| US 11,722,491 B1 | ||
| Cumulative risk-based scoring for quorum authorization | ||
| Kazi Naim Al-Rashid, Redmond, WA (US); and Dean H Saxe, Seattle, WA (US) | ||
| Assigned to Amazon Technologies, Inc., Seattle, WA (US) | ||
| Filed by Amazon Technologies, Inc., Seattle, WA (US) | ||
| Filed on Jun. 30, 2020, as Appl. No. 16/917,840. | ||
| Int. Cl. H04L 29/00 (2006.01); H04L 9/40 (2022.01) | ||
| CPC H04L 63/101 (2013.01) [H04L 63/102 (2013.01); H04L 63/0869 (2013.01); H04L 63/1433 (2013.01)] | 20 Claims |
|
1. A system of a provider network, the system comprising:
at least one processor; and a memory, storing program instructions that when executed by the at least one processor, cause the at least one processor to implement an authorization system, configured to:
receive a request via an interface of the authorization system to obtain authorization for a proposed action;
identify a quorum set comprising a plurality of quorum members, wherein the quorum set is authorized to approve the proposed action;
send one or more notifications to at least some quorum members of the quorum set indicating the proposed action for approval;
receive, via the interface, one or more approvals from one or more quorum members of the quorum set authorizing the proposed action;
perform respective risk assessments of mistaken authorization to approve the proposed action for individual ones of the one or more quorum members of the quorum set that sent the one or more approvals to determine respective authorization scores for individual ones of the one or more approvals;
combine the respective authorization scores determined for individual ones of the one or more approvals into a total authorization score;
compare the total authorization score with a quorum authorization threshold for the proposed action to determine that the total authorization score satisfies the quorum authorization threshold; and
return a response to the request via the interface indicating that the proposed action is authorized.
|