公开(公告)号：WO2007055723A2

公开(公告)日：2007-05-18

申请号：PCT/US2006013919

申请日：2006-04-12

Applicant: CISCO TECH INC ,  WING DANIEL G

Inventor： WING DANIEL G

IPC: H04L12/66

CPC classification number: H04L63/08 ,  H04L29/06027 ,  H04L63/18 ,  H04L65/1006 ,  H04M1/2535 ,  H04M3/42042 ,  H04M3/42059 ,  H04M7/0024 ,  H04M2242/22

Abstract: The present application provides an authentication scheme that allows a device to provide additional authentication of a Publicly Switched Telephone Network (PSTN) identity assertion made in a PSTN call by also sending an Internet Protocol (IP) communication. The device sends the IP communication generally in parallel with the PSTN call. The IP communication includes a network identity assertion, which optionally may be authenticated using a cryptographically secure technique. The network identity assertion, being more difficult to falsify, provides additional authentication of the PSTN identity assertion.

Abstract translation: 本申请提供了一种认证方案，其允许设备通过还发送互联网协议（IP）通信来提供在PSTN呼叫中进行的公共交换电话网络（PSTN）标识声明的附加认证。 设备通常与PSTN呼叫并行发送IP通信。 IP通信包括网络身份断言，其可以可选地使用密码安全技术来验证。 网络身份断言更难以伪造，从而提供了对PSTN身份断言的额外验证。

公开(公告)号：WO2006101667A3

公开(公告)日：2007-12-06

申请号：PCT/US2006006669

申请日：2006-02-24

Applicant: CISCO TECH INC ,  FIRESTONE SCOTT S ,  JENNINGS CULLEN ,  WING DANIEL G ,  TOUITOU DAN

Inventor： FIRESTONE SCOTT S ,  JENNINGS CULLEN ,  WING DANIEL G ,  TOUITOU DAN

IPC: H04L9/00

CPC classification number: H04L63/08 ,  H04L9/3271

Abstract: Authenticating an endpoint using a STUN server includes facilitating a communication session between a first endpoint and a second endpoint over a network. A challenge request is sent to the second endpoint. The challenge request attempts to authenticate the second endpoint and includes an identification. The identification is associated with an expected response identification. A response to the challenge request is received from the second endpoint. The response has an actual response identification. The received response is verified to establish whether the second endpoint is legitimate. The second endpoint is legitimate if the actual response identification includes the expected response identification.

Abstract translation: 使用STUN服务器认证端点包括促进通过网络的第一端点和第二端点之间的通信会话。 挑战请求被发送到第二端点。 挑战请求尝试认证第二个端点并包含一个标识。 识别与预期响应标识相关联。 从第二端点接收到对质询请求的响应。 响应具有实际的响应标识。 验证接收到的响应以确定第二端点是否合法。 如果实际的响应标识包括预期的响应标识，则第二个端点是合法的。

公开(公告)号：WO2007055724A2

公开(公告)日：2007-05-18

申请号：PCT/US2006013920

申请日：2006-04-12

Applicant: CISCO TECH INC ,  WING DANIEL G ,  BELL ROBERT T

Inventor： WING DANIEL G ,  BELL ROBERT T

IPC: H04L9/32

CPC classification number: H04L63/029 ,  H04L29/06027 ,  H04L29/125 ,  H04L29/12537 ,  H04L61/2564 ,  H04L61/2578 ,  H04L63/20 ,  H04L65/1006 ,  H04L65/1043 ,  H04L65/1069

Abstract: An endpoint uses Interactive Connectivity Establishment (ICE) to enable multimedia communications to traverse Network Address Translators (NATs). A security policy enables security devices and asymmetric security devices to forward ICE messages. A management device stores information about an initial message. Later, a security device receives an ICE message and sends and authorization request to the management device. The management device compares information in the authorization request to information in memory. According to the comparison, the management device authorizes the security device to forward the ICE message.

Abstract translation: 端点使用交互式连接建立（ICE）来实现多媒体通信遍历网络地址转换器（NAT）。 安全策略使安全设备和非对称安全设备能够转发ICE消息。 管理设备存储关于初始消息的信息。 之后，安全装置接收到ICE消息，并向管理装置发送授权请求。 管理设备将授权请求中的信息与存储器中的信息进行比较。 根据比较，管理设备授权安全设备转发ICE消息。

公开(公告)号：WO2005069940A3

公开(公告)日：2006-11-09

申请号：PCT/US2005001775

申请日：2005-01-21

Applicant: CISCO TECH INC ,  WING DANIEL G

Inventor： WING DANIEL G

IPC: H04K1/00 ,  H04L9/08 ,  H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/0838 ,  H04L29/06027 ,  H04L63/061 ,  H04L65/607

Abstract: A network processing device identifies call requests that require secure media connections and that also require transport over both a packet switched network and a circuit switched network. The network processing device establishes an IP link over the circuit switched network and directs endpoints for the media connection to use Internet Protocol (IP) media encryption. The same IP encrypted media is then transported end-to-end over both the packet switched network and the IP link in the circuit switched network.

Abstract translation: 网络处理设备识别需要安全媒体连接的呼叫请求，并且还需要通过分组交换网络和电路交换网络进行传输。 网络处理设备通过电路交换网络建立IP链路，并指导媒体连接的端点使用互联网协议（IP）媒体加密。 然后在电路交换网络中的分组交换网络和IP链路上端到端地传送相同的IP加密媒体。

公开(公告)号：WO2015175072A2

公开(公告)日：2015-11-19

申请号：PCT/US2015016533

申请日：2015-02-19

Applicant: CISCO TECH INC

Inventor： VALLURI VAMSIDHAR ,  KUMARASAMY PARAMESWARAN ,  WING DANIEL G ,  THAKORE PARAG PRITAM ,  OSWAL ANAND ,  SHARMA SHIVANGI

IPC: H04L12/851

CPC classification number: H04L41/0836 ,  H04L1/0026 ,  H04L1/20 ,  H04L41/083 ,  H04L41/0853 ,  H04L41/5009 ,  H04L43/08 ,  H04L47/11 ,  H04L47/2458 ,  H04L67/322 ,  H04L69/16 ,  H04L69/163 ,  H04W24/02 ,  H04W28/0273 ,  H04W80/04 ,  H04W80/06

Abstract: In one embodiment, a method comprises obtaining, by a client device via a wireless data link with a wireless access point, information from a network device within a data network reachable via the wireless access point, the information describing network conditions associated with a service provided to the client device via the data network; and the client device optimizing a transmission control protocol (TCP) communication, via the wireless data link, for optimization of the service provided by the client device.

Abstract translation: 在一个实施例中，一种方法包括通过与无线接入点的无线数据链路的客户端设备从经由无线接入点可访问的数据网络内的网络设备获得描述与提供的服务相关联的网络状况的信息 通过数据网络到客户端设备; 并且客户端设备通过无线数据链路优化传输控制协议（TCP）通信，以优化由客户端设备提供的服务。

公开(公告)号：WO2008079686A3

公开(公告)日：2010-05-06

申请号：PCT/US2007087174

申请日：2007-12-12

Applicant: CISCO TECH INC ,  WING DANIEL G ,  ANDREASEN FLEMMING STIG ,  ORAN DAVID R

Inventor： WING DANIEL G ,  ANDREASEN FLEMMING STIG ,  ORAN DAVID R

IPC: H04L12/28 ,  H04L12/56

CPC classification number: H04L41/12 ,  H04L45/20 ,  H04L61/2575 ,  H04L61/2578

Abstract: In one embodiment, an endpoint sends messages containing Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) requests to traceroute a path to the remote endpoint. The traceroute may be completed through security devices such as NATs and firewalls. Receipt of a STUN response from the remote endpoint signals that one of the traceroute packets reached the remote endpoint whereas the other traceroute packets have elicited error responses from intermediary, on-path routers, allowing these routers to be identified.

Abstract translation: 在一个实施例中，端点通过网络地址转换器（NAT）（STUN）请求发送包含用户数据报协议（UDP）的简单遍历的消息，以跟踪到远程端点的路径。 可以通过NAT和防火墙等安全设备来完成跟踪路由。 来自远程端点的STUN响应的接收指示一个跟踪路由分组到达远程端点，而另一个跟踪路由分组已经从中间路由路由器引出错误响应，允许标识这些路由器。

公开(公告)号：WO2008091354A2

公开(公告)日：2008-07-31

申请号：PCT/US2007069567

申请日：2007-05-23

Applicant: CISCO TECH INC ,  WING DANIEL G ,  BISKNER ROBERT J ,  KUMAR RAJESH ,  MOSTAFA MOHAMED S

Inventor： WING DANIEL G ,  BISKNER ROBERT J ,  KUMAR RAJESH ,  MOSTAFA MOHAMED S

IPC: H04J1/16

CPC classification number: H04L43/026 ,  H04L43/0829 ,  H04L43/16 ,  H04L47/10 ,  H04L47/286 ,  H04L47/32 ,  Y02D50/30

Abstract: In one embodiment, a router examines an incoming packet for a flow monitoring request. The router may examine every packet for the flow monitoring request, or preferably may only examine packets including a lifetime value indicating that the packet should be dropped and not forwarded or may only examine packets having a predetermined message format. When the flow monitoring request is included, the router performs detailed flow analysis or other monitoring according to the flow monitoring request.

Abstract translation: 在一个实施例中，路由器检查用于流量监视请求的传入分组。 路由器可以检查流量监视请求的每个分组，或者优选地仅检查包括指示分组应该被丢弃并且不被转发的生存期值的分组，或者可以仅检查具有预定消息格式的分组。 当流量监控请求被包含时，路由器根据流量监控请求进行详细的流量分析或其他监控。

公开(公告)号：WO2006113090A3

公开(公告)日：2007-12-21

申请号：PCT/US2006011863

申请日：2006-03-30

Applicant: CISCO TECH INC ,  WING DANIEL G ,  MUNIZ KELLY

Inventor： WING DANIEL G ,  MUNIZ KELLY

IPC: H04L12/66

CPC classification number: H04L65/1069 ,  H04L29/06027 ,  H04L67/303 ,  H04L69/24 ,  H04M3/42374 ,  H04M7/006

Abstract: A system and method provide for managing media device correspondence that may be used in conjunction with a media application for transferring mixed media to/from the devices in an independent, coordinated or synchronized manner. Embodiments provide for determining a correspondence availability, establishing a correspondence relating to the correspondence availability and/or destroying or otherwise modifying a correspondence availability or correspondence. In one more specific embodiment, media device correspondence is provided in conjunction with a non-voice media device and a voice media device.

Abstract translation: 一种系统和方法提供用于管理媒体设备对应关系，该媒体设备对应可以与媒体应用结合使用，以便以独立，协调或同步的方式将混合媒体传送到/从设备传送。 实施例提供用于确定通信可用性，建立与通信可用性有关的通信和/或破坏或以其他方式修改通信可用性或通信。 在一个更具体的实施例中，与非语音媒体设备和语音媒体设备结合提供媒体设备对应。