Patent · US Active

Securing client-specified credentials at cryptographically attested resources

US10389709B2 · kind B2 · utility

12Cited by

20References

20Claims

0Family size

Assignee

AMAZON TECHNOLOGIES, INC. · US

Inventors

Nachiketh Rao Potlapally · Arlington, US
Andrew J. Doane · Vienna, US
Eric Jason Brandwine · Haymarket, US
Robert Eric Fitzgerald · Herndon, US

Key dates

Filing date	Feb 24, 2014
Grant date	Aug 20, 2019
Priority date	—
Expiry date	Feb 24, 2034

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/0884
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Methods and apparatus for securing client-specified credentials at cryptographically-attested resources are described. An indication is obtained that resources deployed for execution of a compute instance of a multi-tenant computing service at an instance host of a provider network meet a client's security criteria. An encrypted representation of credentials to be used at the compute instance to implement operations on behalf of a client is received at the instance host. The credentials are extracted from the encrypted representation using a private key unique to the instance host, used for the operations, and then removed from the instance host without being saved in persistent memory.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.