公开(公告)号：US20200012441A1

公开(公告)日：2020-01-09

申请号：US16575258

申请日：2019-09-18

Applicant: Amazon Technologies, Inc.

Inventor： Mahendra Manshi Chheda ,  Srikanth Mandadi ,  Alazel Acheson ,  Christopher Ryan Baker ,  Matthew William Berry, JR.

IPC: G06F3/06

Abstract: Scaling events may be detected for hosting hierarchical data structures. Scaling events may be detected to modify the capacity of a data store for hierarchical data structures to handle changing write workloads, read workloads, or storage capacity. Hierarchical data structures may be moved from one group of storage hosts to another group of storage hosts according to a filtered snapshot that includes the hierarchical data structures to be moved that is provided to the destination storage hosts. Changes made to the hierarchical data structures made at the source storage hosts during the move can be applied to the filtered snapshot so that the hierarchical data structures may be made available at the destination storage hosts inclusive of the changes.

公开(公告)号：US11157517B2

公开(公告)日：2021-10-26

申请号：US15132098

申请日：2016-04-18

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Matthew Berry ,  Slavka Praus ,  Chris Baker ,  Marvin Michael Theimer ,  Anders Samuelsson ,  Khaled Salah Sedky

IPC: G06F16/27 ,  G06F16/28 ,  G06F16/23 ,  G06F16/18 ,  G06F16/901

Abstract: A distributed data store may maintain versioned hierarchical data structures. Different versions of a hierarchical data structure may be maintained consistent with a transaction log for the hierarchical data structure. When access requests directed to the hierarchical data structure are received, a version of the hierarchical data structure may be identified for processing an access request. For access requests with snapshot isolation, the identified version alone may be sufficient to consistently process the access request. For access requests with higher isolation requirements, such as serializable isolation, transactions based on the access request may be submitted to the transaction log so that access requests resulting in committed transactions may be allowed, whereas access requests resulting in conflicting transactions may be denied.

公开(公告)号：US11080332B1

公开(公告)日：2021-08-03

申请号：US15820227

申请日：2017-11-21

Applicant: Amazon Technologies, Inc.

Inventor： Alazel Acheson ,  Mahendra Manshi Chheda ,  Srikanth Mandadi ,  Hyun Sik Kim

IPC: G06F16/901 ,  G06F16/23 ,  G06F16/903

Abstract: A processing device generates an index node for an attribute in a graph database, wherein the index node is linked to a second node by a first edge having a first edge type. The processing device determines a first plurality of additional nodes that have the attribute. For each node of the first plurality of additional nodes, the processing device generates an edge linking the node to the index node, wherein the edge comprises a second edge type.

公开(公告)号：US20200334374A1

公开(公告)日：2020-10-22

申请号：US16919305

申请日：2020-07-02

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Mahendra Manshi Chheda ,  Alazel Acheson ,  Daniel Stephen Popick ,  James Robert Englert

IPC: G06F21/62 ,  G06F16/22 ,  G06F16/23

Abstract: A schema for a hierarchical data structure may include application specific extensions to the schema applied to a hierarchical data structure. Class may be added to the schema by individual applications granted access to a hierarchical data structure. When an access request for an object of the hierarchical data structure is received, the class may be identified in the schema and applied to process the access request to the object. Different classes may be added by different applications without disrupting the utilization of the schema for accessing the hierarchical data structure of other applications.

公开(公告)号：US20200329041A1

公开(公告)日：2020-10-15

申请号：US16912490

申请日：2020-06-25

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Khaled Salah Sedky ,  Slavka Praus ,  Marc R. Barbour

IPC: H04L29/06 ,  H04L9/32

Abstract: A request is obtained for accessing a resource in a different region from a region indicated by a session token included with the request. The session token is re-encrypted using secret information of the second region. The request to access the resource in the different region can be fulfilled using the re-encrypted session token.

公开(公告)号：US10701071B2

公开(公告)日：2020-06-30

申请号：US15890978

申请日：2018-02-07

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Khaled Salah Sedky ,  Slavka Praus ,  Marc R. Barbour

IPC: H04L29/06 ,  H04L9/32

Abstract: A request is received by a user in a second region. The request, which is digitally signed with credential associated with the user in the second region causes the generation of a session credential that includes a session key. The user in the second region can use the session credentials to access the resources in the first region.

公开(公告)号：US10671639B1

公开(公告)日：2020-06-02

申请号：US15475031

申请日：2017-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Alazel Acheson ,  Christopher Ryan Baker ,  Mahendra Manshi Chheda ,  James Robert Englert ,  Meng Li ,  Srikanth Mandadi ,  Slavka Praus ,  Colin Watson

IPC: G06F16/18 ,  G06F16/27 ,  G06F16/22 ,  G06F16/23

Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.

公开(公告)号：US10423342B1

公开(公告)日：2019-09-24

申请号：US15475034

申请日：2017-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Mahendra Manshi Chheda ,  Srikanth Mandadi ,  Alazel Acheson ,  Christopher Ryan Baker ,  Matthew William Berry, Jr.

IPC: G06F3/06

Abstract: Scaling events may be detected for hosting hierarchical data structures. Scaling events may be detected to modify the capacity of a data store for hierarchical data structures to handle changing write workloads, read workloads, or storage capacity. Hierarchical data structures may be moved from one group of storage hosts to another group of storage hosts according to a filtered snapshot that includes the hierarchical data structures to be moved that is provided to the destination storage hosts. Changes made to the hierarchical data structures made at the source storage hosts during the move can be applied to the filtered snapshot so that the hierarchical data structures may be made available at the destination storage hosts inclusive of the changes.

公开(公告)号：US20180183793A1

公开(公告)日：2018-06-28

申请号：US15890978

申请日：2018-02-07

Applicant: Amazon Technologies, Inc.

Inventor： Srikanth Mandadi ,  Khaled Salah Sedky ,  Slavka Praus ,  Marc R. Barbour

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/0876 ,  H04L9/3247 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/0807 ,  H04L63/20

Abstract: A request is received by a user in a second region. The request, which is digitally signed with credential associated with the user in the second region causes the generation of a session credential that includes a session key. The user in the second region can use the session credentials to access the resources in the first region.

公开(公告)号：US09900160B1

公开(公告)日：2018-02-20

申请号：US14958872

申请日：2015-12-03

Applicant: Amazon Technologies, Inc.

Inventor： Marc R. Barbour ,  Khaled Salah Sedky ,  Srikanth Mandadi ,  Slavka Praus

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

CPC classification number: H04L9/3247 ,  H04L9/0861 ,  H04L63/0442 ,  H04L63/045 ,  H04L63/062 ,  H04L63/068 ,  H04L63/126

Abstract: Techniques for using short-term credentials using asymmetric session keys are described herein. A request for a short-term credential is received that is digitally signed with a different credential. In response to the request, short-term credential data is generated and populated with a public session key corresponding to a private session key. The short-term credential data is then encrypted with a session encryption key to produce the short-term credential token, which can then be used by the requester as a short-term credential for subsequent requests.