-
公开(公告)号:US20250168633A1
公开(公告)日:2025-05-22
申请号:US18517309
申请日:2023-11-22
Applicant: Cisco Technology, Inc.
Inventor: Robert E. BARTON , Jerome HENRY , Bhavik P. SHAH , Mark GRAYSON
Abstract: Techniques for enhancing the security of network access within an open roaming framework are provided. A first network device receives a request to authenticate connection of a user device to a network. The first network device retrieves security data associated with the network. Based on analyzing the security data associated with the network, the first network device determines that one or more security criteria are satisfied. The first network device transmits a response to the user device, where the response instructs the user device to establish a connection with the network and does not disclose the security data.
-
公开(公告)号:US20240171616A1
公开(公告)日:2024-05-23
申请号:US18422994
申请日:2024-01-25
Applicant: Cisco Technology, Inc.
Inventor: Jerome HENRY , Robert E. BARTON , Carlos M. PIGNATARO , Nagendra Kumar NAINAR , Malcolm M. SMITH , Mark GRAYSON , Bart A. BRINCKMAN
CPC classification number: H04L63/205 , H04L63/0236 , H04L63/105 , H04W12/06
Abstract: Differentiated service in a federation-based access network is provided by receiving a set of credentials from a User Equipment (UE) for a wireless network offering a plurality of service levels. In response to determining that the set of credentials indicate a realm associated with a given service level, network access is provided to the UE according to the given service level. In response to determining that the given service level is not a highest service level in the wireless network, a list of one or more preferred realms is transmitted to the UE, where each realm of the list of one or more preferred realms is associated with one or more higher service levels than the given service level.
-
公开(公告)号:US20230300680A1
公开(公告)日:2023-09-21
申请号:US18187549
申请日:2023-03-21
Applicant: Cisco Technology, Inc.
Inventor: Malcolm M. SMITH , Jerome HENRY , Mark GRAYSON , Robert E. BARTON , Bart A. BRINCKMAN
Abstract: Techniques for dynamically negotiating a service legal agreement (SLA) between a roaming device and a visited network (VN) in an identity federation. An identity profile provided to a user device by an identity provider (IDP) is accessed by the user device. The identity profile includes a first SLA criteria. An advertisement from the VN indicating one or more SLAs supported by the VN is received at the user device. The advertisement is received before the user device has associated with the VN. The IDP and the VN are part of a same identity federation. It is determined that the SLA supported by the VN satisfies the first SLA criteria. Upon that determination, an acceptance is transmitted by the user device to the VN, and the user device is associated with the VN.
-
公开(公告)号:US20230007050A1
公开(公告)日:2023-01-05
申请号:US17305235
申请日:2021-07-01
Applicant: Cisco Technology, Inc.
Inventor: Jerome HENRY , Robert E. BARTON , Carlos M. PIGNATARO , Nagendra Kumar NAINAR , Malcolm M. SMITH , Mark GRAYSON , Bart A. BRINCKMAN
Abstract: Differentiated service in a federation-based access network is provided by receiving, with a request for access to a wireless network offering at least a two different service levels based on user identities, a set of user credentials from a User Equipment (UE); forwarding, for authentication, the set of user credentials to an identity provider in an identity federation with the wireless network, wherein the identity provider is independent from the wireless network; in response to determining that the set of user credentials indicate a realm known to be associated with a given service level, providing network access to the UE according to the given service level; and in response to determining that the given service level is not a highest service level in the wireless network, transmitting a list of preferred realms to the UE that are associated with higher service levels than the given service level.
-
-
-
Search Results
14
records
(took 0.016 seconds)
