Resource locators with keys
First Claim
Patent Images
1. A computer-implemented method, comprising:
- under the control of one or more computer systems configured with executable instructions,receiving, from a requestor, a request to perform one or more operations using a cryptographic key lacked by the one or more computer systems prior to receipt of the request, the request including a uniform resource locator that;
indicates the one or more operations;
includes an electronic signature generated by a first entity based at least in part on a portion of the uniform resource locator and secret information inaccessible to the requestor; and
includes the cryptographic key;
making a determination whether the electronic signature is valid;
on a condition that the determination indicates that the electronic signature is valid, using the cryptographic key from the request to perform the indicated one or more operations on data to generate a result of the one or more operations;
providing the result of the one or more operations in accordance with the request; and
after using the cryptographic key from the request to perform the indicated one or more operations on the data, performing one or more operations to lose access to the cryptographic key.
1 Assignment
0 Petitions
Accused Products
Abstract
Requests are pre-generated to include a cryptographic key to be used in fulfilling the requests. The requests may be encoded in uniform resource locators and may include authentication information to enable a service provider to whom the requests are submitted to determine whether the requests are authorized. The requests may be passed to various entities who can then submit the requests to the service provider. The service provider, upon receipt of a request, can verify the authentication information and fulfill the request using a cryptographic key encoded in the request.
-
Citations
25 Claims
-
1. A computer-implemented method, comprising:
under the control of one or more computer systems configured with executable instructions, receiving, from a requestor, a request to perform one or more operations using a cryptographic key lacked by the one or more computer systems prior to receipt of the request, the request including a uniform resource locator that; indicates the one or more operations; includes an electronic signature generated by a first entity based at least in part on a portion of the uniform resource locator and secret information inaccessible to the requestor; and includes the cryptographic key; making a determination whether the electronic signature is valid; on a condition that the determination indicates that the electronic signature is valid, using the cryptographic key from the request to perform the indicated one or more operations on data to generate a result of the one or more operations; providing the result of the one or more operations in accordance with the request; and after using the cryptographic key from the request to perform the indicated one or more operations on the data, performing one or more operations to lose access to the cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A non-transitory computer-readable storage medium having stored thereon instructions that, when executed by one or more processors of a computer system, cause the computer system to:
-
generate first information that encodes a request and a cryptographic key; generate an electronic signature of information verifiable by a service provider capable of fulfilling the request, the electronic signature based at least in part on a portion of a uniform resource locator and secret information inaccessible to another computer system; and make available the first information and the electronic signature to enable the other computer system to provide the first information and electronic signature to the service provider to cause the service provider to use the cryptographic key to fulfill the request by at least; making a determination whether the electronic signature is valid; and on a condition that the determination indicates that the electronic signature is valid, using the cryptographic key to perform one or more operations on data to generate a result of the one or more operations; and after using the cryptographic key to perform the one or more operations on the data, performing one or more additional operations to lose access to the cryptographic key. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system, comprising:
-
one or more processors; and memory storing instructions that, when executed by the one or more processors, cause the computer system to; generate first information that encodes a request and a cryptographic key; generate an electronic signature of information verifiable by a service provider capable of fulfilling the request, the electronic signature based at least in part on a portion of a uniform resource locator and secret information inaccessible to another computer system; and make available the first information and the electronic signature to enable the other computer system to provide the first information and electronic signature to the service provider to cause the service provider to use the cryptographic key to fulfill the request by at least; making a determination whether the electronic signature is valid; and on a condition that the determination indicates that the electronic signature is valid, using the cryptographic key to perform one or more operations on data to generate a result of the one or more operations; and after using the cryptographic key to perform the one or more operations on the data, performing one or more additional operations to lose access to the cryptographic key. - View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25)
-
Specification