-
公开(公告)号:US10225146B2
公开(公告)日:2019-03-05
申请号:US15702589
申请日:2017-09-12
Applicant: Amazon Technologies, Inc.
Inventor: Kevin Christopher Miller , Eric Jason Brandwine , Andrew J. Doane
IPC: H04L12/28 , H04L12/24 , H04L12/701 , H04L12/26
Abstract: Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present. In some situations, the networking functionality provided for a managed computer network of a client includes receiving routing communications directed to the virtual networking devices and using included routing cost information to update the configuration of the managed computer network, and/or includes determining actual cost information corresponding to use of an underlying substrate network and providing routing cost information to the client that reflects the determined actual cost information, so as to enable the client to modify the configuration of the managed computer network accordingly.
-
公开(公告)号:US10178077B2
公开(公告)日:2019-01-08
申请号:US15615727
申请日:2017-06-06
Applicant: Amazon Technologies, Inc.
Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations.
-
公开(公告)号:US20180375837A1
公开(公告)日:2018-12-27
申请号:US16056097
申请日:2018-08-06
Applicant: Amazon Technologies, Inc.
Inventor: Kevin Christopher Miller , Andrew J. Doane , Mahmoud A. Abuelela , Michael B. Furr
CPC classification number: H04L63/0428 , H04L12/1435 , H04L29/06 , H04L41/046 , H04L41/0896 , H04L43/0811 , H04L45/306 , H04L67/14
Abstract: Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity.
-
公开(公告)号:US10044681B2
公开(公告)日:2018-08-07
申请号:US14275421
申请日:2014-05-12
Applicant: Amazon Technologies, Inc.
Inventor: Kevin Christopher Miller , Andrew J. Doane , Mahmoud A. Abuelela , Michael B. Furr
CPC classification number: H04L63/0428 , H04L12/1435 , H04L29/06 , H04L41/046 , H04L41/0896 , H04L43/0811 , H04L45/306 , H04L67/14
Abstract: Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity.
-
公开(公告)号:US20180152448A1
公开(公告)日:2018-05-31
申请号:US15878203
申请日:2018-01-23
Applicant: Amazon Technologies, Inc.
Inventor: Robert Eric Fitzgerald , Andrew J. Doane , Alexander Edward Schoof , Christopher Steven Helma , Rui Min , Matthew A. Estes , Anand Mishra
CPC classification number: H04L63/0876 , G06F21/602 , H04L41/0806 , H04L41/0809 , H04L41/5054 , H04L63/0272 , H04L63/10 , H04L63/101 , H04L63/102 , H04L67/125
Abstract: Devices, such as hardware security modules, are provided as a service. A customer of a computing resource provider is able to request the addition of a device to a network of the customer hosted by the computing resource provider. The computing resource provider reconfigures a set of computing resources so that the devices of the customer are able to communicate with the device as if the device was in the customer's own network.
-
Patent Agency Ranking
公开(公告)号:US09749181B2
公开(公告)日:2017-08-29
申请号:US14599182
申请日:2015-01-16
Applicant: Amazon Technologies, Inc.
Inventor: Daniel T. Cohn , Eric Jason Brandwine , Andrew J. Doane
CPC classification number: H04L41/0816 , G06F9/45533 , H04L41/50 , H04L61/103 , H04L61/251 , H04L69/167 , H04W4/02 , H04W80/045
Abstract: Techniques are described for managing communications between multiple computing nodes, such as computing nodes that are part of a virtual computer network. In some situations, various types of modifications may be made to one or more computing nodes of an existing virtual computer network, and the described techniques include managing ongoing communications for those computing nodes so as to accommodate the modifications. Such modifications may include, for example, migrating or otherwise moving a particular computing node that is part of a virtual network to a new physical network location, or modifying other aspects of how the computing node participates in the virtual network (e.g., changing one or more virtual network addresses used by the computing node). In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.
-
公开(公告)号:US09521037B2
公开(公告)日:2016-12-13
申请号:US14059236
申请日:2013-10-21
Applicant: Amazon Technologies, Inc.
Inventor: Eric Jason Brandwine , Clarissa Loree Cook Brandwine , Daniel T. Cohn , Andrew J. Doane , Carl J. Moses , Stephen E. Schmidt
IPC: G06F15/16 , H04L12/24 , H04L12/713 , H04L29/06
CPC classification number: H04L41/0803 , H04L12/4641 , H04L45/586 , H04L63/0272
Abstract: Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service in order to create and configure computer networks that are provided by the configurable network service for use by the users. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. If so, secure private access between an existing computer network and new computer network extension that is being provided may be enabled using one or more VPN connections or other private access mechanisms.
-
公开(公告)号:US20160285831A1
公开(公告)日:2016-09-29
申请号:US15179700
申请日:2016-06-10
Applicant: Amazon Technologies, Inc.
Inventor: Andrew J. Doane , Eric Jason Brandwine
CPC classification number: H04L63/0272 , H04L61/2069 , H04L63/10 , H04L67/18 , H04L67/34 , H04L67/36
Abstract: Techniques are described for providing users with access to computer networks, such as to enable users to interact with a remote configurable network service to create and configure computer networks that are provided by the configurable network service for use by the users. Secure private access between a computer network provided for a user by the configurable network service and one or more other remote computing systems of the user (e.g., a remote private network) may be enabled in various ways. For example, a user may programmatically invoke an API provided by the configurable network service to obtain assistance in establishing remote access from a remote location to a provided computer network of the configurable network service, such as to establish a VPN connection from the remote location to the provided computer network using hardware and/or software supplied to the remote location in response to the API invocation.
Abstract translation: 描述了用于向用户提供对计算机网络的访问的技术,例如使得用户能够与远程可配置网络服务交互以创建和配置由可配置网络服务提供以供用户使用的计算机网络。 通过可配置网络服务为用户提供的计算机网络与用户的一个或多个其他远程计算系统(例如,远程专用网络)之间的安全私人访问可以以各种方式启用。 例如,用户可以以编程方式调用可配置网络服务提供的API,以获得建立从远程位置到所提供的可配置网络服务的计算机网络的远程访问的帮助,例如建立从远程位置到 提供的计算机网络使用响应于API调用提供给远程位置的硬件和/或软件。
-
公开(公告)号:US20160087840A1
公开(公告)日:2016-03-24
申请号:US14954734
申请日:2015-11-30
Applicant: Amazon Technologies, Inc.
Inventor: Kevin Christopher Miller , Eric Jason Brandwine , Andrew J. Doane
IPC: H04L12/24 , H04L12/751
CPC classification number: H04L41/0813 , H04L12/4641 , H04L41/12 , H04L45/00 , H04L45/02
Abstract: Techniques are described for providing managed virtual computer networks that may have a configured logical network topology with one or more virtual networking devices, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the networking devices if they were physically present. In some situations, the emulating of networking device functionality includes receiving routing communications directed to the networking devices and using included routing information to update the configured network topology for the managed computer network. In addition, the techniques may further include supporting interactions with devices that are external to the virtual computer network, including remote physical networking devices that are part of a remote computer network configured to interoperate with the virtual computer network, and/or specialized network devices that are accessible via a substrate network on which the virtual computer network is overlaid.
Abstract translation: 描述了用于提供受管理的虚拟计算机网络的技术,该管理虚拟计算机网络可以具有与一个或多个虚拟网络设备的配置的逻辑网络拓扑,其中通过模拟将由虚拟网络设备提供的功能性为虚拟计算机网络的多个计算节点 网络设备,如果他们实际存在。 在某些情况下,模拟网络设备功能包括接收定向到网络设备的路由通信,并使用包含的路由信息来更新被管理计算机网络的配置的网络拓扑。 此外,这些技术还可以包括支持与虚拟计算机网络外部的设备的交互,包括被配置为与虚拟计算机网络互操作的远程计算机网络的一部分的远程物理网络设备和/或专用网络设备, 可以通过覆盖虚拟计算机网络的基板网络访问。
-
80.发明授权公开(公告)号:US09235714B1
公开(公告)日:2016-01-12
申请号:US14078351
申请日:2013-11-12
Applicant: Amazon Technologies, Inc.
IPC: G06F21/60
CPC classification number: H04L63/061 , G06F9/45558 , G06F9/4812 , G06F21/602 , G06F21/6218 , G06F2221/2101 , G06F2221/2143
Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. Signaling methods are used to notify virtual machine instances of serialization events in order to prevent keying material from being stored persistently.
Abstract translation: 组织使用服务提供商的计算机硬件资源和服务维护和生成大量敏感信息。 此外,需要能够通过使用密钥加密数据并销毁密钥来安全而快速地删除大量的数据。 为确保远程存储的信息得到保护并能够进行安全删除,组织使用的加密密钥在串行化操作期间应防止持久存储。 信令方法用于通知序列化事件的虚拟机实例,以防止密钥材料被永久存储。
-
-
-
-
-
-
-
-
-
Search Results
113
records
(took 0.046 seconds)
