TRACEABLE KEY BLOCK-CHAIN LEDGER
    2.
    发明申请

    公开(公告)号:US20220014370A1

    公开(公告)日:2022-01-13

    申请号:US17388873

    申请日:2021-07-29

    Applicant: eBay Inc.

    Abstract: Techniques are shown for key management using a traceable key block-chain ledger involving creating a cryptographic key at a key source, generating a key block on a block-chain ledger corresponding to the cryptographic key, and securely modifying the key block to include metadata describing the key source. The techniques also involve performing a first key transaction with the cryptographic key, generating a first transaction block on the block-chain ledger corresponding to the first key transaction with the cryptographic key, linking the first transaction block to the key block and securely modifying the first transaction block to include metadata describing the first key transaction with the cryptographic key.

    DYNAMIC SOURCE VALUES FOR CONTENT SECURITY POLICIES

    公开(公告)号:US20250030738A1

    公开(公告)日:2025-01-23

    申请号:US18227089

    申请日:2023-07-27

    Applicant: eBay Inc.

    Abstract: Systems and methods dynamically generate content security policy (CSP) headers using CSP definitions having dynamic source values. When a request for a web application is received, a CSP definition corresponding to the web application and having a dynamic source value is retrieved from a repository of CSP definitions. A CSP header is generated based on the CSP definition. The CSP header includes a source value dynamically generated based on the dynamic source value and a domain associated with the requested web application. The CSP header is provided as a response header for the requested web application.

    TRACEABLE KEY BLOCK-CHAIN LEDGER
    4.
    发明申请

    公开(公告)号:US20200235926A1

    公开(公告)日:2020-07-23

    申请号:US16842690

    申请日:2020-04-07

    Applicant: eBay Inc.

    Abstract: Techniques are shown for key tracing using a traceable key block-chain ledger involving, in response to detection of an attack on a resource protected by a cryptographic key, retrieving a key block-chain ledger corresponding to the cryptographic key having one or more transaction blocks. Each transaction block corresponds to a key transaction with the cryptographic key and includes metadata describing the key transaction with the cryptographic key. Metadata from the transaction blocks in the key block-chain ledger is used to trace the key transactions of the cryptographic key to a point of attack. A transaction block corresponding to the point of attack is determined and an alert is generated indicating the point of attack with metadata from the transaction block corresponding to the point of attack.

    SELF-HEALING CONTENT SECURITY POLICIES

    公开(公告)号:US20250030747A1

    公开(公告)日:2025-01-23

    申请号:US18227099

    申请日:2023-07-27

    Applicant: eBay Inc.

    Abstract: Systems and methods provide for self-healing content security policies (CSPs). In accordance with some aspects, CSP violation information is received identifying a CSP violation for a CSP header and a violating source for the CSP violation. The violating source for the CSP violation is compared against a list of trusted sources. Based on the comparison, a first trusted source in the list of trusted sources is identified as matching the violating source for the CSP violation. Responsive to identifying the first trusted source as matching the violating source, a CSP definition associated with the CSP header is caused to be updated to include a source value based on the violating source or the first trusted source to provide an updated CSP definition.

Patent Agency Ranking