Patents by Inventor Mosaddaq Hussain TURABI
Mosaddaq Hussain TURABI has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11546312Abstract: A method may include determining, by a first network device, a type of control channel to open across a transport in a software-defined network (SDN). The method may also include establishing the control channel with a control device via a control plane that is separate from a data plane. The method may further include advertising first security association parameters to the control device via the control channel. The method may include receiving, from the control device via the control channel, second security association parameters associated with a second network device. The method may also include establishing a data plane connection with the second network device using the second security association parameters.Type: GrantFiled: September 21, 2020Date of Patent: January 3, 2023Assignee: Cisco Technology, Inc.Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Lars Olaf Stefan Olofsson, Atif Khan, Praveen Raju Kariyanahalli
-
Patent number: 11509639Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: GrantFiled: September 16, 2020Date of Patent: November 22, 2022Assignee: Cisco Technology, Inc.Inventors: Praveen Raju Kariyanahalli, Mosaddaq Hussain Turabi, Murtuza Attarwala
-
Patent number: 10992654Abstract: A method is performed by an access router of an enterprise network including a first edge router to communicate with a second edge router over a wide area network (WAN). The method includes receiving a packet from a first endpoint, receiving from a mapping service a network location of a second edge router for which the packet is destined and a security association (SA) to encrypt the packet from the access router to the second edge router, and generating for the first edge router one or more path selectors for WAN path selection. The method includes encrypting the packet using the SA, and adding to the encrypted IP packet, in clear text, the path selectors and outer encapsulation including the network location, to produce an encrypted tunnel packet. The method also includes forwarding the encrypted tunnel packet to the second edge router via the first edge router and the WAN.Type: GrantFiled: August 17, 2018Date of Patent: April 27, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Fabio Rodolfo Maino, Vina Ermagan, Atri Indiresan
-
Patent number: 10944733Abstract: A method may include determining, by a first network device, a type of control channel to open across a transport in a software-defined network (SDN). The method may also include establishing the control channel with a control device via a control plane that is separate from a data plane. The method may further include advertising first security association parameters to the control device via the control channel. The method may include receiving, from the control device via the control channel, second security association parameters associated with a second network device. The method may also include establishing a data plane connection with the second network device using the second security association parameters.Type: GrantFiled: June 28, 2018Date of Patent: March 9, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Lars Olaf Stefan Olofsson, Atif Khan, Praveen Raju Kariyanahalli
-
Publication number: 20210006546Abstract: A method may include determining, by a first network device, a type of control channel to open across a transport in a software-defined network (SDN). The method may also include establishing the control channel with a control device via a control plane that is separate from a data plane. The method may further include advertising first security association parameters to the control device via the control channel. The method may include receiving, from the control device via the control channel, second security association parameters associated with a second network device. The method may also include establishing a data plane connection with the second network device using the second security association parameters.Type: ApplicationFiled: September 21, 2020Publication date: January 7, 2021Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Lars Olaf Stefan Olofsson, Atif Khan, Praveen Raju Kariyanahalli
-
Publication number: 20210006545Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: ApplicationFiled: September 16, 2020Publication date: January 7, 2021Inventors: Praveen Raju Kariyanahalli, Mosaddaq Hussain Turabi, Murtuza Attarwala
-
Patent number: 10819564Abstract: A method may include receiving a hub ID configuration preference message from a control device, wherein the hub ID configuration preference message includes an order in which to connect to network hubs that are associated with the hub IDs; selecting the first hub ID from the hub ID configuration preference message based on the first connection priority having a higher priority as compared to the second connection priority; identifying a first set of network hubs that are associated with the first hub ID; establishing a connection with at least one network hub associated with the first hub ID; in response to identifying a triggering event, selecting the second hub ID from the hub ID configuration preference message; identifying a second set of network hubs that are associated with the second hub ID; and establishing a connection with at least one network hub associated with the second hub ID.Type: GrantFiled: October 9, 2019Date of Patent: October 27, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Mosaddaq Hussain Turabi, Vinay Prabhu
-
Patent number: 10798071Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: GrantFiled: June 26, 2018Date of Patent: October 6, 2020Assignee: CISCO TECHNOLOGY, INC.Inventors: Praveen Raju Kariyanahalli, Mosaddaq Hussain Turabi, Murtuza Attarwala
-
Publication number: 20200059457Abstract: A method is performed by an access router of an enterprise network including a first edge router to communicate with a second edge router over a wide area network (WAN). The method includes receiving a packet from a first endpoint, receiving from a mapping service a network location of a second edge router for which the packet is destined and a security association (SA) to encrypt the packet from the access router to the second edge router, and generating for the first edge router one or more path selectors for WAN path selection. The method includes encrypting the packet using the SA, and adding to the encrypted IP packet, in clear text, the path selectors and outer encapsulation including the network location, to produce an encrypted tunnel packet. The method also includes forwarding the encrypted tunnel packet to the second edge router via the first edge router and the WAN.Type: ApplicationFiled: August 17, 2018Publication date: February 20, 2020Inventors: Syed Khalid Raza, Mosaddaq Hussain Turabi, Fabio Rodolfo Maino, Vina Ermagan, Atri Indiresan
-
Publication number: 20200044914Abstract: A method may include receiving a hub ID configuration preference message from a control device, wherein the hub ID configuration preference message includes an order in which to connect to network hubs that are associated with the hub IDs; selecting the first hub ID from the hub ID configuration preference message based on the first connection priority having a higher priority as compared to the second connection priority; identifying a first set of network hubs that are associated with the first hub ID; establishing a connection with at least one network hub associated with the first hub ID; in response to identifying a triggering event, selecting the second hub ID from the hub ID configuration preference message; identifying a second set of network hubs that are associated with the second hub ID; and establishing a connection with at least one network hub associated with the second hub ID.Type: ApplicationFiled: October 9, 2019Publication date: February 6, 2020Inventors: Mosaddaq Hussain Turabi, Vinay Prabhu
-
Patent number: 10461993Abstract: A method may include receiving a hub ID configuration preference message from a control device, wherein the hub ID configuration preference message includes an order in which to connect to network hubs that are associated with the hub IDs; selecting the first hub ID from the hub ID configuration preference message based on the first connection priority having a higher priority as compared to the second connection priority; identifying a first set of network hubs that are associated with the first hub ID; establishing a connection with at least one network hub associated with the first hub ID; in response to identifying a triggering event, selecting the second hub ID from the hub ID configuration preference message; identifying a second set of network hubs that are associated with the second hub ID; and establishing a connection with at least one network hub associated with the second hub ID.Type: GrantFiled: July 19, 2018Date of Patent: October 29, 2019Assignee: CISCO TECHNOLOGY, INC.Inventors: Mosaddaq Hussain Turabi, Vinay Prabhu
-
Publication number: 20190140891Abstract: A method may include receiving a hub ID configuration preference message from a control device, wherein the hub ID configuration preference message includes an order in which to connect to network hubs that are associated with the hub IDs; selecting the first hub ID from the hub ID configuration preference message based on the first connection priority having a higher priority as compared to the second connection priority; identifying a first set of network hubs that are associated with the first hub ID; establishing a connection with at least one network hub associated with the first hub ID; in response to identifying a triggering event, selecting the second hub ID from the hub ID configuration preference message; identifying a second set of network hubs that are associated with the second hub ID; and establishing a connection with at least one network hub associated with the second hub ID.Type: ApplicationFiled: July 19, 2018Publication date: May 9, 2019Inventors: Mosaddaq Hussain TURABI, Vinay PRABHU
-
Publication number: 20190141019Abstract: In some examples, an example method to provide an IPsec anti-replay window with quality of service (QoS) at a first network endpoint may include configuring a multiple number of anti-replay windows, generating a first security association (SA), and establishing the first SA with a second network endpoint. The first SA may include a first multiple number of security parameter indexes (SPIs), where each of the first multiple number of SPIs may be assigned to a specific QoS level, and each of the first multiple number of SPIs may be assigned to one of the multiple number of anti-replay windows. Establishing the first SA with the second network endpoint may include assigning the first SA to a first encryption key, and providing the first encryption key to the second network endpoint.Type: ApplicationFiled: June 26, 2018Publication date: May 9, 2019Inventors: Praveen Raju KARIYANAHALLI, Mosaddaq Hussain TURABI, Murtuza ATTARWALA
-
Publication number: 20190036687Abstract: A method may include determining, by a first network device, a type of control channel to open across a transport in a software-defined network (SDN). The method may also include establishing the control channel with a control device via a control plane that is separate from a data plane. The method may further include advertising first security association parameters to the control device via the control channel. The method may include receiving, from the control device via the control channel, second security association parameters associated with a second network device. The method may also include establishing a data plane connection with the second network device using the second security association parameters.Type: ApplicationFiled: June 28, 2018Publication date: January 31, 2019Inventors: Syed Khalid RAZA, Mosaddaq Hussain TURABI, Lars Olaf Stefan OLOFSSON, Atif KHAN, Praveen Raju KARIYANAHALLI