-
公开(公告)号:US20200084202A1
公开(公告)日:2020-03-12
申请号:US16683410
申请日:2019-11-14
申请人: Ned M. Smith , John J. Browne , Kapil Sood , Francesc Guim Bernat , Kshitij Arun Doshi , Rajesh Poornachandran , Tarun Viswanathan , Manish Dave
发明人: Ned M. Smith , John J. Browne , Kapil Sood , Francesc Guim Bernat , Kshitij Arun Doshi , Rajesh Poornachandran , Tarun Viswanathan , Manish Dave
摘要: Various approaches for implementing attestation using an attestation token are described. In an edge computing system deployment, an edge computing device includes an attestable feature (e.g., resource, service, entity, property, etc.) which is accessible from use of an attestation token, by the operations of: obtaining a first instance of a token that provides proof of attestation for an accessible feature of the edge computing device, with the token including data to indicate trust level designations for the feature as attested by an attestation provider; receiving, from a prospective user of the feature, a request to use the feature and a second instance of the token, with the second instance of the token originating from the attestation provider; and providing access to the feature based on a verification of the instances of the token, by using the verification to confirm attestation of the trust level designations for the feature.
-
公开(公告)号:US20190141536A1
公开(公告)日:2019-05-09
申请号:US16235420
申请日:2018-12-28
申请人: Alexander Bachmutsky , Dario Sabella , Francesc Guim Bernat , John J. Browne , Kapil Sood , Kshitij Arun Doshi , Mats Gustav Agerstam , Ned M. Smith , Rajesh Poornachandran , Tarun Viswanathan
发明人: Alexander Bachmutsky , Dario Sabella , Francesc Guim Bernat , John J. Browne , Kapil Sood , Kshitij Arun Doshi , Mats Gustav Agerstam , Ned M. Smith , Rajesh Poornachandran , Tarun Viswanathan
摘要: A service coordinating entity device includes communications circuitry to communicate with a first access network, processing circuitry, and a memory device. The processing circuitry is to perform operations to, in response to a request for establishing a connection with a user equipment (UE) in a second access network, retrieve a first Trusted Level Agreement (TLA) including trust attributes associated with the first access network. One or more exchanges of the trust attributes of the first TLA and trust attributes of a second TLA associated with the second access network are performed using a computing service executing on the service coordinating entity. A common TLA with trust attributes associated with communications between the first and second access networks is generated based on the exchanges. Data traffic is routed from the first access network to the UE in the second access network based on the trust attributes of the common TLA.
-
公开(公告)号:US20210021619A1
公开(公告)日:2021-01-21
申请号:US17033757
申请日:2020-09-26
申请人: Ned M. Smith , Francesc Guim Bernat , Rajesh Poornachandran , Kshitij Arun Doshi , Tarun Viswanathan , Kapil Sood
发明人: Ned M. Smith , Francesc Guim Bernat , Rajesh Poornachandran , Kshitij Arun Doshi , Tarun Viswanathan , Kapil Sood
IPC分类号: H04L29/06
摘要: Various aspects of methods, systems, and use cases for trust-based orchestration of an edge node. An edge node may be configured for trust-based orchestration in an edge computing environment, where the edge node includes a transceiver to receive an instruction to perform a workload, the instruction from an edge orchestrator, the edge node being in a group of edge nodes managed with a ledger; and a processor to execute the workload at the edge node to produce a result, wherein the execution of the workload is evaluated by other edge nodes in the group of edge nodes to produce a reputation score of the edge node, where the transceiver is to provide the result to the edge orchestrator.
-
公开(公告)号:US20210021533A1
公开(公告)日:2021-01-21
申请号:US17033140
申请日:2020-09-25
申请人: Francesc Guim Bernat , Ned M. Smith , Kshitij Arun Doshi , Suraj Prabhakaran , Timothy Verrall , Kapil Sood , Tarun Viswanathan
发明人: Francesc Guim Bernat , Ned M. Smith , Kshitij Arun Doshi , Suraj Prabhakaran , Timothy Verrall , Kapil Sood , Tarun Viswanathan
IPC分类号: H04L12/841 , H04L12/911 , H04L12/933
摘要: Systems and techniques for intelligent data forwarding in edge networks are described herein. A request may be received from an edge user device for a service via a first endpoint. A time value may be calculated using a timestamp of the request. Motion characteristics may be determined for the edge user device using the time value. A response to the request may be transmitted to a second endpoint based on the motion characteristics.
-
公开(公告)号:US20210152543A1
公开(公告)日:2021-05-20
申请号:US17127852
申请日:2020-12-18
摘要: Systems and techniques for automatic escalation of trust credentials are described herein. Requestor data may be received that describes workloads of a requestor. A set of trust credentials may be determined by using an escalation prediction model to evaluate the requestor data. The multi-access token may be assembled from the set of trust credentials. The multi-access token may be transmitted to an information provider to fulfill a request of a requestor.
-
公开(公告)号:US20190138294A1
公开(公告)日:2019-05-09
申请号:US16235598
申请日:2018-12-28
申请人: Ned M. Smith , Kshitij Arun Doshi , John J. Browne , Vincent J. Zimmer , Francesc Guim Bernat , Kapil Sood
发明人: Ned M. Smith , Kshitij Arun Doshi , John J. Browne , Vincent J. Zimmer , Francesc Guim Bernat , Kapil Sood
摘要: Various systems and methods for enabling derivation and distribution of an attestation manifest for a software update image are described. In an example, these systems and methods include orchestration functions and communications, providing functionality and components for a software update process which also provides verification and attestation among multiple devices and operators.
-
公开(公告)号:US20210144202A1
公开(公告)日:2021-05-13
申请号:US17097117
申请日:2020-11-13
申请人: Christian Maciocco , Trevor Cooper , Valerie J. Parker , Rajesh Poornachandran , Francesc Guim Bernat , Kshitij Arun Doshi , Ned M. Smith
发明人: Christian Maciocco , Trevor Cooper , Valerie J. Parker , Rajesh Poornachandran , Francesc Guim Bernat , Kshitij Arun Doshi , Ned M. Smith
摘要: Methods, systems, and use cases for extended P2P communication with edge networking are discussed, including an edge computing device with a memory device and processing circuitry. The processing circuitry receives a request from a second edge computing device to perform a P2P exchange. A set of services for execution by the processing circuitry during the P2P exchange is determined. The processing circuitry further determines whether an enhanced edge service is available to substitute at least one service of the set of services. The enhanced edge service is associated with processing resources that are external to the edge computing device. Based on a successful determination that the enhanced edge service is available, the processing resources of the edge computing system that are external to the edge computing device are utilized to execute the enhanced edge service in place of the at least one service during the P2P exchange.
-
公开(公告)号:US20220114251A1
公开(公告)日:2022-04-14
申请号:US17561134
申请日:2021-12-23
申请人: Francesc Guim Bernat , Kshitij Arun Doshi , Adrian Hoban , Thijs Metsch , Dario Nicolas Oliver , Marcos E. Carranza , Mats Gustav Agerstam , Bin Li , Patrick Koeberl , Susanne M. Balle , John J. Browne , Cesar Martinez-Spessot , Ned M. Smith
发明人: Francesc Guim Bernat , Kshitij Arun Doshi , Adrian Hoban , Thijs Metsch , Dario Nicolas Oliver , Marcos E. Carranza , Mats Gustav Agerstam , Bin Li , Patrick Koeberl , Susanne M. Balle , John J. Browne , Cesar Martinez-Spessot , Ned M. Smith
IPC分类号: G06F21/51 , G06F21/57 , H04L43/0823 , H04L41/5009
摘要: Various systems and methods for implementing reputation management and intent-based security mechanisms are described herein. A system for implementing intent-driven security mechanisms, configured to: determine, based on a risk tolerance intent related to execution of an application on a compute node, whether execution of a software-implemented operator requires a trust evaluation; and in response to determining that the software-implemented operator requires the trust evaluation: obtain a reputation score of the software-implemented operator; determine a minimum reputation score from the risk tolerance intent; compare the reputation score of the software-implemented operator to the minimum reputation score; and reject or permit execution of the software-implemented operator based on the comparison
-
公开(公告)号:US20230027152A1
公开(公告)日:2023-01-26
申请号:US17956517
申请日:2022-09-29
IPC分类号: H04L41/082 , H04L41/0654 , H04L9/40
摘要: Systems and techniques to upgrade network objects using security islands are described herein. Security islands of node groupings are created based on trust relationships between nodes in an edge network. An upgrade request may be received to upgrade a target edge node in the edge network. Building blocks may be identified for a package installed on the target edge node to be upgraded. A state backup may be stored for the building blocks. An upgrade command and an upgrade payload may be transmitted to the target edge node. The target edge node may be queried to obtain a status of the target edge node. An upgrade action may be determined based on the status and the upgrade action may be executed.
-
公开(公告)号:US20220329522A1
公开(公告)日:2022-10-13
申请号:US17853331
申请日:2022-06-29
申请人: Christian Maciocco , Ren Wang , Kshitij Arun Doshi , Francesc Guim Bernat , Ned M. Smith , Satish Chandra Jha , Vesh Raj Sharma Banjade , S M Iftekharul Alam , Shu-ping Yeh
发明人: Christian Maciocco , Ren Wang , Kshitij Arun Doshi , Francesc Guim Bernat , Ned M. Smith , Satish Chandra Jha , Vesh Raj Sharma Banjade , S M Iftekharul Alam , Shu-ping Yeh
摘要: Disclosed are systems and methods for adaptive resilient network communication. A system may monitor network traffic on multiple pathways between user equipment and an application or a service at a network destination, gather network telemetry data from the monitored network traffic, input the network telemetry data into a trained artificial intelligence model, and classify the network telemetry data using the model. The system may further determine, using the model, an anomaly condition in at least a portion of the multiple pathways, and in response to the determination of an anomaly, select a mitigation technique for the at least a portion of the multiple pathways.
-
-
-
-
-
-
-
-
-