公开(公告)号：US20220269815A1

公开(公告)日：2022-08-25

申请号：US17335932

申请日：2021-06-01

Applicant: SUPREETH HOSUR NAGESH RAO ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

Inventor： SUPREETH HOSUR NAGESH RAO ,  Navindra Yadav ,  Ravi Sankuratri ,  Alok Lalit Wadhwa ,  Aria Rahadian ,  Bharathwaj Sankara Viswanathan ,  Brady Schulman ,  Matthew Finn ,  Ravi Shanker Prasad ,  Vasil Dochkov Yordanov ,  Yiwei Wang ,  Zhiwen Zhang

IPC: G06F21/62 ,  G06F9/54 ,  G06F16/23 ,  H04L29/06

Abstract: In one aspect, a computerized method for automatically identifying and solving for vendor data abuse in an enterprise network, includes the step of implementing a vendor detection at one or more gateways of the enterprise network. The method includes the step of mapping a set of data along with any associated data attributes of the set of data that are being shared with a vendor via the one or more gateways. The method includes the step of detecting and identifying an access anomaly with respect to the set of data associated with a vendor access. The method includes the step of implementing a specified data minimization process to the access anomaly.

公开(公告)号：US09319276B2

公开(公告)日：2016-04-19

申请号：US12928863

申请日：2010-12-21

Applicant: Navindra Yadav ,  Bhanu Gopalasetty ,  Sheausong Yang

Inventor： Navindra Yadav ,  Bhanu Gopalasetty ,  Sheausong Yang

IPC: H04W4/00 ,  H04L12/24 ,  H04L12/931

CPC classification number: H04L41/0893 ,  H04L49/503

Abstract: In one embodiment, a method includes receiving a packet at a network device in communication with a plurality of client nodes, the packet identifying a first client node, performing a look up in a table stored at the network device to locate policies associated with the first client node, the table including an entry for each of the client nodes, each entry having a plurality of policies associated with the client node, applying the policies associated with the first client node at a forwarding engine at the network device, and forwarding the packet from the network device. An apparatus is also disclosed.

Abstract translation: 在一个实施例中，一种方法包括在与多个客户端节点通信的网络设备处接收分组，该分组识别第一客户端节点，在存储在网络设备处的表中执行查找以定位与第一客户端节点相关联的策略 客户端节点，该表包括用于每个客户端节点的条目，每个条目具有与客户机节点相关联的多个策略，将与第一客户端节点相关联的策略应用于网络设备处的转发引擎，并且转发该分组 从网络设备。 还公开了一种装置。

公开(公告)号：US08780706B1

公开(公告)日：2014-07-15

申请号：US13343117

申请日：2012-01-04

Applicant: Paul Donner ,  Navindra Yadav

Inventor： Paul Donner ,  Navindra Yadav

IPC: H04L1/00 ,  H04L12/26

CPC classification number: H04L45/16 ,  H04L12/1895

Abstract: A network device sends into a network a request to be connected to a particular multicast source-group pair for a Phasor Measurement Unit (PMU) data stream comprising packets containing phasor measurement data. The network device receives the phasor measurement data stream for the particular multicast source-group pair. The source-group pair information is compared against stored data specifying handling rules for packets associated with phasor measurement data streams. The packets in the received phasor measurement data stream are modified when there are handling rules in the stored data for the particular multicast source-group pair of the received phasor measurement data stream. The packets (now modified) for the phasor measurement data stream for the particular multicast source-group pair are re-originated with a new multicast source-group pair and sent into the network. In order to support existing legacy PMU devices, IP unicast-to-multicast conversion is implemented.

Abstract translation: 网络设备将包含相量测量数据的分组的相量测量单元（PMU）数据流的请求连接到特定的组播源组对的请求。 网络设备接收特定组播源组对的相量测量数据流。 将源组对信息与指定与相量测量数据流相关联的分组的处理规则的存储数据进行比较。 当接收到的相量测量数据流的特定组播源组对的存储数据中存在处理规则时，接收的相量测量数据流中的分组被修改。 用于特定组播源组对的相量测量数据流的分组（现在被修改）用新的组播源组对重新发送并发送到网络中。 为了支持现有的传统PMU设备，实现了IP单播到组播转换。

公开(公告)号：US08755319B2

公开(公告)日：2014-06-17

申请号：US12027977

申请日：2008-02-07

Applicant: Suresh Katukam ,  Navindra Yadav ,  Shree Murthy ,  Abhay Roy

Inventor： Suresh Katukam ,  Navindra Yadav ,  Shree Murthy ,  Abhay Roy

IPC: H04L12/26

CPC classification number: H04W40/36 ,  H04L45/025

Abstract: In one embodiment, detecting a host device on a port of a forwarder switch in a network, detecting a movement of the host device from a first forwarder switch to a second forwarder switch, and multicast broadcasting an updated device information for the host device to a convergence group switches and a proximity group switches, where the convergence group switches includes switches in the network that are not configured as forwarder switches, and the proximity group switches include forwarder switches grouped together based on radio proximity is provided.

Abstract translation: 在一个实施例中，检测网络中的转发器交换机的端口上的主机设备，检测主机设备从第一转发器交换机到第二转发器交换机的移动，以及多播广播主机设备的更新设备信息到 汇聚组交换机和接近组交换机，其中收敛组交换机包括未配置为转发器交换机的网络中的交换机，并且提供接近组交换机包括基于无线电接近度分组在一起的转发器交换机。

公开(公告)号：US08711729B2

公开(公告)日：2014-04-29

申请号：US12013176

申请日：2008-01-11

Applicant: Suresh Katukam ,  Navindra Yadav ,  Venkata Tanikella ,  Abhay Roy

Inventor： Suresh Katukam ,  Navindra Yadav ,  Venkata Tanikella ,  Abhay Roy

IPC: H04L12/28

CPC classification number: H04L45/70 ,  H04W40/36

Abstract: In an example embodiment, a method is provided that assigns a sequence value to a host. The host is identified by a host network layer address. After the assignment, the host network layer address and the sequence value are included in an advertisement for transmission. In another example embodiment, another method is provided. Here, a first sequence value associated with the host network layer address is received from a network device. In addition, a second sequence value associated with the same host network layer address is received from a different network device. The first sequence value is ranked relative to the second sequence value and data is transmitted to the network device based on the ranking.

Abstract translation: 在示例实施例中，提供了向主机分配序列值的方法。 主机由主机网络层地址标识。 在分配之后，主机网络层地址和序列值被包括在用于传输的广告中。 在另一示例实施例中，提供了另一种方法。 这里，从网络设备接收与主机网络层地址相关联的第一序列值。 此外，从不同的网络设备接收与相同主机网络层地址相关联的第二序列值。 第一序列值相对于第二序列值排序，并且基于排名将数据发送到网络设备。

公开(公告)号：US08688828B2

公开(公告)日：2014-04-01

申请号：US13219773

申请日：2011-08-29

Applicant: Navindra Yadav ,  Atul Mahamuni

Inventor： Navindra Yadav ,  Atul Mahamuni

IPC: G06F15/173

CPC classification number: H04L43/0876 ,  H04L43/04 ,  H04L43/08 ,  H04L43/0829 ,  H04L43/0852 ,  H04L43/087 ,  H04L43/106 ,  H04L43/16 ,  H04L43/18

Abstract: Techniques are provided to facilitate monitoring of utility application traffic streams. At a network device that routes utility application traffic for utility devices, control information is received, where the control information is configured to cause the network device to monitor utility application traffic that passes through the network device. The network device monitors a header inserted into utility application traffic messages based on the control information.

Abstract translation: 提供技术以便于监控公用应用业务流。 在用于实用设备路由实用程序应用程序流量的网络设备上，接收控制信息，其中控制信息被配置为使得网络设备监视通过网络设备的应用程序流量。 网络设备基于控制信息监视插入到应用程序业务消息中的报头。

公开(公告)号：US08446876B2

公开(公告)日：2013-05-21

申请号：US12773351

申请日：2010-05-04

Applicant: Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

Inventor： Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

IPC: H04W36/00

CPC classification number: H04W40/24 ,  H04L45/04 ,  H04L45/42 ,  H04W8/087

Abstract: Techniques are provided to enable support of roaming wireless devices in a network such that the wireless devices can keep their Internet Protocol (IP) addresses as they roam across mobility sub-domains. Traffic for a wireless device that roams is tunneled back to the access switch that serves the IP subnet which includes an IP address for the wireless device. Traffic is tunneled back to that access switch for the wireless device when the wireless device roams to another access switch which does not serve the IP subnet for the wireless device in the same mobility sub-domain and when the wireless device roams to a different mobility sub-domain, in which case the traffic is tunneled between tunneling endpoints in the respective mobility sub-domains.

Abstract translation: 提供技术以支持网络中的漫游无线设备，使得无线设备可以在移动子域漫游时保持其互联网协议（IP）地址。 漫游的无线设备的流量被隧道传回给服务于包含无线设备的IP地址的IP子网的接入交换机。 当无线设备漫游到不为同一移动性子域中的无线设备的IP子网服务的另一个接入交换机以及当无线设备漫游到不同的移动性子网时，业务被隧道传送回无线设备的接入交换机 在这种情况下，流量在相应的移动性子域中的隧道端点之间隧道化。

公开(公告)号：US20130036305A1

公开(公告)日：2013-02-07

申请号：US13196960

申请日：2011-08-03

Applicant: Navindra Yadav ,  Atul Mahamuni ,  Jonathan Hui ,  Wei Hong ,  Alec Woo

Inventor： Navindra Yadav ,  Atul Mahamuni ,  Jonathan Hui ,  Wei Hong ,  Alec Woo

IPC: H04L9/32

CPC classification number: H04L9/0819 ,  H04L9/0827 ,  H04L9/0833 ,  H04L9/088 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/321 ,  H04L9/3273 ,  H04L63/065 ,  H04L63/068 ,  H04L63/0823 ,  H04L63/12 ,  H04L2209/24 ,  H04L2463/061 ,  H04W12/04 ,  H04W12/06 ,  H04W12/10 ,  H04W84/18

Abstract: According to one embodiment, techniques are provided to enable secure communication among devices in a mesh network using a group temporal key. An authenticator device associated with a mesh network stores a pairwise master key for each of a plurality of devices in a mesh network upon authentication of the respective devices. Using the pairwise master key, the authenticator device initiates a handshake procedure with a particular device in the mesh network to mutually derive a pairwise temporal key from the pairwise master key. The authenticator device encrypts and signs a group temporal key using the pairwise temporal key for the particular device and sends the group temporal key encrypted and signed with the pairwise temporal key to the particular device.

公开(公告)号：US20130014217A1

公开(公告)日：2013-01-10

申请号：US13176857

申请日：2011-07-06

Applicant: Navindra Yadav ,  Atul Mahamuni ,  Jonathan Hui ,  Alec Woo

Inventor： Navindra Yadav ,  Atul Mahamuni ,  Jonathan Hui ,  Alec Woo

IPC: G06F21/00 ,  H04W12/06

CPC classification number: H04L63/0884 ,  H04W12/06

Abstract: Techniques are provided for adaptive routing of authentication packets in a network, such as a wireless mesh network. At an authenticated device in the network, an authentication packet is received over the network from a device that is seeking authentication. The authentication packet is encapsulated for transmission in Layer 3 packets over an Internet Protocol (IP) tunnel to an authenticator device associated in the network. Similarly, for an authentication packet encapsulated in Layer 3 packets from the authenticator device over the IP tunnel, the authentication packet is decapsulated from the Layer 3 packets and transmitted over the network to the device seeking authentication.

Abstract translation: 提供技术用于网络中的认证分组的自适应路由选择，例如无线网状网络。 在网络中的认证设备上，通过网络从正在寻求认证的设备接收认证报文。 认证分组被封装以通过到网络中相关联的认证设备的因特网协议（IP）隧道在三层分组中传输。 类似地，对于通过IP隧道从认证设备封装在三层报文中的认证报文，认证报文从三层报文中解封装，并通过网络发送到寻求认证的设备。

公开(公告)号：US20110274036A1

公开(公告)日：2011-11-10

申请号：US12773360

申请日：2010-05-04

Applicant: Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

Inventor： Patrice Calhoun ,  Abhijit Choudhury ,  Rohit Suri ,  Sudhir Jain ,  Bhanu Gopalasetty ,  Navindra Yadav ,  Fusun Ertemalp ,  Kent Leung

IPC: H04W40/00

CPC classification number: H04W40/24 ,  H04L45/04 ,  H04L45/42

Abstract: Techniques are provided to support roaming of wireless devices in a network such that the wireless devices can keep their Internet Protocol (IP) addresses as they roam within and across mobility sub-domains. When a wireless device roams from one access switch to another access switch, a tunneling endpoint apparatus in the wireless device's home mobility sub-domain is configured to serve as the point of presence for the roamed wireless device. Traffic for the roamed wireless device is tunneled from the access switch where the wireless device has roamed (where it is currently attached) to the tunneling endpoint apparatus. When the wireless device roams across mobility sub-domains, then traffic is tunneled from the access switch where the wireless device is currently attached to the tunneling endpoint apparatus in that mobility sub-domain (called a “foreign” mobility sub-domain) to the tunneling endpoint apparatus in the wireless device's home mobility sub-domain.

Abstract translation: 提供技术以支持网络中的无线设备的漫游，使得无线设备可以在移动性子域内漫游时保持其互联网协议（IP）地址。 当无线设备从一个接入交换机漫游到另一个接入交换机时，无线设备的归属移动性子域中的隧道端点设备被配置为用作漫游无线设备的存在点。 漫游无线设备的业务从无线设备已经漫游（其当前附接的）的接入交换机隧道传送到隧道终端设备。 当无线设备漫游跨越移动性子域时，则将业务从无线设备当前附接到的接入交换机隧道传送到该移动性子域（称为“外部”移动性子域）的隧道端点设备， 隧道终端设备在无线设备的归属移动性子域中。