Patents by Inventor Alan S. Geller
Alan S. Geller has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10805227Abstract: A system and method for controlling access to web services resources. A system may include a storage medium configured to store instructions and one or more processors configured to access the storage medium. The instructions may be executable by at least one of the processors to implement a web services access control system (ACS) configured to receive requests. Each request specifies an access operation to be performed with respect to a corresponding resource. Each of the requests is associated with a corresponding principal. For each received request, the ACS may be further configured to determine whether an access control entry exists that is associated with both the resource and principal associated with the request and that specifies an access type sufficient to perform the access operation. If no such entry exists, the ACS may deny the request.Type: GrantFiled: October 25, 2018Date of Patent: October 13, 2020Assignee: Amazon Technologies, Inc.Inventors: Alan S. Geller, Rahul Singh
-
Patent number: 10726404Abstract: Techniques are described for facilitating use of invocable services by applications in a configurable manner. In at least some situations, the invocable services are Web services or other network-accessible services that are made available by providers of the services for use by others in exchange for fees defined by the service providers. The described techniques facilitate use of such invocable services by applications in a manner configured by the application providers and the service providers, including to track use of third-party invocable services by applications on behalf of end users and to allocate fees that are charged end users between the applications and the services as configured by the providers of the applications and services. In some situations, the configured pricing terms for a service specify fees for end users that differ in one or more ways from the defined fees charged by the provider of that service.Type: GrantFiled: April 30, 2015Date of Patent: July 28, 2020Assignee: Amazon Technologies, Inc.Inventors: Peter Sirota, Don Johnson, Gaurav D. Ghare, Tushar Jain, Alan S. Geller
-
Publication number: 20190068518Abstract: A system and method for controlling access to web services resources. A system may include a storage medium configured to store instructions and one or more processors configured to access the storage medium. The instructions may be executable by at least one of the processors to implement a web services access control system (ACS) configured to receive requests. Each request specifies an access operation to be performed with respect to a corresponding resource. Each of the requests is associated with a corresponding principal. For each received request, the ACS may be further configured to determine whether an access control entry exists that is associated with both the resource and principal associated with the request and that specifies an access type sufficient to perform the access operation. If no such entry exists, the ACS may deny the request.Type: ApplicationFiled: October 25, 2018Publication date: February 28, 2019Applicant: Amazon Technologies, Inc.Inventors: Alan S. Geller, Rahul Singh
-
Patent number: 10116581Abstract: A system and method for controlling access to web services resources. A system may include a storage medium configured to store instructions and one or more processors configured to access the storage medium. The instructions may be executable by at least one of the processors to implement a web services access control system (ACS) configured to receive requests. Each request specifies an access operation to be performed with respect to a corresponding resource. Each of the requests is associated with a corresponding principal. For each received request, the ACS may be further configured to determine whether an access control entry exists that is associated with both the resource and principal associated with the request and that specifies an access type sufficient to perform the access operation. If no such entry exists, the ACS may deny the request.Type: GrantFiled: February 22, 2016Date of Patent: October 30, 2018Assignee: Amazon Technologies, Inc.Inventors: Alan S. Geller, Rahul Singh
-
Patent number: 9992206Abstract: Techniques are described for providing enhanced security for electronic communications, such as by including in a message sent between two services a digital signature that is generated by using secret information known to the services, so that the recipient receives assurance regarding the sender's identity if the recipient can replicate the received digital signature using the secret information known to the recipient. In some situations, the enhanced security is used in communications to and/or from an access manager system that provides single sign-on functionality and other functionality to other services for use with those services' users, such as to prevent malicious phishers from inappropriately gaining access to user information. Various services may use the enhanced security techniques when interacting with the access manager system at various times, such as to initiate sign-on for a user and/or to take subsequent action on behalf of a signed-on user.Type: GrantFiled: December 28, 2015Date of Patent: June 5, 2018Assignee: Amazon Technologies, Inc.Inventor: Alan S. Geller
-
Patent number: 9875120Abstract: The subject disclosure is directed towards virtual components, e.g., comprising software components such as virtual components of a distributed computing system. Virtual components are available for use by distributed computing system applications, yet managed by the distributed computing system runtime transparent to the application with respect to automatic activation and deactivation on runtime-selected distributed computing system servers. Virtualization of virtual components is based upon mapping virtual components to their physical instantiations that are currently running, such as maintained in a global data store.Type: GrantFiled: March 27, 2014Date of Patent: January 23, 2018Assignee: Microsoft Technology Licensing, LLCInventors: Sergey I. Bykov, Alan S. Geller, Gabriel Kliot, Ravindra Nath Pandya, Jorgen Thelin
-
Patent number: 9413678Abstract: A system and method for controlling access to web services resources. A system may include a storage medium configured to store instructions and one or more processors configured to access the storage medium. The instructions may be executable by at least one of the processors to implement a web services access control system (ACS) configured to receive requests. Each request specifies an access operation to be performed with respect to a corresponding resource. Each of the requests is associated with a corresponding principal. For each received request, the ACS may be further configured to determine whether an access control entry exists that is associated with both the resource and principal associated with the request and that specifies an access type sufficient to perform the access operation. If no such entry exists, the ACS may deny the request.Type: GrantFiled: May 17, 2013Date of Patent: August 9, 2016Assignee: Amazon Technologies, Inc.Inventors: Alan S. Geller, Rahul Singh
-
Publication number: 20160173406Abstract: A system and method for controlling access to web services resources. A system may include a storage medium configured to store instructions and one or more processors configured to access the storage medium. The instructions may be executable by at least one of the processors to implement a web services access control system (ACS) configured to receive requests. Each request specifies an access operation to be performed with respect to a corresponding resource. Each of the requests is associated with a corresponding principal. For each received request, the ACS may be further configured to determine whether an access control entry exists that is associated with both the resource and principal associated with the request and that specifies an access type sufficient to perform the access operation. If no such entry exists, the ACS may deny the request.Type: ApplicationFiled: February 22, 2016Publication date: June 16, 2016Applicant: Amazon Technologies, Inc.Inventors: ALAN S. GELLER, RAHUL SINGH
-
Publication number: 20160112430Abstract: Techniques are described for providing enhanced security for electronic communications, such as by including in a message sent between two services a digital signature that is generated by using secret information known to the services, so that the recipient receives assurance regarding the sender's identity if the recipient can replicate the received digital signature using the secret information known to the recipient. In some situations, the enhanced security is used in communications to and/or from an access manager system that provides single sign-on functionality and other functionality to other services for use with those services' users, such as to prevent malicious phishers from inappropriately gaining access to user information. Various services may use the enhanced security techniques when interacting with the access manager system at various times, such as to initiate sign-on for a user and/or to take subsequent action on behalf of a signed-on user.Type: ApplicationFiled: December 28, 2015Publication date: April 21, 2016Inventor: Alan S. Geller
-
Patent number: 9225712Abstract: Techniques are described for providing enhanced security for electronic communications, such as by including in a message sent between two services a digital signature that is generated by using secret information known to the services, so that the recipient receives assurance regarding the sender's identity if the recipient can replicate the received digital signature using the secret information known to the recipient. In some situations, the enhanced security is used in communications to and/or from an access manager system that provides single sign-on functionality and other functionality to other services for use with those services' users, such as to prevent malicious phishers from inappropriately gaining access to user information. Various services may use the enhanced security techniques when interacting with the access manager system at various times, such as to initiate sign-on for a user and/or to take subsequent action on behalf of a signed-on user.Type: GrantFiled: September 14, 2012Date of Patent: December 29, 2015Assignee: Amazon Technologies, Inc.Inventor: Alan S. Geller
-
Publication number: 20150235191Abstract: Techniques are described for facilitating use of invocable services by applications in a configurable manner. In at least some situations, the invocable services are Web services or other network-accessible services that are made available by providers of the services for use by others in exchange for fees defined by the service providers. The described techniques facilitate use of such invocable services by applications in a manner configured by the application providers and the service providers, including to track use of third-party invocable services by applications on behalf of end users and to allocate fees that are charged end users between the applications and the services as configured by the providers of the applications and services. In some situations, the configured pricing terms for a service specify fees for end users that differ in one or more ways from the defined fees charged by the provider of that service.Type: ApplicationFiled: April 30, 2015Publication date: August 20, 2015Inventors: Peter Sirota, Don Johnson, Gaurav D. Ghare, Tushar Jain, Alan S. Geller
-
Patent number: 9044504Abstract: Techniques are described for facilitating use of invocable services by applications in a configurable manner. In at least some situations, the invocable services are Web services or other network-accessible services that are made available by providers of the services for use by others in exchange for fees defined by the service providers. The described techniques facilitate use of such invocable services by applications in a manner configured by the application providers and the service providers, including to track use of third-party invocable services by applications on behalf of end users and to allocate fees that are charged end users between the applications and the services as configured by the providers of the applications and services. In some situations, the configured pricing terms for a service specify fees for end users that differ in one or more ways from the defined fees charged by the provider of that service.Type: GrantFiled: March 24, 2011Date of Patent: June 2, 2015Assignee: Amazon Technologies, Inc.Inventors: Peter Sirota, Don Johnson, Gaurav D. Ghare, Tushar Jain, Alan S. Geller
-
Patent number: 8996482Abstract: A distributed system and method for replicated storage of structure data records. According to one embodiment, a system may include storage hosts each configured to store and retrieve structured data records, and a data store manager configured to receive a request from a client to store a structured data record within a table. In response to receiving the request, the data store manager may be further configured to map the structured data record to a block according to a partition key value of the structured data record and an identifier of the table and to map the block to a subset comprising at least two of the plurality of storage hosts. Upon successfully storing the structured data record to the block within at least two storage hosts within the subset, the data store manager may be further configured to return to the client an indication that said request is complete.Type: GrantFiled: February 10, 2006Date of Patent: March 31, 2015Assignee: Amazon Technologies, Inc.Inventors: Rahul Singh, Alan S. Geller, Amit J. Agarwal
-
Publication number: 20140380318Abstract: The subject disclosure is directed towards virtual components, e.g., comprising software components such as virtual components of a distributed computing system. Virtual components are available for use by distributed computing system applications, yet managed by the distributed computing system runtime transparent to the application with respect to automatic activation and deactivation on runtime-selected distributed computing system servers. Virtualization of virtual components is based upon mapping virtual components to their physical instantiations that are currently running, such as maintained in a global data store.Type: ApplicationFiled: March 27, 2014Publication date: December 25, 2014Applicant: Microsoft CorporationInventors: Sergey I. Bykov, Alan S. Geller, Gabriel Kliot, Ravindra Nath Pandya, Jorgen Thelin
-
Patent number: 8543449Abstract: A system and method for estimating available payload inventory are provided. An advertisement delivery system generates a set of atomic market segment arrays from target market criteria for one or more advertisement campaigns to be served. The set of arrays is incremented corresponding to advertisement requests matching the target market criteria. The atomic market segment is processed to select an advertisement and to predict future capacity and manage inventory.Type: GrantFiled: August 29, 2001Date of Patent: September 24, 2013Assignee: Microsoft CorporationInventors: Jeffery C. Beman, Alan S. Geller, Ashis K. Roy, Lawrence A. Koch
-
Patent number: 8447829Abstract: A system and method for controlling access to web services resources. A system may include a storage medium configured to store instructions and one or more processors configured to access the storage medium. The instructions may be executable by at least one of the processors to implement a web services access control system (ACS) configured to receive requests. Each request specifies an access operation to be performed with respect to a corresponding resource. Each of the requests is associated with a corresponding principal. For each received request, the ACS may be further configured to determine whether an access control entry exists that is associated with both the resource and principal associated with the request and that specifies an access type sufficient to perform the access operation. If no such entry exists, the ACS may deny the request.Type: GrantFiled: February 10, 2006Date of Patent: May 21, 2013Assignee: Amazon Technologies, Inc.Inventors: Alan S. Geller, Rahul Singh
-
Publication number: 20130081111Abstract: Techniques are described for providing enhanced security for electronic communications, such as by including in a message sent between two services a digital signature that is generated by using secret information known to the services, so that the recipient receives assurance regarding the sender's identity if the recipient can replicate the received digital signature using the secret information known to the recipient. In some situations, the enhanced security is used in communications to and/or from an access manager system that provides single sign-on functionality and other functionality to other services for use with those services' users, such as to prevent malicious phishers from inappropriately gaining access to user information. Various services may use the enhanced security techniques when interacting with the access manager system at various times, such as to initiate sign-on for a user and/or to take subsequent action on behalf of a signed-on user.Type: ApplicationFiled: September 14, 2012Publication date: March 28, 2013Applicant: AMAZON TECHNOLOGIES, INC.Inventor: Alan S. Geller
-
Patent number: 8312523Abstract: Techniques are described for providing enhanced security for electronic communications, such as by including in a message sent between two services a digital signature that is generated by using secret information known to the services, so that the recipient receives assurance regarding the sender's identity if the recipient can replicate the received digital signature using the secret information known to the recipient. In some situations, the enhanced security is used in communications to and/or from an access manager system that provides single sign-on functionality and other functionality to other services for use with those services' users, such as to prevent malicious phishers from inappropriately gaining access to user information. Various services may use the enhanced security techniques when interacting with the access manager system at various times, such as to initiate sign-on for a user and/or to take subsequent action on behalf of a signed-on user.Type: GrantFiled: March 31, 2006Date of Patent: November 13, 2012Assignee: Amazon Technologies, Inc.Inventor: Alan S. Geller
-
Patent number: 8200815Abstract: Method and apparatus for metering network services, for example Web services. In embodiments, a network services metering system may collect network service usage information via an add usage interface and store the usage information in a database. In one embodiment, the usage information may be partitioned into two or more partitions. Once the usage information has been aggregated and stored, the metering system may be queried to obtain usage statistics such as aggregate usage over specific time intervals. In one embodiment, a pipeline mechanism that generates and processes batches of usage information may be implemented for adding usage information to the database. The pipeline mechanism may help to reduce or eliminate redundancy and loss of usage information, and may make the metering system linearly scalable in multiple dimensions.Type: GrantFiled: March 4, 2011Date of Patent: June 12, 2012Assignee: Amazon Technologies, Inc.Inventors: Aditya K. Prasad, Sorin Gherman, Alan S. Geller, Rahul Singh, Nicholas J. Lee
-
Patent number: 7925554Abstract: Techniques are described for facilitating use of invocable services by applications in a configurable manner. In at least some situations, the invocable services are Web services or other network-accessible services that are made available by providers of the services for use by others in exchange for fees defined by the service providers. The described techniques facilitate use of such invocable services by applications in a manner configured by the application providers and the service providers, including to track use of third-party invocable services by applications on behalf of end users and to allocate fees that are charged end users between the applications and the services as configured by the providers of the applications and services. In some situations, the configured pricing terms for a service specify fees for end users that differ in one or more ways from the defined fees charged by the provider of that service.Type: GrantFiled: December 29, 2006Date of Patent: April 12, 2011Assignee: Amazon Technologies, Inc.Inventors: Peter Sirota, Don Johnson, Gaurav D. Ghare, Tushar Jain, Alan S. Geller