公开(公告)号：US20110307630A1

公开(公告)日：2011-12-15

申请号：US13215415

申请日：2011-08-23

Applicant: Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

Inventor： Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

IPC: G06F15/16

CPC classification number: G06F8/52

Abstract: This disclosure describes data conversion and techniques for sending and receiving data at a mobile device. In one implementation, a proxy server may receive data from a mobile device. The proxy server may convert the data and send the converted data to a network service. In another implementation, a mobile device may convert data and send that data to a network service. The network service may generate data in response and send that data to the mobile device directly

Abstract translation: 本公开描述了用于在移动设备处发送和接收数据的数据转换和技术。 在一个实现中，代理服务器可以从移动设备接收数据。 代理服务器可以转换数据并将转换的数据发送到网络服务。 在另一实现中，移动设备可以转换数据并将该数据发送到网络服务。 网络服务可以产生响应的数据，并将该数据直接发送到移动设备

公开(公告)号：US20080295170A1

公开(公告)日：2008-11-27

申请号：US12138419

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F21/00

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US08621056B2

公开(公告)日：2013-12-31

申请号：US12958426

申请日：2010-12-02

Applicant: Didier M. Coussemaeker ,  Graham A. Wheeler ,  Nicolas Mai

Inventor： Didier M. Coussemaeker ,  Graham A. Wheeler ,  Nicolas Mai

IPC: G06F15/173

CPC classification number: H04W12/08

Abstract: Functionality is described that allows plural computing devices to share a master account. In one implementation, the functionality allows any candidate device to directly communicate with a communication system using the master account, providing that the candidate device satisfies a prescribed condition with respect to a master device. For example, the functionality can allow the candidate device to communicate with the communication system if it is within a threshold distance of the master device. In another implementation, the functionality instructs the master device and the candidate device to set up a tethering relationship. The functionality can then allow the candidate device to communicate with the communication system, via the master device, using the master account. In one implementation, the functionality can set up the tethering relationship without substantial (or any) involvement of the user (or users) who operate the master device and candidate device.

Abstract translation: 描述了允许多个计算设备共享主帐户的功能。 在一个实现中，功能允许任何候选设备直接与使用主账户的通信系统进行通信，条件是候选设备相对于主设备满足规定条件。 例如，如果候选设备处于主设备的阈值距离内，则该功能可以允许候选设备与通信系统进行通信。 在另一实现中，该功能指示主设备和候选设备建立系链关系。 然后，功能可以允许候选设备通过主设备使用主帐户与通信系统通信。 在一个实施方式中，功能可以在没有实际（或任何）参与操作主设备和候选设备的用户（或用户）的情况下建立系链关系。

公开(公告)号：US20120143978A1

公开(公告)日：2012-06-07

申请号：US12958426

申请日：2010-12-02

Applicant: Didier M. Coussemaeker ,  Graham A. Wheeler ,  Nicolas Mai

Inventor： Didier M. Coussemaeker ,  Graham A. Wheeler ,  Nicolas Mai

IPC: G06F15/16

CPC classification number: H04W12/08

Abstract: Functionality is described that allows plural computing devices to share a master account. In one implementation, the functionality allows any candidate device to directly communicate with a communication system using the master account, providing that the candidate device satisfies a prescribed condition with respect to a master device. For example, the functionality can allow the candidate device to communicate with the communication system if it is within a threshold distance of the master device. In another implementation, the functionality instructs the master device and the candidate device to set up a tethering relationship. The functionality can then allow the candidate device to communicate with the communication system, via the master device, using the master account. In one implementation, the functionality can set up the tethering relationship without substantial (or any) involvement of the user (or users) who operate the master device and candidate device.

Abstract translation: 描述了允许多个计算设备共享主帐户的功能。 在一个实现中，功能允许任何候选设备直接与使用主账户的通信系统进行通信，条件是候选设备相对于主设备满足规定条件。 例如，如果候选设备处于主设备的阈值距离内，则该功能可以允许候选设备与通信系统进行通信。 在另一实现中，该功能指示主设备和候选设备建立系链关系。 然后，功能可以允许候选设备通过主设备使用主帐户与通信系统通信。 在一个实施方式中，功能可以在没有实际（或任何）参与操作主设备和候选设备的用户（或用户）的情况下建立系链关系。

公开(公告)号：US20100318683A1

公开(公告)日：2010-12-16

申请号：US12484964

申请日：2009-06-15

Applicant: Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

Inventor： Danny Lange ,  Joseph Futty ,  Ashley N. Feniello ,  Graham A. Wheeler ,  Didier Coussemaeker ,  Nicolas Mai ,  Adrien Felon

IPC: G06F15/16

CPC classification number: G06F8/52

Abstract: This disclosure describes data conversion and techniques for sending and receiving data at a mobile device. In one implementation, a proxy server may receive data from a mobile device. The proxy server may convert the data and send the converted data to a network service. In another implementation, a mobile device may convert data and send that data to a network service. The network service may generate data in response and send that data to the mobile device directly

Abstract translation: 本公开描述了用于在移动设备处发送和接收数据的数据转换和技术。 在一个实现中，代理服务器可以从移动设备接收数据。 代理服务器可以转换数据并将转换的数据发送到网络服务。 在另一实现中，移动设备可以转换数据并将该数据发送到网络服务。 网络服务可以产生响应的数据，并将该数据直接发送到移动设备

公开(公告)号：US07516482B2

公开(公告)日：2009-04-07

申请号：US10623994

申请日：2003-07-21

Applicant: Graham A. Wheeler

Inventor： Graham A. Wheeler

IPC: G06F15/16

CPC classification number: H04L63/062 ,  H04L29/12066 ,  H04L61/1511 ,  H04L63/0442 ,  H04L67/104 ,  H04L69/16 ,  H04L69/167 ,  H04L69/329

Abstract: A method and data structure are provided that enables name resolution via a hierarchical or chained lookup of delegated authorities independent of requiring IP addresses of the delegated authorities. In an embodiment, the method provides for lookups by first generating cryptographic keys associated with a namespace. An authority is created using one of the cryptographic keys. Next, the method provides for enabling namespaces to refer to the authority via requesting authorities associated with the namespaces to issue a peer-to-peer type resolution so that names of the namespaces resolve to the authority. For other desired namespaces, the method provides for issuing a resolution that names the authority and names associated with the other namespaces to resolve to the other authorities. For services, the authority and a service name are published to receive and end result such as arbitrary data, an IP address, a protocol name or a port.

Abstract translation: 提供了一种方法和数据结构，可以通过分层或链接的委派权限查找来实现名称解析，而不需要授权的当局的IP地址。 在一个实施例中，该方法通过首先生成与命名空间相关联的加密密钥来提供查找。 使用其中一个加密密钥创建一个权限。 接下来，该方法提供使命名空间能够通过与命名空间相关联的请求机构来引用权限，以发出对等类型解析，以便命名空间的名称解析为权限。 对于其他所需的命名空间，该方法提供了一个解决方案，命名与其他命名空间相关联的权限和名称以解析给其他权限。 对于服务，权限和服务名称被发布以接收和结束结果，例如任意数据，IP地址，协议名称或端口。

公开(公告)号：US20090006849A1

公开(公告)日：2009-01-01

申请号：US12138421

申请日：2008-06-13

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: H04L9/00 ,  G06F15/173

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract translation: 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下，通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外，来自恶意节点的信息被识别，并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求，禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。

公开(公告)号：US07444372B2

公开(公告)日：2008-10-28

申请号：US11375726

申请日：2006-03-15

Applicant: Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

Inventor： Rohit Gupta ,  Alexandru Gavrilescu ,  John L. Miller ,  Graham A. Wheeler

IPC: G06F15/16 ,  H04L9/00

CPC classification number: H04L67/104 ,  H04L29/12009 ,  H04L29/12047 ,  H04L61/15 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/1458 ,  Y10S707/99939

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

公开(公告)号：US20100318745A1

公开(公告)日：2010-12-16

申请号：US12485659

申请日：2009-06-16

Applicant: Graham A. Wheeler ,  David Abzarian ,  Todd L. Carpenter ,  Didier Coussemaeker ,  Nicolas Mai ,  Jian Lin ,  Severan Rault ,  Danny Lange ,  Femando P. Zandona ,  Joseph Futty

Inventor： Graham A. Wheeler ,  David Abzarian ,  Todd L. Carpenter ,  Didier Coussemaeker ,  Nicolas Mai ,  Jian Lin ,  Severan Rault ,  Danny Lange ,  Femando P. Zandona ,  Joseph Futty

IPC: G06F12/08 ,  G06F12/00

CPC classification number: G06F12/126 ,  G06F16/9574

Abstract: This disclosure provides techniques for dynamic content caching and retrieval. For example, a computing device includes cache memory dedicated to temporarily caching data of one or more applications of the computing device. The computing device also includes storage memory to store data in response to requests by the applications. The storage memory may also temporarily cache data. Further, the computing device includes system software to represent to the applications of the computing device that the portions of the storage memory utilized to cache content are available to store data of the applications. In addition, the computing device includes application programming interfaces to provide content to a requesting application from a cache of the computing device and/or from a remote content source.

Abstract translation: 本公开提供了用于动态内容缓存和检索的技术。 例如，计算设备包括专用于暂时缓存计算设备的一个或多个应用的​​数据的高速缓冲存储器。 计算设备还包括存储存储器，以响应于应用的请求来存储数据。 存储存储器也可临时缓存数据。 此外，计算设备包括用于表示计算设备的应用的系统软件，用于缓存内容的存储存储器的部分可用于存储应用的数据。 此外，计算设备包括应用编程接口，以从计算设备的高速缓存和/或远程内容源向请求应用提供内容。

公开(公告)号：US07464266B2

公开(公告)日：2008-12-09

申请号：US10779382

申请日：2004-02-13

Applicant: Graham A. Wheeler

Inventor： Graham A. Wheeler

IPC: H04L9/12

CPC classification number: H04L9/12 ,  G06F19/00 ,  H04L9/3242 ,  H04L9/3249 ,  H04L2209/38 ,  H04L2209/80

Abstract: A method and system are configured for synchronous broadcast communications by applying signature keys using hashing functions. Each subsequent transmission in a sequence includes a signature key that can be verified by hashing to a preceding signature key from a previous portion of the sequence. The first transmission in the sequence is signed using a signature key that is known by the client device, typically verified using some other mechanism such as asymmetric key signatures. Each client device can utilize an internal counter for the current time or the block number in the transmission sequence to maintain synchronized transmissions in the even that a particular portion of the sequence is missed, and to validate signature keys. Since the signature keys can be validated when they are received but not predicted before they are received, the transmission is difficult to attack while synchronization is maintained.

Abstract translation: 一种方法和系统被配置为通过使用散列函数应用签名密钥来进行同步广播通信。 序列中的每个后续传输包括签名密钥，其可以通过从序列的先前部分对先前的签名密钥进行散列来验证。 序列中的第一个传输使用客户端设备已知的签名密钥进行签名，通常使用诸如非对称密钥签名之类的其他机制进行验证。 每个客户端设备可以利用当前时间的内部计数器或传输序列中的块号来保持同步传输，即使该序列的特定部分被错过，并且验证签名密钥。 由于签名密钥在接收到它们之前可以被验证，而是在它们被接收之前未被预测，所以在保持同步的同时传输难以攻击。