Robot system
US-9599990-B2 · Mar 21, 2017 · US
Provisioning of a shippable storage device and ingesting data from the shippable storage device
US9934389B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9934389-B2 |
| Application number | US-201514975363-A |
| Country | US |
| Kind code | B2 |
| Filing date | Dec 18, 2015 |
| Priority date | Dec 18, 2015 |
| Publication date | Apr 3, 2018 |
| Grant date | Apr 3, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.
First claim
Opening claim text (preview).
What is claimed is: 1. A system, comprising: one or more computing devices of a storage service provider; and a provisioning service implemented on at least one of the one or more computing devices, wherein the provisioning service is configured to: receive, from a client, a request to import data from the client to the storage service provider; send, to the client, a data transfer tool for transferring the data onto at least one shippable storage device; determine at least one encryption key to be used by the data transfer tool; determine security information to be used by the data transfer tool; generate a manifest that includes the at least one encryption key and at least some of the security information; provision the at least one shippable storage device to be sent to the client; in response to completion of the provisioning of the shippable storage device, indicate that the shippable storage device is ready for shipment to the client; and send the manifest to the client. 2. The system as recited in claim 1 , wherein the provisioning service is further configured to: receive, from the client device, credential information; in response to receiving the credential information from the client device, authenticate the client; and provide an indication to the client of a status of one or more data import jobs. 3. The system as recited in claim 1 , wherein the manifest further comprises: at least one additional encryption key stored by the storage service provider, wherein the at least one additional encryption key is associated with at least one corresponding storage location of the data storage provider to store at least a portion of the imported data. 4. The system as recited in claim 1 , wherein the provisioning service is further configured to: write at least a portion of the security information to the shippable storage device; and write address information of the client to the shippable storage device. 5. The system as recited in claim 1 , wherein the provisioning service is further configured to: in response to determining that the client has received the shippable storage device: send the manifest to the client via a communication network; and send a code to the client for decrypting the manifest. 6. The system as recited in claim 1 , wherein the provisioning service is further configured to: write an operating system to the shippable storage device; and write at least a portion of the security information to the shippable storage device, wherein the at least a portion of the security information is configured to provide mutual authentication between the shippable storage device and the data transfer tool. 7. A method, comprising: performing, by a provisioning service implemented on one or more computing devices of a storage service provider: receiving, from a client, a request to import data from the client to the storage service provider; determining at least one encryption key associated with importing the data; generating information that includes the at least one encryption key; provisioning a shippable storage device to be sent to the client; in response to completion of the provisioning of the shippable storage device, indicating that the shippable storage device is ready for sending to the client; and sending the information to the client. 8. The method as recited in claim 7 , further comprising: sending, to the client separate from the information, a data transfer tool for transferring the data onto the at least one shippable storage device. 9. The method as recited in claim 8 , wherein the generated information includes security information for use by the data transfer tool for authenticating the shippable storage device. 10. The method as recited in claim 9 , wherein the at least one encryption key comprises a first encryption key stored by the storage service provider and at least a second encryption key stored by the storage service provider. 11. The method as recited in claim 10 , wherein the first encryption key is associated with a first data storage location at the storage service provider and the at least a second encryption key is associated with a second data storage location at the storage service provider. 12. The method as recited in claim 9 , wherein the security information comprises: at least a first portion of security information that is configured for authenticating the shippable storage device; and at least a second portion of security information that is configured for authenticating the data transfer tool by the shippable storage device. 13. The method as recited in claim 7 , further comprising: sending, to the client, a code for decrypting the information sent to the client, wherein the information is sent to the client via a communication network. 14. The method as recited in claim 7 , further comprising: writing an operating system to the shippable storage device; and writing address information of the client to the shippable storage device to be displayed by the shippable storage device. 15. The method as recited in claim 7 , further comprising: writing at least a portion of the security information to the shippable storage device, wherein the at least a portion of the security information is configured to provide mutual authentication between the shippable storage device and the data transfer tool. 16. A non-transitory computer-readable storage medium storing program instructions that, when executed by one or more computing devices, cause the one or more computing devices to implement: performing, by a provisioning service of a storage service provider: receiving, from a client, a request to import data from the client to the storage service provider; determining at least one encryption key associated with importing the data; generating information that includes the at least one encryption key; provisioning a shippable storage device to be sent to the client; in response to completion of the provisioning of the shippable storage device, indicating that the shippable storage device is ready for sending to the client; and sending the information to the client. 17. The non-transitory, computer-readable storage medium of claim 16 , wherein the program instructions cause the one or more computing devices to further implement: sending, to the client separate from the information, a data transfer tool for transferring the data onto the at least one shippable storage device. 18. The non-transitory, computer-readable storage medium of claim 17 , wherein the generated information includes security information for use by the data transfer tool for authenticating the shippable storage device. 19. The non-transitory, computer-readable storage medium of claim 18 , wherein the at least one encryption key comprises: a first encryption key stored by the storage service provider and associated with a first data storage location at the storage service provider; and at least a second encryption key stored by the storage service provider and associated with at least a second data storage location at the storage service provider. 20. The non-transitory, computer-readable storage medium of claim 16 , wherein the program instructions cause the one or more computing devices to further implement: sending, to the client, a code for decrypting the information sent to the client, wherein the information is sent to the client via a communication network.
Assignees
Inventors
Classifications
involving additional devices, e.g. trusted platform module [TPM], smartcard or USB · CPC title
- G06F21/606Primary
by securing the transmission between two devices or processes · CPC title
in storage media based on magnetic or optical technology, e.g. disks with sectors (preventing unauthorised reproduction or copying of disc-type recordable media G11B20/00) · CPC title
Calendaring for a resource · CPC title
Administration; Management · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9934389B2 cover?
- When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to…
- Who is the assignee on this patent?
- Amazon Tech Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/606. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Apr 03 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 5 related publications on this page (citations in our corpus or others sharing the same primary CPC).