Method and system for securely transmitting volumes into cloud

US 9,882,825 B2
Filed: 03/13/2015
Issued: 01/30/2018
Est. Priority Date: 03/14/2014
Status: Active Grant

First Claim

Patent Images

1. A first computing device for transmitting one or more volumes via a secured connection, the first computing device comprising:

one or more hardware processors;

a volume service that is executable by the one or more hardware processors and is configured to;

instruct a cloud computing device to generate a worker virtual machine, the cloud computing device being associated with a cloud computing service;

provide for transmission, via a first connection between the volume service and the worker virtual machine, a random number to the worker virtual machine generated on the cloud computing device;

instruct the cloud computing device to generate one or more target volumes associated with the cloud computing service;

instruct the cloud computing device to associate the one or more target volumes with the worker virtual machine;

provide for transmission via a second secured connection between the virtual service and the worker virtual machine a message to the worker virtual machine, the message including the one or more volumes having volume data to be stored in the one or more target volumes associated with the worker virtual machine and the random number transmitted to the worker virtual machine via the first connection; and

wherein the message is authenticated by the worker virtual machine based on at least matching the random number of the message with the random number received by the worker virtual machine via the first connection.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A first computing device is provided for transmitting one or more volumes via a secured connection. The first computing device includes a volume service that is executable by one or more processors and is configured to instruct a cloud computing device to generate a worker virtual machine. The volume service is also configured to provide, via a connection different from the secured connection, a random number to the worker virtual machine. The volume service is further configured to instruct the cloud computing device to generate one or more target volumes associated with the cloud computing service and to associate the one or more target volumes with the worker virtual machine. The volume service is further instructed to provide, irrespective of the content type of the volumes and the size of the volumes, the one or more volumes to the worker virtual machine via the secured connection.

23 Citations

32 Claims

1. A first computing device for transmitting one or more volumes via a secured connection, the first computing device comprising:
- one or more hardware processors;
  
  a volume service that is executable by the one or more hardware processors and is configured to;
  
  instruct a cloud computing device to generate a worker virtual machine, the cloud computing device being associated with a cloud computing service;
  
  provide for transmission, via a first connection between the volume service and the worker virtual machine, a random number to the worker virtual machine generated on the cloud computing device;
  
  instruct the cloud computing device to generate one or more target volumes associated with the cloud computing service;
  
  instruct the cloud computing device to associate the one or more target volumes with the worker virtual machine;
  
  provide for transmission via a second secured connection between the virtual service and the worker virtual machine a message to the worker virtual machine, the message including the one or more volumes having volume data to be stored in the one or more target volumes associated with the worker virtual machine and the random number transmitted to the worker virtual machine via the first connection; and
  
  wherein the message is authenticated by the worker virtual machine based on at least matching the random number of the message with the random number received by the worker virtual machine via the first connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The first computing device of claim 1, wherein the one or more volumes comprise at least one of:
    - a system volume or a data storage volume, wherein the system volume includes a bootable operating system and one or more software applications, and wherein the data storage volume includes user data to be stored on the cloud computing device.
  - 3. The first computing device of claim 1, wherein the volume service is further configured to receive an identification of the worker virtual machine.
  - 4. The first computing device of claim 1, wherein the volume service is further configured to provide one or more identifications of one or more target volumes to the worker virtual machine.
  - 5. The first computing device of claim 4, wherein the worker virtual machine stores, based on the one or more target volume identifications, the one or more volumes to the one or more corresponding target volumes associated with the worker virtual machine.
  - 6. The first computing device of claim 1, wherein the volume service is configured to instruct the cloud computing device to generate the worker virtual machine using an application programming interface (API) call.
  - 7. The first computing device of claim 1, wherein the cloud computing service comprises at least one of:
    - a cloud data storage service, an infrastructure-as-a-service, a platform-as-a-service, or a software-as-a-service.
  - 8. The first computing device of claim 1, wherein after the message is authenticate the one or more volumes can be transmitted to the one or more target volumes.
  - 9. The first computing device of claim 8, wherein the volume service is further configured to:
    - instruct the cloud computing device to generate additional one or more worker virtual machines;
      
      instruct the cloud computing device to generate one or more additional target volumes;
      
      instruct the cloud computing device to associate at least some of the one or more additional target volumes with the additional worker virtual machines; and
      
      provide additional messages to the additional one or more worker virtual machines via additional one or more secured connections, wherein the additional messages include additional authentication information to facilitate authenticating of the additional messages at the additional one or more worker virtual machines.
  - 10. The first computing device of claim 1, wherein the secured connection is based on a secure socket layer protocol.
  - 11. The first computing device of claim 1, wherein the secured connection terminates based on a connection-terminating event that includes at least one of a preconfigured idling time period, a loss of power, a loss of connectivity, or a request for termination.
  - 12. The first computing device of claim 1, wherein the volume service is further configured to instruct the cloud computing device to perform at least one of:
    - disassociate at least one of the one or more target volumes with the worker virtual machine; and
      
      associate at least one additional target volume with the worker virtual machine.
  - 13. The first computing device of claim 1, wherein the volume service is further configured to instruct the cloud computing device to retrieve at least one of the one or more volumes stored in the one or more target volumes.
  - 14. The first computing device of claim 1, further comprising a storage device configured to store the one or more volumes.

15. A method for transmitting one or more volumes via a secured connection, the method being performed by a volume service of a first computing device that includes one or more processors, the method comprising:
- instructing a cloud computing device to generate a worker virtual machine, the cloud computing device being associated with a cloud computing service;
  
  providing for transmission, via a first connection between the volume service and the worker virtual machine, a random number to the worker virtual machine generated on the cloud computing device;
  
  instructing the cloud computing device to generate one or more target volumes associated with the cloud computing service;
  
  instructing the cloud computing device to associate the one or more target volumes with the worker virtual machine; and
  
  providing for transmission via a second secured connection between the virtual service and the worker virtual machine, a message to the worker virtual machine, the message including the one or more volumes having volume data to be stored in the one or more target volumes associated with the worker virtual machine and the random number transmitted to the worker virtual machine via the first connection; and
  
  wherein the message is authenticated by the worker virtual machine based on at least matching the random number of the message with the random number received by the worker virtual machine via the first connection.
- View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
- - 16. The method of claim 15, wherein the one or more volumes comprise at least one of:
    - a system volume or a data storage volume, wherein the system volume includes a bootable operating system and one or more software applications, and wherein the data storage volume includes user data to be stored on the cloud computing device.
  - 17. The method of claim 15, further comprising providing one or more identifications of one or more target volumes to the worker virtual machine.
  - 18. The method of claim 17, wherein the worker virtual machine stores, based on the one or more target volume identifications, the one or more volumes to the one or more corresponding target volumes associated with the worker virtual machine.
  - 19. The method of claim 15, wherein the message further includes authentication information to facilitate authenticating of the message based on the random number, the authentication information being a copy of the random number.
  - 20. The method of claim 19, further comprising:
    - instructing the cloud computing device to generate additional one or more worker virtual machines;
      
      instructing the cloud computing device to generate one or more additional target volumes;
      
      instructing the cloud computing device to associate at least some of the one or more additional target volumes with the additional worker virtual machines; and
      
      providing additional messages to the additional one or more worker virtual machines via additional one or more secured connections, wherein the additional messages include additional authentication information to facilitate authenticating of the additional messages at the additional one or more worker virtual machines.
  - 21. The method of claim 15, wherein the secured connection terminates based on a connection-terminating event that includes at least one of a preconfigured idling time period, a loss of power, a loss of connectivity, or a request for termination.
  - 22. The method of claim 15, further comprising instructing the cloud computing device to perform at least one of:
    - disassociating at least one of the one or more target volumes with the worker virtual machine; and
      
      associating at least one additional target volume with the worker virtual machine.
  - 23. The method of claim 15, further comprising instructing the cloud computing device to retrieve at least one of the one or more volumes stored in the one or more target volumes.

24. A non-transitory computer readable storage medium storing instructions that are executable by a first computing device that includes one or more processors to cause a volume service of the first computing device to perform a method for transmitting one or more volumes via a secured connection, the method comprising:
- instructing a cloud computing device to generate a worker virtual machine, the cloud computing device being associated with a cloud computing service;
  
  providing for transmission, via a first connection between the volume service and the worker virtual machine, a random number to the worker virtual machine generated on the cloud computing device;
  
  instructing the cloud computing device to generate one or more target volumes associated with the cloud computing service;
  
  instructing the cloud computing device to associate the one or more target volumes with the worker virtual machine; and
  
  providing for transmission via a second secured connection between the virtual service and the worker virtual machine, a message to the worker virtual machine, the message including the one or more volumes having volume data to be stored in the one or more target volumes associated with the worker virtual machine and the random number transmitted to the worker virtual machine via the first connection; and
  
  wherein the message is authenticated by the worker virtual machine based on at least matching the random number of the message with the random number received by the worker virtual machine via the first connection.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32)
- - 25. The non-transitory computer readable medium of claim 24, wherein the one or more volumes comprise at least one of:
    - a system volume or a data storage volume, wherein the system volume includes a bootable operating system and one or more software applications, and wherein the data storage volume includes user data to be stored on the cloud computing device.
  - 26. The non-transitory computer readable medium of claim 24, further comprising instructions that are executable by the first computing device that includes one or more processors to cause the volume service of the first computing device to perform:
    - providing one or more identifications of one or more target volumes to the worker virtual machine.
  - 27. The non-transitory computer readable medium of claim 26, wherein the worker virtual machine stores, based on the one or more target volume identifications, the one or more volumes to the one or more corresponding target volumes associated with the worker virtual machine.
  - 28. The non-transitory computer readable medium of claim 24, wherein the message further includes authentication information to facilitate authenticating of the message based on the random number, the authentication information being a copy of the random number.
  - 29. The non-transitory computer readable medium of claim 24, further comprising instructions that are executable by the first computing device that includes one or more processors to cause the volume service of the first computing device to perform:
    - instructing the cloud computing device to generate additional one or more worker virtual machines;
      
      instructing the cloud computing device to generate one or more additional target volumes;
      
      instructing the cloud computing device to associate at least some of the one or more additional target volumes with the additional worker virtual machines; and
      
      providing additional messages to the additional one or more worker virtual machines via additional one or more secured connections, wherein the additional messages include additional authentication information to facilitate authenticating of the additional messages at the additional one or more worker virtual machines.
  - 30. The non-transitory computer readable medium of claim 24, wherein the secured connection terminates based on a connection-terminating event that includes at least one of a preconfigured idling lime period, a loss of power, a loss of connectivity, or a request for termination.
  - 31. The non-transitory computer readable medium of claim 24, further comprising instructions that are executable by the first computing device that includes one or more processors to cause the volume service of the first computing device to perform:
    - instructing the cloud computing device to perform at least one of;
      
      disassociating at least one of the one or more target volumes with the worker virtual machine; and
      
      associating at least one additional target volume with the worker virtual machine.
  - 32. The non-transitory computer readable medium of claim 24, further comprising instructions that are executable by the first computing device that includes one or more processors to cause the volume service of the first computing device to perform:
    - instructing the cloud computing device to retrieve at least one of the one or more volumes stored in the one or more target volumes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citrix Systems, Inc. (Cloud Software Group)
Original Assignee
Citrix Systems, Inc. (Cloud Software Group)
Inventors
Waterhouse, Simon, Lafferty, Donal
Primary Examiner(s)
Lewis, Lisa
Assistant Examiner(s)
Bucknor, Olanrewaju

Application Number

US14/657,760
Publication Number

US 20150264035A1
Time in Patent Office

1,054 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 21/6209   to a single file or object,...

H04L 47/70   Admission control; Resource...

H04L 63/0428   wherein the data content is...

H04L 63/08   for authentication of entit...

Method and system for securely transmitting volumes into cloud

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for securely transmitting volumes into cloud

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links