公开(公告)号：US11350279B2

公开(公告)日：2022-05-31

申请号：US16866166

申请日：2020-05-04

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Desmond Joseph O'Connor ,  Malcolm Muir Smith ,  Bart Brinckman

IPC: H04W12/08 ,  H04W12/06 ,  H04W12/084 ,  H04L9/40

Abstract: In one embodiment, a method for providing access to wireless networks may include receiving, by a wireless network access provider from a user device, a request to access a wireless network. The method may include obtaining data representing a policy applicable to the access request, sending the access request, augmented with the policy, to an identity provider associated with the user and having no pre-existing relationship with the access provider, and receiving, from the identity provider, an access request response indicating whether or not the policy is met. The method may include communicating, to the wireless device, an indication that the access request has been accepted, if the policy is met, or an indication that the access request has been rejected, if the policy is not met. The access provider and identity provider may be members of an identity and access federation that communicate over a dynamically established secure connection.

公开(公告)号：US20220167160A1

公开(公告)日：2022-05-26

申请号：US17492045

申请日：2021-10-01

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Bart A. Brinckman ,  Srinath Gundavelli

IPC: H04W12/06 ,  H04L29/06 ,  H04W12/71 ,  H04W48/20

Abstract: A method is provided that includes obtaining an access request for a device to access a visited access network, the access request including an authentication identifier for the device including an identity for the device and a realm comprising a network identifying portion; determining a re-write rule for the realm by querying a database based on an identity type of the device and the network identifying portion of the realm, the database including a plurality of re-write rules for a plurality of networks and a plurality of identity types; re-writing the realm based on the re-write rule using the identity for the device to generate a re-written realm; obtaining, based on the re-written realm, an address for an authentication server of an identity provider associated with the device; and performing an authentication with the authentication server using the authentication identifier to authenticate the device for the visited access network.

公开(公告)号：US20220124850A1

公开(公告)日：2022-04-21

申请号：US17072215

申请日：2020-10-16

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Mark Grayson ,  Louis Gwyn Samuel ,  Oliver James Bull

IPC: H04W76/15 ,  H04L29/12 ,  H04L12/813 ,  H04L12/815

Abstract: Presented herein are techniques to facilitate extending a multiple access Protocol Data Unit (PDU) session and Access Traffic Steering, Switching, and Splitting Low-Layer (ATSSS-LL) policies to an enterprise network. In one example, a method may include obtaining a request for an ATSSS-LL policy for a user equipment (UE) for establishing a multiple access protocol data unit session for the UE via a wireless wide area access network for an enterprise network; and providing to the UE one or more ATSSS-LL rules for the ATSSS-LL policy, an Internet Protocol (IP) address for the multiple access protocol data unit session for the UE, and an identifier for the multiple access protocol data unit session for the UE in which the IP address is utilized for a wireless local area access network connection for the UE established via a wireless local area access network of the enterprise network.

公开(公告)号：US20220070652A1

公开(公告)日：2022-03-03

申请号：US17315581

申请日：2021-05-10

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Timothy Peter Stammers

IPC: H04W8/12 ,  H04W8/28 ,  H04W8/20

Abstract: Presented herein are techniques associated with replicating an OpenRoaming™ policy federation in a Third Generation Partnership Project (3GPP) network environment. For example, techniques herein provide a roaming policy federation architecture for a 3GPP network environment. In one example a method is provided that may include encoding a multi-bit roaming policy for an identity provider within a plurality of multi-bit 3GPP broadcast identifiers in which the multi-bit roaming policy includes bit-wise roaming policy information for the identity provider. The method may further include configuring the plurality of multi-bit 3GPP broadcast identifiers for a mobile device associated with the identity provider. In one instance, detecting, by the mobile device, at least one multi-bit 3GPP broadcast identifier of the plurality of multi-bit broadcasting identifiers being broadcast by a visited radio access network triggers the mobile device to perform an authentication with the identity provider.

公开(公告)号：US11233691B2

公开(公告)日：2022-01-25

申请号：US16875272

申请日：2020-05-15

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson

IPC: G06F15/173 ,  H04L12/24 ,  H04L29/06 ,  G06F15/16

Abstract: Presented herein are techniques to facilitate Third (3rd) Generation Partnership Project (3GPP) Plug and Play (PnP) operation in a hybrid Open Radio Access Network (O-RAN) architecture. In one example, a method is provided that may include establishing a first network configuration session between a first network entity and a second network entity using first network configuration session triggers, wherein the second network entity is identified in a list of known network entities; repeatedly transmitting second network configuration session triggers to establish a second network configuration session between the first network entity and a third network entity not identified in the list of known network entities; and upon establishing the second network configuration session between the first network entity and the third network entity not identified in the list of known network entities, stopping the transmitting of the second network configuration session triggers.

公开(公告)号：US11218462B2

公开(公告)日：2022-01-04

申请号：US16178553

申请日：2018-11-01

Applicant: Cisco Technology, Inc.

Inventor： Swaminathan Anantha ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal ,  Mark Grayson ,  Sourav Chakraborty

IPC: H04L29/06 ,  H04W12/06 ,  H04W88/16 ,  H04W16/14

Abstract: A method is performed at a gateway device including one or more processors and a non-transitory memory. The method includes, receiving, from a first wireless network, a first get authentication token request, where the first get authentication token request includes network information of a second wireless network and information of a first user equipment (UE). The method further includes forwarding the first get authentication token request to the second wireless network in response to receiving the first get authentication token request. The method additionally includes receiving a first authentication token from the second wireless network. The method also includes forwarding the first authentication token to the first UE via the first wireless network in order to associate the first UE with the second wireless network.

公开(公告)号：US11159977B2

公开(公告)日：2021-10-26

申请号：US16721618

申请日：2019-12-19

Applicant: Cisco Technology, Inc.

Inventor： Mark Grayson ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal ,  Kedar K. Gaonkar

IPC: H04W28/02 ,  H04W24/02 ,  H04L12/26 ,  H04W24/08 ,  H04W88/08 ,  H04W84/04

Abstract: A method of controlling performance of a wireless device is performed by a node that is in electronic communication with a cellular network. The node includes a processor, a non-transitory memory, and a network interface. The method includes receiving a performance value characterizing a performance of a communication channel between a wireless device and a wireless access point. In some implementations, the wireless device and the cellular network are associated with different radio access technologies (RATs). The method includes determining whether the performance value breaches a performance criterion for the wireless device. The method includes adjusting a first amount of data transmitted to the wireless device from a base station of the cellular network and a second amount of data transmitted to the wireless device from the wireless access point. In some implementations, the combined first and second amounts of data satisfy the performance criterion for the wireless device.

公开(公告)号：US20210320876A1

公开(公告)日：2021-10-14

申请号：US17324910

申请日：2021-05-19

Applicant: Cisco Technology, Inc.

Inventor： Gangadharan Byju Pularikkal ,  Santosh Ramrao Patil ,  Mark Grayson ,  Swaminathan Anantha ,  Sourav Chakraborty

IPC: H04L12/857 ,  H04L12/725 ,  H04L12/927 ,  H04L29/06

Abstract: Systems, methods, and devices are disclosed for providing a quality of service between nodes. A service provider can receive, from a first node of a customer network to an ingress node of a service provider network, packets bound for a second node on the customer network that is remote from the first node. The packets are mapped to a network segment according to a traffic type based on an identifier associated with the packets that identifies the traffic type of the packets. The packets are sent via their mapped network segment to an egress node with connectivity to the second node of the customer network according to a quality of service associated with the traffic type identified by the identifier.

公开(公告)号：US20210306853A1

公开(公告)日：2021-09-30

申请号：US16934075

申请日：2020-07-21

Applicant: Cisco Technology, Inc.

Inventor： Srinath Gundavelli ,  Indermeet Singh Gandhi ,  Oliver James Bull ,  Louis Gwyn Samuel ,  Mark Grayson

IPC: H04W12/06 ,  H04W36/14 ,  H04W60/04 ,  H04W12/08 ,  H04W12/04

Abstract: Presented herein are techniques to facilitate fast roaming between a mobile network operator-public (MNO-public) wireless wide area (WWA) access network and an enterprise private WWA access network. In one example, a method is provided that may include generating, by an authentication node, authentication material for a user equipment (UE) based on the UE being connected to a public WWA access network, wherein the public WWA access network is associated with a mobile network operator, and the authentication node and the UE are associated with an enterprise entity; obtaining, by the authentication node, an indication that the UE is attempting to access a private WWA access network associated with the enterprise entity; and providing, by the authentication node, the authentication material for the UE, wherein the authentication material facilitates connection establishment between the UE and the private WWA access network.

公开(公告)号：US11089602B2

公开(公告)日：2021-08-10

申请号：US16569416

申请日：2019-09-12

Applicant: Cisco Technology, Inc.

Inventor： Akram Sheriff ,  Santosh Ramrao Patil ,  Gangadharan Byju Pularikkal ,  Mark Grayson

IPC: H04W72/08 ,  H04W76/10 ,  H04W8/08 ,  H04W24/10 ,  H04W84/18 ,  H04W92/20

Abstract: Systems, methods, and computer-readable media for radio resource management in a Citizens Broadband Radio Service (CBRS) network include one or more CBRS devices (CBSDs) which can obtain a group type associated with the CBSDs and their associated Radio Environment Map (REM) reports of one or more frequency channels of the CBRS network. The group type and the REM reports may be provided to a Self-Organizing Network (SON) manager of the CBRS network, where the SON manager may determine and provide to the CBSDs, one or more of a channel utilization information, transmission power, or mobility load management information for the CBSD, based on the group type and the REM reports.