-
公开(公告)号:US11595205B1
公开(公告)日:2023-02-28
申请号:US16693167
申请日:2019-11-22
Applicant: Amazon Technologies, Inc.
Inventor: Sroaj Sosothikul , Akshat Vig , Avinash Kodakandla , Nicholas Gordon , Sharan Rajesh Munyal , Somasundaram Perianayagam , Mazen Moez Ali , Ravi Math
Abstract: A distributed database encrypts a table using a table encryption key protected by a client master encryption key. The encrypted table is replicated among a plurality of nodes of the distributed database. The table encryption key is replicated among the plurality of nodes, and is stored on each node in a respective secure memory. In the event of node failure, a copy of the stored key held by another member of the replication group is used to restore a node to operation. The replication group may continue operation in the event of a revocation of authorization to access the client master encryption key.
-
公开(公告)号:US12007977B1
公开(公告)日:2024-06-11
申请号:US17936967
申请日:2022-09-30
Applicant: Amazon Technologies, Inc.
Inventor: Omendra Pratap Singh , Jiancheng Wang , Mostafa Elhemali , Sroaj Sosothikul , Jhansi Lakshmi Kolla , Wan Man Ryan Chan , Somasundaram Perianayagam
IPC: G06F16/23
CPC classification number: G06F16/2358
Abstract: Selective application of log records may be performed. A target storage node for a new replica being added to a replica group for a database may obtain a paginated result of a scan of ordered items of the database from a source. The paginated result may have a log sequence number that corresponds to a replica log consistent with the paginated result. The target storage node may obtain log records from the replication log after the log sequence number for the paginated result. The target storage node may selectively apply the log records from the replication log according to one or more application rules that determine whether to ignore a change described in a log record.
-
公开(公告)号:US11860673B1
公开(公告)日:2024-01-02
申请号:US16693166
申请日:2019-11-22
Applicant: Amazon Technologies, Inc.
Inventor: Avinash Kodakandla , Akshat Vig , Ravi Math , Sroaj Sosothikul , Nicholas Gordon , Somasundaram Perianayagam , Mazen Moez Ali , Sharan Rajesh Munyal
CPC classification number: G06F16/2358 , G06F16/2282 , G06F16/2365 , G06F16/27 , H04L9/0822
Abstract: A distributed database encrypts tables using table encryption keys protected by a client master encryption key. The client may revoke and subsequently restore authorization to access the client master encryption key. A sweeper process of the distributed database examines encrypted tables and identifies changes to the status of a corresponding client master encryption key. A response to an identified change in status is initiated.
-
公开(公告)号:US11568063B1
公开(公告)日:2023-01-31
申请号:US16693164
申请日:2019-11-22
Applicant: Amazon Technologies, Inc.
Inventor: Akshat Vig , Nicholas Gordon , Sroaj Sosothikul , Ravi Math , Avinash Kodakandla , Somasundaram Perianayagam , Mazen Moez Ali , Sharan Rajesh Munyal
Abstract: A distributed database encrypts tables using table encryption keys protected by a client master encryption key. The client may revoke authorization to access the client master encryption key. Subsequent to a revocation of authority to access the client master encryption key, the distributed database generates interim snapshots of the table using the table encryption key. Also subsequent to the revocation, the distributed database generates a backup of the table using a backup encryption key protected by the client master encryption key.
-
-
-
Search Results
4
records
(took 0.024 seconds)
