发明名称 |
DATA SECURITY WITH A SECURITY MODULE |
摘要 |
A security module securely manages keys. The security module is usable to implement a cryptography service that includes a request processing component. The request processing component responds to requests by causing the security module to perform cryptographic operations that the request processing component cannot perform due to a lack of access to appropriate keys. The security module may be a member of a group of security modules that securely manage keys. Techniques for passing secret information from one security module to the other prevent unauthorized access to secret information. |
申请公布号 |
US2016283723(A1) |
申请公布日期 |
2016.09.29 |
申请号 |
US201615173523 |
申请日期 |
2016.06.03 |
申请人 |
Amazon Technologies, Inc. |
发明人 |
Roth Gregory Branchek;Wren Matthew James;Brandwine Eric Jason;Pratt Brian Irl |
分类号 |
G06F21/60;H04L29/06 |
主分类号 |
G06F21/60 |
代理机构 |
|
代理人 |
|
主权项 |
1. A computer-implemented method for key management, comprising:
under control of a computer system configured with executable instructions,
storing secret information in memory of the computer system;detecting an event that triggers a transition into an administrative mode in which one or more administrative operations are permitted as a result of transitioning into the administrative mode; andas a result of detecting the triggering event, rendering inaccessible information necessary to access the secret information in plaintext form. |
地址 |
Seattle WA US |