公开(公告)号：US09954678B2

公开(公告)日：2018-04-24

申请号：US14174681

申请日：2014-02-06

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Marc E. Mosko ,  Ersin Uzun

IPC: H04L9/08 ,  H04L9/30 ,  H04L9/32 ,  H04L12/725 ,  H04L29/08 ,  H04L12/931

CPC classification number: H04L9/08 ,  H04L9/0816 ,  H04L9/0825 ,  H04L9/0866 ,  H04L9/30 ,  H04L9/3228 ,  H04L9/3247 ,  H04L45/306 ,  H04L49/355 ,  H04L67/327

Abstract: A computer system can send a secure request over a named-data network to a remote device by generating an Interest with encrypted name components. During operation, the computer system can receive or obtain a request for data, such as from a local user or from a local application. If the system cannot satisfy the request locally, the system can determine at least a routable prefix and a name suffix associated with the request. The system can generate the secure Interest for the request by determining an encryption key that corresponds to a session with the remote computer system, and encrypts the name suffix using the session encryption key. The system then generates an Interest whose name includes the routable prefix and the encrypted name suffix, and disseminates the Interest over a named-data network to send the request to the remote computer system.

公开(公告)号：US09794238B2

公开(公告)日：2017-10-17

申请号：US14927034

申请日：2015-10-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Christopher A. Wood ,  Marc E. Mosko ,  Ersin Uzun

IPC: H04L9/00 ,  H04L29/06 ,  H04L9/08 ,  H04W12/04

CPC classification number: H04L63/061 ,  H04L9/0861 ,  H04L63/0807 ,  H04L63/0853 ,  H04L63/0876 ,  H04W12/04

Abstract: One embodiment provides a system that facilitates secure communication between computing entities. During operation, the system generates, by a content-consuming device, a first key based on a first consumer-share key and a previously received producer-share key. The system constructs a first interest packet that includes the first consumer-share key and a nonce token which is used as a pre-image of a previously generated first nonce, wherein the first interest has a name that includes a first prefix, and wherein the first nonce is used to establish a session between the content-consuming device and a content-producing device. In response to the nonce token being verified by the content-producing device, the system receives a first content-object packet with a payload that includes a first resumption indicator encrypted based on a second key. The system generates the second key based on a second consumer-share key and the first content-object packet.

公开(公告)号：US20170302681A1

公开(公告)日：2017-10-19

申请号：US15638038

申请日：2017-06-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Ignacio Solis ,  Glenn C. Scott ,  Ersin Uzun

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/123 ,  H04L63/20 ,  H04L65/4084 ,  H04L65/80 ,  H04L67/06 ,  H04L67/32 ,  H04L67/327

Abstract: One embodiment of the present invention provides a system for retrieving a content collection over a network. During operation, the system determines additional information associated with the piece of content that is needed for consumption of the content collection; generates a plurality of Interests, which includes at least one Interest for a catalog of the content collection and at least one Interest for the additional information; and forwards, concurrently, the plurality of Interests, thereby facilitating parallel retrieval of the content collection and the additional information.

公开(公告)号：US09699198B2

公开(公告)日：2017-07-04

申请号：US14325185

申请日：2014-07-07

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Ignacio Solis ,  Glenn C. Scott ,  Ersin Uzun

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/123 ,  H04L63/20 ,  H04L65/4084 ,  H04L65/80 ,  H04L67/06 ,  H04L67/32 ,  H04L67/327

Abstract: One embodiment of the present invention provides a system for retrieving a content collection over a network. During operation, the system determines additional information associated with the piece of content that is needed for consumption of the content collection; generates a plurality of Interests, which includes at least one Interest for a catalog of the content collection and at least one Interest for the additional information; and forwards, concurrently, the plurality of Interests, thereby facilitating parallel retrieval of the content collection and the additional information.

公开(公告)号：US10129230B2

公开(公告)日：2018-11-13

申请号：US15690485

申请日：2017-08-30

Applicant: Cisco Technology, Inc.

Inventor： Christopher A. Wood ,  Marc E. Mosko ,  Ersin Uzun

IPC: H04L29/06 ,  H04L9/08 ,  H04W12/04

Abstract: One embodiment provides a system that facilitates secure communication between computing entities. During operation, the system generates, by a content-consuming device, a first key based on a first consumer-share key and a previously received producer-share key. The system constructs a first interest packet that includes the first consumer-share key and a nonce token which is used as a pre-image of a previously generated first nonce, wherein the first interest has a name that includes a first prefix, and wherein the first nonce is used to establish a session between the content-consuming device and a content-producing device. In response to the nonce token being verified by the content-producing device, the system receives a first content-object packet with a payload that includes a first resumption indicator encrypted based on a second key. The system generates the second key based on a second consumer-share key and the first content-object packet.

公开(公告)号：US10104092B2

公开(公告)日：2018-10-16

申请号：US15638038

申请日：2017-06-29

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Ignacio Solis ,  Glenn C. Scott ,  Ersin Uzun

IPC: H04L29/06 ,  H04L29/08

Abstract: One embodiment of the present invention provides a system for retrieving a content collection over a network. During operation, the system determines additional information associated with the piece of content that is needed for consumption of the content collection; generates a plurality of Interests, which includes at least one Interest for a catalog of the content collection and at least one Interest for the additional information; and forwards, concurrently, the plurality of Interests, thereby facilitating parallel retrieval of the content collection and the additional information.

公开(公告)号：US09959156B2

公开(公告)日：2018-05-01

申请号：US14334530

申请日：2014-07-17

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Marc E. Mosko ,  Ignacio Solis ,  Ersin Uzun

IPC: G06F15/16 ,  G06F11/07 ,  H04L12/741 ,  H04L12/703 ,  H04L12/26 ,  H04L12/939 ,  H04L12/24

CPC classification number: G06F11/0784 ,  G06F11/0709 ,  G06F11/0766 ,  G06F11/0775 ,  G06F11/0793 ,  H04L41/06 ,  H04L43/0847 ,  H04L45/28 ,  H04L45/74 ,  H04L49/555 ,  H04L49/557

Abstract: One embodiment provides a system that facilitates processing of error-condition information associated with a content-centric network (CCN) message transmitted over a network. During operation, the system receives, by a first node, a packet that corresponds to a CCN message, where a name for the CCN message is a hierarchically structured variable length identifier (HSVLI) which comprises contiguous name components ordered from a most general level to a most specific level. Responsive to determining that the CCN message triggers an error condition, the system generates an interest return message by pre-pending a data structure to the CCN message, where the data structure indicates the error condition. The system transmits the interest return message to a second node.

公开(公告)号：US20170366526A1

公开(公告)日：2017-12-21

申请号：US15690485

申请日：2017-08-30

Applicant: Cisco Technology, Inc.

Inventor： Christopher A. Wood ,  Marc E. Mosko ,  Ersin Uzun

IPC: H04L29/06 ,  H04L9/08 ,  H04W12/04

CPC classification number: H04L63/061 ,  H04L9/0861 ,  H04L9/14 ,  H04L9/3271 ,  H04L63/0807 ,  H04L63/0853 ,  H04L63/0876 ,  H04L2209/60 ,  H04W12/04

Abstract: One embodiment provides a system that facilitates secure communication between computing entities. During operation, the system generates, by a content-consuming device, a first key based on a first consumer-share key and a previously received producer-share key. The system constructs a first interest packet that includes the first consumer-share key and a nonce token which is used as a pre-image of a previously generated first nonce, wherein the first interest has a name that includes a first prefix, and wherein the first nonce is used to establish a session between the content-consuming device and a content-producing device. In response to the nonce token being verified by the content-producing device, the system receives a first content-object packet with a payload that includes a first resumption indicator encrypted based on a second key. The system generates the second key based on a second consumer-share key and the first content-object packet.