Patents by Inventor Jeffrey J. Fielding
Jeffrey J. Fielding has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11451392Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.Type: GrantFiled: July 6, 2018Date of Patent: September 20, 2022Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Patent number: 11212291Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: GrantFiled: June 26, 2019Date of Patent: December 28, 2021Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J. Fielding, Vaibhav Mallya, Darren E. Canavor
-
Publication number: 20190319963Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: ApplicationFiled: June 26, 2019Publication date: October 17, 2019Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J. Fielding, Vaibhav Mallya, Darren E. Canavor
-
Patent number: 10356104Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: GrantFiled: May 25, 2018Date of Patent: July 16, 2019Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J. Fielding, Vaibhav Mallya, Darren E. Canavor
-
Publication number: 20180316501Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.Type: ApplicationFiled: July 6, 2018Publication date: November 1, 2018Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Publication number: 20180278621Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: ApplicationFiled: May 25, 2018Publication date: September 27, 2018Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J. Fielding, Vaibhav Mallya, Darren E. Canavor
-
Patent number: 10020942Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.Type: GrantFiled: August 3, 2017Date of Patent: July 10, 2018Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Patent number: 9985974Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: GrantFiled: March 9, 2017Date of Patent: May 29, 2018Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J. Fielding, Vaibhav Mallya, Darren E. Canavor
-
Publication number: 20170331629Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.Type: ApplicationFiled: August 3, 2017Publication date: November 16, 2017Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Patent number: 9756023Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, access policies define authorizations regarding which entities are able to resolve a token to access the actual sensitive data.Type: GrantFiled: August 12, 2016Date of Patent: September 5, 2017Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Publication number: 20170180389Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: ApplicationFiled: March 9, 2017Publication date: June 22, 2017Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J. Fielding, Vaibhav Mallya, Darren E. Canavor
-
Patent number: 9596244Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.Type: GrantFiled: June 16, 2011Date of Patent: March 14, 2017Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darin Keith McAdams, Jeffrey J Fielding, Vaibhav Mallya, Darren E. Canavor
-
Publication number: 20160352695Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, access policies define authorizations regarding which entities are able to resolve a token to access the actual sensitive data.Type: ApplicationFiled: August 12, 2016Publication date: December 1, 2016Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Patent number: 9430308Abstract: Disclosed are various embodiments for network monitoring. A processor circuit having a processor and a memory is employed. A listing of components of a network is stored in the memory, the listing including a plurality of endpoints and a plurality of nodes. One of the endpoints includes a processor circuit. A monitoring application is stored in the memory and executable by the processor circuit. The monitoring application is configured to maintain in the memory an indication of an operational status of each of the nodes derived from a plurality of status requests transmitted between respective pairs of the endpoints.Type: GrantFiled: May 1, 2015Date of Patent: August 30, 2016Assignee: Amazon Technologies, Inc.Inventors: David A. Cuthbert, Sergei V. Shinkarev, Jeffrey J. Fielding, Ting-You Wang
-
Patent number: 9419841Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, access policies define authorizations regarding which entities are able to resolve a token to access the actual sensitive data.Type: GrantFiled: June 29, 2011Date of Patent: August 16, 2016Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darren E. Canavor, Jeffrey J. Fielding, Vaibhav Mallya, Darin Keith McAdams
-
Patent number: 9250088Abstract: Disclosed are various embodiments for discovery of public points of interest. Data identifying points of interest is obtained. Each point of interest is associated with a respective user and specifies a respective name and a respective geographic location. A public point of interest is determined based at least in part on a similarity of the respective names of a subset of the points of interest, a proximity of the respective geographic locations of the subset of the points of interest, and a number of different users associated with the subset of the points of interest.Type: GrantFiled: October 2, 2013Date of Patent: February 2, 2016Assignee: Amazon Technologies, Inc.Inventors: Jonathan Kozolchyk, Darren E. Canavor, Blake P. Hess, Jeffrey J. Fielding
-
Publication number: 20150234695Abstract: Disclosed are various embodiments for network monitoring. A processor circuit having a processor and a memory is employed. A listing of components of a network is stored in the memory, the listing including a plurality of endpoints and a plurality of nodes. One of the endpoints includes a processor circuit. A monitoring application is stored in the memory and executable by the processor circuit. The monitoring application is configured to maintain in the memory an indication of an operational status of each of the nodes derived from a plurality of status requests transmitted between respective pairs of the endpoints.Type: ApplicationFiled: May 1, 2015Publication date: August 20, 2015Inventors: David A. Cuthbert, Sergei V. Shinkarev, Jeffrey J. Fielding, Ting-You Wang
-
Patent number: 9032073Abstract: Disclosed are various embodiments for network monitoring. A processor circuit having a processor and a memory is employed. A listing of components of a network is stored in the memory, the listing including a plurality of endpoints and a plurality of nodes. One of the endpoints includes the processor circuit. A monitoring application is stored in the memory and executable by the processor. The monitoring application is configured to maintain in the memory an indication of an operational status of each of the nodes derived from a plurality of status requests transmitted between respective pairs of the endpoints.Type: GrantFiled: January 3, 2014Date of Patent: May 12, 2015Assignee: Amazon Technologies, Inc.Inventors: David A. Cuthbert, Sergei V. Shinkarev, Jeffrey J. Fielding, Ting-You Wang
-
Patent number: 8635319Abstract: Disclosed are various embodiments for network monitoring. A processor circuit having a processor and a memory is employed. A listing of components of a network is stored in the memory, the listing including a plurality of endpoints and a plurality of nodes. One of the endpoints includes the processor circuit. A monitoring application is stored in the memory and executable by the processor. The monitoring application is configured to maintain in the memory an indication of an operational status of each of the nodes derived from a plurality of status requests transmitted between respective pairs of the endpoints.Type: GrantFiled: March 8, 2010Date of Patent: January 21, 2014Assignee: Amazon Technologies, Inc.Inventors: David A. Cuthbert, Sergei V. Shinkarev, Jeffrey J. Fielding, Ting-You Wang
-
Patent number: 8625757Abstract: A monitoring service may receive, from a plurality of service providers, log information pertaining to access calls made by service consumers to services or APIs provided by the service providers. The monitoring service aggregates and analyzes the log information for use in monitoring performance of the services, identifying anomalies, and the like. In some instances, the monitoring service may identify multiple services that are behaviorally interrelated based on at least one performance metric, and may group these services together into service groups for monitoring purposes. A service relationship model may be generated for each of the service groups that predicts how each service will behave relative to the other services in the service group. The monitoring service may monitor performance and use of the services based, at least in part, on the one or more service groups and the service relationship model for each group.Type: GrantFiled: June 24, 2011Date of Patent: January 7, 2014Assignee: Amazon Technologies, Inc.Inventors: Alexandre Karpov, Darin Keith McAdams, Jonathan Kozolchyk, Peter S Ding, Jeffrey J Fielding