What technology area does this patent fall under?

Primary CPC classification H04L63/083. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Nov 22 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Compromised authentication information clearing house

US9503451B1 · US · B1

Patent metadata
Field	Value
Publication number	US-9503451-B1
Application number	US-201414571264-A
Country	US
Kind code	B1
Filing date	Dec 15, 2014
Priority date	Dec 15, 2014
Publication date	Nov 22, 2016
Grant date	Nov 22, 2016

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques for maintaining potentially compromised authentication information for a plurality of accounts may be provided. An individual piece of authentication information may be associated with one or more tags that indicate access rights with respect to requestors that also provide and maintain other potentially compromised authentication information. A subset of the potentially compromised authentication information may be determined based on the one or more tags in response to a request from a requestor for the potentially compromised authentication information. In an embodiment, the subset of the potentially compromised authentication information may be provided to the requestor.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer system, comprising: a processor; and memory including computer-executable instructions that, when executed by the processor, cause the system to at least: maintain first authentication information that has been marked as potentially subject to compromise for a first plurality of accounts; identify one or more characteristics of compromise for the first plurality of accounts based at least in part on the first authentication information; receive second authentication information that has been marked as potentially subject to compromise for a second plurality of accounts; update the one or more characteristics of compromise for the first plurality of accounts based at least in part on the received second authentication information; identify an account of the first plurality of accounts based at least in part on the updated one or more characteristics of compromise; evaluate the account of the first plurality of accounts to identify account activity including login request location information and login request device information; and provide instructions to update authentication information for the account and accounts of the first plurality of accounts that share a common user with the account based in part on the identified account activity. 2. The system of claim 1 , wherein the computer-executable instructions that, when executed by the processor, cause the system to further: in response to receiving the second authentication information, the second authentication information including user information associated with the second plurality of accounts; evaluate a contact list associated with users of the first plurality of accounts based on the user information associated with the second plurality of accounts; and notify a particular user of the first plurality of accounts of an association between the contact list of the particular user and the second authentication information that has been marked as potentially subject to compromise for the second plurality of accounts. 3. The system of claim 2 , wherein notifying the particular user of the first plurality of accounts includes analyzing incoming messages from a contact included in the contact list that shares the association between the contact list of the particular user and the second authentication information that has been marked as potentially subject to compromise for the second plurality of accounts. 4. The system of claim 1 , wherein the first authentication information and the second authentication information include one or more tags identifying access rights, the one or more tags assigned based at least in part on a type of account included in the first plurality of accounts and the second plurality of accounts. 5. The system of claim 1 , wherein the computer-executable instructions that, when executed by the processor, cause the system to further provide the updated authentication information for the first plurality of accounts to a provider of the second authentication information. 6. The system of claim 5 , wherein providing the updated authentication information for the first plurality of accounts to the provider of the second authentication information includes utilizing an application programming interface and a public/private encryption key maintained by the provider of the second authentication information. 7. A computer-implemented method, comprising: maintaining first authentication information that has been marked as potentially subject to compromise for a first plurality of accounts; identifying one or more characteristics of compromise for the first plurality of accounts based at least in part on the first authentication information; receiving second authentication information that has been marked as potentially subject to compromise for a second plurality of accounts; updating the one or more characteristics of compromise for the first plurality of accounts based at least in part on the received second authentication information; identifying an account of the first plurality of accounts based at least in part on the updated one or more characteristics of compromise; evaluating the account of the first plurality of accounts to identify account activity including login request location information and login request device information; and providing instructions to update authentication information for the account and accounts of the first plurality of accounts that share a common user with the account based in part on the identified account activity. 8. The computer-implemented method of claim 7 , further comprising: in response to receiving the second authentication information, the second authentication information including user information associated with the second plurality of accounts; evaluating a contact list associated with users of the first plurality of accounts based on the user information associated with the second plurality of accounts; and notifying a particular user of the first plurality of accounts of an association between the contact list of the particular user and the second authentication information that has been marked as potentially subject to compromise for the second plurality of accounts. 9. The computer-implemented method of claim 8 , wherein notifying the particular user of the first plurality of accounts includes analyzing incoming messages from a contact included in the contact list that shares the association between the contact list of the particular user and the second authentication information that has been marked as potentially subject to compromise for the second plurality of accounts. 10. The computer-implemented method of claim 7 , wherein the first authentication information and the second authentication information include one or more tags identifying access rights, the one or more tags assigned based at least in part on a type of account included in the first plurality of accounts and the second plurality of accounts. 11. The computer-implemented method of claim 7 , further comprising providing the updated authentication information for the first plurality of accounts to a provider of the second authentication information. 12. The computer-implemented method of claim 11 , wherein providing the updated authentication information for the first plurality of accounts to the provider of the second authentication information includes utilizing an application programming interface and a public/private encryption key maintained by the provider of the second authentication information. 13. A non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by a computer system, configure the computer system to perform operations comprising: maintaining first authentication information that has been marked as potentially subject to compromise for a first plurality of accounts; identifying one or more characteristics of compromise for the first plurality of accounts based at least in part on the first authentication information; receiving second authentication information that has been marked as potentially subject to compromise for a second plurality of accounts; updating the one or more characteristics of compromise for the first plurality of accounts based at least in part on the received second authentication information; identifying an account of the first plurality of accounts based at least in part on the updated one or more characteristics of compromise; evaluating the account of the first plurality of accounts to identify account activity including login request location information and login request device information; and providing

Assignees

Amazon Tech Inc

Inventors

Classifications

H04L2463/102
applying security measure for e-commerce · CPC title
H04L63/083Primary
using passwords (cryptographic mechanisms or cryptographic arrangements for entity authentication using a predetermined code H04L9/3226) · CPC title
H04L63/1441
Countermeasures against malicious traffic (countermeasures against attacks on cryptographic mechanisms H04L9/002) · CPC title
G06F21/46Primary
by designing passwords or checking the strength of passwords · CPC title

Patent family

Related publications grouped by family.

View patent family 57287800

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US9503451B1 cover?: Techniques for maintaining potentially compromised authentication information for a plurality of accounts may be provided. An individual piece of authentication information may be associated with one or more tags that indicate access rights with respect to requestors that also provide and maintain other potentially compromised authentication information. A subset of the potentially compromised …
Who is the assignee on this patent?: Amazon Tech Inc
What technology area does this patent fall under?: Primary CPC classification H04L63/083. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Nov 22 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B1). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).