公开(公告)号：US20240031808A1

公开(公告)日：2024-01-25

申请号：US17871737

申请日：2022-07-22

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Stephen Orr ,  Shree Murthy ,  Pradeep Kumar Kathail

IPC: H04W12/06 ,  H04W12/08 ,  H04W12/76

CPC classification number: H04W12/068 ,  H04W12/08 ,  H04W12/76

Abstract: This disclosure describes techniques and mechanisms for performing user defined network (UDN) service authorization based on secondary identity credentials within a wireless network. For instance, the techniques may include receiving, from a user device, a first request to access a wireless network (e.g., such as a WLAN), where the first request may include primary access credentials for accessing the WLAN. Once primary access authentication of the user device is complete, the techniques may include receiving a second request from the user device to access a UDN group within the wireless network. The second request can include secondary credentials for accessing the UDN group. In response to the second request, a secondary EAP dialogue may be established to authenticate the user device using the secondary credentials. Once the secondary credentials are authenticated, the techniques may include granting the user device access to the UDN group.

公开(公告)号：US11800422B2

公开(公告)日：2023-10-24

申请号：US17390445

申请日：2021-07-30

Applicant: Cisco Technology, Inc.

Inventor： Arman Rezaee ,  Ali Sajassi ,  Alessandro Erta ,  Elango Ganesan ,  Pradeep Kumar Kathail

IPC: H04B7/185 ,  H04W36/30 ,  H04L45/50

CPC classification number: H04W36/30 ,  H04B7/18521 ,  H04B7/18541 ,  H04L45/50

Abstract: In one embodiment, an earthbound transceiver in a low earth orbit (LEO) satellite network establishes a connection with a first LEO satellite from a first set of LEO satellites. The first set of LEO satellites are distributed across a first plurality of orbits including first neighboring LEO satellites of the first LEO satellite, and the first neighboring LEO satellites have a fixed or semi-fixed position relative to the first LEO satellite. The earthbound transceiver determines first signal strength values associated with the first set of LEO satellites and second signal strength values associated with a second set of LEO satellites. The earthbound transceiver then periodically compares the first signal strength values to the second signal strength values. At an optimal handoff time, the earthbound transceiver initiates the handoff operation from the first LEO satellite to a second LEO satellite from the second set of LEO satellites.

公开(公告)号：US20230300059A1

公开(公告)日：2023-09-21

申请号：US17890756

申请日：2022-08-18

Applicant: Cisco Technology, Inc.

Inventor： Alberto Rodriguez Natal ,  Saswat Praharaj ,  Lorand Jakab ,  Fabio R. Maino ,  Pradeep Kumar Kathail

IPC: H04L45/121 ,  H04L45/745 ,  H04L45/00

CPC classification number: H04L45/121 ,  H04L45/745 ,  H04L45/566

Abstract: Techniques for automating traffic optimizations for egress traffic of an application orchestration system that is being sent over a network to a remote service. In examples, the techniques may include receiving, at a controller of the network, an egress traffic definition associated with egress traffic of an application hosted on the application orchestration system, the egress traffic definition indicating that the egress traffic is to be sent to the remote service. Based at least in part on the egress traffic definition, the controller may determine a networking path through the network or outside of the network that is optimized for sending the egress traffic to the remote service. The controller may also cause the egress traffic to be sent to the remote service via the optimized networking path.

公开(公告)号：US20230275868A1

公开(公告)日：2023-08-31

申请号：US18195136

申请日：2023-05-09

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Pradeep Kumar Kathail ,  Eric Levy-Abegnoli ,  David A. Maluf

IPC: H04L61/2503 ,  H04L61/4511

CPC classification number: H04L61/2503 ,  H04L61/4511

Abstract: Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

公开(公告)号：US11621957B2

公开(公告)日：2023-04-04

申请号：US17218602

申请日：2021-03-31

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Srinath Gundavelli ,  Pradeep Kumar Kathail

IPC: G06F21/00 ,  H04L9/40 ,  H04W12/06 ,  H04L9/30 ,  H04W12/08 ,  G06F21/60

Abstract: This disclosure describes techniques for authentication related to verification of identity for network access. The techniques may include sending a challenge associated with authentication to a network to a mobile device. In response to sending the challenge, the techniques may include receiving a challenge response from the mobile device. The challenge response may include biometric credential information associated with a user of the mobile device. The challenge response may also include an indication of an authorization assertion associated with the authentication to the network. In some examples, the techniques may include tailoring access to the network for the mobile device based on the biometric credential information.

公开(公告)号：US20220321605A1

公开(公告)日：2022-10-06

申请号：US17583284

申请日：2022-01-25

Applicant: Cisco Technology, Inc.

Inventor： Eric Voit ,  Pradeep Kumar Kathail ,  Avinash Kalyanaraman

IPC: H04L9/40

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media for providing security postures for a service provided by a heterogenous system. A method for verifying trust by a service node includes receiving a request for a security information of the service node from a client device, wherein the request includes information identifying a service to receive from the service node, identifying a related node to communicate with the service node based on the service, after identifying the related node, requesting a security information of the related node, generating a composite security information from the security information of the service node and the security information of the related node, and sending the composite security information to the client device. The composite security information provides security claims for a service implemented by a heterogenous devices that have different trusted execution environments.

公开(公告)号：US20220225201A1

公开(公告)日：2022-07-14

申请号：US17390445

申请日：2021-07-30

Applicant: Cisco Technology, Inc.

Inventor： Arman Rezaee ,  Ali Sajassi ,  Alessandro Erta ,  Elango Ganesan ,  Pradeep Kumar Kathail

IPC: H04W36/30 ,  H04B7/185

Abstract: In one embodiment, an earthbound transceiver in a low earth orbit (LEO) satellite network establishes a connection with a first LEO satellite from a first set of LEO satellites. The first set of LEO satellites are distributed across a first plurality of orbits including first neighboring LEO satellites of the first LEO satellite, and the first neighboring LEO satellites have a fixed or semi-fixed position relative to the first LEO satellite. The earthbound transceiver determines first signal strength values associated with the first set of LEO satellites and second signal strength values associated with a second set of LEO satellites. The earthbound transceiver then periodically compares the first signal strength values to the second signal strength values. At an optimal handoff time, the earthbound transceiver initiates the handoff operation from the first LEO satellite to a second LEO satellite from the second set of LEO satellites.

公开(公告)号：US11050746B2

公开(公告)日：2021-06-29

申请号：US16260455

申请日：2019-01-29

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Shree N. Murthy ,  Pradeep Kumar Kathail ,  Brian Weis

IPC: H04L29/06 ,  H04L12/851 ,  H04W80/02

Abstract: A method is provided to anonymize the media access control (MAC) address of a client device. The method involves generating a plurality of media access control (MAC) addresses for use by a client device in a network. Policies are defined that determine which one of the plurality of MAC addresses is to be used by the client device. The plurality of MAC addresses allocated for use by the client device are registered with a management entity in the network.

公开(公告)号：US10939449B2

公开(公告)日：2021-03-02

申请号：US16118622

申请日：2018-08-31

Applicant: Cisco Technology, Inc.

Inventor： Vimal Srivastava ,  Pradeep Kumar Kathail ,  Srinath Gundavelli

IPC: H04W72/04 ,  H04W4/90 ,  H04W4/40 ,  H04W4/06 ,  H04W60/04

Abstract: In one embodiment, a method is performed. A device may receive a registration request from a user equipment (UE) device associated with a category. The device may receive a registration response from an access and mobility function (AMF). The registration response may comprise a group identifier associated with the category. The device may select resources from a resource pool based on the group identifier. The resource pool may be dedicated for use for emergency communications. The device may allocate the selected resources to the UE device.

公开(公告)号：US20200374216A1

公开(公告)日：2020-11-26

申请号：US16418051

申请日：2019-05-21

Applicant: Cisco Technology, Inc.

Inventor： Nandini Ganesh ,  Sri Gundavelli ,  Pradeep Kumar Kathail

IPC: H04L12/707 ,  H04L12/729 ,  H04L12/803 ,  H04L29/06

Abstract: Systems, methods, and computer-readable media for controlling data transmission in TCP subflows of a MPTCP connection based on monetary cost. A low cost link and a high cost link of TCP subflows of a MPTCP connection formed between a first MPTCP peer and a second MPTCP peer can be identified. A congestion level on the low cost link can be determined based on feedback from a TCP congestion control mechanism for the MPTCP connection. Further, whether to send a data packet over the low cost link of the high cost link based on the congestion level on the low cost link can be determined. As follows, the data packet can be sent over the low cost link connection if it is determined to send the data packet over the low cost link.