Patent application number | Description | Published |
20100037823 | SHOWERHEAD AND SHADOW FRAME - The present invention generally relates to a gas distribution showerhead and a shadow frame for an apparatus. By extending the corners of the gas distribution showerhead the electrode area may be expanded relative to the anode and thus, uniform film properties may be obtained. Additionally, the expanded corners of the gas distribution showerhead may have gas passages extending therethrough. In one embodiment, hollow cathode cavities may be present on the bottom surface of the showerhead without permitting gas to pass therethrough. The shadow frame in the apparatus may also have its corner areas extended out to enlarge the anode in the corner areas of the substrate being processed and thus, may lead to deposition of a material on the substrate having substantially uniform properties. | 02-18-2010 |
20100104754 | MULTIPLE GAS FEED APPARATUS AND METHOD - Embodiments of the present invention generally provide apparatus and methods for introducing process gases into a processing chamber at a plurality of locations. In one embodiment, a central region of a showerhead and corner regions of a showerhead are fed process gases from a central gas source with a first mass flow controller regulating the flow in the central region and a second mass flow controller regulating the flow in the corner regions. In another embodiment, a central region of a showerhead is fed process gases from a first gas source and corner regions of the showerhead are fed process gases from a second gas source. In another embodiment, a central region of a showerhead is fed process gases from a first gas source and each corner region of the showerhead is fed process gases from a separate gas source. By separately feeding process gases to different regions of the showerhead, the ratio and flow of process gases through the showerhead may be controlled to provide improved uniformity across the surface of a substrate. | 04-29-2010 |
20100112212 | ADJUSTABLE GAS DISTRIBUTION APPARATUS - Embodiments of the present invention generally provide apparatus and methods for altering the contour of a gas distribution plate within a process chamber without breaking vacuum conditions within the chamber. In one embodiment, a central support device adjusted to vary the height of a central region of a gas distribution plate with respect to the periphery of the gas distribution plate. In another embodiment, a plurality of central support devices is adjusted to vary the height of a central region of a gas distribution plate with respect to the periphery of the plate. In yet another embodiment, a plurality of central support devices and a plurality of mid-range support devices are adjusted to vary the height of certain regions of the gas distribution plate with respect to other regions of the gas distribution plate. In one embodiment, the contour of the gas distribution plate is altered based on changes detected within the process chamber. | 05-06-2010 |
20100136216 | GAS DISTRIBUTION BLOCKER APPARATUS - Embodiments of the present invention generally provide apparatus and methods for altering the flow and pressure differential of process gases supplied across a showerhead of a processing chamber to provide improved deposition uniformity across the surface of a substrate disposed therein. In one embodiment, a blocker plate is disposed between a backing plate and a showerhead. In one embodiment, the distance between the blocker plate and the showerhead is adjustable. In another embodiment, the blocker plate has a non-planar surface contour. In another embodiment, a regional blocker plate is disposed between a backing plate and a showerhead. In another embodiment, a central blocker plate and a peripheral blocker plate are disposed between a backing plate and a showerhead. | 06-03-2010 |
20100151127 | APPARATUS AND METHOD FOR PREVENTING PROCESS SYSTEM CONTAMINATION - Embodiments of the present invention generally provide apparatus and methods for preventing contamination within a processing system due to substrate breakage. In one embodiment, an acoustic detection mechanism is disposed on or within a process chamber to monitor conditions within the process chamber. In one embodiment, the acoustic detection mechanism detects conditions indicative of substrate breakage within the process chamber. In one embodiment, the acoustic detection mechanism detects conditions that are known to lead to substrate breakage within the process chamber. In one embodiment, the acoustic detection mechanism is combined with an optical detection mechanism. By early detection of substrate breakage or conditions known to lead to substrate breakage, the process chamber may be taken off line and repaired prior to contamination of the entire process system. | 06-17-2010 |
20130012030 | METHOD AND APPARATUS FOR REMOTE PLASMA SOURCE ASSISTED SILICON-CONTAINING FILM DEPOSITION - An apparatus and methods for depositing amorphous and microcrystalline silicon films during the formation of solar cells are provided. In one embodiment, a method and apparatus is provided for generating and introducing hydrogen radicals directly into a processing region of a processing chamber for reaction with a silicon-containing precursor for film deposition on a substrate. In one embodiment, the hydrogen radicals are generated by a remote plasma source and directly introduced into the processing region via a line of sight path to minimize the loss of energy by the hydrogen radicals prior to reaching the processing region. | 01-10-2013 |
Patent application number | Description | Published |
20090292917 | SECURE TRANSPORT OF MULTICAST TRAFFIC - Secure tunneled multicast transmission and reception through a network is provided. A join request may be received from a second tunnel endpoint, the join request indicating a multicast group to be joined. Group keys may be transmitted to the second tunnel endpoint, where the group keys are based at least on the multicast group. A packet received at the first tunnel endpoint may be cryptographically processed to generate an encapsulated payload. A header may be appended to the encapsulated payload to form an encapsulated packet, wherein the header includes information associated with the second tunnel endpoint. A tunnel may be established between the first tunnel endpoint and the second tunnel endpoint based on the appended header. The encapsulated packet may be transmitted through the tunnel to the second tunnel endpoint. The second tunnel endpoint may receive the encapsulated packet. Cryptographic processing of the encapsulated packet may reveal the packet having a second header. The packet may then be forwarded on an interface toward at least one multicast recipient identified in the second header. | 11-26-2009 |
20090320122 | CONGESTION MANAGEMENT OF SESSION NEGOTIATIONS IN NETWORK DEVICES - A network device implements congestion management of sessions of a network protocol. In one implementation, an incoming request component receives session requests for a negotiation session between the network device and a second network device. A capacity pool stores a value relating to capacity of the network device to continue to efficiently process the session requests. New sessions are initiated when the value stored in the capacity pool is less than an estimate of the capacity of the network device at which the network device maximizes processor usage while minimizing session timeouts. | 12-24-2009 |
20100278181 | POINT-TO-MULTI-POINT/NON-BROADCASTING MUTLI-ACCESS VPN TUNNELS - A system establishes a virtual private network (VPN) tunnel to a destination and determines a next hop for the VPN tunnel. The system inserts the next hop, and an address associated with the destination, into an entry of a first table. The system inserts the next hop, and a tunnel identifier corresponding to the established VPN tunnel, into an entry of a second table. The system associates one or more security parameters, used to encrypt traffic sent via the VPN tunnel, with the tunnel identifier. | 11-04-2010 |
20120137358 | POINT-TO-MULTI-POINT/NON-BROADCASTING MULTI-ACCESS VPN TUNNELS - A system establishes a virtual private network (VPN) tunnel to a destination and determines a next hop for the VPN tunnel. The system inserts the next hop, and an address associated with the destination, into an entry of a first table. The system inserts the next hop, and a tunnel identifier corresponding to the established VPN tunnel, into an entry of a second table. The system associates one or more security parameters, used to encrypt traffic sent via the VPN tunnel, with the tunnel identifier. | 05-31-2012 |
20120144191 | SECURE TRANSPORT OF MULTICAST TRAFFIC - A request to receive multicast data, associated with a multicast group, may be transmitted. The request may be transmitted via a tunnel. Group keys may be received in response to the request. The group keys may be based on the multicast group. An encapsulated packet may be received via another tunnel. The encapsulated packet may be processed, using the group keys, to obtain a multicast packet associated with the multicast data. The multicast packet may be forwarded to at least one multicast recipient. | 06-07-2012 |
Patent application number | Description | Published |
20120207174 | DISTRIBUTED SERVICE PROCESSING OF NETWORK GATEWAYS USING VIRTUAL MACHINES - A network gateway device includes an ingress interface, an egress interface, and a load balancing module coupled to the ingress and egress interfaces. The load balancing module configured to receive a packet from the ingress interface, determine a set of a plurality of processes corresponding a connections session associated with the packet based on a policy. For each of the identified processes, the load balancing module is to identify a service processing module executed by a virtual machine that is capable of handling the identified process, and to send the packet to the identified service processing module to perform the identified process on the packet. The packet is then transmitted to the egress interface of the gateway device to be forwarded to a destination. | 08-16-2012 |
20120210417 | DISTRIBUTED FIREWALL ARCHITECTURE USING VIRTUAL MACHINES - A distributed firewall of a gateway device includes at least one IO module for performing IO functionality of the distributed firewall, at least one security processing module for performing security functionality of the distributed firewall and a firewall controller for managing the IO module and the security processing module. Each of the at least one IO and security processing modules is executed within a virtual machine. In response to a packet received from an ingress interface, the at least one IO module is to identify a security processing module corresponding to a connections session associated with the packet, to transmit the packet to the identified security processing module to perform a security process on the packet, and in response to a signal received from the identified security processing module indicating that the security process has been completed, to transmit the packet to the egress interface. | 08-16-2012 |
20130091264 | DYNAMIC SESSION MIGRATION BETWEEN NETWORK SECURITY GATEWAYS - A method and apparatus is disclosed herein for migrating session information between security gateways are disclosed. In one embodiment, receiving, at a first security gateway, session information associated with a session corresponding to a network connection, the session information having been transferred from a second security gateway, the first and second security gateway being separate physical devices; and thereafter performing security processing for the session at the first security gateway. | 04-11-2013 |
20130111542 | SECURITY POLICY TOKENIZATION | 05-02-2013 |
20130117801 | VIRTUAL SECURITY BOUNDARY FOR PHYSICAL OR VIRTUAL NETWORK DEVICES - A method and apparatus is disclosed herein for using a virtual security boundary. In one embodiment, the method comprises receiving information from a virtual machine after the virtual machine has been moved from a first physical location in a network to a second physical location in the network, where the information identifies the virtual machine as one previously assigned to a security boundary; determining that access to the virtual machine at the first physical location was permitted by the security gateway; assigning the virtual machine at the second physical location to the security boundary, and applying a security policy associated with the security boundary to communications between the network and the virtual machine at the second physical location. | 05-09-2013 |
20130117836 | AUTO DISCOVERY OF VIRTUAL MACHINES - A method and apparatus is disclosed herein for performing auto discovery of virtual machines. In one embodiment, the method comprises monitoring, using an interface of the device, one or more packets being sent from one or more virtual machines, the one or more packets being sent determining, using a processor of the device, if one of the monitored packets comprises a discovery packet from one virtual machine of the one or more virtual machines, wherein the discovery packet includes an address of a destination location; sending, using the interface of the device, a reply packet to the one virtual machine using an address in the discovery packet identified in the monitored packets, the reply packet including an Internet Protocol (IP) address of the device. | 05-09-2013 |
20130250956 | NON-FRAGMENTED IP PACKET TUNNELING IN A NETWORK - A method and apparatus is disclosed herein for IP packet tunneling in a network. In one embodiment, the method comprises receiving, at a first network device, a first IP packet of a IP connection; creating a second IP packet by replacing information in a field in the first IP packet with a session ID identifying the IP connection; and forwarding, by the first network device, the second IP packet to the second network device in the distributed network environment. | 09-26-2013 |
20130263245 | DISTRIBUTED TCP SYN FLOOD PROTECTION - A method and apparatus is disclosed herein for TCP SYN flood protection. In one embodiment, a TCP SYN flood protection arrangement comprises a first device operable to process packet input and output functions, including performing sender verification with respect to a connection initiation from a sender for a first TCP connection between the sender and a destination server and a second device, separate from the first device, to perform one or more security processing operations on packets of the first TCP connection from the sender after the first device verifies the sender is legitimate. | 10-03-2013 |
20130275592 | ADAPTIVE SESSION FORWARDING FOLLOWING VIRTUAL MACHINE MIGRATION DETECTION - A network system includes a first network access device having an input/output (IO) module of a firewall to capture a packet of a network session originated from a first node associated with the first network access device, a first security device having a firewall processing module to determine based on the captured packet whether the first node is a destination node that is receiving VM migration from a second node that is associated with a second network access device. The first security device is to update a first flow table within the first network access device. The network system further includes a second security device to receive a message from the first security device concerning the VM migration to update a second flow table of the second network access device, such that further network traffic of the network session is routed to the first node without interrupting the network session. | 10-17-2013 |
20130276092 | SYSTEM AND METHOD FOR DYNAMIC SECURITY INSERTION IN NETWORK VIRTUALIZATION - A method and apparatus for dynamic security insertion into virtualized networks is described. The method may include receiving, at a network device from a second network device, a data packet and application data extracted from the data packet. The method may also include generating a routing decision for a network connection associated with the data packet based, at least in part, on the application data. Furthermore, the method may include transmitting the routing decision for the data packet to the second device for the second device to route the data based on the routing decision. | 10-17-2013 |
20130291088 | COOPERATIVE NETWORK SECURITY INSPECTION - A network system includes a security device and a network access device. The network access device is to receive a packet from a source node destined to a destination node, and to examine a data structure maintained by the network access device to determine whether the data structure stores a data member having a predetermined value, the data member indicating whether the packet should undergo security processing. If the data member matches the predetermined value, the packet is transmitted to a security device associated with the network access device to allow the security device to perform content inspection, and in response to a response received from the security device, the packet is routed to the destination node dependent upon the response. The packet is routed to the destination node without forwarding the packet to the security device. | 10-31-2013 |
20150229656 | SYSTEMS AND METHODS FOR DISTRIBUTED THREAT DETECTION IN A COMPUTER NETWORK - A method and apparatus for distributed threat detection in a computer network is described. The method may include receiving, by a threat detection system of a first computer network, a request for a service from a threat sensor of a second computer network, the service requested of the threat sensor within the second computer network from a network element of the second computer network. The method may also include emulating the service identified in the request to generate a response to the request, and sending the response to the threat sensor for forwarding to the network element within the second computer network. Furthermore, the method may include analyzing one or more communications between the threat detection system and the network element during emulation of the service requested by the network element to determine whether the network element is a threat to the second network. | 08-13-2015 |
20160028851 | Distributed Service Processing of Network Gateways Using Virtual Machines - A network gateway device includes an ingress interface, an egress interface, and a load balancing module coupled to the ingress and egress interfaces. The load balancing module configured to receive a packet from the ingress interface, determine a set of a plurality of processes corresponding to a connections session associated with the packet based on a policy. For each of the identified processes, the load balancing module is to identify a service processing module executed by a virtual machine that is capable of handling the identified process, and to send the packet to the identified service processing module to perform the identified process on the packet. The packet is then transmitted to the egress interface of the gateway device to be forwarded to a destination. | 01-28-2016 |
Patent application number | Description | Published |
20090006996 | Updating Content Within A Container Document For User Groups - A system and method for authenticating a user based on the user's association with a user group, enabling the user to configure a container document associated with the user group, receiving input from the user regarding configuring the container document associated with the user group, and providing an actual representation of the container document to the user based on the received input. | 01-01-2009 |
20090037935 | Updating The Configuration of Container Documents - A system and method for registering components of a user interface, registering events regarding configuration of a container document, associating registered components with registered events, receiving information associated with registered event that has occurred for one of the registered components, and providing the information associated with registered event to all other associated components. | 02-05-2009 |
20120222128 | DISTRIBUTION OF CONTENT DOCUMENT WITH SECURITY, CUSTOMIZATION AND SCALABILITY - A computer-implemented system and method to distribute a content document with security, customization, and scalability is provided. One or more servers provides a customizable content document associated with a first entity, enables a second entity to specify content to be included for users associated with the entity in the customizable content document, and delivers the customized content document incorporating the specified content in a secure manner to users associated with the second entity. | 08-30-2012 |
20130018997 | Distribution of Content Document to Varying Users with Security, Customization and Scalability - A system and method for receiving a request for a container document, determining whether the request is for a container document associated with a user group, determining whether a requestor of the request is associated with a level of status within the user group among a plurality of levels of status within the user group, determining the level of status of the requestor based on a determination that the requestor is associated with a level of status within the user group, requesting configuration information based on a determination that the container document is associated with a user group and the level of status, receiving the configuration information, and serving the container document using the configuration information. | 01-17-2013 |
Patent application number | Description | Published |
20140071766 | REFERENCE CELL CIRCUIT AND METHOD OF PRODUCING A REFERENCE CURRENT - The present invention discloses a reference cell circuit which is applied to a non-volatile memory. The reference cell circuit includes a reference cell array, a first current mirror circuit, and a second current mirror circuit. The reference cell array includes at least one row of floating gate transistors. The first current mirror circuit is arranged to generate a mirror current according to a reference current generated by the reference cell array. The second current mirror circuit is arranged to receive the mirror current and generate an adjusted reference current according to the mirror current and a selected one of a plurality of enable signals, wherein the plurality of enable signals correspond to a plurality operations of the non-volatile memory and the adjusted reference current is arranged to determine logical state of a plurality of memory cells of the non-volatile memory. | 03-13-2014 |
20140245384 | Nonvolatile Memory Device Having Authentication, and Methods of Operation and Manufacture Thereof - A memory device package encloses two separate die, one being a standard nonvolatile memory integrated circuit (“IC”) die, and the other being any suitable authentication IC die. Either die may be stacked upon the other, or the die may be placed side-by-side. The external contacts may correspond to the power and signal requirements of the standard nonvolatile memory IC die so that the pin-out of the memory device package may present a standard pinout. The power and signal requirements of the authentication IC die may be satisfied with some or all of the pins for the nonvolatile memory integrated circuit die, or with other unused pins of the device package. One or more additional external contacts may be added exclusively for the authentication integrated circuit die. One or more signals may be dedicated as between the standard nonvolatile memory IC die and the authentication IC die. | 08-28-2014 |
20150269993 | RESISTIVE MEMORY APPARATUS AND MEMORY CELL THEREOF - A resistive memory apparatus and a memory cell thereof are provided. The resistive memory cell includes a first transistor, a second transistor, a first resistor and a second resistor. First and second terminals of the first transistor are respectively coupled to a first bit line and a reference voltage. First and second terminals of the second transistor are respectively coupled to a second bit line and the reference voltage. The first resistor is serially coupled on a coupling path between the first terminal of the first transistor and the first bit line, or on a coupling path between the second terminal of the first transistor and the reference voltage. The second resistor is serially coupled on a coupling path between the first terminal of the second transistor coupled and the second bit line, or on a coupling path between the second terminal of the second transistor and the reference voltage. | 09-24-2015 |
20150310203 | Nonvolatile Memory Device Having Authentication, and Methods of Operation and Manufacture Thereof - A memory device package encloses two separate die, one being a standard nonvolatile memory integrated circuit (“IC”) die, and the other being any suitable authentication IC die. Either die may be stacked upon the other, or the die may be placed side-by-side. The external contacts may correspond to the power and signal requirements of the standard nonvolatile memory IC die so that the pin-out of the memory device package may present a standard pinout. The power and signal requirements of the authentication IC die may be satisfied with some or all of the pins for the nonvolatile memory integrated circuit die, or with other unused pins of the device package. One or more additional external contacts may be added exclusively for the authentication integrated circuit die. One or more signals may be dedicated as between the standard nonvolatile memory IC die and the authentication IC die. | 10-29-2015 |
20160035413 | NON-VOLATILE STATIC RANDOM ACCESS MEMORY CIRCUITS - A non-volatile static random access memory (nvSRAM) circuit is provided. The nvSRAM circuit includes first and second switches and a latch circuit. The first switch has a first terminal coupled to a first bit line. The second switch has a first terminal coupled to a second bit line. The latch circuit is coupled to second terminals of the first and second switches. The latch circuit has a first non-volatile memory element. When the nvSRAM circuit is at a writing mode, first input data on the first bit line is written into in the latch circuit, and the first non-volatile memory element has a first state corresponding to the first data. When the nvSRAM circuit is at a reading mode, first readout data is generated according to the first state of the first non-volatile memory element is generated and provided to the first bit line. | 02-04-2016 |
20160078937 | RESISTIVE MEMORY DEVICE AND CONTROL METHOD THEREOF - A resistive memory device is provided. A first cell is coupled to a word line, a first bit line and a source line. A second cell is coupled to the word line, a second bit line and the source line. A control circuit controls the levels of the word line, the first bit line and the source line to execute a set operation for the first cell and execute a reset operation for the second cell. After the set and the reset operations, the resistance of the first cell is less than the resistance of the second cell. During the execution of the set operation, the control circuit asserts the level of the source line at a pre-determined level. During the execution of the reset operation, the control circuit asserts the level of the source line at the pre-determined level. | 03-17-2016 |