公开(公告)号：US10803164B2

公开(公告)日：2020-10-13

申请号：US16130060

申请日：2018-09-13

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  David Scott Cleckley, Jr. ,  Robert Ellis Lee ,  Annabelle Richard Backman

IPC: G06F21/45 ,  H04L29/06 ,  G06F21/41

Abstract: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.

公开(公告)号：US10333946B1

公开(公告)日：2019-06-25

申请号：US15189493

申请日：2016-06-22

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik ,  Robert Ellis Lee

IPC: H04L29/06

Abstract: Disclosed are various embodiments for distributing and verifying ephemeral security credentials of variable entropy across channels of communication of variable levels of security assurance. In one embodiment, a security credential is generated for a user account. A subset of a set of communication channels associated with the user account is determined based at least in part on respective measures of entropy and/or security assurance corresponding to individual ones of the set of communication channels. The security credential is divided into multiple portions. A corresponding portion of the portions is sent across individual channels of subset of channels. A client computing device is authenticated for access to the user account based at least in part on receiving the portions of the security credential.

公开(公告)号：US10095860B1

公开(公告)日：2018-10-09

申请号：US14963819

申请日：2015-12-09

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  David Scott Cleckley, Jr. ,  Robert Ellis Lee ,  Annabelle Richard Backman

IPC: G06F21/45 ,  H04L29/06

Abstract: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.