公开(公告)号：US11698916B1

公开(公告)日：2023-07-11

申请号：US17133903

申请日：2020-12-24

Applicant: Equinix, Inc.

Inventor： Anand Ozarkar ,  Ankur Sharma

IPC: G06F16/00 ,  G06F16/27 ,  G06F16/25 ,  G06F1/12 ,  G06F16/23 ,  G06F16/22

CPC classification number: G06F16/27 ,  G06F1/12 ,  G06F16/22 ,  G06F16/2365 ,  G06F16/2379 ,  G06F16/258

Abstract: Systems and methods include techniques for recording information for tracing a timestamp to its source. The techniques can facilitate auditing of a time service by external auditors. The timestamps can be collected from all the sources and intermediate touch points like timing and network switches and can be stored in a distributed time ledger. In one example, a method includes receiving, at a collection time by a time collector, a timestamp from each of a plurality of timing devices at a collection time; aggregating the timestamp of each of the plurality of timing devices into a timestamp record, the timestamp record including the collection time and a timestamp entry for each of the timing devices, wherein the timestamp entry for a timing device includes a timing device identifier and the timestamp corresponding to the timing device providing the timestamp; and inserting the timestamp record into an immutable time ledger.

公开(公告)号：US11343247B1

公开(公告)日：2022-05-24

申请号：US16556482

申请日：2019-08-30

Applicant: Equinix, Inc.

Inventor： Anand Ozarkar ,  Naresh Kumar ,  Imam Sheikh

IPC: H04L67/56 ,  H04L67/10 ,  H04L29/06

Abstract: In general, techniques are described for proxying, with a locally-deployed computing device, service requests from one or more with customer devices to a remote data encryption and key management service and assuming, by the local computing device, the service functions of the remote service in the event of a remote service failure. For example, customer devices at a location may be configured to communicate service requests to the local computing device rather than to a remote service. The local computing device obtains one or more encryption keys or other security objects and stores the security objects to local storage. In response to determining a disruption in the remote service due to, e.g., network connectivity failure, the local computing device may assume the functionality of the remote service for a limited time by performing data encryption operations, responsive to requests received at the local computing device from the customer devices.

公开(公告)号：US11115142B1

公开(公告)日：2021-09-07

申请号：US16438310

申请日：2019-06-11

Applicant: Equinix, Inc.

Inventor： Anand Ozarkar ,  Ankur Sharma ,  Christopher Alan Anderson ,  Danjue Li ,  Lance Weaver ,  Brian J. Lillie

IPC: H04J3/06 ,  G06F1/12

Abstract: This disclosure describes techniques for delivering high-accuracy and high-precision clock synchronization in heterogeneous distributed computer clusters. For example, the disclosure describes a synchronization engine that sets efficient clock synchronization processes based on a cluster node's characteristics, pricing, precision, geolocation, and/or cluster topology, while in some cases using a combination of master clock data with internal atomic clocks of computers. The techniques described herein integrate the synchronization engine into a time synchronization process that may provide stability, versatility, precision and cost balance using technical improvements for characterizing timing system delivery channels.

公开(公告)号：US11586752B1

公开(公告)日：2023-02-21

申请号：US16726748

申请日：2019-12-24

Applicant: Equinix, Inc.

Inventor： Anand Ozarkar ,  Imam Sheikh

IPC: G06F21/62 ,  H04L9/08 ,  H04L9/32

Abstract: In general, techniques are described for an encryption key namespace of a kernel, executed by a host computing device, the encryption key namespace having a configuration file that stores an association of a key identifier and a container identifier by which the host computing device can obtain a data encryption key to use for decrypting/encrypting data for the container identified by the container identifier. In this way, a user may associate a container (or container image) with a unique key identifier. By configuring this association in the encryption key namespace for the container, the container may be identified and automatically associated with a key identifier for the appropriate key for decrypting/encrypting data for the container. The host computing device may then obtain, from a key management service, the key using the key identifier.

公开(公告)号：US11368307B1

公开(公告)日：2022-06-21

申请号：US16696340

申请日：2019-11-26

Applicant: Equinix, Inc.

Inventor： Anand Ozarkar ,  Srinivasan Raghavan ,  Imam Sheikh ,  Ankur Sharma

IPC: H04L9/32 ,  H04L9/06

Abstract: In general, techniques are described for using zero-knowledge proofs and digital signatures to verify the authenticity of log records generated by multiple parties, at least in some cases without exposing personally identifiable information for the parties.