Patents by Inventor Kevin Christopher Miller

Kevin Christopher Miller has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210258239
    Abstract: Respective network metrics sets corresponding to one or more data sources are examined at a network health manager. Network health states corresponding to one or more endpoint pair categories are determined based on the analysis of the network metric sets. An indication of the network health state of a particular endpoint pair category is stored.
    Type: Application
    Filed: February 5, 2021
    Publication date: August 19, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Kenneth Grey Richards, Schuyler David Thompson, Adam Siefker, Kevin Christopher Miller, Meenakshi Rameshkumar
  • Patent number: 11063819
    Abstract: Techniques are described for managing communications for a managed computer network by using a defined pool of alternative computing nodes of the managed computer network that are configured to operate as intermediate destinations to handle at least some communications that are sent by and/or directed to one or more other computing nodes of the managed computer network. For example, a manager module associated with a source computing node may select a particular alternative intermediate destination computing node from a defined pool to use for one or more particular communications from the source computing node to an indicated final destination, such as based on a configured logical network topology for the managed computer network and/or on one or more other selection criteria (e.g., to enable load balancing between the alternative computing nodes). The manager module then forwards those communications to the selected intermediate destination computing node for further handling.
    Type: Grant
    Filed: July 19, 2019
    Date of Patent: July 13, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Eric Jason Brandwine, Kevin Christopher Miller
  • Publication number: 20210168032
    Abstract: Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present.
    Type: Application
    Filed: December 11, 2020
    Publication date: June 3, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Eric Jason Brandwine, Andrew J. Doane
  • Publication number: 20210152392
    Abstract: In accordance with a designation of a private alias endpoint as a routing target for traffic directed to a service from within an isolated virtual network of a provider network, a tunneling intermediary receives a baseline packet generated at a compute instance. The baseline packet indicates a public IP (Internet Protocol) address of the service as the destination, and a private IP address of the compute instance as the source. In accordance with a tunneling protocol, the tunneling intermediary generates an encapsulation packet comprising at least a portion of the baseline packet and a header indicating the isolated virtual network. The encapsulation packet is transmitted to a node of the service.
    Type: Application
    Filed: November 19, 2020
    Publication date: May 20, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Richard Alexander Sheehan, Douglas Stewart Laurence, Marwan Salah El-Din Oweis, Andrew Bruce Dickinson
  • Publication number: 20210152632
    Abstract: Techniques are described for providing managed computer networks, such as for managed virtual computer networks overlaid on one or more other underlying computer networks. In some situations, the techniques include facilitating replication of a primary computing node that is actively participating in a managed computer network, such as by maintaining one or more other computing nodes in the managed computer network as replicas, and using such replica computing nodes in various manners. For example, a particular managed virtual computer network may span multiple broadcast domains of an underlying computer network, and a particular primary computing node and a corresponding remote replica computing node of the managed virtual computer network may be implemented in distinct broadcast domains of the underlying computer network, with the replica computing node being used to transparently replace the primary computing node in the virtual computer network if the primary computing node becomes unavailable.
    Type: Application
    Filed: January 29, 2021
    Publication date: May 20, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Eric Jason Brandwine, Kevin Christopher Miller, Andrew J. Doane
  • Publication number: 20210119890
    Abstract: A determination is made that a graphical representation of network health state information pertaining to a client account of a provider network is to be provided. Using respective network metrics groups corresponding to several data sources, a network health state descriptor corresponding to a resource associated with the client account is generated. A data set usable to generate a graphical display of network health state information of the resource of the client account is transmitted.
    Type: Application
    Filed: December 4, 2020
    Publication date: April 22, 2021
    Applicant: Amazon Technologies, Inc.
    Inventors: Kenneth Grey Richards, Schuyler David Thompson, Adam Siefker, Kevin Christopher Miller, Meenakshi Rameshkumar
  • Patent number: 10958653
    Abstract: A computing resource service provider grants a first set of security permissions to a principal (e.g., a user) which may be used to access a plurality of computing resources. The permissions may be associated with a first security token. The principal may access resources using the first set of security permissions, and a system (e.g., a service provider) may identify a subset of security permissions that are sufficient to provide access to the computing resources accessed by the principal using the first set of permissions. The subset may be associated with the principal. In some cases, the principal operating under the subset of permissions may be denied access to a computing resource and may be granted access to the computing resource by operating under the first set of permissions.
    Type: Grant
    Filed: June 27, 2017
    Date of Patent: March 23, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Rebecca Claire Weiss
  • Patent number: 10924452
    Abstract: Techniques are disclosed for auditing an IP address prefix that has been assigned to an entity as part of an administrator policy, to determine whether the assignment was implemented on the network. In an embodiment, associations between IP addresses and their assignment are stored in a database. IP addresses are read and semi-authoritative sources (e.g., DNS servers) are queried for information about the IP addresses. Information received in response to the query may be used to validate the IP address (e.g., in a network, all IP addresses used for VM instances will have a corresponding URL in a specific format).
    Type: Grant
    Filed: August 30, 2013
    Date of Patent: February 16, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Leonid Valentinovich Nikolayev, Michael Brooke Furr, Ryan David Murphy, Kevin Christopher Miller
  • Patent number: 10917324
    Abstract: Respective network metrics sets corresponding to one or more data sources are examined at a network health manager. Network health states corresponding to one or more endpoint pair categories are determined based on the analysis of the network metric sets. An indication of the network health state of a particular endpoint pair category is stored.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: February 9, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Kenneth Grey Richards, Schuyler David Thompson, Adam Siefker, Kevin Christopher Miller, Meenakshi Rameshkumar
  • Patent number: 10911528
    Abstract: Techniques are described for providing managed computer networks, such as for managed virtual computer networks overlaid on one or more other underlying computer networks. In some situations, the techniques include facilitating replication of a primary computing node that is actively participating in a managed computer network, such as by maintaining one or more other computing nodes in the managed computer network as replicas, and using such replica computing nodes in various manners. For example, a particular managed virtual computer network may span multiple broadcast domains of an underlying computer network, and a particular primary computing node and a corresponding remote replica computing node of the managed virtual computer network may be implemented in distinct broadcast domains of the underlying computer network, with the replica computing node being used to transparently replace the primary computing node in the virtual computer network if the primary computing node becomes unavailable.
    Type: Grant
    Filed: March 20, 2020
    Date of Patent: February 2, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Eric Jason Brandwine, Kevin Christopher Miller, Andrew J. Doane
  • Patent number: 10911263
    Abstract: A request to obtain network health information pertaining to a client account of a provider network is received via a programmatic interface. Respective sets of network metrics are obtained from several data sources of the provider network, and a respective network health state descriptor is generated for one or more resource sets associated with the client account. A response to the request is prepared using the network health state descriptor and transmitted.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: February 2, 2021
    Assignee: Amazon Technologies, Inc.
    Inventors: Kenneth Grey Richards, Schuyler David Thompson, Adam Siefker, Kevin Christopher Miller, Meenakshi Rameshkumar
  • Patent number: 10868723
    Abstract: Techniques are described for providing managed virtual computer networks that have a configured logical network topology with virtual networking devices, such as by a network-accessible configurable network service, with corresponding networking functionality provided for communications between multiple computing nodes of the virtual computer network by emulating functionality that would be provided by the virtual networking devices if they were physically present.
    Type: Grant
    Filed: September 13, 2019
    Date of Patent: December 15, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Eric Jason Brandwine, Andrew J. Doane
  • Patent number: 10862709
    Abstract: A flow policy service that allows clients to define policies for packet flows to, from, and within their virtual networks on a provider network. Logic may be embedded in a flow policy that dictates what happens to a packet as it enters the network, or after the packet leaves an appliance. Via the service, a client may define conditional rules that specify different paths that packets should follow on the provider network according to conditional evaluations of information about the packets, for example source and/or destination endpoints of the packets, or output codes from appliances that process the packets.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: December 8, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Kevin Christopher Miller, Eric Wayne Schultze
  • Patent number: 10862777
    Abstract: A determination is made that a graphical representation of network health state information pertaining to a client account of a provider network is to be provided. Using respective network metrics groups corresponding to several data sources, a network health state descriptor corresponding to a resource associated with the client account is generated. A data set usable to generate a graphical display of network health state information of the resource of the client account is transmitted.
    Type: Grant
    Filed: September 28, 2016
    Date of Patent: December 8, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kenneth Grey Richards, Schuyler David Thompson, Adam Siefker, Kevin Christopher Miller, Meenakshi Rameshkumar
  • Patent number: 10862796
    Abstract: A flow policy service that allows clients to define policies for packet flows to, from, and within their virtual networks on a provider network. Via the service, a client may define rules that specify appliances that inbound, outbound, and/or internal virtual network traffic should flow through. The rules may, for example, be attached to the virtual network, to subnets within the virtual network, and/or to resource instances within the virtual network. The rules may be specified in a descriptive, domain-specific language. The service determines how and where on the provider network to implement the rules in order to apply the specified policy. Thus, the actual implementation of the policy may be hidden from the client. The service may generate flow reports that may be used to confirm that traffic to, from, or within a virtual network is flowing through the correct network appliances according to the policy.
    Type: Grant
    Filed: January 18, 2017
    Date of Patent: December 8, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Andrew Bruce Dickinson, Kevin Christopher Miller, Eric Wayne Schultze
  • Patent number: 10848346
    Abstract: In accordance with a designation of a private alias endpoint as a routing target for traffic directed to a service from within an isolated virtual network of a provider network, a tunneling intermediary receives a baseline packet generated at a compute instance. The baseline packet indicates a public IP (Internet Protocol) address of the service as the destination, and a private IP address of the compute instance as the source. In accordance with a tunneling protocol, the tunneling intermediary generates an encapsulation packet comprising at least a portion of the baseline packet and a header indicating the isolated virtual network. The encapsulation packet is transmitted to a node of the service.
    Type: Grant
    Filed: April 5, 2019
    Date of Patent: November 24, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Richard Alexander Sheehan, Douglas Stewart Laurence, Marwan Salah EL-Din Oweis, Andrew Bruce Dickinson
  • Publication number: 20200351252
    Abstract: Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity.
    Type: Application
    Filed: July 20, 2020
    Publication date: November 5, 2020
    Applicant: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Andrew J. Doane, Mahmoud A. Abuelela, Michael B. Furr
  • Patent number: 10819525
    Abstract: Data is split into a set of data packets and transmitted between a client computer system and a network service via a packet-switched network. The client computer system identifies a role, permission, group, or other credential that is associated with the data packets, and attaches a credential identifier such as a digital signature to the packets before they are transmitted over the network. A network service receives the data packets, and is configured to filter or route the data packets to a recipient using the attached credential identifier. The network service can adjust the filtering or routing process to occur within a data link, network, transport, or application layer. In some examples, the filtering or routing is provided from within a hypervisor.
    Type: Grant
    Filed: June 15, 2018
    Date of Patent: October 27, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Colm Gearóid MacCárthaigh
  • Patent number: 10812384
    Abstract: Techniques are described for managing customer-specified routing policies for network-accessible computing resources. In some situations, the customer-specified routing policies may be based at least in part on DNS (“Domain Name System”) information specified by a customer, such as if the customer specifies one or more target destinations to use with an indicated DNS domain name that are different from the destination IP address(es) provided for that DNS domain name by DNS servers—if so, the managing of such a DNS-based routing policy for that customer may include identifying when network-accessible computing resources provided to the customer send electronic communications to that DNS domain name, and causing those electronic communications to be redirected to the customer-specified target destination(s). Such customer-specified target destinations may include, in different situations, final destinations, intermediate destinations, etc., as well as identify particular routes.
    Type: Grant
    Filed: July 2, 2018
    Date of Patent: October 20, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kyle Tailor Akers, Chao Yuan, Kevin Christopher Miller, Andrew Bruce Dickinson, Michael Siaosi Voegele, Daniel Lee McCarriar, Yohanes Santoso, David Brian Lennon
  • Patent number: 10791096
    Abstract: Methods and apparatus for interfaces to manage direct network peerings. A system may include a data center, endpoint routers and a connectivity coordinator. The coordinator implements a programmatic interface defining connectivity operations. The coordinator receives a request for dedicated connectivity to data center resources, formatted according to the interface. The coordinator selects a target endpoint router at which to establish a physical link to implement the dedicated connectivity, and transmits a response identifying the target endpoint router and including configuration instructions for setting up a physical link for the dedicated connectivity.
    Type: Grant
    Filed: August 6, 2018
    Date of Patent: September 29, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Kevin Christopher Miller, Andrew J. Doane, Mahmoud A. Abuelela, Michael B. Furr