| 发明名称 | Service-to-service digital path tracing | ||
| 摘要 | A service receives from a sender service a digital message and a corresponding trace, which includes an ordered set of digital signatures of one or more services that participated in causing the service to receive the digital message. The trace may further specify an ordering of the one or more services, which may be generated according to the order of participation of these one or more services. The service may compare the received trace to recorded message paths to determine whether the ordering specified within the trace is valid. If the ordering is valid, the service may use one or more digital certificates to further verify the digital signatures included within the trace. If the service determines that these digital signatures are also valid, the service may process the message. | ||
| 申请公布号 | US9559849(B1) | 申请公布日期 | 2017.01.31 |
| 申请号 | US201414490465 | 申请日期 | 2014.09.18 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | Wasiq Muhammad;Sharifi Mehr Nima |
| 分类号 | H04L29/00;H04L9/32 | 主分类号 | H04L29/00 |
| 代理机构 | Davis Wright Tremaine LLP | 代理人 | Davis Wright Tremaine LLP |
| 主权项 | 1. A computer-implemented method, comprising: under control of one or more computer systems configured with executable instructions, receiving, from a service, a digital message, and a trace, the trace including an ordered set of a plurality of digital signatures of, and respectively added to the digital message by, a plurality of services of a service set, that participated in causing the digital message to be communicated and received and specifying an ordering of the plurality of services, the ordering according to an order of participation of the plurality of services in causing the digital message to be communicated and received and the digital message being of a particular type, the communication of the digital message specifying at least a first service and a second service; determining, based at least in part on the trace, that the-plurality of services of the service set corresponds to a message communication path that has been recorded for the type of the digital message; utilizing one or more digital certificates corresponding to the ordered set of digital signatures to verify that the ordered set of digital signatures are valid; and as a result of the ordered set of digital signatures being valid, processing the digital message. | ||
| 地址 | Seattle WA US | ||