Abstract: Described implementations obtain credential information including an encrypted digital identity (ID). The encrypted digital ID may include a public component of a credential and identity data. Furthermore, the credential information may include cryptographically obfuscated data based on the identity data and a private component of the credential. A proof is obtained that includes proof data. The proof data may confirm that the credential information was correctly generated. Verification of the proof data, and confirmation that the cryptographically obfuscated data is not associated in a collection of cryptographically obfuscated data, cause a computer-implemented service to issue a pseudonym. The pseudonym is usable to generate a relationship associated with a computer-implemented service.

Abstract: Techniques for fault-tolerant function placement across multiple computing placement locations are described. An application placement service obtains a latency-based placement of functions of an application and utilizes resource information associated with the placement locations to determine error rates for flows of the placement. For flows having an error rate falling outside of an allowable range, the application placement service can modify the placement to improve the error rate, e.g., by adding additional redundancy for functions in higher-error placement locations within those placement location tiers, and/or by adding additional redundancy for functions in higher-error placement locations within different placement location tiers.

Abstract: A computer system obtains a request to apply a signed patch to a piece of signed executable code. The computer system determines whether the signed patch is allowed to be applied to the signed executable based on a set of patch policies. If the patch policies allow the patch to be applied, the patch is applied to the signed executable code. The computer system generates a new digital signature for the modified executable code thereby allowing the resulting signed patched executable code to be verified and executed by the computer system.

Abstract: A service provider provides virtual computing services using a fleet of one or more host computer systems. Each of the host computer systems may be equipped with a trusted platform module (“TPM”). The service provider, the host computer systems, and the virtual computing environments generate attestations that prove the integrity of the system. The attestations are signed with a one-time-use cryptographic key that is verifiable against the public keys of the service provider, a host computer system, and a virtual computing environment. The public key of the host computer system is integrated into a hash tree that links the public key of the host computer system to the public key of the service provider. The public key of the virtual computing environment is signed using a one-time-use graphic key issued to the host computer system that hosts the virtual computing environment.

Abstract: Described implementations obtain a proof of valid attestation data. The attestation data may include configuration data of a host computing system. A prover service may receive the attestation data. The prover service may generate a proof to prove that the attestation data includes valid configuration data of the host computer system, without revealing sensitive or private information of the host computing system. The proof may be a zero-knowledge proof.

Abstract: Systems and methods for implementing a secure and efficient cryptographic protocol for analyzing data objects while providing assurances of data privacy and security. A data object may be obfuscated and provided for analysis (e.g., to a data analytics service) without necessarily providing access to the (e.g., plaintext) data object. For example, a first computing entity and second computing entity may agree upon a function or circuit that performs a certain type of computational task, such as comparing a first data set controlled by the first computing entity and a second data set controlled by the second computing entity. An event-driven function may be invoked by the event-driven compute service in response to detecting satisfaction of a condition as part of monitoring alerts that are generated as a result of the output of the computational task described above.

Abstract: The disclosure relates to provisioning honeypot computing services using computing resources in a defective computing resource pool. In one example, a computing system can generate a maliciousness score for a received resource allocation request, determine that the generated maliciousness score exceeds a maliciousness threshold and identify a computing resource in a defective resource pool that is eligible to satisfy the request. The system can then provision honeypot computing services to fulfill the request, using the identified computing resource in the defective resource pool.

Abstract: Non-volatile devices may be configured such that a clear operation on a single bit clears an entire block of bits. The representation of particular data structures may be optimized to reduce the number of clear operations required to store the representation in non-volatile memory. A data schema may indicate that a data structure of an application may be optimized for storage in non-volatile memory. A translation layer may convert an application level representation of a data value associated with the data structure to an optimized storage representation of the data value before storing the optimized storage representation of the data value in non-volatile memory.

Abstract: A first public key is generated based at least in part on a first plurality of signing keys and a second public key is generated based at least in part on a second plurality of signing keys. The signing keys may be used to generate digital signatures. The second public key may be made available to verify a digital signature generated using a signing key from the second plurality of signing keys. In some cases, a first Merkle tree may be formed by the first public key and the first plurality of signing keys, and a second Merkle tree may be formed by the second public key, the first public key, and the second plurality of signing keys.

Abstract: A service provider provides virtual computing services using a fleet of one or more host computer systems. Each of the host computer systems may be equipped with a trusted platform module (“TPM”). The service provider, the host computer systems, and the virtual computing environments generate attestations that prove the integrity of the system. The attestations are signed with a one-time-use cryptographic key that is verifiable against the public keys of the service provider, a host computer system, and a virtual computing environment. The public key of the host computer system is integrated into a hash tree that links the public key of the host computer system to the public key of the service provider. The public key of the virtual computing environment is signed using a one-time-use graphic key issued to the host computer system that hosts the virtual computing environment.

Abstract: A method and apparatus for configuring an overlay network are provided. In the method and apparatus, an application source comprising an executable portion is obtained. A computer system instance is caused to execute at least some of the executable portion, and a snapshot of the computer system instance after partial but incomplete execution of the executable portion is obtained such that the snapshot is usable to instantiate another computer system instance to continue execution of the executable portion from a point in execution at which the snapshot was obtained.

Abstract: A secret is securely maintained on a virtualized computer system by configuring a specialized virtual machine to manage and maintain the secret on behalf of an application. When the application requests access to the secret, a controlling domain, in combination with the specialized virtual machine, validates that the application is authorized to make the request and that the application has not been compromised prior to making the request. If the request is validated, the controlling domain and the specialized virtual machine fulfill the request by providing the application with access to the secret.

Abstract: As requests are received, virtual computer systems are provisioned to process the requests. The virtual computer systems may be configured without various components typically implemented by virtual computer systems, such as traditional operating systems, network interfaces and the like. Application images for the virtual computer systems are configured so that execution of the applications can begin soon after provisioning, with minimal overhead the provisioning process contributing relatively little to any latency in processing the request.

Abstract: A requester submits a request to perform an encrypted search that is received by an encrypted search provider. The encrypted search provider processes the request and produces a set of intermediate results which are loaded onto a mobile computer system that includes a mobile power source. The mobile computer system is shipped to the requester, and while in transit to the requester, the mobile computer system processes the intermediate results to produce a completed search result. After the mobile computer system arrives at the requester, the mobile computer system provides the completed search result to the requester.

Abstract: A computing resource service provider may provide computing resources for execution of a program on behalf of a customer. The program's resource requirements may grow over time and horizontal scaling of the programs execution may be a laborious task as the portion of the program's the in-memory state may not be replicated. The program may include a set of modules which may be split and distributed to one or more computer systems of the service provider for execution. A factoring plan may be used to determine a set of partitions, where each partitions contains a subset of the modules of the program. Performance data associated with the one or more computer systems executing the partitions may be used to determine the factoring plan.

Abstract: A method and apparatus for configuring an overlay network are provided. In the method and apparatus, an application source comprising an executable portion is obtained. A computer system instance is caused to execute at least some of the executable portion, and a snapshot of the computer system instance after partial but incomplete execution of the executable portion is obtained such that the snapshot is usable to instantiate another computer system instance to continue execution of the executable portion from a point in execution at which the snapshot was obtained.

Abstract: A revision request is received at a revision control system that includes a repository identifier, version summary information, and a change description. In response to receiving the revision request, a determination is made as to whether a document repository identified by the repository identifier is active or offline. If the document repository is offline, the version summary information is utilized to determine whether the revision request is probably consistent with current contents of the document repository. If the revision request is probably consistent with the current contents of the document repository, the revision request is placed into a queue, an acceptance message is transmitted in response to the revision request, the document repository is placed into an active state, and the revision request is dequeued and applied to the document repository using the change description.

Abstract: A digital signature over a message may be compressed by determining a plurality of values based at least in part on the message. A mapping of the plurality of values over a digital signature scheme may be used to determine a value from which a portion of the compressed digital signature is decompressible by cryptographically deriving one or more components of the uncompressed digital signature. A public key may be used to verify the authenticity of the compressed digital signature and message.

Abstract: A computer system obtains a request to apply a signed patch to a piece of signed executable code. The computer system determines whether the signed patch is allowed to be applied to the signed executable based on a set of patch policies. If the patch policies allow the patch to be applied, the patch is applied to the signed executable code. The computer system generates a new digital signature for the modified executable code thereby allowing the resulting signed patched executable code to be verified and executed by the computer system.

Abstract: Method and apparatus for remotely accessing a computing resource service provider are disclosed. In the method and apparatus, a first computing environment sends, to a second computing environment, a request for information usable for accessing the second computing environment. In response to the request, the information that is usable to remotely access a subset of the computing resources of the second computing environment is made available to a computing system of the first computing environment, whereby the subset of the computing resources is provisioned for a customer of the second computing environment and the customer of the second environment operates the first computing environment.