公开(公告)号：US20210021597A1

公开(公告)日：2021-01-21

申请号：US16511808

申请日：2019-07-15

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Mohammed Salman ,  Rajarao Bhagya Prasad Nittur ,  Ram Tripathi ,  Mohit Goyal ,  Rajesh Kumar Ganapathy Achari

IPC: H04L29/06 ,  H04L9/32 ,  G06Q20/06 ,  G06Q20/38

Abstract: Some implementations of the disclosure are directed to receiving, at an authentication server system, a distributed ledger address transmitted by a client device to identify itself during an authentication process for accessing a network, where the distributed ledger address corresponds to a distributed ledger network; transmitting an authentication challenge message from the authentication server to the client device; in response to transmitting the authentication challenge message from the authentication server to the client device, receiving at the authentication server, a response to the challenge message including a signature; and using at least the distributed ledger network to determine if the signature used to sign the response to the challenge message is associated with the distributed ledger address transmitted by the client device.

公开(公告)号：US10805163B2

公开(公告)日：2020-10-13

申请号：US16106789

申请日：2018-08-21

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Sebastien Tandel ,  Rajesh Kumar Ganapathy Achari ,  Anoop Kumaran Nair

IPC: H04L12/24 ,  H04L12/26 ,  H04L29/06 ,  G06F9/448 ,  H04L29/08

Abstract: An example non-transitory memory resource including instructions executable by the processing resource to monitor device information for a plurality of devices, wherein the plurality of devices comprise at least one device of an unknown device type, identify behavior attributes for the plurality of devices based on the monitored device information, cluster the plurality of devices into groups based on the behavior attributes, identify a device type for the plurality of devices based on the group of the plurality of devices; and present identifiers for each of the plurality of devices, based on the device type of the plurality of devices.

公开(公告)号：US11792193B2

公开(公告)日：2023-10-17

申请号：US17523263

申请日：2021-11-10

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Rajesh Kumar Ganapathy Achari ,  Anoop Kumaran Nair ,  Venkatesh Ramachandran ,  Pattabhi Attaluri ,  Bhagya Prasad Nittur ,  Antoni Milton

IPC: G06F21/62 ,  G06F21/71 ,  H04L9/40 ,  G06F21/73

CPC classification number: H04L63/0876 ,  H04L63/105

Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.

公开(公告)号：US11228618B2

公开(公告)日：2022-01-18

申请号：US16529255

申请日：2019-08-01

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Rajesh Kumar Ganapathy Achari ,  Anoop Kumaran Nair ,  Venkatesh Ramachandran ,  Pattabhi Attaluri ,  Rajarao Bhagya Prasad Nittur ,  Antoni Milton

IPC: H04L29/06 ,  H04L12/66

Abstract: A process, system, and non-transient computer readable medium that provides device automation support for the dynamic activation, authentication, and accounting of network access and network access devices while enabling seamless multi-vendor support for change of authorization through multiple network protocols. The process, system, and non-transient computer readable media also provides security threat remediation that can be automated at the device, network access, traffic inspection, and/or threat protection level by taking action on a device by triggering actions in a bidirectional manner.

公开(公告)号：US12095770B2

公开(公告)日：2024-09-17

申请号：US17346366

申请日：2021-06-14

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Yafeng Jiang ,  Daniel Harkins ,  Rajesh Kumar Ganapathy Achari ,  Amogh Guruprasad Deshmukh ,  Chunfeng Wang

IPC: H04L9/40 ,  G06F21/00 ,  G06F21/45 ,  G06F21/60 ,  G16Y30/10 ,  H04L9/32

CPC classification number: H04L63/105 ,  G06F21/45 ,  G06F21/604 ,  H04L9/3242 ,  H04L63/205 ,  G16Y30/10

Abstract: Example implementations relate to connecting an IoT device to a wireless network using Device Provisioning Protocol (DPP). An authentication server receives a DPP network access authorization request including a connector identifier from an Access Point (AP) in communication with the IoT device. The connector identifier is a hash of the public network access key of the IoT device. If the connector identifier is valid, the authentication server determines a configurable policy from a set of configurable policies that is applicable to the IoT device. The authentication server transmits network permissions defined in the configurable policy to the AP. The IoT device is connected to the wireless network by the AP based on the network permissions.

公开(公告)号：US11558379B2

公开(公告)日：2023-01-17

申请号：US16511808

申请日：2019-07-15

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Mohammed Salman ,  Rajarao Bhagya Prasad Nittur ,  Ram Tripathi ,  Mohit Goyal ,  Rajesh Kumar Ganapathy Achari

IPC: H04L29/06 ,  H04L9/40 ,  H04L9/32 ,  G06Q20/06 ,  G06Q20/38 ,  H04L9/00

Abstract: Some implementations of the disclosure are directed to receiving, at an authentication server system, a distributed ledger address transmitted by a client device to identify itself during an authentication process for accessing a network, where the distributed ledger address corresponds to a distributed ledger network; transmitting an authentication challenge message from the authentication server to the client device; in response to transmitting the authentication challenge message from the authentication server to the client device, receiving at the authentication server, a response to the challenge message including a signature; and using at least the distributed ledger network to determine if the signature used to sign the response to the challenge message is associated with the distributed ledger address transmitted by the client device.

公开(公告)号：US20210037059A1

公开(公告)日：2021-02-04

申请号：US16529255

申请日：2019-08-01

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Rajesh Kumar Ganapathy Achari ,  Anoop Kumaran Nair ,  Venkatesh Ramachandran ,  Pattabhi Attaluri ,  Bhagya Prasad NR ,  Antoni Milton

IPC: H04L29/06

Abstract: A process, system, and non-transient computer readable medium that provides device automation support for the dynamic activation, authentication, and accounting of network access and network access devices while enabling seamless multi-vendor support for change of authorization through multiple network protocols. The process, system, and non-transient computer readable media also provides security threat remediation that can be automated at the device, network access, traffic inspection, and/or threat protection level by taking action on a device by triggering actions in a bidirectional manner.

公开(公告)号：US20200382516A1

公开(公告)日：2020-12-03

申请号：US16429375

申请日：2019-06-03

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Rajesh Kumar Ganapathy Achari ,  Anoop Kumaran Nair ,  Pattabhi Attaluri ,  Venkatesh Ramachandran ,  Bhagya Prasad Nittur ,  Antoni Milton

IPC: H04L29/06 ,  H04L12/24

Abstract: Methods and systems for specifying and enforcing network policies are provided. One method for configuring a network that includes a plurality of heterogeneous network access devices includes creating a network enforcement profile based on at least one enforcement policy, and determining a network access device group of the plurality of heterogeneous network access devices that are capable of managing the enforcement profile. The method further includes providing vendor-specific configuration parameters for at least one network access device of the network access device group so as to cause the network to manage the network enforcement profile, and applying the vendor-specific configuration parameters to the at least one network access device.

公开(公告)号：US11477186B2

公开(公告)日：2022-10-18

申请号：US16426420

申请日：2019-05-30

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Antoni Milton ,  Rajesh Kumar Ganapathy Achari ,  Bhagya Prasad Nittur

IPC: H04L9/40 ,  G06F16/245

Abstract: An authentication server associated with a network authenticates a primary user credential responsive to a request from a client device to access the network. The authentication server queries a database server for contact information for obtaining a secondary user credential. The contact information is provided to a third-party authentication server to obtain and authenticate the secondary user credential. In response to both the third-party authentication server obtaining and authenticating the secondary user credential successfully and the authentication server authenticating the primary user credential successfully, the client device is granted access to the network.

公开(公告)号：US20200382497A1

公开(公告)日：2020-12-03

申请号：US16429462

申请日：2019-06-03

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Rajesh Kumar Ganapathy Achari ,  Anoop Kumaran Nair ,  Venkatesh Ramachandran ,  Pattabhi Attaluri ,  Bhagya Prasad Nittur ,  Antoni Milton

IPC: H04L29/06

Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.