SYSTEM FOR A SECURE ENCRYPTION PROXY IN A CONTENT CENTRIC NETWORK
First Claim
1. A computer system, comprising:
- a processor; and
a storage device storing instructions that when executed by the processor cause the processor to perform a method, the method comprising;
receiving, by an intermediate router from a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key, wherein the inner interest includes a name for a manifest that represents a collection of data, wherein the intermediate router does not possess the encryption key;
generating one or more interests for the data represented by the manifest, wherein a generated interest has a name that corresponds to a numbered chunk of the data represented by the manifest;
transmitting to the content-consuming computing device a content object received in response to a generated interest,wherein the intermediate router transmits the responsive content object without receiving a corresponding interest from the content-consuming computing device, thereby facilitating reduced network between the content-consuming computing device and the intermediate router.
3 Assignments
0 Petitions
Accused Products
Abstract
One embodiment provides a system that facilitates a secure encryption proxy in a content centric network. During operation, the system receives, by an intermediate router from a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key. The inner interest includes a name for a manifest that represents a collection of data. The intermediate router does not possess the encryption key. The system generates one or more interests for the data represented by the manifest. The system transmits to the content-consuming computing device a content object received in response to a generated interest, wherein the intermediate router transmits the responsive content object without receiving a corresponding interest from the content-consuming computing device, thereby facilitating reduced network between the content-consuming computing device and the intermediate router.
-
Citations
20 Claims
-
1. A computer system, comprising:
-
a processor; and a storage device storing instructions that when executed by the processor cause the processor to perform a method, the method comprising; receiving, by an intermediate router from a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key, wherein the inner interest includes a name for a manifest that represents a collection of data, wherein the intermediate router does not possess the encryption key; generating one or more interests for the data represented by the manifest, wherein a generated interest has a name that corresponds to a numbered chunk of the data represented by the manifest; transmitting to the content-consuming computing device a content object received in response to a generated interest, wherein the intermediate router transmits the responsive content object without receiving a corresponding interest from the content-consuming computing device, thereby facilitating reduced network between the content-consuming computing device and the intermediate router. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer system, comprising:
-
a processor; and a storage device storing instructions that when executed by the processor cause the processor to perform a method, the method comprising; generating, by a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key, wherein the inner interest includes a name for a manifest that represents a collection of data; in response to transmitting the first interest to an intermediate router, receiving one or more content objects, wherein a received content object includes a name that corresponds to a numbered chunk of the data represented by the manifest, wherein the content-consuming computing device is not required to transmit one or more corresponding interests for the one or more content objects, thereby facilitating reduced network traffic between the content-consuming computing device and the intermediate router. - View Dependent Claims (12, 13, 14, 15, 16, 17)
-
-
18. A computer system, comprising:
-
a processor; and a storage device storing instructions that when executed by the processor cause the processor to perform a method, the method comprising; receiving, by a replica device, a first interest that includes a first name, signaling information encrypted based on a signaling key, an inner interest encrypted based on an encryption key, and an authentication token based on an authentication key, wherein the inner interest includes a name for a manifest that represents a collection of data; authenticating the first interest by verifying the authentication token based on the authentication key; and generating a first content object that includes signaling information encrypted based on the signaling key and that indicates an end chunk number that corresponds to a number of chunks comprising the data represented by the manifest, wherein the first content object further includes data represented by the manifest and that is encrypted based on the encryption key. - View Dependent Claims (19, 20)
-
Specification