Patent Grant
10693852
This disclosure is generally related to distribution of digital content. More specifically, this disclosure is related to a system for a secure encryption performance enhancing proxy in a content centric network.
The proliferation of the Internet and e-commerce continues to create a vast amount of digital content. Content centric network (CCN) architectures have been designed to facilitate accessing and processing such digital content. A CCN includes entities, or nodes, such as network clients, forwarders (e.g., routers), and content producers, which communicate with each other by sending interest packets for various content items and receiving content object packets in return. CCN interests and content objects are identified by their unique names, which are typically hierarchically structured variable length identifiers (HSVLI). An HSVLI can include contiguous name components ordered from a most general level to a most specific level.
Digital content may be carried over wireless links based on a transport control protocol (TCP). However, because the digital content can travel over both a radio link and a wireline link, TCP may result in poor performance due to the different channel responses for a transport protocol for a radio link and for a wireline link. One solution is to split or proxy the topology by inserting a middle box (e.g., a performance enhancing proxy, or a PEP) which terminates the radio transport loop and establishes a second transport loop to the wireline system. This allows the transport protocols to optimize performance on each side of the proxy and keep the air interface full with a minimum of duplicate data due to TCP retransmission requests. However, today's network traffic uses an increased amount of encryption, which prevents middle boxes (such as PEPs), from intercepting encrypted sessions. As a result, the PEPs cannot proxy the encrypted traffic. The encrypted traffic loses the benefit of the proxy over the wireless link, and the PEPs are unable to do much more than packet shaping to adjust data rates.
While a CCN brings many desired features to a network, some issues remain unsolved for implementing a secure encryption proxy in a content centric network.
One embodiment provides a system that facilitates a secure encryption proxy in a content centric network. During operation, the system receives, by an intermediate router from a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key. The inner interest includes a name for a manifest that represents a collection of data. The intermediate router does not possess the encryption key. The system generates one or more interests for the data represented by the manifest, wherein a generated interest has a name that corresponds to a numbered chunk of the data represented by the manifest. The system transmits to the content-consuming computing device a content object received in response to a generated interest, wherein the intermediate router transmits the responsive content object without receiving a corresponding interest from the content-consuming computing device, thereby facilitating reduced network between the content-consuming computing device and the intermediate router.
In some embodiments, the intermediate router acts as an encryption performance enhancing proxy between the content-consuming computing device and a replica device. The content-consuming computing device and the intermediate router communicate over an air interface, and the intermediate router and the replica device communicate over a wired link.
In some embodiments, the first interest further includes an authentication token which is based on an authentication key, the encrypted signaling information, the encrypted inner interest, and data associated with the encrypted inner interest and the first interest. The system authenticates the first interest by verifying the authentication token based on the authentication key and the associated data. The system decrypts the signaling information included in the first interest based on the signaling key.
In some embodiments, in response to transmitting the first interest to a replica device, the system receives a first content object with signaling information encrypted based on the signaling key and that indicates an end chunk number, wherein generating the one or more interests further involves generating a number of interests equal to the end chunk number.
In some embodiments, in response to transmitting a generated interest to a replica device, the system receives a responsive content object with a name that corresponds to a numbered chunk of the data represented by the manifest. A numbered chunk corresponds to: a chunk created by a content producing device based on a division of a concatenation of the data represented by the manifest; or data for a leaf or a content object indicated in the manifest.
In some embodiments, in response to receiving one or more interests from the content-consuming computing device, the system forwards the received interests, wherein a received interest indicates a name for a branch of the manifest. The system transmits to the content-consuming computing device a content object received in response to a forwarded interest.
In some embodiments, the system receives a second interest that includes the first name, signaling information encrypted based on the signaling key and that indicates the manifest name, data encrypted based on the encryption key, and an authentication token based on the authentication key. The system authenticates the second interest by verifying the authentication token based on the authentication key. A generated interest of the one or more interests includes signaling information that indicates a request for a leaf of the manifest, and the content object received in response to the generated interest includes data corresponding to the requested manifest leaf.
In some embodiments, the system obtains the signaling key and the authentication key based on a key exchange protocol which is based on one or more of: a content centric network, wherein the intermediate router is known to the content-consuming computing device; and a dynamic proxy discovery, wherein the intermediate router is not known to the content-consuming computing device. The system updates an interest received during a second round of communication in the key exchange protocol based on the content centric network by adding a key share of the intermediate router to the interest, and transmits the updated interest to a replica device, which allows the replica device to return to the content-consuming computing device a responsive content object that includes the key share of the replica device and the key share of the intermediate router.
In some embodiments, a name is a hierarchically structured variable length identifier that includes contiguous name components ordered from a most general level to a most specific level. The name further includes one or more of: a routable name prefix for a replica device that hosts content; a session identifier; a transaction identifier; and a chunk number.
In some embodiments, the system receives a generates a first alert message which is one or more of: a close message that indicates a shutdown of a transaction associated with the transaction identifier or a shutdown of a session associated with the session identifier; and an error message that indicates an error. The system receives a second alert message which is one or more of: a rekey message that indicates a request from the content-consuming computing device or a replica device to establish a new set of session keys; and a keepalive message from the content-consuming computing device or the replica device that allows a receiving entity to return a message to a sending entity outside of the generated interests or a received content object.
Another embodiment provides a system that facilitates a secure encryption proxy in a content centric network. During operation, the system generates, by a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key. The inner interest includes a name for a manifest that represents a collection of data. In response to transmitting the first interest to an intermediate router, the system receives one or more content object. A received content object includes a name that corresponds to a numbered chunk of the data represented by the manifest, and the content-consuming computing device is not required to transmit one or more corresponding interests for the one or more content objects, thereby facilitating reduced network traffic between the content-consuming computing device and the intermediate router.
In some embodiments, a received content object includes an authentication token which is based on an authentication key, the encrypted signaling information, the encrypted inner interest, and data associated with the encrypted inner interest and the first interest. The system authenticates a received content object by verifying the authentication token based on the authentication key and the associated data. The system decrypts the signaling information included in the received content object based on the signaling key, and the system decrypts encrypted data or the inner interest that is included in the received content object based on the encryption key.
In some embodiments, the system generates one or more interests, wherein a name for a generated interest indicates a name for a branch of the manifest. The system receives a content object in response to a generated interest.
In some embodiments, the system generates a second interest that includes the first name, signaling information encrypted based on the signaling key and that indicates the manifest name, data encrypted based on the encryption key, and an authentication token based on the authentication key. In response to transmitting the second interest to the intermediate router, the system receives one or more transport content objects. A received transport content object includes signaling information that indicates a request for a leaf of the manifest, and data corresponding to the requested manifest leaf.
In some embodiments, the system obtains the encryption key, the signaling key, and the authentication key based on a key exchange protocol which is based on one or more of: a content centric network, wherein the intermediate router is known to the content-consuming computing device; and a dynamic proxy discovery, wherein the intermediate router is not known to the content-consuming computing device. The system receives a responsive content object that includes the key share of a replica device and the key share of the intermediate router.
In some embodiments, the system receives or generates an alert message which is one or more of: a close message that indicates a shutdown of a transaction associated with the transaction identifier or a shutdown of a session associated with the session identifier; an error message that indicates an error; a rekey message that indicates a request from the content-consuming computing device or a replica device to establish a new set of session keys; and a keepalive message from the content-consuming computing device or the replica device that allows a receiving entity to return a message to a sending entity outside of the generated interests or a received content object.
Another embodiment provides a system that facilitates a secure encryption proxy in a content centric network. During operation, the system receives, by a replica device, a first interest that includes a first name, signaling information encrypted based on a signaling key, an inner interest encrypted based on an encryption key, and an authentication token based on an authentication key. The inner interest includes a name for a manifest that represents a collection of data. The system authenticates the first interest by verifying the authentication token based on the authentication key. The system generates a first content object that includes signaling information encrypted based on the signaling key and that indicates an end chunk number that corresponds to a number of chunks comprising the data represented by the manifest. The first content object further includes data represented by the manifest and that is encrypted based on the encryption key.
In some embodiments, in response to receiving a subsequent interest with a name that corresponds to a numbered chunk of the data represented by the manifest, the system generates a subsequent content object with data that corresponds to the numbered chunk.
In some embodiments, the system receives a second interest that includes the first name, signaling information encrypted based on the signaling key and that indicates the manifest name, data encrypted based on the encryption key, and an authentication token based on the authentication key. The system authenticates the second interest by verifying the authentication token based on the authentication key. A received subsequent interest includes signaling information that indicates a request for data represented by the manifest, and a generated subsequent content object includes signaling information that indicates the data represented by the manifest.
In the figures, like reference numerals refer to the same figure elements.
The following description is presented to enable any person skilled in the art to make and use the embodiments, and is provided in the context of a particular application and its requirements. Various modifications to the disclosed embodiments will be readily apparent to those skilled in the art, and the general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the present disclosure. Thus, the present invention is not limited to the embodiments shown, but is to be accorded the widest scope consistent with the principles and features disclosed herein.
Overview
Embodiments of the present invention provide a system that solves the problem of relying on a PEP for encrypted traffic by providing an encryption performance enhancing proxy (ePEP) that can process encrypted traffic, where the system does not disclose any confidential information about the traffic to the ePEP. Current cellular network traffic carried over wireless links can be based on TCP, where digital content can travel over a radio link and over a wireline link.
However, because the radio link and the wireline link have different channel responses for a transport protocol, and because TCP cannot distinguish between the radio link and the wireline link, TCP may underestimate the end-to-end capacity. One solution is to split or proxy the topology by inserting a middle box (e.g., a performance enhancing proxy, or a PEP) which terminates the radio link transport loop and establishes a second transport loop to the wire-line system. This allows the transport protocols to optimize performance on each side of the proxy and keep the air interface full with a minimum of duplicate date due to TCP retransmission requests. However, today's network traffic uses an increased amount of encryption, which prevents a middle box (such as an PEP), from intercepting encrypted sessions. As a result, the PEP cannot proxy the encrypted traffic, as described below in relation to
Embodiments of the present invention provide an encryption performance enhancing proxy (ePEP), which can be an intermediate router that sits between a content-consuming computing device (e.g., a consumer) and a replica or a content producing device (e.g., a producer). The producer can provide all of its data to the replica. The system decouples the keys used to encrypt the underlying data from the keys used to encrypt or authenticate the data used for transporting the underlying data. For example, only the endpoints (e.g., the consumer and the producer) share the encryption key (“KE”) which is used to encrypt the underlying data, while the endpoints and the ePEP exchange both the signaling key (“KS”) which is used to encrypt signaling or transport information as well as the authentication key (“KA”) which is used to authenticate the underlying data in a packet. This allows the ePEP to participate in end-to-end signaling while it runs two different transport loops, and further allows the ePEP to process encrypted traffic, as described below in relation to
Thus, by decoupling the key distribution, the system can maintain end-to-end confidentiality, integrity, and authentication while benefiting from the performance improvements that a PEP can offer a mobile handset. Embodiments of the present invention result in increased efficiency in a network, specifically, in the communications or exchange of data between a content-consuming computing device (e.g., a mobile handset) and an ePEP over an air interface, and between the ePEP and a content hosting device (e.g., a replica) over a wireline link. The system of the present invention allows the ePEP to act as a semi-trusted middle box in a content centric network.
In CCN, each piece of content is individually named, and each piece of data is bound to a unique name that distinguishes the data from any other piece of data, such as other versions of the same data or data from other sources. This unique name allows a network device to request the data by disseminating a request or an interest that indicates the unique name, and can obtain the data independent from the data's storage location, network location, application, and means of transportation. The following terms are used to describe the CCN architecture:
Content Object (or “content object”): A single piece of named data, which is bound to a unique name. Content Objects are “persistent,” which means that a Content Object can move around within a computing device, or across different computing devices, but does not change. If any component of the Content Object changes, the entity that made the change creates a new Content Object that includes the updated content, and binds the new Content Object to a new unique name.
Unique Names: A name in a CCN is typically location independent and uniquely identifies a Content Object. A data-forwarding device can use the name or name prefix to forward a packet toward a network node that generates or stores the Content Object, regardless of a network address or physical location for the Content Object. In some embodiments, the name may be a hierarchically structured variable-length identifier (HSVLI). The HSVLI can be divided into several hierarchical components, which can be structured in various ways. For example, the individual name components pare, home, ccn, and test.txt can be structured in a left-oriented prefix-major fashion to form the name “/parc/home/ccn/test.txt.” Thus, the name “/parc/home/ccn” can be a “parent” or “prefix” of “/parc/home/ccn/test.txt.” Additional components can be used to distinguish between different versions of the content item, such as a collaborative document. The HSVLI can also include contiguous name components ordered from a most general level to a most specific level.
In some embodiments, the name can include an identifier, such as a hash value that is derived from the Content Object's data (e.g., a checksum value) and/or from elements of the Content Object's name. A description of a hash-based name is described in U.S. patent application Ser. No. 13/847,814, which is herein incorporated by reference. A name can also be a flat label. Hereinafter, “name” is used to refer to any name for a piece of data in a name-data network, such as a hierarchical name or name prefix, a flat name, a fixed-length name, an arbitrary-length name, or a label (e.g., a Multiprotocol Label Switching (MPLS) label).
Interest (or “interest”): A packet that indicates a request for a piece of data, and includes a name (or a name prefix) for the piece of data. A data consumer can disseminate a request or Interest across an information-centric network, which CCN/NDN routers can propagate toward a storage device (e.g., a cache server) or a data producer that can provide the requested data to satisfy the request or Interest.
The methods disclosed herein are not limited to CCN networks and are applicable to other architectures as well. A description of a CCN architecture is described in U.S. patent application Ser. No. 12/338,175, which is herein incorporated by reference.
Exemplary Network (Prior Art)
Exemplary Network and Communication; Exemplary Keys
Logical Channels and Exemplary Formats for Packet Names
The keys KE, KA, and KS are used to secure and authenticate a logical data channel and a logical signaling (control) channel.
The system can encapsulate in an outer interest, an encrypted inner interest (which includes an inner interest name), where the inner interest is encrypted based on KE. The outer interest name can represent the encryption context. For example, one format for the outer interest name can be:
/replica-prefix/SID=sid/chunk=m (1)
The name component “/replica=prefix” can be a routable name prefix of the replica; “SID=sid” can indicate the session identifier; and “chunk=m” can identify the specific chunk number. Format (1) corresponds to the SID-level control channel. With this naming context, a consumer, ePEP, or replica can exchange signaling information, e.g., to shut down an encryption context.
A second format for the outer interest name can be:
/replica-prefix/SID=sid/XID=xid/chunk=n (2)
The name component “XID=xid” can identify a specific transaction, and “chunk=n” can identify the specific chunk number. Format (2) corresponds to the XID-level control channel. With this naming context, the participating entities can exchange signaling information and data relevant to a particular consumer transaction.
Encrypting and Authenticating Data
In general, a consumer or replica can: 1) encrypt underlying data using KE (“EKE{data”}); 2) encrypt signaling information using KS (e.g., “EKS{signaling}”); and 3) sign the concatenation of these two encrypted field using KA. Assume that the notation Ek{x} indicates to encrypt (and authenticate or decrypt) the element “x” under key “k,” and the notation Sk{x} means to only authenticate x under key k. For example, based on an AEAD scheme such as AES-GCM, the consumer can compute a hash over 1), 2), and additional data using KA, to produce an authentication token, which can be included in a packet. The additional data can be plaintext information associated with the encrypted data of 1) and 2) (e.g., associated data or “AD”). This can be written as:
SKA{AD∥EKA{Signaling}∥EKE{Data}} (3)
An alternate method that drops the authentication key but co-signs the hash is:
EKS{Signaling,EDH∥EKE{Data} (4)
EDH=Hash{EKE{Data}} (5)
Thus, a consumer can generate and sign an interest packet using the above method (e.g., encrypting the data using KE, encrypting the signaling information using KS, and signing the encrypted information using KS). An ePEP can receive the packet and authenticate the packet by verifying that a computation of a comparison authentication token (e.g., performing equation (3)) matches the authentication token included in the received packet. The ePEP can also decrypt and process the signaling information based on KS, and subsequently forward the interest on to a replica. The replica can receive the packet and similarly authenticate the packet based on KA. The replica can also decrypt and process both the signaling information based on KS and the data based on KE. These communications are described below in relation to
Exemplary Communication with an ePEP, and Exemplary Packets
During operation, consumer 102 can generate an interest 210, which initializes state for a new transaction identifier XID of “1.”
Replica 108 can similarly process the packet (function 214), by decrypting signaling information 234 and authenticating the packet by verifying authentication token 232. Replica 108 can further decrypt encrypted inner interest 236 based on the encryption key KE and obtain inner interest name 238 (and, if included, payload 240). Replica 108 can generate a responsive content object 216, which includes an encrypted inner content object corresponding to inner interest name 238.
ePEP 107 may now begin pipelining interests 220.1-220.z and receiving responsive content objects 222.1-222.z to retrieve the data represented by the manifest.
Replica 108 can process the packet (similar to function 214), and can further decrypt encrypted inner interest 260 based on the encryption key KE and obtain inner interest name 262 (and, if included, payload 264). Replica 108 can generate a responsive content object 222.1, which includes an encrypted inner content object corresponding to inner interest name 262.
Consumer 102 can subsequently receive content object 222.1 (and content objects 222.2-222.z) and reassemble the manifest based on the received content objects. Note that all entities that receive a packet will process the packet, although the process packet functions 212, 214, and 218 are only shown in relation to the first full data exchange. For example, a process packet function can also occur: by replica 108 upon receiving interest 220.1; by ePEP 107 upon receiving content object 222.1; and by consumer 102 upon receiving content object 222.1.
Thus, consumer 102 can generate a single interest 210 for the manifest, and ePEP 107 can retrieve and forward the data represented by the manifest on behalf of consumer 102, which reduces traffic over the air interface between the consumer and the proxy by limiting the number of transmitted (and, correspondingly, re-transmitted) interests. This results in a more efficient system and use of the encryption performance enhancing proxy, and further allows ePEP 107 to process both unencrypted and encrypted traffic.
Exemplary Communication: Consumer Requests Manifest and Data Separately
Exemplary Communication: Consumer Requests Transport Manifest in Signaling Channel, and Exemplary Packets
During operation, consumer 102 can generate an interest 211, which initializes state for a new transaction identifier XID of “2.”
Replica 108 can process the packet (function 214, as described above), by decrypting signaling information 235 to obtain encrypted interest 291 and name 292, and authenticating the packet by verifying authentication token 233. Replica 108 can generate a responsive content object 217, which includes an encrypted inner content object corresponding to name 292.
Returning to
ePEP 107 may now begin pipelining interests 221.1-221.z and receiving responsive content objects 223.1-223.z to retrieve the data represented by the manifest. ePEP 107 can use the signaling channel to request the manifest leaves. The responsive content objects received from replica 108 may still be carried in the data channel, thereby maintaining the protection of the underlying data based on the encryption key KE, which is only known to consumer 102 and replica 108, and not known to ePEP 107.
Replica 108 can process the packet (similar to function 214, as described above), and can decrypt encrypted signaling information 259 based on the signaling key KS and obtain inner interest name 297. Replica can also decrypt encrypted data 261 based on encryption key KE. Replica 108 can generate a responsive content object 223.1, which includes an encrypted inner content object corresponding to inner interest name 297.
Consumer 102 can subsequently receive content object 223.1 (and content objects 223.2-223.z) and reassemble the manifest based on the received content objects (i.e., the manifest leaves). Thus, consumer 102 can generate a single interest 211 for a transport manifest in the signaling channel, and ePEP 107 can retrieve and forward the data represented by the manifest on behalf of consumer 102, which reduces traffic over the air interface between the consumer and the proxy by limiting the number of transmitted (and, correspondingly, re-transmitted) interests. This results in a more efficient system and use of the ePEP, and further allows ePEP 107 to process both unencrypted and encrypted traffic.
In some embodiments, the consumer can drive all interest traffic with consumer-to-replica interests in the data channel, and the proxy can shape the interests within the XID to achieve the proper wireline downlink capacity to keep the radio link saturated. In this case, the only messages in the signaling channel are CLOSE messages.
Alert Messages
The system can send different types of alert messages, based on various conditions. The alert messages can include: REKEY, CLOSE, ERROR, and KEEPALIVE. An ERROR message implies a CLOSE. If a message or packet fails authentication, the consumer, ePEP, or replica may send a CLOSE message for the corresponding transaction identifier, which indicates a shutdown of the transaction associated with that XID. A CLOSE message may also be sent for a corresponding session identifier, which indicates a shutdown of the session associated with the SID. When the consumer is done reading from a transaction, the consumer sends a CLOSE message. The ePEP will forward the CLOSE message to the replica, and the replica responds with its own CLOSE message in the downstream signaling channel. If the consumer does not receive this downstream CLOSE message, the CLOSE message may time out, and the replica may re-send the CLOSE message or may shut down the XID. If the consumer receives a CLOSE response on a SID for a non-existent XID, the consumer can send an ERROR in the SID control channel to the replica, which will cause the replica to destroy the XID.
In addition, a replica may shutdown an XID at any time. For example, the replica may place a CLOSE or ERROR message in the response to any outer pending interest from the consumer. The replica does not put any data in the data channel. This may cause an imbalance between pending interests and returning content objects in the data channel. However, because the replica indicated a CLOSE or ERROR message, the replica will have flushed any remaining data, rending this issue irrelevant.
A consumer or a producer may request a REKEY at any time. The REKEY message can be carried in the first outer namespace (as shown in Format (1)): “/replica_prefix/SID=sid/Chunk=m.” A REKEY message causes all parties to negotiate new session keys (e.g., via a key exchange protocol such as the one described in U.S. patent application Ser. No. 14/927,034, also known as CCN×KE). A REKEY message results in a new SID. Any existing open XIDs carry over to the new SID. Once the new SID is in operation, the consumer and the producer terminate the old SID with CLOSE messages, but keep the XIDs open. Carrying over an XID allows the chunk number of the XID to remain intact.
The communication described for embodiments of the present invention is always initiated by the consumer to the replica, based on a routable prefix of the replica. The replica has no way on its own to obtain a name for the consumer or to send a packet directly to the consumer outside of the responsive content objects to the received interests from the consumer. Thus, the asymmetric nature of the protocol does not allow the replica to send a message to the consumer unless it is in response to an interest sent by and received from the consumer. Furthermore, because the channel is simplex, the consumer must give the replica a chance to send the consumer control messages on the channel. The consumer can thus send KEEPALIVE messages to the producer at a negotiated rate or interval (e.g., every 30 seconds). The producer can then respond with its own KEEPALIVE or a REKEY or a CLOSE message. This maintains the interest/content object flow balance in this control channel.
Methods for Key Exchange in Facilitating a Secure Encryption Proxy
When the consumer has prior knowledge of the proxy, the consumer can establish session keys (e.g., KE, KA, and KS) with the replica (e.g., via CCN×KE). The consumer can also establish a key control channel with the proxy (e.g., via CCN×KE) for the express purpose of providing KA and KS to the proxy.
When the consumer does not have prior knowledge of the proxy, the protocol can use a method similar to the one used in mcTLS for deriving the keys. The consumer and the replica can establish the session keys KE, KA, and KS (via CCN×KE) by exchanging messages in a series of rounds, as described in relation to U.S. patent application Ser. No. 14/927,034. The proxy may terminate a second round of communication from the consumer to the replica, where the second round interest includes the secret key share of the consumer. The proxy can add the proxy's own secret key share to the second round interest, and forward the modified interest on to the replica. The replica can verify both the key share of the consumer and the key share of the proxy, and return a second round content object that includes the replica's secret key share. Thus, the consumer receives both the key share of the replica and the proxy, which allows the consumer to immediately establish a session, thereby avoiding an additional round trip.
Assume that the consumer communicates with the replica or the producer through the proxy, and further assume that the consumer trusts the replica or producer (e.g., through server validation). For n>1 proxies, there are n different security contexts derived using mcTLS. Each context is set to the name of the entity or proxy and its KeyID with the appropriate string, e.g., “ka,” where three keys strings “ka,” “ke,” and “ks” are supported. An example of a context is shown below:
context=“proxyA”∥“0x1abc2901. . . ”∥“ka” (6)
Each party can establish a pair-wise shared key via CCN×KE. For example, pair-wise keys are created for the consumer and the proxy, the proxy and the replica, and the consumer and the replica. After this step, the context keys KE, KA, and KS are created based on the per-context derivation technique described in mcTLS. Specifically, the consumer and the replica generate per-context keys using the following technique:
KiC=PRFS
KiC is a context key derived at the consumer, Sc-r is the traffic secret derived between the consumer and the replica via CCN×KE, <context> is the context string defined above in Equation (6) (for the appropriate key), and randy is fresh randomness generated by the consumer and given to the replica or producer in the CCN×KE exchange. After these keys are created, the consumer and the replica share them with the middlebox(es) (e.g., the proxy or proxies) as needed by encrypting them with the appropriate pair-wise keys. For example, because the proxy needs to obtain both KS and KA, the keys KSC, KSR, KaC, and KaR are shared with the proxy. The final computation to derive KA and KS from these values is as follows:
Ka<−PRFK
The entire exchange requires two “protocol executions”: a first round of CCN×KE to establish shared keys between each party; and a second round to establish and share per-context (per-proxy transport keys) with each party and each allocated middlebox.
mcTLS Support
The ePEP design can be emulated with mcTLS on top of IP. Within a single mcTLS session with at least one proxy, define two contexts for a single transaction: one for signaling information and for data information. The consumer and replica should not share the reader or write keys for the data context with the proxy. The proxy should only receive the signaling context keys. Afterwards, the consumer and replica should use the data context to transport application data and the signaling context to share transport-related information with all parties, including the proxy. The use of these channels follows as described herein. If more than one transaction is needed in a session, then more than one pair of context channels (signaling and data) should be created and shared appropriately. There is no restriction on the amount of channels that can be created.
Intermediate Router (or ePEP) Facilitates a Secure Encryption Proxy
If the authentication token is not successfully verified (decision 336), the operation continues as described at Label B of
Method for Handling an Error Message
Content-Consuming Computing Device Facilitates a Secure Encryption Proxy
In response to transmitting the first interest, the system receives a first content object with signaling information encrypted based on the signaling key and that indicates an end chunk number (operation 406). The system processes the first content object (operation 408). The system decrypts the signaling information based on the signaling key (operation 410). The system decrypts the data (e.g., the inner content object) based on the encryption key (operation 412). The system authenticates the first interest by verifying the authentication token based on the authentication key (operation 414). If the authentication token is not successfully verified (decision 416), the operation continues as described at Label B of
Replica Device Facilitates a Secure Encryption Proxy
The system processes the first interest (operation 506). The system decrypts the signaling information based on the signaling key (operation 508). The system decrypts the data (e.g., the inner interest) based on the encryption key (operation 510). The system authenticates the first interest by verifying the authentication token based on the authentication key (operation 512). If the authentication token is not successfully verified (decision 514), the operation continues as described at Label B of
Exemplary Computer System
Content-processing system 618 can include instructions, which when executed by computer system 602, can cause computer system 602 to perform methods and/or processes described in this disclosure. Specifically, content-processing system 618 may include instructions for sending and/or receiving data packets to/from other network nodes across a computer network, such as a content centric network (communication module 620). A data packet can include an interest packet or a content object packet with a name which is an HSVLI that includes contiguous name components ordered from a most general level to a most specific level.
Furthermore, content-processing system 618 can include instructions for receiving, by an intermediate router from a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key, wherein the inner interest includes a name for a manifest that represents a collection of data (communication module 620). Content-processing system 618 can include instructions for generating one or more interests for the data represented by the manifest (packet-generating module 622). Content-processing system 618 can also include instructions for transmitting to the content-consuming computing device a content object received in response to a generated interest (communication module 620).
Content-processing system 618 can additionally include instructions for authenticating the first interest by verifying an authentication token based on the authentication key and associated data (packet-authenticating module 624). Content-processing system 618 can include instructions for decrypting the signaling information included in the first interest based on the signaling key (decrypting module 626). Content-processing system 618 can also include instructions for, in response to transmitting the first interest to a replica device, receiving a first content object with signaling information encrypted based on the signaling key and that indicates an end chunk number (communication module 620), wherein generating the one or more interests further involves generating a number of interests equal to the end chunk number (packet-generating module 622). Content-processing system 618 can include instructions for, in response to transmitting a generated interest to a replica device, receiving a responsive content object with a name that corresponds to a numbered chunk of the data represented by the manifest (communication module 620).
Content-processing system 618 can further include instructions for, in response to receiving one or more interests from the content-consuming computing device, forwarding the received interests, wherein a received interest indicates a name for a branch of the manifest (communication module 620), and transmitting to the content-consuming computing device a content object received in response to a forwarded interest (communication module 620). Content-processing system 618 can also include instructions for receiving a second interest that includes the first name, signaling information encrypted based on the signaling key and that indicates the manifest name, data encrypted based on the encryption key, and an authentication token based on the authentication key (communication module 620). Content-processing system 618 can include instructions for authenticating the second interest by verifying the authentication token based on the authentication key (packet-authenticating module 624). Content-processing system 618 can include instructions for obtaining the signaling key and the authentication key based on a key exchange protocol (key-obtaining module 628). Content-processing system 618 can further include instructions for updating an interest received during a second round of communication in the key exchange protocol based on the content centric network by adding a key share of the intermediate router to the interest (key-obtaining module 628) and transmitting the updated interest to a replica device (communication module 620). Content-processing system 618 can include instructions for receiving or generating an alert message (alert-processing module 630).
Content-processing system 618 can include instructions for generating, by a content-consuming computing device, a first interest that includes a first name, signaling information encrypted based on a signaling key, and an inner interest encrypted based on an encryption key, wherein the inner interest includes a name for a manifest that represents a collection of data (packet-generating module 622). Content-processing system 618 can include instructions for. in response to transmitting the first interest to an intermediate router, receiving one or more content objects (communication module 620). Content-processing system 618 can further include instructions for authenticating a received content object by verifying the authentication token based on the authentication key and the associated data (packet-authenticating module 624). Content-processing system 618 can include instructions for decrypting the signaling information included in the received content object based on the signaling key, and for decrypting encrypted data or the inner interest that is included in the received content object based on the encryption key (decrypting module 626). Content-processing system 618 can include instructions for generating one or more interests, wherein a name for a generated interest indicates a name for a branch of the manifest (packet-generating module 622), and receiving a content object in response to a generated interest (communication module 620).
Content-processing system 618 can also include instructions for generating a second interest that includes the first name, signaling information encrypted based on the signaling key and that indicates the manifest name, data encrypted based on the encryption key, and an authentication token based on the authentication key (packet-generating module 620). Content-processing system 618 can include instructions for, in response to transmitting the second interest to the intermediate router, receiving one or more transport content objects, wherein a received transport content object includes signaling information that indicates a request for a leaf of the manifest, and data corresponding to the requested manifest leaf (communication module 620). Content-processing system 618 can include instructions for obtaining the encryption key, the signaling key, and the authentication key based on a key exchange protocol (key-obtaining module 628). Content-processing system 618 can include instructions for receiving, by the content-consuming computing device, the responsive content object that includes the key share of the replica device and the key share of the intermediate router (communication module 620).
Content-processing system 618 can additionally include instructions for receiving, by a replica device, a first interest that includes a first name, signaling information encrypted based on a signaling key, an inner interest encrypted based on an encryption key, and an authentication token based on an authentication key, wherein the inner interest includes a name for a manifest that represents a collection of data (communication module 620). Content-processing system 618 can include instructions for authenticating the first interest by verifying the authentication token based on the authentication key (packet-authenticating module 624). Content-processing system 618 can include instructions for generating a first content object that includes signaling information encrypted based on the signaling key and that indicates an end chunk number that corresponds to a number of chunks comprising the data represented by the manifest (packet-generating module 622). Content-processing system 618 can include instructions for, in response to receiving a subsequent interest with a name that corresponds to a numbered chunk of the data represented by the manifest, generating a subsequent content object with data that corresponds to the numbered chunk (packet-generating module 622).
Content-processing system 618 can include instructions for receiving a second interest that includes the first name, signaling information encrypted based on the signaling key and that indicates the manifest name, data encrypted based on the encryption key, and an authentication token based on the authentication key (communication module 620). Content-processing system 618 can include instructions for authenticating the second interest by verifying the authentication token based on the authentication key (packet-authenticating module 624).
Data 632 can include any data that is required as input or that is generated as output by the methods and/or processes described in this disclosure. Specifically, data 632 can store at least: an interest; an inner or encapsulated interest; a content object; an inner or encapsulated content object; a name; a name that is an HSVLI; signaling information; data; encrypted signaling information; encrypted data; an authentication key; a signaling key; an encryption key; a public private key pair or a data certificate; an authentication token; a manifest name; a manifest branch; a manifest leaf; a collection of data represented by the manifest; data associated with encrypted data and an interest; an end chunk number; a chunk number; a chunk; a key exchange protocol; a key exchange protocol based on a CCN; a key exchange protocol based on a dynamic proxy discovery; a key share; a routable name prefix; a session identifier; a transaction identifier; an alert message; a close message; an error message; a rekey message; and a keepalive message
The data structures and code described in this detailed description are typically stored on a computer-readable storage medium, which may be any device or medium that can store code and/or data for use by a computer system. The computer-readable storage medium includes, but is not limited to, volatile memory, non-volatile memory, magnetic and optical storage devices such as disk drives, magnetic tape, CDs (compact discs), DVDs (digital versatile discs or digital video discs), or other media capable of storing computer-readable media now known or later developed.
The methods and processes described in the detailed description section can be embodied as code and/or data, which can be stored in a computer-readable storage medium as described above. When a computer system reads and executes the code and/or data stored on the computer-readable storage medium, the computer system performs the methods and processes embodied as data structures and code and stored within the computer-readable storage medium.
Furthermore, the methods and processes described above can be included in hardware modules. For example, the hardware modules can include, but are not limited to, application-specific integrated circuit (ASIC) chips, field-programmable gate arrays (FPGAs), and other programmable-logic devices now known or later developed. When the hardware modules are activated, the hardware modules perform the methods and processes included within the hardware modules.
The foregoing descriptions of embodiments of the present invention have been presented for purposes of illustration and description only. They are not intended to be exhaustive or to limit the present invention to the forms disclosed. Accordingly, many modifications and variations will be apparent to practitioners skilled in the art. Additionally, the above disclosure is not intended to limit the present invention. The scope of the present invention is defined by the appended claims.
This application is a continuation of U.S. patent application Ser. No. 15/154,825, filed May 13, 2016, now U.S. Pat. No. 10,084,764, the entirety of which is incorporated herein by reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 817441 | Niesz | Apr 1906 | A |
| 4309569 | Merkle | Jan 1982 | A |
| 4921898 | Lenney | May 1990 | A |
| 5070134 | Oyamada | Dec 1991 | A |
| 5110856 | Oyamada | May 1992 | A |
| 5214702 | Fischer | May 1993 | A |
| 5377354 | Scannell | Dec 1994 | A |
| 5506844 | Rao | Apr 1996 | A |
| 5629370 | Freidzon | May 1997 | A |
| 5845207 | Amin | Dec 1998 | A |
| 5870605 | Bracho | Feb 1999 | A |
| 6052683 | Irwin | Apr 2000 | A |
| 6085320 | Kaliski, Jr. | Jul 2000 | A |
| 6091724 | Chandra | Jul 2000 | A |
| 6128623 | Mattis | Oct 2000 | A |
| 6128627 | Mattis | Oct 2000 | A |
| 6173364 | Zenchelsky | Jan 2001 | B1 |
| 6209003 | Mattis | Mar 2001 | B1 |
| 6226618 | Downs | May 2001 | B1 |
| 6233617 | Rothwein | May 2001 | B1 |
| 6233646 | Hahm | May 2001 | B1 |
| 6289358 | Mattis | Sep 2001 | B1 |
| 6292880 | Mattis | Sep 2001 | B1 |
| 6332158 | Risley | Dec 2001 | B1 |
| 6366988 | Skiba | Apr 2002 | B1 |
| 6574377 | Cahill | Jun 2003 | B1 |
| 6654792 | Verma | Nov 2003 | B1 |
| 6667957 | Corson | Dec 2003 | B1 |
| 6681220 | Kaplan | Jan 2004 | B1 |
| 6681326 | Son | Jan 2004 | B2 |
| 6732273 | Byers | May 2004 | B1 |
| 6769066 | Botros | Jul 2004 | B1 |
| 6772333 | Brendel | Aug 2004 | B1 |
| 6775258 | vanValkenburg | Aug 2004 | B1 |
| 6862280 | Bertagna | Mar 2005 | B1 |
| 6901452 | Bertagna | May 2005 | B1 |
| 6915307 | Mattis | Jul 2005 | B1 |
| 6917985 | Madruga | Jul 2005 | B2 |
| 6957228 | Graser | Oct 2005 | B1 |
| 6968393 | Chen | Nov 2005 | B1 |
| 6981029 | Menditto | Dec 2005 | B1 |
| 7007024 | Zelenka | Feb 2006 | B2 |
| 7013389 | Srivastava | Mar 2006 | B1 |
| 7031308 | Garcia-Luna-Aceves | Apr 2006 | B2 |
| 7043637 | Bolosky | May 2006 | B2 |
| 7061877 | Gummalla | Jun 2006 | B1 |
| 7080073 | Jiang | Jul 2006 | B1 |
| RE39360 | Aziz | Oct 2006 | E |
| 7149750 | Chadwick | Dec 2006 | B2 |
| 7152094 | Jannu | Dec 2006 | B1 |
| 7177646 | ONeill | Feb 2007 | B2 |
| 7206860 | Murakami | Apr 2007 | B2 |
| 7206861 | Callon | Apr 2007 | B1 |
| 7210326 | Kawamoto | May 2007 | B2 |
| 7246159 | Aggarwal | Jul 2007 | B2 |
| 7257837 | Xu | Aug 2007 | B2 |
| 7287275 | Moskowitz | Oct 2007 | B2 |
| 7315541 | Housel | Jan 2008 | B1 |
| 7339929 | Zelig | Mar 2008 | B2 |
| 7350229 | Lander | Mar 2008 | B1 |
| 7362727 | ONeill | Apr 2008 | B1 |
| 7382787 | Barnes | Jun 2008 | B1 |
| 7395507 | Robarts | Jul 2008 | B2 |
| 7430755 | Hughes | Sep 2008 | B1 |
| 7444251 | Nikovski | Oct 2008 | B2 |
| 7466703 | Arunachalam | Dec 2008 | B1 |
| 7472422 | Agbabian | Dec 2008 | B1 |
| 7496668 | Hawkinson | Feb 2009 | B2 |
| 7509425 | Rosenberg | Mar 2009 | B1 |
| 7523016 | Surdulescu | Apr 2009 | B1 |
| 7542471 | Samuels | Jun 2009 | B2 |
| 7543064 | Juncker | Jun 2009 | B2 |
| 7552233 | Raju | Jun 2009 | B2 |
| 7555482 | Korkus | Jun 2009 | B2 |
| 7555563 | Ott | Jun 2009 | B2 |
| 7564812 | Elliott | Jul 2009 | B1 |
| 7567547 | Mosko | Jul 2009 | B2 |
| 7567946 | Andreoli | Jul 2009 | B2 |
| 7580971 | Gollapudi | Aug 2009 | B1 |
| 7623535 | Guichard | Nov 2009 | B2 |
| 7636767 | Lev-Ran | Dec 2009 | B2 |
| 7647507 | Feng | Jan 2010 | B1 |
| 7660324 | Oguchi | Feb 2010 | B2 |
| 7685290 | Satapati | Mar 2010 | B2 |
| 7698463 | Ogier | Apr 2010 | B2 |
| 7698559 | Chaudhury | Apr 2010 | B1 |
| 7769887 | Bhattacharyya | Aug 2010 | B1 |
| 7779467 | Choi | Aug 2010 | B2 |
| 7801069 | Cheung | Sep 2010 | B2 |
| 7801177 | Luss | Sep 2010 | B2 |
| 7816441 | Elizalde | Oct 2010 | B2 |
| 7831733 | Sultan | Nov 2010 | B2 |
| 7873619 | Faibish | Jan 2011 | B1 |
| 7953885 | Xue | Jan 2011 | B1 |
| 7908337 | Garcia-Luna-Aceves | Mar 2011 | B2 |
| 7924837 | Shabtay | Apr 2011 | B1 |
| 7953014 | Toda | May 2011 | B2 |
| 8000267 | Solis | Aug 2011 | B2 |
| 8010691 | Kollmansberger | Aug 2011 | B2 |
| 8069023 | Roka | Nov 2011 | B1 |
| 8074289 | Carpentier | Dec 2011 | B1 |
| 8117441 | Kurien | Feb 2012 | B2 |
| 8160069 | Jacobson | Apr 2012 | B2 |
| 8204060 | Jacobson | Jun 2012 | B2 |
| 8214364 | Bigus | Jul 2012 | B2 |
| 8224985 | Takeda | Jul 2012 | B2 |
| 8225057 | Zheng | Jul 2012 | B1 |
| 8271578 | Sheffi | Sep 2012 | B2 |
| 8271687 | Turner | Sep 2012 | B2 |
| 8312064 | Gauvin | Nov 2012 | B1 |
| 8332357 | Chung | Dec 2012 | B1 |
| 8386622 | Jacobson | Feb 2013 | B2 |
| 8447851 | Anderson | May 2013 | B1 |
| 8462781 | McGhee | Jun 2013 | B2 |
| 8467297 | Liu | Jun 2013 | B2 |
| 8473633 | Eardley | Jun 2013 | B2 |
| 8553562 | Allan | Oct 2013 | B2 |
| 8572214 | Garda-Luna-Aceves | Oct 2013 | B2 |
| 8654649 | Vasseur | Feb 2014 | B2 |
| 8665757 | Kling | Mar 2014 | B2 |
| 8667172 | Ravindran | Mar 2014 | B2 |
| 8677451 | Bhimaraju | Mar 2014 | B1 |
| 8688619 | Ezick | Apr 2014 | B1 |
| 8699350 | Kumar | Apr 2014 | B1 |
| 8718055 | Vasseur | May 2014 | B2 |
| 8750820 | Allan | Jun 2014 | B2 |
| 8761022 | Chlabaut | Jun 2014 | B2 |
| 8762477 | Xie | Jun 2014 | B2 |
| 8762570 | Qian | Jun 2014 | B2 |
| 8762707 | Killian | Jun 2014 | B2 |
| 8767627 | Enure | Jul 2014 | B2 |
| 8817594 | Gero | Aug 2014 | B2 |
| 8826381 | Kim | Sep 2014 | B2 |
| 8832302 | Guichard | Sep 2014 | B1 |
| 8836536 | Marwah | Sep 2014 | B2 |
| 8861356 | Kozat | Oct 2014 | B2 |
| 8862774 | Vasseur | Oct 2014 | B2 |
| 8868779 | ONeill | Oct 2014 | B2 |
| 8874842 | Kimmel | Oct 2014 | B1 |
| 8880682 | Bishop | Nov 2014 | B2 |
| 8903756 | Zhao | Dec 2014 | B2 |
| 8923293 | Jacobson | Dec 2014 | B2 |
| 8934496 | Vasseur | Jan 2015 | B2 |
| 8937865 | Kumar | Jan 2015 | B1 |
| 8972969 | Gaither | Mar 2015 | B2 |
| 8977596 | Montulli | Mar 2015 | B2 |
| 9002921 | Westphal | Apr 2015 | B2 |
| 9071498 | Beser | Jun 2015 | B2 |
| 9112895 | Lin | Aug 2015 | B1 |
| 9253087 | Zhang | Feb 2016 | B2 |
| 9280610 | Gruber | Mar 2016 | B2 |
| 9338150 | Franck | May 2016 | B2 |
| 9390289 | Mosko | Jul 2016 | B2 |
| 10084764 | Wood | Sep 2018 | B2 |
| 20020002680 | Carbajal | Jan 2002 | A1 |
| 20020010795 | Brown | Jan 2002 | A1 |
| 20020038296 | Margolus | Mar 2002 | A1 |
| 20020048269 | Hong | Apr 2002 | A1 |
| 20020054593 | Morohashi | May 2002 | A1 |
| 20020077988 | Sasaki | Jun 2002 | A1 |
| 20020078066 | Robinson | Jun 2002 | A1 |
| 20020138551 | Erickson | Sep 2002 | A1 |
| 20020152305 | Jackson | Oct 2002 | A1 |
| 20020176404 | Girard | Nov 2002 | A1 |
| 20020188605 | Adya | Dec 2002 | A1 |
| 20020199014 | Yang | Dec 2002 | A1 |
| 20030004621 | Bousquet | Jan 2003 | A1 |
| 20030009365 | Tynan | Jan 2003 | A1 |
| 20030033394 | Stine | Feb 2003 | A1 |
| 20030046396 | Richter | Mar 2003 | A1 |
| 20030046421 | Horvitz et al. | Mar 2003 | A1 |
| 20030046437 | Eytchison | Mar 2003 | A1 |
| 20030048793 | Pochon | Mar 2003 | A1 |
| 20030051100 | Patel | Mar 2003 | A1 |
| 20030061384 | Nakatani | Mar 2003 | A1 |
| 20030074472 | Lucco | Apr 2003 | A1 |
| 20030088696 | McCanne | May 2003 | A1 |
| 20030097447 | Johnston | May 2003 | A1 |
| 20030099237 | Mitra | May 2003 | A1 |
| 20030140257 | Peterka | Jul 2003 | A1 |
| 20030229892 | Sardera | Dec 2003 | A1 |
| 20040024879 | Dingman | Feb 2004 | A1 |
| 20040030602 | Rosenquist | Feb 2004 | A1 |
| 20040064737 | Milliken | Apr 2004 | A1 |
| 20040071140 | Jason | Apr 2004 | A1 |
| 20040073617 | Milliken | Apr 2004 | A1 |
| 20040073715 | Folkes | Apr 2004 | A1 |
| 20040139230 | Kim | Jul 2004 | A1 |
| 20040196783 | Shinomiya | Oct 2004 | A1 |
| 20040221047 | Grover | Nov 2004 | A1 |
| 20040225627 | Botros | Nov 2004 | A1 |
| 20040233916 | Takeuchi | Nov 2004 | A1 |
| 20040246902 | Weinstein | Dec 2004 | A1 |
| 20040252683 | Kennedy | Dec 2004 | A1 |
| 20050003832 | Osafune | Jan 2005 | A1 |
| 20050028156 | Hammond | Feb 2005 | A1 |
| 20050043060 | Brandenberg | Feb 2005 | A1 |
| 20050050211 | Kaul | Mar 2005 | A1 |
| 20050074001 | Mattes | Apr 2005 | A1 |
| 20050132207 | Mourad | Jun 2005 | A1 |
| 20050149508 | Deshpande | Jul 2005 | A1 |
| 20050159823 | Hayes | Jul 2005 | A1 |
| 20050198351 | Nog | Sep 2005 | A1 |
| 20050249196 | Ansari | Nov 2005 | A1 |
| 20050259637 | Chu | Nov 2005 | A1 |
| 20050262217 | Nonaka | Nov 2005 | A1 |
| 20050281288 | Banerjee | Dec 2005 | A1 |
| 20050286535 | Shrum | Dec 2005 | A1 |
| 20050289222 | Sahim | Dec 2005 | A1 |
| 20060010249 | Sabesan | Jan 2006 | A1 |
| 20060029102 | Abe | Feb 2006 | A1 |
| 20060039379 | Abe | Feb 2006 | A1 |
| 20060051055 | Ohkawa | Mar 2006 | A1 |
| 20060072523 | Richardson | Apr 2006 | A1 |
| 20060099973 | Nair | May 2006 | A1 |
| 20060129514 | Watanabe | Jun 2006 | A1 |
| 20060133343 | Huang | Jun 2006 | A1 |
| 20060146686 | Kim | Jul 2006 | A1 |
| 20060173831 | Basso | Aug 2006 | A1 |
| 20060193295 | White | Aug 2006 | A1 |
| 20060203804 | Whitmore | Sep 2006 | A1 |
| 20060206445 | Andreoli | Sep 2006 | A1 |
| 20060215684 | Capone | Sep 2006 | A1 |
| 20060223504 | Ishak | Oct 2006 | A1 |
| 20060256767 | Suzuki | Nov 2006 | A1 |
| 20060262783 | Nedeltchev | Nov 2006 | A1 |
| 20060268792 | Belcea | Nov 2006 | A1 |
| 20070019619 | Foster | Jan 2007 | A1 |
| 20070073888 | Madhok | Mar 2007 | A1 |
| 20070094265 | Korkus | Apr 2007 | A1 |
| 20070112880 | Yang | May 2007 | A1 |
| 20070124412 | Narayanaswarni | May 2007 | A1 |
| 20070127457 | Mirtorabi | Jun 2007 | A1 |
| 20070160062 | Morishita | Jul 2007 | A1 |
| 20070162394 | Zager | Jul 2007 | A1 |
| 20070171828 | Dalal | Jul 2007 | A1 |
| 20070189284 | Kecskemeti | Aug 2007 | A1 |
| 20070195765 | Heissenbuttel | Aug 2007 | A1 |
| 20070204011 | Shaver | Aug 2007 | A1 |
| 20070209067 | Fogel | Sep 2007 | A1 |
| 20070239892 | Ott | Oct 2007 | A1 |
| 20070240207 | Belakhdar | Oct 2007 | A1 |
| 20070245034 | Retana | Oct 2007 | A1 |
| 20070253418 | Shiri | Nov 2007 | A1 |
| 20070255677 | Alexander | Nov 2007 | A1 |
| 20070255699 | Sreenivas | Nov 2007 | A1 |
| 20070255781 | Li | Nov 2007 | A1 |
| 20070274504 | Maes | Nov 2007 | A1 |
| 20070275701 | Jonker | Nov 2007 | A1 |
| 20070276907 | Maes | Nov 2007 | A1 |
| 20070233158 | Danseglio | Dec 2007 | A1 |
| 20070294187 | Scherrer | Dec 2007 | A1 |
| 20080005056 | Stelzig | Jan 2008 | A1 |
| 20080010366 | Duggan | Jan 2008 | A1 |
| 20080037420 | Tang | Feb 2008 | A1 |
| 20080043989 | Furutono | Feb 2008 | A1 |
| 20080046340 | Brown | Feb 2008 | A1 |
| 20080059631 | Bergstrom | Mar 2008 | A1 |
| 20080080440 | Yarvis | Apr 2008 | A1 |
| 20080101357 | Iovanna | May 2008 | A1 |
| 20080107034 | Jetcheva | May 2008 | A1 |
| 20080107259 | Satou | May 2008 | A1 |
| 20080123862 | Rowley | May 2008 | A1 |
| 20080133583 | Artan | Jun 2008 | A1 |
| 20080133755 | Pollack | Jun 2008 | A1 |
| 20080151755 | Nishioka | Jun 2008 | A1 |
| 20080159271 | Kutt | Jul 2008 | A1 |
| 20080165775 | Das | Jul 2008 | A1 |
| 20080186901 | Itagaki | Aug 2008 | A1 |
| 20080200153 | Fitzpatrick | Aug 2008 | A1 |
| 20080215669 | Gaddy | Sep 2008 | A1 |
| 20080216086 | Tanaka | Sep 2008 | A1 |
| 20080243992 | Jardetzky | Oct 2008 | A1 |
| 20080250006 | Dettinger | Oct 2008 | A1 |
| 20080256138 | Sim-Tang | Oct 2008 | A1 |
| 20080256359 | Kahn | Oct 2008 | A1 |
| 20080270618 | Rosenberg | Oct 2008 | A1 |
| 20080271143 | Stephens | Oct 2008 | A1 |
| 20080287142 | Keighran | Nov 2008 | A1 |
| 20080288580 | Wang | Nov 2008 | A1 |
| 20080298376 | Takeda | Dec 2008 | A1 |
| 20080320148 | Capuozzo | Dec 2008 | A1 |
| 20090006659 | Collins | Jan 2009 | A1 |
| 20090013324 | Gobara | Jan 2009 | A1 |
| 20090022154 | Kiribe | Jan 2009 | A1 |
| 20090024641 | Quigley | Jan 2009 | A1 |
| 20090030978 | Johnson | Jan 2009 | A1 |
| 20090037763 | Adhya | Feb 2009 | A1 |
| 20090052660 | Chen | Feb 2009 | A1 |
| 20090067429 | Nagai | Mar 2009 | A1 |
| 20090077184 | Brewer | Mar 2009 | A1 |
| 20090092043 | Lapuh | Apr 2009 | A1 |
| 20090097631 | Gisby | Apr 2009 | A1 |
| 20090103515 | Pointer | Apr 2009 | A1 |
| 20090113068 | Fujihira | Apr 2009 | A1 |
| 20090116393 | Hughes | May 2009 | A1 |
| 20090117922 | Bell | May 2009 | A1 |
| 20090132662 | Sheridan | May 2009 | A1 |
| 20090135728 | Shen | May 2009 | A1 |
| 20090144300 | Chatley | Jun 2009 | A1 |
| 20090157887 | Froment | Jun 2009 | A1 |
| 20090185745 | Momosaki | Jul 2009 | A1 |
| 20090193101 | Munetsugu | Jul 2009 | A1 |
| 20090198832 | Shah et al. | Aug 2009 | A1 |
| 20090222344 | Greene | Sep 2009 | A1 |
| 20090228593 | Takeda | Sep 2009 | A1 |
| 20090254572 | Redlich | Oct 2009 | A1 |
| 20090268905 | Matsushima | Oct 2009 | A1 |
| 20090274158 | Sharp | Nov 2009 | A1 |
| 20090276396 | Gorman | Nov 2009 | A1 |
| 20090285209 | Stewart | Nov 2009 | A1 |
| 20090287835 | Jacobson | Nov 2009 | A1 |
| 20090287853 | Carson | Nov 2009 | A1 |
| 20090288076 | Johnson | Nov 2009 | A1 |
| 20090288143 | Stebila | Nov 2009 | A1 |
| 20090288163 | Jacobson | Nov 2009 | A1 |
| 20090292743 | Bigus | Nov 2009 | A1 |
| 20090293121 | Bigus | Nov 2009 | A1 |
| 20090300079 | Shitomi | Dec 2009 | A1 |
| 20090300407 | Kamath | Dec 2009 | A1 |
| 20090300512 | Ahn | Dec 2009 | A1 |
| 20090307333 | Welingkar | Dec 2009 | A1 |
| 20090323632 | Nix | Dec 2009 | A1 |
| 20100005061 | Basco | Jan 2010 | A1 |
| 20100027539 | Beverly | Feb 2010 | A1 |
| 20100046546 | Ram | Feb 2010 | A1 |
| 20100057929 | Merat | Mar 2010 | A1 |
| 20100058346 | Narang | Mar 2010 | A1 |
| 20100088370 | Wu | Apr 2010 | A1 |
| 20100094767 | Miltonberger | Apr 2010 | A1 |
| 20100094876 | Huang | Apr 2010 | A1 |
| 20100098093 | Ejzak | Apr 2010 | A1 |
| 20100100465 | Cooke | Apr 2010 | A1 |
| 20100103870 | Garcia-Luna-Aceves | Apr 2010 | A1 |
| 20100124191 | Vos | May 2010 | A1 |
| 20100125911 | Bhaskaran | May 2010 | A1 |
| 20100131660 | Dec | May 2010 | A1 |
| 20100150155 | Napierala | Jun 2010 | A1 |
| 20100165976 | Khan | Jul 2010 | A1 |
| 20100169478 | Saha | Jul 2010 | A1 |
| 20100169503 | Kollmansberger | Jul 2010 | A1 |
| 20100180332 | Ben-Yochanan | Jul 2010 | A1 |
| 20100182995 | Hwang | Jul 2010 | A1 |
| 20100185753 | Liu | Jul 2010 | A1 |
| 20100195653 | Jacobson | Aug 2010 | A1 |
| 20100195654 | Jacobson | Aug 2010 | A1 |
| 20100195655 | Jacobson | Aug 2010 | A1 |
| 20100217874 | Anantharaman | Aug 2010 | A1 |
| 20100217985 | Fahrny | Aug 2010 | A1 |
| 20100232402 | Przybysz | Sep 2010 | A1 |
| 20100232439 | Dham | Sep 2010 | A1 |
| 20100235516 | Nakamura | Sep 2010 | A1 |
| 20100246549 | Zhang | Sep 2010 | A1 |
| 20100250497 | Redlich | Sep 2010 | A1 |
| 20100250939 | Adams | Sep 2010 | A1 |
| 20100257149 | Cognigni | Oct 2010 | A1 |
| 20100268782 | Zombek | Oct 2010 | A1 |
| 20100272107 | Papp | Oct 2010 | A1 |
| 20100281263 | Ugawa | Nov 2010 | A1 |
| 20100284309 | Allan | Nov 2010 | A1 |
| 20100284404 | Gopinath | Nov 2010 | A1 |
| 20100293293 | Beser | Nov 2010 | A1 |
| 20100322249 | Thathapudi | Dec 2010 | A1 |
| 20110019674 | Iovanna | Jan 2011 | A1 |
| 20110022812 | vanderLinden | Jan 2011 | A1 |
| 20110029952 | Harrington | Feb 2011 | A1 |
| 20110055392 | Shen | Mar 2011 | A1 |
| 20110055921 | Narayanaswamy | Mar 2011 | A1 |
| 20110060716 | Forman | Mar 2011 | A1 |
| 20110060717 | Forman | Mar 2011 | A1 |
| 20110090908 | Jacobson | Apr 2011 | A1 |
| 20110106755 | Hao | May 2011 | A1 |
| 20110137919 | Ryu | Jun 2011 | A1 |
| 20110145597 | Yamaguchi | Jun 2011 | A1 |
| 20110145858 | Philpott | Jun 2011 | A1 |
| 20110149858 | Hwang | Jun 2011 | A1 |
| 20110153840 | Narayana | Jun 2011 | A1 |
| 20110158122 | Murphy | Jun 2011 | A1 |
| 20110161408 | Kim | Jun 2011 | A1 |
| 20110202609 | Chaturvedi | Aug 2011 | A1 |
| 20110219093 | Ragunathan | Sep 2011 | A1 |
| 20110219427 | Hito | Sep 2011 | A1 |
| 20110219727 | May | Sep 2011 | A1 |
| 20110225293 | Rathod | Sep 2011 | A1 |
| 20110231578 | Nagappan | Sep 2011 | A1 |
| 20110239256 | Gholmieh | Sep 2011 | A1 |
| 20110258049 | Ramer | Oct 2011 | A1 |
| 20110264824 | Venkata Subramanian | Oct 2011 | A1 |
| 20110265159 | Ronda | Oct 2011 | A1 |
| 20110265174 | Thornton | Oct 2011 | A1 |
| 20110271007 | Wang | Nov 2011 | A1 |
| 20110286457 | Ee | Nov 2011 | A1 |
| 20110286459 | Rembarz | Nov 2011 | A1 |
| 20110295783 | Zhao | Dec 2011 | A1 |
| 20110299454 | Krishnaswamy | Dec 2011 | A1 |
| 20120011170 | Elad | Jan 2012 | A1 |
| 20120011551 | Levy | Jan 2012 | A1 |
| 20120023113 | Ferren | Jan 2012 | A1 |
| 20120036180 | Thornton | Feb 2012 | A1 |
| 20120047361 | Erdmann | Feb 2012 | A1 |
| 20120066727 | Nozoe | Mar 2012 | A1 |
| 20120106339 | Mishra | May 2012 | A1 |
| 20120114313 | Phillips | May 2012 | A1 |
| 20120120803 | Farkas | May 2012 | A1 |
| 20120127994 | Ko | May 2012 | A1 |
| 20120136676 | Goodall | May 2012 | A1 |
| 20120136936 | Quintuna | May 2012 | A1 |
| 20120136945 | Lee | May 2012 | A1 |
| 20120137367 | Dupont | May 2012 | A1 |
| 20120141093 | Yamaguchi | Jun 2012 | A1 |
| 20120155464 | Kim | Jun 2012 | A1 |
| 20120158973 | Jacobson | Jun 2012 | A1 |
| 20120163373 | Lo | Jun 2012 | A1 |
| 20120166433 | Tseng | Jun 2012 | A1 |
| 20120170913 | Isozaki | Jul 2012 | A1 |
| 20120179653 | Araki | Jul 2012 | A1 |
| 20120197690 | Agulnek | Aug 2012 | A1 |
| 20120198048 | Ioffe | Aug 2012 | A1 |
| 20120221150 | Arensmeier | Aug 2012 | A1 |
| 20120224487 | Hui | Sep 2012 | A1 |
| 20120226902 | Kim | Sep 2012 | A1 |
| 20120257500 | Lynch | Oct 2012 | A1 |
| 20120284791 | Miller | Nov 2012 | A1 |
| 20120290669 | Parks | Nov 2012 | A1 |
| 20120290919 | Melnyk | Nov 2012 | A1 |
| 20120291102 | Cohen | Nov 2012 | A1 |
| 20120307629 | Vasseur | Dec 2012 | A1 |
| 20120314580 | Hong | Dec 2012 | A1 |
| 20120317307 | Ravindran | Dec 2012 | A1 |
| 20120322422 | Frecks | Dec 2012 | A1 |
| 20120323933 | He | Dec 2012 | A1 |
| 20120331112 | Chatani | Dec 2012 | A1 |
| 20130024560 | Vasseur | Jan 2013 | A1 |
| 20130041982 | Shi | Feb 2013 | A1 |
| 20130051392 | Filsfils | Feb 2013 | A1 |
| 20130054971 | Yamaguchi | Feb 2013 | A1 |
| 20130060962 | Wang | Mar 2013 | A1 |
| 20130061084 | Barton | Mar 2013 | A1 |
| 20130066823 | Sweeney | Mar 2013 | A1 |
| 20130073552 | Rangwala | Mar 2013 | A1 |
| 20130074155 | Huh | Mar 2013 | A1 |
| 20130090942 | Robinson | Apr 2013 | A1 |
| 20130091539 | Khurana | Apr 2013 | A1 |
| 20130110987 | Kim | May 2013 | A1 |
| 20130111063 | Lee | May 2013 | A1 |
| 20130132719 | Kobayashi | May 2013 | A1 |
| 20130151584 | Westphal | Jun 2013 | A1 |
| 20130151646 | Chidambaram | Jun 2013 | A1 |
| 20130152070 | Bhullar | Jun 2013 | A1 |
| 20130163426 | Beliveau | Jun 2013 | A1 |
| 20130166668 | Byun | Jun 2013 | A1 |
| 20130173822 | Hong | Jul 2013 | A1 |
| 20130182568 | Lee | Jul 2013 | A1 |
| 20130182931 | Fan | Jul 2013 | A1 |
| 20130185406 | Choi | Jul 2013 | A1 |
| 20130191412 | Kitamura | Jul 2013 | A1 |
| 20130197698 | Shah | Aug 2013 | A1 |
| 20130198119 | Eberhardt, III | Aug 2013 | A1 |
| 20130212185 | Pasquero | Aug 2013 | A1 |
| 20130219038 | Lee | Aug 2013 | A1 |
| 20130219081 | Qian | Aug 2013 | A1 |
| 20130219478 | Mahamuni | Aug 2013 | A1 |
| 20130223237 | Hui | Aug 2013 | A1 |
| 20130227114 | Vasseur | Aug 2013 | A1 |
| 20130227166 | Ravindran | Aug 2013 | A1 |
| 20130242996 | Varvello | Sep 2013 | A1 |
| 20130250809 | Hui | Sep 2013 | A1 |
| 20130262365 | Dolbear | Oct 2013 | A1 |
| 20130262587 | Munger et al. | Oct 2013 | A1 |
| 20130282854 | Jang | Oct 2013 | A1 |
| 20130282860 | Zhang | Oct 2013 | A1 |
| 20130282920 | Zhang | Oct 2013 | A1 |
| 20130304758 | Gruber | Nov 2013 | A1 |
| 20130304937 | Lee | Nov 2013 | A1 |
| 20130325888 | Oneppo | Dec 2013 | A1 |
| 20130329696 | Xu | Dec 2013 | A1 |
| 20130336103 | Vasseur | Dec 2013 | A1 |
| 20130336323 | Srinivasan | Dec 2013 | A1 |
| 20130339481 | Hong | Dec 2013 | A1 |
| 20130343408 | Cook | Dec 2013 | A1 |
| 20140003424 | Matsuhira | Jan 2014 | A1 |
| 20140006354 | Parkison | Jan 2014 | A1 |
| 20140006565 | Muscariello | Jan 2014 | A1 |
| 20140029445 | Hui | Jan 2014 | A1 |
| 20140032714 | Liu | Jan 2014 | A1 |
| 20140033193 | Palaniappan | Jan 2014 | A1 |
| 20140040505 | Barton | Feb 2014 | A1 |
| 20140040628 | Fort | Feb 2014 | A1 |
| 20140047513 | vantNoordende | Feb 2014 | A1 |
| 20140074730 | Arensmeier | Mar 2014 | A1 |
| 20140075567 | Raleigh | Mar 2014 | A1 |
| 20140082135 | Jung | Mar 2014 | A1 |
| 20140082661 | Krahnstoever | Mar 2014 | A1 |
| 20140089454 | Jeon | Mar 2014 | A1 |
| 20140096249 | Dupont | Apr 2014 | A1 |
| 20140108313 | Heidasch | Apr 2014 | A1 |
| 20140108474 | David | Apr 2014 | A1 |
| 20140115037 | Liu | Apr 2014 | A1 |
| 20140122587 | Petker et al. | May 2014 | A1 |
| 20140129736 | Yu | May 2014 | A1 |
| 20140136814 | Stark | May 2014 | A1 |
| 20140140348 | Perlman | May 2014 | A1 |
| 20140143370 | Vilenski | May 2014 | A1 |
| 20140146819 | Bae | May 2014 | A1 |
| 20140149733 | Kim | May 2014 | A1 |
| 20140156396 | deKozan | Jun 2014 | A1 |
| 20140165207 | Engel | Jun 2014 | A1 |
| 20140172783 | Suzuki | Jun 2014 | A1 |
| 20140172981 | Kim | Jun 2014 | A1 |
| 20140173034 | Liu | Jun 2014 | A1 |
| 20140173076 | Ravindran | Jun 2014 | A1 |
| 20140192717 | Liu | Jul 2014 | A1 |
| 20140195328 | Ferens | Jul 2014 | A1 |
| 20140195641 | Wang | Jul 2014 | A1 |
| 20140195666 | Dumitriu | Jul 2014 | A1 |
| 20140214942 | Ozonat | Jul 2014 | A1 |
| 20140233575 | Xie | Aug 2014 | A1 |
| 20140237085 | Park | Aug 2014 | A1 |
| 20140237095 | Bevilacqua-Linn | Aug 2014 | A1 |
| 20140245359 | DeFoy | Aug 2014 | A1 |
| 20140254595 | Luo | Sep 2014 | A1 |
| 20140280823 | Varvello | Sep 2014 | A1 |
| 20140281489 | Peterka | Sep 2014 | A1 |
| 20140281505 | Zhang | Sep 2014 | A1 |
| 20140282816 | Xie | Sep 2014 | A1 |
| 20140289325 | Solis | Sep 2014 | A1 |
| 20140289790 | Wilson | Sep 2014 | A1 |
| 20140298248 | Kang | Oct 2014 | A1 |
| 20140314093 | You | Oct 2014 | A1 |
| 20140337276 | Iordanov | Nov 2014 | A1 |
| 20140365550 | Jang | Dec 2014 | A1 |
| 20150006896 | Franck | Jan 2015 | A1 |
| 20150018770 | Baran | Jan 2015 | A1 |
| 20150032892 | Narayanan | Jan 2015 | A1 |
| 20150033365 | Mellor | Jan 2015 | A1 |
| 20150039890 | Khosravi | Feb 2015 | A1 |
| 20150063802 | Bahadur | Mar 2015 | A1 |
| 20150089081 | Thubert | Mar 2015 | A1 |
| 20150095481 | Ohnishi | Apr 2015 | A1 |
| 20150095514 | Yu | Apr 2015 | A1 |
| 20150120663 | LeScouarnec | Apr 2015 | A1 |
| 20150139166 | Yao et al. | May 2015 | A1 |
| 20150169758 | Assom | Jun 2015 | A1 |
| 20150188770 | Naiksatam | Jul 2015 | A1 |
| 20150195149 | Vasseur | Jul 2015 | A1 |
| 20150207633 | Ravindran | Jul 2015 | A1 |
| 20150207864 | Wilson | Jul 2015 | A1 |
| 20150279348 | Cao | Oct 2015 | A1 |
| 20150349961 | Mosko | Dec 2015 | A1 |
| 20150372903 | Hui | Dec 2015 | A1 |
| 20150381546 | Mahadevan | Dec 2015 | A1 |
| 20160021172 | Mahadevan | Jan 2016 | A1 |
| 20170331800 | Wood et al. | Nov 2017 | A1 |
| Number | Date | Country |
|---|---|---|
| 1720277 | Jun 1967 | DE |
| 19620817 | Nov 1997 | DE |
| 0295727 | Dec 1988 | EP |
| 0757065 | Jul 1996 | EP |
| 1077422 | Feb 2001 | EP |
| 1384729 | Jan 2004 | EP |
| 2120419 | Nov 2009 | EP |
| 2124415 | Nov 2009 | EP |
| 20120402 | Nov 2009 | EP |
| 2214357 | Aug 2010 | EP |
| 03005288 | Jan 2003 | WO |
| 03042254 | May 2003 | WO |
| 03049369 | Jun 2003 | WO |
| 03091297 | Nov 2003 | WO |
| 2007113180 | Oct 2007 | WO |
| 2007144388 | Dec 2007 | WO |
| 2011049890 | Apr 2011 | WO |
| 2013123410 | Aug 2013 | WO |
| Entry |
|---|
| International Search Report and Written Opinion in counterpart International Application No. PCT/US2017/031370, dated Jul. 26, 2017, 10 pages. |
| Ghali, et al., “Interest-Based Access Control for Content Centric Networks,” Proceedings of the 2nd ACM Conference on Information-Centric Networking, Oct. 2005, 11 pages. |
| Jacobson, Van et al., “Content-Centric Networking, Whitepaper Describing Future Assurable Global Networks”, Palo Alto Research Center, Inc., Jan. 30, 2007, pp. 1-9. |
| Koponen, Teemu et al., “A Data-Oriented (and Beyond) Network Architecture”, SIGCOMM '07, Aug. 27-31, 2007, Kyoto, Japan, XP-002579021, p. 181-192. |
| Jacobson, Van at al. VoCCN: Voice Over Content-Centric Natworks. Dec. 1, 2009. ACM ReArch'09. |
| Rosenberg, J. “Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols”, Apr. 2010, pp. 1-117. |
| Shih, Eugene et al., ‘Wake on Wireless: An Event Driven Energy Saving Strategy for Battery Operated Devices’, Sep. 23, 2002, pp. 160-171. |
| Fall, K. et al., “DTN: an architectural retrospective”, Selected areas in communications, IEEE Journal on, vol. 28, No. 5, Jun. 1, 2008, pp. 828-835. |
| Gritter, M. et al., ‘An Architecture for content routing support in the Internet’, Proceedings of 3rd Usenix Symposium on Internet Technologies and Systems, 2001, pp. 37-46. |
| “CCNx,” http://ccnx.org/. downloaded Mar. 11, 2015. |
| “Content Delivery Network”, Wikipedia, Dec. 10, 2011, http://en.wikipedia.org/w/index.php?title=Content_delivery_network&oldid=465077460. |
| “Digital Signature” archived on Aug. 31, 2009 at http://web.archive.org/web/20090831170721/http://en.wikipedia.org/wiki/Digital_signature. |
| “Introducing JSON,” http://www.json.org/. downloaded Mar. 11, 2015. |
| “Microsoft PlayReady,” http://www.microsoft.com/playready/.downloaded Mar. 11, 2015. |
| “Pursuing a pub/sub internet (PURSUIT),” http://www.fp7-pursuit.ew/PursuitWeb/. downloaded Mar. 11, 2015. |
| “The FP7 4WARD project,” http://www.4ward-project.eu/. downloaded Mar. 11, 2015. |
| A. Broder and A. Karlin, “Multilevel Adaptive Hashing”, Jan. 1990, pp. 43-53. |
| Detti, Andrea, et al. “CONET: a content centric inter-networking architecture.” Proceedings of the ACM SIGCOMM workshop on Information-centric networking, ACM, 2011. |
| A. Wolman, M. Voelker, N. Sharma N. Cardwell, A. Karlin, and H.M. Levy, “On the scale and performance of cooperative web proxy caching,” ACM SIGHOPS Operating Systems Review, vol. 33, No. 5, pp. 16-31. Dec. 1993. |
| Afanasyev, Alexander, et al. “Interest flooding attack and countermeasures in Named Data Networking.” IFIP Networking Cenference, 2013. IEEE, 2013. |
| Ao-Jan Su, David R. Choffnes, Aleksandar Kuzmanovic, and Fabian E. Bustamante. Drafting Behind Akamai: Inferring Network Conditions Based on CDN Redirections. IEEE/ACM Translations on Networking {Feb. 2009). |
| B. Ahlgren et al., ‘A Survey of Information-centric Networking’ IEEE Commun. Magazine, Jul. 2012, pp. 26-36. |
| “PBC Library-Pairing-Based Cryptography-About,” http://crypto.stanford.edu/pbc. downloaded Apr. 27, 2015. |
| Bari, MdFaizul, et al. ‘A survey of naming and routing in information-centric networks.’ Communications Magazine. IEEE 50.12 (2012): 44-53. |
| Baugher, Mark et al., “Self-Verifying Names for Read-Only Named Data”, 2012 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Mar. 2012, pp. 274-279. |
| Brambley, Michael, A novel, low-cost, reduced-sensor approach for providing smart remote monitoring and diagnostics for packaged air conditioners and heat pumps. Pacific Northwest National Laboratory, 2009. |
| C. Gentry and A. Silverberg. Hierarchical ID-Based Cryptography. Advances in Crytology—ASIACRYPT 2002. Springer Berlin Heidelberg (2002). |
| C.A. Wood and E. Uzun, “Flexible end-to-end content security in CCN,” in Proc. IEEE CCNC 2014. Las Vegas CA, USA; Jan. 2014. |
| Carzaniga, Antonio, Matthew J. Rutherford, and Alexander L. Wolf. ‘A routing scheme for content-based networking’ INFOCOM 2004. Twenty-third Annual Joint Conference of the IEEE Computer and Communications Societies. vol. 2. IEEE, 2004. |
| Cho, Jin-Hee, Ananthram Swami, and Ray Chen. “A survey on trust management for mobile ad hoc networks.” Communications Surveys & Tutorials, IEEE 13.4 (2011): 562-583. |
| Compagno, Alberto, et al. “Poseidon: Mitigating interest flooding DDoS attacks in named data networking.” Local Computer Networks (LCN), 2013 IEEE 38th Conference on. IEEE, 2013. |
| Conner, William, et al. “A trust management framework for service-oriented environments.” Proceedings of the 18th international conference on World wide web. ACM, 2009. |
| Content Centric Networking Project (CCN) [online], http://ccnx.org/releases/latest/doc/technical/, Downloaded Mar. 9, 2015. |
| Content Mediator Architecture for Content-aware Networks (COMET) Project [online], http://www.comet-project.org/, Downloaded Mar. 9, 2015. |
| Boneh et al., “Collusion Resistant Broadcast Encryption With Short Ciphertexts and Private Keys”, 2005. |
| D. Boneh and M. Franklin. Identity-Based Encryption from the Well Pairing, Advances in Cryptology—CRYPTO 2001, vol. 2139, Springer Berlin Heidelberg (2001). |
| D.K. Smetters, P. Golle, and J.D. Thornton, “CCNx access control specifications,” PARC, Tech. Rep., Jul. 2010. |
| Dabirmoghaddam. Ali, Maziar Mizazad Barijough. and J. J. Garcia-Luna-Aceves. ‘Understanding Optimal caching and opportunistic caching all the edge of information-centric networks.’ Proceecings of the 1st internalional conference on Information-centric networking. ACM, 2014. |
| Detti et al., “Supporting the Web with an information centric network that routes by name”, Aug. 2012, Computer Networks 56. pp. 3705-3702. |
| Dijkstra, Edsger W., and Carel S. Scholten. ‘Termination detection for diffusing computations.’ Information Processing Letters 11.1 (1980): 1-4. |
| Dijkstra. Edsger W., Wim HJ Feijen, and A J M. Van Gasteren. “Derivation of a termination detection algorithm for distributed computations.” Control Flow and Data Flow: concepts of distributed programming Springer Berlin Heidelberg. 1986. 507-512. |
| E. Rescorla and N. Modadugu, “Datagram transport layer security,” IETF RFC 4347, Apr. 2006. |
| E.W. Dijkstra, W. Feijen, and A.J.M. Van Gasteren, “Derivation of a Termination Detection Algorithm for Distributed Computations,” Information Processing Letter, vol. 16, No. 5, 1983. |
| Fayazbakhsh, S. K., Lin, Y., Tooloonchian. A., Ghodsi. A., Koponen, T., Maggs, B., & Shenker, S. {Aug. 2013). Less pain, most of the gain: Incrementally deployable ICN, In ACM SIGCOMM Computer Communication Review (vol. 43, No. 4, pp. 147-158). ACM. |
| Anteniese et al., “Improved Proxy Re-Encryption Schemes with Applications to Secure Distributed Storage”, 2006. |
| G. Tyson, S. Kaune, S. Miles, Y. El-Khatib, A. Mauthe, and A. Taweel, “A trace-driven analysis of caching in content-centric networks,” in Proc. IEEE ICCCN 2012, Munich, Germany, Jul.-Aug. 2012, pp. 1-7. |
| G. Wang, Q. Liu, and J. Wu, “Hierarchical attribute-based encryption for fine-grained access control in cloud storage services.” in Proc. ACM CCS 2010, Chicago, IL, USA, Oct. 2010, pp. 735-737. |
| G. Xylomenos et al., “A Survey of Information-centric Networking Research,” IEEE Communication Surveys and Tutorials, Jul. 2013. |
| Garcia, Humberto E., Wen-Chiao Lin, and Semyon M. Meerkov. “A resilient condition assessment monitoring system.” Resilient Control Systems (ISRCS), 2012 5th International Symposium on. IEEE, 2012. |
| Garcia-Luna-Aceves, Jose J. ‘A unified approach to loop-tree routing using distance vectors or ink states.’ ACM SIGCOMM Computer Communication Review. vol. 19. No. 4. ACM, 1989. |
| Garcia-Luna-Aceves, Jose J. ‘Name-Based Content Routing in Information Centric Networks Using Distance Information’ Proc ACM ICN 2014, Sep. 2014. |
| Ghali, Cesar, GeneTsudik, and Ersin Uzun. “Needle in a Haystack: Mitigating Content Poisoning in Named-Data Networking.” Proceedings oF NDSS Workshop on Security of Emerging Networking Technologies (SENT). 2014. |
| Ghodsi, Ali, et al. “Information-centric networking: seeing the forest for the trees.” Proceedings of the 10th ACM Workshop on Hot Topics in Networks. ACM, 2011. |
| Ghodsi, Ali, et al. “Naming in content-oriented architectures.” Proceedings of the ACM SIGCOMM workshop on Information-centric networking. ACM, 2011. |
| Gugta, Anjali, Barbara Liskov, and Rodrigo Rodrigues. “Efficient Routing for Peer-to-Peer Overlays.” NSDI. vol. 4. 2004. |
| Xiong et al., “CloudSeal: End-to-End Content Protection in Cloud-based Storage and Delivery Services”, 2012. |
| Heckerman, David, John S. Breese, and Koos Rommelse. “Decision-Theoretic Troubleshooting.” Communications of the ACM. 1995. |
| Heinemeier, Kristin, et al. “Uncertainties in Achieving Energy Savings from HVAC Maintenance Measures in the Field.” ASHRAE Transactions 118.Part 2 {2012). |
| Herllch, Matthias et al., “Optimizing Energy Efficiency for Bulk transfer Networks”. Apr. 13, 2010, pp. 1-3, retrieved for the Internet: URL:http://www.cs.uni-paderborn.de/fileadmin/informationik/ag-karl/publication/miscellaneous/optimizing.pdf (retrieved on Mar. 9, 2012). |
| Hoque et al., ‘NLSR: Named-data Link State Routing Protocol’, Aug. 12, 2013, ICN 2013, pp. 15-20. |
| https://code.google.com/p/ccnx-trace/. |
| I. Psaras, R.G. Clegg, R. Landa, W.K. Chai, and G. Pavlou, “Modelling and Evaluation of CCN-caching trees,” in Proc. IFIP Networking 2011, Valencia, Spain, May 2011, pp. 78-91. |
| Intanagonwiwat, Chatermek, Ramesh Govinden, and Deborah Estrin, ‘Directed diffusion: a scalable and robust communication paradigm for sensor networks.’ Proceedings of the 6th annual international conference on Mobile computing and networking, ACM, 2000. |
| J. Aumasson and D. Bernstein, “SipHash: a fast short-input PRF”, Sep. 18, 2012. |
| J. Bethencourt, A, Sahai, and B. Waters, ‘Ciphertext-policy attribute-based encryption,’ in Proc. IEEE Security & Privacy 2007, Berkeley, CA, USA, May 2007, pp. 321-334. |
| J. Hur, “Improving security and efficiency in attribute-based data sharing,” IEEE Trans. Knowledge Data Eng., vol. 25, No. 10, pp. 2271-2282, Oct. 2013. |
| J. Shao and Z. Cao. CCA—Secure Proxy Re-Encryption without Pairings. Public Key Cryptography. Springer Lecture Notes in Computer Sciencevol. 5443 (2009). |
| V. Jacobson et al., ‘Networking Named Content,’ Proc. IEEE CoNEXT '09, Dec. 2009. |
| Jacobson et al., “Custodian-Based information Sharing,” Jul. 2012, EEEE Communications Magazine: vol. 50 Issue 7 (p. 3843). |
| Ji, Kun, et al. “Prognostics enabled resilient control for model-based building automation systems.” Proceedings of the 12th Conference of International Building Performance Simulation Association. 2011. |
| K. Liang, I. Fang, W. Susilo, and D.S. Wong, “A Ciphertext-policy attribute-based proxy re-encryption with chosen-ciphertext security,” in Proc. INCoS 2013, Xian, China, Sep. 2013, pp. 552-559. |
| Katipamula, Srinivas, and Michael R. Brambley. “Review article: methods for fault detection, diagnostics, and prognostics for building systemsa review, Part I.” HVAC&R Research 11.1 (2005): 3-25. |
| Katipamula, Srinivas, and Michael R. Brambley. “Review article: methods for fault detection, diagnostics, and prognostics for building systemsa review, Part II.” HVAC&R Research 11.2 (2005): 169-187. |
| L. Wang et al., ‘OSPFN: An OSPF Based Routing Protocol for Named Data Networking,’ Technical Report NDN-0003, 2012. |
| L. Zhou, V. Varadharajan, and M Hitchens, “Achieving secure role-based access control on encrypted data in cloud storage,” IEEE Trans. Inf. Forensics Security, vol. 8, No. 12, pp. 1947-1960, Dec. 2013. |
| Li, Wenja, Anupam Joshi, and Tim Finin “Coping with node misbehaviors in ad hoc networks: A multi-dimensional trust management approach.” Mobile Data Management (MDM), 2010 Eleventh International Conference on IEEE, 2010. |
| Lopez, Javier, et al. “Trust management systems for wireless sensor networks: Best practices.” Computer Communications 33.9 (2010): 1086-1093. |
| Gopal et al. “Integrating content-based Mechanisms with hierarchical File systems”, Feb. 1999, University of Arizona, 15 pages. |
| M. Green and G. Ateniese, “Identity-based proxy re-encryption,” in Proc. ACNS 2007, Zhuhai, China, Jun. 2007, pp. 288-306. |
| M. Ion, J. Zhang, and E.M. Schooler, “Toward content-centric privacy in ICN: Attribute-based encryption and routing,” in Proc. ACM SIGCOMM ICN 2013, Hong Kong, China, Aug. 2013, pp. 39-40. |
| M. Naor and B. Pinkas “Efficient trace and revoke schemes,” in Proc. FC 2000, Anguilla, British West Indies, Feb. 2000, pp. 1-20. |
| M. Nystrom, S. Parkinson, A. Rusch, and M. Scott, “PKCS#12: Personal information exchange syntax v. 1.1,” IETF RFC 7292, K. Moriarty, Ed., Jul. 2014. |
| M. Parsa and J.J. Garcia-Luna-Aceves, “A Protocol for Scalable Loop-free Multicast Routing.” IEEE JSAC, Apr. 1997. |
| M. Walfish, H. Balakrishnan, and S. Shenker, “Untangling the web from DNS,” in Proc. USENEX NSDI 2004, Oct. 2010, pp, 735-737. |
| Mahadevan, Priya, et al. “Orbis: rescaling degree correlations to generate annotated internet topologies.” ACM SIGCOMM Computer Communication Review. vol. 37. No. 4. ACM, 2007. |
| Mahadevan, Priya, et al. “Systematic topology analysis and generation using degree correlations.” ACM SIGCOMM Computer Communication Review. vol. 36, No. 4, ACM, 2006. |
| Matocha, Jeff, and Tracy Camp. ‘A taxonomy of distributed termination detection algorithms.’ Journal of Systems and Software 43.3 (1998): 207-221. |
| Matteo Varvello et al., “Caesar: A Content Router for High Speed Forwarding”, ICN 2012, Second Edition on Information-Centric Networking, New York, Aug. 2012. |
| McWilliams, Jennifer A., and Iain S. Walker. “Home Energy Article: A Systems Approach to Retrofitting Residential HVAC Systems.” Lawrence Berkeley National Laboratory (2005). |
| Merindol et al., “An efficient algorithm to enable path diversity in link state routing networks”, Jan. 10, Computer Networks 55 (2011), pp. 1132-1140. |
| Mobility First Project [online], http://mobilityfirst.winlab.rutgers.edu/, Downloaded Mar. 9, 2015. |
| Narasimhan, Sriram, and Lee Brownston. “HyDE—A General Framework for Stochastic and Hybrid Modelbased Diagnosis.” Proc. DX 7 (2007): 162-169. |
| NDN Project [online], http://www.named-data.net/, Downloaded Mar. 9, 2015. |
| Omar, Mawloud, Yacine Challal, and Abdelmadjid Bouabdallah. “Certification-based trust models in mobile ad hoc networks: A survey and taxonomy.” Journal of Network and Computer Applications 35.1 (2012): 268-286. |
| P. Mahadevan, E. Uzun, S. Sevilla, and J. Garcia-Luna-Aceves, “CCN-krs: A key resolutiion service for loci,” in Proceedings of the 1st International Conference on Information-centric Networking, Ser. INC '14 New York, NY, USA: ACM, 2014, pp. 97-106 [Online]. Avaliable: http://doi.acm.org/10.1145/2660129.2660154. |
| R. H. Deng, J. Weng, S. Liu, and K. Chen. Chosen-Ciphertext Secure Proxy Re-Encryption without Pairings. CANS. Spring Lecture Notes in Computer Science vol. 5339 (2008). |
| S. Chow, J. Weng, Y. Yang, and R. Deng. Efficient Unidirectional Proxy Re-Encryption. Progress in Cryptology—AFRICACRYPT 2010. Springer Berlin Heidelberg (2010). |
| S. Deering, “Multicast Routing in Internetworks and Extended LANs,” Proc. ACM SIGCOMM '88, Aug. 1988. |
| S. Deering et al., “The PIM architecture for wide-area muiticast routing” IEEE/ACM Trans, on Networking, vol. 4, No. 2, Apr. 1996. |
| S. Jahid, P. Mittal, and N. Borisov. “EASIER: Encryption-based access control in social network with efficient revocation,” in Proc. ACM ASIACCS 2011, Hong Kong, China, Mar. 2011, pp. 411-415. |
| S. Kamara and K. Lauter, “Cryptographic cloud storage,” in Proc. FC 2010, Tenerife, Canary Islands, Spain, Jan. 2010, pp. 136-149. |
| S. Kumar et al. “Peacock Hashing: Deterministic and Updatable Hashing for High Performance Networking,” 2008, pp. 556-564. |
| S. Misra, R. Tourani, and N.E. Majd, “Secure content delivery in information-centric networks: Design, implementaiton, and analysis,” in Proc. ACM SIGCOMM ICN 2013, Hong Kong, China, Aug. 2013, pp. 73-76. |
| S. Yu, C. Wang, K. Ren, and W. Lou, “Achieving secure, scalable, and fine-grained data access control in cloud computing,” in Proc. IEEE INFOCOM 2010, San Diego, CA, USA, Mar. 2010, pp. 1-9. |
| S.J. Lee, M. Gerla, and C. Chiang, “On-demand Multicast Routing Protocol in Multihop Wireless Mobile Networks,” Mobile Networks and Applications, vol. 7, No. 6, 2002. |
| Sandvine, Global Internet Phenomena Report—Spring 2012. Located online at http://www.sandvine.com/downloads/ documents/Phenomenal H 2012/Sandvine Global Internet Phenomena Report 1H 2012.pdf. |
| Scalable and Adaptive Internet Solutions (SAIL) Project [online], http://sail-project.eu/ Downloaded Mar. 9, 2015. |
| Schein, Jeffrey, and Steven T. Bushby. A Simulation Study at a Hierarchical, Rule-Based Method for System-Level Fault Detection and Diagnostics in HVAC Systems. US Department of Commerce, [Technology Administration], National Institute of Standards and Technology, 2005. |
| Shani, Guy, Joelle Pineau, and Robert Kaplow. “A survey of point-based POMDP solvers.” Autonomous Agents and Multi-Agent Systems 27.1 (2013): 1-51. |
| Sheppard, John W., and Stephyn GW Butcher. “A formal analysis of fault diagnosis wrth d-matrices.” Journal of Electronic Testing 23.4 (2007): 309-322. |
| Shneyderman, Alex et al., ‘Mobile VPN: Delivering Advanced Services in Next Generation Wireless Systems’, Jan. 1, 2003, pp. 3-29. |
| Solis, Ignacio, and J. J. Garcia-Luna-Aceves. ‘Robust content dissemination in disrupted envieronments.’ proceedings of the third ACM workshop on Challenged networks. ACM, 2008. |
| Sun, Ying, and Daniel S. Weld. “A framework for model-based repair.” AAAI. 1993. |
| T. Ballardie, P. Francis, and J. Crowcroft, “Core Based Trees (CBT),” Proc. ACM SIGCOMM '88, Aug. 1988. |
| T. DIERTS, “The transport layer security (TLS) protocol version 1.2,” IETF RFC 5246, 2008. |
| T. Koponen, M. Chawla, B.-G. Chun, A. Ermolinskiy, K.H. Kim, S. Shenker, and I. Stoica, ‘A data-oriented (and beyond) network architecture,’ ACM SIGCOMM Computer Communication Review, vol. 37, No. 4, pp 181-192, Oct. 2007. |
| The Despotify Project (2012). Available online at http://despotify.sourceforge.net/. |
| V. Goyal, O. Pandey, A. Sahai. and B. Waters, “Attribute-based encryption for fine-grained access control of encrypted data,” in Proc. ACM CCS 2006. Alexandria, VA, USA, Oct.-Nov. 2006, pp. 89-98. |
| V. Jacobson, D.K. Smetters, J.D. Thornton, M.F. Plass, N.H. Briggs, and R.L. Braynard, ‘Networking named content,’ in Proc. ACM CoNEXT 2009, Rome, Italy, Dec. 2009, pp. 1-12. |
| V. K. Adhikari, S. Jain, Y. Chen, and Z.-L. Zhang. Vivisecting Youtube:An Active Measurement Study. In INFOCOM12 Mini-conference (2012). |
| Verma, Vandi, Joquin Fernandez, and Reid Simmons. “Probabilistic models for monitoring and fault diagnosis.” The Second IARP and IEEE/RAS Joint Workshop on Technical Challenges for Dependable Robots in Human Environments Ed. Raja Chatila. Oct. 2002. |
| Vijay Kumar Adhikari, Yang Guo, Fang Hao, Matteo Varvello, Volker Hilt, Moritz Steiner, and Zhi-Li Zhang Unreeling Netflix: Understanding and Improving Multi-CDN Movie Delivery. In the Proceedings of IEEE INFOCOM 2012 (2012). |
| Vutukury, Srinivas, and J. J. Garcia-Luna-Aceves. A simpie approximation to minimum-delay routing. vol. 29. No. 4. ACM, 1999. |
| W.-G. Tzeng and Z.-J. Tzeng, “A public-key trailor tracing scheme with revocation using dynamic shares,” in Proc. PKC 2001, Cheju Island, Korea, Feb. 2001, pp. 207-224. |
| Waldvogel, Marcel “Fast Longest Prefix Matching: Algorithms, Analysis, and Applications”, A dissertation submitted to the Swiss Federal Institute of Technology Zurich, 2002. |
| Walker, Iain S. Best practices guide for residential HVAC Retrofits. No. LBNL-53592. Ernest Orlando Lawrence Berkeley National Laboratory, Berkeley, CA (US), 2003. |
| Wang; Jiangzhe et al., “DMND: Collecting Data from Mobiles Using Named Data”, Vehicular Networking Conference, 2010 IEEE, pp. 49-56. |
| Xylomenos, George, et al. “A survey of information-centric networking research.” Communications Surveys & Tutorials, IEEE 16.2 (2014): 1024-1049. |
| Yi, Cheng, et al. ‘A case for stateful forwarding plane.’ Computer Communications 36.7 (2013): 779-791. |
| Yi, Cheng, et al. ‘Adaptive forwarding in named data networking.’ ACM SIGCOMM computer communication review 42.3 (2012): 62-67. |
| Zaharladis, Theodore, et al. “Trust management in wireless sensor networks.” European Transactions on Telecommunications 21.4 (2010): 386-395. |
| Zhang, et al., “Named Data Networking (NDN) Project”, http://www.parc.com/publication/2709/named-data-networking-ndn-project.html, Oct. 2010, NDN-0001, PARC Tech Report. |
| Zhang, Lixia, et al. ‘Named data networking.’ ACM SIGCOMM Computer Communication Review 44.3 {2014): 66-73. |
| Soh et al., “Efficient Prefix Updates for IP Router Using Lexicographic Ordering and Updateable Address Set”, Jan. 2008, IEEE Transactions on Computers, vol. 57, No. 1. |
| Beben et al., “Content Aware Network base on Virtual Infrastructure”, 2012 13th ACIS International Conference on Software Engineering. |
| Biradar et al., “Review of multicast routing mechanisms in mobile ad hoc networks”, Aug. 16, Journal of Network and Computer Applications 35 (2012) 221-229. |
| D. Trossen and G. Parisis, “Designing and realizing and information-centric internet,” IEEE Communications Magazing, vol. 50, No. 7, pp. 60-67, Jul. 2012. |
| Garcia-Luna-Aceves et al., “Automatic Routing Using Multiple Prefix Labels”, 2012, IEEE, Ad Hoc and Sensor Networking Symposium. |
| Gasti, Paolo et al., ‘DoS & DDoS in Named Data Networking’, 2013 22nd International Conference on Computer Communications and Networks (ICCCN), Aug. 2013, pp. 1-7. |
| Ishiyama, “On the Effectiveness of Diflusive Content Caching in Content-Centric Networking”, Nov. 5, 2012, IEEE, Information and Telecommunication Technologies (APSITT), 2012 9th Asia-Pacific Symposium. |
| J. Hur and D.K. Noh, “Attribute-based access control with efficient revocation in data outsourcing systems,” IEEE Trans. Parallel Distrib. Syst. vol. 22, No. 7, pp. 1214-1221, Jul. 2011. |
| J. Lotspiech, S. Nusser, and F. Pestoni. Anonymous Trust: Digit. |
| Kaya et al., “A Low Power Lookup Technique for Multi-Hashing Network Applications”, 2006 IEEE Computer Society Annual Symposium on Emerging VLSI Technologies and Architectures, Mar. 2006. |
| S. Kamara and K. Lauter. Cryptographic Cloud Storage. Financial Cryptography and Data Security. Springer Berling Heidelberg (2010). |
| RTMP (2009). Avaliable online at http://wwwimages.adobe.com/www.adobe.com/content/dam/Adobe/en/devnet/rtmp/ pdf/rtmp specification 1.0.pdf. |
| Hoque et al., “NLSR: Named-data Link State Routing Protocol”, Aug. 12, 2013, ICN'13. |
| Nadeem Javaid, “Analysis and design of quality link metrics for routing protocols in Wireless Networks”, PhD Thesis Defense, Dec. 15, 2010, Universete Paris-Est. |
| Wetherall, David, “Active Network vision and reality: Lessons form a capsule-based system”, ACM Symposium on Operating Systems Principles, Dec. 1, 1999, pp. 64-79. |
| Kulkarni A.B. et al., “Implementation of a prototype active network”, IEEE, Open Architectures and Network Programming, Apr. 3, 1998, pp. 130-142. |
| Xie et al. “Collaborative Forwarding and Caching in Content Centric Networks”, Networking 2012. |
| Lui et al. (A TLV Structured Data Naming Scheme for Content-Oriented Networking, pp. 5822-5827, International Workshop on the Network of the Future, Communications (ICC), 2012 IEEE International Conference on Jun. 10-15, 2012) |
| Peter Dely et al. “OpenFlow for Wireless Mesh Networks” Computer Communications and Networks, 2011 Proceedings of 20th International Conference on, IEEE, Jul. 31, 2011 (Jul. 31, 2011), pp. 1-6. |
| Gamepudi Parimala et al “Proactive, reactive and hybrid multicast routing protocols for Wireless Mesh Networks”, 2013 IEEE International Conference on Computational Intelligence and Computing Research, IEEE, Dec. 26, 2013, pp. 1-7. |
| Tiancheng Zhuang et al. “Managing Ad Hoc Networks of Smartphones”, International Journal of Information and Education Technology, Oct. 1, 2013. |
| Amadeo et al. “Design and Analysis of a Transport-Level Solution for Content-Centric VANETs”, University “Mediterranea” of Reggio Calabria, Jun. 15, 2013. |
| Number | Date | Country | |
|---|---|---|---|
| 20180337902 A1 | Nov 2018 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 15154825 | May 2016 | US |
| Child | 16051897 | US |
