发明名称 |
Data Security Operations With Expectations |
摘要 |
A cryptography service allows for management of cryptographic keys and for the evaluation of security expectations when processing incoming requests. In some contexts, the cryptography service, upon receiving a request to perform a cryptographic operation, evaluates a set of security expectations to determine whether the cryptographic key or keys usable to perform the cryptographic operation should be trusted. A response to the request is dependent on evaluation of the security expectations. |
申请公布号 |
US2016182470(A1) |
申请公布日期 |
2016.06.23 |
申请号 |
US201414574337 |
申请日期 |
2014.12.17 |
申请人 |
Amazon Technologies, Inc. |
发明人 |
Rubin Gregory Alan;Roth Gregory Branchek |
分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
代理机构 |
|
代理人 |
|
主权项 |
1. A computer-implemented method, comprising:
receiving, from a requestor associated with a customer of a service provider, a web service request whose fulfillment includes performance of a cryptographic operation; selecting, based at least in part on information in the web service request, a cryptographic key from a plurality of cryptographic keys managed by the service provider for a plurality of customers of the service provider; determining a set of security expectations applicable to the web service request, the set of security expectations defining a set of conditions applicable to the selected cryptographic key that, when fulfilled and regardless of whether the selected cryptographic key is usable to perform the cryptographic operation, indicate that a result of the cryptographic operation is trusted; evaluating the set of security expectations against the selected cryptographic key; generating a response to the web service requests based at least in part on evaluation of the set of security expectations; and providing the generated response. |
地址 |
Seattle WA US |