公开(公告)号：US20200186349A1

公开(公告)日：2020-06-11

申请号：US16214318

申请日：2018-12-10

Applicant: Cisco Technology, Inc.

Inventor： PASCAL THUBERT ,  HUIMIN SHE ,  PATRICK WETTERWALD ,  AKRAM ISMAIL SHERIFF ,  ERIC MICHEL LEVY-ABEGNOLI

IPC: H04L9/32 ,  H04L29/12 ,  G06F16/901 ,  H04L9/30

Abstract: In one embodiment, a method comprises: receiving, by a parent network device providing at least at portion of a directed acyclic graph (DAG) according to a prescribed routing protocol in a low power and lossy network, a destination advertisement object (DAO) message, the DAO message specifying a target Internet Protocol (IP) address claimed by an advertising network device in the DAG and the DAO message further specifying a secure token associated with the target IP address; and selectively issuing a cryptographic challenge to the DAO message to validate whether the advertising network device generated the secure token.

公开(公告)号：US20210288803A1

公开(公告)日：2021-09-16

申请号：US17336179

申请日：2021-06-01

Applicant: Cisco Technology, Inc.

Inventor： PASCAL THUBERT ,  HUIMIN SHE ,  PATRICK WETTERWALD ,  AKRAM ISMAIL SHERIFF ,  ERIC MICHEL LEVY-ABEGNOLI

IPC: H04L9/32 ,  H04L29/12 ,  H04L9/30 ,  G06F16/901

Abstract: In one embodiment, a method comprises: receiving, by a parent network device providing at least a portion of a directed acyclic graph (DAG) according to a prescribed routing protocol in a low power and lossy network, a destination advertisement object (DAO) message, the DAO message specifying a target Internet Protocol (IP) address claimed by an advertising network device in the DAG and the DAO message further specifying a secure token associated with the target IP address; and selectively issuing a cryptographic challenge to the DAO message to validate whether the advertising network device generated the secure token.

公开(公告)号：US20200186362A1

公开(公告)日：2020-06-11

申请号：US16685058

申请日：2019-11-15

Applicant: Cisco Technology, Inc.

Inventor： PASCAL THUBERT ,  HUIMIN SHE ,  PATRICK WETTERWALD ,  AKRAM ISMAIL SHERIFF ,  ERIC MICHEL LEVY-ABEGNOLI

IPC: H04L9/32 ,  H04L12/725

Abstract: In one embodiment, a method comprises: identifying, by a root network device of a directed acyclic graph (DAG) in a low power and lossy network, a child network device in the DAG, including identifying a first rank associated with the child network device; allocating, by the root network device, an allocated rank for the child network device, the allocated rank different from the first rank; and outputting, by the root network device, a message to the child network device specifying the allocated rank, the message causing the child network device to implement the allocated rank in the DAG, including causing the child network device to generate and output a Destination Oriented Directed Acyclic Graph (DODAG) information object (DIO) message specifying the child network device is using the allocated rank.