NETWORK CONNECTION AUTOMATION
First Claim
1. A computer-implemented method for authenticating a connection, comprising:
- under the control of one or more computer systems configured with executable instructions,receiving, at a computing resource service provider network device and from a customer device connected with the computing resource service provider over a secure connection, cryptographic authentication information generated based at least in part on a secret key of the customer;
forwarding, from the computing resource service provider network device, the cryptographic authentication information to an authentication service that is operable to authenticate the cryptographic authentication information; and
as a result of the authentication service successfully authenticating the cryptographic authentication information, configuring the computing resource service provider network device to route network traffic from the customer device to one or more services of the computing resource service provider different from the authentication service.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing resource service provider receives a request from a customer to establish a physical connection between a provider network device and a customer network device in a colocation center. Once the connection has been established, the customer may transmit cryptographic authentication information, through the physical connection, to the provider network device. The provider network device transmits this information to an authentication service operated by the computing resource service provider to verify the authenticity of the information. If the information is authentic, the authentication service may re-configure the provider network device to allow the customer to access one or more services provided by the computing resource service provider. The authentication service may transmit cryptographic authentication information to the customer to verify the identity of the computing resource service provider.
74 Citations
25 Claims
-
1. A computer-implemented method for authenticating a connection, comprising:
under the control of one or more computer systems configured with executable instructions, receiving, at a computing resource service provider network device and from a customer device connected with the computing resource service provider over a secure connection, cryptographic authentication information generated based at least in part on a secret key of the customer; forwarding, from the computing resource service provider network device, the cryptographic authentication information to an authentication service that is operable to authenticate the cryptographic authentication information; and as a result of the authentication service successfully authenticating the cryptographic authentication information, configuring the computing resource service provider network device to route network traffic from the customer device to one or more services of the computing resource service provider different from the authentication service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A network device, comprising:
-
one or more communications ports configured to receive one or more signals from outside of the network device, including a communications port that is connected to a provider network that includes one or more services including an authentication service; one or more processors that are operatively coupled with the one or more communications ports; memory including instructions executable by the one or more processors that when executed by the one or more processors cause the one or more processors to; forward cryptographic authentication information received over a connection from a customer device connected to one or more communications ports to an authentication service that is operable to authenticate the cryptographic authentication information; receive reconfiguration information, from the authentication service as a result of the authentication service having successfully authenticated the cryptographic information, to enable the network device to forward data from the customer device to one or more services of the computing resource service provider; and reconfigure to forward data from the customer device to the one or more services of the computing resource service provider in accordance with the reconfiguration information. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. One or more non-transitory computer-readable storage media having collectively stored therein instructions that, when executed by one or more processors of an authentication service, cause the authentication service to:
-
make a determination whether cryptographic authentication information generated based at least in part on a secret key of a customer and received from the customer through a secure connection with a computing resource service provider network device is authentic; take one or more actions based at least in part on the determination, wherein; if the determination indicates that the cryptographic authentication information is authentic, the one or more actions include transmitting reconfiguration information to the computing resource service provider network device, thereby causing the computing resource service provider network device to route network traffic from a customer device to one or more other services of the computing resource service provider; and if the determination indicates that the cryptographic authentication information is inauthentic, the one or more actions include causing the computing resource service provider network device to deny network traffic from the customer device to the one or more other services of the computing resource service provider. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
Specification