Patents by Inventor Robert Eric Fitzgerald
Robert Eric Fitzgerald has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11829794Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: GrantFiled: December 6, 2022Date of Patent: November 28, 2023Assignee: Amazon Technologies, Inc.Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti
-
Patent number: 11621996Abstract: Methods and apparatus for a computing infrastructure for configurable-quality random data are disclosed. A storage medium stores program instructions that when executed on a processor designate some servers of a provider network as members of a pool of producers of random data usable by random data consumers. The instructions, when executed, determine a subset of the pool to be used to supply a collection of random data intended for a random data consumer, and one or more sources of random phenomena to be used to generate the collection of random data. The instructions, when executed, initiate a transmission of the collection of random data directed to the random data consumer.Type: GrantFiled: November 13, 2017Date of Patent: April 4, 2023Assignee: Amazon Technologies, Inc.Inventors: Nachiketh Rao Potlapally, Andrew Paul Mikulski, Donald Lee Bailey, Jr., Robert Eric Fitzgerald
-
Publication number: 20230099597Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: ApplicationFiled: December 6, 2022Publication date: March 30, 2023Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti
-
Patent number: 11394739Abstract: Techniques for configurable event-based compute instance security assessments are described. A security assessment service receives one or more configuration messages, sent on behalf of a user, indicating a request to perform a security assessment of one or more computing resources managed by a service provider system responsive to any of one or more events being determined to have occurred. The security assessment is to include attempting to identify security vulnerabilities of the one or more computing resources. The security assessment service determines that an event of the one or more events has occurred subsequent to event data being reported that is indicative of the event, and performs the security assessment of the one or more computing resources responsive to the determining that the event has occurred.Type: GrantFiled: April 9, 2020Date of Patent: July 19, 2022Assignee: Amazon Technologies, Inc.Inventors: Vladimir Veselov, Adrian-Radu Grajdeanu, James Fink, Robert Eric Fitzgerald
-
Patent number: 11349832Abstract: A user-promotion process allows a service provider to grant the security roles associated with a target user account to a requester by obtaining approvals from a quorum of approving users. The quorum requirements and the identity of the approving users may be established by the target user or an account manager. Upon receiving, from a promotion candidate, a request to assume security roles of a target user, the service provider identifies the approving users from the target user's account record. Approvals are requested from the approving users, and if a quorum of approvals is received by the service provider, the promotion candidate is allowed to assume the roles of the target user. If a quorum of approvals is not received, then substitute approving users may be identified based at least in part on those approving users that did not respond to the approval request.Type: GrantFiled: March 19, 2020Date of Patent: May 31, 2022Assignee: Amazon Technologies, Inc.Inventors: Thomas Charles Stickle, Robert Eric Fitzgerald
-
Patent number: 11206143Abstract: Digital certificates include pointers to remote certificate information stores that maintain usage information associated with digital certificates. The pointers provide a mechanism for enabling the remote certificate information stores to be queried for usage information associated with a particular digital certificate. The usage information can be used to determine a validity of the digital certificate.Type: GrantFiled: October 21, 2019Date of Patent: December 21, 2021Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, David Ripton, Alexandr Ukrainchik, Yuk-Chung Eric Kam, Mikhail Denisenko, Robert Eric Fitzgerald, Matthew Allen Estes, Tyler Eckstein
-
Patent number: 11159554Abstract: Customers of a computing resource service provider may operate computing resources provided by the computing resource service provider. Operational information from customer operated computing resources may be correlated with operational information from computing resources operated by the computing resource service provider or other entities, and correlated threat information may be generated.Type: GrantFiled: June 21, 2019Date of Patent: October 26, 2021Assignee: Amazon Technologies, Inc.Inventors: Eric Jason Brandwine, Alexander Robin Gordon Lucas, Robert Eric Fitzgerald
-
Patent number: 11115223Abstract: A method and apparatus for distributing cryptographic material are disclosed. In the method and apparatus, cryptographic material is obtained and it is determined that the cryptographic material is to be made available for use by one or more computing resources. The cryptographic material is then sent to one or more secure modules, whereby a secure module of the one or more secure modules is programmatically accessible to a computing resource of the one or more computing resources and programmatic access enables the computing resource to request performance of one or more cryptographic operations using the cryptographic material while exporting the cryptographic material to the computing resource is denied.Type: GrantFiled: July 26, 2019Date of Patent: September 7, 2021Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Publication number: 20200326972Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: ApplicationFiled: June 26, 2020Publication date: October 15, 2020Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti
-
Patent number: 10757139Abstract: A security service of a computing resource service provider provides security scores for application program interfaces (APIs) and other security information to an API marketplace or other endpoints. The security score may be based at least in part on component information associated with computing resources implementing the API. The security service may obtain access to the computing resources and collect various components from the computing resources. The components may then be used to determine a security score of an API offered from consumption on the API marketplace. The security service may then publish the security score to the API marketplace or other endpoint.Type: GrantFiled: June 28, 2016Date of Patent: August 25, 2020Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Robert Eric Fitzgerald, Eric Wayne Schultze
-
Publication number: 20200244695Abstract: Techniques for configurable event-based compute instance security assessments are described. A security assessment service receives one or more configuration messages, sent on behalf of a user, indicating a request to perform a security assessment of one or more computing resources managed by a service provider system responsive to any of one or more events being determined to have occurred. The security assessment is to include attempting to identify security vulnerabilities of the one or more computing resources. The security assessment service determines that an event of the one or more events has occurred subsequent to event data being reported that is indicative of the event, and performs the security assessment of the one or more computing resources responsive to the determining that the event has occurred.Type: ApplicationFiled: April 9, 2020Publication date: July 30, 2020Applicant: Amazon Technologies, Inc.Inventors: Vladimir VESELOV, Adrian-Radu GRAJDEANU, James FINK, Robert Eric FITZGERALD
-
Publication number: 20200220868Abstract: A user-promotion process allows a service provider to grant the security roles associated with a target user account to a requester by obtaining approvals from a quorum of approving users. The quorum requirements and the identity of the approving users may be established by the target user or an account manager. Upon receiving, from a promotion candidate, a request to assume security roles of a target user, the service provider identifies the approving users from the target user's account record. Approvals are requested from the approving users, and if a quorum of approvals is received by the service provider, the promotion candidate is allowed to assume the roles of the target user. If a quorum of approvals is not received, then substitute approving users may be identified based at least in part on those approving users that did not respond to the approval request.Type: ApplicationFiled: March 19, 2020Publication date: July 9, 2020Inventors: Thomas Charles Stickle, Robert Eric Fitzgerald
-
Patent number: 10698710Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: GrantFiled: October 12, 2015Date of Patent: June 30, 2020Assignee: Amazon Technologies, Inc.Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti
-
Patent number: 10623433Abstract: Techniques for configurable event-based compute instance security assessments are described. A security assessment service receives one or more configuration messages, sent on behalf of a user, indicating a request to perform a security assessment of one or more computing resources managed by a service provider system responsive to any of one or more events being determined to have occurred. The security assessment is to include attempting to identify security vulnerabilities of the one or more computing resources. The security assessment service determines that an event of the one or more events has occurred subsequent to event data being reported that is indicative of the event, and performs the security assessment of the one or more computing resources responsive to the determining that the event has occurred.Type: GrantFiled: September 25, 2017Date of Patent: April 14, 2020Assignee: Amazon Technologies, Inc.Inventors: Vladimir Veselov, Adrian-Radu Grajdeanu, James Fink, Robert Eric Fitzgerald
-
Patent number: 10616194Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.Type: GrantFiled: July 10, 2017Date of Patent: April 7, 2020Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew J. Doane, Eric Jason Brandwine, Robert Eric Fitzgerald
-
Patent number: 10601816Abstract: A user-promotion process allows a service provider to grant the security roles associated with a target user account to a requester by obtaining approvals from a quorum of approving users. The quorum requirements and the identity of the approving users may be established by the target user or an account manager. Upon receiving, from a promotion candidate, a request to assume security roles of a target user, the service provider identifies the approving users from the target user's account record. Approvals are requested from the approving users, and if a quorum of approvals is received by the service provider, the promotion candidate is allowed to assume the roles of the target user. If a quorum of approvals is not received, then substitute approving users may be identified based at least in part on those approving users that did not respond to the approval request.Type: GrantFiled: June 9, 2016Date of Patent: March 24, 2020Assignee: Amazon Technologies, Inc.Inventors: Thomas Charles Stickle, Robert Eric Fitzgerald
-
Publication number: 20200052911Abstract: Digital certificates include pointers to remote certificate information stores that maintain usage information associated with digital certificates. The pointers provide a mechanism for enabling the remote certificate information stores to be queried for usage information associated with a particular digital certificate. The usage information can be used to determine a validity of the digital certificate.Type: ApplicationFiled: October 21, 2019Publication date: February 13, 2020Inventors: Stefan Popoveniuc, David Ripton, Alexandr Ukrainchik, Yuk-Chung Eric Kam, Mikhail Denisenko, Robert Eric Fitzgerald, Matthew Allen Estes, Tyler Eckstein
-
Publication number: 20190373008Abstract: Customers of a computing resource service provider may operate computing resources provided by the computing resource service provider. Operational information from customer operated computing resources may be correlated with operational information from computing resources operated by the computing resource service provider or other entities, and correlated threat information may be generated.Type: ApplicationFiled: June 21, 2019Publication date: December 5, 2019Inventors: Eric Jason Brandwine, Alexander Robin Gordon Lucas, Robert Eric Fitzgerald
-
Publication number: 20190349206Abstract: A method and apparatus for distributing cryptographic material are disclosed. In the method and apparatus, cryptographic material is obtained and it is determined that the cryptographic material is to be made available for use by one or more computing resources. The cryptographic material is then sent to one or more secure modules, whereby a secure module of the one or more secure modules is programmatically accessible to a computing resource of the one or more computing resources and programmatic access enables the computing resource to request performance of one or more cryptographic operations using the cryptographic material while exporting the cryptographic material to the computing resource is denied.Type: ApplicationFiled: July 26, 2019Publication date: November 14, 2019Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Patent number: 10460114Abstract: Techniques are disclosed for mitigating against registering a domain name that is confusingly similar to a pre-existing domain name, possibly for the purpose of fooling users. In embodiments, a domain name is presented for registration. The domain name is rendered as an image, and optical character recognition is performed on the image to extract the rendered text. This extracted text is compared against a list of domain names for which confusingly similar domain names cannot be registered, and when the extracted text matches a domain name in this list of domain names, registration of the domain name is denied.Type: GrantFiled: November 9, 2018Date of Patent: October 29, 2019Assignee: Amazon Technologies, Inc.Inventors: Stefan Popuveniuc, Peter Zachary Bowen, Alexander Edward Schoof, Andrew Jeffrey Doane, Todd Lawrence Cignetti, Robert Eric Fitzgerald