SECURITY AND AUTHENTICATIONS IN PEER-TO-PEER NETWORKS

US 20090187978A1
Filed: 01/18/2008
Published: 07/23/2009
Est. Priority Date: 01/18/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method comprising the steps:

receiving a first request for access to a secured data resource from a client on a peer-to-peer network,verifying that the client is authorized to obtain access to the secured data resource;

generating a second request for access to the secured data resource, wherein the request comprises peer-to-peer control information and information identifying the secured data resource; and

transmitting the second request to the client.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for providing access to a secured data resource to a client on a peer-to-peer network. The system includes a content management server which receives and verifies a first request for access to a secured data resource from the client. If the first request is valid, the content management server generates a second request for access to the secured data resource which comprises peer-to-peer control information and information identifying the secured data resource, and which can additionally include a signature generated using a shared key. The content management transmits the second request to the client, which then retransmits the second request to a peer-to-peer control server. The control server receives the second request and validates it. Such validations can include validating the request with the shared key. If the second request is valid, the control server transmits instructions for accessing the secured data resource back to the client.

80 Citations

View as Search Results

66 Claims

1. A method comprising the steps:
- receiving a first request for access to a secured data resource from a client on a peer-to-peer network,verifying that the client is authorized to obtain access to the secured data resource;
  
  generating a second request for access to the secured data resource, wherein the request comprises peer-to-peer control information and information identifying the secured data resource; and
  
  transmitting the second request to the client.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the second request additionally comprises a signature.
  - 3. The method of claim 2 wherein the signature is generated using at least a portion of the information identifying the secured data resource and a key.
  - 4. The method of claim 3 wherein the key is shared with a control server which provides control services to at least a portion of the peer-to-peer network.
  - 5. The method of claim 1 wherein the second request additionally comprises a timestamp.
  - 6. The method of claim 1 wherein the second request additionally comprises a unique identifier.
  - 7. The method of claim 1 wherein the second request comprises a URL, the URL containing one to n request parameters, and being formatted as follows:
    - /<
      
      peer to peer proprietary streaming url>
      
      ?p1=(value)&
      
      p2=(value)... &
      
      pn=(value)wherein p1 through pn are request parameters, and wherein at least one parameter identifies the secured data resource.
  - 8. The method of claim 7 wherein the second request comprises at least four request parameters, wherein p equals:
    - u—
      
      a unique identifier,t—
      
      a timestamp,c—
      
      the channel id of the content to be delivered, ands—
      
      the signature of all the proceeding components.
  - 9. The method of claim 8 wherein the second request comprises at least two additional request parameters, wherein p equals:
    - lat—
      
      latitude, andlon—
      
      longitude.

10. A method for a comprising the steps:
- receiving a request from a client on a peer-to-peer network for access to a secured data resource, the request comprising peer-to-peer control information and information identifying the secured data resource;
  
  validating the request;
  
  generating instructions for accessing the secured data resource; and
  
  transmitting the instructions to the client.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10 wherein the request additionally comprises a first signature and wherein the signature is used to validate the request.
  - 12. The method of claim 11 wherein the request is validated using the first signature by generating a second signature using at least a portion of the information identifying the secured data resource and a key and comparing the first signature to the second signature.
  - 13. The method of claim 12 wherein the key is shared with a content management server which manages access to the secured data resource.
  - 14. The method of claim 10 wherein the request additionally comprises a timestamp and wherein the timestamp is used to validate the request.
  - 15. The method of claim 14 wherein request is validated using the timestamp by determining if the timestamp plus a predetermined time interval is less than the current time.
  - 16. The method of claim 10 wherein the request additionally comprises a unique identifier and wherein the unique identifier is used to validate the request.
  - 17. The method of claim 16 wherein the request is validated using the unique identifier by determining that no request associated with the unique identifier is pending for the secured data resource.

18. A method comprising the steps:
- transmitting a first request for access to the secured data resource to a content management server, the first request additionally comprising a first set of validation credentials;
  
  receiving a second request for access to the secured data resource from the content management server, the request comprising peer-to-peer control information, information identifying the secured data resource, and a second set of validation credentials;
  
  transmitting the second request to a peer-to-peer control server;
  
  receiving instructions for accessing the secured data resource from the peer-to-peer control server.
- View Dependent Claims (19, 20, 21, 22)
- - 19. The method of claim 18 wherein the first set of validation credentials contains at least one item selected from the list:
    - User ID, cookie.
  - 20. The method of claim 18 wherein the second set of validation credentials contains at least one item selected from the list:
    - unique identifier, signature.
  - 21. The method of claim 20 wherein the signature is generated using at least a portion of the information identifying the secured data resource and a key.
  - 22. The method of claim 21 wherein the key is known to the control server and the content management server.

23. A computer-readable medium having computer-executable instructions for a method comprising the steps:
- receiving a first request for access to a secured data resource from a client on a peer-to-peer network;
  
  verifying that the client is authorized to obtain access to the secured data resource;
  
  generating a second request for access to the secured data resource, wherein the request comprises peer-to-peer control information and information identifying the secured data resource; and
  
  transmitting the second request to the client.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31)
- - 24. The computer-readable medium of claim 23 wherein the second request additionally comprises a signature.
  - 25. The computer-readable medium of claim 24 wherein the signature is generated using at least a portion of the information identifying the secured data resource and a key.
  - 26. The computer-readable medium of claim 25 wherein the key is shared with a control server which provides control services to at least a portion of the peer-to-peer network.
  - 27. The computer-readable medium of claim 23 wherein the second request additionally comprises a timestamp.
  - 28. The computer-readable medium of claim 23 wherein the second request additionally comprises a unique identifier.
  - 29. The computer-readable medium of claim 23 wherein the second request comprises a URL, the URL containing one to n request parameters, and being formatted as follows:
    - /<
      
      peer to peer proprietary streaming url>
      
      ?p1=(value)&
      
      p2=(value)... &
      
      pn=(value)wherein p1 through pn are request parameters, and wherein at least one parameter identifies the secured data resource.
  - 30. The computer-readable medium of claim 23 wherein the second request comprises at least four request parameters, wherein p equals:
    - u—
      
      a unique identifier,t—
      
      a timestamp,c—
      
      the channel id of the content to be delivered, ands—
      
      the signature of all the proceeding components.
  - 31. The computer-readable medium of claim 30 wherein the request comprises at least two additional request parameters, wherein p equals:
    - lat—
      
      latitude, andlon—
      
      longitude.

32. A computer-readable medium having computer-executable instructions for a method comprising the steps:
- receiving a request from a client on the peer-to-peer network for access to a secured data resource, the request comprising peer-to-peer control information and information identifying the secured data resource;
  
  validating the request;
  
  generating instructions for accessing the secured data resource; and
  
  transmitting the instructions to the client.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39)
- - 33. The computer-readable medium of claim 32 wherein the request additionally comprises a first signature and wherein the first signature is used to validate the request.
  - 34. The computer-readable medium of claim 33 wherein the request is validated using the first signature by generating a second signature using at least a portion of the information identifying the secured data resource and a key and comparing the first signature to the second signature.
  - 35. The computer-readable medium of claim 34 wherein the key is shared with a content management server which manages access to the secured data resource.
  - 36. The computer-readable medium of claim 34 wherein the request additionally comprises a timestamp and wherein the timestamp is used to validate the request.
  - 37. The computer-readable medium of claim 36 wherein request is validated using the timestamp by determining if the timestamp plus a predetermined time interval is less than the current time.
  - 38. The computer-readable medium of claim 33 wherein the request additionally comprises a unique identifier and wherein the unique identifier is used to validate the request.
  - 39. The computer-readable medium of claim 38 wherein the request is validated using the unique identifier by determining that no request associated with the unique identifier is pending for the secured data resource.

40. A computer-readable medium having computer-executable instructions for a method comprising the steps:
- transmitting a first request for access to the secured data resource to a content management server, the first request additionally comprising a first set of validation credentials;
  
  receiving a second request for access to the secured data resource from the content management server, the request comprising peer-to-peer control information, information identifying the secured data resource, and a second set of validation credentials;
  
  transmitting the second request to a peer-to-peer control server;
  
  receiving instructions for accessing the secured data resource from the peer-to-peer control server.
- View Dependent Claims (41, 42, 43, 44)
- - 41. The method of claim 40 wherein the first set of validation credentials contains at least one item selected from the list:
    - User ID, cookie.
  - 42. The method of claim 40 wherein the second set of validation credentials contains at least one item selected from the list:
    - unique identifier, signature.
  - 43. The computer-readable medium of claim 42 wherein the signature is generated using at least a portion of the information identifying the secured data resource and a key.
  - 44. The computer-readable medium of claim 43 wherein the key is known to the control server and the content management server.

45. A system comprising:
- a receiving module that receives a first request for access to a secured data resource from a client on a peer-to-peer network;
  
  a verification module that verifies that the client is authorized to obtain access to the secured data resource;
  
  a request generation module that generates a second request for access to the secured data resource, wherein the request comprises peer-to-peer control information and information identifying the secured data resource; and
  
  a transmission module that transmits the second request to the client.
- View Dependent Claims (46, 47, 48, 49, 50, 51, 52, 53)
- - 46. The system of claim 45 wherein the second request generated by the request module additionally comprises a signature.
  - 47. The system of claim 46 wherein the signature is generated by the request generation module using at least a portion of the information identifying the secured data resource and a key.
  - 48. The system of claim 47 wherein the key is shared with a control server which provides control services to at least a portion of the peer-to-peer network.
  - 49. The system of claim 45 wherein the second request generated by the request generation module additionally comprises a timestamp.
  - 50. The system of claim 45 wherein the second request generated by the request generation module additionally comprises a unique identifier.
  - 51. The system of claim 45 wherein the second request generated by the request generation module comprises a URL, the URL containing one to n request parameters, and being formatted as follows:
    - /<
      
      peer to peer proprietary streaming url>
      
      ?p1=(value)&
      
      p2=(value)... &
      
      pn=(value)wherein p1 through pn are request parameters, and wherein at least one parameter identifies the secured data resource.
  - 52. The system of claim 51 wherein the second request generated by the request generation module comprises at least four request parameters, wherein p equals:
    - u—
      
      a unique identifier,t—
      
      a timestamp,c—
      
      the channel id of the content to be delivered, ands—
      
      the signature of all the proceeding components.
  - 53. The system of claim 52 wherein the request comprises at least two additional request parameters, wherein p equals:
    - lat—
      
      latitude, andlon—
      
      longitude.

54. A system comprising:
- a receiving module that receives a request from a client on a peer-to-peer network for access to a secured data resource, the request comprising peer-to-peer control information and information identifying the secured data resource;
  
  a validation module that validates the request;
  
  an instruction generation module that generates instructions for accessing the secured data resource; and
  
  a transmission module that transmits the instructions to the client.
- View Dependent Claims (55, 56, 57, 58, 59, 60, 61)
- - 55. The system of claim 54 wherein the request additionally comprises a first signature and wherein the signature is used by the validation module to validate the request.
  - 56. The system of claim 55 wherein the request is validated by the validation module using the first signature by generating a second signature using at least a portion of the information identifying the secured data resource and a key and comparing the first signature to the second signature.
  - 57. The system of claim 56 wherein the key is shared with a content management server which manages access to the secured data resource.
  - 58. The system of claim 54 wherein the request additionally comprises a timestamp and wherein the timestamp is used to validate the request.
  - 59. The system of claim 58 wherein request is validated by the validation module using the timestamp by determining if the timestamp plus a predetermined time interval is less than the current time.
  - 60. The system of claim 59 wherein the request additionally comprises a unique identifier and wherein the unique identifier is used to by the validation module to validate the request.
  - 61. The system of claim 60 wherein request is validated by the validation module using the unique identifier by determining that no request associated with the unique identifier is pending for the secured data resource.

62. A peer-to-peer client comprising:
- a first transmission module that transmits a first request for access to the secured data resource to a content management server, the first request additionally comprising a first set of validation credentials;
  
  a first receiving module that receives a second request for access to the secured data resource from the content management server, the request comprising peer-to-peer control information, information identifying the secured data resource, and a second set of validation credentials;
  
  a second transmission module that transmits the second request to a peer-to-peer control server;
  
  a second receiving module that receives instructions for accessing the secured data resource from the control server.

63. The client of 62 wherein the first set of validation credentials contains at least one item selected from the list:
- User ID, cookie.
- View Dependent Claims (64, 65, 66)
- - 64. The method of claim 63 wherein the second set of validation credentials contains at least one item selected from the list:
    - unique identifier, signature.
  - 65. The client of claim 64 wherein the signature was generated by the content management server the using at least a portion of the information identifying the secured data resource and a key.
  - 66. The client of claim 65 wherein the key is known to the control server and the content management server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oath Inc. (Verizon Communications Inc.)
Original Assignee
Yahoo! Inc. (Apollo Global Management, Inc.)
Inventors
Gade, Bhargavaram B., Renfro, Scott, Tewari, Saurabh, Vyas, Tanvi, Upendran, Manish, Menon, Satish

Application Number

US12/016,582
Publication Number

US 20090187978A1
Time in Patent Office

Days
Field of Search
US Class Current

726/5
CPC Class Codes

H04L 63/123 received data contents, e.g...

H04L 67/104 Peer-to-peer [P2P] networks

SECURITY AND AUTHENTICATIONS IN PEER-TO-PEER NETWORKS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

80 Citations

66 Claims

Specification

Solutions

Use Cases

Quick Links

SECURITY AND AUTHENTICATIONS IN PEER-TO-PEER NETWORKS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

80 Citations

66 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links