Storage gateway security model
First Claim
1. A method, comprising:
- instantiating a storage gateway in a customer network;
initiating, by the storage gateway, an activation process with a service provider, wherein the service provider implements a storage service that provides a remote data store to customers of the service provider;
receiving, by the storage gateway during the activation process, security credentials from the service provider;
initiating, by the storage gateway, at least one secure connection to the service provider for remotely managing the storage gateway and for storing customer data to the remote data store via the storage service; and
receiving, by the storage gateway via the at least one secure connection to the service provider, configuration instructions from an administrative process on the customer network, wherein the configuration instructions are specified by the administrative process via a console process of the service provider;
wherein the storage gateway operates as an interface between one or more customer processes on the customer network and the storage service to store customer data to the remote data store.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods, apparatus, and computer-accessible storage media for implementing a gateway to a remote service provider according to a security model. The gateway serves as an interface between processes on a customer network and the provider, for example to store customer data to a remote data store. The model may include an activation process initiated by the gateway to register with the provider and associate the gateway with a customer account; the gateway is provided with security credentials. The model may also include establishing secure connections to external processes, for example processes of the service provider. The gateway initiates connections; the external processes do not initiate connections. The model may also include the customer managing the gateway through the service provider. The model may also include encrypting communications between the gateway and the provider and the gateway including security credentials in communications to the provider.
-
Citations
21 Claims
-
1. A method, comprising:
-
instantiating a storage gateway in a customer network; initiating, by the storage gateway, an activation process with a service provider, wherein the service provider implements a storage service that provides a remote data store to customers of the service provider; receiving, by the storage gateway during the activation process, security credentials from the service provider; initiating, by the storage gateway, at least one secure connection to the service provider for remotely managing the storage gateway and for storing customer data to the remote data store via the storage service; and receiving, by the storage gateway via the at least one secure connection to the service provider, configuration instructions from an administrative process on the customer network, wherein the configuration instructions are specified by the administrative process via a console process of the service provider; wherein the storage gateway operates as an interface between one or more customer processes on the customer network and the storage service to store customer data to the remote data store. - View Dependent Claims (2, 3)
-
-
4. A device, comprising:
-
at least one processor; and a memory comprising program instructions, wherein the program instructions are executable by the at least one processor to implement a gateway process operable to; initiate an activation process with a service provider, wherein the service provider implements a storage service that provides a remote data store to users of the service provider; and initiate at least one secure connection to the service provider for remotely managing the gateway process and for storing user data to the remote data store via the storage service; wherein the gateway process operates as an interface between one or more user processes on a user network and the storage service to store user data to the remote data store. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A non-transitory computer-accessible storage medium storing program instructions computer-executable to implement a gateway process operable to:
-
initiate an activation process with a remote service provider that provides a remote data store; initiate a secure connection to the remote service provider for remotely managing the gateway process; receive configuration and management instructions from the remote service provider via the secure connection; and provide an interface between one or more customer processes on a customer network and the remote service provider to store customer data to the remote data store. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21)
-
Specification