公开(公告)号：US11483750B1

公开(公告)日：2022-10-25

申请号：US17224621

申请日：2021-04-07

Applicant: Cisco Technology, Inc.

Inventor： Anal Srivastava ,  Srinath Gundavelli ,  Oliver James Bull ,  Vimal Srivastava

IPC: H04W36/22 ,  H04W36/30 ,  H04W28/02 ,  H04W48/16 ,  H04W28/12 ,  H04W8/08 ,  H04W76/12

Abstract: An enterprise private network includes a simplified Third Generation Partnership Project (3GPP) core architecture for interworking between an Evolved Packet System (EPS) and a Fifth Generation (5G) system (5GS). The architecture includes an Evolved Packet Core (EPC) control plane (CP) (EPC CP) unit and a 5G core (5GC) CP (5GC CP) unit. The 5GC CP unit receives, from the EPC CP unit via an N26 interface, a message indicating a forward relocation request responsive to an indication of a handover of a Packet Data Network (PDN) connection at a user plane node from the EPS to the 5GS. The 5GC CP node establishes a Protocol Data Unit (PDU) session corresponding to the PDN connection based on PDN connection information in the message, which includes establishing a Quality of Service (QoS) Flow corresponding to an EPS bearer, and manages the PDU session at the user plane node.

公开(公告)号：US20220330122A1

公开(公告)日：2022-10-13

申请号：US17224621

申请日：2021-04-07

Applicant: Cisco Technology, Inc.

Inventor： Anal Srivastava ,  Srinath Gundavelli ,  Oliver James Bull ,  Vimal Srivastava

IPC: H04W36/22 ,  H04W36/30 ,  H04W28/02 ,  H04W76/12 ,  H04W28/12 ,  H04W8/08 ,  H04W48/16

Abstract: An enterprise private network includes a simplified Third Generation Partnership Project (3GPP) core architecture for interworking between an Evolved Packet System (EPS) and a Fifth Generation (5G) system (5GS). The architecture includes an Evolved Packet Core (EPC) control plane (CP) (EPC CP) unit and a 5G core (5GC) CP (5GC CP) unit. The 5GC CP unit receives, from the EPC CP unit via an N26 interface, a message indicating a forward relocation request responsive to an indication of a handover of a Packet Data Network (PDN) connection at a user plane node from the EPS to the 5GS. The 5GC CP node establishes a Protocol Data Unit (PDU) session corresponding to the PDN connection based on PDN connection information in the message, which includes establishing a Quality of Service (QoS) Flow corresponding to an EPS bearer, and manages the PDU session at the user plane node.

公开(公告)号：US20220321556A1

公开(公告)日：2022-10-06

申请号：US17218602

申请日：2021-03-31

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Gandhi ,  Srinath Gundavelli ,  Pradeep Kumar Kathail

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/30 ,  G06F21/60 ,  H04W12/08

Abstract: This disclosure describes techniques for authentication related to verification of identity for network access. The techniques may include sending a challenge associated with authentication to a network to a mobile device. In response to sending the challenge, the techniques may include receiving a challenge response from the mobile device. The challenge response may include biometric credential information associated with a user of the mobile device. The challenge response may also include an indication of an authorization assertion associated with the authentication to the network. In some examples, the techniques may include tailoring access to the network for the mobile device based on the biometric credential information.

公开(公告)号：US20220167160A1

公开(公告)日：2022-05-26

申请号：US17492045

申请日：2021-10-01

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Bart A. Brinckman ,  Srinath Gundavelli

IPC: H04W12/06 ,  H04L29/06 ,  H04W12/71 ,  H04W48/20

Abstract: A method is provided that includes obtaining an access request for a device to access a visited access network, the access request including an authentication identifier for the device including an identity for the device and a realm comprising a network identifying portion; determining a re-write rule for the realm by querying a database based on an identity type of the device and the network identifying portion of the realm, the database including a plurality of re-write rules for a plurality of networks and a plurality of identity types; re-writing the realm based on the re-write rule using the identity for the device to generate a re-written realm; obtaining, based on the re-written realm, an address for an authentication server of an identity provider associated with the device; and performing an authentication with the authentication server using the authentication identifier to authenticate the device for the visited access network.

公开(公告)号：US20220159459A1

公开(公告)日：2022-05-19

申请号：US17590440

申请日：2022-02-01

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Dhananjay Shrikrishna Patki ,  Brian Weis ,  Pradeep Kathail

IPC: H04W12/06 ,  H04L9/40

Abstract: Multiple authenticated identities for a single wireless association may be provided. First, an Access Point (AP) may provide an association with a client device. The AP may then establish, on the association, a first authenticated session for the client device based on a first media access control (MAC) address and a first identity. Next, the AP may establish, on same the association, a second authenticated session for the client device based on a second MAC address and a second identity.

公开(公告)号：US20220124850A1

公开(公告)日：2022-04-21

申请号：US17072215

申请日：2020-10-16

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Mark Grayson ,  Louis Gwyn Samuel ,  Oliver James Bull

IPC: H04W76/15 ,  H04L29/12 ,  H04L12/813 ,  H04L12/815

Abstract: Presented herein are techniques to facilitate extending a multiple access Protocol Data Unit (PDU) session and Access Traffic Steering, Switching, and Splitting Low-Layer (ATSSS-LL) policies to an enterprise network. In one example, a method may include obtaining a request for an ATSSS-LL policy for a user equipment (UE) for establishing a multiple access protocol data unit session for the UE via a wireless wide area access network for an enterprise network; and providing to the UE one or more ATSSS-LL rules for the ATSSS-LL policy, an Internet Protocol (IP) address for the multiple access protocol data unit session for the UE, and an identifier for the multiple access protocol data unit session for the UE in which the IP address is utilized for a wireless local area access network connection for the UE established via a wireless local area access network of the enterprise network.

公开(公告)号：US11284271B2

公开(公告)日：2022-03-22

申请号：US16713181

申请日：2019-12-13

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Vimal Srivastava ,  Sudhir Kumar Jain

IPC: H04W16/14 ,  H04W12/069 ,  H04L101/375 ,  H04L101/654 ,  H04W84/12

Abstract: Methods are provided for extending sponsored Wi-Fi guest access capability to other enterprise tools and/or access technologies such as private access networks including private LTE and 5G networks. The methods include a controller detecting a user equipment (UE) that is connected to a guest access service provided by a wireless local access network (WLAN) and generating a profile for the guest access service. The methods further include the controller providing, to the UE, the profile to cause the UE to connect to the guest access service provided by another access network.

公开(公告)号：US20220060893A1

公开(公告)日：2022-02-24

申请号：US17101071

申请日：2020-11-23

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Timothy Peter Stammers ,  Vimal Srivastava

IPC: H04W12/06 ,  H04W12/04

Abstract: Presented herein are techniques to facilitate delivering standalone non-public network (SNPN) credentials from an enterprise authentication server to a user equipment (UE) using an Extensible Authentication Protocol (EAP) process. In one example, a method may include determining, by an authentication server of an enterprise, that a UE for the enterprise is to receive credentials to enable the UE to connect to a SNPN of the enterprise in which the determining is performed based, at least in part, on connection of the UE to an access network that is different than the SNPN for the enterprise; and performing an authentication process with the UE by the authentication server in which the authentication process includes providing the credentials to the UE via a first authentication message and obtaining confirmation from the UE via a second authentication message that indicates successful provisioning of the credentials for the UE.

公开(公告)号：US11258540B2

公开(公告)日：2022-02-22

申请号：US16516776

申请日：2019-07-19

Applicant: Cisco Technology, Inc.

Inventor： Vimal Srivastava ,  Srinath Gundavelli

IPC: H04L1/00 ,  H04W76/11 ,  H04W4/40 ,  H04W28/04 ,  H04W72/14

Abstract: Techniques are described to provide ultra-reliability for cellular vehicle-to-everything (C-V2X) PC5 communications, including Network Assisted mode and Autonomous mode communications. In one example, a method includes receiving, by a radio unit of a system, a communication from a user equipment, such as a V2X-UE, wherein the communication comprises a data packet, a Layer 2 destination identifier, and an indication that the data packet is associated with a transmission type; determining whether transmission for the data packet is allowed for the transmission type; based on determining that transmission for the data packet is allowed for the transmission type, communicating a response to the UE, wherein the response provides a confirmation to the UE that the data packet was received by the radio unit and that the transmission type can be performed by the radio unit; and transmitting, by the radio unit, the data packet to one or more other UEs.

公开(公告)号：US20220014900A1

公开(公告)日：2022-01-13

申请号：US16925746

申请日：2020-07-10

Applicant: Cisco Technology, Inc.

Inventor： Indermeet Singh Gandhi ,  Srinath Gundavelli ,  Timothy Peter Stammers ,  Pradeep Kumar Kathail

IPC: H04W8/20 ,  H04W8/22 ,  H04W12/06

Abstract: Presented herein are techniques to facilitate electronic profile management by an enterprise entity in which the enterprise entity can utilize an enterprise infrastructure to provision one or more electronic profiles for one or more enterprise device(s). In one example, a method is provided that may include determining, by a management node of an enterprise network, whether a user equipment (UE) supports an electronic profile capability and a wireless wide area access network connectivity capability; and based on determining that the UE supports the electronic profile capability and the wireless wide area access network connectivity capability, providing, by the management node, at least one electronic profile to the UE via a wireless local area access network of the enterprise network, wherein the at least one electronic profile enables the UE to connect to at least one wireless wide area access network of the enterprise network.