System and method for performing security management operations in network having non-static collection of nodes
First Claim
1. A method of managing a network comprising a non-static collection of machines, comprising:
- at a first node coupled to the network, the first node being a first machine among the non-static collection of machines;
proactively constructing and maintaining a respective local segment of a linear communication orbit in the network, wherein the proactive constructing and maintaining comprises;
obtaining, from a server of the network, contact information of one or more potential neighbor nodes for the first node, wherein the one or more potential neighbor nodes are machines that are known to the server as being coupled to the network;
proactively establishing, in accordance with a respective network communication protocol, a respective propagation channel from the first node to a downstream neighbor upon detecting that said respective propagation channel to the downstream neighbor does not already exist, wherein the downstream neighbor comprises a live succeeding node among the one or more potential neighbor nodes;
allowing a respective collection channel from the downstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the downstream neighbor, wherein the request has been generated by the downstream neighbor to establish a respective reporting channel thereof in accordance with the respective network communication protocol;
proactively establishing, in accordance with the respective network communication protocol, a respective reporting channel from the first node to an upstream neighbor upon detecting that said respective reporting channel to the upstream neighbor does not already exist, wherein the upstream neighbor comprises a live preceding node among the one or more potential neighbor nodes; and
allowing a respective receiving channel from the upstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the upstream neighbor, wherein the request has been generated by the upstream neighbor to establish a respective propagation channel thereof in accordance with the respective network communication protocol;
receiving a security management message from the upstream neighbor through the respective receiving channel from the upstream neighbor to the first node;
performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and
forwarding the security management message to the downstream neighbor through the respective propagation channel from the first node to the downstream neighbor.
0 Assignments
0 Petitions
Accused Products
Abstract
Machines in a managed network implement a set of rules that cause individual machines to directly interact with only a small number of machines in the network. Independent local actions of the individual machines collectively cause the individual machines to be self-organized into one or more communication orbits without any global control or coordination by a server or an administrator. The communication orbits are used for supporting security management, including, at a first node of the network, receiving a security management message from an upstream neighbor through a respective receiving channel from the upstream neighbor to the first node; performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and forwarding the security management message to a downstream neighbor through a respective propagation channel from the first node to the downstream neighbor.
62 Citations
23 Claims
-
1. A method of managing a network comprising a non-static collection of machines, comprising:
at a first node coupled to the network, the first node being a first machine among the non-static collection of machines; proactively constructing and maintaining a respective local segment of a linear communication orbit in the network, wherein the proactive constructing and maintaining comprises; obtaining, from a server of the network, contact information of one or more potential neighbor nodes for the first node, wherein the one or more potential neighbor nodes are machines that are known to the server as being coupled to the network; proactively establishing, in accordance with a respective network communication protocol, a respective propagation channel from the first node to a downstream neighbor upon detecting that said respective propagation channel to the downstream neighbor does not already exist, wherein the downstream neighbor comprises a live succeeding node among the one or more potential neighbor nodes; allowing a respective collection channel from the downstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the downstream neighbor, wherein the request has been generated by the downstream neighbor to establish a respective reporting channel thereof in accordance with the respective network communication protocol; proactively establishing, in accordance with the respective network communication protocol, a respective reporting channel from the first node to an upstream neighbor upon detecting that said respective reporting channel to the upstream neighbor does not already exist, wherein the upstream neighbor comprises a live preceding node among the one or more potential neighbor nodes; and allowing a respective receiving channel from the upstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the upstream neighbor, wherein the request has been generated by the upstream neighbor to establish a respective propagation channel thereof in accordance with the respective network communication protocol; receiving a security management message from the upstream neighbor through the respective receiving channel from the upstream neighbor to the first node; performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and forwarding the security management message to the downstream neighbor through the respective propagation channel from the first node to the downstream neighbor. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A system, the system serving as a first node coupled to a network comprising a non-static collection of machines, the first node being a first machine among the non-static collection of machines and the system comprising:
-
one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the processors to perform operations including; proactively constructing and maintaining a respective local segment of a linear communication orbit in the network, wherein the proactive constructing and maintaining comprises; obtaining, from a server of the network, contact information of one or more potential neighbor nodes for the first node, wherein the one or more potential neighbor nodes are machines that are known to the server as being coupled to the network; proactively establishing, in accordance with a respective network communication protocol, a respective propagation channel from the first node to a downstream neighbor upon detecting that said respective propagation channel to the downstream neighbor does not already exist, wherein the downstream neighbor comprises a live succeeding node among the one or more potential neighbor nodes; allowing a respective collection channel from the downstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the downstream neighbor, wherein the request has been generated by the downstream neighbor to establish a respective reporting channel thereof in accordance with the respective network communication protocol; proactively establishing, in accordance with the respective network communication protocol, a respective reporting channel from the first node to an upstream neighbor upon detecting that said respective reporting channel to the upstream neighbor does not already exist, wherein the upstream neighbor comprises a live preceding node among the one or more potential neighbor nodes; and allowing a respective receiving channel from the upstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the upstream neighbor, wherein the request has been generated by the upstream neighbor to establish a respective propagation channel thereof in accordance with the respective network communication protocol; receiving a security management message from the upstream neighbor through the respective receiving channel from the upstream neighbor to the first node; performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and forwarding the security management message to the downstream neighbor through the respective propagation channel from the first node to the downstream neighbor. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer-readable storage medium storing instructions that when executed by one or more processors, cause the processors to perform operations comprising:
at a first node coupled to a network comprising a non-static collection of machines, the first node being a first machine among the non-static collection of machines; proactively constructing and maintaining a respective local segment of a linear communication orbit in the network, wherein the proactive constructing and maintaining comprises; obtaining, from a server of the network, contact information of one or more potential neighbor nodes for the first node, wherein the one or more potential neighbor nodes are machines that are known to the server as being coupled to the network; proactively establishing in accordance with a respective network communication protocol, a respective propagation channel from the first node to a downstream neighbor upon detecting that said respective propagation channel to the downstream neighbor does not already exist, wherein the downstream neighbor comprises a live succeeding node among the one or more potential neighbor nodes; allowing a respective collection channel from the downstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the downstream neighbor, wherein the request has been generated by the downstream neighbor to establish a respective reporting channel thereof in accordance with the respective network communication protocol; proactively establishing, in accordance with the respective network communication protocol, a respective reporting channel from the first node to an upstream neighbor upon detecting that said respective reporting channel to the upstream neighbor does not already exist, wherein the upstream neighbor comprises a live preceding node among the one or more potential neighbor nodes; and allowing a respective receiving channel from the upstream neighbor to the first node to be established in accordance with the respective network communication protocol upon a request by the upstream neighbor, wherein the request has been generated by the upstream neighbor to establish a respective propagation channel thereof in accordance with the respective network communication protocol; receiving a security management message from the upstream neighbor through the respective receiving channel from the upstream neighbor to the first node; performing one or more security management operations in accordance with the security management message received from the upstream neighbor; and forwarding the security management message to the downstream neighbor through the respective propagation channel from the first node to the downstream neighbor. - View Dependent Claims (18, 19, 20, 21, 22, 23)
Specification