公开(公告)号：US20190149538A1

公开(公告)日：2019-05-16

申请号：US15946003

申请日：2018-04-05

Applicant: Cisco Technology, Inc.

Inventor： Owen Brendan Friel ,  Max Pritikin ,  Cullen Jennings ,  Richard Lee Barnes, II

IPC: H04L29/06

Abstract: A method includes establishing an application layer transport layer security (ATLS) connection between a network device and a cloud server by sending, from the network device, TLS records in transport protocol (e.g., HTTP) message bodies to the cloud server, the ATLS connection transiting at least one transport layer security (TLS) proxy device, receiving, from the cloud server via the ATLS connection, an identifier for a certificate authority, establishing a connection with the certificate authority associated with the identifier and, in turn, receiving from the certificate authority credentials to access an application service different from the cloud server and the certificate authority, and connecting to the application service using the credentials received from the certificate authority.

公开(公告)号：US09054922B2

公开(公告)日：2015-06-09

申请号：US13754220

申请日：2013-01-30

Applicant: Cisco Technology, Inc.

Inventor： Daniel G. Wing ,  Cullen Jennings ,  Jonathan D. Rosenberg

IPC: G06F15/16 ,  H04L29/12

CPC classification number: H04L29/12066 ,  H04L29/12386 ,  H04L29/12528 ,  H04L61/2521 ,  H04L61/2575

Abstract: In one embodiment, an endpoint elicits a pattern of STUN responses to identify security devices located on a call path. The endpoint then uses address information from the identified security devices to establish an efficient media flow with a remote endpoint. The endpoint can optimize the number of network devices and network paths that process the endpoint's keepalive message. Additionally, the endpoint may request custom inactivity timeouts with each of the identified security devices for reducing bandwidth consumed by keepalive traffic.

Abstract translation: 在一个实施例中，端点引出STUN响应的模式以识别位于呼叫路径上的安全设备。 然后，端点使用来自所识别的安全设备的地址信息来建立与远程端点的有效媒体流。 端点可以优化处理端点的keepalive消息的网络设备和网络路径的数量。 此外，端点可以请求自定义的不活动超时与每个已标识的安全设备，以减少由keepalive流量消耗的带宽。

公开(公告)号：US11025608B2

公开(公告)日：2021-06-01

申请号：US15946003

申请日：2018-04-05

Applicant: Cisco Technology, Inc.

Inventor： Owen Brendan Friel ,  Max Pritikin ,  Cullen Jennings ,  Richard Lee Barnes, II

IPC: H04L29/06 ,  H04W12/069 ,  H04W12/0431 ,  H04W4/50 ,  H04L12/24

Abstract: A method includes establishing an application layer transport layer security (ATLS) connection between a network device and a cloud server by sending, from the network device, TLS records in transport protocol (e.g., HTTP) message bodies to the cloud server, the ATLS connection transiting at least one transport layer security (TLS) proxy device, receiving, from the cloud server via the ATLS connection, an identifier for a certificate authority, establishing a connection with the certificate authority associated with the identifier and, in turn, receiving from the certificate authority credentials to access an application service different from the cloud server and the certificate authority, and connecting to the application service using the credentials received from the certificate authority.

公开(公告)号：US20130145044A1

公开(公告)日：2013-06-06

申请号：US13754220

申请日：2013-01-30

Applicant: CISCO TECHNOLOGY, INC.

Inventor： Daniel G. Wing ,  Cullen Jennings ,  Jonathan D. Rosenberg

IPC: H04L29/12

CPC classification number: H04L29/12066 ,  H04L29/12386 ,  H04L29/12528 ,  H04L61/2521 ,  H04L61/2575

Abstract: In one embodiment, an endpoint elicits a pattern of STUN responses to identify security devices located on a call path. The endpoint then uses address information from the identified security devices to establish an efficient media flow with a remote endpoint. The endpoint can optimize the number of network devices and network paths that process the endpoint's keepalive message. Additionally, the endpoint may request custom inactivity timeouts with each of the identified security devices for reducing bandwidth consumed by keepalive traffic.

Abstract translation: 在一个实施例中，端点引出STUN响应的模式以识别位于呼叫路径上的安全设备。 然后，端点使用来自所识别的安全设备的地址信息来建立与远程端点的有效媒体流。 端点可以优化处理端点的keepalive消息的网络设备和网络路径的数量。 此外，端点可以请求自定义的不活动超时与每个已标识的安全设备，以减少由keepalive流量消耗的带宽。

公开(公告)号：US10171496B2

公开(公告)日：2019-01-01

申请号：US15000507

申请日：2016-01-19

Applicant: Cisco Technology, Inc.

Inventor： Sean Whitsell ,  Cullen Jennings ,  Andrew Biggs ,  Patrick Linskey

IPC: H04L29/06 ,  H04W4/02 ,  H04W64/00

Abstract: In one embodiment, a beacon signal is received from a beacon device. Either a mobile device or a server identifies a beacon authentication value from the beacon signal. Either the mobile device or the server calculates a local verification value from a security algorithm. A comparison of the authentication value to the local verification value is performed, and a location service is provided based on the comparison.

公开(公告)号：US20170208091A1

公开(公告)日：2017-07-20

申请号：US15000507

申请日：2016-01-19

Applicant: Cisco Technology, Inc.

Inventor： Sean Whitsell ,  Cullen Jennings ,  Andrew Biggs ,  Patrick Linskey

IPC: H04L29/06 ,  H04W64/00 ,  H04W4/02

CPC classification number: H04L63/1483 ,  H04L63/0838 ,  H04W4/023 ,  H04W64/00

Abstract: In one embodiment, a beacon signal is received from a beacon device. Either a mobile device or a server identifies a beacon authentication value from the beacon signal. Either the mobile device or the server calculates a local verification value from a security algorithm. A comparison of the authentication value to the local verification value is performed, and a location service is provided based on the comparison.