公开(公告)号：US11202221B2

公开(公告)日：2021-12-14

申请号：US16694235

申请日：2019-11-25

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Ravi Kiran Guntupalli ,  Aeneas Sean Dodd-Noble ,  Kirk McBean

IPC: H04W28/02 ,  H04W36/32 ,  H04L12/721 ,  H04W40/36 ,  H04L12/723 ,  H04W36/00 ,  H04W28/12 ,  H04L12/715 ,  H04L12/749 ,  H04W88/16 ,  H04W8/08 ,  H04W24/02 ,  H04W36/12 ,  H04L29/12 ,  H04W40/24

Abstract: A control plane (CP) entity is to adaptively reroute user plane traffic of a mobile node (MN) with use of a segment routing (SR) for IPv6. A message indicating an attachment of the MN to the mobile network is received selecting a first user plane (UP) anchor node. A first set of home network prefixes (HNPs) are allocated to the MN. An IP traffic flow using a first HNP prefix is established between the MN and a correspondent node (CN) along a first network path—defined at least in part by the first UP anchor node and an anchor node of the CN. In response to a handover of the MN, a message indicating a subsequent attachment of the MN is received selecting a second UP anchor node. The second UP anchor node is instructed to host the first HNP prefix previously allocated by the first UP anchor node.

公开(公告)号：US20210218744A1

公开(公告)日：2021-07-15

申请号：US16743630

申请日：2020-01-15

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Singh Gandhi ,  Srinath Gundavelli

IPC: H04L29/06

Abstract: Methods are provided for generating an enterprise key for access to an enterprise network via another access network, as part of a secondary authentication to an external data network through another access network. In these methods, an enterprise authentication device obtains, via a first access network, a request to authenticate a user device onto an enterprise network. The user device is connected to the first access network. The method further includes the enterprise authentication device authenticating the user device to obtain access to the enterprise network via the first access network and generating the enterprise key for the user device to provide access to the enterprise network via a second access network.

公开(公告)号：US20210136583A1

公开(公告)日：2021-05-06

申请号：US17088770

申请日：2020-11-04

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Vimal Srivastava ,  Mark Grayson ,  Sudhir Kumar Jain ,  Anand Oswal

IPC: H04W12/08 ,  H04W12/00 ,  H04W48/10 ,  H04W8/18 ,  H04W76/10 ,  H04W8/02 ,  H04W48/18

Abstract: Techniques are described to provide open access in a neutral host environment. In one example, a method includes obtaining, by a mobility management node of a neutral host network, a network connectivity request from a user equipment, wherein the network connectivity request comprises an indication of a preferred service provider to which the user equipment is to be connected; determining, by the mobility management node, that the preferred service provider provides non-subscription-based network connectivity for the neutral host network; based on determining that the preferred service provider provides non-subscription-based network connectivity for the neutral host network, establishing secure communications for the user equipment, wherein the secure communications are established for the user equipment without authenticating an identity of user equipment; and providing network connectivity between the user equipment and the preferred service provider upon establishing the secure communications.

公开(公告)号：US20210058391A1

公开(公告)日：2021-02-25

申请号：US16989340

申请日：2020-08-10

Applicant: Cisco Technology, Inc.

Inventor： John Martin Graybeal ,  Bart A. Brinckman ,  Srinath Gundavelli

IPC: H04L29/06 ,  G06F16/953 ,  H04L29/12 ,  H04W8/06

Abstract: A Third Generation Partnership Project (3GPP) based network, such as an enterprise private 3GPP network, is operative to provide a guest onboarding of a device using a realm-based discovery of an identity provider and a mutual authentication of identity federation peers. A secure connection may be established between the peers so that the device may be authenticated based on credentials associated with a Subscriber Identity Module (SIM) provided by its Mobile Network Operator (MNO). Credentials may be extended to those associated with embedded SIMs (eSIMs), digital certificates from private enterprises, login and passwords, and identities from a wide range of identity providers. After device authentication, the 3GPP-based network is operative to select and enforce access policies according to an identity or other attribute of the device.

公开(公告)号：US10932132B1

公开(公告)日：2021-02-23

申请号：US16884537

申请日：2020-05-27

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Bart A. Brinckman ,  John Martin Graybeal

IPC: H04W12/06 ,  H04W12/04 ,  H04W12/00 ,  H04W12/10 ,  H04W84/04 ,  H04L9/08 ,  H04W60/04

Abstract: A user equipment (UE) may be in coverage of a local private non-Third Generation Partnership Project (non-3GPP) wireless network (e.g. a Wi-Fi network) of an enterprise. This non-3GPP wireless network may be part of a private communication system of the enterprise which further includes a local private 3GPP network (e.g. a Long-Term Evolution or “LTE” based network). When the non-3GPP wireless network advertises “single-authentication” support, the UE may complete authentication for non-3GPP access, obtain a Master Session Key (MSK) from the authentication, and generate an Access Security Management Entity (ASME) key (KASME) based on the MSK. In further implementations, the UE may obtain a Globally Unique Temporary Identifier (GUTI) from the non-3GPP wireless network. Subsequently, the UE may perform an attach procedure with the local private 3GPP network without performing an authentication procedure, presenting the GUTI that it obtained from the non-3GPP wireless network for 3GPP access.

公开(公告)号：US20210021376A1

公开(公告)日：2021-01-21

申请号：US16516776

申请日：2019-07-19

Applicant: Cisco Technology, Inc.

Inventor： Vimal Srivastava ,  Srinath Gundavelli

IPC: H04L1/00 ,  H04W4/40 ,  H04W72/14 ,  H04W76/11 ,  H04W28/04

Abstract: Techniques are described to provide ultra-reliability for cellular vehicle-to-everything (C-V2X) PC5 communications, including Network Assisted mode and Autonomous mode communications. In one example, a method includes receiving, by a radio unit of a system, a communication from a user equipment, such as a V2X-UE, wherein the communication comprises a data packet, a Layer 2 destination identifier, and an indication that the data packet is associated with a transmission type; determining whether transmission for the data packet is allowed for the transmission type; based on determining that transmission for the data packet is allowed for the transmission type, communicating a response to the UE, wherein the response provides a confirmation to the UE that the data packet was received by the radio unit and that the transmission type can be performed by the radio unit; and transmitting, by the radio unit, the data packet to one or more other UEs.

公开(公告)号：US20200342766A1

公开(公告)日：2020-10-29

申请号：US16393246

申请日：2019-04-24

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Vimal Srivastava ,  Pradeep Kumar Kathail

IPC: G08G1/00 ,  G05D1/02 ,  H04W4/40 ,  H04W4/02 ,  H04W8/08

Abstract: Techniques are described herein for dynamic platoon management. The techniques may include obtaining dynamic location data of a vehicle, where the dynamic location data indicates a current or predicted location of the vehicle. Based on the dynamic location data, a platoon of vehicles that is optimal for the vehicle to join may be identified. The vehicle may be dynamically joined to the platoon.

公开(公告)号：US20200314060A1

公开(公告)日：2020-10-01

申请号：US16364630

申请日：2019-03-26

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Shree N. Murthy ,  Sudhir Kumar Jain

IPC: H04L29/12 ,  H04W72/04

Abstract: A network management center includes a Dynamic Host Configuration Protocol (DHCP) server. The network management center obtains from an identity server, client information indicating authentication of a client device in a wireless network that is connected to a network fabric. The network management center obtains from an edge node in the network fabric an Internet Protocol (IP) address request for the client device. The IP address request including a fabric domain identifier associated with the edge node. The network management center allocates an IP address for the client device based on the client information obtained from the identity server and the fabric domain identifier contained in the IP address request obtained from the edge node. The network management center provides to the edge node an Identifier Locator Addressing (ILA) address based on the IP address.

公开(公告)号：US20200288424A1

公开(公告)日：2020-09-10

申请号：US16562912

申请日：2019-09-06

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Rajesh S. Pazhyannur ,  Srinath Gundavelli ,  Mickael James Graham

IPC: H04W60/00 ,  H04W8/08 ,  H04W8/20

Abstract: A mobility management entity (MME) controls an enterprise fabric. The MME receives from a mobile device via a cellular network a request to initiate an attach procedure. In response, the MME acquires from the mobile device a unique equipment identifier of the mobile device. The MME generates an enterprise identity for the mobile device based on the unique equipment identifier, and registers the enterprise identity in the enterprise fabric. The MME signals to a user plane function of the cellular network that the mobile device has been registered, to trigger the user plane function to acquire an Internet Protocol (IP) address of the mobile device based on the enterprise identity. The MME receives from the user plane function the acquired IP address. The MME sends to the mobile device, through the cellular network, an attach accept message that includes the acquired IP address for use by the mobile device.

公开(公告)号：US10560976B2

公开(公告)日：2020-02-11

申请号：US16430543

申请日：2019-06-04

Applicant: Cisco Technology, Inc.

Inventor： Sangram Kishore Lakkaraju ,  Vimal Srivastava ,  Vivek Pise ,  Srinath Gundavelli

IPC: H04W76/12 ,  H04W76/11 ,  H04W88/06 ,  H04L12/46 ,  H04W76/15 ,  H04W84/12 ,  H04W48/16

Abstract: In one implementation, the method comprises, in response to obtaining a request to associate an electronic device with the one or more WLAN termination nodes: generating, between a base station and a networking device, a control link based on a first identifier associated with the base station; generating, between the networking device and a first WLAN termination node, a control link based on a second identifier that corresponds to a pseudonym for the base station; and associating the first and second identifiers in a control table. The method further comprises: instantiating, between the base station and the networking device, a first data tunnel associated with a first tunneling protocol; instantiating, between the networking device and the first WLAN termination node, a second data tunnel associated with a second tunneling protocol; and associating the first and second data tunnels.