Patents by Inventor Nancy Cam Winget

Nancy Cam Winget has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9059925
    Abstract: A method for multicast load balancing in a wireless network having a plurality of access points. The method includes setting a maximum Internet protocol multicast bandwidth for the access points, receiving an admissions control request from a client at one of the access points, and determining whether the admissions control request from the client is for an admitted or unadmitted multicast stream at the access point. The access point is responsive to the admissions control request for the admitted multicast stream by servicing the admitted multicast stream and to the admissions control request for the unadmitted multicast stream by servicing the unadmitted multicast stream where the bandwidth required for the unadmitted multicast stream, plus that portion of the access point bandwidth currently used for all existing downlink multicast streams, does not exceed the maximum internet protocol multicast bandwidth for the access point.
    Type: Grant
    Filed: September 14, 2012
    Date of Patent: June 16, 2015
    Assignee: Cisco Technology, Inc.
    Inventors: Robert C. Meier, Stuart Norman, Douglas A. Smith, Nancy Cam Winget
  • Patent number: 8533832
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Grant
    Filed: April 25, 2012
    Date of Patent: September 10, 2013
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Mark Krischer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
  • Patent number: 8381268
    Abstract: A system that enables network authorization status to be conveyed to the device requesting network services within or outside the scope of an authentication exchange is provided. The authorization status notification or information can be automatically generated or otherwise triggered by a request from the user or device. For instance, a query can be employed to solicit device authorization status related to a particular service or group of services. Additionally, authorization status notification can be automatically triggered based upon a change in the device authorization state.
    Type: Grant
    Filed: May 6, 2008
    Date of Patent: February 19, 2013
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Joseph A. Salowey, James Edward Burns, Susan Elizabeth Thomson, Hao Zhou
  • Publication number: 20130010669
    Abstract: A method for multicast load balancing in a wireless network having a plurality of access points. The method includes setting a maximum Internet protocol multicast bandwidth for the access points, receiving an admissions control request from a client at one of the access points, and determining whether the admissions control request from the client is for an admitted or unadmitted multicast stream at the access point. The access point is responsive to the admissions control request for the admitted multicast stream by servicing the admitted multicast stream and to the admissions control request for the unadmitted multicast stream by servicing the unadmitted multicast stream where the bandwidth required for the unadmitted multicast stream, plus that portion of the access point bandwidth currently used for all existing downlink multicast streams, does not exceed the maximum internet protocol multicast bandwidth for the access point.
    Type: Application
    Filed: September 14, 2012
    Publication date: January 10, 2013
    Inventors: Robert C. MEIER, Stuart Norman, Douglas A. Smith, Nancy Cam Winget
  • Patent number: 8306027
    Abstract: A method for multicast load balancing in a wireless network having a plurality of access points. The method includes setting a maximum Internet protocol multicast bandwidth for the access points, receiving an admissions control request from a client at one of the access points, and determining whether the admissions control request from the client is for an admitted or unadmitted multicast stream at the access point. The access point is responsive to the admissions control request for the admitted multicast stream by servicing the admitted multicast stream and to the admissions control request for the unadmitted multicast stream by servicing the unadmitted multicast stream where the bandwidth required for the unadmitted multicast stream, plus that portion of the access point bandwidth currently used for all existing downlink multicast streams, does not exceed the maximum internet protocol multicast bandwidth for the access point.
    Type: Grant
    Filed: February 22, 2008
    Date of Patent: November 6, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Robert C. Meier, Stuart Norman, Douglas A. Smith, Nancy Cam Winget
  • Publication number: 20120210395
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Application
    Filed: April 25, 2012
    Publication date: August 16, 2012
    Inventors: Nancy CAM WINGET, Mark KRISHCER, Sheausong YANG, Ajit SANZGIRI, Timothy OLSON, Pauline SHUEN
  • Patent number: 8191144
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Grant
    Filed: April 27, 2009
    Date of Patent: May 29, 2012
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Mark Krishcer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
  • Patent number: 7953227
    Abstract: The present invention is contemplates an automatic, secure AP configuration protocol. Public/private keys and public key (PK) methods are used to automatically establish a mutual trust relationship and a secure channel between an AP and at least one configuration server. An AP automatically forwards a location identifier to the configuration server, and the configuration server delivers common, AP specific, and location specific configuration parameters to the AP.
    Type: Grant
    Filed: April 27, 2009
    Date of Patent: May 31, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Robert C. Meier, Nancy Cam Winget, Robert Bell
  • Patent number: 7844057
    Abstract: A method and system for handling roaming mobile nodes in a wireless network. The system uses a Subnet Context Manager to store current Network session keys, security policy and duration of the session (e.g. session timeout) for mobile nodes, which is established when the mobile node is initially authenticated. Pairwise transit keys are derived from the network session key. The Subnet Context Manager handles subsequent reassociation requests. When a mobile node roams to a new access point, the access point obtains the network session key from the Subnet Context Manager and validates the mobile node by computing a new pairwise transient key from the network session key.
    Type: Grant
    Filed: July 2, 2007
    Date of Patent: November 30, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Robert Meier, Richard D. Rebo, Victor J. Griswold, Douglas Smith, Nancy Cam Winget
  • Patent number: 7817042
    Abstract: In an example embodiment, an apparatus such as an RFID tag, is configured to operate in a first mode that allows the tag to associate with the network and receive configuration data and to operate in a second mode wherein the apparatus is not associated with the network. The apparatus sends announcement packets while in the second mode in accordance with the configuration data received while in the first mode of operation.
    Type: Grant
    Filed: February 23, 2007
    Date of Patent: October 19, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Allan Thomson
  • Patent number: 7788492
    Abstract: A method and system for pre-authenticating a pre-establishing key management on a roaming device prior to re-association to facilitate fast hand-off in a wireless network is described. For enhanced mobility, both authentication and key establishment is performed prior to re-association of the roaming device between access points. When the roaming device enters in contact with one of the access points, a local authentication is performed between the access point and the roaming device prior to re-association with the access point to allow for fast hand-offs of the device between access points within the network.
    Type: Grant
    Filed: August 17, 2007
    Date of Patent: August 31, 2010
    Assignee: Cisco Technology, Inc.
    Inventor: Nancy Cam Winget
  • Patent number: 7788480
    Abstract: A method and implementation is disclosed for secure communication between two or more parties. A secure tunnel is established between parties using an encryption algorithm. An authentication process is performed between parties over the secured tunnel. The provisioning of credentials is thereafter performed between parties.
    Type: Grant
    Filed: November 5, 2003
    Date of Patent: August 31, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Nancy Cam Winget, Mark Krischer, Ilan Frenkel, Hao Zhou
  • Patent number: 7706345
    Abstract: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.
    Type: Grant
    Filed: June 29, 2009
    Date of Patent: April 27, 2010
    Assignee: Cisco Technology, Inc.
    Inventors: Robert Meier, Richard D. Rebo, Victor J. Griswold, Douglas Smith, Nancy Cam Winget
  • Patent number: 7640430
    Abstract: A Machine Authentication PAC (Protected Access Credential) serves as machine credentials to obtain network access without requiring server storage and management of the additional set of credentials. The first time authentication is performed, user authentication is executed. After the supplicant and server have mutually authenticated each other and satisfied other validations, the supplicant requests a Machine Authentication PAC from the server. The Server randomly generates a cryptographic key (Device Key) and sends it to the supplicant along with an encrypted ticket, comprising the Device Key and other information and encrypted with a key only known to the Server. The supplicant caches the Machine Authentication PAC in its non-volatile memory for future use. When the machine needs to access certain network services before a user is available, the supplicant uses the Machine Authentication PAC to gain authorization for the machine to limited access on the network, without requiring user input.
    Type: Grant
    Filed: April 4, 2005
    Date of Patent: December 29, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Hao Zhou, Joseph Salowey, Nancy Cam Winget
  • Patent number: 7624270
    Abstract: The present invention communication network system and method facilitates authentication and registration in a communication network as mobile nodes move from one geographical region to another. Multiple wireless domain services (WDSs) share client authentication information permitting relatively seamless roaming between subnets with minimal interruptions and delays. In one embodiment, a wireless domain service network communication method is performed utilizing partial authentication processes. A mobile node engages in an authentication protocol with a first wireless domain service (WDS) access point in a first subnet. The authentication credentials are forwarded to a second wireless domain service in a second subnet if the authentication protocol is successfully completed. The forwarded authentication credentials are utilized to authenticate the client entering the service area of the second wireless domain service in the second subnet.
    Type: Grant
    Filed: February 18, 2005
    Date of Patent: November 24, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Arnavkumar M. Pathan, Patrick Pak-Chiu Leung, John F. Wakerly, Nancy Cam Winget, Robert Charles Meier
  • Publication number: 20090262718
    Abstract: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.
    Type: Application
    Filed: June 29, 2009
    Publication date: October 22, 2009
    Inventors: Robert MEIER, Richard D. Rebo, Victor J. Griswold, Douglas Smith, Nancy Cam Winget
  • Publication number: 20090235077
    Abstract: A detection-based defense to a wireless network. Elements of the infrastructure, e.g., access points or scanning-only access points, detect intruders by detecting spoofed frames, such as from rogue access points. Access points include a signature, such as a message integrity check, with their management frames in a manner that enables neighboring access points to be able to validate the management frames, and to detect spoofed frames. When a neighboring access point receives a management frame, obtains a key for the access point sending the frame, and validates the management frame using the key.
    Type: Application
    Filed: April 27, 2009
    Publication date: September 17, 2009
    Inventors: Nancy Cam Winget, Mark Krischer, Sheausong Yang, Ajit Sanzgiri, Timothy Olson, Pauline Shuen
  • Publication number: 20090232311
    Abstract: The present invention is contemplates an automatic, secure AP configuration protocol. Public/private keys and public key (PK) methods are used to automatically establish a mutual trust relationship and a secure channel between an AP and at least one configuration server. An AP automatically forwards a location identifier to the configuration server, and the configuration server delivers common, AP specific, and location specific configuration parameters to the AP.
    Type: Application
    Filed: April 27, 2009
    Publication date: September 17, 2009
    Inventors: Robert C. MEIER, Nancy Cam Winget, Robert Bell
  • Patent number: 7561549
    Abstract: A Wireless LAN Context Control Protocol (WLCCP) is used to establish and manage a wireless network topology and securely manages the “operational context” for mobile stations in a campus network. The WLCCP registration protocol can automatically create and delete links in the network, securely distribute operational context, and reliably establish Layer 2 forwarding paths on wireless links. A single infrastructure node is established as the central control point for each subnet, and enables APs and MNs to select the parent node that provides the “least-cost path” to a backbone LAN. Context messages provide a general-purpose transport for context and management information. WLCCP “Trace” messages facilitate network diagnostic tools. Ethernet or UDP/IP encapsulation can be used for WLCCP messages. Ethernet encapsulation is employed for intra-subnet (e.g. AP-to-AP or AP-to-SCM) WLCCP messages. IP encapsulation is used for inter-subnet WLCCP messages and may also be used for intra-subnet WLCCP messages.
    Type: Grant
    Filed: May 4, 2005
    Date of Patent: July 14, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Robert Meier, Richard D. Rebo, Victor J. Griswold, Douglas Smith, Nancy Cam Winget
  • Patent number: 7562224
    Abstract: A system and method that allows a device to complete a single complete authentication sequence to a AAA server resulting in as many secure sessions required for the different applications or subsystems determined by the client's identity and the AAA server's policy. As the device is authenticated, it is determined where there are other sessions for the device. The sessions are established by generating unique new keying material that is passed to each session. This can be accomplished by (a) the authenticator or AAA server issuing the keys and distributing them to both the supplicant and applications (via their authenticators); or (b) authenticator or the AAA server mutually generating the session unique keys with the supplicant that are then distributed to the applications (via their authenticators).
    Type: Grant
    Filed: April 4, 2005
    Date of Patent: July 14, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Mark Krischer, Nancy Cam Winget