Patent application number | Description | Published |
20080313318 | PROVIDING ENHANCED DATA RETRIEVAL FROM REMOTE LOCATIONS - Techniques are described for providing client computing nodes with enhanced access to data from remote locations, such as by providing and using local capabilities specific to the remote locations. In at least some situations, the access of a client computing node to data from a remote location may be enhanced by automatically performing activities local to the client computing node that improve the efficiency of communications sent between the client computing node and the remote location. As one example, access to data from a remote service may be enhanced by locally performing activities specific to the remote service, such as by using information about the remote service's internal mechanisms to cause the desired data to be provided from internal storage devices of the remote service without passing through front-end or other intermediate devices of the remote service while traveling to the client computing node. | 12-18-2008 |
20090046726 | VIRTUAL NETWORK WITH ADAPTIVE DISPATCHER - Methods and systems for providing a virtual network are disclosed. At least one layer of abstraction is created between network service applications and conventional network protocols by inserting an adaptive dispatcher between applications and network transport services on each machine in a network. The message protocol in the virtual network is extensible, allowing application programs to create new headers within any message as needed. The adaptive dispatcher contains handlers that route and dispatch messages within the virtual network based on arbitrary content within each message, including any combination of headers and/or data content. Each device on the virtual network has a virtual address to which messages are directed, allowing devices to move within the network without reconfiguring routing tables. Handlers may be automatically created when an event meeting predefined criteria occurs, including the non-occurrence of a condition, making the virtual network self-healing and adaptive to reconfiguration. | 02-19-2009 |
20100153955 | SAVING PROGRAM EXECUTION STATE - Techniques are described for managing distributed execution of programs. In at least some situations, the techniques include decomposing or otherwise separating the execution of a program into multiple distinct execution jobs that may each be executed on a distinct computing node, such as in a parallel manner with each execution job using a distinct subset of input data for the program. In addition, the techniques may include temporarily terminating and later resuming execution of at least some execution jobs, such as by persistently storing an intermediate state of the partial execution of an execution job, and later retrieving and using the stored intermediate state to resume execution of the execution job from the intermediate state. Furthermore, the techniques may be used in conjunction with a distributed program execution service that executes multiple programs on behalf of multiple customers or other users of the service. | 06-17-2010 |
20100312871 | Executing Programs Based on User-Specified Constraints - Techniques are described for managing execution of programs on multiple computing systems, such as based at least in part of user-specified constraints. For example, constraints related to execution of a program may be based on a desired relative location of a host computing system to execute a copy of the program with respect to an indicated target (e.g., computing systems executing other copies of the program or copies of another indicated program), on particular geographic locations, and/or on factors not based on location (e.g., cost of use of a particular computing system, capabilities available from a particular computing system, etc.). Some or all of the multiple computing systems may be part of a program execution service for executing multiple programs on behalf of multiple users, and each may provide multiple virtual machines that are each capable of executing one or more programs for one or more users. | 12-09-2010 |
20120078997 | RESUMING CONTENT ACROSS DEVICES AND FORMATS - Intelligent content delivery enables content to be delivered to different devices in formats appropriate for those devices based on the capabilities of those devices. A user might access the same piece of content on two different devices, and can automatically receive a higher quality format on a device capable of playing that higher quality format. The user can purchase rights to content in any format, such that as new formats emerge or the user upgrades to devices with enhanced capabilities, the user can receive the improved formats automatically without having to repurchase the content. Further, the user can pause and resume content between devices even when those devices utilize different formats, and can access content on devices not otherwise associated with the user, receiving content in formats that are appropriate for those unknown devices even if the user has not previously accessed content in those formats. | 03-29-2012 |
20120079095 | CLOUD-BASED DEVICE SYNCHRONIZATION - A logically centralized system or service, such as a cloud-based content management service, enables intelligent communication between disparate devices. Such communication enables content such as applications and data to be synchronized between various devices, where the synchronization takes into account the capabilities of each device to provide versions and/or formats of that content that are appropriate for each device. A user purchasing an additional device, for example, can have various applications and other content automatically installed or copied over to the additional device, but with versions or formats that take advantage of, and are appropriate for, the capabilities of that additional device. Further, the intelligent communication via a logically centralized service can enable such devices to interact even though those devices might utilize different protocols and/or formats, and might otherwise not be able to communicate or have ever have been tested together. | 03-29-2012 |
20120079126 | CLOUD-BASED DEVICE INTERACTION - A logically centralized system or service, such as a cloud-based content management service, enables intelligent communication between disparate devices. Such communication enables content such as applications and data to be synchronized between various devices, where the synchronization takes into account the capabilities of each device to provide versions and/or formats of that content that are appropriate for each device. A user purchasing an additional device, for example, can have various applications and other content automatically installed or copied over to the additional device, but with versions or formats that take advantage of, and are appropriate for, the capabilities of that additional device. Further, the intelligent communication via a logically centralized service can enable such devices to interact even though those devices might utilize different protocols and/or formats, and might otherwise not be able to communicate or have ever have been tested together. | 03-29-2012 |
20120079276 | CONTENT SELECTION AND DELIVERY FOR RANDOM DEVICES - Intelligent content delivery enables content to be delivered to different devices in formats appropriate for those devices based on the capabilities of those devices. A user might access the same piece of content on two different devices, and can automatically receive a higher quality format on a device capable of playing that higher quality format. The user can purchase rights to content in any format, such that as new formats emerge or the user upgrades to devices with enhanced capabilities, the user can receive the improved formats automatically without having to repurchase the content. Further, the user can pause and resume content between devices even when those devices utilize different formats, and can access content on devices not otherwise associated with the user, receiving content in formats that are appropriate for those unknown devices even if the user has not previously accessed content in those formats. | 03-29-2012 |
20120079606 | RIGHTS AND CAPABILITY-INCLUSIVE CONTENT SELECTION AND DELIVERY - Intelligent content delivery enables content to be delivered to different devices in formats appropriate for those devices based on the capabilities of those devices. A user might access the same piece of content on two different devices, and can automatically receive a higher quality format on a device capable of playing that higher quality format. The user can purchase rights to content in any format, such that as new formats emerge or the user upgrades to devices with enhanced capabilities, the user can receive the improved formats automatically without having to repurchase the content. Further, the user can pause and resume content between devices even when those devices utilize different formats, and can access content on devices not otherwise associated with the user, receiving content in formats that are appropriate for those unknown devices even if the user has not previously accessed content in those formats. | 03-29-2012 |
20120233028 | INVENTORY POOLING FOR MULTIPLE MERCHANTS - Disclosed are various embodiments for implementing inventory pooling for multiple merchants. A first inventory of an item held at a first fulfillment center on behalf of a first merchant is contributed to a common pool of inventory. A second inventory of the item held at a second fulfillment center on behalf of a second merchant is contributed to the common pool of inventory. Fulfillment of an order placed by a customer of the first merchant is initiated from the second inventory of the item that was contributed by the second merchant to the common pool of inventory. | 09-13-2012 |
20120330954 | System And Method For Implementing A Scalable Data Storage Service - A system that implements a scalable data storage service may maintain tables in a non-relational data store on behalf of clients. The system may provide a Web services interface through which service requests are received, and an API usable to request that a table be created, deleted, or described; that an item be stored, retrieved, deleted, or its attributes modified; or that a table be queried (or scanned) with filtered items and/or their attributes returned. An asynchronous workflow may be invoked to create or delete a table. Items stored in tables may be partitioned and indexed using a simple or composite primary key. The system may not impose pre-defined limits on table size, and may employ a flexible schema. The service may provide a best-effort or committed throughput model. The system may automatically scale and/or re-partition tables in response to detecting workload changes, node failures, or other conditions or anomalies. | 12-27-2012 |
20130191847 | SAVING PROGRAM EXECUTION STATE - Techniques are described for managing distributed execution of programs. In at least some situations, the techniques include decomposing or otherwise separating the execution of a program into multiple distinct execution jobs that may each be executed on a distinct computing node, such as in a parallel manner with each execution job using a distinct subset of input data for the program. In addition, the techniques may include temporarily terminating and later resuming execution of at least some execution jobs, such as by persistently storing an intermediate state of the partial execution of an execution job, and later retrieving and using the stored intermediate state to resume execution of the execution job from the intermediate state. Furthermore, the techniques may be used in conjunction with a distributed program execution service that executes multiple programs on behalf of multiple customers or other users of the service. | 07-25-2013 |
20140082028 | SYSTEM AND METHOD FOR IMPLEMENTING A SCALABLE DATA STORAGE SERVICE - A system that implements a scalable data storage service may maintain tables in a non-relational data store on behalf of clients. The system may provide a Web services interface through which service requests are received, and an API usable to request that a table be created, deleted, or described; that an item be stored, retrieved, deleted, or its attributes modified; or that a table be queried (or scanned) with filtered items and/or their attributes returned. An asynchronous workflow may be invoked to create or delete a table. Items stored in tables may be partitioned and indexed using a simple or composite primary key. The system may not impose pre-defined limits on table size, and may employ a flexible schema. The service may provide a best-effort or committed throughput model. The system may automatically scale and/or re-partition tables in response to detecting workload changes, node failures, or other conditions or anomalies. | 03-20-2014 |
20140095727 | CLOUD-BASED DEVICE INTERACTION - A logically centralized system or service, such as a cloud-based content management service, enables intelligent communication between disparate devices. Such communication enables content such as applications and data to be synchronized between various devices, where the synchronization takes into account the capabilities of each device to provide versions and/or formats of that content that are appropriate for each device. A user purchasing an additional device, for example, can have various applications and other content automatically installed or copied over to the additional device, but with versions or formats that take advantage of, and are appropriate for, the capabilities of that additional device. Further, the intelligent communication via a logically centralized service can enable such devices to interact even though those devices might utilize different protocols and/or formats, and might otherwise not be able to communicate or have ever have been tested together. | 04-03-2014 |
20140101001 | INVENTORY POOLING FOR MULTIPLE MERCHANTS - Disclosed are various embodiments for implementing inventory pooling for multiple merchants. A first inventory of an item held at a first fulfillment center on behalf of a first merchant is contributed to a common pool of inventory. A second inventory of the item held at a second fulfillment center on behalf of a second merchant is contributed to the common pool of inventory. Fulfillment of an order placed by a customer of the first merchant is initiated from the second inventory of the item that was contributed by the second merchant to the common pool of inventory. | 04-10-2014 |
20140330981 | MANAGING DISTRIBUTED EXECUTION OF PROGRAMS - Techniques are described for managing distributed execution of programs. In some situations, the techniques include determining configuration information to be used for executing a particular program in a distributed manner on multiple computing nodes and/or include providing information and associated controls to a user regarding ongoing distributed execution of one or more programs to enable the user to modify the ongoing distributed execution in various manners. Determined configuration information may include, for example, configuration parameters such as a quantity of computing nodes and/or other measures of computing resources to be used for the executing, and may be determined in various manners, including by interactively gathering values for at least some types of configuration information from an associated user (e.g., via a GUI that is displayed to the user) and/or by automatically determining values for at least some types of configuration information (e.g., for use as recommendations to a user). | 11-06-2014 |
20150067111 | PROVIDING ENHANCED DATA RETRIEVAL FROM REMOTE LOCATIONS - Techniques are described for providing client computing nodes with enhanced access to data from remote locations, such as by providing and using local capabilities specific to the remote locations. In at least some situations, the access of a client computing node to data from a remote location may be enhanced by automatically performing activities local to the client computing node that improve the efficiency of communications sent between the client computing node and the remote location. As one example, access to data from a remote service may be enhanced by locally performing activities specific to the remote service, such as by using information about the remote service's internal mechanisms to cause the desired data to be provided from internal storage devices of the remote service without passing through front-end or other intermediate devices of the remote service while traveling to the client computing node. | 03-05-2015 |
20150106620 | METHOD AND SYSTEM FOR PROVIDING A SECURE SECRETS PROXY - A secure secrets proxy is instantiated in a first computing environment and includes secure secrets proxy authentication data for identifying itself to a secrets distribution management system in a second computing environment as a trusted virtual asset to receive and cache secrets data in a secure secrets cache outside the second computing environment. The secure secrets proxy requests one or more secrets to be cached and is then provided data representing the requested secrets in the secure secrets cache. The secure secrets proxy then receives secrets application request data from a second virtual asset instantiated in the first computing environment requesting one or more secrets be applied to second virtual asset data. The secure secrets proxy then obtains the required secrets from the secure secrets cache and coordinates the application of the secrets to the second virtual asset data. | 04-16-2015 |
20150106869 | METHOD AND SYSTEM FOR DISTRIBUTING SECRETS - Secrets data representing one or more secrets required to access associated resources is provided along with secrets distribution policy data representing one or more secrets distribution factors used to control the distribution of the secrets. When a requesting virtual asset submits secrets request data, virtual asset profile data associated with the requesting virtual asset is obtained. The requesting virtual asset profile data is then analyzed using at least one of the secrets distribution factors to authenticate the requesting virtual asset. The requesting virtual asset profile data is then analyzed using one or more of secrets distribution factors to determine what secrets the requesting virtual asset legitimately needs. Authorized secrets data for the requesting virtual asset representing one or more authorized secrets is then generated. The requesting virtual asset is then provided access to the authorized secrets data. | 04-16-2015 |
20150106939 | METHOD AND SYSTEM FOR DYNAMIC AND COMPREHENSIVE VULNERABILITY MANAGEMENT - One or more relevant scanners used to identify asset vulnerabilities are identified, obtained, and logically arranged for deployment on an asset in accordance with a vulnerability management policy and a scanner deployment policy such that the relevant scanners are deployed at, or before, a determined ideal time to minimize the resources necessary to correct the vulnerabilities, if found. The relevant scanners are then automatically deployed in accordance with the scanner deployment policy and, if a vulnerability is identified, one or more associated remedies or remedy procedures are applied to the asset. At least one of the one or more relevant scanners are then re-deployed on the asset to determine if the identified vulnerability has been corrected and, if the vulnerability is not corrected at, or before, a defined time, protective measures are automatically taken. | 04-16-2015 |
20150112999 | SYSTEM AND METHOD FOR IMPLEMENTING A SCALABLE DATA STORAGE SERVICE - A system that implements a scalable data storage service may maintain tables in a non-relational data store on behalf of clients. The system may provide a Web services interface through which service requests are received, and an API usable to request that a table be created, deleted, or described; that an item be stored, retrieved, deleted, or its attributes modified; or that a table be queried (or scanned) with filtered items and/or their attributes returned. An asynchronous workflow may be invoked to create or delete a table. Items stored in tables may be partitioned and indexed using a simple or composite primary key. The system may not impose pre-defined limits on table size, and may employ a flexible schema. The service may provide a best-effort or committed throughput model. The system may automatically scale and/or re-partition tables in response to detecting workload changes, node failures, or other conditions or anomalies. | 04-23-2015 |
20150128130 | METHOD AND SYSTEM FOR PROVIDING AND DYNAMICALLY DEPLOYING HARDENED TASK SPECIFIC VIRTUAL HOSTS - Virtual host creation data used to instantiate a hardened task specific virtual host in a first computing environment is generated including hardening logic for providing enhanced security and trust for the hardened task specific virtual host and internal task specific logic for directing and/or allowing the hardened task specific virtual host to perform a specific function assigned to the hardened task specific virtual host. When task data is received indicating a task to be performed in the first computing environment requires the performance of the specific function assigned to the hardened task specific virtual host, the hardened task specific virtual host is automatically instantiated and/or deployed in the first computing environment. | 05-07-2015 |
20150128204 | METHOD AND SYSTEM FOR AUTOMATICALLY MANAGING SECURE COMMUNICATIONS IN MULTIPLE COMMUNICATIONS JURISDICTION ZONES - Communications and data security policy data for two or more communications jurisdiction zones is obtained that includes data indicating allowed protocols for the respective communications jurisdiction zones. Data indicating a desired exchange of data between a first resource in a first communications jurisdiction zone and a second resource in a second communications jurisdiction zone is received/obtained. The first communications jurisdiction zone communications and data security policy data and the second communications jurisdiction zone policy data is automatically obtained and analyzed to determine an allowed type of secure communications security level for the desired exchange of data that complies with both the first communications jurisdiction zone communications and data security policy data and the second communications jurisdiction zone policy data. A communications channel, including the allowed type of secure communications security level, is automatically establishing between the first resource and the second resource. | 05-07-2015 |
20150128207 | METHOD AND SYSTEM FOR AUTOMATICALLY MANAGING SECRETS IN MULTIPLE DATA SECURITY JURISDICTION ZONES - Data security jurisdiction zones are identified and data security policy data for the data security jurisdiction zones is obtained. The data security policy data for the data security jurisdiction zones is then automatically analyzed to determine allowed secrets data with respect to each of the identified data security jurisdiction zones. The allowed secrets data with respect to each of the data security jurisdiction zones is then automatically obtained and provided to resources in the respective data security jurisdiction zones, either from a central secrets data store or from an allowed secrets data store associated with each data security jurisdiction zone. | 05-07-2015 |
20150128295 | METHOD AND SYSTEM FOR VALIDATING A VIRTUAL ASSET - Virtual asset creation data used to create a virtual asset is generated through a virtual asset creation system that includes primary virtual asset data. Secondary authentication data is also generated. When the virtual asset is launched, the secondary authentication data is passed to the virtual asset from the virtual asset creation system. The primary virtual asset data and secondary authentication data from the virtual asset creation system and the virtual asset, and/or one or more other sources associated with the virtual asset, are then sent to a virtual asset validation system through different communication channels. If the primary virtual asset data and secondary authentication data from the two sources match, or have a defined threshold level of similarity, the status of the virtual asset is transformed to the status of validated virtual asset eligible to receive sensitive data. | 05-07-2015 |
20150135305 | METHOD AND SYSTEM FOR DYNAMICALLY AND AUTOMATICALLY MANAGING RESOURCE ACCESS PERMISSIONS - Employment role data, trust data, and special permissions data, associated with a party is automatically obtained and/or monitored. The employment role data associated with the party, the trust data associated with the party, and the special permissions data associated with the party, is then analyzed to determine a set of allowed access permissions data to be associated with the party, the set of allowed access permissions data providing the party access to one or more resources. It is then either recommended that the set of allowed access permissions data be provided to the party, or the set of allowed access permissions data is automatically provided to the party. | 05-14-2015 |
20150149642 | DETERMINING COMPUTING-RELATED RESOURCES TO USE BASED ON CLIENT-SPECIFIED CONSTRAINTS - Techniques are described for facilitating a client's control over use of computing-related resources on the client's behalf. In some situations, a client's control is based on specifying a group of one or more resource usage constraints with a client resource constraint manager service, which provides information about the client-specified constraints to one or more other remote network services with which the client interacts. Those remote services then use that constraint information to determine whether and how to use computing-related resources on the client's behalf. For example, the resource usage constraints specified by a client may relate to one or more particular geographical areas and/or to one or more measures of relative proximity between computing-related resources (e.g., between multiple instances of a single type of computing-related resource provided by a single service, or between multiple distinct types of computing-related resources provided by multiple unaffiliated services). | 05-28-2015 |
20150186641 | METHOD AND SYSTEM FOR INTRUSION AND EXTRUSION DETECTION - A hypervisor includes an analysis trigger monitoring system. One or more analysis trigger parameters are defined and analysis trigger data representing the analysis trigger parameters is generated. The analysis trigger data is then provided to the analysis trigger monitoring system and the analysis trigger monitoring system is used to monitor at least a portion of the message traffic sent to, and/or sent from, a virtual asset controlled by the hypervisor to detect any message including one or more of the one or more analysis trigger parameters. A copy of at least a portion of any detected message including one or more of the one or more analysis trigger parameters is then transferred to one or more analysis systems for further analysis. | 07-02-2015 |
20150215327 | METHOD AND SYSTEM FOR EXTRUSION AND INTRUSION DETECTION IN A CLOUD COMPUTING ENVIRONMENT USING NETWORK COMMUNICATIONS DEVICES - An analysis trigger monitoring system is provided in a network communications device associated with a cloud computing environment. One or more analysis trigger parameters are defined and analysis trigger data representing the analysis trigger parameters is generated. The analysis trigger data is then provided to the analysis trigger monitoring system and the analysis trigger monitoring system is used to monitor at least a portion of the message traffic sent to, or sent from, virtual assets in the cloud computing environment and relayed by the network communications device through a network communication channel to detect any message including one or more of the one or more analysis trigger parameters. A copy of at least a portion of any detected message including one or more of the one or more analysis trigger parameters is then transferred to one or more analysis systems for further analysis using a second communication channel that is separate from the network communication channel. | 07-30-2015 |
20150222647 | METHOD AND SYSTEM FOR VIRTUAL ASSET ASSISTED EXTRUSION AND INTRUSION DETECTION IN A CLOUD COMPUTING ENVIRONMENT - An analysis trigger monitoring system is provided in one or more virtual assets. One or more analysis trigger parameters are defined and analysis trigger data is generated. The analysis trigger monitoring systems are used to monitor at least a portion of the message traffic sent to, or sent from, the one or more virtual assets to detect any message including one or more of the one or more analysis trigger parameters. A copy of at least a portion of any detected message including one or more of the one or more analysis trigger parameters is then transferred to one or more analysis systems for further analysis using a second communication channel. | 08-06-2015 |
20150222653 | METHOD AND SYSTEM FOR EXTRUSION AND INTRUSION DETECTION IN A CLOUD COMPUTING ENVIRONMENT - A traffic router proxy including an analysis trigger monitoring system is provided. One or more analysis trigger parameters are defined and analysis trigger data representing the analysis trigger parameters is generated. The analysis trigger data is then provided to the analysis trigger monitoring system and at least a portion of the message traffic sent to, or sent from, virtual assets in the cloud computing environment and relayed by the traffic router proxy through a first communication channel is monitored to detect one or more of the one or more analysis trigger parameters. A copy of at least a portion of any detected message including one or more of the one or more analysis trigger parameters is then transferred to one or more analysis systems for further analysis. | 08-06-2015 |
20150242631 | METHOD AND SYSTEM FOR PROVIDING A ROBUST AND EFFICIENT VIRTUAL ASSET VULNERABILITY MANAGEMENT AND VERIFICATION SERVICE - A virtual asset testing environment is provided that is distinct from a production computing environment. A virtual asset creation template associated with a class of virtual assets to be verified is identified, each virtual asset of the class of virtual assets being created using the virtual asset creation template. A designated test virtual asset is generated using the virtual asset creation template that is deployed in the virtual asset testing environment. The designated test virtual asset is then analyzed in the virtual asset testing environment to identify any vulnerabilities in the designated test virtual asset. If a vulnerability is identified in the designated test virtual asset, a remedy to the vulnerability is applied to the virtual asset creation template, and/or virtual assets created by the virtual asset creation template deployed in the production environment. | 08-27-2015 |
20150242634 | METHOD AND SYSTEM FOR PROVIDING AN EFFICIENT VULNERABILITY MANAGEMENT AND VERIFICATION SERVICE - A virtual asset creation template associated with a class of virtual assets is identified and analyzed to identify any vulnerabilities in the virtual asset creation template. If one or more vulnerabilities are identified in the virtual asset creation template, an appropriate remedy for each identified vulnerability identified in the virtual asset creation template is applied. If no vulnerability is identified in the virtual asset creation template, or once each vulnerability identified in the virtual asset creation template is remedied, each virtual asset of the virtual asset class generated using the virtual asset creation template is assigned an initial status of verified virtual asset. | 08-27-2015 |
20150248341 | MONITORING AND ANALYSIS OF OPERATING STATES IN A COMPUTING ENVIRONMENT - A set of techniques is described for monitoring and analyzing crashes and other malfunctions in a multi-tenant computing environment (e.g. cloud computing environment). The computing environment may host many applications that are executed on different computing resource combinations. The combinations may include varying types and versions of hardware or software resources. A monitoring service is deployed to gather statistical data about the failures occurring in the computing environment. The statistical data is then analyzed to identify abnormally high failure patterns. The failure patterns may be associated with particular computing resource combinations being used to execute particular types of applications. Based on these failure patterns, suggestions can be issued to a user to execute the application using a different computing resource combination. Alternatively, the failure patterns may be used to modify or update the various resources in order to correct the potential malfunctions caused by the resource. | 09-03-2015 |
20150263859 | METHOD AND SYSTEM FOR ACCOMMODATING COMMUNICATIONS CHANNELS USING DIFFERENT SECURE COMMUNICATIONS PROTOCOLS - A communications protocol is selected to be used to transfer message data between a source computing entity and a destination computing entity. Encryption code data identifying the selected communications protocol is generated and associated with the message data. One or more communications endpoint proxy systems are provided that include an encryption code identification module and a communications protocol processing module for obtaining communications protocol processing data associated with first communications protocol identified by encryption code data. The message data is transferred to the communications endpoint proxy and the communications protocol processing data associated with communications protocol identified by encryption code data is obtained and used to process the message data which is then transferred to the destination computing entity. | 09-17-2015 |
20150269064 | METHOD AND SYSTEM FOR TESTING CLOUD BASED APPLICATIONS IN A PRODUCTION ENVIRONMENT USING FABRICATED USER DATA - An application is implemented in the production environment in which the application will be used. Fabricated user data associated with the application implemented in the production environment is then generated and provided to the application as implemented in the production environment. The fabricated user data is then processed by the application in the production environment to transform the fabricated user data into fabricated user results data. In one embodiment, the fabricated user results data is then analyzed to evaluate the production environment and/or operation of the application in the production environment. | 09-24-2015 |
20150271195 | METHOD AND SYSTEM FOR PROVIDING TEMPORARY SECURE ACCESS ENABLED VIRTUAL ASSETS - Temporary secure access enabled virtual assets are provided that include a temporary secure access communications door. Upon receipt of temporary access authentication data from a source outside the temporary secure access enabled virtual asset, the temporary secure access communications door temporarily allows operational instruction code to be transferred into the temporary secure access enabled virtual asset from a source outside temporary secure access enabled virtual asset. | 09-24-2015 |
20150278517 | METHOD AND SYSTEM FOR COMPARING DIFFERENT VERSIONS OF A CLOUD BASED APPLICATION IN A PRODUCTION ENVIRONMENT USING SEGREGATED BACKEND SYSTEMS - An application is implemented in the production environment in which the application will be used. Two or more backend systems are used to implement different versions of the application using the production environment in which the application will actually be used and accessed. Actual user data is received. A first portion of the actual user data is routed and processed in the production environment using a first version of the application and a first backend system of the two or more backend systems. A second portion of the actual user data is also routed and processed in the production environment but using a second version of the application and a second backend system of the two or more backend systems. The results data is then analyzed to evaluate the various versions of the application in the production environment. | 10-01-2015 |
20150278523 | METHOD AND SYSTEM FOR TESTING CLOUD BASED APPLICATIONS AND SERVICES IN A PRODUCTION ENVIRONMENT USING SEGREGATED BACKEND SYSTEMS - An application is implemented in the production environment in which the application will be used. Two or more backend systems are provided. Actual user data is received. The actual user data is routed and processed in the production environment using a first backend system of the two or more backend systems. Fabricated user data is generated, routed, and also processed in the production environment but using a second backend system of the two or more backend systems. Results data from the processing of the fabricated user data is then analyzed to evaluate the production environment and/or operation of the application in the production environment. | 10-01-2015 |
20150288572 | PROGRAMMATICALLY SIMULATING SYSTEM CONDITIONS - Systems and methods are provided for programmatically simulating one or more system conditions for a network resource using one or more services. In one implementation, a server receives a request to initiate a treatment. The request identifies a treatment definition. The server determines, based on the treatment definition, the one or more services and deploys the one or more services to the network resource. The one or more services simulate the one or more system conditions. | 10-08-2015 |
20150288708 | METHOD AND SYSTEM FOR PROVIDING SECURITY AWARE APPLICATIONS - Instructions for monitoring and detecting one or more trigger events in assets used to implement an application are generated. Instructions for implementing at least one responsive action associated with each of the one or more trigger events is generated. At least part of instructions for monitoring and detecting the one or more trigger events is provided to an asset used to implement the application. The at least part of the instructions for monitoring and detecting the one or more trigger events are used by the asset to detect a trigger event. The instructions for implementing the at least one responsive action associated with each of the one or more trigger events is then used to automatically implement the at least one responsive action associated with the detected trigger event. | 10-08-2015 |
20150304343 | METHOD AND SYSTEM FOR PROVIDING SELF-MONITORING, SELF-REPORTING, AND SELF-REPAIRING VIRTUAL ASSETS IN A CLOUD COMPUTING ENVIRONMENT - Self-monitoring, self-reporting, and self-repairing virtual assets are provided that include virtual asset self-monitoring logic for detecting one or more trigger events within the self-monitoring, self-reporting, and self-repairing virtual assets, virtual asset self-reporting logic representing instructions for generating trigger event reporting data from the self-monitoring, self-reporting, and self-repairing virtual assets, and virtual asset self-reporting communications channel creation logic for opening a self-reporting communications channel between the self-monitoring, self-reporting, and self-repairing virtual assets and a virtual asset monitoring system. | 10-22-2015 |
20150310221 | METHOD AND APPARATUS TO ROTATE DATA ENCRYPTION KEYS IN DATABASES WITH NO DOWN TIME - A database includes a first instance and a second instance. The first and second instances of the database are encrypted with a first encryption key and have content that is synchronized. Database queries from a user computing device are directed to the first instance of the database. A third instance of the database is created from one of the existing two instances of the database. The third instance is decrypted from the first encryption key and is encrypted with a second encryption key. Database queries from the user computing device are redirected from the first instance of the database to the third instance of the database without interrupting service to the user computing device. The process is repeated by creating additional instances of the database, encrypting the additional instances with new encryption keys, and by redirecting database queries to the additional instances of the database. | 10-29-2015 |
20150312274 | METHOD AND SYSTEM FOR ENSURING AN APPLICATION CONFORMS WITH SECURITY AND REGULATORY CONTROLS PRIOR TO DEPLOYMENT - Asset security compliance data ensuring defined asset security policies are applied to the creation and/or operation of assets to be used to implement an application and application deployment security compliance data for ensuring compliance with one or more application deployment security policies associated with the deployment of assets used to implement the application is generated. The asset security compliance data is then used to ensure each asset used to implement the application is created and used in compliance with asset security policies and the application deployment security compliance data is used to ensure that each asset used to implement the application is deployed in compliance with the application deployment security policies. | 10-29-2015 |
20150319177 | METHOD AND SYSTEM FOR PROVIDING REFERENCE ARCHITECTURE PATTERN-BASED PERMISSIONS MANAGEMENT - Reference architecture pattern role data representing reference architecture pattern roles to be associated with entities taking part in the development, and/or deployment, and/or operation of an application is generated. Reference architecture pattern tier data representing reference architecture pattern tiers used to create, and/or deploy, and/or operate an application using the reference architecture pattern is generated. For each reference architecture pattern role at least one access and/or operational permission is associated with each reference architecture pattern tier. At least one entity is assigned one of the reference architecture pattern roles and for each reference architecture pattern tier, the at least one entity is automatically provided the at least one access and/or operational permission associated with the reference architecture pattern role assigned to the entity. | 11-05-2015 |
20150319186 | METHOD AND SYSTEM FOR DETECTING IRREGULARITIES AND VULNERABILITIES IN DEDICATED HOSTING ENVIRONMENTS - A dedicated hosting environment is provided and a requirement is imposed that each virtual asset deployed in the dedicated hosting environment include one or more required virtual asset characteristics. Each virtual asset deployed in the dedicated hosting environment is then provided virtual asset characteristic certification data indicating that the virtual asset includes the one or more required virtual asset characteristics. A virtual asset monitoring system then monitors each virtual asset deployed in the dedicated hosting environment to ensure that each virtual asset in the dedicated hosting environment includes the required virtual asset characteristic certification data. If a virtual asset is identified in the dedicated hosting environment that does not include the required virtual asset characteristic certification data, an alert is provided to one or more entities of the non-compliant virtual asset. | 11-05-2015 |
20150319192 | METHOD AND APPARATUS FOR MULTI-TENANCY SECRETS MANAGEMENT - A service provider computing environment includes a service provider secrets policy. A service provider computing device receives tenant secrets policies from tenants. The tenants are tenants of multi-tenant assets of a service provider. The service provider computing environment determines of the tenant secrets policies satisfy the requirements of the service provider secrets policy. If the tenant secrets policies satisfy the requirements of the service provider secrets policy, the service provider computing environment allows the tenant secrets policies to be applied to tenant data or information in the multi-tenant assets. | 11-05-2015 |
20150341357 | METHOD AND SYSTEM FOR ACCESS CONTROL MANAGEMENT USING REPUTATION SCORES - Security reputation data associated with a party is obtained and/or monitored. The security reputation data associated with the party is then analyzed to assign a security reputation score to the party. The security reputation score assigned to the party is then used to determine access permissions to be provided to the party. It is then either recommended that the determined access permissions be provided to the party, or the determined access permissions are automatically provided to the party. | 11-26-2015 |
20150347750 | METHOD AND APPARATUS FOR A SCORING SERVICE FOR SECURITY THREAT MANAGEMENT - A method and system for providing a security threat scoring service to identify and prioritize potential security threats to an online service. The method and system include determining security threat patterns, comparing traffic to the online system with the security threat patterns, and identifying portions of the traffic as a potential security threat. The method and system include assigning a threat score to the potential security threat, and providing the threat score to the online service to enable the online service to secure against the potential security threat. | 12-03-2015 |
20150347759 | METHOD AND APPARATUS FOR AUTOMATING THE BUILDING OF THREAT MODELS FOR THE PUBLIC CLOUD - A method and system for automating threat model generation for an application includes identifying components of an application, receiving security information that identifies whether security measures were implemented within the application to secure the application against security threats, determining whether the security measures sufficiently address security risks associated with the security threats, and providing a threat model that includes a report that identifies components of the application that have been sufficiently (or insufficiently) secured from the security threats, according to one embodiment. In one embodiment, determining whether the security measures sufficiently address the security risks can include transmitting first queries, receiving responses to the first queries, and transmitting subsequent queries based at least in part on the responses to the first queries. | 12-03-2015 |
20150347773 | METHOD AND SYSTEM FOR IMPLEMENTING DATA SECURITY POLICIES USING DATABASE CLASSIFICATION - Access to a database is obtained, the database containing data that is potentially of one or more data types and/or data security classifications. The data in the database is scanned to determine the types and/or data security classifications of the data in the database. Then based, at least in part, on the determined types and/or data security classifications of the data in the database a database security classification is associated with the entire database and used to select one or more security measures to be applied to the entire database, at the database level, in accordance with defined data security policies. | 12-03-2015 |
20150381641 | METHOD AND SYSTEM FOR EFFICIENT MANAGEMENT OF SECURITY THREATS IN A DISTRIBUTED COMPUTING ENVIRONMENT - A method and system for distributing security threat management of an instance of an application that is hosted from multiple geographic locations, according to one embodiment. The method and system include monitoring first operational characteristics of the instance of the application, and establishing an average for the first operational characteristics based at least partially on the first operational characteristics, according to one embodiment. The method and system include identifying a deviation from the average for the first operational characteristics that is more than a predetermined amount, according to one embodiment. The method and system include retrieving second operational characteristics for at least one other instance of the application and comparing the first operational characteristics to the second operational characteristics, according to one embodiment. The system and method include reporting an identification of a potential security threat, according to one embodiment. | 12-31-2015 |
20150381651 | METHOD AND SYSTEM FOR SECURE DELIVERY OF INFORMATION TO COMPUTING ENVIRONMENTS - A method and system for protecting and repairing a current virtual asset from damage by potential security threats, according to one embodiment. The method and system include monitoring a current a current virtual asset for potential security threats, with a virtual asset agent, according to one embodiment. The method and system include determining a severity of the potential security threats that are identified by the virtual asset agent, according to one embodiment. The method and system include creating a new virtual asset with the virtual asset agent and decommissioning the current virtual asset, according to one embodiment. The system and method receiving, with the new virtual asset, secrets that are associated with the current virtual asset to enable the new virtual asset to continue operations of the current virtual asset, according to one embodiment. | 12-31-2015 |
20160034359 | METHOD AND SYSTEM FOR PROVIDING AUTOMATED SELF-HEALING VIRTUAL ASSETS - A method and system for performing self-monitoring and self-healing operations from a virtual asset include receiving a first operating policy from an asset management computing environment, according to one embodiment. The method and system includes receiving a library of repairs from the asset management computing environment, according to one embodiment. The method and system includes detecting events, with the virtual asset, at least partially based on operational characteristics of the virtual asset exceeding at least one of the thresholds, according to one embodiment. The method and system includes repairing the virtual asset, with the virtual asset, using the library of repairs to return the virtual asset to the pre-determined state of operation. | 02-04-2016 |
20160036795 | METHOD AND SYSTEM FOR PROVIDING A VIRTUAL ASSET PERIMETER - A system and method provides a virtual perimeter by maintaining a data structure for identifying a first plurality of assets, according to one embodiment. The system and method provides services to a second of the first plurality of assets, at least partially based on identifiers for the first plurality of assets and at least partially based on a first role assigned to a first of the first plurality of assets, according to one embodiment. The system and method include admitting one of a second plurality of assets into the virtual perimeter if characteristics of the one of the second plurality of assets satisfy criteria for admission to the virtual perimeter, according to on embodiment. | 02-04-2016 |
20160036835 | METHOD AND SYSTEM FOR CORRELATING SELF-REPORTING VIRTUAL ASSET DATA WITH EXTERNAL EVENTS TO GENERATE AN EXTERNAL EVENT IDENTIFICATION DATABASE - A method and system for correlating patterns of operating virtual assets with external events includes receiving an identification of one of the external events, from one or more electronic sources, and receiving first patterns from one or more first virtual assets, according to one embodiment. The method and system include populating a database with the first patterns and the identification of the one of the external events to map the one of the external events to the first patterns, according to one embodiment. The method and system include receiving second patterns from one or more second virtual assets, and comparing the second patterns to the first patterns, according to one embodiment. The method and system include distributing the identification of the one of the external events to the one or more second virtual assets, if the second patterns are similar to the first patterns, according to one embodiment. | 02-04-2016 |
Patent application number | Description | Published |
20090312773 | ENDOSCOPIC STITCHING DEVICES - The present disclosure relates to devices, systems and methods for endoscopic suturing or stitching through an access tube or the like. An endoscopic stitching device is provided and includes a handle assembly; an elongate shaft supported by and extending from the handle assembly; and an end effector supported on a distal end of the elongate shaft. The end effector includes a neck assembly configured and adapted for articulation in one direction between a substantially linear configuration and an off-axis configuration, and a pair of juxtaposed jaws pivotally associated with one another. Each jaw defines a suture needle receiving recess formed in a tissue contacting surface thereof. | 12-17-2009 |
20100030028 | FLEXIBLE ENDOSCOPIC STITCHING DEVICES - An endoscopic stitching device including a tool assembly having a pair of juxtaposed jaws; a rotatably supported camming hub defining a groove formed in an inner surface of a central lumen thereof; and a center rod slidably and rotatably disposed within the lumen of the camming hub. The center rod is operatively engaged with the groove formed in the camming hub and engaged with the pair of jaws. The inner groove of the camming hub is configured such that, in at least one position, axial translation of the center rod relative to the camming hub results in rotation of the camming hub and at least one of opening and closing of the pair of jaws. The inner groove of the camming hub is configured such that, in at least one other position, rotation of the canter rod results in rotation of the tool assembly. | 02-04-2010 |
20100217282 | FLEXIBLE ENDOSCOPIC STITCHING DEVICES - An endoscopic stitching device is provided including a tool assembly having a pair of juxtaposed jaws each defining a needle receiving recess formed in a tissue contacting surface thereof; a selectively rotatably camming hub defining a helical groove formed in an outer surface thereof; a pair of axially translatable needle engaging blades slidably supported, one each, in a respective jaw, each blade having an advanced position wherein a distal end of the blade is engageable with a suture needle, and a retracted position wherein the distal end of the blade is out of engagement with the suture needle, wherein a proximal end of each blade is configured for slidable engagement in the helical groove of the camming hub; and a suture needle operatively associated with the tool assembly. | 08-26-2010 |
20110040308 | Endoscopic Stitching Devices - The present disclosure relates to devices, systems and methods for endoscopic suturing or stitching through an access tube or the like. An endoscopic stitching device is provided and includes a handle assembly; an elongate shaft supported by and extending from the handle assembly; and an end effector supported on a distal end of the elongate shaft. The end effector includes a neck assembly configured and adapted for articulation in one direction between a substantially linear configuration and an off-axis configuration, and a pair of juxtaposed jaws pivotally associated with one another. Each jaw defines a suture needle receiving recess formed in a tissue contacting surface thereof. | 02-17-2011 |
20110184459 | Articulating Surgical Device - An articulation mechanism for a surgical instrument includes an articulation assembly, a plurality of cables, and a trigger. The cables are coupled to the articulation assembly at a proximal end thereof and extend distally therefrom. The cables are configured to engage an end effector assembly of the surgical instrument at a distal end thereof. The trigger is coupled to the articulation assembly and is selectively moveable from a shipping position to a use position. In the shipping position, the cables are substantially un-tensioned. In the use position, the cables are disposed in an initial tensioned position. In the use position, the trigger is moveable between an unlocked position and a locked position. In the unlocked position, the cables are selectively tensionable to articulate the end effector assembly. In the locked position, the tensions on the cables are maintained to lock the end effector assembly in position. | 07-28-2011 |
20110208212 | SURGICAL CLIP APPLIER - Surgical clip appliers are provided and include a housing; at least one handle pivotably connected to the housing; a channel assembly extending distally from the housing; a clip carrier disposed within the channel assembly and defining a channel and a plurality of windows therein; a plurality of clips slidably disposed within the channel of the clip carrier; a wedge plate reciprocally disposed within the channel assembly; and a clip pusher bar reciprocally positioned within the housing and the channel assembly. A clip follower is slidably disposed within the channel of the clip carrier and disposed proximally of the plurality of clips. The clip follower is configured and dimensioned to lockout the clip applier after a last clip of the plurality of clips has been expelled by the surgical clip applier. | 08-25-2011 |
20120083797 | SURGICAL RETRIEVAL APPARATUS - A surgical retrieval apparatus includes a housing having an elongated sleeve extending therefrom that, together, cooperate to define a lumen extending therethrough. A shaft having an end effector assembly disposed at a distal end thereof is selectively translatable between a first position, wherein the end effector assembly is disposed within the sleeve, and a second position, wherein the end effector assembly extends distally from the sleeve. A specimen retrieval bag is releasably coupled to the end effector assembly and is deployable to an extended position upon movement of the end effector assembly from the first to the second position. | 04-05-2012 |
20120277769 | Flexible Endoscopic Stitching Devices - An endoscopic stitching device including a tool assembly having a pair of juxtaposed jaws; a rotatably supported camming hub defining a groove formed in an inner surface of a central lumen thereof; and a center rod slidably and rotatably disposed within the lumen of the camming hub. The center rod is operatively engaged with the groove formed in the camming hub and engaged with the pair of jaws. The inner groove of the camming hub is configured such that, in at least one position, axial translation of the center rod relative to the camming hub results in rotation of the camming hub and at least one of opening and closing of the pair of jaws. The inner groove of the camming hub is configured such that, in at least one other position, rotation of the canter rod results in rotation of the tool assembly. | 11-01-2012 |
20130103043 | SURGICAL RETRIEVAL APPARATUS FOR THORACIC PROCEDURES - A surgical retrieval apparatus includes a handle including an elongated sleeve extending therefrom that, together cooperate to define a lumen therethrough. A shaft having an end effector assembly disposed at a distal end thereof and a plunger disposed at a proximal end thereof is selectively translatable between a first position and a second position, wherein the end effector assembly extends from the sleeve. An articulation mechanism is configured to articulate the end effector assembly relative to the shaft. A specimen retrieval bag is coupled to the end effector assembly and is deployable to an extended position upon movement of the end effector assembly to the second position. | 04-25-2013 |
20130334280 | Sliding Anvil/Retracting Cartridge Reload - A surgical device has a handle assembly and an elongated member extending distally from the handle assembly. A tool assembly is mounted to a distal end of the elongated member. The tool assembly has a cartridge assembly having a plurality of staples. The tool assembly further has an anvil assembly. At least one of the anvil assembly and the cartridge assembly is movable in relation to each other between open and closed positions. At least one of the anvil assembly and the cartridge assembly has at least a portion configured for transitioning between a longitudinally extended state and a longitudinally retracted state. A transitioning mechanism is configured to transition at least one of the anvil assembly and the cartridge assembly between the extended and retracted states. | 12-19-2013 |
20140012289 | APPARATUS FOR ENDOSCOPIC PROCEDURES - A surgical device is provided. The surgical device includes a jaw assembly defining a first longitudinal axis and including a first jaw and a second jaw moveable relative to the first jaw; an elongated body defining a second longitudinal axis and coupled to a proximal end of the jaw assembly, wherein the jaw assembly is configured to articulate about an articulation axis transverse to the second longitudinal axis relative to the elongated body; and a handle assembly coupled to a proximal end of the elongated body and including at least one motor mechanically coupled to the jaw assembly and a control assembly including a first control button and a second control button, wherein actuation of the first control button moves the second jaw in approximation relative to the first jaw and actuating the second control button moves the second jaw away from the first jaw, and actuating the first and second control buttons moves the jaw assembly to a centered position in which the first and second longitudinal axes are substantially aligned, the handle assembly further includes an illumination member configured to output a light pattern indicative of a status of the surgical instrument. | 01-09-2014 |
20140263555 | Interchangeable Tip Reload - A surgical device including an end effector that is configured and adapted to receive an interchangeable tip is disclosed. Also disclosed are several interchangeable tips that are configured and adapted for different surgical procedures. The interchangeable tips facilitate the performance of different surgical procedures while using the same device. | 09-18-2014 |
20140291985 | SNAP CONNECTION FOR TWO TUBES - A medical tube assembly is disclosed, and includes a first tube portion defining a longitudinal axis, a second tube portion, and a coupling member. The coupling member is configured to couple the first tube portion and the second tube portion. The coupling member is configured to circumferentially engage the second tube portion and has a protrusion configured to engage a portion of the first tube portion. The second tube portion is configured to transition the coupling member from a resting condition to a coupling condition. The coupling member is configured to engage the first tube portion in the coupling condition. | 10-02-2014 |
20140316441 | SURGICAL CLIP APPLIERS - A surgical clip applier includes a housing, at least one handle, a channel assembly, a clip carrier, a wedge plate, a clip pusher bar, and a clip follower. The at least one handle is pivotably connected to the housing. The channel assembly extends distally from the housing. The clip carrier is disposed within the channel assembly and defines a channel and a plurality of windows. The wedge plate is reciprocally disposed within the channel assembly. The clip pusher bar is reciprocally positioned within the housing and the channel assembly. The clip follower is slidably disposed within the channel of the clip carrier and disposed proximally of a plurality of clips. The clip follower is configured and dimensioned to lockout the clip applier after a last clip of the plurality of clips has been expelled by the surgical clip applier. | 10-23-2014 |
20140373652 | ADAPTER DIRECT DRIVE WITH MANUAL RETRACTION, LOCKOUT AND CONNECTION MECHANISMS - A surgical device adapter for coupling an end effector to a handle assembly is disclosed. The surgical device adapter includes: a housing; a drive mechanism disposed within the housing and couplable to the handle assembly and the end effector; and a drive coupling assembly coupled to the surgical device adapter and selectively couplable to the handle assembly, the drive coupling assembly including a retraction assembly selectively couplable to the drive mechanism such that rotation of the drive coupling assembly about a longitudinal axis defined by the surgical device adapter and relative to the housing actuates the drive mechanism. | 12-25-2014 |
20150142006 | SURGICAL RETRIEVAL APPARATUS FOR THORACIC PROCEDURES - A surgical retrieval apparatus includes a handle including an elongated sleeve extending therefrom that, together cooperate to define a lumen therethrough. A shaft having an end effector assembly disposed at a distal end thereof and a plunger disposed at a proximal end thereof is selectively translatable between a first position and a second position, wherein the end effector assembly extends from the sleeve. An articulation mechanism is configured to articulate the end effector assembly relative to the shaft. A specimen retrieval bag is coupled to the end effector assembly and is deployable to an extended position upon movement of the end effector assembly to the second position. | 05-21-2015 |
20150150547 | ADAPTER ASSEMBLY FOR INTERCONNECTING SURGICAL DEVICES AND SURGICAL ATTACHMENTS, AND SURGICAL SYSTEMS THEREOF - An adapter assembly selectively interconnects a surgical device with a surgical attachment that is configured to perform at least one function. The adapter assembly includes a proximal end that includes at least one mating part adapted to be detachably connected to a surgical device and configured to permit coupling of the adapter assembly to a surgical device in at least a first connection orientation and a second connection orientation. | 06-04-2015 |