知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

70 records (took 0.046 seconds)

    MULTIPLE AUTHORITY DATA SECURITY AND ACCESS
    52.
    发明申请
    MULTIPLE AUTHORITY DATA SECURITY AND ACCESS 审中-公开
    多个权限数据安全和访问

    公开(公告)号:US20160285625A1

    公开(公告)日:2016-09-29

    申请号:US15179827

    申请日:2016-06-10

    Applicant: Amazon Technologies, Inc.

    Inventor: Gregory Branchek Roth Matthew James Wren

    IPC: H04L9/08 H04L9/14

    CPC classification number: H04L9/083 G06F21/6209 H04L9/0822 H04L9/0825 H04L9/0894 H04L9/14 H04L63/0435 H04L63/06

    Abstract: A request to perform one or more operations using a second key that is inaccessible to a customer of a computing resource service provider is received from the customer, with the request including information that enables the computing resource service provider to select the second key from other keys managed on behalf of customers of the computing resource service provider. A first key, and in addition to the first key, an encrypted first key, is provided to the customer. Data encrypted under the first key is received from the customer. The encrypted first key and the data encrypted under the first key is caused to be stored in persistent storage, such that accessing the data, in plaintext form, from the persistent storage requires use of both a third key and the second key that is inaccessible to the customer.

    Abstract translation: 从客户接收到使用第二密钥执行一个或多个操作的请求,该第二密钥对于计算资源服务提供者的客户无法访问,该请求包括使得计算资源服务提供商能够从其​​他密钥中选择第二密钥的信息 代表计算资源服务提供商的客户管理。 第一个密钥,除了第一个密钥,加密的第一个密钥,被提供给客户。 从客户那里收到第一个密钥加密的数据。 使加密的第一密钥和在第一密钥下加密的数据被存储在永久存储器中,使得以明文形式从永久存储器访问数据需要使用无法访问的第三密钥和第二密钥 客户。

    Access control using impersonization
    55.
    发明授权
    Access control using impersonization 有权

    公开(公告)号:US11431757B2

    公开(公告)日:2022-08-30

    申请号:US16880886

    申请日:2020-05-21

    Applicant: Amazon Technologies, Inc.

    Inventor: Gregory Branchek Roth Matthew James Wren Brian Irl Pratt

    IPC: H04L9/40 H04L9/32 G06F21/33 G06F21/60

    Abstract: A first service submits a request to a second service on behalf of a customer of a service provider. The request may have been triggered by a request of the customer to the first service. To process the request, the second service evaluates one or more policies to determine whether fulfillment of the request is allowed by policy associated with the customer. The one or more policies may state one or more conditions on one or more services that played a role in submission of the request. If determined that the policy allows fulfillment of the request, the second service fulfills the request.

    Data security with a security module
    57.
    发明授权
    Data security with a security module 有权

    公开(公告)号:US11036869B2

    公开(公告)日:2021-06-15

    申请号:US15173523

    申请日:2016-06-03

    Applicant: Amazon Technologies, Inc.

    Inventor: Gregory Branchek Roth Matthew James Wren Eric Jason Brandwine Brian Irl Pratt

    IPC: G06F21/60 H04L29/06 H04L9/08

    Abstract: A security module securely manages keys. The security module is usable to implement a cryptography service that includes a request processing component. The request processing component responds to requests by causing the security module to perform cryptographic operations that the request processing component cannot perform due to a lack of access to appropriate keys. The security module may be a member of a group of security modules that securely manage keys. Techniques for passing secret information from one security module to the other prevent unauthorized access to secret information.

    ACCESS CONTROL USING IMPERSONIZATION
    58.
    发明申请
    ACCESS CONTROL USING IMPERSONIZATION 审中-公开

    公开(公告)号:US20200287942A1

    公开(公告)日:2020-09-10

    申请号:US16880886

    申请日:2020-05-21

    Applicant: Amazon Technologies, Inc.

    Inventor: Gregory Branchek Roth Matthew James Wren Brian Irl Pratt

    IPC: H04L29/06 H04L9/32 G06F21/33 G06F21/60

    Abstract: A first service submits a request to a second service on behalf of a customer of a service provider. The request may have been triggered by a request of the customer to the first service. To process the request, the second service evaluates one or more policies to determine whether fulfillment of the request is allowed by policy associated with the customer. The one or more policies may state one or more conditions on one or more services that played a role in submission of the request. If determined that the policy allows fulfillment of the request, the second service fulfills the request.

    Session negotiations
    59.
    发明授权
    Session negotiations 有权

    公开(公告)号:US10601789B2

    公开(公告)日:2020-03-24

    申请号:US15823450

    申请日:2017-11-27

    Applicant: Amazon Technologies, Inc.

    Inventor: Gregory Branchek Roth Matthew James Wren Eric Jason Brandwine Brian Irl Pratt

    IPC: H04L29/06 H04L9/08 H04L9/14 H04L9/32 H04L9/16

    Abstract: A plurality of devices are each operable to provide information that is usable for to prove authorization with any of the other devices. The devices may have common access to a cryptographic key. A device may use the cryptographic key to encrypt a session key and provide both the session key and the encrypted session key. Requests to any of the devices can include the encrypted session key and a digital signature generated using the session key. In this manner, a device that receives the request can decrypt the session key and use the decrypted session key to verify the digital signature.

Patent Agency Ranking