公开(公告)号：US10528743B2

公开(公告)日：2020-01-07

申请号：US15651277

申请日：2017-07-17

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Alun Jones ,  Narasimha Rao Lakkakula

IPC: G06F21/57 ,  G06F8/71 ,  G06F8/77 ,  G06F11/36

Abstract: Disclosed are various embodiments for identifying characteristics of developers of problematic software. Report data generated by a security analysis tool is received, which is based at least in part on a security analysis of a program or an operational configuration. The report data indicates one or more security issues identified in the program or the operational configuration. A user is identified who is responsible for at least a threshold impact of the security issue(s). Coding or configuration characteristics associated with the user are then determined.

公开(公告)号：US10467423B1

公开(公告)日：2019-11-05

申请号：US14225958

申请日：2014-03-26

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Tushaar Sethi ,  Maarten Van Horenbeeck

IPC: G06F16/00 ,  G06F21/62

Abstract: Method and apparatus for identifying a flow of data from a first data store to a second data store are disclosed. In the method and apparatus, a service may send the data from the first data store to the second data store, whereby the service may be associated with an access control policy that specifies whether the service is permitted to send or receive the data. The access control policy may be used as a basis for the evaluation of executable instructions of the service, and evaluation of the executable instructions may be used to identify the first data store or the second data store.

公开(公告)号：US10298598B1

公开(公告)日：2019-05-21

申请号：US14108238

申请日：2013-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  George Nikolaos Stathakopoulos

IPC: H04L29/06

Abstract: Techniques for improving computer system security by detecting and responding to attacks on computer systems are described herein. A computer system monitors communications requests from external systems and, as a result of detecting one or more attacks on the computer system, the computer system responds to the attacks by analyzing the behavior of the attacker, relating that behavior to one or more attack profiles and creating a simulated environment to respond to the attack based in part on the attack profiles. The simulated environment responds to the attack by communicating with the attacker.

公开(公告)号：US10230705B1

公开(公告)日：2019-03-12

申请号：US14658276

申请日：2015-03-16

Applicant: Amazon Technologies, Inc.

Inventor： Preyas Joshi ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Jesper Mikael Johansson ,  Jon Arron McClintock ,  Gregory Branchek Roth

IPC: H04L29/06

Abstract: Disclosed are various embodiments for verifying the authenticity of machine-readable identifiers, such as quick response (QR) codes or other identifiers. After data is received corresponding to a machine-readable identifier, environmental data may be acquired with respect to an environment of the machine-readable identifier. The authenticity of the machine-readable identifier may be verified based at least in part on the environmental data. In some embodiments, a verification request may be sent to a trusted authority.

公开(公告)号：US10110385B1

公开(公告)日：2018-10-23

申请号：US14580118

申请日：2014-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Dylan Harris Rush ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Jesper Mikael Johansson ,  Jon Arron McClintock

IPC: H04L9/32

Abstract: A system and method for generating a signature for a document using credentials indicating an unsanctioned signing event. The system and method includes receiving a request to generate a signature of a signatory for a document, wherein the request includes a received set of credential data for a signatory, obtaining a token identifier for at least one computing device, and determining if the received set of credential data matches credentials indicating the unsanctioned signing event. The system and method further includes receiving the signature of the signatory, the document identifier, and the token identifier, and determining based at least in part on the signature, document identifier, and the token identifier, whether the received signature is associated with the unsanctioned signing event.

公开(公告)号：US20180198823A1

公开(公告)日：2018-07-12

申请号：US15917471

申请日：2018-03-09

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Darren Ernest Canavor ,  Jon Arron McClintock ,  Gregory Branchek Roth ,  Gregory Alan Rubin ,  Nima Sharifi Mehr

IPC: H04L29/06

Abstract: A client establishes a network session with a server. The network session is used to establish an encrypted communications session. The client establishes another network session with another server, such as after terminating the first network session. The client resumes the encrypted communications session over the network session with the other server. The other server is configured to receive encrypted communications from the client and forward them to the appropriate server.

公开(公告)号：US20180198779A1

公开(公告)日：2018-07-12

申请号：US15912431

申请日：2018-03-05

Applicant: Amazon Technologies, Inc.

Inventor： Darren Ernest Canavor ,  Varadarajan Gopalakrishnan ,  Jesper Mikael Johansson ,  Jon Arron McClintock ,  Brandon William Porter ,  Andrew Jay Roths

IPC: H04L29/06 ,  H04W12/10 ,  H04W12/06 ,  B64C39/02 ,  H04W4/12 ,  H04B7/185 ,  G08G5/00 ,  G05D1/00 ,  H04L29/12 ,  G07C5/00

CPC classification number: H04L63/0823 ,  B64C39/02 ,  B64C39/024 ,  B64C2201/146 ,  G05D1/00 ,  G05D1/0027 ,  G07C5/00 ,  G08G5/00 ,  G08G5/0034 ,  G08G5/0039 ,  H04B7/185 ,  H04L29/12 ,  H04L63/123 ,  H04W4/12 ,  H04W12/06 ,  H04W12/10

Abstract: Two unmanned vehicles come within communication range of one another. The unmanned vehicles exchange logs of messages each has received. Each of the unmanned vehicles analyzes the messages that it received from the other unmanned vehicle to determine whether any of the received messages warrants changing a set of tasks it was planning to perform. When a message indicates that a task should be changed, the task is updated accordingly.

公开(公告)号：US09934391B2

公开(公告)日：2018-04-03

申请号：US14921263

申请日：2015-10-23

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock

IPC: G06F21/62 ,  G06F21/57 ,  G06F21/55

CPC classification number: G06F21/62 ,  G06F21/556 ,  G06F21/57 ,  G06F2221/034

Abstract: Disclosed are various embodiments for a trust establishment application. Machine instances executed in the same computing environment generate side channel patterns embodying data identifying themselves as trusted machine instances. The side channel patterns are detected to determine which machine instances are trusted. An operational mode of a machine instance is configured as a function of whether a quorum of trusted machine instances are executed in the computing environment.

公开(公告)号：US20180091375A1

公开(公告)日：2018-03-29

申请号：US15829725

申请日：2017-12-01

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Dominique Imjya Brezinski ,  Tushaar Sethi ,  Maarten Van Horenbeeck

IPC: H04L12/24 ,  H04L12/733

CPC classification number: H04L41/12 ,  H04L45/122

Abstract: A method and apparatus for path detection are disclosed. In the method and apparatus, a data path may link two path-end nodes in a network. Event data for the network may be received and may be used to determine, for each node resident on the path, proximity measures to each path-end node. The proximity measure of network nodes may be evaluated to determine whether a path exists between the two path-end nodes.

公开(公告)号：US09930067B1

公开(公告)日：2018-03-27

申请号：US14576146

申请日：2014-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Darren Ernest Canavor ,  Jon Arron McClintock ,  Gregory Branchek Roth ,  Gregory Alan Rubin ,  Nima Sharifi Mehr

IPC: H04L29/00 ,  H04L29/06

CPC classification number: H04L63/166 ,  H04L63/0281 ,  H04L63/0428 ,  H04L63/0478 ,  H04L63/06 ,  H04L63/123 ,  H04L2463/061

Abstract: A client establishes a network session with a server. The network session is used to establish an encrypted communications session. The client establishes another network session with another server, such as after terminating the first network session. The client resumes the encrypted communications session over the network session with the other server. The other server is configured to receive encrypted communications from the client and forward them to the appropriate server.