Network connection automation
First Claim
1. A computer-implemented method for authenticating a connection, comprising:
- under control of one or more computer systems configured with executable instructions,establishing a dedicated physical network connection between a computing resource service provider network device connected to a computer resource service provider network and a customer network device connected to a customer network separate from the computer resource service provider network device;
transmitting, from the computing resource service provider network device to the customer network device, through the dedicated physical network connection, a request for a customer to provide cryptographic authentication information for authenticating the customer network device;
receiving, at the computing resource service provider network device and from the customer network device, the cryptographic authentication information;
forwarding, from the computing resource service provider network device, the cryptographic authentication information to an authentication service that is operable to authenticate the cryptographic authentication information via verification based at least in part on a secret key of the customer; and
as a result of the authentication service successfully authenticating the cryptographic authentication information, configuring the computing resource service provider network device to route network traffic received from the customer network device through the dedicated physical network connection to one or more services of a computing resource service provider on the computer resource service provider network, the one or more services being different from the authentication service.
1 Assignment
0 Petitions
Accused Products
Abstract
A computing resource service provider receives a request from a customer to establish a physical connection between a provider network device and a customer network device in a colocation center. Once the connection has been established, the customer may transmit cryptographic authentication information, through the physical connection, to the provider network device. The provider network device transmits this information to an authentication service operated by the computing resource service provider to verify the authenticity of the information. If the information is authentic, the authentication service may re-configure the provider network device to allow the customer to access one or more services provided by the computing resource service provider. The authentication service may transmit cryptographic authentication information to the customer to verify the identity of the computing resource service provider.
-
Citations
25 Claims
-
1. A computer-implemented method for authenticating a connection, comprising:
under control of one or more computer systems configured with executable instructions, establishing a dedicated physical network connection between a computing resource service provider network device connected to a computer resource service provider network and a customer network device connected to a customer network separate from the computer resource service provider network device; transmitting, from the computing resource service provider network device to the customer network device, through the dedicated physical network connection, a request for a customer to provide cryptographic authentication information for authenticating the customer network device; receiving, at the computing resource service provider network device and from the customer network device, the cryptographic authentication information; forwarding, from the computing resource service provider network device, the cryptographic authentication information to an authentication service that is operable to authenticate the cryptographic authentication information via verification based at least in part on a secret key of the customer; and as a result of the authentication service successfully authenticating the cryptographic authentication information, configuring the computing resource service provider network device to route network traffic received from the customer network device through the dedicated physical network connection to one or more services of a computing resource service provider on the computer resource service provider network, the one or more services being different from the authentication service. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
8. A network device, comprising:
-
one or more communications ports configured to receive one or more signals from outside of the network device through physical network connections with other network devices, including a communications port that is connected to a provider network that includes one or more services including an authentication service and one or more services, the communications port configured to establish a dedicated physical network connection with a customer network device outside of the provider network; one or more processors that are operatively coupled with the one or more communications ports; and memory including instructions executable by the one or more processors that when executed by the one or more processors cause the one or more processors to; forward cryptographic authentication information received over the dedicated physical network connection from the customer network device connected to at least one of the one or more communications ports to the authentication service that is operable to authenticate the cryptographic authentication information; receive reconfiguration information, from the authentication service as a result of the authentication service having successfully authenticated the cryptographic authentication information, to enable the network device to forward data received through the dedicated physical network connection from the customer network device to the one or more services on the provider network; and reconfigure the network device to forward data received through the communications port over the dedicated physical network connection from the customer network device to at least one of the one or more services on the provider network in accordance with the reconfiguration information. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. One or more non-transitory computer-readable storage media having collectively stored thereon instructions that, as a result of execution by one or more processors, cause operations to be performed, the operations comprising:
-
establishing a dedicated physical network connection between a computing resource service provider network device connected to a computer resource service provider network and a customer network device connected to a customer network separate from the computer resource service provider network device; transmitting, from the computing resource service provider network device to the customer network device, through the dedicated physical network connection, a request for a customer to provide cryptographic authentication information for authenticating the customer network device; receiving, at the computing resource service provider network device and from the customer network device, the cryptographic authentication information; forwarding, from the computing resource service provider network device, the cryptographic authentication information to an authentication service that is operable to authenticate the cryptographic authentication information via verification based at least in part on a secret key of the customer; and as a result of the authentication service successfully authenticating the cryptographic authentication information, configuring the computing resource service provider network device to route network traffic received from the customer network device through the dedicated physical network connection to one or more services of a computing resource service provider on the computer resource service provider network, the one or more services being different from the authentication service. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification