Classifying client devices in a network
US-9596154-B2 · Mar 14, 2017 · US
Control of network connected devices
US10778775B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10778775-B2 |
| Application number | US-201615333313-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 25, 2016 |
| Priority date | Oct 25, 2016 |
| Publication date | Sep 15, 2020 |
| Grant date | Sep 15, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Presented herein are techniques in which one or more network devices can use information provided by a special purpose network connected device to retrieve a usage profile (i.e., configuration file) associated with the special purpose network connected device. The retrieved usage profile, which includes/describes preselected (predetermined) usage descriptions associated with the special purpose network connected device, can then be used to configure one or more network devices. For example, the predetermined usage descriptions associated with the special purpose network connected device can be instantiated and enforced at a network device or the predetermined usage descriptions can be used for auditing the special purpose network connected device (e.g., monitoring of traffic within the network).
First claim
Opening claim text (preview).
What is claimed is: 1. A method comprising: at a security controller associated with a local network, establishing an authenticated communication channel between the security controller and a home gateway device of the local network; receiving, at the security controller, a request from a device controller to access one or more types of special purpose network connected devices in the local network; in response to the request, sending, by the security controller to the device controller an indication of at least one special purpose network connected device in the local network that the device controller is authorized to access; and installing, by the security controller, one or more access control directives on the home gateway device, the one or more access control directives include a network address of the device controller, authorizing the device controller to access the at least one special purpose network connected device. 2. The method of claim 1 , wherein receiving the request to access one or more types of special purpose network connected devices in the local network, comprises: receiving a Uniform Resource Identifier associated with a usage description for each of the one or more types of special purpose network connected devices. 3. The method of claim 1 , wherein sending the indication of the at least one special purpose network connected device in the local network that the device controller is authorized to access comprises: sending a Uniform Resource Identifier associated with a usage description of the at least one special purpose network connected device. 4. The method of claim 1 , wherein sending the indication of the at least one special purpose network connected device in the local network that the device controller is authorized to access comprises: sending another network address of the at least one special purpose network connected device to the device controller. 5. The method of claim 1 , further comprising: building a network address translation (NAT) mapping on the home gateway device to facilitate communication between the device controller and the at least one special purpose network connected device. 6. The method of claim 1 , further comprising: at the security controller, authenticating the device controller prior to receiving the request from the device controller to access the one or more types of special purpose network connected devices in the local network, after installing the one or more access control directives on the home gateway device, the method further comprises: at the security controller, re-authenticating the device controller; determining, based on the re-authentication of the device controller, that the network address of the device controller has changed such that the device controller has an updated network address; and installing the updated network address of the device controller in the one or more access control directives on the home gateway device. 7. The method of claim 1 , further comprising: periodically re-authenticating the device controller and updating the one or more access control directives based on detecting an address change of the device controller. 8. The method of claim 1 , further comprising: authenticating, by the security controller, the device controller; and based on authenticating the device controller, populating, by the security controller, a controller field of the one or more access control directives, at the home gateway device, with the network address of the device controller that is authorized to access and control the at least one special purpose network connected device. 9. An apparatus comprising: one or more network interface ports enabled for communication with a home gateway device of a local network and a device controller; a memory; and a processor configured to: establish an authenticated communication channel between the apparatus and the home gateway device, receive a request from the device controller to access one or more types of special purpose network connected devices in the local network, in response to the request, send, by the apparatus via the one or more network interface ports to the device controller, an indication of at least one special purpose network connected device in the local network that the device controller is authorized to access, and install one or more access control directives on the home gateway device, the one or more access control directives include a network address of the device controller, authorizing the device controller to access the at least one special purpose network connected device. 10. The apparatus of claim 9 , wherein to receive the request to access one or more types of special purpose network connected devices in the local network, the processor is configured to: receive a Uniform Resource Identifier associated with a usage description for each of the one or more types of special purpose network connected devices. 11. The apparatus of claim 9 , wherein to send the indication of the at least one special purpose network connected device in the local network that the device controller is authorized to access, the processor is configured to: send a Uniform Resource Identifier associated with a usage description of the at least one special purpose network connected device. 12. The apparatus of claim 9 , wherein to send the indication of the at least one special purpose network connected device in the local network that the device controller is authorized to access, the processor is configured to: send another network address of the at least one special purpose network connected device to the device controller. 13. The apparatus of claim 9 , wherein the processor is further configured to: build a network address translation (NAT) mapping on the home gateway device to facilitate the communication between the device controller and the at least one special purpose network connected device. 14. The apparatus of claim 9 , wherein the processor is further configured to: authenticate the device controller prior to receiving the request from the device controller to access the one or more types of special purpose network connected devices in the local network. 15. The apparatus of claim 14 , wherein after installing the network address of the device controller in the one or more access control directives on the home gateway device, the processor is configured to: re-authenticate the device controller; determine, based on the re-authentication of the device controller, that the network address of the device controller has changed such that the device controller has an updated network address; and install the updated network address of the device controller in the one or more access control directives on the home gateway device. 16. The apparatus of claim 9 , wherein after installing the network address of the device controller in the one or more access control directives on the home gateway device, the processor is configured to: periodically re-authenticate the device controller; and updated the one or more access control directives on the home gateway device based on an address change of the device controller. 17. One or more non-transitory computer readable storage media encoded with instructions that, when executed by a processor, cause the processor to: at a security controller associated with a local network, establish an authenticated communication channel between the security controller and a home gateway device of the local network; receive, at the security controller, a request fro
Assignees
Inventors
Classifications
Directories for service discovery · CPC title
using domain name system [DNS] · CPC title
- H04L67/125Primary
involving control of end-device applications over a network · CPC title
between local and global IP addresses · CPC title
for controlling access to devices or network resources · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10778775B2 cover?
- Presented herein are techniques in which one or more network devices can use information provided by a special purpose network connected device to retrieve a usage profile (i.e., configuration file) associated with the special purpose network connected device. The retrieved usage profile, which includes/describes preselected (predetermined) usage descriptions associated with the special purpose…
- Who is the assignee on this patent?
- Cisco Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L67/125. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Sep 15 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).