公开(公告)号：US09251090B1

公开(公告)日：2016-02-02

申请号：US14295239

申请日：2014-06-03

Applicant: Amazon Technologies, Inc.

Inventor： Apolak Borthakur ,  Raviprasad Venkatesha Murthy Mummidi

IPC: G06F12/02 ,  G06F12/10

CPC classification number: G06F11/1484 ,  G06F9/5077 ,  G06F11/1016 ,  G06F12/08 ,  G06F12/1009 ,  G06F12/1408 ,  G06F21/53 ,  G06F21/79 ,  G06F2201/815 ,  G06F2212/1052 ,  G06F2212/152 ,  H04L63/0442

Abstract: Remote computing resource service providers allow customers to execute one or more applications in a virtual environment on computer systems provided by the computing resource service provider. The virtual machines may be managed by a hypervisor executing on computer systems operated by the service provider. The virtual machines' memory may be protected by a memory obfuscation service and the hypervisor. The memory obfuscation service may enable the virtual machines to maintain at least a portion of sensitive information in an obfuscated format. The virtual machines may request access to the virtual machines' memory, the memory obfuscation service may obtain the requested memory in an obfuscated format and un-obfuscate the memory such that it may be used by the virtual machines.

Abstract translation: 远程计算资源服务提供商允许客户在由计算资源服务提供商提供的计算机系统上的虚拟环境中执行一个或多个应用。 虚拟机可以由在由服务提供商操作的计算机系统上执行的管理程序来管理。 虚拟机的内存可能受到内存模糊服务和虚拟机管理程序的保护。 存储器混淆服务可以使虚拟机能够以至少一部分敏感信息以混淆格式保持。 虚拟机可以请求对虚拟机的存储器的访问，内存混淆服务可以以模糊格式获得所请求的存储器，并且对存储器进行模糊化，使得虚拟机可以被虚拟机使用。

公开(公告)号：US11249647B2

公开(公告)日：2022-02-15

申请号：US16435372

申请日：2019-06-07

Applicant: Amazon Technologies, Inc.

Inventor： Raviprasad Venkatesha Murthy Mummidi ,  Matthew Shawn Wilson ,  Anthony Nicholas Liguori ,  Nafea Bshara ,  Saar Gross ,  Jaspal Kohli

IPC: G06F3/06 ,  G06F12/14 ,  G06F13/20 ,  G06F13/40

Abstract: A peripheral device may implement storage virtualization for non-volatile storage devices connected to the peripheral device. A host system connected to the peripheral device may host one or multiple virtual machines. The peripheral device may implement different virtual interfaces for the virtual machines or the host system that present a storage partition at a non-volatile storage device to the virtual machine or host system for storage. Access requests from the virtual machines or host system are directed to the respective virtual interface at the peripheral device. The peripheral device may perform data encryption or decryption, or may perform throttling of access requests. The peripheral device may generate and send physical access requests to perform the access requests received via the virtual interfaces to the non-volatile storage devices. Completion of the access requests may be indicated to the virtual machines via the virtual interfaces.

公开(公告)号：US10362039B2

公开(公告)日：2019-07-23

申请号：US15384182

申请日：2016-12-19

Applicant: Amazon Technologies, Inc.

Inventor： Wesley Marlin Sutton ,  Apolak Borthakur ,  Derek Avery Lyon ,  Raviprasad Venkatesha Murthy Mummidi ,  Karthikeyan Natarajan

IPC: H04L29/06

Abstract: A computing resource service provider may receive, from a user client connected to an on-premises network, a security document specifying one or more user roles defining a level of access to customer resources within the on-premises network. In response, the service provider may generate and provide the user client with a cookie specifying the user roles and including an address for an interface within the service provider network. The service provider may receive a request from the user client to access one or more customer resources hosted by the service provider. The request may include the cookie previously provided to the user client. Accordingly, the service provider may extract the user roles from the cookie and determine, based at least in part on these user roles, whether to fulfill the user client request.

公开(公告)号：US09778952B1

公开(公告)日：2017-10-03

申请号：US14317542

申请日：2014-06-27

Applicant: Amazon Technologies, Inc.

Inventor： Wesley Marlin Sutton ,  Raviprasad Venkatesha Murthy Mummidi ,  Karthikeyan Natarajan ,  Long Kim Do ,  Derek Avery Lyon ,  Keshav Sethi Attrey ,  Hariharan Subramanian

IPC: G06F3/00 ,  G06F9/44 ,  G06F9/46 ,  G06F13/00 ,  G06F9/48 ,  G06F9/54 ,  G06F3/0484

CPC classification number: G06F9/4856 ,  G06F8/36 ,  G06F9/45558 ,  G06F9/541 ,  G06F2009/45562 ,  G06F2009/4557

Abstract: A customer network client detects, through a user interface, selection of a graphical representation of a set of virtual machine images and an indication to migrate this set of virtual machine images to an off-premises network managed by a computing resource service provider. In response, the client generates a set of application programming interface calls, which may be transmitted to the service provider and causes the service provider to convert the selected images for use within the off-premises network. The client monitors fulfillment of the calls and, upon determining that the calls has been fulfilled, updates a portion of the user interface associated with the computing resource service provider to indicate that the images may be instantiated within the off-premises network.

公开(公告)号：US10467035B2

公开(公告)日：2019-11-05

申请号：US15658119

申请日：2017-07-24

Applicant: Amazon Technologies, Inc.

Inventor： Ekanth Sethuramalingam ,  Amita Ekbote ,  Hari Subramanian ,  Nagaraju Shiramshetti ,  Sudharsan Balakrishnan Sripadham ,  Raviprasad Venkatesha Murthy Mummidi ,  Sophia Yeemei Tsang

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/445

Abstract: Techniques are described for importing and using virtual machine images in configured manners, such as by a virtual machine image importation service on behalf of clients. An image may be retrieved based on a client-provided location, and various characteristics of the image may be identified via application of multiple heuristic or other assessment tests to various aspects of the retrieved image such as a master boot record, filesystem, or directory structure of the image to determine a testing vector that is compared to identification vectors associated with known operating systems, in order to automatically determine a specific operating system installed on the image to be imported. Modifications may be made to drivers, configuration and system files of the retrieved image based on the identified operating system and other image characteristics.

公开(公告)号：US20180088804A1

公开(公告)日：2018-03-29

申请号：US15279352

申请日：2016-09-28

Applicant: Amazon Technologies, Inc.

Inventor： Raviprasad Venkatesha Murthy Mummidi ,  MATTHEW SHAWN WILSON ,  ANTHONY NICHOLAS LIGUORI ,  NAFEA BSHARA ,  Saar Gross ,  Jaspal Kohli

IPC: G06F3/06 ,  G06F12/14 ,  G06F13/20 ,  G06F13/40

CPC classification number: G06F3/061 ,  G06F3/0623 ,  G06F3/0644 ,  G06F3/0655 ,  G06F3/0659 ,  G06F3/0664 ,  G06F3/0665 ,  G06F3/067 ,  G06F3/0688 ,  G06F12/1408 ,  G06F13/20 ,  G06F13/4004 ,  G06F2212/401 ,  G06F2212/402

Abstract: A peripheral device may implement storage virtualization for non-volatile storage devices connected to the peripheral device. A host system connected to the peripheral device may host one or multiple virtual machines. The peripheral device may implement different virtual interfaces for the virtual machines or the host system that present a storage partition at a non-volatile storage device to the virtual machine or host system for storage. Access requests from the virtual machines or host system are directed to the respective virtual interface at the peripheral device. The peripheral device may perform data encryption or decryption, or may perform throttling of access requests. The peripheral device may generate and send physical access requests to perform the access requests received via the virtual interfaces to the non-volatile storage devices. Completion of the access requests may be indicated to the virtual machines via the virtual interfaces.

公开(公告)号：US09558081B2

公开(公告)日：2017-01-31

申请号：US15012740

申请日：2016-02-01

Applicant: Amazon Technologies, Inc.

Inventor： Apolak Borthakur ,  Raviprasad Venkatesha Murthy Mummidi

IPC: G06F11/14 ,  G06F12/10 ,  G06F11/10 ,  G06F12/14 ,  H04L29/06

CPC classification number: G06F11/1484 ,  G06F9/5077 ,  G06F11/1016 ,  G06F12/08 ,  G06F12/1009 ,  G06F12/1408 ,  G06F21/53 ,  G06F21/79 ,  G06F2201/815 ,  G06F2212/1052 ,  G06F2212/152 ,  H04L63/0442

Abstract: Remote computing resource service providers allow customers to execute one or more applications in a virtual environment on computer systems provided by the computing resource service provider. The virtual machines may be managed by a hypervisor executing on computer systems operated by the service provider. The virtual machines' memory may be protected by a memory obfuscation service and the hypervisor. The memory obfuscation service may enable the virtual machines to maintain at least a portion of sensitive information in an obfuscated format. The virtual machines may request access to the virtual machines' memory, the memory obfuscation service may obtain the requested memory in an obfuscated format and un-obfuscate the memory such that it may be used by the virtual machines.

Abstract translation: 远程计算资源服务提供商允许客户在由计算资源服务提供商提供的计算机系统上的虚拟环境中执行一个或多个应用。 虚拟机可以由在由服务提供商操作的计算机系统上执行的管理程序来管理。 虚拟机的内存可能受到内存模糊服务和虚拟机管理程序的保护。 存储器混淆服务可以使虚拟机能够以至少一部分敏感信息以混淆格式保持。 虚拟机可以请求对虚拟机的存储器的访问，内存混淆服务可以以模糊格式获得所请求的存储器，并且对存储器进行模糊化，使得虚拟机可以被虚拟机使用。

公开(公告)号：US20160147619A1

公开(公告)日：2016-05-26

申请号：US15012740

申请日：2016-02-01

Applicant: Amazon Technologies, Inc.

Inventor： Apolak Borthakur ,  Raviprasad Venkatesha Murthy Mummidi

IPC: G06F11/14 ,  H04L29/06 ,  G06F11/10 ,  G06F12/14

CPC classification number: G06F11/1484 ,  G06F9/5077 ,  G06F11/1016 ,  G06F12/08 ,  G06F12/1009 ,  G06F12/1408 ,  G06F21/53 ,  G06F21/79 ,  G06F2201/815 ,  G06F2212/1052 ,  G06F2212/152 ,  H04L63/0442

Abstract: Remote computing resource service providers allow customers to execute one or more applications in a virtual environment on computer systems provided by the computing resource service provider. The virtual machines may be managed by a hypervisor executing on computer systems operated by the service provider. The virtual machines' memory may be protected by a memory obfuscation service and the hypervisor. The memory obfuscation service may enable the virtual machines to maintain at least a portion of sensitive information in an obfuscated format. The virtual machines may request access to the virtual machines' memory, the memory obfuscation service may obtain the requested memory in an obfuscated format and un-obfuscate the memory such that it may be used by the virtual machines.

Abstract translation: 远程计算资源服务提供商允许客户在由计算资源服务提供商提供的计算机系统上的虚拟环境中执行一个或多个应用。 虚拟机可以由在由服务提供商操作的计算机系统上执行的管理程序来管理。 虚拟机的内存可能受到内存模糊服务和虚拟机管理程序的保护。 存储器混淆服务可以使虚拟机能够以至少一部分敏感信息以混淆格式保持。 虚拟机可以请求对虚拟机的存储器的访问，内存混淆服务可以以模糊格式获得所请求的存储器，并且对存储器进行模糊化，使得虚拟机可以被虚拟机使用。

公开(公告)号：US11868617B2

公开(公告)日：2024-01-09

申请号：US17670342

申请日：2022-02-11

Applicant: Amazon Technologies, Inc.

Inventor： Raviprasad Venkatesha Murthy Mummidi ,  Matthew Shawn Wilson ,  Anthony Nicholas Liguori ,  Nafea Bshara ,  Saar Gross ,  Jaspal Kohli

IPC: G06F3/06 ,  G06F12/14 ,  G06F13/20 ,  G06F13/40

CPC classification number: G06F3/061 ,  G06F3/067 ,  G06F3/0623 ,  G06F3/0644 ,  G06F3/0655 ,  G06F3/0659 ,  G06F3/0664 ,  G06F3/0665 ,  G06F3/0688 ,  G06F12/1408 ,  G06F13/20 ,  G06F13/4004 ,  G06F2212/401 ,  G06F2212/402

Abstract: A peripheral device may implement storage virtualization for non-volatile storage devices connected to the peripheral device. A host system connected to the peripheral device may host one or multiple virtual machines. The peripheral device may implement different virtual interfaces for the virtual machines or the host system that present a storage partition at a non-volatile storage device to the virtual machine or host system for storage. Access requests from the virtual machines or host system are directed to the respective virtual interface at the peripheral device. The peripheral device may perform data encryption or decryption, or may perform throttling of access requests. The peripheral device may generate and send physical access requests to perform the access requests received via the virtual interfaces to the non-volatile storage devices. Completion of the access requests may be indicated to the virtual machines via the virtual interfaces.

公开(公告)号：US10754741B1

公开(公告)日：2020-08-25

申请号：US15790988

申请日：2017-10-23

Applicant: Amazon Technologies, Inc.

Inventor： Ekanth Sethuramalingam ,  Keshav Sethi Attrey ,  Vivek Chawda ,  Raviprasad Venkatesha Murthy Mummidi ,  Nagaraju Shiramshetti ,  Sukwon Kim ,  Swetha Sundar ,  Sumeet Talwar ,  Sophia Yeemei Tsang ,  Sagar Kumar ,  Tianyi Luo ,  Anbuselvan Ramanathan ,  Julian Ozen

IPC: G06F11/00 ,  G06F11/20 ,  G06F11/14 ,  G06F9/455 ,  G06F9/48 ,  G06F9/50

Abstract: A migration system or service may implement event-driven replication for migrating a computing resource from a source network to a destination network. A replication event may be detected to obtain a state of a data volume for a computing resource hosted in a client network. A request to a replication agent hosted in the source network may instruct the replication agent to copy at least some of the data of the data volume and send the data to the destination network. The migration service may generate a state of the data volume from the received data in a format that is operable to host the computing resource in the destination network and store the generated state of the data volume.