Patent application number | Description | Published |
20100064033 | INTEGRATION OF AN INTERNAL CLOUD INFRASTRUCTURE WITH EXISTING ENTERPRISE SERVICES AND SYSTEMS - In various exemplary embodiments, a system architecture and associated method for establishing the system architecture are disclosed to provide cloud computing in an existing enterprise. The system architecture provides cloud computing in an existing enterprise. The system architecture comprises a service communications interface and an infrastructure communications interface. A cloud structure is communicatively coupled to the service communications interface and the infrastructure communications interface, with the cloud structure arranged to be coupled through the service communications interface to individual business units. The cloud structure is further arranged to be coupled through the infrastructure communications interface to a plurality of enterprise resources. | 03-11-2010 |
20100114656 | SYSTEM AND METHOD FOR PROVIDING VALUE-ADDED CONTENT IN AN ELECTRONIC COMMUNICATIONS ENVIRONMENT - In various exemplary embodiments, a system architecture and associated method to provide value-added content in an electronic communications environment occurring over a communications link between a first electronic system provider and a third-party cloud provider is disclosed. The system architecture comprises an electronic communications interface to allow translation between the first electronic system provider, additional electronic system providers, and an end-user to the third-party cloud provider. The electronic communications interface further provides the first electronic system provider with at least a portion of the content within communications streams from the additional electronic system providers and the end-user via the communications link. A visual generator provides display regions to the end-user with the value-added content from the first electronic system provider that is related to the at least a portion of the content of at least one of the communications streams. | 05-06-2010 |
20120216268 | IDENTITY ASSERTION FRAMEWORK - Systems and methods for implementing an identity assertion framework to authenticate a user in a federation of security domains are provided. A first security token service (STS) is configured to receive a request for a first token from a consumer and to issue the first token to the consumer. The first STS is associated with a first security domain, and the first token is issued according to a first issuing policy of the first security domain. A service provider within a second security domain receives the first token and makes a determination whether the first token is invalid in the second security domain. A second STS receives the first token from the service provider, determines that the first token was issued by the first STS, and validates the first token according to a federation policy between the first security domain and the second security domain. | 08-23-2012 |
Patent application number | Description | Published |
20090148159 | Method and Apparatus for Securing Fiber in an Optical Network - A method and apparatus for securing an optical communication link includes the step of identifying a profile of the link by measuring, at the transmitter, optical back-reflections from optical pulses forwarded to a receiver. The profile is stored at the transmitter. Periodically during operation, such as during key exchange, more optical pulses are forwarded to the receiver, and the back reflections are collected as periodic profiles. The periodic profiles are compared against the stored profiles. Eavesdroppers, such as those who cut the fiber, tap the fiber, or implement a man in the middle attack, may be easily identified because the losses caused by their interference with the fiber will be evident in the periodic profiles. | 06-11-2009 |
20090279562 | Content-aware dynamic network resource allocation - Network resources allocated for particular application traffic are aware of the characteristics of L4+ content to be transmitted. One embodiment of the invention realizes network resource allocation in terms of three intelligent modules, gateway, provisioning and classification. A gateway module exerts network control functions in response to application requests for network resources. The network control functions include traffic path setup, bandwidth allocation and so on. Characteristics of the content are also specified in the received application network resource requests. Under request of the gateway module, a provisioning module allocates network resources such as bandwidth in optical networks and edge devices as well. An optical network resource allocation leads to a provisioning optical route. Under request of the gateway module, a classification module differentiates applications traffic according to content specifications, and thus creates and applies content-aware rule data for edge devices to forward content-specified traffic towards respective provisioning optical routes. | 11-12-2009 |
20100100625 | SYSTEM AND METHOD FOR TRANSLATING APPLICATION PROGRAM NETWORK SERVICE REQUESTS INTO ACTIONS AND PERFORMING THOSE ACTIONS THROUGH THE MANAGEMENT AND/OR CONTROL PLANE RESPONSIVE TO PREVIOUSLY DEFINED POLICIES AND PREVIOUS REQUESTS BY THE SAME OR ANOTHER APPLICATION PROGRAM - Application program network service requests are translated into specific actions that are then performed through the management plane and/or control plane. The translations and resulting actions are responsive to previously defined policies for the communication network, and may further reflect processing of previous service requests by the same or another application program. The amount of resources available for use by a given application program may be predefined based on a globally defined network policy. Each service request obtained from an application program may be translated into multiple actions performed using various specific protocols and/or interfaces provided by either the management plane, the control plane, or both the management and control planes. Reports of network activity, status and/or faults for a requesting application program may be tailored to the requesting program's view of the network, and passed directly and exclusively to the requesting program. | 04-22-2010 |
20110238850 | SYSTEM AND METHOD FOR TRANSLATING APPLICATION PROGRAM NETWORK SERVICE REQUESTS INTO ACTIONS AND PERFORMING THOSE ACTIONS THROUGH THE MANAGEMENT AND/OR CONTROL PLANE RESPONSIVE TO PREVIOUSLY DEFINED POLICIES AND PREVIOUS REQUESTS BY THE SAME OR ANOTHER APPLICATION PROGRAM - Application program network service requests are translated into specific actions that are then performed through the management plane and/or control plane. The translations and resulting actions are responsive to previously defined policies for the communication network, and may further reflect processing of previous service requests by the same or another application program. The amount of resources available for use by a given application program may be predefined based on a globally defined network policy. Each service request obtained from an application program may be translated into multiple actions performed using various specific protocols and/or interfaces provided by either the management plane, the control plane, or both the management and control planes. Reports of network activity, status and/or faults for a requesting application program may be tailored to the requesting program's view of the network, and passed directly and exclusively to the requesting program. | 09-29-2011 |
20120180059 | TIME-VALUE CURVES TO PROVIDE DYNAMIC QoS FOR TIME SENSITIVE FILE TRANSFERS - A method and apparatus has been shown and described which allows Quality of Service to be controlled at a temporal granularity. Time-value curves, generated for each task, ensure that mission resources are utilized in a manner which optimizes mission performance. It should be noted, however, that although the present invention has shown and described the use of time-value curves as applied to mission workflow tasks, the present invention is not limited to this application; rather, it can be readily appreciated by one of skill in the art that time-value curves may be used to optimize the delivery of any resource to any consumer by taking into account the dynamic environment of the consumer and resource. | 07-12-2012 |
20130268678 | Method and Apparatus for Facilitating Fulfillment of Requests on a Communication Network - Fulfillment of web-service requests may be facilitated by intelligently load balancing the web-service requests between servers or server clusters configured to perform the requested web-service. Load balancing may be based on the type of request, target class of server, whether the request is likely to spawn any subsequent requests, relevant historical information, other requests, current and anticipated work load on the servers, the current ability of the servers to handle additional requests, the numbers type and schedule of requests in a queue waiting to be allocated to one or more of the servers, and numerous other factors that may affect the servers' ability to process the request. Requests may be classified to enable historical correlation between how servers have handled previous requests and the present request. Additionally, requests may be scheduled for future execution and monitored during execution. | 10-10-2013 |
20140012991 | GRID PROXY ARCHITECTURE FOR NETWORK RESOURCES - A Grid Proxy Architecture for Network Resources (GPAN) is proposed to allow Grid applications to access resources shared in communication network domains. GPAN bridges Grid services serving user applications and network services controlling network devices through its proxy functions such as resource data and management proxies. Working with Grid resource index and broker services, GPAN employs distributed network service peers (NSP) in network domains to discover, negotiate and allocate network resources such as bandwidth for Grid applications. An elected master NSP is the unique Grid node that runs GPAN and represents the whole network to share network resources to Grids without Grid involvement of network devices. GPAN provides the Grid Proxy service (GPS) to interface with Grid services and applications, and the Grid Delegation service (GDS) to interface with network services to utilize network resources. Resource-based XML messaging is employed for the GPAN proxy communication. | 01-09-2014 |
20150058490 | GRID PROXY ARCHITECTURE FOR NETWORK RESOURCES - Various embodiments allow Grid applications to access resources shared in communication network domains. Grid Proxy Architecture for Network Resources (GPAN) bridges Grid services serving user applications and network services controlling network devices through proxy functions. At times, GPAN employs distributed network service peers (NSP) in network domains to discover, negotiate and allocate network resources for Grid applications. An elected master NSP is the unique Grid node that runs GPAN and represents the whole network to share network resources to Grids without Grid involvement of network devices. GPAN provides the Grid Proxy service (GPS) to interface with Grid services and applications, and the Grid Delegation service (GDS) to interface with network services to utilize network resources. In some cases, resource-based XML messaging can be employed for the GPAN proxy communication. | 02-26-2015 |