Patents by Inventor Stefan Popoveniuc
Stefan Popoveniuc has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11206143Abstract: Digital certificates include pointers to remote certificate information stores that maintain usage information associated with digital certificates. The pointers provide a mechanism for enabling the remote certificate information stores to be queried for usage information associated with a particular digital certificate. The usage information can be used to determine a validity of the digital certificate.Type: GrantFiled: October 21, 2019Date of Patent: December 21, 2021Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, David Ripton, Alexandr Ukrainchik, Yuk-Chung Eric Kam, Mikhail Denisenko, Robert Eric Fitzgerald, Matthew Allen Estes, Tyler Eckstein
-
Patent number: 11115223Abstract: A method and apparatus for distributing cryptographic material are disclosed. In the method and apparatus, cryptographic material is obtained and it is determined that the cryptographic material is to be made available for use by one or more computing resources. The cryptographic material is then sent to one or more secure modules, whereby a secure module of the one or more secure modules is programmatically accessible to a computing resource of the one or more computing resources and programmatic access enables the computing resource to request performance of one or more cryptographic operations using the cryptographic material while exporting the cryptographic material to the computing resource is denied.Type: GrantFiled: July 26, 2019Date of Patent: September 7, 2021Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Publication number: 20200052911Abstract: Digital certificates include pointers to remote certificate information stores that maintain usage information associated with digital certificates. The pointers provide a mechanism for enabling the remote certificate information stores to be queried for usage information associated with a particular digital certificate. The usage information can be used to determine a validity of the digital certificate.Type: ApplicationFiled: October 21, 2019Publication date: February 13, 2020Inventors: Stefan Popoveniuc, David Ripton, Alexandr Ukrainchik, Yuk-Chung Eric Kam, Mikhail Denisenko, Robert Eric Fitzgerald, Matthew Allen Estes, Tyler Eckstein
-
Publication number: 20190349206Abstract: A method and apparatus for distributing cryptographic material are disclosed. In the method and apparatus, cryptographic material is obtained and it is determined that the cryptographic material is to be made available for use by one or more computing resources. The cryptographic material is then sent to one or more secure modules, whereby a secure module of the one or more secure modules is programmatically accessible to a computing resource of the one or more computing resources and programmatic access enables the computing resource to request performance of one or more cryptographic operations using the cryptographic material while exporting the cryptographic material to the computing resource is denied.Type: ApplicationFiled: July 26, 2019Publication date: November 14, 2019Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Patent number: 10454922Abstract: A first identity claim and a first attempt to prove password possession are received. As a result of determining that the first attempt to prove password possession is a match to a password in a set of passwords, but that the first identity claim is a mismatch to an identity that corresponds to the password, an authentication process that includes incrementing a counter associated with the password is performed. A second identity claim and a second attempt to prove password possession is received. As a result of determining that the second attempt to prove password possession is a match to the password, an authentication process that includes incrementing the counter associated with the password only if the second identity claim is a mismatch to the first identity claim is performed.Type: GrantFiled: February 24, 2016Date of Patent: October 22, 2019Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, Cristian Marius Ilac, Gregory Branchek Roth, Eric J. Brandwine
-
Patent number: 10454690Abstract: Digital certificates include pointers to remote certificate information stores that maintain usage information associated with digital certificates. The pointers provide a mechanism for enabling the remote certificate information stores to be queried for usage information associated with a particular digital certificate. The usage information can be used to determine a validity of the digital certificate.Type: GrantFiled: August 4, 2017Date of Patent: October 22, 2019Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, David Ripton, Alexandr Ukrainchik, Yuk-Chung Eric Kam, Mikhail Denisenko, Robert Eric Fitzgerald, Matthew Allen Estes, Tyler Eckstein
-
Patent number: 10367646Abstract: A method and apparatus for distributing cryptographic material are disclosed. In the method and apparatus, cryptographic material is obtained and it is determined that the cryptographic material is to be made available for use by one or more computing resources. The cryptographic material is then sent to one or more secure modules, whereby a secure module of the one or more secure modules is programmatically accessible to a computing resource of the one or more computing resources and programmatic access enables the computing resource to request performance of one or more cryptographic operations using the cryptographic material while exporting the cryptographic material to the computing resource is denied.Type: GrantFiled: October 21, 2014Date of Patent: July 30, 2019Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Patent number: 10263789Abstract: A service provider network includes a certificate manager that auto-generates and auto-renews security certificates for customers of the provider network. The security certificates may be usable to implement a Secure Sockets Layer (SSL) protocol, or other types of security protocols. The certificate manager generates a public key, private key pair for the customer, generates the certificate signing request (CSR) on behalf of the customer, transmits the CSR to the certificate authority (CA), and binds the resulting CA-generated certificate and private key to whatever internet-facing service the customer chooses (e.g., a load balancer).Type: GrantFiled: March 28, 2016Date of Patent: April 16, 2019Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, Nicholas James Lynch, Preston Anthony Elder, III, Param Sharma, Todd Lawrence Cignetti, Dmitry Berkovich, Iftach Ragoler
-
Patent number: 9552485Abstract: A method and apparatus for renewing cryptographic material are disclosed. In the method and apparatus a cryptographic material renewal entity of a computing resource service provider detects that cryptographic material stored by a secure module is to be renewed. Renewing the cryptographic material may include rekeying a private key associated with a certificate. Further, a digital certificate may be renewed, and the renewed certificate may be provided for use by the computing resource. The cryptographic material is used to fulfill requests made by a computing resource provisioned by the computing resource service provider for a customer. The renewed cryptographic material is provided to the secure module, whereby the renewed cryptographic material is used by the secure module to fulfill further requests made by the computing resource.Type: GrantFiled: October 21, 2014Date of Patent: January 24, 2017Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Publication number: 20160173485Abstract: A first identity claim and a first attempt to prove password possession are received. As a result of determining that the first attempt to prove password possession is a match to a password in a set of passwords, but that the first identity claim is a mismatch to an identity that corresponds to the password, an authentication process that includes incrementing a counter associated with the password is performed. A second identity claim and a second attempt to prove password possession is received. As a result of determining that the second attempt to prove password possession is a match to the password, an authentication process that includes incrementing the counter associated with the password only if the second identity claim is a mismatch to the first identity claim is performed.Type: ApplicationFiled: February 24, 2016Publication date: June 16, 2016Inventors: Stefan Popoveniuc, Cristian Marius Ilac, Gregory Branchek Roth, Eric J. Brandwine
-
Patent number: 9276919Abstract: In certain embodiments, a system having a memory and a processor. The memory is operable to store a credential verifier associated with a user account and a counter. The processor is coupled to the memory and the memory includes executable instructions that cause the system to receive a first authentication attempt and increment the counter if validation of the first authentication attempt against the credential verifier fails. The instructions also cause the system to receive a second authentication attempt and increment the counter only if validation of the second authentication attempt against the credential verifier fails and the second authentication attempt is distinct from the first authentication attempt.Type: GrantFiled: July 12, 2013Date of Patent: March 1, 2016Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, Cristian Marius Ilac, Gregory Branchek Roth, Eric J. Brandwine
-
Patent number: 8490162Abstract: A system includes a memory and a processor. The memory is operable to store a credential verifier associated with a user account and a counter. The processor is coupled to the memory and the memory includes executable instructions that cause the system to receive a first authentication attempt and increment the counter if validation of the first authentication attempt against the credential verifier fails. The instructions also cause the system to receive a second authentication attempt and increment the counter only if validation of the second authentication attempt against the credential verifier fails and the second authentication attempt is distinct from the first authentication attempt.Type: GrantFiled: September 29, 2011Date of Patent: July 16, 2013Assignee: Amazon Technologies, Inc.Inventors: Stefan Popoveniuc, Cristian M. Ilac, Gregory B. Roth, Eric J. Brandwine