­
­
­
­

Inventi Impact - Computer Networks & Communications

Patent Watch

  • SYSTEM AND METHOD FOR DETERMINING FIREWALL EQUIVALENCE, UNION, INTERSECTION AND DIFFERENCE

    Aspects of the invention pertain to integrated compliance analysis of multiple firewalls and access control lists for network segregation and partitioning. Access control lists may have many individual rules that indicate whether information can be passed between certain devices in a computer network. The access control lists in different firewalls in different network segments within a given network may overlap or have inconsistent rules. Aspects of the invention generate differences between firewalls, analyze equivalency of firewalls, generate the intersection (if any) between a pair of firewalls, and generate the union (if any) between firewalls. Such information provides an integrated analysis of multiple interrelated firewalls, including inbound and outbound access control lists for such firewalls, and may be used to manage firewall operation within the network to ensure consistent operation and maintain network security. It also addresses a wide range of security questions that arise when dealing with multiple firewalls.

  • SENSOR-BASED AUTHENTICATION TO A COMPUTER NETWORK-BASED SERVICE

    Sensor-based authentication technique embodiments are presented which generally employ sensor readings captured by a user's computing device (such as a mobile computing device like a cell phone, smart phone, PDA, and so on) to authenticate the user's access to a computer network-based service (such as a web-service) that is secured with traditional textual passwords. These traditional passwords are saved in an off-device password repository service. The aforementioned sensor readings are not cached on the user's computing device and are immediately streamed to the password repository service, where they are validated against a pre-arranged, known sensor-based password. If the validation succeeds, access to the password protected service is brokered by the password repository service on behalf of the user using the appropriate traditional password, and the user's computing device is granted access.

  • PERSONAL CRITERIA VERIFICATION USING FRACTIONAL INFORMATION

    A method for verifying the identity of users connected to a computer network comprises providing fractional information queries to users, wherein responses to these individual queries are not sufficient to identify the user. This method further comprises receiving responses to these fractional information queries and comparing these responses to data available from within a computer network. A set of potential matches to the user is generated according to these responses and is used in determining whether the set of potential matches is sufficient to identify the user.

  • SYSTEM, METHOD AND COMPUTER PROGRAM FOR CREATING AND MANIPULATING DATA STRUCTURES USING AN INTERACTIVE GRAPHICAL INTERFACE

    A computer network-implemented method for displaying a tag cloud representing a data structure. The data structure includes data entities and representations of relationships between the data entities. The method enables one or more users to interact with the data structure, and via the data structure, to interact with one another. In an example embodiment, the method comprises, via a computer processor, populating a display of a user interface showing a tag cloud populated with images of data entities from the data structure, such images, and in response to user input to the interface, associating one or more visual properties of the user interface with one or more of said relationships between data entities in the data structure.

  • Mobile Computer Workstation

    A mobile computer workstation for use with a computer network is disclosed. The workstation can include a wheeled chassis having a vertical beam that supports a horizontal work surface. An input device tray is located at a front side of the work surface and a bracket located at a rear side of the work surface mounts a display screen to the workstation above and off the work surface. A power unit including a battery charger and a battery is mounted to the chassis and supplies power to the display screen.

  • Track Worker Safety Information System and Method

    In a method of operating a system for announcing the presence of one or more individuals on or near a pathway to an operator of a vehicle traveling on the pathway, each of a number of data readers positioned along the pathway receives data input by the one or more individuals. In response to each data reader receiving the data input, a unique subset of a number of lamps, also positioned along the pathway, is caused to illuminate. The system includes a computer network that controls the operation of the lamps in response to the input of data.

  • Online Multiplayer Virtual Game and Virtual Social Environment Interaction Using Integrated Mobile Services Technologies

    A system, method, and software allowing user interaction with virtual games/virtual social environments by using a mobile device and SMS/MMS messaging over a cellular telephone network. A communication device server sends to and accepts from a mobile aggregator, asynchronous SMS/MMS/text/email messages related to a virtual game running on a game server. The virtual game server integrates with a virtual social network utility such as Facebook.RTM., and is accessible to the user through a dedicated web server. Multiple users may register with the social network utility to access the virtual game over the computer network (using the social network utility web server or a dedicated web server) or over the cellular telephone network (using the aggregator/communication device server). This system and method allows the user to interact with the virtual game/virtual social network while the user is offline.

  • Obtaining Information from Different Devices in a Computer Network

    Illustrative embodiments of the invention provide for obtaining information from different devices in a computer network. Data representing the information from each of the different devices is received, the data is in a specific form relating to each of the different devices. The data from each of the different devices is assigned to one or more entities as defined by an information model. The data from each of the different devices is grouped using an adaptation layer before assigning the data from that device to one or more entities.

  • Method for Facilitating Payment of a Computerized Transaction

    A method for facilitating the transfer of a payment for a computerized transaction between a buyer and a seller for the purchase of an item using a computer network, such as the Internet. The method includes the steps of communicating, from a seller's computing station to an agent computing system, data regarding the transaction between the buyer and the seller, wherein the data identifies the buyer, the seller, and the amount of the transaction. The agent computing system communicates transaction information displayable to the buyer, such as a confirmation number created by the agent computing system for identifying the transaction, an order number corresponding to a merchant order number provided by the merchant for identifying the transaction, an exchange rate between a first local currency usable to the buyer and a second currency usable by the seller, and a total price of the transaction expressed in the first local currency usable by the buyer. Receiving an actual payment from the buyer at a plurality of agent locations is provided for, the agent locations being in communication with the agent computing system. Upon receiving the actual payment from the buyer at one of the agent locations, a message is communicated to the seller that the actual payment for the transaction was received at the agent location, thereby permitting the seller to begin shipment of the item to the buyer. Funds are transferred to the seller preferably paid in the second currency usable by the seller.

  • HETEROGENEOUS SERVICE PROVIDER MODEL THROUGH PAY-FOR-PERFORMANCE BASED TRANSIT SETTLEMENTS

    A method and system of a heterogeneous service provider model through pay-for-performance based transit settlements are disclosed. In one embodiment, a system includes a plurality of Point of Presence (POP) locations between a head office and a branch office in a heterogeneous computer network configured to communicate data through a pay-per-performance peering relationship between different entities of the heterogeneous computer network. In this embodiment, the system implements a debit-credit mechanism configured to handle payments as well as penalties associated with violation of a pair-wise mutual agreement between independent for-profit entities providing network services in a segment of the heterogeneous computer network.

  • VALUE NETWORK

    Systems and methods including a computer network are provided. The computer network includes a plurality of affiliate computing systems, each affiliate computing system including a processing unit and storage, the processing unit executing one or more programs for supporting care of a patient. The computer network includes a centralized care network including a central health care computing system, the central health care computing system being coupled to each affiliate computing system by way of a network and including a processing unit and storage, the processing unit executing one or more programs for managing patient records stored in the storage.

  • EDGE LINK DISCOVERY

    A method for discovering a link between an entry-exit device of a computer network and a customer edge device is disclosed. The customer edge device includes an address and the entry/exit point device includes a routing table. Interfaces with the routing table and addresses of the computer network related to the entry/exit point device are obtained. Either a routing protocol or the routing table is used to obtain routing information. The routing information is compared to a selected address to find a match. The routing information the matches the selected address represents the address of the customer edge device.

  • Using Secondary Channel to Activate Primary Channel for Data, Video, and Voice Communication

    A method is provided so mobile devices can communicate through their wireless data services to a public computer network, which are normally deactivated when not in use. A first device calls a second device over a wireless voice service. The first device activates its wireless data service and sends a request to communicate with the second device to a server on the public computer network. Without answering the voice call, the second device determines an ID of the first device. The second device then activates its wireless data service and sends a query to the server to determine if the first device desires to communicate over the public computer network. The server responds to the request and the query by setting up a network connection between the first and the second device over the public computer network so they can exchange data packets.

  • NETWORK-ATTACHED DISPLAY DEVICE AS AN ATTENDEE IN AN ONLINE COLLABORATIVE COMPUTING SESSION

    In one embodiment, a network-attached display device (e.g., projector) may join an online collaborative computing session as an attendee. The display device may then receive data for the online collaborative computing session as an attendee over the computer network. As such, the display device may render images associated with being an attendee of the online collaborative computing session from the received data, and then visually display the images associated with the online collaborative computing session.

  • Method For Establishing Secure Communication Link Between Computers Of Virtual Private Network

    A technique is disclosed for establishing a secure communication link between a first computer and a second computer over a computer network. Initially, a secure communication mode of communication is enabled at a first computer without a user entering any cryptographic information for establishing the secure communication mode of communication. Then, a secure communication link is established between the first computer and a second computer over a computer network based on the enabled secure communication mode of communication. The secure communication link is a virtual private network communication link over the computer network in which one or more data values that vary according to a pseudo-random sequence are inserted into each data packet.

  • Reducing Propagation Of Message Floods In Computer Networks

    A computer network (400) includes a first switch (435) and a neighboring switch (440), wherein the first switch (435) floods the computer network (400) as a result of a forwarding table miss and the neighboring switch (440) acts as a barrier to prevent the flood from propagating into unrelated areas of the computer network (400). A method of reducing flooding within a computer network (400) includes intentionally flooding the computer network when a new forwarding table entry is made by a first network switch (435), such that information contained within the new forwarding table entry is recorded by a neighboring network switch (440) which subsequently blocks messages which are received on a proper destination port.

  • METHOD FOR PROVIDING ELECTRONIC COUPON SERVICE USING COMMUNICATION NETWORK, AND COMPUTER-READABLE RECORDING MEDIUM FOR STORING PROGRAM FOR EXECUTING THE METHOD

    The present invention provides a method for providing an electronic coupon service using a communication network, including: requesting a purchase for the electronic coupon product registered in an electronic coupon service-providing server via a purchaser terminal; enabling the electronic coupon service-providing server to generate first contract information containing a purchaser and a first contract number, using the electronic coupon service provider as a seller; and enabling the electronic coupon service-providing server to generate second contract information containing a second contract number, using the place at which the electronic coupon is used as a seller, and using the electronic coupon service provider as a purchaser, wherein said second contract information contains said first contract number.

  • LOW-LEVEL REMOTE SHARING OF LOCAL DEVICES IN A REMOTE ACCESS SESSION ACROSS A COMPUTER NETWORK

    In one embodiment, a device is connected to a first computer via a first local communication port of the first computer. If the device is configured to autoconnect with a second computer upon connection of the device to the first computer, a remote access session is established between the first computer and the second computer. Low-level local communication from the device is intercepted at the first local communication port of the first computer. The low-level local communication is transmitted from the first computer to the second computer via the remote access session. The low-level local communication is injected to a second local communication port of the second computer to thereby provide an autoconnection of the device to the second computer.

  • RFID NETWORK TO SUPPORT PROCESSING OF RFID DATA CAPTURED WITHIN A NETWORK DOMAIN

    RFID data can be received by a RFID data mediation service operating upon a RFID network data server. The received RFID data can be categorized based upon contents of at least one of a data store containing previously categorized RFID data and at least one categorization parameter associated with a data processing software application registered with the RFID data mediation service. The categorized RFID data can be stored in said data store. At least one record of categorized RFID data can be provided to a corresponding registered data processing software application. In one embodiment, the RFID network data server can provide software services to different entities for a fee, where each of the software services permits a software system of the different entities to react events triggered by the received RFID data in accordance with entity specific configurations established for the RFID network data service.

  • Using virtual networking devices to connect managed computer networks

    Techniques are described for providing managed virtual computer networks whose configured logical network topology may have one or more virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of a virtual computer network by emulating functionality that would be provided by the networking devices if they were physically present. The networking functionality provided for a managed computer network may include supporting a connection between that managed computer network and other managed computer networks, such as via a provided virtual peering router to which each of the managed computer networks may connect, with the functionality of the virtual peering router being emulated by modules of the configurable network service without physically providing the virtual peering router, including to manage data communications between computing nodes of the inter-connected managed computer networks in accordance with client-specified configuration information.

  • High-speed network of independently linked nodes

    A method of operating a network is beneficially conducted on a municipality or neighborhood level. The method in disclosed embodiments comprises installing a digital communications network within a limited selected geographical region. The network is formed from a high speed backbone and a plurality of nodes branching outward from the high speed backbone. A plurality of communicating stations are connected to the network and users at each communicating station subscribe to communicate over the network. Due to the unique scope of the network, the users are related primarily by virtue of their residence in a common geographical region. The network may be installed within a public utility right of way and may be used to monitor utility usage and to bill utility users. The network is thus independent of public telephone infrastructure. The network is preferably partitioned and communications are direct from station to station without broadcasting. Outside access, such as to the Internet is provided through gateways within the backbone.

  • System and method for implementing and/or operating network interface devices to achieve network-based communications

    A computer system, and related components including network interface devices, as well as methods for implementing and/or operating network interface devices to achieve network-based communications, are disclosed. In at least one embodiment, the computer system includes a network interface device, and a bus driver in communication with the network interface device. The bus driver has access to a plurality of driver programs, and the bus driver is capable of causing an installation of one such driver program on the network interface device. Also, in at least some embodiments, the bus driver facilitates communications between multiple network interface devices and an operating system of the computer system, and/or between the network interface devices and user mode applications implementing graphical user interfaces. Further, in at least some embodiments, the bus driver governs operation of the network interface devices, for example, in relation to power management and/or interrupt handling.

  • Method and system for defining media objects for computer network monitoring

    Method and system for defining media objects, such as images and graphics, to represent computer networked resources and assets, along with their associated events, while monitoring the same in a real-time environment is disclosed.

  • Method, system and program for enabling resonance in communications

    A method, computer program product, and system for collecting and processing feedback information in organizational communications. The system includes an information processing apparatus, a communications mechanism, a database, and a mechanism for collecting data. The communications mechanism operates with the information processing apparatus for providing communications to a user of the information processing apparatus. The database operates in conjunction with the information processing apparatus and the communications mechanism. The database stores data. The mechanism for collecting the data operates in response to the communications related to the user by the communications mechanism.

  • INTEGRATION OF VERIFICATION TOKENS WITH MOBILE COMMUNICATION DEVICES

    Apparatuses, methods, and systems pertaining to the verification of portable consumer devices are disclosed. In one implementation, a verification token is communicatively coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using thecomputer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a device verification value to the verification token, and optionally to a payment processing network. The verification token may enter the device verification value into a CVV field of a web page appearing on the computer's display, or may display the value to the user using the computer's display.

  • VERIFICATION OF PORTABLE CONSUMER DEVICE FOR 3-D SECURE SERVICES

    Apparatuses, methods, and systems pertaining to the verification of portable consumer devices for 3-D Secure Systems are disclosed. In one implementation, a verification token is coupled to a computer by a USB connection so as to use the computer's networking facilities. The verification token reads identification information from a user's portable consumer device (e.g., credit card) and sends the information to a validation entry over a communications network using thecomputer's networking facilities. The validation entity applies one or more validation tests to the information that it receives from the verification token. If a selected number of tests are passed, the validation entity sends a 3-D Secure datum to the verification token. The verification token may enter the 3-D Secure datum into a hidden field of a Purchase Authentication Page appearing on the computer's display.

  • LOCATION-AWARE SECURITY AND ACCESS SYSTEM

    An invention is afforded for providing security for a protected network resource. The system includes a network access apparatus in communication with a receiver that receives signals from a remote source. The network access apparatus is capable of collecting current microprint data for the receiver, which is a plurality of values based on data values received at the receiver over a predefined period of time, for example, forty-five seconds. The system also includes an authenticationcomputer in communication with the network access apparatus. The authentication computer has access to an LSDF for the receiver, which is a plurality of values based on data values received at the receiver over a predefined period of time, for example, a twenty-four hour period of time. In operation the network access apparatus provides current microprint data for the receiver to the authentication computer, and the authentication computer compares the current microprint data to the LSDF for the receiver to authenticate an access request.

  • CONTINUOUS AUTONOMOUS MONITORING OF SYSTEMS ALONG A PATH

    In an embodiment, a method comprises initiating a monitoring session for a communication path including creating and storing monitoring session state data; sending, to a first responder computer of the communication path, a first request to initiate a first state servlet that is configured to monitor continuously during the monitoring session one or more characteristics of one or more processes that the first responder computer may perform; sending, to the first responder computer, monitoring instructions to monitor the one or more characteristics of the one or more processes; while the monitoring session is active and the first respondercomputer is in the communication path, receiving and collecting monitored information from the first responder computer; in response to determining that the first responder computer is not in the communication path or that the monitoring session has become inactive, automatically and autonomously ending the monitoring session.

  • INCENTIVE-BASED METHOD AND SYSTEM FOR REDUCING VEHICLE FUEL CONSUMPTION

    The present invention provides a computer-controlled tire pressure control system and method for reducing fuel consumption of a vehicle over a time period, the system including an air pump system including an air pump unit adapted to fill at least two tires concomitantly of the vehicle, at least one double ended conduit in fluid connection with the air pump unit, a frame for supporting the at least one double ended lead conduit around the vehicle and a computer in communication with the air pump unit and the vehicle for providing a user of the vehicle with real-time tire data of the vehicle over the time period.

  • VARIABLE RESISTANCE SYSTEM

    A method and apparatus for providing variable resistance in connection with exercise equipment uses vertically oriented weight plates that rare in a side-by-side arrangement and are selected by selectors in a selector assembly. A set of actuators are controlled by a computer processor and force the selectors into positions that engage and disengage with a corresponding set of weights. The computer is connected to a user interface that accepts input from a user and instructs the computer to adjust the amount of weight using the actuators and the corresponding selectors. The computer is also in communication with sensors that indicate whether the weights have been lifted successfully and automatically select a lower weight when the weights are not lifted successfully.

  • NEGOTIABLE SENSITIVE USER DATA MANAGEMENT METHOD AND SYSTEM

    A sensitive user data management method and system. The method includes presenting, by a negotiable content sensitive user data service (NSUDS) computing system from a consumer accessing a consumer computer in communication with a service provider computing system, a request for verifying if a provider computing system is associated with an NSUDS registry. The NSUDS computing system verifies an association with the NSUDS registry and connects to the consumer computer. The NSUDS computing system presents default sensitive user terms associated with sensitive user data for the consumer. The sensitive user data is associated with an order request. The NSUDS computing system receives from the consumer in response to the default sensitive user terms, a command associated with the default sensitive user terms.

  • METHODS AND REMOTE MONITORING AND CONTROL OF APPLIANCES OVER A COMPUTER NETWORK

    Methods are provided to access devices over the Internet and to control and/or set states of devices over the Internet. One method includes providing, at a server connected to the Internet, code for enabling access to networked devices at a remote location using a networked computing device. The method receives, at the server, user login data via the networked computing device, to identify a user and to provide access to the networked devices. The method enables receiving a status request at the server, via the networked computing device, to view status of one or more of the networked devices. The status includes an update condition for at least one of the networked devices. The method also enables receiving a control request at the server, via the networked computing device, to operate one or more utility controls at the remote location. The utility controls include one or more of controls for a security system, accessing cameras at the remote location, setting temperature level for heating or cooling at least a region of the remote location, or setting lighting of a selected room at the remote location. The remote location includes a location computer that is in communication with the networked devices and is connected to the Internet. The location computer includes a processor and is configured for communication with the server. The method is operable for any computing device that has access to the Internet, including wireless hand-held networked devices.

  • Efficient Distributed Algorithm for the Location Design and Routing Problem

    The Location Design and Routing problem asks to find a subset of "depot" nodes and a spanning forest of a graph such that every connected component in the forest contains at least one depot. This problem arises in a number of both logistical and computer networking problems, for example, in selecting the number and location of distribution centers in vehicle routing networks. This problem is functionally equivalent to that of supernode selection in peer-to-peer networks. A distributed algorithm approximates a solution to this problem that runs in a logarithmic number of communication rounds with respect to the number of nodes (independent of the topology of the network), and, under assumptions on the embedding of the edge weights, whose solutions are within a factor of 2 of optimal.

  • INTEGRATED SYSTEM AND METHOD FOR ENABLING MOBILE COMMERCE TRANSACTIONS USING ACTIVE POSTERS AND CONTACTLESS IDENTITY MODULES

    A method, integrated system and Active Poster for processing mobile touch transactions. The integration consists of an RFID or other near field communication enabled device which may be standalone, affixed to, or part of a mobile or hand held portable wireless communication device (optionally using a Contact Less (CL) SIM with near field communication capability), a touch sensitive Active Poster also with near field communication capability, an issuer's or mobile network provider's system and application and a host computer with networking capability.

  • Audience Response System

    An audience response system comprising: at least one audience means for communicating with the system and displaying information to audience members; a presenter means for communicating with the system and displaying information to the presenter; a central server storing and analyzing data associated with the system and adapted to allow at least one audience means and the presenter means to communicate with the system using at least one common communication network and protocol; at least one communications network facilitating transmission of data among the server, audience means and presenter means; and a display means for showing an output of the system to the audience. The system may be adapted to use at least one selected from a cellular telephone, a wired computer network, and a wireless computer network, and the audience and presenter may use cellular telephones, personal computers, personal digital assistants, and digital web-enabled music devices to communicate with the system. Communication protocols may include hypertext transfer protocol ("HTTP"), multimedia message service ("MMS"), and short message service ("SMS"). Communication in the system may be facilitated on at least one device by a browser including, but not limited to Chrome, Firefox, Internet Explorer, Opera, and Safari.

  • SYSTEM AND METHOD FOR IMPLEMENTING AN ENHANCED TRANSPORT LAYER SECURITY PROTOCOL

    A system and method for implementing an enhanced transport layer security (ETLS) protocol is provided. The system includes a primary server, an ETLS servlet and an ETLS software module. The primary server operates on a computer network and is configured to communicate over the computer network using a non-proprietary security protocol. The ETLS servlet also operates on the computer network and is securely coupled to the primary server. The ETLS servlet is configured to communicate over the computer network using an ETLS security protocol. The ETLS software module operates on a mobile device, and is configured to communicate over the computer network using either the non-proprietary security protocol or the ETLS security protocol. Operationally, the ETLS software module initially contacts the server over the computer network using the non-proprietary security protocol, and subsequently contacts the server through the ETLS servlet using the ETLS security protocol.

  • Data Reporting Using Reporting Groups in a Computer Network

    In one embodiment, a node may determine a topology of a plurality of reporting nodes within a directed acyclic graph (DAG) in a computer network. The reporting nodes may then be assigned to one of a plurality of reporting groups, where reporting nodes are allowed to report only during designated time windows corresponding to their assigned reporting group. The reporting nodes may then be informed of at least their own assignment to a particular reporting group. In another embodiment, a particular reporting node may join the DAG, and may also receive an assignment to one of a plurality of reporting groups. Accordingly, the particular reporting node may also determine designated time windows corresponding to the assigned reporting group, where the particular reporting node is allowed to report only during the designated time windows.

  • RETRIEVING DATA FROM A SERVER

    A system includes a server and a controller embedded in a device. Both the server and the embedded controller are capable of communicating over a computer network. The embedded controller sends a command to the server over the computer network that identifies an instance of the device. In response, the server identifies the instance of the device based on the command, retrieves data that is specific to the instance of the device, and sends the data to the embedded controller over the computer network.

  • SOCIAL NETWORK INFORMATION SYSTEM AND METHOD

    Methods and system for obtaining information from a computer network are disclosed. The computer network includes user networks and a database of user information. The method includes receiving a user information request specifying a category, identifying a first set of users established as trusted information resource contacts (TIRC) of the user for the category, identifying a second set of users established as TIRCs of the first set of users, retrieving information associated with the second set from the electronic database, and providing the retrieved information to the user. The system includes a database and a server for performing the steps of the method. The steps of the method may be embodied in computer executable instructions stored on a non-transient machine readable medium that cause a server to perform the method when executed by the server.

  • Method and system for restructuring debt

    A method and system for restructuring debt are disclosed. The method restructures debt by transferring ownership of defined debt packages from debt holders to third-party debt buyers who function as financial bridges between the debtors and the debt holders. The method accelerates the debt resolution process by executing the debt-restructure agreement early in the debt resolution period, thereby eliminating the need for the debtor to accumulate debt settlement funds in an escrow fund prior to the initiation of settlement negotiations (as is the case in debt settlement), and erasing delinquent debt as soon as the debt-restructure agreement is executed. The method is designed and adapted to execution on a computer network system.

  • PROVIDING ACCESS TO INFORMATION RESOURCES USING A DIGITAL NETWORK PROTOCOL

    A method and apparatus for providing an automatically upgradeable software application includes targeted advertising based upon demographics and user interaction with the computer. The software application includes a display region used for banner advertising that is downloaded over a network such as the Internet. The software application is accessible from a server via the network and demographic information on the user is acquired by the server and used for determining what advertising will be sent to the user. The software application further targets the advertisements in response to normal user interaction with the computer. A distribution tool is provided for software distribution and upgrading over the network. Also provided is a user profile that is accessible to any computer on the network. Furthermore, multiple users of the same computer can possess Internet web resources and files that are personalized, maintained and organized.

  • ESTIMATING VALUE OF USER'S SOCIAL INFLUENCE ON OTHER USERS OF COMPUTER NETWORK SYSTEM

    The social influence that each person in a computer network system exercises over others in the system may be valued by aggregating the differences in value of each of the others to the network both with and without the person being present. This calculated influence may be used as a basis for charging advertisers for advertisements to the users, as well as for providing preferential treatment to users that exert the greatest influence.

  • NETWORK STIMULATION ENGINE

    Methods, devices, and systems are disclosed for simulating a large, realistic computer network. Virtual actors statistically emulate the behaviors of humans using networked devices or responses and automatic functions of networked equipment, and their stochastic actions are queued in buffer pools by a behavioral engine. An abstract machine engine creates the minimal interfaces needed for each actor, and the interfaces then communicate persistently over a network with each other and real and virtual network resources to form realistic network traffic. The network can respond to outside stimuli, such as a network mapping application, by responding with false views of the network in order to spoof hackers, and the actors can respond by altering a software defined network upon which they operate.

  • METHODS AND SYSTEMS FOR AUTHORIZING COMPUTING DEVICES FOR RECEIPT OF VENUE-BASED DATA BASED ON THE LOCATION OF A USER

    Methods and systems for authorizing access by a user of at least one service associated with an event at a venue based on a location of the user as determined by assets of a data communications network (e.g., Internet protocol based networks, computer network, telecommunications network, wireless network, Internet, etc). A location of at least one user can be determined based on communications of at least one computing device utilized by the at least one user with the data communications network supporting data communications of the at least one computing device. The at least one computing device can be authorized to receive the at least one service based on the location as determined by the data communications network and/or a server. The data communications network can further comprise at least one of a server, a gateway, a home location register and a visiting location register.

  • Dynamic Routing Metric Adjustment

    In one embodiment, one or more routing update parameters may be set for and propagated to nodes of a directed acyclic graph (DAG) in a computer network, the routing update parameters indicative of when to perform a corresponding routing update operation. A decision node (e.g., a root node of the DAG, application in a head-end, etc.) may gather network statistics of the DAG during operation based on the routing update parameters, and may accordingly determine at least one adjusted routing update parameter based on the gathered network statistics. This adjusted routing update parameter may then be propagated to the nodes of the DAG, such that the nodes operate according to the (adaptively) adjusted routing update parameter.

  • Increased Communication Opportunities with Low-Contact Nodes in a Computer Network

    In one embodiment, a particular node (e.g., root node) in a directed acyclic graph (DAG) in a computer network may identify a low-contact (e.g., wireless) node in the DAG that is at risk of having an invalid path when attempts are made to reach the low-contact node. In response, the particular node may identify neighbors of the low-contact node, and may establish a multicast tree from the particular node to the low-contact node through a plurality of the neighbors to reach the low-contact node. When sending traffic to the low-contact node, the particular node sends the traffic on the multicast tree, wherein each of the plurality of neighbors attempts to forward the traffic to the low-contact node. In another embodiment, the low-contact node itself indicates its status to the particular/root node, along with its list of neighbors in order to receive the multicast traffic.

  • METHODS AND APPARATUS FOR IDENTIFYING THE IMPACT OF CHANGES IN COMPUTER NETWORKS

    The impact of device configuration changes on operational issues and policy compliance in a computer network can be discerned from a visual data presentation that jointly shows representations of changes, issues, and policy compliance in a common view for a group of network devices. Configuration information is collected from devices in the computer network and processed to determine whether a change has occurred in a configuration of any of the devices, whether any operational issues exist for each of the devices, and whether any of the devices are not in compliance with any applicable operational policies. A display device displays the visual data presentation to allow an operator to see trends and relationships between device configuration changes and operational issues and incidents of policy non-compliance. The visual data presentation can be depicted as a graphical timeline view, a network topology view, or a table view of the information.

  • METHOD AND SYSTEM FOR PROVIDING WIRELESS VULNERABILITY MANAGEMENT FOR LOCAL AREA COMPUTER NETWORKS

    A Software-as-a-Service (SaaS) based method for providing wireless vulnerability management for local area computer networks. The method includes providing a security server being hosted by a service provider entity to provide analysis of data associated with wireless vulnerability management for a plurality of local area computer networks of a plurality of customer entities, respectively. The method includes creating a workspace for wireless vulnerability management for a customer entity on the security server and receiving configuration information associated with the workspace. The method also includes supplying one or more sniffers to the customer entity. The method includes receiving at the security server information associated with wireless activity monitored by the one or more sniffers at premises of the customer entity and processing the received information within the workspace for the customer entity using the security server. The method includes metering usage of the workspace for wireless vulnerability management for the customer entity.

  • Providing Virtual Desktops Using Resources Accessed on Public Computer Networks

    A computer system supports hosting of virtual desktops using resources available in the cloud. Connections to various resources used by a desktop configuration are made dynamically using authentication information associated with the user assigned to the desktop configuration. In addition to using file storage, directory services and user management information on private resources on a private network, these resources may also be accessed through a public network.

  • SYSTEM AND METHOD FOR AGGREGATE MONITORING OF USER-BASED GROUPS OF PRIVATE COMPUTER NETWORKS

    A system for aggregate monitoring of private computer networks includes a plurality of monitoring servers for monitoring a plurality of private networks. Each private network has at least one monitoring server configured for monitoring the private network by collecting statuses of devices associated with the private network. A central server is coupled to each of the monitoring servers via a wide area network (WAN) and stores information pertaining to a plurality of users. The information associates each of the users with a group of one or more of the private networks. The central server may receive a request from a remote device via the WAN, determine the group of private networks associated with the requesting user, automatically generate a set of statistics according to only the statuses collected for each private network in the group associated with the requesting user, and send the set of statistics to the remote device.

  • REMOTE MANAGEMENT AND CONTROL USING COMMON INTERNET PROTOCOLS

    A network management system and methods for remote or local management of computer networking devices. The network management system comprises at least one networking device associated with a LAN; a controller that utilizes application layer protocols to code data and encapsulate the data into at least one transport layer protocol that uses lower layer protocols to effect data transfer; and of a client. The client periodically contacts and interfaces with the controller by utilizing application layer protocols to code data and encapsulate the data into at least one transport layer protocol that uses lower layer protocols to effect data transfer, and communicates with the networking device to mediate data in the computer network.

  • Technique for Controlling Data Forwarding in Computer Networks

    Technique for controlling data forwarding in a computer network are provided. The network comprises a set of nodes for forwarding data, wherein a first node is associated with a primary tree and a backup tree, wherein the primary tree defines a default path for the first node to forward data to a second node and the backup tree defines another path for the data forwarding in case of a failure of the primary tree. The basic principle of the techniques is to notify the first node of a failure of the primary tree wherein the notification is provided by the second node. The techniques are particularly beneficial for computer networks offering multipoint services, such as SPB-controlled networks, because the techniques ensure the congruency of the forward and reverse paths even when the data forwarding has been switched from the primary tree to the backup tree.

  • ESTABLISHING SECURE REMOTE ACCESS TO PRIVATE COMPUTER NETWORKS

    Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service to create and configure computer networks that are provided by the configurable network service for use by the users. Secure private access between a computer network provided for a user by the configurable network service and one or more other remote computing systems of the user (e.g., a remote private network) may be enabled in various ways. For example, a user may programmatically invoke an API provided by the configurable network service to obtain assistance in establishing remote access from a remote location to a provided computer network of the configurable network service, such as to establish a VPN connection from the remote location to the provided computer network using hardware and/or software supplied to the remote location in response to the API invocation.

  • METHODS AND SYSTEMS FOR CACHING DATA COMMUNICATIONS OVER COMPUTER NETWORKS

    A computer-implemented method and system for caching multi-session data communications in a computer network.

  • CREATING A RELATIVELY UNIQUE ENVIRONMENT FOR COMPUTING PLATFORMS

    Systems and methods for significantly disrupting both the execution and distribution capabilities of computer viruses across computer networks and devices are provided. According to one embodiment, a computer program is installed within a computer system in a locally unique form having altered semantics based on a diversity mechanism. Execution of the computer program will fail to perform as intended on the computer system unless the locally unique form of the computer program is first transformed into an executable form of the computer program having correct semantics using the diversity mechanism. Use of the diversity mechanism differentiates an execution or loading environment associated with the computer system from that of other computer systems by affecting operational behavior of computer programs attempting to execute on the computer system. Responsive to an attempted execution of the computer program, it is transformed into the executable form by a protected pre-execution process.

  • FORMAT-AGNOSTIC STREAMING ARCHITECTURE USING AN HTTP NETWORK FOR STREAMING

    This patent document describes, among other things, distributed computer platforms for online delivery of multimedia, including HD video, at broadcast audience scale to a variety of runtime environments and client devices in both fixed line and mobile environments. The teachings hereof can be applied to deliver live and on-demand content streams via computer networks. The teachings also relate to the ingestion of content streams in a given source format and the serving of the stream in a given target format. For example, a system might have machines in a content delivery network that ingest live streams in a source format, use an intermediate format to transport the stream within the system, and output the stream in a target format to clients that have requested (e.g., with an HTTP request) the stream. The streams may be archived for later playback.

  • METHOD AND APPARATUS FOR PROCESSING A MULTICAST PACKET

    The embodiments of the present invention relate to the field of computer networks, and disclose a method and an apparatus for processing a multicast packet. The method includes receiving a multicast packet, acquiring a local router interface corresponding to the multicast packet according to a multicast routing entry carried in the multicast packet, and forwarding the multicast packet through the acquired local router interface to a clustered routing system interface for further transfer. The embodiments of the present invention can cluster several routing devices into a virtual routing system which externally acts as a single routing node for supporting a multicast service, so as to implement the efficient and reliable forwarding of the multicast packet in a clustered routing system with virtual aggregation, and enable the clustered routing system to support the multicast service with high efficiency and quality.

  • EXTERNAL DEVICE HAVING AT LEAST ONE MEMORY

    The invention relates to an external device (100) having at least one memory, which device can be connected with a computer (24) or computer network by way of a serial bus system. In order to make available an external device (100) that can be used to provide increased protection against access by unauthorized persons to security-relevant regions and sensitive data in computers (24) and computer networks, the invention provides that the external device (100) has a processor (14) as well as a USB drive (15) and a biometric means (12b) for identification of a person, wherein processor (14), USB drive (15), and biometric means (12b) are coupled with one another.

  • SYSTEM AND METHOD FOR MANAGING ELECTRONIC REAL ESTATE REGISTRY INFORMATION

    Electronic real estate registration systems include property transaction and location characteristic databases communicating via computer networks providing information related to transactions associated with registered real property interests linked to publicly recorded documentation that protect legal interests of parties and counterparties engaged in the public exchange of real property rights. Real property rights can be held or owned by a managed asset-titling entity thus share a registered asset identifier providing locational coordinates identifying real property interest assignments and transactional documentation in association with asset underwriting, asset performance, and asset class rating systems. Electronic real estate registry database devices capture, process, store, retrieve, transmit, and report useful and timely information concerning registered property interests, responding in a manner typically associated with exchange traded securities, providing borrowers, creditors, investors and governing regulators ready access to fair and clear valuation, underwriting and transactional records delineated by time, apportionments, and pricing of real property interests.

  • SYSTEM AND METHOD FOR PAYMENT BY VIRTUAL CREDIT CARD

    The invention relates to vendor payments using a virtual credit card number for security purposes. The invention is used by a company to pay vendors for services or goods using the virtual credit card number, which alleviates the normal security issues associated with making payments through a normal credit card transaction via computer networks. The invention further provides a convenient apparatus and method in securing such vendor payments. The apparatus and method of the present invention operates independently as a stand-alone system that interfaces with a separate accounting system, credit card assignment system, or other components of an invoice payment system, or is integrated with other components of an accounting system.

  • SYSTEMS AND METHODS FOR PROCESSING DATA FLOWS

    A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks.

  • SYSTEM AND METHOD FOR SETTING FUNCTIONS ACCORDING TO LOCATION

    An apparatus, system, and method for controlling functions of a vehicular alarm. The method includes receiving one or more signals including location information, determining a location of the vehicle using the location information, setting one or more functions based on the location information, determining whether an alarm function is activated, and activating the one or more functions according to the setting upon determining that an alarm has been activated. The method may further include using GPS data or signals transmitted from one or more base stations (e.g., from cellular telephone base stations, computer networks, proprietary transmitters, etc.) to determine the position of the apparatus (e.g., installed in the vehicle). The apparatus may also inform a user of regulations relating to an area dependent upon its location.

  • MANAGING HOST ROUTES FOR LOCAL COMPUTER NETWORKS WITH A PLURALITY OF FIELD AREA ROUTERS

    In one embodiment, a particular field area router (FAR), in a local computer network (e.g., a mesh network) having a plurality of FARs, advertises a common subnet prefix assigned to the local computer network into a global computer network. Each of the plurality of FARs of the local computer network is configured to accept any traffic destined to the local computer network, and a tunnel overlay is built among the plurality of FARs. Upon receiving a packet at the particular FAR destined to a particular device in the local computer network, and in response to the particular FAR not having a host route to the particular device, it forwards the packet on the tunnel overlay to another of the plurality of FARs of the local computer network.

  • PROVIDING EXTENDED ADMINISTRATIVE GROUPS IN COMPUTER NETWORKS

    In general, techniques are described for providing extended administrative groups in networks. A network device comprising an interface and a control unit may implement the techniques. The interface receives a routing protocol message that advertises a link. This message includes a field for storing first data associated with the link in accordance with the routing protocol. The field is defined by the routing protocol as a field having a different function from an administrative group field defined by the same routing protocol. The control unit determines that this field has been repurposed to store second data, wherein this second data specifies an extended administrative group for the link different from those that may be specified by the administrative group field. The control unit then updates routing information to associate the advertised link with the extended administrative group and performs path selection to select paths based on the updated routing information.

  • Real Time Online Searching

    An apparatus for real-time online search processing for a user over inter-connected computer networks uses a request and a push signal, otherwise known as a "Ping". These two items allow the system to deliver advertisements to the end user without requiring personal information from the use. The Request form allows the user to detail what they are looking for and the system repeatedly runs a search looking only for new postings. The system does not require or obtain personal information. The system provides in effect a "set-and-forget" function.

  • SYSTEM AND METHOD FOR DIGITAL ITEM EXCHANGE

    A system and a method to exchange digital items among peers of computer networks. The items may comprise, without limitation, files, CP, BW, storing space, money, licenses, contracts, information and any other shareable resource of peers on a computer networks. The system and method may offer the item, bid, transfer and pay for the item. A buyer of the item may become a potential seller of it. The creator of the item may receive a percentage of the payment for any transfer of the item.

  • METHODS AND SYSTEMS FOR PUBLIC COLLABORATIVE INTERFACE FOR PRIVATE NETWORK GROUPS

    Systems and methods are provided for a public collaborative interface for private computer networks. A system receives a domain name that enables users associated with the domain name to subscribe to a private network group, wherein the domain name differs from a domain name for the private network group. The system outputs a network feed from a user of the private network group to a display device associated with a user associated with the domain name in response to a determination that the user associated with the domain name is subscribed to the private network group. The system outputs a network feed from the user associated with the domain name to display devices associated with users of the private network group in response to a determination that the user associated with the domain name is subscribed to the private network group. The received domain name can be an email address.

  • System for Regulation of Continuing Education Requirements

    Various embodiments are directed to a Continuing Education Registration and Search System to allow various users of the System to track, search, register, audit and/or manage various aspects of their continuing education requirements. The System may provide a plurality of user interfaces over various computer networks for use by various users where all continuing education information can be exchanged between the various users. The various users in the System may have accounts in the System, search through a variety of classes and providers with user provided feedbacks, and register for and purchase classes within the System. The System may also provide the current status and remaining requirements to the users and update the status and remaining requirements as classes are taken and completed by users. The System may also provide recommendations of classes to the users based at least in part on information stored within the System.

  • AUTOMATED PATIENT MANAGEMENT SYSTEM

    A system for making the process of registering at and receiving treatment in a healthcare facility more efficient and safe has been developed. The system utilizes computer communications network-based systems, software, various input and output stations, and a patient identification card (e.g., Loyalty Card) that work together to allow (a) providers to direct, track, and optimize the efficiency of patient activity and (b) patients to have ready access to their status and, in some cases, control of the healthcare process.

  • REQUIREMENTS EXTRACTION FROM EXTERNAL SOURCES FOR SOFTWARE LIFECYCLE MANAGEMENT

    Embodiments of the present invention provide a method, system and computer program product for software requirements extraction from external sources for software development. In an embodiment of the invention, a method for software requirements extraction from external sources for software development includes retrieving content from over a computer communications network pertaining to a product. The content can include by way of example, a Web page, e-mail message, instant message, blog posting or social network posting, to name only a few. Within the content, a modal verb can be identified and text extracted that is proximate to the modal verb. Thereafter, a requirement can be generated for a revision of the product based upon the extracted text. Optionally, the requirement can be ranked according to the modal verb, for example, an imperative modal verb can correspond to a higher ranking than a suggestive modal verb.

  • SYSTEM AND METHOD FOR RESTRICTING PATHWAYS TO HARMFUL HOSTS IN COMPUTER NETWORKS

    System and methods for restricting accessibility to harmful content on a computer network. Network pathways are explored to study a plurality of investigated hosts from a plurality of diverse entry points into the computer network. The investigated hosts are checked whether they are malicious hosts believed to contain harmful content. For any of the investigated hosts that are malicious hosts, intermediary hosts having connectors to those malicious hosts are identified based on the exploring of the network pathways. An access restriction is associated with each of the intermediary hosts, which can be used to block or otherwise restrict access to the intermediary hosts, which may or may not themselves contain malicious content.

  • METHODS AND APPARATUS FOR PROVIDING QUALITY OF SERVICE GUARANTEES IN COMPUTER NETWORKS

    An arbitration mechanism provides quality of service guarantees for time-sensitive signals sharing a local area computer network with non-time-sensitive traffic. Device adapters are placed at all access points to an Ethernet network. The device adapters limit admission rates and control the timing of all packets entering the network. By doing so, collisions are eliminated for timesensitive traffic, thereby guaranteeing timely delivery. A common time reference is established for the device adapters. The time reference includes a frame with a plurality of phases. Each of the phases is assigned to a device adapter. Each device adapter is allowed to transmit packets of data onto the network only during the phase assigned thereto. The length of the phases may be modified in accordance with the number of packets to be transmitted by a particular device adapter. A master device adapter may be appointed to synchronize each of the device adapters.

  • DYNAMIC KEEPALIVE PARAMETERS FOR REVERSE PATH VALIDATION IN COMPUTER NETWORKS

    In one embodiment, a network device determines a path from itself to a source device in a computer network, where the source device utilizes the path in reverse to reach the network device. Based on determining a reliability of the path in reverse, the network device may dynamically adjust one or more keepalive parameters for keepalive messages sent on the path. Accordingly, the network device may then send keepalive messages on the path based on the dynamically adjusted keepalive parameters.

  • PROACTIVE SOURCE-BASED REVERSE PATH VALIDATION IN COMPUTER NETWORKS

    In one embodiment, a network device may receive an indication of a particular future message time, and determines a path validation time that is prior to the particular future message time by an amount at least long enough to detect and report a route change of a path from the network device to a source of the particular future message, wherein the source utilizes the path in reverse to reach the network device for the particular future message. Accordingly, the network device sends, at the path validation time, a keepalive message on the path, where in response to a failure of the keepalive message on the path, the network device repairs the path to the source with a particular route change, and reports the particular route change to the source, e.g., such that in response, the source may transmit the particular future message on the changed path in reverse.

  • AUTOMATIC ANALYSIS OF SECURITY RELATED INCIDENTS IN COMPUTER NETWORKS

    Solutions for responding to security-related incidents in a computer network, including a security server, and a client-side arrangement. The security server includes an event collection module communicatively coupled to the computer network, an event analysis module operatively coupled to the event collection module, and a solution module operatively coupled to the event analysis module. The event collection module is configured to obtain incident-related information that includes event-level information from at least one client computer of the plurality of client computers, the incident-related information being associated with at least a first incident which was detected by that at least one client computer and provided to the event collection module in response to that detection. The event analysis module is configured to reconstruct at least one chain of events causally related to the first incident and indicative of a root cause of the first incident based on the incident-related information. The solution module is configured to formulate at least one recommendation for use by the at least one client computer, the at least one recommendation being based on the at least one chain of events, and including corrective/preventive action particularized for responding to the first incident.

  • DYNAMICALLY MIGRATING COMPUTER NETWORKS

    Techniques are described for providing capabilities to dynamically migrate computing nodes between two or more computer networks while the computer networks are in use, such as to dynamically and incrementally migrate an entire originating first computer network to a destination second computer network at a remote location. For example, the first computer network may include one or more physically connected computer networks, while the second computer network may be a virtual computer network at a remote geographical location (e.g., under control of a network-accessible service available to remote users). The provided capabilities may further include facilitating the ongoing operations of the originating first computer network while a subset of the first computer network computing nodes have been migrated to the remote destination second computer network, such as by forwarding communications between the first and second computer networks in a manner that is transparent to the various computing nodes.

  • MISSION MANAGEMENT FOR DYNAMIC COMPUTER NETWORKS

    Method for communicating data in a computer network involves dynamically modifying at a first location in the computer network a plurality of true values. The true values correctly represent the plurality of identify parameters. These true values are transformed to false values, which incorrectly represent the identity parameters. Subsequently, the identity parameters are modified at a second location to transform the false values back to the true values. The position of the first and/or second locations varies dynamically as part of this process. A bridge transforms identity parameter values when communicating outside the network. Dynamic modification of the identity parameters occurs in accordance with a mission plan that can be modified without interrupting communication of data in the network.

  • PROVIDING ACCESS TO CONFIGURABLE PRIVATE COMPUTER NETWORKS

    Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service in order to create and configure computer networks that are provided by the configurable network service for use by the users. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. If so, secure private access between an existing computer network and new computer network extension that is being provided may be enabled using one or more VPN connections or other private access mechanisms.

  • PROTECTING OPTICAL TRANSPORTS FROM CONSECUTIVE IDENTICAL DIGITS IN OPTICAL COMPUTER NETWORKS

    In general, techniques are described for protecting optical networks from consecutive identical digit (CID) errors. An optical network device comprising a control unit and an interface may implement the techniques described in this disclosure. The control unit determines whether a data packet will result in a CID error prior to encapsulating at least a portion of the data packet to form a passive optical network (PON) frame and then, in response to the determination that the data packet will result in the CID error, modifies the data packet to form a modified data packet so that the modified data packet will not result in the CID error. The control unit encapsulates the modified data packet to form a PON frame. The control unit applies a scrambling polynomial to the PON frame to form a scrambled PON frame. The interface transmits the scrambled PON frame.

  • PROTECTING OPTICAL TRANSPORTS FROM CONSECUTIVE IDENTICAL DIGITS IN OPTICAL COMPUTER NETWORKS

    An example method includes encapsulating, by an optical network device, at least a portion of a data packet to form a passive optical network (PON) frame. The method further includes applying, by the optical network device, a scrambling polynomial to at least a portion of the PON frame to generate a scrambled PON frame. The method further includes determining, by the optical network device, that the scrambled PON frame comprises a consecutive identical digit (CID) sequence greater than a threshold length. The method further includes replacing, by the optical network device the determined CID sequence with a correction pattern to generate a modified scrambled PON frame. The method further includes transmitting, by the optical network device, the modified scrambled PON frame.

  • METHODS AND SYSTEMS FOR MAPPING FLOW PATHS IN COMPUTER NETWORKS

    Methods and systems are provided for determining a flow path for a flow between a source host and a destination host on a computer network wherein the flow has a tuple associated therewith. In one embodiment, a method comprises receiving flow data from exporters on the network, finding one or more exporters that possibly carry the flow, and using the flow data to determine whether any of the one or more exporters that possibly carry the flow include the tuple. For any exporters that include the tuple, the flow data is used to determine a next hop for such exporter. Connection pairs are created between each exporter that includes the tuple and its next hop. The connection pairs are combined to define the flow path.

  • Performing Multicast Communication In Computer Networks By Using Overlay Routing

    An overlay protocol and system for allowing multicast routing in the Internet to be performed at the application level. The overlay protocol uses "native" Internet multicast and multicast routing protocols to route information, according to overlay routing tables. Overlay groups are mapped to native multicast groups to exploit native multicasting in regional or local forwarding domains. Use of the overlay protocol allows overlay distribution to be handled in a more intelligent and bandwidth-managed fashion. Overlay routers are placed at each of several local area networks, Internet service provider's point of presence, enterprise, or other cohesively-managed locations. The overlay computers are configured according to bandwidth and security policies, and perform application-level multicast distribution across the otherwise disjoint multicast networks by using the overlay routing. The result is an overlay multicast network that is effectively managed according to local network management policies. Application-level control can be applied to the transferred data at the overlay routers.

  • AUTOMATICALLY CONFIGURING COMPUTER NETWORK AT HOSPITALITY ESTABLISHMENT WITH RESERVATION-SPECIFIC SETTINGS

    A system includes a storage device for storing details of a plurality of reservations of a hospitality establishment. A particular reservation includes a registered device setting for affecting behavior of a computer network at the hospitality establishment toward a user device having a specified device identifier. The system further includes a clock unit for tracking time, and a system controller coupled to the computer network and having access to the storage device and the clock unit. The system controller automatically configures one or more network components of the computer network when a start time of the particular reservation is reached in order to activate the registered device setting, and automatically configures the one or more network components when an end time of the particular reservation is reached in order to deactivate the registered device setting.

  • SYSTEM AND METHOD FOR COMPUTER NETWORK CONFIGURATION AND OPERATION

    A system for simplifying the configuration and administration of computer networks. A the server system first sends a broadcast message out to the other network nodes on the computer network to learn configuration of each other network nodes on the local network. Next, network software within each other network node (not shown) responds to the broadcast message with a response containing configuration information and an identifier key value. In one embodiment, the identifier key value may be a randomly generated number. The server system then builds a table of network nodes using the information received in the response messages sent in response to the broadcast message. The server may then communicate with systems having duplicate addresses using the identifier key value. In some embodiments, the server system may send request messages to one or more network nodes specifying a network configuration change.

  • SYSTEM AND METHOD FOR COMPUTER NETWORK CONFIGURATION AND OPERATION

    A system for simplifying the configuration and administration of computer networks. A the server system first sends a broadcast message out to the other network nodes on the computer network to learn configuration of each other network nodes on the local network. Next, network software within each other network node (not shown) responds to the broadcast message with a response containing configuration information and an identifier key value. In one embodiment, the identifier key value may be a randomly generated number. The server system then builds a table of network nodes using the information received in the response messages sent in response to the broadcast message. The server may then communicate with systems having duplicate addresses using the identifier key value. In some embodiments, the server system may send request messages to one or more network nodes specifying a network configuration change.

  • LOCATING HUMAN RESOURCES VIA A COMPUTER NETWORK

    A computer implemented method for a user of a network to locate one or more human resources, the method comprising the steps of: providing a record in a database for each of a plurality of human resources, the record including one or more keywords associated with the human resource; receiving from a first user a search request including one or more keywords; searching the records in the database to find matching records associated with one or more human resources with a keyword that matches a keyword in the received search request; and returning search results to the first user, the search results identifying the matching records.

  • SYSTEMS AND METHODS FOR SPONTANEOUSLY CONFIGURING A COMPUTER NETWORK

    Systems (100) and methods (1300, 1400) for spontaneously configuring operations of a Computer Network ("CN"). The methods involve: configuring CN to operate in accordance with a first Mission Plan ("MP"); and detecting a reactive trigger event. The first MP specifies a manner in which an assigned value for an IDentity Parameter ("IDP") is to be dynamically modified by a node (105-107, 113, 114) of CN. The reactive trigger event is a spontaneous event for causing a change to occur in relation to the dynamic modification of IDP. In response to the detection of the reactive trigger event, a second MP is selected. Thereafter, the operations of CN are automatically modified in accordance with the second MP plan such that IDP is dynamically modified in a manner that is different than that specified in the first MP.

  • FIREWALLS FOR FILTERING COMMUNICATIONS IN A DYNAMIC COMPUTER NETWORK

    A method and apparatus for filtering data communications in a dynamic computer network is disclosed. The method includes receiving a data packet that includes a plurality of identity parameters. The data packet is filtered by comparing the plurality of identity parameters to a set of filtering rules. The filtering rules allow the data packet into the network if a set of said identity parameters have been pseudorandomly transformed to specify false identity parameters and those false identity parameters are within a set of currently allowed false identity parameters determined based on a mission plan.

  • NOISE, ENCRYPTION, AND DECOYS FOR COMMUNICATIONS IN A DYNAMIC COMPUTER NETWORK

    A method and apparatus for processing data messages in a dynamic computer network is disclosed. The method includes implementing a mission plan specifying a message type, a message generation location, and a message distance vector for false messages, receiving a data message that includes a plurality of identity parameters, and determining a message type and a message distance vector for the received message. The network device is configured to generate false messages and process received messages. If the message type is a false message and the distance vector of the false message has been exhausted, the data message is dropped. If the distance vector of the false message has not been exhausted, transmitting the false message in accordance with the mission plan.

  • Systems and Methods for Protecting Communications Between Nodes

    Systems and methods for protecting communications between at least two nodes protect the identity of a node requesting information, provide content of communications being sent and/or obscuring a type of communications being sent. Varying degrees of protection options including encryption, intermediate node termination and direct node communications are provided.

  • System and Method for Configuring a Communications Network

    A method for partitioning a communications network includes selecting, by a controller, a starting communications controller for a first region in the communications network according to an interference level. The method also includes including, by the controller, a first neighboring communications controller in the first region if an average inter-cell interference level of the starting communications controller and the first neighboring communications controller exceeds a first threshold and closing the first region if the average inter-cell interference level of the starting communications controller and the first neighboring communications controller fails to exceed the first threshold. The method further includes storing information about the first region in a memory.

  • UE Enhancement for Service Recovery in Mobile Communications Network

    A method of applying a network forbidden list for enhanced service recovery in mobile communication networks is provided. In a first embodiment, upon receiving an error cause for a RAT in a selected network, a UE stores a PLMN ID, the RAT information, and the error cause as an entry in the forbidden list. The UE will not select to the RAT of the network stored in the forbidden list until the PLMN/RAT entry is removed from the forbidden list. In a second embodiment, upon receiving an error cause in a selected network, a UE stores a PLMN ID, the error cause, and a timer value as an entry in the forbidden list. The UE will not select to the network stored in the forbidden list until the timer associated with the PLMN ID is expired.

  • METHOD FOR GENERATING ADDRESSES IN A COMPUTER NETWORK

    In a method for creating a plurality of addresses (h) for a network element of a communication network, the following steps are provided: a) creating (1) a virtual identifier (c) for each address to be created from an existing identifier (a) of said network element and from at least one configured piece of additional information (b); b) creating (2) an address from at least one created virtual identifier; c) checking (3) the virtual identifiers created in such a way or the addresses created from said virtual identifiers for the presence of a collision; d) discarding (4) colliding virtual identifiers or the addresses created from said virtual identifiers.

  • METHODS, APPARATUSES AND SYSTEMS FACILITATING MANAGEMENT OF AIRSPACE IN WIRELESS COMPUTER NETWORK ENVIRONMENTS

    According to one embodiment, a particular network device that comprises at least one hardware processor is described. The network device is configured to perform operations including operating in a first mode by communicating wirelessly with at least one wireless client device to provide the at least one wireless client device access to one or more resources, where the operating in the first mode comprises receiving packets transmitted by the at least one wireless client device and forwarding the packets to the one or more resources. Furthermore, the network device performs operations, including switching from operating in the first mode to operating in a monitoring mode and operating in the monitoring mode by decoding data packets addressed to network devices other than the particular network device.

  • DETECTION OF ANOMALOUS BEHAVIOUR IN COMPUTER NETWORK ACTIVITY

    A sequence of data representing network behaviour is analysed using the technique of delay space embedding. This causes a sequence of tuples to be constructed from the data sequence. This sequence of tuples can then be represented in a multi-dimensional representation space, which allows detection of network behaviour divergent from a norm.

  • Secure System for Conducting an Auction Over a Computer Network

    Methods and apparatus are described which provide secure interactive communication of text and image information between a central server computer and one or more client computers located at remote sites for the purpose of storing and retrieving files describing and identifying unique products. Auctions for the products may then be conducted over the system. Textual information and image data are stored separately at the location of the central server computer, requests for information regarding products to be auctioned are entered from remote terminals, and the information requested is recalled and downloaded for review to be displayed at the remote site. Bids may then be transmitted from the remote computers and a winner of the auction determined by the central computer.

  • METHOD AND APPARATUS FOR COLLECTING AND DISSEMINATING INFORMATION OVER A COMPUTER NETWORK

    The apparatus comprises at least one database for storing digital information associated with at least a first user and a second user, at least one links module for the first user and for the second user, at least one manipulations module and at least one display device for respectively displaying at least said linked digital information wherein said linked digital information associated with said first user is automatically updated on at least said display device of said second user when that information is manipulated, and wherein said linked digital information associated with said second user is automatically updated on at least said display device of said first user when that information is manipulated.

  • SYSTEM AND METHOD OF TRANSMITTING DATA OVER A COMPUTER NETWORK INCLUDING FOR PRESENTATIONS OVER MULTIPLE CHANNELS IN PARALLEL

    A method and system of transmitting data via a computer network to a plurality of end-users. Transmission of successive data units may be prompted by human-operated and/or automated central control. Successive arrays of data units may be transmitted over a plurality of channels, in parallel. Each end-user chooses which channel or channels to receive and may change channels at will. Transmission of successive arrays may coincide with successive occurrences during the course of a live event. Data units also may be transmitted over one or more channels asynchronously with transmissions over other channels. Controller-prompted transmissions, received passively by end-users, also may be integrated with a facility for end-users to browse data sources in a self-directed sequence and pace.