-
公开(公告)号:US10721075B2
公开(公告)日:2020-07-21
申请号:US15204927
申请日:2016-07-07
Applicant: Amazon Technologies, Inc.
Inventor: Matthew John Campagna , Gregory Branchek Roth
Abstract: A new version of a structured collection of information, different from a previous version, of a cryptographic domain is created. The new version is created to be verifiable as a valid successor to the previous version and to specify a new set of quorum rules, with the new set of quorum rules defining one or more conditions to be fulfilled by a plurality of operators as conditions precedent to update the structured collection. The new version is provided to the plurality of operators. Digital signatures corresponding to the new version are obtained, and, as a result of the digital signatures received fulfilling the one or more conditions defined by a previous set of quorum rules specified by the previous version, the new version is caused to replace the previous version.
-
152.发明申请公开(公告)号:US20200213108A1
公开(公告)日:2020-07-02
申请号:US16812085
申请日:2020-03-06
Applicant: Amazon Technologies, Inc.
Abstract: A request to perform a cryptographic operation is received, the request including a first identifier assigned to a key group, the key group comprising a plurality of second identifiers, with the plurality of second identifiers corresponding to a plurality of cryptographic keys. A second identifier is determined, according to a distribution scheme, from the plurality of second identifiers, and the cryptographic operation is performed using a cryptographic key of the plurality of cryptographic keys that corresponds to the second identifier that was determined.
-
公开(公告)号:US10666684B2
公开(公告)日:2020-05-26
申请号:US15849351
申请日:2017-12-20
Applicant: Amazon Technologies, Inc.
Inventor: Gregory Branchek Roth , Eric Jason Brandwine
IPC: H04L29/06
Abstract: A request to access one or more computing resources is received by a system. The system performs one or more operations in response to the request according to one or more security polices, the one or more operations selected according to a substantially random selection process. A response to the request is caused based at least in part on the one or more operations.
-
公开(公告)号:US10574699B1
公开(公告)日:2020-02-25
申请号:US14954787
申请日:2015-11-30
Applicant: Amazon Technologies, Inc.
Inventor: Graeme David Baer , Bradford Taylor Lyman , Weixun Wang , Dmitry Frenkel , Gregory Branchek Roth
Abstract: A load balancing service receives a request from a customer to configure a load balancer for distributing incoming requests to one or more computing resources of the customer. The load balancing service uses configuration information specified in the request to configure the load balancer such that the load balancer, in response to an incoming request, can determine whether the incoming request satisfies a set of request processing rules usable to determine whether the request is to be transmitted to any computing resource of the one or more computing resources. The load balancer transmits the incoming request to a computing resource of the customer as a result of the rules being satisfied.
-
公开(公告)号:US10560441B2
公开(公告)日:2020-02-11
申请号:US14574337
申请日:2014-12-17
Applicant: Amazon Technologies, Inc.
Inventor: Gregory Alan Rubin , Gregory Branchek Roth
IPC: H04L29/06
Abstract: A cryptography service allows for management of cryptographic keys and for the evaluation of security expectations when processing incoming requests. In some contexts, the cryptography service, upon receiving a request to perform a cryptographic operation, evaluates a set of security expectations to determine whether the cryptographic key or keys usable to perform the cryptographic operation should be trusted. A response to the request is dependent on evaluation of the security expectations.
-
Patent Agency Ranking
公开(公告)号:US10521984B1
公开(公告)日:2019-12-31
申请号:US14675654
申请日:2015-03-31
Applicant: Amazon Technologies, Inc.
Inventor: Jesper Mikael Johansson , Eric Allan MacIntosh , Gregory Branchek Roth
Abstract: Techniques described and suggested in the present document include access-card systems and methods that are resistant to attack. In certain implementations, a card reader transmits a challenge message to an access card. When the access card receives the challenge message, the access card validates the challenge message, and then generates a response message based at least in part on the information contained in the challenge message. A security server validates the response message, and when the security server determines that the response is secure, valid, and from an authorized access card, the security server grants access to a physical space. In some implementations, the challenge and response messages are digitally signed using a cryptographic key. Additional implementations include various tests that, when performed on the challenge and/or response messages detect and defeat many attempts to compromise the access-card system.
-
公开(公告)号:US10474829B2
公开(公告)日:2019-11-12
申请号:US15712043
申请日:2017-09-21
Applicant: Amazon Technologies, Inc.
Inventor: Gregory Branchek Roth , Eric Jason Brandwine , Matthew James Wren
Abstract: A service proxy services as an application programming interface proxy to a service, which may involve data storage. When a request to store data is received by the service proxy, the service proxy encrypts the data and stores the data in encrypted form at the service. Similarly, when a request to retrieve data is received by the service proxy, the service proxy obtains encrypted data from the service and decrypts the data. The data may be encrypted using a key that is kept inaccessible to the service.
-
公开(公告)号:US10452837B1
公开(公告)日:2019-10-22
申请号:US14498870
申请日:2014-09-26
Applicant: Amazon Technologies, Inc.
Abstract: A support service application may process a request that contains a hyperlink. The hyperlink may be examined to determine a level of risk associated with accessing a resource referred to by the hyperlink. An execution environment for processing the hyperlink may be identified. The execution environment may comprise a virtual machine drawn from a pool of virtual machines. The resource may be retrieved by a browser process operating within the context of the virtual machine, and a safe version of the resource may be rendered and made available to customer support personnel using the support service application.
-
公开(公告)号:US10367791B2
公开(公告)日:2019-07-30
申请号:US15786322
申请日:2017-10-17
Applicant: Amazon Technologies, Inc.
Inventor: Gregory Branchek Roth , Eric Jason Brandwine
Abstract: Requests are pre-generated to include a cryptographic key to be used in fulfilling the requests. The requests may be encoded in uniform resource locators and may include authentication information to enable a service provider to whom the requests are submitted to determine whether the requests are authorized. The requests may be passed to various entities who can then submit the requests to the service provider. The service provider, upon receipt of a request, can verify the authentication information and fulfill the request using a cryptographic key encoded in the request.
-
公开(公告)号:US10356069B2
公开(公告)日:2019-07-16
申请号:US15042071
申请日:2016-02-11
Applicant: Amazon Technologies, Inc.
Inventor: Jesper Mikael Johansson , Gregory Branchek Roth
Abstract: Representations of authentication objects are provided for selection via an interface. An authentication object may be generated to include information obtained from one or more sensors of a device. A selected authentication object may contain information sufficient for authentication with a corresponding system. The interface may provide multiple representations of authentication objects that are usable with different service providers. The interface, executed by a first device, may be configured to authenticate a second device.
-
-
-
-
-
-
-
-
-
Search Results
385
records
(took 0.028 seconds)
