公开(公告)号：US20220269815A1

公开(公告)日：2022-08-25

申请号：US17335932

申请日：2021-06-01

Applicant: SUPREETH HOSUR NAGESH RAO ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

Inventor： SUPREETH HOSUR NAGESH RAO ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

IPC: G06F21/62 ,  G06F9/54 ,  G06F16/23 ,  H04L29/06

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

公开(公告)号：US09319276B2

公开(公告)日：2016-04-19

申请号：US12928863

申请日：2010-12-21

Applicant: Navindra Yadav ,  Bhanu Gopalasetty ,  Sheausong Yang

Inventor： Navindra Yadav ,  Bhanu Gopalasetty ,  Sheausong Yang

IPC: H04W4/00 ,  H04L12/24 ,  H04L12/931

CPC classification number: H04L41/0893 ,  H04L49/503

Abstract: In one embodiment, a method includes receiving a packet at a network device in communication with a plurality of client nodes, the packet identifying a first client node, performing a look up in a table stored at the network device to locate policies associated with the first client node, the table including an entry for each of the client nodes, each entry having a plurality of policies associated with the client node, applying the policies associated with the first client node at a forwarding engine at the network device, and forwarding the packet from the network device. An apparatus is also disclosed.

Abstract translation: 在一个实施例中，一种方法包括在与多个客户端节点通信的网络设备处接收分组，该分组识别第一客户端节点，在存储在网络设备处的表中执行查找以定位与第一客户端节点相关联的策略 客户端节点，该表包括用于每个客户端节点的条目，每个条目具有与客户机节点相关联的多个策略，将与第一客户端节点相关联的策略应用于网络设备处的转发引擎，并且转发该分组 从网络设备。 还公开了一种装置。

公开(公告)号：US08780706B1

公开(公告)日：2014-07-15

申请号：US13343117

申请日：2012-01-04

Applicant: Paul Donner ,  Navindra Yadav

Inventor： Paul Donner ,  Navindra Yadav

IPC: H04L1/00 ,  H04L12/26

CPC classification number: H04L45/16 ,  H04L12/1895

Abstract: A network device sends into a network a request to be connected to a particular multicast source-group pair for a Phasor Measurement Unit (PMU) data stream comprising packets containing phasor measurement data. The network device receives the phasor measurement data stream for the particular multicast source-group pair. The source-group pair information is compared against stored data specifying handling rules for packets associated with phasor measurement data streams. The packets in the received phasor measurement data stream are modified when there are handling rules in the stored data for the particular multicast source-group pair of the received phasor measurement data stream. The packets (now modified) for the phasor measurement data stream for the particular multicast source-group pair are re-originated with a new multicast source-group pair and sent into the network. In order to support existing legacy PMU devices, IP unicast-to-multicast conversion is implemented.

Abstract translation: 网络设备将包含相量测量数据的分组的相量测量单元（PMU）数据流的请求连接到特定的组播源组对的请求。 网络设备接收特定组播源组对的相量测量数据流。 将源组对信息与指定与相量测量数据流相关联的分组的处理规则的存储数据进行比较。 当接收到的相量测量数据流的特定组播源组对的存储数据中存在处理规则时，接收的相量测量数据流中的分组被修改。 用于特定组播源组对的相量测量数据流的分组（现在被修改）用新的组播源组对重新发送并发送到网络中。 为了支持现有的传统PMU设备，实现了IP单播到组播转换。

公开(公告)号：US08755319B2

公开(公告)日：2014-06-17

申请号：US12027977

申请日：2008-02-07

Applicant: Suresh Katukam ,  Navindra Yadav ,  Shree Murthy ,  Abhay Roy

Inventor： Suresh Katukam ,  Navindra Yadav ,  Shree Murthy ,  Abhay Roy

IPC: H04L12/26

CPC classification number: H04W40/36 ,  H04L45/025

Abstract: In one embodiment, detecting a host device on a port of a forwarder switch in a network, detecting a movement of the host device from a first forwarder switch to a second forwarder switch, and multicast broadcasting an updated device information for the host device to a convergence group switches and a proximity group switches, where the convergence group switches includes switches in the network that are not configured as forwarder switches, and the proximity group switches include forwarder switches grouped together based on radio proximity is provided.

Abstract translation: 在一个实施例中，检测网络中的转发器交换机的端口上的主机设备，检测主机设备从第一转发器交换机到第二转发器交换机的移动，以及多播广播主机设备的更新设备信息到 汇聚组交换机和接近组交换机，其中收敛组交换机包括未配置为转发器交换机的网络中的交换机，并且提供接近组交换机包括基于无线电接近度分组在一起的转发器交换机。

公开(公告)号：US08711729B2

公开(公告)日：2014-04-29

申请号：US12013176

申请日：2008-01-11

Applicant: Suresh Katukam ,  Navindra Yadav ,  Venkata Tanikella ,  Abhay Roy

Inventor： Suresh Katukam ,  Navindra Yadav ,  Venkata Tanikella ,  Abhay Roy

IPC: H04L12/28

CPC classification number: H04L45/70 ,  H04W40/36

Abstract: In an example embodiment, a method is provided that assigns a sequence value to a host. The host is identified by a host network layer address. After the assignment, the host network layer address and the sequence value are included in an advertisement for transmission. In another example embodiment, another method is provided. Here, a first sequence value associated with the host network layer address is received from a network device. In addition, a second sequence value associated with the same host network layer address is received from a different network device. The first sequence value is ranked relative to the second sequence value and data is transmitted to the network device based on the ranking.

Abstract translation: 在示例实施例中，提供了向主机分配序列值的方法。 主机由主机网络层地址标识。 在分配之后，主机网络层地址和序列值被包括在用于传输的广告中。 在另一示例实施例中，提供了另一种方法。 这里，从网络设备接收与主机网络层地址相关联的第一序列值。 此外，从不同的网络设备接收与相同主机网络层地址相关联的第二序列值。 第一序列值相对于第二序列值排序，并且基于排名将数据发送到网络设备。

公开(公告)号：US08446876B2

公开(公告)日：2013-05-21

申请号：US12773351

申请日：2010-05-04

Applicant: Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

Inventor： Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

IPC: H04W36/00

CPC classification number: H04W40/24 ,  H04L45/04 ,  H04L45/42 ,  H04W8/087

Abstract: Techniques are provided to enable support of roaming wireless devices in a network such that the wireless devices can keep their Internet Protocol (IP) addresses as they roam across mobility sub-domains. Traffic for a wireless device that roams is tunneled back to the access switch that serves the IP subnet which includes an IP address for the wireless device. Traffic is tunneled back to that access switch for the wireless device when the wireless device roams to another access switch which does not serve the IP subnet for the wireless device in the same mobility sub-domain and when the wireless device roams to a different mobility sub-domain, in which case the traffic is tunneled between tunneling endpoints in the respective mobility sub-domains.

Abstract translation: 提供技术以支持网络中的漫游无线设备，使得无线设备可以在移动子域漫游时保持其互联网协议（IP）地址。 漫游的无线设备的流量被隧道传回给服务于包含无线设备的IP地址的IP子网的接入交换机。 当无线设备漫游到不为同一移动性子域中的无线设备的IP子网服务的另一个接入交换机以及当无线设备漫游到不同的移动性子网时，业务被隧道传送回无线设备的接入交换机 在这种情况下，流量在相应的移动性子域中的隧道端点之间隧道化。

公开(公告)号：US20120323381A1

公开(公告)日：2012-12-20

申请号：US13160909

申请日：2011-06-15

Applicant: Navindra Yadav ,  Jeffrey D. Taft

Inventor： Navindra Yadav ,  Jeffrey D. Taft

IPC: G06F1/26

CPC classification number: H04L63/0236 ,  H04L63/1441 ,  H04L63/1491 ,  Y04S40/24

Abstract: Security is enabled in an electrical system by examining a configuration file for a substation present in the electrical system, where the substation includes one or more electrical devices and one or more network devices. Based on the examination of the configuration file, information is determined on a characteristic of an electrical device that is selected from a group including a type, allowed role of the electrical device and allowed communication modes for the electrical device. Based on the determined information, a basis for controlling the role and communication modes for the electrical device is identified. A security policy is configured in a network device in the substation to incorporate the identified basis. Based on the configured security policy in the network device, communication patterns for the electrical device are allowed that are associated with the allowed role and allowed communication modes for the electrical device.

Abstract translation: 通过检查电气系统中存在的变电站的配置文件，在电气系统中启用安全性，其中变电站包括一个或多个电气设备和一个或多个网络设备。 基于配置文件的检查，根据从包括电气设备的类型，允许的角色以及电气设备的允许通信模式的组中选择的电气设备的特性来确定信息。 基于确定的信息，识别用于控制电气设备的角色和通信模式的基础。 在变电站中的网络设备中配置安全策略以合并所识别的基础。 基于网络设备中配置的安全策略，允许与电子设备的允许角色和允许的通信模式相关联的电气设备的通信模式。

公开(公告)号：US20120082159A1

公开(公告)日：2012-04-05

申请号：US13251728

申请日：2011-10-03

Applicant: Jeffrey D. Taft ,  Navindra Yadav

Inventor： Jeffrey D. Taft ,  Navindra Yadav

IPC: H04L12/56

CPC classification number: H04L12/1863 ,  H04L12/1836 ,  H04L12/185 ,  H04L45/16 ,  H04L49/15 ,  H04L49/35 ,  H04L67/125 ,  H04L69/22

Abstract: A method is provided in one example embodiment and includes receiving a request for a service that involves phasor measurement unit (PMU) data; identifying a service device in a network to perform the service; and multicasting one or more results of the service to a group of subscribers identified by a multicast group address. In more particular embodiments, particular PMU data is redirected to the service device via a service insertion architecture (SIA) protocol. In addition, the service can include replicating packets and masking a subset of traffic for forwarding to a first hop router of the network. In certain example instances, metadata is used in order to apply the service to certain traffic propagating in the network.

Abstract translation: 在一个示例实施例中提供了一种方法，并且包括接收对涉及相量测量单元（PMU）数据的服务的请求; 识别网络中的服务设备来执行所述服务; 以及将一个或多个服务结果多播到由多播组地址标识的一组订户。 在更具体的实施例中，特定PMU数据经由服务插入架构（SIA）协议被重定向到服务设备。 此外，该服务可以包括复制分组并且掩蔽用于转发到网络的第一跳路由器的流量子集。 在某些示例实例中，使用元数据来将服务应用于在网络中传播的某些流量。

公开(公告)号：US20120082048A1

公开(公告)日：2012-04-05

申请号：US13251701

申请日：2011-10-03

Applicant: Jeffrey D. Taft ,  Navindra Yadav

Inventor： Jeffrey D. Taft ,  Navindra Yadav

IPC: H04L12/56 ,  H04L12/26

CPC classification number: H04L12/1863 ,  H04L12/1836 ,  H04L12/185 ,  H04L45/16 ,  H04L49/15 ,  H04L49/35 ,  H04L67/125 ,  H04L69/22

Abstract: A method is provided in one example embodiment and includes receiving phasor measurement unit (PMU) data in a first transmission; converting the first transmission into a multicast transmission; and multicasting the PMU data to a multicast group address, which identifies a plurality of subscribers. In more specific implementations, the converting of the first transmission into the multicast transmission occurs at a first-hop router in relation to a PMU source that sent the first transmission. In some cases, the first transmission is a unicast transmission sent from a network element, which includes a PMU sensor.

Abstract translation: 在一个示例实施例中提供了一种方法，并且包括在第一传输中接收相量测量单元（PMU）数据; 将第一传输转换成多播传输; 以及将所述PMU数据组播到识别多个订户的多播组地址。 在更具体的实现中，将第一传输转换为组播传输发生在相对于发送第一传输的PMU源的第一跳路由器处。 在一些情况下，第一传输是从包括PMU传感器的网元发送的单播传输。

公开(公告)号：US20110274036A1

公开(公告)日：2011-11-10

申请号：US12773360

申请日：2010-05-04

Applicant: Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

Inventor： Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

IPC: H04W40/00

CPC classification number: H04W40/24 ,  H04L45/04 ,  H04L45/42

Abstract: Techniques are provided to support roaming of wireless devices in a network such that the wireless devices can keep their Internet Protocol (IP) addresses as they roam within and across mobility sub-domains. When a wireless device roams from one access switch to another access switch, a tunneling endpoint apparatus in the wireless device's home mobility sub-domain is configured to serve as the point of presence for the roamed wireless device. Traffic for the roamed wireless device is tunneled from the access switch where the wireless device has roamed (where it is currently attached) to the tunneling endpoint apparatus. When the wireless device roams across mobility sub-domains, then traffic is tunneled from the access switch where the wireless device is currently attached to the tunneling endpoint apparatus in that mobility sub-domain (called a “foreign” mobility sub-domain) to the tunneling endpoint apparatus in the wireless device's home mobility sub-domain.

Abstract translation: 提供技术以支持网络中的无线设备的漫游，使得无线设备可以在移动性子域内漫游时保持其互联网协议（IP）地址。 当无线设备从一个接入交换机漫游到另一个接入交换机时，无线设备的归属移动性子域中的隧道端点设备被配置为用作漫游无线设备的存在点。 漫游无线设备的业务从无线设备已经漫游（其当前附接的）的接入交换机隧道传送到隧道终端设备。 当无线设备漫游跨越移动性子域时，则将业务从无线设备当前附接到的接入交换机隧道传送到该移动性子域（称为“外部”移动性子域）的隧道端点设备， 隧道终端设备在无线设备的归属移动性子域中。