Patents by Inventor Pieter Kristian Brouwer
Pieter Kristian Brouwer has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 12210648Abstract: Methods and systems for detecting personally identifiable information in data associated with a cloud computing system are described. An example method includes ingesting the data associated with the cloud computing system to generate source data. The method includes processing the source data by: performing cell-based de-duplication to generate cell-based de-duplicated data, subjecting the cell-based de-duplicated data to regular expression classification to generate a first subset of initial results, tokenizing the cell-based de-duplicated data to generate tokenized data, and de-duplicating the tokenized data and subjecting de-duplicated tokenized data to a first named entity recognition classification to generate a second subset of the initial results. The method includes cross-referencing the cell-based de-duplicated data and the initial results and subjecting output of the cross-referencing to a second named entity recognition classification to generate final results.Type: GrantFiled: June 1, 2022Date of Patent: January 28, 2025Assignee: Microsoft Technology Licensing, LLCInventors: Sekhar Poornananda Chintalapati, Vinod Kumar Yelahanka Srinivas, Dattatraya Baban Rajpure, Pieter Kristian Brouwer, Gaurav Anil Yeole, Mihai Silviu Peicu
-
Publication number: 20230394168Abstract: Methods and systems for detecting personally identifiable information in data associated with a cloud computing system are described. An example method includes ingesting the data associated with the cloud computing system to generate source data. The method includes processing the source data by: performing cell-based de-duplication to generate cell-based de-duplicated data, subjecting the cell-based de-duplicated data to regular expression classification to generate a first subset of initial results, tokenizing the cell-based de-duplicated data to generate tokenized data, and de-duplicating the tokenized data and subjecting de-duplicated tokenized data to a first named entity recognition classification to generate a second subset of the initial results. The method includes cross-referencing the cell-based de-duplicated data and the initial results and subjecting output of the cross-referencing to a second named entity recognition classification to generate final results.Type: ApplicationFiled: June 1, 2022Publication date: December 7, 2023Inventors: Sekhar Poornananda CHINTALAPATI, Vinod Kumar YELAHANKA SRINIVAS, Dattatraya Baban RAJPURE, Pieter Kristian BROUWER, Gaurav Anil YEOLE, Mihai Silviu PEICU
-
Publication number: 20230359731Abstract: Techniques for generating an identifier index table (IIT) and for executing queries are disclosed. The IIT maps different labels used among different data sources to a commonly defined data type. The IIT is used to generate a set of queries that are executable based on selection of the commonly defined data type and that are executable against the different data sources to search for an indicator of compromise (IOC) within the different data sources. The results from the queries are analyzed in an attempt to identify the IOC.Type: ApplicationFiled: May 9, 2022Publication date: November 9, 2023Inventors: Sekhar Poornananda CHINTALAPATI, Pieter Kristian BROUWER, Gaurav Anil YEOLE, Virendra VISHWAKARMA, Dattatraya Baban RAJPURE, Mihai Silviu PEICU, Vinod Kumar YELAHANKA SRINIVAS, Rajesh Raman PEDDIBHOTLA
-
Patent number: 11411885Abstract: A user can set or modify operational parameters of a data volume stored on a network-accessible storage device in a data center. For example, the user may be provided access to a data volume and may request a modification to the operational parameters of the data volume. Instead of modifying the existing data volume, the data center can provision a new data volume and migrate data stored on the existing data volume to the new data volume. While the data migration takes place, the existing data volume may block input/output (I/O) requests and the new data volume may handle such requests instead. Once the data migration is complete, the data center may deallocate the data blocks of the existing data volume such that the data blocks can be reused by other data volumes.Type: GrantFiled: October 22, 2019Date of Patent: August 9, 2022Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Marc Stephen Olson, Nachiappan Arumugam, Michael Thacker, Vijay Prasanth Rajavenkateswaran, Arpit Tripathi, Danny Wei
-
Patent number: 11272005Abstract: Techniques are described for using in-band communication channels to exchange state information between components of a distributed storage environment, including between client computing devices and storage servers hosting network-connected block storage volumes. The exchange of the state information can be used, for example, to inform client computing devices of relevant events involving one or more storage volumes attached to compute instances (for example, virtual machines (VMs)) running on the client computing devices, involving one or more failover servers storing backup copies of one or more storage volumes, or involving any other relevant system components.Type: GrantFiled: September 25, 2018Date of Patent: March 8, 2022Assignee: Amazon Technologies, Inc.Inventors: Avram Israel Blaszka, Pieter Kristian Brouwer, Marc Stephen Olson
-
Patent number: 11010266Abstract: Generally described, one or more aspects of the present application correspond to techniques for automatic recovery from dual isolation in which both the primary and secondary replicas of a volume are stored on isolating servers. The disclosed techniques use handshakes between the client and the replicas to determine which has a better health score. The replica with the better health score becomes the primary replica, and confirms that it and the secondary replica are both in an isolating state. In response, the primary replica seeks a solo blessing, undoes the isolating state at the volume level (the server host will still be in isolating state), and continues handling I/O and peer replication until its healthy peer is complete. These techniques can avoid availability drops when the servers hosting the primary and secondary replicas of a volume enter the isolating state at around the same time.Type: GrantFiled: December 5, 2018Date of Patent: May 18, 2021Assignee: Amazon Technologies, Inc.Inventors: Avram Israel Blaszka, Jianhua Fan, Danny Wei, Marc Stephen Olson, Pieter Kristian Brouwer, Shweta Joshi
-
Publication number: 20200053022Abstract: A user can set or modify operational parameters of a data volume stored on a network-accessible storage device in a data center. For example, the user may be provided access to a data volume and may request a modification to the operational parameters of the data volume. Instead of modifying the existing data volume, the data center can provision a new data volume and migrate data stored on the existing data volume to the new data volume. While the data migration takes place, the existing data volume may block input/output (I/O) requests and the new data volume may handle such requests instead. Once the data migration is complete, the data center may deallocate the data blocks of the existing data volume such that the data blocks can be reused by other data volumes.Type: ApplicationFiled: October 22, 2019Publication date: February 13, 2020Inventors: Pieter Kristian Brouwer, Marc Stephen Olson, Nachiappan Arumugam, Michael Thacker, Vijay Prasanth Rajavenkateswaran, Arpit Tripathi, Danny Wei
-
Patent number: 10469405Abstract: A user can set or modify operational parameters of a data volume stored on a network-accessible storage device in a data center. For example, the user may be provided access to a data volume and may request a modification to the operational parameters of the data volume. Instead of modifying the existing data volume, the data center can provision a new data volume and migrate data stored on the existing data volume to the new data volume. While the data migration takes place, the existing data volume may block input/output (I/O) requests and the new data volume may handle such requests instead. Once the data migration is complete, the data center may deallocate the data blocks of the existing data volume such that the data blocks can be reused by other data volumes.Type: GrantFiled: June 29, 2016Date of Patent: November 5, 2019Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Marc Stephen Olson, Nachiappan Arumugam, Michael Thacker, Vijay Prasanth Rajavenkateswaran, Arpit Tripathi, Danny Wei
-
Patent number: 10404579Abstract: Techniques for managing a critical phase of a virtual machine migration are described herein. During the critical phase, which must be kept as short as possible, a virtual machine instance is paused, network packets are rerouted to a temporary packet queue, and messages associated with managing synchronization of block storage devices are dispatched to an entity configured to manage those connections. After the block storage devices are synchronized, the network packets are released from the temporary packet queue to the new location of the virtual machine instance.Type: GrantFiled: December 7, 2015Date of Patent: September 3, 2019Assignee: Amazon Technologies, Inc.Inventors: Sebastian Martin Biemueller, Georgios Elissaios, Diwakar Gupta, Hui Ma, Pieter Kristian Brouwer, Mohammad Farhan Husain, Thomas Friebel
-
Patent number: 10169068Abstract: Live migration may be performed for virtual computing resources utilizing network-based storage. A virtual compute instance operating at a source host may be moved to a destination host. The virtual compute instance may be a client of a network-based storage resource that stores data for the virtual compute instance. Access to the data stored for the virtual compute instance may be limited to the source host. When migration is performed, the destination host may be prepared to assume operation of the virtual compute instance. Operation of the virtual compute instance at the source host may be paused and the access to the data at the network-based storage resource may be modified to limit access to the destination host. Operation of the virtual compute instance may then resume at the destination host.Type: GrantFiled: March 9, 2017Date of Patent: January 1, 2019Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson
-
Patent number: 10037298Abstract: A user can set or modify operational parameters of a data volume stored on a network-accessible storage device in a data center. For example, the user may be provided access to a data volume and may request a modification to the operational parameters of the data volume. Instead of modifying the existing data volume, the data center can provision a new data volume and migrate data stored on the existing data volume to the new data volume. While the data migration takes place, the existing data volume may block input/output (I/O) requests and the new data volume may handle such requests instead. If a request is received for data not yet migrated to the new data volume, then the new data volume prioritizes a migration of the requested data.Type: GrantFiled: June 29, 2016Date of Patent: July 31, 2018Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Marc Stephen Olson, Nachiappan Arumugam, Michael Thacker, Vijay Prasanth Rajavenkateswaran, Arpit Tripathi, Danny Wei
-
Publication number: 20180004698Abstract: A user can set or modify operational parameters of a data volume stored on a network-accessible storage device in a data center. For example, the user may be provided access to a data volume and may request a modification to the operational parameters of the data volume. Instead of modifying the existing data volume, the data center can provision a new data volume and migrate data stored on the existing data volume to the new data volume. While the data migration takes place, the existing data volume may block input/output (I/O) requests and the new data volume may handle such requests instead. If a request is received for data not yet migrated to the new data volume, then the new data volume prioritizes a migration of the requested data.Type: ApplicationFiled: June 29, 2016Publication date: January 4, 2018Inventors: Pieter Kristian Brouwer, Marc Stephen Olson, Nachiappan Arumugam, Michael Thacker, Vijay Prasanth Rajavenkateswaran, Arpit Tripathi, Danny Wei
-
Publication number: 20180006963Abstract: A user can set or modify operational parameters of a data volume stored on a network-accessible storage device in a data center. For example, the user may be provided access to a data volume and may request a modification to the operational parameters of the data volume. Instead of modifying the existing data volume, the data center can provision a new data volume and migrate data stored on the existing data volume to the new data volume. While the data migration takes place, the existing data volume may block input/output (I/O) requests and the new data volume may handle such requests instead. Once the data migration is complete, the data center may deallocate the data blocks of the existing data volume such that the data blocks can be reused by other data volumes.Type: ApplicationFiled: June 29, 2016Publication date: January 4, 2018Inventors: Pieter Kristian Brouwer, Marc Stephen Olson, Nachiappan Arumugam, Michael Thacker, Vijay Prasanth Rajavenkateswaran, Arpit Tripathi, Danny Wei
-
Patent number: 9836327Abstract: A network-based storage resource may implement access control for virtual computing resources that utilize the storage resource during live migration of the virtual computing resources. A network-based storage resource may enforce an access control that limits access to a host of a virtual compute instance. Upon detecting migration of the virtual compute instance, the network-based storage resource may allow a connection to be established with a destination host for the virtual compute instance. The access control mechanism may be updated to limit access to the destination host for data stored for the virtual compute instance at the network-based storage resource.Type: GrantFiled: June 12, 2015Date of Patent: December 5, 2017Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson
-
Patent number: 9811376Abstract: Techniques for preserving the state of virtual machine instances during a migration from a source location to a target location are described herein. A set of credentials configured to provide access to a storage device by a virtual machine instance at the source location is provided to the virtual machine instance. When the migration from the source location to the target location starts, a second set of credentials configured to provide access to a storage device by a virtual machine instance at the source location is provided to the virtual machine instance. During the migration, a response to an input-output request is provided to one or more of the locations using the set of credentials and based at least in part on the state of the migration.Type: GrantFiled: June 29, 2015Date of Patent: November 7, 2017Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson
-
Publication number: 20170177401Abstract: Live migration may be performed for virtual computing resources utilizing network-based storage. A virtual compute instance operating at a source host may be moved to a destination host. The virtual compute instance may be a client of a network-based storage resource that stores data for the virtual compute instance. Access to the data stored for the virtual compute instance may be limited to the source host. When migration is performed, the destination host may be prepared to assume operation of the virtual compute instance. Operation of the virtual compute instance at the source host may be paused and the access to the data at the network-based storage resource may be modified to limit access to the destination host. Operation of the virtual compute instance may then resume at the destination host.Type: ApplicationFiled: March 9, 2017Publication date: June 22, 2017Applicant: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson
-
Patent number: 9594598Abstract: Live migration may be performed for virtual computing resources utilizing network-based storage. A virtual compute instance operating at a source host may be moved to a destination host. The virtual compute instance may be a client of a network-based storage resource that stores data for the virtual compute instance. Access to the data stored for the virtual compute instance may be limited to the source host. When migration is performed, the destination host may be prepared to assume operation of the virtual compute instance. Operation of the virtual compute instance at the source host may be paused and the access to the data at the network-based storage resource may be modified to limit access to the destination host. Operation of the virtual compute instance may then resume at the destination host.Type: GrantFiled: June 12, 2015Date of Patent: March 14, 2017Assignee: Amazon Technologies, Inc.Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson
-
Publication number: 20160378547Abstract: Techniques for preserving the state of virtual machine instances during a migration from a source location to a target location are described herein. A set of credentials configured to provide access to a storage device by a virtual machine instance at the source location is provided to the virtual machine instance. When the migration from the source location to the target location starts, a second set of credentials configured to provide access to a storage device by a virtual machine instance at the source location is provided to the virtual machine instance. During the migration, state information associated with the block storage device is copied from the source location to the target location based on the migration phase.Type: ApplicationFiled: June 29, 2015Publication date: December 29, 2016Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson
-
Publication number: 20160378546Abstract: Techniques for preserving the state of virtual machine instances during a migration from a source location to a target location are described herein. A set of credentials configured to provide access to a storage device by a virtual machine instance at the source location is provided to the virtual machine instance. When the migration from the source location to the target location starts, a second set of credentials configured to provide access to a storage device by a virtual machine instance at the source location is provided to the virtual machine instance. During the migration, a response to an input-output request is provided to one or more of the locations using the set of credentials and based at least in part on the state of the migration.Type: ApplicationFiled: June 29, 2015Publication date: December 29, 2016Inventors: Pieter Kristian Brouwer, Kristina Kraemer Brenneman, Marc John Brooker, Jerry Lin, Marc Stephen Olson