公开(公告)号：US20080295170A1

公开(公告)日：2008-11-27

申请号：US12138419

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F21/00

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US08219699B2

公开(公告)日：2012-07-10

申请号：US13215415

申请日：2011-08-23

Applicant: Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

Inventor： Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

IPC: G06F15/16

CPC classification number: G06F8/52

Abstract: This disclosure describes data conversion and techniques for sending and receiving data at a mobile device. In one implementation, a proxy server may receive data from a mobile device. The proxy server may convert the data and send the converted data to a network service. In another implementation, a mobile device may convert data and send that data to a network service. The network service may generate data in response and send that data to the mobile device directly.

Abstract translation: 本公开描述了用于在移动设备处发送和接收数据的数据转换和技术。 在一个实现中，代理服务器可以从移动设备接收数据。 代理服务器可以转换数据并将转换的数据发送到网络服务。 在另一实现中，移动设备可以转换数据并将该数据发送到网络服务。 网络服务可以产生响应的数据，并将该数据直接发送到移动设备。

公开(公告)号：US08103441B2

公开(公告)日：2012-01-24

申请号：US12146534

申请日：2008-06-26

Applicant: David M. Callaghan ,  Mark Scott Tonkelowitz ,  Ashley Nathan Feniello ,  Graham A. Wheeler

Inventor： David M. Callaghan ,  Mark Scott Tonkelowitz ,  Ashley Nathan Feniello ,  Graham A. Wheeler

IPC: G01C21/00

CPC classification number: G01C21/26 ,  G08G1/0962 ,  H04L67/18 ,  H04L67/289 ,  H04W4/02 ,  H04W4/029

Abstract: Selectively caching content related to routing data in a computing device. Prior to traversing a route, one or more access points to a network are identified. An expected level of access to a network (e.g., signal strength) along the route is determined. Portions of the route are selected based on the expected level of access. Content corresponding to at least one of the selected portions is received and stored for access during traversal of the route. For example, map images for areas expected to have poor network connectivity are cached prior to traversing the route to ensure that routing data is displayed to a user when in those areas. During transversal of the route, content is obtained and cached if a current level of access is less than a defined threshold.

Abstract translation: 在计算设备中选择性地缓存与路由数据相关的内容。 在遍历路由之前，识别到网络的一个或多个接入点。 确定沿着路线的对网络的预期访问级别（例如，信号强度）。 根据预期的访问级别选择路由的部分。 对应于所选择的部分中的至少一个的内容被接收并存储以用于在遍历路由期间进行访问。 例如，在遍历路由之前，缓存预期具有较差网络连接性的区域的地图图像，以确保在这些区域中路由数据显示给用户。 在路由横向过程中，如果当前访问级别小于定义的阈值，则获取内容并进行缓存。

公开(公告)号：US20110307522A1

公开(公告)日：2011-12-15

申请号：US12797168

申请日：2010-06-09

Applicant: Joseph Futty ,  Danny Lange ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Fernando P. Zandona

Inventor： Joseph Futty ,  Danny Lange ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Fernando P. Zandona

IPC: G06F17/30 ,  G06F15/16

CPC classification number: G06F17/2264 ,  G06F16/93

Abstract: A transformation engine and transformation processes may reduce computational resources used by a client or a server, such as during the consumption of a document. According to some implementations, a data stream is received in a first format over a network. A mapping template may be associated with the data stream. A forward-traversal of the mapping template may be performed without the accumulation of an intermediate state. Following the traversal of the mapping template, an output stream is emitted in a second format.

Abstract translation: 转换引擎和转换过程可以减少客户端或服务器使用的计算资源，例如在消费文档期间。 根据一些实施方式，通过网络以第一格式接收数据流。 映射模板可以与数据流相关联。 可以在没有中间状态的累积的情况下执行映射模板的前向遍历。 遍历映射模板之后，以第二种格式发出输出流。

公开(公告)号：US07720962B2

公开(公告)日：2010-05-18

申请号：US11375749

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F13/00

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US20090326810A1

公开(公告)日：2009-12-31

申请号：US12146534

申请日：2008-06-26

Applicant: David M. Callaghan ,  Mark Scott Tonkelowitz ,  Ashley Nathan Feniello ,  Graham A. Wheeler

Inventor： David M. Callaghan ,  Mark Scott Tonkelowitz ,  Ashley Nathan Feniello ,  Graham A. Wheeler

IPC: G01C21/30

CPC classification number: G01C21/26 ,  G08G1/0962 ,  H04L67/18 ,  H04L67/289 ,  H04W4/02 ,  H04W4/029

Abstract: Selectively caching content related to routing data in a computing device. Prior to traversing a route, one or more access points to a network are identified. An expected level of access to a network (e.g., signal strength) along the route is determined. Portions of the route are selected based on the expected level of access. Content corresponding to at least one of the selected portions is received and stored for access during traversal of the route. For example, map images for areas expected to have poor network connectivity are cached prior to traversing the route to ensure that routing data is displayed to a user when in those areas. During transversal of the route, content is obtained and cached if a current level of access is less than a defined threshold.

Abstract translation: 在计算设备中选择性地缓存与路由数据相关的内容。 在遍历路由之前，识别到网络的一个或多个接入点。 确定沿着路线的对网络的预期访问级别（例如，信号强度）。 根据预期的访问级别选择路由的部分。 对应于所选择的部分中的至少一个的内容被接收并存储以用于在遍历路由期间进行访问。 例如，在遍历路由之前，缓存预期具有较差网络连接性的区域的地图图像，以确保在这些区域中路由数据显示给用户。 在路由横向过程中，如果当前访问级别小于定义的阈值，则获取内容并进行缓存。

公开(公告)号：US07206862B2

公开(公告)日：2007-04-17

申请号：US10128919

申请日：2002-04-24

Applicant: Graham A. Wheeler

Inventor： Graham A. Wheeler

IPC: G06F15/16

CPC classification number: H04L63/10 ,  H04L63/1466 ,  H04L67/104

Abstract: A method and system are disclosed for efficiently matching incoming packets to previously forwarded outgoing packets within a network node to ensure a response received by a network node corresponds to a previously forwarded request. The network node receives an outgoing packet including state information and computes a mapping (e.g., hash) function value based upon the state information. Thereafter, the network node sets and entry within a bitmap at a position corresponding to the mapping function value. The network node also receives an incoming packet purportedly responsive to an earlier outgoing packet and includes state information of a type corresponding to the state information of an outgoing packet. The network node computes a mapping function value based upon the state information in the incoming packet. The network node then tests an entry corresponding to the mapping function value within one or more bitmaps including bits set at positions corresponding to previously forwarded outgoing packets. If the corresponding bit is not set within at least one of the bitmaps, then the network node discards the corresponding packet. Finally, in order to maintain a relative sparse bitmap, the entries are reset after detecting a clearance threshold event.

Abstract translation: 公开了一种方法和系统，用于将进入的分组有效地匹配到网络节点内的先前转发的输出分组，以确保由网络节点接收的响应对应于先前转发的请求。 网络节点接收包括状态信息的输出分组，并根据状态信息计算映射（例如散列）函数值。 此后，网络节点在对应于映射函数值的位置处设置和输入位图。 网络节点还接收据称响应于较早输出分组的传入分组，并且包括与输出分组的状态信息对应的类型的状态信息。 网络节点根据进入的分组中的状态信息来计算映射函数值。 网络节点然后在一个或多个位图中测试与映射函数值相对应的条目，包括在与先前转发的输出分组相对应的位置处设置的比特。 如果对应的位未设置在至少一个位图中，则网络节点丢弃相应的数据包。 最后，为了保持相对稀疏的位图，在检测到清除阈值事件之后，条目被重置。

公开(公告)号：US08028079B2

公开(公告)日：2011-09-27

申请号：US12484964

申请日：2009-06-15

Applicant: Adrien Felon ,  Danny Lange ,  Joseph Futty ,  Ashley N Feniello ,  Graham A Wheeler ,  Didier Coussemaeker ,  Nicolas Mai

Inventor： Adrien Felon ,  Danny Lange ,  Joseph Futty ,  Ashley N Feniello ,  Graham A Wheeler ,  Didier Coussemaeker ,  Nicolas Mai

IPC: G06F15/16

CPC classification number: G06F8/52

Abstract: This disclosure describes data conversion and techniques for sending and receiving data at a mobile device. In one implementation, a proxy server may receive data from a mobile device. The proxy server may convert the data and send the converted data to a network service. In another implementation, a mobile device may convert data and send that data to a network service. The network service may generate data in response and send that data to the mobile device directly.

Abstract translation: 本公开描述了用于在移动设备处发送和接收数据的数据转换和技术。 在一个实现中，代理服务器可以从移动设备接收数据。 代理服务器可以转换数据并将转换的数据发送到网络服务。 在另一实现中，移动设备可以转换数据并将该数据发送到网络服务。 网络服务可以产生响应的数据，并将该数据直接发送到移动设备。

公开(公告)号：US20100318683A1

公开(公告)日：2010-12-16

申请号：US12484964

申请日：2009-06-15

Applicant: Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

Inventor： Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

IPC: G06F15/16

CPC classification number: G06F8/52

Abstract: This disclosure describes data conversion and techniques for sending and receiving data at a mobile device. In one implementation, a proxy server may receive data from a mobile device. The proxy server may convert the data and send the converted data to a network service. In another implementation, a mobile device may convert data and send that data to a network service. The network service may generate data in response and send that data to the mobile device directly

Abstract translation: 本公开描述了用于在移动设备处发送和接收数据的数据转换和技术。 在一个实现中，代理服务器可以从移动设备接收数据。 代理服务器可以转换数据并将转换的数据发送到网络服务。 在另一实现中，移动设备可以转换数据并将该数据发送到网络服务。 网络服务可以产生响应的数据，并将该数据直接发送到移动设备

公开(公告)号：US07516482B2

公开(公告)日：2009-04-07

申请号：US10623994

申请日：2003-07-21

Applicant: Graham A. Wheeler

Inventor： Graham A. Wheeler

IPC: G06F15/16

CPC classification number: H04L63/062 ,  H04L29/12066 ,  H04L61/1511 ,  H04L63/0442 ,  H04L67/104 ,  H04L69/16 ,  H04L69/167 ,  H04L69/329

Abstract: A method and data structure are provided that enables name resolution via a hierarchical or chained lookup of delegated authorities independent of requiring IP addresses of the delegated authorities. In an embodiment, the method provides for lookups by first generating cryptographic keys associated with a namespace. An authority is created using one of the cryptographic keys. Next, the method provides for enabling namespaces to refer to the authority via requesting authorities associated with the namespaces to issue a peer-to-peer type resolution so that names of the namespaces resolve to the authority. For other desired namespaces, the method provides for issuing a resolution that names the authority and names associated with the other namespaces to resolve to the other authorities. For services, the authority and a service name are published to receive and end result such as arbitrary data, an IP address, a protocol name or a port.

Abstract translation: 提供了一种方法和数据结构，可以通过分层或链接的委派权限查找来实现名称解析，而不需要授权的当局的IP地址。 在一个实施例中，该方法通过首先生成与命名空间相关联的加密密钥来提供查找。 使用其中一个加密密钥创建一个权限。 接下来，该方法提供使命名空间能够通过与命名空间相关联的请求机构来引用权限，以发出对等类型解析，以便命名空间的名称解析为权限。 对于其他所需的命名空间，该方法提供了一个解决方案，命名与其他命名空间相关联的权限和名称以解析给其他权限。 对于服务，权限和服务名称被发布以接收和结束结果，例如任意数据，IP地址，协议名称或端口。