GB2438258A - Provision of personal data in a data communications network - Google Patents

Provision of personal data in a data communications network Download PDF

Info

Publication number
GB2438258A
GB2438258A GB0609684A GB0609684A GB2438258A GB 2438258 A GB2438258 A GB 2438258A GB 0609684 A GB0609684 A GB 0609684A GB 0609684 A GB0609684 A GB 0609684A GB 2438258 A GB2438258 A GB 2438258A
Authority
GB
United Kingdom
Prior art keywords
peer
server
network
overlay network
personal data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB0609684A
Other versions
GB0609684D0 (en
Inventor
Luke Michael Reid
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SKINKERS Ltd
Original Assignee
SKINKERS Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SKINKERS Ltd filed Critical SKINKERS Ltd
Priority to GB0609684A priority Critical patent/GB2438258A/en
Publication of GB0609684D0 publication Critical patent/GB0609684D0/en
Priority to PCT/EP2007/054603 priority patent/WO2007131971A1/en
Publication of GB2438258A publication Critical patent/GB2438258A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L29/08306
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1061Peer-to-peer [P2P] networks using node-based peer discovery mechanisms
    • H04L67/1065Discovery involving distributed pre-established resource-based relationships among peers, e.g. based on distributed hash tables [DHT] 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1087Peer-to-peer [P2P] networks using cross-functional networking aspects
    • H04L67/1091Interfacing with client-server systems or between P2P systems
    • H04L29/06047
    • H04L29/08072
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • H04L67/1044Group management mechanisms 
    • H04L67/1046Joining mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

This invention relates to the provision of personal data in a data communications network. When personal data becomes available to a user, the user can be notified via a peer-to-peer overlay network using a relatively low-security protocol. A relatively high-security client-server protocol connection separate to the peer-to-peer overlay network can then be established in order to allow the user to download the personal information. The invention has the advantage that sensitive information need not be sent when notifying the user of the availability of personal data, thus enabling a low-security protocol to be used in the notification, whilst using a high-security protocol for the download of the personal data, which high-security protocol may not be available for use via the peer-to-peer overlay network. Use of the invention also avoids the expense of high-security connections when they are not necessary and thus helps to reduce network load.

Description

<p>Provision of Personal Data in a Data Communications Network</p>
<p>Field of the Invention</p>
<p>The present invention relates to a method for the provision of personal data in a data communications network. The invention also relates to apparatus, and computer software, arranged to conduct the method of the invention.</p>
<p>Background of the Invention</p>
<p>Many companies have database driven websites that identif' users using information of a private nature, typically a username and password pair. Users can log in from time to time, browse content and access services which may be customised based on their preferences. In some situations, the company will want to alert users who are not currently logged into the system of new personal data in the shortest possible time. Typically in this case, a user will be sent an email prompting him to visit the website to access the new personal data in the database. In some applications, such as Internet banking, the user will then access his personal data using a secure connection.</p>
<p>However, in the case of some information services, new data may be considered old in a matter of minutes and there is therefore a need to alert a user in near real time, i.e. with low latency. Such services can be referred to as "desktop alert services." These services can be achieved using push technology.</p>
<p>Unfortunately, there are a number of problems associated with implementing push technology using the Internet, one of which being for a server to maintain open transmission control protocol/Internet protocol (TCP/IP) connections with numerous client terminals simultaneously. Without this, delivery cannot be guaranteed, for various reasons. For example, some nodes do not have a unique Internet Protocol (IP) address, so that sending a one-way message to a node will not always result in successful delivery.</p>
<p>One way of tackling this problem is for the client terminal to poll the server on a regular basis, rather than keeping connections open, to determine if any new personal data is available. Each request from the client terminal contains information of a private nature, such as a username and a password, which should not be exposed in an un-secure network such as the Internet. The request from the client terminal can be conducted over an encrypted connection, however each time a request is made the server must authenticate the client, thus resulting in increased complexity and costs.</p>
<p>An alternative which is proposed is the use of secure peer-to-peer messaging protocols. However, such protocols are relatively complex to implement and may not be widely enabled, thus reducing the scope of uptake.</p>
<p>Another way of tackling this problem has been proposed by the current applicant in British Patent Application No. 0425246.6, which is as yet unpublished. There, a client terminal checks a server on a regular basis for the availability of personal data and authenticates itself by using a first client identifier in a first request. In turn, when notified by the server of available personal data, the client terminal sends a second request to the server to access the personal data. A second, different client identifier could be used in the second request; in this way, use of the first client identifier does not compromise the client identifier which is used to access the personal data. In this method, sensitive information need not be sent when checking the server for the availability of personal data, thus enabling less secure protocols such as Hyper Text Transfer Protocol (HTTP) to be used in the first request, while using secure protocols such as Secure Hyper Text Transfer Protocol (I-ITTPS) in the second request.</p>
<p>Such methods involve the creation of extra traffic in the network due to polling of the server by client terminals. Providing personal data to users more promptly after it is available means reducing the polling period, which further increases the amount of polling traffic. This extra traffic may put further strain on valuable network resources that may already be highly utilised.</p>
<p>It would thus be desirable to implement a solution to deliver personal data securely and with low latency, without putting unnecessary strain on existing network resources.</p>
<p>Summary of the Invention</p>
<p>In accordance with a first aspect of the present invention, there is provided a method for the provision of personal data in a data communications network comprising a peer-to-peer overlay network, said method including at a software application on a recipient node, receiving notification of the availability of personal data via said peer-to-peer overlay network, in response to said receiving step, said software application establishing a connection between said recipient node and a server system, wherein said connection is separate from said peer-to-peer overlay network, and said software application downloading said available personal data to said recipient node via said established connection.</p>
<p>The present invention proposes for a recipient node to receive a notification that personal data is available via a peer-to-peer overlay network.</p>
<p>Once a recipient node has been notified that personal data is available, a connection, separate to the peer-to-peer overlay network, may be established between the recipient node and the server system for the personal data to be downloaded.</p>
<p>The term "peer-to-peer" is used here to refer to a network architecture.</p>
<p>In an article entitled "A survey of Open Peer-to-Peer Technologies and their Applicability to Implementing an Organisational Information Repository," by Adeptech Systems, Inc., the term "peer-to-peer" is used to indicate a distributed system in which data is exchanged between two or more equal, autonomous, general-purpose entities; as opposed to a client-server model, in which roles are rigidly fixed and specialised. In a more general definition, which is preferred herein, the entities are substantially equal, as some entities may have more server-like duties to carry out than others.</p>
<p>In general, all nodes function as both client and server nodes. In some peer-to-peer networks, there may be servers that are pure servers. The reason for this is these may be optimised to perform a particular function. These pure servers are sometimes called supernodes' and may carry out such tasks as overall supervision of the peer-to-peer network, or provision of a gateway between multiple peer-to-peer networks.</p>
<p>The term peer-to-peer overlay network is used here to refer to a peer-to-peer network which overlays another network, in this case the Internet. Nodes in the overlay network may be thought of as being connected by virtual or logical links, each of which corresponds to a path, for example through many physical links, in the underlying network.</p>
<p>The present invention has the advantage that sensitive information need not be sent when notifying the recipient node of the availability of personal data, thus enabling a less secure protocol, for example a proprietary protocol embedded within a peer-to-peer overlay network protocol, to be used in the notification sent via the peer-to- peer overlay network, while using a relatively secure protocol, for the download of the personal data, which secure protocol may not be available for use via the peer-to-peer overlay network. Further, use of the present invention avoids the expense of secure connections when they are not necessary and reduces network load.</p>
<p>Using a peer-to-peer overlay network for the notifications gives the advantage that notifications may be made at any time, i.e. promptly after the server receives the personal data, thus helping to reduce delay in the delivery of personal data to recipient nodes.</p>
<p>Preferably, recipient nodes are identified in the peer-to-peer overlay network by predetermined peer-to-peer network identifiers.</p>
<p>In preferred embodiments, the peer-to-peer overlay network comprises one or more intermediate peer-to-peer nodes, via which notifications of available personal data may be received.</p>
<p>If any intermediate nodes in the peer-to-peer overlay network fail or are removed from the network, then notifications may be delivered via other nodes, thus helping to ensure the notifications will arrive at their intended destinations.</p>
<p>Preferably, notifications are sent via peer-to-peer routeing which involves use of predetermined peer-to-peer network identifiers.</p>
<p>Preferably an established connection comprises a secure client-server connection. These secure client-server connections may involve encryption-based protocols.</p>
<p>Preferably, the peer-to-peer overlay network notification is received using a relatively insecure protocol via the peer-to-peer overlay network and the personal data is downloaded using a relatively secure client-server connection protocol.</p>
<p>In accordance with a second aspect of the present invention, there is provided a method for the provision of personal data in a data communications network comprising a peer-to-peer overlay network, said method including at a server system, receiving personal data to be provided to a recipient node, transmitting a notification of the availability of personal data for said recipient node to a software application, said notification being transmitted via said peer-to-peer overlay network, receiving a connection request from said software application at said recipient node, in response to said connection request, establishing a connection between said server node and said recipient node, wherein said connection is separate from said peer-topeer overlay network, and downloading said available personal data to said software application via said established connection.</p>
<p>The present invention allows the server system, once it has received personal data to be provided to a recipient node, to promptly notify the recipient node that the personal data is available via a peer-to-peer overlay network. The server system need not wait, for example for an acknowledgement from the recipient node, before transmitting the notification, so that delay in the delivery of the personal data may be reduced.</p>
<p>Another advantage of the present invention is that the server system may identify the location of recipient terminals in the peer-to-peer overlay network for which personal data is available for in a straightforward manner by having access to a data store indexed by peer-to-peer network identifiers. The set of peer-to-peer network identifiers may be held in a form most suitable for quick access, such as a set of files having file names identical to, or containing, the peer-to-peer network identifiers. Alternatively, the set of peer-to-peer network identifiers may be held directly in a working memory, such as a random access memory (RAM).</p>
<p>Preferably, the server system has access to a store of predetermined peer-to-peer network identifiers, and each predetermined peer-to-peer network identifier is associated with a different recipient node in the peer-to-peer overlay network.</p>
<p>Preferably, the recipient node to which said personal data is to be provided is determined, prior to a notification transmittal, from an identity associated with received personal data and from the data store.</p>
<p>Preferably, notifications are transmitted to recipient nodes according to predetermined peer-to-peer network identifiers associated with the recipient nodes that personal data is to be provided to.</p>
<p>Preferably notifications are made using an insecure protocol via the peer-to-peer overlay network and personal data is downloaded using a secure connection protocol.</p>
<p>Preferably, the peer-to-peer overlay network comprises one or more intermediate peer-to-peer nodes, via which notifications may be transmitted Preferably, notifications are transmitted via peer-to-peer routeing which involves use of predetermined peer-to-peer network identifiers.</p>
<p>Preferably an established connection comprises a secure client-server connection. These secure client-server connections may involve encryption-based protocols.</p>
<p>Preferably, the server system is registered with the peer-to-peer overlay network, prior to the transmittal of notifications.</p>
<p>Preferably, registration details for one or more recipient nodes are received by the server system.</p>
<p>Preferably, the registration details include peer-to-peer network identifiers associated with one or more recipient nodes.</p>
<p>Preferably the server system comprises a first server, which includes a data store and which is responsible for the transmittal of notifications and a second server which includes a database for storing available personal data and is responsible for receiving and downloading personal data.</p>
<p>In accordance with a third aspect of the present invention there is provided a system for communication of data between a server and at least one recipient node in a data communications network comprising a peer-to-peer overlay network, said system including at least one data source, a database, said database comprising personal data derived from said data source and having an interface, a data store, said data store comprising peer-to-peer network identifiers which identify recipient nodes in said peer-to-peer overlay network and having an interface, at least one recipient node having software configured to interact with said peer-to-peer overlay network and said server, first communication means for conducting a first communication link allowing said server to transmit a notification of the availability of personal data to a recipient node via said peer-to-peer overlay network, on the basis of said peer-to-peer network identifiers of said data store, said data store being accessed by said server via said data store interface, and second communication means for conducting a second communication link allowing said server to transmit said personal data to said recipient node, said second communication link being separate from said peer-to-peer overlay network, said personal data being retrieved from said database by said server via said database interface.</p>
<p>In accordance with a fourth aspect of the present invention there is provided a system for communication of data between first and second servers and at least one recipient node in a data communications network comprising a peer-to-peer overlay network, said system including, at least one data source, a first server having access to a data store, said data store comprising peer-to-peer network identifiers which identify recipient nodes in said peer-to-peer overlay network and having an interface, a second server having access to a database, said database comprising personal data derived from said data source and having an interface, server-server communication means for said second server to transmit to said first server data identifying which recipient node personal data is available for, at least one recipient node having software configured to interact with said peer-to-peer overlay network and said servers, first communication means for conducting a first communication link for said first server to transmit a notification of the availability of personal data to a recipient node via said peer-to-peer overlay network, on the basis of said peer-to-peer network identifiers of said data store, said data store being accessed by said first server via said data store interface, and second communication means for conducting a second communication link allowing said second server to transmit said personal data to said recipient node, said second communication link being separate from said peer-to-peer overlay network, said personal data being retrieved from said database by said second server via said database interface.</p>
<p>Further aspects of the invention include apparatus and computer software arranged to conduct the method of the first and second aspects of the present invention.</p>
<p>Further features and advantages of the invention will become apparent from the following description of preferred embodiments of the invention, given by way of example only, which is made with reference to the accompanying drawings.</p>
<p>Brief Description of the Drawings</p>
<p>Figure 1 is a block diagram of a data communications network according to a first embodiment of the present invention.</p>
<p>Figure 2 is a block diagram of a data communications network according to a second embodiment of the present invention.</p>
<p>Figure 3 is a diagram showing data flows in a data communications network according to embodiments of the present invention.</p>
<p>Figure 4 is a flow diagram showing an example of the steps involved in the method of providing personal data according to embodiments of the present invention.</p>
<p>Detailed Description of the Invention</p>
<p>Figure 1 is a block diagram of a data communications network according to a first embodiment of the present invention. The data communications network comprises the Internet 132, a server 100 and several recipient nodes, only one exemplary node 102 being represented. A peer-to-peer overlay network 130 is used to connect the recipient nodes, via each other, to the server 100.</p>
<p>More than one server may be employed to carry out the tasks of server 100, i.e. a server a system. These servers may be located remotely or locally on the same hardware platform. The term server is used hereinafter to refer to any of these scenarios.</p>
<p>The term "node" is used here to refer to any form of computing device such as a personal computer (PC), server, laptop, cellular telephone, personal digital assistant (PDA), etc. The term "recipient node" is used here to denote a node to which personal data may be provided, i.e. an endpoint for the personal data, and is typically a user terminal. Where reference is made to the exemplary recipient node 102 below, it should be understood that reference is being similarly made to other of the participating recipient nodes of the network.</p>
<p>In the data communications network, server 100 hosts a database 106 which intermittently receives personal data from one or more external data sources (not shown) for users of recipient nodes such as recipient node 102.</p>
<p>Recipient node 102 includes desktop agent software 104 configured in accordance with the invention in order to interact with server 100.</p>
<p>The peer-to-peer overlay network 130 used in this embodiment includes one or more recipient nodes. Each recipient node maintains a set of links to other intermediate nodes (sometimes referred to as its neighbours or routeing table). Together these form an overlay network, the structure of the network being known as the network's topology. Examples of peer-to-peer overlay network protocols which could be employed in this embodiment include Content Addressable Network (CAN), Chord, Pastry, Tapestry and XEvent.</p>
<p>In this embodiment, a server node is maintained as a central depository for personal data that is to be provided to recipient nodes, although this functionality could be shared between a plurality of servers.</p>
<p>Each of the recipient nodes has its own unique identifier and each of the recipient nodes may communicate with each other node using these unique identifiers even though there is no direct connection between them. The recipient nodes are decentralised in that they collectively form the peer-to-peer overlay network without any central coordination. The peer-to-peer overlay network is scalable in that it may function even with thousands or even millions of recipient nodes and also if some of the nodes are not functioning themselves.</p>
<p>Each recipient node need coordinate with only a few other nodes in the network, so that the amount of re-coordination needed if a node fails or leaves the network is limited. In this embodiment, the structure used for the peer-to-peer overlay network is a distributed hash table, which may be employed in the peer-to-peer overlay network in the present invention.</p>
<p>Employing a distributed hash table involves partitioning ownership of a set of keys among participating nodes, each node having a unique key, for example allocated from a set of 160-bit strings. The detailed operation of distributed hash tables is described in various publications including a research report for a seminar dated 26 September 2003 by Ming Xie of the University of Ottawa, entitled "P2P systems based on distributed hash table," the contents of which are incorporated herein by reference.</p>
<p>In a distributed hash table, for any key k, a node either owns k or has a link to a node that is closer to k. A message may then be routed to the owner of any key k using the following algorithm: at each step, forward the message to the neighbour whose identifier is closest to k. When there is no such neighbour, then this is the closest node. This style of routeing is sometimes called key-based routeing.</p>
<p>Server 100 includes a server application 108 which has access to database 106 and also a data store 110. The data store is used to store a list of users which receive data through the present invention, i.e. recipients. Each recipient has an associated peer-peer identifier which is used to identify that recipient's node in the peer-to-peer network. This identifier is unique to each recipient node and could for example be a number or alphanumeric key.</p>
<p>The server application 108 also has access to a peer-to-peer (denoted "P2P" in Figures) interface 114, through which it may interact with peer-to-peer overlay network 130 and a secure client-server interface 112 through which it may interact directly with a client, i.e. a recipient node.</p>
<p>When new personal data is available in database 106 for a recipient node, the server application 108 accesses data store 110 in order to lookup the peer-to-peer identifier for that recipient node. The server application 108 then transmits, via peer-to-peer interface 114, a notification addressed to the recipient node at a location in the peer-to-peer overlay network 130 uniquely defined by the peer-to-peer identifier. The notification is received by and transmitted on by one or more intermediate nodes (not shown), as described above, that make up peer-to-peer overlay network 130.</p>
<p>The notification may be sent using an insecure protocol. The notification may thus be sent unencrypted, using a communication protocol having a relatively low signalling load. The notification could for example be transmitted in plain-text format. A secure protocol is not required here as no potentially sensitive information is included in the notification, just the fact that personal data for that recipient node 102 is available for download at server 100.</p>
<p>When the notification is received at recipient node 102, the notification is passed to the desktop agent software 104 which processes the notification, and in response to receipt thereof, and preferably without user intervention, automatically and immediately initiates a secure connection over the Internet with server 100 via its secure client-server interface 112. The secure connection can be made using a secure protocol such as HTTPS, Secure File Transfer Protocol (SFTP), Secure Socket Layer (SSL), Extensible Markup Language Remote Procedure Call (XML/RPC), etc. A secure protocol is used here as it is this connection that is used for transmitting a secure identity and for downloading of the personal data to recipient node 102, which may contain sensitive information for viewing at the recipient node only.</p>
<p>Once the secure connection is established, a predetermined secure user identifier, preferably accompanied by an additional authenticator, is transmitted via the established connection. The transmitted data may for example include a username and password. The username is unique to the user within the system, and is preferably different to the peer-to-peer identifier (as this has been used in the insecure notification). The secure user identifier is received by the secure client-server interface 112, which informs the server application 108 that recipient node 102 is requesting download of the available personal data of which it has been notified. Server application 108 then retrieves, using the secure user identifier, the available personal data from database 106, which is then downloaded via the established secure connection to recipient node 102 via secure client-server interface 112. When the download is complete the secure connection between server 100 and recipient node 102 may be terminated, either by the desktop agent software 104 or the server application 108.</p>
<p>Figure 2 is a block diagram of a data communications network according to a second embodiment of the present invention. In this embodiment, the data store 210 is hosted on a first server 204. An additional second server 200 hosts a database 206 containing personal data to be provided to recipients. When new information is added to the personal data in database 206, a server application 208 of second server 200 will notify an application 224 on the first server 204 that personal data is available for a recipient. The second server application 224 accesses data store 210 in order to ascertain the peer-to-peer network identifier associated with the recipient node that personal data is available for. The application on the first server 224 is then able to notify the relevant recipient node 202 in the peer-to-peer overlay network 230 via a peer-to-peer interface 214 in a similar manner to that described above for the first embodiment.</p>
<p>When the desktop agent software 204 receives notification that personal data is available, the desktop agent software 204 initiates a secure connection with second server 200 via the secure client-server interface 212.</p>
<p>As before, a secure user identifier, for example a username, preferably different to the peer-to-peer identifier and preferably accompanied by a password, allowing the user to be identified and authenticated, are transmitted via the secure connection. The secure identifier is received by secure client-server interface 212, which informs server application 208 that desktop agent software 204 is requesting download of the available personal data of which it has been notified. Server application 208 now retrieves the available personal data from database 206, which may then be downloaded to recipient node 202 via secure client-server interface 212 via the secure client-server connection.</p>
<p>When the download is complete the secure connection between second server and recipient node 202 may be terminated. The secure download thus occurs in a similar to that described for the first embodiment, but here the secure download occurs via second server 200, which is a separate node or entity to first server 204.</p>
<p>By using a separate second server, this embodiment avoids the need to implement peer-to-peer functionality in the separate second server 200 when implemented. In alternative embodiments, the first server may be used with a plurality of separate second,' third,' fourth,' etc. servers, each with its own recipient base.</p>
<p>The above description of embodiments of the invention assumes that the server(s), 100, 200, 204 and recipient node(s) 102, 202 are already configured to communicate with each other over a secure connection via the Internet 132, 232 and via the peer-to-peer overlay network 130, 230. An example of how these entities may be configured initially through a series of set up stages is now given with reference to Figure 3.</p>
<p>Figure 3 is a diagram showing data flows in a data communications network according embodiments of the present invention.</p>
<p>The set-up stage of the present invention begins with server 300 registering with the peer-to-peer overlay network 330, denoted by step 340.</p> <p>This involves creation of a peer-to-peer identity for the server by it
contacting an administration node or super node (not shown) in the peer-to-peer overlay network 330, and creating a peer-to-peer account. Alternatively, the server may act itself as an administration node or super node.</p>
<p>The next stage involves recipient node 302 registering with the peer-to-peer overlay network 330, denoted by step 342. This registration may be carried out at the same administration node that server 300 created its peer-to-peer account at. Once the registration process is complete, recipient 302 node receives its unique peer-to-peer network identifier by which it may be identified and thus located in the peer-to-peer overlay network 330, i.e. the recipient node now has a predetermined peer-to-peer network identifier.</p>
<p>The last stage in the set-up process involves recipient node 302 establishing a secure connection 350 directly with server 300 over the Internet.</p>
<p>Authentication data is transmitted in order to establish the secure connection which is transmitted from recipient node 302 to server 300, denoted by step 344.</p>
<p>The secure connection is then used to transmit the secure user identifier, preferably a username and password, which is then stored at the server 300 and recipient node 302. The peer-to-peer identifier allocated to recipient node 302 is also transmitted to server 300, 50 that server 300 knows how to contact recipient node 302 via the peer-to-peer overlay network 330.</p>
<p>The normal operating steps by which notifications are delivered and personal data downloaded are now described with reference to Figure 3. Server 300 waits for personal data to arrive for recipient node 302 (similarly for any other recipient nodes that have been registered). When personal data arrives for recipient node 302, the peer-to-peer network identifier for recipient node 302 is retrieved from the data store by the server. A notification is then transmitted, via the peer-to-peer network overlay network 330, to recipient node 302 using the peer-to-peer network identifier retrieved from the data store, denoted by step 346.</p>
<p>Once the recipient node receives the notification a further secure connection 350 may be established between recipient node 302 and server 300.</p>
<p>The recipient node transmits a request, via the further secure connection 350, for retrieval of the available personal data, denoted by step 348, to server 300 and the available personal data may be downloaded securely to recipient node 302.</p>
<p>Figure 4 is a flow diagram showing an example of the steps involved in the method of providing personal data according to a fourth embodiment of the present invention. Steps occurring at the server have been distinguished from steps occurring at the recipient node.</p>
<p>In step Si, a recipient node registers with the peer-to-peer overlay network account and receives an allocated peer-to-peer network identifier in step S2, via the peer-to-peer overlay network. The recipient node then logs in to the server via a secure connection over the Internet in step S3 and provides the server with the peer-to-peer network identifier it has been allocated, along with its secure user identifier.</p>
<p>In step S4, the server stores the peer-to-peer network identifier and the associated secure user identifier in the data store. The server then waits until personal data is available, as shown in step S5. If personal data is available, the server notifies the recipient node that personal data is available, as shown in step S6, via the peer-to- peer overlay network. Once the recipient node receives the notification, as shown in step S7, the recipient node contacts the server to establish a secure connection over the Internet, as shown in step S8 and then transmits the secure user identifier. In step S9, the server queries, by means of the secure user identifier, the database holding the available personal data and transmits this across the secure connection, in response to which the the personal data is displayed to the user by the desktop agent software, in step SI 0.</p>
<p>The above embodiments are to be understood as illustrative examples of the invention.</p>
<p>The personal data, which is intermittently made available, may be derived from many different sources, depending on the application which the present invention is being used in conjunction with. Specific applications to banking, financial or betting services are envisaged for example. In this regard, the personal data which is received may be generated in an automated system, in response to trigger events, such as a financial transaction, a winning bet, etc. Alternative applications include messaging systems, where the personal data is received from one user, and addressed to another user.</p>
<p>It is envisaged that the present invention may be employed in peer-to-peer overlay networks which employ structures other than distributed hash tables, for example a conventional hash table, or a Judy array.</p>
<p>Only one login/registration process is given above as an example process by which a server and recipient node could join a peer-to-peer overlay network.</p>
<p>The above process involves a recipient node joining the peer-to-peer overlay network and being allocated a random node ID. The recipient node then contacts the server directly and registers the allocated node ID against a user identifier. As another example, a recipient could join the network at a random address, and add a key, value pair consisting of a username' and node ID' at that random address. A server could then firstly lookup the username,' secondly use the username' to retrieve the node ID,' and thirdly send a message to the recipient using the node ID.' Any other process which allows a server and recipient node to interact with a peer-to-peer overlay network could alternatively be employed.</p>
<p>It is to be understood that any feature described in relation to any one embodiment may be used alone, or in combination with other features described, and may also be used in combination with one or more features of any other of the embodiments, or any combination of any other of the embodiments.</p>
<p>Furthermore, equivalents and modifications not described above may also be employed without departing from the scope of the invention, which is defined in the accompanying claims.</p>

Claims (1)

  1. <p>Claims 1. A method for the provision of personal data in a data
    communications network comprising a peer-to-peer overlay network, said method including: at a software application on a recipient node, receiving notification of the availability of personal data via said peer-to-peer overlay network; in response to said receiving step, said software application establishing a connection between said recipient node and a server system, wherein said connection is separate from said peer-to-peer overlay network; and said software application downloading said available personal data to said recipient node via said established connection.</p>
    <p>2. A method according to claim 1, wherein said recipient node is identified in said peer-to-peer overlay network by a predetermined peer-to-peer network identifier.</p>
    <p>3. A method according to claim I or 2, wherein said peer-to-peer overlay network comprises one or more intermediate peer-to-peer nodes, said method comprising the step of: receiving said notification via said one or more intermediate peer-to-peer nodes.</p>
    <p>4. A method according to claims 2 and 3, wherein said notification is sent via peer-to-peer routeing and said routeing involves use of said predetermined peer-to-peer network identifier.</p>
    <p>5. A method according to any preceding claim, wherein said notification is received using a relatively insecure protocol via said peer-to-peer overlay network.</p>
    <p>6. A method according to claim 5, wherein said insecure protocol comprises a proprietary protocol embedded within a peer-to-peer overlay network protocol.</p>
    <p>7. A method according to any preceding claim, wherein said established connection comprises a relatively secure client-server connection protocol.</p>
    <p>8. A method according to claim 7, wherein said secure client-server connection comprises an encryption-based protocol.</p>
    <p>9. A method according to claim 7 or 8, wherein said encryption-based protocol comprises one or more of: Secure Hyper Text Transfer Protocol (HTTPS), Secure File Transfer Protocol (SFTP), Secure Socket Layer (SSL), Extensible Markup Language Remote Procedure Call (XML/RPC).</p>
    <p>10. A method according to any preceding claim, wherein said peer-to-peer overlay network comprises one or more of the following protocols: Content Addressable Network (CAN), Chord, Pastry, Tapestry, XEvent.</p>
    <p>11. A method according to any preceding claim, comprising the steps of: prior to said receiving step, registering said recipient node with said peer-to-peer overlay network; and in response to said registering step, receiving the allocation of said predetermined peer-to-peer network identifier for said recipient node.</p>
    <p>12. A method according to claim 11, comprising the steps of: registering said recipient node with said server system by transmitting registration details to said server system, said registration details comprising said predetermined peer-to-peer network identifier.</p>
    <p>13. A method according to claim 12, wherein said registration details are transmitted using an encryption-based protocol.</p>
    <p>14. A method for the provision of personal data in a data communications network comprising a peer-to-peer overlay network, said method including: at a server system, receiving personal data to be provided to a recipient node; transmitting a notification of the availability of personal data for said recipient node to a software application, said notification being transmitted via said peer-to-peer overlay network; receiving a connection request from said software application at said recipient node; in response to said connection request, establishing a connection between said server node and said recipient node, wherein said connection is separate from said peer-topeer overlay network; and downloading said available personal data to said software application via said established connection.</p>
    <p>15. A method according to claim 14, further comprising the steps of: at said server system, having access to a store of predetermined peer-to-peer network identifiers, each predetermined peer-to-peer network identifier being associated with a different recipient node in said peer-to-peer overlay network; and prior to said notification transmittal, determining from an identity associated with said received personal data and from said store, which recipient node said personal data is to be provided to.</p>
    <p>16. A method according to claim 15, wherein said notification is transmitted to a recipient node according to a predetermined peer-to-peer network identifier associated with said recipient node that said personal data is to be provided to.</p>
    <p>17. A method according to any of claims 14 to 16, wherein said notification is transmitted using an insecure protocol via said peer-to-peer overlay network.</p>
    <p>18. A method according to claim 17, wherein said insecure protocol comprises a proprietary protocol embedded within a peer-to-peer overlay network protocol.</p>
    <p>19. A method according to any of claims 14 to 18, wherein said peer-to-peer overlay network comprises one or more intermediate peer-to-peer nodes, said method comprising the step of: transmitting said notification via said one or more intermediate peer-to-peer nodes.</p>
    <p>20. A method according to any of claims 16 to 19, wherein said notification is transmitted via peer-to-peer routeing and said routeing involves use of said predetermined peer-to-peer network identifier.</p>
    <p>21. A method according to any preceding claim, wherein said established connection comprises a secure client-server connection.</p>
    <p>22. A method according to claim 21, wherein said secure client-server connection comprises an encryption-based protocol.</p>
    <p>23. A method according to claim 22, wherein said encryption-based protocol comprises one or more of: Secure Hyper Text Transfer Protocol (HTTPS), Secure File Transfer Protocol (SFTP), Secure Socket Layer (SSL), Extensible Markup Language Remote Procedure Call (XML/RPC).</p>
    <p>24. A method according to any preceding claim, wherein said peer-to-peer overlay network uses a peer-to-peer network protocol which comprises one or more of the following protocols: Content Addressable Network (CAN), Chord, Pastry, Tapestry, XEvent.</p>
    <p>25. A method according to any of claims 14 to 24, further comprising the step of: prior to said transmitting step, registering said server system with said peer-to-peer overlay network.</p>
    <p>26. A method according to any of claims 14 to 25, further comprising the step of: receiving registration details for one or more recipient nodes, said registration details comprising predetermined peer-to-peer network identifiers associated with said one or more recipient nodes.</p>
    <p>27. A method according to any of claims 14 to 26, wherein said server system comprises: a first server, said first server comprising said data store and being responsible for said notification transmittal; and a second server, said second server comprising a database for storing available personal data and being responsible for said reception and downloading of personal data.</p>
    <p>28. Apparatus arranged to conduct the method of any of claims I to 13.</p>
    <p>29. Computer software arranged to conduct the method of any of claims ito 13.</p>
    <p>30. Apparatus arranged to conduct the method of any of claims 14 to 27.</p>
    <p>31. Computer software arranged to conduct the method of any of claims 14 to 27.</p>
    <p>32. A system for communication of data between a server and at least one recipient node in a data communications network comprising a peer-to-peer overlay network, said system including: at least one data source; a database, said database comprising personal data derived from said data source and having an interface; a data store, said data store comprising peer-to-peer network identifiers which identify recipient nodes in said peer-to-peer overlay network and having an interface; at least one recipient node having software configured to interact with said peer-to-peer overlay network and said server; first communication means for conducting a first communication link allowing said server to transmit a notification of the availability of personal data to a recipient node via said peer-to-peer overlay network, on the basis of said peer-to-peer network identifiers of said data store, said data store being accessed by said server via said data store interface; and second communication means for conducting a second communication link allowing said server to transmit said personal data to said recipient node, said second communication link being separate from said peer-to-peer overlay network, said personal data being retrieved from said database by said server via said database interface.</p>
    <p>33. A system for communication of data between first and second servers and at least one recipient node in a data communications network comprising a peer-to-peer overlay network, said system including: at least one data source; a first server having access to a data store, said data store comprising peer-to-peer network identifiers which identify recipient nodes in said peer-to-peer overlay network and having an interface; a second server having access to a database, said database comprising personal data derived from said data source and having an interface; server-server communication means for said second server to transmit to said first server data identifying which recipient node personal data is available for; at least one recipient node having software configured to interact with said peer-to-peer overlay network and said servers; first communication means for conducting a first communication link for said first server to transmit a notification of the availability of personal data to a recipient node via said peer-to-peer overlay network, on the basis of said peer-to-peer network identifiers of said data store, said data store being accessed by said first server via said data store interface; and second communication means for conducting a second communication link allowing said second server to transmit said personal data to said recipient node, said second communication link being separate from said peer-to-peer overlay network, said personal data being retrieved from said database by said second server via said database interface.</p>
GB0609684A 2006-05-16 2006-05-16 Provision of personal data in a data communications network Withdrawn GB2438258A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
GB0609684A GB2438258A (en) 2006-05-16 2006-05-16 Provision of personal data in a data communications network
PCT/EP2007/054603 WO2007131971A1 (en) 2006-05-16 2007-05-11 Provision of personal data in a data communications network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB0609684A GB2438258A (en) 2006-05-16 2006-05-16 Provision of personal data in a data communications network

Publications (2)

Publication Number Publication Date
GB0609684D0 GB0609684D0 (en) 2006-06-28
GB2438258A true GB2438258A (en) 2007-11-21

Family

ID=36660246

Family Applications (1)

Application Number Title Priority Date Filing Date
GB0609684A Withdrawn GB2438258A (en) 2006-05-16 2006-05-16 Provision of personal data in a data communications network

Country Status (2)

Country Link
GB (1) GB2438258A (en)
WO (1) WO2007131971A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044483A1 (en) * 2003-07-18 2005-02-24 Canon Kabushiki Kaisha Method of accessing and sharing a digital document in P2P communication network
US20050182937A1 (en) * 2004-02-12 2005-08-18 Harmeet Singh Bedi Method and system for sending secure messages over an unsecured network

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH1125046A (en) * 1997-07-03 1999-01-29 Oki Electric Ind Co Ltd Method for protecting communication information
US7007083B1 (en) * 2000-06-29 2006-02-28 Microsoft Corporation Real time update notification
GB2420256B (en) * 2004-11-16 2007-05-23 Skinkers Ltd Provision of personal data in a communications network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044483A1 (en) * 2003-07-18 2005-02-24 Canon Kabushiki Kaisha Method of accessing and sharing a digital document in P2P communication network
US20050182937A1 (en) * 2004-02-12 2005-08-18 Harmeet Singh Bedi Method and system for sending secure messages over an unsecured network

Also Published As

Publication number Publication date
GB0609684D0 (en) 2006-06-28
WO2007131971A1 (en) 2007-11-22

Similar Documents

Publication Publication Date Title
US11449596B2 (en) Event-based user state synchronization in a local cloud of a cloud storage system
US7664861B2 (en) Managed peer-to-peer file sharing
US7139565B2 (en) Connection architecture for a mobile network
US7275102B2 (en) Trust mechanisms for a peer-to-peer network computing platform
US8108455B2 (en) Mobile agents in peer-to-peer networks
US20020143855A1 (en) Relay peers for extending peer availability in a peer-to-peer networking environment
US20080134316A1 (en) private network system and method
US20070005711A1 (en) System and method for building instant messaging applications
JP2008533879A (en) Communication method and system comprising identity information and directory management
KR102208935B1 (en) Messaging api over http protocol to establish context for data exchange
EP2735131B1 (en) Self-adapting direct peer to peer communication and messaging system
CN107251518B (en) System and method for neutral application programming interface
AU2003225818A1 (en) Data replication system and method
US10846658B2 (en) Establishing a communication event
US9325745B2 (en) Providing services by managing communication relationships
CN110971506B (en) Decentralized real-time cluster communication method, device, equipment and system
US8453229B2 (en) Push type communications system
US8793383B2 (en) Transparent transfer of a two-way communication
US10049230B1 (en) System and methods for exchanging identity information among independent enterprises which may include person enable correlation
US20060031418A1 (en) Authenticating client-to-client communication
US20070239827A1 (en) Global chat system
US20060026216A1 (en) Server-assited communication among clients
US8156547B2 (en) Methods and systems for device-independent portable session synchronization
GB2438258A (en) Provision of personal data in a data communications network
Malhotra Peer alerting lifeline: a study of backend infrastructure for a crowdsourced emergency response system

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)