公开(公告)号：US20250150490A1

公开(公告)日：2025-05-08

申请号：US19014746

申请日：2025-01-09

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Jerome Henry ,  Indermeet Gandhi

IPC: H04L9/40

Abstract: A method and system for implementing security policies for a user device based on one or more user device parameters. When a user device joins a domain, the security policy agent determines one or more security policies for the user device based on one or more parameters of the user device. The user parameters may include the type of user device, a user group, an application to be used, etc. The security polies are sent to the user device. The user device generates a data packet having metadata indicating the one or more device parameters. The data packet is sent to a remote security service where security policies are implemented based on the metadata.

公开(公告)号：US20240223252A1

公开(公告)日：2024-07-04

申请号：US18607064

申请日：2024-03-15

Applicant: Cisco Technology, Inc.

Inventor： Malcolm Smith ,  Jerome Henry ,  Matthew Silverman ,  Indermeet Gandhi

IPC: H04B7/06 ,  H04W8/22 ,  H04W12/06

CPC classification number: H04B7/0617 ,  H04B7/0626 ,  H04W8/22 ,  H04W12/06

Abstract: Devices, systems, methods, and processes for pre-association sounding executed between a user device and a network device are described herein. The user device may announce its pre-association sounding capability to the network device. The network device, also supporting pre-association sounding, may transmit a plurality of sounding frames to the user device. The user device may process the plurality of sounding frames, determine channel state information (CSI), and transmit the CSI to the network device. The plurality of sounding frames and the CSI may be exchanged between the user device and the network device prior to the user device associating with the network device. By the time the user device associates with the network device, the network device may already have the CSI required for beamforming one or more transmissions towards the user device. Thus, latency overheads associated with sounding are reduced by performing pre-emptive sounding while in a pre-association state.

公开(公告)号：US20240381166A1

公开(公告)日：2024-11-14

申请号：US18465380

申请日：2023-09-12

Applicant: Cisco Technology, Inc.

Inventor： Robert Barton ,  Matt Silverman ,  Jerome Henry ,  Indermeet Gandhi ,  Malcolm Smith

IPC: H04W28/02

Abstract: Devices, systems, methods, and processes are described herein that can reduce network communication overhead by reducing data that is sent. This reduction in data can be achieved by reducing the requests for data related to the buffers of one or more network devices. This buffer status data reduction can be achieved by predicting the current status of the buffers in other network devices. When the buffer predictions are sufficient, the need to request or poll for buffer status reports can be reduced. The buffer predictions can be evaluated through one or more confidence levels. These buffer predictions and confidence levels can be generated by one or more machine learning processes that are configured to operate on one or more network devices. Based on the confidence levels of the predictions, the number of buffer status report polls and of any unsolicited buffer service reports can be reduced.

公开(公告)号：US20240137414A1

公开(公告)日：2024-04-25

申请号：US18047828

申请日：2022-10-18

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Mark Grayson ,  Shailender Potharaju

IPC: H04L67/1097 ,  H04W72/04

CPC classification number: H04L67/1097 ,  H04W72/04

Abstract: Dynamic Open Radio Access Network Radio Unit (O-RU) sharing between multiple tenant Open RAN Distributed Units (O-DU) may be provided. A Near Real Time RAN Intelligent Controller (nRT-RIC) may receive tenant policies for a first tenant and a second tenant. The nRT-RIC may then determine initial sharing templates for the first tenant and the second tenant based on the tenant policies. The nRT-RIC may send the initial sharing templates to a first tenant Distributed Unit (DU) and a second tenant DU. The nRT-RIC may receive operating metrics from the first tenant DU and the second tenant DU. The nRT-RIC may then determine operational factors based on the operating metrics. The nRT-RIC may alter an allocation of resources between the first tenant and the second tenant based on the operational factors. Finally, the nRT-RIC may send the altered allocation of resources to the first tenant DU and the second tenant DU.

公开(公告)号：US20220311626A1

公开(公告)日：2022-09-29

申请号：US17211178

申请日：2021-03-24

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Gandhi

IPC: H04L9/32 ,  H04L29/06

Abstract: Techniques for utilizing an extensible authentication protocol (EAP) to interwork with a cloud-based identity provider supporting OAuth based authentication and authorization interfaces. An access network may be accessible by a user device interacting with a service provider network configured to securely transmit encrypted credentials from the user device, over EAP, and relay the encrypted credentials to a cloud-based authorization server, using a backchannel over hypertext transfer protocol secure (HTTPS) via OAuth, for authorization and authentication of the user device to access the access network. The network may be configured as a public wireless network, a private wireless network, a public cellular network, a private cellular network, and/or an OpenRoaming Network.

公开(公告)号：US20250063033A1

公开(公告)日：2025-02-20

申请号：US18936901

申请日：2024-11-04

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Srinath Gundavelli

IPC: H04L9/40 ,  G06F3/01 ,  H04L25/02 ,  H04W4/02

Abstract: This disclosure describes techniques for performing multi-factor authentication (MFA) by utilizing user generated authenticating gestures. The techniques may include establishing and monitoring peer-to-peer communication links between user devices. The techniques may include monitoring channel properties for fluctuations in the channel properties associated with the user generated authenticating gesture passing through signals of the communication links. The techniques may further include comparing a gesture performed by a user to a predefined authenticating gesture. The techniques may include determining a pattern of fluctuations in the channel properties associated with the predefined authenticating gesture. The techniques may include determining a confidence score associated with comparing the gesture performed and the predefined authenticating gesture. The techniques may further include determining a proximity of the user and/or the gesture to the user device. The techniques may further include granting or denying the user based at least in part on the proximity and/or the comparison.

公开(公告)号：US20250062853A1

公开(公告)日：2025-02-20

申请号：US18452435

申请日：2023-08-18

Applicant: Cisco Technology, Inc.

Inventor： Jerome Henry ,  Pascal Thubert ,  JP Vasseur ,  Indermeet Gandhi ,  Robert Barton

IPC: H04L1/00 ,  H04B7/06 ,  H04L5/00 ,  H04W24/02

Abstract: Described herein are devices, systems, methods, and processes for improving retransmissions in wireless communication networks by distinguishing between temporal interference and longer-term radio frequency (RF) condition issues. The fact that the access point (AP) does not usually move may be leveraged, and a machine learning process can be utilized to learn and adapt to the RF conditions in the cell. The AP records various parameters for each frame received from client devices and uses this data to build a pairwise temporal matrix. Machine learning models are trained using these parameters, enabling the AP to compute the likely efficient set of modulation and coding schemes (MCSs) at each static position and along moving positions. The AP can then adapt its MCS accordingly for the downlink traffic and provide the client device with recommended MCSs for upcoming uplink transmissions. Accordingly, the retry count at the client devices can be reduced.

公开(公告)号：US20220321556A1

公开(公告)日：2022-10-06

申请号：US17218602

申请日：2021-03-31

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Srinath Gundavelli ,  Pradeep Kumar Kathail

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/30 ,  G06F21/60 ,  H04W12/08

Abstract: This disclosure describes techniques for authentication related to verification of identity for network access. The techniques may include sending a challenge associated with authentication to a network to a mobile device. In response to sending the challenge, the techniques may include receiving a challenge response from the mobile device. The challenge response may include biometric credential information associated with a user of the mobile device. The challenge response may also include an indication of an authorization assertion associated with the authentication to the network. In some examples, the techniques may include tailoring access to the network for the mobile device based on the biometric credential information.

公开(公告)号：US12225053B2

公开(公告)日：2025-02-11

申请号：US17898162

申请日：2022-08-29

Applicant: Cisco Technology, Inc.

Inventor： Robert Edgar Barton ,  Jerome Henry ,  Indermeet Gandhi

IPC: H04L9/40

Abstract: A method and system for implementing security policies for a user device based on one or more user device parameters. When a user device joins a domain, the security policy agent determines one or more security policies for the user device based on one or more parameters of the user device. The user parameters may include the type of user device, a user group, an application to be used, etc. The security polies are sent to the user device. The user device generates a data packet having metadata indicating the one or more device parameters. The data packet is sent to a remote security service where security policies are implemented based on the metadata.

公开(公告)号：US20240388955A1

公开(公告)日：2024-11-21

申请号：US18198658

申请日：2023-05-17

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Robert Edgar Barton ,  Jerome Henry

IPC: H04W28/02

Abstract: Access point devices can be equipped with Machine Learning (ML) models to improve access point device operations. An access point device operating mode can be sent to a controller. The access point device operating mode can indicate multiple network protocols employed at the access point device. The controller can provide a coarse ML model to the access point device, wherein the coarse ML model is based on the operating mode. The access point device can then use local network traffic data, processed by the access point device, to train and refine the coarse ML model, and the access point device can use the resulting trained ML model in connection with network traffic processing determinations.