公开(公告)号：US20190036901A1

公开(公告)日：2019-01-31

申请号：US16152132

申请日：2018-10-04

Applicant: Amazon Technologies, Inc.

Inventor： Marc J. Brooker ,  Mark Joseph Cavage ,  David Brown ,  Kevin Ross O'Neill ,  Eric Jason Brandwine ,  Christopher Richard Jacques de Kadt

IPC: H04L29/06 ,  G06F21/44

Abstract: A plurality of virtual computing resources is detected to have been provisioned. Credentials are distributed to the plurality of virtual computing resources. A credentials map that maps the credentials to the plurality of virtual computing resources is updated. The credentials for the plurality of virtual computing resources are activated to enable the plurality of virtual computing resources to use the credentials to authenticate to a second computer system that manages a resource service, with the credentials being inaccessible to resources of the resource service. A virtual computing resource of the plurality of virtual computing resources is detected to been deprovisioned, and the credentials for the virtual computing resource are deactivated.

公开(公告)号：US09985969B1

公开(公告)日：2018-05-29

申请号：US13853926

申请日：2013-03-29

Applicant: Amazon Technologies, Inc.

Inventor： Mark Joseph Cavage ,  John Cormie ,  Nathan R. Fitch ,  Don Johnson ,  Peter Sirota

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/60

CPC classification number: H04L63/10 ,  G06F21/604 ,  G06F21/6218 ,  G06F2221/2141 ,  H04L63/0227 ,  H04L63/102 ,  H04L63/20

Abstract: Techniques are described for managing access to computing-related resources that, for example, may enable multiple distinct parties to independently control access to the resources (e.g., such that a request to access a resource succeeds only if all of multiple associated parties approve that access). For example, an executing software application may, on behalf of an end user, make use of computing-related resources of one or more types that are provided by one or more remote third-party network services (e.g., data storage services provided by an online storage service)—in such a situation, both the developer user who created the software application and the end user may be allowed to independently specify access rights for one or more particular such computing-related resources (e.g., stored data files), such that neither the end user nor the software application developer user may later access those resources without the approval of the other party.

公开(公告)号：US09712325B2

公开(公告)日：2017-07-18

申请号：US14800591

申请日：2015-07-15

Applicant: Amazon Technologies, Inc.

Inventor： David R. Richardson ,  Mustafa I. Abrar ,  Don Johnson ,  John Cormie ,  Bradley Eugene Marshall ,  Mark Joseph Cavage

IPC: H04L9/32 ,  H04L29/06 ,  H04L29/08

CPC classification number: H04L9/3247 ,  H04L63/101 ,  H04L63/126 ,  H04L63/20 ,  H04L67/1097

Abstract: A system, method, and computer readable medium for managing secure content by CDN service providers are provided. A network storage provider stores one or more resources on behalf of a content provider. A CDN service provider obtains client computing device requests for secure content. Based on processing first signature information, the CDN service provider determines whether the secure content is available to the client computing device. If the CDN service provider does not maintain the requested content, the CDN service provider transmits a request to the network storage provider. Based on second signature information and an identifier associated with the CDN service provider, the network storage provider processes the request based policy information associated with the identifier.

公开(公告)号：US09443074B1

公开(公告)日：2016-09-13

申请号：US14099785

申请日：2013-12-06

Applicant: Amazon Technologies, Inc.

Inventor： Cornelle Christiaan Pretorius Janse Van Rensburg ,  Mark Joseph Cavage ,  Marc John Brooker ,  David Everard Brown ,  Abhinav Agrawal ,  Matthew S. Garman ,  Kevin Ross O'Neill ,  Eric Jason Brandwine ,  Christopher Richard Jacques de Kadt

IPC: H04L29/06 ,  G06F21/45

CPC classification number: G06F21/45 ,  H04L63/0823 ,  H04L63/20 ,  H04L67/1002

Abstract: Systems and methods for attesting to information about a computing resource involve electronically signed documents. For a computing resource, a document containing information about the resource is generated and electronically signed. The document may be provided to one or more entities as an attestation to at least some of the information contained in the document. Attestation to information in the document may be a prerequisite for performance of one or more actions that may be taken in connection with the computing resource.

公开(公告)号：US20130191645A1

公开(公告)日：2013-07-25

申请号：US13794415

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： David R. Richardson ,  Mustafa I. Abrar ,  Don Johnson ,  John Cormie ,  Bradley E. Marshall ,  Mark Joseph Cavage

IPC: H04L9/32

CPC classification number: H04L9/3247 ,  H04L63/101 ,  H04L63/126 ,  H04L63/20 ,  H04L67/1097

Abstract: A system, method, and computer readable medium for managing secure content by CDN service providers are provided. A network storage provider stores one or more resources on behalf of a content provider. A CDN service provider obtains client computing device requests for secure content. Based on processing first signature information, the CDN service provider determines whether the secure content is available to the client computing device. If the CDN service provider does not maintain the requested content, the CDN service provider transmits a request to the network storage provider. Based on second signature information and an identifier associated with the CDN service provider, the network storage provider processes the request based policy information associated with the identifier.

公开(公告)号：US10263978B1

公开(公告)日：2019-04-16

申请号：US14323959

申请日：2014-07-03

Applicant: Amazon Technologies, Inc.

Inventor： Mark Joseph Cavage ,  Bradley Jeffery Behm ,  Luis Felipe Cabrera

IPC: H04L29/06 ,  G06F21/62

Abstract: Systems and methods provide logic that validates a code generated by a user, and that executes a function of a programmatic interface after the user code is validated. In one implementation, a computer-implemented method performs a multifactor authentication of a user prior to executing a function of a programmatic interface. The method includes receiving, at a server, a user code through a programmatic interface. The server computes a server code in response to the user code, and compares the user code to the server code to determine that the user code corresponds to the server code. The server validates the user code and executes a function of the programmatic interface, after the user code is validated.

公开(公告)号：US20190089542A1

公开(公告)日：2019-03-21

申请号：US16195628

申请日：2018-11-19

Applicant: Amazon Technologies, Inc.

Inventor： David R. Richardson ,  Mustafa I. Abrar ,  Don Johnson ,  John Cormie ,  Bradley Eugene Marshall ,  Mark Joseph Cavage

IPC: H04L9/32 ,  H04L29/06 ,  H04L29/08

Abstract: A system, method, and computer readable medium for managing secure content by CDN service providers are provided. A network storage provider stores one or more resources on behalf of a content provider. A CDN service provider obtains client computing device requests for secure content. Based on processing first signature information, the CDN service provider determines whether the secure content is available to the client computing device. If the CDN service provider does not maintain the requested content, the CDN service provider transmits a request to the network storage provider. Based on second signature information and an identifier associated with the CDN service provider, the network storage provider processes the request based policy information associated with the identifier.

公开(公告)号：US10216921B1

公开(公告)日：2019-02-26

申请号：US15258980

申请日：2016-09-07

Applicant: Amazon Technologies, Inc.

Inventor： Cornelle Christiaan Pretorius Janse Van Rensburg ,  Mark Joseph Cavage ,  Marc John Brooker ,  David Everard Brown ,  Abhinav Agrawal ,  Matthew S. Garman ,  Kevin Ross O'Neill ,  Eric Jason Brandwine ,  Christopher Richard Jacques de Kadt

IPC: H04L29/06 ,  G06F21/45 ,  H04L29/08

Abstract: Systems and methods for attesting to information about a computing resource involve electronically signed documents. For a computing resource, a document containing information about the resource is generated and electronically signed. The document may be provided to one or more entities as an attestation to at least some of the information contained in the document. Attestation to information in the document may be a prerequisite for performance of one or more actions that may be taken in connection with the computing resource.

公开(公告)号：US10135620B2

公开(公告)日：2018-11-20

申请号：US15597841

申请日：2017-05-17

Applicant: Amazon Technologies, Inc.

Inventor： David R. Richardson ,  Mustafa I. Abrar ,  Don Johnson ,  John Cormie ,  Bradley Eugene Marshall ,  Mark Joseph Cavage

IPC: H04L9/32 ,  H04L29/06 ,  H04L29/08

Abstract: A system, method, and computer readable medium for managing secure content by CDN service providers are provided. A network storage provider stores one or more resources on behalf of a content provider. A CDN service provider obtains client computing device requests for secure content. Based on processing first signature information, the CDN service provider determines whether the secure content is available to the client computing device. If the CDN service provider does not maintain the requested content, the CDN service provider transmits a request to the network storage provider. Based on second signature information and an identifier associated with the CDN service provider, the network storage provider processes the request based policy information associated with the identifier.