知搜-全球专利检索

  1. Login
  2. Sign Up

Search Results

10 records (took 0.013 seconds)

    SYSTEM AND METHOD FOR RECOGNIZING MALICIOUS CREDENTIAL GUESSING ATTACKS
    1.
    发明申请
    SYSTEM AND METHOD FOR RECOGNIZING MALICIOUS CREDENTIAL GUESSING ATTACKS 审中-公开
    用于识别恶意证据侵权攻击的系统和方法

    公开(公告)号:US20160173485A1

    公开(公告)日:2016-06-16

    申请号:US15052789

    申请日:2016-02-24

    Applicant: Amazon Technologies, Inc.

    Inventor: Stefan Popoveniuc Cristian Marius Ilac Gregory Branchek Roth Eric J. Brandwine

    IPC: H04L29/06

    CPC classification number: H04L63/083 G06F21/316 G06F21/552 H04L63/08 H04L63/102 H04L63/1433 H04L63/1441 H04L63/20

    Abstract: A first identity claim and a first attempt to prove password possession are received. As a result of determining that the first attempt to prove password possession is a match to a password in a set of passwords, but that the first identity claim is a mismatch to an identity that corresponds to the password, an authentication process that includes incrementing a counter associated with the password is performed. A second identity claim and a second attempt to prove password possession is received. As a result of determining that the second attempt to prove password possession is a match to the password, an authentication process that includes incrementing the counter associated with the password only if the second identity claim is a mismatch to the first identity claim is performed.

    Abstract translation: 收到第一个身份声明和首次尝试证明密码占有。 作为确定证明密码占有的第一次尝试与一组密码中的密码匹配的结果,但是第一身份声明与对应于该密码的身份不匹配,认证过程包括增加一个 执行与密码相关联的计数器。 接收到第二个身份声明和第二次证明密码占有的尝试。 作为确定证明密码占有的第二尝试与密码匹配的结果,执行认证处理,其仅在第二身份声明与第一身份声明不匹配时才包括增加与密码相关联的计数器。

    System and method for recognizing malicious credential guessing attacks
    2.
    发明授权
    System and method for recognizing malicious credential guessing attacks 有权

    公开(公告)号:US10454922B2

    公开(公告)日:2019-10-22

    申请号:US15052789

    申请日:2016-02-24

    Applicant: Amazon Technologies, Inc.

    Inventor: Stefan Popoveniuc Cristian Marius Ilac Gregory Branchek Roth Eric J. Brandwine

    IPC: H04L29/06 G06F21/31 G06F21/55

    Abstract: A first identity claim and a first attempt to prove password possession are received. As a result of determining that the first attempt to prove password possession is a match to a password in a set of passwords, but that the first identity claim is a mismatch to an identity that corresponds to the password, an authentication process that includes incrementing a counter associated with the password is performed. A second identity claim and a second attempt to prove password possession is received. As a result of determining that the second attempt to prove password possession is a match to the password, an authentication process that includes incrementing the counter associated with the password only if the second identity claim is a mismatch to the first identity claim is performed.

    System and method for recognizing malicious credential guessing attacks
    7.
    发明授权
    System and method for recognizing malicious credential guessing attacks 有权
    识别恶意凭据猜测攻击的系统和方法

    公开(公告)号:US09276919B1

    公开(公告)日:2016-03-01

    申请号:US13940625

    申请日:2013-07-12

    Applicant: Amazon Technologies, Inc.

    Inventor: Stefan Popoveniuc Cristian Marius Ilac Gregory Branchek Roth Eric J. Brandwine

    IPC: H04L29/06 G06F21/55

    CPC classification number: H04L63/083 G06F21/316 G06F21/552 H04L63/08 H04L63/102 H04L63/1433 H04L63/1441 H04L63/20

    Abstract: In certain embodiments, a system having a memory and a processor. The memory is operable to store a credential verifier associated with a user account and a counter. The processor is coupled to the memory and the memory includes executable instructions that cause the system to receive a first authentication attempt and increment the counter if validation of the first authentication attempt against the credential verifier fails. The instructions also cause the system to receive a second authentication attempt and increment the counter only if validation of the second authentication attempt against the credential verifier fails and the second authentication attempt is distinct from the first authentication attempt.

    Abstract translation: 在某些实施例中,具有存储器和处理器的系统。 存储器可操作地存储与用户帐户和计数器相关联的凭证验证器。 处理器耦合到存储器,并且存储器包括可执行指令,其使得系统接收第一认证尝试,并且如果针对证书验证器的第一认证尝试的验证失败则递增计数器。 指令还使得系统接收第二认证尝试,并且只有当对证书验证者的第二认证尝试的验证失败并且第二认证尝试与第一认证尝试不同时才递增计数器。

    Cryptographic material renewal
    10.
    发明授权
    Cryptographic material renewal 有权
    加密材料更新

    公开(公告)号:US09552485B1

    公开(公告)日:2017-01-24

    申请号:US14520168

    申请日:2014-10-21

    Applicant: Amazon Technologies, Inc.

    Inventor: Todd Lawrence Cignetti Andrew Jeffrey Doane Stefan Popoveniuc Matthew Allen Estes Alexander Edward Schoof Robert Eric Fitzgerald Peter Zachary Bowen

    IPC: H04L29/06 G06F21/60 H04L9/32

    CPC classification number: G06F21/602 G06F8/65 H04L9/3263

    Abstract: A method and apparatus for renewing cryptographic material are disclosed. In the method and apparatus a cryptographic material renewal entity of a computing resource service provider detects that cryptographic material stored by a secure module is to be renewed. Renewing the cryptographic material may include rekeying a private key associated with a certificate. Further, a digital certificate may be renewed, and the renewed certificate may be provided for use by the computing resource. The cryptographic material is used to fulfill requests made by a computing resource provisioned by the computing resource service provider for a customer. The renewed cryptographic material is provided to the secure module, whereby the renewed cryptographic material is used by the secure module to fulfill further requests made by the computing resource.

    Abstract translation: 公开了一种更新加密材料的方法和装置。 在方法和装置中,计算资源服务提供者的密码材料更新实体检测到由安全模块存储的密码资料将被更新。 更新加密材料可以包括重新键入与证书相关联的私钥。 此外,可以更新数字证书,并且可以提供更新的证书供计算资源使用。 加密材料用于满足由计算资源服务提供商为客户提供的计算资源所做的请求。 更新的加密材料被提供给安全模块,由此安全模块使用更新的密码材料来完成由计算资源进一步的请求。

Patent Agency Ranking