-
公开(公告)号:US20160224785A1
公开(公告)日:2016-08-04
申请号:US14613723
申请日:2015-02-04
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner , Dylan Chandler Thomas , Ajay Nair
CPC classification number: G06F21/53 , G06F9/45533 , G06F9/45558 , G06F9/5027 , G06F21/44 , G06F21/552 , G06F2009/45562
Abstract: A system for providing security mechanisms for secure execution of program code is described. The system may be configured to maintain a plurality of virtual machine instances. The system may be further configured to receive a request to execute a program code and allocate computing resources for executing the program code on one of the virtual machine instances. One mechanism involves executing program code according to a user-specified security policy. Another mechanism involves executing program code that may be configured to communicate or interface with an auxiliary service. Another mechanism involves splitting and executing program code in a plurality of portions, where some portions of the program code are executed in association with a first level of trust and some portions of the program code are executed with different levels of trust.
Abstract translation: 描述了一种用于提供用于安全执行程序代码的安全机制的系统。 该系统可以被配置为维护多个虚拟机实例。 该系统还可以被配置为接收执行程序代码的请求,并且分配用于在虚拟机实例之一上执行程序代码的计算资源。 一种机制涉及根据用户指定的安全策略执行程序代码。 另一种机制涉及执行可配置为与辅助服务通信或接口的程序代码。 另一种机制涉及在多个部分中分割和执行程序代码,其中程序代码的一些部分与第一级别的信任相关联执行,并且程序代码的一些部分以不同的信任级别执行。
-
72.发明授权Programmatic event detection and message generation for requests to execute program code 有权编程事件检测和消息生成请求执行程序代码公开(公告)号:US09323556B2
公开(公告)日:2016-04-26
申请号:US14502648
申请日:2014-09-30
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner
CPC classification number: G06F9/542 , G06F9/45508 , G06F9/45533 , G06F9/45558 , G06F9/547 , G06F11/3006 , G06F11/301 , G06F2009/45562 , G06F2009/4557 , G06F2009/45575 , H04L41/06
Abstract: A service manages a plurality of virtual machine instances for low latency execution of user codes. The service can provide the capability to execute user code in response to events triggered on an auxillary service to provide implicit and automatic rate matching and scaling between events being triggered on the auxiliary service and the corresponding execution of user code on various virtual machine instances. An auxiliary service may be configured as an event triggering service to detect events and generate event messages for execution of the user codes. The service can request, receive, or poll for event messages directly from the auxiliary service or via an intermediary message service. Event messages can be rapidly converted to requests to execute user code on the service. The time from processing the event message to initiating a request to begin code execution is less than a predetermined duration, for example, 100 ms.
Abstract translation: 服务管理多个虚拟机实例,用于低延迟执行用户代码。 该服务可以提供执行用户代码以响应在辅助服务上触发的事件的能力,以提供在辅助服务上触发的事件和各种虚拟机实例上的相应执行用户代码之间的隐式和自动速率匹配和缩放。 辅助服务可以被配置为事件触发服务以检测事件并生成用于执行用户代码的事件消息。 该服务可以直接从辅助服务或通过中间消息服务请求,接收或轮询事件消息。 可以将事件消息快速转换为在服务上执行用户代码的请求。 从处理事件消息到开始执行代码的请求的时间小于预定的持续时间,例如100ms。
-
73.发明授权公开(公告)号:US09146764B1
公开(公告)日:2015-09-29
申请号:US14502741
申请日:2014-09-30
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner
CPC classification number: G06F9/542 , G06F9/45533 , G06F9/50 , G06F9/546
Abstract: A service manages a plurality of virtual machine instances for low latency execution of user codes. The service can provide the capability to execute user code in response to events triggered on an auxillary service to provide implicit and automatic rate matching and scaling between events being triggered on the auxiliary service and the corresponding execution of user code on various virtual machine instances. An auxiliary service may be configured as an event triggering service to detect events and generate event messages for execution of the user codes. The service can request, receive, or poll for event messages directly from the auxiliary service or via an intermediary message service. Event messages can be rapidly converted to requests to execute user code on the service. The time from processing the event message to initiating a request to begin code execution is less than a predetermined duration, for example, 100 ms.
Abstract translation: 服务管理多个虚拟机实例,用于低延迟执行用户代码。 该服务可以提供执行用户代码以响应在辅助服务上触发的事件的能力,以提供在辅助服务上触发的事件和各种虚拟机实例上的相应执行用户代码之间的隐式和自动速率匹配和缩放。 辅助服务可以被配置为事件触发服务以检测事件并生成用于执行用户代码的事件消息。 该服务可以直接从辅助服务或通过中间消息服务请求,接收或轮询事件消息。 可以将事件消息快速转换为在服务上执行用户代码的请求。 从处理事件消息到开始执行代码的请求的时间小于预定的持续时间,例如100ms。
-
公开(公告)号:US20210389963A1
公开(公告)日:2021-12-16
申请号:US17181465
申请日:2021-02-22
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner
Abstract: A service manages a plurality of virtual machine instances for low latency execution of user codes. The plurality of virtual machine instances can be configured based on a predetermined set of configurations. One or more containers may be created within the virtual machine instances. In response to a request to execute user code, the service identifies a pre-configured virtual machine instance suitable for executing the user code. The service can allocate the identified virtual machine instance to the user, create a new container within an instance already allocated to the user, or re-use a container already created for execution of the user code. When the user code has not been activated for a time-out period, the service can invalidate allocation of the virtual machine instance destroy the container. The time from receiving the request to beginning code execution is less than a predetermined duration, for example, 100 ms.
-
公开(公告)号:US11126469B2
公开(公告)日:2021-09-21
申请号:US16512063
申请日:2019-07-15
Applicant: Amazon Technologies, Inc.
Inventor: Sean Philip Reque , Derek Steven Manwaring , Dylan Chandler Thomas , Timothy Allen Wagner , Xin Zhao
IPC: G06F9/50 , G06F9/455 , H04L12/26 , H04L12/911 , H04L12/927 , G06F9/445
Abstract: A system for providing automatic resource resizing is provided. The system may be configured to maintain a plurality of virtual machine instances. The system may be further configured to receive a request to execute a program code and allocate computing resources for executing the program code on one of the virtual machine instances. The amount of resources allocated for executing the program code may be specified by the request and adjusted as needed.
-
Patent Agency Ranking
公开(公告)号:US20210232415A1
公开(公告)日:2021-07-29
申请号:US16950694
申请日:2020-11-17
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner , Sean Philip Reque
Abstract: A system for providing a stateful virtual compute system is provided. The system may be configured to maintain a plurality of virtual machine instances. The system may be further configured to receive a request to execute a program code and select a virtual machine instance to execute the program code on the selected virtual machine instance. The system may further associate the selected virtual machine instance with shared resources and allow program codes executed in the selected virtual machine instance to access the shared resources.
-
公开(公告)号:US10956185B2
公开(公告)日:2021-03-23
申请号:US16200275
申请日:2018-11-26
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner
Abstract: A service manages a plurality of virtual machine instances for low latency execution of user codes. The plurality of virtual machine instances can be configured based on a predetermined set of configurations. One or more containers may be created within the virtual machine instances. In response to a request to execute user code, the service identifies a pre-configured virtual machine instance suitable for executing the user code. The service can allocate the identified virtual machine instance to the user, create a new container within an instance already allocated to the user, or re-use a container already created for execution of the user code. When the user code has not been activated for a time-out period, the service can invalidate allocation of the virtual machine instance destroy the container. The time from receiving the request to beginning code execution is less than a predetermined duration, for example, 100 ms.
-
公开(公告)号:US10884812B2
公开(公告)日:2021-01-05
申请号:US16219842
申请日:2018-12-13
Applicant: Amazon Technologies, Inc.
Inventor: Marc John Brooker , Philip Daniel Piwonka , Niall Mullen , Mikhail Danilov , Holly Mesrobian , Timothy Allen Wagner
Abstract: Systems and methods are described for providing performance-based hardware emulation in an on-demand network code execution system. A user may generate a task on the system by submitting code. The system may determine, based on the code or its execution, that the code executes more efficiently if certain functionality is available, such as an extension to a processor's instruction set. The system may further determine that it can provide the needed functionality using various computing resources, which may include physical hardware, emulated hardware (e.g., a virtual machine), or combinations thereof. The system may then determine and provide a set of computing resources to use when executing the user-submitted code, which may be based on factors such as availability, cost, estimated performance, desired performance, or other criteria. The system may also migrate code from one set of computing resources to another, and may analyze demand and project future computing resource needs.
-
公开(公告)号:US10817331B2
公开(公告)日:2020-10-27
申请号:US16017970
申请日:2018-06-25
Applicant: Amazon Technologies, Inc.
Inventor: Niall Mullen , Philip Daniel Piwonka , Timothy Allen Wagner , Marc John Brooker
Abstract: Systems and methods are described for providing auxiliary functions in an on-demand code execution system in a manner that enables efficient execution of code. A user may generate a task on the system by submitting code. The system may determine the auxiliary functions that the submitted code may require when executed on the system, and may provide these auxiliary functions by provisioning sidecar virtual machine instances that work in conjunction with the virtual machine instance executing the submitted code. The sidecars may provide auxiliary functions on a per-task, per-user, or per-request basis, and the lifecycles of the sidecars may be determined based on the lifecycles of the virtual machine instances that execute submitted code. Auxiliary functions may thus be provided only when needed, and may be provided securely by preventing a user from accessing the sidecars of other users.
-
公开(公告)号:US10733085B1
公开(公告)日:2020-08-04
申请号:US15888946
申请日:2018-02-05
Applicant: Amazon Technologies, Inc.
Inventor: Timothy Allen Wagner
IPC: G06F11/00 , G06F11/36 , G06F16/951 , G06F9/54 , G06N20/00
Abstract: Systems and methods are described for conducting static analysis of code invoking network-based services to identify, without requiring execution of the code, an impedance mismatch between an expected execution rate of the code and an invocation capacity of a service invoked within the code. A system is provided that may analyze code to detect both direct invocations of services, as well as indirect invocations caused by the direct invocations. The system can utilize information regarding directly or indirectly invoked services to determine whether an expected invocation rate of such services will exceed invocation capacity for the services. In some instances, the system can traverse a “call graph” of all services invoked by code either directly or indirectly to identify impedance mismatches through multiple levels of indirection.
-
-
-
-
-
-
-
-
-
Search Results
130
records
(took 0.022 seconds)
