公开(公告)号：US07958368B2

公开(公告)日：2011-06-07

申请号：US11486544

申请日：2006-07-14

Applicant: Jeremy L. Dewey ,  Noah Horton ,  Rohit Gupta ,  Todd R. Manion

Inventor： Jeremy L. Dewey ,  Noah Horton ,  Rohit Gupta ,  Todd R. Manion

IPC: G06F21/00

CPC classification number: H04L63/0823 ,  H04L63/083

Abstract: A system, apparatus, method, and computer-readable medium are provided for authorizing a computing node to participate in a group of computing nodes utilizing a shared group password. According to one method described herein, an invitation to join a group is transmitted to a tentative group member node. The invitation is used to establish a connection with a group member node of the group. The tentative group member node generates a hash of a group password and transmits the hash to the group member node. When the group member node receives the hash, the group member node compares the received value to a previously stored hash of the group password. If the previously stored value is identical to the value received from the tentative group member node, then the tentative group member node is authorized as a new member of the group. Otherwise the tentative group member node is not permitted to become a member of the group.

Abstract translation: 提供了一种系统，装置，方法和计算机可读介质，用于使用共享组密码来授权计算节点参与一组计算节点。 根据本文描述的一种方法，将加入组的邀请传送到临时组成员节点。 该邀请用于与该组的组成员节点建立连接。 临时组成员节点生成组密码的散列，并将散列发送到组成员节点。 当组成员节点接收到散列时，组成员节点将接收到的值与先前存储的组密码的散列进行比较。 如果先前存储的值与从暂定组成员节点接收到的值相同，那么临时组成员节点被授权为该组的新成员。 否则暂时的组成员节点不允许成为组的成员。

公开(公告)号：US07814214B2

公开(公告)日：2010-10-12

申请号：US12483507

申请日：2009-06-12

Applicant: Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

Inventor： Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

IPC: G06F15/16

CPC classification number: H04L67/104 ,  H04L67/24

Abstract: Systems and methods are described that facilitate the management of contact information, at least some of the contact information related to entities in a serverless, peer-to-peer system. A contact store may store information regarding which other entities of a plurality of other entities are authorized to monitor presence of a user entity. Presence of an entity may generally indicate the willingness and/or ability of the entity to communicate and/or collaborate with other entities, for example. The contact store may also store information regarding which other entities of the plurality of other entities the presence of which should be monitored by the system. A user entity may be able to add contacts to and/or delete contacts from the contact store, for example. The user entity may also be able to modify the contact store to modify which other entities are authorized to monitor presence of the user entity and/or which other entities the presence information of which should be monitored by the system, for example.

Abstract translation: 描述了便于管理联系人信息的系统和方法，至少一些与无服务器，对等系统中的实体有关的联系信息。 联系人存储可以存储关于多个其他实体的哪些其他实体被授权以监视用户实体的存在的信息。 实体的存在通常可以指示实体与其他实体进行通信和/或协作的意愿和/或能力。 联系人存储还可以存储关于多个其他实体中哪个其他实体的存在的信息，其中存在哪个应该由系统监视。 例如，用户实体可能能够向联系人商店添加联系人和/或删除联系人。 用户实体还可能能够修改联系人存储，以修改哪个其他实体被授权来监视用户实体的存在和/或其中的哪些实体，其存在信息应由系统监视。

公开(公告)号：US20090248868A1

公开(公告)日：2009-10-01

申请号：US12483507

申请日：2009-06-12

Applicant: Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

Inventor： Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

IPC: G06F15/173 ,  G06F15/16

CPC classification number: H04L67/104 ,  H04L67/24

Abstract: Systems and methods are described that facilitate the management of contact information, at least some of the contact information related to entities in a serverless, peer-to-peer system. A contact store may store information regarding which other entities of a plurality of other entities are authorized to monitor presence of a user entity. Presence of an entity may generally indicate the willingness and/or ability of the entity to communicate and/or collaborate with other entities, for example. The contact store may also store information regarding which other entities of the plurality of other entities the presence of which should be monitored by the system. A user entity may be able to add contacts to and/or delete contacts from the contact store, for example. The user entity may also be able to modify the contact store to modify which other entities are authorized to monitor presence of the user entity and/or which other entities the presence information of which should be monitored by the system, for example.

Abstract translation: 描述了便于管理联系人信息的系统和方法，至少一些与无服务器，对等系统中的实体有关的联系信息。 联系人存储可以存储关于多个其他实体的哪些其他实体被授权以监视用户实体的存在的信息。 实体的存在通常可以指示实体与其他实体进行通信和/或协作的意愿和/或能力。 联系人存储还可以存储关于多个其他实体中哪个其他实体的存在的信息，其中存在哪个应该由系统监视。 例如，用户实体可能能够向联系人商店添加联系人和/或删除联系人。 用户实体还可能能够修改联系人存储，以修改哪个其他实体被授权来监视用户实体的存在和/或其中的哪些实体，其存在信息应由系统监视。

公开(公告)号：US20090006849A1

公开(公告)日：2009-01-01

申请号：US12138421

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: H04L9/00 ,  G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US07444372B2

公开(公告)日：2008-10-28

申请号：US11375726

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F15/16 ,  H04L9/00

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

公开(公告)号：US07350074B2

公开(公告)日：2008-03-25

申请号：US11110592

申请日：2005-04-20

Applicant: Rohit Gupta ,  Todd R. Manion ,  Ravi T. Rao ,  Sandeep K. Singhal

Inventor： Rohit Gupta ,  Todd R. Manion ,  Ravi T. Rao ,  Sandeep K. Singhal

IPC: H04K1/00 ,  H04L9/00 ,  H04L9/32

CPC classification number: H04L9/321 ,  H04L9/3265 ,  H04L63/0823 ,  H04L63/0869 ,  H04L2209/80

Abstract: An authentication mechanism uses a trusted people store that can be populated on an individual basis by users of computing devices, and can comprise certificates of entities that the user wishes to allow to act as certification authorities. Consequently, peer-to-peer connections can be made even if neither device presents a certificate or certificate chain signed by a third-party certificate authority, so long as each device present a certificate or certificate chain signed by a device present in the trusted people store. Once authenticated, a remote user can access trusted resources on a host device by having local processes mimic the user and create an appropriate token by changing the user's password or password type to a hash of the user's certificate and then logging the user on. The token can be referenced in a standard manner to determine whether the remote user is authorized to access the trusted resource.

Abstract translation: 认证机制使用可被计算设备的用户单独填充的受信任的人员存储，并且可以包括用户希望允许作为认证机构的实体的证书。 因此，即使两个设备都没有呈现由第三方认证机构签名的证书或证书链，只要每个设备呈现由可信任人员中存在的设备签名的证书或证书链，就可以进行对等连接 商店。 一旦经过身份验证，远程用户可以通过使本地进程模仿用户并通过将用户的密码或密码类型更改为用户证书的哈希值，然后记录用户来创建适当的令牌来访问主机设备上的受信任资源。 可以以标准方式引用令牌，以确定远程用户是否被授权访问受信任的资源。

公开(公告)号：US20070168512A1

公开(公告)日：2007-07-19

申请号：US11376397

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John Miller ,  Graham Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John Miller ,  Graham Wheeler

IPC: G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US20060114851A1

公开(公告)日：2006-06-01

申请号：US10999389

申请日：2004-11-30

Applicant: Rohit Gupta ,  Ravindra Singh ,  Sajal Das

Inventor： Rohit Gupta ,  Ravindra Singh ,  Sajal Das

IPC: H04Q7/00 ,  H04J3/02

CPC classification number: H04W74/002 ,  H04L47/14 ,  H04W16/14 ,  H04W74/0833 ,  H04W80/02 ,  H04W84/18

Abstract: A multi-tone synchronous collision resolution system permits communication nodes within a MANET to contend simultaneously for a plurality of available channels. The communication nodes contend for access using a synchronous signaling mechanism that utilizes multiple tones in a synchronous manner to resolve contentions. Contentions are arbitrated locally, and a surviving subset of communication nodes is selected. The communication nodes of the surviving subset then transmit data packets simultaneously across the available communication channels.

Abstract translation: 多音同步冲突解决系统允许MANET内的通信节点同时争用多个可用信道。 通信节点使用同步信令机制来竞争接入，该同步信令机制以同步方式利用多个音调来解决争用。 争用在本地进行仲裁，并选择一个幸存的通信节点子集。 幸存子集的通信节点然后在可用的通信信道上同时传输数据分组。

公开(公告)号：US20050177715A1

公开(公告)日：2005-08-11

申请号：US10775916

申请日：2004-02-09

Applicant: Grigori Somin ,  Rohit Gupta

Inventor： Grigori Somin ,  Rohit Gupta

IPC: H04L9/32 ,  H04L29/06 ,  H04L29/08 ,  H04L9/00

CPC classification number: H04L63/0442 ,  H04L9/3265 ,  H04L63/0823 ,  H04L67/104 ,  H04L67/1044 ,  H04L67/1046 ,  H04L2209/60 ,  H04L2209/80

Abstract: Disclosed is a system for organizing and storing information about multiple peer identities. New certificates are introduced that enable a user to efficiently create, modify, and delete identities and groups. New storage structures enable the user to list and search through existing identities, groups, and their related certificates. An identity certificate contains information about a peer identity. A group root certificate is created by a user when he decides to create a new group. When the group creator user wishes to invite another entity to join the group, it creates another type of certificate called a group membership certificate. The group membership certificate is logically “chained” to the group root certificate. The invitee checks the validity of these certificates by checking that the chaining has been properly done. The invitee may then be allowed to invite other entities to join the group by sending out its own group membership certificates.

Abstract translation: 公开了一种用于组织和存储关于多个对等体身份的信息的系统。 引入了新的证书，使用户能够有效地创建，修改和删除身份和组。 新的存储结构使用户能够列出和搜索现有身份，组及其相关证书。 身份证书包含有关对等体身份的信息。 当他决定创建一个新组时，用户创建一个组根证书。 当组创建者用户希望邀请另一个实体加入组时，它创建另一种称为组成员资格证书的证书类型。 组成员证书在逻辑上“链接”到组根证书。 被邀请者通过检查链接是否正确完成，检查这些证书的有效性。 然后可以允许受邀者邀请其他实体通过发送自己的组成员证书来加入该组。

公开(公告)号：US20170161744A1

公开(公告)日：2017-06-08

申请号：US15233789

申请日：2016-08-10

Applicant: Rohit Gupta ,  Yash Pal Gupta

Inventor： Rohit Gupta ,  Yash Pal Gupta

IPC: G06Q20/40 ,  G06Q20/10

CPC classification number: G06Q20/4014 ,  G06Q20/10

Abstract: A cash withdrawal system and method are provided. The system enables the withdrawal of cash associated with a withdrawal cash user at merchant locations.