公开(公告)号：US11310116B2

公开(公告)日：2022-04-19

申请号：US16512170

申请日：2019-07-15

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Sameer Palande

IPC: G06F15/173 ,  H04L41/14 ,  H04L43/08 ,  H04L47/70 ,  G06Q10/00 ,  H04L41/0816 ,  H04L41/08 ,  H04L41/0893 ,  H04L43/0876

Abstract: Features are disclosed for facilitating remote management of network directories of organizations by a directory management system. The network directories may change over time, experiencing growth in size and number of current connections, increased latency, reduced performance, and the like. The network directories may also shrink over time, experience fewer connections, etc. Organizations can define scaling policies by which the directory management system can automatically respond to the occurrence of various events, such as changes in the size or usage of the organizations' network directories, by scaling resources associated with the directories. The directory management system can perform various scaling actions on-demand or without requiring additional action by the organizations, thereby reducing the time and effort required by the organizations to monitor their own directories and implement (or request implementation of) changes.

公开(公告)号：US11134067B1

公开(公告)日：2021-09-28

申请号：US15457273

申请日：2017-03-13

Applicant: Amazon Technologies, Inc.

Inventor： Lawrence Hun-Gi Aung ,  Gaurang Pankaj Mehta ,  Krithi Rai ,  Chirag Pravin Pandya ,  Shuo Wang

IPC: H04L29/06

Abstract: A centralized policy management may allow for one set of credentials to various applications and services offered by a computing resource service provider or other third-party servers. Systems, methods, and computer readable medium can be configured to receive a request to access a first computing system service provided by the computing resource service provider, generate an encrypted data bundle including at least a user identifier and a data type, and transmit the encrypted data bundle to a recipient, wherein the encrypted data bundle is configured to be returned to the one or more computing devices to facilitate access to the first computing system service provided by the computing resource service provider.

公开(公告)号：US10705690B1

公开(公告)日：2020-07-07

申请号：US14644064

申请日：2015-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Varun Verma

IPC: H04L12/18 ,  G06F3/0484

Abstract: A virtual desktop service may receive a request from a user to provision a virtual desktop and establish a secure communications connection between the virtual desktop service, a user client device, and additional client devices via a proxy server in order to stream same feed or virtual screens from the virtual desktop to multiple client devices. The virtual desktop service may provide for natively sharing or multiplexing an entire data stream from a virtual desktop to multiple client devices or natively sharing or multiplexing portions of a data stream from a virtual desktop to render each portion on a different client device.

公开(公告)号：US10652235B1

公开(公告)日：2020-05-12

申请号：US16291511

申请日：2019-03-04

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung

IPC: H04L29/06 ,  H04L9/32 ,  H04L29/08 ,  G06Q10/00

Abstract: A centralized policy management may allow for one set of credentials to various applications and services offered by a computing resource service provider or other third-party servers. An entity responsible for the administration of a directory made available through a managed directory service may specify one or more policies for users and/or groups of users that utilize the directory. For example, the managed directory service may include a policy management subsystem that manages a set of policies for users and/or groups of users that controls a level of access to applications and services. Administrators can assign one or more policies to a user or a group of users and users can select one or more policies provided to the user by the administrator when attempting to access an application or service.

公开(公告)号：US10257184B1

公开(公告)日：2019-04-09

申请号：US14500432

申请日：2014-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung

IPC: H04L29/06 ,  H04L9/32 ,  H04L29/08 ,  G06Q10/00

Abstract: A centralized policy management may allow for one set of credentials to various applications and services offered by a computing resource service provider or other third-party servers. An entity responsible for the administration of a directory made available through a managed directory service may specify one or more policies for users and/or groups of users that utilize the directory. For example, the managed directory service may include a policy management subsystem that manages a set of policies for users and/or groups of users that controls a level of access to applications and services. Administrators can assign one or more policies to a user or a group of users and users can select one or more policies provided to the user by the administrator when attempting to access an application or service.

公开(公告)号：US20180198829A1

公开(公告)日：2018-07-12

申请号：US15911493

申请日：2018-03-05

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Krithi Rai ,  Guruprakash Bangalore Rao

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/60 ,  G06F21/44 ,  H04L29/12

CPC classification number: H04L63/205 ,  G06F21/44 ,  G06F21/604 ,  G06F21/62 ,  G06F21/6209 ,  G06F21/6218 ,  H04L61/1505 ,  H04L63/10 ,  H04L63/20

Abstract: Features are disclosed for facilitating management of network directories of multiple organizations by a directory management system. Various applications can access the directories of the organizations via the directory management system according to the permissions that the applications have been granted by the respective organizations. Organizations may maintain directories on-premises or off-premises, and the applications can access the directories via the directory management system regardless of the physical location of the directories. Additionally, the applications may be hosted by a computing service provider that also hosts or otherwise manages the directory management service, or the applications can be hosted by third-party servers separate from the directory management system and the organizations.

公开(公告)号：US09942224B2

公开(公告)日：2018-04-10

申请号：US15456158

申请日：2017-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung ,  Guruprakash Bangalore Rao ,  Shuo Wang ,  Sameer Palande ,  Krithi Rai ,  Chirag Pravin Pandya

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/0853 ,  G06F17/30386 ,  G06F21/6218 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0807 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/102 ,  H04L63/105

Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.

公开(公告)号：US20170302643A1

公开(公告)日：2017-10-19

申请号：US15583715

申请日：2017-05-01

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung ,  Chirag Pravin Pandya

IPC: H04L29/06 ,  H04L29/08 ,  G06F21/31 ,  H04L29/12

Abstract: A global endpoint may be associated with an organization name and a plurality of directories located in different geographic regions. The global endpoint may be a computing system that hosts a page used by users to access an application or service. A user may be able to access the application or service using already existing credentials. For example, the user may access the application or service using credentials stored and maintained by an entity with which the user is affiliated. Users having credentials stored in different geographic regions may be able to access the application or service via the same global endpoint.

公开(公告)号：US09736159B2

公开(公告)日：2017-08-15

申请号：US14098298

申请日：2013-12-05

Applicant: Amazon Technologies, Inc.

Inventor： Shon Kiran Shah ,  Guruprakash Bangalore Rao ,  Thomas Christopher Rizzo ,  Gaurang Pankaj Mehta

IPC: H04L29/06

CPC classification number: H04L63/10 ,  G06F2221/2113 ,  H04L63/08 ,  H04L67/025

Abstract: A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service.

公开(公告)号：US09641503B2

公开(公告)日：2017-05-02

申请号：US14506342

申请日：2014-10-03

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung ,  Chirag Pravin Pandya

IPC: H04L9/32 ,  H04L29/06 ,  H04L29/12 ,  H04L29/08 ,  G06F21/31

CPC classification number: H04L63/08 ,  G06F21/31 ,  H04L61/15 ,  H04L61/1511 ,  H04L61/1523 ,  H04L61/1552 ,  H04L61/1576 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/107 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1021 ,  H04L67/16 ,  H04L67/18

Abstract: A global endpoint may be associated with an organization name and a plurality of directories located in different geographic regions. The global endpoint may be a computing system that hosts a page used by users to access an application or service. A user may be able to access the application or service using already existing credentials. For example, the user may access the application or service using credentials stored and maintained by an entity with which the user is affiliated. Users having credentials stored in different geographic regions may be able to access the application or service via the same global endpoint.