Patents by Inventor Matthew T. Corddry

Matthew T. Corddry has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11216414
    Abstract: Systems and methods are provided for managing objects. In one implementation, a computer-implemented method is provided. The method includes receiving a query comprising a tag and executing the query. An object identifier is retrieved from a data table, based on the tag. The method further returns a result of the query. The result includes the object identifier that was retrieved from the data table. The method further performing an action related to an object having the retrieved object identifier.
    Type: Grant
    Filed: November 6, 2017
    Date of Patent: January 4, 2022
    Assignee: Amazon Technologies, Inc.
    Inventors: Eric J. Brandwine, Matthew T. Corddry
  • Patent number: 10678555
    Abstract: Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
    Type: Grant
    Filed: October 2, 2017
    Date of Patent: June 9, 2020
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper M. Johansson, Matthew T. Corddry, Tom F. Hansen, Luke F. Kearney
  • Patent number: 10003597
    Abstract: In an environment such as a cloud computing environment where various guests can be provisioned on a host machine or other hardware device, it can be desirable to prevent those users from rebooting or otherwise restarting the machine or other resources using unauthorized information or images that can be obtained from across the network. A cloud manager can cause one or more network switches or other routing or communication processing components to deny communication access between user-accessible ports on a machine or device and the provisioning systems, or other specific network resources, such that the user cannot cause the host machine to pull information from those resources upon a restart or reboot of the machine. Further, various actions can be taken upon a reboot or attempted reboot, such as to isolate the host machine or even power off the specific machine.
    Type: Grant
    Filed: August 12, 2014
    Date of Patent: June 19, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Matthew T. Corddry, Michael David Marr, James R. Hamilton, Peter N. DeSantis
  • Patent number: 9934022
    Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. For example, a clock or a timer mechanism can be used by a network interface card to define a mutability period. During the mutability period, firmware update to a peripheral device can be allowed. Once the mutability period has expired, firmware update to a peripheral device will no longer be allowed.
    Type: Grant
    Filed: September 25, 2015
    Date of Patent: April 3, 2018
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Matthew T. Corddry, James R. Hamilton
  • Publication number: 20180067951
    Abstract: Systems and methods are provided for managing objects. In one implementation, a computer-implemented method is provided. The method includes receiving a query comprising a tag and executing the query. An object identifier is retrieved from a data table, based on the tag. The method further returns a result of the query. The result includes the object identifier that was retrieved from the data table. The method further performing an action related to an object having the retrieved object identifier.
    Type: Application
    Filed: November 6, 2017
    Publication date: March 8, 2018
    Inventors: Eric J. Brandwine, Matthew T. Corddry
  • Publication number: 20180046469
    Abstract: Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
    Type: Application
    Filed: October 2, 2017
    Publication date: February 15, 2018
    Inventors: Jesper M. Johansson, Matthew T. Corddry, Tom F. Hansen, Luke F. Kearney
  • Patent number: 9836466
    Abstract: Systems and methods are provided for managing objects. In one implementation, a computer-implemented method is provided. The method includes receiving a query comprising a tag and executing the query. An object identifier is retrieved from a data table, based on the tag. The method further returns a result of the query. The result includes the object identifier that was retrieved from the data table. The method further performing an action related to an object having the retrieved object identifier.
    Type: Grant
    Filed: October 29, 2009
    Date of Patent: December 5, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Eric J. Brandwine, Matthew T. Corddry
  • Patent number: 9778939
    Abstract: Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
    Type: Grant
    Filed: August 4, 2016
    Date of Patent: October 3, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper M. Johansson, Matthew T. Corddry, Tom F. Hansen, Luke F. Kearney
  • Patent number: 9686078
    Abstract: The state of firmware for devices on a provisioned host machine can be validated independent of the host CPU(s) or other components exposed to the user. A port that is not fully exposed or accessible to the user can be used to perform a validation process on firmware without accessing a CPU of the host device. The firmware can be scanned and a hashing or similar algorithm can be used to determine validation information, such as hash values, for the firmware, which can be compared to validation information stored in a secure location. If the current and stored validation information do not match, one or more remedial actions can be taken to address the firmware being in an unknown or unintended state.
    Type: Grant
    Filed: March 2, 2015
    Date of Patent: June 20, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Pradeep Vincent, Matthew T. Corddry, James R. Hamilton
  • Patent number: 9565207
    Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.
    Type: Grant
    Filed: September 4, 2009
    Date of Patent: February 7, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Matthew T. Corddry, James R. Hamilton
  • Patent number: 9547575
    Abstract: Systems and methods are disclosed which facilitate the management of host computing devices through the utilization of a host computing device control component. The host computing device control component includes a state monitoring component that monitors operating states of the control component. Based on monitoring the operating of the control component, the state monitoring component causes the generation of one or more visual indicator indicative of the operating state of the control component.
    Type: Grant
    Filed: August 30, 2011
    Date of Patent: January 17, 2017
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventors: Matthew T. Corddry, Wyatt D. Camp, Jacob Gabrielson
  • Publication number: 20160342429
    Abstract: Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
    Type: Application
    Filed: August 4, 2016
    Publication date: November 24, 2016
    Inventors: Jesper M. Johansson, Matthew T. Corddry, Tom F. Hansen, Luke F. Kearney
  • Patent number: 9432356
    Abstract: Automated provisioning of hosts on a network with reasonable levels of security is described in this application. A certificate management service (CMS) on a host, one or more trusted agents, and a public key infrastructure are utilized in a secure framework to establish host identity. Once host identity is established, signed encryption certificates may be exchanged and secure communication may take place.
    Type: Grant
    Filed: May 5, 2009
    Date of Patent: August 30, 2016
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper M. Johansson, Matthew T. Corddry, Tom F. Hansen, Luke F. Kearney
  • Patent number: 9349010
    Abstract: Attempts to update confirmation information or firmware for a hardware device can be monitored using a secure counter that is configured to monotonically adjust a current value of the secure counter for each update or update attempt. The value of the counter can be determined every time the validity of the firmware is confirmed, and this value can be stored to a secure location. At subsequent times, such as during a boot process, the actual value of the counter can be determined and compared with the expected value. If the values do not match, such that the firmware may be in an unexpected state, an action can be taken, such as to prevent access to, or isolate, the hardware until such time as the firmware can be validated or updated to an expected state.
    Type: Grant
    Filed: March 27, 2015
    Date of Patent: May 24, 2016
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Pradeep Vincent, Matthew T. Corddry, James R. Hamilton
  • Publication number: 20160019050
    Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. For example, a clock or a timer mechanism can be used by a network interface card to define a mutability period. During the mutability period, firmware update to a peripheral device can be allowed. Once the mutability period has expired, firmware update to a peripheral device will no longer be allowed.
    Type: Application
    Filed: September 25, 2015
    Publication date: January 21, 2016
    Inventors: Michael David Marr, Matthew T. Corddry, James R. Hamilton
  • Patent number: 9148413
    Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.
    Type: Grant
    Filed: June 29, 2012
    Date of Patent: September 29, 2015
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Matthew T. Corddry, James R. Hamilton
  • Publication number: 20150199519
    Abstract: Attempts to update confirmation information or firmware for a hardware device can be monitored using a secure counter that is configured to monotonically adjust a current value of the secure counter for each update or update attempt. The value of the counter can be determined every time the validity of the firmware is confirmed, and this value can be stored to a secure location. At subsequent times, such as during a boot process, the actual value of the counter can be determined and compared with the expected value. If the values do not match, such that the firmware may be in an unexpected state, an action can be taken, such as to prevent access to, or isolate, the hardware until such time as the firmware can be validated or updated to an expected state.
    Type: Application
    Filed: March 27, 2015
    Publication date: July 16, 2015
    Inventors: Michael David Marr, Pradeep Vincent, Matthew T. Corddry, James R. Hamilton
  • Patent number: 8996744
    Abstract: Attempts to update confirmation information or firmware for a hardware device can be monitored using a secure counter that is configured to monotonically adjust a current value of the secure counter for each update or update attempt. The value of the counter can be determined every time the validity of the firmware is confirmed, and this value can be stored to a secure location. At subsequent times, such as during a boot process, the actual value of the counter can be determined and compared with the expected value. If the values do not match, such that the firmware may be in an unexpected state, an action can be taken, such as to prevent access to, or isolate, the hardware until such time as the firmware can be validated or updated to an expected state.
    Type: Grant
    Filed: December 2, 2013
    Date of Patent: March 31, 2015
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Pradeep Vincent, Matthew T. Corddry, James R. Hamilton
  • Patent number: 8994213
    Abstract: A method of maintaining electrical power to electrical systems in operation during reconfiguration or maintenance of a power distribution system for the electrical systems includes providing a Y-connection in a set of electrical power lines. The Y-connection includes an input, a primary output, and a feed output. The set of electrical power lines supplies electrical power from a power source to the electrical systems through the primary output. To establish a feed for maintenance or reconfiguration of the power feed, power is fed from the power source through the feed output of the Y-connection to the electrical systems while power is being supplied to the electrical systems through the primary output.
    Type: Grant
    Filed: March 24, 2011
    Date of Patent: March 31, 2015
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael P. Czamara, Peter N. De Santis, Frank A. Glynn, Osvaldo P. Morales, Matthew T. Corddry
  • Patent number: 8971538
    Abstract: The state of firmware for devices on a provisioned host machine can be validated independent of the host CPU(s) or other components exposed to the user. A port that is not fully exposed or accessible to the user can be used to perform a validation process on firmware without accessing a CPU of the host device. The firmware can be scanned and a hashing or similar algorithm can be used to determine validation information, such as hash values, for the firmware, which can be compared to validation information stored in a secure location. If the current and stored validation information do not match, one or more remedial actions can be taken to address the firmware being in an unknown or unintended state.
    Type: Grant
    Filed: September 8, 2009
    Date of Patent: March 3, 2015
    Assignee: Amazon Technologies, Inc.
    Inventors: Michael David Marr, Pradeep Vincent, Matthew T. Corddry, James R. Hamilton