-
公开(公告)号:US10020942B2
公开(公告)日:2018-07-10
申请号:US15668644
申请日:2017-08-03
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darren E. Canavor , Jeffrey J. Fielding , Vaibhav Mallya , Darin Keith McAdams
CPC classification number: H04L9/3213 , H04L9/3239 , H04L29/06 , H04L63/0428 , H04L63/102 , H04L67/1097
Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.
-
公开(公告)号:US20170180389A1
公开(公告)日:2017-06-22
申请号:US15454986
申请日:2017-03-09
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darin Keith McAdams , Jeffrey J. Fielding , Vaibhav Mallya , Darren E. Canavor
IPC: H04L29/06
CPC classification number: H04L63/105 , H04L63/06 , H04L63/08 , H04L63/10 , H04L63/1408 , H04L63/20
Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.
-
公开(公告)号:US11451392B2
公开(公告)日:2022-09-20
申请号:US16029358
申请日:2018-07-06
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darren E. Canavor , Jeffrey J. Fielding , Vaibhav Mallya , Darin Keith McAdams
IPC: H04L29/00 , H04L9/32 , H04L9/40 , H04L67/1097
Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, An expiration time may be assigned to sensitive data, and expired data and associated tokens may be deleted.
-
公开(公告)号:US10356104B2
公开(公告)日:2019-07-16
申请号:US15990389
申请日:2018-05-25
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darin Keith McAdams , Jeffrey J. Fielding , Vaibhav Mallya , Darren E. Canavor
IPC: H04L29/06
Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.
-
公开(公告)号:US09250088B1
公开(公告)日:2016-02-02
申请号:US14044205
申请日:2013-10-02
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darren E. Canavor , Blake P. Hess , Jeffrey J. Fielding
CPC classification number: G01C21/26 , G01C21/3679 , H04W4/02
Abstract: Disclosed are various embodiments for discovery of public points of interest. Data identifying points of interest is obtained. Each point of interest is associated with a respective user and specifies a respective name and a respective geographic location. A public point of interest is determined based at least in part on a similarity of the respective names of a subset of the points of interest, a proximity of the respective geographic locations of the subset of the points of interest, and a number of different users associated with the subset of the points of interest.
-
Patent Agency Ranking
公开(公告)号:US20180278621A1
公开(公告)日:2018-09-27
申请号:US15990389
申请日:2018-05-25
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darin Keith McAdams , Jeffrey J. Fielding , Vaibhav Mallya , Darren E. Canavor
IPC: H04L29/06
CPC classification number: H04L63/105 , H04L63/06 , H04L63/08 , H04L63/10 , H04L63/1408 , H04L63/20
Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.
-
公开(公告)号:US09985974B2
公开(公告)日:2018-05-29
申请号:US15454986
申请日:2017-03-09
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darin Keith McAdams , Jeffrey J. Fielding , Vaibhav Mallya , Darren E. Canavor
IPC: H04L29/06
CPC classification number: H04L63/105 , H04L63/06 , H04L63/08 , H04L63/10 , H04L63/1408 , H04L63/20
Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.
-
公开(公告)号:US09756023B2
公开(公告)日:2017-09-05
申请号:US15235687
申请日:2016-08-12
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darren E. Canavor , Jeffrey J. Fielding , Vaibhav Mallya , Darin Keith McAdams
CPC classification number: H04L9/3213 , H04L9/3239 , H04L29/06 , H04L63/0428 , H04L63/102 , H04L67/1097
Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, access policies define authorizations regarding which entities are able to resolve a token to access the actual sensitive data.
-
公开(公告)号:US20160352695A1
公开(公告)日:2016-12-01
申请号:US15235687
申请日:2016-08-12
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darren E. Canavor , Jeffrey J. Fielding , Vaibhav Mallya , Darin Keith McAdams
CPC classification number: H04L9/3213 , H04L9/3239 , H04L29/06 , H04L63/0428 , H04L63/102 , H04L67/1097
Abstract: In some implementations, tokens that are representative of sensitive data may be used in place of the sensitive data to maintain the security of the sensitive data. For example, data may be separated into sensitive data and nonsensitive data, and at least the sensitive data is securely delivered to a data storage service. The data storage service generates a token that is representative of the sensitive data and stores the sensitive data as secure data. The data storage service may deliver the token to an entity that also receives the nonsensitive data, and the entity may use the token in place of the sensitive data. In some implementations, different tokens are generated each time the same piece of sensitive data is submitted for storage as secure data. Further, in some implementations, access policies define authorizations regarding which entities are able to resolve a token to access the actual sensitive data.
Abstract translation: 在一些实现中,可以使用代表敏感数据的令牌来代替敏感数据来维护敏感数据的安全性。 例如,数据可以分为敏感数据和非敏感数据,并且至少敏感数据被安全地传送到数据存储服务。 数据存储服务生成代表敏感数据的令牌,并将敏感数据存储为安全数据。 数据存储服务可以将令牌递送到也接收非敏感数据的实体,并且实体可以使用令牌代替敏感数据。 在某些实现中,每次提交相同的敏感数据作为安全数据存储时,会生成不同的令牌。 此外,在一些实现中,访问策略定义关于哪些实体能够解析令牌以访问实际敏感数据的授权。
-
公开(公告)号:US20190319963A1
公开(公告)日:2019-10-17
申请号:US16453929
申请日:2019-06-26
Applicant: Amazon Technologies, Inc.
Inventor: Jonathan Kozolchyk , Darin Keith McAdams , Jeffrey J. Fielding , Vaibhav Mallya , Darren E. Canavor
IPC: H04L29/06
Abstract: A security service enables service providers to register available services. Prospective service consumers may register with the security service to access a particular registered service, and may specify conditions for access that are subject to approval by the corresponding service provider. Based on the registrations of the service provider and the service consumer, the security service can define access policies that may be enforced to control the conditions under which a service consumer accesses or utilizes the particular service. Additionally, changes to the access policies may be propagated to running services in near real time. Some implementations enable masking of information provided to particular service consumers based on determined needs of each service consumer for access to particular information. In some instances, the service providers may provide log information to the security service, which may be monitored to identify anomalies, security breaches or the like.
-
-
-
-
-
-
-
-
-
Search Results
16
records
(took 0.016 seconds)
