Computer-implemented authentication integrity challenge for a cloud provider network

Assignee

• AMAZON TECHNOLOGIES, INC. · US

Inventors

• Christopher Best · Maidstone, GB
• Benjamin Gordon · Anaheim, US
• Nicolas Taing · Oakland, US
• Ryan Mark Lacy · Berkeley, US

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/08
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Techniques for providing a computer-implemented authentication integrity challenge (AIC) service are described. According to some examples, a computer-implemented method includes receiving, at a cloud provider network, a first request from an end customer device to log into an end customer account of the cloud provider network; sending, in response to the first request, a second request that does not include login credentials for the end customer account from the cloud provider network to a challenge provider service separate from the cloud provider network for the first request; receiving, by the cloud provider network, a validation indication from the challenge provider service that indicates the second request is validated by an integrity challenge of the challenge provider service; generating, by the cloud provider network, a proof based on the validation indication; sending the proof by the cloud provider network to the end customer device; receiving, by the cloud provider network, a third request from the end customer device that comprises the login credentials and the proof sent by the cloud provider network; and logging the end customer device into the end customer account …