Patent application number | Description | Published |
20140281483 | SYSTEM AND METHOD FOR ENABLING A SCALABLE PUBLIC-KEY INFRASTRUCTURE ON A SMART GRID NETWORK - A method for enabling a scalable public-key infrastructure (PKI) comprises invoking a process of receiving a message for a device, identifying an association ID for the device, retrieving encrypted association keys stored on the server for communicating with the device, the encrypted association keys encrypted using a wrapping key stored on a Hardware Security Module (HSM). The method further comprises sending the message and the encrypted association keys to the HSM, unwrapping, by the HSM, the encrypted association keys to create unwrapped association keys, cryptographically processing the message to generate a processed message, deleting the unwrapped association keys, sending the processed message to the device, and invoking, concurrently and by a second application, the process. | 09-18-2014 |
20150156180 | HANDHELD VIDEO VISITATION - A method for enabling a scalable public-key infrastructure (PKI) comprises invoking a process of receiving a message for a device, identifying an association ID for the device, retrieving encrypted association keys stored on the server for communicating with the device, the encrypted association keys encrypted using a wrapping key stored on a Hardware Security Module (HSM). The method further comprises sending the message and the encrypted association keys to the HSM, unwrapping, by the HSM, the encrypted association keys to create unwrapped association keys, cryptographically processing the message to generate a processed message, deleting the unwrapped association keys, sending the processed message to the device, and invoking, concurrently and by a second application, the process. | 06-04-2015 |
Patent application number | Description | Published |
20120116602 | PHYSICALLY SECURED AUTHORIZATION FOR UTILITY APPLICATIONS - To provide overall security to a utility management system, critical command and control messages that are issued to components of the system are explicitly approved by a secure authority. The explicit approval authenticates the requested action and authorizes the performance of the specific action indicated in a message. Key components of the utility management and control system that are associated with access control are placed in a physical bunker. With this approach, it only becomes necessary to bunker those subsystems that are responsible for approving network actions. Other management modules can remain outside the bunker, thereby avoiding the need to partition them into bunkered and non-bunkered components. Access to critical components of each of the non-bunkered subsystems is controlled through the bunkered approval system. | 05-10-2012 |
20140281528 | Secure End-to-End Permitting System for Device Operations - A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command. | 09-18-2014 |
20150058918 | SECURE END-TO-END PERMITTING SYSTEM FOR DEVICE OPERATIONS - A permitting system for controlling devices in a system includes a permit issuing agent that receives a command to be sent to a device. Based upon at least one attribute of the command, the permit issuing agent identifies one or more business logic modules that is pertinent to the command. Each business logic module has a respectively different set of business rules associated with it. Each identified business logic module determines whether the command complies with the business rules associated with that module. If the command is determined to comply with the business rules of all of the identified business logic modules, the agent issues a permit for the command, and the permit is sent to the device for execution of the command. | 02-26-2015 |
20150106894 | RETURN MATERIAL AUTHORIZATION FULFULLMENT SYSTEM FOR SMART GRID DEVICES WITH CUSTOMER SPECIFIC CRYPTOGRAPHIC CREDENTIALS - A method for removing credentials from a smart grid device includes: receiving, by a receiving device, a removal request, wherein the removal request includes a device identifier associated with a smart grid device and is signed by an entity associated with a set of security credentials stored in a memory of the smart grid device, the set of security credentials restricting access to one or more components or operations of the smart grid device; extracting, by a processing device, the device identifier included in the received removal request; generating, by the processing device, a permit configured to remove the set of credentials from the smart grid device, wherein the generated permit includes the extracted device identifier; and transmitting, by a transmitting device, the generated permit to the smart grid device for removal of the set of credentials from the memory of the smart grid device. | 04-16-2015 |
Patent application number | Description | Published |
20080253299 | Priority trace in data networks - A diagnostic tool for identifying priority errors within a data network is realized using a priority trace data packet. The priority trace data packet is originated at an originating node of interest and terminated at a terminating node of interest. At various intermediate network nodes along the data path between the originating and terminating nodes, the priority trace packet is inspected to determine the current priority value of the priority trace packet. The current priority value is stored in a priority trace field that can be analyzed by a network management node to identify one or more sources of priority errors. | 10-16-2008 |
20090094651 | Ethernet-Level Measurement of Multicast Group Delay Performance - A network management system and method are described herein that can measure on-demand the D/DV (Delay/Delay Variation) in a Broadcast Television (BTV) multicast stream for a group of listeners that are associated with an Internet Protocol Television (IPTV) network. | 04-09-2009 |
20090132696 | Facilitating DHCP diagnostics in telecommunication networks - A computer-implemented method for facilitating DHCP diagnostic functionality comprises a plurality of operation. An operation is performed for identifying misconfigurations to a DHCP option configuration of a DHCP agent between a DHCP server and a client of the DHCP server. An operation is performed for confirming proper address concentration configuration with respect to the DHCP agent. An operation is performed for snooping on address assignments from the DHCP server to the client of the DHCP server to determine unauthorized ones of the address assignments. | 05-21-2009 |
20090254952 | IPTV Network with D-Server Controller, VoD-Server Controller and Policy Server that Implement Diagnostic Tools - A D-server controller, a VoD-server controller and a policy server are described herein which implement diagnostic tools that proactively detect and prevent potential problems with different components and services in an Internet Protocol Television (IPTV) network. | 10-08-2009 |
20150081902 | CONNECTIVITY SERVICE ORCHESTRATOR - Network service orchestrator Network service orchestrator operationally connected to a network management system, the network service orchestrator comprising a connectivity services database comprising information representing multiple connectivity services configured on a network managed by the network management system, the network service orchestrator further comprising input means for receiving service orders, processing means configured to process an orchestrator algorithm to select a set of connectivity services out of said multiple connectivity services based on said service orders, and a signal generator for generating and transmitting a signal to activate/deactivate the selected set of connectivity services on the network. | 03-19-2015 |
Patent application number | Description | Published |
20100274970 | Robust Domain Name Resolution - A recursive DNS nameserver system and related domain name resolution techniques are disclosed. The DNS nameservers utilize a local cache having previously retrieved domain name resolution to avoid recursive resolution processes and the attendant DNS requests. If a matching record is found with a valid (not expired) TTL field, the nameserver returns the cached domain name information to the client. If the TTL for the record in the cache has expired and the nameserver is unable to resolve the domain name information using DNS requests to authoritative servers, the recursive DNS nameserver returns to the cache and accesses the resource record having an expired TTL. The nameserver generates a DNS response to the client device that includes the domain name information from the cached resource record. In various embodiments, subscriber information is utilized to resolve the requested domain name information in accordance with user-defined preferences. | 10-28-2010 |
20120116873 | Network Traffic Redirection And Conversion Tracking - Network traffic associated with a set of domain names is redirected according to campaigns provided by one or more potential purchasers of network traffic. The campaigns include a set of preferences for the network traffic a campaign targets. Individual requests for a domain in the set of domain names are analyzed to determine a set of request attributes. The set of request attributes are compared with the sets of preferences provided by the potential purchasers. The traffic is redirected according to the campaigns provided by purchasers. Network traffic for a set of domain names can be auctioned or otherwise sold in real-time based on campaigns provided by potential purchasers. Conversion tracking may provided independently or in combination with redirecting network traffic according to campaigns. | 05-10-2012 |
20120158969 | Selective Proxying In Domain Name Systems - Systems and methods for processing requests for domain name information in accordance with subscriber information are provided. A request for domain name information can be correlated with subscriber preferences to resolve the domain name information. Domain names may be flagged for blocking or proxying by one or more subscriber preferences. In response to a flagged domain name, a client device can be redirected to a web server that can function as proxy on behalf of the user for accessing the flagged domain. In one example, user preferences and/or network preferences can be used to determine whether a particular user can bypass a blocking preference and access the flagged domain using the proxy. | 06-21-2012 |
20130275570 | Cross-Protocol Communication In Domain Name Systems - Systems and methods for processing domain name system requests in accordance with subscriber information are provided. A request for domain name information can be correlated with subscriber information using a subscriber identifier to resolve the domain name information at a domain name system (DNS) nameserver. The subscriber identifier and/or subscriber information may be transmitted from a DNS nameserver to a webserver using the domain name information provided in response to the subscriber's DNS queries. The subscriber identifier and/or information may be used in delivering a landing page or in facilitating proxying of resource requests for the requested domain. | 10-17-2013 |
20140195692 | Robust Domain Name Resolution - A recursive DNS nameserver system and related domain name resolution techniques are disclosed. The DNS nameservers utilize a local cache having previously retrieved domain name resolution to avoid recursive resolution processes and the attendant DNS requests. If a matching record is found with a valid (not expired) TTL field, the nameserver returns the cached domain name information to the client. If the TTL for the record in the cache has expired and the nameserver is unable to resolve the domain name information using DNS requests to authoritative servers, the recursive DNS nameserver returns to the cache and accesses the resource record having an expired TTL. The nameserver generates a DNS response to the client device that includes the domain name information from the cached resource record. In various embodiments, subscriber information is utilized to resolve the requested domain name information in accordance with user-defined preferences. | 07-10-2014 |
20140215092 | Selective Proxying In Domain Name Systems - Systems and methods for processing requests for domain name information in accordance with subscriber information are provided. A request for domain name information can be correlated with subscriber preferences to resolve the domain name information. Domain names may be flagged for blocking or proxying by one or more subscriber preferences. In response to a flagged domain name, a client device can be redirected to a web server that can function as proxy on behalf of the user for accessing the flagged domain. In one example, user preferences and/or network preferences can be used to determine whether a particular user can bypass a blocking preference and access the flagged domain using the proxy. | 07-31-2014 |
20150127802 | Cross-Protocol Communication In Domain Name Systems - Systems and methods for processing domain name system requests in accordance with subscriber information are provided. A request for domain name information can be correlated with subscriber information using a subscriber identifier to resolve the domain name information at a domain name system (DNS) nameserver. The subscriber identifier and/or subscriber information may be transmitted from a DNS nameserver to a webserver using the domain name information provided in response to the subscriber's DNS queries. The subscriber identifier and/or information may be used in delivering a landing page or in facilitating proxying of resource requests for the requested domain. | 05-07-2015 |
20160036763 | Selective Proxying In Domain Name Systems - Systems and methods for processing requests for domain name information in accordance with subscriber information are provided. A request for domain name information can be correlated with subscriber preferences to resolve the domain name information. Domain names may be flagged for blocking or proxying by one or more subscriber preferences. In response to a flagged domain name, a client device can be redirected to a web server that can function as proxy on behalf of the user for accessing the flagged domain. In one example, user preferences and/or network preferences can be used to determine whether a particular user can bypass a blocking preference and access the flagged domain using the proxy. | 02-04-2016 |