公开(公告)号：US10257307B1

公开(公告)日：2019-04-09

申请号：US14967227

申请日：2015-12-11

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Graham Baldwin

IPC: H04L29/08 ,  G06F12/08 ,  G06F12/0893 ,  G06F12/0891

Abstract: Systems and methods are described to reserve cache space of points of presence (“POPs”) within a content delivery network (“CDN”). A provider may submit a request to the CDN to reserve cache space on one or more POPs for data objects designated by that provider. Thereafter, the CDN may implement a provider-specific cache on the POPs of the CDN, which is distinct from a shared cache space on the POPs. The provider may further select a custom cache eviction policy for the provider-specific cache, which causes the POPs to manage data objects within the provider-specific cache according to the custom cache eviction policy, independently of a cache eviction policy applied to the shared cache.

公开(公告)号：US10938884B1

公开(公告)日：2021-03-02

申请号：US15419880

申请日：2017-01-30

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Graham Baldwin ,  Craig Wesley Howard ,  Donavan Miller

IPC: H04L29/08 ,  H04L12/46 ,  H04L29/06

Abstract: An origin server that is implemented within one or more devices within a third party virtual private cloud (VPC) is provided herein. Instead of communicating with various CDNs over a public network, the third party VPC may instead communicate with a managed VPC via a private network. Thus, no gateway, network address translation (NAT), or other such devices may be needed for the third party VPC and the managed VPC to communicate. Rather, a VPC identifier of the managed VPC and a VPC identifier of the third party VPC are used to pair the two VPCs. Once paired, a private route is set up such that points from the private address space of the third party VPC to the private address space of the managed VPC. The managed VPC then communicates directly with the various CDNs via a public network.

公开(公告)号：US10895985B1

公开(公告)日：2021-01-19

申请号：US15992084

申请日：2018-05-29

Applicant: Amazon Technologies, Inc.

Inventor： Jorge Peixoto Vasquez ,  Matthew Graham Baldwin ,  Donavan Miller

IPC: G06F16/00 ,  G06F3/06 ,  G06F12/02

Abstract: Methods, systems, and computer-readable media for real-time estimation of working sets are disclosed. A plurality of counters are initialized. The counters represent cardinality estimates of data elements accessed for respective time intervals. A request for data is received during the respective time intervals. One or more data elements are determined that are accessed in responding to the request. The counters are updated using the one or more data elements, such that one of the counters is increased by a quantity of the data elements that are accessed for the first time during the respective time interval. The working set estimates for the respective time intervals are determined using the counters.

公开(公告)号：US10778757B1

公开(公告)日：2020-09-15

申请号：US16011277

申请日：2018-06-18

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Matthew Graham Baldwin

IPC: G06F15/16 ,  H04L29/08 ,  H04L29/12

Abstract: Various methods and apparatus for load balancing traffic via dynamic DNS record time-to-live values (“TTLs”) are described. In at least some embodiments, a DNS layer of a DNS load-balanced system receives performance metrics corresponding to a plurality of server instances. If the DNS layer detects a performance metric imbalance for a server instance, it adjusts the TTL value for the DNS records associated with that instance. For example, the DNS layer can lower the TTL value in the DNS records associated with the server instance. This means that clients that have DNS record associated with this server instance will make more frequent DNS queries, thus resulting in at least some of those clients receiving IP addresses for other server instances. In some embodiments, the DNS layer can implement a load balancing scheme that determines which network address(es) to include in a DNS response based on the received performance metrics.

公开(公告)号：US09817730B1

公开(公告)日：2017-11-14

申请号：US14670017

申请日：2015-03-26

Applicant: Amazon Technologies, Inc.

Inventor： Craig Wesley Howard ,  Matthew Graham Baldwin ,  Donavan Miller

IPC: G06F11/00 ,  G06F11/14

CPC classification number: G06F11/1474 ,  G06F2201/87

Abstract: The following description is directed to storing properties of requests to potentially block future requests having similar properties. In one example, a request can be received. A property of the request can be stored so that the property persists across an initialization sequence of a computer system. At least the property can be used to determine whether to block any future requests having similar properties.

公开(公告)号：US12052310B2

公开(公告)日：2024-07-30

申请号：US17168023

申请日：2021-02-04

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Graham Baldwin ,  Craig Wesley Howard ,  Donavan Miller

IPC: H04L12/46 ,  H04L9/40 ,  H04L67/06 ,  H04L67/10 ,  H04L67/146 ,  H04L67/53 ,  H04L67/568

CPC classification number: H04L67/06 ,  H04L12/4633 ,  H04L12/4641 ,  H04L63/0272 ,  H04L63/0428 ,  H04L67/10 ,  H04L67/146 ,  H04L67/53 ,  H04L67/568

Abstract: An origin server that is implemented within one or more devices within a third party virtual private cloud (VPC) is provided herein. Instead of communicating with various CDNs over a public network, the third party VPC may instead communicate with a managed VPC via a private network. Thus, no gateway, network address translation (NAT), or other such devices may be needed for the third party VPC and the managed VPC to communicate. Rather, a VPC identifier of the managed VPC and a VPC identifier of the third party VPC are used to pair the two VPCs. Once paired, a private route is set up such that points from the private address space of the third party VPC to the private address space of the managed VPC. The managed VPC then communicates directly with the various CDNs via a public network.

公开(公告)号：US11431690B1

公开(公告)日：2022-08-30

申请号：US16909935

申请日：2020-06-23

Applicant: Amazon Technologies, Inc.

Inventor： Jorge Peixoto Vasquez ,  Matthew Graham Baldwin ,  Daniil Bondarev

IPC: H04L9/40 ,  H04L67/01 ,  H04L9/06 ,  H04L9/08

Abstract: An edge location of a content delivery network may protect data that is stored and transmitted within the edge location while providing access to associated metadata. After an origin-facing server obtains a requested object, the server may encrypt the object using a client-specific encryption key. In some cases, the server may also separately encrypt the metadata. The encrypted object and metadata may be sent to an intermediate layer server. The intermediate server may decrypt the metadata (if it is encrypted) and determine, based on the metadata, routing for the object. The object remains encrypted at the intermediate server. In some cases, the metadata may be re-encrypted by the intermediate server. The encrypted object and metadata may be sent to a client-facing server, in accordance with the determined routing. The client-facing server may decrypt the encrypted object and send the encrypted object to the client.

公开(公告)号：US20190007515A1

公开(公告)日：2019-01-03

申请号：US16126437

申请日：2018-09-10

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Graham Baldwin ,  Ryan F. Watson

IPC: H04L29/08 ,  G06F12/0813 ,  G06F12/0811

CPC classification number: H04L67/2842 ,  G06F12/0811 ,  G06F12/0813 ,  G06F12/0897 ,  G06F2212/154 ,  G06F2212/601 ,  H04L67/327

Abstract: A computer implemented cache management system and method is provided for use with a service provider configured to communicate with one or more client devices and with a content provider. The system includes a cache hierarchy comprising multiple cache levels that maintain at least some resources for the content provider, and one or more request managers for processing client requests for resources and retrieving the resources from the cache hierarchy. In response to a resource request, the request manager selects a cache level from the cache hierarchy based on a popularity associated with the requested resource, and attempts to retrieve the resource from the selected cache level while bypassing cache level(s) inferior to the selected level.

公开(公告)号：US10049051B1

公开(公告)日：2018-08-14

申请号：US14967218

申请日：2015-12-11

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Graham Baldwin

IPC: G06F12/08 ,  G06F12/0893 ,  G06F12/0891

Abstract: Systems and methods are described to reserve cache space of points of presence (“POPs”) within a content delivery network (“CDN”). A provider may submit a request to the CDN to reserve cache space on one or more POPs for data objects designated by that provider. Thereafter, the CDN may mark those designated data objects within its cache as protected from eviction. When the CDN implements a cache eviction policy on the cache, the protected objects may be ignored for purposes of eviction, or may be evicted only after non-protected data objects.

公开(公告)号：US11134134B2

公开(公告)日：2021-09-28

申请号：US16361012

申请日：2019-03-21

Applicant: Amazon Technologies, Inc.

Inventor： Hardeep Singh Uppal ,  Matthew Graham Baldwin

IPC: H04L29/08 ,  H04L12/751 ,  H04L12/733 ,  H04L29/06

Abstract: Systems and methods are described to enable and manage the use of origin-facing points of presence (“POPs”) within a content delivery network (“CDN”). Origin-facing POPs can provide a second-tier caching mechanisms in a CDN, such that cache misses occurring at first-tier POPs may be processed by using information maintained at the origin-facing POPs, rather than requiring interaction with an origin server. Associations between origin-facing POPs and origin servers may be automatically created based on a distance between the respective origin-facing POPs and origin servers, such that an operator of the origin server is not required to specify a location of an origin facing POP. First-tier POPs may selectively retrieve content from origin-facing POPs in instances where the origin-facing POP is expected to provide the content more rapidly than the origin server.