Are you going to the APIStrat Conference in Nashville, or the API City Conference in Seattle?

Patent #9397835, Web of trust management in a distributed system

I found a couple more API patents in my notebook that I wanted to get published. I try to take time regularly to publish the strangest API related patents I can find. Today’s patent is out of Amazon, which I find to be a fascinating outlet for patent storytelling. It isn’t squarely in the realm of APIs like some of my others, but I think tells a fascinating story by itself, showing how the web and the concept of a patent are colliding.

Title - Web of trust management in a distributed system
Number - 9397835
Owner - Amazon Technologies, Inc.
Publication Date - 2016-07-19
Application Date - 2014-05-21

Abstract - A web of trust is used to validate states of a distributed system. The distributed system operates based at least in part on a domain trust. A root of trust issues the domain trust issues a domain trust. Domain trusts are updatable in accordance with rules of previous domain trusts so that a version of a domain trust is verifiable by verifying a chain of previous domain trust versions._

I like that trust is being patented. Digital trust as a patentable concept that Amazon can now delegate if they choose. I’m just fascinated by what concepts are now fair game for patenting, as they enter into the digital realm. Now I’m curious how many physical trust patents might exist. Is the management of trust patented in the physical world in any way? I guess I could see some of the components for determining trust could be patented, but I find the fact that trust, or more specifically trust management is patentable, as a troubling thing.

It’s no secret that I’m anti API patents. I’m rarely convinced of the uniqueness of anything digital, warranting the issuing of a patent by the USPTO. I have to say that in a world where trust is patentable, the environment for suspect behavior will flourish. Pretty much what we are seeing play out on the web on a daily basis. I’m adding this patent to my API authentication and API security research, because it is a component that exists already in these areas, and should be readily available for any provider to execute as they see fit.