公开(公告)号：US20140258374A1

公开(公告)日：2014-09-11

申请号：US13794595

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  David Everard Brown ,  Malcolm Russell Ah Kun ,  Eugene Michael Farrell

IPC: H04L29/06

CPC classification number: H04L67/1023 ,  H04L67/101 ,  H04L67/1021

Abstract: Systems and methods are presented for automatically selecting a data center that can communicate with a user computing system over a connection that provides reduced or minimal latency. In some cases, the system can select the data center based on the calculation of one or more latency factors that correlate, at least in part, to the latency of a communication channel between the data center and the user computing system. Further, the selected data center may be identified from a set of data centers that include one or more computing resources the user has identified as desiring to access.

Abstract translation: 提供了系统和方法，用于自动选择可以通过提供减少或最小延迟的连接与用户计算系统进行通信的数据中心。 在一些情况下，系统可以基于至少部分地与数据中心和用户计算系统之间的通信信道的延迟相关联的一个或多个等待时间因素的计算来选择数据中心。 此外，可以从包括用户已经确定为希望访问的一个或多个计算资源的一组数据中心识别所选数据中心。

公开(公告)号：US11190504B1

公开(公告)日：2021-11-30

申请号：US15598185

申请日：2017-05-17

Applicant: Amazon Technologies, Inc.

Inventor： Malcolm Russell Ah Kun ,  Uday Bheema ,  Ankur Goyal ,  Chao Li ,  Alexey A. Nikitin ,  Himesh Pandya ,  Prasanna Subash ,  Zhenghong Sun ,  Nathan Bartholomew Thomas ,  Harshit Kumar Tiwari ,  Venkatesh Velaga ,  Lihao Wang ,  Brian Scott Waters ,  Jeffery David Wells ,  Anand Krishnamoorthy

IPC: H04L29/06 ,  H04L9/32

Abstract: A computer server controls access to a hosted service using digital certificates that are requested from each client attempting to access the service. When a particular client accesses the hosted service, the host service requests a digital certificate from the particular client and issues a challenge message. The particular client signs the challenge message and provides a client digital certificate to the hosted service. The hosted service confirms that the signature on the challenge message matches the client digital certificate, and that the client digital certificate is signed by a trusted entity. Trusted entities are defined by an administrator by uploading, to the hosted service, one or more trusted digital certificates associated with a trusted entities. Using the trusted digital certificates, the hosted service confirms that the digital certificate provided by the particular client is signed by at least one of the trusted entities.

公开(公告)号：US10346618B1

公开(公告)日：2019-07-09

申请号：US15469367

申请日：2017-03-24

Applicant: Amazon Technologies, Inc.

Inventor： Malcolm Russell Ah Kun ,  Anshuk Chakraborty ,  Gopala Krishna Ambareesh ,  Nakul Namdeo Dhande ,  Nathan Bartholomew Thomas ,  Zhenghong Sun ,  Prasanna Subash ,  Salman Aftab Paracha

IPC: G06F21/62 ,  H04L29/06 ,  G06F21/60 ,  H04L9/08 ,  G06F3/06 ,  G06F12/14

Abstract: Virtual workspaces can be provided using shared resources and network-attached storage. A workspace accessed under a customer account has a unique key generated using a combination of a customer master key and an encryption context. The encryption context is specific to the workspace, such as may include a hash of specific values for the workspace. When a new instance is generated, a first data volume is generated using a machine image and data snapshot encrypted under a current encryption key. The snapshot is copied to a new snapshot, and a new encryption key obtained that is based on the customer master key and the current encryption context. The snapshot is used to create a new data volume encrypted under the new encryption key. The new volume is attached to the workspace instance such that data transmitted between the workspace and the new volume is encrypted under the volume-specific encryption key.

公开(公告)号：US10142406B2

公开(公告)日：2018-11-27

申请号：US13794595

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  David Everard Brown ,  Malcolm Russell Ah Kun ,  Eugene Michael Farrell

IPC: G06F15/16 ,  H04L29/08

Abstract: Systems and methods are presented for automatically selecting a data center that can communicate with a user computing system over a connection that provides reduced or minimal latency. In some cases, the system can select the data center based on the calculation of one or more latency factors that correlate, at least in part, to the latency of a communication channel between the data center and the user computing system. Further, the selected data center may be identified from a set of data centers that include one or more computing resources the user has identified as desiring to access.

公开(公告)号：US20170149780A1

公开(公告)日：2017-05-25

申请号：US15424691

申请日：2017-02-03

Applicant: Amazon Technologies, Inc.

Inventor： Erik Jonathon Tellvik ,  Gaurang Pankaj Mehta ,  Ajit Nagendra Padukone ,  Chirag Pravin Pandya ,  Colin Harrison Brace ,  Deepak Suryanarayanan ,  Guruprakash Bangalore Rao ,  Krithi Rai ,  Malcolm Russell Ah Kun ,  Sameer Palande ,  Shon Kiran Shah ,  Vivek Lakshmanan

IPC: H04L29/06

CPC classification number: H04L63/0807 ,  H04L63/083

Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.

公开(公告)号：US09002982B2

公开(公告)日：2015-04-07

申请号：US13794490

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Deepak Suryanarayanan ,  David Everard Brown ,  Malcolm Russell Ah Kun ,  Eugene Michael Farrell

IPC: G06F15/16 ,  H04L29/08

CPC classification number: H04L47/70 ,  H04L67/10 ,  H04L67/1097 ,  H04L67/306 ,  H04L67/327

Abstract: Systems and methods are presented for enabling a user to provide rules for the placement of computing resources at a data center for an entity that employs or is associated with the user. The data center can use the placement rules to select a data center computer system to host computing resources for a user. The rules can be used to establish diversity in computing resource placement at the data center thereby reducing the number of users who lose access to computing resources when a specific data center computer suffers a failure. Further, the placement rules can be used to facilitate configuration of the computer resources for the user based, for example, on the user's employment responsibilities.

Abstract translation: 呈现系统和方法，以使用户能够为采用或与用户相关联的实体的数据中心提供计算资源的放置规则。 数据中心可以使用放置规则来选择数据中心计算机系统来托管用户的计算资源。 该规则可用于在数据中心上建立计算资源放置的多样性，从而减少在特定数据中心计算机出现故障时无法访问计算资源的用户数量。 此外，可以使用放置规则以便于例如基于用户的就业责任来为用户配置计算机资源。