HIERARCHICAL DATA ACCESS TECHNIQUES
First Claim
1. A computer-implemented method, comprising:
- under the control of one or more computer systems that execute instructions,obtaining a plurality of keys, each obtained key of the plurality of keys being based at least in part on an information set for the plurality of keys and at least one other key distinct from the plurality of keys;
calculating, by inputting a combination of the plurality of keys into a function with the information set for the plurality of keys, a signing key; and
using the signing key to evaluate whether access to one or more computing resources is to be granted, the information set preventing the access from being granted when a request for the access is submitted out of compliance with the information set for the plurality of keys.
1 Assignment
0 Petitions
Accused Products
Abstract
A plurality of keys is obtained, with each obtained key of the plurality of keys being based at least in part on an information set for the plurality of keys and at least one other key distinct from the plurality of keys. A signing key is calculated by inputting a combination of the plurality of keys into a function with the information set for the plurality of keys, and the signing key is used to evaluate whether access to one or more computing resources is to be granted, with the information set preventing access from being granted when a request for the access is submitted out of compliance with the information set for the plurality of keys.
-
Citations
21 Claims
-
1. A computer-implemented method, comprising:
under the control of one or more computer systems that execute instructions, obtaining a plurality of keys, each obtained key of the plurality of keys being based at least in part on an information set for the plurality of keys and at least one other key distinct from the plurality of keys; calculating, by inputting a combination of the plurality of keys into a function with the information set for the plurality of keys, a signing key; and using the signing key to evaluate whether access to one or more computing resources is to be granted, the information set preventing the access from being granted when a request for the access is submitted out of compliance with the information set for the plurality of keys. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
9. A system, comprising:
-
one or more processors; and memory including instructions that, as a result of execution by one or more processors of a computer system, cause the computer system to at least, for an electronic signature submitted for verification in connection with a message; obtain a plurality of keys, each obtained key of the plurality of keys being based at least in part on an information set for the plurality of keys and at least one other key distinct from the plurality of keys, the information set corresponding to at least one of time, date, region, zone, service, protocol, device, device model, or device manufacturer; compute, based at least in part on information derived based at least in part on the plurality of keys, whether the electronic signature is valid; and cause one or more actions to be taken based at least in part on whether the electronic signature is valid, the one or more actions including evaluating whether access to one or more computing resources is permitted, with the information set preventing use of a key of the plurality of keys that is noncompliant with the information set. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A non-transitory computer-readable storage medium having stored thereon instructions that, when executed by a computer system, cause the computer system to at least:
-
obtain a plurality of keys, each obtained key of the plurality of keys being based at least in part on an information set for the plurality of keys and at least one other key distinct from the plurality of keys, the information set corresponding to at least one of time, date, region, zone, service, protocol, device, device model, or device manufacturer; calculate, based at least in part on the plurality of keys, a signing key; generate, based at least in part on the signing key and a message, a signature for the message; and cause the message and the signature to be transmitted to another computer system for use in evaluating whether access to one or more computing resources is permitted, the information set preventing use of the signing key that is noncompliant with the information set. - View Dependent Claims (17, 18, 19, 20, 21)
-
Specification