Distributed device revocation
First Claim
1. A distributed revocation method comprising:
- conducting a vote amongst at least three autonomous device nodes of a distributed network regarding whether a suspect autonomous device node of the distributed network should be removed from the distributed network;
responsive to said vote satisfying a revocation criterion, ceasing communication between the suspect autonomous device node and the other autonomous device nodes of the distributed network by (i) constructing a revocation message by combining partial revocation information for revoking the suspect autonomous device node that is distributed amongst at least some of the autonomous device nodes of the distributed network other than the suspect autonomous device node, and (ii) transmitting the revocation message amongst the autonomous device nodes over the distributed network; and
authenticating the revocation message by comparing a first portion of the revocation message processed by a one-way function with a second portion of the revocation message.
1 Assignment
0 Petitions
Accused Products
Abstract
In a distributed revocation method, it is individually decided at each of a plurality of autonomous device nodes of a distributed network whether a suspect autonomous device node or suspect distributed key of the distributed network should be removed from the distributed network. A voting session is conducted at which the individual decisions of the plurality of autonomous device nodes are combined to decide whether the suspect autonomous device node or suspect distributed key should be removed from the distributed network. The suspect autonomous device node or suspect distributed key is removed from the distributed network responsive to the voting session deciding in favor of removal.
-
Citations
26 Claims
-
1. A distributed revocation method comprising:
-
conducting a vote amongst at least three autonomous device nodes of a distributed network regarding whether a suspect autonomous device node of the distributed network should be removed from the distributed network; responsive to said vote satisfying a revocation criterion, ceasing communication between the suspect autonomous device node and the other autonomous device nodes of the distributed network by (i) constructing a revocation message by combining partial revocation information for revoking the suspect autonomous device node that is distributed amongst at least some of the autonomous device nodes of the distributed network other than the suspect autonomous device node, and (ii) transmitting the revocation message amongst the autonomous device nodes over the distributed network; and authenticating the revocation message by comparing a first portion of the revocation message processed by a one-way function with a second portion of the revocation message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An autonomous device node configured to securely communicate with other autonomous device nodes in a distributed network and to cooperate with other autonomous device nodes with which it is in secure communication to perform a distributed revocation method including (i) conducting a vote amongst at least three autonomous device nodes of a distributed network regarding whether a suspect autonomous device node of the distributed network should be removed from the distributed network, and (ii) ceasing communication with the suspect autonomous device node responsive to said vote satisfying a revocation criterion;
- and
data storage for storing partial revocation information for other autonomous device nodes, the autonomous device node being further configured to cooperate with other autonomous device nodes to combine partial revocation information for the suspect autonomous device node stored in the data storage with partial revocation information for the suspect autonomous device node stored at other autonomous device nodes to construct a revocation message that is transmitted amongst the autonomous device nodes on the distributed network to effectuate ceasing of communication with the suspect autonomous device responsive to said vote satisfying the revocation criterion, wherein the revocation message received at each autonomous device node is authenticated by comparing a first portion of the revocation message processed by a one-way function with a second portion of the revocation message. - View Dependent Claims (11, 12)
- and
-
13. A distributed revocation method comprising:
-
conducting a temporally limited revocation session at which individual decisions of a plurality of autonomous device nodes are combined to decide whether a suspect autonomous device node should be removed from the distributed network; constructing a revocation message from revocation information previously distributed across at least some of the autonomous device nodes of the distributed network; transmitting the revocation message amongst the autonomous device nodes over the distributed network other than the suspect autonomous device node; and authenticating the revocation message the autonomous device nodes by comparing a first portion of the revocation message processed by a one-way function with a second portion of the revocation message; and removing the suspect autonomous device node from the distributed network responsive to the authenticated revocation message. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
-
21. In a distributed medical monitoring network, a plurality of nodes, each node programmed to:
-
communicate and conduct a vote with other nodes of the network whether to revoke network communication with a node detected engaging in one or more suspicious activities; construct a revocation message by combining partial revocation information for revoking the suspect node that is distributed amongst the other nodes of the network other than the suspect node, and transmit the revocation message amongst the plurality of nodes of the network, the revocation message including a first portion and a second portion, authenticate the revocation message by comparing a first portion of the revocation message processed by a one-way function with a second portion of the revocation message, cease communication with the suspect node responsive to said vote satisfying a revocation criteria. - View Dependent Claims (22)
-
-
23. A distributed network comprising a plurality of nodes, each node configured to:
-
(i) randomly generate and transmit to other nodes partial revocation votes combinable to construct a revocation message against the node such that the partial revocation vote distributed to one other node cannot be replicated or forged by another node;
the revocation message including a first portion and a second portion; and(ii) store partial revocation votes received from other nodes; (iii) communicate and conduct a vote with other nodes of the network whether to revoke network communication with a node detected engaging in one or more suspicious activities; (iv) authenticate the revocation message by processing one of a first and second portions of the revocation message processed by a one way function; (v) cease communication with the suspect node responsive to said vote satisfying a revocation criteria. - View Dependent Claims (24, 25, 26)
-
Specification