Patents by Inventor Timothy P. Stammers
Timothy P. Stammers has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20240146697Abstract: In one embodiment, a device receives a request from a client to remotely access an endpoint in a local network. The device instantiates a network slice having a remote access function in a cellular network. The device causes the endpoint to communicate a particular type of traffic via the network slice and the remote access function. The device configures a virtual private network tunnel between the client and the remote access function. The client and endpoint communicate with one another via a connection that comprises the network slice and the virtual private network tunnel.Type: ApplicationFiled: October 28, 2022Publication date: May 2, 2024Inventors: Vinay Saini, Snezana MITROVIC, Timothy P. STAMMERS
-
Publication number: 20240107307Abstract: Disclosed herein are systems, methods, and computer-readable media for authentication in a multi-cloud cellular service. In one aspect, a method includes receiving, at a controller of a local site within the multi-cloud cellular service, a network connection request from a device, the cloud-based authentication component being a central network component configured to store device credentials and network policies for authenticating devices connecting to the multi-cloud cellular service across all sites associated with the multi-cloud cellular service. In one aspect, the method also includes locally authenticating, by the controller, the device using stored credential information obtained from the cloud-based authentication component prior to losing the connectivity to the cloud-based authentication component.Type: ApplicationFiled: September 22, 2022Publication date: March 28, 2024Inventors: Sri Gundavelli, Timothy P. Stammers, Ravi Kiran Guntupalli, Vimal Srivastava
-
Patent number: 11943653Abstract: The present technology is generally directed to dynamically adding network resources based on an application function (AF) notification. The present technology can determine, by an AF of a service provider, a network congestion on a network, the network congestion indicating that network resources for servicing a user device using services of the service provider do not meet corresponding Quality of Service (QoS) requirements. Further, the present technology can transmit a notification by the AF to a core network of a network provider to request additional network resources to be allocated for servicing the user device, the network provider providing network connectivity for the user device to receive the services provided by the service provider.Type: GrantFiled: December 30, 2021Date of Patent: March 26, 2024Assignee: Cisco Technology, Inc.Inventors: Humberto Jose La Roche, Vimal Srivastava, Sri Gundavelli, Timothy P. Stammers
-
Publication number: 20240040383Abstract: A trust based continuous Fifth Generation (5G) network service assessment, and more specifically a trust based continuous 5G network service assessment for a user equipment to ensure an authorized user is using the user equipment may be provided. A registration request may be received by an Access and Mobility Management Function (AMF) from a User Equipment (UE). In response to the registration request, a Policy Control Function (PCF) may exchange a policy with the AMF, wherein the policy comprises instructions to perform a continuous service assessment. Next, a registration accept message may be sent to the UE, wherein the registration accept message comprises instructions for the UE to enable the continuous service assessment.Type: ApplicationFiled: July 29, 2022Publication date: February 1, 2024Applicant: Cisco Technology, Inc.Inventors: VINAY SAINI, NAMITA BIST, TIMOTHY P. STAMMERS, SNEZANA MITROVIC
-
Publication number: 20230422081Abstract: Disclosed herein are systems, methods, and computer-readable media for reporting QoE of a UE, as measured and determined from the perspective of the UE to one or more core components of the cellular network to which the UE is attached. The QoE may then be used by the one or more core components for managing and adjusting, if necessary, the cellular services provided to the UE. In one aspect, a method includes determining, at a user device, a quality of experience (QoE) of user device connected to a cellular network and transmitting, via a non-access stratum (NAS) signaling, a value of the QoE from the user device to a core network element of the cellular network, wherein the core network element utilizes the QoE value to manage network access and a quality of service (QoS) of the user device.Type: ApplicationFiled: June 28, 2022Publication date: December 28, 2023Inventors: Anthony Fajri, Gautam Mohanlal Borkar, Solomon Ayyankulankara Kunjan, Timothy P. Stammers
-
Publication number: 20230422036Abstract: Systems, methods, and computer-readable media are disclosed for dynamically onboarding a UE between private 5G networks. In one aspect, a private 5G (P5G) federation system can receive a request from a user device for registration with a serving private 5G network, which is part of a P5G federation system. The P5G federation system can further determine that the user device is authenticated with a home private 5G network of the user device, which is also part of the P5G federation system. The P5G federation system can transmit, to the serving private 5G network, a security profile of the user device that is received from the home private 5G network. As follows, the P5G federation system can facilitate onboarding of the user device to the serving private 5G network with the security profile.Type: ApplicationFiled: June 24, 2022Publication date: December 28, 2023Inventors: Vinay Saini, Snezana Mitrovic, Timothy P. Stammers, Rajesh Indira Viswambharan
-
Publication number: 20230412643Abstract: A private cellular management system detects that a device has connected to a private cellular network. The device is part of a device group that is associated with a policy applicable within an enterprise network and the private cellular network. The private cellular management system generates a determination corresponding to a policy effectiveness associated with the access policy based on different versions of the policy implemented in the enterprise and private cellular networks. The private cellular management system obtains an update to the access policy and applies this update for the device and other devices associated with the device group.Type: ApplicationFiled: September 1, 2022Publication date: December 21, 2023Inventors: Timothy P. Stammers, Bhavik Adhvaryu, Irfan Ali
-
Publication number: 20230403609Abstract: A system and method of performing multi-layer client assurance in a private cellular network includes a plurality of assurance points within the network. The method includes receiving, by a network entity, a plurality of parameter sets from the plurality of assurance points. Each of the plurality of assurance points can be configured to obtain measurements from a portion of the private cellular network corresponding to a client assurance layer in a client assurance stack. The method can include combining a first parameter set from the plurality of parameter sets with a second parameter set from the plurality of parameter sets. The first parameter set can be associated with a first client assurance layer and the second parameter set is associated with a second client assurance layer. The method can include determining, based on the combined parameter set, a network service level corresponding to the client device.Type: ApplicationFiled: June 10, 2022Publication date: December 14, 2023Inventors: Timothy P. Stammers, Dusko Zgonjanin, Flemming Stig Andreasen
-
Publication number: 20230397096Abstract: An enterprise device identity proxy between an SMF and an Enterprise's device profile store supports N7 protocol for enterprise policy delivery between a central management service (CMS) and an enterprise policy service. In particular, when a user equipment (UE) requests a data service, the enterprise device identity proxy receives AAA transactions from the SMF running the enterprise policy service over a secondary authentication interface, stores the results in a data store, and uses business rules set forth by the CMS to transform Remote Authentication Dial-In User Service (RADIUS) Attribute Value Pairs (AVPs) into a valid N7 response to the SMF. The enterprise device identity proxy enables an enterprise to treat a device with cellular connectivity using the same rules that would apply to other access/connection types without the complexity and cost of deploying a 3GPP policy service to support N7 protocol for policy delivery.Type: ApplicationFiled: June 2, 2022Publication date: December 7, 2023Inventors: Charles Carlton Wolfinger, Timothy P. Stammers
-
Publication number: 20230247429Abstract: Systems, methods, and computer-readable media are disclosed for facilitating bi-directional edge proxy-to-edge proxy communications across an enterprise firewall in 5G service-based architecture. In one aspect, a method includes receiving a subscription request from a user device to operate on a visited private network; determining that the user device is associated with a home network; and establishing a communication protocol between a security edge protection proxy of the visited private network and a security edge protection proxy of the home network, wherein the communication protocol enables bi-directional exchange of roaming signals between the visited private network and the home network while user device is operating on the visited private network.Type: ApplicationFiled: June 22, 2022Publication date: August 3, 2023Inventors: Mark Grayson, Timothy P. Stammers, Desmond Joseph O'Connor
-
Publication number: 20230232216Abstract: Systems, methods, and computer-readable media are provided for on-boarding network devices onto a private 5G network. An example method can include discovering a first private 5G network upon the network device being turned on, authenticating, at the network device, the network device, downloading a second network profile from an SM-DP+ server of a second private 5G network, and on-boarding the network device to the second private 5G network.Type: ApplicationFiled: January 14, 2022Publication date: July 20, 2023Inventors: Sri Gundavelli, Timothy P. Stammers, Eren Kudsi Gonen, Bobby Wayne Hoosang Richardson
-
Publication number: 20230217297Abstract: The present technology is generally directed to dynamically adding network resources based on an application function (AF) notification. The present technology can determine, by an AF of a service provider, a network congestion on a network, the network congestion indicating that network resources for servicing a user device using services of the service provider do not meet corresponding Quality of Service (QoS) requirements. Further, the present technology can transmit a notification by the AF to a core network of a network provider to request additional network resources to be allocated for servicing the user device, the network provider providing network connectivity for the user device to receive the services provided by the service provider.Type: ApplicationFiled: December 30, 2021Publication date: July 6, 2023Inventors: Humberto Jose La Roche, Vimal Srivastava, Sri Gundavelli, Timothy P. Stammers
-
Patent number: 11166147Abstract: The present technology discloses non-transitory computer-readable media, systems, and methods for receiving a notification that an identified physical object has attached to a roaming network, wherein the identified physical object is roaming when on the roaming network; translating at least one policy intent that was defined at a home network for the identified physical object into a policy suitable to be applied by the roaming network; and sending, to the roaming network, the at least one translated policy intent to be applied to the identified physical object on the roaming network.Type: GrantFiled: July 21, 2020Date of Patent: November 2, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Timothy P. Stammers, Carlos M. Pignataro, Marcelo Yannuzzi Sanchez, Hervé Muyal, Bart Brinckman
-
Publication number: 20210281994Abstract: The present technology discloses non-transitory computer-readable media, systems, and methods for receiving a notification that an identified physical object has attached to a roaming network, wherein the identified physical object is roaming when on the roaming network; translating at least one policy intent that was defined at a home network for the identified physical object into a policy suitable to be applied by the roaming network; and sending, to the roaming network, the at least one translated policy intent to be applied to the identified physical object on the roaming network.Type: ApplicationFiled: July 21, 2020Publication date: September 9, 2021Inventors: Timothy P. Stammers, Carlos M. Pignataro, Marcelo Yannuzzi Sanchez, Hervé Muyal, Bart Brinckman
-
Patent number: 11115808Abstract: In one embodiment, a method comprises communicating with a plurality of network elements via a first communication protocol to obtain state information of the plurality of network elements; receiving a request via a second communication protocol for a communication session to be established for a client computing device; selecting one or more network elements, wherein the selection is based on at least a portion of the state information of the network elements; and communicating identification information of the one or more network elements selected for use in the communication session.Type: GrantFiled: August 9, 2019Date of Patent: September 7, 2021Assignee: Cisco Technology, Inc.Inventors: Timothy P. Stammers, Suraj Sharad Mody, Aeneas Sean Dodd-Noble
-
Patent number: 10764376Abstract: In one embodiment, a method comprises obtaining, by a first network element comprising processing logic, notification of a plurality of events associated with a plurality of communication sessions, wherein the events include at least one of a mid-session event or an end-session event, wherein the plurality of events are communicated to a routing agent using a first communication protocol by a plurality of second network elements; receiving, by the first network element, a request via a second communication protocol for a first communication session to be established for a client computing device; selecting, by the first network element, one or more network elements from the second network elements for the communication session based on the at least one of a mid-session or an end-session event; and communicating, by the first network element, identification information of the one or more network elements selected for use in the first communication session.Type: GrantFiled: October 18, 2016Date of Patent: September 1, 2020Assignee: Cisco Technology, Inc.Inventors: Timothy P. Stammers, Suraj Sharad Mody, Robert Glenn Smith
-
Patent number: 10721621Abstract: First, an authentication module may receive an identification (ID) linking request, create a secured ID linking request from the ID linking request, and send the secured ID linking request to a packet gateway module located in a packet core of a mobile network. Next, the packet gateway module may insert into the secured ID linking request, an encrypted version of a mobile identifier corresponding to a client device from which the secured ID linking request was received. Next, a mobile video session manager module may receive from the packet gateway module, the secured ID linking request and link a subscriber of a managed video service corresponding to a video identifier to the client device corresponding to the mobile identifier. A policy corresponding to the subscriber of the managed video service may then be applied to flows over the packet core to and from the client device.Type: GrantFiled: May 23, 2018Date of Patent: July 21, 2020Assignee: Cisco Technology, Inc.Inventors: John A. Schlack, Timothy P. Stammers
-
Patent number: 10588044Abstract: A method is provided in one example embodiment and includes receiving a data packet transported on a backhaul link at a first network element; de-capsulating the data packet; identifying whether the data packet is an upstream data packet; identifying whether the data packet matches an internet protocol (IP) access control list (ACL) or a tunnel endpoint identifier; and offloading the data packet from the backhaul link. In more specific embodiment, the method can include identifying that the data packet does not match the IP ACL or the tunnel endpoint identifier; and communicating the data packet to a second network element. In other examples, the method can include identifying that the data packet is a downstream data packet; identifying a service to be performed for the data packet that cannot be performed at the first network element; and communicating the data packet to a second network element.Type: GrantFiled: May 14, 2018Date of Patent: March 10, 2020Assignee: Cisco Technology, Inc.Inventors: Flemming S. Andreasen, Kent K. Leung, Michel Khouderchah, Jayaraman R. Iyer, Timothy P. Stammers
-
Publication number: 20190364419Abstract: In one embodiment, a method comprises communicating with a plurality of network elements via a first communication protocol to obtain state information of the plurality of network elements; receiving a request via a second communication protocol for a communication session to be established for a client computing device; selecting one or more network elements, wherein the selection is based on at least a portion of the state information of the network elements; and communicating identification information of the one or more network elements selected for use in the communication session.Type: ApplicationFiled: August 9, 2019Publication date: November 28, 2019Inventors: Timothy P. STAMMERS, Suraj Sharad MODY, Aeneas Sean DODD-NOBLE
-
Publication number: 20190364425Abstract: First, an authentication module may receive an identification (ID) linking request, create a secured ID linking request from the ID linking request, and send the secured ID linking request to a packet gateway module located in a packet core of a mobile network. Next, the packet gateway module may insert into the secured ID linking request, an encrypted version of a mobile identifier corresponding to a client device from which the secured ID linking request was received. Next, a mobile video session manager module may receive from the packet gateway module, the secured ID linking request and link a subscriber of a managed video service corresponding to a video identifier to the client device corresponding to the mobile identifier. A policy corresponding to the subscriber of the managed video service may then be applied to flows over the packet core to and from the client device.Type: ApplicationFiled: May 23, 2018Publication date: November 28, 2019Applicant: Cisco Technology, Inc.Inventors: John A. Schlack, Timothy P. Stammers