公开(公告)号：US11520891B1

公开(公告)日：2022-12-06

申请号：US16710487

申请日：2019-12-11

Applicant: Amazon Technologies, Inc.

Inventor： Adi Karolitsky ,  Akram Baransi ,  Andrew Robert Sinton

IPC: G06F15/177 ,  G06F9/00 ,  G06F21/57 ,  H04L9/32 ,  G06F8/65 ,  H04L9/08

Abstract: A computer chip, such as an System on chip (SOC), can receive firmware updates having two separate signatures; a first of the signatures is used to authenticate the firmware using a processor within the computer chip, and a second of the signatures is used by a controller, separate from the processor. A first key, used by the processor to authenticate the firmware, can be a boot key that is hardwired in the computer chip. A second key, used by the controller, can be a key that is provided to the controller at any time and is updatable. The controller can suspend the processor so that the controller can perform a first authentication of the firmware using the second signature and the second key. If the authentication is successful, the controller can release the processor, which then uses the first key and the first signature to perform a second authentication.

公开(公告)号：US12235967B1

公开(公告)日：2025-02-25

申请号：US18323868

申请日：2023-05-25

Applicant: Amazon Technologies, Inc.

Inventor： Ori Cohen ,  Barak Wasserstrom ,  Andrew Robert Sinton

IPC: H04L29/06 ,  G06F21/57 ,  H04L9/30 ,  H04L9/32

Abstract: A modified measured boot approach is utilized for establishing a secure communication link between two devices. Each device may execute a respective boot process until the device reaches the stage responsible for establishing the communication link with the other device. Each device may exchange its respective self-signed certificate and extend its certificate chain with the self-signed certificate received from the other device. A secure link can be established using the public key of the other device as a based key for a key exchange protocol.

公开(公告)号：US11709941B1

公开(公告)日：2023-07-25

申请号：US17305135

申请日：2021-06-30

Applicant: Amazon Technologies, Inc.

Inventor： Ori Cohen ,  Barak Wasserstrom ,  Andrew Robert Sinton

IPC: H04L29/06 ,  G06F21/57 ,  H04L9/30 ,  H04L9/32

CPC classification number: G06F21/575 ,  H04L9/3073 ,  H04L9/3265 ,  G06F2221/034

Abstract: A modified measured boot approach is utilized for establishing a secure communication link between two devices. Each device may execute a respective boot process until the device reaches the stage responsible for establishing the communication link with the other device. Each device may exchange its respective self-signed certificate and extend its certificate chain with the self-signed certificate received from the other device. Each device can then generate a new pair of keys based on its extended certificate chain that includes the identity of the other device, and exchange the public key of the new key pair with the other device. A secure link can be established using the public key of the other device as a based key for a key exchange protocol. A central management entity can attest the measurements of the boot stages for each device using the corresponding public key.

公开(公告)号：US12223052B1

公开(公告)日：2025-02-11

申请号：US17695630

申请日：2022-03-15

Applicant: Amazon Technologies, Inc.

Inventor： Barak Wasserstrom ,  Ori Cohen ,  Andrew Robert Sinton

IPC: H04L9/08 ,  G06F21/54 ,  G06F21/57 ,  G06F21/60 ,  G06F21/76

Abstract: A boot process for a computing device, such as integrated circuit, includes security features that are inaccessible during certain operation modes. An image including permission to access those security features is received during the boot process and may be verified using one or more keys. In operation, access to the security features is permitted during the operation modes after the image is verified. Such an approach enables a boot process to permit access to certain features after receipt and verification of different images.

公开(公告)号：US12216921B1

公开(公告)日：2025-02-04

申请号：US17710489

申请日：2022-03-31

Applicant: Amazon Technologies, Inc.

Inventor： Erez Tsidon ,  Ori Cohen ,  Barak Wasserstrom ,  Andrew Robert Sinton ,  Asaf Modelevsky ,  Moshe Raz

IPC: G06F3/06

Abstract: Technologies are disclosed for using hardware-embedded monitors to monitor pages of local memory and detect attribute violations or other unauthorized operations relating to the memory. The attribute violations may include mismatches of attributes (e.g., designating a page as writeable versus executable or vice versa) in entries in a translation buffer that point to a same physical address or other mismatches between designations of attributes for a page in physical and virtual space. Responsive to detecting a violation, an alert or other mitigation protocol, which may include an audit of activities surrounding the violation, may be performed.