Patent application number | Description | Published |
20090052320 | Estimator for end-to-end throughput of wireless networks - The present invention presents an architecture to dynamically measure and estimate the throughput perceived by a user during a connection in real-time in a wireless network system. The architecture system design of the present invention allows for information gathering independent of the mathematical models used and takes into account security settings in the network hosts. The present invention also sets forth a number of throughput estimators (TEs) that can be used within the architecture to gather the information needed to carry out the throughput estimation calculations. The throughput estimations can then be used for download rate control, QoS, load balancing, etc. The present invention also provides algorithms to calculate the real-time throughput experienced by a user flow. | 02-26-2009 |
20100199344 | REDUNDANCY DETECTION AND RESOLUTION AND PARTIAL ORDER DEPENDENCY QUANTIFICATION IN ACCESS CONTROL LISTS - Aspects of the invention pertain to analyzing and modifying access control lists that are used in computer networks. Access control lists may have many individual entries that indicate whether information can be passed between certain devices in a computer network. The access control lists may include redundant or conflicting entries. An aspect of the invention converts an order-dependent control list into an order-free equivalent. Redundant entries are identified and removed without adversely affecting the access control list. Redundancy may be identified by evaluating the volume contraction ratio, which is the ratio of the volume of spin-off entries to specific original entry in the access control list. This ratio reflects the extent of order-dependent impact on that entry in a given access control list. | 08-05-2010 |
20100199346 | SYSTEM AND METHOD FOR DETERMINING SYMANTIC EQUIVALENCE BETWEEN ACCESS CONTROL LISTS - Aspects of the invention pertain to analyzing and modifying access control lists that are used in computer networks. Access control lists may have many individual rules that indicate whether information can be passed between certain devices in a computer network. The access control lists may include redundant or conflicting rules. An aspect of the invention determines whether two or more access control lists are equivalent or not. Order-dependent access control lists are converted into order-independent access control lists, which enable checking of semantic equivalence of different access control lists. Upon conversion to an order-independent access control list, lower-precedence rules in the order-free list are checked for overlap with a current higher precedence entry. If overlap exists, existing order-free rules are modified so that spinoff rules have no overlap with the current entry. This is done while maintaining semantic equivalence. | 08-05-2010 |
20110283348 | SYSTEM AND METHOD FOR DETERMINING FIREWALL EQUIVALENCE, UNION, INTERSECTION AND DIFFERENCE - Aspects of the invention pertain to integrated compliance analysis of multiple firewalls and access control lists for network segregation and partitioning. Access control lists may have many individual rules that indicate whether information can be passed between certain devices in a computer network. The access control lists in different firewalls in different network segments within a given network may overlap or have inconsistent rules. Aspects of the invention generate differences between firewalls, analyze equivalency of firewalls, generate the intersection (if any) between a pair of firewalls, and generate the union (if any) between firewalls. Such information provides an integrated analysis of multiple interrelated firewalls, including inbound and outbound access control lists for such firewalls, and may be used to manage firewall operation within the network to ensure consistent operation and maintain network security. It also addresses a wide range of security questions that arise when dealing with multiple firewalls. | 11-17-2011 |
20120197618 | ARCHITECTURE AND METHOD FOR REALISTIC VEHICULAR NETWORKING AND APPLICATIONS VISUALIZATION - A system and method for vehicular networking and applications visualization comprises selecting a simulation area, converting the selected simulation area to graph representation, eliminating streets outside the simulation area, generating, using the graph representation, vehicles and random vehicle traffic in the simulation area, calculating vehicle movement in coordinates, transforming the calculated coordinates into a format compatible with a general purpose communication networking simulation tool, simulating, using the transformed calculated coordinates and the general purpose communication networking simulation tool, an application, and performing visualization of the simulation. The application can be local traffic information, the vehicle movement and communication among the vehicles. The simulation can be at least 2000 seconds and communication can be disruption tolerant. The visualization of the simulation can comprise a global view of all vehicles and one or more local views, each local view of one vehicle. The simulation area can be selected from a geographic map. | 08-02-2012 |
20120231786 | SYSTEM AND METHOD FOR QUANTIFYING ANCHOR PLACEMENT IMPACT PLACEMENT ON LOCATION ACCURACY - A computer implemented method for determining geometric impact of anchor placement on localization accuracy and the subset of anchors which mitigates the impact of measurement-induced noise. | 09-13-2012 |
20120263102 | ARCHITECTURE FOR OPEN COMMUNICATION IN A HETEROGENEOUS NETWORK - Network architecture configured for open communication between a plurality of sub-networks. Each of the plurality of sub-networks has a different routable network addressing scheme. The architecture includes at least one broker node adapted to communicate using at least two different routable network addressing schemes. The broker node comprises an identification management module configured to collect peer-application addresses for nodes currently accessing a specific application, the peer-application addresses being associated with a specific application, an address resolution module configured to map each of the peer-application addresses to a sub-network specific routable network address and a network coordination module configured to monitor and coordinate sub-network communication capabilities between the broker node and at least one other broker node and elect a primary broker node for each sub-network which the broker node and at least one other broker node is capable of communication. | 10-18-2012 |
20140040172 | Privacy-Preserving Aggregated Data Mining - An apparatus, system and method are introduced for preserving privacy of data in a dataset in a database with a number n of entries. In one embodiment, the apparatus includes memory including computer program code configured to, with a processor, cause the apparatus to form a random matrix of dimension m by n, wherein m is less than n, operate on the dataset with the random matrix to produce a compressed dataset, form a pseudoinverse of the random matrix, and operate on the dataset with the pseudoinverse of the random matrix to produce a decompressed dataset. | 02-06-2014 |
20140133402 | Architecture for Open Communication in a Heterogeneous Network - Network architecture configured for open communication between a plurality of sub-networks. Each of the plurality of sub-networks has a different routable network addressing scheme. The architecture includes at least one broker node adapted to communicate using at least two different routable network addressing schemes. The broker node comprises an identification management module configured to collect peer-application addresses for nodes currently accessing a specific application, the peer-application addresses being associated with a specific application, an address resolution module configured to map each of the peer-application addresses to a sub-network specific routable network address and a network coordination module configured to monitor and coordinate sub-network communication capabilities between the broker node and at least one other broker node and elect a primary broker node for each sub-network which the broker node and at least one other broker node is capable of communication. | 05-15-2014 |
20150074227 | METHOD, APPARATUS AND SYSTEM FOR A LOCATION-BASED UNIFORM RESOURCE LOCATOR - An aspect of the present invention is a method for routing content information to a mobile user or client application. The method preferably comprises re-directing a user request to one or more gateway servers provided via an overlay network. In another aspect, the present invention is an apparatus that includes a proxy service that intercepts content information requests to the Internet and re-directs the content requests to an overlay. Another aspect of the present invention comprises a location-based Uniform Resource Locator that includes a protocol semantic portion and a location-based resolver address portion that identifies one or more resources on a network based on the geographical location of the resources. | 03-12-2015 |