTS - A system and method for identifying devices whose access to a network infrastructure is unmanaged, and providing a capacity to a user to apply a management function to such connection. The unmanaged connections may be displayed or represented along with relevant information about the device and the connection, and a user may signal to apply a control function via such display.12-13-2012
20120185595Traffic Localization Mechanism For Distributed Hash Table Based Peer-To-Peer Networks - Provided is a method for localizing peer-to-peer traffic. The method includes receiving, by a first node, a request message from a second node of a peer-to-peer network. The method includes accessing a table based on the request message to determine if the second node is associated with a local network. The table stores a plurality of keys and node information indicating a relationship between the first node and the local network. The node information is stored in relation to each of the plurality of keys. The method includes transmitting a response message to the second node if the second node is associated with the local network.07-19-2012
20120185597MOBILE NETWORK TRAFFIC COORDINATION ACROSS MULTIPLE APPLICATIONS - Systems and methods for mobile network traffic coordination across multiple applications are disclosed. In one aspect, embodiments of the present disclosure include a distributed proxy and cache system, including, a local proxy on a mobile device for intercepting a data request made via a mobile device, and a proxy server coupled to the mobile device and a content server to which the data request is directed. One embodiment includes, delaying transfer of a first data transfer request initiated by a first application until another data transfer request initiated by a second application is detected on the mobile device and transferring, the first data transfer request of the first application and the other data transfer request of the second application a single transfer operation over the network.07-19-2012
20090327491SCHEDULING DATA DELIVERY TO MANAGE DEVICE RESOURCES - Managing power-consuming resources on a first computing device by time-based and condition-based scheduling of data delivery from a plurality of second computing devices. A scheduler executing on the first computing device has knowledge of recurrent schedules for activation by the second computing devices. The first computing device determines availability of the power-consuming resources and adjusts an activation time for the schedules to use the power-consuming resources when the resources are available. Managing the schedules associated with the second computing devices preserves battery life of the first computing device.12-31-2009
20120221724SMART LINK SYSTEM AND METHOD - A resource may be identified according to multiple Uniform Resource Locators (“URL”) according to systems and methods for encapsulating an alternative URL inside a primary “carrier” URL to form a compound URL or “smart link” and for processing smart links thereby formed. A preferred URL may be encapsulated into a smart link for use by client devices that support handling of the preferred URL, while other client devices may use a default or fallback URL that is also encapsulated into the smart link. The alternative URL is indicated by a pre-determined key included in the primary carrier URL.08-30-2012
20090019156System and Method of Providing Services via a Peer-To-Peer-Based Next Generation Network - A peer-to-peer network comprises a plurality of intelligent terminal nodes, each intelligent terminal node being operable to establish, maintain, and tear-down communication sessions with another intelligent terminal node, a plurality of network service nodes coupled to the plurality of intelligent terminal nodes, the plurality of network service nodes comprise at least one of the plurality of intelligent terminal nodes, at least one user P2P function module operable to store, locate and distribute service resource information related to user policies, and at least one network P2P function module operable to store, locate and distribute service resource information related to operator provider policies, and operable to exert stricter security control than the at least one user P2P function module.01-15-2009
20110125900REAL-TIME RUN-TIME SYSTEM AND FUNCTIONAL MODULE FOR SUCH A RUN-TIME SYSTEM - A real-time run-time system comprises a plurality of functional modules and an administration module. The plurality of functional modules is configured to log on to the administration module using an assigned module identification during a transitional state between initialization and pre-operation and to log off during a transitional state between pre-operation and initialization. At least one of the plurality of functional modules is configured to establish communication connections with further functional modules via the administration module during the transitional state between pre-operation and trial operation, to break down the communication connections during the transitional state between trial operation and pre-operation, to log on to the further functional modules during the transitional state between trial operation and real-time operation and to log off during the transitional state between real-time operation and trial operation.05-26-2011
20110125898Secured Remote Management of a Home Network - A home router and remote service provider configured to establish a network tunnel and utilize the network tunnel to remotely manage the home router are disclosed herein. The home router and remote service provider may also utilize the network tunnel to remotely manage at least one other device that is locally connected or coupled to the home router.05-26-2011
20100312890DYNAMIC DNS SYSTEM FOR PRIVATE NETWORKS - A DNS component functions privately in relation to a group of client devices, each associated with a unique URL maintained with the DNS component that privately identifies the devices within the group. The URL identifies a hierarchy of private domains enforced within the group which, at least implicitly, represents private relationships therein between the devices. Network rules are applied over the group based on the private relationships or the private domains. The devices are securely authenticated within the group. A content sharing service component allows devices within the group to access information content associated with other group devices based, at least partially, on the devices' URLs. A private IP based internet allows group devices secure access to the group from external networks and free access to other devices within the group.12-09-2010
20130173795DNS Package in a Partitioned Network - A Domain Name System (“DNS”) package and a method for providing domain name resolution services in a partitioned network are disclosed. The system may include one or more built-in root name servers; one or more built-in top level domain (“TLD”) name servers; and a recursive name server. The recursive name server may be configured to query the one or more built-in root name servers during domain name resolution. Moreover, the one or more built-in root name servers may be configured to provide a network address corresponding to one of the built-in TLD name servers in response to a domain name resolution query sent by the recursive name server.07-04-2013
20130173797CLOUD BASED CUSTOMER PREMISES EQUIPMENT - Network (cloud) based customer premises equipment may receive, over a broadband access circuit, layer 2 traffic from an access device at a customer premises; provide dynamic host configuration protocol (DHCP) services for computing devices at the customer premises, the DHCP services providing Internet Protocol (IP) addresses to the computing devices at the customer premises; and provide network address translation (NAT) services for the computing devices at the customer premises.07-04-2013
20080301296System and method for creating, tracking and analyzing tasks - A system and method for creating, negotiating, tracking, and analyzing tasks, wherein the present invention provides for automated negotiation of tasks between task assignor and task assignee, and wherein the present invention provides for automated tracking and trending of task completion, performing statistical analysis of the task status and task completion, tracking and trending of tasks assigned to an individuals or group of individuals, sets of individuals belonging to a department or organization, tracking and trending groups of tasks making up a project, and tracking and trending of tasks across an entire organization.12-04-2008
20110004685METHOD FOR OPERATING A FIELD DEVICE - Method for operating a field device of process automation technology, wherein the field device is connected for communication with at least one servicing tool. In the case of a request by a servicing tool for access to the field device, the access allowed by the field device depends on the particular servicing tool which places the access request, and on the operating state, in which the field device is located.01-06-2011
20110131326Arrangements and Methods for Access to Stored Data - An access server generates a handshake with storage servers resulting in more rapid access to the stored data, for example, video data, by a user. The handshake also results in load balancing effects.06-02-2011
20110131325System and process for limiting distribution of information on a communication network based on geographic location - A communications system includes a plurality of recipient processors located at geographically remote locations with respect to each other and connected for communication with an information provider processor, over the communications network. The provider and recipient processors may comprise respective computers coupled for communication on the Internet or WWW. The provider processor is capable of providing information from any suitable source, by communicating such information over a communication network. However, access to the information by the recipient processors is controlled, based geographic location or region of the recipient processors and time information and, for some systems, a set of rules relating to a further condition.06-02-2011
20110131324MANAGING NETWORK SECURITY - Technology for network security is disclosed. In one embodiment, a method of managing network security includes receiving sampled packets. The sampled packets represent packets being sampled from network packet traffic in at least one location in a network. The sampled packets are converted into an appropriate format for analysis to form converted packets. Moreover, the converted packets are sent to a first group including at least one security device for analysis. If an event message is generated by the at least one security device as a result of analysis of the converted packets, the event message is received from the at least one security device. Network security is evaluated based on the event message and security policies and is adjusted based on that evaluation. The method may be implemented with a network manager.06-02-2011
20120265879MANAGING SERVICABILITY OF CLOUD COMPUTING RESOURCES - The management of serviceability in a cloud of computing resources. The computing resources available in the cloud are represented for access control purposes as a hierarchy of nodes. Upon receiving a request to perform an action on a computing resource, the associated hierarchical node that controls the action with respect to the requestor is identified. Then, the associated access privilege of that hierarchical node is identified. In some embodiments, if it is determined that the requestor has rights to perform the action on the computing resource, the action is facilitated.10-18-2012
20120265880PROVIDING CLIENT ACCESS TO DEVICES OVER A NETWORK - A centralized service identifies a pool of devices that can be accessed by clients over a network. Devices can include a local or network-accessible device, and a configurable file that represents a portion of a device (e.g., a SCSI storage device). In some cases, the devices (or the file representing a portion of the device) can be identified by an assigned logical unit number. The centralized service assigns one or more devices to a target, and associates client information with the target. The centralized service also can also assign the target a logical unit number, and assign the target to a protocol-independent portal, which further operates through protocol-dependent miniports. In one embodiment, a client accesses a network device by accessing the appropriate port through an appropriate miniport protocol (e.g., Ethernet, fiber channel, etc.), and by submitting appropriate target authorization.10-18-2012
20110040875System And Method For Inter-domain Information Transfer - System and method is disclosed for inter-domain information transfer. The method discloses defining a sharing profile, including a set of rules for whether and how to share information between a set of independent domains; exchanging information with a first domain in the set, thereby generating a first domain data set; and sharing information from the first domain data set with a second domain in the set which is independent from the first domain, according to the rules in the sharing profile. The system discloses a browser plug-in for generating a sharing profile, including rules for whether and how to share information between a set of independent domains; and a domain browser for sharing domain data set information between domains in the set according to the rules in the sharing profile.02-17-2011
20120324107SHARED ACCESS TO A LOCAL DEVICE - A method for providing a local device service over a network, where the local device service is not configured for network access. The method includes determining whether the local device is busy, and if the local device is not busy, broadcasting over the network an available first service provided by the local device. Then, if the local device is not busy and is selected by a computer, providing by the connecting station, the computer access to the local device.12-20-2012
20110060832Fast Determination of Compatibility of Virtual Machines and Hosts - A method of determining compatibility of a virtual machine or virtual machine disk file with a host, including a storage host, is disclosed. A lookup matrix is created to provide a fast compatibility lookup for a group of computing objects and a group of hosts. To create the lookup matrix, computing object properties are retrieved from each of the plurality of computing objects. The computing object properties include resource requirements of each of the plurality of computing objects. Further, host properties are retrieved from each of the plurality of hosts. The method further includes creating a plurality of host logical groups of a subset of the plurality of hosts having substantially same host properties and creating a plurality of computing object logical groups of a subject of the plurality of computing objects having substantially same computing object properties. The lookup matrix provides answers whether each member of a selected computing object logical group can be transferred to each member of a selected host logical group.03-10-2011
20110238835RELAY SERVER AND RELAY COMMUNICATION SYSTEM ARRANGED TO SHARE RESOURCES BETWEEN NETWORKS - A relay server which is connected to a LAN and which can communicate with a relay server in a different LAN, includes: an account information registering unit that stores information on client terminals connected to the LAN; a relay group information registering unit that stores relay group information; a shared resource information registering unit that stores shared resource information; a check unit that checks whether the client terminals stored in the account information registering unit can be accessed; a relay group information notifying unit that updates the relay group information and transmits a change notification of the relay group information to the relevant relay server; and a shared resource information notifying unit that updates the relevant shared resource information and transmits a change notification of the shared resource information to the relevant client terminal which is stored in the account information registering unit.09-29-2011
20110238834METHOD OF RELOCATING ACCESS SERVICE NETWORK FUNCTIONAL ENTITIES DURING MOBILITY EVENTS IN WIMAX NETWORKS - The present invention provides a method of relocating functional entities in access service networks during mobility events. One embodiment of the method includes providing context information representative of two or more functional entities from a source access service network (ASN) to a target ASN. Another embodiment of the method includes receiving context information representative of two or more functional entities at a target ASN from a source ASN. The context information for the functional entities is associated with an access terminal and is provided in response to the source ASN receiving a relocation notification from the target ASN as a result of a handoff request or a location update message.09-29-2011
20110238833Method And Apparatus For Home Network Access - A manner of extending a home network to a mobile device. An FA (foreign agent) in the mobile device registers with an HA (home agent) in the home network, preferable exchanging static UIDs (unique identifiers) and certificates. The HA creates an address for the FA and maintains a registration table listing all registered FAs. The FA registration is in most cases performed while the FA is operating non-remotely and directly connected to a component of the home network. The HA registers with an SG (signaling gateway) in a secure manner and awaits a request for access to the home network. After registration with the SG, the HA initiates a heartbeat message that is acknowledged by the SG. When an FA access request is received from the SG, the HA determines whether the FA is registered with the HA and any applicable access limitations prior to granting or rejecting access.09-29-2011
20110238832RESTRICTING COMMUNICATION OF SELECTED PROCESSES TO A SET OF SPECIFIC NETWORK ADDRESSES - Selected processes are associated with sets of specific network addresses, and the associations are stored. When a selected process creates a child process, an association between the child process and the set of network addresses with which the parent process is associated is stored. When a selected process is deleted, the association between the selected process and its set of network addresses is deleted. Each selected process is restricted to network address-based communication via its associated set of network addresses. Certain communication protocol subroutines associated with network address-based communication are intercepted by an interception module. The interception module detects attempts by selected processes to communicate via network addresses. If a selected process attempts to communicate via an unassociated network addresses, the attempted communication is prohibited.09-29-2011
20120089733Managing Access to an Application - Disclosed are new approaches for building an application for a specific platform. Source code files may be compiled to an intermediate module and transmitted to a build server along with metadata describing a target operating environment. The build server selects an application template including an application shell suitable for the target operating environment. The application shell may be bound to the intermediate module by modifying the application shell to verify a signature of the intermediate module prior to executing it. The application shell may include a binary executable for executing the intermediate module in the target environment. Also disclosed is an approach for providing access to an application on a subscription or trial basis.04-12-2012
20120089732METHOD AND SYSTEM FOR ESTABLISHING A NEW ACCOUNT FOR A USER WITH AN ONLINE SERVICE - A user is provided a temporary account and, in the event they choose to finalize joining a service, the user is permitted to save settings from their temporary account. For example, in some embodiments, the user is permitted to perform various functions, such as, browsing the service, navigating external links, and viewing various pages of other users and groups. This information and links may be transitioned over if the user wishes to establish a permanent account.04-12-2012
20120331142Private virtual local area network isolation - In one embodiment, a method includes obtaining addresses of end hosts at a switch, the switch configured with a primary virtual local area network and a secondary virtual local area network, creating a private virtual local area network access list comprising the addresses of end hosts permitted to communicate on the secondary virtual local area network, and applying the private virtual local area network access list to interfaces connected to the end hosts permitted to communicate on the secondary virtual local area network. An apparatus is also disclosed.12-27-2012
20120096162METHODS AND APPARATUSES FOR INITIATING PROVISIONING OF SUBSCRIBER DATA IN A HSS OF AN IP MULTIMEDIA SUBSYSTEM NETWORK - A method of initiating the provisioning of subscriber data in at least a Home Subscriber Server of an IP Multimedia Subsystem network. The method comprises receiving an authentication request or Session Initiation Protocol message in respect of a given subscriber who is making use of a user terminal to access the IP Multimedia Subsystem network. If it is determined that subscriber data is not currently provisioned for the subscriber in a Home Subscriber Server function or receiving such a determination, the following steps are performed: 1) causing a first notification to be sent to the user terminal indicating that the registration attempt is rejected, and 2) sending a second notification to a subscriber provisioning system informing the provisioning system of the registration attempt.04-19-2012
20120096161REPLENISHING A USER ACCOUNT WITH MORE ACCESS RESOURCES NEEDED FOR ACCESSING NETWORK SERVICES - A network access server (NAS) determines the status of availability (e.g., how much more quota is unused) of an access resource, and sends a notification embedded in a point-to-point protocol (PPP) packet. The format of the packet is chosen such that definition/use of higher layers (e.g., HTTP) is not required to communicate the status to a client system. As a result, the user may be notified even if software such as web browser is not being executed on the client system.04-19-2012
20120096160Method and System for Directing User Between Captive and Open Domains - A method for limiting user access to a captive domain or an open domain. The captive domain may include electronically accessible content that is selected/controlled by a service provider and the open domain may include electronically accessible content that is not completely selected/controlled by the service provider. The method may include configuring a modem or other user device in such a manner as to limit use access to the desired domain.04-19-2012
20120096159SYSTEMS AND METHODS FOR PROVIDING CONTENT AND SERVICES ON A NETWORK SYSTEM - Systems and methods for managing and providing content and services on a network system. Aspects of the invention include location-based determination of network content and services that may be provided to client computers. Other aspects of the invention include authorization and authentication components that determine access rights of client computers. Additional aspects include systems and methods for redirecting client computers to different network content. The disclosed systems and methods may be used in numerous network system applications.04-19-2012
20120096157METHOD AND APPARATUS FOR MANAGING AND PROCESSING INFORMATION AN OBJECT FOR MULTI-RESOURCE-STREAMING - The present invention provides method and apparatus for preparing and processing information on a stored content source. The present method includes: creating a plurality of first structure elements allocating mutually different identifiers to a primary component pertaining to a content source, and incorporating protocol information and access location information on the primary component into each of the plurality of first structure elements; and creating second structure elements as many as number of the plurality of first structure elements, and incorporating into each of the second structure elements protocol information and access location information on a resource that can be played along with the primary component wherein the second structure elements are respectively associated with the mutually different identifiers.04-19-2012
20110320601DOMAIN-LESS SERVICE SELECTION - A method and apparatus for providing domainless service selection (DLSS) are described. According to one embodiment of the invention, there is a service selection network element used to provide access of computing devices to a set of one or more services provided by a set of one or more providers. In addition, a web portal allows subscribers to log in and/or select/switch between the services and providers. Responsive to such action by a given subscriber, the web portal causes a record of that subscriber to be altered to reflect the action and causes the service selection network element to attempt to connect the subscriber accordingly. According to certain embodiments of the invention, subscribers' domainless user identifiers are merged by the service selection network element with domain names (stored in a database) of services/providers to form network addresses (e.g., Internet addresses).12-29-2011
20110320599MANAGEMENT SYSTEM AND COMPUTER SYSTEM MANAGEMENT METHOD - A management apparatus for managing a computer system stores configuration information of multiple management-target apparatuses based on multiple first information received from multiple management-target apparatuses. The management apparatus, based on the configuration information and multiple additional component application condition information, determines whether or not to use multiple additional component information to acquire multiple second information from the multiple management-target apparatuses. The management apparatus, in a case where a determination to carry out acquisition is made, uses the multiple additional component information to receive the multiple second information from the multiple management-target apparatuses, and based on the multiple second information, either creates or updates the management information of the multiple management-target apparatuses.12-29-2011
20110320598System and Method for Offering Virtual Private Clouds within a Public Cloud Environment - Systems, methods and computer readable media for providing virtual private clouds within a public cloud are described. Examples include a method wherein a service provider deploys a primary instance of a cloud-in-a-box (CIAB) to his cloud computing system to create a public cloud. A CIAB includes adapters configured to manage virtual infrastructure of the cloud, and end-user portal and an administrative portal. A nested instance of CIAB may be deployed to one of the virtual machines, with one of the adapters of the nested instance of CIAB being connected to the end-user portal of the primary instance. An administrator of the nested instance may create his own library of virtual machine images and offer the library to the end-users of the nested CAIB instance.12-29-2011
20110320597SYSTEMS AND METHODS FOR TERMINATING COMMUNICATION REQUESTS IN AN INTERNET PROTOCOL ENVIRONMENT - A IP telephony service allows customers to form user groups. Each user group can include multiple members, each of whom have their own telephony device. A group identifier is assigned to each user group. When an incoming communication directed to the user group identifier is received by the service, the service obtains handling instructions for the user group that specify how the incoming communication is to be terminated to the members of the user group. The service then terminates the incoming communication to one or more members of the user group based on those handling instructions.12-29-2011
20120290724SYSTEM AND METHOD FOR NETWORK REDIRECTION - One embodiment of the present disclosure provides a system for identifying and directing requests for network services. During operation, the system receives at a network controller a Domain Name System (DNS) query from a client device. The system can determine if the DNS query includes a pre-defined DNS string. Further, if the DNS query includes the pre-defined DNS string, the system identifies a local portal associated with the pre-defined DNS string. Moreover, the system can direct the client device to the local portal.11-15-2012
20120136998METHODS AND SYSTEMS FOR ACCESSING LICENSABLE ITEMS IN A GEOGRAPHIC AREA - Methods and apparatus for accessing licensable items unique to a geographic area via a wireless device are provided. The method and apparatus may include obtaining access to licensable items available in a first location of the wireless device. The methods and apparatus may further include downloading a licensable item. The licensable item is associated with a license providing the wireless device with a right to distribute the licensable item. The methods and apparatus may also include leaving a virtual copy of the licensable item in a second location of the wireless device different from the first location using the right to distribute.05-31-2012
20100198968INCLUSION/EXCLUSION MESSAGING SCHEME FOR INDICATING WHETHER A NETWORK ENTITY PERFORMS ACCESS CONTROL - An access point sends an indication or message to a network entity to indicate whether the network entity is to perform access control for an access terminal. In some implementations the indication/message may comprise an explicit indication of whether or not that network entity is to perform the access control. In some implementations, the inclusion of information (e.g., a CSG identifier) in the message or the exclusion of information from the message indicates whether the network entity is to perform the access control.08-05-2010
20100191853Methods And Systems For Managing Network Access - Methods, systems and computer readable mediums storing computer executable programs for managing access to a network at a network access management module are disclosed. A first network request is received from a client at a network access management module. A first determination is made regarding whether the first network request is associated with a restricted network action at the network access management module. A second network request is received from the client at the network access management module. The second network request is intercepted at the network access management module based on the first determination. A network access restriction notification is transmitted from the network access management module to the client based on the first determination.07-29-2010
20100180031DISTRIBUTED TRANSACTION SYSTEM - A system for interfacing predetermined services to a user at a fixed location includes a processing platform running an operating system. Also included are a plurality of physical system resource interfaces for interfacing with available physical system resources. The physical system resources allow a user to gain access to the predetermined desired services. The system further includes a data store for storing configuration information for enabling the operating system to interface with the available physical system resources through the physical system resource interface associated therewith. A communication resource for interfacing with the operating system allows communication of the operating system with a central office for downloading configuration information to selectively enable ones of the available physical system resources to interface with the operating system through associated ones of the physical system resource interfaces in accordance with the configuration information and the predetermined service selected by a user. A plurality of configurations are stored in the data store, and each is associated with a predetermined service and one or more of the available physical system resources. Each physical system resource interface is uniquely associated with a defined one of the physical system resources.07-15-2010
20100169485Directory viewports - The illustrative embodiments provide for filtering LDAP requests and server responses. A viewport server is configured with filtering rules for responses from a directory server where the responses are generated to fulfill requests from a client application. The filtering rules determine which data is to be forwarded to the client application. One or more responses are intercepted from the directory server to the client application. The one or more intercepted responses are filtered according to the filtering rules to produce a set of filtered responses. The set of filtered responses are then sent to the client application.07-01-2010
20130013780CONTENT RECEIVING DEVICE AND METHOD - A content receiving client device has a metadata obtaining unit, a message generating unit, and a message sending unit. The metadata obtaining unit obtains metadata including information used to generate an invite message for prompting establishment of a session for receiving content from a content distribution server. The message generating unit generates, based on the metadata, the invite message. The invite message includes a destination address field storing location information specifying a location of the content. The invite message further includes a body field storing information used to establish the session. The message sending unit sends the invite message to a session control server that controls the session.01-10-2013
20130013779EFFICIENT SERVICE DISCOVERY FOR PEER-TO-PEER NETWORKING DEVICES - Techniques for discovering and/or advertising services are described herein. A first bitmask is received from a remote device over a wireless network, the first bitmask having one or more bits that have a predetermined logical value. Each bit represents a particular service provided by the remote device. A logical operation is performed between the first bitmask and a second bitmask locally generated within a local device, where the second bitmask represents a service being searched by the local device. It is determined whether the remote device is potentially capable of providing the service being searched by the local device based on a result of the logical operation.01-10-2013
20130013778ONLINE WAITING ROOM SYSTEM, METHOD & COMPUTER PROGRAM PRODUCT - An exemplary embodiment of the present invention sets forth a system, method and computer program product which may include providing an online waiting room and gatekeeper for controlling access to users in a plurality of tiered classification standby lines, seeking access to an online event.01-10-2013
20120151059RELAY COMMUNICATION SYSTEM AND ACCESS MANAGEMENT APPARATUS - A first relay server transmits, to an access management apparatus that manages an access right to a second relay server, an access request with respect to the second relay server. The access management apparatus confirms that the access right to the second relay server is set in the first relay server, and then requests the second relay server to permit an access by the first relay server. In a case where the second relay server permits the access from the first relay server, the access management apparatus notifies the first relay server of such access permission. Based on the notice from the access management apparatus, the first relay server establishes a routing session with the second relay server. By using the routing session, the first relay server starts the communication with a general server that serves as a maintenance target.06-14-2012
20130019013Dynamic Provisioning of Service RequestsAANM Rice; Joseph AllenAACI Ballston LakeAAST NYAACO USAAGP Rice; Joseph Allen Ballston Lake NY USAANM Castagna; Brandon MatthewAACI Mount HollyAAST NCAACO USAAGP Castagna; Brandon Matthew Mount Holly NC US - An enhanced service DNS server may receive service requests and interface with an integrated metadata repository/policy definition server to determine service policies associated with the service request. The service policies may aid the enhanced service DNS server in determining if a requestor associated with the service is authorized to receive the service and if the service requestor is authorized to receive the service, the service policies may detail how the enhanced service DNS server may route the service request to the appropriate service provider over the network. This scheme may help to automate the process of implementing changes to services provided over a network.01-17-2013
20130019012IMS Guest Registration for Non-IMS UsersAANM Henrikson; Eric HaroldAACI RedmondAAST WAAACO USAAGP Henrikson; Eric Harold Redmond WA USAANM Varney; DouglasAACI NapervilleAAST ILAACO USAAGP Varney; Douglas Naperville IL US - Methods, systems, and apparatuses for IMS guest registration for non-IMS users are provided. The method may be performed by receiving a registration request from a non-IMS user for access to an IMS network, the registration request indicating a domain name of a non-IMS system; determining whether the domain name indicated by the registration request matches a wildcard identifier, wherein the wildcard identifier may be indicative of a non-IMS system authorized to access the IMS network; and initiating a guest registration process if the domain name matches the wildcard identifier. The non-IMS user is authenticated in the IMS network via a non-IMS authentication entity.01-17-2013
20130019014SYSTEM AND METHOD FOR SUPPORTING VIRTUAL MACHINE MIGRATION IN A MIDDLEWARE MACHINE ENVIRONMENT - A system and method can support virtual machine migration in a middleware machine environment. The middleware machine environment can comprise one or more network switch instances with one or more external ports, each of which is adapted to receive data packets from an external network. Furthermore, the middleware machine environment can comprise a plurality of virtual interfaces on one or more host servers. Each said host server is associated with one or more virtual machines that can process the one or more data packets. A virtual machine on a first host server is allowed to migrate from the first host server to a second host server and operates to receive one or more packets via a virtual interface on the second host server and process the one or more data packets.01-17-2013
20110161494FEATURE DELIVERY PACKETS FOR PEER-TO-PEER BASED FEATURE NETWORK - A device communicates with feature peers, associated with a network, to obtain information associated with the feature peers, and receives a customer packet. The device also determines, based on the feature peer information, which of the feature peers support a feature associated with the customer packet, and selects, from the determined feature peers, a set of feature peers for the customer packet to traverse. The device further associates, with the customer packet, an additional packet used for delivering the feature associated with the customer packet, and forwards the customer packet and the additional packet to one of the feature peers in the selected set of feature peers.06-30-2011
20130024571DEVICE CONTROL METHOD, NETWORK DEVICE, AND NETWORK SYSTEM - The present invention discloses a device control method, a network device, and a network system. The method includes: receiving an exclusive control request from a first control device and entering an exclusive mode; receiving a first access request; within valid time of the exclusive mode, judging whether the first access request is an access request sent by the first control device; if yes, executing the first access request; and otherwise determining, according to an exclusive condition, whether to execute the first access request, or directly rejecting or discarding the first access request. With the present invention, interference with a major operation on a controlled device may be avoided when multiple control devices access the controlled device simultaneously.01-24-2013
20130024569INFORMATION PROCESSING APPARATUS AND INFORMATION PROCESSING METHOD - An information processing apparatus and method capable of suitably controlling access by a client apparatus are provided. The information processing apparatus comprises: a receiving unit configured to receive an access request, which is a request by the client apparatus to access content, from the client apparatus together with an area identifier for the client apparatus; a decision unit configured to specify location of the client apparatus based upon the access request and to decide in accordance with the specified location whether the client apparatus is allowed to access the content; and a determination unit configured to specify the area corresponding to the client apparatus, based upon the area identifier, and to determine an access destination to which the client apparatus accesses based upon the access request in accordance with the specified area.01-24-2013
20130024570INFORMATION PROCESSING APPARATUS, INFORMATION PROCESSING METHOD AND STORAGE MEDIUM STORING PROGRAM - An information processing apparatus accesses to each of a plurality of access destinations via communications between the information processing apparatus and the server. And the apparatus decides a time-out time corresponding to each of the plurality of access destinations based on a communication count, with the server, for access to each of the plurality of access destinations. When accessing to an access destination of the plurality of access destinations via the communication with the server, the apparatus controls the communication to reach a time-out according to the time-out time which is decided and corresponds to the access destination.01-24-2013
20130173800TRANSMISSION MANAGEMENT APPARATUS, TRANSMISSION SYSTEM, AND COMPUTER-READABLE RECORDING MEDIUM - An apparatus includes a storage unit configured to store therein, in association with one another, group identification information for identifying groups to which transmission terminals each belong, transmission terminal identification information for identifying the terminals belonging to the respective groups, and display information to be displayed on the transmission terminals belonging to the groups. The apparatus also includes an acquiring unit configured to acquire the group identification information of a certain group and a change instruction for the display information; a changing unit configured to change the display information associated with the group identification information in the storage unit based on the change instruction; and a transmitting unit configured to transmit the display information associated with the certain group in the storage unit and changed to the terminal identified by the transmission terminal identification information associated with the group identification information of the certain group in the storage unit.07-04-2013
20080222289Resource Allocation - In order to satisfy requests for a connection path having a specified capacity between two specified terminations (09-11-2008
20130179572COMMUNICATION APPARATUS AND METHOD - Provided is a method of communicating, by a first terminal, with a second terminal connected thereto over a predetermined network. The method includes: executing a first web page provided by a web server to broadcast access information of the first terminal; and forming a communication channel with the second terminal, which has received the access information of the first terminal, wherein the second terminal receives the access information of the first terminal by executing a second web page provided by the web server.07-11-2013
20130179571COMMUNICATIONS APPARATUS AND METHOD - The present invention provides a novel communications apparatus that includes a plurality of wired LAN functions and wireless LAN functions and facilitates determining which network interface is to be enabled more flexibly. The communications apparatus of this invention switches a plurality of wired LAN functions and wireless LAN functions and includes a network interface control unit that enables and disables wired LAN and wireless LAN, a wired LAN communication availability status acquisition unit that detects that there is a change in the status of communication availability of wired LAN and acquires the status of communication availability of wired LAN, and a network interface determining unit that enables only one network interface from communication availability status of wired LAN acquired by the wired LAN communication availability status acquisition unit and a plurality of operating states of the apparatus.07-11-2013
20130179570DEVICE ABSTRACTION PROXY - Described are systems and methods for implementing and operating a Device Abstraction Proxy (DAP). In one embodiment, the DAP includes a communications interface to connect the DAP to one or more access aggregation devices, each having a plurality of physical ports to provide Digital Subscriber Line (DSL) communication services to a plurality of remote DSL terminals via the plurality of physical ports. The DAP may further include a memory and processor to execute a virtual access aggregation device, in which a subset of the plurality of physical ports arc allocated and linked to corresponding logical ports. The DAP may further include a global rule-set module to define operational constraints for the DSL communication services, and a management interface to allow at least one broadband access management system to manage the subset of physical ports allocated to the virtual access aggregation device subject to the operational constraints.07-11-2013
20130179573Identity provider instance discovery - A method of discovering an identity provider instance according to this disclosure begins upon receipt from a service provider (or from a discovery service to which the service provider redirects the user) of a request for an IdP instance. Preferably, the request for an IdP instance is received as a Web services request following receipt at the service provider of an end user client request to access an application. In response to receiving the request, an IdP instance is selected, preferably using one or more criteria, such as user proximity, instance load, instance availability, the existence of a prior IdP binding, or the like. Following the selection, a response to the request is generated and returned to the requesting service provider. Preferably, the response is a redirect to the selected IdP instance.07-11-2013
20130173801SYSTEMS AND METHODS FOR MANAGING PREFERRED CLIENT CONNECTIVITY TO SERVERS VIA MULTI-CORE SYSTEM - The present application is directed towards systems and methods for providing a cookie by an intermediary device comprising a plurality of packet processing engines executing on a corresponding plurality of cores, the cookie identifying a session of a user that was redirected responsive to a service exceeding a response time limit. The cookie may be generated with identifiers based off a name of a virtual server managing a service of a server, and a name of a policy associated with the virtual server. Each packet processing engine of the plurality of packet processing engines may interpret cookies generated by other packet processing engines due to the name of the virtual server and name of the policy, and may provide preferred client connectivity based on cookies included in requests for access to a service.07-04-2013
20130173796SYSTEMS AND METHODS FOR MANAGING A MEDIA CONTENT QUEUE - Systems and methods for managing media content in accordance with various embodiments of the present invention are provided. A future time is identified during which a mobile device access to a network will be limited. Media content is automatically selected for transmission to the mobile device based on an environment of the mobile device at the future time. The selected content is transmitted to the mobile device for storage in a memory of the mobile device. In some embodiments, media content may be automatically selected from a media content queue for transmission to the mobile device. The selected content may be transmitted without receiving a request from the mobile device.07-04-2013
20130173794SYSTEMS AND METHODS FOR CONNECTING AN AUDIO CONTROLLER TO A HIDDEN AUDIO NETWORK - An example multimedia playback device is connected to a network that is configured to not provide an indicator of existence absent a command from the multimedia playback device. The example playback device is to initiate a connection phase for a device to connect to the hidden network based on a user action at the playback device. The example playback device is to reveal a network access point in a connection phase and authenticate the wireless device with the audio network for limited connectivity to the network during the connection phase. The example playback device is to disconnect the wireless device from the audio network and accept a connection of the wireless device to the audio network in an operational phase, the connection enabled using information provided to the wireless device during the connection phase and without the limited connectivity provided in the connection phase.07-04-2013
20080215731ATTRIBUTE GROUPING FOR ONLINE COURSE - In an online computing system for providing a user with access to educational content in an online educational system, wherein the educational content includes access information. The method comprising organizing a hierarchy of user groups and domains, associating the user with a group or domain, receiving a request from a user to access educational content in the online educational system, retrieving information relating to the user's group or domain associations, retrieving the access information of the educational content that the user has requested to access, comparing the access information with the information relating to the user's group or domain associations, and determining whether the user has been authorized to access the requested educational content.09-04-2008
20130173799ENRICHMENT, MANAGEMENT OF MULTIMEDIA CONTENT AND SETTING UP OF A COMMUNICATION ACCORDING TO ENRICHED MULTIMEDIA CONTENT - An enrichment of multimedia content, management of multimedia content and setting up of a communication according to enriched multimedia content. A multimedia content enrichment method comprising an association of at least one identifier of a first user with multimedia content during management of said content by a communication terminal of said first user, said association allowing a second user having access to said multimedia content to request setting up of a communication between a communication terminal of said second user and a communication terminal of said first user by using one of said at least one identifier(s) of said first user.07-04-2013
20130173798Computer Implemented Methods And Apparatus For Providing Access To An Online Social Network - Disclosed are systems, apparatus, methods, and computer-readable storage media for providing alerts in an online social network. In some implementations, the online social network is specific to an organization having one or more internal users and one or more external users. An indication of an action associated with providing data to the online social network is received from a computing device. A group associated with the indication of the action is identified. It is determined that the identified group includes the one or more external users. Responsive to determining that the identified group includes the one or more external users, an instruction to display an alert notification is provided at the computing device.07-04-2013
20130091280Social Device Resource Management - A method and apparatus for allocating resources in a social network. In one embodiment, access to resources of a social network and participant social devices is managed through general or member class-specific access rights. Such access rights may also be established for authorized guests or non-members of the social network. In further embodiments, social resources may be offered and (re)allocated in a dynamic manner through real time usage and availability analysis.04-11-2013
20130091281POLICY CONTROL METHOD AND SYSTEM, AND RELEVANT APPARATUS - The present invention discloses a policy control method and system, and a relevant apparatus. The method includes: receiving, by a policy decision apparatus, a control policy request sent by a gateway device, where the control policy request carries a subscriber identifier; sending, by the policy decision apparatus, a session request message carrying the subscriber identifier to a charging system; receiving, by the policy decision apparatus, a response message; receiving, by the policy decision apparatus, a notification message sent through an established session by the charging system, and generating a service data flow control policy according to information of an occurred charging relevant event; and sending, by the policy decision apparatus, the control policy to the gateway device. The method may implement, based on charging relevant information of a subscriber, policy control of a data flow, flexibility is desirable, and service experience of the subscriber is good.04-11-2013
20130091279Architecture for Virtualized Home IP Service Delivery - A method implemented by a network element of an Internet service provider to provide network access through a visited network associated with a visited network owner to a device of a visiting user connecting to the visited networker. The visited network owner is a customer of the Internet service provider. The network element configures the visited network to provide access to resources of a remote home network to the device of the visiting user. The remote home network is in communication with the visited network over a wide area network. Connecting to a virtual gateway controller of the remote home network to obtain configuration information to establish a connection between the device and the remote home network. Establishing a connection between the device of the visiting user and a second access point. Providing access to the resource of the remote home network through the second access point.04-11-2013
20130097315IP-BASED MOBILE DEVICE AUTHENTICATION FOR CONTENT DELIVERY - A device may receive a first request to determine a public-facing Internet Protocol (IP) address of a mobile device. The device may transmit, in response to the first request, and to the mobile device, the public-facing IP address. The device may receive a second request, from the mobile device, to authenticate the mobile device to receive downloadable content, the second request including the public-facing IP address of the mobile device. The device may receive a third request, from the mobile device, for a license to receive a particular content item and determine whether the public-facing IP address, corresponding to the mobile device, is valid for the particular content item. The device may transmit the license to the mobile device when the public-facing IP address is determined to be valid for the particular content item, where the license includes decryption keys for the particular content item.04-18-2013
20130097316Associating Services to Perimeters - In some implementations, a method includes receiving, from a user of a first device, a request to enable access, through a second device, to a server resource account of an enterprise. The first device includes a first enterprise perimeter including an internal resource and a first enterprise identifier and configured to prevent external resources from accessing the internal resource. A request is wirelessly transmit, to the second device, to the second device for a second enterprise identifier assigned to a second enterprise perimeter included in the second device. Whether to grant access to the internal resource is determined based on a first enterprise identifier assigned to the first device and a second enterprise identifier assigned to the second device.04-18-2013
20130097317METHOD AND APPARATUS FOR REMOTE TRUST MANAGEMENT FOR MACHINE TO MACHINE COMMUNICATIONS IN A NETWORK - A method, non-transitory computer readable medium and apparatus for providing remote trust management for machine to machine communications in a network are disclosed. For example, the method receives a request from a sensor to join a wireless network, determines a trust score of the sensor by a server at the network, and allows the sensor to join the wireless network if the trust score is greater than a predetermined threshold.04-18-2013
20130103834Multi-Tenant NATting for Segregating Traffic Through a Cloud Service - An apparatus, system, and method for segregating customer traffic through a cloud service are disclosed. The apparatus, system, and method perform network address translation (NAT) on first data packets received from a subnet to translate a first private network IP address into a second private network IP addresses, perform network address and port translation (NAPT) on the first data packets to translate the second private network IP address into a second public network IP address before sending the first data packets to a remote host, perform NAPT on second data packets received from the remote host to translate the second private network IP address back into the first private network IP address, and perform NAT on the second data packets to translate the second private network IP address back into the first private network IP address before sending the second data packets to the subnet.04-25-2013
20130103835RESOURCE MANAGEMENT METHOD, RESOURCE MANAGEMENT DEVICE, AND PROGRAM PRODUCT - Requested processing time of each batch job is complied with. A resource-correction control server calculating an amount of a resource required for setup of a batch application includes an intermediate-process-unit-data acquiring unit that compiles data of completed batch processes as a single data set at a predetermined time point, a resource-correction determining unit that, using the intermediate process unit, determines a process progress rate that is a progress rate of a process at the current time point and whether the process progress rate has reached a required progress rate that is a progress rate required to terminate the batch process within the requested processing time, and an allocation-resource calculating unit that, as a result of the determination, if the required progress rate has not been reached, calculates the amount of the resource required for recovery of the delay based on a delay-recovery-object progress rate and resource information.04-25-2013
20130124733SERVER AND METHOD FOR PROVIDING MOBILE WEB SERVICE - A server for a mobile web service and a method for providing a web service are provided. The wired server stores an IP address of at least one mobile web server. When a request for access to a mobile web server is received, the wired server delivers the access request to the mobile web server or provides a service in place of the mobile web server, using a URL included in the access request.05-16-2013
20130124732METHOD AND SYSTEM FOR ASSIGNING ACCESS CONTROL LEVELS IN PROVIDING ACCESS TO NETWORKED CONTENT FILES - A method and system for assigning access control levels when granting access to resources includes a client node, a collection agent, and a policy engine. The client node requests access to a resource. The collection agent gathers information about the client node. The policy engine receives the gathered information and assigns one of a plurality of levels of access responsive to application of a policy to the received information and transmits the information.05-16-2013
20130124731SYSTEM AND METHOD FOR MANAGING REGISTRATION OF SERVICES FOR AN ELECTRONIC DEVICE - The present disclosure described herein relates to a wireless electronic device and method for managing access to a server. The method comprises: receiving from the wireless electronic device a message identifying one or more requested services; accessing a database to identify a plurality of services from a plurality of servers available in the network; analyzing the database to identify a server of the plurality of servers that provides a requested service of the requested services; generating and sending an access request to the server for the wireless electronic device; receiving from the server information relating to the server; and generating and sending a response message to the wireless electronic device providing the information.05-16-2013
20130124730ADAPTIVE TIMING OF DISTRIBUTED DEVICE RESPONSE TO MAXIMIZE CHANNEL CAPACITY UTILIZATION - Embodiments of systems and methods for providing access to a server by remote devices are shown. In some embodiments, the system includes a scheduling module, a connection module, and/or a timer module. The scheduling module may compute a timer period and timer offset for each remote device on the server to facilitate evenly distributing connections by remote devices and avoid exceeding the maximum bandwidth of the communication channel. The connection module may initiate a connection from each remote device to the server to retrieve the timer period and timer offset. The timer module on each remote device may be controlled by the timer period and timer offset, and trigger the initiation of the connection module. A remote device's status may be offline if the initiation of the connection falls outside a tolerance window corresponding to the timer period and timer offset.05-16-2013
20130124729COMMUNICATION APPARATUS AND CONTROL METHOD FOR COMMUNICATION APPARATUS - A communication apparatus establishes a communication link with another communication apparatus, and establishes a communication session with another communication apparatus using the established communication link. After a predetermined number of communication sessions have been established, the communication apparatus restricts communication sessions other than the predetermined number of established communication sessions.05-16-2013
20130124728METHOD AND APPARATUS FOR ENTITLEMENT CONTROL VIA AN ENDPOINT DEVICE - A method and non-transitory computer readable medium for providing entitlement control via an endpoint device are disclosed. For example, the method detects an attempt to access a non-network monitored service at an endpoint device, determines whether the endpoint device is authorized to access the non-network monitored service by sending a query to a service provider network, and provides an access to the non-network monitored service if the endpoint is authorized.05-16-2013
20130132575COMMUNICATION SYSTEM OFFERING REMOTE ACCESS AND COMMUNICATION METHOD THEREOF - A communication system offering remote access and a communication method thereof are provided. The communication system includes a remote device, a relay node, and at least one server device. The relay node controls a connection from the remote device to a local area network (LAN). The at least one server device is located in the LAN. The remote device communicates with the relay node by using a web access protocol. The relay node converts a first command compliant with the web access protocol into a second command compliant with a LAN data access protocol, so that the remote device can remotely access the at least one server device through the relay node. Thereby, the remote device can remotely access the at least one server device without setting parameters of related network nodes.05-23-2013
20130132574TRANSMITTING AND RECEIVING INFORMATION ASSOCIATED WITH WI-FI HOTSPOTS - Systems, methods and devices for providing information to a user from a wireless network operator. Embodiments include detecting a wireless network using a user device and receiving wireless network information and operator information from a wireless network router before having access to the wireless network. Further. embodiments include identifying an operator website address using the operator information and accessing the operator website. In addition, the user device may be provided partial access to the wireless network by the wireless router such that the user device accesses the operator website through the wireless network. Also, the operator information includes at least one of an operator website address and a code string. Embodiments include sending the code string to a remote computer server and receiving the operator website address from the remote computer server based on processing the code string.05-23-2013
20130132572System and Method for Monitoring Outbreak of Contagious Diseases - A surveillance system for monitoring outbreak of a contagious disease is disclosed. The system comprises a handheld computing and communication device with a short range ad hoc networking device. Handheld devices carried by persons in contacting with the device carried by a user form an ad hoc communication network at a location. Identities of all devices in the ad hoc network are broadcasted through the network. The user's device receives the identities and stores the received data in a log file. The log file may be sent to a central station after the device receives an authorized signal during an outbreak event of the contagious disease. The device may further include a body temperature automatic measuring system. The user's body temperature trend file may be sent together with the log file.05-23-2013
20130132579METHOD AND APPARATUS FOR RANDOM ACCESS TO MULTIMEDIA CONTENT IN WIRELESS COMMUNICATION SYSTEM - A multimedia contents random access method for a wireless communication system is provided. The live content access method of a client in a wireless communication system according to the present invention includes receiving a request for playing a content, receiving content structure information on the content from a content transfer server, receiving content segments and random access informations of the content segments from a content provision server using the content structure information, and performing, when a random access request is received, random access to the content segments using the random access information. The content random access method of the present invention is capable of accessing the content in unit of content segment such that it is possible to access a past time point in the content even before all of the content segments are received completely.05-23-2013
20130132578AUTOMATED DEVICE PROVISIONING AND ACTIVATION - A wireless device obtains a user input through a user interface of the wireless device. Based on the user input, the wireless device determines at least an aspect of a control policy associated with a first application on the wireless device and applies the control policy. The control policy at least assists in controlling access to a wireless network by the first application and enables a control of access to the first wireless network by the first application that differs from a control of access to the first wireless network by a second application on the wireless device.05-23-2013
20130132577AUTHORIZING COMMUNICATIONS BETWEEN COMPUTING NODES - Techniques are described for managing communications between multiple computing nodes, such as computing nodes that are separated by one or more physical networks. In some situations, the techniques may be used to provide a virtual network between multiple computing nodes that are separated by one or more intermediate physical networks, such as from the edge of the one or more intermediate physical networks by modifying communications that enter and/or leave the intermediate physical networks. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users (e.g., users of a program execution service). The managing of the communications may include determining whether communications sent to managed computing nodes are authorized, and providing the communications to the computing nodes only if they are determined to be authorized.05-23-2013
20130132576Network Device, Method of Controlling Network Device, and Recording Medium on Which Program for Controlling Network Device Is Recorded - An access point AP that is an embodiment of a network device assigns an IP address to a terminal connected to the access point AP itself. The access point AP includes: a distributing unit 05-23-2013
20130132573Delivery Of A Communication Event - A method and communication system for delivering selected communication events to a user terminal over a communications network, and a user terminal arranged to deliver only the selected communication events to a user of the user terminal, the method comprising: executing a communication client application in a suspended state at the user terminal; receiving a communication event at a filtering component; using filtering parameters at the filtering component, to determine whether the communication event is a selected communication event; blocking the communication event at the filtering component if the communication event is not a selected communication event; if the communication event is a selected communication event, alerting a user of the user terminal to the communication event; and activating the communication client application to receive the communication event at the user terminal.05-23-2013
20130205026MEDIA FILTER IN A VEHICLE INFOTAINMENT SYSTEM - The present disclosure describes a media filter for filtering and/or processing a third party sourced signal received by an onboard component of the vehicle in a manner consistent with one or more rules, the one or more rules pertaining to one or more of a whitelist, blacklist, sensed occupant context, and/or a law and/or regulation.08-08-2013
20130145029SYSTEM AND METHOD FOR PROVIDING THRESHOLD-BASED ACCESS TO COMPUTE RESOURCES - The invention relates to systems, methods and computer-readable media for controlling access to compute resources in a compute environment such as a cluster or a grid. The method of providing conditional access to a compute environment comprises associating a required service level threshold with a compute environment, associating a service level with a requestor, receiving a request for access to the compute environment from the requestor; and, if the service level of the requestor meets the specified service level threshold, then allowing access to the compute resources. The threshold-based access may be enforced by reservations, policies or some other method.06-06-2013
20130145030CONTROL DEVICE, TERMINAL APPARATUS, AND COMMUNICATION SYSTEM - A control device includes: an authentication unit that performs authentication of a terminal apparatus to be connected to the control device; a main control signal transmitting unit that transmits, at first transmission intervals, a main control signal that is a control signal including information for performing data communication in synchronization with the terminal apparatus; a sub-control signal transmitting unit that transmits a sub-control signal notifying the terminal apparatus that the authentication unit is in a state of accepting a request for authentication; and a signal control unit that controls the main control signal transmitting unit and the sub-control signal transmitting unit, wherein the signal control unit causes the sub-control signal transmitting unit to transmit the sub-control signal at second transmission intervals shorter than the first transmission intervals when it is determined that the authentication unit is in the state of accepting the request for authentication.06-06-2013
20130145028Access Control List - A system, computer-implemented method, and computer-readable medium manage access control for a magazine edition. A set of roles are assembled that correspond to a principal. Each role defines a set of rules that specify access permissions to the magazine edition, defined at an edition level, a section level and a post level. A set of user access permissions is built, based on the access permissions. An access request is received from the principal, wherein the access request requires a set of necessary access permissions to be granted, defined at an edition level, a section level and a post level. It is determined if the set of user access permissions provides the necessary access permissions. When the user access permissions provide the necessary access permissions, the access request is granted, and otherwise the necessary access permissions, the access request is denied.06-06-2013
20100281164Selective acceptance of electronic messages in communication systems - A file authentication requesting device that stores a computer program for requesting authentication of files in digital systems, the device comprises a confirmation request system that generates a request for a confirmation receipt from a third party authenticator authenticating the attributes of a file; a transferring system that transfers attributes of at least one file to be authenticated to the third party authenticator from the device that requested the confirmation; and a receiving system that receives the confirmation receipt comprising authenticated file attributes, after authentication by the third party authenticator; wherein, at least one file authentication is received from the third party authenticator. Corresponding processing devices, media, systems and methods are also provided.11-04-2010
20080209039Service chaining methods and apparatus - According to some aspects, a method of providing services to a first device over a network using a network switching center adapted to locate servers capable of providing the services to the first device is provided. The method comprising acts of identifying a first service to be provided to the first device, providing notification, from the network switching center to a first server, that the remote device has requested the first service, providing, by the first server, the first service to the remote device, and indicating, by the first server to the network switching center, a second service to be provided to the remote device.08-28-2008
20080201472System and Method for Generating Personalized Offers Through an Information Gathering System - A method of generating a personalized offer for a user through an information gathering system disposed on the Internet includes storing a plurality of user profiles for a plurality of registered users in a profile database associated with the information gathering system, receiving an information request message at the information gathering system sent in response to the user activating a hyperlink presented on a participating web site, such that the participating web site is operated independently from the information gathering system and where the user activates the hyperlink in order to access an original intended destination distinct from the information gathering system, determining whether the user is one of the plurality of registered users, and retrieving the user profile from the profile database and sending a redirection message if the user is one of the plurality of registered users.08-21-2008
20080201471Methods, systems and computer program products for controlling network asset recovery - Computer-implemented methods for controlling network asset recovery for a communication network include receiving an identification of a plurality of non-utilized assets from an asset identification system. Business rules to be applied to the non-utilized assets are identified. One of the non-utilized assets is automatically identified for recovery based on the identified business rules. A job ticket identifying the one of the non-utilized assets is automatically generated that includes information from the received identification of the plurality of non-utilized assets sufficient to direct an assigned technician to a physical location of the one of the non-utilized assets. A recovery dispatch system associated with the one of the non-utilized assets is determined and the generated job ticket is submitted to the determined recovery dispatch system.08-21-2008
20110225297Controlling Access To A Resource In A Distributed Computing System With A Distributed Access Request Queue - Controlling access to a resource in a distributed computing system that includes nodes having a status field, a next field, a source data buffer, and that are characterized by a unique node identifier, where controlling access includes receiving a request for access to the resource implemented as an active message that includes the requesting node's unique node identifier, the value stored in the requesting node's source data buffer, and an instruction to perform a reduction operation with the value stored in the requesting node's source data buffer and the value stored in the receiving node's source data buffer; returning the requesting node's unique node identifier as a result of the reduction operation; and updating the status and next fields to identify the requesting node as a next node to have sole access to the resource.09-15-2011
20110231549SYSTEMS AND METHODS FOR CONTROLLING ACCESS TO THE INTERNET AND OTHER SERVICES PROVIDED BY A NETWORK - Systems and methods for controlling access to the Internet and other services provided by a network, such as a home network, are described. Exemplary systems may receive input from a user of a network and disable access to the Internet based on the input. In some embodiments, the systems automatically disable access to the Internet when certain conditions are satisfied, such as the occurrence of a time period for disabling access to the Internet.09-22-2011
20130185430MULTI-LEVEL HASH TABLES FOR SOCKET LOOKUPS - Methods, systems, and devices are described for managing socket lookups in an operating system of a device providing high-speed network services using multi-level hash tables. A system includes a listen socket lookup hash table and a connection socket lookup hash table. The listen socket lookup hash table includes a number of buckets configured to store listen socket lookup data for network connections. The connection socket lookup hash table includes a number of buckets configured to store connection socket lookup data for the network connections. The buckets in each of the hash tables may be individually locked. In certain examples, a third table may store binding data based on the data stored in the listen socket lookup hash table and the connection socket lookup hash table.07-18-2013
20130185426Network Resource Access Using Social Networks - A network controller is enabled to control a network that is administered by a network administrator. The network controller provides the network administrator with an option to register an association with a social network from a plurality of available social networks. The network controller identifies a social network selected by the network administrator. The network controller receives, from the social network, a user identification associated with an account the network administrator in the first social network. The network controller receives from the network administrator configuration parameters for resources in the network. Based on the configuration parameters received from the network administrator, the network controller configures access to resources in the network.07-18-2013
20110238836NETWORK OPERATING SYSTEM AND METHOD - The invention provides a system and method for a network operating system. The system includes a complex data medium that enables the continuous reconciliation of the collaborative information process and product. The system generally increases productivity by enabling a network dynamic among knowledge workers. The system unifies e-mail and shared file management, synchronous and asynchronous collaboration, serial and parallel work flow, top-down and bottom-up collaboration, and information lifecycle management.09-29-2011
20130151704DOMAIN BASED MANAGEMENT OF PARTITIONS AND RESOURCE GROUPS - According to one aspect of the present disclosure, a method and technique for domain based partition and resource group management is disclosed. The method includes: responsive to determining that an operation is being attempted on an object, determining a partition identifier associated with the object; determining a domain identifier associated with a user attempting the operation; determining whether the operation can proceed on the partition based on domain isolation rules, the domain isolation rules indicating rules for allowing or disallowing operations to proceed on the partition based on partition identifiers and domain identifiers; and responsive to determining that the operation on the partition can proceed based on the domain isolation rules, permitting the operation.06-13-2013
20100293276METHODS FOR ANALYZING ELECTRONIC MEDIA INCLUDING VIDEO AND AUDIO - The present disclosure includes methods and apparatus for analyzing audio and video. One claim recites: a method including at a network access point, and using a programmed electronic processor, analyzing data representing audio or video to extract identifying information therefrom, the analyzing operates on data representing audible portions of the audio or operates on data representing picture elements of the video; using the identifying information, determining whether to allow the audio or video to be communicated through the network access point; and providing details associated with said act of determining. Of course, other combinations are provided and claimed as well.11-18-2010
20100293275METHOD AND APPARATUS FOR MANAGING CONGESTION IN A WIRELESS SYSTEM - Systems and methodologies are described herein that facilitate congestion control in a wireless communication system. As described herein, an access network and associated terminals can utilize a token bucket access control mechanism, through which respective terminals can be allotted access tokens and/or other units for access to the access network. For example, upon requesting access to a given network, a user of the network can determine whether sufficient access tokens have been accumulated, based on which the request can be selectively allowed or denied. As further described herein, multiple token bucket mechanisms can be utilized, which can correspond to respective packet flows or the like. Additionally, token bucket access control can be implemented as described herein in cooperation with conventional access persistence functionality. Further aspects described herein facilitate the adjustment of token bucket parameters for network access control based on network loading.11-18-2010
20120259981Hypercasting - In one embodiment, a method comprises, in response to data to be distributed to a second computing device, selecting, by a first computing device, at least one third computing device for the second computing device, wherein each of the at least one third computing device has at least a portion of a copy of the data; and notifying, by the first computing device, the second computing device information concerning each of the at least one third computing device in order for the second computing device to obtain a copy of the data from the at least one third computing device.10-11-2012
20100306376MANAGING USER ACCOUNTS AND GROUPS IN MULTIPLE FORESTS - Methods, systems, and computer program products are provided for managing contact proxies and security proxies in networks that are organized as forests. For instance, contact proxies may be generated to represent user accounts and groups in forests other than the home forests of the user accounts and groups. Security proxy objects may be generated to represent group members (e.g., security principals and groups) in groups in forests other than the home forests of the group members. Furthermore, when both a contact object and a security proxy object exist for a member added to a group, one of the contact object or the security proxy object may be selected to represent the member in the group.12-02-2010
20100318656MULTIPLE-CHANNEL, SHORT-RANGE NETWORKING BETWEEN WIRELESS DEVICES - Multiple-channel, short-range networking between wireless devices. An embodiment of a method includes sending a request from a mobile device, the request asking external devices to provide an announcement, the request being sent via a first wireless channel, and receiving announcements from one or more external devices including a first device. The method further includes transmitting data from the mobile device to the first device via the first wireless channel to negotiate a secure network, establishing the secure network connection on a second wireless channel, and transferring data securely from the mobile device to the first device via the second wireless channel using the secure network connection.12-16-2010
20100318655Concurrent Processing With Untrusted Beings - This document describes tools for 1) structuring concurrent programming with untrusted beings; 2) creating multi-threaded programming in concurrent programming environments; and 3) creating a responsive feedback application model.12-16-2010
20100318654ROUTING OF POOLED MESSAGES VIA AN INTERMEDIARY - Message intermediation for multiple service instances, while allowing the service instance to control whether messages are processed under a transaction. The message intermediator chooses to dispatch messages among different backend service instances based on any routing rules. The message intermediator performs a peek-lock of message from a forward-end queue, and assigns the message to a service instance. The message is provided into a backward-end queue specific to the assigned service instance. The service instance may then process the message, perhaps under a transaction created at the service instance. Upon completion of processing, the message is deleted in the back-end queue, which causes the forward-end queue to delete the message under the same transaction created by the service instance. Whether or not this deletion at the forward-end is committed or rolled back depends on whether the transaction created at the service instance is committed or rolled back.12-16-2010
20120284407METHOD AND SYSTEM FOR ACCESSING NETWORK THROUGH PUBLIC DEVICE - A method and system for accessing a network over a public device are provided in the present invention. The method includes: a user inputting an Access Identifier (AID) and authentication information over the public device, and initiating a network access request; after receiving the network access request, an Access Service Node (ASN) transmitting the received network access request to an Authentication Center (AC) to authenticate validity of the User's AID information, and forwarding a network access response returned by the AC to the public device; and after the public device receives the network access response, if the User's AID information is authenticated by the AC to be valid, the public device using the User's AID as a virtual AID, and using the virtual AID to transmit/receive messages of the user.11-08-2012
20120284406NETWORK ACCESSING METHOD - A network accessing method includes selecting a group representative dynamically from each machine to machine (M2M) terminal group, wherein terminals in the M2M terminal group not selected as the group representative serve as group members. The method also includes requesting, by the group representative, network access from a base station, and serving, as a group member automatically after entering an idle state or entering another cell. This enables multiple M2M terminals to access a network at the same time while avoiding network access congestion.11-08-2012
20130159527SYSTEM AND METHOD FOR ELECTRONIC SOCIAL NETWORKING - According to one embodiment, a system for controlling access to data on an electronic communication network is provided. The system includes at least one server connectable for communication on the network. The at least one server is configured for: receiving data from at least one user of a plurality of users, via the network; storing the received data; generating control levels corresponding to one or more portions of the stored data; receiving selected modifications to at least one of the generated control levels from the at least one user, via the network; providing controlled access to the one or more portions of the stored data according to the generated control levels and the modified at least one of the generated control levels.06-20-2013
20130159521METHOD AND APPARATUS FOR PROCESSING GROUP EVENT NOTIFICATIONS AND PROVIDING GROUP POLICY IN A COMMUNICATION SYSTEM - A group event processing entity receives and processes a group event notification wherein a set of policy rules is determined that controls the performance of an action as relates to at least one of a member user equipment of a group session or an access network resource for the group session. Additionally, a group policy decision entity receives a request to establish a group access network resource for a group of user equipment and determines a set of applicable policy rules for establishing the group access network resource, wherein the set includes a policy rule that controls performance of an action when a base station in a wireless access network is unable to provide resources to support the requested group access network resource. The group policy decision entity provides the set of applicable policy rules to a group policy enforcement entity.06-20-2013
20130159522To Wireless Communication Systems and Methods - Embodiments of the invention provide methods, devices and computer programs arranged to facilitate access to device-to-device (D2D) communication services in a communication network. One embodiment includes an apparatus for use in controlling access to a D2D communication service in a communication network, the apparatus including a processing system arranged to cause the apparatus to: receive a D2D discovery signal including data indicative of said D2D communication service; determine a verification state for the D2D communication service as one of a first verification state and a second, different, verification state, on the basis of said received D2D discovery signal, the first verification state being one in which said D2D communication service can be verified by the apparatus; and in the event that said D2D communication service is determined to be in the second verification state, transmit data indicative of said D2D communication service for verification by the communication network.06-20-2013
20130159523SECURE LEGACY MEDIA PERIPHERAL ASSOCIATION WITH AUTHENTICATION IN A MEDIA EXCHANGE NETWORK - Aspects for secure access and communication of information in a distributed media network may include detecting when a legacy media peripheral is connected to a PC and/or a media processing system on the distributed media network. One or more identifiers associated with the legacy media peripheral may be established and utilized to facilitate communication of the legacy media peripheral over the distributed media network. At least one legacy media peripheral identifier and at least one identifier of a user utilizing the legacy media peripheral may be requested. The legacy media peripheral identifier may be a serial number of the legacy media peripheral, while the user identifier may be a user password and/or a user name. Media peripheral association software may be executed on the PC and/or the media processing system and utilized for media peripheral association and authentication in accordance with various embodiments of the invention.06-20-2013
20130159524COMMUNICATION DEVICE, COMMUNICATION SYSTEM, AND SESSION CONTROL METHOD - A communication device includes a storage device configured to store plural addresses assigned to the communication device, a user interface device, and a controller, wherein the controller executes processing that accepts an input of a user due to the user interface device, and address switching processing that causes a transmission destination address, used by an opposite device to transmit data to the communication device, to be switched to another address included in the plural addresses in accordance with the session control protocol, in response to the input.06-20-2013
20130159525INFORMATION PROCESSING APPARATUS AND DATA CONTROL METHOD - An information processing apparatus includes a memory; and a processor to execute a process including: adding an identifier based on a reception order to an access request indicating a transmission request or a reception request of a block of data received from a client terminal; retrieving, from among information processing apparatus which is included in a distribution-type network which distributes transmitting and receiving processing of a data, an information of the information processing apparatus which processes an access request added with the identifier which is scheduled to be added; storing, in the memory, the information of the information processing apparatus in association with the identifier which is scheduled to be added; and replying the information, which is stored in association with the identifier in the memory when the identifier is added to an access request, to the client terminal.06-20-2013
20130185429Processing Store Visiting Data - The present disclosure introduces a method and a system for processing store visiting data. New visiting data is obtained. A user ID, a store ID, and a visiting time are analyzed from the new visiting data. It is determined whether the user ID and the store ID match one of user IDs and store IDs in static historical visiting data. If there is a match, it is determined that a user corresponding to the new visiting data is a repeated user of the store. Otherwise, it is then determined whether the user ID and the store ID match one of user IDs and store IDs in dynamic historical visiting data. If there is a match, it is also determined that a user corresponding to the new visiting data is a repeated user of the store.07-18-2013
20110282993HIERARCHICAL LOAD BALANCING - An improved load balancing method, system, and computer program product handles popular object requests using a front-end cache, and hashing is applied only to the requests in the stream that were not handled by the front-end cache. A cache (e.g., a web proxy cache) is placed in front of a Level 11-17-2011
20110289217PROTECTION AGAINST UNSOLICITED COMMUNICATION FOR INTERNET PROTOCOL MULTIMEDIA SUBSYSTEM - A PUCI system is designed to process an incoming call originated by the user equipment toward the counterpart user equipment via an EMS node having a PUCI-light functionality, which includes an IBCF/I-CSCF, a S-CSCF, and a database storing the PUCI-light information. Through a query to the database indicating a suspicious session in relation to the incoming call, the IMS node immediately blocks the suspicious session or simply marks the suspicious session for the further processing at a subsequent node. The reason for rejection is included in a SIP BYE/ERROR message of an original session setup message, which is interpreted by a previous IMS node so as to obtain the relevant information from a SIP header. The relevant information is stored in either a global operator policy database or a local database, thus enabling a PUCI-negating IMS node to reject an unsolicited call related to the blocked session.11-24-2011
20110302308Method and System for Providing User-Generated Content Via a Gateway - A method and system are provided in which a broadband gateway may be operable to handle at least one physical layer connection to at least one corresponding network access service provider. The broadband gateway may receive content and associated metadata through the at least one network access service provider. The broadband gateway may determine, based on the received metadata and on one or more rules associated with a user profile, whether to enable access to at least a portion of the received content by a device connected in a peer-to-peer configuration with the broadband gateway. The broadband gateway may communicate to such device an indication that at least a portion of the received content is available for sharing. The metadata may comprise rating information, copyright information, language information, and privacy rules. The rating information may be modified based on information received by the broadband gateway from other users.12-08-2011
20110314154IDENTIFYING AND CORRECTING AN UNDESIRED CONDITION OF A DISPERSED STORAGE NETWORK ACCESS REQUEST - A method begins by a processing module sending a transaction verification request to the set of dispersed storage (DS) units, wherein the transaction verification request includes a transaction number that corresponds to a particular dispersed storage network (DSN) access request. The method continues with the processing module receiving transaction verification responses from at least some of the set of DS units to produce received transaction verification responses. The method continues with the processing module identifying an undesired condition with processing the DSN access request and initiating a corrective remedy for the undesired condition when a DS unit of the set of DS units does not provide a desired transaction verification response.12-22-2011
20110314153NETWORKED DEVICE AUTHENTICATION, PAIRING AND RESOURCE SHARING - A system and method are disclosed for pairing computing devices using an authentication protocol that allows an initiating computing device to gain access to a secure, encrypted network of a target computing device.12-22-2011
20110314152SYSTEMS AND METHODS FOR DETERMINING COMPLIANCE OF REFERENCES IN A WEBSITE - Systems and methods of determining compliance of content in a website or web application are disclosed. The systems and methods comprise a compliance tool to retrieve data associated with website or web application content. The compliance tool can scan the data to determine references to network locations. The compliance tool can compare the references to one or more approval rules to determine whether the references comply with the approval rules. A report can be compiled and outputted that indicates which references comply and which references do not comply with the approval rules. A user can have the option to add non-complying references to an approved list. The compliance tool can further remove non-complying references from the website or web application data and/or register non-complying references with a firewall.12-22-2011
20130191538MANAGING CROSS-PREMISES RESOURCES THROUGH INTEGRATED VIEW - A communication application manages cross-premises resources through an integrated view. The application creates a single view to manage local and remote resources by modeling the single view. The application manages the local and remote resources from the single view. The application transmits and receives input/output from the local and remote resources. Output is displayed in the single view. The application also secures cross-premises messaging and signaling across the local and remote resources. The application secures messaging and signaling by implementing security requirements of the resources. In addition, the application provides a single sign on (SSO) authentication across the local and remote resources.07-25-2013
20130191540COMPUTER READABLE MEDIUM RECORDED WITH INFORMATION PROCESSING PROGRAM, INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING SYSTEM, AND INFORMATION PROCESSING METHOD - An example method includes: transmitting content data to a server that determines whether to permit or deny transmission of storage location information indicating a storage location of the content data; receiving the storage location information from the server; and transmitting the storage location information to another information processing device.07-25-2013
20130191539SYSTEM AND METHOD FOR SUPPORTING SECURE APPLICATION DEPLOYMENT IN A CLOUD - A method of securely deploying a software application in the Internet cloud including identifying those aspects of a software application that use secure data, and those aspects of the application that use non-secure data, deploying the secure data on one or more secure servers that are not publicly accessible over the Internet, and deploying non-secure data on one or more cloud servers that are publicly available over the Internet, where communication between the secure servers and the cloud servers is managed using secure connections with access only to computation results.07-25-2013
20110320600Sharing Access for Clients - This patent application relates to a method, a computer program product, a computer program, an apparatus, and a system for sharing an access to at least one application located on a smart card unit.12-29-2011
20120030354APPLICATION PLATFORM WITH FLEXIBLE PERMISSIONING - Systems and methods are provided for an application platform with flexible permissioning according to one or more embodiments. In one embodiment, an application platform with flexible permissioning comprises: a service provider server adapted to interact with an application development server and a client device over a network, wherein the service provider server is adapted to implement at least one application programming interface (API); one or more processors; and one or more memories adapted to store a plurality of machine-readable instructions which when executed by the one or more processors are adapted to cause the application platform with flexible permissioning to: maintain, at the service provider server, a profile associated with at least one application developer using the application development server; receive an API call from the application developer; authenticate the application developer and authorize the API call; assign an access level to the application developer based on the profile associated with the application developer; and control permissions given to the application developer to perform operations available based on the assigned access level.02-02-2012
20130198383Network Access Based on Social-Networking Information - In one embodiment, a method includes receiving a request at a wireless access point from a client system to access a network through the wireless access point. The wireless access point sends an identifier associated with the client system to a social-networking system, the social-networking system including user profiles arranged in one or more social graphs. The social graphs store relationships between the user profiles. The method further includes receiving at the wireless access point from the social-networking system an authorization determination. The authorization determination is based upon a first user profile of the plurality of user profiles. The first user profile includes the identifier associated with the client system. The method further includes providing the client system with access to the network through the wireless access point in accordance with the authorization determination.08-01-2013
20130198382USER REGISTRATION METHOD, INTERACTION METHOD AND RELATED DEVICES - The present invention relates to the field of communications technologies, and discloses a user registration method, an interaction method and related devices. The user registration method includes: receiving an invite request that is sent by a registered user of a system through a first system client, where the invite request includes an identifier of an unregistered user of the system; obtaining a temporary account allocated to the unregistered user of the system and valid in the system; sending, according to the identifier of the unregistered user of the system, the temporary account to a terminal used by the unregistered user of the system. By use of the present invention, registered users of one system are capable of interacting with unregistered users of the system.08-01-2013
20130198381Optimizing Data Extraction from Distributed Systems into a Unified Event Aggregator Using Time-Outs - Methods and systems of managing automated feed retrieval systems may involve determining an inactivity period with respect to a feed source, and identifying a user time-out threshold corresponding to the feed source. In addition, a re-subscription prompt may be generated if the inactivity period exceeds the user time-out threshold. In one example, a user may be unsubscribed from the feed source if a confirmation response to the re-subscription prompt is not received from the user. Moreover, data retrieval from the feed source can be discontinued if the feed source lacks any remaining subscribers in the automated feed retrieval system.08-01-2013
20120036262SYSTEM AND METHOD OF RESOURCE REPLICATION DELIVERY TO MULTIPLE LOCAL DESTINATIONS - A system and method are provided for streaming resource replication, registration and delivery. A nonlocal streaming resource is replicated in a local network as a local multicast resource. The local multicast source is registered on a resource management server with an entry which identifies the nonlocal resource and contains information for use in locally accessing the local multicast resource. When a local client of the local network requests access to the local multicast resource, the resource management server determines that the local client and the local multicast source are local to each other and provides a response for enabling direct local access by the local client to the local multicast resource.02-09-2012
20120066386ENTERPRISE GRADE RIGHTS MANAGEMENT - Various arrangements for controlling access to a set of media items accessible via multiple channels are presented. An indication of a media item may be stored. Multiple sets of rules may be received, including a first and second set of rules. Requests for access to the media item may be received from a first and second application. The first request may be determined to be is associated with a first channel, wherein the first channel is associated with the first set of rules. Access to the media item may be provide in accordance with the first set of rules. The second request may be determined to be associated with a second channel. Access to the media item may be provided in accordance with the second set of rules.03-15-2012
20120066385METHOD AND SYSTEM TO ENABLE CONTACT WITH UNKNOWN INTERNET ACCOUNT HOLDERS - A method of enabling a server to contact an unknown Internet account holder can begin with the server receiving a request for a resource. The server then determines whether the request for the resource warrants sending a notice, and if so, identifies a notice destination to which the notice is to be sent. The server then generates a notice comprising an apparent IP address, a time the server received the request, and a communication; and sends the notice to the notice destination via a standardized communications pathway. An ISP can receive a notice from the server via the standardized communication pathway, and based thereon can identify the account holder based the requesting IP and optionally the request time. The ISP can then send the account holder the communication by an arranged manner despite the server not having known the identity of the account holder.03-15-2012
20130205025Optimized Virtual Private Network Routing Through Multiple Gateways - In one embodiment, a secure communication tunnel is established between a first VPN gateway and a remote access client. The remote access client requests a resource of an enterprise network. The first VPN gateway selects a second VPN gateway based at least on a cost of communication between the requested resource and the second VPN gateway. An indication of the second VPN gateway is sent to the remote access client. The first VPN gateway maintains the first secure communication tunnel while the remote access client accesses the resource through a second secure communication tunnel established between the remote access client and the second VPN gateway.08-08-2013
20120096158MULTITENANT HOSTED VIRTUAL MACHINE INFRASTRUCTURE - A multi-tenant virtual machine infrastructure (MTVMI) allows multiple tenants to independently access and use a plurality of virtual computing resources via the Internet. Within the MTVMI, different tenants may define unique configurations of virtual computing resources and unique rules to govern the use of the virtual computing resources. The MTVMI may be configured to provide valuable services for tenants and users associated with the tenants.04-19-2012
20130212273TRUE-OWNERSHIP OF SHARED DATA - A method for managing a data item includes a hub receiving a first access request from a first engine executing on a computing device operated by a first host and sending the first access request to a second engine executing on a first computing device of a second host. The second host owns the data item. The hub receives, from the second engine, the data item and an access rule set by the second host for the first host, and sends the first access rule and the data item to the first engine for storage. The first engine grants the first host access to the data item according to the first access rule.08-15-2013
20130212271Single-Point-of-Access Cyber System - The system and system components of the present invention provide individuals with both a safe and a secure cyber environment. Within this safe and secure cyber environment each individual and each cyber device is properly identified for all cyber interactions with others and for all cyber interactions with the cyber devices of others. The system also provides individuals with privacy for the individual's cyber activities and cyber assets. Further, the system provides for environment-wide interoperable use of any cyber device, cyber programming, and cyber content.08-15-2013
20130212270Resource Access Throttling - Techniques for resource access throttling are described. In implementations, access to a network resource can be controlled based on a variety of factors, such as a type of user requesting access to the network resource. For example, consider a scenario where an online content store is preparing to launch. To prevent resources associated with the online content store from being overwhelmed by the number of requests for access when the store is launched, techniques can be implemented to throttle the number of requests that are granted. For instance, requests for access can be throttled based on different user types.08-15-2013
20130212269Data Storage Management - A method of data storage management. A server receives a data upload request from a remote client, the upload request including information identifying the data to be uploaded. The server determines that a duplicate of the data is stored at a data storage device. The server receives proof of possession information derived by the client from the data using additional information known to the server. On the basis of the received information, the server determines whether to allow the client or a user associated with the client to subsequently access the duplicate data stored at the data storage device.08-15-2013
20130212274User Configuration File for Access Control for Embedded Resources - Multimedia content is featured on user pages of an online social network using embed codes that are generated using a configuration file associated with the source ID for the multimedia content and a content ID for the multimedia content. The configuration file, the source ID and the content ID are stored locally by the online social network so that any changes to the embed codes can be made by changing the configuration file associated with the source and regenerating the embed codes. By managing multimedia content in this manner, greater control can be exercised by the online social network over the multimedia content that are featured on its user pages.08-15-2013
20130212272Service Denial and Termination on a Wireless Network - A method and system are provided for denying an application service request, such as a Multimedia Messaging Service (MMS) request, on wireless and wireline Internet Protocol (IP) Multimedia Subsystem (IMS) networks or Session Initiation Protocol (SIP) networks. In one example, the method includes receiving a request for an application service from a user via a transport network, determining to deny the request, and providing a response corresponding to the denial of the request to the user via the transport network.08-15-2013