公开(公告)号：WO2021126590A1

公开(公告)日：2021-06-24

申请号：PCT/US2020/063722

申请日：2020-12-08

Applicant: CISCO TECHNOLOGY, INC.

Inventor： WARD, David Delano ,  CAM-WINGET, Nancy ,  VOIT, Eric ,  BACKMAN, Jesse Daniel

IPC: H04L29/06 ,  G06F21/57 ,  G06F21/74 ,  H04L63/029 ,  H04L63/105 ,  H04L63/1433

Abstract: Systems, methods, and computer-readable media for assessing reliability and trustworthiness of devices across domains. Attestation information for an attester node in a first domain is received at a verifier gateway in the first domain. The attestation information is translated at the verifier gateway into translated attestation information for a second domain. Specifically, the attestation information is translated into translated attested information for a second domain that is a different administrative domain from the first domain. The translated attestation information can be provided to a verifier in the second domain. The verifier can be configured to verify the trustworthiness of the attester node for a relying node in the second domain by identifying a level of trust of the attester node based on the translated attestation information.

公开(公告)号：WO2021133694A1

公开(公告)日：2021-07-01

申请号：PCT/US2020/066239

申请日：2020-12-18

Applicant: VMWARE, INC.

Inventor： KOCHHAR, Arjun ,  ALUVALA, Suman ,  YADAV, Amit Kumar ,  SHEDIGUMME, Shree Harsha

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/32 ,  H04L41/22 ,  H04L63/029 ,  H04L63/0815 ,  H04L63/0823 ,  H04L63/20 ,  H04L63/30

Abstract: Disclosed are various approaches for facilitating single sign-on (SSO) for third-party services that are accessible through messages (e.g., email) received by a user. A user can receive a message that includes an embedded URL or link that opens in a third-party service that requires authentication. Instead of requiring the user to enter authentication credentials for accessing the third-party service, a tunnel service can be used to intercept requests for authentication and redirect the requests to an identity manager that can issue a SSO token following an authentication of the user and device. Upon supplying the third-party service with the SSO token, the user can access the content associated with the third-party service without entering authentication credentials.

公开(公告)号：WO2021257407A2

公开(公告)日：2021-12-23

申请号：PCT/US2021/037079

申请日：2021-06-11

Applicant: CISCO TECHNOLOGY, INC.

Inventor： RAO, Supreeth ,  YADAV, Navindra ,  MALLESHAIAH, Prasannakumar Jobigenahally ,  PATWARDHAN, Tapan Shrikrishna ,  ARUMUGAM, Umamaheswaran ,  PURANDARE, Darshan Shrinath ,  MA, Aiyesha ,  SUN, Fuzhuo ,  KUMAR, Ashok

IPC: G06F21/50 ,  G06F21/55 ,  G06F21/57 ,  G06Q10/06 ,  H04L29/06 ,  G06F21/554 ,  G06F21/577 ,  H04L63/029 ,  H04L63/1408 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/1433 ,  H04L63/1441 ,  H04L63/164 ,  H04L63/20

Abstract: The present disclosure relates to methods, systems, and non-transitory computer readable media for generating an application protectability index for network applications and a corresponding protectability scheme. In one aspect, a method includes identifying, by a network controller, network layers associated with an application; determining, by the network controller, a corresponding security index for the application at each of the network layers to yield a plurality of security indexes, each of the plurality of security indexes providing an objective assessment of protectability of the application at a corresponding one of the network layers; determining, by the network controller, an application protectability index; and providing an application protectability scheme for protecting the application based on the application protectability index.

公开(公告)号：WO2021252078A1

公开(公告)日：2021-12-16

申请号：PCT/US2021/028330

申请日：2021-04-21

Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC

Inventor： THANGAPANDI, Shivakumar ,  GUPTA, Abhishek ,  ARORA, Vikrant

IPC: H04L29/06 ,  H04L29/08 ,  G06F2009/45595 ,  G06F9/45558 ,  H04L63/0272 ,  H04L63/029 ,  H04L63/0485 ,  H04L63/061 ,  H04L63/0876 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1034 ,  H04L67/148

Abstract: Techniques are disclosed for live migrating an existing connection between a local gateway in a virtualized computing environment and a remote gateway. The existing IKE and IPSec connection are frozen. MMSA and QMSA data for the IKE and IPSec connection are saved. Data for the existing IKE and IPSec connection is cleared at the local gateway without sending a message to the remote gateway. The saved MMSA and QMSA data are transferred to a new local gateway. Using the saved MMSA and QMSA data, a state for the existing IKE and IPSec connection is reconstructed at the new local gateway. The existing IKE and IPSec connection is enabled.

公开(公告)号：WO2022238177A1

公开(公告)日：2022-11-17

申请号：PCT/EP2022/061806

申请日：2022-05-03

Applicant: SIEMENS AKTIENGESELLSCHAFT

Inventor： FRANK, Reinhard ,  ZEIGER, Florian

IPC: H04L9/40 ,  G05B19/418 ,  H04L63/0209 ,  H04L63/029

Abstract: The invention discloses an automated method for data access to a device (D) of an internal network (IN) by an external client (EC) of an external network (EN), comprising the steps of: - by the external client sending a communication access request for the device to a software implemented application access point (AAP), which is set up to authorize access requests, - by the application access point configuring a corresponding software implemented connector, acting as an endpoint for a communication tunnel (NT) to the device, - by the AAP configuring a corresponding software implemented policy decision point (PDP) as an interface to the external network for arriving of application data traffic of the external client, whereby the PDP is set up to validated accept and forward the access request of the external client to the connector, and - accessing the device via the communication tunnel by the external client.

公开(公告)号：WO2022237361A1

公开(公告)日：2022-11-17

申请号：PCT/CN2022/083748

申请日：2022-03-29

Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION ,  IBM (CHINA) CO., LIMITED

Inventor： TAV, Doga ,  DE SOUZA, Matthew ,  TATE, Geoffrey ,  ANTONOV, Nick ,  BARRY, Alpha

IPC: H04L41/00 ,  G06F11/302 ,  G06F11/3495 ,  G06F15/7882 ,  G06F3/0619 ,  G06F3/0644 ,  G06F3/0673 ,  G06F8/61 ,  G06F9/4406 ,  G06F9/4416 ,  H04L61/5014 ,  H04L63/029

Abstract: A method, a computer program product, and a system for server provisioning and deployment. The method includes receiving a deployment configuration for a server. The deployment configuration includes a requested software build and a requested installation of an application and configuration for the server. The method also includes reconfiguring hardware on the server based on the deployment configuration and via an out-of-band management card on the server and pushing a boot loader on to the server for installation of an operating system. The method further includes performing an installation of the operating system on the server, transmitting an auto configuration file to the server. The auto configuration file provides installation properties relating to the application. The method also includes monitoring a status of the server during the installation of the application using a serial terminal output on the server.

公开(公告)号：WO2021252210A1

公开(公告)日：2021-12-16

申请号：PCT/US2021/034956

申请日：2021-05-28

Applicant: QUALCOMM INCORPORATED

Inventor： ZHANG, Juan ,  PAYYAPPILLY, Ajith Tom ,  CHIN, Tom

IPC: H04L29/06 ,  H04W8/18 ,  H04W48/18 ,  H04W76/15 ,  H04W76/12 ,  H04W88/04 ,  H04W88/06 ,  H04W88/16 ,  H04L63/029 ,  H04L63/164 ,  H04L65/1016 ,  H04L65/103 ,  H04L65/80 ,  H04W12/0471 ,  H04W12/06 ,  H04W76/10 ,  H04W76/16 ,  H04W8/183 ,  H04W84/12

Abstract: Certain aspects of the present disclosure provide techniques for accessing home operator services with the home subscription using radio access from a subscription on a separate operator. A method that may be performed by a user equipment (UE) includes obtaining a data connection with a first wireless network based on a first subscription, obtaining a tunnel connection with a gateway of a second wireless network through the data connection based on a second subscription associated with the second wireless network, and communicating with the second wireless network through the tunnel connection using the data connection.

公开(公告)号：WO2021220051A1

公开(公告)日：2021-11-04

申请号：PCT/IB2021/000274

申请日：2021-04-26

Applicant: REAL INNOVATIONS INTERNATIONAL LLC

Inventor： THOMAS, Andrew, S.

IPC: H04W12/08 ,  H04L41/147 ,  H04L43/0876 ,  H04L63/0218 ,  H04L63/029 ,  H04L63/108

Abstract: Systems and methods for providing access to historical data over a real-time tunnel are disclosed. The method provides a mechanism for secure communication between one or more historians. In an example, attack surfaces on historians in an industrial control system operational technology (OT) network and in an information technology (IT) networks are reduced and possibly entirely eliminated by tunneling through a DMZ (de-militarized zone) or "secured network".