Traffic control within a network architecture providing many-to-one transmission with denial-of-service protection

• Main Authors: NIKANDER PEKKA, SARELA MIKKO
• Format: Patent
• Language: English
• Published: 01.10.2013
• Subjects: ELECTRIC COMMUNICATION TECHNIQUE; ELECTRICITY; TELEPHONIC COMMUNICATION; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

A method of controlling traffic flow through a service node located within a packet network, which traffic flow originates at a plurality of sending nodes and is destined for a receiving node. The service node is one of a multiplicity of service nodes configured in a tree or other acyclic structure, e.g. of an overlay network. The method comprises receiving a challenge from said receiving node or a downstream service node, generating and caching a further challenge, and combining that further challenge with the received challenges to generate a modified challenge. The modified challenge is then sent to a sending node or to an upstream service node. Subsequently, a request is received, destined for said receiving node and originating at a sending node. A solution accompanying said request is validated using the cached further challenge, and the request forwarded towards said receiving node only if the solution is valid. Otherwise, the request is dropped.