Patents by Inventor Mark Grayson

Mark Grayson has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 12389226
    Abstract: The presently claimed disclosure is directed to methods that may be implemented at a computer. Methods and systems consistent with the present disclosure may include extending protocols associated with authenticating client (i.e. supplicant) devices and with authorizing those supplicant devices to access a wireless network. These methods may include sending data relating to the failure of an authentication and/or an authorization process to a supplicant device attempting to access a wireless network. Methods discussed within may include securely sending failure codes or reasons to a supplicant device that identify why an authentication or authorization process failed. These methods may include sending messages between a supplicant device, an authenticator device, and an authentication and authorization server. After a first failure, the supplicant device may be able to access the wireless network after a reason or code of that failure has been reported to the supplicant device.
    Type: Grant
    Filed: February 13, 2024
    Date of Patent: August 12, 2025
    Assignee: Cisco Technology, Inc.
    Inventors: Jerome Henry, Bart Brinckman, Mark Grayson
  • Publication number: 20250234197
    Abstract: Disclosed are systems, apparatuses, processes, and computer-readable media for automated certificate-based device enrollment system. For example, a disclosed method includes receiving, by a client device, a certificate signed by a certificate authority, the certificate including network credential information associated with a wireless network; in response to enabling a client supplicant, configuring a credential of the client device based on the certificate and the network selection credential information; using the configured credential to trigger the automatic network detection and selection of a wireless network; and authenticating with the wireless network using the credential.
    Type: Application
    Filed: November 11, 2024
    Publication date: July 17, 2025
    Inventors: Mark Grayson, Bart Brinckman, Edward Thomas Lingham Hardie
  • Patent number: 12341900
    Abstract: Techniques for network communications are disclosed. These techniques include receiving a cryptographically generated device identifier (CGDI) and a public key relating to a wireless station (STA). The techniques further include determining a first hash based on decrypting the CGDI using the public key, and validating the first hash for an access network. The techniques further include identifying the STA in the access network using the CGDI based on binding the CGDI to a session associated with the STA and the access network.
    Type: Grant
    Filed: January 3, 2023
    Date of Patent: June 24, 2025
    Assignee: Cisco Technology, Inc.
    Inventors: Srinath Gundavelli, Mark Grayson
  • Publication number: 20250168633
    Abstract: Techniques for enhancing the security of network access within an open roaming framework are provided. A first network device receives a request to authenticate connection of a user device to a network. The first network device retrieves security data associated with the network. Based on analyzing the security data associated with the network, the first network device determines that one or more security criteria are satisfied. The first network device transmits a response to the user device, where the response instructs the user device to establish a connection with the network and does not disclose the security data.
    Type: Application
    Filed: November 22, 2023
    Publication date: May 22, 2025
    Inventors: Robert E. BARTON, Jerome HENRY, Bhavik P. SHAH, Mark GRAYSON
  • Patent number: 12302236
    Abstract: Presented herein are techniques associated with providing an alternative network indication to a client device in a wireless local area network (WLAN) roaming federation. In one example a method is provided that may include obtaining access network information for each of a plurality of access networks that neighbor a first access network through connection of a client device with the first access network involving a first identity provider profile; determining an alternative access network with which the client device is recommended to seek connection or an alternative identity provider profiles with which the client device is recommended to connect to the first access network; and enabling the client device to initiate a connection with the alternative access network or to re-initiate a connection with the first access network utilizing the alternative identity provider profile.
    Type: Grant
    Filed: September 6, 2022
    Date of Patent: May 13, 2025
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Mark Grayson, Jerome Henry
  • Publication number: 20250150878
    Abstract: Access network monitoring in a wireless federation may be provided. A plurality of access requests may be received from a probe device. Each of the plurality of access requests may comprise access request information. Next, an availability metric may be determined based on an amount of the plurality of access requests received and the access request information. The availability metric may then be reported.
    Type: Application
    Filed: October 10, 2024
    Publication date: May 8, 2025
    Applicant: Cisco Technology, Inc.
    Inventor: Mark Grayson
  • Patent number: 12262446
    Abstract: Presented herein are techniques associated with replicating an OpenRoaming™ policy federation in a Third Generation Partnership Project (3GPP) network environment. For example, techniques herein provide a roaming policy federation architecture for a 3GPP network environment.
    Type: Grant
    Filed: September 28, 2022
    Date of Patent: March 25, 2025
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Mark Grayson, Timothy Peter Stammers, Desmond Joseph O'Connor, Bart A. Brinckman
  • Publication number: 20250097209
    Abstract: The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.
    Type: Application
    Filed: December 3, 2024
    Publication date: March 20, 2025
    Inventors: Malcolm Muir Smith, Bart Brinckman, Mark Grayson, Jerome Henry, Matthew Stephen MacPherson
  • Patent number: 12256216
    Abstract: Presented herein are techniques to facilitate fast roaming between a mobile network operator-public (MNO-public) wireless wide area (WWA) access network and an enterprise private WWA access network. In one example, a method is provided that may include generating, by an authentication node, authentication material for a user equipment (UE) based on the UE being connected to a public WWA access network, wherein the public WWA access network is associated with a mobile network operator, and the authentication node and the UE are associated with an enterprise entity; obtaining, by the authentication node, an indication that the UE is attempting to access a private WWA access network associated with the enterprise entity; and providing, by the authentication node, the authentication material for the UE, wherein the authentication material facilitates connection establishment between the UE and the private WWA access network.
    Type: Grant
    Filed: April 22, 2024
    Date of Patent: March 18, 2025
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Oliver James Bull, Louis Gwyn Samuel, Mark Grayson
  • Patent number: 12231421
    Abstract: The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.
    Type: Grant
    Filed: August 8, 2023
    Date of Patent: February 18, 2025
    Assignee: Cisco Technology, Inc.
    Inventors: Malcolm Muir Smith, Bart Brinckman, Mark Grayson, Jerome Henry, Matthew Stephen MacPherson
  • Publication number: 20250039662
    Abstract: Techniques for wireless communications are disclosed. The techniques include generating a provisioning domain (PVD) identifier by associating a roaming consortium organization identifier (RCOI), relating to an identity federation comprising an identity provider (IDP), with the PVD. The techniques further include providing PVD configuration information from the IDP to a wireless station (STA) associated with the IDP, using the PVD identifier. The techniques further include applying one or more configuration policies at the STA based on the PVD configuration information.
    Type: Application
    Filed: July 28, 2023
    Publication date: January 30, 2025
    Inventors: Srinath GUNDAVELLI, Mark GRAYSON, Eric VYNCKE
  • Publication number: 20250031034
    Abstract: Subscriber identity concealment from an access network provider may be provided. A computing device may receive first identity data associated with a client device. Then the first identity data associated with the client device may be encrypted using second identity data to create an encrypted version of the first identity data associated with the client device. The encrypted version of the first identity data associated with the client device may be provided to an access network.
    Type: Application
    Filed: July 22, 2024
    Publication date: January 23, 2025
    Applicant: Cisco Technology, Inc.
    Inventors: Mark Grayson, Juan Carlos Zuniga
  • Publication number: 20250031277
    Abstract: In one aspect, a method for enabling EPCS in a network includes receiving a request from a network device to establish a connection to the network, wherein the request indicates an emergency event and at least one user equipment associated with the emergency event; prioritizing, for the network device, access to the network based on the request in accordance with a resource allocation policy comprising a plurality of access levels associated with a plurality of EPCS groups; allocating network resources in accordance with the resource allocation policy to the network device, wherein the one or more network resources are configured to modify a set of attributes of the network device to grant the network device an increased priority related to the emergency event; and transmitting a message to the network device to indicate authorization for the network device to establish a connection with the network according to the increased priority.
    Type: Application
    Filed: November 17, 2023
    Publication date: January 23, 2025
    Inventors: Sri Gundavelli, Mark Grayson, Brian Donald Hart, Matthew Stephen MacPherson, Pradeep Kumar Kathail
  • Publication number: 20240422622
    Abstract: Provided herein are techniques to facilitate conflict management in a shared Open Radio Access Network (O-RAN) architecture. In one instance, a method can be performed by a conflict manager of a near-real-time RAN intelligent controller of a shared RAN including radio unit (RU) nodes provided by a host operator. The method can include obtaining each of a requested radio unit (RU) configuration from each of a distributed unit (DU) node operated by each of a tenant operator and determining whether there are any conflicts among RU configuration parameters for each requested RU configuration. In one instance, upon determining one or more conflicts among the RU configuration parameters for each requested RU configuration, the method may include providing a response to each DU node indicating that each DU node is allowed to configure the plurality of RU nodes using each requested RU configuration in accordance with a modification.
    Type: Application
    Filed: June 16, 2023
    Publication date: December 19, 2024
    Inventors: Mark Grayson, Indermeet Singh Gandhi
  • Patent number: 12160730
    Abstract: Presented herein are techniques to facilitate wireless wide area (WWA) virtualized Radio Access Network (vRAN) (e.g., 5G) to wireless local area (WLA) RAN (e.g., Wi-Fi) steering or WLA RAN to WWA vRAN steering for one or more UE. In one example, a method may include obtaining first performance metrics associated with links of a WWA vRAN (e.g., fronthaul, midhaul, and backhaul links); obtaining second performance metrics associated with links WLA RAN (e.g., backhaul links); and in response to determining that one of the WWA vRAN is experiencing degraded performance based on the first performance metrics or the WLA RAN the second performance metrics, activating a steering event that causes, at least in part, an indication to be communicated to a UE to cause the UE to connect to the WWA vRAN or the WLA RAN that is not experiencing degraded performance.
    Type: Grant
    Filed: June 30, 2023
    Date of Patent: December 3, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Mark Grayson
  • Publication number: 20240388967
    Abstract: System, methods, and computer-readable media for validating and committing a shared O-RU configuration via a shared O-RU Operator. The shared O-RU Operator validates a partitioned configuration received from a tenant operator, with the ability to indicate to the tenant operator that the partitioned configuration is conformant to agreed-upon sharing rules and then commits the shared configuration to the shared O-RU. The shared O-RU operator shares the outcome of the commit operation to the tenant operator via defined operational-data that can be read by the tenant operator. A single radio in O-RAN is shared by multiple different operators and enables a neutral host to deploy a radio unit and then have that attached to different operators networks.
    Type: Application
    Filed: July 26, 2024
    Publication date: November 21, 2024
    Inventor: Mark Grayson
  • Patent number: 12127042
    Abstract: System, methods, and computer-readable media for validating and committing a shared O-RU configuration via a shared O-RU Operator. The shared O-RU Operator validates a partitioned configuration received from a tenant operator, with the ability to indicate to the tenant operator that the partitioned configuration is conformant to agreed-upon sharing rules and then commits the shared configuration to the shared O-RU. The shared O-RU operator shares the outcome of the commit operation to the tenant operator via defined operational-data that can be read by the tenant operator. A single radio in O-RAN is shared by multiple different operators and enables a neutral host to deploy a radio unit and then have that attached to different operators networks.
    Type: Grant
    Filed: November 22, 2021
    Date of Patent: October 22, 2024
    Assignee: Cisco Technology, Inc.
    Inventor: Mark Grayson
  • Patent number: 12120764
    Abstract: Presented herein are techniques to facilitate dual-connectivity support for a user equipment (UE) in a hybrid cell virtualized Radio Access Network (vRAN) architecture. In one example, a method may include obtaining, by a node of a mobile network via a first cell of a RAN, a request for a UE to connect to the mobile network via the first cell in which the RAN includes at least one shared cell and at least one unique cell; determining that the UE is allowed for dual-connectivity operation; and providing a policy to the UE, wherein the policy identifies, for each of one or more applications, one of a shared cell operating mode or a unique cell operating mode that the UE is to utilize for each of the one or more applications.
    Type: Grant
    Filed: July 10, 2023
    Date of Patent: October 15, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Arun G. Khanna, Mark Grayson
  • Publication number: 20240314559
    Abstract: Presented herein are techniques to facilitate fast roaming between a mobile network operator-public (MNO-public) wireless wide area (WWA) access network and an enterprise private WWA access network. In one example, a method is provided that may include generating, by an authentication node, authentication material for a user equipment (UE) based on the UE being connected to a public WWA access network, wherein the public WWA access network is associated with a mobile network operator, and the authentication node and the UE are associated with an enterprise entity; obtaining, by the authentication node, an indication that the UE is attempting to access a private WWA access network associated with the enterprise entity; and providing, by the authentication node, the authentication material for the UE, wherein the authentication material facilitates connection establishment between the UE and the private WWA access network.
    Type: Application
    Filed: April 22, 2024
    Publication date: September 19, 2024
    Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Oliver James Bull, Louis Gwyn Samuel, Mark Grayson
  • Patent number: 12047774
    Abstract: Presented herein are techniques to facilitate fast roaming between a mobile network operator-public (MNO-public) wireless wide area (WWA) access network and an enterprise private WWA access network. In one example, a method is provided that may include generating, by an authentication node, authentication material for a user equipment (UE) based on the UE being connected to a public WWA access network, wherein the public WWA access network is associated with a mobile network operator, and the authentication node and the UE are associated with an enterprise entity; obtaining, by the authentication node, an indication that the UE is attempting to access a private WWA access network associated with the enterprise entity; and providing, by the authentication node, the authentication material for the UE, wherein the authentication material facilitates connection establishment between the UE and the private WWA access network.
    Type: Grant
    Filed: May 16, 2023
    Date of Patent: July 23, 2024
    Assignee: CISCO TECHNOLOGY, INC.
    Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Oliver James Bull, Louis Gwyn Samuel, Mark Grayson