Patents by Inventor Slavka Praus
Slavka Praus has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11860895Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.Type: GrantFiled: April 18, 2022Date of Patent: January 2, 2024Assignee: Amazon Technologies, Inc.Inventors: Alazel Acheson, Christopher Ryan Baker, Mahendra Manshi Chheda, James Robert Englert, Meng Li, Srikanth Mandadi, Slavka Praus, Colin Watson
-
Patent number: 11671425Abstract: A request is obtained for accessing a resource in a different region from a region indicated by a session token included with the request. The session token is re-encrypted using secret information of the second region. The request to access the resource in the different region can be fulfilled using the re-encrypted session token.Type: GrantFiled: June 25, 2020Date of Patent: June 6, 2023Assignee: Amazon Technologies, Inc.Inventors: Srikanth Mandadi, Khaled Salah Sedky, Slavka Praus, Marc R. Barbour
-
Publication number: 20220245171Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.Type: ApplicationFiled: April 18, 2022Publication date: August 4, 2022Applicant: Amazon Technologies, Inc.Inventors: Alazel Acheson, Christopher Ryan Baker, Mahendra Manshi Chheda, James Robert Englert, Meng Li, Srikanth Mandadi, Slavka Praus, Colin Watson
-
Patent number: 11308123Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.Type: GrantFiled: May 29, 2020Date of Patent: April 19, 2022Assignee: Amazon Technologies, Inc.Inventors: Alazel Acheson, Christopher Ryan Baker, Mahendra Manshi Chheda, James Robert Englert, Meng Li, Srikanth Mandadi, Slavka Praus, Colin Watson
-
Publication number: 20220043830Abstract: A distributed data store may maintain versioned hierarchical data structures. Different versions of a hierarchical data structure may be maintained consistent with a transaction log for the hierarchical data structure. When access requests directed to the hierarchical data structure are received, a version of the hierarchical data structure may be identified for processing an access request. For access requests with snapshot isolation, the identified version alone may be sufficient to consistently process the access request. For access requests with higher isolation requirements, such as serializable isolation, transactions based on the access request may be submitted to the transaction log so that access requests resulting in committed transactions may be allowed, whereas access requests resulting in conflicting transactions may be denied.Type: ApplicationFiled: October 22, 2021Publication date: February 10, 2022Applicant: Amazon Technologies, Inc.Inventors: Srikanth Mandadi, Matthew Berry, Slavka Praus, Chris Baker, Marvin Michael Theimer, Anders Samuelsson, Khaled Salah Sedky
-
Patent number: 11240042Abstract: A first public key is generated based at least in part on a first plurality of signing keys and a second public key is generated based at least in part on a second plurality of signing keys. The signing keys may be used to generate digital signatures. The second public key may be made available to verify a digital signature generated using a signing key from the second plurality of signing keys. In some cases, a first Merkle tree may be formed by the first public key and the first plurality of signing keys, and a second Merkle tree may be formed by the second public key, the first public key, and the second plurality of signing keys.Type: GrantFiled: March 23, 2020Date of Patent: February 1, 2022Assignee: Amazon Technologies, Inc.Inventors: Slavka Praus, Matthew John Campagna, Nicholas Alexander Allen, Petr Praus
-
Patent number: 11157517Abstract: A distributed data store may maintain versioned hierarchical data structures. Different versions of a hierarchical data structure may be maintained consistent with a transaction log for the hierarchical data structure. When access requests directed to the hierarchical data structure are received, a version of the hierarchical data structure may be identified for processing an access request. For access requests with snapshot isolation, the identified version alone may be sufficient to consistently process the access request. For access requests with higher isolation requirements, such as serializable isolation, transactions based on the access request may be submitted to the transaction log so that access requests resulting in committed transactions may be allowed, whereas access requests resulting in conflicting transactions may be denied.Type: GrantFiled: April 18, 2016Date of Patent: October 26, 2021Assignee: Amazon Technologies, Inc.Inventors: Srikanth Mandadi, Matthew Berry, Slavka Praus, Chris Baker, Marvin Michael Theimer, Anders Samuelsson, Khaled Salah Sedky
-
Publication number: 20200329041Abstract: A request is obtained for accessing a resource in a different region from a region indicated by a session token included with the request. The session token is re-encrypted using secret information of the second region. The request to access the resource in the different region can be fulfilled using the re-encrypted session token.Type: ApplicationFiled: June 25, 2020Publication date: October 15, 2020Inventors: Srikanth Mandadi, Khaled Salah Sedky, Slavka Praus, Marc R. Barbour
-
Publication number: 20200293550Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.Type: ApplicationFiled: May 29, 2020Publication date: September 17, 2020Applicant: Amazon Technologies, Inc.Inventors: Alazel Acheson, Christopher Ryan Baker, Mahendra Manshi Chheda, James Robert Englert, Meng Li, Srikanth Mandadi, Slavka Praus, Colin Watson
-
Publication number: 20200220735Abstract: A first public key is generated based at least in part on a first plurality of signing keys and a second public key is generated based at least in part on a second plurality of signing keys. The signing keys may be used to generate digital signatures. The second public key may be made available to verify a digital signature generated using a signing key from the second plurality of signing keys. In some cases, a first Merkle tree may be formed by the first public key and the first plurality of signing keys, and a second Merkle tree may be formed by the second public key, the first public key, and the second plurality of signing keys.Type: ApplicationFiled: March 23, 2020Publication date: July 9, 2020Inventors: Slavka Praus, Matthew John Campagna, Nicholas Alexander Allen, Petr Praus
-
Patent number: 10701071Abstract: A request is received by a user in a second region. The request, which is digitally signed with credential associated with the user in the second region causes the generation of a session credential that includes a session key. The user in the second region can use the session credentials to access the resources in the first region.Type: GrantFiled: February 7, 2018Date of Patent: June 30, 2020Assignee: Amazon Technologies, Inc.Inventors: Srikanth Mandadi, Khaled Salah Sedky, Slavka Praus, Marc R. Barbour
-
Patent number: 10680827Abstract: Techniques for using short-term credentials using asymmetric session keys are described herein. A request for a short-term credential is received that is digitally signed with a different credential. In response to the request, short-term credential data is generated and populated with a public session key corresponding to a private session key. The short-term credential data is then encrypted with a session encryption key to produce the short-term credential token, which can then be used by the requester as a short-term credential for subsequent requests.Type: GrantFiled: January 19, 2018Date of Patent: June 9, 2020Assignee: Amazon Technologies, Inc.Inventors: Marc R. Barbour, Khaled Salah Sedky, Srikanth Mandadi, Slavka Praus
-
Patent number: 10671639Abstract: Updates to a hierarchical data structure may be selectively replicated to other replicas of the hierarchical data structure. An update for a hierarchical data structure may be received and committed to the hierarchical data structure. A determination as to whether any other replicas of the hierarchical data structure have permission to receive the update may be made. For those replicas of the hierarchical data structure with permission to receive the update, the update may be provided to the replicas and committed to the replicas. Different types of replication techniques may be implemented, such as pull-based replication techniques or push-based replication techniques. Replication permissions for objects of the hierarchical data structure may be individually defined, in some embodiments.Type: GrantFiled: March 30, 2017Date of Patent: June 2, 2020Assignee: Amazon Technologies, Inc.Inventors: Alazel Acheson, Christopher Ryan Baker, Mahendra Manshi Chheda, James Robert Englert, Meng Li, Srikanth Mandadi, Slavka Praus, Colin Watson
-
Patent number: 10608824Abstract: A first public key is generated based at least in part on a first plurality of signing keys and a second public key is generated based at least in part on a second plurality of signing keys. The signing keys may be used to generate digital signatures. The second public key may be made available to verify a digital signature generated using a signing key from the second plurality of signing keys. In some cases, a first Merkle tree may be formed by the first public key and the first plurality of signing keys, and a second Merkle tree may be formed by the second public key, the first public key, and the second plurality of signing keys.Type: GrantFiled: January 9, 2017Date of Patent: March 31, 2020Assignee: Amazon Technologies, Inc.Inventors: Slavka Praus, Matthew John Campagna, Nicholas Alexander Allen, Petr Praus
-
Patent number: 10277569Abstract: Techniques for using short-term session credentials across regions are described herein. A first request for resources generated using a short-term session credentials and digitally signed with a digital signature. The request is generated in a first region and received in a second region. In response to the request, a second request is generated in the second region to validate the first request. A new session token that is usable in the second region is generated and returned to the second region. The new session token can then be used in the second region to fulfill the first request.Type: GrantFiled: December 3, 2015Date of Patent: April 30, 2019Assignee: Amazon Technologies, Inc.Inventors: Marc R. Barbour, Khaled Salah Sedky, Slavka Praus, Srikanth Mandadi
-
Patent number: 10182044Abstract: Techniques for personalizing short-term session credentials are described herein. A global session key is provided to a plurality of regions of a computing resource service provider and an account key is also provided to one or more of the plurality of regions based at least in part on those regions being trusted by a customer of the computing resource service provider. When a request for short-term session credentials is received at the trusted region by that customer, a session token is generated and encrypted with a combination of the global session key and the account key, thereby creating a session token that can be uniquely associated with the customer and that may only be used in regions that that customer has designated as trusted regions.Type: GrantFiled: December 3, 2015Date of Patent: January 15, 2019Assignee: Amazon Technologies, Inc.Inventors: Slavka Praus, Khaled Salah Sedky, Srikanth Mandadi, Marc R. Barbour
-
Publication number: 20180183793Abstract: A request is received by a user in a second region. The request, which is digitally signed with credential associated with the user in the second region causes the generation of a session credential that includes a session key. The user in the second region can use the session credentials to access the resources in the first region.Type: ApplicationFiled: February 7, 2018Publication date: June 28, 2018Inventors: Srikanth Mandadi, Khaled Salah Sedky, Slavka Praus, Marc R. Barbour
-
Publication number: 20180145835Abstract: Techniques for using short-term credentials using asymmetric session keys are described herein. A request for a short-term credential is received that is digitally signed with a different credential. In response to the request, short-term credential data is generated and populated with a public session key corresponding to a private session key. The short-term credential data is then encrypted with a session encryption key to produce the short-term credential token, which can then be used by the requester as a short-term credential for subsequent requests.Type: ApplicationFiled: January 19, 2018Publication date: May 24, 2018Inventors: Marc R. Barbour, Khaled Salah Sedky, Srikanth Mandadi, Slavka Praus
-
Patent number: 9900160Abstract: Techniques for using short-term credentials using asymmetric session keys are described herein. A request for a short-term credential is received that is digitally signed with a different credential. In response to the request, short-term credential data is generated and populated with a public session key corresponding to a private session key. The short-term credential data is then encrypted with a session encryption key to produce the short-term credential token, which can then be used by the requester as a short-term credential for subsequent requests.Type: GrantFiled: December 3, 2015Date of Patent: February 20, 2018Assignee: Amazon Technologies, Inc.Inventors: Marc R. Barbour, Khaled Salah Sedky, Srikanth Mandadi, Slavka Praus
-
Patent number: 9894067Abstract: Techniques for using short-term credentials with access roles across regions are described herein. A request to assume a role associated with resources in a first region is received by a user in a second region. The request, which is digitally signed with credential associated with the user in the second region causes the generation of a short-term session credential that includes a session key and that can be used to assume the role. The user in the second region then assumes the role and, accordingly, can use the short-term session credentials to access the resources in the first region.Type: GrantFiled: December 3, 2015Date of Patent: February 13, 2018Assignee: Amazon Technologies, Inc.Inventors: Srikanth Mandadi, Khaled Salah Sedky, Slavka Praus, Marc R. Barbour