中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

88 records (took 0.019 seconds)

    Attestation-based route reflector
    11.
    发明授权
    Attestation-based route reflector 有权

    公开(公告)号:US11316780B2

    公开(公告)日:2022-04-26

    申请号:US16833197

    申请日:2020-03-27

    Applicant: Cisco Technology, Inc.

    Inventor: David Delano Ward Jakob Heitz William Michael Hudson, Jr. Eric Voit

    IPC: H04L29/12 H04L9/32 H04L9/06 H04L12/725 H04L12/715 H04L45/302 H04L45/00 H04L101/622

    Abstract: A verifier peer system transmits a request to an application of another peer system to obtain integrity data of the application. In response to the request, the verifier peer system obtains a response that includes kernel secure boot metrics of the other peer system and integrity data of the application and of any application dependencies. If the verifier peer system determines that the response is valid, the verifier peer system evaluates the integrity data and the kernel secure boot metrics against a set of Known Good Values to determine whether the integrity data and the kernel secure boot metrics are valid. If the integrity data and the kernel secure boot metrics are valid, the verifier peer system determines that the other peer system is trustworthy.

    Allocating bandwidth between network computing devices for pushing data to a client computing device
    12.
    发明授权
    Allocating bandwidth between network computing devices for pushing data to a client computing device 有权

    公开(公告)号:US10581992B2

    公开(公告)日:2020-03-03

    申请号:US15085715

    申请日:2016-03-30

    Applicant: Cisco Technology, Inc.

    Inventor: Alberto Gonzalez Prieto Alexander Clemm Eric Voit

    IPC: H04L5/00 H04L29/08 H04L12/825 H04L12/801 H04L12/24 H04L29/06

    Abstract: Computer systems and methods for allocating bandwidth so that server computers can send data to a client computer without exceeding the available bandwidth between the server computers and the client computer, or the processing bandwidth or capacity of the client computer, are discussed herein. In an embodiment, a method comprises determining a first share of bandwidth that is to be available for a first computing device to send data to the client computer during a first future period of time; determining a first rate at which the first computing device is to send data to the client computer during the first future period of time; determining that the first rate is less than the first share of bandwidth that is to be available for the first computing device to send data to the client computer during the first future period of time by a first delta; receiving, from a second computing device among the plurality of network computing devices, a first request for additional rate allocation; sending, to the second computing device, a first rate allocation that is equal to or less than the first delta; sending data to the client computer during the first future period of time at a first actual rate that is less than or equal to the first rate minus the first rate allocation.

    EFFICIENT TRANSPORT OF DATA ENCODED USING MULTIPLE TEMPLATES
    13.
    发明申请
    EFFICIENT TRANSPORT OF DATA ENCODED USING MULTIPLE TEMPLATES 审中-公开

    公开(公告)号:US20170295231A1

    公开(公告)日:2017-10-12

    申请号:US15095502

    申请日:2016-04-11

    Applicant: Cisco Technology, Inc.

    Inventor: Alexander Clemm Eric Voit Alberto Gonzalez Prieto

    IPC: H04L29/08

    CPC classification number: H04L67/1095 H04L67/06 H04L67/1097 H04L67/26

    Abstract: Techniques related to efficient transport of data encoded using multiple templates are disclosed. A sending computing device sends an internet message including internet message segments toward a receiving computing device. The internet message stores information about a data object that includes property types corresponding to property values. A portion of the data object includes multiple instances of a particular property type, and each instance corresponds to a property value. The internet message segments store the property values according to multiple templates, and each internet message segment corresponds to a template. Among the multiple templates is a particular template for the portion of the data object that includes the multiple instances of the particular property type. The multiple templates include fields that correspond to field identifiers. Based on a property-type-to-field-identifier mapping, a corresponding property type can be determined for each property value that is stored in the internet message segments.

    VIRTUAL SERVER ADDRESS SELECTION
    14.
    发明申请
    VIRTUAL SERVER ADDRESS SELECTION 有权

    公开(公告)号:US20250071089A1

    公开(公告)日:2025-02-27

    申请号:US18885330

    申请日:2024-09-13

    Applicant: Cisco Technology, Inc.

    Inventor: Pascal Thubert Eric Voit Eric Levy-Abegnoli Patrick Wetterwald Jonas Zaddach

    IPC: H04L61/5007 H04L9/40 H04L61/2503 H04L61/4511

    Abstract: Techniques for varying locations of virtual networks associated with endpoints using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS). Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. The VIP address may be selected based on a number of factors (e.g., power usage, privacy requirements, virtual distances, etc.). In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses that can be periodically rotated and/or load balanced. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

    PERSONAL NETWORK SOFTWARE DEFINED-WIDE AREA NETWORKS (SD-WANS) WITH ATTESTED PERMISSIONS
    16.
    发明公开
    PERSONAL NETWORK SOFTWARE DEFINED-WIDE AREA NETWORKS (SD-WANS) WITH ATTESTED PERMISSIONS 审中-公开

    公开(公告)号:US20240106745A1

    公开(公告)日:2024-03-28

    申请号:US17935159

    申请日:2022-09-26

    Applicant: Cisco Technology, Inc.

    Inventor: Eric Voit Pascal Thubert Pradeep Kumar Kathail

    IPC: H04L45/00 H04L45/745 H04W12/71

    CPC classification number: H04L45/54 H04L45/745 H04W12/71

    Abstract: Personal network Software Defined-Wide Area Networks (SD-WANs) with attested permissions may be provided. A first one of a plurality Personal Area Network (PAN) devices in a PAN may seed a routing table entry for at least one application that the first one of the plurality PAN devices supports. The routing table entry may include at least one characteristic associated with an egress link between the first one of the plurality PAN devices and a device outside of the PAN. The routing table entry may be exchanged among the plurality of PAN devices in the PAN. Then data may be routed, based on the exchanged routing table entry, in the PAN through the first one of the plurality PAN devices through the egress link to the device outside of the PAN.

    Network security by integrating mutual attestation
    17.
    发明授权
    Network security by integrating mutual attestation 有权

    公开(公告)号:US11934525B2

    公开(公告)日:2024-03-19

    申请号:US17712499

    申请日:2022-04-04

    Applicant: Cisco Technology, Inc.

    Inventor: Sujal Sheth Shwetha Subray Bhandari Eric Voit William F. Sulzen Frank Brockners

    IPC: G06F21/57 H04L9/08 H04L9/32

    CPC classification number: G06F21/57 H04L9/0869 H04L9/3213

    Abstract: Technologies for attestation techniques, systems, and methods to confirm the integrity of a device for establishing and/or maintaining a trustworthy encrypted network session. An example method can include sending, via a server and using a cryptographic security protocol, a message associated with establishing an encrypted network session; receiving a response from a client device; identifying a level of trust of the client device based on the response; determining whether to perform a next step in the cryptographic security protocol based on the level of trust, wherein the cryptographic security protocol comprises at least one of a Secure Shell (SSH) protocol, a Transport Layer Security (TLS) protocol, a Secure Sockets Layer (SSL) protocol, and an Internet Protocol Security (IPsec) protocol.

    NETWORK ENCLAVE ATTESTATION FOR NETWORK AND COMPUTE DEVICES
    19.
    发明公开
    NETWORK ENCLAVE ATTESTATION FOR NETWORK AND COMPUTE DEVICES 审中-公开

    公开(公告)号:US20240031350A1

    公开(公告)日:2024-01-25

    申请号:US18481765

    申请日:2023-10-05

    Applicant: Cisco Technology, Inc.

    Inventor: David Delano Ward Robert Stephen Rodgers Andrew Phillips Thurber Eric Voit Thomas John Giuli

    IPC: H04L9/40

    CPC classification number: H04L63/08 H04L63/126

    Abstract: An enclave manager of a network enclave obtains a request to retrieve configuration information and state information corresponding to compute devices and network devices comprising a network enclave. The request specifies a set of parameters of the configuration information and the state information usable to generate a response to the request. The enclave manager evaluates the compute devices, the network devices, and network connections among these devices within the network enclave to obtain the configuration information and the state information. Based on the configuration information and the state information, the enclave manager determines whether the network enclave is trustworthy. Based on the parameters of the request, the enclave manager generates a response indicating a summary that is used to identify the trustworthiness of the network enclave.

Patent Agency Ranking