TREA

System for and method of securing a network utilizing credentials

Follow

Information

  • Patent Grant
  • 8811396
  • Patent Number
    8,811,396
  • Date Filed
    Wednesday, May 24, 2006
    18 years ago
  • Date Issued
    Tuesday, August 19, 2014
    10 years ago
Information
Abstract
A system for and method of securing a network are described herein. A receiving device listens for packets with proper credentials. If a transmitting device sends the correct credentials, the receiving device will respond with an acknowledgment and further data is able to be transmitted. However, if the transmitting device does not send a packet with the proper credentials, then the receiving device will drop the packet and not respond. Thus, the transmitting device will be unaware of the presence of the receiving device, in particular when hackers are using scanning software to locate target devices.
Description
FIELD OF THE INVENTION

The present invention relates to the field of networking. More specifically, the present invention relates to the field of providing security to a network.


BACKGROUND OF THE INVENTION

Transmission Control Protocol (TCP) allows applications on networked computers to generate connections to each other. Over these connections, the applications are then able to exchange data packets. Many applications such as the world wide web and email utilize TCP. TCP is reliable and guarantees in-order delivery of data.


Applications send streams of 8-bit bytes to TCP to be delivered through the network. TCP divides the byte stream into appropriately sized segments and then passes the resulting packets to the Internet Protocol (IP) for delivery through the network to a TCP module of a target computer on the network. TCP ensures that no packets are lost by assigning a sequence number to each packet. This sequence number also ensures the packets are delivered in the correct order. The TCP module of the target computer sends back an acknowledgment for packets which have been successfully received. If an acknowledgment is not received within a reasonable amount of time, a timeout is triggered on the transmitting computer. Then, the data packet is re-sent.


As briefly described above, a 3-way handshake is implemented to establish a TCP connection. The transmitting computer first sends a synchronization packet to initiate the connection. Then the target computer sends an acknowledgment packet back. Finally, the transmitting computer sends an acknowledgment back to the target. By utilizing a 3-way handshake, computers are able to verify their connection.


The concern with TCP is that hackers are able to utilize this 3-way handshake to locate future victims to be hacked. Using scanning software, a set of packets are sent out across the network. Any clients on the network will respond to these packets. Then, hackers are able to determine which computers are accessible on the network and which ports are open on those computers. Using that information, a hacker is able to abuse the computer by crashing it or performing other malicious activity with it such as stealing data.


User Datagram Protocol (UDP) is a connectionless protocol that allows applications on networked computers to send short messages known as datagrams to each other. Unlike TCP, UDP does not provide guaranteed reliability. Datagrams are able to arrive disordered or get lost without notice. The reason for this is that UDP does not utilize the 3-way handshake of TCP where a target computer acknowledges that it is present when an unknown transmitting computer sends an initiating connection. However, as mentioned above, UDP has a number of drawbacks including being unreliable, not ordered, and other issues that make UDP insufficient for a specified purpose.


SUMMARY OF THE INVENTION

A system for and method of securing a network are described herein. A receiving device listens for packets with proper credentials. If a transmitting device sends the correct credentials, the receiving device will respond with an acknowledgment and further data is able to be transmitted. However, if the transmitting device does not send a packet with the proper credentials, then the receiving device will drop the packet and not respond. Thus, the transmitting device will be unaware of the presence of the receiving device, in particular when hackers are using scanning software to locate target devices.


In one aspect, a method of increasing network security comprises transmitting a packet from a first device to a second device, receiving a packet at the second device from the first device, verifying the packet for proper credentials and sending an acknowledgment from the second device to the first device only if the proper credentials are verified. The first device is a client and the second device is a server. Alternatively, the first device is a server and the second device is a client. The method further comprises dropping the packet if the proper credentials are not verified. A protocol for receiving the packet is similar to or the same as User Datagram Protocol. A protocol for sending an acknowledgment is similar to or the same as Transmission Control Protocol. The first device and the second device are coupled by a network. In one embodiment, the network is the Internet. In another embodiment, the network is an intranet.


In another aspect, a method of increasing network security comprises transmitting a packet from a first device to a second device, receiving a packet at the second device from the first device, verifying the packet for proper credentials, sending an acknowledgment from the second device to the first device only if the proper credentials are verified and dropping the packet if the proper credentials are not verified. The first device is a client and the second device is a server. Alternatively, the first device is a server and the second device is a client. A protocol for receiving the packet is similar to or the same as User Datagram Protocol. A protocol for sending an acknowledgment is similar to or the same as Transmission Control Protocol. The first device and the second device are coupled by a network. In one embodiment, the network is the Internet. In another embodiment, the network is an intranet.


In yet another aspect, a system for increasing network security comprises one or more first devices for transmitting a packet, one or more second devices for receiving the packet, wherein the one or more second devices are coupled to the one or more first devices through a network and a set of credentials within the packet for verification, wherein the one or more second devices send an acknowledgment back to the one or more first devices only if the set of credentials are verified. The first device is a client and the second device is a server. Alternatively, the first device is a server and the second device is a client. The one or more second devices drop the packet if the set of credentials are not verified. A protocol for receiving the packet is similar to or the same as User Datagram Protocol. A protocol for sending an acknowledgment is similar to or the same as Transmission Control Protocol. In one embodiment, the network is the Internet. In another embodiment, the network is an intranet.


In another aspect, a network of devices for increasing network security comprises one or more client devices for transmitting a packet, one or more server devices for receiving the packet, wherein the one or more server devices are coupled to the one or more client devices through a network and a set of credentials within the packet for verification, wherein the one or more server devices send an acknowledgment back to the one or more client devices only if the set of credentials are verified. The one or more server devices drop the packet if the set of credentials are not verified. A protocol for receiving the packet is similar to or the same as User Datagram Protocol. A protocol for sending an acknowledgment is similar to or the same as Transmission Control Protocol. In one embodiment, the network is the Internet. In another embodiment, the network is an intranet.


In yet another aspect, a packet for increasing network security comprises data and a set of credentials, wherein the set of credentials are analyzed by a receiving device such that the receiving device sends an acknowledgment back only if the set of credentials are valid. The set of credentials are selected from the group consisting of a key, a code and a signature. The set of credentials are stored within a header. Alternatively, the set of credentials are stored within a wrapper. The set of credentials are encrypted. The packet is substantially similar to a User Datagram Protocol packet.





BRIEF DESCRIPTION OF THE DRAWINGS


FIG. 1 illustrates a block diagram of the preferred embodiment of the present invention.



FIG. 2 illustrates a flow chart of the preferred embodiment of the present invention.



FIG. 3 illustrates a network of devices implementing the preferred embodiment of the present invention.



FIG. 4A illustrates a User Datagram Protocol packet.



FIG. 4B illustrates a User Datagram Protocol packet within a wrapper.





DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

The present invention overcomes the issues described above by using a combination of elements of User Datagram Protocol (UDP) and Transmission Control Protocol (TCP) in addition to modifications of each. Using these modifications, a connection is established by only those properly authenticated devices. Furthermore, a target device remains hidden and anonymous to those devices that are not properly authenticated.



FIG. 1 illustrates a block diagram of the preferred embodiment of the present invention. A system 100 for securely networking devices includes one or more first devices 102 and one or more second devices 104. A device of the one or more first devices 102 sends a packet 106 with credentials to a device of the one or more second devices 104 over a network 108. The packet is sent using a protocol 110 such as UDP or a similar protocol. The device of the one or more second devices 104 is listening to the specified protocol. If a packet 106′ does not have the correct credentials then the packet 106′ is dropped and no response is sent from the device of the one or more second devices 104. If the credentials are validly verified, then an acknowledgment 114 is sent from the device of the one or more second devices 104 over the network 108 to the device of the one or more first devices 102. The acknowledgment 114 is sent over a protocol 112 such as TCP, UDP or a similar protocol. After the initial connection is established, data is communicated between the devices.



FIG. 2 illustrates a flow chart of the preferred embodiment of the present invention. In the step 200, a device of the one or more first devices 102 transmits a packet 106 to a device of the one or more second devices 104. In the step 202, the device of the one or more second devices 104 receives the packet 106. In the step 204, the device 106 of the one or more second devices 104 determines if the packet 106 has the proper credentials. Proper credentials are able to be included as a specific key, code, signature or other appropriate verification device. Furthermore, the credentials are stored in a header, wrapper or other location to accompany the packet. In some embodiments, the set of credentials are encrypted. If the packet 106 does not have the proper credentials, the packet 106 is dropped and no acknowledgment is sent back to the device of the one or more first devices 102, in the step 206. If the packet 106 does have the proper credentials, then an acknowledgment 114 is sent back to the device of the one or more first devices 102, in the step 208. By utilizing an implementation such as this, hackers' net scans will produce no results, as the devices will not respond, thus giving no indication that the device is even there.



FIG. 3 illustrates a network of devices implementing the present invention. One or more client devices 300 are coupled to a server 310 through a network 308. The one or more client devices 300 initiate communication with the server 310 by sending a packet 304 with credentials. The server validates the credentials and then responds by sending an acknowledgment 306 back to the appropriate client device 300. If a hacker 302 attempts to communicate with the server 310 by sending a packet 304′ with either the incorrect credentials or no credentials, the server receives the packet 304′ but then drops the packet 304′. The server does not respond to the hacker 302. Thus, only properly authenticated clients 300 with correct credentials are able to communicate with the server 310 and hackers 302 are not. In an alternate embodiment, a server sends the packet with credentials to a client device.



FIG. 4A illustrates a UDP packet 400. Within a header 402 of the UDP packet 400 are four 16 bit fields including a source port, destination port, length and checksum. A data portion 404 of the packet contains the data to be transmitted.



FIG. 4B illustrates the UDP packet within a wrapper 410. The wrapper 410 is formatted appropriately to contain the necessary components including any additional credentials such as a signature, a key or a code. Furthermore, the wrapper 410 is able to have a wrapper header 412 where the credentials are able to be stored. The credentials necessary to verify a valid incoming packet are located within the wrapper header 412 in some embodiments or within the wrapper 410 elsewhere in other embodiments.


To utilize the present invention a network of devices is configured so that only properly authenticated devices are able to communicate with devices on the network. A transmitting device sends a packet with credentials to a receiving device. If the credentials are valid, the receiving device responds with an acknowledgment similar to that in TCP so that other communications are possible. If the credentials are not valid or if a packet does not have credentials, then the packet is dropped. This aspect is similar to UDP and unlike TCP which always responds with an acknowledgment. By only responding to authorized users, the system is able to remain undetected by unauthorized users such as hackers. After a connection is established, the devices communicate as typical network devices do, allowing the transfer of data from device to device over and through networks.


In operation the present invention performs very similarly to standard networks that implement TCP with the exception that unauthorized packets are dropped. For authorized users, standard operations are available with the network such that users of an intranet are able to print to network printers, share data across computers and access applications from servers. In some embodiments, the network is the Internet. Many other typical network operations are possible with the present invention aside from those that require access to a device without valid credentials.


The devices that are able to implement the present invention include, but are not limited to laptops, personal computers, Apple computers, handhelds, servers, thin clients and cell phones.


The present invention has been described in terms of specific embodiments incorporating details to facilitate the understanding of principles of construction and operation of the invention. Such reference herein to specific embodiments and details thereof is not intended to limit the scope of the claims appended hereto. It will be readily apparent to one skilled in the art that other various modifications may be made in the embodiment chosen for illustration without departing from the spirit and scope of the invention as defined by the claims.

Claims
  • 1. A method of increasing network security comprising: a. transmitting an initial packet from a first device to a second device;b. receiving the initial packet at the second device from the first device;c. verifying the initial packet has proper credentials, wherein the credentials are selected from the group consisting of a key, a code and a signature;d. sending an acknowledgment from the second device to the first device only if the proper credentials are verified, wherein the credentials are not required to construct the acknowledgment; ande. transmitting one or more subsequent packets from the first device to the second device without verifying the subsequent packets have proper credentials;
  • 2. The method as claimed in claim 1 wherein the first device is a client and the second device is a server.
  • 3. The method as claimed in claim 1 wherein the first device is a server and the second device is a client.
  • 4. The method as claimed in claim 1 further comprising dropping the initial packet if the proper credentials are not verified.
  • 5. The method as claimed in claim 1 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  • 6. The method as claimed in claim 1 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  • 7. The method as claimed in claim 1 wherein the first device and the second device are coupled by a network.
  • 8. The method as claimed in claim 7 wherein the network is the Internet.
  • 9. The method as claimed in claim 7 wherein the network is an intranet.
  • 10. A method of increasing network security comprising: a. transmitting an initial packet from a first device to a second device;b. receiving the initial packet at the second device from the first device;c. verifying the initial packet has proper credentials, wherein the credentials are selected from the group consisting of a key, a code and a signature;d. sending an acknowledgment from the second device to the first device only if the proper credentials are verified, wherein the credentials are not required to construct the acknowledgment, further wherein the credentials are verified at the second device, and further wherein the credentials are stored within a wrapper header;e. dropping the initial packet if the proper credentials are not verified; andf. transmitting one or more subsequent packets from the first device to the second device without verifying the subsequent packets have proper credentials;
  • 11. The method as claimed in claim 10 wherein the first device is a client and the second device is a server.
  • 12. The method as claimed in claim 10 wherein the first device is a server and the second device is a client.
  • 13. The method as claimed in claim 10 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  • 14. The method as claimed in claim 10 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  • 15. The method as claimed in claim 10 wherein the first device and the second device are coupled by a network.
  • 16. The method as claimed in claim 15 wherein the network is the Internet.
  • 17. The method as claimed in claim 15 wherein the network is an intranet.
  • 18. A system for increasing network security comprising: a. one or more first devices for transmitting an initial packet and one or more subsequent packets;b. one or more second devices for receiving the initial packet and one or more subsequent packets, wherein the one or more second devices are coupled to the one or more first devices through a network; andc. a set of credentials within the initial packet for verification, wherein the one or more second devices send an acknowledgment back to the one or more first devices only if the set of credentials are verified, wherein the credentials are not required to construct the acknowledgment, wherein the credentials are verified at the one or more second devices, wherein the set of credentials are selected from the group consisting of a key, a code and a signature, and further wherein the credentials are stored within a wrapper header;
  • 19. The system as claimed in claim 18 wherein the first device is a client and the second device is a server.
  • 20. The system as claimed in claim 18 wherein the first device is a server and the second device is a client.
  • 21. The system as claimed in claim 18 wherein the one or more second devices drop the initial packet if the set of credentials are not verified.
  • 22. The system as claimed in claim 18 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  • 23. The system as claimed in claim 18 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  • 24. The system as claimed in claim 18 wherein the network is the Internet.
  • 25. The system as claimed in claim 18 wherein the network is an intranet.
  • 26. A network of devices for increasing network security comprising: a. one or more client devices for transmitting an initial packet and one or more subsequent packets;b. one or more server devices for receiving the initial packet and the subsequent packets, wherein the one or more server devices are coupled to the one or more client devices through a network; andc. a set of credentials within the initial packet for verification, wherein the one or more server devices send an acknowledgment back to the one or more client devices only if the set of credentials are verified, wherein the credentials are not required to construct the acknowledgment, wherein the set of credentials are verified at the one or more server devices, wherein the set of credentials are selected from the group consisting of a key, a code and a signature, and further wherein the credentials are stored within a wrapper header;
  • 27. The network of devices as claimed in claim 26 wherein the one or more server devices drop the initial packet if the set of credentials are not verified.
  • 28. The network of devices as claimed in claim 26 wherein a protocol for receiving the initial packet is User Datagram Protocol or any functionally equivalent protocol.
  • 29. The network of devices as claimed in claim 26 wherein a protocol for sending an acknowledgment is Transmission Control Protocol or any functionally equivalent protocol.
  • 30. The network of devices as claimed in claim 26 wherein the network is the Internet.
  • 31. The network of devices as claimed in claim 26 wherein the network is an intranet.
  • 32. An apparatus comprising a memory device, the memory device comprising: a. an initial packet for increasing network security, the initial packet comprising: i. data; andii. a set of credentials,wherein the set of credentials are analyzed by a receiving device such that the receiving device sends an acknowledgment back and receives one or more subsequent packets without verifying the subsequent packets have proper credentials only if the set of credentials are valid, wherein the credentials are not required to construct the acknowledgment, wherein the set of credentials are selected from the group consisting of a key, a code and a signature and are stored within a wrapper header, and further wherein the apparatus is configured to transmit the initial packet to the receiving device independent of whether a device identifier or a user identifier of the receiving device is recognized by the apparatus.
  • 33. The packet as claimed in claim 32 wherein the set of credentials are stored within a header.
  • 34. The packet as claimed in claim 32 wherein the set of credentials are stored within a wrapper.
  • 35. The packet as claimed in claim 32 wherein the set of credentials are encrypted.
  • 36. The packet as claimed in claim 32 wherein the initial packet is a User Datagram Protocol packet or a functionally equivalent protocol packet.
  • 37. A method of increasing network security comprising: a. transmitting an initial packet from a first device to a second device;b. receiving the initial packet at the second device from the first device using a User Datagram Protocol;c. verifying the initial packet has proper credentials, wherein the credentials are selected from the group consisting of a key, a code and a signature;d. sending an acknowledgment from the second device to the first device only if the proper credentials are verified; ande. transmitting one or more subsequent packets from the first device to the second device without verifying the subsequent packets have proper credentials;
US Referenced Citations (262)
Number Name Date Kind
4866635 Kahn et al. Sep 1989 A
5602990 Leete Feb 1997 A
5649196 Woodhill et al. Jul 1997 A
5659743 Adams et al. Aug 1997 A
5787409 Seiffert et al. Jul 1998 A
5802364 Senator et al. Sep 1998 A
5812751 Ekrot et al. Sep 1998 A
5835911 Nakagawa et al. Nov 1998 A
5897635 Torres et al. Apr 1999 A
5933647 Aronberg et al. Aug 1999 A
5950010 Hesse et al. Sep 1999 A
5974547 Klimenko Oct 1999 A
6012152 Douik et al. Jan 2000 A
6029196 Lenz Feb 2000 A
6067582 Smith et al. May 2000 A
6144959 Anderson et al. Nov 2000 A
6170065 Kobata et al. Jan 2001 B1
6189101 Dusenbury, Jr. Feb 2001 B1
6209089 Selitrennikoff et al. Mar 2001 B1
6212660 Joeressen et al. Apr 2001 B1
6282711 Halpern et al. Aug 2001 B1
6292827 Raz Sep 2001 B1
6301612 Selitrennikoff et al. Oct 2001 B1
6311221 Raz et al. Oct 2001 B1
6314428 Brew et al. Nov 2001 B1
6317761 Landsman et al. Nov 2001 B1
6339826 Hayes, Jr. et al. Jan 2002 B2
6349137 Hunt et al. Feb 2002 B1
6356915 Chtchetkine et al. Mar 2002 B1
6363400 Chtchetkine et al. Mar 2002 B1
6366296 Boreczky et al. Apr 2002 B1
6378035 Parry et al. Apr 2002 B1
6421777 Pierre-Louis et al. Jul 2002 B1
6449658 Lafe et al. Sep 2002 B1
6459499 Tomat Oct 2002 B1
6463530 Sposato Oct 2002 B1
6473794 Guheen et al. Oct 2002 B1
6477531 Sullivan et al. Nov 2002 B1
6490677 Aquilar et al. Dec 2002 B1
6536037 Guheen et al. Mar 2003 B1
6553375 Huang et al. Apr 2003 B1
6556950 Schwenke et al. Apr 2003 B1
6574618 Eylon et al. Jun 2003 B2
6578142 Anderson et al. Jun 2003 B1
6606744 Mikurak Aug 2003 B1
6625651 Swartz et al. Sep 2003 B1
6625754 Aguilar et al. Sep 2003 B1
6633782 Schleiss et al. Oct 2003 B1
6636857 Thomas et al. Oct 2003 B2
6654797 Kamper Nov 2003 B1
6654801 Mann et al. Nov 2003 B2
6694375 Beddus et al. Feb 2004 B1
6697852 Ryu Feb 2004 B1
6704886 Gill et al. Mar 2004 B1
6718464 Cromer et al. Apr 2004 B2
6728530 Heinonen et al. Apr 2004 B1
6735625 Ponna May 2004 B1
6751658 Haun et al. Jun 2004 B1
6757729 Devarakonda et al. Jun 2004 B1
6757894 Eylon et al. Jun 2004 B2
6795912 Itoh et al. Sep 2004 B1
6816462 Booth, III et al. Nov 2004 B1
6816882 Conner et al. Nov 2004 B1
6820180 McBrearty et al. Nov 2004 B2
6854009 Hughes Feb 2005 B1
6871210 Subramanian Mar 2005 B1
6880108 Gusler et al. Apr 2005 B1
6885481 Dawe Apr 2005 B1
6886020 Zahavi et al. Apr 2005 B1
6915343 Brewer et al. Jul 2005 B1
6954853 Wang et al. Oct 2005 B2
6954930 Drake et al. Oct 2005 B2
6959235 Abdel-Malek et al. Oct 2005 B1
6985967 Hipp Jan 2006 B1
7003560 Mullen et al. Feb 2006 B1
7003663 Lagosanto et al. Feb 2006 B2
7024471 George et al. Apr 2006 B2
7058698 Chatterjee et al. Jun 2006 B2
7080118 Hildebrand Jul 2006 B2
7143307 Witte et al. Nov 2006 B1
7149698 Guheen et al. Dec 2006 B2
7175078 Ban et al. Feb 2007 B2
7178166 Taylor et al. Feb 2007 B1
7194445 Chan et al. Mar 2007 B2
7200779 Coss, Jr. et al. Apr 2007 B1
7210143 Or et al. Apr 2007 B2
7237122 Kadam et al. Jun 2007 B2
7260597 Hofrichter et al. Aug 2007 B1
7287053 Bodin Oct 2007 B2
7328367 Ukai et al. Feb 2008 B2
7337311 Chen et al. Feb 2008 B2
7392046 Leib et al. Jun 2008 B2
7401125 Uchida et al. Jul 2008 B1
7480822 Arbon et al. Jan 2009 B1
7487383 Bensinger Feb 2009 B2
7512584 Keith, Jr. Mar 2009 B2
7571467 Priestley et al. Aug 2009 B1
7624086 Keith, Jr. Nov 2009 B2
7627694 Sreenivasan et al. Dec 2009 B2
7664834 Keith, Jr. Feb 2010 B2
7698487 Rothman et al. Apr 2010 B2
7752486 Satran et al. Jul 2010 B2
7788524 Wing et al. Aug 2010 B2
7840514 Keith, Jr. Nov 2010 B2
7844686 Keith, Jr. Nov 2010 B1
7886031 Taylor et al. Feb 2011 B1
7908339 Keith, Jr. Mar 2011 B2
7912902 Cheng et al. Mar 2011 B2
8099378 Keith, Jr. Jan 2012 B2
8126722 Robb et al. Feb 2012 B2
8175418 Keith, Jr. May 2012 B1
8234238 Keith, Jr. Jul 2012 B2
8307239 Keith, Jr. Nov 2012 B1
8423821 Keith, Jr. Apr 2013 B1
20010034736 Eylon et al. Oct 2001 A1
20010037323 Moulton et al. Nov 2001 A1
20010037399 Eylon et al. Nov 2001 A1
20010037400 Raz et al. Nov 2001 A1
20010044850 Raz et al. Nov 2001 A1
20010049793 Sugimoto Dec 2001 A1
20020007418 Hegde et al. Jan 2002 A1
20020013827 Edstrom et al. Jan 2002 A1
20020035674 Vetrivelkumaran et al. Mar 2002 A1
20020042833 Hendler et al. Apr 2002 A1
20020049764 Boothby et al. Apr 2002 A1
20020083183 Pujare et al. Jun 2002 A1
20020087625 Toll et al. Jul 2002 A1
20020087717 Artzi et al. Jul 2002 A1
20020087883 Wohlgemuth et al. Jul 2002 A1
20020087963 Eylon et al. Jul 2002 A1
20020091763 Shah et al. Jul 2002 A1
20020094868 Tuck et al. Jul 2002 A1
20020099934 Cromer et al. Jul 2002 A1
20020104080 Woodard et al. Aug 2002 A1
20020107920 Hotti Aug 2002 A1
20020107945 George et al. Aug 2002 A1
20020116585 Scherr Aug 2002 A1
20020124092 Urien Sep 2002 A1
20020129089 Hegde et al. Sep 2002 A1
20020131404 Mehta et al. Sep 2002 A1
20020138640 Raz et al. Sep 2002 A1
20020157089 Patel et al. Oct 2002 A1
20020161868 Paul et al. Oct 2002 A1
20020161908 Benitez et al. Oct 2002 A1
20020169797 Hegde et al. Nov 2002 A1
20020188941 Cicciarelli et al. Dec 2002 A1
20030004882 Holler et al. Jan 2003 A1
20030005096 Paul et al. Jan 2003 A1
20030009538 Shah et al. Jan 2003 A1
20030014470 Iijima Jan 2003 A1
20030031164 Nabkel et al. Feb 2003 A1
20030033379 Civanlar et al. Feb 2003 A1
20030036882 Harper et al. Feb 2003 A1
20030037328 Cicciarelli et al. Feb 2003 A1
20030041136 Cheline et al. Feb 2003 A1
20030046371 Falkner Mar 2003 A1
20030051128 Rodriguez et al. Mar 2003 A1
20030055878 Fletcher et al. Mar 2003 A1
20030061067 Atwal et al. Mar 2003 A1
20030078960 Murren et al. Apr 2003 A1
20030110188 Howard et al. Jun 2003 A1
20030120502 Robb et al. Jun 2003 A1
20030126242 Chang Jul 2003 A1
20030140160 Raz et al. Jul 2003 A1
20030177381 Ofek et al. Sep 2003 A1
20030191730 Adkins et al. Oct 2003 A1
20030204562 Hwang Oct 2003 A1
20030233383 Koskimies Dec 2003 A1
20030233493 Boldon et al. Dec 2003 A1
20040010716 Childress et al. Jan 2004 A1
20040068554 Bales et al. Apr 2004 A1
20040073787 Ban et al. Apr 2004 A1
20040093492 Daude et al. May 2004 A1
20040104927 Husain et al. Jun 2004 A1
20040107273 Biran et al. Jun 2004 A1
20040123153 Wright et al. Jun 2004 A1
20040128346 Melamed et al. Jul 2004 A1
20040148306 Moulton et al. Jul 2004 A1
20040180721 Rowe Sep 2004 A1
20040193876 Donley et al. Sep 2004 A1
20040201604 Kraenzel et al. Oct 2004 A1
20040236843 Wing et al. Nov 2004 A1
20040243650 McCrory et al. Dec 2004 A1
20040243928 Hesmer et al. Dec 2004 A1
20050027846 Wolfe et al. Feb 2005 A1
20050033808 Cheng et al. Feb 2005 A1
20050044197 Lai Feb 2005 A1
20050044544 Slivka et al. Feb 2005 A1
20050060281 Bucher et al. Mar 2005 A1
20050071267 Takahashi et al. Mar 2005 A1
20050096920 Matz et al. May 2005 A1
20050108297 Rollin et al. May 2005 A1
20050108546 Lehew et al. May 2005 A1
20050108593 Purushothaman et al. May 2005 A1
20050144218 Heintz Jun 2005 A1
20050149729 Zimmer et al. Jul 2005 A1
20050160289 Shay Jul 2005 A1
20050188315 Campbell et al. Aug 2005 A1
20050193245 Hayden et al. Sep 2005 A1
20050198196 Bohn et al. Sep 2005 A1
20050198239 Hughes Sep 2005 A1
20050216524 Gomes et al. Sep 2005 A1
20050216902 Schaefer Sep 2005 A1
20050226059 Kavuri et al. Oct 2005 A1
20050256952 Mouhanna et al. Nov 2005 A1
20050262503 Kane Nov 2005 A1
20050268145 Hufferd et al. Dec 2005 A1
20050273486 Keith, Jr. Dec 2005 A1
20050283606 Williams Dec 2005 A1
20050286435 Ogawa et al. Dec 2005 A1
20060021040 Boulanger et al. Jan 2006 A1
20060031377 Ng et al. Feb 2006 A1
20060031407 Dispensa et al. Feb 2006 A1
20060031529 Keith, Jr. Feb 2006 A1
20060035713 Cockerille et al. Feb 2006 A1
20060041641 Breiter et al. Feb 2006 A1
20060041759 Kaliski, Jr. et al. Feb 2006 A1
20060047716 Keith, Jr. Mar 2006 A1
20060047946 Keith, Jr. Mar 2006 A1
20060059384 Helliker Mar 2006 A1
20060074943 Nakano et al. Apr 2006 A1
20060095705 Wichelman et al. May 2006 A1
20060129459 Mendelsohn Jun 2006 A1
20060143709 Brooks et al. Jun 2006 A1
20060149955 Velhal et al. Jul 2006 A1
20060179061 D'Souza et al. Aug 2006 A1
20060224544 Keith, Jr. Oct 2006 A1
20060224545 Keith, Jr. Oct 2006 A1
20060233310 Adams, Jr. et al. Oct 2006 A1
20070011292 Fritsch et al. Jan 2007 A1
20070078982 Aidun et al. Apr 2007 A1
20070094269 Mikesell et al. Apr 2007 A1
20070143374 D'Souza et al. Jun 2007 A1
20070174658 Takamoto et al. Jul 2007 A1
20070174690 Kambara et al. Jul 2007 A1
20070185936 Derk et al. Aug 2007 A1
20070233633 Keith, Jr. Oct 2007 A1
20070239905 Banerjee et al. Oct 2007 A1
20070255604 Seelig Nov 2007 A1
20070271290 Keith, Jr. Nov 2007 A1
20070271428 Alturi Nov 2007 A1
20070274315 Keith, Jr. Nov 2007 A1
20070276836 Chatterjee et al. Nov 2007 A1
20080016387 Bensinger Jan 2008 A1
20080034019 Cisler et al. Feb 2008 A1
20080034071 Wilkinson et al. Feb 2008 A1
20080072002 Kuwahara et al. Mar 2008 A1
20080077622 Keith, Jr. Mar 2008 A1
20080077630 Keith, Jr. Mar 2008 A1
20080127294 Keith, Jr. May 2008 A1
20080209142 Obernuefemann Aug 2008 A1
20080216168 Larson et al. Sep 2008 A1
20080294860 Stakutis et al. Nov 2008 A1
20080313632 Kumar et al. Dec 2008 A1
20090075593 Demirbasa et al. Mar 2009 A1
20090094362 Huff Apr 2009 A1
20100050011 Takamoto et al. Feb 2010 A1
20100125770 Keith, Jr. May 2010 A1
20110047118 Keith, Jr. Feb 2011 A1
20120198154 Keith, Jr. Aug 2012 A1
20120272099 Keith, Jr. Oct 2012 A1
20130031405 Keith, Jr. Jan 2013 A1
Foreign Referenced Citations (11)
Number Date Country
WO2005119493 Dec 2005 WO
WO2005119494 Dec 2005 WO
WO2005119495 Dec 2005 WO
WO2006010131 Jan 2006 WO
WO2006094282 Sep 2006 WO
WO2006094301 Sep 2006 WO
WO2007139962 Dec 2007 WO
WO2007139963 Dec 2007 WO
WO2008039386 Apr 2008 WO
WO2008039394 Apr 2008 WO
WO2008039395 Apr 2008 WO
Non-Patent Literature Citations (24)
Entry
http://www.backup.com.
http://www.swapdrive.com/sdbackup.asp.
http://www.macrovision.com/products/flexnet—installshield/installshield/overview/index.shtml, pp. 1-3.
http://macrovision.com/products/flexnet—installshield/installshield/index.shtml, pp. 1-2.
http:/ www.stealthbits.com/, pp. 1-2.
http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/featusability/inmnwp.mspx, pp. 1-36.
http://en.wikipedia.org/wik/Expert—system, pp. 1-9.
http://www.pctools.com/registry-mechanic/, pp. 1-2.
IEEE100 The Authoritative Dictionary of IEEE Standards Terms, Seventh Edition, Jan. 2003, 3 pages.
VMware, VMware Infrastructure Architecture Overview, Jun. 14, 2006, http:/www.vmware.com/resourse/techresources/, pp. 1-14.
VMware, Using VMware Infrastructure for Backup and Restore, Oct. 26, 2006, http:/www.vmware.com/resourse/techresources/, pp. 1-20.
Bandwidth Capping at Source http://www.24onlinebilling.com/download/whitepapers/Bandwidth%20Capping%20At%20Source.pdf pp. 1-9.
IBM Corporation, AFS: “User Guide”, First Edition, Version 3.6. Apr. 2000, pp. 112.
Shepler et al. “RFC 3530—Network File System (NFS) version 4 Protocol”, Standards Track, Apr. 2003, pp. 278, http://tools.ietf.org/html/rfc3530#page-119.
Microsoft@ Computer Dictionary, Fifth Edition, 2002, 3 pages.
Tridgell, A., “Efficient Algorithms for Sorting and Synchronization,” Thesis, The Australian National University, Feb. 1999, 106 pages.
MacDonald, J.P., “File System Support for Delta Compression,” University of California at Berkeley, Dept. of Electrical Engineering and Computer Sciences, May 19, 2000, 32 pages.
Muthitacharoen et al., “A Low-bandwidth Network File System,” MIT Laboratory for Computer Science and NYU Department of Computer Science, 2001, 14 pages.
Random House Unabridged Dictionary, “device: meaning and definitions,” 1997, Random House Inc., retrieved via “http://dictionary.infoplease.com/device”.
Yu et al., “Scalable network resource management for large scale Virtual Private Networks,” Simulation Modeling Practice and Theory, 12 (2004) pp. 263-285.
Cisco PIX “Configuring an IPSec Tunnel Between a Cisco Secure PIX Firewall and a Checkpoint NG Firewall,” May 12, 2006, document ID 23785.
Microsoft Press, Microsoft® Computer Dictionary, Fifth Edition, May 1, 2002, p. 39.
Definition of Plug-in (computing) from http://en.wikipedia.org/wiki/Plug-in—(computing), printed on Jun. 18, 2011, 1 page.
Plug-in definition from Wikipedia, http://en.wikipedia.org/wiki/Plug-in—(computing) printed Nov. 6, 2011, 5 pages.
Related Publications (1)
Number Date Country
20070274315 A1 Nov 2007 US