Abstract: Managing content by influencing its distribution in the form of blocks or other units is crucial to the performance of a peer-to-peer content distribution system. We provide a content management module at each peer node to achieve this. The content management module implements a content request/response cycle in order to negotiate about blocks of content with other peer nodes. This cycle comprises an offer request, offer reply and a block request. These steps are preferably followed by data exchange and verification. The negotiation protocol used by our content management module provides a generic method that is advantageously used in conjunction with different encoding schemes such as full network coding and group network coding. In one embodiment we use group network coding and add information to the offer request and offer reply to facilitate efficient content distribution. Block request messages are selected to promote the use of on-the-fly decoding where possible.

Abstract: A computer implemented method and system enable users to share files in a server-less shared space. By providing access to such spaces via a visual presentation, the system renders content available for access by other group members. Access is sometimes provided through propagation of metadata or other uniquely identifying indicia associated with the shared space to all group members.

Abstract: A serverless name resolution protocol ensures convergence despite the size of the network, without requiring an ever-increasing cache and with a reasonable numbers of hops. This convergence is ensured through a multi-level cache and a proactive cache initialization strategy. The multi-level cache is built based on a circular number space. Each level contains information from different levels of slivers of the circular space. A mechanism is included to add a level to the multi-level cache when the node determines that the last level is full. A peer-to-peer name resolution protocol (PNRP) includes a mechanism to allow resolution of names which are mapped onto the circular number space through a hash function. Further, the PNRP may also operate with the domain name system by providing each node with an identification consisting of a domain name service (DNS) component and a unique number.

Abstract: An extensible data structure for messages in a peer to peer name resolution protocol is presented. This message data structure utilizes a number of fields, each containing a message element. Preferably, the first field is the message header that includes protocol information and identifies the type of message. Each message element contains a number of fields. These message element fields include a type field, a length field, and the content or payload of the message element. In one embodiment, at least ten messages are formed for proper operation of a Peer To Peer Name Resolution Protocol (PNRP), including RESOLVE, RESPONSE, SOLICIT, ADVERTISE, REQUEST, FLOOD, INQUIRE, AUTHORITY, ACK, and REPAIR messages.

Abstract: Systems, including apparatus and methods, for obtaining and/or correcting images, particularly from atmospheric and/or other distortions. These corrections may involve, among others, determining corrective information in a first (e.g., visible) wavelength regime, and then applying the corrective information in a second (e.g., longer) wavelength regime, such as infrared (IR) or millimeter-wave (MMW) wavelengths, in real time or with post-processing. For example, these corrections may include scaling a phase diversity correction from one wavelength to another. These systems may be useful in any suitable imaging context, including navigation, targeting, search and rescue, law enforcement, and/or surveillance, among others.

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract: A system and method for providing security to a graph of interconnected nodes includes a grouping multiplexing layer configured to monitor calls to the system, a graphing dynamic link layer configured to transmit and receive data to and from the graph, and a group security manager coupled to the grouping multiplexing layer and coupled to the graphing dynamic link layer; the group security manager is configured to perform security-related acts via interacting with a group database to propagate security-related information to members of a group within the graph. The group security manager is configured to provide role-based authorization on publication of one or more records and provide membership control for admission to a graph of interconnected nodes. The group security manager provides membership control by providing credentials to potential members of the graph to enable a connection and by providing a governed system for renewal and revocation of members.

Abstract: Imaging systems in which an undedicated optical component—-i.e., a component that would be present in the system even in the absence of image stabilization—is configured to undergo corrective motion and/or other correction of image data, and thus to function as a stabilization component. The stabilization component may be a mirror and/or a lens, and a positioner may be provided to tilt, rotate, and/or otherwise precisely adjust the position and orientation of the stabilization component to improve image resolution, compensate for platform motions, and/or improve image tracking. Because an undedicated optical component functions as the stabilization component, the stabilization occurs upstream, rather than downstream, from separation (if any) of the incoming image data into two or more beams.

Abstract: A method for use in a peer-to-peer communication system to ensure valid connections are made in a secure manner includes the steps of receiving an address record for a peer node which includes an ID certificate. The ID certificate is validated and checked to verify that the ID certificate has not expired. Further, the method determines if the node from whom the address record was received is to be trusted, and the number of instances of the IP address included in the certificate is already stored in cache. When the foregoing are completed successfully, i.e. the certificate is valid, not expired, has been supplied by a trusted neighbor, and does not point to an IP address that already exists for different ID's multiple times, the method opportunistically verifies ownership of the ID certificate at the peer node's IP address. That is, the verification of ownership only occurs when the advertiser of the ID is the owner of that ID (or when the ID is to be used).

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract: A serverless name resolution protocol ensures convergence despite the size of the network, without requiring an ever-increasing cache and with a reasonable numbers of hops. This convergence is ensured through a multi-level cache and a proactive cache initialization strategy. The multi-level cache is built based on a circular number space. Each level contains information from different levels of slivers of the circular space. A mechanism is included to add a level to the multi-level cache when the node determines that the last level is full. A peer-to-peer name resolution protocol (PNRP) includes a mechanism to allow resolution of names which are mapped onto the circular number space through a hash function. Further, the PNRP may also operate with the domain name system by providing each node with an identification consisting of a domain name service (DNS) component and a unique number.

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.

Abstract: A peer-to-peer cache architecture stores peer address certificates in different cache segments according to the number of IDs being stored and their relative distance in the peer name space. The cache instantiates regions of decreased range and increased granularity as additional information from close peers is learned. In a large peer cloud where the number of instantiated IDs is not known, each succeeding cache region covers one tenth of the preceding cache region. For peers with multiple IDs registered locally, the segmented cache of the present invention combines overlapping segments of the same granularity to eliminate the duplication of information that would otherwise occur. A cache tree, an instantiated segment tree, and an uninstantiated segment tree are arranged in red-black trees to simplify the search and proper placement and instantiation of information.

Abstract: A system and method for automated reporting of performance of computer system components uses a plurality of reporting clients for tracking system performance data and one or more reporting servers for automatically generating performance reports based on the performance data collected by the reporting clients. To provide extensibility, a plug-in module is provided for each of the reporting clients. The plug-in module registers performance metrics for a system component with the reporting client, tracks the performance metrics, and passes data on the performance metrics to the reporting client for reporting to the reporting server.

Abstract: A system and method for providing security to a graph of interconnected nodes includes a grouping multiplexing layer configured to monitor calls to the system, a graphing dynamic link layer configured to transmit and receive data to and from the graph, and a group security manager coupled to the grouping multiplexing layer and coupled to the graphing dynamic link layer; the group security manager is configured to perform security-related acts via interacting with a group database to propagate security-related information to members of a group within the graph. The group security manager is configured to provide role-based authorization on publication of one or more records and provide membership control for admission to a graph of interconnected nodes. The group security manager provides membership control by providing credentials to potential members of the graph to enable a connection and by providing a governed system for renewal and revocation of members.

Abstract: A wheel protection system for moving a hose or cable on a working surface away from the wheels of a movable device, such as a portable welder. The wheel protection system includes a separate wheel guard positioned to at least partially surround each wheel of the movable device. Each wheel guard is mounted by a resilient mounting structure that allows the wheel guard to deflect upward upon contacting an irregularity on the working surface. Each wheel guard is independently mounted such that the device can be used on an irregular surface.

Abstract: A security infrastructure and methods are presented that inhibit the ability of a malicious node from disrupting the normal operations of a peer-to-peer network. The methods of the invention allow both secure and insecure identities to be used by nodes by making them self-verifying. When necessary or opportunistic, ID ownership is validated by piggybacking the validation on existing messages. The probability of connecting initially to a malicious node is reduced by randomly selecting to which node to connect. Further, information from malicious nodes is identified and can be disregarded by maintaining information about prior communications that will require a future response. Denial of service attacks are inhibited by allowing the node to disregard requests when its resource utilization exceeds a predetermined limit. The ability for a malicious node to remove a valid node is reduced by requiring that revocation certificates be signed by the node to be removed.