Sonny T Bui, Age 35Westminster, CA

6442608, Aug 27, 2002

Jan 14, 1999

09/231929

John Knight - Lake Forest CA
Thomas Anthony Roden - Irvine CA
Pauline Chen - Irvine CA
Kavita Shekhar Patil - Foothill Ranch CA
Sonny Bui - Huntington Beach CA

Cisco Technology, Inc. - San Jose CA

G06F 15173

709225, 713201

An authorizing apparatus for use with a client that connects to a first server in a network is described. The authorizing apparatus includes a second server that authorizes session requests of the client for the first server. A plurality of records of resource allocation data is coupled with the second server. Each record indicates whether a session may be established between the client and the first server. Coupled to the second server is information that associates an entity that includes and is associated with one or more clients, and information that associates the second server to a third server that is authoritative for the second server and the associated clients. Means are provided for receiving a request to establish a session between the client and the first server and for determining, at the second server, based on one of the records that is associated with the client, whether the session may be established when the client is associated with the entity. Also provided are means for informing the first server that the session is authorized only when the second server determines from the one of the records that the session may be established. Although the first, second and third servers have been described as separate servers the functions performed by two or more of the servers may actually be combined in a single server unit.

6571287, May 27, 2003

Jun 10, 2002

10/166623

John Knight - Lake Forest CA
Thomas Anthony Roden - Irvine CA
Pauline Chen - Irvine CA
Kavita Shekhar Patil - Foothill Ranch CA
Sonny Bui - Huntington Beach CA

Cisco Technology, Inc. - San Jose CA

G06F 1100

709225, 709229, 709239

An authorizing apparatus for use with a client that connects to a first server in a network includes a second server that authorizes session requests of the client for the first server. Resource allocation data is available to the second server and indicates whether a session may be established between the client and the first server. The second server has information that associates an entity that is associated with one or more clients, and information that associates the second server to a third server that is authoritative for the second server and the associated clients. When a request to establish a session between the client and the first server is received, the second server determines, based on one of the records that is associated with the client, whether the session may be established when the client is associated with the entity. If not, the second server requests a global authorization server to determine whether a session is allowable. As a result, session management is resolved locally when possible, and over-subscription of clients to servers is prevented.

7028073, Apr 11, 2006

Jan 16, 2002

10/051834

Sonny Bui - Huntington Beach CA, US
David Cates - Yorba Linda CA, US
Pauline Chen - Irvine CA, US
Terry Kerstetter - Dove Canyon CA, US
John Knight - Lake Forest CA, US
Kavita Shekhar Patil - Foothill Ranch CA, US
Thomas Anthony Roden - Irvine CA, US

Cisco Technology, Inc. - San Jose CA

G06F 15/16

709203, 709217, 709219, 709228, 709249, 709227

A mechanism for authorizing a data communication session between a client and a first server is disclosed. When a request is received to establish a session with a particular entity that is associated with the client, it is determined whether authorization of the session can be performed locally at a second server. If it is determined that authorization of the session can be performed locally at the second server then, the first server is informed that the session may be established between the client and the first server for the particular entity. A third server that is associated with the particular entity is identified and once the first server is informed that the session may be established, the third server is informed that the session has been authorized to be established for the particular entity. However, if authorization of the session cannot be performed locally at the second server then, the third server is requested to authorize the session between the client and the first server. Thereafter, based on the response that is received from the third server, the first server is informed as to whether the session may be authorized.

7272649, Sep 18, 2007

Sep 30, 1999

09/410511

John Knight - Lake Forest CA, US
Kavita Shekhar Patil - Foothill Ranch CA, US
Pauline Chen Boyd - Irvine CA, US
Sonny Bui - Huntington Beach CA, US
Thomas Anthony Roden - Irvine CA, US

Cisco Technology, Inc. - San Jose CA

G06F 15/173

709225, 709226

A Max Sessions Server (MSS) automatically detects hardware and communications failures. Upon detection, counters are adjusted accordingly to maintain an accurate count of users or groups of users on a system. A database of unique identifiers for each connection is maintained, where the unique identifier is a concatenation of a Network Access Server (NAS) and the connection's incoming NAS node number. If a user requests permission to log into the system, the MSS first checks the database to determine if the unique identifier is already logged in. If so, then a hardware or communications failure has occurred and the MSS must make the appropriate adjustments to the database and counter. Additionally, the MSS or an authentication, authorization and accounting (AAA) server will periodically check to determine if an NAS has ceased communicating over a particular length of time and relay any failures to the MSS. If the NAS has experienced a hardware or communications failure, then the MSS must make the appropriate adjustments to the database and counters for all sessions logged in from the failed NAS. Finally, the MSS may broadcast the failure to all MSSs associated with the NAS on the system.

7925732, Apr 12, 2011

Sep 11, 2007

11/900257

John Knight - Lake Forest CA, US
Kavita Shekhar Patil - Foothill Ranch CA, US
Pauline Chen Boyd - Irvine CA, US
Sonny Bui - Huntington Beach CA, US
Thomas Anthony Roden - Irvine CA, US

Cisco Technology, Inc. - San Jose CA

G06F 15/173
G06F 15/16

709223, 709219, 726 3

A Max Sessions Server (MSS) automatically detects hardware and communications failures. Upon detection, counters are adjusted accordingly to maintain an accurate count of users or groups of users on a system. A database of unique identifiers for each connection is maintained, where the unique identifier is a concatenation of a Network Access Server (NAS) and the connection's incoming NAS node number. If a user requests permission to log into the system, the MSS first checks the database to determine if the unique identifier is already logged in. If so, then a hardware or communications failure has occurred and the MSS must make the appropriate adjustments to the database and counter.

8078715, Dec 13, 2011

Oct 19, 2010

12/907900

John Knight - Lake Forest CA, US
Kavita Shekhar Patil - Foothill Ranch CA, US
Pauline Chen Boyd - Irvine CA, US
Sonny Bui - Huntington Beach CA, US
Thomas Anthony Roden - Irvine CA, US

Cisco Technology, Inc. - San Jose CA

G06F 15/173
G06F 15/16

709223, 709219, 726 3

A Max Sessions Server (MSS) automatically detects hardware and communications failures. Upon detection, counters are adjusted accordingly to maintain an accurate count of users or groups of users on a system. A database of unique identifiers for each connection is maintained, where the unique identifier is a concatenation of a Network Access Server (NAS) and the connection's incoming NAS node number. If a user requests permission to log into the system, the MSS first checks the database to determine if the unique identifier is already logged in. If so, then a hardware or communications failure has occurred and the MSS must make the appropriate adjustments to the database and counter.

6412007, Jun 25, 2002

Jan 14, 1999

09/231926

Sonny Bui - Huntington Beach CA
David Cates - Yorba Linda CA
Pauline Chen - Irvine CA
Terry Kerstetter - Dove Canyon CA
John Knight - Lake Forest CA
Kavita Shekhar Patil - Foothill Ranch CA
Thomas Anthony Roden - Irvine CA

Cisco Technology, Inc. - San Jose CA

G06F 1516

709227, 709217, 709219, 709228, 709249

A mechanism for authorizing a data communication session between a client and a first server is disclosed. When a request is received to establish a session with a particular entity that is associated with the client, it is determined whether authorization of the session can be performed locally at a second server. If it is determined that authorization of the session can be performed locally at the second server then, the first server is informed that the session may be established between the client and the first server for the particular entity. A third server that is associated with the particular entity is identified and once the first server is informed that the session may be established, the third server is informed that the session has been authorized to be established for the particular entity. However, if authorization of the session cannot be performed locally at the second server then, the third server is requested to authorize the session between the client and the first server. Thereafter, based on the response that is received from the third server, the first server is informed as to whether the session may be authorized.