公开(公告)号：US20100318745A1

公开(公告)日：2010-12-16

申请号：US12485659

申请日：2009-06-16

Applicant: Graham A. Wheeler ,  David Abzarian ,  Todd L. Carpenter ,  Didier Coussemaeker ,  Nicolas Mai ,  Jian Lin ,  Severan Rault ,  Danny Lange ,  Femando P. Zandona ,  Joseph Futty

Inventor： Graham A. Wheeler ,  David Abzarian ,  Todd L. Carpenter ,  Didier Coussemaeker ,  Nicolas Mai ,  Jian Lin ,  Severan Rault ,  Danny Lange ,  Femando P. Zandona ,  Joseph Futty

IPC: G06F12/08 ,  G06F12/00

CPC classification number: G06F12/126 ,  G06F16/9574

Abstract: This disclosure provides techniques for dynamic content caching and retrieval. For example, a computing device includes cache memory dedicated to temporarily caching data of one or more applications of the computing device. The computing device also includes storage memory to store data in response to requests by the applications. The storage memory may also temporarily cache data. Further, the computing device includes system software to represent to the applications of the computing device that the portions of the storage memory utilized to cache content are available to store data of the applications. In addition, the computing device includes application programming interfaces to provide content to a requesting application from a cache of the computing device and/or from a remote content source.

Abstract translation: 本公开提供了用于动态内容缓存和检索的技术。 例如，计算设备包括专用于暂时缓存计算设备的一个或多个应用的​​数据的高速缓冲存储器。 计算设备还包括存储存储器，以响应于应用的请求来存储数据。 存储存储器也可临时缓存数据。 此外，计算设备包括用于表示计算设备的应用的系统软件，用于缓存内容的存储存储器的部分可用于存储应用的数据。 此外，计算设备包括应用编程接口，以从计算设备的高速缓存和/或远程内容源向请求应用提供内容。

公开(公告)号：US07680930B2

公开(公告)日：2010-03-16

申请号：US12138419

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L Miller ,  Graham A Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L Miller ,  Graham A Wheeler

IPC: G06F11/30 ,  G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

公开(公告)号：US07464266B2

公开(公告)日：2008-12-09

申请号：US10779382

申请日：2004-02-13

Applicant: Graham A. Wheeler

Inventor： Graham A. Wheeler

IPC: H04L9/12

CPC classification number: H04L9/12 ,  G06F19/00 ,  H04L9/3242 ,  H04L9/3249 ,  H04L2209/38 ,  H04L2209/80

Abstract: A method and system are configured for synchronous broadcast communications by applying signature keys using hashing functions. Each subsequent transmission in a sequence includes a signature key that can be verified by hashing to a preceding signature key from a previous portion of the sequence. The first transmission in the sequence is signed using a signature key that is known by the client device, typically verified using some other mechanism such as asymmetric key signatures. Each client device can utilize an internal counter for the current time or the block number in the transmission sequence to maintain synchronized transmissions in the even that a particular portion of the sequence is missed, and to validate signature keys. Since the signature keys can be validated when they are received but not predicted before they are received, the transmission is difficult to attack while synchronization is maintained.

Abstract translation: 一种方法和系统被配置为通过使用散列函数应用签名密钥来进行同步广播通信。 序列中的每个后续传输包括签名密钥，其可以通过从序列的先前部分对先前的签名密钥进行散列来验证。 序列中的第一个传输使用客户端设备已知的签名密钥进行签名，通常使用诸如非对称密钥签名之类的其他机制进行验证。 每个客户端设备可以利用当前时间的内部计数器或传输序列中的块号来保持同步传输，即使该序列的特定部分被错过，并且验证签名密钥。 由于签名密钥在接收到它们之前可以被验证，而是在它们被接收之前未被预测，所以在保持同步的同时传输难以攻击。

公开(公告)号：US07418479B2

公开(公告)日：2008-08-26

申请号：US11376397

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US07397922B2

公开(公告)日：2008-07-08

申请号：US10608768

申请日：2003-06-27

Applicant: Alexandru Gavrilescu ,  Graham A. Wheeler ,  Grigori M. Somin ,  John L. Miller ,  Rohit Gupta

Inventor： Alexandru Gavrilescu ,  Graham A. Wheeler ,  Grigori M. Somin ,  John L. Miller ,  Rohit Gupta

IPC: H04K1/00

CPC classification number: H04L63/0823 ,  G06F21/604 ,  G06F21/6218 ,  G06F2221/2117 ,  H04L9/0833 ,  H04L9/3265

Abstract: A system and method for providing security to a graph of interconnected nodes includes a grouping multiplexing layer configured to monitor calls to the system, a graphing dynamic link layer configured to transmit and receive data to and from the graph, and a group security manager coupled to the grouping multiplexing layer and coupled to the graphing dynamic link layer; the group security manager is configured to perform security-related acts via interacting with a group database to propagate security-related information to members of a group within the graph. The group security manager is configured to provide role-based authorization on publication of one or more records and provide membership control for admission to a graph of interconnected nodes. The group security manager provides membership control by providing credentials to potential members of the graph to enable a connection and by providing a governed system for renewal and revocation of members.

Abstract translation: 用于向互连节点的图形提供安全性的系统和方法包括被配置为监视对系统的呼叫的分组多路复用层，被配置为向和从图形发送和接收数据的图形动态链路层，以及耦合到 分组复用层并耦合到图形动态链路层; 组安全管理器被配置为通过与组数据库交互来执行与安全相关的动作，以将安全性信息传播到图中的组的成员。 组安全管理器被配置为在一个或多个记录的发布上提供基于角色的授权，并提供用于允许互连节点的图形的成员资格控制。 集团安全经理通过为图表的潜在成员提供凭据来提供成员资格控制，以实现连接，并通过提供受管理的系统来更新和撤销成员。

公开(公告)号：US07251694B2

公开(公告)日：2007-07-31

申请号：US11375748

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F15/16

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US07120797B2

公开(公告)日：2006-10-10

申请号：US10132018

申请日：2002-04-24

Applicant: Graham A. Wheeler

Inventor： Graham A. Wheeler

IPC: H04L9/00 ,  H04K1/00

CPC classification number: H04L63/065 ,  H04L9/0844 ,  H04L9/3271 ,  H04L63/083 ,  H04L63/104 ,  H04L63/123

Abstract: Disclosed are methods for an invitee to gain admittance to a group. An inviter already in the group and the invitee share a secret password. The inviter uses the password to create an invitation and then issues the invitation to the invitee and to an authenticator. The authenticator creates a challenge key and challenge value and sends the challenge value to the invitee. Using the password and information from the invitation, the invitee recreates the challenge key, uses the challenge key to derive a response value from the challenge value, and sends the response value to the authenticator. The authenticator compares the response value with an expected value and, if they match, knows that the invitee must have been able to recreate the challenge key. The authenticator trusts that this invitee must be the one for which the inviter issued the invitation and admits the invitee to the group.

公开(公告)号：US07051102B2

公开(公告)日：2006-05-23

申请号：US10134780

申请日：2002-04-29

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F15/16

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

公开(公告)号：US20110307630A1

公开(公告)日：2011-12-15

申请号：US13215415

申请日：2011-08-23

Applicant: Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

Inventor： Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

IPC: G06F15/16

CPC classification number: G06F8/52

Abstract: This disclosure describes data conversion and techniques for sending and receiving data at a mobile device. In one implementation, a proxy server may receive data from a mobile device. The proxy server may convert the data and send the converted data to a network service. In another implementation, a mobile device may convert data and send that data to a network service. The network service may generate data in response and send that data to the mobile device directly

Abstract translation: 本公开描述了用于在移动设备处发送和接收数据的数据转换和技术。 在一个实现中，代理服务器可以从移动设备接收数据。 代理服务器可以转换数据并将转换的数据发送到网络服务。 在另一实现中，移动设备可以转换数据并将该数据发送到网络服务。 网络服务可以产生响应的数据，并将该数据直接发送到移动设备

公开(公告)号：US07725567B2

公开(公告)日：2010-05-25

申请号：US12138421

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L Miller ,  Graham A Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L Miller ,  Graham A Wheeler

IPC: G06F15/16 ,  H04L9/32

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.