公开(公告)号：US11258779B2

公开(公告)日：2022-02-22

申请号：US16742576

申请日：2020-01-14

Applicant: Cisco Technology, Inc.

Inventor： Malcolm Muir Smith ,  Bart Brinckman ,  Mark Grayson ,  Jerome Henry ,  Matthew Stephen MacPherson

IPC: H04L29/06 ,  H04W12/06

Abstract: The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.

公开(公告)号：US11102236B2

公开(公告)日：2021-08-24

申请号：US16195756

申请日：2018-11-19

Applicant: Cisco Technology, Inc.

Inventor： Mark Stephan Shurtleff ,  Jerome Henry ,  Bart Brinckman

IPC: H04L29/06 ,  G06F9/451 ,  H04L12/24 ,  H04L12/26 ,  G06F17/18 ,  H04L29/08

Abstract: Systems and methods provide for identification and remediation of IoT devices exhibiting anomalous behaviors. An IoT management system can identify IoT devices requiring remediation. The IoT management system may present a first interface including representations of the devices requiring remediation, where each representation can include identifying information for an IoT device, policies applied to the IoT device, and bandwidth/throughput information of the IoT device. The IoT management system can present a second remediation interface representing a detailed representation of a first IoT device. The detailed representation can include user interface elements representing actions to be performed relating to the first IoT device. The IoT management system can perform a first action corresponding to a selection of one of the user interface elements.

公开(公告)号：US20200177485A1

公开(公告)日：2020-06-04

申请号：US16209553

申请日：2018-12-04

Applicant: Cisco Technology, Inc.

Inventor： Mark Stephan Shurtleff ,  Jerome Henry ,  Bart Brinckman

IPC: H04L12/26 ,  H04L29/08

Abstract: An IoT management system can determine historical traffic volumes of a plurality of IoT devices over one or more time intervals. The IoT management system can determine historical temporal traffic metrics of the IoT devices over the time intervals. The IoT management system can determine standard deviation information for at least one of the historical traffic volumes or the historical temporal traffic metrics over the time intervals. The IoT management system can determine current traffic volumes of the IoT devices. The IoT management system can determine current temporal traffic volumes of the IoT devices. The IoT management system can present an interface including first information indicative of the current traffic volumes, second information indicative of the current temporal traffic metrics, and third information indicative of at least one of the current traffic volumes or the current temporal traffic metrics relative to the standard deviation information.

公开(公告)号：US20190215692A1

公开(公告)日：2019-07-11

申请号：US15868573

申请日：2018-01-11

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Desmond Joseph O'Connor ,  Malcolm Muir Smith ,  Bart Brinckman

IPC: H04W12/08 ,  H04L29/06 ,  H04W12/06

Abstract: In one embodiment, a method for providing access to wireless networks may include receiving, by a wireless network access provider from a user device, a request to access a wireless network. The method may include obtaining data representing a policy applicable to the access request, sending the access request, augmented with the policy, to an identity provider associated with the user and having no pre-existing relationship with the access provider, and receiving, from the identity provider, an access request response indicating whether or not the policy is met. The method may include communicating, to the wireless device, an indication that the access request has been accepted, if the policy is met, or an indication that the access request has been rejected, if the policy is not met. The access provider and identity provider may be members of an identity and access federation that communicate over a dynamically established secure connection.

公开(公告)号：US11943619B2

公开(公告)日：2024-03-26

申请号：US17388267

申请日：2021-07-29

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Bart Brinckman ,  Mark Grayson

IPC: H04W12/08 ,  H04W12/04 ,  H04W12/06 ,  H04W12/086 ,  H04W84/12

CPC classification number: H04W12/086 ,  H04W12/06

Abstract: The presently claimed disclosure is directed to methods that may be implemented at a computer. Methods and systems consistent with the present disclosure may include extending protocols associated with authenticating client (i.e. supplicant) devices and with authorizing those supplicant devices to access a wireless network. These methods may include sending data relating to the failure of an authentication and/or an authorization process to a supplicant device attempting to access a wireless network. Methods discussed within may include securely sending failure codes or reasons to a supplicant device that identify why an authentication or authorization process failed. These methods may include sending messages between a supplicant device, an authenticator device, and an authentication and authorization server. After a first failure, the supplicant device may be able to access the wireless network after a reason or code of that failure has been reported to the supplicant device.

公开(公告)号：US20220141665A1

公开(公告)日：2022-05-05

申请号：US17388267

申请日：2021-07-29

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Bart Brinckman ,  Mark Grayson

IPC: H04W12/086 ,  H04W12/06

Abstract: The presently claimed disclosure is directed to methods that may be implemented at a computer. Methods and systems consistent with the present disclosure may include extending protocols associated with authenticating client (i.e. supplicant) devices and with authorizing those supplicant devices to access a wireless network. These methods may include sending data relating to the failure of an authentication and/or an authorization process to a supplicant device attempting to access a wireless network. Methods discussed within may include securely sending failure codes or reasons to a supplicant device that identify why an authentication or authorization process failed. These methods may include sending messages between a supplicant device, an authenticator device, and an authentication and authorization server. After a first failure, the supplicant device may be able to access the wireless network after a reason or code of that failure has been reported to the supplicant device.

公开(公告)号：US11228485B2

公开(公告)日：2022-01-18

申请号：US16354045

申请日：2019-03-14

Applicant: Cisco Technology, Inc.

Inventor： Mark Stephan Shurtleff ,  Jerome Henry ,  Bart Brinckman

IPC: H04L12/24 ,  H04L12/26 ,  H04L29/08

Abstract: The present technology provides a system and method for automating on-boarding and management of IoT devices on data network. The disclosed technology further provides an interactive representation of various performance attribute with automatically generated actionable alert based on operator defined rules and performance-specific threshold values. Furthermore, disclosed technology provides for single-click activation of suggested actions at scale directed at once to all device units within one or more device groups reported in critical state. In this way the proposed technology enables rapid restoration of a network state. Offending device(s) may then be easily identified, from device units within the device category isolated in a resolution space, and managed according to one or more device-specific actionable alerts automatically generated on the offending device.

公开(公告)号：US10609634B2

公开(公告)日：2020-03-31

申请号：US15853801

申请日：2017-12-24

Applicant: Cisco Technology, Inc.

Inventor： John M. Graybeal ,  Ben Bleichman ,  Bart Brinckman ,  Konstantin Livanos

IPC: H04W48/18 ,  H04W12/06 ,  H04W48/20 ,  H04W72/08 ,  H04W48/16 ,  H04W12/00 ,  H04L29/06 ,  H04W84/12

Abstract: In one embodiment, an enterprise network includes: at least one wireless access point operative to enable a wireless device to connect to the enterprise network, networked resources to be accessed by the wireless device, and a network selection server implemented on at least one computing device and operative to: authenticate credentials provided by the wireless device when connecting to the enterprise network via the at least one wireless access point, and provide network access selection policies to the wireless device, where the network access selection policies at least determine access by the wireless device to network resources while said wireless device is connected to said enterprise network.

公开(公告)号：US12231421B2

公开(公告)日：2025-02-18

申请号：US18446337

申请日：2023-08-08

Applicant: Cisco Technology, Inc.

Inventor： Malcolm Muir Smith ,  Bart Brinckman ,  Mark Grayson ,  Jerome Henry ,  Matthew Stephen MacPherson

IPC: H04W12/06 ,  G06F21/40 ,  H04L9/40 ,  H04L29/06

Abstract: The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.

公开(公告)号：US20240187862A1

公开(公告)日：2024-06-06

申请号：US18440780

申请日：2024-02-13

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Jerome Henry ,  Bart Brinckman ,  Mark Grayson

IPC: H04W12/086 ,  H04W12/06

CPC classification number: H04W12/086 ,  H04W12/06

Abstract: The presently claimed disclosure is directed to methods that may be implemented at a computer. Methods and systems consistent with the present disclosure may include extending protocols associated with authenticating client (i.e. supplicant) devices and with authorizing those supplicant devices to access a wireless network. These methods may include sending data relating to the failure of an authentication and/or an authorization process to a supplicant device attempting to access a wireless network. Methods discussed within may include securely sending failure codes or reasons to a supplicant device that identify why an authentication or authorization process failed. These methods may include sending messages between a supplicant device, an authenticator device, and an authentication and authorization server. After a first failure, the supplicant device may be able to access the wireless network after a reason or code of that failure has been reported to the supplicant device.