Patents by Inventor Syam Sundar V. Appala

Syam Sundar V. Appala has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10540507
    Abstract: A device obtains access to an application resource from a remote application server based on an authenticated device identifier. The device sends a request to access the application resource provided by the remote application server. The device receives a first message from the remote application server directing the device to send an authentication message to a device identity server. The authentication message requests an authenticated device identity for the device. The device attaches metadata associated with the device to the authentication message and sends the authentication message with the attached metadata to the device identity server. The device receives the authenticated device identity from the device identity server and sends the authenticated device identity to the remote application. The device obtains access to the application resource from the remote application server based on the authenticated device identity.
    Type: Grant
    Filed: May 17, 2017
    Date of Patent: January 21, 2020
    Assignee: Cisco Technology, Inc.
    Inventors: Steven Richard Stites, Morteza Ansari, Syam Sundar V Appala, Prashanth Patil
  • Publication number: 20190327150
    Abstract: A policy server correlates information from several messages associated with a client device to implement an identity-based network access policy. A network element connected to the client device obtains an authentication message including a first network address from the client device. The network element provides the authentication device to an identity server via a Network Address Translation (NAT) device, which translates the first network address to a second network address. The network element also provides a first message including the first network address to the policy server to request an identity-based policy for network communications of the client device. The network element implements the identity-based policy authorized by the policy server.
    Type: Application
    Filed: July 3, 2019
    Publication date: October 24, 2019
    Inventors: Sanjay Kumar Hooda, Syam Sundar V Appala, Kaushik Kumar Dam, Vimarsh Puneet
  • Patent number: 10397060
    Abstract: A policy server correlates information from several messages associated with a client device to implement an identity-based network access policy. The policy server receives a first message from a network element connected to the client device. The first message requests an identity-based policy for the client device, and includes a first network address. The policy server receives a second message from an identity server. The second message includes information indicating an identity role and a second network address. The policy server receives a third message from a NAT device. The third message includes a NAT mapping that correlates the first network address with the second network address. After the policy server determines the identity-based policy based on a combination of the first message, the second message, and the third message, the policy server implements the identity-based policy in the network element.
    Type: Grant
    Filed: March 2, 2017
    Date of Patent: August 27, 2019
    Assignee: Cisco Technology, Inc.
    Inventors: Sanjay Kumar Hooda, Syam Sundar V Appala, Kaushik Kumar Dam, Vimarsh Puneet
  • Publication number: 20190215303
    Abstract: In one example, a network element in a first network receives a network packet including a first security group identifier. The network element identifies the first security group identifier, determines that the first security group identifier is hierarchically correlated with a second security group identifier, and inserts the second security group identifier into the network packet. The network element forwards the network packet including the second security group identifier.
    Type: Application
    Filed: January 10, 2018
    Publication date: July 11, 2019
    Inventors: Syam Sundar V Appala, Kiran Kumar Yedavalli, Shyamsundar Nandkishor Maniyar, Sanjay Kumar Hooda
  • Publication number: 20180337920
    Abstract: A device obtains access to an application resource from a remote application server based on an authenticated device identifier. The device sends a request to access the application resource provided by the remote application server. The device receives a first message from the remote application server directing the device to send an authentication message to a device identity server. The authentication message requests an authenticated device identity for the device. The device attaches metadata associated with the device to the authentication message and sends the authentication message with the attached metadata to the device identity server. The device receives the authenticated device identity from the device identity server and sends the authenticated device identity to the remote application. The device obtains access to the application resource from the remote application server based on the authenticated device identity.
    Type: Application
    Filed: May 17, 2017
    Publication date: November 22, 2018
    Inventors: Steven Richard Stites, Morteza Ansari, Syam Sundar V Appala, Prashanth Patil
  • Publication number: 20180255017
    Abstract: A policy server correlates information from several messages associated with a client device to implement an identity-based network access policy. The policy server receives a first message from a network element connected to the client device. The first message requests an identity-based policy for the client device, and includes a first network address. The policy server receives a second message from an identity server. The second message includes information indicating an identity role and a second network address. The policy server receives a third message from a NAT device. The third message includes a NAT mapping that correlates the first network address with the second network address. After the policy server determines the identity-based policy based on a combination of the first message, the second message, and the third message, the policy server implements the identity-based policy in the network element.
    Type: Application
    Filed: March 2, 2017
    Publication date: September 6, 2018
    Inventors: Sanjay Kumar Hooda, Syam Sundar V Appala, Kaushik Kumar Dam, Vimarsh Puneet
  • Patent number: 7873025
    Abstract: A data processing apparatus in a network receives packet flows that are communicated between a first network node and a second network node, and comprises a clock and latency analysis logic configured for receiving a first data segment that has been communicated from the first node and forwarding the first data segment to the second node; storing a first time value of the clock in association with a first timestamp value obtained from the first data segment; receiving a second data segment that has been communicated from the second node and forwarding the second data segment to the first node; retrieving the first time value based on the first timestamp value; determining a second time value of the clock; and determining a first latency value by computing a difference of the second time value and the first time value. Thus end-to-end packet latency is determined by passively observing timestamp values.
    Type: Grant
    Filed: February 23, 2006
    Date of Patent: January 18, 2011
    Assignee: Cisco Technology, Inc.
    Inventors: Alpesh S. Patel, Syam Sundar V. Appala
  • Patent number: 7620870
    Abstract: A data compression method and system is disclosed. In one embodiment, the data compression method includes receiving a data packet. Also, the method includes compressing the data packet using a confirmed compression history, wherein the confirmed compression history includes previously acknowledged data packets. Further, the method includes sending a compressed data packet to a downstream device. Moreover, the method includes detecting a delivery acknowledgement associated with the compressed data packet. Continuing, the method includes updating the confirmed compression history by incorporating the data packet information into the confirmed compression history based upon receipt of the delivery acknowledgement.
    Type: Grant
    Filed: November 22, 2005
    Date of Patent: November 17, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Udayakumar Srinivasan, Syam Sundar V. Appala
  • Patent number: 7516198
    Abstract: A network node, for example a router, is configured for assigning network parameters for an identified flow of data packets associated with an application service, based on detecting quality of service parameters specified by XML tags within a message between an application server configured for providing the application service and a destination device configured for receiving the application service. The router includes an XML parser configured for parsing XML tags specifying prescribed user-selectable quality of service attributes for a corresponding application service, and an application resource configured for interpreting the prescribed user-selectable quality of service attributes for the application service. The application resource also is configured for assigning the selected network parameters, for transfer of the identified flow of data packets, based on the interpretation of the prescribed user-selectable quality of service attributes for the specified application service.
    Type: Grant
    Filed: October 30, 2001
    Date of Patent: April 7, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Syam Sundar V. Appala, Sampath H. K. Kumar
  • Patent number: 6862265
    Abstract: An integrated network switch having multiple network switch ports for outputting data frames also includes a dequeuing system for selectively supplying a data frame for output according to a specified priority by an output switch port. The dequeuing system includes, for each network switch port, a plurality of priority queues configured for holding assigned data frames based on respective priorities assigned by switching logic. A weighted round robin scheduler supplies the assigned data frames held in the priority queues to the output switch port according to a prescribed weighted round robin scheduling. In addition, the dequeuing system uses token bucket filters for selectively passing the assigned data frames to the respective priority queues in a manner that ensures that a given data frame having a large size does not interfere with bandwidth reserved for high-priority packets requiring guaranteed quality of service.
    Type: Grant
    Filed: April 13, 2000
    Date of Patent: March 1, 2005
    Assignee: Advanced Micro Devices, Inc.
    Inventors: Syam Sundar V. Appala, Bahadir Erimli