Abstract: Techniques are described for allocating computing resources to a task from a shared hardware structure. The techniques may involve receiving a request to execute a task for a tenant on shared hardware resources, and determining a set of computing resources for allocation to the task based on a service level agreement associated with the tenant. The set of computing resources can be allocated to the task based on the service level agreement associated with the tenant. In some aspects, one or more performance counters associated with one or more of the computing resources can be monitored to determine an activity level for the one or more computing resources during execution of the task, and one or more allocations of the computing resources for execution of the task can be adjusted based on the activity level for the one or more computing resources.

Abstract: A service provider system may implement ECC-like features when executing computations on GPUs that do not include sufficient error detection and recovery for computations that are sensitive to bit errors. During execution of critical computations on behalf of customers, the system may automatically instrument program instructions received from the customers to cause each computation to be executed using multiple sets of hardware resources (e.g., different host machines, processor cores, or internal hardware resources). The service may provide APIs with which customers may instrument their code for execution using redundant resource instances, or specify parameters for applying the ECC-like features. The service or customer may instrument code to perform (or cause the system to perform) checkpointing operations at particular points in the code, and to compare intermediate results produced by different hardware resources.

Abstract: Methods and apparatus for a computing infrastructure for configurable-quality random data are disclosed. A storage medium stores program instructions that when executed on a processor designate some servers of a provider network as members of a pool of producers of random data usable by random data consumers. The instructions, when executed, determine a subset of the pool to be used to supply a collection of random data intended for a random data consumer, and one or more sources of random phenomena to be used to generate the collection of random data. The instructions, when executed, initiate a transmission of the collection of random data directed to the random data consumer.

Abstract: Techniques are described for allocating resources to a task from a shared hardware structure. A plurality of tasks may execute on a processor, wherein the processor may include one or more processing cores and each task may include a plurality of computer executable instructions. In accordance with one technique for allocating resources to a task from a shared hardware structure amongst multiple tasks, aspects of the disclosure describe assigning a first identifier to a first task from the plurality of tasks, associating a portion of the shared hardware resource with the first identifier, and restricting access and/or observability for computer executable instructions executed from any other task than the first task to the portion of the hardware resource associated with the first identifier.

Abstract: The performing of virtual machine (VM)-based secure operations is enabled using a trusted co-processor that is able to operate in a secure mode to perform operations in a multi-tenant environment that are protected from other VMs and DOM-0, among other domains and components. A customer VM can contact a VM manager (VMM) to perform an operation with respect to sensitive data. The VMM can trigger secure mode operation, whereby memory pages are marked and access blocked to entities outside a trusted enclave. The trusted co-processer can measure the VMM and compare the result against an earlier result to ensure that the VMM has not been compromised. Once the operations are performed, the trusted co-processor can return the results, and the VMM can exit the secure mode such that access to the marked pages and customer data is restored.

Abstract: Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

Abstract: Techniques are described for injecting noise in a timer value provided to an instruction requesting the timer value. A plurality of tasks may execute on a processor, wherein the processor may comprise one or more processing cores and each task may include a plurality of computer executable instructions. In accordance with one technique for injecting noise in the timer value, in response to a request for a timer value, an artificial and indeterminate amount of delay may be introduced before accessing of the timer value from the hardware timer. In one implementation, access to the hardware timer for the timer value may be gated by one or more artificially injected micro-architectural events.

Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.

Abstract: Techniques are described for allocating resources to a task from a shared hardware structure. A plurality of tasks may execute on a processor, wherein the processor may include one or more processing cores and each task may include a plurality of computer executable instructions. In accordance with one technique for allocating resources to a task from a shared hardware structure amongst multiple tasks, aspects of the disclosure describe assigning a first identifier to a first task from the plurality of tasks, associating a portion of the shared hardware resource with the first identifier, and restricting access and/or observability for computer executable instructions executed from any other task than the first task to the portion of the hardware resource associated with the first identifier.

Abstract: Disclosed are various embodiments of a first computing device for obtaining an authentication credential for a cryptographic module of a second computing device. The authentication credential is obtained via a communication session with a module interface of the second computing device. Configuration data is determined for the cryptographic module based at least in part upon the authentication credential. The configuration data is transmitted to the second computing device via the communication session.

Abstract: A computing device has a processor and a first memory, e.g., a fuse-based memory, storing a first cryptographic key. The processor is configured to receive information related to a second cryptographic key from a cryptographic key provisioning system. The processor derives the second cryptographic key from the information related to a second cryptographic key. The first cryptographic key has fewer bits than the second cryptographic key. The processor is also configured to encrypt the second cryptographic key using the first cryptographic key, and store the encrypted second cryptographic key in a second memory, e.g., a flash memory.

Abstract: Methods and apparatus for datacenter power management optimization are disclosed. Metrics, including workload data, thermal measurements and the like are collected from numerous endpoints within a datacenter. System profiles of a plurality of servers, and application workload profiles for various workloads, are stored. Based on analysis of collected metrics, power optimization operations comprising either workload scheduling operations, power configuration change operations, or both, are initiated.

Abstract: Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

Abstract: Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

Abstract: A trusted peripheral device can be utilized with an electronic resource, such as a host machine, in order to enable the secured performance of security and remote management in the electronic environment, where various users might be provisioned on, or otherwise have access to, the electronic resource. The peripheral can have a secure channel for communicating with a centralized management system or service, whereby the management service can remotely connect to this trusted peripheral, using a secure and authenticated network connection, in order to run the above-described functionality on the host to which the peripheral is attached.

Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.

Abstract: Methods and apparatus for datacenter power management optimization are disclosed. Metrics, including workload data, thermal measurements and the like are collected from numerous endpoints within a datacenter. System profiles of a plurality of servers, and application workload profiles for various workloads, are stored. Based on analysis of collected metrics, power optimization operations comprising either workload scheduling operations, power configuration change operations, or both, are initiated.

Abstract: A graph of a plurality of resources in a computing environment is generated, with the graph associating a first resource of the plurality with a second resource of the plurality. Based at least in part on measurements obtained at a point in a test computing environment that corresponds to a point in the computing environment, an expected value or expected range of values is determined. An assessment of a security state of the computing environment is generated based at least in part on a comparison between a measurement obtained at the point in the computing environment and the expected value or expected range of values, and responsive to a determination that the assessment indicates a rule violation in the computing environment, a security action is performed.

Abstract: A computer-implemented method includes restricting access to customer data to certain geographic regions authorized by the customer. The restriction can be managed by associating policy information with the customer data that identifies the geographic regions authorized by the customer. Resources attempting to access the customer data can evaluate the policy information associated with the customer data with respect to the geographic location in which the resource is located to determine whether the resource is permitted to access the customer data. The restriction can also be managed by encrypting the customer data with a cryptographic key that corresponds to the customer and/or the authorized geographic regions.

Abstract: Techniques are described for accumulating unused computing resources. The techniques may involve receiving a request to execute a task for a tenant on shared hardware resources and assigning a task identifier to the task. A baseline resource credit per time interval of a computing resource can be determined based on a service level agreement associated with the tenant. The techniques may further involve monitoring a performance counter associated with the computing resource to determine a utilization amount of the computing resource by the task during a first time interval, determining an unused amount of the computing resource in the first time interval based on a difference between the utilization amount and the baseline resource credit and incrementing a resource credit balance associated with the task identifier by the unused amount of the computing resource.