公开(公告)号：US20150042792A1

公开(公告)日：2015-02-12

申请号：US13961991

申请日：2013-08-08

Applicant: Cisco Technology, Inc.

Inventor： Mark Krischer ,  Tom Koenig ,  Nancy Cam-Winget

IPC: H04L12/26 ,  H04N7/18

CPC classification number: H04L43/16 ,  H04L61/2015 ,  H04L63/1458 ,  H04L2463/141 ,  H04N7/18 ,  H04W12/12

Abstract: In an example embodiment, there is described herein a location based detection technique that determines whether multiple requests from different addresses, such as a Layer 2 MAC (Media Access Control) address and/or layer 3 IP (Internet Protocol) address are being sent form a single device. In particular embodiments, if the device sends more than a predefined threshold number of requests, those requests can be ignored and/or denied.

Abstract translation: 在示例实施例中，这里描述了基于位置的检测技术，其确定是否正在从诸如第2层MAC（媒体访问控制）地址和/或第3层IP（因特网协议）地址的不同地址的多个请求形式 单一设备。 在特定实施例中，如果设备发送超过预定义的阈值数量的请求，则可以忽略和/或拒绝那些请求。

公开(公告)号：US20140122242A1

公开(公告)日：2014-05-01

申请号：US14034819

申请日：2013-09-24

Applicant: Cisco Technology, Inc.

Inventor： David Stephenson ,  Esteban Raul Torres ,  Joseph Salowey ,  Chetin Ersoy ,  Nancy Cam-Winget

IPC: G06Q30/02

CPC classification number: G06Q30/0267 ,  G06Q30/0241 ,  H04L63/0823 ,  H04L63/12 ,  H04L63/1441 ,  H04W4/21 ,  H04W4/23 ,  H04W12/10 ,  H04W12/12 ,  H04W48/14

Abstract: In an example embodiment, an apparatus comprising a transceiver configured to send and receive data and logic coupled to the transceiver. The logic is configured to determine from a signal received by the transceiver whether an associated device sending the signal supports a protocol for advertising available services. The logic is configured to send a request for available services from the associated device via the transceiver responsive to determining the associated device supports the protocol. The logic is configured to receive a response to the request via the transceiver, the response comprising at least one service advertisement and a signature. The logic is configured to validate the response by confirming the signature.

Abstract translation: 在示例实施例中，一种包括收发器的装置，其被配置为发送和接收耦合到收发器的数据和逻辑。 该逻辑被配置为根据收发机接收的信号确定发送信号的相关设备是否支持用于广告可用服务的协议。 逻辑被配置为响应于确定相关联的设备支持协议，经由收发机从相关联的设备发送可用服务的请求。 逻辑被配置为经由收发器接收对请求的响应，该响应包括至少一个服务广告和签名。 该逻辑被配置为通过确认签名来验证响应。

公开(公告)号：US20240297887A1

公开(公告)日：2024-09-05

申请号：US18177502

申请日：2023-03-02

Applicant: Cisco Technology, Inc.

Inventor： Shayne Miel ,  Josh Matz ,  Nancy Cam-Winget ,  Joshua Terry ,  Brian Lindauer ,  David William Matteson ,  Jen Bammel ,  Courtney Irwin

IPC: H04L9/40

CPC classification number: H04L63/108 ,  H04L63/0876 ,  H04L63/105

Abstract: The present technology provides for receiving communications at an authentication service, and the communication is indicative of a change in a security posture of an authenticated session between a user device and a secure service. The authentication service can then determine that the change in the security posture of the authenticated session impacts the trust level associated with the user device and causes the trust level to fall below the threshold. The authentication service can then send an enforcement signal to a security agent on a network device that provides remedial actions that a user can undertake to improve the security posture of the authenticated session.

公开(公告)号：US11483292B2

公开(公告)日：2022-10-25

申请号：US17116111

申请日：2020-12-09

Applicant: Cisco Technology, Inc.

Inventor： Jianxin Wang ,  Prashanth Patil ,  Flemming Andreasen ,  Nancy Cam-Winget ,  Hari Shankar

IPC: H04L9/40

Abstract: Techniques are presented herein for engagement and disengagement of Transport Layer Security proxy services with encrypted handshaking. In one embodiment, a first initial message of a first encrypted handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message includes first key exchange information for encrypting the first encrypted handshaking procedure. A copy of the first initial message is stored at the proxy device. A second initial message of a second encrypted handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. The second initial message includes second key exchange information for encrypting the second encrypted handshaking procedure. The proxy device determines, based on the second encrypted handshaking procedure, whether to remain engaged or to disengage.

公开(公告)号：US11470105B2

公开(公告)日：2022-10-11

申请号：US16721513

申请日：2019-12-19

Applicant: Cisco Technology, Inc.

Inventor： David Delano Ward ,  Nancy Cam-Winget ,  Eric Voit ,  Jesse Daniel Backman

IPC: G06F21/57 ,  G06F21/70 ,  H04L9/40

Abstract: Systems, methods, and computer-readable media for assessing reliability and trustworthiness of devices across domains. Attestation information for an attester node in a first domain is received at a verifier gateway in the first domain. The attestation information is translated at the verifier gateway into translated attestation information for a second domain. Specifically, the attestation information is translated into translated attested information for a second domain that is a different administrative domain from the first domain. The translated attestation information can be provided to a verifier in the second domain. The verifier can be configured to verify the trustworthiness of the attester node for a relying node in the second domain by identifying a level of trust of the attester node based on the translated attestation information.

公开(公告)号：US11110895B2

公开(公告)日：2021-09-07

申请号：US15948134

申请日：2018-04-09

Applicant: Cisco Technology, Inc.

Inventor： David A. Maluf ,  Nancy Cam-Winget ,  Andrew Michael McPhee

IPC: B60R25/34 ,  G06N5/04 ,  B60R25/104 ,  B60R25/10 ,  G06F30/20 ,  H04L12/40

Abstract: In one embodiment, a processor of a vehicle predicts a state of the vehicle using a behavioral model. The model is configured to predict the state based in part on one or more state variables that are available from one or more sub-systems of the vehicle and indicative of one or more physical characteristics of the vehicle. The processor computes a representation of a difference between the predicted state of the vehicle and a measured state of the vehicle indicated by one or more state variables available from the one or more sub-systems of the vehicle. The processor detects a malicious intrusion of the vehicle based on the computed representation of the difference between the predicted and measured states of the vehicle exceeding a defined threshold. The processor initiates performance of a mitigation action for the detected intrusion, in response to detecting the malicious intrusion of the vehicle.

公开(公告)号：US10911409B2

公开(公告)日：2021-02-02

申请号：US15984637

申请日：2018-05-21

Applicant: Cisco Technology, Inc.

Inventor： Jianxin Wang ,  Prashanth Patil ,  Flemming Andreasen ,  Nancy Cam-Winget ,  Hari Shankar

IPC: H04L29/06

Abstract: Techniques are presented herein for engagement and disengagement of Transport Layer Security proxy services with encrypted handshaking. In one embodiment, a first initial message of a first encrypted handshaking procedure for a first secure communication session between a first device and a second device is intercepted at a proxy device. The first initial message includes first key exchange information for encrypting the first encrypted handshaking procedure. A copy of the first initial message is stored at the proxy device. A second initial message of a second encrypted handshaking procedure for a second secure communication session between the proxy device and the second device is sent from the proxy device to the second device. The second initial message includes second key exchange information for encrypting the second encrypted handshaking procedure. The proxy device determines, based on the second encrypted handshaking procedure, whether to remain engaged or to disengage.

公开(公告)号：US10853499B2

公开(公告)日：2020-12-01

申请号：US15949560

申请日：2018-04-10

Applicant: Cisco Technology, Inc.

Inventor： David A. Maluf ,  Raghuram S. Sudhaakar ,  Nancy Cam-Winget

IPC: G06F21/57 ,  G06N20/00 ,  G06F21/55

Abstract: In one example embodiment, a network-connected device provides or obtains one or more computer network communications protected by a key. The network-connected device determines a count of the one or more computer network communications according to one or more properties of the one or more computer network communications. Based on the count of the one or more computer network communications, the network-connected device computes an information entropy of the key. Based on the information entropy of the key, the network-connected device dynamically generates a predicted threat level of the key.

公开(公告)号：US10785809B1

公开(公告)日：2020-09-22

申请号：US15383442

申请日：2016-12-19

Applicant: Cisco Technology, Inc.

Inventor： Pascal Thubert ,  Max Pritikin ,  Eliot Lear ,  Toerless Eckert ,  Nancy Cam-Winget ,  Brian E. Weis

IPC: H04W76/10 ,  H04W40/24 ,  H04L29/08

Abstract: In one embodiment, a device in a network receives node information regarding a plurality of nodes that are to join the network. The device determines network formation parameters based on the received node information. The network formation parameters are indicative of a network join schedule and join location for a particular node from the plurality of nodes. The device generates, according to the network join schedule, a join invitation for the particular node based on the network formation parameters. The join invitation allows the particular node to attempt joining the network at the join location via a specified access point. The device causes the sending of one or more beacons via the network that include the join invitation to the particular node. The particular node attempts to join the network via the specified access point based on the one or more beacons.

公开(公告)号：US20200014696A1

公开(公告)日：2020-01-09

申请号：US16572995

申请日：2019-09-17

Applicant: Cisco Technology, Inc.

Inventor： Xuechen Yang ,  Nancy Cam-Winget

IPC: H04L29/06

Abstract: In one embodiment, functionality is disclosed for commissioning a target device based, at least in part, on providing identifying information that identifies a target device, where that identifying information is configured to be included in a request for authorization to commission the target device, and that request for authorization to commission the target device comprises one or more requested commissioning actions; receiving a commissioning authorization, where the commissioning authorization comprises information regarding one or more authorized commissioning actions for which a license is available, where the one or more authorized commissioning actions were selected from among the one or more requested commissioning actions; and performing the one or more authorized commissioning actions.