Snapshot management across cloud provider network extension security boundaries
US11662928B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Nov 27, 2019 |
| Grant date | May 30, 2023 |
| Priority date | — |
| Expiry date | Nov 11, 2040 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2201/84
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
Systems and methods for efficient and secure management of encrypted “snapshots” for a remote provider substrate extension (“PSE”) of a cloud provider network substrate are provided. The PSE may request and obtain a snapshot from the cloud provider network substrate, restore a volume from the snapshot, make changes to data in the restored volume, and/or initiate the creation and storage of a new snapshot that includes incremental updates to the original snapshot to reflect the changes made to data in the volume. An encrypted snapshot stored within the cloud provider network substrate may be decrypted using a cloud provider key designed for internal use only, and then re-encrypted using a PSE-specific key before providing the snapshot to the PSE, thereby avoiding the sharing of the cloud provider internal use only key outside the cloud provider network substrate.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.