公开(公告)号：US10686762B2

公开(公告)日：2020-06-16

申请号：US15375335

申请日：2016-12-12

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Aun Raza ,  Hazim Hashim Dahir ,  Salvatore Tarallo ,  Klaas Wierenga

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/14 ,  H04W4/70

Abstract: In one embodiment, a device in a network receives sensor data from one or more nodes in the network. The device selects a processing mode from among a plurality of processing modes based on a plurality of attributes of the sensor data. The plurality of processing modes comprises a fast data path mode and a slow data path mode. The device encrypts the sensor data using a first encryption mechanism that controls access to the plurality of attributes of the sensor data. The device sends the encrypted sensor data to a cloud-based intermediary based on the selected processing mode for sharing with one or more other devices in one or more other networks.

公开(公告)号：US20180316681A1

公开(公告)日：2018-11-01

申请号：US15498192

申请日：2017-04-26

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Haseeb Sarwar Niazi ,  Hazim Hashim Dahir ,  Aamer Saeed Akhter ,  Nancy Cam-Winget ,  Aun Raza

IPC: H04L29/06

CPC classification number: H04L63/101 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/102 ,  H04L63/20

Abstract: In one embodiment, a gateway device receives, from a centralized broker device, a data-access policy for a given computer network, the data-access policy defining which of one or more accessing entities are granted access to specific elements of data within the given computer network. When the gateway device then receives, from a particular accessing entity, a request for one or more particular elements of data from within the given computer network, it may determine, based on the data-access policy, whether the particular accessing entity has been granted access to each of the one or more particular elements of data of the request. As such, the gateway device may prevent access for the particular accessing entity to any of the one or more particular elements of the data request to which the particular accessing entity has not been granted access.

公开(公告)号：US11411957B2

公开(公告)日：2022-08-09

申请号：US16895548

申请日：2020-06-08

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Haseeb Sarwar Niazi ,  Hazim Hashim Dahir ,  Aamer Saeed Akhter ,  Nancy Cam-Winget ,  Aun Raza

IPC: H04L9/40

Abstract: In one embodiment, a gateway device receives, from a centralized broker device, a data-access policy for a given computer network, the data-access policy defining which of one or more accessing entities are granted access to specific elements of data within the given computer network. When the gateway device then receives, from a particular accessing entity, a request for one or more particular elements of data from within the given computer network, it may determine, based on the data-access policy, whether the particular accessing entity has been granted access to each of the one or more particular elements of data of the request. As such, the gateway device may prevent access for the particular accessing entity to any of the one or more particular elements of the data request to which the particular accessing entity has not been granted access.

公开(公告)号：US10693878B2

公开(公告)日：2020-06-23

申请号：US15498192

申请日：2017-04-26

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Haseeb Sarwar Niazi ,  Hazim Hashim Dahir ,  Aamer Saeed Akhter ,  Nancy Cam-Winget ,  Aun Raza

IPC: H04L29/06

Abstract: In one embodiment, a gateway device receives, from a centralized broker device, a data-access policy for a given computer network, the data-access policy defining which of one or more accessing entities are granted access to specific elements of data within the given computer network. When the gateway device then receives, from a particular accessing entity, a request for one or more particular elements of data from within the given computer network, it may determine, based on the data-access policy, whether the particular accessing entity has been granted access to each of the one or more particular elements of data of the request. As such, the gateway device may prevent access for the particular accessing entity to any of the one or more particular elements of the data request to which the particular accessing entity has not been granted access.

公开(公告)号：US20200304506A1

公开(公告)日：2020-09-24

申请号：US16895548

申请日：2020-06-08

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Haseeb Sarwar Niazi ,  Hazim Hashim Dahir ,  Aamer Saeed Akhter ,  Nancy Cam-Winget ,  Aun Raza

IPC: H04L29/06

Abstract: In one embodiment, a gateway device receives, from a centralized broker device, a data-access policy for a given computer network, the data-access policy defining which of one or more accessing entities are granted access to specific elements of data within the given computer network. When the gateway device then receives, from a particular accessing entity, a request for one or more particular elements of data from within the given computer network, it may determine, based on the data-access policy, whether the particular accessing entity has been granted access to each of the one or more particular elements of data of the request. As such, the gateway device may prevent access for the particular accessing entity to any of the one or more particular elements of the data request to which the particular accessing entity has not been granted access.

公开(公告)号：US10693720B2

公开(公告)日：2020-06-23

申请号：US15482955

申请日：2017-04-10

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Aun Raza ,  Erum Frahim

IPC: H04L12/24 ,  H04L29/08

Abstract: In one embodiment, a computing device groups a plurality of devices into update clusters based at least on their connectivity layout, and divides update data into a plurality of update portions, distributing the plurality of update portions to a plurality of selected redistribution devices in the particular cluster (each receiving one or more of the portions). The computing device notifies devices in the particular cluster (that can use the update data) of the plurality of selected redistribution devices along with which particular update portions are available from each of the plurality of selected redistribution devices. This therefore causes (or allows) the devices needing an update to i) download needed update portions of the plurality of update portions from the redistribution devices, ii) combine all of the plurality of update portions into the update data, and iii) perform an update using the combined update data.

公开(公告)号：US20180295016A1

公开(公告)日：2018-10-11

申请号：US15482955

申请日：2017-04-10

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Aun Raza ,  Erum Frahim

IPC: H04L12/24 ,  H04L12/26 ,  H04L29/08

CPC classification number: H04L41/082 ,  H04L41/0893 ,  H04L41/12 ,  H04L67/12 ,  H04L67/34

Abstract: In one embodiment, a computing device groups a plurality of devices into update clusters based at least on their connectivity layout, and divides update data into a plurality of update portions, distributing the plurality of update portions to a plurality of selected redistribution devices in the particular cluster (each receiving one or more of the portions). The computing device notifies devices in the particular cluster (that can use the update data) of the plurality of selected redistribution devices along with which particular update portions are available from each of the plurality of selected redistribution devices. This therefore causes (or allows) the devices needing an update to i) download needed update portions of the plurality of update portions from the redistribution devices, ii) combine all of the plurality of update portions into the update data, and iii) perform an update using the combined update data.

公开(公告)号：US20180167370A1

公开(公告)日：2018-06-14

申请号：US15375335

申请日：2016-12-12

Applicant: Cisco Technology, Inc.

Inventor： Jazib Frahim ,  Aun Raza ,  Hazim Hashim Dahir ,  Salvatore Tarallo ,  Klaas Wierenga

IPC: H04L29/06 ,  H04L9/14 ,  H04L9/30 ,  H04L9/08 ,  H04L29/08

Abstract: In one embodiment, a device in a network receives sensor data from one or more nodes in the network. The device selects a processing mode from among a plurality of processing modes based on a plurality of attributes of the sensor data. The plurality of processing modes comprises a fast data path mode and a slow data path mode. The device encrypts the sensor data using a first encryption mechanism that controls access to the plurality of attributes of the sensor data. The device sends the encrypted sensor data to a cloud-based intermediary based on the selected processing mode for sharing with one or more other devices in one or more other networks.