公开(公告)号：US09325732B1

公开(公告)日：2016-04-26

申请号：US14293742

申请日：2014-06-02

Applicant: Amazon Technologies, Inc.

Inventor： Thomas Charles Stickle ,  Carl Jay Moses ,  Ryan Christopher Holland

IPC: H04L29/06

CPC classification number: H04L63/1441 ,  H04L63/1408

Abstract: A computer security threat sharing technology is described. A computer security threat is recognized at an organization. A partner network graph is queried for security nodes connected to a first security node representing the organization. The first security node is connected to at least a second security node representing a trusted security partner of the organization. The second security node is associated with identification information. The computer security threat recognized by the organization is communicated to the trusted security partner using the identification information associated with the second security node.

Abstract translation: 描述了一种计算机安全威胁共享技术。 计算机安全威胁在一个组织得到认可。 查询连接到代表组织的第一个安全节点的安全节点的伙伴网络图。 第一安全节点连接到表示组织的可靠安全伙伴的至少第二安全节点。 第二安全节点与识别信息相关联。 使用与第二安全节点相关联的识别信息将组织识别的计算机安全威胁传送到信任的安全伙伴。

公开(公告)号：US09485323B1

公开(公告)日：2016-11-01

申请号：US14034331

申请日：2013-09-23

Applicant: Amazon Technologies, Inc.

Inventor： Thomas Charles Stickle ,  Terrence Patrick Wise ,  Carl Jay Moses

IPC: H04L29/08 ,  G06F15/16

CPC classification number: H04L67/32 ,  H04L67/02 ,  H04L67/10 ,  H04L67/1004 ,  H04L67/1031 ,  H04L67/42

Abstract: Methods and apparatus for managing pooled client-premise resources via provider-defined interfaces are described. A pool management request is received from a client via a programmatic interface implemented at a provider network, indicating at least one resource located at a data center external to the provider network. An activation status of the resource within a pool is to be managed by a service of the provider network. A network connection between an administrative resource of the service, located within the provider network, and a control module instantiated on behalf of the service at the external data center is established. A command is transmitted from the administrative resource to the control module to activate the particular resource.

Abstract translation: 描述了通过供应商定义的接口管理池化客户端资源的方法和装置。 通过在提供商网络实现的编程接口从客户端接收池管理请求，指示位于提供商网络外部的数据中心处的至少一个资源。 池中的资源的激活状态由供应商网络的服务来管理。 建立位于提供者网络内的服务的管理资源与代表外部数据中心的服务实例化的控制模块之间的网络连接。 从管理资源向控制模块发送命令以激活特定资源。

公开(公告)号：US10257227B1

公开(公告)日：2019-04-09

申请号：US14460168

申请日：2014-08-14

Applicant: Amazon Technologies, Inc.

Inventor： Thomas Charles Stickle ,  Carl Jay Moses ,  Ryan Christopher Holland

IPC: H04L29/06 ,  G06F21/50

Abstract: A computer security threat sharing technology is described. An example method may include receiving security threat information transmitted over a computing network via a multi-streaming data service. The security threat information may relate to a recognized computer security threat detected by a first network component. The security threat information may then be correlated with additional security threat information received via the multi-streaming data service that may be detected by a second network component that may be interconnected to the first network component by way of the multi-streaming data service. A computer security threat associated with correlated security threat information may then be identified, and the computer security threat may be communicated to a plurality of network components via the multi-streaming data service.

公开(公告)号：US09686121B2

公开(公告)日：2017-06-20

申请号：US14034325

申请日：2013-09-23

Applicant: Amazon Technologies, Inc.

Inventor： Thomas Charles Stickle ,  Terrence Patrick Wise ,  Carl Jay Moses

IPC: G06F15/173 ,  H04L12/24

CPC classification number: H04L41/00 ,  H04L41/18 ,  H04L41/28

Abstract: Methods and apparatus for client-premise resource control using provider-defined interfaces are described. A set of programmatic interfaces enabling clients to submit registration requests is implemented. A registration request indicates resources located at a data center external to a provider network as candidate targets for control operation requests issued via a different set of programmatic interfaces associated with a service of the provider network. A network connection is established between a particular resource indicated in a registration request, and an administrative resource located within a data center of the provider network. In response to a particular control operation request received via a programmatic interface of the different set, a control command is transmitted from the administrative resource to the particular resource via the network connection.

公开(公告)号：US10893029B1

公开(公告)日：2021-01-12

申请号：US14848152

申请日：2015-09-08

Applicant: Amazon Technologies, Inc.

Inventor： Christopher Albert Gorski ,  Carl Jay Moses

IPC: H04L29/06 ,  G06F12/14 ,  G06F21/60 ,  G06F21/62

Abstract: A technology is described for a virtual secure region. An example method may include receiving a request for data stored in a secure computing service environment executing on computing resources used to provide a public computing service environment, where the secure computing service environment may be separated from the public computing environment using encryption. In response to the request, a secure region account that corresponds to a public region account may be identified using a translation table that maps the secure region account to the public region account. A storage location for the data may be identified within the secure computing service environment specified by the secure region account, and the data may be obtained from the storage location within the secure computing service environment. The data may then be transferred to the public computing service environment.

公开(公告)号：US10362053B1

公开(公告)日：2019-07-23

申请号：US15139281

申请日：2016-04-26

Applicant: Amazon Technologies, Inc.

Inventor： Thomas Charles Stickle ,  Carl Jay Moses ,  Ryan Christopher Holland

IPC: H04L29/06

Abstract: A computer security threat sharing technology is described. A computer security threat is recognized at an organization. A partner network graph is queried for security nodes connected to a first security node representing the organization. The first security node is connected to at least a second security node representing a trusted security partner of the organization. The second security node is associated with identification information. The computer security threat recognized by the organization is communicated to the trusted security partner using the identification information associated with the second security node.

公开(公告)号：US10360071B1

公开(公告)日：2019-07-23

申请号：US14251491

申请日：2014-04-11

Applicant: Amazon Technologies, Inc.

Inventor： Carl Jay Moses ,  Thomas Charles Stickle

IPC: G06F9/50 ,  H04L29/08 ,  H04L29/06

Abstract: A technology is described for an electronic market for network-accessible computing resources located on a partner-owned data center that is external to a service provider network. An example method may include receiving a request for a network-accessible computing resource from a customer of a computing service provider. A network-accessible computing resource may then be identified on a partner-owned data center as specified in the request. A network connection may then be established that allows the customer to access the network-accessible computing resource.