Data is split into a set of data packets and transmitted between a client computer system and a network service via a packet-switched network. The client computer system identifies a role, permission, group, or other credential that is associated with the data packets, and attaches a credential identifier such as a digital signature to the packets before they are transmitted over the network. A network service receives the data packets, and is configured to filter or route the data packets to a recipient using the attached credential identifier. The network service can adjust the filtering or routing process to occur within a data link, network, transport, or application layer. In some examples, the filtering or routing is provided from within a hypervisor.

One embodiment described herein provides a system and method for facilitating user access to encryption keys stored within a hardware module. During operation, a server coupled to the hardware module receives a key request from the user, the key request comprising a user identifier and a key identifier. The server receives a voice message from the user, extracts voice features from a voiceprint associated with the received voice message, looks up voice features stored within the hardware module based on the user identifier, and compares the extracted voice features with the voice features stored within the hardware module. In response to the extracted voice features matching the stored voice features, the server retrieves from the hardware module an encryption key based on the user identifier and the key identifier.

In one embodiment, a method, comprising obtaining a first uniform resource identifier for a segment of a content item, obtaining encryption metadata indicative of encryption information to be used for encrypting the segment when the segment is requested by a client device or a content delivery network, generating a data combination based on the first uniform resource identifier and the encryption metadata, generating an authentication code or a signature by applying a secret to the data combination, the secret being unknown to the client device or the content delivery network, generating a second uniform resource identifier for the segment based on the authentication code or the signature, the encryption metadata and the first uniform resource identifier, inserting the second uniform resource identifier in an adaptive bitrate media playlist for the content item, and sending the adaptive bitrate media playlist to the client device or the content delivery network.

Methods and systems are provided for supporting efficient and secure Machine-to-Machine (M2M) communications using a module, a server, and an application. A module can communicate with the server by accessing the Internet, and the module can include a sensor and/or an actuator. The module, server, and application can utilize public key infrastructure (PKI) such as public keys and private keys. The module can internally derive pairs of private/public keys using cryptographic algorithms and a first set of parameters. A server can authenticate the submission of derived public keys and an associated module identity. The server can use a first server private key and a second set of parameters to (i) send module data to the application and (ii) receive module instructions from the application. The server can use a second server private key and the first set of parameters to communicate with the module.

Cryptographic techniques are provided for generating, distributing, validation, and processing secure commands on different devices and/or peripherals. A control device generates and encrypts a key corresponding to a secure command using a private key of control device to produce a key envelope. Control device further encrypts the key envelope with a recipient's public key producing a recipient envelope. The recipient envelope is delivered to a recipient's device. The recipient's device decrypts the recipient envelope with a private key of the recipient's device producing the key envelope. The key envelope is delivered back to the control device. The control device decrypts the key envelope producing the key, validates the key, and processes a secure command on behalf of a secure resource or delivers the secure command to the secure resource for processing. In an embodiment, control device maintains audit records/audit trail, which is maintained on the control device.

Various embodiments relate to a method performed by a processor of a computing system. An example method includes generating a symmetric content encryption key. Content is encrypted using the content encryption key to generate cipher text. A hash of the cipher text is generated. Each of the hash and the content encryption key is signcrypted using each of a signcrypting party public key, a signcrypting party private key and a recipient public key to generate a signcrypted envelope message. The cipher text is embedded in a component of the signcrypted envelope message. The signcrypted envelope message is transmitted to a recipient. The recipient can unsigncrypt the signcrypted envelope message using each of the recipient public key, a recipient private key, and the signcrypting party public key to retrieve the content encryption key and hash of the cipher text. The recipient can decrypt the cipher text using the content encryption key.

An electronic signature service of a provider network may specify a virtual electronic signing device (ESD) to be used by user accounts (e.g., retail sales businesses) to generate digital signatures for documents (e.g., sales receipts). The electronic signature service may establish an isolated virtual network (IVN) on behalf of the client (e.g., taxing authority or other entity), which is managed by the client via a client interface. The electronic signature service may instantiate, on behalf of a user account, an ESD compute instance based on the virtual ESD specification. In response to receiving a request for a digital signature of a document, the ESD compute instance generates a digital signature based on the document and sends the digital signature to the user account. The service may store the signature and associated document data, which can subsequently be used for auditing (e.g., tax auditing).

Methods and systems are provided for efficient and secure Machine-to-Machine (M2M) between modules and servers. A module can communicate with a server by accessing the Internet, and the module can include a sensor and/or actuator. The module and server can utilize public key infrastructure (PKI) such as public keys to encrypt messages. The module and server can use private keys to generate digital signatures for datagrams sent and decrypt messages received. The module can internally derive pairs of private/public keys using cryptographic algorithms and a set of parameters. A server can use a shared secret key to authenticate the submission of derived public keys with an associated module identity. For the very first submission of a public key derived the module, the shared secret key can comprise a pre-shared secret key which can be loaded into the module using a pre-shared secret key code.

A set of servers can support secure and efficient Machine to Machine communications using an application interface and a module controller. The set of servers can record data for a plurality of modules in a shared module database. The set of servers can (i) access the Internet to communicate with a module using a module identity, (i) receive server instructions, and (iii) send module instructions. Data can be encrypted and decrypted using a set of cryptographic algorithms and a set of cryptographic parameters. The set of servers can (i) receive a module public key with a module identity, (ii) authenticate the module public key, and (iii) receive a subsequent series of module public keys derived by the module with a module identity. The application interface can use a first server private key and the module controller can use a second server private key.

A method is provided in which a development environment sends commands to an on-premises device that are signed by both (a) development environment and by (b) an execution environment (trusted source), and account for versioning. In so doing, the on-premises device that receives the command is able to authenticate both the sending entity, i.e., a production server, and the source of the command files to determine that the command is a valid configuration/upgrade package that may be safely installed and executed.