Techniques for providing remote computing services

US 9,231,948 B1
Filed: 11/22/2013
Issued: 01/05/2016
Est. Priority Date: 09/21/2010
Status: Active Grant

First Claim

Patent Images

1. A system for providing remote computing services, comprising:

an authentication service operable to, at least;

determine whether to provide a user device access to a virtual machine,perform an initial authentication of the user device, andtransmit a first key to the user device based at least in part on the initial authentication;

one or more computing devices located remotely from the user device and collectively operable to, at least;

receive the first key from the user device, andauthenticate the user device as authorized to access the virtual machine using the received first key;

a messaging service operable to, at least;

transmit a second key to the user device, the second key usable to access the virtual machine, wherein the one or more computing devices are collectively operable to receive the second key, and wherein the second key is generated using a key-generation algorithm; and

a remote computing service operable to, at least;

receive the second key from the user device, andauthenticate the user device as authorized to access the virtual machine, based at least in part on both the received first key and the received second key.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques, including systems and methods, for providing access to remote computing services are described and suggested herein. In an embodiment, a first computer system provides a key to a user device over a network. The user device provides the received key to a second computer system that uses the key to authenticate the user device. The second computer system executes an operating system for the user device according to instructions received from the user device. Results of execution of the operating system are provided to the user device.

49 Citations

View as Search Results

25 Claims

1. A system for providing remote computing services, comprising:
- an authentication service operable to, at least;
  
  determine whether to provide a user device access to a virtual machine,perform an initial authentication of the user device, andtransmit a first key to the user device based at least in part on the initial authentication;
  
  one or more computing devices located remotely from the user device and collectively operable to, at least;
  
  receive the first key from the user device, andauthenticate the user device as authorized to access the virtual machine using the received first key;
  
  a messaging service operable to, at least;
  
  transmit a second key to the user device, the second key usable to access the virtual machine, wherein the one or more computing devices are collectively operable to receive the second key, and wherein the second key is generated using a key-generation algorithm; and
  
  a remote computing service operable to, at least;
  
  receive the second key from the user device, andauthenticate the user device as authorized to access the virtual machine, based at least in part on both the received first key and the received second key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the authentication service is further operable to receive from the user device a key request that includes data derived from information incorporated with the user device.
  - 3. The system of claim 1, wherein the authentication service is further operable to, responsive to receiving a key request from the user device, transmit the first key to the user device.
  - 4. The system of claim 1, wherein the one or more computing devices located remotely from the user device are further operable to maintain a plurality of virtual machines corresponding to a plurality of user devices.
  - 5. The system of claim 4, further comprising:
    - a data store that associates a plurality of user accounts with the plurality of user devices, the plurality of user devices including the user device from which a key request was received, and wherein the authentication service is further operable to;
      
      at a time after receipt of the key request, access the data store to determine a status of the user account associated with the user device, wherein transmitting the first key to the user device is conditional on the account status.
  - 6. The system of claim 5, wherein the data derived from information embedded in the user device includes a unique identifier of the user device, and wherein the authentication service uses the unique identifier to determine the status of the user account.
  - 7. The system of claim 1, wherein the one or more computing devices located remotely from the user device are further operable to:
    - execute an operating system for the user device; and
      
      provide results of executing the operating system to the user device.

8. One or more computer-readable storage media having collectively stored thereon instructions for causing a computer system to perform a method, the computer system including a first subsystem and a second subsystem, the method comprising:
- determining whether to provide a user device with access to a virtual machine;
  
  transmitting, by the first subsystem and responsive to the determination to provide the user device with access to the virtual machine, a first key to the user device, the first key transmitted to the user device based at least in part on an initial authentication of the user device;
  
  receiving, by the second subsystem, the first key from the user device;
  
  receiving, by the second subsystem, a second key from the user device, the second key usable to access the virtual machine, wherein the second key is generated using a key-generation algorithm; and
  
  authenticating, by the second subsystem, the user device as authorized to access the virtual machine using the received first key and the second key.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The one or more computer-readable storage media of claim 8, wherein an authentication of a second user device is based in part on receiving a request for an acquaintance key from the user device, and receiving the acquaintance key from the second user device.
  - 10. The one or more computer-readable storage media of claim 9, further comprising:
    - maintaining a plurality of virtual machines corresponding to a plurality of user devices, wherein the virtual machine is included with the plurality of virtual machines and wherein the second user device is not included with the plurality of user devices.
  - 11. The one or more computer-readable storage media of claim 8, wherein the determination whether to provide the user device with access to the virtual machine is based at least in part on information embedded with the user device.
  - 12. The one or more computer-readable storage media of claim 8, further comprising:
    - at a time after the user device is authenticated by the second subsystem, executing an operating system for the user device;
      
      providing information corresponding to the execution of the operating system to the user device; and
      
      at a time after a second user device is authenticated, providing information corresponding to execution of the operating system on the virtual machine to the second user device.

13. A user device for accessing a remote computing service, comprising:
- at least one processor; and
  
  memory, including instructions executable by the at least one processor that cause the user device to, at least;
  
  provide information based at least in part on information embedded in the user device to a first computer system;
  
  receive, from the first computer system, a first key, the first key received at the user device after a determination to provide the user device with access to a virtual machine is performed by the first computer system, the determination based at least in part on data derived from the information embedded with the user device;
  
  receive a second key, the second key generated using a key-generation algorithm to allow the user device access one or more applications provided by the virtual machine; and
  
  provide the first key and the second key to a second computer system for authentication of the user device by the second computer system as authorized to access the virtual machine.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The user device of claim 13, wherein the instructions further cause the user device to:
    - detect a connection to a network; and
      
      at a time after detection of the connection to the network and before receiving the first key, send, to the first computer system, a key request including the information derived from the information embedded with the user device, wherein the key request causes the user device to receive the first key in response to the key request.
  - 15. The user device of claim 13, wherein the instructions cause the user device to:
    - detect a connection to a first network; and
      
      upon the detection of the connection, send a key request and information derived from the information embedded with the user device to a second network.
  - 16. The user device of claim 15, wherein the second network is a pre-programmed network location stored in the memory.
  - 17. The user device of claim 13, wherein the instructions further cause the user device to, at a time after the authentication, provide information corresponding to user input to the second computer system in order to control an operating system executing on the second computer system.
  - 18. The user device of claim 13, wherein the user device further comprises a display device, and the instructions further cause the user device to:
    - modify a display of the display device according to received information corresponding to operation of an operating system on the virtual machine.
  - 19. The user device of claim 13, wherein the user device is incapable of executing an operating system.
  - 20. The user device of claim 13, wherein the user device further comprising an input device, and the executable instructions further cause the user device to:
    - receive authentication input from the user using the input device; and
      
      provide the received authentication input to the second computer system for authentication with the key.

21. A computer-implemented method, comprising:
- under the control of one or more computer systems configured with executable instructions,determining, at an authentication service, whether to provide access to a remote computing service distinct from the authentication service, the remote computing service configured to maintain virtual machines corresponding to authorized user devices;
  
  receiving, at the remote computing service, a request for access to the remote computing service from a user device, the request for access including an access key and a second key provided by the user device, the access key provided by the authentication service, wherein the second key is generated using a key-generation algorithm;
  
  authenticating, at the remote computing service, based at least in part on the received information, the user device as authorized to access at least one virtual machine maintained by the remote computing service;
  
  at a time after the user device is authenticated, receiving, at the authentication service, a request for an acquaintance key;
  
  authenticating, based at least in part on the acquaintance key, an acquaintance device as authorized to access the at least one virtual machine; and
  
  at a time after the acquaintance device is authenticated, granting access to the at least one virtual machine.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21, further comprising:
    - at a time after the user device has been authenticated, providing access to the remote computing service by, at least;
      
      receiving, from the user device, first information identifying user input made in connection with the user device;
      
      receiving, from the user device, second information permanently embedded in the user device;
      
      executing, based at least in part on the received first and second information, an operating system, the operating system including a graphical user interface; and
      
      enabling the user device to display the graphical user interface of the operating system.
  - 23. The method of claim 21, further comprising:
    - at a time before receiving the request for access to the remote computing service from the user device, receiving, at the authentication service, an access key request from the user device, the access key request including data derived from information permanently embedded in the user device.
  - 24. The method of claim 23, wherein the determination whether to provide access to the remote computing service distinct from the authentication service is based at least on the access key request.
  - 25. The method of claim 21, further comprising:
    - at a time after the determination has been made to provide access to the remote computing service, transmitting, from the authentication service, the access key to the user device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Gabrielson, Jacob
Primary Examiner(s)
Pollack, Melvin H

Application Number

US14/088,200
Time in Patent Office

774 Days
Field of Search

726/7
US Class Current

1/1
CPC Class Codes

G06F 21/629   to features or functions of...

H04L 63/0853   using an additional device,...

H04L 63/0876   based on the identity of th...

H04L 63/18   using different networks or...

Techniques for providing remote computing services

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

49 Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Techniques for providing remote computing services

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links