Storage gateway activation process

US 8,806,588 B2
Filed: 06/30/2011
Issued: 08/12/2014
Est. Priority Date: 06/30/2011
Status: Active Grant

First Claim

Patent Images

1. A method, comprising:

initiating, by a gateway process implemented on a device on a customer network, a connection to a remote gateway control process on another network;

sending, by the gateway process, a public key and metadata describing the device to the remote gateway control process via the connection;

receiving, by the gateway process from the remote gateway control process, an activation key;

exposing, by the gateway process, the activation key to processes on the customer network;

receiving, by the gateway process, customer information from the remote gateway control process, wherein the customer information is obtained by the remote gateway control process from a process on the customer network that obtained the activation key and provided the activation key to the remote gateway control process, wherein the customer information uniquely identifies the gateway process to a remote service provider and associates the gateway process with a customer account of the customer network;

sending, by the gateway process to the remote gateway control process, a request for security credentials, wherein the request includes at least a portion of the customer information and the activation key;

receiving, by the gateway process, the requested security credentials; and

obtaining, by the gateway process, configuration information from the remote gateway control process after said receiving the security credentials.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods, apparatus, and computer-accessible storage media for activating a gateway to a remote service provider. The gateway serves as an interface between processes on a customer network and the provider, for example to store customer data to a remote data store. A gateway sends a public key and metadata describing the gateway to the provider. The gateway receives an activation key from the provider and exposes the activation key on the customer network. The customer obtains the key and communicates to the provider using the key to provide customer information including a name for the gateway and to authorize registration of the gateway. The provider provides the customer information to the gateway. The gateway requests security credentials from the provider using the customer information and the key. The provider sends a security credential to the gateway. The gateway may then obtain configuration information from the customer via the provider.

76 Citations

View as Search Results

27 Claims

1. A method, comprising:
- initiating, by a gateway process implemented on a device on a customer network, a connection to a remote gateway control process on another network;
  
  sending, by the gateway process, a public key and metadata describing the device to the remote gateway control process via the connection;
  
  receiving, by the gateway process from the remote gateway control process, an activation key;
  
  exposing, by the gateway process, the activation key to processes on the customer network;
  
  receiving, by the gateway process, customer information from the remote gateway control process, wherein the customer information is obtained by the remote gateway control process from a process on the customer network that obtained the activation key and provided the activation key to the remote gateway control process, wherein the customer information uniquely identifies the gateway process to a remote service provider and associates the gateway process with a customer account of the customer network;
  
  sending, by the gateway process to the remote gateway control process, a request for security credentials, wherein the request includes at least a portion of the customer information and the activation key;
  
  receiving, by the gateway process, the requested security credentials; and
  
  obtaining, by the gateway process, configuration information from the remote gateway control process after said receiving the security credentials.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method as recited in claim 1, wherein said sending information to and receiving information from the remote gateway control process are performed over a secure connection to the remote gateway control process initiated by the gateway process.
  - 3. The method as recited in claim 1, wherein the gateway process operates as an interface between one or more of the processes on the customer network and the remote service provider to store customer data to a remote data store provided by the service provider.
  - 4. The method as recited in claim 3, wherein the gateway process further operates as an interface between the one or more customer processes on the customer network and the storage service to download customer data from the remote data store, and wherein the storage gateway locally caches frequently accessed customer data.
  - 5. The method as recited in claim 1, wherein obtaining the customer information by the remote gateway control process from the process on the customer network comprises:
    - the process on the customer network accessing the customer account via a console process of the remote service provider to provide the activation key and the customer information to the console process; and
      
      the console process providing the activation key and the customer information to the remote gateway control process.
  - 6. The method as recited in claim 5, wherein the customer account is accessible by one or more of the processes on the customer network to manage one or more resources provided to the respective customer by one or more services of the remote service provider.

7. A device, comprising:
- at least one processor; and
  
  a memory comprising program instructions, wherein the program instructions are executable by the at least one processor to implement a gateway process on a network, the gateway process configured to;
  
  initiate a connection to a remote gateway control process on another network;
  
  receive an activation key from the remote gateway control process;
  
  expose the activation key on a port of the device;
  
  receive customer information from the remote gateway control process in response to said exposing the activation key, wherein the customer information uniquely identifies the gateway process to a remote service provider and associates the gateway process with a customer account;
  
  send a request for security credentials to the remote gateway control process; and
  
  receive the requested security credentials.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
- - 8. The device as recited in claim 7, wherein the gateway process is further configured to send a public key and metadata describing the device to the remote gateway control process, wherein the activation key is received from the remote gateway control process in response to said sending the public key and the metadata to the remote gateway control process.
  - 9. The device as recited in claim 7, wherein the gateway process is further configured to obtain configuration information from the remote gateway control process after the requested security credentials are received.
  - 10. The device as recited in claim 7, wherein the gateway process is further configured to, after said exposing the activation key, iteratively check to determine if the customer information has been received until determining that the customer information has been received or until determining that the activation key has expired.
  - 11. The device as recited in claim 10, wherein, to receive an activation key, the gateway process is further configured to send a public key and metadata describing the device to the remote gateway control process, wherein the gateway process is further configured to resend a public key and the metadata describing the device to the remote gateway control process upon determining that the activation key has expired.
  - 12. The device as recited in claim 7, wherein the gateway process operates as an interface between one or more customer processes and the remote service provider to store customer data to a remote data store provided by the service provider.
  - 13. The device as recited in claim 12, wherein the gateway process further operates as an interface between the one or more customer processes and the service provider to download customer data from the remote data store, and wherein the gateway process locally caches frequently accessed customer data.
  - 14. The device as recited in claim 7, wherein the gateway process is further configured to provide the security credentials in communications to one or more processes of the remote service provider to identify itself to the processes of the remote service provider.

15. A non-transitory computer-accessible storage medium storing program instructions computer-executable to implement a gateway process configured to:
- send a public key and metadata describing a device on which the gateway process is installed to a remote gateway control process on a remote network;
  
  receive an activation key from the remote gateway control process;
  
  provide the activation key to another process on a local network;
  
  receive customer information from the remote gateway control process, wherein the customer information uniquely identifies the gateway process to a remote service provider and associates the gateway process with a customer account;
  
  send a request for security credentials to the remote gateway control process; and
  
  receive the requested security credentials from the remote gateway control process.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The non-transitory computer-accessible storage medium as recited in claim 15, wherein the gateway process is further configured to obtain configuration information from the remote gateway control process.
  - 17. The non-transitory computer-accessible storage medium as recited in claim 15, wherein the gateway process is further configured to iteratively check to determine if the customer information has been received until determining that the customer information has been received or until determining that the activation key has expired.
  - 18. The non-transitory computer-accessible storage medium as recited in claim 17, wherein the gateway process is further configured to resend a public key and the metadata describing the device to the remote gateway control process upon determining that the activation key has expired.
  - 19. The non-transitory computer-accessible storage medium as recited in claim 15, wherein the gateway process provides an interface between one or more customer processes and the remote service provider to upload customer data to a remote data store provided by the service provider.
  - 20. The non-transitory computer-accessible storage medium as recited in claim 19, wherein the gateway process further provides an interface between the one or more customer processes and the service provider to download customer data from the remote data store, and wherein the gateway process locally caches frequently accessed customer data.

21. A method, comprising:
- receiving, by a gateway control process on a network from a gateway process on another network, a public key and metadata describing a device on the other network on which the gateway process is installed;
  
  sending, by the gateway control process to the gateway process, an activation key;
  
  receiving, by the gateway control process from a customer process on the other network, the activation key, wherein the customer process obtained the activation key from the gateway process;
  
  sending, by the gateway control process to the customer process, at least a portion of the metadata describing the device on which the gateway process is installed;
  
  receiving, by the gateway control process from the customer process, customer information and confirmation that the gateway process is to be registered with a remote service provider, wherein the customer information uniquely identifies the gateway process to the remote service provider and associates the gateway process with a customer account;
  
  sending, by the gateway control process to the gateway process, at least a portion of the customer information;
  
  receiving, by the gateway control process from the gateway process, a request for security credentials, wherein the request includes at least a portion of the customer information and the activation key; and
  
  sending, by the gateway control process to the gateway process, the requested security credentials.
- View Dependent Claims (22, 23, 24, 25, 26, 27)
- - 22. The method as recited in claim 21, further comprising:
    - receiving, by the gateway control process from the customer process, configuration information for the gateway process; and
      
      sending, by the gateway control process to the gateway process, the configuration information received from the customer process.
  - 23. The method as recited in claim 21, wherein said sending information to and receiving information from the gateway process are performed over a secure connection to the gateway control process initiated by the gateway process.
  - 24. The method as recited in claim 21, wherein the gateway process operates as an interface between one or more customer processes on the other network and the remote service provider to store customer data to a remote data store provided by the service provider.
  - 25. The method as recited in claim 24, wherein the gateway process further operates as an interface between the one or more customer processes and the storage service to download customer data from the remote data store, and wherein the storage gateway locally caches frequently accessed customer data.
  - 26. The method as recited in claim 21, wherein the customer process on the other network accesses the customer account to provide the activation key, the customer information, and the confirmation to the gateway control process.
  - 27. The method as recited in claim 26, wherein the customer account is accessible by one or more processes on the other network to manage one or more resources provided to the respective customer by one or more services of the remote service provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Sorenson, James Christopher III, Lin, Yun, Salyers, David C., Khetrapal, Ankur, Cavage, Mark J.
Primary Examiner(s)
McNally, Michael S

Application Number

US13/174,513
Publication Number

US 20130007854A1
Time in Patent Office

1,139 Days
Field of Search

713/12, 726/5
US Class Current

726/5
CPC Class Codes

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0823   using certificates cryptogr...

H04L 63/10   for controlling access to d...

H04L 63/20   for managing network securi...

H04L 67/1097   for distributed storage of ...

H04L 67/51   Discovery or management the...

H04L 67/568   Storing data temporarily at...

Storage gateway activation process

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

76 Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Storage gateway activation process

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

76 Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links