公开(公告)号：US11068309B2

公开(公告)日：2021-07-20

申请号：US16505579

申请日：2019-07-08

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F9/50 ,  G06F9/455 ,  G06F8/61 ,  G06F8/71

Abstract: As requests are received, virtual computer systems are provisioned to process the requests. The virtual computer systems may be configured without various components typically implemented by virtual computer systems, such as traditional operating systems, network interfaces and the like. Application images for the virtual computer systems are configured so that execution of the applications can begin soon after provisioning, with minimal overhead the provisioning process contributing relatively little to any latency in processing the request.

公开(公告)号：US20200167276A1

公开(公告)日：2020-05-28

申请号：US16780107

申请日：2020-02-03

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F12/02

Abstract: Non-volatile devices may be configured such that a clear operation on a single bit clears an entire block of bits. The representation of particular data structures may be optimized to reduce the number of clear operations required to store the representation in non-volatile memory. A data schema may indicate that a data structure of an application may be optimized for storage in non-volatile memory. A translation layer may convert an application level representation of a data value associated with the data structure to an optimized storage representation of the data value before storing the optimized storage representation of the data value in non-volatile memory.

公开(公告)号：US10608824B1

公开(公告)日：2020-03-31

申请号：US15402063

申请日：2017-01-09

Applicant: Amazon Technologies, Inc.

Inventor： Slavka Praus ,  Matthew John Campagna ,  Nicholas Alexander Allen ,  Petr Praus

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/30

Abstract: A first public key is generated based at least in part on a first plurality of signing keys and a second public key is generated based at least in part on a second plurality of signing keys. The signing keys may be used to generate digital signatures. The second public key may be made available to verify a digital signature generated using a signing key from the second plurality of signing keys. In some cases, a first Merkle tree may be formed by the first public key and the first plurality of signing keys, and a second Merkle tree may be formed by the second public key, the first public key, and the second plurality of signing keys.

公开(公告)号：US10606987B2

公开(公告)日：2020-03-31

申请号：US15414498

申请日：2017-01-24

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F21/31 ,  H04L29/06 ,  G06F21/60 ,  G06F21/62

Abstract: A first probability that indicates a probability that a user is associated with a role is determined, with the first probability having a first score. The first probability is perturbed to determine a second probability having a second score. The second score is evaluated against the first score to determine that the second probability indicates a more optimal probability of the user being associated with the role than the first probability. The role is assigned to the user based at least in part on the second score.

公开(公告)号：US20200076607A1

公开(公告)日：2020-03-05

申请号：US16666245

申请日：2019-10-28

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: H04L9/32

Abstract: A secret is securely maintained on a virtualized computer system by configuring a specialized virtual machine to manage and maintain the secret on behalf of an application. When the application requests access to the secret, a controlling domain, in combination with the specialized virtual machine, validates that the application is authorized to make the request and that the application has not been compromised prior to making the request. If the request is validated, the controlling domain and the specialized virtual machine fulfill the request by providing the application with access to the secret.

公开(公告)号：US10574682B2

公开(公告)日：2020-02-25

申请号：US16186807

申请日：2018-11-12

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: H04L9/00 ,  H04L29/06

Abstract: A method and apparatus for detecting covert routing is disclosed. In the method and apparatus, data addressed to a remote computer system are forwarded over a first network path, whereby the data is associated with a computer system of a plurality of computer systems. Further, a plurality of first network performance metrics is obtained. A likelihood of covert routing is determined based at least in part on the plurality of first network performance metrics.

公开(公告)号：US10552312B2

公开(公告)日：2020-02-04

申请号：US15689282

申请日：2017-08-29

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F12/02 ,  G06F9/32

Abstract: Non-volatile devices may be configured such that a clear operation on a single bit clears an entire block of bits. The representation of particular data structures may be optimized to reduce the number of clear operations required to store the representation in non-volatile memory. A data schema may indicate that a data structure of an application may be optimized for storage in non-volatile memory. A translation layer may convert an application level representation of a data value associated with the data structure to an optimized storage representation of the data value before storing the optimized storage representation of the data value in non-volatile memory.

公开(公告)号：US10511445B1

公开(公告)日：2019-12-17

申请号：US15399452

申请日：2017-01-05

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Alan Rubin ,  Matthew John Campagna ,  Nicholas Alexander Allen

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08

Abstract: A digital signature over a message may be compressed by determining a plurality of values based at least in part on the message. A mapping of the plurality of values over a digital signature scheme may be used to determine a value from which a portion of the compressed digital signature is decompressible by cryptographically deriving one or more components of the uncompressed digital signature. A public key may be used to verify the authenticity of the compressed digital signature and message.

公开(公告)号：US20190332368A1

公开(公告)日：2019-10-31

申请号：US16505579

申请日：2019-07-08

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F8/61 ,  G06F9/455

Abstract: As requests are received, virtual computer systems are provisioned to process the requests. The virtual computer systems may be configured without various components typically implemented by virtual computer systems, such as traditional operating systems, network interfaces and the like. Application images for the virtual computer systems are configured so that execution of the applications can begin soon after provisioning, with minimal overhead the provisioning process contributing relatively little to any latency in processing the request.

公开(公告)号：US10452421B2

公开(公告)日：2019-10-22

申请号：US15422315

申请日：2017-02-01

Applicant: Amazon Technologies, Inc.

Inventor： Nicholas Alexander Allen

IPC: G06F9/455 ,  G06F21/53 ,  G06F9/4401

Abstract: Execution state information corresponding to an instantiated virtual machine are retrieved. A score to indicate a target memory location is able to be determined based at least in part on a source memory location is computed based at least in part on the execution state information. The score and the target memory location are indicated.