公开(公告)号：US20180191710A1

公开(公告)日：2018-07-05

申请号：US15906966

申请日：2018-02-27

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung ,  Guruprakash Bangalore Rao ,  Shuo Wang ,  Sameer Palande ,  Krithi Rai ,  Chirag Pravin Pandya

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/0853 ,  G06F16/24 ,  G06F21/6218 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0807 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/102 ,  H04L63/105

Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.

公开(公告)号：US11310116B2

公开(公告)日：2022-04-19

申请号：US16512170

申请日：2019-07-15

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Sameer Palande

IPC: G06F15/173 ,  H04L41/14 ,  H04L43/08 ,  H04L47/70 ,  G06Q10/00 ,  H04L41/0816 ,  H04L41/08 ,  H04L41/0893 ,  H04L43/0876

Abstract: Features are disclosed for facilitating remote management of network directories of organizations by a directory management system. The network directories may change over time, experiencing growth in size and number of current connections, increased latency, reduced performance, and the like. The network directories may also shrink over time, experience fewer connections, etc. Organizations can define scaling policies by which the directory management system can automatically respond to the occurrence of various events, such as changes in the size or usage of the organizations' network directories, by scaling resources associated with the directories. The directory management system can perform various scaling actions on-demand or without requiring additional action by the organizations, thereby reducing the time and effort required by the organizations to monitor their own directories and implement (or request implementation of) changes.

公开(公告)号：US09942224B2

公开(公告)日：2018-04-10

申请号：US15456158

申请日：2017-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Neelam Satish Agrawal ,  Lawrence Hun-Gi Aung ,  Guruprakash Bangalore Rao ,  Shuo Wang ,  Sameer Palande ,  Krithi Rai ,  Chirag Pravin Pandya

IPC: H04L29/06 ,  G06F21/62

CPC classification number: H04L63/0853 ,  G06F17/30386 ,  G06F21/6218 ,  H04L63/06 ,  H04L63/08 ,  H04L63/0807 ,  H04L63/0815 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/102 ,  H04L63/105

Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.

公开(公告)号：US20200028752A1

公开(公告)日：2020-01-23

申请号：US16512170

申请日：2019-07-15

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Sameer Palande

IPC: H04L12/24 ,  H04L12/26 ,  H04L12/911 ,  G06Q10/00

Abstract: Features are disclosed for facilitating remote management of network directories of organizations by a directory management system. The network directories may change over time, experiencing growth in size and number of current connections, increased latency, reduced performance, and the like. The network directories may also shrink over time, experience fewer connections, etc. Organizations can define scaling policies by which the directory management system can automatically respond to the occurrence of various events, such as changes in the size or usage of the organizations' network directories, by scaling resources associated with the directories. The directory management system can perform various scaling actions on-demand or without requiring additional action by the organizations, thereby reducing the time and effort required by the organizations to monitor their own directories and implement (or request implementation of) changes.

公开(公告)号：US09853978B2

公开(公告)日：2017-12-26

申请号：US15424691

申请日：2017-02-03

Applicant: Amazon Technologies, Inc.

Inventor： Erik Jonathon Tellvik ,  Gaurang Pankaj Mehta ,  Ajit Nagendra Padukone ,  Chirag Pravin Pandya ,  Colin Harrison Brace ,  Deepak Suryanarayanan ,  Guruprakash Bangalore Rao ,  Krithi Rai ,  Malcolm Russell Ah Kun ,  Sameer Palande ,  Shon Kiran Shah ,  Vivek Lakshmanan

IPC: G06F7/04 ,  G06F15/16 ,  G06F17/30 ,  H04L29/06

CPC classification number: H04L63/0807 ,  H04L63/083

Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.

公开(公告)号：US20150134827A1

公开(公告)日：2015-05-14

申请号：US14098454

申请日：2013-12-05

Applicant: Amazon Technologies, Inc.

Inventor： Shon Kiran Shah ,  Thomas Christopher Rizzo ,  Gaurang Pankaj Mehta ,  Guruprakash Bangalore Rao ,  Sameer Palande ,  Krithi Rai

IPC: H04L29/12

Abstract: Techniques for connecting computer system entities to remotely extended local computer system resources are described herein. A computer system entity that requests access to a local computer system resource has that request fulfilled by a managed directory service which receives the request and connects the computer system entity to the local computer system resource. While connected, the managed directory service extends the local computer system resource to a corresponding extended remote computer system resource, receives commands to perform operations on the local or extended remote computer system resources and, if the computer system entity is authorized to perform the operations on the appropriate computer system resource, the managed directory service performs the operations on the appropriate computer system resource.

Abstract translation: 本文描述了将计算机系统实体连接到远程扩展的本地计算机系统资源的技术。 请求访问本地计算机系统资源的计算机系统实体具有由接收请求并将计算机系统实体连接到本地计算机系统资源的受管目录服务实现的请求。 在连接时，托管目录服务将本地计算机系统资源扩展到相应的扩展远程计算机系统资源，接收对本地或扩展远程计算机系统资源执行操作的命令，以及如果计算机系统实体被授权执行操作 适当的计算机系统资源，托管目录服务在适当的计算机系统资源上执行操作。

公开(公告)号：US10530742B2

公开(公告)日：2020-01-07

申请号：US14098445

申请日：2013-12-05

Applicant: Amazon Technologies, Inc.

Inventor： Shon Kiran Shah ,  Guruprakash Bangalore Rao ,  Gaurang Pankaj Mehta ,  Thomas Christopher Rizzo ,  Sameer Palande ,  Krithi Rai

IPC: H04L29/12 ,  G06F9/455 ,  H04L29/06 ,  G06F21/60 ,  H04L29/08 ,  H04L12/24

Abstract: Techniques for connecting computer system entities to remote computer system resources are described herein. A computer system entity that requests access to a remote computer system resource has that request fulfilled by a managed directory service which receives the request and connects the computer system entity to the remote computer system resource. While connected, the managed directory service receives commands to perform operations on the remote computer system resource and, if the computer system entity is authorized to perform the operations on the remote computer system resource, the managed directory service performs the operation on the remote computer system resource.

公开(公告)号：US10355942B1

公开(公告)日：2019-07-16

申请号：US14499879

申请日：2014-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Gaurang Pankaj Mehta ,  Shon Kiran Shah ,  Sameer Palande

IPC: G06F15/173 ,  H04L12/24 ,  H04L12/26 ,  H04L12/911 ,  G06Q10/00

Abstract: Features are disclosed for facilitating remote management of network directories of organizations by a directory management system. The network directories may change over time, experiencing growth in size and number of current connections, increased latency, reduced performance, and the like. The network directories may also shrink over time, experience fewer connections, etc. Organizations can define scaling policies by which the directory management system can automatically respond to the occurrence of various events, such as changes in the size or usage of the organizations' network directories, by scaling resources associated with the directories. The directory management system can perform various scaling actions on-demand or without requiring additional action by the organizations, thereby reducing the time and effort required by the organizations to monitor their own directories and implement (or request implementation of) changes.

公开(公告)号：US20170149780A1

公开(公告)日：2017-05-25

申请号：US15424691

申请日：2017-02-03

Applicant: Amazon Technologies, Inc.

Inventor： Erik Jonathon Tellvik ,  Gaurang Pankaj Mehta ,  Ajit Nagendra Padukone ,  Chirag Pravin Pandya ,  Colin Harrison Brace ,  Deepak Suryanarayanan ,  Guruprakash Bangalore Rao ,  Krithi Rai ,  Malcolm Russell Ah Kun ,  Sameer Palande ,  Shon Kiran Shah ,  Vivek Lakshmanan

IPC: H04L29/06

CPC classification number: H04L63/0807 ,  H04L63/083

Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.

公开(公告)号：US12061920B2

公开(公告)日：2024-08-13

申请号：US16715992

申请日：2019-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Lekshmi Unnikrishnan ,  Manivannan Sundaram ,  Martin Chen Mao ,  Sivaprasad Venkata Padisetty ,  Praerit Garg ,  Sameer Palande ,  Bradley Scott Murphy ,  Manoj Krishna Ghosh

IPC: G06F9/455

CPC classification number: G06F9/45558 ,  G06F2009/4557

Abstract: A customer submits a request to a virtual computer system service to launch a virtual machine instance and to join this instance to a managed directory. The service may obtain, from the customer, a domain name and Internet Protocol addresses for the selected directory, which is then stored within a systems management server. When launched, the instance may initiate an agent, which may communicate with the systems management server to obtain the configuration information. The agent may use this configuration information to establish a communications channel with the managed directory and create a temporary set of computer credentials that may be used to verify that the customer is authorized to join the virtual machine instance to the managed directory. If the credentials are valid, the managed directory may generate a computer account within the managed directory, which may be used to join the virtual machine instance to the managed directory.