公开(公告)号：US11196666B2

公开(公告)日：2021-12-07

申请号：US16926010

申请日：2020-07-10

Applicant: FUTUREWEI TECHNOLOGIES, INC.

Inventor： Uma S. Chunduri ,  Alexander Clemm ,  Padmadevi Pillay-Esnault ,  Yingzhen Qu

IPC: H04L12/717 ,  H04L29/06 ,  H04L12/24 ,  H04L12/741 ,  H04L29/12

Abstract: A method implemented by a receiving host entity comprises transmitting, by a transmitter of the receiving host entity, an anonymized identifier of the receiving host entity, wherein the anonymized identifier is a temporary and recyclable identifier identifying the receiving host entity, and receiving, by a receiver of the receiving host entity, a data packet from a sending host entity, wherein the data packet includes the anonymized identifier.

公开(公告)号：US20210099393A1

公开(公告)日：2021-04-01

申请号：US17070631

申请日：2020-10-14

Applicant: Futurewei Technologies, Inc.

Inventor： Renwei Li ,  Alexander Clemm ,  Uma S. Chunduri ,  Kiran Makhijani

IPC: H04L12/833 ,  H04L12/751 ,  H04L12/733 ,  H04L12/721 ,  H04L12/851 ,  H04L12/935 ,  H04L12/823 ,  H04L12/917 ,  H04L29/06

Abstract: A mechanism is disclosed for implementing conditional commands carried by network data packets. A data flow including a data packet is received. The data packet includes a conditional command. A condition and a command are obtained from the conditional command. The mechanism determines that the condition is satisfied. Based on the determination that the condition is satisfied, the command is executed to alter handling of the data flow, alter handling of the data packet, or alter a context for the data flow.

公开(公告)号：US10389630B2

公开(公告)日：2019-08-20

申请号：US15640087

申请日：2017-06-30

Applicant: Futurewei Technologies, Inc.

Inventor： Alexander Clemm ,  Padmadevi Pillay-Esnault

IPC: H04L12/26 ,  H04W28/08 ,  H04W40/02 ,  H04W72/04 ,  H04L12/721

Abstract: A computer-implemented method of monitoring communication flows between identities is provided that comprises: accessing a first data packet that indicates a source identifier, a destination identifier, a first source locator, and a first destination locator; accessing a second data packet that indicates the source identifier, the destination identifier, a second source locator, and a second destination locator, the second destination locator being different from the first destination locator; storing data regarding the first data packet and the second data packet in a single ID flow record based on a determination that the source identifier of the first data packet matches the source identifier of the second data packet and a determination that the destination identifier of the first data packet matches the destination identifier of the second data packet; and based on the single ID flow record, adjusting a resource allocation.

公开(公告)号：US20190007211A1

公开(公告)日：2019-01-03

申请号：US15640156

申请日：2017-06-30

Applicant: Futurewei Technologies, Inc.

Inventor： Uma S. Chunduri ,  Alexander Clemm ,  Padmadevi Pillay-Esnault

IPC: H04L9/32 ,  H04L9/08 ,  H04L9/30

Abstract: A computer-implemented method of transmitting encrypted data comprises accessing, by one or more processors of an origination endpoint, first data to be transmitted to a destination having a corresponding identifier; generating, by the one or more processors, an identifier security header; generating, by the one or more processors, second data from the first data and the identifier security header; encrypting, by the one or more processors, the second data; generating, by the one or more processors, authentication data based on the encrypted second data; generating, by the one or more processors, third data from the encrypted second data and the authentication data; generating, by the one or more processors, fourth data from the identifier corresponding to the destination and the third data; and sending, by the one or more processors, the fourth data to the destination.

公开(公告)号：US20180337950A1

公开(公告)日：2018-11-22

申请号：US15639976

申请日：2017-06-30

Applicant: Futurewei Technologies, Inc.

Inventor： Alexander Clemm ,  Uma S. Chunduri ,  Padmadevi Pillay-Esnault

IPC: H04L29/06 ,  H04L12/24 ,  H04L29/12

Abstract: A computer-implemented method of extending generic resilient identity services (GRIDS) is provided that comprises: receiving, by a mapping server, a resolve request from an originator endpoint for a locator of a destination endpoint; sending, by the mapping server, a request for authorization to provide the requested locator, the request for authorization indicating an identifier of the originator endpoint; receiving, by a policy server, the request for authorization; accessing, by the policy server, from a database, a set of policies for the destination endpoint; based on the identifier of the originator endpoint and the set of policies for the destination endpoint, sending, by the policy server, an authorization response to the mapping server; and based on the authorization response, sending, by the mapping server, a response to the resolve request to the originator endpoint.

公开(公告)号：US20230231798A1

公开(公告)日：2023-07-20

申请号：US18188897

申请日：2023-03-23

Applicant: Futurewei Technologies, Inc.

Inventor： Uma S. Chunduri ,  Stewart Bryant ,  Alexander Clemm ,  Toerless Eckert ,  Richard LI

IPC: H04L45/00 ,  H04L45/302

CPC classification number: H04L45/22 ,  H04L45/302

Abstract: A computer-implemented method for processing a data packet in a network node includes determining a level of deterioration of a primary path between the network node and the destination node. The determined level of deterioration is based at least on a non-congestion-related loss for a primary link associated with one or more subsequent hops of the data packet from the network node toward the destination node along the primary path. Based on the determined level of deterioration of the primary path being above a threshold, the primary path is changed to an alternate path from the network node to the destination node. The data packet is forwarded to a next network node on the alternate path.

公开(公告)号：US10958623B2

公开(公告)日：2021-03-23

申请号：US15969135

申请日：2018-05-02

Applicant: Futurewei Technologies, Inc.

Inventor： Padmadevi Pillay-Esnault ,  Alexander Clemm ,  Uma S. Chunduri

IPC: H04L29/06

Abstract: A method implemented by a firewall device in a network, comprising storing, by a memory, a firewall policy comprising information indicating whether to forward a data packet from a sending host entity to a receiving host entity, receiving, by a receiver, a data packet from a sending host entity, wherein the data packet includes an identifier of the receiving host entity, and determining, by a processor coupled to the memory and the receiver, whether to forward the data packet to the receiving host entity based on the firewall policy and the identifier of the receiving host entity.

公开(公告)号：US10805082B2

公开(公告)日：2020-10-13

申请号：US15640156

申请日：2017-06-30

Applicant: Futurewei Technologies, Inc.

Inventor： Uma S. Chunduri ,  Alexander Clemm ,  Padmadevi Pillay-Esnault

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  H04L9/30

Abstract: A computer-implemented method of transmitting encrypted data comprises accessing, by one or more processors of an origination endpoint, first data to be transmitted to a destination having a corresponding identifier; generating, by the one or more processors, an identifier security header; generating, by the one or more processors, second data from the first data and the identifier security header; encrypting, by the one or more processors, the second data; generating, by the one or more processors, authentication data based on the encrypted second data; generating, by the one or more processors, third data from the encrypted second data and the authentication data; generating, by the one or more processors, fourth data from the identifier corresponding to the destination and the third data; and sending, by the one or more processors, the fourth data to the destination.

公开(公告)号：US20190020628A1

公开(公告)日：2019-01-17

申请号：US15833185

申请日：2017-12-06

Applicant: Futurewei Technologies, Inc.

Inventor： Alexander Clemm ,  Uma S. Chunduri ,  Padmadevi Pillay-Esnault ,  Yingzhen Qu

IPC: H04L29/06 ,  G06F17/30 ,  H04L29/12

Abstract: A method implemented by a sending host entity comprises sending, by the sending host entity, a data packet to a receiving host entity, a source identifier field of the data packet comprising an anonymized identifier of the sending host entity, the anonymized identifier being a temporary identifier of the sending host entity, and sending, by the sending host entity to a distributed mapping system, a request for the distributed mapping system to send information identifying the sending host entity to the receiving host entity.

公开(公告)号：US20190007326A1

公开(公告)日：2019-01-03

申请号：US15640125

申请日：2017-06-30

Applicant: Futurewei Technologies, Inc.

Inventor： Alexander Clemm ,  Padmadevi Pillay-Esnault

IPC: H04L12/851 ,  H04L12/721 ,  H04L12/741 ,  H04L12/24

Abstract: A computer-implemented method of preventing communications based on endpoint category is provided that comprises: accessing, by one or more processors of a router, a data packet that indicates a source identifier that identifies a source endpoint and a destination identifier that identifies a destination endpoint; determining, by the one or more processors of the router, a source category based on the source identifier; determining, by the one or more processors of the router, a destination category based on the destination identifier; and based on the source category and the destination category, refraining from sending the data packet to the destination endpoint.