VIRTUAL SERVICE PROVIDER ZONES

US 20180025168A1
Filed: 09/21/2017
Published: 01/25/2018
Est. Priority Date: 06/07/2012
Status: Active Grant

First Claim

Patent Images

1. A system, comprising:

memory to store instructions that, if executed by one or more processors of the system, cause the system to;

identify data to be stored in a first data storage device at a first location and a second data storage device at a different second location;

encrypt, based at least in part on a storage requirement associated with the different second location, a portion of the data; and

cause storage of the encrypted portion on the second data storage device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A service proxy services as an application programming interface proxy to a service, which may involve data storage. When a request to store data is received by the service proxy, the service proxy encrypts the data and stores the data in encrypted form at the service. Similarly, when a request to retrieve data is received by the service proxy, the service proxy obtains encrypted data from the service and decrypts the data. The data may be encrypted using a key that is kept inaccessible to the service.

13 Citations

View as Search Results

20 Claims

1. A system, comprising:
- memory to store instructions that, if executed by one or more processors of the system, cause the system to;
  
  identify data to be stored in a first data storage device at a first location and a second data storage device at a different second location;
  
  encrypt, based at least in part on a storage requirement associated with the different second location, a portion of the data; and
  
  cause storage of the encrypted portion on the second data storage device.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the storage requirement differs from another storage requirement associated with the first location.
  - 3. The system of claim 2, wherein the storage requirement includes a set of regulations associated with a legal jurisdiction that is different from the other storage requirement that includes a second set of regulations associated with a second legal jurisdiction.
  - 4. The system of claim 2, wherein the storage requirement includes a set of administrative controls that is different from the other storage requirement that includes a second set of administrative controls.
  - 5. The system of claim 1, wherein the first data storage device at the first location operates as a proxy to the second data storage device at the different second location.
  - 6. The system of claim 1, wherein the encrypted portion of the data is encrypted using a key to generate encrypted data, the key being accessible to the first data storage device while inaccessible to the second data storage device.
  - 7. The system of claim 6, wherein the key is managed by a cryptography service associated with the first data storage device.

8. A computer-implemented method, comprising:
- identifying data to be stored in a first data storage device at a first location and a second data storage device at a different second location;
  
  encrypting, based at least in part on a storage requirement associated with the different second location, a portion of the data; and
  
  causing storage of the encrypted portion on the second data storage device.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The computer-implemented method of claim 8, wherein the storage requirement differs from another storage requirement associated with the first location.
  - 10. The computer-implemented method of claim 9, wherein the storage requirement includes a set of regulations associated with a legal jurisdiction that is different from the other storage requirement that includes a second set of regulations associated with a second legal jurisdiction.
  - 11. The computer-implemented method of claim 9, wherein the storage requirement includes a set of administrative controls that is different from the other storage requirement that includes a second set of administrative controls.
  - 12. The computer-implemented method of claim 8, wherein the first data storage device at the first location operates as a proxy to the second data storage device at the different second location.
  - 13. The computer-implemented method of claim 8, wherein the encrypted portion of the data is encrypted using a key to generate encrypted data, the key being accessible to the first data storage device while inaccessible to the second data storage device.
  - 14. The computer-implemented method of claim 13, wherein the key is managed by a cryptography service associated with the first data storage device.

15. A non-transitory computer-readable storage medium having stored thereon executable instructions that, if executed by one or more processors of a computer system, cause the computer system to at least:
- identify data to be stored in a first data storage device at a first location and a second data storage device at a different second location;
  
  encrypt, based at least in part on a storage requirement associated with the different second location, a portion of the data; and
  
  cause storage of the encrypted portion on the second data storage device.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein the storage requirement differs from another storage requirement associated with the first location.
  - 17. The non-transitory computer-readable storage medium of claim 16, wherein the storage requirement includes at least one of:
    - a set of regulations associated with a legal jurisdiction that is different from the other storage requirement that includes a second set of regulations associated with a second legal jurisdiction;
      
      ora set of administrative controls that is different from the other storage requirement that includes a second set of administrative controls.
  - 18. The non-transitory computer-readable storage medium of claim 15, wherein the first data storage device at the first location operates as a proxy to the second data storage device at the different second location.
  - 19. The non-transitory computer-readable storage medium of claim 15, wherein the encrypted portion of the data is encrypted using a key to generate encrypted data, the key being accessible to the first data storage device while inaccessible to the second data storage device.
  - 20. The non-transitory computer-readable storage medium of claim 19, wherein the key is managed by a cryptography service associated with the first data storage device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Roth, Gregory Branchek, Brandwine, Eric Jason, Wren, Matthew James

Granted Patent

US 10,474,829 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6218   to a system of files or obj...

G06F 21/6254   by anonymising data, e.g. d...

VIRTUAL SERVICE PROVIDER ZONES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

VIRTUAL SERVICE PROVIDER ZONES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others