-
公开(公告)号:US20160154963A1
公开(公告)日:2016-06-02
申请号:US15004592
申请日:2016-01-22
Applicant: Amazon Technologies, Inc.
Inventor: Sandeep Kumar , Gregory Branchek Roth , Gregory Alan Rubin , Mark Christopher Seigle , Kamran Tirdad
CPC classification number: G06F21/602 , G06F11/1076 , G06F11/1464 , G06F11/1469 , G06F12/1408 , G06F21/6209 , H04L9/0822 , H04L9/0825 , H04L9/14 , H04L2209/24
Abstract: A data storage service redundantly stores data and keys used to encrypt the data. Data objects are encrypted with first cryptographic keys. The first cryptographic keys are encrypted by second cryptographic keys. The first cryptographic keys and second cryptographic keys are redundantly stored in a data storage system to enable access of the data objects, such as to respond to requests to retrieve the data objects. The second cryptographic keys may be encrypted by third keys and redundantly stored in the event access to a second cryptographic key is lost.
Abstract translation: 数据存储服务冗余地存储用于加密数据的数据和密钥。 数据对象使用第一加密密钥进行加密。 第一加密密钥由第二加密密钥加密。 第一加密密钥和第二加密密钥被冗余地存储在数据存储系统中,以使数据对象能够访问,例如响应检索数据对象的请求。 可以通过第三密钥来加密第二加密密钥,并且在丢失对第二加密密钥的访问的情况下被冗余地存储。
-
公开(公告)号:US09251097B1
公开(公告)日:2016-02-02
申请号:US13919701
申请日:2013-06-17
Applicant: Amazon Technologies, Inc.
Inventor: Sandeep Kumar , Gregory Branchek Roth , Gregory Alan Rubin , Mark Christopher Seigle , Kamran Tirdad
CPC classification number: G06F21/602 , G06F11/1076 , G06F11/1464 , G06F11/1469 , G06F12/1408 , G06F21/6209 , H04L9/0822 , H04L9/0825 , H04L9/14 , H04L2209/24
Abstract: A data storage service redundantly stores data and keys used to encrypt the data. Data objects are encrypted with first cryptographic keys. The first cryptographic keys are encrypted by second cryptographic keys. The first cryptographic keys and second cryptographic keys are redundantly stored in a data storage system to enable access of the data objects, such as to respond to requests to retrieve the data objects. The second cryptographic keys may be encrypted by third keys and redundantly stored in the event access to a second cryptographic key is lost.
Abstract translation: 数据存储服务冗余地存储用于加密数据的数据和密钥。 数据对象使用第一加密密钥进行加密。 第一加密密钥由第二加密密钥加密。 第一加密密钥和第二加密密钥被冗余地存储在数据存储系统中,以使数据对象能够访问,例如响应检索数据对象的请求。 可以通过第三密钥来加密第二加密密钥,并且在丢失对第二加密密钥的访问的情况下被冗余地存储。
-
公开(公告)号:US09904788B2
公开(公告)日:2018-02-27
申请号:US15004592
申请日:2016-01-22
Applicant: Amazon Technologies, Inc.
Inventor: Sandeep Kumar , Gregory Branchek Roth , Gregory Alan Rubin , Mark Christopher Seigle , Kamran Tirdad
CPC classification number: G06F21/602 , G06F11/1076 , G06F11/1464 , G06F11/1469 , G06F12/1408 , G06F21/6209 , H04L9/0822 , H04L9/0825 , H04L9/14 , H04L2209/24
Abstract: A data storage service redundantly stores data and keys used to encrypt the data. Data objects are encrypted with first cryptographic keys. The first cryptographic keys are encrypted by second cryptographic keys. The first cryptographic keys and second cryptographic keys are redundantly stored in a data storage system to enable access of the data objects, such as to respond to requests to retrieve the data objects. The second cryptographic keys may be encrypted by third keys and redundantly stored in the event access to a second cryptographic key is lost.
-
4.发明授权Range retrievals from archived data objects according to a predefined hash tree schema 有权根据预定义的散列树模式,从存档的数据对象进行范围检索公开(公告)号:US09223789B1
公开(公告)日:2015-12-29
申请号:US13827137
申请日:2013-03-14
Applicant: Amazon Technologies, Inc.
Inventor: Mark Christopher Seigle , Kamran Tirdad , Colin Laird Lazier
IPC: G06F17/30
CPC classification number: G06F17/30073
Abstract: Ranges of data stored within archived data may be retrieved according to a predefined hash tree schema. A retrieval request for a range of one or more data chunks of an archived data object stored in archival data store may be retrieved. In response, the requested range of the archived data object may be determined to be tree-hash aligned. In response to determining that the requested range is tree-hash aligned, a retrieval job may be initiated to obtain the range of one or more data chunks and to stage the one or more data chunks for download. A download request may for one or more of the obtained and staged data chunks, and if determined to be tree-hash aligned, a tree hash root node may be sent to the requesting client in addition to the requested data.
Abstract translation: 可以根据预定义的散列树模式检索归档数据中存储的数据范围。 可以检索对归档数据存储中存储的归档数据对象的一个或多个数据块的范围的检索请求。 作为响应,归档数据对象的请求范围可以被确定为树 - 哈希对齐。 响应于确定所请求的范围是树 - 哈希对齐,可以启动检索作业以获得一个或多个数据块的范围,并且对一个或多个数据块进行分级以进行下载。 下载请求可以针对一个或多个所获得的和分阶段的数据块,并且如果确定为树 - 哈希对齐,则除了所请求的数据之外,还可以将树哈希根节点发送到请求客户端。
-
公开(公告)号:US11573925B2
公开(公告)日:2023-02-07
申请号:US16983849
申请日:2020-08-03
Applicant: Amazon Technologies, Inc.
Inventor: Ryan Charles Schmitt , Claire Elizabeth Suver , Mark Christopher Seigle , Bryan James Donlan
Abstract: Techniques described and suggested herein include distributed deletion request processing and verification. For example, incident to migration of original data from a first data store to a second data store, verifications and confirmations related to removing the original data from the first data store may be performed so as to ensure the integrity of the original data represented on the second data store prior to removing the actual original data on the first data store. In some embodiments, the verifications and confirmations performed in connection with a deletion request may be apportioned to multiple entities, each of which may not fully trust the others. As a result, in some embodiments, a given deletion request may only be fulfilled if all of the entities involved in the verification process individually provide authorization to execute the deletion request.
-
Patent Agency Ranking
公开(公告)号:US09971544B1
公开(公告)日:2018-05-15
申请号:US14856445
申请日:2015-09-16
Applicant: Amazon Technologies, Inc.
Inventor: Jeffrey Arthur Johnson , Colin Laird Lazier , Evelina Colleen Babcock , Mark Christopher Seigle
CPC classification number: G06F3/0653 , G06F3/0613 , G06F3/0619 , G06F3/065 , G06F3/0665 , G06F3/067 , G06F3/0689 , G06F11/085 , G06F17/30073 , G06F17/30082 , G06F17/30194 , H04L41/0893 , H04L43/0876 , H04L67/1097 , H04L69/16 , H04L69/326
Abstract: A data storage system synchronously or asynchronously determines data storage usage policies in connection with incoming data storage requests so as to improve policy compliance and system efficiency. In some embodiments, a synchronous usage meter is used to make such policy decisions, and variously implement consistent hashing techniques to improve system availability and efficiency. In some embodiments, an asynchronous usage meter is used, and is implemented using an ordered queueing engine so as to improve the accuracy of policy decisions.
-
公开(公告)号:US20180011894A1
公开(公告)日:2018-01-11
申请号:US15658283
申请日:2017-07-24
Applicant: Amazon Technologies, Inc.
Inventor: Jeffrey Arthur Johnson , Mark Christopher Seigle
IPC: G06F17/30
CPC classification number: G06F16/2365
Abstract: A method and apparatus is disclosed for utilizing a validity map to indicate whether an overwriting data portion of user data is received. In the method and apparatus, a plurality of data portions of user data are received, whereby each data portion of the plurality of data portion may overwrite another data portion. A validity map may be utilized to indicate whether a data portion is an overwriting data portion. The validity map may be utilized for retrieving the data portion instead of the data portion being replaced.
-
公开(公告)号:US10977238B2
公开(公告)日:2021-04-13
申请号:US15658283
申请日:2017-07-24
Applicant: Amazon Technologies, Inc.
Inventor: Jeffrey Arthur Johnson , Mark Christopher Seigle
Abstract: A method and apparatus is disclosed for utilizing a validity map to indicate whether an overwriting data portion of user data is received. In the method and apparatus, a plurality of data portions of user data are received, whereby each data portion of the plurality of data portion may overwrite another data portion. A validity map may be utilized to indicate whether a data portion is an overwriting data portion. The validity map may be utilized for retrieving the data portion instead of the data portion being replaced.
-
公开(公告)号:US10936729B2
公开(公告)日:2021-03-02
申请号:US15889053
申请日:2018-02-05
Applicant: Amazon Technologies, Inc.
Inventor: Sandeep Kumar , Gregory Branchek Roth , Gregory Alan Rubin , Mark Christopher Seigle , Kamran Tirdad
Abstract: A data storage service redundantly stores data and keys used to encrypt the data. Data objects are encrypted with first cryptographic keys. The first cryptographic keys are encrypted by second cryptographic keys. The first cryptographic keys and second cryptographic keys are redundantly stored in a data storage system to enable access of the data objects, such as to respond to requests to retrieve the data objects. The second cryptographic keys may be encrypted by third keys and redundantly stored in the event access to a second cryptographic key is lost.
-
公开(公告)号:US10733145B1
公开(公告)日:2020-08-04
申请号:US14572603
申请日:2014-12-16
Applicant: Amazon Technologies, Inc.
Inventor: Ryan Charles Schmitt , Claire Elizabeth Suver , Mark Christopher Seigle , Bryan James Donlan
Abstract: Techniques described and suggested herein include distributed deletion request processing and verification. For example, incident to migration of original data from a first data store to a second data store, verifications and confirmations related to removing the original data from the first data store may be performed so as to ensure the integrity of the original data represented on the second data store prior to removing the actual original data on the first data store. In some embodiments, the verifications and confirmations performed in connection with a deletion request may be apportioned to multiple entities, each of which may not fully trust the others. As a result, in some embodiments, a given deletion request may only be fulfilled if all of the entities involved in the verification process individually provide authorization to execute the deletion request.
-
-
-
-
-
-
-
-
-
Search Results
13
records
(took 0.018 seconds)
