公开(公告)号：US20180176193A1

公开(公告)日：2018-06-21

申请号：US15382579

申请日：2016-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Melissa Elaine Davis ,  Gavin Richard Jewell ,  Brady Montz ,  Alec Peterson ,  Igor Spac ,  Alexander Julian Tribble ,  Radu Weiss

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/32

Abstract: A computing resource service provider may operate a secure proxy fleet within a content delivery network. The secure proxy fleet may protect sensitive data communicated between a client device and a backend service over one or more networks, for example, over the content delivery network to a computing resource service provider environment. The secure proxy fleet may protect sensitive data by encrypting the sensitive data before it is forwarded to a destination.

公开(公告)号：US20180176187A1

公开(公告)日：2018-06-21

申请号：US15382571

申请日：2016-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Melissa Elaine Davis ,  Gavin Richard Jewell ,  Brady Montz ,  Alec Peterson ,  Igor Spac ,  Alexander Julian Tribble ,  Radu Weiss

IPC: H04L29/06

Abstract: A computing resource service provider may operate a secure proxy fleet responsible for directing network traffic to one or more backend services. The network traffic may be received over a cryptographically protected communications session at a secure proxy device. The secure proxy device may detect sensitive data included in the network traffic and encrypt the sensitive data to protect the sensitive data during transmission to the backend service.

公开(公告)号：US20160173280A1

公开(公告)日：2016-06-16

申请号：US15045113

申请日：2016-02-16

Applicant: Amazon Technologies, Inc.

Inventor： Alexander Julian Tribble ,  Robert Michael Barry ,  Jeremy Boynes ,  Melissa Elaine Davis ,  Igor Spac

IPC: H04L9/08 ,  G06F21/60 ,  H04L29/06

CPC classification number: H04L9/0827 ,  G06F21/60 ,  G06F21/606 ,  H04L9/0838 ,  H04L63/0435 ,  H04L63/067 ,  H04L2209/76

Abstract: A computing device can obtain a session key for encrypting data that is communicated between a client device and the computing device. The computing device can receive, from the client device, an encrypted request for data. The encrypted request can be encrypted by the client device using the session key. The data requested can be stored on a second computing device. The computing device can send, to the second computing device, a copy of the session key and the encrypted request for data. The second computing device can decrypt the data using the session key and can also encrypt data responsive to the request using the session key.

Abstract translation: 计算设备可以获得用于加密在客户端设备和计算设备之间传送的数据的会话密钥。 计算设备可以从客户端设备接收加密的数据请求。 加密请求可以由客户端设备使用会话密钥进行加密。 所请求的数据可以存储在第二计算设备上。 计算设备可以向第二计算设备发送会话密钥的副本和加密的数据请求。 第二计算设备可以使用会话密钥解密数据，并且还可以使用会话密钥来响应于该请求对数据进行加密。

公开(公告)号：US09270449B1

公开(公告)日：2016-02-23

申请号：US14158636

申请日：2014-01-17

Applicant: Amazon Technologies, Inc.

Inventor： Alexander Julian Tribble ,  Robert Michael Barry ,  Jeremy Boynes ,  Melissa Elaine Davis ,  Igor Spac

IPC: H04L29/00 ,  H04L9/08 ,  H04L29/06 ,  G06F21/60

CPC classification number: H04L9/0827 ,  G06F21/60 ,  G06F21/606 ,  H04L9/0838 ,  H04L63/0435 ,  H04L63/067 ,  H04L2209/76

Abstract: A computing device can obtain a session key for encrypting data that is communicated between a client device and the computing device. The computing device can receive, from the client device, an encrypted request for data. The encrypted request can be encrypted by the client device using the session key. The data requested can be stored on a second computing device. The computing device can send, to the second computing device, a copy of the session key and the encrypted request for data. The second computing device can decrypt the data using the session key and can also encrypt data responsive to the request using the session key.

Abstract translation: 计算设备可以获得用于加密在客户端设备和计算设备之间传送的数据的会话密钥。 计算设备可以从客户端设备接收加密的数据请求。 加密请求可以由客户端设备使用会话密钥进行加密。 所请求的数据可以存储在第二计算设备上。 计算设备可以向第二计算设备发送会话密钥的副本和加密的数据请求。 第二计算设备可以使用会话密钥解密数据，并且还可以使用会话密钥来响应于该请求对数据进行加密。

公开(公告)号：US09166862B1

公开(公告)日：2015-10-20

申请号：US13720888

申请日：2012-12-19

Applicant: Amazon Technologies, Inc.

Inventor： Melissa Elaine Davis ,  Antoun Joubran Kanawati ,  Mukul Vijay Karnik ,  Kal Lyndon McFate ,  Vishal Parakh ,  Alexander Julian Tribble

IPC: G06F15/16 ,  H04L29/06

CPC classification number: H04L29/06047 ,  H04L67/1031 ,  H04L67/1097 ,  H04L67/146 ,  H04L67/28 ,  H04L67/2842 ,  H04L67/42 ,  H04L69/161

Abstract: The disclosure describes embodiments of a distributed caching system that are configured to store handshake data between client devices and servers, enabling handshake transaction to be resumed in case of interruption. Client devices can resume the handshake transaction even if assigned to new servers as the new servers can obtain the handshake data identifiers from the distributed caching system.

Abstract translation: 本公开描述了被配置为在客户端设备和服务器之间存储握手数据的分布式缓存系统的实施例，使得在中断的情况下可以恢复握手事务。 即使分配给新服务器，客户端设备也可以恢复握手事务，因为新服务器可以从分布式缓存系统获取握手数据标识符。

公开(公告)号：US10192186B1

公开(公告)日：2019-01-29

申请号：US15294604

申请日：2016-10-14

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Brian Jaffery Tajuddin ,  Jeremy Boynes ,  Melissa Elaine Davis ,  Adam Lloyd Days ,  Erin Harding Kraemer ,  Félix Joseph Étienne Pageau

IPC: G06F17/30 ,  G06Q10/06 ,  G06F3/0484

Abstract: Described is a dynamic web platform configured to provide content rendered with one or more rendering systems. The rendering systems and the modules making up the rendering modules may interact with one another by way of declarative data. Administrators may configure the platform using the declarative data. The declarative data may express operational parameters, business rules, and so forth and may be modified while the platform is operating. The modules in the rendering system may be loosely bound, allowing for concurrent operations, dynamic changes to what content is to be rendered, and so forth.

公开(公告)号：US20180246923A1

公开(公告)日：2018-08-30

申请号：US15965567

申请日：2018-04-27

Applicant: Amazon Technologies, Inc.

Inventor： Charles Alexander Carman ,  Claire Elizabeth Suver ,  Melissa Elaine Davis ,  Paul Matthew Buddington ,  Christopher Allen Suver ,  Lukasz Wojciech Cwik ,  Chelsea Celest Krueger

IPC: G06F17/30 ,  G06F9/46

CPC classification number: G06F16/2343 ,  G06F9/466 ,  G06F16/2365

Abstract: Non-blocking processing of federated transactions may be implemented for distributed data partitions. A transaction may be received that specifies keys at data nodes to lock in order to perform the transaction. Lock requests are generated and sent to the data nodes which identify sibling keys to be locked at other data nodes for the transaction. In response to receiving the lock requests, data nodes may send to lock queues indicating other lock requests for the keys at the data node. An evaluation of the lock queues based, at least in part, on an ordering of the lock requests in the lock queues may be performed to identify a particular transaction to commit. Once identified, a request to commit the identified transaction may be sent to the particular data nodes indicated by the sibling keys in a lock request for the identified transaction.

公开(公告)号：US20180176192A1

公开(公告)日：2018-06-21

申请号：US15382577

申请日：2016-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Melissa Elaine Davis ,  Gavin Richard Jewell ,  Brady Montz ,  Alec Peterson ,  Igor Spac ,  Alexander Julian Tribble ,  Radu Weiss

IPC: H04L29/06 ,  H04L9/32

Abstract: A computing resource service provider may operate a secure proxy fleet responsible for directing network traffic from one or more backend services to one or more client devices. The network traffic may be encrypted or otherwise obfuscated to protect sensitive data. The secure proxy device may detect encrypted data and may decrypt the data prior to forwarding the data to the one or more client devices.

公开(公告)号：US09959308B1

公开(公告)日：2018-05-01

申请号：US14500756

申请日：2014-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Charles Alexander Carman ,  Claire Elizabeth Suver ,  Melissa Elaine Davis ,  Paul Matthew Buddington ,  Christopher Allen Suver ,  Lukasz Wojciech Cwik ,  Chelsea Celest Krueger

IPC: G06F9/46 ,  G06F17/30

CPC classification number: G06F17/30362 ,  G06F9/466 ,  G06F17/30371

Abstract: Non-blocking processing of federated transactions may be implemented for distributed data partitions. A transaction may be received that specifies keys at data nodes to lock in order to perform the transaction. Lock requests are generated and sent to the data nodes which identify sibling keys to be locked at other data nodes for the transaction. In response to receiving the lock requests, data nodes may send to lock queues indicating other lock requests for the keys at the data node. An evaluation of the lock queues based, at least in part, on an ordering of the lock requests in the lock queues may be performed to identify a particular transaction to commit. Once identified, a request to commit the identified transaction may be sent to the particular data nodes indicated by the sibling keys in a lock request for the identified transaction.

公开(公告)号：US09727882B1

公开(公告)日：2017-08-08

申请号：US13924046

申请日：2013-06-21

Applicant: Amazon Technologies, Inc.

Inventor： Andrew Stuart Huntwork ,  Melissa Elaine Davis ,  Gavin Richard Jewell

IPC: G06Q30/02 ,  G06F9/50

CPC classification number: G06Q30/0202 ,  G06F9/50

Abstract: Disclosed are various embodiments for predicting and classifying events that create a sudden and substantial increase in network traffic activity. To begin, a sales event may be predicted based on the results following the search for one or more prediction factors that occur during a predefined period of time. Based either on the individual results of each evaluation or a combination of results of the search of two or more of the prediction factors, a sales event may be predicted. Additionally, upon detection of a sudden and substantial increase in network traffic activity, one or more classification factors may be evaluated to determine whether the cause of the increase is due to a sales event or other type of alternative activity event.