公开(公告)号：US20180109555A1

公开(公告)日：2018-04-19

申请号：US15297241

申请日：2016-10-19

Applicant: Cisco Technology, Inc.

Inventor： K Tirumaleswar Reddy ,  Daniel G. Wing ,  Flemming Stig Andreasen ,  Michael David Geller

IPC: H04L29/06

CPC classification number: H04L63/1458 ,  G06F21/554 ,  G06F2221/2111 ,  H04W4/70 ,  H04W12/12

Abstract: In one embodiment, a primary server receives, from a client device, a first request to mitigate an external attack on the client device. The primary server sends, to a plurality of secondary servers, a second request to mitigate the external attack, wherein each one of the plurality of secondary servers has associated mitigation resources, and receives from at least one of the plurality of secondary servers an indication that it has mitigation resources capable of mitigating the external attack. The primary server sends, to the client device, a list including the secondary servers having mitigation resources capable of mitigating the attack, and receives, from the client device, an indication that a subset of the list is selected to mitigate the external attack. In response, the primary server sends a request for mitigation services to one of the secondary servers in the subset selected to mitigate the external attack.

公开(公告)号：US11463353B2

公开(公告)日：2022-10-04

申请号：US17000588

申请日：2020-08-24

Applicant: Cisco Technology, Inc.

Inventor： Timothy Peter Stammers ,  Kent Kinchu Leung ,  Michael David Geller

IPC: H04L45/586 ,  H04L12/46 ,  H04L9/40 ,  H04L67/51

Abstract: In a mobile network, an identity of a security group associated with user equipments (UEs) may be obtained. A segment route (SR) path for session communications in the mobile network for the UEs may be selected based on the identity of the security group. The SR path may be one of a plurality of SR paths in a transport network used by the mobile network and defined at least in part by one or more segment IDs (SIDs). An identity of a virtual network associated with the security group may also be obtained. The selected SR path and the identity of the virtual network may be provisioned in one or more routers of the transport network, such that IP messages communicated for the UEs in the mobile network are forwarded via the selected SR path and (at least ultimately) via the tunnel associated with the security group.

公开(公告)号：US10299128B1

公开(公告)日：2019-05-21

申请号：US16171190

申请日：2018-10-25

Applicant: Cisco Technology, Inc.

Inventor： Om Prakash Suthar ,  Ammar Rayes ,  Michael David Geller ,  Ian McDowell Campbell ,  Aeneas Sean Dodd-Noble

IPC: H04L29/06 ,  H04W12/06 ,  H04W12/08 ,  G06Q20/40 ,  G06Q20/32 ,  H04W60/00 ,  H04W88/02

Abstract: A network function (NF) entity in a communication network receives authentication data associated with a User Equipment (UE), determines the UE supports a blockchain registration procedure based on the authentication data, exchanges authentication messages with a Blockchain Roaming Broker (BRB) entity over a blockchain network interface, receives a blockchain authentication confirmation from the BRB entity, and registers the UE with the core network based on the blockchain authentication confirmation.

公开(公告)号：US10742396B2

公开(公告)日：2020-08-11

申请号：US16415884

申请日：2019-05-17

Applicant: Cisco Technology, Inc.

Inventor： Om Prakash Suthar ,  Ammar Rayes ,  Michael David Geller ,  Ian McDowell Campbell ,  Aeneas Sean Dodd-Noble

IPC: H04L9/06 ,  H04W12/06 ,  H04W12/08 ,  H04L29/06 ,  G06Q20/40 ,  G06Q20/32 ,  H04W60/00 ,  G06Q20/36 ,  G06Q20/10 ,  G06Q20/38 ,  G06Q20/06 ,  H04L9/32 ,  G06F9/455 ,  H04L9/08 ,  H04L9/30 ,  H04L12/911 ,  H04W8/02 ,  H04W88/02 ,  H04W8/18 ,  H04W60/04

Abstract: A network function (NF) entity in a communication network receives authentication data associated with a User Equipment (UE), determines the UE supports a blockchain registration procedure based on the authentication data, exchanges authentication messages with a Blockchain Roaming Broker (BRB) entity over a blockchain network interface, receives a blockchain authentication confirmation from the BRB entity, and registers the UE with the core network based on the blockchain authentication confirmation.

公开(公告)号：US10361843B1

公开(公告)日：2019-07-23

申请号：US16205017

申请日：2018-11-29

Applicant: Cisco Technology, Inc.

Inventor： Om Prakash Suthar ,  Ammar Rayes ,  Michael David Geller ,  Ian McDowell Campbell ,  Aeneas Sean Dodd-Noble

IPC: H04L9/06 ,  H04L9/08 ,  H04L12/24 ,  H04L29/06 ,  G06F9/455 ,  H04L9/32 ,  H04L9/30 ,  H04L12/911 ,  H04W8/02

Abstract: A network slice manager receives a workload mobility request to add network resources to a domain in the communication network, and authenticates a virtual network function (VNF) with a blockchain authentication function (BAF) over a blockchain network interface based on the workload mobility request. The network slice manager further receives an indication of a successful authentication from the BAF, and instantiates the VNF in the domain of the communication network based on the indication of the successful authentication. Notably, these authentication processes may be readily adapted to instantiate new network resources or migrate existing network resources between domains.

公开(公告)号：US10305931B2

公开(公告)日：2019-05-28

申请号：US15297241

申请日：2016-10-19

Applicant: Cisco Technology, Inc.

Inventor： K Tirumaleswar Reddy ,  Daniel G. Wing ,  Flemming Stig Andreasen ,  Michael David Geller

IPC: G06F7/04 ,  H04L29/06 ,  G06F21/55 ,  H04W12/12 ,  H04W4/70

Abstract: In one embodiment, a primary server receives, from a client device, a first request to mitigate an external attack on the client device. The primary server sends, to a plurality of secondary servers, a second request to mitigate the external attack, wherein each one of the plurality of secondary servers has associated mitigation resources, and receives from at least one of the plurality of secondary servers an indication that it has mitigation resources capable of mitigating the external attack. The primary server sends, to the client device, a list including the secondary servers having mitigation resources capable of mitigating the attack, and receives, from the client device, an indication that a subset of the list is selected to mitigate the external attack. In response, the primary server sends a request for mitigation services to one of the secondary servers in the subset selected to mitigate the external attack.

公开(公告)号：US10972463B2

公开(公告)日：2021-04-06

申请号：US16180678

申请日：2018-11-05

Applicant: Cisco Technology, Inc.

Inventor： Om Prakash Suthar ,  Mark Ammar Rayes ,  Aeneas Sean Dodd-Noble ,  Michael David Geller ,  Ian McDowell Campbell

IPC: H04M1/66 ,  H04M1/68 ,  H04M3/16 ,  H04L29/06 ,  H04W4/70 ,  H04W12/06 ,  H04W8/24 ,  H04W12/08 ,  G06F9/455

Abstract: Various implementations disclosed herein enable blockchain programming in NB-IoT devices. In various implementations, a method of blockchain authentication is performed by a computing device including one or more processors, and a non-transitory memory. In various implementations, the method includes maintaining a blockchain for a machine-to-machine network, wherein the machine-to-machine network is a narrowband internet of things network. In some implementations, the method includes receiving a request for a first set of data from the blockchain by a second device. In some implementations, the method includes determining based on the request, the first set of data from the blockchain by traversing a series of blocks from the blockchain. In some implementations, the method includes packaging the first set of data from the blockchain according to a protocol into a packaged data unit and transmitting the packaged data unit to the second device.

公开(公告)号：US10812377B2

公开(公告)日：2020-10-20

申请号：US16159565

申请日：2018-10-12

Applicant: Cisco Technology, Inc.

Inventor： Timothy Peter Stammers ,  Kent Kinchu Leung ,  Michael David Geller

IPC: G06F15/173 ,  H04L12/713 ,  H04L12/46 ,  H04L29/06 ,  H04L29/08

Abstract: In a mobile network, an identity of a security group associated with user equipments (UEs) may be obtained. A segment route (SR) path for session communications in the mobile network for the UEs may be selected based on the identity of the security group. The SR path may be one of a plurality of SR paths in a transport network used by the mobile network and defined at least in part by one or more segment IDs (SIDs). An identity of a virtual network associated with the security group may also be obtained. The selected SR path and the identity of the virtual network may be provisioned in one or more routers of the transport network, such that IP messages communicated for the UEs in the mobile network are forwarded via the selected SR path and (at least ultimately) via the tunnel associated with the security group.

公开(公告)号：US10673618B2

公开(公告)日：2020-06-02

申请号：US16159950

申请日：2018-10-15

Applicant: Cisco Technology, Inc.

Inventor： Om Prakash Suthar ,  Ammar Rayes ,  Michael David Geller ,  Ian McDowell Campbell ,  Aeneas Sean Dodd-Noble

IPC: H04L29/06 ,  H04L9/06 ,  H04W12/06 ,  H04W12/08 ,  G06Q20/40 ,  G06Q20/32 ,  H04W60/00 ,  G06Q20/36 ,  G06Q20/10 ,  G06Q20/38 ,  G06Q20/06 ,  H04L9/32 ,  G06F9/455 ,  H04L9/08 ,  H04L9/30 ,  H04L12/911 ,  H04W8/02 ,  H04W88/02 ,  H04W8/18 ,  H04W60/04

Abstract: A Network Function (NF) entity in a telecommunication network receives blockchain credentials associated with UE and selects a Blockchain Charging Function (BCF). The NF entity further generates a Charging Data Record (CDR) corresponding to network resources, and sends a charging request based on the CDR (and policy rules) to the BCF entity over a blockchain network interface. The BCF entity sends a confirmation of the charging request, and the NF entity, based on the confirmation, provisions the network resources to the UE.

公开(公告)号：US20190380031A1

公开(公告)日：2019-12-12

申请号：US16415884

申请日：2019-05-17

Applicant: Cisco Technology, Inc.

Inventor： Om Prakash Suthar ,  Ammar Rayes ,  Michael David Geller ,  Ian McDowell Campbell ,  Aeneas Sean Dodd-Noble

IPC: H04W12/06 ,  H04L29/06 ,  H04W60/00 ,  G06Q20/32 ,  H04W12/08 ,  G06Q20/40

Abstract: A network function (NF) entity in a communication network receives authentication data associated with a User Equipment (UE), determines the UE supports a blockchain registration procedure based on the authentication data, exchanges authentication messages with a Blockchain Roaming Broker (BRB) entity over a blockchain network interface, receives a blockchain authentication confirmation from the BRB entity, and registers the UE with the core network based on the blockchain authentication confirmation.