Domain name service information propagation

US 9,756,012 B1
Filed: 06/16/2014
Issued: 09/05/2017
Est. Priority Date: 06/16/2014
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for assigning a domain name to a computing resource, comprising:

under the control of one or more computer systems configured with executable instructions,receiving, from a customer of a computing resource service provider, a request to assign a first alias for a first computing resource, the first alias usable to determine a first domain name for the first computing resource;

obtaining a first domain name service record, wherein the first domain name service record specifies one or more entities authorized to utilize the first alias and the first domain name service record is encrypted;

obtaining, from the computing resource service provider, one or more cryptographic keys to decrypt the first domain name service record;

determining whether the customer corresponds to an entity specified in the first domain name service record;

on a condition that it is determined that the customer corresponds to an entity specified in the first domain name service record, causing a domain name service to assign the first alias to the first computing resource;

detecting that a second alias for a second computing resource has been released by the customer;

updating an entry in a second domain name service record to indicate that the second alias has been released;

determining that the second alias was previously reserved for the customer; and

updating the second domain name service record to indicate that the second alias is reserved for the customer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing resource service receives a request from a customer to assign a domain name to a computing resource. The computing resource service may submit a query to a domain name system service to determine whether the domain name has been reserved for the customer. The domain name system service may provide an encrypted alias record corresponding to the requested domain name and specifying one or more identifiers of customers for whom the domain name has been reserved. The computing resource service may decrypt the alias record and determine whether the customer corresponds to one of the one or more identifiers within the alias record. If the customer does correspond to one of the one or more identifiers within the alias record, the computing resource service may assign the domain name to the computing resource.

30 Citations

View as Search Results

20 Claims

1. A computer-implemented method for assigning a domain name to a computing resource, comprising:
- under the control of one or more computer systems configured with executable instructions,receiving, from a customer of a computing resource service provider, a request to assign a first alias for a first computing resource, the first alias usable to determine a first domain name for the first computing resource;
  
  obtaining a first domain name service record, wherein the first domain name service record specifies one or more entities authorized to utilize the first alias and the first domain name service record is encrypted;
  
  obtaining, from the computing resource service provider, one or more cryptographic keys to decrypt the first domain name service record;
  
  determining whether the customer corresponds to an entity specified in the first domain name service record;
  
  on a condition that it is determined that the customer corresponds to an entity specified in the first domain name service record, causing a domain name service to assign the first alias to the first computing resource;
  
  detecting that a second alias for a second computing resource has been released by the customer;
  
  updating an entry in a second domain name service record to indicate that the second alias has been released;
  
  determining that the second alias was previously reserved for the customer; and
  
  updating the second domain name service record to indicate that the second alias is reserved for the customer.
- View Dependent Claims (2, 3, 4)
- - 2. The computer-implemented method of claim 1,wherein the first domain name service record is obtained from a domain name service database cache;
    - andfurther comprising updating the domain name service database cache in response to the domain name service assigning the first alias to the first computing resource.
  - 3. The computer-implemented method of claim 1, wherein the first domain name service record corresponding to the first alias is obtained from a domain name service in response to a domain name service query to the domain name service.
  - 4. The computer-implemented method of claim 1, wherein:
    - the second alias is stored in association with a second domain name by an association with a domain name placeholder that is constructed based at least in part on the second domain name and one or more control characters; and
      
      the method further comprises maintaining the domain name placeholder within the second domain name service record.

5. A system, comprising at least one computing device including one or more processors and one or more memories and that implements one or more services, wherein the one or more services:
- store, in a domain name service, a record in association with a domain name, wherein the record specifies one or more entities authorized to cause at least one of the one or more services to perform an operation and the record is encrypted;
  
  receive, from an entity, a request to cause the at least one of the one or more services to perform the operation;
  
  utilize a cryptographic key to decrypt the record;
  
  determine, based at least in part on the record, whether the entity is authorized to cause the at least one of the one or more services to perform the operation;
  
  as a result of determining that the entity is authorized to cause the at least one of the one or more services to perform the operation, enable the entity to cause the at least one of the one or more services to perform the operation;
  
  detect that a second domain name to a second computing resource has been released;
  
  update an entry in a second record in association with the second domain name to indicate that the second domain name has been released;
  
  determine that the second domain name was previously reserved for the entity; and
  
  update the second record in association with the second domain name to indicate that the second domain name is reserved for the entity.
- View Dependent Claims (6, 7, 8, 9, 10, 11, 12)
- - 6. The system of claim 5, wherein the record is stored in association with the domain name by an association with a domain name placeholder that is constructed based at least in part on the domain name and one or more control characters.
  - 7. The system of claim 6, wherein the one or more services are further configured to utilize a string specifying the requested operation and the one or more control characters to identify the domain name placeholder and obtain the record to determine whether the entity is authorized to cause the at least one of the one or more services to perform the operation.
  - 8. The system of claim 5, wherein the operation includes reserving the domain name to a computing resource in response to the request from the entity.
  - 9. The system of claim 8, wherein the one or more services are further configured to specify, within a domain name system database, that the domain name has been reserved as a result of detecting that the entity has reserved the domain name.
  - 10. The system of claim 5, wherein the one or more entities authorized to cause the at least one of the one or more services to perform the operation are specified within the record as a result of computing resource usage by the one or more entities satisfying one or more criteria.
  - 11. The system of claim 5, wherein the one or more services are further configured to provide the record in association with the domain name to other services in response to a request from the other services to obtain the record.
  - 12. The system of claim 5, wherein:
    - the second record is stored in association with the second domain name by an association with a domain name placeholder that is constructed based at least in part on the second domain name and one or more control characters; and
      
      the one or more services further maintain the domain name placeholder as a result of a determination that the second domain name was previously reserved for the entity.

13. A non-transitory computer-readable storage medium having collectively stored thereon executable instructions that, as a result of being executed by one or more processors of a computer system, cause the computer system to at least:
- perform, to a domain name service, a query to obtain a record specifying one or more entities authorized to cause the computer system to perform an operation in response to a request from an entity to cause the computer system to perform the operation and the record being encrypted;
  
  utilize a cryptographic key to decrypt the record;
  
  determine, based at least in part on the record, that the entity corresponds to the one or more entities specified in the record;
  
  as a result of determining that the entity is authorized to cause the computer system to perform the operation, cause the operation to be performed;
  
  detect that a domain name to a computing resource has been released;
  
  update an entry in a second record associated with the domain name to indicate that the domain name has been released;
  
  determine that the domain name was previously reserved for the entity; and
  
  update the second record to indicate that the domain name is reserved to the computing resource for the entity.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The non-transitory computer-readable storage medium of claim 13, wherein the record is stored, within the domain name service, in association with a second domain name by an association with a domain name placeholder that is constructed based at least in part on the second domain name and one or more control characters.
  - 15. The non-transitory computer-readable storage medium of claim 14, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the computer system to utilize a string specifying the requested operation and the one or more control characters to perform the query to cause the domain name service to identify the domain name placeholder and provide the record.
  - 16. The non-transitory computer-readable storage medium of claim 13, wherein the operation includes reserving a second domain name to a second computing resource in response to the request from the entity.
  - 17. The non-transitory computer-readable storage medium of claim 13, wherein the one or more entities authorized to cause the computer system to perform the operation are specified within the record as a result of computing resource usage by the one or more entities satisfying one or more criteria.
  - 18. The non-transitory computer-readable storage medium of claim 13, wherein the instructions further comprise instructions that, as a result of being executed by the one or more processors, cause the computer system to deny the request from the entity as a result of determining that the entity is not authorized to cause the computer system to perform the operation.
  - 19. The non-transitory computer-readable storage medium of claim 13, wherein the domain name service provides an entry for a second domain name to other services in response to a request from the other services to obtain the entry.
  - 20. The non-transitory computer-readable storage medium of claim 13, wherein:
    - the second record is stored, within the domain name service, in association with the second domain name by an association with a domain name placeholder that is constructed based at least in part on the second domain name and one or more control characters; and
      
      the instructions further cause the computer system to maintain the domain name placeholder as a result of a determination that the second domain name was previously reserved for the entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Pandya, Chirag Pravin, Yorks, Connor John, Rai, Krithi, Aung, Lawrence Hun-Gi
Primary Examiner(s)
Baturay, Alicia

Application Number

US14/305,848
Time in Patent Office

1,177 Days
Field of Search

709220
US Class Current
CPC Class Codes

H04L 61/3025 Domain name generation or a...

H04L 61/4511 using domain name system [DNS]

Domain name service information propagation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Domain name service information propagation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links