公开(公告)号：US10333946B1

公开(公告)日：2019-06-25

申请号：US15189493

申请日：2016-06-22

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik ,  Robert Ellis Lee

IPC: H04L29/06

Abstract: Disclosed are various embodiments for distributing and verifying ephemeral security credentials of variable entropy across channels of communication of variable levels of security assurance. In one embodiment, a security credential is generated for a user account. A subset of a set of communication channels associated with the user account is determined based at least in part on respective measures of entropy and/or security assurance corresponding to individual ones of the set of communication channels. The security credential is divided into multiple portions. A corresponding portion of the portions is sent across individual channels of subset of channels. A client computing device is authenticated for access to the user account based at least in part on receiving the portions of the security credential.

公开(公告)号：US09866393B1

公开(公告)日：2018-01-09

申请号：US14580111

申请日：2014-12-22

Applicant: Amazon Technologies, Inc.

Inventor： Dylan Harris Rush ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Jesper Mikael Johansson ,  Jon Arron McClintock

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L9/3247 ,  H04L9/3231 ,  H04L9/3234 ,  H04L9/3236

Abstract: A system and method for generating a signature for a document using an identity verification token. The identity verification token receives a request that includes a set of credential data from a signatory, obtains a document identifier that identifies the document to a service provider, and obtains a token identifier that identifies the identity verification token to the service provider. The identity verification token generates the signature based at least in part on the obtained document identifier, the received set of credential data, and obtained the token identifier, and provides the signature.

公开(公告)号：US09864852B2

公开(公告)日：2018-01-09

申请号：US14809762

申请日：2015-07-27

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik

IPC: G06F21/31 ,  H04L29/06

CPC classification number: G06F21/31 ,  G06F21/33 ,  G06F21/44 ,  H04L63/0838 ,  H04L63/0884 ,  H04L2463/082

Abstract: Disclosed are various embodiments for providing multi-factor authentication credentials. For example, a first application may send an authentication request to a first authentication service, where the request specifies a first authentication factor. A second application may generate a user interface upon a display, where the user interface facilitates entry of a user approval. In response to receiving the user approval, the second application may send a second authentication factor to a second authentication service that acts as a proxy for the first authentication service. In some embodiments, an application may be configured to automatically transfer a one-time password or other authentication factor to a recipient in response to receiving a user approval.

公开(公告)号：US09727737B1

公开(公告)日：2017-08-08

申请号：US14810275

申请日：2015-07-27

Applicant: Amazon Technologies, Inc.

Inventor： Daniel Wade Hitchcock ,  Darren Ernest Canavor ,  Jesper Mikael Johansson ,  Bharath Kumar Bhimanaik ,  Andrew Jay Roths

IPC: G06F21/00 ,  G06F21/57 ,  G06F3/0484

CPC classification number: G06F21/577 ,  G06F3/04842 ,  G06F3/04883 ,  G06F2221/033

Abstract: Computing devices are disclosed that include functionality for providing a trustworthy indication of software integrity. The computing devices include a hardware trust evaluation device capable of determining the trustworthiness of computer programs executing on the devices. At least one trust indicator is also connected to the hardware trust evaluation device for providing an external indication of the trustworthiness of a computer program. Additional security information regarding the trustworthiness of the computer program may be displayed on the primary display device of the computing device. The display of the security information is triggered by a user of the computing device submitting a request through a secure mechanism, where the request is unobservable and inaccessible to programs executing on the computing device. Additional secure mechanisms, such as a unique user interface for displaying the security information, can be utilized to ensure the authenticity of the displayed security information.

公开(公告)号：US09710368B1

公开(公告)日：2017-07-18

申请号：US14268801

申请日：2014-05-02

Applicant: Amazon Technologies, Inc.

Inventor： Pavan Gundeti ,  Jesper Mikael Johansson ,  Daniel Wade Hitchcock

IPC: G06F11/36

CPC classification number: G06F11/3688 ,  G06F11/3692

Abstract: Application developers may develop applications or portions of application that do not have a corresponding user interface. Testing non-user interface elements of an application may require application developers to develop corresponding user interface elements for all or a portion of the executable code included in the application. Developers may test non-user interface elements of an application or library by wrapping the executable code in a sample application managed by a test harness. The test harness may transmit test operations configured to test the non-user interface elements of the application to the sample application over an inter-process communication channel. The sample application may execute the test and return the results of the test to the test harness using inter-process communication methods.

公开(公告)号：US20170187702A1

公开(公告)日：2017-06-29

申请号：US15455169

申请日：2017-03-10

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik ,  Jon Arron McClintock

IPC: H04L29/06 ,  H04L29/08

CPC classification number: H04L63/08 ,  G06F21/10 ,  G06F21/602 ,  H04L9/08 ,  H04L9/14 ,  H04L29/06639 ,  H04L29/06646 ,  H04L63/0407 ,  H04L63/0414 ,  H04L63/0421 ,  H04L63/0428 ,  H04L67/306 ,  H04L2209/38

Abstract: Disclosed are various embodiments for correlating a first use case-specific entity identifier with a second use case-specific entity identifier. A chained entity identifier corresponds to the first use case-specific entity identifier. The chained entity identifier can include the second use case-specific entity identifier cryptographically wrapped by a use case-specific key. The second use case-specific entity identifier can be received from the chained entity identifier. The second use case-specific entity identifier can be correlated to the first use case-specific entity identifier.

公开(公告)号：US09674194B1

公开(公告)日：2017-06-06

申请号：US14207157

申请日：2014-03-12

Applicant: Amazon Technologies, Inc.

Inventor： Jon Arron McClintock ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Jonathan Kozolchyk

IPC: H04L29/06 ,  H04L9/32

CPC classification number: H04L63/10 ,  G06F21/10 ,  G06F21/33 ,  G06F21/34 ,  G06F21/604 ,  G06F21/6218 ,  H04L9/3234 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/102 ,  H04L63/12 ,  H04L63/123 ,  H04L63/126

Abstract: A resource owner or administrator submits a request to a permissions management service to create a permissions grant which may include a listing of actions a user may perform on a resource. Accordingly, the permissions management service may create the permissions grant and use a private cryptographic key to digitally sign the created permissions grant. The permissions management service may transmit this digitally signed permissions grant, as well as a digital certificate comprising a public cryptographic key for validating the permissions grant, to a target resource. The target resource may use the public cryptographic key to validate the digital signature of the permissions grant and determine whether a user is authorized to perform one or more actions based at least in part on a request from the user to perform these one or more actions on the resource.

公开(公告)号：US10554657B1

公开(公告)日：2020-02-04

申请号：US15665327

申请日：2017-07-31

Applicant: Amazon Technologies, Inc.

Inventor： Shariq Siddiqui ,  Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik ,  Natalie Nguyen ,  Annabelle Richard Backman

IPC: H04L29/06 ,  G10L17/00

Abstract: Disclosed are various embodiments for using an audio interface device to facilitate authentication for other devices. An authentication service causes a first client device to present an authentication code via an output device of the first client device. The authentication service receives the authentication code from a second client device. The second client device is in an authenticated state for access to an account, and the second client device received the authentication code from an environmental sensor while in a listening mode. The authentication service authenticates the first client device for access to the account in response to determining that the authentication code received from the second client device matches the authentication code presented by the first client device.

公开(公告)号：US10540269B2

公开(公告)日：2020-01-21

申请号：US15651225

申请日：2017-07-17

Applicant: Amazon Technologies, Inc.

Inventor： Pavan Gundeti ,  Jesper Mikael Johansson ,  Daniel Wade Hitchcock

IPC: G06F11/36

Abstract: Application developers may develop applications or portions of application that do not have a corresponding user interface. Testing non-user interface elements of an application may require application developers to develop corresponding user interface elements for all or a portion of the executable code included in the application. Developers may test non-user interface elements of an application or library by wrapping the executable code in a sample application managed by a test harness. The test harness may transmit test operations configured to test the non-user interface elements of the application to the sample application over an inter-process communication channel. The sample application may execute the test and return the results of the test to the test harness using inter-process communication methods.

公开(公告)号：US10362026B2

公开(公告)日：2019-07-23

申请号：US14809757

申请日：2015-07-27

Applicant: Amazon Technologies, Inc.

Inventor： Jesper Mikael Johansson ,  Darren Ernest Canavor ,  Daniel Wade Hitchcock ,  Bharath Kumar Bhimanaik

IPC: H04L29/06

Abstract: Disclosed are various embodiments for providing multi-factor authentication credentials. In one embodiment, in response to a request from an application, a notification is generated in a notification area of a display. Entry of a user approval is facilitated via the notification. In response to receiving the approval, a security credential is transferred to the application. In another embodiment, the security credential may be shown in the notification area so that a user may enter it in a form field of the application.