公开(公告)号：US20150172271A1

公开(公告)日：2015-06-18

申请号：US14629372

申请日：2015-02-23

Applicant: Amazon Technologies, Inc.

Inventor： MAXIMILIAN FRANCIS BARROWS ,  PAUL FRANCIS DEAN FERRARO ,  JASON GEORGE MCHUGH ,  ABRAHAM MARTIN PASSAGLIA ,  ANDREW JAY ROTHS ,  ERIC ALLAN SHELL

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/0846

Abstract: Approaches are described for automatically generating new security credentials, such as security tokens, which can involve automatically re-authenticating a user (or client device) using a previous security token issued to that user (or device). The re-authentication can happen without any knowledge and/or action on the part of the user. The re-authentication mechanism can invalidate and/or keep track of the previous security token, such that when a subsequent request is received that includes the previous security token, the new security token can be invalidated, and the user caused to re-authenticate, as receiving more than one request with the previous security token can be indicative that the user's token might have been stolen.

Abstract translation: 描述了用于自动生成新安全凭证（例如安全令牌）的方法，其可以涉及使用发给该用户（或设备）的先前安全令牌来自动重新认证用户（或客户端设备）。 重新认证可以在用户没有任何知识和/或动作的情况下发生。 重新认证机制可以使先前的安全令牌无效和/或跟踪，使得当接收到包括先前的安全令牌的后续请求时，新的安全令牌可以被无效，并且用户重新认证， 因为接收到具有先前的安全令牌的多个请求可以指示用户的令牌可能被盗。

公开(公告)号：US20170104721A1

公开(公告)日：2017-04-13

申请号：US15389343

申请日：2016-12-22

Applicant: Amazon Technologies, Inc.

Inventor： JON ARRON MCCLINTOCK ,  JESPER MIKAEL JOHANSSON ,  ANDREW JAY ROTHS

IPC: H04L29/06 ,  H04L12/24 ,  G08B21/18 ,  H04L29/08

CPC classification number: H04L63/0254 ,  G08B21/18 ,  H04L41/06 ,  H04L63/0281 ,  H04L63/1425 ,  H04L63/1441 ,  H04L63/145 ,  H04L67/28

Abstract: Disclosed are various embodiments for malware detection by way of proxy servers. In one embodiment, a proxied request for a network resource from a network site is received from a client device by a proxy server application. The proxied request is analyzed to determine whether the proxied request includes protected information transmitted in an unsecured manner. It is then determined whether the network resource comprises malware based at least in part on an execution of the network resource or whether the proxied request includes the protected information transmitted in the unsecured manner. The proxy server application refrains from sending data generated by the network resource to the client device in response to the proxied request when the network resource is determined to comprise the malware.