Phone Factor Authentication
Granted: September 5, 2019
Application Number:
20190274043
Systems and techniques are described for authenticating a user. A described technique includes receiving, by an identity management application running on a user computer, a request to authenticate a user to access a user application using the user computer. The technique includes determining, by the identity management application, that a mobile device associated with the user is connected to the user computer using a short distance wireless connection. The technique includes…
AUTOMATED CONFIGURATION BASED DEPLOYMENT OF STREAM PROCESSING PIPELINE
Granted: August 29, 2019
Application Number:
20190268401
Techniques for generating a stream processing pipeline are provided. In one embodiment, a method includes receiving a configuration file from a data service. The configuration file represents a pipeline configuration of the stream processing pipeline, and the pipeline configuration includes representations of a plurality of different types of pipeline stages configured based on a respective customization of an entity. The method further includes generating a plurality of pipeline stages…
IMPARTIAL BUFFERING IN STREAM PROCESSING
Granted: August 29, 2019
Application Number:
20190268227
Techniques for generating a stream processing pipeline are provided. In one embodiment, a method includes generating a plurality of pipeline stages of a stream processing pipeline in accordance with a configuration file. The plurality of pipeline stages includes a first buffer stage designated for a first data service and a second buffer stage designated for a second data service. The method further includes collecting data items; processing the collected data items; and storing at least…
METHODS AND SYSTEMS THAT EFFICIENTLY AND SECURELY STORE DATA
Granted: August 29, 2019
Application Number:
20190268150
The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of confidential and critical data, referred to as “secrets,” within distributed computer systems. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple secret-share-storing node subsystems, without persistently storing the…
METHODS AND SYSTEMS THAT EFFICIENTLY AND SECURELY STORE ENCRYPTION KEYS
Granted: August 29, 2019
Application Number:
20190268149
The current document is directed to distributed-secure-storage systems, and processes carried out within the distributed-secure-storage systems, that provide for secure storage and retrieval of secrets within distributed computer systems, including private encryption keys used for client authentication during establishment of secure communications channels. The secret-storage systems partition an input secret into multiple secret shares and distribute the secret shares among multiple…
EFFICIENT TIME-RANGE QUERIES ON DATABASES IN DISTRIBUTED COMPUTING SYSTEMS
Granted: August 29, 2019
Application Number:
20190266273
The present disclosure relates to querying data cores for data items that correspond to a specified time range. Probabilistic data structures corresponding to associated data cores are used to filter the plurality of data cores to identify a subset of data cores that contain data items corresponding to the specified time range. Only the subset of the plurality of data cores determined to contain relevant data items are searched.
TAG-BASED CONTROL OF HOSTED COMPUTE RESOURCES
Granted: August 29, 2019
Application Number:
20190266025
A computer system includes hosts for hosting virtual infrastructures. Compute resources provided by the hosts are allocated to user groups (e.g., departments, projects) in the form of reservations that define amounts of resources available to the user groups. Tags can be associated with both hosts and with reservations. A reservation has access to resources of a host having a host tag that matches a user tag associated with the reservation. Thus, to make a host available to a…
SPLITTING A TIME-RANGE QUERY INTO MULTIPLE SUB-QUERIES FOR PARALLEL EXECUTION
Granted: August 1, 2019
Application Number:
20190236183
Techniques for splitting a time-range query into sub-queries for parallel execution are provided. In one embodiment, a user query requesting items from a database is received. A total number of items in the database that correspond to a time range of the user query is determined. Based on the total number of items, target values are determined. Each target value represents a target number of items in the database to be assigned to a respective sub-query. Based on the target values, a…
DATA INGESTION BY DISTRIBUTED-COMPUTING SYSTEMS
Granted: August 1, 2019
Application Number:
20190236197
Techniques for data ingestion by a distributed-computing system are provided. In one embodiment, data received from one or more data sources is processed at a management node of the distributed-computing system. The data is generated by one or more components of an information processing system external to the distributed-computing system. The data is stored at the management plane. The management plane selects, from a plurality of data cores, a data core to ingest the data. The…
SPLITTING A TIME-RANGE QUERY INTO MULTIPLE SUB-QUERIES FOR SERIAL EXECUTION
Granted: August 1, 2019
Application Number:
20190236185
Techniques for splitting a time-range query into sub-queries for serial execution are provided. In one embodiment, a user query is received requesting items within a time range from a database. The time range is divided into a plurality of time periods within the time range. Sub-queries defining respective time periods of the plurality of time periods are generated from the user query, and a first sub-query is executed. The first sub-query defines a first time period of the plurality of…
SPLITTING A QUERY INTO NATIVE QUERY OPERATIONS AND POST-PROCESSING OPERATIONS
Granted: August 1, 2019
Application Number:
20190236182
Techniques for splitting a query into native query operations and post-processing operations are provided. In one embodiment, a user query including a plurality of search parameters is received. Expressions representing the plurality of search parameters in the user query are determined. A first subset and a second subset of the expressions are identified. Each expression of the first subset corresponds to one of a plurality of native query operations executable by a database platform,…
DISK-IMAGE DEDUPLICATION WITH HASH SUBSET IN MEMORY
Granted: July 25, 2019
Application Number:
20190227726
Deduplication of virtual-machine disk images and other disk images can involve identifying the first clusters in a file. The clusters are hashed. The first-in-file hashes (generated from first-in-file clusters) are stored in an in-memory index, while the full set of hashes is streamed in order to find matches with the hashes stored in the in-memory index. First-in-file hashes in the stream are compared, while other hashes in the stream are compared only if the immediately preceding hash…
METHODS AND SYSTEMS THAT PROVISION APPLICATIONS ACROSS MULTIPLE COMPUTER SYSTEMS
Granted: July 25, 2019
Application Number:
20190229983
The current document is directed to an automated-application-installation subsystem that provisions, installs, and configures applications across cloud-computing providers. The automated-application-installation subsystem employs an application blueprint to identify components to provisions, including component specifications and constraints, and to identify interdependencies between components. The automated-application-installation subsystem then determines a cost-effective…
SYSTEM AND METHODS OF MANAGING SHARED KEYS IN A COMPUTER CLUSTER WITH HIGH AVAILABILITY
Granted: July 25, 2019
Application Number:
20190229902
A computer and method for managing a shared key in a cluster of computers utilizes a node key to decrypt an encrypted shared key to obtain the shared key. A computer in the cluster can receive the node key from another computer in the cluster by transmitting an encrypted node key that has been encrypted using a master key to the other computer in the cluster, which is then decrypted using the master key at the other computer. The received node key can then be used by the requesting…
SYSTEM AND METHOD FOR MANAGING TRANSACTIONS FOR MULTIPLE DATA STORE NODES WITHOUT A CENTRAL LOG
Granted: July 25, 2019
Application Number:
20190228096
Data storage system and method for managing transaction requests in the data storage system utilizes prepare requests for a transaction request for multiple data storage operations. The prepare requests are sent to selected destination storage nodes of the data storage system to handle the multiple data storage operations. Each prepare request includes at least one of the multiple data storage operations to be handled by a particular destination data store node and a list of the…
METHOD FOR USING DEALLOCATED MEMORY FOR CACHING IN AN I/O FILTERING FRAMEWORK
Granted: July 25, 2019
Application Number:
20190227957
Techniques are disclosed for filtering input/output (I/O) requests in a virtualized computing environment. In some embodiments, a system stores first data in a page of memory, where after the first data is stored in the page of memory, the page of memory is free for allocation to a first memory consumer (e.g., an I/O filter instantiated in a virtualization layer of the virtualized computing environment) and a second memory consumer. The first memory consumer retains a reference to the…
CODE-CHANGE AND DEVELOPER RATING IN AN AUTOMATED-APPLICATION-RELEASE-MANAGEMENT SUBSYSTEM
Granted: July 25, 2019
Application Number:
20190227793
The current document is directed to an automated-application-release-management system that organizes and manages the application-development and application-release processes to allow for continuous application development and release. The current document is particularly directed to implementations in which the automated application-release-management subsystem provides code-change ratings and developer ratings used throughout the code-change-submission-to-acceptance process.…
METHODS AND SYSTEMS THAT CARRY OUT LIVE MIGRATION OF MULTI-NODE APPLICATIONS
Granted: July 25, 2019
Application Number:
20190227781
The current document is directed to methods and systems that carry out live migration of multi-node applications in distributed-computing systems, including cloud-computing applications in cloud-computing facilities. The disclosed methods and systems employ an installer/agent and a data-transformation component to install new versions of a multi-node application within a distributed computing system and to then warm start each application-provided service within the newly installed…
GRAIN TABLE TO GRAIN-RANGE TABLE COMPRESSION
Granted: July 25, 2019
Application Number:
20190227752
A “grain” is a unit of space allocation in a virtual disk. Grains are represented in physical storage only when used, that is, when they contain data. Grains may be located in storage using an in-memory grain-range table. The grain-range table is derived from a grain table in storage. A grain-range table includes entries for the starting grains of incrementing and or decrementing ranges; grain-table entries that do not start a range are omitted in the grain-range table. Accordingly,…
SYSTEM AND METHOD FOR SPEED UP DATA REBUILD IN A DISTRIBUTED STORAGE SYSTEM WITH LOCAL DEDUPLICATION
Granted: July 25, 2019
Application Number:
20190227727
A method includes obtaining a plurality of representations corresponding respectively to a plurality of blocks of data stored on a source node. A plurality of data pairs are sent to a destination node, where each data pair includes a logical address associated with a block of data from the plurality of blocks of data and the corresponding representation of the block of data. A determination is made whether the blocks of data associated with the respective logical addresses are duplicates…
