知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

10 records (took 0.023 seconds)

    Request simulation for ensuring compliance
    1.
    发明授权
    Request simulation for ensuring compliance 有权

    公开(公告)号:US10810055B1

    公开(公告)日:2020-10-20

    申请号:US15842616

    申请日:2017-12-14

    Applicant: Amazon Technologies, Inc.

    Inventor: David Walker

    IPC: G06F9/52 G06F9/50 G06F9/54 G06F16/23

    Abstract: Calls, such as API calls to a resource provider environment, can be modeled and evaluated using a shadow environment before executing the call in an actual target environment. Such an approach ensures that any changes made as a result of executing the call will not cause the actual environment to be out of compliance with any relevant rules or regulations. Changes may typically be reflected in a configuration management database. A shadow copy of this database can be generated, and the call can first be modeled in this shadow copy. Shadow log entries including results of the processing can be generated and evaluated. If the changes would be compliant then the call can be transmitted to the actual API endpoint for the target environment, where the API call can be executed.

    Dynamic metadata encryption
    2.
    发明授权
    Dynamic metadata encryption 有权

    公开(公告)号:US10972580B1

    公开(公告)日:2021-04-06

    申请号:US15839565

    申请日:2017-12-12

    Applicant: Amazon Technologies, Inc.

    Inventor: Bertram U. Dorn David Walker

    IPC: H04L29/06 H04L9/08 G06F21/60 H04L29/08 G06F9/451 H04L12/24 H04L12/66

    Abstract: A system intercepts, at an application programming interface (API) gateway, a request for access to a computing resource and obfuscates metadata associated with the request. The metadata is obfuscated by at least encrypting the metadata to generate encrypted metadata. The API gateway further generates a second request to include the encrypted metadata. The second request is then used to access the computing resource in response to the first request such that when the computing resource is accessed, the metadata associated with the computing resource is encrypted.

    REQUEST FILTERING AND DATA REDACTION FOR ACCESS CONTROL
    3.
    发明申请
    REQUEST FILTERING AND DATA REDACTION FOR ACCESS CONTROL 有权

    公开(公告)号:US20210044590A1

    公开(公告)日:2021-02-11

    申请号:US16941121

    申请日:2020-07-28

    Applicant: Amazon Technologies, Inc.

    Inventor: David Walker Bertram Dorn

    IPC: H04L29/06 G06F21/62

    Abstract: Approaches provide for mandatory access controls and account identification masking controls in an electronic environment. For example, a customer can configure a client device to access an API gateway which acts as a proxy for a resource in a resource provider environment. Requests for resources or services can be redirected to the API gateway. A registered function may be triggered when the request is received and may filter the request. After filtering, the request can be forwarded on to the actual API endpoint to access the requested resource. From the client's perspective, the resource is being accessed directly, and from the resource's perspective, it is being accessed by the proxy. This layer of indirection enables data to be protected preemptively, rather than waiting for an undesirable condition to exist and then reactively attending to the issue. Additionally, log data may be redacted and/or masked automatically as it is created, protecting sensitive data before it is accessible to administrators or other users.

    Load-balancing for achieving transaction fault tolerance
    5.
    发明授权
    Load-balancing for achieving transaction fault tolerance 有权

    公开(公告)号:US10481963B1

    公开(公告)日:2019-11-19

    申请号:US15197700

    申请日:2016-06-29

    Applicant: AMAZON TECHNOLOGIES, INC.

    Inventor: David Walker

    IPC: G06F11/07 H04L29/08 H04L12/24 H04L1/22 H04L1/00 G06F11/30

    Abstract: A system for servicing a request in a distributed computing environment includes a plurality of computing devices configurable to implement a first compute instance group. The first instance group includes a first plurality of compute instances of a provider network. One or more of the computing devices is configured to implement a first network device that is configured to receive a first service request from a client directed to an application and to provide the first service request to each of the first plurality of compute instances. The application is run on each of the first plurality of compute instances.

    Request filtering and data redaction for access control
    7.
    发明授权
    Request filtering and data redaction for access control 有权

    公开(公告)号:US10771468B1

    公开(公告)日:2020-09-08

    申请号:US15384044

    申请日:2016-12-19

    Applicant: Amazon Technologies, Inc.

    Inventor: David Walker Bertram Dorn

    IPC: H04L29/06 G06F21/62

    Abstract: Approaches provide for mandatory access controls and account identification masking controls in an electronic environment. For example, a customer can configure a client device to access an API gateway which acts as a proxy for a resource in a resource provider environment. Requests for resources or services can be redirected to the API gateway. A registered function may be triggered when the request is received and may filter the request. After filtering, the request can be forwarded on to the actual API endpoint to access the requested resource. From the client's perspective, the resource is being accessed directly, and from the resource's perspective, it is being accessed by the proxy. This layer of indirection enables data to be protected preemptively, rather than waiting for an undesirable condition to exist and then reactively attending to the issue. Additionally, log data may be redacted and/or masked automatically as it is created, protecting sensitive data before it is accessible to administrators or other users.

    Ownership transfer account service in a virtual computing environment
    9.
    发明授权
    Ownership transfer account service in a virtual computing environment 有权

    公开(公告)号:US10095549B1

    公开(公告)日:2018-10-09

    申请号:US14869494

    申请日:2015-09-29

    Applicant: Amazon Technologies, Inc.

    Inventor: Sean Michael Needham Attila Narin David Walker

    IPC: H04L12/911 G06F9/50 H04L29/08 H04L29/06

    Abstract: Technology is described for providing an ownership transfer service in virtual computing service environment. Computing resources under the control of one or multiple customers are stored in an ownership transfer account. Workflows based on a pre-defined set of triggers for releasing the computing resources from the ownership transfer account are established. Exclusive control over the computing resources may be transferred from the single or multiple customers to at least one of the multiple customers or to a receiving customer according to a triggering event. The exclusive control over the computing resources from one or at least one of the multiple customers is terminated upon occurrence of one of the pre-defined set of triggers or temporary control is granted based on rules such as time periods.

Patent Agency Ranking