公开(公告)号：US09455963B1

公开(公告)日：2016-09-27

申请号：US14575676

申请日：2014-12-18

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine

IPC: H04L9/32 ,  H04L29/06 ,  G06F1/26 ,  G08B29/00

CPC classification number: H04L63/061 ,  H04L63/0464

Abstract: An encryption key not accessible outside a data storage device can be used to encrypt data stored in that device. The received data may have been encrypted under an external key, such as a key associated with a customer of a data storage service. Upon receiving the data encrypted under the external key, the data can be decrypted using a copy of the external key and then re-encrypted, inside the data storage device, using the internal key. If the external key is to be rotated, the stored data does not need to be modified as the data can be decrypted using the internal key and then re-encrypted using the new external key in response to an authorized request for the data after the change to the new external key. Such an approach provides near instant key rotation while not having to re-encrypt data under the new key unless requested.

Abstract translation: 可以使用在数据存储设备之外不可访问的加密密钥来加密存储在该设备中的数据。 所接收的数据可以在外部密钥（例如与数据存储服务的客户相关联的密钥）下被加密。 在接收到外部密钥加密的数据之前，可以使用外部密钥的副本解密数据，然后使用内部密钥重新加密数据存储设备内的数据。 如果要旋转外部密钥，则不需要修改存储的数据，因为可以使用内部密钥对数据进行解密，然后使用新的外部密钥重新加密，以响应更改后的数据的授权请求。 到新的外部键。 这种方法提供近即时密钥旋转，而不需要重新加密新密钥下的数据，除非请求。

公开(公告)号：US20160248593A1

公开(公告)日：2016-08-25

申请号：US15146836

申请日：2016-05-04

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Graeme David Baer

IPC: H04L9/32 ,  H04L9/30 ,  H04L29/06 ,  H04L9/14

CPC classification number: H04L9/3247 ,  H04L9/14 ,  H04L9/3213 ,  H04L63/0807 ,  H04L2463/062

Abstract: A system and method wherein an authentication request to verify authentication information submitted to a first system in connection with a first request submitted to the first system is received from the first system. A response to the authentication request is generated that includes information usable by a second system to make, without communicating with the authentication system, based at least in part on the information and one or more cryptographic processes, a determination whether fulfillment of a second request from the first system is allowable under authority of the authentication system, with the determination being based at least in part on policy information included in the information that specifies one or more policies applicable to an identity that is associated with the first request. The response generated is provided to the first system.

Abstract translation: 一种系统和方法，其中从第一系统接收到验证提交给提交给第一系统的认证信息的认证请求与第一系统提交的第一请求相关联。 生成对认证请求的响应，其包括由第二系统可用的信息，至少部分地基于该信息和一个或多个密码处理而进行认证系统的通信，确定是否满足第二请求 所述第一系统在所述认证系统的权限下是允许的，所述确定至少部分地基于所述信息中包括的策略信息，所述策略信息指定适用于与所述第一请求相关联的身份的一个或多个策略。 生成的响应被提供给第一系统。

公开(公告)号：US09424429B1

公开(公告)日：2016-08-23

申请号：US14083227

申请日：2013-11-18

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Quynh Khac Nguyen

IPC: H04L29/06 ,  G06F21/57

CPC classification number: H04L63/205 ,  G06F21/45 ,  G06F21/604 ,  H04L63/083 ,  H04L67/1002

Abstract: A configurable load balancer can be utilized in a multi-tenant environment, where the load balancer can incorporate, or utilize, an account management service operable to perform security tasks such as authentication, authorization, and session management. Customers can utilize the load balancer to control access that users have to resources associated with those customers, without having to build and maintain a dedicated user management system. By implementing security functionality at the load balancer level, traffic can be managed before reaching the resources, which can help to reduce traffic and load on the resources, and can also help to prevent attacks and secure sensitive information. Visibility into the traffic through the load balancer also allows for behavior and usage monitoring, which is helpful for tasks such as billing and usage limit enforcement.

Abstract translation: 可以在多租户环境中使用可配置的负载平衡器，其中负载平衡器可以并入或利用可操作以执行诸如认证，授权和会话管理的安全任务的帐户管理服务。 客户可以利用负载平衡器来控制用户对与这些客户相关资源的访问，而无需构建和维护专用的用户管理系统。 通过在负载平衡器级别实现安全功能，可以在到达资源之前管理流量，这有助于减少资源的流量和负载，还可以帮助防止攻击和保护敏感信息。 通过负载平衡器对流量的可见性也允许行为和使用监控，这对于诸如计费和使用限制执行等任务是有帮助的。

公开(公告)号：US09407440B2

公开(公告)日：2016-08-02

申请号：US13922875

申请日：2013-06-20

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Matthew James Wren

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/08 ,  H04L9/14

CPC classification number: H04L9/083 ,  G06F21/6209 ,  H04L9/0822 ,  H04L9/0825 ,  H04L9/0894 ,  H04L9/14 ,  H04L63/0435 ,  H04L63/06

Abstract: Data is encrypted such that multiple keys are needed to decrypt the data. The keys are accessible to different entities so that no single entity has access to all the keys. At least one key is managed by a service provider. A customer computer system of the service provider may be configured with executable instructions directing the orchestration of communications between the various entities having access to the keys. As a result, security compromise in connection with a key does not, by itself, render the data decryptable.

Abstract translation: 数据被加密，使得需要多个密钥来解密数据。 密钥可以访问不同的实体，以便没有一个实体可以访问所有的密钥。 至少一个密钥由服务提供商管理。 服务提供商的客户计算机系统可以配置有指导在具有访问密钥的各种实体之间的通信协调的可执行指令。 因此，与密钥相关的安全性妥协本身不会使数据可解密。

公开(公告)号：US09405920B1

公开(公告)日：2016-08-02

申请号：US14284266

申请日：2014-05-21

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Gregory Alan Rubin ,  Matthew John Campagna ,  Petr Praus

IPC: G06F21/00 ,  G06F21/60 ,  G06F21/64

CPC classification number: H04L63/123 ,  G06F21/602 ,  G06F21/604 ,  G06F21/64 ,  G06F21/645 ,  H04L63/061

Abstract: A system performs cryptographic operations utilizing information usable to verify validity of plaintext. To prevent providing information about a plaintext by providing the information usable to verify the validity of the plaintext, the system provides the information usable to verify validity of the plaintext to an entity on a condition that the entity is authorized to access the plaintext. The information usable to verify validity of the plaintext may be persisted in ciphertext along with the plaintext to enable the plaintext to be verified when decrypted.

Abstract translation: 系统利用可用于验证明文有效性的信息来执行加密操作。 为了通过提供可用于验证明文有效性的信息来防止提供关于明文的信息，在实体被授权访问明文的条件下，系统提供可用于验证明文的有效性的信息给实体。 可用于验证明文有效性的信息可以与明文一起保持密文，以便在解密时能够验证明文。

公开(公告)号：US20160197937A1

公开(公告)日：2016-07-07

申请号：US15068446

申请日：2016-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Gregory Alan Rubin

IPC: H04L29/06 ,  G06F12/14

CPC classification number: H04L63/108 ,  G06F12/1408 ,  G06F21/31 ,  G06F21/34 ,  G06F21/71 ,  G06F2212/1052 ,  H04L63/0838 ,  H04L63/0853 ,  H04L63/0876

Abstract: A hardware secret is securely maintained in a computing device. The device operates in accordance with a usage limit corresponding to a limited number of operations using the hardware secret that the device is able to perform. Once the device reaches a usage limit, the device becomes temporarily or permanently unable to perform additional operations using the hardware secret.

Abstract translation: 安全地维护计算设备中的硬件秘密。 该设备根据使用设备能够执行的硬件密码的有限数量的操作的使用限制进行操作。 一旦设备达到使用限制，设备将暂时或永久地无法使用硬件密码执行其他操作。

公开(公告)号：US20160196438A1

公开(公告)日：2016-07-07

申请号：US15069851

申请日：2016-03-14

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Eric Jason Brandwine ,  Matthew James Wren

IPC: G06F21/60 ,  G06F21/62

CPC classification number: G06F21/602 ,  G06F21/6218 ,  G06F21/6254

Abstract: A service proxy services as an application programming interface proxy to a service, which may involve data storage. When a request to store data is received by the service proxy, the service proxy encrypts the data and stores the data in encrypted form at the service. Similarly, when a request to retrieve data is received by the service proxy, the service proxy obtains encrypted data from the service and decrypts the data. The data may be encrypted using a key that is kept inaccessible to the service.

公开(公告)号：US09374368B1

公开(公告)日：2016-06-21

申请号：US14149721

申请日：2014-01-07

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Gregory Alan Rubin

IPC: H04L29/06

CPC classification number: H04L63/083 ,  H04L63/0846 ,  H04L63/10 ,  H04L63/123

Abstract: A distributed passcode verification system includes devices that each have a hardware secret and that are each able to perform a limited number of verifications using their hardware secrets. Passcode verifiers receive passcode information from a passcode information manager. The passcode information provides information usable, with a hardware secret, to verify passcodes provided to a verifier.

Abstract translation: 分布式密码验证系统包括各自具有硬件秘密并且能够使用其硬件秘密来执行有限数量验证的设备。 密码验证器从密码信息管理器接收密码信息。 密码信息提供了具有硬件秘密的可用信息，以验证提供给验证者的密码。

公开(公告)号：US09369461B1

公开(公告)日：2016-06-14

申请号：US14149698

申请日：2014-01-07

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Gregory Alan Rubin ,  Nachiketh Rao Potlapally

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/0838

Abstract: A hardware secret is securely maintained in a computing device. The hardware secret is used to generate a hash of a passcode that is persistently stored for later use in verification. When a passcode is received as part of an authentication attempt, the hardware secret is used to generate a reference hash of the received passcode that is then compared with the persistently stored hash to determine whether there is a match.

Abstract translation: 安全地维护计算设备中的硬件秘密。 硬件秘密用于生成密码的哈希值，该密码将被永久存储以供以后用于验证。 当作为认证尝试的一部分接收到密码时，硬件秘密用于生成接收到的密码的参考散列，然后与持久存储的散列进行比较以确定是否存在匹配。

公开(公告)号：US20160134623A1

公开(公告)日：2016-05-12

申请号：US15001175

申请日：2016-01-19

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Aaron Douglas Dokey ,  Eric Jason Brandwine ,  Nathan Bartholomew Thomas

IPC: H04L29/06

CPC classification number: H04L63/0823 ,  G06F21/53 ,  G06F21/56 ,  G06F21/575 ,  H04L9/3268 ,  H04L63/062 ,  H04L63/123

Abstract: Techniques for managing secure execution environments provided as a service to computing resource service provider customers are described herein. A request to launch a secure execution environment is received from a customer and fulfilled by launching a secure execution environment on a selected computer system. The secure execution environment is then validated and upon a successful validation, one or more applications are provided to the secure execution environment to be executed within the secure execution environment. As additional requests relating to managing the secure execution environment are received, operations are performed based on the requests.

Abstract translation: 本文描述了用于管理作为服务提供给计算资源服务提供商客户的安全执行环境的技术。 从客户接收到启动安全执行环境的请求，并通过在选定的计算机系统上启动安全执行环境来实现。 然后验证安全执行环境，并且在成功验证之后，将一个或多个应用程序提供给要在安全执行环境中执行的安全执行环境。 当接收到与管理安全执行环境有关的附加请求时，根据请求执行操作。