公开(公告)号：US11010361B1

公开(公告)日：2021-05-18

申请号：US15475007

申请日：2017-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Mahendra Manshi Chheda ,  James Robert Englert ,  Christopher Ryan Baker ,  Alazel Acheson ,  Srikanth Mandadi

IPC: G06F16/22 ,  G06F9/448 ,  G06F16/21 ,  G06F16/28

Abstract: Code may be associated with one or more objects in a hierarchical data structure for execution. An access request for an object in the hierarchical data structure may be received. A schema applicable to the hierarchical data structure may be accessed and evaluated to identify code associated with the object. The code may be executed and servicing of the access request may be performed based, at least in part, on a result of executing the code. Code may be received and stored for inclusion in the schema, in some embodiments. Code may be executed by requesting execution of code that is stored and executed at a remote execution platform, in some embodiments.

公开(公告)号：US10680827B2

公开(公告)日：2020-06-09

申请号：US15875995

申请日：2018-01-19

Applicant: Amazon Technologies, Inc.

Inventor： Marc R. Barbour ,  Khaled Salah Sedky ,  Srikanth Mandadi ,  Slavka Praus

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

Abstract: Techniques for using short-term credentials using asymmetric session keys are described herein. A request for a short-term credential is received that is digitally signed with a different credential. In response to the request, short-term credential data is generated and populated with a public session key corresponding to a private session key. The short-term credential data is then encrypted with a session encryption key to produce the short-term credential token, which can then be used by the requester as a short-term credential for subsequent requests.

公开(公告)号：US10678528B1

公开(公告)日：2020-06-09

申请号：US15819170

申请日：2017-11-21

Applicant: Amazon Technologies, Inc.

Inventor： Alazel Acheson ,  Mahendra Manshi Chheda ,  Srikanth Mandadi

IPC: G06F8/65 ,  G06F11/36 ,  G06F16/21

Abstract: A system such as a service of a computing resource service provider, a directory service, a directory server, or any suitable system includes executable code that, if executed by one or more processors, causes the system to perform a first stage of a multi-stage deployment of a first directory schema by at least providing a second directory schema to a first computer system, wherein the first computer system is associated with a directory configured according to the first directory schema and causing the first computer system to reconfigure the directory according to the second directory schema The system may also determine, based on a result of reconfiguring the directory, whether to proceed to a second stage of the multi-stage deployment of the first directory schema. The system may be utilized as part of a directory schema update process wherein a multi-stage deployment pipeline is utilized.

公开(公告)号：US10182044B1

公开(公告)日：2019-01-15

申请号：US14958892

申请日：2015-12-03

Applicant: Amazon Technologies, Inc.

Inventor： Slavka Praus ,  Khaled Salah Sedky ,  Srikanth Mandadi ,  Marc R. Barbour

IPC: H04L29/06 ,  H04L9/08 ,  H04L9/32 ,  G06F21/33

Abstract: Techniques for personalizing short-term session credentials are described herein. A global session key is provided to a plurality of regions of a computing resource service provider and an account key is also provided to one or more of the plurality of regions based at least in part on those regions being trusted by a customer of the computing resource service provider. When a request for short-term session credentials is received at the trusted region by that customer, a session token is generated and encrypted with a combination of the global session key and the account key, thereby creating a session token that can be uniquely associated with the customer and that may only be used in regions that that customer has designated as trusted regions.

公开(公告)号：US20170300552A1

公开(公告)日：2017-10-19

申请号：US15132098

申请日：2016-04-18

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Matthew Berry ,  Slavka Praus ,  Chris Baker ,  Marvin Michael Theimer ,  Anders Samuelsson ,  Khaled Salah Sedky

IPC: G06F17/30

CPC classification number: G06F16/273 ,  G06F16/1873 ,  G06F16/2365 ,  G06F16/282 ,  G06F16/9024

Abstract: A distributed data store may maintain versioned hierarchical data structures. Different versions of a hierarchical data structure may be maintained consistent with a transaction log for the hierarchical data structure. When access requests directed to the hierarchical data structure are received, a version of the hierarchical data structure may be identified for processing an access request. For access requests with snapshot isolation, the identified version alone may be sufficient to consistently process the access request. For access requests with higher isolation requirements, such as serializable isolation, transactions based on the access request may be submitted to the transaction log so that access requests resulting in committed transactions may be allowed, whereas access requests resulting in conflicting transactions may be denied.

公开(公告)号：US11860895B2

公开(公告)日：2024-01-02

申请号：US17723369

申请日：2022-04-18

Applicant: Amazon Technologies, Inc.

Inventor： Alazel Acheson ,  Christopher Ryan Baker ,  Mahendra Manshi Chheda ,  James Robert Englert ,  Meng Li ,  Srikanth Mandadi ,  Slavka Praus ,  Colin Watson

IPC: G06F16/27 ,  G06F16/22 ,  G06F16/23

CPC classification number: G06F16/273 ,  G06F16/2246 ,  G06F16/2379

Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.

公开(公告)号：US11657088B1

公开(公告)日：2023-05-23

申请号：US15807364

申请日：2017-11-08

Applicant: Amazon Technologies, Inc.

Inventor： Alazel Acheson ,  Mahendra Manshi Chheda ,  Hyun Sik Kim ,  Srikanth Mandadi

IPC: G06F16/00 ,  G06F16/901 ,  G06F16/23 ,  G06F16/903

CPC classification number: G06F16/9024 ,  G06F16/2379 ,  G06F16/90335

Abstract: Users of a graph data store can access an index object for a graph structure in order to obtain information from objects in the graph data structured index by the index object. A query can be received that is directed to an index object. Links to a subset of data objects in the data store included in the index object can be used to access the subset of data objects to perform the query. In some embodiments, data objects can be manually added or removed from the links included in the index object.

公开(公告)号：US11574070B2

公开(公告)日：2023-02-07

申请号：US16919305

申请日：2020-07-02

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Mahendra Manshi Chheda ,  Alazel Acheson ,  Daniel Stephen Popick ,  James Robert Englert

IPC: G06F21/62 ,  G06F16/22 ,  G06F16/23 ,  H04L67/1097

Abstract: A schema for a hierarchical data structure may include application specific extensions to the schema applied to a hierarchical data structure. Class may be added to the schema by individual applications granted access to a hierarchical data structure. When an access request for an object of the hierarchical data structure is received, the class may be identified in the schema and applied to process the access request to the object. Different classes may be added by different applications without disrupting the utilization of the schema for accessing the hierarchical data structure of other applications.

公开(公告)号：US20220245171A1

公开(公告)日：2022-08-04

申请号：US17723369

申请日：2022-04-18

Applicant: Amazon Technologies, Inc.

Inventor： Alazel Acheson ,  Christopher Ryan Baker ,  Mahendra Manshi Chheda ,  James Robert Englert ,  Meng Li ,  Srikanth Mandadi ,  Slavka Praus ,  Colin Watson

IPC: G06F16/27 ,  G06F16/22 ,  G06F16/23

Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.

公开(公告)号：US10706166B1

公开(公告)日：2020-07-07

申请号：US15475020

申请日：2017-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Mahendra Manshi Chheda ,  Alazel Acheson ,  Daniel Stephen Popick ,  James Robert Englert

IPC: G06F7/04 ,  G06F21/62 ,  G06F16/22 ,  G06F16/23 ,  H04L29/08

Abstract: A schema for a hierarchical data structure may include application specific extensions to the schema applied to a hierarchical data structure. Class may be added to the schema by individual applications granted access to a hierarchical data structure. When an access request for an object of the hierarchical data structure is received, the class may be identified in the schema and applied to process the access request to the object. Different classes may be added by different applications without disrupting the utilization of the schema for accessing the hierarchical data structure of other applications.