公开(公告)号：US10511633B2

公开(公告)日：2019-12-17

申请号：US15619979

申请日：2017-06-12

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: H04L29/06 ,  H04L9/08 ,  G06F21/64 ,  H04L9/32

Abstract: Custom policies are definable for use in a system that enforces policies. A user, for example, may author a policy using a policy language and transmit the system through an application programming interface call. The custom policies may specify conditions for computing environment attestations that are provided with requests to the system. When a custom policy applies to a request, the system may determine whether information in the attestation is sufficient for the request to be fulfilled.

公开(公告)号：US10469500B1

公开(公告)日：2019-11-05

申请号：US15470495

申请日：2017-03-27

Applicant: Amazon Technologies, Inc.

Inventor： Marvin M. Theimer ,  Eric Jason Brandwine ,  Marc J. Brooker ,  David Everard Brown ,  Christopher Richard Jacques de Kadt

IPC: G06F15/173 ,  H04L29/06 ,  G06F9/445 ,  G06F9/455

Abstract: Users intending to launch instances or otherwise access virtual resources in a multi-tenant environment can specify a launch configuration. For each type of instance or each type of user, at least one launch configuration is created that includes parameters and values to be used in instantiating an instance of that type, the values being optimized for the current environment and type of instance. Launch configurations can be optimized for different types of users, such as to account for security credentials and access levels. Such an approach enables users to launch instances by contacting the resource provider directly without need for a proxy, which can function as a choke point under heavy load. The use of an appropriate launch configuration can be enforced for any type of user at any level, such as at the sub-net level, by modifying a request that does not specify an appropriate launch configuration.

公开(公告)号：US20190318105A1

公开(公告)日：2019-10-17

申请号：US16450646

申请日：2019-06-24

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: G06F21/60

Abstract: Logical data containers of a data storage system are associated with policies that require data transformation of data to be stored in the logical data containers. When a data object is received to be stored in a logical data container, the data object is transformed in accordance with a policy on the logical data container. Transformation of the data object may include encryption. The logical data container may also be associated with a cryptographic key used to perform a required transformation.

公开(公告)号：US10412191B1

公开(公告)日：2019-09-10

申请号：US15085787

申请日：2016-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine ,  Gregory Alan Rubin ,  Matthew John Campagna ,  Matthew Shawn Wilson

IPC: G06F9/455 ,  H04L29/08 ,  G06F21/57

Abstract: A trusted co-processor can provide a hardware-based observation point into the operation of a host machine owned by a resource provider or other such entity. The co-processor can be installed via a peripheral card on a fast bus, such as a PCI bus, on the host machine. The provider can provide the customer with expected information that the customer can verify through a request to an application programming interface (API) of the card, and after the customer verifies the information the customer can take logical ownership of the card and lock out the provider. The card can then function as a trusted but limited environment that is programmable by the customer. The customer can subsequently submit verification requests to the API to ensure that the host has not been unexpectedly modified or is otherwise operating as expected.

公开(公告)号：US10409985B2

公开(公告)日：2019-09-10

申请号：US15436573

申请日：2017-02-17

Applicant: Amazon Technologies, Inc.

Inventor： Nachiketh Rao Potlapally ,  Michael David Marr ,  Eric Jason Brandwine ,  Donald Lee Bailey

IPC: H04L29/00 ,  G06F21/55 ,  G06F21/64 ,  G06F21/57 ,  G06F21/60 ,  H04L9/08 ,  H04L9/30

Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.

公开(公告)号：US20190273757A1

公开(公告)日：2019-09-05

申请号：US16414398

申请日：2019-05-16

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine

IPC: H04L29/06

Abstract: An automated scanning service can be configured to dynamically determine potential firewall misconfigurations in a shared resource environment. The scanning service can interrogate one or more application programming interfaces (APIs) to determine the state of the relevant firewall ports. For each firewall port in a permitted state, a test or trace can be run to determine whether the corresponding host port is open. Similarly, information can be obtained indicating which host ports for the allocation are open, and a determination can be made as to whether the corresponding firewall ports are permitted. Once the determinations are made, any mismatch in port state can be reported as a potential misconfiguration.

公开(公告)号：US10402252B1

公开(公告)日：2019-09-03

申请号：US15085963

申请日：2016-03-30

Applicant: Amazon Technologies, Inc.

Inventor： Adi Habusha ,  Eric Jason Brandwine

IPC: G06F11/00 ,  G06F11/07 ,  G06F11/30 ,  G06F11/22

Abstract: A peripheral device may implement alternative reporting of errors and other events detected at the peripheral device. A peripheral device may monitor the operations of the peripheral device for reporting events. Upon detecting a reporting event, a notification of the reporting event may be generated and sent to a remote data store. The remote data store may store the reporting event and evaluate the reporting event for a responsive action that may be performed. If a responsive action is determined, then the remote data store may direct the performance of the responsive action. The remote data store may provide access to stored reporting events for a peripheral device.

公开(公告)号：US10389709B2

公开(公告)日：2019-08-20

申请号：US14188630

申请日：2014-02-24

Applicant: Amazon Technologies, Inc.

Inventor： Nachiketh Rao Potlapally ,  Andrew Jeffrey Doane ,  Eric Jason Brandwine ,  Robert Eric Fitzgerald

IPC: H04L29/06 ,  H04L9/32 ,  G06F21/57 ,  G06F21/62

Abstract: Methods and apparatus for securing client-specified credentials at cryptographically-attested resources are described. An indication is obtained that resources deployed for execution of a compute instance of a multi-tenant computing service at an instance host of a provider network meet a client's security criteria. An encrypted representation of credentials to be used at the compute instance to implement operations on behalf of a client is received at the instance host. The credentials are extracted from the encrypted representation using a private key unique to the instance host, used for the operations, and then removed from the instance host without being saved in persistent memory.

公开(公告)号：US10382195B2

公开(公告)日：2019-08-13

申请号：US15603317

申请日：2017-05-23

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine ,  David R. Richardson ,  Matthew Shawn Wilson ,  Ian Paul Nowland ,  Anthony Nicholas Liguori ,  Brian William Barrett

IPC: H04L9/32 ,  H04L9/08

Abstract: Generally described, physical computing devices in a virtual network can be configured to host a number of virtual machine instances. The physical computing devices can be operably coupled with offload devices. In accordance with an aspect of the present disclosure, a security component can be incorporated into an offload device. The security component can be a physical device including a microprocessor and storage. The security component can include a set of instructions configured to validate an operational configuration of the offload device or the physical computing device to establish that they are configured in accordance with a secure or trusted configuration. In one example, a first security component on the offload device can validate the operational computing environment on the offload device and a second security component on the physical computing device can validate the operational computing environment on the physical computing device.

公开(公告)号：US10326597B1

公开(公告)日：2019-06-18

申请号：US14318457

申请日：2014-06-27

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: H04L9/32

Abstract: A system that provides responses to requests obtains a key that is used to digitally sign the request. The key is derived from information that is shared with a requestor to which the response is sent. The requestor derives, using the shared information, derives a key usable to verify the digital signature of the response, thereby enabling the requestor to operate in accordance with whether the digital signature of the response matches the response.