公开(公告)号：US11671451B1

公开(公告)日：2023-06-06

申请号：US16532297

申请日：2019-08-05

Applicant: Amazon Technologies, Inc.

Inventor： Sanjeev Gupta ,  Frederick David Sinn ,  Venkata Satish Kumar Vangala ,  John Mark Glotzer

IPC: H04L9/40

CPC classification number: H04L63/162 ,  H04L63/061 ,  H04L63/0869 ,  H04L63/0876

Abstract: A secure communication channel is established between network devices separated by an unsecured physical space by dynamically performing server/client resolution based on comparison of unique identifiers of the devices. After a link between a first network device and a second network device is established, the devices exchange start frames in accordance with a network security protocol such as the Media Access Control Security (MACsec) protocol. Comparison logic at the first network device compares a value of a unique identifier of the first network device to a value of a unique identifier of the second network device obtained from the start frame transmitted by the second network device, and vice versa. Based on the comparison, one of the devices assumes a server/authenticator role, and the other device assumes a client/supplicant role. The devices operate in their determined roles to perform an authentication process and thereby establish a secure communication channel.

公开(公告)号：US10057291B1

公开(公告)日：2018-08-21

申请号：US14938650

申请日：2015-11-11

Applicant: Amazon Technologies, Inc.

Inventor： John Mark Glotzer ,  Apisak Darakananda ,  Xiongwei Xie

IPC: H04L29/06

CPC classification number: H04L63/20 ,  H04L63/0263 ,  H04L63/101 ,  H04L63/1441

Abstract: Techniques and solutions are provided for assessing the semantic difference between networking access control lists (ACLs). For example, a semantic difference can be determined between an ACL that is currently deployed on a network device and an ACL that is a candidate for deployment. The semantic difference can be presented to a user to better understand what changes would be made to network traffic flow if the candidate ACL is deployed. The semantic difference can also be used in an automated manner to perform automatic deployment of the candidate ACL.