Legal claims defining the scope of protection, as filed with the USPTO.
1. A method to enable a value-added storage service of a storage system coupled to a client, comprising: establishing a secure root of trust for the client, wherein the secure root of trust establishes a secure path to download a license for the value-added secure storage from a provider of the value-added storage service; establishing a secure tunnel between an application of the client and the storage system of the client, wherein the secure tunnel uses an action and results mailbox; securely downloading the license for the value-added storage service from the provider to the storage system, wherein the storage system includes secure storage that is used to store the license; and securely providing the license from the storage system to the application via the secure tunnel.
2. The method of claim 1 , wherein the storage system includes secure storage that is used to store the license.
3. The method of claim 1 , wherein the license stored in the secure storage is accessible via a private interface.
4. The method of claim 1 , wherein establishing of the secure root of trust comprises: provisioning a public key into the storage system.
5. The method of claim 1 , wherein securely downloading the license comprises: authenticating with a service that manages the license.
6. The method of claim 1 , wherein the securely downloading the license comprises: receiving the license; and storing the license in the storage system.
7. A device to enable a value-added storage service of a storage system coupled to a device, comprising: the storage system, including, an agent to establish a secure root of trust for the device, wherein the secure root of trust establishes a secure path to download a license for the value-added secure storage from a service provider of the value-added storage service, physical storage that includes a secure storage to establish a secure tunnel with the service provider, to securely download a license for the value-added storage service from the service provider, and to securely provide the license from the storage system to an application via the secure tunnel, wherein the secure tunnel to use an action and results mailbox.
8. The device of claim 7 , wherein the secure storage is not accessible to an operating system of the device.
9. The device of claim 7 , wherein the license stored in the secure storage is accessible via a private interface.
10. The device of claim 7 , wherein the agent is further configured to authenticate with service provider.
11. The device of claim 10 , wherein the agent, to securely download the license, is configured to receive the license and to store the license in the storage system.
12. A system to enable a value-added storage service of a storage system coupled to a device, comprising: a service provider that manages and stores a license for the value-added storage service; and the storage system, including, an agent that establishes a secure root of trust for the device with the service provider, wherein the secure root of trust establishes a secure path to download a license for the value-added secure storage from a service provider of the value-added storage service, and physical storage including a secure storage that establishes a secure tunnel with the service provider, securely downloads the license for the value-added storage service from the service provider, and securely provides the license from the storage system to an application via the secure tunnel, wherein the secure tunnel to use an action and results mailbox.
13. The device of claim 12 , wherein the secure storage is not accessible to an operating system of the device.
14. The device of claim 12 , wherein the license stored in the secure storage is accessible via a private interface.
15. The system of claim 12 , wherein the service provider provisions a public key for the agent.
16. The system of claim 12 , wherein the agent further authenticates with service provider.
17. A non-transitory machine-readable medium having executable instructions to cause one or more processing units to perform a method to enable a value-added storage service of a storage system coupled to a client, the method comprising: establishing a secure root of trust for the client, wherein the secure root of trust establishes a secure path to download a license for the value-added secure storage from a provider of the value-added storage service; establishing a secure tunnel between an application of the client and the storage system of the client, wherein the secure tunnel uses an action and results mailbox; securely downloading the license for the value-added storage service from the provider to the storage system, wherein the storage system includes secure storage that is used to store the license; and securely providing the license from the storage system to the application via the secure tunnel.
Unknown
February 23, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.