公开(公告)号：US11157633B1

公开(公告)日：2021-10-26

申请号：US16453452

申请日：2019-06-26

Applicant: Amazon Technologies, Inc.

Inventor： Prashant Verma ,  Karthik Uthaman ,  Ronil Sudhir Mokashi

IPC: G06F21/10 ,  G06F21/60 ,  H04L9/08 ,  H04L29/06 ,  H04L9/32

Abstract: A centralized content management service may facilitate streaming providers obtaining rights to digital content associated with content providers. The content management service may maintain a site in which the content providers and streaming providers may negotiate for rights to digital content items. Upon receiving a request from a streaming provider to stream a digital content item to a customer, the content management service may authenticate the customer and validate the streaming provider to confirm that the streaming provider is authorized to stream the digital content item to the customer. The digital content item may be encrypted, decrypted, and re-encrypted prior using various encryption keys prior to streaming the digital content item to the customer. The content management service may cause the digital content item to be streamed to a customer device of the customer without providing a copy of the digital content item to the streaming provider.

公开(公告)号：US10992743B1

公开(公告)日：2021-04-27

申请号：US16579648

申请日：2019-09-23

Applicant: Amazon Technologies, Inc.

Inventor： Prashant Verma ,  Ronil Sudhir Mokashi ,  Karthik Uthaman

IPC: H04L29/08 ,  G06F11/14 ,  G06F12/0813

Abstract: A content delivery system dynamically manages a content cache fleet by expanding or shrinking the size of the cache fleet to anticipate and/or respond to changes in demand for cached content. The content delivery system can consider various demand-based parameters when determining when and how to scale the cache fleet, including the overall demand (expected or observed) for all content available for delivery by the content delivery system, the demand for a subset of content or individual content items relative to the demand for other subsets of content or individual content items, etc. When content servers are removed from the cache fleet, snapshots of the content caches of the content servers can be stored to a persistent data store, and then restored to content servers when content servers are added to the cache fleet.

公开(公告)号：US10743036B1

公开(公告)日：2020-08-11

申请号：US15993466

申请日：2018-05-30

Applicant: Amazon Technologies, Inc.

Inventor： Ryan Farris ,  Prashant Verma ,  Ronil Sudhir Mokashi

IPC: H04N21/231 ,  H04N21/25 ,  H04N21/235

Abstract: In some embodiments, a system is provided, and computer-executable instructions cause the system to: receive, at an edge server of a content delivery network (CDN), a request for a first video and a request for a second video; determine that the first video is not cached and that the second video is cached; request the first video from the origin server and log a cache miss; obtain the first video from the origin server and send responsive to the request; send the second video responsive to the request and log a cache hit; obtain a metric indicative of the volume of cache misses, including for the first and second videos, across edge servers of the CDN; and determine, based on the metric, an amount by which to scale resources implementing the origin.

公开(公告)号：US10699023B1

公开(公告)日：2020-06-30

申请号：US15872462

申请日：2018-01-16

Applicant: Amazon Technologies, Inc.

Inventor： Ronil Sudhir Mokashi ,  Francesco De Martino ,  Shreeja Kumar ,  Prashant Verma ,  Vijaya Rama Reddy Kistampalli ,  Sorin Manole ,  Andrii Galyuzin ,  Cristi Ursachi

IPC: G06F21/62 ,  H04L29/06 ,  G06N20/00

Abstract: Various approaches enable real-time data encryption using an encryption profile that enables a customer to specify the type of data to encrypt and the encryption keys to use when encrypting the data. A profile editor that a customer (e.g., a customer of a content provider) can use to create and manage encryption profiles that can be used to encrypt data can be provided. A profile editor or set of request parameters can allow customers to configure content distributions and associate encryption keys with a profile to encrypt user sensitive data. A customer can select, define, and/or modify the encryption options or other configuration settings for a profile. Once set, the profile can be used to securely ingest user-submitted data to customers' web servers. For example, a request can be analyzed to determine data fields of the request. Based on one or more profiles associated with the customer, the data in those fields can be encrypted with the appropriate encryption key per the profiles.

公开(公告)号：US11552971B1

公开(公告)日：2023-01-10

申请号：US16904098

申请日：2020-06-17

Applicant: Amazon Technologies, Inc.

Inventor： Samrat Karak ,  Prashant Verma ,  Ronil Sudhir Mokashi ,  Karthik Uthaman

IPC: H04L9/40 ,  G06N5/04 ,  G06N20/00

Abstract: Techniques for detection of the fraudulent use of content delivery network (CDN) served byte streams are described. A fraud detection service obtains CDN log data, distribution data, and account data and uses elements therefrom to perform a distribution-centric fraud analysis using machine learning techniques. Based on the likelihood of fraud determined by the analysis, the fraud detection service can rapidly perform actions to address the fraud, such as the termination of service for the distribution, throttling of resources provided for the distribution, or further investigation techniques.

公开(公告)号：US11463535B1

公开(公告)日：2022-10-04

申请号：US17489581

申请日：2021-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Karthik Uthaman ,  Ronil Sudhir Mokashi

IPC: G06F15/173 ,  H04L67/5682 ,  H04L67/561 ,  G06F12/0808 ,  G06F12/0891 ,  H04L67/01

Abstract: A content delivery network may store forensic trail metadata for cache entries in order to identify and evict poisoned cache entries, mitigating the effects of a poisoned cache due to corrupted cache servers. Each entry of a cache server may include the cached item as well as forensic metadata. The forensic metadata includes identifiers for cache servers that the item was served from, as well as a timestamp for the time that the item was served. The cache server also maintains a list of corrupted servers, as well as a time window for each corrupted server. The cache server determines, based on the list of corrupted servers and the forensic metadata, whether to evict cache entries.

公开(公告)号：US11281804B1

公开(公告)日：2022-03-22

申请号：US16368705

申请日：2019-03-28

Applicant: Amazon Technologies, Inc.

Inventor： Karthik Uthaman ,  Ronil Sudhir Mokashi

IPC: G06F21/64 ,  H04L29/06

Abstract: Various embodiments of apparatuses and methods for protecting data integrity in a content distribution network (“CDN”) are described. Code or data in one of the servers or instances of a CDN might sometimes become incorrect or corrupt. One corrupted server or instance can potentially impact a considerable portion of the CDN. To solve these and other problems, various embodiments of a CDN can designate one or more parameters, which are then identified in a request for content to another entity. In these embodiments, the CDN can generate an encoding of the expected values of the designated parameters. The CDN can then compare, in these embodiments, its encoding of the expected values to an encoding of the values received from the other entity in response to the request. The CDN can validate the content of the response, as well as the identity of the other entity, in some embodiments.

公开(公告)号：US11216382B1

公开(公告)日：2022-01-04

申请号：US16820414

申请日：2020-03-16

Applicant: Amazon Technologies, Inc.

Inventor： Karthik Uthaman ,  Ronil Sudhir Mokashi ,  Prashant Verma

IPC: G06F12/0897 ,  G06F12/0891 ,  G06F12/128

Abstract: A cache system may maintain size and/or request rate metrics for objects in a lower level cache and for objects in a higher level cache. When an L1 cache does not have an object, it requests the object from an L2 cache and sends to the L2 cache aggregate size and request rate metrics for objects in the L1 cache. The L2 cache may obtain a size metric and a request rate metric for the requested object and then determine, based on the aggregate size and request rate metrics for the objects in the L1 cache and the size metric and the request rate metric for the requested object in the L2 cache, an indication of whether or not the L1 cache should cache the requested object. The L2 cache provides the object and the indication to the L1 cache.

公开(公告)号：US11095605B1

公开(公告)日：2021-08-17

申请号：US16583718

申请日：2019-09-26

Applicant: Amazon Technologies, Inc.

Inventor： Prashant Verma ,  Ronil Sudhir Mokashi ,  Karthik Uthaman

IPC: H04L29/12 ,  H04L29/06 ,  H04L29/08

Abstract: Systems and method with regard to the routing of a client computing device DNS query within a content delivery network service provider domain as a function of additional request routing information embedded as parameters in messages transmitted as part of the DNS queries generated by, or on behalf of, the client computing device are provided. By parsing and processing all the received information, the CDN service provider may select components of a CDN network reflective of the additional request routing information.

公开(公告)号：US11089136B1

公开(公告)日：2021-08-10

申请号：US17039995

申请日：2020-09-30

Applicant: Amazon Technologies, Inc.

Inventor： Karthik Uthaman ,  Ted David Middleton ,  Ronil Sudhir Mokashi ,  Prashant Verma ,  Alexander Korobeynikov

IPC: H04L12/721 ,  H04L12/26 ,  H04L29/08 ,  H04L29/12 ,  H04L29/06 ,  G06F17/00 ,  G06F15/173 ,  G06F15/16

Abstract: Edge functions at an edge location of a content delivery network (CDN) may access data from a back-end database without the need to make high-latency network calls to the back-end databases. When a client sends a query to the edge location, an edge function is triggered. The requested data may be retrieved from a read-only local table at the edge location (populated from a back-end database) and the retrieved data is provided to the edge function's memory for low-latency access during function execution.