In general, the invention features methods by which more than one client program connected to a network stores the same data item on a storage device of a data repository connected to the network. In one aspect, the method comprises encrypting the data item using a key derived from the content of the data item, determining a digital fingerprint of the data item, and storing the data item on the storage device at a location or locations associated with the digital fingerprint. In a second aspect, the method comprises determining a digital fingerprint of the data item, testing for whether the data item is already stored in the repository by comparing the digital fingerprint of the data item to the digital fingerprints of data items already in storage in the repository, and challenging a client that is attempting to deposit a data item already stored in the repository, to ascertain that the client has the full data item.
CROSS-REFERENCE TO RELATED APPLICATIONS
This application is a divisional application of and claims priority to U.S. application Ser. No. 09/785,535, filed on Feb. 16, 2001, which claims priority from U.S. Provisional Application Ser. No. 60/183,466, filed Feb. 18, 2000.
Conventional virus detection software monitors incoming arrivals of network traffic. Retroactive analysis and/or monitoring of previously accepted traffic is not included in the scope of protection. A retroactive virus detection and propagation history tracking mechanism provides identification of successive recipients of a newly discovered virus which may have eluded detection during the lag time prior to effecting the detection of a new virus. A propagation history maintains a set of recipients receiving a potentially harmful transmission. Upon detection of a particular transmission or portion thereof as being a virus, the propagation history contains a set of infected recipients, which the tracking mechanism notifies so as to perform remedial action and contain the virus to the known set of infected recipients. In this manner, configurations of the invention maintain a set of successive recipients of a virus, and retroactively track and contain the newly propagated virus once detected.
A method and apparatus are provided for performing health check requests on one or more network devices or network resources. The method and apparatus provide a build tool for building a health check request having an extensible data format adaptable to a protocol supported by the network device or network resource of concern. The health check request can be built using data captured from a unit of network traffic on a transmission medium or with data provided via a user interface, or a combination of both. A health check request built using the method or apparatus can support any protocol including proprietary protocols avoiding the need for a requestor to learn a protocol format in order to build a health check request checking an operational characteristic of a network device or network resource. The method and apparatus allow this to be accomplished using data captured from a successful transaction.
Content-based addressing is used to navigate forward, backward and in a circular fashion through documents in a content space. To enable backward navigation, a descriptor file is created for a new version that contains not only a message digest for the new version, but also a message digest of the older document. A message digest is created for the descriptor file. A user navigates backward starting with the message digest of the descriptor file. To enable forward navigation, a mapping table maps a message digest of an older document into the message digest of the new version. A high-level descriptor file contains the message digest of the original document and the message digest of the mapping table. The message digest of the high-level descriptor file is returned to the user. A user navigates forward starting with the high-level descriptor file message digest. To enable circular navigation, a mapping table maps a message digest of a second document into a message digest of a version of the second document containing a message digest of a first document. The techniques are combined to allow navigation through a complex content space.
A hash function used for content addressing is different from the hash function used for content verification. Adding a file to a database involves storing both hash function values in a table as pair. Verifying the integrity of a file believed to be a duplicate in a database, or when retrieving a file, makes use of the verification hash function. Files can be continuously checked. A multi-level database can be used. A second hash function can be added to an existing system. A verification hash function can be upgraded and more than one content verification hash function can be used. In a variation, a random number generator is used instead of a hash function for content addressing; the verification hash function is also used. Files addressed using a random number are added or retrieved from a database and their verification hash values are checked. Time stamps and digital signatures are used for security.
In general, the invention features methods by which more than one client program connected to a network stores the same data item on a storage device of a data repository connected to the network. In one aspect, the method comprises encrypting the data item using a key derived from the content of the data item, determining a digital fingerprint of the data item, and storing the data item on the storage device at a location or locations associated with the digital fingerprint. In a second aspect, the method comprises determining a digital fingerprint of the data item, testing for whether the data item is already stored in the repository by comparing the digital fingerprint of the data item to the digital fingerprints of data items already in storage in the repository, and challenging a client that is attempting to deposit a data item already stored in the repository, to ascertain that the client has the full data item.
