Patents by Inventor Mohamed Khalid
Mohamed Khalid has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8812726Abstract: Apparatus, methods and computer programs enable carrying service insertion architecture data plane packets in IPv4 or IPv6 networks by packaging destination addresses using IPv6 mechanisms. For example, a data processing apparatus is configured for receiving, from a service broker, a service label and an Internet Protocol version 6 (IPv6) address of a first service node; receiving an IPv4 packet requesting a service associated with the first service node; creating an IPv6 packet comprising a service label in a Flow Label field of the IPv6 packet, the IPv6 address of the first service node in a destination address field of the IPv6 packet, and the IPv4 packet in a payload field of the IPv6 packet; forwarding the IPv6 packet to the first service node. Approaches allow service insertion architecture support for all-IPv6 traffic including tunneled and non-tunneled techniques for environments in which user applications place data in the flow label field.Type: GrantFiled: September 9, 2008Date of Patent: August 19, 2014Assignee: Cisco Technology, Inc.Inventors: Mohamed Khalid, Ciprian Popoviciu, Patrick Grossetete, Kenneth Durazzo
-
Patent number: 8792487Abstract: In an example embodiment, a method for selecting a communication path is provided. The method may comprise receiving data encapsulated in a transport protocol. In addition, a classification type and exit path information associated with the classification type may be received. The data is associated with the classification type and then is encapsulated in Stream Control Transmission Protocol (SCTP) based on the exit path information. This exit path information is associated with the classification type that is associated with the data.Type: GrantFiled: August 21, 2007Date of Patent: July 29, 2014Assignee: Cisco Technology, Inc.Inventors: Mohamed Khalid, Aamer Saeed Akhter, Kenneth Alan Durazzo
-
Patent number: 8675478Abstract: In one embodiment, a network device joins a first multicast tree to receive post-ad-inserted video content. The network device also joins a second multicast tree to receive the pre-ad-inserted video content. The content from the first multicast tree is forwarded by the network device to the receiver(s). The network device determines if it does not receive the content on the first multicast tree due to any failure, in which case, it delivers the content from the second multicast tree to the receiver(s). This enables the receiver to receive the original (pre-ad-inserted) content during the failure in first multicast tree. When the failure is resolved, the network device can go back to sending the content from the first multicast tree to the receiver(s).Type: GrantFiled: April 30, 2008Date of Patent: March 18, 2014Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Gregory Shepherd, Mohamed Khalid
-
Patent number: 8650618Abstract: Apparatus, methods, and other embodiments associated with providing service insertion architecture (SIA) differentiated services in a virtual private network (VPN) environment are described. Embodiments may provision an authentication, authorization, and accounting (AAA) server with user-to-SIA service-context mapping information. With the AAA server provisioned, embodiments may acquire, in an IPSec VPN hub, during IPSec tunnel user authentication, from the AAA server, the user-to-SIA service-context mapping information. With the mapping information available, embodiments may dynamically map an SIA service to an IPSec VPN tunnel user based on the service information acquired from the Service Broker or Pseudo-Service Broker.Type: GrantFiled: July 22, 2009Date of Patent: February 11, 2014Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Mohamed Khalid, Sunil Cherukuri, Kenneth A. Durazzo, Shree Murthy
-
Patent number: 8644153Abstract: Methods and apparatus for providing a mediation device infrastructure that allows a mobile node to be tapped while roaming among and within service providers are disclosed. In one embodiment, a method includes determining when a node that is tapped by a first mediation device has moved from a first domain associated with the first mediation device into a second domain associated with a second mediation device. A first packet is sent to the second mediation device if the node has moved. The first packet provides an indication that the second mediation device is to tap the node. The method also includes opening a call data channel to the second mediation device, and receiving information from the second mediation device on the call data channel that is obtained by the second mediation device from the node. Finally, the method includes providing the information to the first mediation device.Type: GrantFiled: July 31, 2007Date of Patent: February 4, 2014Assignee: Cisco Technology, Inc.Inventors: Ciprian P. Popoviciu, John M. Gavin, William J. Wei, Mohamed Khalid
-
Patent number: 8625599Abstract: A system and method directed to carrying out dynamic secured group communication is provided. The method includes: obtaining a first packet that includes a first header; forming a frame that includes the first header in encrypted form; combining the first header and the frame to form a second packet and forming a second header; encapsulating the second packet with the second header to form a third packet, and communicating the third packet into the second network from the second source node for termination to the second-destination node. The first header includes a first source address of a first source node of a first network, and a first destination address of a first destination node of the first network. The second header includes a second source address of a second source node of a second network, and a second destination address of a second destination node of the second network.Type: GrantFiled: September 19, 2011Date of Patent: January 7, 2014Assignee: Cisco Technology, Inc.Inventors: Scott Fluhrer, Warren Scott Wainner, Sheela Rowles, Kavitha Kamarthy, Mohamed Khalid, Haseeb Niazi, Pratima Sethi
-
Patent number: 8625610Abstract: Various embodiments of the disclosed subject matter provide methods and systems for improved efficiency in spoke-to-spoke network communication. Embodiments provide systems and methods for registering a spoke with a hub, updating at least one database with spoke registration information at the hub, and advertising the spoke registration information to other spokes using a single control plane that includes transport security, peer discovery, and unicast routing information.Type: GrantFiled: October 12, 2007Date of Patent: January 7, 2014Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Mohamed Khalid, Brian E. Weis, Pratima Pramod Sethi
-
Publication number: 20130311778Abstract: An example method includes receiving a request for a cloud capability set during an Internet Key Exchange negotiation associated with a virtual private network (VPN) tunnel between a subscriber and a cloud, wherein the cloud capability set comprises one or more cloud capabilities, mapping the request to one or more cryptographic modules that can support the cloud capability set, and offloading the VPN tunnel to the one or more cryptographic modules. The request can be an Internet Security Association and Key Management Protocol (ISAKMP) packet listing the one or more cloud capabilities in a private payload. The method may further include splitting the VPN tunnel between the cryptographic modules if no single cryptographic module can support substantially all the cloud capabilities in the cloud capability set. In some embodiments, the request is compared with a service catalog comprising authorized cloud capabilities.Type: ApplicationFiled: May 16, 2012Publication date: November 21, 2013Inventors: Sunil Cherukuri, Mohamed Khalid, Brian Cinque
-
Publication number: 20130250935Abstract: In one example, an Edge Quadrature Amplitude Modulation (EQAM) communicates EQAM information to a Modular Cable Modem Termination System (M-CMTS) core using a routing protocol that is configured on a packet switched network coupling the EQAM to the M-CMTS core. The EQAM generates a routing message according to the routing protocol and inserts EQAM information, such as a description of a modulated channel extending from the EQAM, the service-group information, etc., into the routing message. The EQAM then floods the EQAM information over at least portions of a routing domain by transmitting the routing message to an adjacent intermediary device.Type: ApplicationFiled: May 22, 2013Publication date: September 26, 2013Applicant: Cisco Technology, Inc.Inventors: Rajiv ASATI, John CHAPMAN, Mohamed KHALID
-
Patent number: 8515079Abstract: In one embodiment, a rekey distribution process transmits, from a key server, a multicast probe message intended to be received by at least one group member device. The rekey distribution process also receives, at the key server, an acknowledgement message from each group member device that received the multicast probe message. In turn, the rekey distribution process transmits, from the key server, a multicast rekey data message intended to be received by each group member device from which the key server received an acknowledgment message. Furthermore, the rekey distribution process transmits, from the key server, a unicast rekey data message to each group member device from which the key server did not receive an acknowledgment message.Type: GrantFiled: January 26, 2007Date of Patent: August 20, 2013Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Mohamed Khalid, Aamer Akhter, Brian Weis, Shashi Sastry
-
Patent number: 8503453Abstract: In one embodiment, a QoS manager process that receives, at an EzVPN server device, connection speed data from an EzVPN client device. In addition, the QoS manager process processes, at the EzVPN server device, the connection speed data to determine a QoS policy for a communications session between the EzVPN client device and the EzVPN server device. Furthermore, the QoS manager process applies, at the EzVPN server device, the QoS policy to the communications session between the EzVPN client device and the EzVPN server device as determined by the processing of the connection speed data.Type: GrantFiled: November 20, 2006Date of Patent: August 6, 2013Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Mohamed Khalid, Aamer Akhter, Pratima Sethi
-
Patent number: 8457086Abstract: In one example, an Edge Quadrature Amplitude Modulation (EQAM) communicates EQAM information to a Modular Cable Modem Termination System (M-CMTS) core using a routing protocol that is configured on a packet switched network coupling the EQAM to the M-CMTS core. The EQAM generates a routing message according to the routing protocol and inserts EQAM information, such as a description of a modulated channel extending from the EQAM, the service-group information, etc, into the routing message. The EQAM then floods the EQAM information over at least portions of a routing domain by transmitting the routing message to an adjacent intermediary device.Type: GrantFiled: December 2, 2008Date of Patent: June 4, 2013Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, John Chapman, Mohamed Khalid
-
Patent number: 8447039Abstract: In one embodiment, group member devices may be divided into at least one cluster, wherein each cluster includes a primary key server designated to synchronize with a master key server. Each cluster further includes at least one registration server configured to communicate with member devices in the group within the cluster and to synchronize with the primary key server.Type: GrantFiled: September 26, 2007Date of Patent: May 21, 2013Assignee: Cisco Technology, Inc.Inventors: Mohamed Khalid, Rajiv Asati, Scott Thomas Fanning, Haseeb Niazi, Kavitha Kamarthy, Sheela Rowles
-
Patent number: 8429400Abstract: In one embodiment, a method can include: (i) sending a request to join a group to a service broker; (ii) receiving from the service broker a list of key servers servicing the group; and (iii) sending registration information to a selected one of the key servers in the list.Type: GrantFiled: June 21, 2007Date of Patent: April 23, 2013Assignee: Cisco Technology, Inc.Inventors: Mohamed Khalid, Warren S. Wainner, Aamer Akhter, Paul Quinn
-
Patent number: 8411866Abstract: In one embodiment, a Home Agent receives a Mobile IP registration request from a group member, where the group member is a Mobile Node. The Home Agent generates a mobility binding for the group member that associates the group member with a care-of address, wherein the group member is a member of one or more groups. The Home Agent generates a Mobile IP registration reply, where the Mobile IP registration reply identifies one or more key servers. Each of the one or more key servers serves at least one of the one or more groups and is adapted for distributing group cryptography material to members of each group that is served by the corresponding key server. The Home Agent sends the Mobile IP registration reply to the group member, thereby enabling the group member to obtain cryptography material for at least one of the one or more groups from at least one of the one or more key servers to enable the group member to use the cryptography group material to securely communicate with other group members.Type: GrantFiled: November 14, 2007Date of Patent: April 2, 2013Assignee: Cisco Technology, Inc.Inventors: Mohamed Khalid, Ciprian Pompiliu Popoviciu, Kavitha Kamarthy, Aamer Saeed Akhter, Rajiv Asati
-
Patent number: 8346961Abstract: Systems and methods for using routing protocol extensions to improve spoke to spoke communication in a computer network are disclosed. Embodiments provide systems and methods to establish a tunnel between a first spoke and a hub, exchange routing information between the first spoke and the hub using a routing protocol, extend the routing protocol and an associated database to include next hop mapping information, and establish a tunnel between the first spoke and a second spoke according to information in the database.Type: GrantFiled: December 12, 2007Date of Patent: January 1, 2013Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Mohamed Khalid, Alvaro Enrique Retana, Donnie Van Savage, Pratima Pramod Sethi
-
Patent number: 8307442Abstract: A method, apparatus and computer program product for preventing infection propagation in a DMVPN is presented. An infected spoke router site is isolated from the DMVPN network such that the spoke router may (bi-directionally) completely or partially limit communicating with any network devices (including the hub router, any other spoke routers etc.) within the DMVPN which prevents the DMVPN melt-down, isolates a worm-infected spoke router site from the rest of the DMVPN and restricts the spread of the worm within the DMVPN network.Type: GrantFiled: August 1, 2006Date of Patent: November 6, 2012Assignee: Cisco Technology, Inc.Inventors: Rajiv Asati, Mohamed Khalid, Haseeb Niazi, Jason Guy
-
Patent number: 8165023Abstract: One embodiment provides a method to interconnect virtual network segments (VNETs) defined for a local-area network (LAN) infrastructure separated by a wide-area network infrastructure. The technique involves the routing device at the LAN-WAN interconnection points to impose or dispose the VNET-shim, which encodes the VNET-id information in a Layer 4 portion of the packet. In a data plane, a new IP protocol value may be used to signify the presence of the VNET-shim followed by cryptography specific information in an IP packet. In a control plane, the routing protocol is expanded to exchange the routing information along with the VNET information.Type: GrantFiled: August 28, 2007Date of Patent: April 24, 2012Assignee: CISCO TECHNOLOGY, Inc.Inventors: Mohamed Khalid, Khalil Jabr, Rajiv Asati, Warren Scott Wainner, Scott Thomas Fanning
-
Patent number: 8149842Abstract: Disclosed are, inter alia, methods, apparatus, computer-storage media, mechanisms, and means associated with automated discovery of network devices supporting particular transport layer protocols, such as, but not limited to Stream Control Transmission Protocol (SCTP). Packet switching devices automatically discover peer packet switching devices supporting a particular transport layer protocol, and then establish a session using the particular transport layer protocol between them for subsequent use in transporting packets.Type: GrantFiled: August 25, 2008Date of Patent: April 3, 2012Assignee: Cisco Technology, Inc.Inventors: Mohamed Khalid, Kenneth Durazzo, Randall R. Stewart, Vivek Datar, Ramakrishnan Rajamoni
-
Publication number: 20120060029Abstract: A system and method directed to carrying out dynamic secured group communication is provided. The method includes: obtaining a first packet that includes a first header; forming a frame that includes the first header in encrypted form; combining the first header and the frame to form a second packet and forming a second header; encapsulating the second packet with the second header to form a third packet, and communicating the third packet into the second network from the second source node for termination to the second-destination node. The first header includes a first source address of a first source node of a first network, and a first destination address of a first destination node of the first network. The second header includes a second source address of a second source node of a second network, and a second destination address of a second destination node of the second network.Type: ApplicationFiled: September 19, 2011Publication date: March 8, 2012Applicant: CISCO TECHNOLOGY, INC.Inventors: Scott Fluhrer, Warren Scott Wainner, Sheela Rowles, Kavitha Kamarthy, Mohamed Khalid, Haseeb Niazi, Pratima Sethi