知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

41 records (took 0.018 seconds)

    Group member recovery techniques
    31.
    发明授权
    Group member recovery techniques 有权
    小组成员恢复技术

    公开(公告)号:US09444796B2

    公开(公告)日:2016-09-13

    申请号:US14248399

    申请日:2014-04-09

    Applicant: Cisco Technology, Inc.

    Inventor: Lewis Chen Scott Fluhrer Warren Scott Wainner Brian Weis

    IPC: H04L29/06

    CPC classification number: H04L63/061 H04L63/0272 H04L63/0428 H04L63/06 H04L63/104

    Abstract: Techniques are presented for optimizing secure communications in a network. A first router receives from a second router an encrypted packet with an unknown security association. The first router examines the packet to determine whether the counter value is in a range of predicted counter values. Additionally, a key server is configured to provision routers that are part of a virtual private network. The key server selects a counter value that is part of a security association and calculates a key value. The key server sends the key value together with the security association to enable routers to exchange encrypted packets with each other in the virtual private network using the key value and the security association. The key server increments the counter value to a value within a range of counter values capable of being predicted by the routers.

    Abstract translation: 呈现技术来优化网络中的安全通信。 第一路由器从第二路由器接收具有未知安全关联的加密分组。 第一个路由器检查数据包,以确定计数器值是否在预测计数器值的范围内。 另外,密钥服务器被配置为配置作为虚拟专用网络一部分的路由器。 密钥服务器选择作为安全关联的一部分的计数器值,并计算密钥值。 密钥服务器将密钥值与安全关联一起发送,以使路由器能够使用密钥值和安全关联在虚拟专用网络中彼此交换加密的数据包。 密钥服务器将计数器值递增到可由路由器预测的计数器值范围内的值。

    Changing group member reachability information
    32.
    发明授权
    Changing group member reachability information 有权
    更改组成员可达性信息

    公开(公告)号:US09027114B2

    公开(公告)日:2015-05-05

    申请号:US13797595

    申请日:2013-03-12

    Applicant: Cisco Technology, Inc.

    Inventor: Aamer S. Akhter Rajiv Asati Brian Weis Mohamed Khalid

    IPC: H04L29/06 G06F15/16 H04L9/08 H04L29/12

    CPC classification number: H04L63/065 H04L9/0833 H04L9/0891 H04L61/2076 H04L63/0272 H04L63/0428

    Abstract: In an embodiment, a method comprises obtaining a second network address at a computer node, which has been already associated with a first network address and provided first keying information; sending, to a key server computer, an update message that comprises both the first network address and the second network address; using the first keying information to encrypt messages that the computer node sends from the second network address to one or more other members of a group.

    Abstract translation: 在一个实施例中,一种方法包括获得已经与第一网络地址相关联并提供第一密钥信息的计算机节点处的第二网络地址; 向密钥服务器计算机发送包括所述第一网络地址和所述第二网络地址的更新消息; 使用第一密钥信息将计算机节点从第二网络地址发送的消息加密到组的一个或多个其他成员。

    Control of network connected devices
    36.
    发明授权
    Control of network connected devices 有权

    公开(公告)号:US10778775B2

    公开(公告)日:2020-09-15

    申请号:US15333313

    申请日:2016-10-25

    Applicant: Cisco Technology, Inc.

    Inventor: Eliot Lear Brian Weis Mordechai Alon

    IPC: H04L29/08 H04L29/12 H04L29/06 H04L12/24

    Abstract: Presented herein are techniques in which one or more network devices can use information provided by a special purpose network connected device to retrieve a usage profile (i.e., configuration file) associated with the special purpose network connected device. The retrieved usage profile, which includes/describes preselected (predetermined) usage descriptions associated with the special purpose network connected device, can then be used to configure one or more network devices. For example, the predetermined usage descriptions associated with the special purpose network connected device can be instantiated and enforced at a network device or the predetermined usage descriptions can be used for auditing the special purpose network connected device (e.g., monitoring of traffic within the network).

    Traffic flow identifiers resistant to traffic analysis
    37.
    发明授权
    Traffic flow identifiers resistant to traffic analysis 有权

    公开(公告)号:US09686186B2

    公开(公告)日:2017-06-20

    申请号:US14693244

    申请日:2015-04-22

    Applicant: Cisco Technology, Inc.

    Inventor: Jose Liste Brian Weis

    IPC: H04W12/00 H04L12/721 H04L29/06

    CPC classification number: H04L45/38 H04L63/00 H04L63/0428 H04L63/10 H04L69/22

    Abstract: A network device receives packets for one or more traffic flows to be sent into a network. The network device computes a flow identifier for each of the one or more traffic flows based on information contained in one or more headers of the packets for each of the one or more traffic flows and based on at least one value that is changed on an ongoing basis. The packets for each of the one or more traffic flows are encrypted to produce encrypted packets for each of the one or more traffic flows. An encapsulation is added to the encrypted packets for the one or more traffic flows. The flow identifier is included in a field of the encapsulation for a corresponding traffic flow.

    GROUP MEMBER RECOVERY TECHNIQUES
    38.
    发明申请
    GROUP MEMBER RECOVERY TECHNIQUES 审中-公开
    集团会员恢复技术

    公开(公告)号:US20160344713A1

    公开(公告)日:2016-11-24

    申请号:US15230924

    申请日:2016-08-08

    Applicant: Cisco Technology, Inc.

    Inventor: Lewis Chen Scott Fluhrer Warren Scott Wainner Brian Weis

    IPC: H04L29/06

    CPC classification number: H04L63/061 H04L63/0272 H04L63/0428 H04L63/06 H04L63/104

    Abstract: Techniques are presented for optimizing secure communications in a network. As disclosed herein, a key server is configured to provision a plurality of routers that are part of a virtual private network. The key server selects a counter value that is part of a security association and calculates a key value. The key server sends the key value, together with the security association, to the plurality of routers that are part of the virtual private network to enable them to exchange encrypted packets with each other in the virtual private network using the key value and the security association. The key server then increments the counter value to a value within a range of counter values capable of being predicted by the plurality of routers that received the key value.

    Abstract translation: 呈现技术来优化网络中的安全通信。 如本文所公开的,密钥服务器被配置为提供作为虚拟专用网络的一部分的多个路由器。 密钥服务器选择作为安全关联的一部分的计数器值,并计算密钥值。 密钥服务器将密钥值与安全关联一起发送到作为虚拟专用网络的一部分的多个路由器,以使得它们能够使用密钥值和安全关联在虚拟专用网络中彼此交换加密的分组 。 然后,密钥服务器将计数器值递增到能够被接收到密钥值的多个路由器预测的计数器值的范围内的值。

    Nested independent virtual private networks with shared rekey and consistency services
    39.
    发明授权
    Nested independent virtual private networks with shared rekey and consistency services 有权
    具有共享密钥和一致性服务的嵌套独立虚拟专用网

    公开(公告)号:US09374340B2

    公开(公告)日:2016-06-21

    申请号:US14257047

    申请日:2014-04-21

    Applicant: Cisco Technology, Inc.

    Inventor: Hong Xu Brian Weis Jie Chu Sheela Rowles

    IPC: G06F21/00 H04L29/06

    CPC classification number: H04L63/0272 H04L63/062

    Abstract: First and second nested virtual private networks share a common rekey service. A first key server generates first cryptographic keys and policies for use by gateways of the VPN to encrypt and decrypt data packets. The key server establishes a connection with a second key server to generate second cryptographic keys and policies independently of the first key server for use by encryption units of a second VPN that is nested with and operates independently of the first VPN. The first key server refreshes the first cryptographic keys in the first VPN gateways using a common rekey service, and cooperates with the second key server to refresh the second cryptographic keys in the second VPN encryption units using the common rekey service.

    Abstract translation: 第一个和第二个嵌套的虚拟专用网络共享一个通用的重新密钥服务。 第一个密钥服务器生成第一个加密密钥和策略,供VPN的网关使用,加密和解密数据包。 密钥服务器建立与第二密钥服务器的连接,以独立于第一密钥服务器生成第二加密密钥和策略,以供第二VPN的加密单元使用,该第二VPN与第一VPN嵌套并独立于第一VPN运行。 第一密钥服务器使用公共密钥服务刷新第一VPN网关中的第一加密密钥,并且与第二密钥服务器协作以使用公用密钥服务来刷新第二VPN加密单元中的第二加密密钥。

    Nested Independent Virtual Private Networks With Shared Rekey And Consistency Services
    40.
    发明申请
    Nested Independent Virtual Private Networks With Shared Rekey And Consistency Services 有权
    具有共享密钥和一致性服务的嵌套独立虚拟专用网络

    公开(公告)号:US20150304282A1

    公开(公告)日:2015-10-22

    申请号:US14257047

    申请日:2014-04-21

    Applicant: Cisco Technology, Inc.

    Inventor: Hong Xu Brian Weis Jie Chu Sheela Rowles

    IPC: H04L29/06

    CPC classification number: H04L63/0272 H04L63/062

    Abstract: First and second nested virtual private networks share a common rekey service. A first key server generates first cryptographic keys and policies for use by gateways of the VPN to encrypt and decrypt data packets. The key server establishes a connection with a second key server to generate second cryptographic keys and policies independently of the first key server for use by encryption units of a second VPN that is nested with and operates independently of the first VPN. The first key server refreshes the first cryptographic keys in the first VPN gateways using a common rekey service, and cooperates with the second key server to refresh the second cryptographic keys in the second VPN encryption units using the common rekey service.

    Abstract translation: 第一个和第二个嵌套的虚拟专用网络共享一个通用的重新密钥服务。 第一个密钥服务器生成第一个加密密钥和策略,供VPN的网关使用,加密和解密数据包。 密钥服务器建立与第二密钥服务器的连接,以独立于第一密钥服务器生成第二加密密钥和策略,以供第二VPN的加密单元使用,该第二VPN与第一VPN嵌套并独立于第一VPN运行。 第一密钥服务器使用公共密钥服务刷新第一VPN网关中的第一加密密钥,并且与第二密钥服务器协作以使用公用密钥服务来刷新第二VPN加密单元中的第二加密密钥。

Patent Agency Ranking