Patents by Inventor Klaas Wierenga
Klaas Wierenga has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20200339997Abstract: The present invention includes a method of treating a bone disease caused by a intracellular protein trafficking defect comprising: identifying a subject having the bone disease caused by the intracellular protein trafficking defect in a membrane bound transcription factor peptidase, site 1 (MBTPS1) gene; and providing the subject with an effective amount of a composition that bypasses or corrects a defect in MBTPS1 gene expression, gene splicing, or corrects protein trafficking defects in the endoplasmic reticulum and to the lysosome.Type: ApplicationFiled: October 23, 2018Publication date: October 29, 2020Inventors: Yuji Kondo, Jianxin Fu, Hua Wang, Klaas Wierenga, Patrick M. Gaffney, Lijun Xia
-
Patent number: 10686762Abstract: In one embodiment, a device in a network receives sensor data from one or more nodes in the network. The device selects a processing mode from among a plurality of processing modes based on a plurality of attributes of the sensor data. The plurality of processing modes comprises a fast data path mode and a slow data path mode. The device encrypts the sensor data using a first encryption mechanism that controls access to the plurality of attributes of the sensor data. The device sends the encrypted sensor data to a cloud-based intermediary based on the selected processing mode for sharing with one or more other devices in one or more other networks.Type: GrantFiled: December 12, 2016Date of Patent: June 16, 2020Assignee: Cisco Technology, Inc.Inventors: Jazib Frahim, Aun Raza, Hazim Hashim Dahir, Salvatore Tarallo, Klaas Wierenga
-
Publication number: 20180167370Abstract: In one embodiment, a device in a network receives sensor data from one or more nodes in the network. The device selects a processing mode from among a plurality of processing modes based on a plurality of attributes of the sensor data. The plurality of processing modes comprises a fast data path mode and a slow data path mode. The device encrypts the sensor data using a first encryption mechanism that controls access to the plurality of attributes of the sensor data. The device sends the encrypted sensor data to a cloud-based intermediary based on the selected processing mode for sharing with one or more other devices in one or more other networks.Type: ApplicationFiled: December 12, 2016Publication date: June 14, 2018Inventors: Jazib Frahim, Aun Raza, Hazim Hashim Dahir, Salvatore Tarallo, Klaas Wierenga
-
Patent number: 9917861Abstract: A method of establishing centralized trust includes, at a policy server having connectivity to a network, establishing a trust relationship with a first enterprise network domain and a second enterprise network domain. One or more criterion from a server in the first enterprise network domain are received by the policy server and a federation relationship is established between at least a portion of the first enterprise network domain and one or more entities in the second enterprise network domain based on the one or more criterion. Based on the federation relationship, the policy server enables the one or more entities in the second enterprise network domain to access the at least a portion of the first enterprise network domain.Type: GrantFiled: October 6, 2015Date of Patent: March 13, 2018Assignee: Cisco Technology, Inc.Inventors: Jazib Frahim, Klaas Wierenga, Carlos Pignataro
-
Publication number: 20170099321Abstract: A method of establishing centralized trust includes, at a policy server having connectivity to a network, establishing a trust relationship with a first enterprise network domain and a second enterprise network domain. One or more criterion from a server in the first enterprise network domain are received by the policy server and a federation relationship is established between at least a portion of the first enterprise network domain and one or more entities in the second enterprise network domain based on the one or more criterion. Based on the federation relationship, the policy server enables the one or more entities in the second enterprise network domain to access the at least a portion of the first enterprise network domain.Type: ApplicationFiled: October 6, 2015Publication date: April 6, 2017Inventors: Jazib Frahim, Klaas Wierenga, Carlos Pignataro
-
Patent number: 9356928Abstract: Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device, to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the identity provider device. The identity provider device uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.Type: GrantFiled: December 16, 2014Date of Patent: May 31, 2016Assignee: Cisco Technology, Inc.Inventors: Nathan Sowatskey, Nancy Cam-Winget, Susan E. Thomson, David Jones, Morteza Ansari, Klaas Wierenga, Joseph Salowey
-
Patent number: 9113376Abstract: Techniques for providing access to cloud services via a plurality of different network interfaces of a client device. In accordance with one example, during establishment of a communication session between the cloud computing system and the client device, an interface-independent identifier is provided to the client device via a first of the plurality of different network interfaces. Following determination to establish the communication session via the second network interface, the cloud computing system is configured to maintain a virtual environment associated with the communication session for a period of time. A message is received, via a second of the plurality of different network interfaces, from the client device that includes the interface-independent identifier.Type: GrantFiled: December 9, 2011Date of Patent: August 18, 2015Assignee: Cisco Technology, Inc.Inventors: Ron Hromoko, Kevin Shatzkamer, Klaas Wierenga, Steven Braaten
-
Publication number: 20150106617Abstract: Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device, to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the identity provider device. The identity provider device uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.Type: ApplicationFiled: December 16, 2014Publication date: April 16, 2015Inventors: Nathan Sowatskey, Nancy Cam-Winget, Susan E. Thomson, David Jones, Morteza Ansari, Klaas Wierenga, Joseph Salowey
-
Patent number: 8949938Abstract: Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device (IdP), to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the IdP. The IdP uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.Type: GrantFiled: October 27, 2011Date of Patent: February 3, 2015Assignee: Cisco Technology, Inc.Inventors: Nathan Sowatskey, Nancy Cam-Winget, Susan E. Thomson, David Jones, Morteza Ansari, Klaas Wierenga, Joseph Salowey
-
Publication number: 20130152175Abstract: Techniques for providing access to cloud services via a plurality of different network interfaces of a client device. In accordance with one example, during establishment of a communication session between the cloud computing system and the client device, an interface-independent identifier is provided to the client device via a first of the plurality of different network interfaces. Following determination to establish the communication session via the second network interface, the cloud computing system is configured to maintain a virtual environment associated with the communication session for a period of time. A message is received, via a second of the plurality of different network interfaces, from the client device that includes the interface-independent identifier.Type: ApplicationFiled: December 9, 2011Publication date: June 13, 2013Applicant: CISCO TECHNOLOGY, INC.Inventors: Ron Hromoko, Kevin Shatzkamer, Klaas Wierenga, Steven Braaten
-
Publication number: 20130111549Abstract: Techniques are provided for authenticating a subject of a client device to access a software-as-a-service (SaaS) server. A network access device receives a request from a client device to establish a network session and transfers identity information of the subject, the client device and the network session to a session directory database. A request is sent to access an application on a SaaS server. If it does not contain an identity assertion that identifies the subject, the request is redirected to an identity provider device (IdP), to provide identity assertion services to the subject. A network session identifier is inserted into the request by a network access device and the request is forwarded to the IdP. The IdP uses the network session identifier to query the session directory database for the identity information to be used for a security assertion of the subject to the SaaS server.Type: ApplicationFiled: October 27, 2011Publication date: May 2, 2013Applicant: CISCO TECHNOLOGY, INC.Inventors: Nathan Sowatskey, Nancy Cam-Winget, Susan E. Thomson, David Jones, Morteza Ansari, Klaas Wierenga, Joseph Salowey
-
Publication number: 20130091355Abstract: Techniques are provided for securely providing protected information within an enterprise network to a service provider located outside of the enterprise network. An identity provider device hashes an address associated with protected information within an enterprise network to obtain a hashed address and maintains a mapping of the hashed address to the address associated with the protected information within the enterprise network. An assertion is sent to a service provider outside of the enterprise network, which contains the hashed address. The service provider receives a request, including the hashed address contained in the sent assertion, to access the protected information within the enterprise network. The service provider or other authorized party can then gain access to the protected information within the enterprise network by relating the hashed address to the address associated with the protected information within the enterprise network according to the mapping.Type: ApplicationFiled: October 5, 2011Publication date: April 11, 2013Applicant: CISCO TECHNOLOGY, INC.Inventors: Eliot Lear, Klaas Wierenga