Security architecture for peer-to-peer storage system

US 20090290715A1
Filed: 05/20/2008
Published: 11/26/2009
Est. Priority Date: 05/20/2008
Status: Active Grant

First Claim

Patent Images

1. A method, implemented by a computing device, comprising:

receiving a request to register a peer in a peer-to-peer system;

generating or selecting a transaction key for the peer;

storing the transaction key in association with registration information for the peer;

transmitting the transaction key to the peer; and

in response to a request to perform a desired peer-to-peer transaction by another peer, generating a token, based at least in part on the transaction key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An exemplary method includes receiving a request to register a peer in a peer-to-peer system; generating or selecting a transaction key for the peer; storing the transaction key in association with registration information for the peer; transmitting the transaction key to the peer and, in response to a request to perform a desired peer-to-peer transaction by another peer, generating a token, based at least in part on the transaction key. Such a token allows for secure transactions in a peer-to-peer system including remote storage of data and retrieval of remotely stored data. Other exemplary techniques are also disclosed including exemplary modules for a peer-to-peer server and peers in a peer-to-peer system.

Citations

22 Claims

1. A method, implemented by a computing device, comprising:
- receiving a request to register a peer in a peer-to-peer system;
  
  generating or selecting a transaction key for the peer;
  
  storing the transaction key in association with registration information for the peer;
  
  transmitting the transaction key to the peer; and
  
  in response to a request to perform a desired peer-to-peer transaction by another peer, generating a token, based at least in part on the transaction key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1 further comprising receiving a password from the peer wherein the password provides for a secure transmission of the transaction key to the peer.
  - 3. The method of claim 2 wherein the transaction key is independent of the password.
  - 4. The method of claim 1 wherein the token comprises a signature based on the key.
  - 5. The method of claim 1 wherein the transaction key comprises a strong cryptographic key.
  - 6. The method of claim 1 wherein the token comprises a format that specifies a type of transaction.
  - 7. The method of claim 1 wherein the token comprises a format that specifies an expiration time for the token.
  - 8. The method of claim 1 wherein the token comprises file information for a file associated with the peer-to-peer transaction.
  - 9. The method of claim 1 wherein the token comprises a transaction identifier selected from a group consisting of a timestamp and a number generated by a message counter.
  - 10. The method of claim 1 further comprising randomly generating or selecting an encryption key for the peer.
  - 11. The method of claim 10 further comprising storing the encryption key in association with registration information for the peer and transmitting the encryption key to the peer.

12. A module for a peer-to-peer server, the module comprising:
- computer-executable instructions to generate or select a transaction key for a peer in the peer-to-peer system;
  
  computer-executable instructions to store a transaction key for each peer in the peer-to-peer system;
  
  computer-executable instructions to transmit a transaction key for a peer in the peer-to-peer system to the peer; and
  
  computer-executable instructions to generate tokens for transactions between peers in the peer-to-peer system based on a receipt of a request by a peer wherein a token comprises a signature based on a transaction key of another peer.
- View Dependent Claims (13, 14, 15, 16, 17, 18)
- - 13. The module of claim 12 wherein the transaction key comprises a strong cryptographic key.
  - 14. The module of claim 12 wherein the token comprises a transaction type.
  - 15. The module of claim 12 further comprising computer-executable instructions to determine if a peer-to-peer transaction occurred successfully based at least in part on information received from the other peer.
  - 16. The module of claim 12 further comprising computer-executable instructions to generate or select an encryption key for each peer in the peer-to-peer system.
  - 17. The module of claim 12 further comprising computer-executable instructions to store an encryption key for each peer in the peer-to-peer system.
  - 18. The module of claim 12 further comprising computer-executable instructions for an application programming interface to receive information from a peer in the peer-to-peer system and to return a token in response.

19. A module for a peer in a peer-to-peer system, the module comprising:
- computer-executable instructions to call an application programming interface of a server in the peer-to-peer system wherein the call specifies a type of peer-to-peer transaction and returns a token for the transaction;
  
  computer-executable instructions to send a token to another peer to initiate a peer-to-peer transaction; and
  
  computer-executable instructions to verify a token received by another peer to thereby allow a peer-to-peer transaction to occur.
- View Dependent Claims (20)
- - 20. The module of claim 19 further comprising computer-executable instructions to send information to a server in a peer-to-peer system in response to failure to verify a token received by another peer.

21. A method, implemented by a computing device, comprising:
- requesting, as a peer, a token to perform a desired peer-to-peer transaction in a peer-to-peer system;
  
  receiving a token generated based at least in part on a transaction key for the peer; and
  
  sending the token to another peer to initiate a peer-to-peer transaction.

22. A method, implemented by a computing device, comprising:
- receiving a token from a peer in a peer-to-peer system, the token generated based at least in part on a transaction key for the peer and comprising transaction information for a type of desired peer-to-peer transaction;
  
  verifying the token using a different transaction key; and
  
  allowing the desired peer-to-peer transaction to occur.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Mityagin, Anton, Lauter, Kristin E., Charles, Denis X.

Granted Patent

US 8,196,186 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/278
CPC Class Codes

G06F 21/335   for accessing specific reso...

G06F 2221/2151   Time stamp

H04L 63/062   for key distribution, e.g. ...

Security architecture for peer-to-peer storage system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Security architecture for peer-to-peer storage system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links