-
公开(公告)号:US20160110716A1
公开(公告)日:2016-04-21
申请号:US14981740
申请日:2015-12-28
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
CPC classification number: G06Q20/4014 , G06K7/087 , G06Q20/204 , G06Q20/24 , G06Q20/3226 , G06Q20/3567 , G06Q2220/00 , G07F7/088
Abstract: A credit card reader is attached to a mobile device to process credit card transactions at the point of sale. A user of the credit card reader slides an authenticator card through the credit card reader to activate the credit card reader. Accordingly, the credit card reader may compare data stored in the authenticator card to an expected value for the data to determine whether the user is authorized to utilize the credit card reader. If there is a match, the credit card reader displays a unique password, known to the user, which the user can use to verify that the credit card reader is authentic. Further, if there is a match, the credit card reader may allow the user to process credit card transactions through the credit card reader.
Abstract translation: 信用卡阅读器附加到移动设备以在销售点处理信用卡交易。 信用卡读卡器的用户通过信用卡读卡器滑动认证卡以激活信用卡读卡器。 因此,信用卡读卡器可以将存储在认证卡中的数据与数据的预期值进行比较,以确定用户是否被授权使用信用卡读卡器。 如果有匹配,则信用卡读卡器显示用户已知的唯一密码,用户可以使用该密码来验证信用卡读卡器是否可信。 此外,如果存在匹配,信用卡读卡器可以允许用户通过信用卡读卡器处理信用卡交易。
-
公开(公告)号:US09230254B1
公开(公告)日:2016-01-05
申请号:US14135422
申请日:2013-12-19
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
CPC classification number: G06Q20/4014 , G06K7/087 , G06Q20/204 , G06Q20/24 , G06Q20/3226 , G06Q20/3567 , G06Q2220/00 , G07F7/088
Abstract: A credit card reader is attached to a mobile device to process credit card transactions at the point of sale. A user of the credit card reader slides an authenticator card through the credit card reader to activate the credit card reader. Accordingly, the credit card reader may compare data stored in the authenticator card to an expected value for the data to determine whether the user is authorized to utilize the credit card reader. If there is a match, the credit card reader displays a unique password, known to the user, which the user can use to verify that the credit card reader is authentic. Further, if there is a match, the credit card reader may allow the user to process credit card transactions through the credit card reader.
-
公开(公告)号:US12058148B2
公开(公告)日:2024-08-06
申请号:US16865005
申请日:2020-05-01
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
CPC classification number: H04L63/1416 , G06F16/25 , H04L63/1425 , H04L63/145 , G06N20/00
Abstract: Various embodiments of apparatuses and methods for distributed threat sensor analysis and correlation of a malware threat intelligence system are described. In some embodiments, the system comprises a plurality of threat sensors, deployed at different network addresses and physically located in different geographic regions in a provider network, which detect interactions from sources. In some embodiments, a distributed threat sensor analysis and correlation service obtains significance scores for different sources of the interactions with the plurality of threat sensors. The service determines which of the sources are malicious actors based on the significance scores. The service receives identifiers of known actors such as compute instances in the provider network, client devices in a client network, or deployed IoT devices in a remote network, and correlates the malicious actors with the known actors to identify which known actors might be infected by malware.
-
公开(公告)号:US11888745B2
公开(公告)日:2024-01-30
申请号:US16875899
申请日:2020-05-15
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
IPC: H04L47/125 , H04L9/40
CPC classification number: H04L47/125 , H04L63/166
Abstract: Network devices, such as load balancers may be configured to forward client metadata to back-end nodes using defined fields of a security protocol. For example, client metadata may be inserted into an extension field or certificate defined by a security protocol that is used for a secure connection between the load balancer and the back-end node. In some instances, a source IP address based on a received request may be inserted into the extension field or certificate defined by the security protocol before the request is forwarded to the back-end node. The back-end node may extract the client metadata and use the client metadata for any of a number of processes (e.g., billing, tracking, security, logging, etc.).
-
公开(公告)号:US11842224B1
公开(公告)日:2023-12-12
申请号:US15694151
申请日:2017-09-01
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
CPC classification number: G06F9/5083 , G06F9/4881
Abstract: Client application (112) submits request (118) to resource status service (110) for resource status data (“data”) regarding one or more computing resources (108) provided in a service provider network (102). The resource status service submits requests to the resources for the data. The resource status service provides a reply to the client application that includes any data received from the resources within a specified time. If all requested data was not received from the resources within the specified time the resource status service can also provide, in the reply, an identifier (“ID”) that identifies the request and can be utilized to identify and retrieve additional status data received at a later time. The client application can also submit additional requests for the status data, and may include the ID, may wait for additional data to be pushed to it, or may check a queue for the status data.
-
Patent Agency Ranking
公开(公告)号:US11595372B1
公开(公告)日:2023-02-28
申请号:US15688508
申请日:2017-08-28
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
Abstract: Techniques for data source driven expected network policy control are described. A policy enforcement service receives, from a compute instance in a virtual network implemented within a service provider system, a request to access data. The policy enforcement service determines that a virtual network security condition of a policy statement is not satisfied. The policy statement was configured by a user for use in controlling access to the data. The virtual network security condition defines a condition of the virtual network that is to be met. The policy enforcement service performs one or more security actions in response to the determination that the virtual network security condition of the policy statement is not satisfied.
-
公开(公告)号:US20210344689A1
公开(公告)日:2021-11-04
申请号:US16864999
申请日:2020-05-01
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
Abstract: Various embodiments of apparatuses and methods for distributed threat sensor data collection and data export of a malware threat intelligence system are described. In some embodiments, the system comprises a plurality of threat sensors, deployed at different network addresses and physically located in different geographic regions in a provider network, which detect interactions from sources. In some embodiments, a distributed threat sensor data collection and data export service receives a stream of sensor logs from the plurality of threat sensors. The stream of sensor logs has information about interactions with the threat sensors, including an identifier of the source. The service aggregates the information in the sensor logs by the source, computes significance scores for each source where a significance score quantifies a likelihood that the source is engaging in threatening network communications, and provides the significance scores to other destinations.
-
公开(公告)号:US10673779B1
公开(公告)日:2020-06-02
申请号:US15363890
申请日:2016-11-29
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
IPC: G06F15/173 , H04L12/911 , H04L12/927 , H04L12/26 , G06F9/46 , H04L29/14
Abstract: A resource allocation service can provide for the limited redelivery of events for processing using a set of virtual resources. A customer can provide code for execution, and the service can allocate resource instances configured to execute the code in response to various events. The processing for an event may not be completed by a single resource instance. When a resource instance is to end processing, the instance can capture state information to be returned as checkpoint data for the event. When the processing result is received, the service determines whether checkpoint data was included, which functions as a request for further processing. The service can then place the event data back in an event queue for redelivery and additional processing. A customer can specify a time limit or a retry limit such that an event can only undergo up to a maximum amount of processing before the event is failed.
-
公开(公告)号:US10649837B2
公开(公告)日:2020-05-12
申请号:US16179823
申请日:2018-11-02
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
Abstract: The flow of events though an event-analysis system is controlled by a number of event throttles which filter events, prioritize events and control the rate at which events are provided to event-processing components of the event-analysis system. Incoming events to the event-analysis system are associated with a profile, and a metrics engine generates metrics based on the incoming events for each profile. The flow of events to the metrics engine is controlled on a per profile basis, so that excessive generation of new metrics and new profiles is limited. If the system from which the events originate is compromised, metrics associated with compromised profiles may be frozen to avoid corrupting existing metrics. Processing of events and anomalies by analysis engines within the event-analysis system may be delayed to allow the accumulation of metrics necessary for accurate analysis.
-
公开(公告)号:US10609077B1
公开(公告)日:2020-03-31
申请号:US15382054
申请日:2016-12-16
Applicant: Amazon Technologies, Inc.
Inventor: Nima Sharifi Mehr
IPC: H04L29/06
Abstract: A customer of a resource allocation service can register a function to be executed using virtual resources, where the function includes customer code to be executed. Customer events are defined as triggers for a registered function, and a resource instance is allocated to execute the registered function when triggering event is detected. An identity role associated with the triggering function is used to obtain access credentials for any data source which a triggering event might require for processing. An event-specific access credential is generated that provides a subset of these access privileges using a template policy for the registered function that is filled with values specific to the triggering event. The filled template policy and base credential are used to generate an event-specific credential valid only for access needed for the event. This event-specific credential can be passed with the event data for processing by an allocated instance.
-
-
-
-
-
-
-
-
-
Search Results
151
records
(took 0.026 seconds)
