| 发明名称 | Security verification by message interception and modification | ||
| 摘要 | Data security is enhanced by injecting insecurity into communications between two computer systems to test one of the computer systems. The insecurity is injected by modifying the communications between the two computer systems by modifying or adding messages. A response from one of the computer systems is monitored to determine whether the computer system reacts to the modification in a secure manner or if mitigating actions need to be performed. | ||
| 申请公布号 | US9571465(B1) | 申请公布日期 | 2017.02.14 |
| 申请号 | US201414490445 | 申请日期 | 2014.09.18 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Sharifi Mehr Nima;Dunn Christopher;Floyd Alexis;Kane-Parry David James;Mosthaf Volker Helmut;Williams Christopher Gordon |
| 分类号 | H04L29/06;H04L29/08 | 主分类号 | H04L29/06 |
| 代理机构 | Davis Wright Tremaine LLP | 代理人 | Davis Wright Tremaine LLP |
| 主权项 | 1. A computer-implemented method, comprising: selecting a second computer system for testing from a plurality of computer systems in a distributed system; obtaining a message addressed from a first computer system to the second computer system, the message comprising cryptographic information and being part of a handshake process for establishing a secure communications channel, the handshake process being part of a protocol that specifies a particular response as a result of the cryptographic information being invalid; modifying the cryptographic information of the message obtained to cause the cryptographic information to become invalid, thereby resulting in a modified message; transmitting the modified message to the second computer system; determining, as a testing result, that the second computer system, after receiving the modified message, failed to implement the particular response; and on a condition that the testing result indicates that the second computer failed to implement the particular response, performing one or more mitigating operations. | ||
| 地址 | Seattle WA US | ||