公开(公告)号：US20130311650A1

公开(公告)日：2013-11-21

申请号：US13946943

申请日：2013-07-19

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine ,  James Alfred Gordon Greenfield ,  Diwakar Gupta

IPC: H04L12/26

CPC classification number: H04L43/04 ,  G06F9/505

Abstract: Systems and methods are described for managing requests for computing capacity from a provider of computing resources. The computing resources may include program execution capabilities, data storage or management capabilities, network bandwidth, etc. In some implementations, user requests are probabilistically denied or granted while some computing resources are still available. By denying some requests or granting only some, the rate of computing resource usage can be reduced, thus preserving some capacity for a longer period of time. In one embodiment, the capacity can be provided to clients based on client priority, provided to clients with reserved resources, provided to clients probabilistically, sold on a spot market, or allocated in some other fashion.

Abstract translation: 描述了用于管理来自计算资源提供商的计算能力请求的系统和方法。 计算资源可以包括程序执行能力，数据存储或管理能力，网络带宽等。在一些实现中，在某些计算资源仍然可用的情况下，概率地拒绝或授予用户请求。 通过拒绝一些请求或仅授予一些请求，可以减少计算资源使用率，从而在较长时间内保留一些容量。 在一个实施例中，可以基于客户端优先级向客户端提供容量，提供给具有预留资源的客户端，概率地提供给客户，在现货市场上出售或以某种其他方式分配。

公开(公告)号：US12256018B1

公开(公告)日：2025-03-18

申请号：US18376756

申请日：2023-10-04

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: H04L9/32 ,  H04L9/08

Abstract: A system that provides responses to requests obtains a key that is used to digitally sign the request. The key is derived from information that is shared with a requestor to which the response is sent. The requestor derives, using the shared information, derives a key usable to verify the digital signature of the response, thereby enabling the requestor to operate in accordance with whether the digital signature of the response matches the response.

公开(公告)号：US12204668B1

公开(公告)日：2025-01-21

申请号：US17393813

申请日：2021-08-04

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine ,  Rebecca Claire Weiss ,  Andrew Kent Warfield

IPC: G06F21/00 ,  G06F21/62

Abstract: Techniques are described for enabling users to create and configure request-based policies used by a data storage system to generate custom responses to particular types of requests for users' stored data objects. The request-based policies include rules used to identify types of requests for data objects and corresponding types of responses to be generated responsive to detecting such requests. The types of responses that can be specified in such policies include responses other than simply returning a requested data object or denying a request. For example, a rule for certain types of responses can instruct the data storage system to return a dynamically generated data object, another rule can instruct the system to return a different data object than the one requested, and so forth.

公开(公告)号：US12135796B2

公开(公告)日：2024-11-05

申请号：US17177496

申请日：2021-02-17

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: H04L9/08 ,  G06F21/60 ,  G06F21/62 ,  H04L9/32 ,  H04L9/40

Abstract: An encoding of a cryptographic key is obtained in a form of an encrypted key. Request is provided to a service provider including a fulfillment involving performing a cryptographic operation on data. Upon fulfillment of the request, a response is then received which indicates the fulfillment of the request.

公开(公告)号：US12107897B1

公开(公告)日：2024-10-01

申请号：US17735017

申请日：2022-05-02

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine ,  Matthew James Wren

IPC: H04L9/40

CPC classification number: H04L63/20 ,  H04L63/0471 ,  H04L63/06

Abstract: A system comprises a data storage service includes a web service interface operating as a proxy to the data storage service. Data obtained at the data storage service is analyzed by one or more criteria of a data loss prevention policy, the data is encrypted by a key that is inaccessible to a remote service, and then the encrypted data is transmitted to the remote service.

公开(公告)号：US20240126895A1

公开(公告)日：2024-04-18

申请号：US18397696

申请日：2023-12-27

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  H04L9/32 ,  H04L9/40

CPC classification number: G06F21/602 ,  G06F21/6209 ,  H04L9/0822 ,  H04L9/3226 ,  H04L63/0428 ,  H04L63/06 ,  H04L9/0819 ,  H04L9/3242 ,  H04L9/3247 ,  H04L2209/76

Abstract: An encoding of a cryptographic key is obtained in a form of an encrypted key. Request is provided to a service provider including a fulfillment involving performing a cryptographic operation on data. Upon fulfillment of the request, a response is then received which indicates the fulfillment of the request.

公开(公告)号：US20240113935A1

公开(公告)日：2024-04-04

申请号：US18489784

申请日：2023-10-18

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine ,  Clarissa Loree Cook Brandwine ,  Daniel T. Cohn ,  Andrew J. Doane ,  Carl J. Moses ,  Stephen E. Schmidt

IPC: H04L41/0803 ,  H04L9/40 ,  H04L12/46 ,  H04L45/586

CPC classification number: H04L41/0803 ,  H04L12/4641 ,  H04L45/586 ,  H04L63/0272

Abstract: Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service in order to create and configure computer networks that are provided by the configurable network service for use by the users. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. If so, secure private access between an existing computer network and new computer network extension that is being provided may be enabled using one or more VPN connections or other private access mechanisms.

公开(公告)号：US11838296B1

公开(公告)日：2023-12-05

申请号：US17219163

申请日：2021-03-31

Applicant: Amazon Technologies, Inc.

Inventor： Hart Matthew Rossman ,  Eric Vanwieren ,  Eric Jason Brandwine ,  Cameron John Maxwell ,  Tyler Thomas Maklebust ,  Nathaniel Schaaf

IPC: H04L9/40 ,  G06F8/33 ,  G06F8/71

CPC classification number: H04L63/126 ,  G06F8/33 ,  G06F8/71 ,  H04L63/20

Abstract: Techniques are described for providing software developers with secure software project development environments via cloud-based or locally installed integrated development environments (IDEs). A cloud provider network provides a project development environment policy service that enables users to configure project development environment policies associated with various software projects and to deploy configured policies to users' project development environments as appropriate. A project development environment policy can include rules related to monitoring and controlling version control system actions, monitoring the content of project source code pushed to version control repositories, among other software project governance-related configurations.

公开(公告)号：US11695555B2

公开(公告)日：2023-07-04

申请号：US16869423

申请日：2020-05-07

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Matthew James Wren ,  Eric Jason Brandwine ,  Brian Irl Pratt

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/06 ,  H04L9/14 ,  H04L9/30

CPC classification number: H04L9/088 ,  H04L9/0618 ,  H04L9/0643 ,  H04L9/0891 ,  H04L9/14 ,  H04L9/30 ,  H04L9/321 ,  H04L9/3247

Abstract: A system uses information submitted in connection with a request to determine if and how to process the request. The information may be electronically signed by a requestor using a key such that the system processing the request can verify that the requestor has the key and that the information is authentic. The information may include information that identifies a holder of a key needed for processing the request, where the holder of the key can be the system or another, possibly third party, system.

公开(公告)号：US20230188335A1

公开(公告)日：2023-06-15

申请号：US17548422

申请日：2021-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Antia Lamas Linares ,  Pavel Lougovski ,  Eric Jason Brandwine

IPC: H04L9/08 ,  H04L9/40

CPC classification number: H04L9/0858 ,  H04L63/0428 ,  H04L63/166 ,  H04L63/164

Abstract: A system and method for establishing and using quantum safe enclaves is described. In some embodiments, secure shared randomness is distributed between nodes, for example using quantum key distribution. The secured shared randomness is used to generate quantum safe network keys that enable quantum safe network links to be established between any of the nodes included in the quantum safe enclave. A network manager enforces policies that restrict communications between nodes of the quantum safe enclave to transmission via quantum safe network links. Such an arrangement protects communicated data from quantum enabled attacks that may compromise other forms of encryption.