公开(公告)号：US10148629B1

公开(公告)日：2018-12-04

申请号：US14034527

申请日：2013-09-23

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Gregory Branchek Roth ,  Ian Nicholas Wesley-Smith ,  Cristian M. Ilac ,  Patrick James Ward

IPC: H04L29/06

Abstract: An application executing on a user device can receive a request to access a remote computer system. The application can automatically obtain an authentication code that is generated based at least in part on a seed value, which can be stored in the user device. The application can automatically generate an authentication request based at least in part on the access information and the authentication code, and transmit the authentication request to remote computer system.

公开(公告)号：US10033719B1

公开(公告)日：2018-07-24

申请号：US13721998

申请日：2012-12-20

Applicant: Amazon Technologies, Inc.

Inventor： Matthew Paul Baranowski ,  Srinivas Guduru ,  Patrick James Ward

IPC: H04L9/32 ,  H04L29/06

Abstract: Access to an information technology resource may be provided to a user involved in a data center construction project. The information technology resource may be located on a secure network, but be made accessible to the user through one or more unsecure networks. Access to the information technology resource aids the user in performing tasks related to data center construction, such as tracking the receipt and installation of equipment.

公开(公告)号：US10771586B1

公开(公告)日：2020-09-08

申请号：US13854669

申请日：2013-04-01

Applicant: Amazon Technologies, Inc.

Inventor： Brian Irl Pratt ,  Kathryn Marie Shih ,  Patrick James Ward

IPC: G06F9/50 ,  H04L29/08

Abstract: Methods and systems for implementing custom access controls are disclosed. A first task is added to a first workflow. A first role is generated for the first workflow. The first role comprises a first set of one or more permissions for using one or more computing resources. The one or more permissions in the first role are selected based on the first task. The first task is performed using the one or more computing resources in accordance with the first role.

公开(公告)号：US09425966B1

公开(公告)日：2016-08-23

申请号：US13826888

申请日：2013-03-14

Applicant: Amazon Technologies, Inc.

Inventor： Nachiketh Rao Potlapally ,  Eric Jason Brandwine ,  Gregory Alan Rubin ,  Patrick James Ward ,  James Leon Irving, Jr. ,  Andrew Paul Mikulski ,  Donald Lee Bailey, Jr.

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/30

CPC classification number: H04L9/3263 ,  H04L9/302 ,  H04L9/3268 ,  H04L63/0823 ,  H04L63/1433

Abstract: Methods and apparatus for a security mechanism evaluation service are disclosed. A storage medium stores program instructions that when executed on a processor define a programmatic interface enabling a client to submit an evaluation request for a security mechanism. On receiving an evaluation request from a client indicating a particular security mechanism using public-key encryption, the instructions when executed, identify resources of a provider network to be used to respond. The instructions, when executed, provide to the client, one or more of: (a) a trustworthiness indicator for a certificate authority that issued a public-key certificate in accordance with the particular security mechanism; (b) a result of a syntax analysis of the public-key certificate; or (c) a vulnerability indicator for a key pair.

Abstract translation: 公开了用于安全机制评估服务的方法和装置。 存储介质存储当在处理器上执行时定义编程接口的程序指令，使得客户端能够提交对安全机制的评估请求。 在从客户端接收到指示使用公钥加密的特定安全机制的评估请求时，执行指令时，识别要用于响应的提供商网络的资源。 指令在执行时向客户提供以下一个或多个：（a）根据特定安全机制发布公钥证书的认证机构的可信赖性指示符; （b）公钥证书的语法分析结果; 或（c）密钥对的漏洞指示符。

公开(公告)号：US10346626B1

公开(公告)日：2019-07-09

申请号：US13854679

申请日：2013-04-01

Applicant: Amazon Technologies, Inc.

Inventor： Brian Irl Pratt ,  Kathryn Marie Shih ,  Patrick James Ward

IPC: G06F17/30 ,  G06F21/62

Abstract: Methods and systems for implementing versioned access controls are disclosed. A first task is added to a first workflow with a first version of a default role. A second version of the default role is generated after the first task is added. A second task is added to a second workflow with the second version of the default role. The first version and the second version each comprise one or more permissions for using one or more computing resources. The first task is performed using the permissions in the first version of the default role. The second task is performed using the permissions in the second version of the default role.