Method and Apparatus to Use Identify Information for Digital Signing and Encrypting Content Integrity and Authenticity in Content Oriented Networks
First Claim
1. A content router comprising:
- storage configured to cache, in a content oriented network (CON), a content object with a signature signed by a publisher based on a known identity to a subscriber; and
a transmitter coupled to the storage and configured to forward the content object with the signature upon request to the subscriber,wherein the subscriber uses the signature to verify the content object'"'"'s integrity based on the known identity without verifying a trust of a publisher key for the publisher, andwherein the known identity is trusted by the publisher and does not require verifying trust from the publisher.
1 Assignment
0 Petitions
Accused Products
Abstract
A content router comprising storage configured to cache, in a content oriented network (CON), a content object with a signature signed by a publisher based on a known identity to a subscriber; and a transmitter coupled to the storage and configured to forward the content object with the signature upon request to the subscriber, wherein the subscriber uses the signature to verify one of the content object'"'"'s integrity and the content object'"'"'s authenticity based on the known identity without verifying a trust of a publisher key for the publisher, and wherein the known identity is trusted by the publisher and does not require verifying trust from the publisher.
62 Citations
24 Claims
-
1. A content router comprising:
-
storage configured to cache, in a content oriented network (CON), a content object with a signature signed by a publisher based on a known identity to a subscriber; and a transmitter coupled to the storage and configured to forward the content object with the signature upon request to the subscriber, wherein the subscriber uses the signature to verify the content object'"'"'s integrity based on the known identity without verifying a trust of a publisher key for the publisher, and wherein the known identity is trusted by the publisher and does not require verifying trust from the publisher. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A network component comprising:
-
a receiver in a content router configured to receive content from a publisher encrypted with a master key (MK) generated by a Private Key Generator (PKG) and an identity associated with the content, and the receiver further configured to receive the encrypted content from a cache in a content oriented network (CON); and a transmitter configured to send the encrypted content to the cache and to send the encrypted content from the cache to a subscriber that decrypts the encrypted content using a private key obtained using an identity associated with the publisher or the content and a master secret key (MSK) generated by the PKG. - View Dependent Claims (9, 10, 11, 12)
-
-
13-15. -15. (canceled)
-
16. A network apparatus implemented method comprising:
-
receiving a content object with a signature signed from a publisher using a private key that is obtained using a public identity known in a content oriented network (CON); storing the content object with the signature in the CON; and forwarding the content object with the signature upon receiving a content request to a subscriber. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
-
24-30. -30. (canceled)
Specification