How to Securely Pass Data Packets Within a Trusted Network

A method for tagging data packets with verified properties so that internal network nodes can trust the data without re-verifying it themselves.

What it covers

This patent describes a way to make networks faster and more secure by using a 'property vector.' When a message enters a trusted network, an ingress node verifies specific details about it, like its priority or authenticity. It creates a digital tag called a property vector and signs it with a shared secret key. Other nodes in the network can then check this signature to confirm the data is valid without having to perform the heavy lifting of re-verifying the original properties themselves.

What it doesn't cover

• —Does not cover verification methods that rely on individual node-to-node public key infrastructure.
• —Does not cover networks that do not use hierarchically structured names for data identification.
• —Does not cover systems where intermediate nodes are required to perform full re-verification of the message properties.

The clever bit

By bundling verified properties into a signed vector at the edge of the network, the system turns a complex, multi-step verification process into a single, lightweight signature check for all internal nodes.

Why it matters

In content-centric networks, data is retrieved by name rather than by location. This patent helps solve a major bottleneck in these networks: the computational cost of constantly verifying security and policy metadata as packets hop across multiple routers. By creating a 'trust domain' where nodes share a secret, the system allows for high-speed, secure routing.

Real-world examples

• 1.Content-Centric Networking (CCN) routers
• 2.Named Data Networking (NDN) testbeds
• 3.Secure enterprise data distribution systems