-
公开(公告)号:US12250538B2
公开(公告)日:2025-03-11
申请号:US18519285
申请日:2023-11-27
Applicant: Cisco Technology, Inc.
Inventor: Jerome Henry , Stephen Michael Orr , Robert E. Barton
IPC: H04W12/0431 , H04W12/03 , H04W12/06 , H04W12/73
Abstract: Rotation of a wireless client device address is based on an encryption key and a nonce value. Key information and nonce value information are shared between a wireless client device and a network infrastructure component over a secure communication channel. The wireless client device encrypts the nonce value using the key information and encodes the encrypted value as a device address. The wireless client device then identifies itself via a source address value in a message transmitted over a wireless network. Upon receiving the message, the network infrastructure component decrypts information derived from the source address value and compares the resulting data to the nonce value. If a match is identified, the network infrastructure identifies the wireless client device as a source of the message. In some embodiments, the nonce value is updated with each rotation to provide for improved entropy of generated device addresses.
-
公开(公告)号:US12250319B2
公开(公告)日:2025-03-11
申请号:US18177278
申请日:2023-03-02
Applicant: Cisco Technology, Inc.
Inventor: Chirag K. Shroff
Abstract: In one embodiment, a method to authenticate a hardware component, by a system, includes performing a verification process to determine whether the hardware component is authorized to run on the system. The hardware component comprises an electronic fuse storing a hash of a data package and a memory storing the data package, wherein the electronic fuse is configured to provide the hash to the memory. The verification process comprises transmitting a random value (K) to the hardware component to prompt the hardware component to sign a response. The verification process further comprises receiving a signed response containing the random value (K) and the data package, wherein the data package comprises a first serial number associated with the hardware component and a first system number associated with the system. The verification process further comprises decrypting the signed response to verify a value of the random value (K).
-
83.发明申请公开(公告)号:US20250081157A1
公开(公告)日:2025-03-06
申请号:US18242430
申请日:2023-09-05
Applicant: Cisco Technology, Inc.
Inventor: Prakash C. Jain , Aaditya Nitin Vadnere , Parthiv Shah
Abstract: Techniques for identifying locations of network devices in a fabric network. The method includes a network controller and/or control plane of a network fabric coupled to an access switch at a software-defined access (SDA) site. At least one mapping is registered at the SDA site and sent with the location data from the access switch to the network controller. The network controller and/or control plane is configured to at least one of to learn, update, and publish location data of a destination address from at least one mapping received from the access switch by the location data being associated with a mapping at the SDA site and destination address. The network controller identifies the location of the destination address from a received request based on associating the destination address with the location learned from the location data of at least one mapping that has been registered at the SDA site.
-
公开(公告)号:US20250080694A1
公开(公告)日:2025-03-06
申请号:US18240125
申请日:2023-08-30
Applicant: Cisco Technology, Inc.
Inventor: Fergal Keating , Wayne Elmer MOOREFIELD, JR. , Bjorn WINSVOLD
Abstract: In one embodiment, a method is disclosed comprising: monitoring, by a device and during a video conferencing session in a video conferencing area, audio quality of audio collected from a subject participating in the video conferencing session; detecting, by the device and based on the audio quality, an audio quality issue for the audio collected from the subject; generating, by the device, an orientation instruction predicted to mitigate the audio quality issue based on an audio quality visualization map generated from historical audio quality data in the video conferencing area; and providing, by the device and during the video conferencing session, the orientation instruction to the subject.
-
公开(公告)号:US20250080599A1
公开(公告)日:2025-03-06
申请号:US18460894
申请日:2023-09-05
Applicant: Cisco Technology, Inc.
Inventor: Mattias Ahnoff
Abstract: A method to perform a videoconference event between a first network device and a second device may comprise detecting whether the first network device is transmitting first visual data and receiving second visual data from the second network device at the first network device. Further, the method may comprise preventing the first network device from rendering the second visual data received from the second network device in response to detecting that the first network device is not transmitting the first visual data.
-
Patent Agency Ranking
公开(公告)号:US20250080530A1
公开(公告)日:2025-03-06
申请号:US18459093
申请日:2023-08-31
Applicant: Cisco Technology, Inc.
Inventor: Marco Trinelli , Mohamed Tahar Kedjour , Jean Diaconu , Márk Sági-Kazár , Sándor Szilárd Magyari
IPC: H04L9/40
Abstract: In one embodiment, a method comprises accessing information associated with a user that is trying to login to an application, generating a first session identifier corresponding to the information, sending a first notification to an authentication client that the user is trying to login using an authentication service, receiving a first request from an authentication provider for authenticating a second session identifier, determining that the second session identifier is identical to the first session identifier by comparing the second session identifier with stored first session identifier, and causing the authentication provider to patch one or more authentication tokens with the information regarding the tenant, where the one or more authentication tokens are used for accessing the application.
-
公开(公告)号:US12244616B2
公开(公告)日:2025-03-04
申请号:US17986661
申请日:2022-11-14
Applicant: Cisco Technology, Inc.
Inventor: Travis Nathan Sugarbaker , Srivatsa Shripathi Modambu
IPC: H04L9/40
Abstract: This disclosure describes techniques for identifying the criticality of an asset in a network. In an example method, a first security metric of a first asset in a network, as well as network data that identifies data flows associated with a second asset in the network are identified. The second asset is a nearest neighbor of the first asset in the network. The method includes determining, based on the network data, a number of hosts in the network that exchanged data traffic with the second asset during a time period and generating a second security metric of the second asset based on the first security metric and the number of hosts. A security policy of the second asset is adjusted based on the security metric.
-
公开(公告)号:US12244509B2
公开(公告)日:2025-03-04
申请号:US18298552
申请日:2023-04-11
Applicant: Cisco Technology, Inc.
Inventor: Mankamana Prasad Mishra , Nitin Kumar , Ali Sajassi , Swadesh Agrawal
Abstract: A system and associated methods provide solutions for reducing a volume of traffic through a multicast network attributed to repeated maintenance messages, which are required in order to maintain a multicast connection. The system configures provider edge devices to generate and send maintenance messages on behalf of members of a multicast group to establish and maintain the multicast connection and provides options for determining unknown locations of sources and/or subscribers, thereby reducing the overall volume of traffic transmitted over the multicast network.
-
公开(公告)号:US20250071111A1
公开(公告)日:2025-02-27
申请号:US18453952
申请日:2023-08-22
Applicant: Cisco Technology, Inc.
Inventor: Vincent E. Parla
IPC: H04L9/40 , H04L61/4511
Abstract: This disclosure describes techniques for enforcing conditional access to network services. In an example method, a first computing device detects a second device operating in a per-flow authorization mode. The first device receives a first request from a second computing device to communicate with a third computing device using a first network flow and determines that the first flow is authorized (e.g., because of an active past authentication and/or the third device's authentication exemption). Data associated with the first request is transmitted to the third device. The first device then receives a second request to communicate with a fourth computing device using a second network flow and determines that the second flow is not authorized (e.g., because it is not associated with an active past authentication and/or the fourth device is not exempt from authentication). Data associated with the second request is not transmitted to the fourth device.
-
公开(公告)号:US20250071089A1
公开(公告)日:2025-02-27
申请号:US18885330
申请日:2024-09-13
Applicant: Cisco Technology, Inc.
Inventor: Pascal Thubert , Eric Voit , Eric Levy-Abegnoli , Patrick Wetterwald , Jonas Zaddach
IPC: H04L61/5007 , H04L9/40 , H04L61/2503 , H04L61/4511
Abstract: Techniques for varying locations of virtual networks associated with endpoints using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS). Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. The VIP address may be selected based on a number of factors (e.g., power usage, privacy requirements, virtual distances, etc.). In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses that can be periodically rotated and/or load balanced. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.
-
-
-
-
-
-
-
-
-
Search Results
28525
records
(took 0.062 seconds)
