Patents by Inventor Tanya Roosta

Tanya Roosta has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9137139
    Abstract: A network device receives packets sent over a network from another network device. Each packet contains a source identifier that identifies a device that is the source of the packet, a destination identifier that identifies a device that is the intended destination of the packet, a sender identifier that identifies a network device that encrypted and sent the packet and a sequence number associated with the packet. The network device stores data indicating source identifier, destination identifier, sender identifier and sequence number for packets received over time. The network device rejects a newly received packet when it is determined that the sequence number of the newly received packet is less than the last sequence number stored for a matching packet flow (same source identifier, destination identifier and sender identifier) and falls outside of the counter-based window with respect to the last sequence number stored for the matching packet flow.
    Type: Grant
    Filed: December 18, 2009
    Date of Patent: September 15, 2015
    Assignee: Cisco Technology, Inc.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
  • Patent number: 8750507
    Abstract: A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.
    Type: Grant
    Filed: January 25, 2010
    Date of Patent: June 10, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
  • Patent number: 8656170
    Abstract: Techniques are provided for determining freshness of control messages in a network. At a first device that is to enter into a secure communication session with a second device, timestamp information and time window size information are sent to the second device in a control message during a first exchange between a first device and a second device. At the first device, timestamp information and time window size information are obtained from a control message received from the second device by the first device during the first exchange. At the first device, the freshness of a control message is tested based on the timestamp information of the control message during a second exchange and the time window size information received from the second device during the first exchange.
    Type: Grant
    Filed: May 28, 2010
    Date of Patent: February 18, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Kavitha Kamarthy, Sheela D. Rowles, Dinesh Ranjit, Tanya Roosta, Warren S. Wainner
  • Publication number: 20110296185
    Abstract: Techniques are provided for determining freshness of control messages in a network. At a first device that is to enter into a secure communication session with a second device, timestamp information and time window size information are sent to the second device in a control message during a first exchange between a first device and a second device. At the first device, timestamp information and time window size information are obtained from a control message received from the second device by the first device during the first exchange. At the first device, the freshness of a control message is tested based on the timestamp information of the control message during a second exchange and the time window size information received from the second device during the first exchange.
    Type: Application
    Filed: May 28, 2010
    Publication date: December 1, 2011
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Kavitha Kamarthy, Sheela D. Rowles, Dinesh Ranjit, Tanya Roosta, Warren S. Wainner
  • Publication number: 20110182426
    Abstract: A technique for dynamically creating and deleting groups to support secure group communication sessions is provided herein. A request for creation of a dynamic group that enables group members to participate in a secure group communication session is received by a network authentication device such as a key server. Creation of the dynamic group includes generating a lifetime attribute indicating when the dynamic group is to exist based on timing information provided in the request, along with security policies required for generating the keys, and generating a unique group ID associated with the dynamic group for distribution to the group members. The keys for the secure group communication session are supplied, along with security policies, in response to a request containing the unique group ID identifying the dynamic group. The dynamic group is deleted in response to determining from the lifetime attribute that the secure group communication session has expired.
    Type: Application
    Filed: January 25, 2010
    Publication date: July 28, 2011
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit
  • Publication number: 20110153862
    Abstract: Techniques are provided for more robust counter-based anti-replay protection with respect to packets sent between network devices. A network device receives packets sent over a network from another network device. Each packet contains a source identifier that identifies a device that is the source of the packet, a destination identifier that identifies a device that is the intended destination of the packet, a sender identifier that identifies a network device that encrypted and sent the packet and a sequence number associated with the packet. The network device stores data indicating source identifier, destination identifier, sender identifier and sequence number for packets received over time.
    Type: Application
    Filed: December 18, 2009
    Publication date: June 23, 2011
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Tanya Roosta, Kavitha Kamarthy, Dinesh Ranjit