-
公开(公告)号:US10146935B1
公开(公告)日:2018-12-04
申请号:US15190045
申请日:2016-06-22
Applicant: Amazon Technologies, Inc.
Inventor: Rahul Gautam Patel , William John Earl , Nachiketh Rao Potlapally
Abstract: Techniques are described for injecting noise in a timer value provided to an instruction requesting the timer value. A plurality of tasks may execute on a processor, wherein the processor may comprise one or more processing cores and each task may include a plurality of computer executable instructions. In accordance with one technique for injecting noise in the timer value, a request for a first timer value is received by one or more computer executable instructions belonging to a first task from the plurality of tasks, and in response, a second timer value is provided to the first task instead of the first timer value, wherein the second timer value is derived from the first timer value and a random number.
-
公开(公告)号:US10104008B1
公开(公告)日:2018-10-16
申请号:US15345341
申请日:2016-11-07
Applicant: Amazon Technologies, Inc.
Inventor: Rahul Gautam Patel , William John Earl , Nachiketh Rao Potlapally
IPC: G06F9/455 , H04L12/911 , G06F9/50 , H04L12/801
Abstract: Techniques are described for accumulating unused computing resources. The techniques may involve associating, with a task, a baseline amount of a computing resource for each time interval of a predetermined number of time intervals, and monitoring a consumption of the computing resource by the task in each time interval. Resource credits can be accumulated based on an unused amount of the computing resource during at least some of the time intervals. When a workload of the task consumes more than the baseline amount of the computing resource, the accumulated resource credits can be applied to allocate an additional amount of the computing resource to the task. A proportionate additional amount of a memory resource can also be allocated to the task.
-
公开(公告)号:US09930051B1
公开(公告)日:2018-03-27
申请号:US14935314
申请日:2015-11-06
Applicant: Amazon Technologies, Inc.
Inventor: Nachiketh Rao Potlapally , Jason Alexander Harland , Derek Del Miller , Christopher James BeSerra
CPC classification number: H04L63/126 , G06F13/4282 , H04L9/3242 , H04L2209/24
Abstract: In a cloud environment, each host computer can have its own security service processor with an independent network interface for communicating with a remote server over a network. The security service processor can provide remote management and security functionalities for various devices connected using different buses on a platform in each host computer. The security service processor can provide a centralized mechanism to verify and authenticate firmware updates for various devices using different buses. A hardware interface can allow the security service processor to provide remote debugging and diagnostic capabilities. The security service processor can also provide some of the typical functionalities of a baseboard management controller or can be used in addition to the baseboard management controller.
-
公开(公告)号:US09898601B2
公开(公告)日:2018-02-20
申请号:US15643408
申请日:2017-07-06
Applicant: Amazon Technologies, Inc.
CPC classification number: G06F21/55 , G06F9/45533 , G06F9/468 , G06F9/5077 , G06F21/53
Abstract: Techniques are described for allocating resources to a task from a shared hardware structure. A plurality of tasks may execute on a processor, wherein the processor may include one or more processing cores and each task may include a plurality of computer executable instructions. In accordance with one technique for allocating resources to a task from a shared hardware structure amongst multiple tasks, aspects of the disclosure describe assigning a first identifier to a first task from the plurality of tasks, associating a portion of the shared hardware resource with the first identifier, and restricting access and/or observability for computer executable instructions executed from any other task than the first task to the portion of the hardware resource associated with the first identifier.
-
公开(公告)号:US09893885B1
公开(公告)日:2018-02-13
申请号:US14658136
申请日:2015-03-13
Applicant: Amazon Technologies, Inc.
Inventor: Derek Del Miller , Nachiketh Rao Potlapally
CPC classification number: H04L9/3066 , H04L9/0825 , H04L9/0891 , H04L9/0897 , H04L9/302
Abstract: A computing device has a processor and a persistent memory, e.g., a fuse-based memory, storing two or more reduced sets of information. The processor is configured to derive a first cryptographic key using a first reduced set of information, e.g., prime numbers, and to use the first cryptographic key for performing cryptographic operations. The processor is also configured to detect a trigger event and, in response to the detected trigger event, derive a second cryptographic key using a second reduced set of information. The processor can then use the second cryptographic key for performing cryptographic operations.
-
Patent Agency Ranking
公开(公告)号:US09754103B1
公开(公告)日:2017-09-05
申请号:US14509980
申请日:2014-10-08
Applicant: Amazon Technologies, Inc.
Inventor: Rahul Gautam Patel , William John Earl , Nachiketh Rao Potlapally
IPC: G06F21/52
CPC classification number: G06F21/52
Abstract: Techniques are described for injecting noise in a timer value provided to an instruction requesting the timer value. A plurality of tasks may execute on a processor, wherein the processor may comprise one or more processing cores and each task may include a plurality of computer executable instructions. In accordance with one technique for injecting noise in the timer value, in response to a request for a timer value, an artificial and indeterminate amount of delay may be introduced before accessing of the timer value from the hardware timer. In one implementation, access to the hardware timer for the timer value may be gated by one or more artificially injected micro-architectural events.
-
公开(公告)号:US20170235946A1
公开(公告)日:2017-08-17
申请号:US15436573
申请日:2017-02-17
Applicant: Amazon Technologies, Inc.
Inventor: Nachiketh Rao Potlapally , Michael David Marr , Eric Jason Brandwine , Donald Lee Bailey, JR.
CPC classification number: G06F21/55 , G06F21/57 , G06F21/602 , G06F21/64 , H04L9/0861 , H04L9/30
Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.
-
68.发明授权公开(公告)号:US09578034B2
公开(公告)日:2017-02-21
申请号:US15009633
申请日:2016-01-28
Applicant: Amazon Technologies, Inc.
Inventor: Nachiketh Rao Potlapally , Michael David Marr
Abstract: A trusted peripheral device can be utilized with an electronic resource, such as a host machine, in order to enable the secured performance of security and remote management in the electronic environment, where various users might be provisioned on, or otherwise have access to, the electronic resource. The peripheral can have a secure channel for communicating with a centralized management system or service, whereby the management service can remotely connect to this trusted peripheral, using a secure and authenticated network connection, in order to run the above-described functionality on the host to which the peripheral is attached.
Abstract translation: 可信赖的外围设备可以与电子资源(例如主机)一起使用,以便能够在电子环境中实现安全性和远程管理的安全性能,其中各种用户可以在其中被设置或以其他方式访问 电子资源 外围设备可以具有用于与集中式管理系统或服务通信的安全信道,由此管理服务可以使用安全且经过认证的网络连接来远程连接到该信任的外围设备,以便在主机上运行上述功能 外围设备连接。
-
公开(公告)号:US09576155B2
公开(公告)日:2017-02-21
申请号:US14868006
申请日:2015-09-28
Applicant: Amazon Technologies, Inc.
Inventor: Nachiketh Rao Potlapally , Michael David Marr , Eric Jason Brandwine , Donald Lee Bailey, Jr.
CPC classification number: G06F21/55 , G06F21/57 , G06F21/602 , G06F21/64 , H04L9/0861 , H04L9/30
Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.
Abstract translation: 描述了在分布式多租户和/或虚拟化计算环境中提供各种安全计算和其他功能的可信计算主机。 可信主机计算设备可以与主机虚拟机的一个或多个主机计算设备进行通信,以提供许多与安全相关的功能,包括但不限于启动固件测量,密码密钥管理,远程验证以及安全和取证 管理。 可信计算主机为环境中的每个主机计算设备维护隔离的分区,并与主机计算设备上的外围卡进行通信,以便提供一个或多个安全功能。
-
公开(公告)号:US09557792B1
公开(公告)日:2017-01-31
申请号:US13907073
申请日:2013-05-31
Applicant: Amazon Technologies, Inc.
Inventor: Nachiketh Rao Potlapally , James R. Hamilton
CPC classification number: G06F1/329 , G06F1/20 , G06F1/26 , G06F1/3206 , G06F9/5088 , G06F9/5094 , G06F11/3062 , Y02D10/24
Abstract: Methods and apparatus for datacenter power management optimization are disclosed. Metrics, including workload data, thermal measurements and the like are collected from numerous endpoints within a datacenter. System profiles of a plurality of servers, and application workload profiles for various workloads, are stored. Based on analysis of collected metrics, power optimization operations comprising either workload scheduling operations, power configuration change operations, or both, are initiated.
Abstract translation: 披露了数据中心功率管理优化的方法和装置。 从数据中心内的众多端点收集指标,包括工作负载数据,热测量等。 存储多个服务器的系统配置文件和各种工作负载的应用程序工作负载配置文件。 基于收集的指标的分析,启动包括工作负载调度操作,电力配置更改操作或两者的功率优化操作。
-
-
-
-
-
-
-
-
-
Search Results
77
records
(took 0.033 seconds)
