公开(公告)号：US20060179139A1

公开(公告)日：2006-08-10

申请号：US11375726

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John Miller ,  Graham Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John Miller ,  Graham Wheeler

IPC: G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

公开(公告)号：US20060161657A1

公开(公告)日：2006-07-20

申请号：US11375748

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John Miller ,  Graham Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John Miller ,  Graham Wheeler

IPC: G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US08947444B1

公开(公告)日：2015-02-03

申请号：US12331307

申请日：2008-12-09

Applicant: Ziyad S. Hakura ,  Emmett M. Kilgariff ,  Michael C. Shebanow ,  James C. Bowman ,  Philip Browning Johnson ,  Johnny S. Rhoades ,  Rohit Gupta

Inventor： Ziyad S. Hakura ,  Emmett M. Kilgariff ,  Michael C. Shebanow ,  James C. Bowman ,  Philip Browning Johnson ,  Johnny S. Rhoades ,  Rohit Gupta

IPC: G06T1/00

CPC classification number: G06T1/20

Abstract: A data structure that includes pointers to vertex attributes and primitive descriptions is generated and then processed within a general processing cluster. The general processing cluster includes a vertex attribute fetch unit that fetches from memory vertex attributes corresponding to the vertices defined by the primitive descriptions.

Abstract translation: 生成包含指向顶点属性和原始描述的指针的数据结构，然后在通用处理集群中进行处理。 一般处理集群包括从与由原始描述定义的顶点相对应的存储器顶点属性中获取的顶点属性提取单元。

公开(公告)号：US20120126099A1

公开(公告)日：2012-05-24

申请号：US12951275

申请日：2010-11-22

Applicant: Asim Tewari ,  Rohit Gupta ,  Chandra S. Namuduri

Inventor： Asim Tewari ,  Rohit Gupta ,  Chandra S. Namuduri

IPC: G01J1/44 ,  B60J3/04

CPC classification number: B60J3/04 ,  B60J3/00 ,  B60J3/02 ,  B60R1/00 ,  G02B26/02 ,  Y02T10/88

Abstract: A method of reducing glare may include sensing a first light source with a second vehicle, and sensing a second light source with a first vehicle and oscillating a first light source ICF between a substantially opaque state and a substantially clear state on a first schedule. A second windscreen ICF may be oscillating between the substantially opaque state and the substantially clear state on a second schedule different from the first schedule. A position of the light source may be sensed and an eye position of the occupant estimated. An intersecting region of the selectively-darkenable ICF, which is located substantially along a line from the position of the light source to the eye position, is calculated. The intersecting region of the ICF is darkened, such that a reduced amount of light from the light source passes through the intersecting region.

Abstract translation: 减少眩光的方法可以包括用第二车辆感测第一光源，以及用第一车辆感测第二光源，并且在第一时间表上使基本上不透明状态和基本上清晰的状态之间振荡第一光源ICF。 第二挡风玻璃ICF可以在基本上不透明状态和基本上清楚的状态之间以与第一调度不同的第二调度摆动。 可以感测光源的位置并估计乘员的眼睛位置。 计算基本上沿着从光源的位置到眼睛位置的线的选择性可暗化ICF的相交区域。 ICF的相交区域变暗，使得来自光源的光量减少通过交叉区域。

公开(公告)号：US07958368B2

公开(公告)日：2011-06-07

申请号：US11486544

申请日：2006-07-14

Applicant: Jeremy L. Dewey ,  Noah Horton ,  Rohit Gupta ,  Todd R. Manion

Inventor： Jeremy L. Dewey ,  Noah Horton ,  Rohit Gupta ,  Todd R. Manion

IPC: G06F21/00

CPC classification number: H04L63/0823 ,  H04L63/083

Abstract: A system, apparatus, method, and computer-readable medium are provided for authorizing a computing node to participate in a group of computing nodes utilizing a shared group password. According to one method described herein, an invitation to join a group is transmitted to a tentative group member node. The invitation is used to establish a connection with a group member node of the group. The tentative group member node generates a hash of a group password and transmits the hash to the group member node. When the group member node receives the hash, the group member node compares the received value to a previously stored hash of the group password. If the previously stored value is identical to the value received from the tentative group member node, then the tentative group member node is authorized as a new member of the group. Otherwise the tentative group member node is not permitted to become a member of the group.

Abstract translation: 提供了一种系统，装置，方法和计算机可读介质，用于使用共享组密码来授权计算节点参与一组计算节点。 根据本文描述的一种方法，将加入组的邀请传送到临时组成员节点。 该邀请用于与该组的组成员节点建立连接。 临时组成员节点生成组密码的散列，并将散列发送到组成员节点。 当组成员节点接收到散列时，组成员节点将接收到的值与先前存储的组密码的散列进行比较。 如果先前存储的值与从暂定组成员节点接收到的值相同，那么临时组成员节点被授权为该组的新成员。 否则暂时的组成员节点不允许成为组的成员。

公开(公告)号：US07814214B2

公开(公告)日：2010-10-12

申请号：US12483507

申请日：2009-06-12

Applicant: Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

Inventor： Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

IPC: G06F15/16

CPC classification number: H04L67/104 ,  H04L67/24

Abstract: Systems and methods are described that facilitate the management of contact information, at least some of the contact information related to entities in a serverless, peer-to-peer system. A contact store may store information regarding which other entities of a plurality of other entities are authorized to monitor presence of a user entity. Presence of an entity may generally indicate the willingness and/or ability of the entity to communicate and/or collaborate with other entities, for example. The contact store may also store information regarding which other entities of the plurality of other entities the presence of which should be monitored by the system. A user entity may be able to add contacts to and/or delete contacts from the contact store, for example. The user entity may also be able to modify the contact store to modify which other entities are authorized to monitor presence of the user entity and/or which other entities the presence information of which should be monitored by the system, for example.

Abstract translation: 描述了便于管理联系人信息的系统和方法，至少一些与无服务器，对等系统中的实体有关的联系信息。 联系人存储可以存储关于多个其他实体的哪些其他实体被授权以监视用户实体的存在的信息。 实体的存在通常可以指示实体与其他实体进行通信和/或协作的意愿和/或能力。 联系人存储还可以存储关于多个其他实体中哪个其他实体的存在的信息，其中存在哪个应该由系统监视。 例如，用户实体可能能够向联系人商店添加联系人和/或删除联系人。 用户实体还可能能够修改联系人存储，以修改哪个其他实体被授权来监视用户实体的存在和/或其中的哪些实体，其存在信息应由系统监视。

公开(公告)号：US20090248868A1

公开(公告)日：2009-10-01

申请号：US12483507

申请日：2009-06-12

Applicant: Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

Inventor： Andre R. Classen ,  Anirudh Anirudh ,  David G. Thaler ,  Kevin R. Tao ,  Ravi T. Rao ,  Rohit Gupta ,  Tomer Weisberg ,  Upshur Warren Parks, III

IPC: G06F15/173 ,  G06F15/16

CPC classification number: H04L67/104 ,  H04L67/24

Abstract: Systems and methods are described that facilitate the management of contact information, at least some of the contact information related to entities in a serverless, peer-to-peer system. A contact store may store information regarding which other entities of a plurality of other entities are authorized to monitor presence of a user entity. Presence of an entity may generally indicate the willingness and/or ability of the entity to communicate and/or collaborate with other entities, for example. The contact store may also store information regarding which other entities of the plurality of other entities the presence of which should be monitored by the system. A user entity may be able to add contacts to and/or delete contacts from the contact store, for example. The user entity may also be able to modify the contact store to modify which other entities are authorized to monitor presence of the user entity and/or which other entities the presence information of which should be monitored by the system, for example.

Abstract translation: 描述了便于管理联系人信息的系统和方法，至少一些与无服务器，对等系统中的实体有关的联系信息。 联系人存储可以存储关于多个其他实体的哪些其他实体被授权以监视用户实体的存在的信息。 实体的存在通常可以指示实体与其他实体进行通信和/或协作的意愿和/或能力。 联系人存储还可以存储关于多个其他实体中哪个其他实体的存在的信息，其中存在哪个应该由系统监视。 例如，用户实体可能能够向联系人商店添加联系人和/或删除联系人。 用户实体还可能能够修改联系人存储，以修改哪个其他实体被授权来监视用户实体的存在和/或其中的哪些实体，其存在信息应由系统监视。

公开(公告)号：US20090006849A1

公开(公告)日：2009-01-01

申请号：US12138421

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: H04L9/00 ,  G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US07444372B2

公开(公告)日：2008-10-28

申请号：US11375726

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F15/16 ,  H04L9/00

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

公开(公告)号：US07350074B2

公开(公告)日：2008-03-25

申请号：US11110592

申请日：2005-04-20

Applicant: Rohit Gupta ,  Todd R. Manion ,  Ravi T. Rao ,  Sandeep K. Singhal

Inventor： Rohit Gupta ,  Todd R. Manion ,  Ravi T. Rao ,  Sandeep K. Singhal

IPC: H04K1/00 ,  H04L9/00 ,  H04L9/32

CPC classification number: H04L9/321 ,  H04L9/3265 ,  H04L63/0823 ,  H04L63/0869 ,  H04L2209/80

Abstract: An authentication mechanism uses a trusted people store that can be populated on an individual basis by users of computing devices, and can comprise certificates of entities that the user wishes to allow to act as certification authorities. Consequently, peer-to-peer connections can be made even if neither device presents a certificate or certificate chain signed by a third-party certificate authority, so long as each device present a certificate or certificate chain signed by a device present in the trusted people store. Once authenticated, a remote user can access trusted resources on a host device by having local processes mimic the user and create an appropriate token by changing the user's password or password type to a hash of the user's certificate and then logging the user on. The token can be referenced in a standard manner to determine whether the remote user is authorized to access the trusted resource.

Abstract translation: 认证机制使用可被计算设备的用户单独填充的受信任的人员存储，并且可以包括用户希望允许作为认证机构的实体的证书。 因此，即使两个设备都没有呈现由第三方认证机构签名的证书或证书链，只要每个设备呈现由可信任人员中存在的设备签名的证书或证书链，就可以进行对等连接 商店。 一旦经过身份验证，远程用户可以通过使本地进程模仿用户并通过将用户的密码或密码类型更改为用户证书的哈希值，然后记录用户来创建适当的令牌来访问主机设备上的受信任资源。 可以以标准方式引用令牌，以确定远程用户是否被授权访问受信任的资源。