Network-layer application-specific trust model
First Claim
1. A computer-implemented method, comprising:
- obtaining a stack requirement for a custom stack, wherein the stack requirement specifies at least a description for a verifier stack component which verifies a Content Object using a key identifier associated with a content producer, wherein the custom stack is configured by a transport framework based on specific requirements of an application, and wherein the description for the verifier component includes one or more of;
a listing of one or more trust checkers to instantiate in the verifier stack component, wherein a respective trust checker analyzes the Content Object to accept the Content Object, reject the Content Object, or defer verification of the Content Object to another trust checker;
an ordering for the one or more trust checkers in the verifier stack component; and
an implementation for the respective trust checker;
instantiating the verifier stack component in the custom stack; and
using the custom stack to obtain a verified Content Object, which involves;
pushing, to the custom stack, an Interest that includes a name for a piece of content and includes the key identifier associated with the content producer; and
receiving, from the custom stack, the Content Object which the verifier stack component has verified is signed by the content producer associated with the key identifier,thereby facilitating the custom stack to verify the Content Object on behalf of the application without requiring the application to be involved in verifying the Content Object.
3 Assignments
0 Petitions
Accused Products
Abstract
A data verification system facilitates verifying whether a CCN Content Object is authentic or trustworthy on behalf of an application. During operation, the system can obtain a stack requirement for a custom transport stack, which specifies at least a description for a verifier stack component that verifies a Content Object using a key identifier (KeyID) associated with a publisher. The system instantiates the verifier stack component in the custom stack, and can use the custom stack to obtain a verified Content Object. While using the custom stack, the system can push, to the custom stack, an Interest that includes a name for a piece of content and includes a KeyID associated with a content producer. The system then receives, from the custom stack, a Content Object which the verifier stack component has verified is signed by the content producer associated with the KeyID.
-
Citations
22 Claims
-
1. A computer-implemented method, comprising:
-
obtaining a stack requirement for a custom stack, wherein the stack requirement specifies at least a description for a verifier stack component which verifies a Content Object using a key identifier associated with a content producer, wherein the custom stack is configured by a transport framework based on specific requirements of an application, and wherein the description for the verifier component includes one or more of; a listing of one or more trust checkers to instantiate in the verifier stack component, wherein a respective trust checker analyzes the Content Object to accept the Content Object, reject the Content Object, or defer verification of the Content Object to another trust checker; an ordering for the one or more trust checkers in the verifier stack component; and an implementation for the respective trust checker; instantiating the verifier stack component in the custom stack; and using the custom stack to obtain a verified Content Object, which involves; pushing, to the custom stack, an Interest that includes a name for a piece of content and includes the key identifier associated with the content producer; and receiving, from the custom stack, the Content Object which the verifier stack component has verified is signed by the content producer associated with the key identifier, thereby facilitating the custom stack to verify the Content Object on behalf of the application without requiring the application to be involved in verifying the Content Object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A non-transitory computer-readable storage medium storing instructions that when executed by a computer cause the computer to perform a method, comprising:
-
obtaining a stack requirement for a custom stack, wherein the stack requirement specifies at least a description for a verifier stack component which verifies a Content Object using a key identifier associated with a content producer, wherein the custom stack is configured by a transport framework based on specific requirements of an application, and wherein the description for the verifier component includes one or more of; a listing of one or more trust checkers to instantiate in the verifier stack component, wherein a respective trust checker analyzes the Content Object to accept the Content Object, reject the Content Object, or defer verification of the Content Object to another trust checker; an ordering for the one or more trust checkers in the verifier stack component; and an implementation for the respective trust checker; instantiating the verifier stack component in the custom stack; and
using the custom stack to obtain a verified Content Object, which involves;pushing, to the custom stack, an Interest that includes a name for a piece of content and includes a the key identifier associated with the content producer; and receiving, from the custom stack, the Content Object which the verifier stack component has verified is signed by the content producer associated with the key identifier, thereby facilitating the custom stack to verify the content object on behalf of the application without requiring the application to be involved in verifying the content object. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A computer system comprising:
-
a processor; and a storage device storing instructions that when executed by the processor cause the processor to perform a method, the method comprising; obtaining a stack requirement for a custom stack, wherein the stack requirement specifies at least a description for a verifier stack component which verifies a Content Object using a key identifier associated with a content producer, wherein the custom stack is configured by a transport framework based on specific requirements of an application, and wherein the description for the verifier component includes one or more of; a listing of one or more trust checkers to instantiate in the verifier stack component, wherein a respective trust checker analyzes the Content Object to accept the Content Object, reject the Content Object, or defer verification of the Content Object to another trust checker; an ordering for the one or more trust checkers in the verifier stack component; and an implementation for the respective trust checker; and instantiating the verifier stack component in the custom stack; and using the custom stack to obtain a verified Content Object, which involves; pushing, to the custom stack, an Interest that includes a name for a piece of content and includes a the key identifier associated with the content producer; and receiving, from the custom stack, the Content Object which the verifier stack component has verified is signed by the content producer associated with the key identifier, thereby facilitating the custom stack to verify the Content Object on behalf of the application without requiring the application to be involved in verifying the Content Object. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
Specification