Providing secure remote access to a device at a merchant location
First Claim
1. A gateway device for providing secure connections between a point of sale (POS) system located at a merchant location and a datacenter, the gateway device comprising:
- a functional unit coupled to a network interface, wherein the network interface is configured to communicate with the datacenter over a network;
wherein the functional unit is configured to;
upon initiation of a support event associated with the POS system, determine an available block of internet protocol (IP) addresses for the merchant location, wherein determining the available block of IP addresses is performed by accessing information stored in a shared storage location;
determine a local IP address of the POS system;
establish an apparent IP address of the POS system that is different than the local IP address, wherein the apparent IP address is selected from the available block of IP addresses;
initiate a secure virtual private network (VPN) tunnel from the gateway device to the datacenter, wherein the VPN tunnel uses at least a subset of the available block of IP addresses;
securely store a descriptive document in the shared storage location, wherein the descriptive document identifies the available block of IP addresses for the merchant location, and wherein the descriptive document is configured to enable the datacenter to communicate with the POS system using the apparent IP address during the support event;
during the support event, receive one or more communications from the data center addressed to the apparent IP address and translate the received one or more communications to be addressed to the local IP address; and
terminate the support event.
6 Assignments
0 Petitions
Accused Products
Abstract
System and method for providing secure connections between a point of sale (POS) system and a datacenter. Upon initiation of a support event associated with the POS system, a gateway device may determine an available block of internet protocol (IP) addresses for the merchant location, e.g., by accessing information stored in a shared storage location. The gateway device may determine a local IP address of the POS system and establish an apparent IP address of the POS system, selected from the available block of IP addresses. The gateway device may initiate a virtual private network (VPN) tunnel to the datacenter using at least a subset of the available block of IP addresses. The gateway device may securely store a descriptive document in the shared storage location identifying the available block of IP addresses for the merchant location. The gateway device may performing IP address translation during the support event.
63 Citations
20 Claims
-
1. A gateway device for providing secure connections between a point of sale (POS) system located at a merchant location and a datacenter, the gateway device comprising:
-
a functional unit coupled to a network interface, wherein the network interface is configured to communicate with the datacenter over a network; wherein the functional unit is configured to; upon initiation of a support event associated with the POS system, determine an available block of internet protocol (IP) addresses for the merchant location, wherein determining the available block of IP addresses is performed by accessing information stored in a shared storage location; determine a local IP address of the POS system; establish an apparent IP address of the POS system that is different than the local IP address, wherein the apparent IP address is selected from the available block of IP addresses; initiate a secure virtual private network (VPN) tunnel from the gateway device to the datacenter, wherein the VPN tunnel uses at least a subset of the available block of IP addresses; securely store a descriptive document in the shared storage location, wherein the descriptive document identifies the available block of IP addresses for the merchant location, and wherein the descriptive document is configured to enable the datacenter to communicate with the POS system using the apparent IP address during the support event; during the support event, receive one or more communications from the data center addressed to the apparent IP address and translate the received one or more communications to be addressed to the local IP address; and terminate the support event. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for providing secure connections between a point of sale (POS) system located at a merchant location and a datacenter, the method comprising:
by a gateway device at the merchant location; upon initiation of a support event associated with the POS system, determining an available block of internet protocol (IP) addresses for the merchant location, wherein determining the available block of IP addresses is performed by accessing information stored in a shared storage location; determining a local IP address of the POS system; establishing an apparent IP address of the POS system that is different than the local IP address, wherein the apparent IP address is selected from the available block of IP addresses; initiating a secure virtual private network (VPN) tunnel from the gateway device to the datacenter, wherein the VPN tunnel uses at least a subset of the available block of IP addresses; securely storing a descriptive document in the shared storage location, wherein the descriptive document identifies the available block of IP addresses for the merchant location, and wherein the descriptive document is configured to enable the datacenter to communicate with the POS system using the apparent IP address during the support event; during the support event, receiving one or more communications from the data center addressed to the apparent IP address and translating the received one or more communications to be addressed to the local IP address; and terminating the support event. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
17. A non-transitory memory medium storing program instructions for providing secure connections between a point of sale (POS) system located at a merchant location and a datacenter, wherein the program instructions are executable by a processor of a gateway device at the merchant location to:
-
upon initiation of a support event associated with the POS system, determine an available block of internet protocol (IP) addresses for the merchant location, wherein determining the available block of IP addresses is performed by accessing information stored in a shared storage location; determine a local IP address of the POS system; establish an apparent IP address of the POS system that is different than the local IP address, wherein the apparent IP address is selected from the available block of IP addresses; initiate a secure virtual private network (VPN) tunnel from the gateway device to the datacenter, wherein the VPN tunnel uses at least a subset of the available block of IP addresses; securely store a descriptive document in the shared storage location, wherein the descriptive document identifies the available block of IP addresses for the merchant location, and wherein the descriptive document is configured to enable the datacenter to communicate with the POS system using the apparent IP address during the support event; during the support event, receive one or more communications from the data center addressed to the apparent IP address and translate the received one or more communications to be addressed to the local IP address; and terminate the support event. - View Dependent Claims (18, 19, 20)
-
Specification