-
公开(公告)号:US20170279854A1
公开(公告)日:2017-09-28
申请号:US15618419
申请日:2017-06-09
Applicant: Amazon Technologies, Inc.
Inventor: HARSHA RAMALINGAM , DOMINIQUE IMJYA BREZINSKI , JESPER MIKAEL JOHANSSON , JON ARRON MCCLINTOCK , JAMES CONNELLY PETTS
IPC: H04L29/06
CPC classification number: H04L63/20 , G06F21/14 , G06F21/54 , G06F21/55 , H04L63/1491
Abstract: Disclosed are various embodiments for active data that tracks usage. The active data includes instructions that are executable by a computing device. The computing device is scanned to identify characteristics of the computing device. The characteristics of the computing device are utilized to determine whether the usage of the active data is authorized. Data is transmitted to a network service, including identifying information for the particular computing device and data that identifies a deployment of the active data.
-
公开(公告)号:US20170149762A1
公开(公告)日:2017-05-25
申请号:US15423980
申请日:2017-02-03
Applicant: Amazon Technologies, Inc.
Inventor: HARSHA RAMALINGAM , JESPER MIKAEL JOHANSSON , BHARATH KUMAR BHIMANAIK
IPC: H04L29/06
CPC classification number: H04L63/083 , H04L63/0815 , H04L63/102
Abstract: Disclosed are various embodiments relating to bootstrapping user authentication. A first security credential is received for a user account from a user. A first application is then authenticated with another computing device using the first security credential. After authenticating the first application, a bootstrap request is then sent to the other computing device for a second security credential to authenticate a second application without using the first security credential. The bootstrap request specifies a bootstrap session identifier. The second security credential is then received from the other computing device.
-
公开(公告)号:US20170195314A1
公开(公告)日:2017-07-06
申请号:US15467476
申请日:2017-03-23
Applicant: Amazon Technologies, Inc.
Inventor: WILLIAM ALEXANDER STRAND , JESPER MIKAEL JOHANSSON , LUAN KHAI NGUYEN
IPC: H04L29/06
CPC classification number: H04L63/083 , G06F21/45 , H04L63/0442 , H04L63/0815
Abstract: Disclosed are various embodiments for provisioning account credentials via a trusted channel. An account configuration manager automatically determines a credential reset format that is associated with an account. The account configuration manager then automatically requests a security credential reset for the account using the credential reset format. A security credential communication is received via a trusted channel of communication that is linked to the account for reset purposes. The account configuration manager parses the security credential communication to determine a security credential for the account.
-
公开(公告)号:US20170104721A1
公开(公告)日:2017-04-13
申请号:US15389343
申请日:2016-12-22
Applicant: Amazon Technologies, Inc.
Inventor: JON ARRON MCCLINTOCK , JESPER MIKAEL JOHANSSON , ANDREW JAY ROTHS
CPC classification number: H04L63/0254 , G08B21/18 , H04L41/06 , H04L63/0281 , H04L63/1425 , H04L63/1441 , H04L63/145 , H04L67/28
Abstract: Disclosed are various embodiments for malware detection by way of proxy servers. In one embodiment, a proxied request for a network resource from a network site is received from a client device by a proxy server application. The proxied request is analyzed to determine whether the proxied request includes protected information transmitted in an unsecured manner. It is then determined whether the network resource comprises malware based at least in part on an execution of the network resource or whether the proxied request includes the protected information transmitted in the unsecured manner. The proxy server application refrains from sending data generated by the network resource to the client device in response to the proxied request when the network resource is determined to comprise the malware.
-
公开(公告)号:US20150067830A1
公开(公告)日:2015-03-05
申请号:US14012520
申请日:2013-08-28
Applicant: Amazon Technologies, Inc.
Inventor: JESPER MIKAEL JOHANSSON , ERIC JASON BRANDWINE
IPC: H04L29/06
CPC classification number: G06F21/566 , G06F21/53 , G06F21/554 , G06F21/568 , G06Q30/0601 , H04L63/12 , H04L63/14 , H04L63/1408 , H04W12/10 , H04W12/12
Abstract: Disclosed are various embodiments for performing security verifications for dynamic applications. An instance of an application is executed. During runtime, it is determined whether the application is accessing dynamically loaded code from a network site. In one embodiment, the access may be detected via the use of a particular application programming interface (API). In another embodiment, the access may be detected via the loading of downloaded data into an executable portion of memory. A security evaluation is performed on the dynamically loaded code, and an action is initiated responsive to the security evaluation.
Abstract translation: 公开了用于对动态应用进行安全验证的各种实施例。 执行应用程序的一个实例。 在运行时,确定应用程序是否从网站访问动态加载的代码。 在一个实施例中,可以通过使用特定应用编程接口(API)来检测访问。 在另一个实施例中,可以通过将下载的数据加载到存储器的可执行部分中来检测访问。 对动态加载的代码执行安全性评估,并且响应于安全评估启动一个操作。
-
Patent Agency Ranking
公开(公告)号:US20190075100A1
公开(公告)日:2019-03-07
申请号:US16178990
申请日:2018-11-02
Applicant: Amazon Technologies, Inc.
Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate data. The first circuitry is incapable of determining the data due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.
-
公开(公告)号:US20180026971A1
公开(公告)日:2018-01-25
申请号:US15688207
申请日:2017-08-28
Applicant: Amazon Technologies, Inc.
CPC classification number: H04L63/0838 , G06F21/31 , H04L63/0853 , H04W12/06
Abstract: Disclosed are various embodiments for a computing device with an integrated authentication token. The computing device includes first circuitry having a processor and a memory and providing general-purpose computing capability. The computing device also includes second circuitry configured to generate data. The first circuitry is incapable of determining the data due to a separation from the second circuitry, and the first and second circuitry may be in a single enclosure.
-
公开(公告)号:US20170171161A1
公开(公告)日:2017-06-15
申请号:US15445054
申请日:2017-02-28
Applicant: Amazon Technologies, Inc.
Inventor: JESPER MIKAEL JOHANSSON , DARREN ERNEST CANAVOR , JON ARRON MCCLINTOCK
IPC: H04L29/06
CPC classification number: H04L63/0281 , H04L63/08 , H04L63/10 , H04L63/20
Abstract: Disclosed are various embodiments for management of third-party accounts for users in an organization. A request is received from a client corresponding to a user in an organization to access a third-party network site under management by the organization. The third-party network site is operated by a third party that does not correspond to the organization. It is determined whether network traffic between the client and the third-party network site is routed via a proxy server operated by the organization. Access of the client to a managed account with the third-party network site is denied in response to determining that the network traffic between the client and the third-party network site is not routed via the proxy server.
-
公开(公告)号:US20170048230A1
公开(公告)日:2017-02-16
申请号:US15335853
申请日:2016-10-27
Applicant: Amazon Technologies, Inc.
Inventor: JESPER MIKAEL JOHANSSON , DARREN ERNEST CANAVOR , DANIEL WADE HITCHCOCK , CHANDRA SEKHAR VENKATA BHANU VIJYAPURPU
IPC: H04L29/06
CPC classification number: H04L63/083 , G06Q20/4014 , G06Q20/40145 , H04L9/3231 , H04L9/3271 , H04L63/08 , H04L63/0861 , H04W4/02 , H04W4/80
Abstract: Disclosed are various embodiments that perform confidence-based authentication of a user. An identification of a user account is obtained from a user, and a minimum confidence threshold is determined. Multiple authentication challenges are presented to the user. Responses are obtained from the user to a subset of the challenges, with each response having a corresponding authentication point value. A confidence score is generated for the user, where the confidence score is increased by the respective authentication point values of the correct responses. The user is authenticated as being associated with the user account in response to determining that the confidence score meets the minimum confidence threshold.
Abstract translation: 公开了执行用户的基于置信度的认证的各种实施例。 从用户获得用户帐户的识别,并确定最小置信阈值。 向用户呈现多个认证挑战。 响应从用户获得到挑战的子集,每个响应具有对应的认证点值。 为用户生成置信度得分,其中置信度得分增加了正确响应的相应认证点值。 响应于确定置信度得分满足最小置信阈值,用户被认证为与用户帐户相关联。
-
公开(公告)号:US20150319189A1
公开(公告)日:2015-11-05
申请号:US14709003
申请日:2015-05-11
Applicant: Amazon Technologies, Inc.
CPC classification number: H04L63/08 , G06F21/55 , H04L29/06 , H04L63/123 , H04L63/1466 , H04L67/02
Abstract: Methods and systems for protecting websites from cross-site scripting are disclosed. A request for a web page comprising a web page element is received from a client. It is determined if the web page comprises a data integrity token for the web page element. It is also determined if a value of the data integrity token matches an expected value. If the web page comprises the data integrity token and if the value matches the expected value, the web page comprising the web page element is sent to the client. If the web page does not comprise the data integrity token or if the value does not match the expected value, a protective operation is performed.
Abstract translation: 披露了用于保护网站免受跨站脚本影响的方法和系统。 从客户端接收到包括网页元素的网页的请求。 确定网页是否包括网页元素的数据完整性令牌。 还确定数据完整性令牌的值是否与预期值相匹配。 如果网页包括数据完整性令牌,并且如果该值与期望值匹配,则包含网页元素的网页被发送到客户端。 如果网页不包含数据完整性令牌,或者如果该值与预期值不匹配,则执行保护操作。
-
-
-
-
-
-
-
-
-
Search Results
15
records
(took 0.017 seconds)
