| 发明名称 | Establishing trust using side channels | ||
| 摘要 | Disclosed are various embodiments for a trust establishment application. Machine instances executed in the same computing environment generate side channel patterns embodying data identifying themselves as trusted machine instances. The side channel patterns are detected to determine which machine instances are trusted. An operational mode of a machine instance is configured as a function of whether a quorum of trusted machine instances are executed in the computing environment. | ||
| 申请公布号 | US9171164(B1) | 申请公布日期 | 2015.10.27 |
| 申请号 | US201313974378 | 申请日期 | 2013.08.23 |
| 申请人 | Amazon Technologies, Inc. | 发明人 | McClintock Jon Arron |
| 分类号 | G06F7/04;G06F21/57;G06F21/62 | 主分类号 | G06F7/04 |
| 代理机构 | Thomas | Horstemeyer, LLP | 代理人 | Thomas | Horstemeyer, LLP |
| 主权项 | 1. A non-transitory computer-readable medium embodying a program executable in at least one computing device, comprising: code that generates a request side channel pattern embodying a request to a plurality of machine instances executed in the at least one computing device, the request soliciting a plurality of response side channel patterns; code that detects the response side channel patterns in the at least one computing device; code that generates a plurality of responses as a function of the response side channel patterns; code that identifies individual ones of the machine instances as trusted machine instances, comprising: code that identifies a respective one of the machine instances as a trusted machine instance responsive to a respective one of the responses that are generated as a function of the response side channel patterns corresponding to a shared secret;code that identifies the respective one of the machine instances as an untrusted machine instance responsive to: the respective one of the machine instances not responding to the request side channel pattern, or the respective one of the responses not corresponding to the shared secret; code that configures one of the machine instances to operate in a trusted operational mode responsive to the machine instances comprising a quorum of trusted machine instances; code that configures the one of the machine instances to operate in an untrusted operational mode responsive to the machine instances failing to comprise the quorum of trusted machine instances; code that calculates an estimated resource usage of those of the machine instances corresponding to the response side channel patterns; and wherein the respective one of the machine instances is determined to have responded to the request side channel pattern responsive to the estimated resource usage meeting a threshold. | ||
| 地址 | Seattle WA US | ||