Patents by Inventor Marouane Balmakhtar
Marouane Balmakhtar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180302336Abstract: A Software-Defined Network (SDN) controller receives controller Application Programming Interface (API) calls from an SDN application and transfers SDN data machine API calls. SDN data machines receive the SDN data machine API calls and process user data responsive to the SDN data machine API calls. The SDN controller transfers SDN controller Key Performance Indicators (KPIs) that indicate an amount of the SDN application API calls for the SDN data machine API calls. The SDN data machines transfers SDN data machine KPIs that indicate an amount of the processed user data for the SDN data machine API calls. An SDN server receives the SDN data machine KPIs and the SDN controller KPIs. The SDN server determines an SDN Quality-of-Service (QoS) score for a data communication service based on the amount of the SDN application API calls relative to the corresponding amount of the processed user data.Type: ApplicationFiled: June 25, 2018Publication date: October 18, 2018Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Patent number: 10097421Abstract: A Software Defined Network (SDN) exerts policy control over a data service. An SDN computer system executes SDN applications to direct the data service. The SDN computer system executes SDN controllers to control the data service responsive to the SDN applications. SDN data machines deliver the data service responsive to the SDN controllers. The SDN applications, SDN controllers, and SDN data machines transfer SDN Key Performance Indicators (KPIs). An SDN server processes the SDN KPIs to generate data service indices. The SDN server processes the data service indices to select policies for the data service.Type: GrantFiled: June 16, 2016Date of Patent: October 9, 2018Assignee: Sprint Communications Company L.P.Inventors: Arun Rajagopal, Marouane Balmakhtar
-
Patent number: 10083098Abstract: A Network Function Virtualization (NFV) system recovers from a Virtual Network Function (NFV) crash. Initially, an NFV Infrastructure (NFVI) executes the VNF, and the VNF transfers VNF state data to a VNF database. An NFV orchestrator detects a VNF crash and retrieves the VNF state data for the crashed VNF from the VNF state database. The NFV orchestrator directs the NFVI to install a new VNF to replace the crashed VNF based on the VNF state data. The NFVI installs the new VNF based on the VNF state data.Type: GrantFiled: June 7, 2016Date of Patent: September 25, 2018Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Patent number: 10069844Abstract: A Network Function Virtualization (NFV) Software Defined Network (SDN) maintains hardware trusted communications. A source trust controller and a target trust controller establish hardware trust with a trust server. The trust server exchanges information with the source trust controller that indicates the hardware trust for a target vSW. The source trust controller exchanges the information with the source vSW that indicates the hardware trust for the target vSW. The source vSW receives a Virtual Data Unit (VDU) from the source VNF for delivery to the target VNF over the target vSW, and before transfer, the source vSW verifies hardware trust of the target vSW based on the HT information. Responsive to the hardware trust verification, the source vSW transfers the VDU for the delivery to the target vSW. The target vSW transfers the VDU to the target VNF.Type: GrantFiled: July 21, 2016Date of Patent: September 4, 2018Assignee: Sprint Communications Company L.P.Inventors: Lyle Walter Paczkowski, James Patrick Sisul, Marouane Balmakhtar
-
Publication number: 20180227305Abstract: A Network Function Virtualization Infrastructure (NFVI) controls a Software Defined Network (SDN) Application Programming Interface (API) between a source SDN Virtual Network Function (VNF) and a target SDN VNF. NFV circuitry executes the source SDN VNF and transfers an identity code embedded in the source SDN VNF to Management and Orchestration (MANO) circuitry. The MANO circuitry translates the SDN VNF identity code into API privileges between the source SDN VNF and the target SDN VNF. The MANO circuitry transfers the SDN API privileges to the target SDN VNF. The NFV circuitry executes the source SDN VNF and transfers SDN API data from the source SDN VNF to the target SDN VNF. The NFV circuitry executes the target SDN VNF and processes the SDN API data based on the SDN API privileges.Type: ApplicationFiled: April 3, 2018Publication date: August 9, 2018Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Publication number: 20180219744Abstract: A Software-Defined Network (SDN) distributes Proxy Correlation Index (PCI) control in an SDN data-plane. An SDN controller transfers SDN signaling that indicates a data-plane PCI configuration. An SDN data machine processes the SDN signaling and configures a PCI generator and a flow controller to implement the data-plane PCI configuration. The SDN data-plane machine processes user data flows per a Flow Description Table (FDT) and generates Key Performance Indicators (KPIs) for the user data flows. The PCI generator generates PCIs based on the KPIs and the data-plane PCI configuration. The flow controller updates the FDT based on the PCIs and the data-plane PCI configuration. The SDN data-plane machine processes the user data flows per the updated FDT.Type: ApplicationFiled: January 31, 2017Publication date: August 2, 2018Inventors: Arun Rajagopal, Marouane Balmakhtar, Carl Joseph Persson
-
Patent number: 10033660Abstract: A data communication system determines Software Defined Network (SDN) Quality-of-Service (QoS). SDN applications transfer SDN controller Application Programming Interface (API) calls and receive SDN controller API responses. The SDN applications measure Key Performance Indicators (KPIs) and transfer SDN application KPI data. An SDN controller receives the controller API calls, transfers the controller API responses, transfers SDN data machine API calls, and receives SDN data machine API responses. The SDN controller measures KPIs and transfer SDN controller KPI data. SDN data machines receive the SDN data machine API calls, perform SDN actions on user data responsive to the data machine API calls, and transfer the data machine API responses. The SDN data machines measure KPIs and transfer SDN data machine KPI data. An SDN QoS server processes the SDN KPI data to generate an SDN QoS score.Type: GrantFiled: March 1, 2016Date of Patent: July 24, 2018Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Publication number: 20180191497Abstract: A Network Function Virtualization (NFV) data communication system implements hardware trusted Management and Orchestration (MANO). A Hardware (HW) trust server issues a HW trust challenge to a MANO system. The MANO system hashes its physically-embedded hardware trust key to generate a HW trust result and transfers the HW trust result to the HW trust server. The HW trust server validates the hardware trust result and transfers a HW trust certificate to the MANO system. The MANO system transfers the HW trust certificate and NFV MANO data to an NFV Infrastructure (NFVI). The NFVI validates the HW trust certificate. The NFVI exchanges user data responsive to the NFV MANO data when the HW trust certificate is valid. The NFVI isolates the NFV MANO data when the HW trust certificate is not valid.Type: ApplicationFiled: December 29, 2016Publication date: July 5, 2018Inventors: Lyle Walter Paczkowski, Arun Rajagopal, Marouane Balmakhtar
-
Patent number: 9985866Abstract: A Network Function Virtualization (NFV) Software Defined Network (SDN) performs a network task. An NFV management system processes Key Performance Indicators (KPIs) to identify the network task and to direct an NFV orchestration system to install a virtual Probe (vProbe) with filter criteria to collect additional KPIs for the network task. The NFV orchestration system directs an NFV Infrastructure (NFVI) to install the vProbe. The vProbe sends the filter criteria to a virtual Switch (vSW) in the NFVI, and the vSW applies the filter criteria to Virtual Network Function (VNF) traffic and transfers the filtered data to the vProbe. The vProbe processes the filtered data to generate the additional KPIs for the NFV management system. The NFV management system processes the additional KPIs to perform the network task.Type: GrantFiled: July 23, 2016Date of Patent: May 29, 2018Assignee: Sprint Communications Company L.P.Inventors: Arun Rajagopal, Marouane Balmakhtar, Carl Joseph Persson
-
Patent number: 9986483Abstract: An LTE base station facilitates handoffs in an LTE communication system. The LTE base station is configured to exchange session communications with a UE and receive session information transmitted from an LTE communication control system, the session information including a media type of the communication session and a vector associated with the UE. The LTE base station is further configured to identify a plurality of candidate base stations within a proximity threshold to a path of the vector associated with the UE, poll the plurality of candidate base stations for capability information, process the capability information to determine a set of the candidate base stations that support the media type of the communication session, select a target base station for a handoff from the set of the candidate base stations that support the media type, and instruct the UE to initiate the handoff to the target base station.Type: GrantFiled: March 14, 2016Date of Patent: May 29, 2018Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Aaron Paul Hinkle, G. Murat Karabulut
-
Publication number: 20180139154Abstract: A Network Function Virtualization (NFV) Software-Defined Network (SDN) communicates across network boundaries with other NFV SDNs to support a data communication service. An NFV orchestrator transfers forwarding graphs for service, NFV, and SDN Network-to-Network Interfaces (NNIs) to an SDN controller. The SDN controller converts the forwarding graphs into forwarding instructions and transfers the forwarding instructions for the service, NFV, and SDN NNIs to an NFV SDN switching system. The NFV orchestrator uses the NFV NNI to transfer its forwarding graphs over the NFV SDN switching system across the network boundary to another NFV orchestrator. The SDN controller uses the SDN NNI to transfer its forwarding instructions over the NFV SDN switching system across the network boundary to another SDN controller. The NFV SDN switching system uses the service NNI to transfer user data across the network boundary to another NFV SDN switching system.Type: ApplicationFiled: November 16, 2016Publication date: May 17, 2018Inventors: Arun Rajagopal, Marouane Balmakhtar, Lyle Walter Paczkowski
-
Patent number: 9967257Abstract: A Software-Defined Network (SDN) authorizes Application Programming Interface (API) calls from user SDN applications to user SDN controllers. A user SDN application transfers an embedded code to an authorization SDN controller. The authorization SDN controller translates the embedded code into an SDN controller network address and an SDN application privilege data set. The authorization SDN controller transfers the SDN controller network address to the user SDN application. The authorization SDN controller transfers the SDN application privilege data set to the user SDN controller. The user SDN application transfers an SDN API call to the user SDN controller using the SDN controller network address. The user SDN controller determines if the SDN API call is authorized by the SDN application privilege data set. The user SDN controller services the API call if the SDN API call is authorized and inhibits an unauthorized API call.Type: GrantFiled: March 16, 2016Date of Patent: May 8, 2018Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Patent number: 9912693Abstract: A server system generates and transfers Precision Time Protocol (PTP) synch requests for delivery to a PTP clock server and responsively receives PTP synch responses transferred by the PTP clock server. The server system processes the PTP synch responses to determine PTP clock phase error data for the PTP clock server. The server system compares the PTP clock phase error data to a historical phase error threshold for the PTP clock server. If the PTP clock phase error data does not exceed the historical phase error threshold, then the server system updates the historical phase error threshold for the PTP clock server based on the PTP clock phase error data. If the PTP clock phase error data exceeds the historical phase error threshold, then the server system generates an indication that the PTP clock server comprises a malicious PTP node.Type: GrantFiled: April 6, 2015Date of Patent: March 6, 2018Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Khoi Dinh Nguyen
-
Patent number: 9887980Abstract: A system for authenticating client devices for communication with one or more wireless communications networks, includes a client device configured to receive a client-side global time from a time tracking system and generate a response to an authentication challenge based on the authentication challenge, the client-side global time, a client device identifier associated with the client device, and optionally location data that corresponds to a location of the client device.Type: GrantFiled: July 30, 2014Date of Patent: February 6, 2018Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Ramana Venkata Gollamudi
-
Publication number: 20180026992Abstract: A Network Function Virtualization (NFV) Software Defined Network (SDN) maintains hardware trusted communications. A source trust controller and a target trust controller establish hardware trust with a trust server. The trust server exchanges information with the source trust controller that indicates the hardware trust for a target vSW. The source trust controller exchanges the information with the source vSW that indicates the hardware trust for the target vSW. The source vSW receives a Virtual Data Unit (VDU) from the source VNF for delivery to the target VNF over the target vSW, and before transfer, the source vSW verifies hardware trust of the target vSW based on the HT information. Responsive to the hardware trust verification, the source vSW transfers the VDU for the delivery to the target vSW. The target vSW transfers the VDU to the target VNF.Type: ApplicationFiled: July 21, 2016Publication date: January 25, 2018Inventors: Lyle Walter Paczkowski, James Patrick Sisul, Marouane Balmakhtar
-
Publication number: 20170272437Abstract: A Software-Defined Network (SDN) authorizes Application Programming Interface (API) calls from user SDN applications to user SDN controllers. A user SDN application transfers an embedded code to an authorization SDN controller. The authorization SDN controller translates the embedded code into an SDN controller network address and an SDN application privilege data set. The authorization SDN controller transfers the SDN controller network address to the user SDN application. The authorization SDN controller transfers the SDN application privilege data set to the user SDN controller. The user SDN application transfers an SDN API call to the user SDN controller using the SDN controller network address. The user SDN controller determines if the SDN API call is authorized by the SDN application privilege data set. The user SDN controller services the API call if the SDN API call is authorized and inhibits an unauthorized API call.Type: ApplicationFiled: March 16, 2016Publication date: September 21, 2017Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Publication number: 20170257324Abstract: A data communication system determines Software Defined Network (SDN) Quality-of-Service (QoS). SDN applications transfer SDN controller Application Programming Interface (API) calls and receive SDN controller API responses. The SDN applications measure Key Performance Indicators (KPIs) and transfer SDN application KPI data. An SDN controller receives the controller API calls, transfers the controller API responses, transfers SDN data machine API calls, and receives SDN data machine API responses. The SDN controller measures KPIs and transfer SDN controller KPI data. SDN data machines receive the SDN data machine API calls, perform SDN actions on user data responsive to the data machine API calls, and transfer the data machine API responses. The SDN data machines measure KPIs and transfer SDN data machine KPI data. An SDN QoS server processes the SDN KPI data to generate an SDN QoS score.Type: ApplicationFiled: March 1, 2016Publication date: September 7, 2017Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Publication number: 20170208090Abstract: A Software-Defined Network (SDN) data-plane machine stores flow data and a hardware-trust key. The SDN data-plane machine receives and processes a hardware-trust challenge based on the hardware-trust key to generate and transfer a hardware-trust response. The SDN data-plane machine receives and routes user data based on the flow data. The SDN data-plane machine receives modification data from an SDN controller. The SDN data-plane machine validates hardware-trust of the SDN controller and modifies the flow data based on the modification data responsive to the hardware-trust validation of the SDN controller. The SDN data-plane machine receives and routes additional user data responsive to the modified flow data.Type: ApplicationFiled: April 5, 2017Publication date: July 20, 2017Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Patent number: 9654465Abstract: In Software-Defined Network (SDN), a trust controller and trust processor exchange hardware-trust data over an SDN southbound interface to maintain hardware-trust. A flow controller transfers a Flow Description Table (FDT) modification to the data-plane machine over the southbound interface. The flow controller transfers an FDT modification notice to the trust controller which transfers FDT security data over the southbound interface to authorize the FDT change in the SDN data-plane machine. The data-plane machine authorizes the FDT modification based on the FDT security data from the trust controller. The data-plane machine modifies the FDT in response to the successful authorization and processes user data traffic using the modified FDT. The trust controller may also transfer a Threat Description Table (TDT) to the data-plane machine to filter the user traffic for other threats.Type: GrantFiled: October 1, 2015Date of Patent: May 16, 2017Assignee: Sprint Communications Company L.P.Inventors: Marouane Balmakhtar, Arun Rajagopal
-
Publication number: 20170099284Abstract: In Software-Defined Network (SDN), a trust controller and trust processor exchange hardware-trust data over an SDN southbound interface to maintain hardware-trust. A flow controller transfers a Flow Description Table (FDT) modification to the data-plane machine over the southbound interface. The flow controller transfers an FDT modification notice to the trust controller which transfers FDT security data over the southbound interface to authorize the FDT change in the SDN data-plane machine. The data-plane machine authorizes the FDT modification based on the FDT security data from the trust controller. The data-plane machine modifies the FDT in response to the successful authorization and processes user data traffic using the modified FDT. The trust controller may also transfer a Threat Description Table (TDT) to the data-plane machine to filter the user traffic for other threats.Type: ApplicationFiled: October 1, 2015Publication date: April 6, 2017Inventors: Marouane Balmakhtar, Arun Rajagopal