Abstract: A method includes receiving data objects, determining a predicted lifespan of each data object, and instantiating multiple shard files. Each shard file has an associated predicted lifespan range. The method also includes writing each data object into a corresponding shard file having the associated predicted lifespan range that includes the predicted lifespan of the respective data object and storing the shard files in a distributed system. The method also includes determining whether any stored shard files satisfy a compaction criteria based on a number of deleted data objects in each corresponding stored shard file. For each stored shard file satisfying the compaction criteria, the method also includes compacting the stored shard file by rewriting the remaining data objects of the stored shard file into a new shard file.

Abstract: A method includes receiving data objects, determining a predicted lifespan of each data object, and instantiating multiple shard files. Each shard file has an associated predicted lifespan range. The method also includes writing each data object into a corresponding shard file having the associated predicted lifespan range that includes the predicted lifespan of the respective data object and storing the shard files in a distributed system. The method also includes determining whether any stored shard files satisfy a compaction criteria based on a number of deleted data objects in each corresponding stored shard file. For each stored shard file satisfying the compaction criteria, the method also includes compacting the stored shard file by rewriting the remaining data objects of the stored shard file into a new shard file.

Abstract: A method includes receiving data objects, determining a predicted lifespan of each data object, and instantiating multiple shard files. Each shard file has an associated predicted lifespan range. The method also includes writing each data object into a corresponding shard file having the associated predicted lifespan range that includes the predicted lifespan of the respective data object and storing the shard files in a distributed system. The method also includes determining whether any stored shard files satisfy a compaction criteria based on a number of deleted data objects in each corresponding stored shard file. For each stored shard file satisfying the compaction criteria, the method also includes compacting the stored shard file by rewriting the remaining data objects of the stored shard file into a new shard file.

Abstract: A method includes receiving data objects, determining a predicted lifespan of each data object, and instantiating multiple shard files. Each shard file has an associated predicted lifespan range. The method also includes writing each data object into a corresponding shard file having the associated predicted lifespan range that includes the predicted lifespan of the respective data object and storing the shard files in a distributed system. The method also includes determining whether any stored shard files satisfy a compaction criteria based on a number of deleted data objects in each corresponding stored shard file. For each stored shard file satisfying the compaction criteria, the method also includes compacting the stored shard file by rewriting the remaining data objects of the stored shard file into a new shard file.

Abstract: Architecture for exposing a virtual private network of peer devices into the public domain via an overlay network. Computing devices, peripheral devices, as well as mobile devices can be physically distributed, but appear to belong to the same virtual private (or home) network, and be accessible from anywhere. Benefits include access to user media/documents from anywhere, searching of all connected devices from one location, multicast and broadcast connectivity, management of the private network and the associated policies, and device discovery on the private network from across public networks. P2P networks and ad-hoc networks can be exposed as a virtual interface, as well as the utilization of client operating systems to create the virtual network, grouping, graphing, the integration with relay services and other NAT/firewall traversal schemes, and the creation of a P2P overlay manager on a physical NIC (network interface card) address rather than a virtual address.

Abstract: A consolidated security application dashboard system is described wherein a plurality of endpoint systems include visibility agents that collect status and event attributes/metrics from a plurality of security applications and upload the information to datamarts on a backend server. The backend server aggregates and processed the security application attributes/metrics to enable configurable dashboards to present summary and detailed information to IT users about the security metrics relating to a group of endpoints.

Abstract: Systems and methods storage of adding a node entry to a routing table of an inquiring node of a data network are disclosed herein. An inquire message is transmitted to a publishing node. The publishing node can be configured to publish a routing entry which can be added by nodes of a network. An acknowledgment response can be received from the publishing node. The roundtrip time elapsed between transmitting the inquire message and receiving the response can be measured by the inquiring node. For all node registration entries in the routing table of the inquiring node a determination of whether the inquiring node is closest in locality to the publishing node than to a node corresponding to each node registration entry can be performed. Such determination can be made based on (a) the roundtrip time between nodes (b) node IP address prefix matching.

Abstract: Systems and methods storage of adding a node entry to a routing table of an inquiring node of a data network are disclosed herein. An inquire message is transmitted to a publishing node. The publishing node can be configured to publish a routing entry which can be added by nodes of a network. An acknowledgment response can be received from the publishing node. The roundtrip time elapsed between transmitting the inquire message and receiving the response can be measured by the inquiring node. For all node registration entries in the routing table of the inquiring node a determination of whether the inquiring node is closest in locality to the publishing node than to a node corresponding to each node registration entry can be performed. Such determination can be made based on (a) the roundtrip time between nodes (b) node IP address prefix matching.

Abstract: Architecture for exposing a virtual private network of peer devices into the public domain via an overlay network. Computing devices, peripheral devices, as well as mobile devices can be physically distributed, but appear to belong to the same virtual private (or home) network, and be accessible from anywhere. Benefits include access to user media/documents from anywhere, searching of all connected devices from one location, multicast and broadcast connectivity, management of the private network and the associated policies, and device discovery on the private network from across public networks. P2P networks and ad-hoc networks can be exposed as a virtual interface, as well as the utilization of client operating systems to create the virtual network, grouping, graphing, the integration with relay services and other NAT/firewall traversal schemes, and the creation of a P2P overlay manager on a physical NIC (network interface card) address rather than a virtual address.

Abstract: A method and system may provide a unified concept of presence across all connected hosts by providing a common point of access for all presence-related data on the system. The application abstraction layer may provide a common interface for all presence-enabled applications to access and publish information related to locally or remotely-executing presence applications. The application abstraction layer may push presence data to the presence-enabled applications, or each application may access the layer to gain presence data related to other applications. Also, the application abstraction layer may store all presence data locally or remotely.

Abstract: A system may publish authenticated contact information in a publicly available index store, retrieve the contact information, and validate it. The claimed method and system may provide a client-based, server optional approach to publishing. The publicly available index store may be a distributed hash table used in a peer-to-peer network. The system may be used in other secure directory service applications where a server may not be available or where server trust may be minimal.

Abstract: A system for providing secure asynchronous message publishing and retrieval in a serverless environment. The system may be used on ad-hoc and segmented networks such as peer-to-peer networks. The system may provide a method of sending and storing asynchronous message requests/responses via a Distributed Hash Table (DHT), a method for establishing RSS feeds via the asynchronous messaging service, a method for publishing a request for Internet Message buddy authorization and of retrieving pending buddy requests.

Abstract: The claimed method and system describes a dynamic construction of a virtual proxy using a set of virtual proxy hosts. The virtual proxy hosts may maintain a shared data store that contains a record of discovered services on a network. The virtual proxy hosts may work together to respond to discovery requests using the shared data store. Clients on a network having a virtual proxy host may be limited to unicast discovery requests with the virtual proxy host, thereby reducing broadcast traffic.

Abstract: A firewall functions normally to pass data on open ports to a respective service or endpoint associated with an open port. Invitations may sent to from an internal endpoint to an external peer-to-peer network endpoint inviting a connection back to the internal endpoint. Rather than leave ports open in a firewall for such connections, an invitation manager analyzes the invitation and in real time programs an exception in the firewall based on the invitation. The exceptions may be programmed for a limited duration, based on the nature of the internal endpoint. When an authenticated connection is required, a public key or handle to a public key for the external endpoint may be passed to the firewall for use in establishing the connection.

Abstract: The claimed invention adapts an existing operating system native replication service component to interface with a general application running on a peer-to-peer network. The claimed invention provides the general application with replication services without the need for coding this functionality from scratch. The claimed invention also adapts the replication service functionality to create a topology of connections based on information received from a peer-to-peer network component, thereby making the replication service function more efficiently with a peer-to-peer network.

Abstract: By adding a server as a node on a peer-to-peer network, the network may become more scalable, more reliable and more manageable, especially when the peer-to-peer network becomes very large.

Abstract: An application and its associated user interface provide a meeting window for use in organizing and holding meetings using peer-to-peer network facilities. The meeting window offers menu selections for choosing a network over which to hold the meeting and for discovering and inviting meeting participants. The meeting window includes three main panes, one each for managing attendees, for distributing files to attendees, and for streaming presentation materials real-time to attendees. Data streaming is also supported to network devices such as projectors. Control of the presentation may be delegated by the presentation owner to another attendee, and may also be revoked by the presentation owner. The real-time streaming of the presentation may be paused and resumed to accommodate meeting dynamics or real-time changes.

Abstract: A drag-and-drop user interface facilitates the selection and presentation of data to meeting participants from one of the peers in a peer-to-peer network. First icons associated with data for presentation may be dragged onto second icons associated with networked resources such as computers associated with meeting participants or other networked resources such as projectors. The data may be streamed from the presenter's computer to the networked resource over peer-to-peer network facilities such as a terminal services session.

Abstract: A method for creating, discovering, and joining meetings over a peer-to-peer network involves creation of a graph of meetings on a local subnet. When a meeting is created a meeting record is added to the graph where it may be discovered by other potential meeting attendees. A user may select from a list of meetings displayed in a meeting management window and send requested showing the selected meaning. Credentials, such as a password, may be supplied with the request. When the request is validated, information is sent to the requester for use in joining the meeting. When an ad hoc wireless session is used to hold a meeting the discovery process may further include analyzing data traffic to determine which wireless sessions are meetings.

Abstract: Users on a peer-to-peer network, particularly a local subnet or ad hoc wireless network, may publish first contact information to a graph or data store on the network. The first contact information may include a certificate with a public-key and a user identification, such as a peer name. Other users may discover the first contact information and use the first contact information to request additional information from the user. Data in the first contact information may also be “promoted” by adding the information to a trusted contacts database, allowing the user additional privileges. The user publishing the first contact information may be given the opportunity to approve or deny the request for additional information.