公开(公告)号：US20240243966A1

公开(公告)日：2024-07-18

申请号：US18407162

申请日：2024-01-08

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Todd Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC: H04L41/0803 ,  G06F9/455 ,  G06F9/50 ,  H04L12/46 ,  H04L41/0806 ,  H04L41/0893 ,  H04L41/12 ,  H04L45/00 ,  H04L45/02 ,  H04L61/10 ,  H04L67/10 ,  H04L41/0213

CPC classification number: H04L41/0803 ,  G06F9/45558 ,  G06F9/5077 ,  H04L12/4641 ,  H04L41/0806 ,  H04L41/0893 ,  H04L41/12 ,  H04L45/00 ,  H04L45/02 ,  H04L61/10 ,  H04L67/10 ,  G06F2009/45595 ,  G06F2209/5011 ,  H04L41/0213

Abstract: Techniques are described for providing logical networking functionality for managed computer networks, such as for virtual computer networks provided on behalf of users or other entities. In some situations, a user may configure or otherwise specify a network topology for a virtual computer network, such as a logical network topology that separates multiple computing nodes of the virtual computer network into multiple logical sub-networks and/or that specifies one or more logical networking devices for the virtual computer network. After a network topology is specified for a virtual computer network, logical networking functionality corresponding to the network topology may be provided in various manners, such as without physically implementing the network topology for the virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

公开(公告)号：US12003380B2

公开(公告)日：2024-06-04

申请号：US17663289

申请日：2022-05-13

Applicant: Amazon Technologies, Inc.

Inventor： Eric Jason Brandwine ,  Kevin Christopher Miller ,  Andrew J. Doane

IPC: H04L12/28 ,  G06F9/455 ,  H04L41/0816 ,  H04L41/12 ,  H04L45/02 ,  H04L45/586 ,  H04L45/64 ,  H04L67/00 ,  H04J1/16 ,  H04L41/50

CPC classification number: H04L41/12 ,  G06F9/45558 ,  H04L41/0816 ,  H04L45/02 ,  H04L45/586 ,  H04L45/64 ,  H04L67/34 ,  G06F2009/45595 ,  H04L41/5096

Abstract: Techniques are described for providing virtual networking functionality for managed computer networks. In some situations, a user may configure or otherwise specify a logical network topology for a managed computer network with multiple computing nodes that includes one or more virtual networking devices each associated with a specified group of the multiple computing nodes. Corresponding networking functionality may be provided for communications between the multiple computing nodes by emulating functionality that would be provided by the networking devices if they were physically present and configured to support the specified network topology. In some situations, the managed computer network is a virtual computer network overlaid on a substrate network, and the networking device functionality emulating includes receiving routing communications directed to the networking devices and using included routing information to update the specified network topology for the managed computer network.

公开(公告)号：US11909586B2

公开(公告)日：2024-02-20

申请号：US18047239

申请日：2022-10-17

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Todd Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC: H04L41/0803 ,  H04L45/02 ,  H04L41/0806 ,  H04L41/12 ,  H04L45/00 ,  H04L61/10 ,  G06F9/455 ,  H04L67/10 ,  H04L12/46 ,  G06F9/50 ,  H04L41/0893 ,  H04L41/0213

CPC classification number: H04L41/0803 ,  G06F9/45558 ,  G06F9/5077 ,  H04L12/4641 ,  H04L41/0806 ,  H04L41/0893 ,  H04L41/12 ,  H04L45/00 ,  H04L45/02 ,  H04L61/10 ,  H04L67/10 ,  G06F2009/45595 ,  G06F2209/5011 ,  H04L41/0213

Abstract: Techniques are described for providing logical networking functionality for managed computer networks, such as for virtual computer networks provided on behalf of users or other entities. In some situations, a user may configure or otherwise specify a network topology for a virtual computer network, such as a logical network topology that separates multiple computing nodes of the virtual computer network into multiple logical sub-networks and/or that specifies one or more logical networking devices for the virtual computer network. After a network topology is specified for a virtual computer network, logical networking functionality corresponding to the network topology may be provided in various manners, such as without physically implementing the network topology for the virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

公开(公告)号：US20230239277A1

公开(公告)日：2023-07-27

申请号：US18156332

申请日：2023-01-18

Applicant: Amazon Technologies, Inc.

Inventor： Kevin Christopher Miller ,  Andrew J. Doane ,  Mahmoud A. Abuelela ,  Michael B. Furr

IPC: H04L9/40 ,  H04L67/14 ,  H04L45/302 ,  H04L41/046

CPC classification number: H04L63/0428 ,  H04L9/40 ,  H04L41/046 ,  H04L45/306 ,  H04L67/14 ,  H04L43/0811

Abstract: Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity.

公开(公告)号：US11516080B2

公开(公告)日：2022-11-29

申请号：US17119944

申请日：2020-12-11

Applicant: Amazon Technologies, Inc.

Inventor： Kevin Christopher Miller ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC: H04L41/0816 ,  H04L45/02 ,  H04L45/586 ,  H04L41/12

Abstract: Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present. In some situations, the networking functionality provided for a managed computer network of a client includes receiving routing communications directed to the virtual networking devices and using included routing information to update the configuration of the managed computer network, such as to allow at least some computing nodes of a managed computer network to dynamically signal particular types of uses of one or more indicated target network addresses and/or to dynamically signal use of particular external public network addresses based on such routing information.

公开(公告)号：US11477076B2

公开(公告)日：2022-10-18

申请号：US17459955

申请日：2021-08-27

Applicant: Amazon Technologies, Inc.

Inventor： Daniel T. Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC: G06F15/177 ,  H04L41/0803 ,  G06F9/455 ,  H04L67/10 ,  H04L45/02 ,  H04L12/46 ,  H04L41/0806 ,  H04L41/12 ,  H04L45/00 ,  G06F9/50 ,  H04L61/10 ,  H04L41/0893 ,  H04L41/0213

Abstract: Techniques are described for providing logical networking functionality for managed computer networks, such as for virtual computer networks provided on behalf of users or other entities. In some situations, a user may configure or otherwise specify a network topology for a virtual computer network, such as a logical network topology that separates multiple computing nodes of the virtual computer network into multiple logical sub-networks and/or that specifies one or more logical networking devices for the virtual computer network. After a network topology is specified for a virtual computer network, logical networking functionality corresponding to the network topology may be provided in various manners, such as without physically implementing the network topology for the virtual computer network. In some situations, the computing nodes may include virtual machine nodes hosted on one or more physical computing machines or systems, such as by or on behalf of one or more users.

公开(公告)号：US10951586B2

公开(公告)日：2021-03-16

申请号：US15382403

申请日：2016-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Todd Cohn ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC: H04L12/46 ,  H04L29/06 ,  G06F9/30 ,  G06F9/38 ,  H04L12/24 ,  H04L29/12 ,  G06F9/455

Abstract: Techniques are described for providing users with access to computer networks, such as to enable users to create and configure computer networks that are provided by a remote configurable network service for the users' use. Computer networks provided by the configurable network service may be configured to be private computer networks that are accessible only by the users who create them, and may each be created and configured by a client of the configurable network service to be an extension to an existing computer network of the client, such as a private computer network extension to an existing private computer network of the client. In addition, access to remote resource services may be configured and provided from such computer networks in various manners, such as to automatically include access control information to limit access to particular resources to computing nodes at the location of that provided computer network.

公开(公告)号：US20180324085A1

公开(公告)日：2018-11-08

申请号：US16024549

申请日：2018-06-29

Applicant: Amazon Technologies, Inc.

Inventor： Andrew J. Doane ,  Kevin Christopher Miller ,  David B. Lennon

IPC: H04L12/725 ,  H04L12/717 ,  H04L12/751 ,  H04L12/701

CPC classification number: H04L45/306 ,  H04L45/00 ,  H04L45/02 ,  H04L45/42

Abstract: Methods and apparatus for interfaces to manage inter-regional connectivity for direct network peerings. A system may include a connectivity coordinator, a first resource collection in a first geographical zone and a second resource collection in a second geographical zone. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request via the interface to establish a logically isolated network path to the second resource collection on behalf of a client that has a dedicated physical link set up to connect to the first resource collection. In response to the request, the coordinator performs one or more configuration operations to enable traffic to flow from the client's network to the second resource collection over a logically isolated network path using the dedicated physical link.

公开(公告)号：US09705855B2

公开(公告)日：2017-07-11

申请号：US14981804

申请日：2015-12-28

Applicant: Amazon Technologies, Inc.

Inventor： Todd Lawrence Cignetti ,  Andrew J. Doane ,  Eric Jason Brandwine ,  Robert Eric Fitzgerald

IPC: H04L29/06 ,  G06F9/455 ,  H04L9/32

CPC classification number: H04L63/061 ,  G06F9/45533 ,  H04L9/3247 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/0876

Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.

公开(公告)号：US09467398B2

公开(公告)日：2016-10-11

申请号：US14807752

申请日：2015-07-23

Applicant: Amazon Technologies, Inc.

Inventor： Kevin Christopher Miller ,  Eric Jason Brandwine ,  Andrew J. Doane

IPC: G06F15/16 ,  H04L12/947 ,  H04L12/933 ,  H04L12/931 ,  H04L12/24 ,  H04L12/751 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L49/252 ,  H04L29/06 ,  H04L29/08072 ,  H04L41/0803 ,  H04L41/12 ,  H04L45/02 ,  H04L49/15 ,  H04L49/70 ,  H04L65/1069

Abstract: Techniques are described for providing managed virtual computer networks whose configured logical network topology may have one or more virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of a virtual computer network by emulating functionality that would be provided by the networking devices if they were physically present. The networking functionality provided for a managed computer network may include supporting a connection between that managed computer network and other managed computer networks, such as via a provided virtual peering router to which each of the managed computer networks may connect, with the functionality of the virtual peering router being emulated by modules of the configurable network service without physically providing the virtual peering router, including to manage data communications between computing nodes of the inter-connected managed computer networks in accordance with client-specified configuration information.