| 发明名称 |
SECURE VALIDATION USING HARDWARE SECURITY MODULES |
| 摘要 |
Disclosed is secure decryption and business rule validation of encrypted confidential data within a hardware security module (HSM). The validation may include the use of a Bloom filter stored and executing within the HSM. The return order of encrypted data within the HSM as well as requests for external data relating to validation may be randomized to further harden against correlation attacks. |
| 申请公布号 |
US2015278804(A1) |
申请公布日期 |
2015.10.01 |
| 申请号 |
US201514733795 |
申请日期 |
2015.06.08 |
| 申请人 |
Amazon Technologies, Inc. |
发明人 |
Jenks Jason;Low Brandon B.;Char Hanson;Vosshall Peter S.;Brunette Waylon |
| 分类号 |
G06Q20/36;G06Q20/40 |
主分类号 |
G06Q20/36 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of validating encrypted payment information against business rules at least partially by a computer, the method comprising:
receiving at a hardware security module an application programming interface call to validate data, the application programming interface call made to an application programming interface provided by the hardware security module, the application programming interface call specifying a secret comprising encrypted payment information from a storage device external to the hardware security module, the hardware security module comprising a cryptographic processor and memory within a tamper resistant physical package; fulfilling the application programming interface call by at least:
decrypting the secret within the hardware security module to create cleartext that encodes the data;validating the data within the hardware security module; andgenerating a validation result that indicates whether the payment information is valid. |
| 地址 |
Seattle WA US |
