US 11,657,171 B2
Large network attached storage encryption
Oleksandr Volkanov, Vancouver (CA); and Dean Giberson, Vancouver (CA)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Nov. 8, 2019, as Appl. No. 16/678,685.
Application 16/678,685 is a continuation of application No. 15/362,721, filed on Nov. 28, 2016, granted, now 10,474,831.
Prior Publication US 2020/0074103 A1, Mar. 5, 2020
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/62 (2013.01); H04L 9/08 (2006.01); G06F 21/60 (2013.01); G06F 9/4401 (2018.01)
CPC G06F 21/6218 (2013.01) [G06F 9/4401 (2013.01); G06F 21/602 (2013.01); H04L 9/083 (2013.01); H04L 9/0822 (2013.01); H04L 9/0861 (2013.01); G06F 2221/2107 (2013.01); H04L 2209/12 (2013.01); H04L 2209/46 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method, comprising:
delivering, to a location of a customer of a computing resource service provider, a transportable storage service system in a powered-off state, the transportable storage service system including a plurality of storage devices, a network interface, and a graphics interface;
obtaining, to the transportable storage service system at the location of the customer and with the transportable storage service system in a powered-on state, a cryptographic key;
receiving, at the transportable storage service system in the powered-on state, a set of data to store in the transportable storage service system, the set of data being multiple terabytes in size;
encrypting, by the transportable storage service system in the powered-on state and using the cryptographic key, the set of data to produce an encrypted set of data;
storing the encrypted set of data in the plurality of storage devices;
receiving the transportable storage service system in the powered-off state with the stored encrypted set of data to a facility of the computing resource service provider;
verifying that the set of data stored on the transportable storage service system has not been tampered with in transit;
transferring, by the network interface, the set of data from the transportable storage service system to a datacenter of the computing resource service provider;
decrypting, at a datacenter of the computing resource service provider, the encrypted set of data using the cryptographic key; and
cleaning data from the transportable storage service system.