-
公开(公告)号:US20180167370A1
公开(公告)日:2018-06-14
申请号:US15375335
申请日:2016-12-12
Applicant: Cisco Technology, Inc.
Inventor: Jazib Frahim , Aun Raza , Hazim Hashim Dahir , Salvatore Tarallo , Klaas Wierenga
Abstract: In one embodiment, a device in a network receives sensor data from one or more nodes in the network. The device selects a processing mode from among a plurality of processing modes based on a plurality of attributes of the sensor data. The plurality of processing modes comprises a fast data path mode and a slow data path mode. The device encrypts the sensor data using a first encryption mechanism that controls access to the plurality of attributes of the sensor data. The device sends the encrypted sensor data to a cloud-based intermediary based on the selected processing mode for sharing with one or more other devices in one or more other networks.
-
Patent Agency Ranking
公开(公告)号:US09917861B2
公开(公告)日:2018-03-13
申请号:US14875967
申请日:2015-10-06
Applicant: Cisco Technology, Inc.
Inventor: Jazib Frahim , Klaas Wierenga , Carlos Pignataro
CPC classification number: H04L63/20 , H04L63/0876 , H04L63/104
Abstract: A method of establishing centralized trust includes, at a policy server having connectivity to a network, establishing a trust relationship with a first enterprise network domain and a second enterprise network domain. One or more criterion from a server in the first enterprise network domain are received by the policy server and a federation relationship is established between at least a portion of the first enterprise network domain and one or more entities in the second enterprise network domain based on the one or more criterion. Based on the federation relationship, the policy server enables the one or more entities in the second enterprise network domain to access the at least a portion of the first enterprise network domain.
-
3.发明申请Mechanisms to Use Network Session Identifiers for Software-As-A-Service Authentication 审中-公开使用网络会话标识符进行软件即服务认证的机制公开(公告)号:US20150106617A1
公开(公告)日:2015-04-16
申请号:US14572075
申请日:2014-12-16
Applicant: Cisco Technology, Inc.
Inventor: Nathan Sowatskey , Nancy Cam-Winget , Susan E. Thomson , David Jones , Morteza Ansari , Klaas Wierenga , Joseph Salowey
IPC: H04L29/06
CPC classification number: H04L63/0823 , H04L63/08
Abstract: Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device, to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the identity provider device. The identity provider device uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.
Abstract translation: 提供了用于验证客户端设备的主体以访问软件即服务(SaaS)服务器的技术。 网络接入设备从客户端设备接收建立网络会话的请求,并将主体,客户端设备和网络会话的身份信息传送到会话目录数据库。 发送请求以访问SaaS服务器上的应用程序。 如果它不包含识别主题的身份断言,则将请求重定向到身份提供者设备,以向主题提供身份声明服务。 网络会话标识符被网络接入设备插入到请求中,该请求被转发给身份提供者设备。 身份提供者设备使用网络会话标识符来查询会话目录数据库,以获得要用于SaaS服务器的对象的安全断言的身份信息。
-
公开(公告)号:US10686762B2
公开(公告)日:2020-06-16
申请号:US15375335
申请日:2016-12-12
Applicant: Cisco Technology, Inc.
Inventor: Jazib Frahim , Aun Raza , Hazim Hashim Dahir , Salvatore Tarallo , Klaas Wierenga
Abstract: In one embodiment, a device in a network receives sensor data from one or more nodes in the network. The device selects a processing mode from among a plurality of processing modes based on a plurality of attributes of the sensor data. The plurality of processing modes comprises a fast data path mode and a slow data path mode. The device encrypts the sensor data using a first encryption mechanism that controls access to the plurality of attributes of the sensor data. The device sends the encrypted sensor data to a cloud-based intermediary based on the selected processing mode for sharing with one or more other devices in one or more other networks.
-
公开(公告)号:US20170099321A1
公开(公告)日:2017-04-06
申请号:US14875967
申请日:2015-10-06
Applicant: Cisco Technology, Inc.
Inventor: Jazib Frahim , Klaas Wierenga , Carlos Pignataro
IPC: H04L29/06
CPC classification number: H04L63/20 , H04L63/0876 , H04L63/104
Abstract: A method of establishing centralized trust includes, at a policy server having connectivity to a network, establishing a trust relationship with a first enterprise network domain and a second enterprise network domain. One or more criterion from a server in the first enterprise network domain are received by the policy server and a federation relationship is established between at least a portion of the first enterprise network domain and one or more entities in the second enterprise network domain based on the one or more criterion. Based on the federation relationship, the policy server enables the one or more entities in the second enterprise network domain to access the at least a portion of the first enterprise network domain.
-
6.发明授权Mechanisms to use network session identifiers for software-as-a-service authentication 有权使用网络会话标识符进行软件即服务认证的机制公开(公告)号:US09356928B2
公开(公告)日:2016-05-31
申请号:US14572075
申请日:2014-12-16
Applicant: Cisco Technology, Inc.
Inventor: Nathan Sowatskey , Nancy Cam-Winget , Susan E. Thomson , David Jones , Morteza Ansari , Klaas Wierenga , Joseph Salowey
IPC: H04L29/06
CPC classification number: H04L63/0823 , H04L63/08
Abstract: Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device, to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the identity provider device. The identity provider device uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.
Abstract translation: 提供了用于验证客户端设备的主体以访问软件即服务(SaaS)服务器的技术。 网络接入设备从客户端设备接收建立网络会话的请求,并将主体,客户端设备和网络会话的身份信息传送到会话目录数据库。 发送请求以访问SaaS服务器上的应用程序。 如果它不包含识别主题的身份断言,则将请求重定向到身份提供者设备,以向主题提供身份声明服务。 网络会话标识符被网络接入设备插入到请求中,该请求被转发给身份提供者设备。 身份提供者设备使用网络会话标识符来查询会话目录数据库,以获得要用于SaaS服务器的对象的安全断言的身份信息。
-
-
-
-
-
Search Results
6
records
(took 0.017 seconds)
