Patents by Inventor Todd Lawrence Cignetti
Todd Lawrence Cignetti has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10127388Abstract: Techniques are disclosed for mitigating against registering a domain name that is confusingly similar to a pre-existing domain name, possibly for the purpose of fooling users. In embodiments, a domain name is presented for registration. The domain name is rendered as an image, and optical character recognition is performed on the image to extract the rendered text. This extracted text is compared against a list of domain names for which confusingly similar domain names cannot be registered, and when the extracted text matches a domain name in this list of domain names, registration of the domain name is denied.Type: GrantFiled: August 26, 2014Date of Patent: November 13, 2018Assignee: Amazon Technologies, Inc.Inventors: Stefan Popuveniuc, Peter Zachary Bowen, Alexander Edward Schoof, Andrew Jeffrey Doane, Todd Lawrence Cignetti, Robert Eric Fitzgerald
-
Publication number: 20180069844Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.Type: ApplicationFiled: July 10, 2017Publication date: March 8, 2018Inventors: Todd Lawrence Cignetti, Andrew J. Doane, Eric Jason Brandwine, Robert Eric Fitzgerald
-
Publication number: 20170373833Abstract: Servers in datacenters, mobile devices and virtualized servers without human interaction may experience difficulties in establishing entropy in a virtualized computing environment. Entropy is an important foundation for cryptography and a lack of entropy has led to weaknesses that can be used to break cryptographic systems in the past.Type: ApplicationFiled: August 24, 2017Publication date: December 28, 2017Inventors: Andrew Jeffrey Doane, Todd Lawrence Cignetti
-
Publication number: 20170272417Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations.Type: ApplicationFiled: June 6, 2017Publication date: September 21, 2017Inventors: Todd Lawrence Cignetti, Eric Jason Brandwine, Robert Eric Fitzgerald, Andrew J. Doane
-
Patent number: 9749127Abstract: Servers in datacenters, mobile devices and virtualized servers without human interaction may experience difficulties in establishing entropy in a virtualized computing environment. Entropy is an important foundation for cryptography and a lack of entropy has led to weaknesses that can be used to break cryptographic systems in the past.Type: GrantFiled: June 3, 2014Date of Patent: August 29, 2017Assignee: Amazon Technologies, Inc.Inventors: Andrew Jeffrey Doane, Todd Lawrence Cignetti
-
Patent number: 9705855Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.Type: GrantFiled: December 28, 2015Date of Patent: July 11, 2017Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew J. Doane, Eric Jason Brandwine, Robert Eric Fitzgerald
-
Publication number: 20170171191Abstract: A certificate manager for a multi-tenant environment can be authorized to automatically renew a certificate for a customer of the environment. Prior to the end of the validity period of the certificate, the certificate manager can obtain a new certificate on behalf of the customer and notify the customer that the certificate is ready to be deployed. The certificate will not be deployed until the customer releases the hold on the certificate. If no such instruction is received, notifications can be sent to the customer about the upcoming end of the validity period, and those notifications can be sent with increasing frequency. If no notification is received before the validity period is to expire, the certificate manager can automatically deploy the certificate to ensure that a valid certificate remains in place for the customer on the associated resource(s).Type: ApplicationFiled: December 14, 2015Publication date: June 15, 2017Inventors: Todd Lawrence Cignetti, Preston Elder
-
Patent number: 9680808Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. Signaling methods are used to notify virtual machine instances of serialization events in order to prevent keying material from being stored persistently.Type: GrantFiled: January 11, 2016Date of Patent: June 13, 2017Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Eric Jason Brandwine, Robert Eric Fitzgerald, Andrew J. Doane
-
Patent number: 9552485Abstract: A method and apparatus for renewing cryptographic material are disclosed. In the method and apparatus a cryptographic material renewal entity of a computing resource service provider detects that cryptographic material stored by a secure module is to be renewed. Renewing the cryptographic material may include rekeying a private key associated with a certificate. Further, a digital certificate may be renewed, and the renewed certificate may be provided for use by the computing resource. The cryptographic material is used to fulfill requests made by a computing resource provisioned by the computing resource service provider for a customer. The renewed cryptographic material is provided to the secure module, whereby the renewed cryptographic material is used by the secure module to fulfill further requests made by the computing resource.Type: GrantFiled: October 21, 2014Date of Patent: January 24, 2017Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew Jeffrey Doane, Stefan Popoveniuc, Matthew Allen Estes, Alexander Edward Schoof, Robert Eric Fitzgerald, Peter Zachary Bowen
-
Patent number: 9525672Abstract: A compute instance of a virtual computing service (VCS) is assigned first and second cryptographically verifiable identities (CVIs) within respective namespaces. A cryptographic key pair associated with the first CVI includes a non-transferable private key managed by a secure key store which does not permit the private key to be copied. The VCS enables the instance to use the private key for asserting the CVIs. In response to a first identity query, the instance indicates the first CVI. In response to a second identity query, the instance indicates the second CVI.Type: GrantFiled: December 19, 2014Date of Patent: December 20, 2016Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Peter Zachary Bowen, Andrew Jeffrey Doane, Alexander Edward Schoof
-
Publication number: 20160182473Abstract: A compute instance of a virtual computing service (VCS) is assigned first and second cryptographically verifiable identities (CVIs) within respective namespaces. A cryptographic key pair associated with the first CVI includes a non-transferable private key managed by a secure key store which does not permit the private key to be copied. The VCS enables the instance to use the private key for asserting the CVIs. In response to a first identity query, the instance indicates the first CVI. In response to a second identity query, the instance indicates the second CVI.Type: ApplicationFiled: December 19, 2014Publication date: June 23, 2016Applicant: AMAZON TECHNOLOGIES, INC.Inventors: TODD LAWRENCE CIGNETTI, PETER ZACHARY BOWEN, ANDREW JEFFREY DOANE, ALEXANDER EDWARD SCHOOF
-
Publication number: 20160127336Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. Signaling methods are used to notify virtual machine instances of serialization events in order to prevent keying material from being stored persistently.Type: ApplicationFiled: January 11, 2016Publication date: May 5, 2016Inventors: Todd Lawrence Cignetti, Eric Jason Brandwine, Robert Eric Fitzgerald, Andrew J. Doane
-
Publication number: 20160112387Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.Type: ApplicationFiled: December 28, 2015Publication date: April 21, 2016Inventors: Todd Lawrence Cignetti, Andrew J. Doane, Eric Jason Brandwine, Robert Eric Fitzgerald
-
Publication number: 20160034298Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: ApplicationFiled: October 12, 2015Publication date: February 4, 2016Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti
-
Patent number: 9235714Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. Signaling methods are used to notify virtual machine instances of serialization events in order to prevent keying material from being stored persistently.Type: GrantFiled: November 12, 2013Date of Patent: January 12, 2016Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Eric Jason Brandwine, Robert Eric Fitzgerald, Andrew J. Doane
-
Patent number: 9231923Abstract: Organizations maintain and generate large amounts of sensitive information using computer hardware resources and services of a service provider. Furthermore, there is a need to be able to delete large amounts of data securely and quickly by encrypting the data with a key and destroying the key. To ensure that information stored remotely is secured and capable of secure deletion, cryptographic keys used by the organization should be prevented from being persistently stored during serialization operations. If the keys used to encrypt the data have not been exposed during serialization operation, they may be deleted or destroyed enabling the destruction of data encrypted with the keys.Type: GrantFiled: November 12, 2013Date of Patent: January 5, 2016Assignee: Amazon Technologies, Inc.Inventors: Todd Lawrence Cignetti, Andrew J. Doane, Eric Jason Brandwine, Robert Eric Fitzgerald
-
Patent number: 9158909Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: GrantFiled: March 4, 2014Date of Patent: October 13, 2015Assignee: Amazon Technologies, Inc.Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti
-
Publication number: 20150254451Abstract: A vendor of virtual machine images accesses a virtual computer system service to upload a digitally signed virtual machine image to a data store usable by customers of the virtual computer system service to select an image for creating a virtual machine instance. If a digital certificate is uploaded along with the virtual machine image, the virtual computer system service may determine whether the digital certificate has been trusted for use. If the digital certificate has been trusted for use, the virtual computer system service may use a public cryptographic key to decrypt a hash signature included with the image to obtain a first hash value. The service may additionally apply a hash function to the image itself to obtain a second hash value. If the two hash values match, then the virtual machine image may be deemed to be authentic.Type: ApplicationFiled: March 4, 2014Publication date: September 10, 2015Applicant: Amazon Technologies, Inc.Inventors: Andrew Jeffrey Doane, Alexander Edward Schoof, Robert Eric Fitzgerald, Todd Lawrence Cignetti