公开(公告)号：US10313345B2

公开(公告)日：2019-06-04

申请号：US13794600

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  Eugene Michael Farrell ,  David Everard Brown ,  Stephen William Luszcz ,  Ajit Nagendra Padukone ,  Malcolm Russell Ah Kun

IPC: G06Q99/00 ,  H04L29/06 ,  H04L29/08 ,  G06F9/451

Abstract: Systems and methods are presented for accessing an application available from a data center of a program execution service. The metadata associated with a user computing device may be used to determine whether the user computing device is authorized to access the application through a virtual desktop instance. At least a portion of the application may be executed by the virtual desktop instance and provided to the user. Applications may be purchased, licensed, or rented by a user.

公开(公告)号：US09614873B1

公开(公告)日：2017-04-04

申请号：US14683460

申请日：2015-04-10

Applicant: Amazon Technologies, Inc.

Inventor： Marvin M. Theimer ,  Eric Jason Brandwine ,  Marc J. Brooker ,  David Everard Brown ,  Christopher Richard Jacques de Kadt

IPC: G06F15/173 ,  H04L29/06 ,  G06F9/445

CPC classification number: H04L63/20 ,  G06F9/44505

Abstract: Users intending to launch instances or otherwise access virtual resources in a multi-tenant environment can specify a launch configuration. For each type of instance or each type of user, at least one launch configuration is created that includes parameters and values to be used in instantiating an instance of that type, the values being optimized for the current environment and type of instance. Launch configurations can be optimized for different types of users, such as to account for security credentials and access levels. Such an approach enables users to launch instances by contacting the resource provider directly without need for a proxy, which can function as a choke point under heavy load. The use of an appropriate launch configuration can be enforced for any type of user at any level, such as at the sub-net level, by modifying a request that does not specify an appropriate launch configuration.

公开(公告)号：US20170078214A1

公开(公告)日：2017-03-16

申请号：US15344299

申请日：2016-11-04

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  David Everard Brown ,  Malcolm Russell Ah Kun ,  Eugene Michael Farrell

IPC: H04L12/911 ,  H04L29/08

CPC classification number: H04L47/70 ,  H04L67/10 ,  H04L67/1097 ,  H04L67/306 ,  H04L67/327

Abstract: Systems and methods are presented for enabling a user to provide rules for the placement of computing resources at a data center for an entity that employs or is associated with the user. The data center can use the placement rules to select a data center computer system to host computing resources for a user. The rules can be used to establish diversity in computing resource placement at the data center thereby reducing the number of users who lose access to computing resources when a specific data center computer suffers a failure. Further, the placement rules can be used to facilitate configuration of the computer resources for the user based, for example, on the user's employment responsibilities.

Abstract translation: 呈现系统和方法，以使用户能够为采用或与用户相关联的实体的数据中心提供计算资源的放置规则。 数据中心可以使用放置规则来选择数据中心计算机系统来托管用户的计算资源。 该规则可用于在数据中心上建立计算资源放置的多样性，从而减少在特定数据中心计算机出现故障时无法访问计算资源的用户数量。 此外，可以使用放置规则以便于例如基于用户的就业责任来为用户配置计算机资源。

公开(公告)号：US09443074B1

公开(公告)日：2016-09-13

申请号：US14099785

申请日：2013-12-06

Applicant: Amazon Technologies, Inc.

Inventor： Cornelle Christiaan Pretorius Janse Van Rensburg ,  Mark Joseph Cavage ,  Marc John Brooker ,  David Everard Brown ,  Abhinav Agrawal ,  Matthew S. Garman ,  Kevin Ross O'Neill ,  Eric Jason Brandwine ,  Christopher Richard Jacques de Kadt

IPC: H04L29/06 ,  G06F21/45

CPC classification number: G06F21/45 ,  H04L63/0823 ,  H04L63/20 ,  H04L67/1002

Abstract: Systems and methods for attesting to information about a computing resource involve electronically signed documents. For a computing resource, a document containing information about the resource is generated and electronically signed. The document may be provided to one or more entities as an attestation to at least some of the information contained in the document. Attestation to information in the document may be a prerequisite for performance of one or more actions that may be taken in connection with the computing resource.

公开(公告)号：US10469500B1

公开(公告)日：2019-11-05

申请号：US15470495

申请日：2017-03-27

Applicant: Amazon Technologies, Inc.

Inventor： Marvin M. Theimer ,  Eric Jason Brandwine ,  Marc J. Brooker ,  David Everard Brown ,  Christopher Richard Jacques de Kadt

IPC: G06F15/173 ,  H04L29/06 ,  G06F9/445 ,  G06F9/455

Abstract: Users intending to launch instances or otherwise access virtual resources in a multi-tenant environment can specify a launch configuration. For each type of instance or each type of user, at least one launch configuration is created that includes parameters and values to be used in instantiating an instance of that type, the values being optimized for the current environment and type of instance. Launch configurations can be optimized for different types of users, such as to account for security credentials and access levels. Such an approach enables users to launch instances by contacting the resource provider directly without need for a proxy, which can function as a choke point under heavy load. The use of an appropriate launch configuration can be enforced for any type of user at any level, such as at the sub-net level, by modifying a request that does not specify an appropriate launch configuration.

公开(公告)号：US10348582B1

公开(公告)日：2019-07-09

申请号：US14867634

申请日：2015-09-28

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  David Everard Brown ,  Eric Wayne Schultze ,  Roaan Hennie Vos

IPC: G06F9/46 ,  H04L12/26 ,  G06F9/455

Abstract: Data defining the actual time to availability for various configurations of instances of computing resources is collected. The collected data can be utilized to provide an estimate of the expected time to availability for a specific configuration of an instance of a computing resource in response to receiving a request to create a new instance of the computing resource.

公开(公告)号：US10205717B1

公开(公告)日：2019-02-12

申请号：US13854697

申请日：2013-04-01

Applicant: Amazon Technologies, Inc.

Inventor： Shon Kiran Shah ,  Ajit Nagendra Padukone ,  Deepak Suryanarayanan ,  Erik Jonathon Tellvik ,  David Everard Brown

IPC: H04L9/32 ,  H04L29/06 ,  G06F21/00

Abstract: Systems and methods are described for providing federated access to end-users of virtual machines. The method includes receiving a request from a user to access a resource outside of the user's original security domain. The user's existing security credentials are forwarded to an authentication entity, which determines if the user's credentials are authentic. If it is determined that the user's credentials are authentic, the user's target identity provider generates a security token that provides the virtual machine user with access to the resource, the resource residing in an external security domain. The user may log on to the virtual machine with access to the desired resource, subject to the privileges identified in the security token.

公开(公告)号：US20150356113A1

公开(公告)日：2015-12-10

申请号：US14830617

申请日：2015-08-19

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  Eugene Michael Farrell ,  Vivek Lakshmanan ,  David Everard Brown

IPC: G06F17/30 ,  H04L29/08

CPC classification number: G06F17/30174 ,  G06F11/3419 ,  G06F11/3442 ,  G06F11/3495 ,  G06F2201/81 ,  G06F2201/875 ,  H04L41/50 ,  H04L43/08 ,  H04L67/101 ,  H04L67/141

Abstract: Systems and methods are presented for storing and updating data. The metadata associated with a user computing device may be used to determine whether the user computing device is configured to maintain a synchronized copy of the file. Moreover, a user computing device may be authorized to modify a file through a virtual desktop instance on a PES. If a user computing device is authorized to synchronize the file, the file may be accessible locally without a network connection.

Abstract translation: 介绍了存储和更新数据的系统和方法。 与用户计算设备相关联的元数据可用于确定用户计算设备是否配置为维护文件的同步副本。 此外，可以授权用户计算设备通过PES上的虚拟桌面实例来修改文件。 如果用户计算设备被授权同步该文件，则该文件可以在本地无需网络连接即可访问。

公开(公告)号：US09148350B1

公开(公告)日：2015-09-29

申请号：US13794515

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  Eugene Michael Farrell ,  Vivek Lakshmanan ,  David Everard Brown

IPC: H04L12/24 ,  H04L12/26

CPC classification number: G06F17/30174 ,  G06F11/3419 ,  G06F11/3442 ,  G06F11/3495 ,  G06F2201/81 ,  G06F2201/875 ,  H04L41/50 ,  H04L43/08 ,  H04L67/101 ,  H04L67/141

Abstract: Systems and methods are presented for storing and updating data. The metadata associated with a user computing device may be used to determine whether the user computing device is configured to maintain a synchronized copy of the file. Moreover, a user computing device may be authorized to modify a file through a virtual desktop instance on a PES. If a user computing device is authorized to synchronize the file, the file may be accessible locally without a network connection.

Abstract translation: 介绍了存储和更新数据的系统和方法。 与用户计算设备相关联的元数据可用于确定用户计算设备是否配置为维护文件的同步副本。 此外，可以授权用户计算设备通过PES上的虚拟桌面实例来修改文件。 如果用户计算设备被授权同步该文件，则该文件可以在本地无需网络连接即可访问。

公开(公告)号：US09009323B1

公开(公告)日：2015-04-14

申请号：US13967146

申请日：2013-08-14

Applicant: Amazon Technologies, Inc.

Inventor： Marvin M. Theimer ,  Eric Jason Brandwine ,  Marc J. Brooker ,  David Everard Brown ,  Christopher Richard Jacques de Kadt

IPC: G06F15/173 ,  H04L29/06

CPC classification number: H04L63/20 ,  G06F9/44505

Abstract: Users intending to launch instances or otherwise access virtual resources in a multi-tenant environment can specify a launch configuration. For each type of instance or each type of user, at least one launch configuration is created that includes parameters and values to be used in instantiating an instance of that type, the values being optimized for the current environment and type of instance. Launch configurations can be optimized for different types of users, such as to account for security credentials and access levels. Such an approach enables users to launch instances by contacting the resource provider directly without need for a proxy, which can function as a choke point under heavy load. The use of an appropriate launch configuration can be enforced for any type of user at any level, such as at the sub-net level, by modifying a request that does not specify an appropriate launch configuration.

Abstract translation: 有意在多租户环境中启动实例或以其他方式访问虚拟资源的用户可以指定启动配置。 对于每种类型的实例或每种类型的用户，至少创建一个启动配置，其中包括要在实例化该类型的实例时使用的参数和值，为当前环境和实例类型进行优化的值。 可以针对不同类型的用户优化启动配置，例如考虑安全凭证和访问级别。 这种方法使用户能够通过直接联系资源提供者来启动实例，而不需要代理服务器，该代理可以在负载较重的情况下作为阻塞点。 可以通过修改不指定适当的启动配置的请求来为任何级别的任何类型的用户（例如，在子网级别）强制执行适当的启动配置。