Patents by Inventor Kavitha Kamarthy

Kavitha Kamarthy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10855682
    Abstract: Examples described herein include a method and system for determining a number of controllers in a Network Authentication Server (NAS) controller cluster, wherein each of the controllers in the NAS controller cluster includes a unique Physical Internet Protocol (PIP) address; creating a number of unique Virtual Internet Protocol (VIP) addresses for use by an external authentication server (EAS) to communicate with the controllers in the NAS controller cluster, wherein the number of VIP addresses is to be proportional to the number of PIP addresses; and mapping each controller in the NAS controller cluster to a plurality of VIP addresses, wherein the VIP addresses are to have different priorities for different controllers in the NAS controller cluster.
    Type: Grant
    Filed: September 15, 2016
    Date of Patent: December 1, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Vinod Arjun, Suryanarayanan Devarajan, Isaac Theogaraj, Sheausong Yang, Kavitha Kamarthy
  • Patent number: 10243928
    Abstract: Various techniques that allow group members to detect the use of stale encryption policy by other group members are disclosed. One method involves receiving a message from a first group member via a network. The message is received by a second group member. The method then detects that the first group member is not using a most recent policy update supplied by a key server, in response to information in the message. In response, a notification message can be sent from the second group member. The notification message indicates that at least one group member is not using the most recently policy update. The notification message can be sent to the key server or towards the first group member.
    Type: Grant
    Filed: January 29, 2016
    Date of Patent: March 26, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Warren Scott Wainner, Sheela D. Rowles, Brian E. Weis, David Arthur McGrew, Scott R. Fluhrer, Kavitha Kamarthy
  • Publication number: 20190020656
    Abstract: In some examples, a method includes determining a number of controllers in a Network Authentication Server (NAS) controller cluster, wherein each of the controllers in the NAS controller cluster includes a unique Physical Internet Protocol (PIP) address; creating a number of unique Virtual Internet Protocol (VIP) addresses for use by an external authentication server (EAS) to communicate with the controllers in the NAS controller cluster, wherein the number of VIP addresses is to be proportional to the number of PIP addresses; and mapping each controller in the NAS controller cluster to a plurality of VIP addresses, wherein the VIP addresses are to have different priorities for different controllers in the NAS controller cluster.
    Type: Application
    Filed: September 15, 2016
    Publication date: January 17, 2019
    Inventors: Vinod Arjun, Suryanarayanan Devarajn, Isaac Theogaraj, Sheausong Yang, Kavitha Kamarthy
  • Publication number: 20160164848
    Abstract: Various techniques that allow group members to detect the use of stale encryption policy by other group members are disclosed. One method involves receiving a message from a first group member via a network. The message is received by a second group member. The method then detects that the first group member is not using a most recent policy update supplied by a key server, in response to information in the message. In response, a notification message can be sent from the second group member. The notification message indicates that at least one group member is not using the most recently policy update. The notification message can be sent to the key server or towards the first group member.
    Type: Application
    Filed: January 29, 2016
    Publication date: June 9, 2016
    Inventors: Warren Scott Wainner, Sheela D. Rowles, Brian E. Weis, David Arthur McGrew, Scott R. Fluhrer, Kavitha Kamarthy
  • Patent number: 9294270
    Abstract: Various techniques that allow group members to detect the use of stale encryption policy by other group members are disclosed. One method involves receiving a message from a first group member via a network. The message is received by a second group member. The method then detects that the first group member is not using a most recent policy update supplied by a key server, in response to information in the message. In response, a notification message can be sent from the second group member. The notification message indicates that at least one group member is not using the most recently policy update. The notification message can be sent to the key server or towards the first group member.
    Type: Grant
    Filed: January 5, 2010
    Date of Patent: March 22, 2016
    Assignee: Cisco Technology, Inc.
    Inventors: Warren Scott Wainner, Sheela D. Rowles, Brian E. Weis, David Arthur McGrew, Scott R. Fluhrer, Kavitha Kamarthy
  • Patent number: 9137139
    Abstract: A network device receives packets sent over a network from another network device. Each packet contains a source identifier that identifies a device that is the source of the packet, a destination identifier that identifies a device that is the intended destination of the packet, a sender identifier that identifies a network device that encrypted and sent the packet and a sequence number associated with the packet. The network device stores data indicating source identifier, destination identifier, sender identifier and sequence number for packets received over time. The network device rejects a newly received packet when it is determined that the sequence number of the newly received packet is less than the last sequence number stored for a matching packet flow (same source identifier, destination identifier and sender identifier) and falls outside of the counter-based window with respect to the last sequence number stored for the matching packet flow.
    Type: Grant
    Filed: December 18, 2009
    Date of Patent: September 15, 2015
    Assignee: Cisco Technology, Inc.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
  • Patent number: 8750507
    Abstract: A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.
    Type: Grant
    Filed: January 25, 2010
    Date of Patent: June 10, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
  • Patent number: 8745384
    Abstract: Techniques are provided for securely storing data files in, or retrieving data files from, cloud storage. A data file transmitted to cloud storage from a client in an enterprise computing environment is intercepted by at least one network device. Using security information received from a management server, the data file is converted into an encrypted object configured to remain encrypted while at rest in the cloud storage.
    Type: Grant
    Filed: August 11, 2011
    Date of Patent: June 3, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Andrew Persaud, Kavitha Kamarthy, Shree Murthy, Scott Fanning, David A. McGrew, Thirunavukkarasu Suresh
  • Patent number: 8656170
    Abstract: Techniques are provided for determining freshness of control messages in a network. At a first device that is to enter into a secure communication session with a second device, timestamp information and time window size information are sent to the second device in a control message during a first exchange between a first device and a second device. At the first device, timestamp information and time window size information are obtained from a control message received from the second device by the first device during the first exchange. At the first device, the freshness of a control message is tested based on the timestamp information of the control message during a second exchange and the time window size information received from the second device during the first exchange.
    Type: Grant
    Filed: May 28, 2010
    Date of Patent: February 18, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Kavitha Kamarthy, Sheela D. Rowles, Dinesh Ranjit, Tanya Roosta, Warren S. Wainner
  • Patent number: 8625599
    Abstract: A system and method directed to carrying out dynamic secured group communication is provided. The method includes: obtaining a first packet that includes a first header; forming a frame that includes the first header in encrypted form; combining the first header and the frame to form a second packet and forming a second header; encapsulating the second packet with the second header to form a third packet, and communicating the third packet into the second network from the second source node for termination to the second-destination node. The first header includes a first source address of a first source node of a first network, and a first destination address of a first destination node of the first network. The second header includes a second source address of a second source node of a second network, and a second destination address of a second destination node of the second network.
    Type: Grant
    Filed: September 19, 2011
    Date of Patent: January 7, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Scott Fluhrer, Warren Scott Wainner, Sheela Rowles, Kavitha Kamarthy, Mohamed Khalid, Haseeb Niazi, Pratima Sethi
  • Patent number: 8447039
    Abstract: In one embodiment, group member devices may be divided into at least one cluster, wherein each cluster includes a primary key server designated to synchronize with a master key server. Each cluster further includes at least one registration server configured to communicate with member devices in the group within the cluster and to synchronize with the primary key server.
    Type: Grant
    Filed: September 26, 2007
    Date of Patent: May 21, 2013
    Assignee: Cisco Technology, Inc.
    Inventors: Mohamed Khalid, Rajiv Asati, Scott Thomas Fanning, Haseeb Niazi, Kavitha Kamarthy, Sheela Rowles
  • Patent number: 8411866
    Abstract: In one embodiment, a Home Agent receives a Mobile IP registration request from a group member, where the group member is a Mobile Node. The Home Agent generates a mobility binding for the group member that associates the group member with a care-of address, wherein the group member is a member of one or more groups. The Home Agent generates a Mobile IP registration reply, where the Mobile IP registration reply identifies one or more key servers. Each of the one or more key servers serves at least one of the one or more groups and is adapted for distributing group cryptography material to members of each group that is served by the corresponding key server. The Home Agent sends the Mobile IP registration reply to the group member, thereby enabling the group member to obtain cryptography material for at least one of the one or more groups from at least one of the one or more key servers to enable the group member to use the cryptography group material to securely communicate with other group members.
    Type: Grant
    Filed: November 14, 2007
    Date of Patent: April 2, 2013
    Assignee: Cisco Technology, Inc.
    Inventors: Mohamed Khalid, Ciprian Pompiliu Popoviciu, Kavitha Kamarthy, Aamer Saeed Akhter, Rajiv Asati
  • Publication number: 20130042106
    Abstract: Techniques are provided for securely storing data files in, or retrieving data files from, cloud storage. A data file transmitted to cloud storage from a client in an enterprise computing environment is intercepted by at least one network device. Using security information received from a management server, the data file is converted into an encrypted object configured to remain encrypted while at rest in the cloud storage.
    Type: Application
    Filed: August 11, 2011
    Publication date: February 14, 2013
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Andrew Persaud, Kavitha Kamarthy, Shree Murthy, Scott Fanning, David A. McGrew, Thirunavukkarasu Suresh
  • Patent number: 8266286
    Abstract: Various systems and method are disclosed for automatically disseminating key server contact information in a network. For example, one method (e.g., performed by a discovery server) involves generating a discovery message that includes at least one list of one or more key servers and then sending that discovery message to one or more members of a key management protocol group. Each list of key servers can include contact information for one or more key servers and indicate the priority of each key server relative to other key servers within the list.
    Type: Grant
    Filed: June 5, 2007
    Date of Patent: September 11, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Kavitha Kamarthy, Brian E. Weis
  • Publication number: 20120060029
    Abstract: A system and method directed to carrying out dynamic secured group communication is provided. The method includes: obtaining a first packet that includes a first header; forming a frame that includes the first header in encrypted form; combining the first header and the frame to form a second packet and forming a second header; encapsulating the second packet with the second header to form a third packet, and communicating the third packet into the second network from the second source node for termination to the second-destination node. The first header includes a first source address of a first source node of a first network, and a first destination address of a first destination node of the first network. The second header includes a second source address of a second source node of a second network, and a second destination address of a second destination node of the second network.
    Type: Application
    Filed: September 19, 2011
    Publication date: March 8, 2012
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Scott Fluhrer, Warren Scott Wainner, Sheela Rowles, Kavitha Kamarthy, Mohamed Khalid, Haseeb Niazi, Pratima Sethi
  • Publication number: 20110296185
    Abstract: Techniques are provided for determining freshness of control messages in a network. At a first device that is to enter into a secure communication session with a second device, timestamp information and time window size information are sent to the second device in a control message during a first exchange between a first device and a second device. At the first device, timestamp information and time window size information are obtained from a control message received from the second device by the first device during the first exchange. At the first device, the freshness of a control message is tested based on the timestamp information of the control message during a second exchange and the time window size information received from the second device during the first exchange.
    Type: Application
    Filed: May 28, 2010
    Publication date: December 1, 2011
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Kavitha Kamarthy, Sheela D. Rowles, Dinesh Ranjit, Tanya Roosta, Warren S. Wainner
  • Patent number: 8036221
    Abstract: A system and method directed to carrying out dynamic secured group communication is provided. The method includes obtaining a first packet that includes a first header. The first header includes a first source address of a first source node of a first network, and a first destination address of a first destination node of the first network. The method also includes forming a frame that includes the first header in encrypted form, combining the first header and the frame to form a second packet, and forming a second header. This second header includes a second source address of a second source node of a second network, and a second destination address of a second destination node of the second network. The method further includes encapsulating the second packet with the second header to form a third packet, and communicating the third packet into the second network from the second source node for termination to the second-destination node.
    Type: Grant
    Filed: September 15, 2008
    Date of Patent: October 11, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Scott Fluhrer, Warren Scott Wainner, Sheela Rowles, Kavitha Kamarthy, Mohamed Khalid, Haseeb Naizi, Pratima Sethi
  • Publication number: 20110182426
    Abstract: A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.
    Type: Application
    Filed: January 25, 2010
    Publication date: July 28, 2011
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
  • Publication number: 20110164752
    Abstract: Various techniques that allow group members to detect the use of stale encryption policy by other group members are disclosed. One method involves receiving a message from a first group member via a network. The message is received by a second group member. The method then detects that the first group member is not using a most recent policy update supplied by a key server, in response to information in the message. In response, a notification message can be sent from the second group member. The notification message indicates that at least one group member is not using the most recently policy update. The notification message can be sent to the key server or towards the first group member.
    Type: Application
    Filed: January 5, 2010
    Publication date: July 7, 2011
    Inventors: Warren Scott Wainner, Sheela D. Rowles, Brian E. Weis, David Arthur McGrew, Scott R. Fluhrer, Kavitha Kamarthy
  • Publication number: 20110153862
    Abstract: Techniques are provided for more robust counter-based anti-replay protection with respect to packets sent between network devices. A network device receives packets sent over a network from another network device. Each packet contains a source identifier that identifies a device that is the source of the packet, a destination identifier that identifies a device that is the intended destination of the packet, a sender identifier that identifies a network device that encrypted and sent the packet and a sequence number associated with the packet. The network device stores data indicating source identifier, destination identifier, sender identifier and sequence number for packets received over time.
    Type: Application
    Filed: December 18, 2009
    Publication date: June 23, 2011
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit