公开(公告)号：US09979720B2

公开(公告)日：2018-05-22

申请号：US14882830

申请日：2015-10-14

Applicant: Amazon Technologies, Inc.

Inventor： Bharath Kumar Bhimanaik

IPC: G06F17/30 ,  H04L29/06 ,  H04L9/32 ,  G06F21/35 ,  G06F21/36

CPC classification number: H04L63/0853 ,  G06F21/35 ,  G06F21/36 ,  H04L9/321 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/18 ,  H04L65/60 ,  H04L2463/082 ,  H04W12/06

Abstract: A code for accessing a resource having a customer account associated therewith is presented via a secondary device, and authentication data indicative of the code that was presented is received from a primary device. The primary device is identified as a trusted device associated with the customer account responsive to receiving the authentication data therefrom, and the secondary device is authenticated for access to the resource responsive to identification of the primary device as the trusted device associated with the customer account.

公开(公告)号：US09946867B1

公开(公告)日：2018-04-17

申请号：US14869875

申请日：2015-09-29

Applicant: Amazon Technologies, Inc.

Inventor： Harsha Ramalingam ,  Zachary Damen Wolfe ,  Darren Ernest Canavor ,  Brian Dang ,  Max Funderburk ,  Jesper Mikael Johansson ,  Bharath Kumar Bhimanaik ,  Jon Arron McClintock ,  Jason Christopher Rudmann

IPC: G06F17/00 ,  G06F12/00 ,  G06F12/14 ,  G06F13/00 ,  G06F17/30 ,  G06F21/45 ,  G06F3/0488

CPC classification number: G06F21/45 ,  G06F3/04886 ,  G06F17/30914

Abstract: Input received into a first component of a user interface is mirrored in another component of the user interface. The first component of the user interface is monitored and changes to the first component are caused to occur in the second component. The first component may be configured to receive user input for an authentication claim.

公开(公告)号：US09807068B1

公开(公告)日：2017-10-31

申请号：US14563095

申请日：2014-12-08

Applicant: Amazon Technologies, Inc.

Inventor： Yogesh Vilas Golwalkar ,  Bharath Kumar Bhimanaik

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/068 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/10 ,  H04W12/06

Abstract: Disclosed are various embodiments for an authentication service. A unique identifier is associated with a device access token for a client to be authenticated. An authentication identifier is sent to an authenticated client. The client to be authenticated communicates the authentication identifier and unique identifier to the authentication service to complete authentication.

公开(公告)号：US09674175B2

公开(公告)日：2017-06-06

申请号：US15044709

申请日：2016-02-16

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Wade Hitchcock ,  Brad Lee Campbell ,  Bharath Kumar Bhimanaik

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/0823 ,  H04L63/0281 ,  H04L63/0884 ,  H04L67/14 ,  H04L67/28 ,  H04L67/42

Abstract: Disclosed are various embodiments for network site account management using a proxy server. A request for a secured resource on a network site is generated based at least in part on stored account information in response to receiving an initial request for the secured resource from a client. The request is sent to the network site. The secured resource is sent to the client in response to receiving the secured resource from the network site.

公开(公告)号：US09282098B1

公开(公告)日：2016-03-08

申请号：US13792678

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Wade Hitchcock ,  Brad Lee Campbell ,  Bharath Kumar Bhimanaik

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  H04L63/0281 ,  H04L63/0884 ,  H04L67/14 ,  H04L67/28 ,  H04L67/42

Abstract: Disclosed are various embodiments for network site account management using a proxy server. A first request for a secured resource on a network site is received from a client. It is determined whether stored account information is available for the secured resource. A second request for the secured resource is generated based at least in part on the stored account information in response to determining that the stored account information is available for the secured resource. The second request is sent to a server corresponding to the network site. The secured resource is received from the server, and the secured resource is sent to the client.

Abstract translation: 公开了使用代理服务器进行网站帐户管理的各种实施例。 从客户端接收到网站上的安全资源的第一个请求。 确定存储的帐户信息是否可用于安全资源。 响应于确定存储的帐户信息对于安全资源可用，至少部分地基于所存储的帐户信息来生成对安全资源的第二请求。 第二个请求被发送到对应于该网站的服务器。 从服务器接收安全资源，并将安全资源发送给客户端。

公开(公告)号：US20150341334A1

公开(公告)日：2015-11-26

申请号：US14817846

申请日：2015-08-04

Applicant: Amazon Technologies, Inc.

Inventor： Bharath Kumar Bhimanaik

IPC: H04L29/06

CPC classification number: H04L63/08 ,  G06F21/335 ,  G06F21/41 ,  H04L63/0807 ,  H04L63/0815 ,  H04L63/102

Abstract: Disclosed are various embodiments for synchronizing authentication sessions between applications. In one embodiment, a first authentication token is received from a first application in response to determining that the first application is authenticated with a service provider. A second authentication token is requested from a token exchange service associated with the service provider. The second authentication token is requested using the first authentication token. The second application is configured to use the second authentication token in order to access a resource of the service provider.

Abstract translation: 公开了用于在应用之间同步认证会话的各种实施例。 在一个实施例中，响应于确定第一应用被服务提供商认证，从第一应用接收第一认证令牌。 从与服务提供商相关联的令牌交换服务请求第二认证令牌。 使用第一认证令牌请求第二认证令牌。 第二应用被配置为使用第二认证令牌来访问服务提供商的资源。

公开(公告)号：US09178890B1

公开(公告)日：2015-11-03

申请号：US14101697

申请日：2013-12-10

Applicant: Amazon Technologies, Inc.

Inventor： Bharath Kumar Bhimanaik

IPC: G06F7/04 ,  H04L29/06 ,  H04L9/32

CPC classification number: H04L63/0853 ,  G06F21/35 ,  G06F21/36 ,  H04L9/321 ,  H04L63/08 ,  H04L63/10 ,  H04L63/102 ,  H04L63/18 ,  H04L65/60 ,  H04L2463/082 ,  H04W12/06

Abstract: A code for accessing a resource having a customer account associated therewith is presented via a secondary device, and authentication data indicative of the code that was presented is received from a primary device. The primary device is identified as a trusted device associated with the customer account responsive to receiving the authentication data therefrom, and the secondary device is authenticated for access to the resource responsive to identification of the primary device as the trusted device associated with the customer account.

Abstract translation: 通过辅助设备呈现用于访问具有与其相关联的客户帐户的资源的代码，并且从主设备接收到表示所呈现的代码的认证数据。 响应于从其接收到认证数据，主设备被识别为与客户帐户相关联的可信设备，并且辅助设备被认证用于响应于主设备的标识作为与该客户帐户相关联的信任设备的标识。

公开(公告)号：US11011178B2

公开(公告)日：2021-05-18

申请号：US16715797

申请日：2019-12-16

Applicant: Amazon Technologies, Inc.

Inventor： Bharath Kumar Bhimanaik ,  Daniel Wade Hitchcock

IPC: G10L15/00 ,  G10L17/00 ,  G10L19/018 ,  G10L17/02 ,  G10L17/06 ,  G10L25/51 ,  G10L15/08

Abstract: Disclosed are various embodiments for detecting replay attacks in voice-based authentication systems. In one embodiment, audio is captured via an audio input device. It is then verified that the audio includes a voice authentication factor spoken by a user. If it is determined that the audio includes unexpected environmental audio in addition to the voice authentication factor that has been verified, one or more actions may be performed.

公开(公告)号：US10354075B1

公开(公告)日：2019-07-16

申请号：US15638867

申请日：2017-06-30

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Wade Hitchcock ,  Darren Ernest Canavor ,  Jesper Mikael Johansson ,  Bharath Kumar Bhimanaik ,  Andrew Jay Roths

IPC: G06F21/00 ,  G06F21/57 ,  G06F3/0484

Abstract: Computing devices are disclosed that include functionality for providing a trustworthy indication of software integrity. The computing devices include a hardware trust evaluation device capable of determining the trustworthiness of computer programs executing on the devices. At least one trust indicator is also connected to the hardware trust evaluation device for providing an external indication of the trustworthiness of a computer program. Additional security information regarding the trustworthiness of the computer program may be displayed on the primary display device of the computing device. The display of the security information is triggered by a user of the computing device submitting a request through a secure mechanism, where the request is unobservable and inaccessible to programs executing on the computing device. Additional secure mechanisms, such as a unique user interface for displaying the security information, can be utilized to ensure the authenticity of the displayed security information.

公开(公告)号：US10178082B2

公开(公告)日：2019-01-08

申请号：US15631329

申请日：2017-06-23

Applicant: Amazon Technologies, Inc.

Inventor： Harsha Ramalingam ,  Jesper Mikael Johansson ,  Bharath Kumar Bhimanaik

IPC: G06F21/42 ,  H04L29/06 ,  G06F21/44 ,  G06F9/4401 ,  G06F21/57

Abstract: Disclosed are various embodiments that facilitate bootstrap authentication of a second application by way of a user confirmation via a first application. The first application is authenticated using trusted credentials. A first application is authenticated with an authentication service using the security credential. Text input is sent from the first application to the second application via the network. The text input is sent to a text entry field on the second application.