Managing security in isolated network environments

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Diwakar Gupta · Seattle, US
• David Wachtfogel · Jerusalem, IL
• Marc Stephen Olson · Bellevue, US
• Anthony Nicholas Liguori · Bainbridge Island, US
• Stephen David Hildrey · Liverpool, GB

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/1441
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Security can be provided for data stored using resources that are deployed in an environment managed by a third party. Physical and logical detection mechanisms can be used to monitor various security aspects, and the resulting security data can be used to identify potential threats to these resources. In some embodiments, suspicious activity can cause resources such as data servers to be automatically and remotely rebooted such that keys stored in volatile memory on those data servers will be lost from those servers, such that an attacker will be unable to decrypt data stored on those servers. Once a determination of safety is made, the keys can be provided to the respective data servers such that data operations can resume.