Patents by Inventor Gaurang Pankaj Mehta
Gaurang Pankaj Mehta has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20180191710Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.Type: ApplicationFiled: February 27, 2018Publication date: July 5, 2018Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Guruprakash Bangalore Rao, Shuo Wang, Sameer Palande, Krithi Rai, Chirag Pravin Pandya
-
Patent number: 9998499Abstract: Features are disclosed for facilitating management of network directories of multiple organizations by a centralized directory management system. Various applications can access the directories of the organizations via the directory management system according to the permissions that the applications have been granted by the respective organizations. Organizations may maintain directories on-premises or off-premises, and the applications can access the directories via the directory management system regardless of the physical location of the directories. Additionally, the applications may be hosted by a computing service provider that also hosts or otherwise manages the directory management service, or the applications can be hosted by third-party servers separate from the directory management system and the organizations.Type: GrantFiled: September 29, 2014Date of Patent: June 12, 2018Assignee: Amazon Technologies, Inc.Inventors: Gaurang Pankaj Mehta, Shon Kiran Shah, Krithi Rai, Guruprakash Bangalore Rao
-
Patent number: 9942224Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.Type: GrantFiled: March 10, 2017Date of Patent: April 10, 2018Assignee: Amazon Technologies, Inc.Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Guruprakash Bangalore Rao, Shuo Wang, Sameer Palande, Krithi Rai, Chirag Pravin Pandya
-
Patent number: 9853978Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.Type: GrantFiled: February 3, 2017Date of Patent: December 26, 2017Assignee: Amazon Technologies, Inc.Inventors: Erik Jonathon Tellvik, Gaurang Pankaj Mehta, Ajit Nagendra Padukone, Chirag Pravin Pandya, Colin Harrison Brace, Deepak Suryanarayanan, Guruprakash Bangalore Rao, Krithi Rai, Malcolm Russell Ah Kun, Sameer Palande, Shon Kiran Shah, Vivek Lakshmanan
-
Publication number: 20170302643Abstract: A global endpoint may be associated with an organization name and a plurality of directories located in different geographic regions. The global endpoint may be a computing system that hosts a page used by users to access an application or service. A user may be able to access the application or service using already existing credentials. For example, the user may access the application or service using credentials stored and maintained by an entity with which the user is affiliated. Users having credentials stored in different geographic regions may be able to access the application or service via the same global endpoint.Type: ApplicationFiled: May 1, 2017Publication date: October 19, 2017Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Chirag Pravin Pandya
-
Publication number: 20170250980Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.Type: ApplicationFiled: March 10, 2017Publication date: August 31, 2017Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Guruprakash Bangalore Rao, Shuo Wang, Sameer Palande, Krithi Rai, Chirag Pravin Pandya
-
Patent number: 9736159Abstract: A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service.Type: GrantFiled: December 5, 2013Date of Patent: August 15, 2017Assignee: Amazon Technologies, Inc.Inventors: Shon Kiran Shah, Guruprakash Bangalore Rao, Thomas Christopher Rizzo, Gaurang Pankaj Mehta
-
Patent number: 9705881Abstract: A customer of a computing resource service provider may utilize a set of credentials to request creation of an identity pool within a managed directory service. Accordingly, the managed directory service may create the identity pool. Instead of having the customer create a separate account within this identity pool, the managed directory service may create a shadow administrator account within the identity pool, which may be used to manage other users and resources in the identity pool within the managed directory service. The managed directory service further exposes an application programming interface command that may be used to obtain a set of credentials for accessing the shadow administrator account. The customer may use this command to receive the set of credentials and access the shadow administrator account. Accordingly, the customer can manage users and resources in the identity pool within the managed directory service.Type: GrantFiled: December 5, 2013Date of Patent: July 11, 2017Assignee: Amazon Technologies, Inc.Inventors: Shon Kiran Shah, Guruprakash Bangalore Rao, Thomas Christopher Rizzo, Gaurang Pankaj Mehta
-
Publication number: 20170149780Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.Type: ApplicationFiled: February 3, 2017Publication date: May 25, 2017Inventors: Erik Jonathon Tellvik, Gaurang Pankaj Mehta, Ajit Nagendra Padukone, Chirag Pravin Pandya, Colin Harrison Brace, Deepak Suryanarayanan, Guruprakash Bangalore Rao, Krithi Rai, Malcolm Russell Ah Kun, Sameer Palande, Shon Kiran Shah, Vivek Lakshmanan
-
Patent number: 9641503Abstract: A global endpoint may be associated with an organization name and a plurality of directories located in different geographic regions. The global endpoint may be a computing system that hosts a page used by users to access an application or service. A user may be able to access the application or service using already existing credentials. For example, the user may access the application or service using credentials stored and maintained by an entity with which the user is affiliated. Users having credentials stored in different geographic regions may be able to access the application or service via the same global endpoint.Type: GrantFiled: October 3, 2014Date of Patent: May 2, 2017Assignee: Amazon Technologies, Inc.Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Chirag Pravin Pandya
-
Patent number: 9641522Abstract: A centralized policy management may allow for one set of credentials to various applications and services offered by a computing resource service provider or other third-party servers. Systems, methods, and computer readable medium can be configured to receive a request to access a first computing system service provided by the computing resource service provider, generate an encrypted data bundle including at least a user identifier and a data type, and transmit the encrypted data bundle to a recipient, wherein the encrypted data bundle is configured to be returned to the one or more computing devices to facilitate access to the first computing system service provided by the computing resource service provider.Type: GrantFiled: November 11, 2014Date of Patent: May 2, 2017Assignee: Amazon Technologies, Inc.Inventors: Lawrence Hun-Gi Aung, Gaurang Pankaj Mehta, Krithi Rai, Chirag Pravin Pandya, Shuo Wang
-
Publication number: 20170083698Abstract: Systems and methods for detecting the generation of authentication credentials for virtual machine instances are described. In various embodiments, an intermediary system may detect or determine, for a virtual machine instance, one or more states associated with a credential (e.g., a password) generation process and/or a get password request from a requesting user. Based on detected or determined virtual machine states, the intermediary system may provide useful and/or timely status indicators or notifications to the requesting user. In various embodiments multiple states may be determined sequentially or in parallel in order to provide more detailed information regarding whether and why a credential is or is not available, contributing to an improved user experience. For example, timely indication that a password may not be available may be useful to the requesting user who can take immediate steps to remedy the situation, such as by contacting customer service.Type: ApplicationFiled: November 7, 2016Publication date: March 23, 2017Inventors: Jonathan N. Scott, Andrew Richard Butchart, Gaurang Pankaj Mehta
-
Patent number: 9596233Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.Type: GrantFiled: March 3, 2016Date of Patent: March 14, 2017Assignee: Amazon Technologies, Inc.Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Guruprakash Bangalore Rao, Shuo Wang, Sameer Palande, Krithi Rai, Chirag Pravin Pandya
-
Publication number: 20170070581Abstract: It may be determined that a cloud desktop should be migrated from a current region. A destination region to which the cloud desktop will be migrated can be identified. A data volume of the cloud desktop may be copied from the current region to the destination region. The data volume at the current region and the data volume at the destination region may be maintained in sync during the copying. Upon completion of the copying, a current user session associated with the cloud desktop at the current region may be frozen, a current memory and processor state of the current user session may be copied to the destination region, and a second cloud desktop instance at the destination region may be started using the copied data volume and current memory and processor state. The current user session may be connected to the second cloud desktop instance.Type: ApplicationFiled: November 16, 2016Publication date: March 9, 2017Inventors: Nathan Bartholomew Thomas, Eugene Michael Farrell, Erik Jonathon Tellvik, Gaurang Pankaj Mehta, Deepak Suryanarayanan
-
Patent number: 9565190Abstract: A virtual computing environment service may receive a request from a customer to provision a virtual computing environment and join the virtual computing environment to a managed directory. The virtual computing environment service may provision the virtual computing environment and uses a set of administrator credentials from the customer and a set of credentials corresponding to the environment to access the managed directory and request joining of the environment to the managed directory. In response, the managed directory may create a computer account corresponding to the environment and which enables the environment to be used to access the managed directory. The virtual computing environment service may then enable the customer to specify one or more users that may utilize the virtual computing environment to access the managed directory.Type: GrantFiled: November 7, 2014Date of Patent: February 7, 2017Assignee: Amazon Technologies, Inc.Inventors: Erik Jonathan Telvik, Gaurang Pankaj Mehta, Ajit Nagendra Padukone, Chirag Pravin Pandya, Colin Harrison Brace, Deepak Suryanarayanan, Guruprakash Bangalore Rao, Krithi Rai, Malcolm Russell Ah Kun, Sameer Palande, Shon Kiran Shah, Vivek Lakshmanan
-
Patent number: 9537938Abstract: It may be determined that a cloud desktop should be migrated from a current region. A destination region to which the cloud desktop will be migrated can be identified. A data volume of the cloud desktop may be copied from the current region to the destination region. The data volume at the current region and the data volume at the destination region may be maintained in sync during the copying. Upon completion of the copying, a current user session associated with the cloud desktop at the current region may be frozen, a current memory and processor state of the current user session may be copied to the destination region, and a second cloud desktop instance at the destination region may be started using the copied data volume and current memory and processor state. The current user session may be connected to the second cloud desktop instance.Type: GrantFiled: September 23, 2014Date of Patent: January 3, 2017Assignee: Amazon Technologies, Inc.Inventors: Nathan Bartholomew Thomas, Eugene Michael Farrell, Erik Jonathon Tellvik, Gaurang Pankaj Mehta, Deepak Suryanarayanan
-
Patent number: 9489510Abstract: Systems and methods for detecting the generation of authentication credentials for virtual machine instances are described. In various embodiments, an intermediary system may detect or determine, for a virtual machine instance, one or more states associated with a credential (e.g., a password) generation process and/or a get password request from a requesting user. Based on detected or determined virtual machine states, the intermediary system may provide useful and/or timely status indicators or notifications to the requesting user. In various embodiments multiple states may be determined sequentially or in parallel in order to provide more detailed information regarding whether and why a credential is or is not available, contributing to an improved user experience. For example, timely indication that a password may not be available may be useful to the requesting user who can take immediate steps to remedy the situation, such as by contacting customer service.Type: GrantFiled: September 24, 2014Date of Patent: November 8, 2016Assignee: Amazon Technologies, Inc.Inventors: Jonathan N. Scott, Andrew Richard Butchart, Gaurang Pankaj Mehta
-
Patent number: 9407615Abstract: A user may utilize a set of credentials to access, through a managed directory service, one or more services provided by a computing resource service provider. The managed directory service may be configured to identify one or more policies applicable to the user. These policies may define the level of access to the one or more services provided by the computing resource service provider. Based at least in part on these policies, the managed directory service may transmit a request to an identity management system to obtain a set of temporary credentials that may be used to enable the user to access the one or more services. Accordingly, the managed directory service may be configured to enable the user, based at least in part on the policies and the set of temporary credentials, to access an interface, which can be used to access the one or more services.Type: GrantFiled: December 5, 2013Date of Patent: August 2, 2016Assignee: Amazon Technologies, Inc.Inventors: Shon Kiran Shah, Gaurang Pankaj Mehta, Venakta N. S. S. Harsha Koonaparaju, Thomas Christopher Rizzo, Guruprakash Bangalore Rao
-
Patent number: 9344427Abstract: Techniques and constructs to facilitate multiple authentications of passwords are described. For instance, the disclosure describes systems and processes that authenticate a password and return an encrypted password that may be subsequently decrypted for additional authentications.Type: GrantFiled: November 11, 2014Date of Patent: May 17, 2016Assignee: Amazon Technologies, Inc.Inventors: Gaurang Pankaj Mehta, Chirag Pravin Pandya
-
Patent number: 9313193Abstract: A user, group, and device management and authentication system allows administrators to manage one or more directories with devices that are not associated with a domain of the one or more directories via a set of APIs. The system also allows applications and services that do not have direct access to a list of directory users to access the one or more directories. The user, group, and device management and authentication system may be an add-on system that works in conjunction with a centrally-managed directory service to provide such functionality. For example, the system may generate an access token associated with a particular directory that can be used by a service accessed by an administrator to call an API provided by the system. The API call may be translated into a directory-specific API call that can be used to perform an action in the particular directory.Type: GrantFiled: September 29, 2014Date of Patent: April 12, 2016Assignee: Amazon Technologies, Inc.Inventors: Gaurang Pankaj Mehta, Neelam Satish Agrawal, Lawrence Hun-Gi Aung, Guruprakash Bangalore Rao, Shuo Wang, Sameer Palande, Krithi Rai, Chirag Pravin Pandya