公开(公告)号：US10742612B2

公开(公告)日：2020-08-11

申请号：US15784708

申请日：2017-10-16

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  K. Tirumaleswar Reddy ,  Justin James Muller ,  Judith Ying Priest ,  Puneeth Rao Lokapalli

IPC: H04L29/06 ,  H04L9/32 ,  H04L12/24 ,  H04L12/26

Abstract: In a network that includes a client, a server and one or more proxy entities that intercept network traffic between the client and the server, a computer-implemented method is provided including: establishing trust with a permissioned distributed database; computing hashes from packet payloads of network traffic originated, intercepted or received; storing the hashes to the permissioned distributed database so that the permissioned distributed database maintains hashes computed from packets of the network traffic originated, intercepted or received by the client, server and the one or more proxy entities; and validating the hashes by comparing, with each other, the hashes stored to the permissioned distributed database by the client, server and the one or more proxy entities to determine whether any packet payload of the network traffic was modified in transit.

公开(公告)号：US20180254982A1

公开(公告)日：2018-09-06

申请号：US15446992

申请日：2017-03-01

Applicant: Cisco Technology, Inc.

Inventor： John George Apostolopoulos ,  Judith Ying Priest

IPC: H04L12/725 ,  H04L29/08 ,  H04L12/911

CPC classification number: H04L45/302 ,  H04L47/726

Abstract: Various implementations disclosed herein enable adjusting the performance of at least a portion of communication paths associated with a distributed ledger. In various implementations, a method includes determining a quality of service value for a data transmission over the communication paths provided by a first plurality of network nodes. In some implementations, the data transmission is associated with the distributed ledger. In various implementations, the method includes determining one or more configuration parameters for at least one of the first plurality of network nodes based on a function of the quality of service value. In various implementations, the method includes providing the one or more configuration parameters to the at least one of the first plurality of network nodes.

公开(公告)号：US20190014124A1

公开(公告)日：2019-01-10

申请号：US15644982

申请日：2017-07-10

Applicant: Cisco Technology, Inc.

Inventor： K. Tirumaleswar Reddy ,  Prashanth Patil ,  Carlos M. Pignataro ,  Puneeth Rao Lokapalli ,  Judith Ying Priest

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/108 ,  H04L9/3236 ,  H04L41/5019 ,  H04L41/5051 ,  H04L41/5096 ,  H04L63/1458 ,  H04L63/164 ,  H04L63/20 ,  H04L67/125 ,  H04L2209/20 ,  H04L2209/38 ,  H04L2209/56

Abstract: Managing policies for a chain of administrative domains, from end-to-end, includes receiving, at a network device associated with an administrative domain that is part of a chain of administrative domains provisioning an Internet-based application or an Internet-based service to a network, a root block for a blockchain. The root block is generated by a network device in the network and includes a request for a specific network parameter over a specific time period. The network device associated with the administrative domain appends a first block to the blockchain including the root block to accept the request and configures the administrative domain in accordance with the specific network parameter when an end-to-end path in the chain of administrative domains accepts the request. The network device associated with the administrative domain also generates blockchain transactions that append network status updates to the blockchain during the specific time period.

公开(公告)号：US20180181751A1

公开(公告)日：2018-06-28

申请号：US15390488

申请日：2016-12-24

Applicant: Cisco Technology, Inc.

Inventor： Ramanathan Jagadeesan ,  Judith Ying Priest ,  Anoop Nannra

IPC: G06F21/55

CPC classification number: G06F21/552 ,  H04L9/3239 ,  H04L63/102 ,  H04L63/1441 ,  H04L2209/38

Abstract: In various implementations, a method of identifying anomalies is performed by a first network node that is configured to maintain a distributed ledger in coordination with a plurality of network nodes. In various implementations, the first network node includes one or more processors, a non-transitory memory, and one or more network interfaces. In various implementations, the method includes determining a characteristic value based on information associated with the distributed ledger. In some implementations, the distributed ledger stores blocks of transactions that were added to the distributed ledger based on a consensus determination between the plurality of network nodes. In various implementations, the method includes determining whether a current transaction satisfies the characteristic value. In various implementations, the method include indicating whether there is an anomaly based on a function of the current transaction in relation to the characteristic value.

公开(公告)号：US10311230B2

公开(公告)日：2019-06-04

申请号：US15390488

申请日：2016-12-24

Applicant: Cisco Technology, Inc.

Inventor： Ramanathan Jagadeesan ,  Judith Ying Priest ,  Anoop Nannra

IPC: G06F21/55 ,  H04L29/06 ,  H04L9/32

Abstract: In various implementations, a method of identifying anomalies is performed by a first network node that is configured to maintain a distributed ledger in coordination with a plurality of network nodes. In various implementations, the first network node includes one or more processors, a non-transitory memory, and one or more network interfaces. In various implementations, the method includes determining a characteristic value based on information associated with the distributed ledger. In some implementations, the distributed ledger stores blocks of transactions that were added to the distributed ledger based on a consensus determination between the plurality of network nodes. In various implementations, the method includes determining whether a current transaction satisfies the characteristic value. In various implementations, the method include indicating whether there is an anomaly based on a function of the current transaction in relation to the characteristic value.

公开(公告)号：US20190116158A1

公开(公告)日：2019-04-18

申请号：US15784708

申请日：2017-10-16

Applicant: Cisco Technology, Inc.

Inventor： Prashanth Patil ,  K. Tirumaleswar Reddy ,  Justin James Muller ,  Judith Ying Priest ,  Puneeth Rao Lokapalli

IPC: H04L29/06

Abstract: In a network that includes a client, a server and one or more proxy entities that intercept network traffic between the client and the server, a computer-implemented method is provided including: establishing trust with a permissioned distributed database; computing hashes from packet payloads of network traffic originated, intercepted or received; storing the hashes to the permissioned distributed database so that the permissioned distributed database maintains hashes computed from packets of the network traffic originated, intercepted or received by the client, server and the one or more proxy entities; and validating the hashes by comparing, with each other, the hashes stored to the permissioned distributed database by the client, server and the one or more proxy entities to determine whether any packet payload of the network traffic was modified in transit.

公开(公告)号：US10476682B2

公开(公告)日：2019-11-12

申请号：US15447001

申请日：2017-03-01

Applicant: Cisco Technology, Inc.

Inventor： Anoop Nannra ,  Judith Ying Priest ,  Ramanathan Jagadeesan

IPC: G06F1/12 ,  G06F13/42 ,  H04L5/00 ,  H04L7/00 ,  H04L9/32 ,  H04L29/06 ,  H04L9/12 ,  H04L29/08 ,  G06F1/14

Abstract: In various implementations, a method of managing transactions in a distributed ledger is performed by a first network node that is configured to maintain a distributed ledger in coordination with a plurality of network nodes. In various implementations, the first network node includes a processor, a non-transitory memory, and a network interface. In various implementations, the method includes synchronizing a first clock of the first network node with respective clocks maintained by one or more of the plurality of network nodes. In various implementations, the method includes obtaining a transaction indicator including respective transaction data. For example, in some implementations, the method includes receiving a transaction request from a client device. In various implementations, the method includes synthesizing, by the first network node, a timestamp for the transaction based on the first clock. In some implementations, the timestamp indicates a time that associates the first network node to the transaction.

公开(公告)号：US10419446B2

公开(公告)日：2019-09-17

申请号：US15644982

申请日：2017-07-10

Applicant: Cisco Technology, Inc.

Inventor： K. Tirumaleswar Reddy ,  Prashanth Patil ,  Carlos M. Pignataro ,  Puneeth Rao Lokapalli ,  Judith Ying Priest

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/24

Abstract: Managing policies for a chain of administrative domains, from end-to-end, includes receiving, at a network device associated with an administrative domain that is part of a chain of administrative domains provisioning an Internet-based application or an Internet-based service to a network, a root block for a blockchain. The root block is generated by a network device in the network and includes a request for a specific network parameter over a specific time period. The network device associated with the administrative domain appends a first block to the blockchain including the root block to accept the request and configures the administrative domain in accordance with the specific network parameter when an end-to-end path in the chain of administrative domains accepts the request. The network device associated with the administrative domain also generates blockchain transactions that append network status updates to the blockchain during the specific time period.

公开(公告)号：US20180254841A1

公开(公告)日：2018-09-06

申请号：US15447001

申请日：2017-03-01

Applicant: Cisco Technology, Inc.

Inventor： Anoop Nannra ,  Judith Ying Priest ,  Ramanathan Jagadeesan

IPC: H04J3/06 ,  H04L12/26 ,  H04L29/06

Abstract: In various implementations, a method of managing transactions in a distributed ledger is performed by a first network node that is configured to maintain a distributed ledger in coordination with a plurality of network nodes. In various implementations, the first network node includes a processor, a non-transitory memory, and a network interface. In various implementations, the method includes synchronizing a first clock of the first network node with respective clocks maintained by one or more of the plurality of network nodes. In various implementations, the method includes obtaining a transaction indicator including respective transaction data. For example, in some implementations, the method includes receiving a transaction request from a client device. In various implementations, the method includes synthesizing, by the first network node, a timestamp for the transaction based on the first clock. In some implementations, the timestamp indicates a time that associates the first network node to the transaction.