Patents by Inventor Shree N. Murthy
Shree N. Murthy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11909591Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.Type: GrantFiled: May 23, 2023Date of Patent: February 20, 2024Assignee: Cisco Technology, Inc.Inventors: Shyamsundar N. Maniyar, Sanjay Kumar Hooda, Shree N. Murthy, Sonal Prem Kumar Chhabria, Akshay Dorwat
-
Patent number: 11895085Abstract: A network management center includes a Dynamic Host Configuration Protocol (DHCP) server. The network management center obtains from an identity server, client information indicating authentication of a client device in a wireless network that is connected to a network fabric. The network management center obtains from an edge node in the network fabric an Internet Protocol (IP) address request for the client device. The IP address request including a fabric domain identifier associated with the edge node. The network management center allocates an IP address for the client device based on the client information obtained from the identity server and the fabric domain identifier contained in the IP address request obtained from the edge node. The network management center provides to the edge node an Identifier Locator Addressing (ILA) address based on the IP address.Type: GrantFiled: September 13, 2021Date of Patent: February 6, 2024Assignee: CISCO TECHNOLOGY, INC.Inventors: Srinath Gundavelli, Shree N. Murthy, Sudhir Kumar Jain
-
Publication number: 20240007468Abstract: Methods are provided that support media access control (MAC) address rotation (RCM) by generating a passcode for associating a user defined network by one or more endpoint devices instead of using MAC addresses for their respective device identity. In these methods, a computing device obtains a registration request for establishing a user defined network (UDN) and generates a unique UDN identifier and a unique passcode associated with the unique UDN identifier. The unique passcode enables an authentication of one or more endpoint devices to connect to the UDN. The authentication is independent of the MAC address of a respective endpoint device. The computing device provides the UDN identifier and the unique passcode such that the UDN identifier and the unique passcode are for connecting the one or more endpoint devices to the UDN.Type: ApplicationFiled: July 1, 2022Publication date: January 4, 2024Inventors: Shree N. Murthy, Stephen Michael Orr
-
Patent number: 11855841Abstract: Certain embodiments disclose systems and methods for creating a user private network (UPN) based on 11ay technology. Methods of the present disclosure include creating a personal basic service set (PBSS) having a service device and one or more 11ay devices, the service device configured to wirelessly communicate with the one or more 11ay devices in the PBSS, creating a UPN having an access point located in communicative proximity with the service device, and associating at least one 11ay device of the one or more 11ay devices with the UPN, wherein the at least one 11ay device is configured to establish a wireless connection with the one or more 11ay devices using the service device when within a coverage area of the PBSS, and to establish a wireless connection with the one or more 11ay devices using the access point when outside the coverage area of the PBSS.Type: GrantFiled: April 18, 2022Date of Patent: December 26, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Rajesh S. Pazhyannur, Anand Oswal, Arun G. Khanna, Kedar K. Gaonkar, Shree N. Murthy, Sudhir Jain
-
Publication number: 20230300024Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.Type: ApplicationFiled: May 23, 2023Publication date: September 21, 2023Inventors: Shyamsundar N. Maniyar, Sanjay Kumar Hooda, Shree N. Murthy, Sonal Prem Kumar Chhabria, Akshay Dorwat
-
Patent number: 11700527Abstract: Embodiments are presented for collaborative device address generation between a wireless client device and a network infrastructure component, such as a wireless access point. The wireless client device and network infrastructure component share information to facilitate collaborative generation of a sequence of device addresses. This shared information includes, in some embodiments, key information and moving factor information. The key information and moving factor information is used to generate a token. A sequence of tokens is generated by updating the moving factor as each token is generated. A corresponding sequence of device addresses are then derived based on the sequence of tokens. Since the wireless client device and the network infrastructure device apply equivalent methods to generate respective sequences of addresses, the network infrastructure is able to efficiently identify a source wireless client device when observing a new device address on a wireless network.Type: GrantFiled: May 25, 2021Date of Patent: July 11, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Srinath Gundavelli, Stephen Michael Orr, Shree N. Murthy
-
Patent number: 11700173Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.Type: GrantFiled: September 25, 2020Date of Patent: July 11, 2023Assignee: Cisco Technology, Inc.Inventors: Shyamsundar N. Maniyar, Sanjay Kumar Hooda, Shree N. Murthy, Sonal Prem Kumar Chhabria, Akshay Dorwat
-
MEDIA ACCESS CONTROL (MAC) ADDRESS ANONYMIZATION BASED ON ALLOCATIONS BY NETWORK CONTROLLER ELEMENTS
Publication number: 20230188523Abstract: A method is provided to anonymize the media access control (MAC) address of a client device. The method involves generating a plurality of media access control (MAC) addresses for use by a client device in a network. Policies are defined that determine which one of the plurality of MAC addresses is to be used by the client device. The plurality of MAC addresses allocated for use by the client device are registered with a management entity in the network.Type: ApplicationFiled: February 10, 2023Publication date: June 15, 2023Inventors: Srinath Gundavelli, Shree N. Murthy, Pradeep Kumar Kathail, Brian Weis -
Patent number: 11653191Abstract: Methods for extending cell broadcast notifications to various access technologies and enterprise communication infrastructure. A method includes obtaining, by a controller, a cellular broadcast message of a public warning system and identifying, by the controller, at least one network entity, from among a plurality of network entities operating in a private radio network, based on the at least one network entity being within a location area specified in the cellular broadcast message. The method further includes providing, by the controller to the at least one network entity, the cellular broadcast message.Type: GrantFiled: August 27, 2021Date of Patent: May 16, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Shree N. Murthy
-
Media access control (MAC) address anonymization based on allocations by network controller elements
Patent number: 11611557Abstract: A method is provided to anonymize the media access control (MAC) address of a client device. The method involves generating a plurality of media access control (MAC) addresses for use by a client device in a network. Policies are defined that determine which one of the plurality of MAC addresses is to be used by the client device. The plurality of MAC addresses allocated for use by the client device are registered with a management entity in the network.Type: GrantFiled: May 4, 2021Date of Patent: March 21, 2023Assignee: CISCO TECHNOLOGY, INC.Inventors: Srinath Gundavelli, Shree N. Murthy, Pradeep Kumar Kathail, Brian Weis -
Publication number: 20230036506Abstract: Aspects described herein include a method of automated grouping of client devices for a user-defined network (UDN). The method includes receiving, from a client device an authentication request to join an access provider network. The authentication request includes a unique identifier of the client device for a federation-based network. The method further includes transmitting the unique identifier to a UDN cloud, transmitting the authentication request to an identity provider, and receiving, responsive to the identity provider authenticating the authentication request, a list of one or more UDNs from the UDN cloud that are associated with the unique identifier. The method further includes joining the client device with one or more other client devices present on the access provider network listing a same UDN.Type: ApplicationFiled: July 29, 2021Publication date: February 2, 2023Inventors: Domenico Ficara, Roberto MUCCIFORA, Amine CHOUKIR, Shree N. MURTHY, Bart A. BRINCKMAN, Mirko RACA
-
Publication number: 20220386110Abstract: Embodiments are presented for collaborative device address generation between a wireless client device and a network infrastructure component, such as a wireless access point. The wireless client device and network infrastructure component share information to facilitate collaborative generation of a sequence of device addresses. This shared information includes, in some embodiments, key information and moving factor information. The key information and moving factor information is used to generate a token. A sequence of tokens is generated by updating the moving factor as each token is generated. A corresponding sequence of device addresses are then derived based on the sequence of tokens. Since the wireless client device and the network infrastructure device apply equivalent methods to generate respective sequences of addresses, the network infrastructure is able to efficiently identify a source wireless client device when observing a new device address on a wireless network.Type: ApplicationFiled: May 25, 2021Publication date: December 1, 2022Inventors: Srinath Gundavelli, Stephen Michael Orr, Shree N. Murthy
-
Patent number: 11489875Abstract: The use of device context in applying security policies is provided by receiving a Domain Name Service (DNS) query for a network resource from a user device (UD) at a DNS analysis server, the DNS query including a functional label describing a context of the UD; analyzing the DNS query to determine whether the UD is permitted to access the network resource based on the functional label; and in response to the functional label indicating that the UD is not permitted to access the network resource, transmitting a block page to the UD. The functional label can be added to the DNS query by a Mobile Device Management application on the UD, a router associated with the UD, or an enterprise server. Contexts for previously blocked DNS queries can be aggregated to identify UDs sharing at least one value with the previously blocked DNS queries as security compromised devices.Type: GrantFiled: January 28, 2020Date of Patent: November 1, 2022Assignee: Cisco Technology, Inc.Inventors: Antonio Trifilo, Maria Carpen Amarie, Thomas Vegas, Anirban Karmakar, Shree N. Murthy
-
Publication number: 20220247627Abstract: Certain embodiments disclose systems and methods for creating a user private network (UPN) based on 11ay technology. Methods of the present disclosure include creating a personal basic service set (PBSS) having a service device and one or more flay devices, the service device configured to wirelessly communicate with the one or more flay devices in the PBSS, creating a UPN having an access point located in communicative proximity with the service device, and associating at least one 11ay device of the one or more 11ay devices with the UPN, wherein the at least one flay device is configured to establish a wireless connection with the one or more flay devices using the service device when within a coverage area of the PBSS, and to establish a wireless connection with the one or more flay devices using the access point when outside the coverage area of the PBSS.Type: ApplicationFiled: April 18, 2022Publication date: August 4, 2022Inventors: Rajesh S. Pazhyannur, Anand Oswal, Arun G. Khanna, Kedar K. Gaonkar, Shree N. Murthy, Sudhir Jain
-
Patent number: 11310105Abstract: Certain embodiments disclose systems and methods for creating a user private network (UPN) based on 11ay technology. Methods of the present disclosure include creating a personal basic service set (PBSS) having a service device and one or more 11ay devices, the service device configured to wirelessly communicate with the one or more 11ay devices in the PBSS, creating a UPN having an access point located in communicative proximity with the service device, and associating at least one 11ay device of the one or more 11ay devices with the UPN, wherein the at least one 11ay device is configured to establish a wireless connection with the one or more 11ay devices using the service device when within a coverage area of the PBSS, and to establish a wireless connection with the one or more 11ay devices using the access point when outside the coverage area of the PBSS.Type: GrantFiled: May 19, 2020Date of Patent: April 19, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Rajesh S. Pazhyannur, Anand Oswal, Arun G. Khanna, Kedar K. Gaonkar, Shree N. Murthy, Sudhir Jain
-
Publication number: 20220103424Abstract: In one embodiment, dynamic user private networks are virtually segmented within a shared virtual network. A network control system maintains the dynamic logical segmentation of the shared virtual network. User entities (e.g., user devices and/or services) are communicatively coupled to respective personal virtual networks via endpoints of access devices. Each of these endpoints is associated with a corresponding user private network. Responsive in real-time to automated processing of a received electronic particular user request, the network control system automatically modifies the dynamic logical segmentation of the shared virtual network to move a particular user entity on the shared virtual network to newly being on the first dynamic user private network without being disconnected from the shared virtual network. One embodiment uses different user private network identifiers (UPN-IDs) associated with endpoints and received packets to identify their respective user private network.Type: ApplicationFiled: September 25, 2020Publication date: March 31, 2022Applicant: Cisco Technology, Inc., a California corporationInventors: Shyamsundar N. MANIYAR, Sanjay Kumar HOODA, Shree N. MURTHY, Sonal Prem Kumar CHHABRIA, Akshay DORWAT
-
Patent number: 11284462Abstract: Techniques are described for integrating cellular access within an enterprise fabric. In one example, a method includes obtaining, by a cellular termination function via a cellular access point, a request from a client for data plane connectivity via a network, wherein the cellular access point is registered within the network and is in communication with a first switch of the network; obtaining, by the cellular termination function, cellular policy information and enterprise policy information for the client; obtaining, by the cellular termination function, an Internet Protocol (IP) address for the client; and establishing data plane connectivity for the client with the network via the cellular access point, the first switch of the network, and a second switch of the network based, at least in part, on the IP address for the client, wherein the second switch connects the network with one or more data networks.Type: GrantFiled: December 17, 2019Date of Patent: March 22, 2022Assignee: CISCO TECHNOLOGY, INC.Inventors: Louis Gwyn Samuel, Srinath Gundavelli, Oliver James Bull, Mark Grayson, Sangram Kishore Lakkaraju, Shree N. Murthy
-
Publication number: 20210409370Abstract: A network management center includes a Dynamic Host Configuration Protocol (DHCP) server. The network management center obtains from an identity server, client information indicating authentication of a client device in a wireless network that is connected to a network fabric. The network management center obtains from an edge node in the network fabric an Internet Protocol (IP) address request for the client device. The IP address request including a fabric domain identifier associated with the edge node. The network management center allocates an IP address for the client device based on the client information obtained from the identity server and the fabric domain identifier contained in the IP address request obtained from the edge node. The network management center provides to the edge node an Identifier Locator Addressing (ILA) address based on the IP address.Type: ApplicationFiled: September 13, 2021Publication date: December 30, 2021Inventors: Srinath Gundavelli, Shree N. Murthy, Sudhir Kumar Jain
-
Publication number: 20210392485Abstract: Methods for extending cell broadcast notifications to various access technologies and enterprise communication infrastructure. A method includes obtaining, by a controller, a cellular broadcast message of a public warning system and identifying, by the controller, at least one network entity, from among a plurality of network entities operating in a private radio network, based on the at least one network entity being within a location area specified in the cellular broadcast message. The method further includes providing, by the controller to the at least one network entity, the cellular broadcast message.Type: ApplicationFiled: August 27, 2021Publication date: December 16, 2021Inventors: Srinath Gundavelli, Indermeet Singh Gandhi, Shree N. Murthy
-
Patent number: 11159480Abstract: A network management center includes a Dynamic Host Configuration Protocol (DHCP) server. The network management center obtains from an identity server, client information indicating authentication of a client device in a wireless network that is connected to a network fabric. The network management center obtains from an edge node in the network fabric an Internet Protocol (IP) address request for the client device. The IP address request including a fabric domain identifier associated with the edge node. The network management center allocates an IP address for the client device based on the client information obtained from the identity server and the fabric domain identifier contained in the IP address request obtained from the edge node. The network management center provides to the edge node an Identifier Locator Addressing (ILA) address based on the IP address.Type: GrantFiled: March 26, 2019Date of Patent: October 26, 2021Assignee: CISCO TECHNOLOGY, INC.Inventors: Srinath Gundavelli, Shree N. Murthy, Sudhir Kumar Jain