公开(公告)号：US10936735B2

公开(公告)日：2021-03-02

申请号：US16530891

申请日：2019-08-02

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06F21/80 ,  G06F21/44 ,  H04L9/08 ,  H04L29/06 ,  G06Q10/08 ,  H04L9/32 ,  G06Q10/00 ,  G06Q10/06

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.

公开(公告)号：US20210182410A1

公开(公告)日：2021-06-17

申请号：US17187472

申请日：2021-02-26

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06F21/80 ,  G06F21/44 ,  H04L9/08 ,  H04L29/06 ,  G06Q10/08 ,  H04L9/32 ,  G06Q10/00 ,  G06Q10/06

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.

公开(公告)号：US10372922B2

公开(公告)日：2019-08-06

申请号：US15943627

申请日：2018-04-02

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06F21/80 ,  G06F21/44 ,  H04L9/08 ,  H04L29/06 ,  G06Q10/08 ,  H04L9/32 ,  G06Q10/00 ,  G06Q10/06

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.

公开(公告)号：US20230161889A1

公开(公告)日：2023-05-25

申请号：US18058720

申请日：2022-11-23

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06F21/80 ,  G06F21/44 ,  H04L9/08 ,  H04L9/40 ,  G06Q10/083 ,  H04L9/32 ,  G06Q10/00 ,  G06Q10/06 ,  G06Q10/08 ,  G06Q10/0631

CPC classification number: G06F21/606 ,  G06F21/80 ,  G06F21/44 ,  H04L9/0897 ,  H04L63/0428 ,  G06Q10/083 ,  H04L9/0822 ,  H04L9/3263 ,  G06Q10/00 ,  G06Q10/06 ,  G06Q10/08 ,  G06Q10/06314

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.

公开(公告)号：US10482413B2

公开(公告)日：2019-11-19

申请号：US14975371

申请日：2015-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: H04L29/06 ,  G06Q10/08 ,  G06F21/62 ,  G06F21/78 ,  G06F21/44 ,  G06F21/60

Abstract: A client-side data transfer tool may be used to encrypt customer data and store the encrypted data onto a shippable data storage device. The shippable storage device is provided to the client by a remote storage service provider for importing the customer data into the service provider. The data transfer tool receives client-keys from the service provider, separate from the shippable storage device. The data transfer tool generates keys to encrypt the customer data. The data transfer tool then uses the client-keys received from the service provider to encrypt the tool-generated keys. The encrypted data and the encrypted tool-generated keys are transferred onto the shippable storage device. Data transfer techniques may take into account characteristics of the data source and the data destination. For multiple shippable storage devices, data transfer may occur in parallel. The shippable storage device is then shipped back to the service provider, which imports the data.

公开(公告)号：US09887998B2

公开(公告)日：2018-02-06

申请号：US14975368

申请日：2015-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0876 ,  G06Q10/083 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/062 ,  H04L67/1097 ,  H04L67/16

Abstract: Data may be securely stored onto a shippable data storage device in order for the client data to be protected during shipment to the remote storage service provider. The service provider prepares a shippable storage device and ships it to the client. The service provider also sends client-keys and security information to the client, separate from the shippable storage device. A client-side data transfer tool authenticates the shippable storage device using the security information. The data transfer tool generates keys to encrypt the customer data. The data transfer tool then uses the client-keys received from the service provider to encrypt the tool-generated keys. The encrypted data and the encrypted tool-generated keys are transferred onto the shippable storage device. The shippable storage device is then shipped back to the service provider, which decrypts the tool-generated keys and the encrypted data before importing the data.

公开(公告)号：US20240296236A1

公开(公告)日：2024-09-05

申请号：US18433249

申请日：2024-02-05

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06F21/44 ,  G06F21/80 ,  G06Q10/00 ,  G06Q10/06 ,  G06Q10/0631 ,  G06Q10/08 ,  G06Q10/083 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40

CPC classification number: G06F21/606 ,  G06F21/44 ,  G06F21/80 ,  G06Q10/00 ,  G06Q10/06 ,  G06Q10/06314 ,  G06Q10/08 ,  G06Q10/083 ,  H04L9/0822 ,  H04L9/0897 ,  H04L9/3263 ,  H04L63/0428

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.

公开(公告)号：US11921870B2

公开(公告)日：2024-03-05

申请号：US18058720

申请日：2022-11-23

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06F21/44 ,  G06F21/80 ,  G06Q10/00 ,  G06Q10/06 ,  G06Q10/0631 ,  G06Q10/08 ,  G06Q10/083 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40

CPC classification number: G06F21/606 ,  G06F21/44 ,  G06F21/80 ,  G06Q10/00 ,  G06Q10/06 ,  G06Q10/06314 ,  G06Q10/08 ,  G06Q10/083 ,  H04L9/0822 ,  H04L9/0897 ,  H04L9/3263 ,  H04L63/0428

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.

公开(公告)号：US11281624B1

公开(公告)日：2022-03-22

申请号：US15279316

申请日：2016-09-28

Applicant: Amazon Technologies, Inc.

Inventor： Frank Charles Paterra ,  Eric Neilsen ,  Apoorv Birthare ,  Andrew Portnoy ,  Firat Basarir

IPC: G06F16/13 ,  H04L67/01 ,  G06F16/182

Abstract: A data storage system implements aggregation, bifurcation, and/or reduction techniques to improve the efficiency of processing data storage requests. Data storage requests and/or their associated payloads may be aggregated based on one or more parameters. Data to be the stored and the associated commands may be separated so as to optimize a system's throughput and latency for each. Furthermore, extraneous commands and requests may be reduced or eliminated based on heuristics associated with the requests and the data.

公开(公告)号：US20190354704A1

公开(公告)日：2019-11-21

申请号：US16530891

申请日：2019-08-02

Applicant: Amazon Technologies, Inc.

Inventor： Frank Paterra ,  Firat Basarir

IPC: G06F21/60 ,  G06Q10/06 ,  G06Q10/08 ,  G06Q10/00 ,  H04L9/32 ,  G06F21/80 ,  H04L29/06 ,  H04L9/08 ,  G06F21/44

Abstract: When a client requests a data import job, a remote storage service provider provisions a shippable storage device that will be used to transfer client data from the client to the service provider for import. The service provider generates security information for the data import job, provisions the shippable storage device with the security information, and sends the shippable storage device to the client. The service provider also sends client-keys to the client, separate from the shippable storage device (e.g., via a network). The client receives the device, encrypts the client data and keys, transfers the encrypted data and keys onto the device, and ships it back to the service provider. The remote storage service provider authenticates the storage device, decrypts client-generated keys using the client-keys stored at the storage service provider, decrypts the data using the decrypted client-side generated keys, and imports the decrypted data.