Patents by Inventor Marcel Andrew Levy
Marcel Andrew Levy has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11888997Abstract: A computing resource service provider provides a certificate management service that allows customers of the computing resource service provider to create, distribute, manage, and revoke digital certificates issued by public and/or private certificate authorities. In an embodiment, customers may use the certificate management service to generate private certificate authority which can issue signed certificates to network entities within the customer enterprise. In an embodiment, the private certificate authority is hosted by the computing resource service provider, and the certificate management service automates the renewal and management of active certificates. In an embodiment, the certificate management service allows customer applications to create, renew, and revoke certificates issued by both private and public certificate authorities via an application programming interface.Type: GrantFiled: June 25, 2018Date of Patent: January 30, 2024Assignee: Amazon Technologies, Inc.Inventors: Peter Zachary Bowen, Todd Lawrence Cignetti, Preston Anthony Elder, III, Brandonn Gorman, Ronald Andrew Hoskinson, Jonathan Kozolchyk, Kenneth Lawler, Marcel Andrew Levy, Kyle Benjamin Schultheiss, Sandeep Shantharaj, Param Sharma, Jose Maria Silveira Neto
-
Patent number: 11782960Abstract: Techniques for managing certificate metrics are described. A method of managing certificate metrics can include adding certificate data associated with one or more certificates to a plurality of slots of a metric certificate data store, reading, by a metric publisher, the certificate data associated with a first slot of the metric certificate data store in response to an event, determining a metric associated with each certificate associated with a subset of the certificate data associated with the first slot of the metric certificate data store, and providing the metric associated with each certificate to a resource monitoring service.Type: GrantFiled: December 3, 2020Date of Patent: October 10, 2023Assignee: Amazon Technologies, Inc.Inventors: Manikandan Subramanian, Marcel Andrew Levy
-
Patent number: 11784831Abstract: The present disclosure generally relates to systems and methods for the gradual application of a new digital certificate to a service endpoint or server, with repeated rollbacks to an old digital certificate, whereby the new certificate is applied to a service endpoint and automatically rolled back to the previous certificate after an amount of time. After a period that corresponds to a set amount of time minus the time the new certificate was applied to the endpoint, the process starts again, except with an increased period of time for the new certificate.Type: GrantFiled: June 22, 2021Date of Patent: October 10, 2023Assignee: Amazon Technologies, Inc.Inventor: Marcel Andrew Levy
-
Publication number: 20230300124Abstract: Techniques for certificate authority (CA) selection are described. A certificate management service of a cloud provider network receives a first request to generate a certificate from an electronic device, the first request including an indication of an identity of a user and an identification of a domain name to associate with the certificate. A CA selection policy applicable to the first request is identified, the CA selection policy including a CA selection rule. A CA to generate the certificate is identified by evaluating the CA selection rule, the CA selection rule associates at least a portion of the domain name with the CA. A second request to generate the certificate is sent to the identified CA. The certificate or an identification of the certificate from the CA is returned to the electronic device.Type: ApplicationFiled: March 21, 2022Publication date: September 21, 2023Inventors: Manikandan SUBRAMANIAN, Marcel Andrew LEVY, Blake P. HESS
-
Publication number: 20230179429Abstract: Techniques are described for enabling users of a certificate management service to create certificate issuance policies that can be applied to certificate issuance requests across both public and private certificate authorities (CAs) and other certificate-related services. According to embodiments described herein, a certificate issuance policy includes one or more certificate issuance rules to be applied to requests associated with one or more specified user accounts or roles for certificate-related resources (e.g., public certificates, private certificates, etc.). The application of a certificate issuance rule can be conditioned on a particular request context (e.g., based on a user account or role associated with a request, a type of certificate requested, a subject name identified in the request, etc.) and can specify a wide range of actions to be performed on requests matching a rule (e.g., allowing or denying a request, modifying one or more parameters of the request, etc.).Type: ApplicationFiled: December 3, 2021Publication date: June 8, 2023Inventors: Josh ROSENTHOL, Param SHARMA, Kyle Benjamin SCHULTHEISS, Marcel Andrew LEVY, Todd CIGNETTI
-
Patent number: 11621948Abstract: A computer system detects that a digital certificate is set to expire within a threshold amount of time. In response to detecting that the digital certificate is set to expire, the computer system generates an update to cause a second computer system to perform operations to indicate an upcoming expiration of the digital certificate. The computer system provides the update to the second computer system to cause the second computer system to perform the operations.Type: GrantFiled: November 15, 2019Date of Patent: April 4, 2023Assignee: Amazon Technologies, Inc.Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Patent number: 11563590Abstract: A computing resource service provider provides a certificate management service that allows customers of the computing resource service provider to create, distribute, manage, and revoke digital certificates issued by public and/or private certificate authorities. In an embodiment, when a new certificate is generated, a certificate template is used to apply various settings and policies for the new certificate. In various examples, templates may be used to establish default values, enforce required and optional values, place restrictions on one or more data fields, and enforce signature requirements. In some embodiments, the template establishes rules for rejecting certificate requests that don't conform to the template.Type: GrantFiled: June 25, 2018Date of Patent: January 24, 2023Assignee: Amazon Technologies, Inc.Inventors: Peter Zachary Bowen, Todd Lawrence Cignetti, Preston Anthony Elder, III, Brandonn Gorman, Ronald Andrew Hoskinson, Jonathan Kozolchyk, Kenneth Lawler, Marcel Andrew Levy, Kyle Benjamin Schultheiss, Sandeep Shantharaj, Param Sharma, Jose Maria Silveira Neto
-
Patent number: 11323274Abstract: In an embodiment, a computing resource service provider provides a certificate management service that allows customers of the computing resource service provider to create, distribute, manage, and revoke digital certificates issued by private certificate authorities. In an embodiment, a private certificate authority hosted by the computing resource service provider is able to issue signed certificates to network entities within the customer enterprise. In an embodiment, the certificate management service provides a network-accessible application programming interface to the private certificate authority that allows applications to create and deploy private certificates programmatically. In an embodiment, the system provides the flexibility to create private certificates for applications that require custom certificate lifetimes or resource names.Type: GrantFiled: June 25, 2018Date of Patent: May 3, 2022Assignee: Amazon Technologies, Inc.Inventors: Peter Zachary Bowen, Todd Lawrence Cignetti, Preston Anthony Elder, III, Brandonn Gorman, Ronald Andrew Hoskinson, Jonathan Kozolchyk, Kenneth Lawler, Marcel Andrew Levy, Kyle Benjamin Schultheiss, Sandeep Shantharaj, Param Sharma, Jose Maria Silveira Neto
-
Patent number: 11307912Abstract: A set of consumers of a producer-consumer system includes a main consumer subset and a backstop consumer subset. A plurality of updates to message processing information are deployed to the set of consumers. Each update of the plurality of updates is first deployed to the backstop consumer sub-set and is subsequently deployed to the main consumer subset. The main consumer subset may obtain messages from producers and attempt to process the messages. By contrast, the backstop consumer subset may obtain messages only after a failed processing attempt by the main consumers. Upon obtaining a message, a main consumer may process the message successfully or may fail processing and provide the message for processing by a backstop consumer, which may be more up to date than the main consumer.Type: GrantFiled: September 29, 2020Date of Patent: April 19, 2022Assignee: Amazon Technologies, Inc.Inventors: Frank Gregory Williston, Marcel Andrew Levy, Andrew Ketcham, Blake P. Hess
-
Patent number: 10652030Abstract: A method and system for generating multiple profiles corresponding to different digital certificates. The profile includes intrinsic attributes and derived attributes associated with a digital certificate. The system enables a customer system to filter digital certificates based on a suitability of the various digital certificates for use with a given application to be executed by or on behalf of the customer system. The suitability may be determined based on a comparison of certificate requirements associated with a customer system's request and one or more of the intrinsic attributes and derived attributes.Type: GrantFiled: March 5, 2018Date of Patent: May 12, 2020Assignee: Amazon Technologies, Inc.Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Todd Lawrence Cignetti, Brandonn Gorman, Ronald Andrew Hoskinson, Brenda Lee Leary, Timothy Sterling Loverin, James Spencer, Nicholas Wexler
-
Patent number: 10615987Abstract: A computer system associated with a certificate authority receives a request to obtain information that can be used to determine a validity status of a digital certificate. In response to the request, the computer system provides the information and updates usage information for the digital certificate to incorporate information obtained from the request. The usage information may be generated based at least in part on previous requests to obtain the information. Based at least in part on the usage information, the computer system will perform at least one operation associated with the digital certificate.Type: GrantFiled: March 8, 2017Date of Patent: April 7, 2020Assignee: Amazon Technologies, Inc.Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Publication number: 20200084195Abstract: A computer system detects that a digital certificate is set to expire within a threshold amount of time. In response to detecting that the digital certificate is set to expire, the computer system generates an update to cause a second computer system to perform operations to indicate an upcoming expiration of the digital certificate. The computer system provides the update to the second computer system to cause the second computer system to perform the operations.Type: ApplicationFiled: November 15, 2019Publication date: March 12, 2020Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Patent number: 10516542Abstract: A certificate authority receives a request to issue a digital certificate from a customer. In response to the request, the certificate authority determines a network endpoint to be specific to the digital certificate that is to serve information usable to determine whether the digital certificate is valid. The certificate authority issues, to the customer, a digital certificate that specifies a network address for the network endpoint and records information about requests made to the network endpoint to obtain the information usable to determine whether the digital certificate is valid.Type: GrantFiled: March 8, 2017Date of Patent: December 24, 2019Assignee: Amazon Technologies, Inc.Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Patent number: 10491403Abstract: In a distributed system, a computer system responsible, at least in part, for complying with a cryptographic key usage limit for a cryptographic key, obtains results of cryptographic operations generated based at least in part on the cryptographic key and transmits the obtained results over a network. The computer system digitally signs the results and provides the results with digital signatures of the results. Another device intercepts the results and allows the results to proceed to their destination contingent on successful validation of the digital signature.Type: GrantFiled: January 26, 2018Date of Patent: November 26, 2019Assignee: Amazon Technologies, Inc.Inventors: Marcel Andrew Levy, Darren Ernest Canavor, Zachary Ganwise Fewtrell, Andrew Alphus Kimbrough, Jonathan Kozolchyk, Darin Keith McAdams, Pradeep Ramarao, Gregory Branchek Roth
-
Patent number: 10484355Abstract: A computer system detects that a digital certificate is set to expire within a threshold amount of time. In response to detecting that the digital certificate is set to expire, the computer system generates an update to cause a second computer system to perform operations to indicate an upcoming expiration of the digital certificate. The computer system provides the update to the second computer system to cause the second computer system to perform the operations.Type: GrantFiled: March 8, 2017Date of Patent: November 19, 2019Assignee: Amazon Technologies, Inc.Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Patent number: 10149156Abstract: A trusted caller ID authority receives registration data from a first communication device. The first communication device is authenticated by the trusted caller ID authority using the registration data and an authentication object is provided to the first communication device. A second communication device receives a call and the authentication object from the first communication device. The second communication device sends a validation request to the trusted caller ID authority that includes the authentication object. Validation information associated with the first communication device is provided to the second communication device. The validation information includes registration and authentication status of the first communication device.Type: GrantFiled: December 18, 2015Date of Patent: December 4, 2018Assignee: AMAZON TECHNOLOGIES, INC.Inventors: Nandit Tiku, Derek William Bolt, Marcel Andrew Levy
-
Publication number: 20180262346Abstract: A certificate authority receives a request to issue a digital certificate from a customer. In response to the request, the certificate authority determines a network endpoint to be specific to the digital certificate that is to serve information usable to determine whether the digital certificate is valid. The certificate authority issues, to the customer, a digital certificate that specifies a network address for the network endpoint and records information about requests made to the network endpoint to obtain the information usable to determine whether the digital certificate is valid.Type: ApplicationFiled: March 8, 2017Publication date: September 13, 2018Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Publication number: 20180262347Abstract: A computer system associated with a certificate authority receives a request to obtain information that can be used to determine a validity status of a digital certificate. In response to the request, the computer system provides the information and updates usage information for the digital certificate to incorporate information obtained from the request. The usage information may be generated based at least in part on previous requests to obtain the information. Based at least in part on the usage information, the computer system will perform at least one operation associated with the digital certificate.Type: ApplicationFiled: March 8, 2017Publication date: September 13, 2018Inventors: Marcel Andrew Levy, Peter Zachary Bowen, Jonathan Kozolchyk, Nicholas Wexler
-
Publication number: 20180167220Abstract: In a distributed system, a computer system responsible, at least in part, for complying with a cryptographic key usage limit for a cryptographic key, obtains results of cryptographic operations generated based at least in part on the cryptographic key and transmits the obtained results over a network. The computer system digitally signs the results and provides the results with digital signatures of the results. Another device intercepts the results and allows the results to proceed to their destination contingent on successful validation of the digital signature.Type: ApplicationFiled: January 26, 2018Publication date: June 14, 2018Inventors: Marcel Andrew Levy, Darren Ernest Canavor, Zachary Ganwise Fewtrell, Andrew Alphus Kimbrough, Jonathan Kozolchyk, Darin Keith McAdams, Pradeep Ramarao, Gregory Branchek Roth
-
Patent number: 9882720Abstract: In a distributed system, a computer system responsible, at least in part, for complying with a cryptographic key usage limit for a cryptographic key, obtains results of cryptographic operations generated based at least in part on the cryptographic key and transmits the obtained results over a network. The computer system digitally signs the results and provides the results with digital signatures of the results. Another device intercepts the results and allows the results to proceed to their destination contingent on successful validation of the digital signature.Type: GrantFiled: June 27, 2014Date of Patent: January 30, 2018Assignee: AMAZON TECHNOLOGIES, INC.Inventors: Marcel Andrew Levy, Darren Ernest Canavor, Zachary Ganwise Fewtrell, Andrew Alphus Kimbrough, Jonathan Kozolchyk, Darin Keith McAdams, Pradeep Ramarao, Gregory Branchek Roth