Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular node for directing data and applying cryptography
Reexamination Certificate
2002-07-29
2010-11-16
Moise, Emmanuel L (Department: 2437)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular node for directing data and applying cryptography
C726S013000, C711S216000, C711S220000, C711S221000, C707S698000, C707S747000
Reexamination Certificate
active
07836295
ABSTRACT:
Several deterrence mechanisms suitable for content distribution networks (CDN) are provided. These include a hash-based request routing scheme and a site allocation scheme. The hash-based request routing scheme provides a way to distinguish legitimate requests from bogus requests. Using this mechanism, an attacker is required to generate O(n2)amount of traffic to victimize a CDN-hosted site when the site content is served from n CDN caches. Without these modifications, the attacker must generate only O(n) traffic to bring down the site. The site allocation scheme provides sufficient isolation among CDN-hosted Web sites to prevent an attack on one Web site from making other sites unavailable. Using an allocation strategy based on binary codes, it can be guaranteed that a successful attack on any individual Web site that disables its assigned servers, does not also bring down other Web sites hosted by the CDN.
REFERENCES:
patent: 5274631 (1993-12-01), Bhardwaj
patent: 5757795 (1998-05-01), Schnell
patent: 5951649 (1999-09-01), Dobbins et al.
patent: 6006259 (1999-12-01), Adelman et al.
patent: 6006264 (1999-12-01), Colby et al.
patent: 6061798 (2000-05-01), Coley et al.
patent: 6101543 (2000-08-01), Alden et al.
patent: 6175874 (2001-01-01), Imai et al.
patent: 6289455 (2001-09-01), Kocher et al.
patent: 6370584 (2002-04-01), Bestavros et al.
patent: 6427174 (2002-07-01), Sitaraman et al.
patent: 6470389 (2002-10-01), Chung et al.
patent: 6519636 (2003-02-01), Engel et al.
patent: 6553028 (2003-04-01), Tang et al.
patent: 6671724 (2003-12-01), Pandya et al.
patent: 6870849 (2005-03-01), Callon et al.
patent: 6898641 (2005-05-01), Kobayashi
patent: 6980521 (2005-12-01), Jarvis
patent: 6980550 (2005-12-01), Yip et al.
patent: 6985956 (2006-01-01), Luke et al.
patent: 2002/0023089 (2002-02-01), Woo
patent: 2002/0026511 (2002-02-01), Garcia-Luna-Aceves et al.
patent: 2002/0040389 (2002-04-01), Gerba et al.
patent: 2003/0014503 (2003-01-01), Legout et al.
patent: 2003/0039357 (2003-02-01), Alten
patent: 2003/0051048 (2003-03-01), Watson et al.
patent: 2003/0067923 (2003-04-01), Ju et al.
patent: 2003/0169745 (2003-09-01), Gooch
patent: 2003/0172278 (2003-09-01), Farnham et al.
patent: 2003/0174710 (2003-09-01), Gooch
patent: 2003/0210789 (2003-11-01), Farnham et al.
patent: 2004/0064707 (2004-04-01), McCann et al.
patent: 2004/0093525 (2004-05-01), Larnen
patent: 2004/0098627 (2004-05-01), Larsen
patent: 2004/0103096 (2004-05-01), Larsen
patent: 2004/0128505 (2004-07-01), Larsen
patent: 2004/0128510 (2004-07-01), Larsen
patent: 2005/0005154 (2005-01-01), Danforth et al.
patent: 2005/0044365 (2005-02-01), Haukka et al.
patent: 2005/0044381 (2005-02-01), Larsen et al.
patent: 2005/0050364 (2005-03-01), Feng
patent: 2005/0138362 (2005-06-01), Kelly et al.
patent: 2005/0283444 (2005-12-01), Ekberg
patent: 2006/0064458 (2006-03-01), Gehrmann
patent: 2006/0143453 (2006-06-01), Imamoto et al.
patent: 2006/0161974 (2006-07-01), Innes et al.
patent: 2006/0179312 (2006-08-01), Kelly et al.
patent: 2006/0183489 (2006-08-01), Modeo
patent: 2008/0084880 (2008-04-01), Dharwadkar
patent: 11122288 (1994-04-01), None
patent: 2002124996 (2002-04-01), None
patent: WO 01/71495 (2001-09-01), None
Andrew Tanenbaum. “Computer Networks.” 1996. Prentice Hall PTR. pp. 460-474.
Lewis. Request for Comments 3090: DNS Security Extension Clarification on Zone Status. Network Working Group. Mar. 2001. <http://www.rfcsearch.org/rfcview/RFC/3090.html>.
Krawczyk, Bellare, and Canetti. Request for Comments 2104: HMAC: Keyed-Hashing for Message Authentication. Network Working Group. Feb. 1997. <http://www.ietf.org/rfc/rfc2104.txt>.
Server Load Balancing in Today's Web-Enabled Enterprises. Foundry Networks. White Paper. Apr. 2002. http://www.foundrynet.com/pdf/wp-server-load-bal-web-enterprise.pdf.
X. Nie, D. Wilson, J. Cornet, G. Damm, Y. Zhao, IP Address Lookup Using a Dynamic Hash Function, May 2005, Canadian Conference on Electrical and COmputer Engineering 2005, http://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=01557298.
A. Menezes, P van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, 1997, CRC Press, Revised Reprint, pp. 33-35, 321-331, 352-368.
International Application No. PCT/US03/2088, Filing Date Jun. 24, 2003, International Search Report dated Oct. 22, 2003.
Jung et al., “Flash Crowds and Denial of Service Attacks: Characterization and Implications for CDNs and Web Sites”, Proceedings of the Eleventh International World Wide Web Conference, (WWW2002) Honolulu, Hawaii, May 2002.
Yasushi Ichikawa, Shinji Yamane, Yuko Murayama, “The Examination of Contents Delivery Network (CDN)”, The Institute of Electronics, Information and Communication Engineers, Technical Report of IEICE, NS2002-7 (Apr. 2002).
Canadian Office Action dated Jan. 8, 2009 in corresponding Canadian Appln. No. 2,493,350.
Chari Suresh N.
Cheng Pau-Chen
Lee Kang-Won
Sahu Sambit
Shaikh Anees A.
F. Chau & Associates LLC
International Business Machines - Corporation
Moise Emmanuel L
Teslovich Tamara
LandOfFree
Method and apparatus for improving the resilience of content... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for improving the resilience of content..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for improving the resilience of content... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4247960