公开(公告)号：US11304109B1

公开(公告)日：2022-04-12

申请号：US17094163

申请日：2020-11-10

Applicant: Cisco Technology, Inc.

Inventor： Shailender Potharaju ,  Indermeet Singh Gandhi ,  Mark Grayson

IPC: H04W36/00 ,  H04W36/22 ,  H04B17/318 ,  H04W76/15 ,  H04W8/24

Abstract: Presented herein are techniques to prevent and/or minimize user equipment (UE) service disruptions in a virtualized Radio Access Network (vRAN) architecture. In one example, a method may include establishing, via a central unit of a vRAN, a first radio connection for a UE via a first cell belonging to a first shared cell for the vRAN; determining that the UE is dual connectivity capable; instructing the UE to perform measurements for one or more other cells belonging to one or more other shared cells that have available capacity; obtaining measurement information from the UE for the one or more other cells; determining, based on the measurement information, a second cell among the one or more other cells having a highest measured signal strength; and establishing a second radio connection for the UE via the second cell belonging to the second shared cell.

公开(公告)号：US11284462B2

公开(公告)日：2022-03-22

申请号：US16717384

申请日：2019-12-17

Applicant: Cisco Technology, Inc.

Inventor： Louis Gwyn Samuel ,  Srinath Gundavelli ,  Oliver James Bull ,  Mark Grayson ,  Sangram Kishore Lakkaraju ,  Shree N. Murthy

IPC: H04L12/46 ,  H04W76/16 ,  H04W76/12 ,  H04W76/11 ,  H04W8/08 ,  H04W60/00 ,  H04W80/02

Abstract: Techniques are described for integrating cellular access within an enterprise fabric. In one example, a method includes obtaining, by a cellular termination function via a cellular access point, a request from a client for data plane connectivity via a network, wherein the cellular access point is registered within the network and is in communication with a first switch of the network; obtaining, by the cellular termination function, cellular policy information and enterprise policy information for the client; obtaining, by the cellular termination function, an Internet Protocol (IP) address for the client; and establishing data plane connectivity for the client with the network via the cellular access point, the first switch of the network, and a second switch of the network based, at least in part, on the IP address for the client, wherein the second switch connects the network with one or more data networks.

公开(公告)号：US11283758B2

公开(公告)日：2022-03-22

申请号：US16989321

申请日：2020-08-10

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Bart A. Brinckman

IPC: G06F15/16 ,  H04L61/4511 ,  H04L29/06 ,  H04L61/58 ,  H04L61/4552

Abstract: Presented herein are techniques to facilitate OpenRoaming integration into a Wireless Roaming Intermediary Exchange (WRIX) data-clearing and financial-settlement architecture. In one example, a method is provided that may include querying, by an application endpoint, a Domain Name System (DNS) server to determine support for a service for a domain; and obtaining, by the application endpoint from the DNS server, an explicit indication that one of: the service is not supported for the domain; or the service is proprietary and is supported for the domain.

公开(公告)号：US20210314211A1

公开(公告)日：2021-10-07

申请号：US16875272

申请日：2020-05-15

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson

IPC: H04L12/24 ,  H04L29/06

Abstract: Presented herein are techniques to facilitate Third (3rd) Generation Partnership Project (3GPP) Plug and Play (PnP) operation in a hybrid Open Radio Access Network (O-RAN) architecture. In one example, a method is provided that may include establishing a first network configuration session between a first network entity and a second network entity using first network configuration session triggers, wherein the second network entity is identified in a list of known network entities; repeatedly transmitting second network configuration session triggers to establish a second network configuration session between the first network entity and a third network entity not identified in the list of known network entities; and upon establishing the second network configuration session between the first network entity and the third network entity not identified in the list of known network entities, stopping the transmitting of the second network configuration session triggers.

公开(公告)号：US20210218727A1

公开(公告)日：2021-07-15

申请号：US16742576

申请日：2020-01-14

Applicant: Cisco Technology, Inc.

Inventor： Malcolm Muir Smith ,  Bart Brinckman ,  Mark Grayson ,  Jerome Henry ,  Matthew Stephen MacPherson

IPC: H04L29/06 ,  H04W12/06

Abstract: The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.

公开(公告)号：US20210185506A1

公开(公告)日：2021-06-17

申请号：US16896399

申请日：2020-06-09

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Sangram Kishore Lakkaraju ,  Mark Grayson ,  Louis Gwyn Samuel ,  Timothy Peter Stammers

IPC: H04W8/04 ,  H04W8/26 ,  H04W12/04 ,  H04W12/06 ,  H04W8/18

Abstract: Techniques are described to provide for authentication and subscription management that are decoupled from a Home Subscriber Server (HSS). In one example, a method includes providing a device profile at an authentication function, wherein the device profile comprises identification information for a device for a plurality of access types including a first identifier for the device associated with a cellular access and a second identifier for the device associated with a wireless local area network access; obtaining an access request message associated with the device for the cellular access, wherein the access request message comprises the first identifier and an authentication attribute; generating authentication information for authenticating the device for the cellular access based, at least in part, on the authentication attribute; and generating, for transmission, an access accept message for the cellular access, wherein the access accept message comprises the first identifier, the second identifier, and the authentication information.

公开(公告)号：US11019564B2

公开(公告)日：2021-05-25

申请号：US16511879

申请日：2019-07-15

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Jerome Henry ,  Malcolm Muir Smith ,  Bart A. Brinckman

IPC: H04W4/00 ,  H04W48/20 ,  H04W8/08 ,  H04W84/12 ,  H04W84/04

Abstract: Roaming Consortium Identifier (RCOI)-based handling of identity requirements may be provided. First, an access device may advertise an identifier. The identifier may identify a roaming federation and an identity type used by a service provider in order to provide service by the access device. Next, a request to associate with the access device may be received from a user device. The request may be compliant with the identity type advertised in the identifier. The user device may then be associated with the access device in response to receiving the request.

公开(公告)号：US20210120000A1

公开(公告)日：2021-04-22

申请号：US17136426

申请日：2020-12-29

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Mark Grayson ,  Santosh Ramrao Patil ,  Jerome Henry ,  Bart Brinckman ,  Mark Allen Webb

IPC: H04L29/06 ,  H04W76/10 ,  H04W12/06 ,  H04W12/08

Abstract: Various implementations disclosed herein enable controlling access to networks. In various implementations, a method of controlling access to a network is performed by a computing device including one or more processors, and a non-transitory memory. In various implementations, the method includes obtaining an indication that a mobile device having access to a first network utilizing a first radio access technology (RAT) has requested access to a second network utilizing a second RAT. In some implementations, the method includes determining whether the access to the first network satisfies an authentication criterion associated with the second network. In some implementations, the method includes granting the mobile device access to the second network in response to determining that the access to the first network satisfies the authentication criterion associated with the second network. In some implementations, accessing the second network via the authentication criterion satisfies an operating threshold associated with the mobile device.

公开(公告)号：US20210076215A1

公开(公告)日：2021-03-11

申请号：US16561949

申请日：2019-09-05

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson

IPC: H04W12/08 ,  H04W12/06 ,  H04L29/12

Abstract: The present technology pertains to a system, method, and non-transitory computer-readable medium for confirming the identities of devices requesting roaming access on a network by authoritative identity providers and proxies for authoritative identity providers. The technology can, in response to a receipt of a request from a device for roaming access, connect to an identity entity at an address by a network access provider, wherein the request for roaming access identifies an authoritative identity provider host name; receive a certificate from the identity entity; and determine, using the certificate, whether the identity entity is an authoritative identity provider or a proxy for an authoritative identity provider.

公开(公告)号：US10911453B2

公开(公告)日：2021-02-02

申请号：US15854155

申请日：2017-12-26

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Mark Grayson ,  Santosh Ramrao Patil ,  Jerome Henry ,  Bart Brinckman ,  Mark Allen Webb

IPC: H04L29/06 ,  H04W76/10 ,  H04W12/06 ,  H04W12/08 ,  H04W88/10 ,  H04W88/06 ,  H04W36/14

Abstract: Various implementations disclosed herein enable controlling access to networks. In various implementations, a method of controlling access to a network is performed by a computing device including one or more processors, and a non-transitory memory. In various implementations, the method includes obtaining an indication that a mobile device having access to a first network utilizing a first radio access technology (RAT) has requested access to a second network utilizing a second RAT. In some implementations, the method includes determining whether the access to the first network satisfies an authentication criterion associated with the second network. In some implementations, the method includes granting the mobile device access to the second network in response to determining that the access to the first network satisfies the authentication criterion associated with the second network. In some implementations, accessing the second network via the authentication criterion satisfies an operating threshold associated with the mobile device.