会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Peer-to-peer name resolution protocol (PNRP) security infrastructure and method
    • 对等名称解析协议(PNRP)安全基础设施和方法
    • US07299351B2
    • 2007-11-20
    • US09956260
    • 2001-09-19
    • Christian HuitemaJohn L. MillerAlexandru Gavrilescu
    • Christian HuitemaJohn L. MillerAlexandru Gavrilescu
    • H04L9/00
    • H04L63/04
    • A method for use in a peer-to-peer communication system to ensure valid connections are made in a secure manner includes the steps of receiving an address record for a peer node which includes an ID certificate. The ID certificate is validated and checked to verify that the ID certificate has not expired. Further, the method determines if the node from whom the address record was received is to be trusted, and the number of instances of the IP address included in the certificate is already stored in cache. When the foregoing are completed successfully, i.e. the certificate is valid, not expired, has been supplied by a trusted neighbor, and does not point to an IP address that already exists for different ID's multiple times, the method opportunistically verifies ownership of the ID certificate at the peer node's IP address. That is, the verification of ownership only occurs when the advertiser of the ID is the owner of that ID (or when the ID is to be used). If any of the above cannot be completed successfully, the address record is discarded.
    • 在对等通信系统中用于确保有效连接的方法以安全的方式进行包括以下步骤:接收包括ID证书的对等节点的地址记录。 验证和检查ID证书以验证身份证明书尚未过期。 此外,该方法确定接收到地址记录的节点是否被信任,并且包括在证书中的IP地址的实例数量已经存储在高速缓存中。 当上述内容成功完成时,即证书是有效的,未过期的,由信任的邻居提供,并且不指向多次已经存在于不同ID的IP地址,该方法机会地验证身份证书的所有权 在对等节点的IP地址。 也就是说,所有权的验证仅在ID的广告商是该ID的所有者时(或当使用该ID时)发生。 如果上述任何一个都无法成功完成,地址记录将被丢弃。
    • 2. 发明授权
    • Peer-to-peer name resolution protocol (PNRP) security infrastructure and method
    • 对等名称解析协议(PNRP)安全基础设施和方法
    • US07720962B2
    • 2010-05-18
    • US11375749
    • 2006-03-15
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • G06F13/00
    • H04L67/104H04L29/12009H04L29/12047H04L61/15H04L63/0823H04L63/126H04L63/1458Y10S707/99939
    • A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.
    • 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下,通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外,来自恶意节点的信息被识别,并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求,禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。
    • 3. 发明申请
    • PEER-TO-PEER NAME RESOLUTION PROTOCOL (PNRP) SECURITY INFRASTRUCTURE AND METHOD
    • 同名对等人名称解决协议(PNRP)安全基础设施和方法
    • US20080295170A1
    • 2008-11-27
    • US12138419
    • 2008-06-13
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • G06F21/00
    • H04L67/104H04L29/12009H04L29/12047H04L61/15H04L63/0823H04L63/126H04L63/1458Y10S707/99939
    • A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.
    • 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下,通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外,来自恶意节点的信息被识别,并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求,禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。
    • 6. 发明授权
    • Peer-to-peer name resolution protocol (PNRP) security infrastructure and method
    • 对等名称解析协议(PNRP)安全基础设施和方法
    • US07418479B2
    • 2008-08-26
    • US11376397
    • 2006-03-15
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • G06F15/173
    • H04L67/104H04L29/12009H04L29/12047H04L61/15H04L63/0823H04L63/126H04L63/1458Y10S707/99939
    • A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.
    • 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下,通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外,来自恶意节点的信息被识别,并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求,禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。
    • 7. 发明授权
    • Group security
    • 集团安全
    • US07397922B2
    • 2008-07-08
    • US10608768
    • 2003-06-27
    • Alexandru GavrilescuGraham A. WheelerGrigori M. SominJohn L. MillerRohit Gupta
    • Alexandru GavrilescuGraham A. WheelerGrigori M. SominJohn L. MillerRohit Gupta
    • H04K1/00
    • H04L63/0823G06F21/604G06F21/6218G06F2221/2117H04L9/0833H04L9/3265
    • A system and method for providing security to a graph of interconnected nodes includes a grouping multiplexing layer configured to monitor calls to the system, a graphing dynamic link layer configured to transmit and receive data to and from the graph, and a group security manager coupled to the grouping multiplexing layer and coupled to the graphing dynamic link layer; the group security manager is configured to perform security-related acts via interacting with a group database to propagate security-related information to members of a group within the graph. The group security manager is configured to provide role-based authorization on publication of one or more records and provide membership control for admission to a graph of interconnected nodes. The group security manager provides membership control by providing credentials to potential members of the graph to enable a connection and by providing a governed system for renewal and revocation of members.
    • 用于向互连节点的图形提供安全性的系统和方法包括被配置为监视对系统的呼叫的分组多路复用层,被配置为向和从图形发送和接收数据的图形动态链路层,以及耦合到 分组复用层并耦合到图形动态链路层; 组安全管理器被配置为通过与组数据库交互来执行与安全相关的动作,以将安全性信息传播到图中的组的成员。 组安全管理器被配置为在一个或多个记录的发布上提供基于角色的授权,并提供用于允许互连节点的图形的成员资格控制。 集团安全经理通过为图表的潜在成员提供凭据来提供成员资格控制,以实现连接,并通过提供受管理的系统来更新和撤销成员。
    • 8. 发明授权
    • Peer-to peer name resolution protocol (PNRP) security infrastructure and method
    • 对等名称解析协议(PNRP)安全基础设施和方法
    • US07251694B2
    • 2007-07-31
    • US11375748
    • 2006-03-15
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • Rohit GuptaAlexandru GavrilescuJohn L. MillerGraham A. Wheeler
    • G06F15/16
    • H04L67/104H04L29/12009H04L29/12047H04L61/15H04L63/0823H04L63/126H04L63/1458Y10S707/99939
    • A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.
    • 提出了一种防止恶意节点中断对等网络的正常操作的能力的安全基础设施和方法。 本发明的方法允许节点通过使其自我验证来使用安全和不安全的身份。 在必要或机会主义的情况下,通过捎带现有消息的验证来验证身份所有权。 通过随机选择连接到哪个节点来减少初始连接到恶意节点的概率。 此外,来自恶意节点的信息被识别,并且可以通过维护关于将要响应的先前通信的信息而被忽略。 通过允许节点在其资源利用超过预定限制时忽略请求,禁止拒绝服务攻击。 恶意节点删除有效节点的能力通过要求撤销证书由要删除的节点进行签名来减少。