Remote access service for cloud-enabled network devices

US 8,886,714 B2
Filed: 08/08/2011
Issued: 11/11/2014
Est. Priority Date: 08/08/2011
Status: Active Grant

First Claim

Patent Images

1. A method for enabling a remote access to a cloud-enabled network device, the method is performed by a cloud relay server that communicates with at least one client over an internet connection, comprising:

receiving a request from a client at the cloud relay server to access at least a user interface of the cloud-enabled network device through an internet connection, wherein the cloud-enabled network device is connected in a local area network (LAN) external to a cloud storage system and any cloud system;

using a host name designated in the client request to enable the cloud relay server to identify a cloud connector that communicates with the cloud-enabled network device external to the cloud storage system, wherein the host name identifies the cloud-enabled network device;

sending an open relay message including a first secret token to the cloud-enabled network device through the identified cloud connector over a management link, wherein the management link is established between the identified cloud connector and the cloud-enabled network device to bypass at least a firewall connected in the LAN; and

establishing a secure tunnel between the cloud relay server and the cloud-enabled network device, when a response to the received open relay message includes a second secret token matching the first secret token, thereby enabling a secure connection between the client and the cloud-enabled network device over the internet connection.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for enabling a remote access to a cloud-enabled network device, the method is performed by a cloud relay server that communicates with at least one client over an internet connection. The method comprises receiving a request from a client to access at least a user interface of the cloud-enabled network device through an internet connection, wherein the cloud-enabled network device is connected in a local area network; using a host name designated in the request to detect a cloud connector that communicates with the cloud-enabled network device; sending an open relay message to the cloud-enabled network device through the cloud connector over a management link; and establishing a secure tunnel between the cloud relay server and the cloud-enabled network device, thereby enabling a secure connection between the client and the cloud-enabled network device over the internet connection.

Citations

19 Claims

1. A method for enabling a remote access to a cloud-enabled network device, the method is performed by a cloud relay server that communicates with at least one client over an internet connection, comprising:
- receiving a request from a client at the cloud relay server to access at least a user interface of the cloud-enabled network device through an internet connection, wherein the cloud-enabled network device is connected in a local area network (LAN) external to a cloud storage system and any cloud system;
  
  using a host name designated in the client request to enable the cloud relay server to identify a cloud connector that communicates with the cloud-enabled network device external to the cloud storage system, wherein the host name identifies the cloud-enabled network device;
  
  sending an open relay message including a first secret token to the cloud-enabled network device through the identified cloud connector over a management link, wherein the management link is established between the identified cloud connector and the cloud-enabled network device to bypass at least a firewall connected in the LAN; and
  
  establishing a secure tunnel between the cloud relay server and the cloud-enabled network device, when a response to the received open relay message includes a second secret token matching the first secret token, thereby enabling a secure connection between the client and the cloud-enabled network device over the internet connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, further comprising:
    - extracting a host name designated in the request; and
      
      inquiring of a central repository using the host name to detect the cloud connector serving the cloud-enabled network device.
  - 3. The method of claim 1, wherein the open relay message includes an identification (ID) of the device, an internet protocol (IP) address of the cloud relay server, a secret token generated by cloud relay server, and an IP address of the client.
  - 4. The method of claim 1, wherein the management link is a secure communication link and the secure tunnel is an IP connection secured using any one of a transport layer security (TLS) protocol, secure sockets layer (SSL) protocol, and an IPSEC protocol.
  - 5. The method of claim 1, wherein the cloud-enabled network device is at least a network attached storage (NAS) device that provides local storage and cloud storage services.
  - 6. The method of claim 5, wherein the user interface allows to the client to access files locally stored by the network attached storage device and to manage setting of the device.
  - 7. The method of claim 6, wherein the user interface is at least a web application.
  - 8. The method of claim 7, further comprising:
    - optimizing the responsiveness of the web application by serving the client'"'"'s request by the cloud relay server.
  - 9. The method of claim 8, wherein optimizing the responsiveness of the web application further comprising:
    - checking if the request is for a static resource of the web application;
      
      returning the static resource from a cloud updates repository storing a copy of the web application;
      
      checking if the request is for a file locally stored in the NAS device; and
      
      returning the file from a cloud storage system (CSS) storing a copy of the requested file.
  - 10. The method of claim 9, wherein the cloud relay server and the cloud connector are connected in the cloud storage system.
  - 11. The method of claim 1, further comprising:
    - updating the user interface of the cloud-enabled network device by the cloud connector.
  - 12. A non-transitory computer readable medium having stored thereon computer executable code for performing the method of claim 1.

13. A cloud storage system, comprising:
- a plurality of cloud connecters in a cloud storage system connected to a cloud-enabled network device external to the cloud storage system through a management link, wherein the cloud-enabled network device is connected in a local area network (LAN) external to the cloud storage system and any cloud system;
  
  at least one cloud relay server inside of the cloud storage system for at least enabling a client to access the cloud-enabled network device through an internet connection, wherein the at least one cloud relay server is configured to;
  
  receive a request from the client to access at least a user interface of the cloud-enabled network device through the internet connection, using a host name designated in the request to identify one of the plurality of cloud connectors that communicates with the cloud-enabled network device, wherein the host name identifies the cloud-enabled network device;
  
  send an open relay message including a first secret token to the cloud-enabled network device through the identified cloud connector over the management link, wherein the management link is established between the identified cloud connector and the cloud-enabled network device to bypass at least a firewall connected in the LAN; and
  
  establish a secure tunnel between the cloud relay server inside of the cloud storage system and the cloud-enabled network device external to the cloud storage system, thereby enabling a secure connection between the client and the cloud-enabled network device over the internet connection, wherein the secure tunnel is established when a response to the open relay message includes a second secret token matching the first secret token.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The cloud storage system of claim 13, further comprising:
    - a DNS registration unit for mapping a host name of the cloud-enabled network device to an IP address of the cloud relay server;
      
      a central repository for maintaining records of which of the plurality of cloud connectors serving the cloud-enabled network device; and
      
      a repository for maintaining an updated copy of the user interface.
  - 15. The cloud storage system of claim 13, wherein the cloud-enabled network device is at least a network attached storage (NAS) device that provides local storage and cloud storage services.
  - 16. The cloud storage system of claim 15, further comprising:
    - a plurality of public cloud storage providers and storage devices including data locally stored in the NAS device.
  - 17. The cloud storage system of claim 16, wherein the cloud relay server is further configured to optimize the responsiveness of the user interface by serving the client'"'"'s request by the cloud relay server.
  - 18. The cloud storage system of claim 17, wherein the cloud relay server is further configured to:
    - check if the request is for a static resource of the user interface;
      
      return the static resource from a cloud updates repository storing a copy of the user interface;
      
      check if the request is for a file stored in the NAS device; and
      
      return the file from one of the plurality of public cloud storage providers and storage devices.
  - 19. The cloud storage system of claim 13, wherein the user interface is at least a web application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CTERA Networks Limited
Original Assignee
CTERA Networks Limited
Inventors
Brand, Aron
Primary Examiner(s)
Chan, Wing F
Assistant Examiner(s)
MUNDUR, PADMAVATHI V

Application Number

US13/205,238
Publication Number

US 20130041931A1
Time in Patent Office

1,191 Days
Field of Search

709/203, 709217-219, 709/227, 709/249
US Class Current

709/203
CPC Class Codes

G06F 16/13   File access structures, e.g...

G06F 9/06   using stored programs, i.e....

H04L 63/029   Firewall traversal, e.g. tu...

H04L 67/01   Protocols

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

Remote access service for cloud-enabled network devices

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Remote access service for cloud-enabled network devices

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links