Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Security kernel or utility
Reexamination Certificate
2004-02-13
2009-12-15
Revak, Christopher A (Department: 2431)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Security kernel or utility
C726S022000, C726S023000, C726S024000, C726S025000, C726S026000, C713S177000, C709S223000, C709S227000
Reexamination Certificate
active
07634655
ABSTRACT:
The present invention protects against denial of service attacks on lookup or hash tables used to store state information for data transfer protocols used to transfer data between two host computers. Two hash tables are provided for holding state information, one for verified remote entities (i.e., those where the remote local address can be traced to a host), and one for unverified entities. A cryptographically secure hash is applied to packets from unverified remote entities, since these are the most likely to attempt attacks on the hash tables. The performance of the local server for packets from verified remote entities, however, is maintained.
REFERENCES:
patent: 5371499 (1994-12-01), Graybill et al.
patent: 6661787 (2003-12-01), O'Connell et al.
patent: 6854117 (2005-02-01), Roberts
patent: 6990102 (2006-01-01), Kaniz et al.
patent: 7039641 (2006-05-01), Woo
patent: 7058639 (2006-06-01), Chatterjee et al.
patent: 7076786 (2006-07-01), Burd et al.
patent: 7110540 (2006-09-01), Rajagopal et al.
patent: 7159119 (2007-01-01), Wilson et al.
patent: 7191341 (2007-03-01), Paaske et al.
patent: 7248585 (2007-07-01), Kohn et al.
patent: 7254133 (2007-08-01), Govindarajan et al.
patent: 7277438 (2007-10-01), Ambe et al.
patent: 7289502 (2007-10-01), Gemelli et al.
patent: 7325002 (2008-01-01), Zuk
patent: 7373663 (2008-05-01), Robert
patent: 7379952 (2008-05-01), Chan et al.
patent: 7409542 (2008-08-01), Minnick
patent: 2001/0039548 (2001-11-01), Shinkai et al.
patent: 2002/0023089 (2002-02-01), Woo
patent: 2003/0005306 (2003-01-01), Hunt et al.
patent: 2003/0026259 (2003-02-01), Brown
patent: 2003/0061495 (2003-03-01), Minnick
patent: 2003/0084175 (2003-05-01), Kaniyar et al.
patent: 2003/0084298 (2003-05-01), Messerges et al.
patent: 2003/0084715 (2003-05-01), Zazovsky
patent: 2004/0003286 (2004-01-01), Kaler et al.
patent: 2004/0008681 (2004-01-01), Govindarajan et al.
patent: 2004/0013112 (2004-01-01), Goldberg et al.
patent: 2004/0049596 (2004-03-01), Schuehler et al.
patent: 2004/0111635 (2004-06-01), Boivie et al.
patent: 2004/0133798 (2004-07-01), Swander
George C. Hadjichristofi, et al, “IPSec Overhead in Wireline and Wireless Networks for Web and Email Applications” Proceedings: 2003 IEEE International Performance, Computing and Communications Conference, Apr. 2003, pp. 543-547.
Florin Sultan, et al., “Position Summary: Transport Layer Support for Highly-Available Network Services”, Proceedings: 8thWorkshop on Hot Topic in Operating System, May 2001, p. 182.
Yohsuke Takei, et al., “Detecting and Tracing Illegal Access by Using Traffic Pattern Matching Technique,” Electronics and Communications in Japan, Part 1, vol. 87, No. 1, 2004, pp. 989-3204 Japan, pp. 61-71.
Kaniyar Sanjay
Pinkerton James T.
Sethi Bhupinder S.
Doan Trang
Microsoft Corporation
Revak Christopher A
Workman Nydegger
LandOfFree
Efficient hash table protection for data transport protocols does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Efficient hash table protection for data transport protocols, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Efficient hash table protection for data transport protocols will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4062355