US 12,289,305 B1
Computer-implemented authentication integrity challenge for a cloud provider network
Christopher Best, New York, NY (US); Benjamin Gordon, Anaheim, CA (US); Nicolas Taing, Oakland, CA (US); and Ryan Mark Lacy, Berkeley, CA (US)
Assigned to Amazon Technologies, Inc., Seattle, WA (US)
Filed by Amazon Technologies, Inc., Seattle, WA (US)
Filed on Jun. 12, 2023, as Appl. No. 18/333,204.
Int. Cl. H04L 9/40 (2022.01); H04L 9/32 (2006.01)
CPC H04L 63/0846 (2013.01) [H04L 9/3271 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method comprising:
receiving, at a cloud provider network, a first request from an end customer device to log into an end customer account of the cloud provider network;
sending, in response to the first request, a second request that does not include login credentials for the end customer account from the cloud provider network to a challenge provider service separate from the cloud provider network for the first request;
receiving, by the cloud provider network, a validation indication from the challenge provider service that indicates the second request is validated by an integrity challenge of the challenge provider service;
generating, by the cloud provider network, a proof based on the validation indication;
sending the proof by the cloud provider network to the end customer device;
receiving, by the cloud provider network, a third request from the end customer device that comprises the login credentials and the proof sent by the cloud provider network; and
logging the end customer device into the end customer account in response to the proof provided in the third request being validated by the proof generated by the cloud provider network and the login credentials provided in the third request matching corresponding login credentials for the end customer account.