A method and system for providing web resources having long identifiers through a zero trust network environment. The method comprises receiving a request from a client device to access a web resource through a zero trust network environment, wherein the web resource is external to the zero trust network environment, the request including a first uniform resource locator (URL), and the resource further including a second URL having a first length; fetching the web resource based on the first URL; generating a shortened alternate URL based on at least a portion of the second URL, in response to determining that the first length exceeds a predetermined threshold; generating an alternate resource, the alternate resource including the shortened alternate URL replacing the second URL; and providing the alternate resource to the client device.

Guest-to-host virtual networking can include linking a virtual entity proxy to a network adapter of a host machine through a virtual bridge. In response to a request that starts a guest running on the host machine, the guest can be configured to point to the virtual entity proxy and to communicatively couple to a network through the virtual entity proxy linked to the network adapter of the host machine. The virtual entity proxy can be bound to the network, such that the virtual entity proxy intermediates communications between the guest and one or more other guests running on one or more different host machines that are also communicatively coupled to the network.

Systems and methods for resolving names in a data network. A data network includes an information-centric network layer, ICN-layer, with multiple routers, and a name resolution layer with multiple name resolvers. Each router receives an interest packet announcement describing data objects provided by a data producer. Each router determines a first name resolver of the name resolution layer closest to the data producer and sends a name of the provided data object and geo-location of the data producer to the first name resolver. The first name resolver transmits the name of the data object and geo-location of the data producer to other name resolvers. Each router receives an interest packet request describing a data object requested by a data consumer. Each router transmits the interest packet request to a second name resolver spatially closest to the data consumer. Each name resolver provides the geo-location of the requested data object to the data consumer.

Symmetric storage using a cloud-based storage system, including: receiving, at a cloud-based storage system among storage systems synchronously replicating a dataset, an I/O operation directed to the dataset; determining, in dependence upon the I/O operation, a metadata update describing a mapping of segments of content to an address within a storage object, wherein the storage object includes the dataset; and synchronizing metadata on another storage system of the storage systems by sending the metadata update from the cloud-based storage system to the other storage system to update a metadata representation on the second storage system in accordance with the metadata update.

Systems and methods are disclosed for enforcing at least one rule associated with a geofence. At least one device is constructed and configured in network communication with a server platform and a database. The server platform defines at least one geofence for a region of interest and specifies at least one rule associated with the at least one geofence, thereby creating a rule-space model for the region of interest. The at least one geofence comprises a multiplicity of geographic designators with each geographic designator assigned with a unique IPv6 address. The at least one device receives at least one notification signal regarding the at least one rule from the at least one server platform and implements the at least one rule when the at least one device is within a predetermined distance from the at least one geofence for the region of interest.

Techniques of network virtualization of containers in cloud-based system are disclosed herein. In one embodiment, a method includes receiving a selection of a host in the computer system to instantiate a container in response to a request from a user. In response to the received selection, the method includes identifying parameters of network operations on the selected host to instantiate the requested container and assigning a network address to the container to be instantiated on the selected host in the computer system, the assigned network address is addressable from outside of the selected host without network name translation. The method can then include transmitting an instruction to the selected host to instantiate the requested container based on the assigned network address.

The present invention discloses a method for managing cloud service authority in a cloud storage system, which includes: a set of cloud data and a plurality of data servers. The cloud data includes a plurality of user object files and global access control information. Each data server includes an access control enforcement unit for executing or rejecting I/O requests from the client computers, where the access control enforcement unit includes local access control information. The method includes steps of: changing the content of the global access control information in the cloud data; downloading, by the data servers, the changed global access control information from the cloud data; updating, by the data servers, the local access control information therein according to the downloaded global access control information; and processing, by the data servers, I/O requests from the client computers according to the updated local access control information.

A method and a device for notification, by a notification device, of the use by at least one terminal of an uncertified domain name server. The method includes: receiving a request from the at least one terminal, the request comprising at least one parameter corresponding to a first address enabling communication with a server; searching for the first address in a list, the list comprising at least one address obtained from at least one certified domain name server; and notification, according to the search result, of the use by the at least one terminal of an uncertified domain name server.

A method for providing alternative object identifiers for objects of an address space of a server within an OPC UA based communication environment, wherein each object of the address space of the server is uniquely identified by a conventional object identifier, wherein at least one additional identifier is defined and is stored in a directory of additional identifiers defined for this address space of the server, and wherein an alternative object identifier also uniquely identifying the object is formed for each object of the address space of the server, whereby the additional identifier is combined with the conventional object identifier of the respective object according to a determined pattern. Another method for validating alternative object identifiers and a method for determining references of object identifiers, as well as a server, a system, and a computer program product designed to carry out at least one of the methods.

Systems and methods are disclosed for enforcing at least one rule associated with a geofence. At least one device is constructed and configured in network communication with a server platform and a database. The server platform defines at least one geofence for a region of interest and specifies at least one rule associated with the at least one geofence, thereby creating a rule-space model for the region of interest. The at least one geofence comprises a multiplicity of geographic designators with each geographic designator assigned with a unique IPv6 address. The at least one device receives at least one notification signal regarding the at least one rule from the at least one server platform and implements the at least one rule when the at least one device is within a predetermined distance from the at least one geofence for the region of interest.