公开(公告)号：US11258611B2

公开(公告)日：2022-02-22

申请号：US16246331

申请日：2019-01-11

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin Elias Seidenberg ,  Gregory Branchek Roth ,  Benjamin Tillman Farley

IPC: H04L9/32 ,  H04L9/08

Abstract: Electronically signed data is persistently stored in data storage. After the passage of time, the data may be accessed and presented to a trusted entity for verification of the data. The trusted entity may have access to secret information used to sign the data. The trusted entity may use the secret information to verify an electronic signature of the data. One or more actions may be taken based at least in part on a response provided by the verification system.

公开(公告)号：US11368300B2

公开(公告)日：2022-06-21

申请号：US16812085

申请日：2020-03-06

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Matthew John Campagna ,  Benjamin Elias Seidenberg

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/14 ,  H04L9/40

Abstract: A request to perform a cryptographic operation is received, the request including a first identifier assigned to a key group, the key group comprising a plurality of second identifiers, with the plurality of second identifiers corresponding to a plurality of cryptographic keys. A second identifier is determined, according to a distribution scheme, from the plurality of second identifiers, and the cryptographic operation is performed using a cryptographic key of the plurality of cryptographic keys that corresponds to the second identifier that was determined.

公开(公告)号：US20200213108A1

公开(公告)日：2020-07-02

申请号：US16812085

申请日：2020-03-06

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Matthew John Campagna ,  Benjamin Elias Seidenberg

IPC: H04L9/08 ,  H04L29/06 ,  H04L9/14

Abstract: A request to perform a cryptographic operation is received, the request including a first identifier assigned to a key group, the key group comprising a plurality of second identifiers, with the plurality of second identifiers corresponding to a plurality of cryptographic keys. A second identifier is determined, according to a distribution scheme, from the plurality of second identifiers, and the cryptographic operation is performed using a cryptographic key of the plurality of cryptographic keys that corresponds to the second identifier that was determined.

公开(公告)号：US20190149339A1

公开(公告)日：2019-05-16

申请号：US16246331

申请日：2019-01-11

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin Elias Seidenberg ,  Gregory Branchek Roth ,  Benjamin Tillman Farley

IPC: H04L9/32 ,  H04L9/08

Abstract: Electronically signed data is persistently stored in data storage. After the passage of time, the data may be accessed and presented to a trusted entity for verification of the data. The trusted entity may have access to secret information used to sign the data. The trusted entity may use the secret information to verify an electronic signature of the data. One or more actions may be taken based at least in part on a response provided by the verification system.

公开(公告)号：US10181953B1

公开(公告)日：2019-01-15

申请号：US14027843

申请日：2013-09-16

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin Elias Seidenberg ,  Gregory Branchek Roth ,  Benjamin Tillman Farley

IPC: H04L9/08 ,  H04L9/32

Abstract: Electronically signed data is persistently stored in data storage. After the passage of time, the data may be accessed and presented to a trusted entity for verification of the data. The trusted entity may have access to secret information used to sign the data. The trusted entity may use the secret information to verify an electronic signature of the data. One or more actions may be taken based at least in part on a response provided by the verification system.

公开(公告)号：US20180227124A1

公开(公告)日：2018-08-09

申请号：US15947690

申请日：2018-04-06

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Matthew John Campagna ,  Benjamin Elias Seidenberg

IPC: H04L9/08 ,  H04L9/14 ,  H04L29/06

CPC classification number: H04L9/0891 ,  H04L9/088 ,  H04L9/14 ,  H04L63/065

Abstract: A request a request to perform a cryptographic operation is received, the request including a first identifier assigned to a key group, the key group comprising a plurality of second identifiers, with the plurality of second identifiers corresponding to a plurality of cryptographic keys. A second identifier is determined, according to a distribution scheme, from the plurality of second identifiers, and the cryptographic operation is performed using a cryptographic key of the plurality of cryptographic keys that corresponds to the second identifier that was determined.

公开(公告)号：US09882956B1

公开(公告)日：2018-01-30

申请号：US13793054

申请日：2013-03-11

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Benjamin Elias Seidenberg

IPC: G06F15/16 ,  H04L29/08

CPC classification number: H04L67/02

Abstract: Techniques are disclosed for a device that presents a mass storage device to a computing environment, and which stores data written to the device by the computer in a network storage service. The device also presents files stored in the network storage service to the computer as though those files were stored on a mass storage device.

公开(公告)号：US09438421B1

公开(公告)日：2016-09-06

申请号：US14318375

申请日：2014-06-27

Applicant: Amazon Technologies, Inc.

Inventor： Gregory Branchek Roth ,  Matthew John Campagna ,  Benjamin Elias Seidenberg

IPC: H04L9/08

CPC classification number: H04L9/0891 ,  H04L9/088 ,  H04L9/14 ,  H04L63/065

Abstract: A system and method for receiving requests for performing cryptographic operations with a virtual key having a plurality of actual keys associated with the virtual key, determining which actual key of the plurality of actual keys to use for the cryptographic operation, performing the cryptographic operation using the actual key, and providing the result of performing the cryptographic operation.

Abstract translation: 一种用于接收使用具有与所述虚拟键相关联的多个实际键的虚拟键执行加密操作的请求的系统和方法，确定用于所述密码操作的所述多个实际密钥中的哪个实际密钥，使用所述密码操作 实际密钥，并提供执行密码操作的结果。

公开(公告)号：US12200118B1

公开(公告)日：2025-01-14

申请号：US18141268

申请日：2023-04-28

Applicant: Amazon Technologies, Inc.

Inventor： Rajkumar Copparapu ,  Peter Da-Ming Zieske ,  Benjamin Elias Seidenberg ,  Justin Jon Derby

IPC: H04L9/08 ,  G06F9/54 ,  H04L9/06

Abstract: A computer-implemented method for providing cryptographic services, including providing key pairs. A key management service receives a web service application programming interface or other such request to generate a key pair. To respond to the request, the key management service obtains a pregenerated key pair that is securely stored and provides the key pair in response to the request.

公开(公告)号：US10587597B1

公开(公告)日：2020-03-10

申请号：US15176048

申请日：2016-06-07

Applicant: Amazon Technologies, Inc.

Inventor： Benjamin Elias Seidenberg ,  Gregory Alan Rubin

IPC: H04L29/06

Abstract: A service includes an associated service request throttling system. The throttling system constrains the rate at which service requests are fulfilled by the service, and also provides throttling information to the service. The throttling system controls service throughput by implementing a throttling bucket. The throttling bucket has an associated bucket level which indicates, to the service, an amount of service requests that can be satisfied before throughput limitations are imposed by the throttling system. The bucket level may be modified in response to service requests, service request characteristics, or environmental parameters. In some examples, operational parameters of the throttling system may be configured by users of the service to constrain data exfiltration. The bucket level itself may be used by the service to expand or constrain access privileges granted to particular users.