&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12407736.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,407,736 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Dynamically enforcing security policies on client devices using a device identity entity and a security policy enforcement entity</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Sachin Dinkar Wakudkar,  St-Sulpice (CH);  Roberto Muccifora,  Ropraz (CH);  Fnu Sandesh,  Hunsur (IN); and  Shiva Prasad Maheshuni,  Bangalore (IN)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  Cisco Technology, Inc.,  San Jose, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  Cisco Technology, Inc.,  San Jose, CA (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Jun.  25, 2024, as Appl. No. 18/753,432.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/753,432 is a continuation of application No. 17/487,260, filed on Sep.  28, 2021, granted, now 12,047,420.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2024/0348662 A1, Oct.  17, 2024</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>H04L 9/40</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>H04L 63/20</b></i> (2013.01)&#xa0;[<i><b>H04L 63/102</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>20 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12407736-20250902-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method comprising:<div class="claim_text">receiving, at an identity provider from a device identity entity, an application access request by a client device to access a cloud network via an application over an access network, wherein the application access request includes (i) credentials related to an identity of the client device from the device identity entity and (ii) a user identification (ID) related to the application;</div>
                <div class="claim_text">based at least in part on the credentials, retrieving, by the identity provider, security policies associated with a user associated with the user ID;</div>
                <div class="claim_text">generating, by the identity provider, a tag for the client device, wherein the security policies are associated with the tag;</div>
                <div class="claim_text">forwarding, by the identity provider to a security policy enforcement entity of the cloud network, the tag and associated security policies;</div>
                <div class="claim_text">forwarding, by the identity provider to the device identity entity, the tag;</div>
                <div class="claim_text">receiving, by the security policy enforcement entity from a controller of the access network, an access request associated with the client device to access the cloud network, wherein the access request includes the tag added to the access request by the controller of the access network; and</div>
                <div class="claim_text">based at least in part on the tag, enforcing, by the security policy enforcement entity, the security policies associated with the user while the client device accesses the cloud network.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>