Peer-to-Peer Identity Management Interfaces and Methods

US 20100030900A1
Filed: 09/15/2009
Published: 02/04/2010
Est. Priority Date: 12/04/2002
Status: Active Grant

First Claim

Patent Images

1. A computer-readable storage medium embodying a program of instruction executable by a computer for performing a method of communicating between an application program of a resolution protocol and a server process on a same node to manage peer-to-peer identities, comprising the steps of:

providing, on the same node, an application program interface for use by the application program of the resolution protocol to manage peer-to-peer identities;

receiving, at the server process on the same node, via the application program interface, a peer identity create call having a plurality of call parameters comprising a classifier, a peer-to-peer friendly name, a handle to a container in which a key pair exists, and a pointer to a location to which an identity name should be returned,wherein the key pair includes a private key and a public key, andwherein the key pair and the classifier are used to generate the identity name;

parsing, at the server process, the peer identity create call to retrieve the plurality of call parameters;

returning to the application program a value indicative of the success/failure of the peer identity create call;

receiving, at the server process on the same node, via the application program interface, a peer identity management call corresponding to the identity name corresponding to peer identity create call, and the peer identity management call having one or more corresponding call parameters;

parsing, at the server process, the peer identity management call to retrieve the one or more corresponding call parameters; and

returning to the application program a value indicative of the success/failure of the peer identity management call.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Peer-to-peer (P2P) application programming interfaces (APIs) that allow an application to create, import, export, manage, enumerate, and delete P2P identities are presented. Further, the management of group identity information is provided. APIs abstract away from low level credential and cryptographic functions required to create and manage P2P identities. This management includes retrieval and setting of a friendly name, generation of a cryptographic public/private key pair, retrieval of security information in the form of an XML fragment, and creation of a new name based on an existing identity. Since the P2P environment also allows for the existence of multiple separate groups of peers within the P2P cloud, a preferred embodiment of the present invention also allows for the enumeration of all groups associated with a given identity, for each identity existing for the user.

105 Citations

View as Search Results

19 Claims

1. A computer-readable storage medium embodying a program of instruction executable by a computer for performing a method of communicating between an application program of a resolution protocol and a server process on a same node to manage peer-to-peer identities, comprising the steps of:
- providing, on the same node, an application program interface for use by the application program of the resolution protocol to manage peer-to-peer identities;
  
  receiving, at the server process on the same node, via the application program interface, a peer identity create call having a plurality of call parameters comprising a classifier, a peer-to-peer friendly name, a handle to a container in which a key pair exists, and a pointer to a location to which an identity name should be returned,wherein the key pair includes a private key and a public key, andwherein the key pair and the classifier are used to generate the identity name;
  
  parsing, at the server process, the peer identity create call to retrieve the plurality of call parameters;
  
  returning to the application program a value indicative of the success/failure of the peer identity create call;
  
  receiving, at the server process on the same node, via the application program interface, a peer identity management call corresponding to the identity name corresponding to peer identity create call, and the peer identity management call having one or more corresponding call parameters;
  
  parsing, at the server process, the peer identity management call to retrieve the one or more corresponding call parameters; and
  
  returning to the application program a value indicative of the success/failure of the peer identity management call.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. The computer-readable storage medium of claim 1, wherein the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises a step of returning an error indicative that at least one of the one or more corresponding call parameters of the peer identity management call is invalid.
  - 3. The computer-readable storage medium of claim 1, wherein the step of returning to the application program the value indicative to the success/failure of the peer identity management call comprises a step of returning an error indicative that there is not enough memory to perform the peer identity management call.
  - 4. The computer-readable storage medium of claim 1, wherein a particular corresponding call parameter of the peer identity management call corresponds to the identity name, and wherein the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises a step of returning an error indicative that there is no identity that matches the identity name call parameter.
  - 5. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a get friendly name call having the one or more corresponding call parameters comprising the identity name and a pointer to a location to which a corresponding friendly name should be returned; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the get friendly name call.
  - 6. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a set friendly name call having the one or more corresponding call parameters comprising the identity name and a string containing a new friendly name for the identity; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the set friendly name call.
  - 7. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a peer identity delete call having the one or more corresponding call parameters comprising the identity name; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the peer identity delete call.
  - 8. The computer-readable storage medium of claim 7, wherein the step of returning to the application program the value indicative of the success/failure of the peer identity delete call comprises a step of returning an error indicative that a peer identity corresponding to the identity name is in use by another process and cannot be deleted at this time.
  - 9. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a get cryptographic key call having the one or more corresponding call parameters comprising the identity name and a pointer to a location to which a handle to a cryptographic key container should be returned; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the get cryptographic key call.
  - 10. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a peer identity export call having the one or more corresponding call parameters comprising the identity name, a password to be used to encrypt identity information, at least one export option flag, and a pointer to a location to which a pointer to exported identity information will be placed; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the peer identity export call.
  - 11. The computer-readable storage medium of claim 10, wherein the step of receiving the peer identity export call having the one or more corresponding call parameters comprises a step of receiving a peer identity export call having the one or more corresponding call parameters further comprising an export specified groups flag, a count of elements in a list of groups in an export list and an array of group names to be exported.
  - 12. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving an enumerate peer identities call having the one or more corresponding call parameters comprising a pointer to a location to which a handle to the enumeration object is to be returned, wherein the enumeration object corresponds to an enumeration of a set of created peer identities including the identity name; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the enumerate peer identities call.
  - 13. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving an enumerate peer groups call having the one or more corresponding call parameters comprising the identity name, and a pointer to a location to which a handle to a group enumeration object is to be returned, wherein the group enumeration object corresponds to an enumeration of a set of peer groups belonging to the identity name; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the enumerate peer groups call.
  - 14. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a peer identity get XML call having the one or more corresponding call parameters comprising the identity name and a pointer to a location to which a string containing an XML fragment with information about a peer identity corresponding to the identity name is returned; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the peer identity get XML call.
  - 15. The computer-readable storage medium of claim 14, wherein the step of returning to the application program the value indicative of the success/failure of the peer identity get XML call comprises a step of returning an error indicative that a handle to the peer identity is invalid.
  - 16. The computer-readable storage medium of claim 14, wherein the step of returning to the application program the value indicative of the success/failure of the peer identity get XML call comprises a step of returning an error indicative that the pointer is NULL.
  - 17. The computer-readable storage medium of claim 1, wherein:
    - the step of receiving the peer identity management call comprises receiving a peer create peer name call having the one or more corresponding call parameters comprising the identity name and a string containing a new classifier that needs to be appended to an existing peer name of the identity to form a new peer name, and a pointer to a location to which the new peer name is returned; and
      
      the step of returning to the application program the value indicative of the success/failure of the peer identity management call comprises returning to the application program a value indicative of the success/failure of the peer create peer name call.
  - 18. The computer-readable storage medium of claim 1, wherein at least a portion of the plurality of call parameters of the peer identity create call or at least a portion of the one or more corresponding call parameters of the peer identity management call are obtained as a result of a peer identity import call, wherein the peer identity import call:
    - is received at the server process on the same node via the application program interface;
      
      has one or more import call parameters comprising a pointer to a data structure that contains information to be imported, a password to be used to decrypt the information to be imported, at least one import option flag, and a pointer to a location to which imported identity information will be placed;
      
      is parsed at the server process for retrieval of the one or more import call parameters; and
      
      returns to the application program a value indicative of the success/failure of the peer identity import call.
  - 19. The computer-readable storage medium of claim 18, wherein the at least one import option flag indicates at least one of:
    - an importation of all peer groups associated with an imported peer identity, an importation of peer groups owned by the imported peer identity, an importation of peer groups not owned by the imported peer identity, an importation of specified peer groups, an importation of identity information corresponding to the imported peer identity without an importation of associated peer group information, an importation of a private key corresponding to the imported peer identity, or an indication of a desired overwrite option.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Manion, Todd R., Donner, Robert D., Somin, Grigori M.

Granted Patent

US 8,010,681 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/227
CPC Class Codes

G06F 9/541   via adapters, e.g. between ...

H04L 2101/365   Application layer names, e....

H04L 61/00   Network arrangements, proto...

H04L 61/30   Managing network names, e.g...

H04L 63/0823   using certificates cryptogr...

H04L 67/104   Peer-to-peer [P2P] networks

H04L 67/1057   involving pre-assessment of...

H04L 69/329   in the application layer [O...

Peer-to-Peer Identity Management Interfaces and Methods

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

105 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Peer-to-Peer Identity Management Interfaces and Methods

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

105 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links