专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US08904511B1 Virtual firewalls for multi-tenant distributed services 有权
标题翻译：用于多租户分布式服务的虚拟防火墙
公开(公告)号：US08904511B1
公开(公告)日：2014-12-02
申请号：US12861692
申请日：2010-08-23
申请人： Kevin Ross O'Neill , Mark Joseph Cavage , Nathan R. Fitch , Anders Samuelsson , Brian Irl Pratt , Yunong Jeff Xiao , Bradley Jeffery Behm , James E. Scharf, Jr.
发明人： Kevin Ross O'Neill , Mark Joseph Cavage , Nathan R. Fitch , Anders Samuelsson , Brian Irl Pratt , Yunong Jeff Xiao , Bradley Jeffery Behm , James E. Scharf, Jr.
IPC分类号： G06F9/00 , H04L29/06 , H04L29/08 , H04L12/24
CPC分类号： H04L63/0263 , H04L29/08081 , H04L41/28 , H04L63/08 , H04L63/102 , H04L63/20
摘要： Virtual firewalls may be established that enforce sets of policies with respect to computing resources maintained by multi-tenant distributed services. Particular subsets of computing resources may be associated with particular tenants of a multi-tenant distributed service. A tenant may establish a firewalling policy set enforced by a virtual firewall for an associated subset of computing resources without affecting other tenants of the multi-tenant distributed service. Virtual firewalls enforcing multiple firewalling policy sets may be maintained by a common firewalling component of the multi-tenant distributed service. Firewalling policy sets may be distributed at multiple locations throughout the multi-tenant distributed service. For a request targeting a particular computing resource, the common firewalling component may identify the associated virtual firewall, and submit the request to the virtual firewall for evaluation in accordance with the corresponding firewalling policy set.
摘要翻译：可以建立虚拟防火墙，执行关于由多租户分布式服务维护的计算资源的策略集。计算资源的特定子集可以与多租户分布式服务的特定租户相关联。租户可以建立由虚拟防火墙为相关联的计算资源子集强制执行的防火墙策略集，而不会影响多租户分布式服务的其他租户。实施多个防火墙策略集的虚拟防火墙可以由多租户分布式服务的通用防火墙组件维护。防火墙策略集可以分布在多租户分布式服务的多个位置。对于针对特定计算资源的请求，常用防火墙组件可以标识相关联的虚拟防火墙，并根据相应的防火墙策略集将请求提交给虚拟防火墙进行评估。

2. 发明授权

US08776190B1 Multifactor authentication for programmatic interfaces 有权
标题翻译：用于编程接口的多因素认证
公开(公告)号：US08776190B1
公开(公告)日：2014-07-08
申请号：US12955519
申请日：2010-11-29
申请人： Mark Joseph Cavage , Bradley Jeffery Behm , Luis Felipe Cabrera
发明人： Mark Joseph Cavage , Bradley Jeffery Behm , Luis Felipe Cabrera
IPC分类号： G06F7/04
CPC分类号： H04L63/0838 , G06F21/33 , G06F21/62 , H04L63/108 , H04L2463/082
摘要： Systems and methods provide logic that validates a code generated by a user, and that executes a function of a programmatic interface after the user code is validated. In one implementation, a computer-implemented method performs a multifactor authentication of a user prior to executing a function of a programmatic interface. The method includes receiving, at a server, a user code through a programmatic interface. The server computes a server code in response to the user code, and compares the user code to the server code to determine that the user code corresponds to the server code. The server validates the user code and executes a function of the programmatic interface, after the user code is validated.
摘要翻译：系统和方法提供验证用户生成的代码的逻辑，并且在验证用户代码之后执行编程接口的功能。在一个实现中，计算机实现的方法在执行编程接口的功能之前执行用户的多因素认证。该方法包括通过编程接口在服务器处接收用户代码。服务器根据用户代码计算服务器代码，并将用户代码与服务器代码进行比较，以确定用户代码对应于服务器代码。在验证用户代码后，服务器验证用户代码并执行编程接口的功能。

3. 发明授权

US08607067B1 Techniques for attesting to information 有权
标题翻译：证明信息的技术
公开(公告)号：US08607067B1
公开(公告)日：2013-12-10
申请号：US13038277
申请日：2011-03-01
申请人： Cornelle Christiaan Pretorius Janse van Rensburg , Marc J. Brooker , David Brown , Abhinav Agrawal , Matthew S. Garman , Kevin Ross O'Neill , Eric Jason Brandwine , Christopher Richard Jacques de Kadt , Mark Joseph Cavage
发明人： Cornelle Christiaan Pretorius Janse van Rensburg , Marc J. Brooker , David Brown , Abhinav Agrawal , Matthew S. Garman , Kevin Ross O'Neill , Eric Jason Brandwine , Christopher Richard Jacques de Kadt , Mark Joseph Cavage
IPC分类号： H04L29/06
CPC分类号： G06F21/45 , H04L63/0823 , H04L63/20 , H04L67/1002
摘要： Systems and methods for attesting to information about a computing resource involve electronically signed documents. For a computing resource, a document containing information about the resource is generated and electronically signed. The document may be provided to one or more entities as an attestation to at least some of the information contained in the document. Attestation to information in the document may be a prerequisite for performance of one or more actions that may be taken in connection with the computing resource.
摘要翻译：用于证明有关计算资源的信息的系统和方法涉及电子签名的文档。对于计算资源，生成包含资源信息的文档并进行电子签名。文档可以被提供给一个或多个实体，作为对文档中包含的至少一些信息的证明。证明文档中的信息可能是执行可能与计算资源相关联的一个或多个动作的前提。

4. 发明授权

US08683560B1 Techniques for credential generation 有权
标题翻译：凭证生成技术
公开(公告)号：US08683560B1
公开(公告)日：2014-03-25
申请号：US12981231
申请日：2010-12-29
申请人： Marc J. Brooker , Mark Joseph Cavage , David Brown , Kevin Ross O'Neill , Eric Jason Brandwine , Christopher Richard Jacques de Kadt
发明人： Marc J. Brooker , Mark Joseph Cavage , David Brown , Kevin Ross O'Neill , Eric Jason Brandwine , Christopher Richard Jacques de Kadt
IPC分类号： G06F7/04 , H04L29/06 , H04L9/32
CPC分类号： H04L63/08 , G06F21/44 , H04L9/3247 , H04L63/10 , H04L63/20
摘要： Systems and methods for managing credentials distribute the credentials to subsets of a set of collectively managed computing resources. The collectively managed computing resources may include one or more virtual machine instances. The credentials distributed to the computing resources may be used by the computing resources to perform one or more actions. Actions may include performing one or more functions in connection with configuration, management, and/or operation of the one or more resources, and/or access of other computing resources. The ability to use credentials may be changed based at least in part on the occurrence of one or more events.
摘要翻译：用于管理凭据的系统和方法将凭证分发到一组共同管理的计算资源的子集。共同管理的计算资源可以包括一个或多个虚拟机实例。分配给计算资源的证书可以被计算资源用于执行一个或多个动作。操作可以包括执行与一个或多个资源的配置，管理和/或操作有关的一个或多个功能，和/或其他计算资源的访问。至少部分地基于一个或多个事件的发生来改变使用凭证的能力。

5. 发明授权

US08429757B1 Controlling use of computing-related resources by multiple independent parties 有权
标题翻译：由多个独立方控制计算相关资源的使用
公开(公告)号：US08429757B1
公开(公告)日：2013-04-23
申请号：US13277070
申请日：2011-10-19
申请人： Mark Joseph Cavage , John Cormie , Nathan R. Fitch , Don Johnson , Peter Sirota
发明人： Mark Joseph Cavage , John Cormie , Nathan R. Fitch , Don Johnson , Peter Sirota
IPC分类号： H04L29/06
CPC分类号： H04L63/10 , G06F21/604 , G06F21/6218 , G06F2221/2141 , H04L63/0227 , H04L63/102 , H04L63/20
摘要： Techniques are described for managing access to computing-related resources that, for example, may enable multiple distinct parties to independently control access to the resources (e.g., such that a request to access a resource succeeds only if all of multiple associated parties approve that access). For example, an executing software application may, on behalf of an end user, make use of computing-related resources of one or more types that are provided by one or more remote third-party network services (e.g., data storage services provided by an online storage service) —in such a situation, both the developer user who created the software application and the end user may be allowed to independently specify access rights for one or more particular such computing-related resources (e.g., stored data files), such that neither the end user nor the software application developer user may later access those resources without the approval of the other party.
摘要翻译：描述了用于管理对计算相关资源的访问的技术，例如，可以使多个不同方独立地控制对资源的访问（例如，使得只有当所有多个关联方批准该访问时，访问资源的请求才能成功）。例如，执行的软件应用程序可以代表最终用户利用由一个或多个远程第三方网络服务提供的一种或多种类型的计算相关资源（例如，由在这种情况下，可以允许创建软件应用程序的开发者用户和终端用户独立地指定一个或多个特定的这样的计算相关资源（例如，存储的数据文件）的访问权限，例如，最终用户和软件应用程序开发者用户以后都不可以在未经对方批准的情况下访问这些资源。

6. 发明授权

US08051491B1 Controlling use of computing-related resources by multiple independent parties 有权
标题翻译：由多个独立方控制计算相关资源的使用
公开(公告)号：US08051491B1
公开(公告)日：2011-11-01
申请号：US11966692
申请日：2007-12-28
申请人： Mark Joseph Cavage , John Cormie , Nathan R. Fitch , Don Johnson , Peter Sirota
发明人： Mark Joseph Cavage , John Cormie , Nathan R. Fitch , Don Johnson , Peter Sirota
IPC分类号： G06F7/04 , G06F17/30 , H04N7/16
CPC分类号： H04L63/10 , G06F21/604 , G06F21/6218 , G06F2221/2141 , H04L63/0227 , H04L63/102 , H04L63/20
摘要： Techniques are described for managing access to computing-related resources that, for example, may enable multiple distinct parties to independently control access to the resources (e.g., such that a request to access a resource succeeds only if all of multiple associated parties approve that access). For example, an executing software application may, on behalf of an end user, make use of computing-related resources of one or more types that are provided by one or more remote third-party network services (e.g., data storage services provided by an online storage service)—in such a situation, both the developer user who created the software application and the end user may be allowed to independently specify access rights for one or more particular such computing-related resources (e.g., stored data files), such that neither the end user nor the software application developer user may later access those resources without the approval of the other party.
摘要翻译：描述了用于管理对计算相关资源的访问的技术，例如，可以使多个不同方独立地控制对资源的访问（例如，使得只有当所有多个关联方批准该访问时，访问资源的请求才能成功）。例如，执行的软件应用程序可以代表最终用户利用由一个或多个远程第三方网络服务提供的一种或多种类型的计算相关资源（例如，由在这种情况下，可以允许创建软件应用程序的开发者用户和终端用户独立地指定一个或多个特定的这样的计算相关资源（例如，存储的数据文件）的访问权限，例如，最终用户和软件应用程序开发者用户以后都不可以在未经对方批准的情况下访问这些资源。

7. 发明申请

US20110029683A1 Real-time Attribute Processor and Syntax Schema for Directory Access Protocol Services 失效
标题翻译：用于目录访问协议服务的实时属性处理器和语法模式
公开(公告)号：US20110029683A1
公开(公告)日：2011-02-03
申请号：US12898917
申请日：2010-10-06
申请人： Jason M. Bell , Mark Joseph Cavage , Kristin Marie Hazlewood , Gary Dale Williams
发明人： Jason M. Bell , Mark Joseph Cavage , Kristin Marie Hazlewood , Gary Dale Williams
IPC分类号： G06F15/16
CPC分类号： H04L61/1552 , G06F17/30589 , H04L29/12084 , H04L29/12132 , H04L61/1523
摘要： A processor which cooperates with directory servers to handle requests for values of dynamic attributes which would otherwise present a real-time processing challenge to the directory server due to the server's dependence on the data normally being static in nature. Special schema syntax identifiers are used to identify dynamic attributes which then are not stored directly in the directory, but whose values are resolved at the time a read request is made for those attributes. This approach eliminates the need to store the dynamic information in the directory, and allows user-supplied modules to perform the resolution of the dynamic attributes in a real-time manner, including not only retrieving a value from a dynamic data source, but optionally performing calculations or manipulations on the data as well. One embodiment of the invention cooperates with Lightweight Directory Access Protocol (“LDAP”) directory servers.
摘要翻译：与目录服务器协作以处理对动态属性的值的请求的处理器，否则由于服务器对数据的依赖通常是静态的，否则将向目录服务器呈现实时处理挑战。特殊模式语法标识符用于标识动态属性，然后不直接存储在目录中，但是在为这些属性进行读取请求时解析其值。该方法消除了将动态信息存储在目录中的需要，并且允许用户提供的模块以实时方式来执行动态属性的解析，包括不仅从动态数据源检索值，而且还可以执行也可以对数据进行计算或操作。本发明的一个实施例与轻量级目录访问协议（“LDAP”）目录服务器协作。

8. 发明授权

US07373348B2 Distributed directory deployment 失效
标题翻译：分布式目录部署
公开(公告)号：US07373348B2
公开(公告)日：2008-05-13
申请号：US11106396
申请日：2005-04-14
申请人： Jason Murray Bell , Mark Joseph Cavage , Kristin Marie Hazlewood , Richard Allyn Heller
发明人： Jason Murray Bell , Mark Joseph Cavage , Kristin Marie Hazlewood , Richard Allyn Heller
IPC分类号： G06F17/30
CPC分类号： G06F17/30067 , Y10S707/99943 , Y10S707/99953
摘要： Each LDIF entry of a directory tree is read, split to a domain of LDIF fragments (corresponding to backend servers) and written to each LDIF fragment. The split may be accomplished through a hash function, establishing, for that iteration of LDIF entry, a write file. The LDIF entry is appended to the write file. A subsequent LDIF entry is read. A corresponding LDIF fragment is determined, which need not be different from the LDIF fragment to which the first LDIF entry was written. The current LDIF entry is written to the currently selected write file. The process continues until all LDIF entries are exhausted from the directory tree. LDIF fragments are each copied to distinct backend servers, where, each LDIF fragment may be loaded into a distributed directory data structure.
摘要翻译：读取目录树的每个LDIF条目，分割为LDIF片段的域（对应于后端服务器）并写入每个LDIF片段。可以通过散列函数完成拆分，为LDIF条目的迭代建立写入文件。 LDIF条目附加到写入文件。读取随后的LDIF条目。确定对应的LDIF片段，其不需要与写入第一LDIF条目的LDIF片段不同。当前的LDIF条目写入当前选择的写入文件。该过程继续，直到所有LDIF条目从目录树中用尽。 LDIF片段都被复制到不同的后端服务器，其中每个LDIF片段可以被加载到分布式目录数据结构中。

9. 发明授权

US07860864B2 Distributed directory deployment 失效
标题翻译：分布式目录部署
公开(公告)号：US07860864B2
公开(公告)日：2010-12-28
申请号：US12108416
申请日：2008-04-23
申请人： Jason Murray Bell , Mark Joseph Cavage , Kristin Marie Hazlewood , Richard Allyn Heller
发明人： Jason Murray Bell , Mark Joseph Cavage , Kristin Marie Hazlewood , Richard Allyn Heller
IPC分类号： G06F17/30
CPC分类号： G06F17/30067 , Y10S707/99943 , Y10S707/99953
摘要： Each LDIF entry of a directory tree is read, split to a domain of LDIF fragments (corresponding to backend servers) and written to each LDIF fragment. The split may be accomplished through a hash function, establishing, for that iteration of LDIF entry, a write file. The LDIF entry is appended to the write file. A subsequent LDIF entry is read. A corresponding LDIF fragment is determined, which need not be different from the LDIF fragment to which the first LDIF entry was written. The current LDIF entry is written to the currently selected write file. The process continues until all LDIF entries are exhausted from the directory tree. LDIF fragments are each copied to distinct backend servers, where, each LDIF fragment may be loaded into a distributed directory data structure.
摘要翻译：读取目录树的每个LDIF条目，分割为LDIF片段的域（对应于后端服务器）并写入每个LDIF片段。可以通过散列函数完成拆分，为LDIF条目的迭代建立写入文件。 LDIF条目附加到写入文件。读取随后的LDIF条目。确定对应的LDIF片段，其不需要与写入第一LDIF条目的LDIF片段不同。当前的LDIF条目写入当前选择的写入文件。该过程继续，直到所有LDIF条目从目录树中用尽。 LDIF片段都被复制到不同的后端服务器，其中每个LDIF片段可以被加载到分布式目录数据结构中。

10. 发明申请

US20080216080A1 Method and system to alleviate denial-of-service conditions on a server 有权
公开(公告)号：US20080216080A1
公开(公告)日：2008-09-04
申请号：US12105140
申请日：2008-04-17
申请人： Mark Joseph Cavage , Kristin M. Hazlewood , Richard Allyn Heller , Gary Dale Williams
发明人： Mark Joseph Cavage , Kristin M. Hazlewood , Richard Allyn Heller , Gary Dale Williams
IPC分类号： G06F9/46
CPC分类号： G06F9/3851 , G06F11/0715 , G06F11/0793 , H04L63/1458
摘要： A method is presented for processing data in a multithreaded application to alleviate impaired or substandard performance conditions. Work items that are pending processing by the multithreaded application are placed into a data structure. The work items are processed by a plurality of threads within the multithreaded application in accordance with a first algorithm, e.g., first-in first-out (FIFO). A thread within the multithreaded application is configured apart from the plurality of threads such that it processes work items in accordance with a second algorithm that differs from the first algorithm, thereby avoiding the impairing condition. For example, the thread may process a pending work item only if it has a particular characteristic. The thread restricts its own processing of work items by intermittently evaluating workflow conditions for the plurality of threads; if the workflow conditions improve or are unimpaired, then the thread does not process any work items.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式