公开(公告)号：US10095860B1

公开(公告)日：2018-10-09

申请号：US14963819

申请日：2015-12-09

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  David Scott Cleckley, Jr. ,  Robert Ellis Lee ,  Annabelle Richard Backman

IPC: G06F21/45 ,  H04L29/06

Abstract: Disclosed are various embodiments for validating that relying parties of a federated identity provider have correctly implemented sign-out functionality. In one approach, a network page is received from a network site that is operated by a relying party of a federated identity provider. It is then determined whether the network page includes code that properly implements a sign-out from the federated identity provider. An action is initiated in response to determining that the network page does not include code that properly implements the sign-out from the federated identity provider.

公开(公告)号：US10002177B1

公开(公告)日：2018-06-19

申请号：US14028360

申请日：2013-09-16

Applicant: AMAZON TECHNOLOGIES, INC.

Inventor： Jon Arron McClintock ,  George Nikolaos Stathakopoulos ,  Dominique Imjya Brezinski

IPC: G06F17/30

CPC classification number: G06F16/284 ,  G06F16/24575

Abstract: Techniques are described for employing a crowdsourcing framework to analyze data related to the performance or operations of computing systems, or to analyze other types of data. A question is analyzed to determine data that is relevant to the question. The relevant data may be decontextualized to remove or alter contextual information included in the data, such as sensitive, personal, or business-related data. The question and the decontextualized data may then be presented to workers in a crowdsourcing framework, and the workers may determine an answer to the question based on an analysis or an examination of the decontextualized data. The answers may be combined, correlated, or otherwise processed to determine a processed answer to the question.

公开(公告)号：US09923927B1

公开(公告)日：2018-03-20

申请号：US14869344

申请日：2015-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Yogesh Vilas Golwalkar ,  Bharath Kumar Bhimanaik ,  Darin Keith McAdams ,  Tushaar Sethi

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0846 ,  H04L63/105 ,  H04L63/108

Abstract: Methods and systems are provided to enable access control based on credential properties. Besides authenticating a credential, an authentication service can provide additional credential-related information with respect to a credential such as last updated time. An entity receiving such additional credential-related information can implement access control policies based on the credential-related information. For instance, a user's access rights may be gradually restricted after an initial expiration time and towards a final expiration time. In an example, such access control may be implemented by a client application or client website of the authentication service. Alternatively or additionally, such access control may be implemented by an authorization service used by the client application or client website.

公开(公告)号：US09876645B1

公开(公告)日：2018-01-23

申请号：US14624480

申请日：2015-02-17

Applicant: Amazon Technologies, Inc.

Inventor： Harsha Ramalingam ,  Jesper Mikael Johansson ,  Jon Arron McClintock

IPC: H04L9/32 ,  G06F21/57

CPC classification number: H04L9/3247 ,  G06F21/44 ,  G06F21/57 ,  G06F21/645 ,  G06F2221/034

Abstract: A manufacturer of computing equipment may generate a signature for computing equipment by measuring various attributes of the computing equipment, such as the impedance across circuits included in the computing equipment. Verification equipment may be provided to a recipient of the computing equipment. The verification equipment may be configured to generate a signature of the computing equipment over a physical connection between the verification equipment and the computing equipment. A determination may be made whether the computing equipment has been tamper with based at least in part on the signature generated by the manufacturer and the signature generated by the recipient.

公开(公告)号：US09866393B1

公开(公告)日：2018-01-09

申请号：US14580111

申请日：2014-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Dylan Harris Rush ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Jesper Mikael Johansson ,  Jon Arron McClintock

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L9/3247 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3236

Abstract: A system and method for generating a signature for a document using an identity verification token. The identity verification token receives a request that includes a set of credential data from a signatory, obtains a document identifier that identifies the document to a service provider, and obtains a token identifier that identifies the identity verification token to the service provider. The identity verification token generates the signature based at least in part on the obtained document identifier, the received set of credential data, and obtained the token identifier, and provides the signature.

公开(公告)号：US09805215B1

公开(公告)日：2017-10-31

申请号：US14828276

申请日：2015-08-17

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Dominique Imjya Brezinski ,  Darren Ernest Canavor ,  Darin Keith McAdams ,  Jon Arron McClintock ,  Brandon William Porter

IPC: G06F21/62 ,  H04L29/06

CPC classification number: G06F21/6245 ,  G06F21/6227 ,  H04L67/42

Abstract: A technology is described for making a decision based on identifying without disclosing the identifying information. The method may include receiving a mapping value that represents identifying information that has been converted into a mapping value. A request for data associated with the identifying information may be made by providing the mapping value as a proxy for the identifying information whereby the data associated with the identifying information may be located using the mapping value and returned to a requesting client or service.

公开(公告)号：US20170187702A1

公开(公告)日：2017-06-29

申请号：US15455169

申请日：2017-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik ,  Jon Arron McClintock

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/08 ,  G06F21/10 ,  G06F21/602 ,  H04L9/08 ,  H04L9/14 ,  H04L29/06639 ,  H04L29/06646 ,  H04L63/0407 ,  H04L63/0414 ,  H04L63/0421 ,  H04L63/0428 ,  H04L67/306 ,  H04L2209/38

Abstract: Disclosed are various embodiments for correlating a first use case-specific entity identifier with a second use case-specific entity identifier. A chained entity identifier corresponds to the first use case-specific entity identifier. The chained entity identifier can include the second use case-specific entity identifier cryptographically wrapped by a use case-specific key. The second use case-specific entity identifier can be received from the chained entity identifier. The second use case-specific entity identifier can be correlated to the first use case-specific entity identifier.

公开(公告)号：US09674194B1

公开(公告)日：2017-06-06

申请号：US14207157

申请日：2014-03-12

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Jonathan Kozolchyk

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F21/33 ,  G06F21/34 ,  G06F21/604 ,  G06F21/6218 ,  H04L9/3234 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/102 ,  H04L63/12 ,  H04L63/123 ,  H04L63/126

Abstract: A resource owner or administrator submits a request to a permissions management service to create a permissions grant which may include a listing of actions a user may perform on a resource. Accordingly, the permissions management service may create the permissions grant and use a private cryptographic key to digitally sign the created permissions grant. The permissions management service may transmit this digitally signed permissions grant, as well as a digital certificate comprising a public cryptographic key for validating the permissions grant, to a target resource. The target resource may use the public cryptographic key to validate the digital signature of the permissions grant and determine whether a user is authorized to perform one or more actions based at least in part on a request from the user to perform these one or more actions on the resource.

公开(公告)号：US09497312B1

公开(公告)日：2016-11-15

申请号：US14624497

申请日：2015-02-17

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Phivos Costas Aristides ,  Darren Ernest Canavor ,  Arnaud Marie Froment ,  Scott Donald Gregory ,  Cory Adam Johnson ,  Chelsea Celest Krueger ,  Jon Arron McClintock ,  Vijay Rangarajan ,  Andrew Jay Roths

IPC: H04W12/06 ,  H04M1/725

CPC classification number: H04W12/06 ,  H04L63/08 ,  H04L63/083 ,  H04L63/0876 ,  H04L63/107 ,  H04M1/67 ,  H04M1/72522 ,  H04M1/72572 ,  H04M1/72577

Abstract: An access control application for mobile devices is provided. The access control application may be configured to generate a set of security tasks based at least in part on information corresponding to a user's interactions with the mobile device. An unlock screen of the mobile device may be triggered and a security tasks from the generated set of security tasks may be displayed through a user interface of the mobile device. The user's response to the security tasks may be obtained and a confidence score may be calculated, based at least in part on the response. The access control application may then determine, based at least in part on the score and one or more attributes of the environment, whether to unlock the mobile device or prompt the user to provide an additional response to another security task.

Abstract translation: 提供了用于移动设备的访问控制应用。 访问控制应用可以被配置为至少部分地基于与用户与移动设备的交互相对应的信息来生成一组安全任务。 可以触发移动设备的解锁屏幕，并且可以通过移动设备的用户界面显示来自生成的一组安全任务的安全任务。 可以至少部分地基于响应来获得用户对安全任务的响应并且可以计算可信度得分。 访问控制应用程序可以至少部分地基于环境的得分和一个或多个属性来确定是解锁移动设备还是提示用户向另一个安全任务提供额外的响应。

公开(公告)号：US20160285863A1

公开(公告)日：2016-09-29

申请号：US14671161

申请日：2015-03-27

Applicant: Amazon Technologies, Inc.

Inventor： Darren Ernest Canavor ,  Varadarajan Gopalakrishnan ,  Jesper Mikael Johansson ,  Jon Arron McClintock ,  Brandon William Porter ,  Andrew Jay Roths

IPC: H04L29/06 ,  H04W4/12 ,  H04W12/06 ,  B64C39/02

CPC classification number: H04L63/0823 ,  B64C39/02 ,  B64C39/024 ,  B64C2201/146 ,  G05D1/00 ,  G05D1/0027 ,  G07C5/00 ,  G08G5/00 ,  G08G5/0034 ,  G08G5/0039 ,  H04B7/185 ,  H04L29/12 ,  H04L63/123 ,  H04W4/12 ,  H04W12/06 ,  H04W12/10

Abstract: Two unmanned vehicles come within communication range of one another. The unmanned vehicles exchange logs of messages each has received. Each of the unmanned vehicles analyzes the messages that it received from the other unmanned vehicle to determine whether any of the received messages warrants changing a set of tasks it was planning to perform. When a message indicates that a task should be changed, the task is updated accordingly.

Abstract translation: 两辆无人车相互通讯。 无人车交换每个消息的日志。 每个无人驾驶车辆分析从其他无人驾驶车辆接收到的消息，以确定是否有任何接收到的消息需要更改其计划执行的一组任务。 当消息指示应该更改任务时，相应地更新任务。