FR3090937A1 - UNIT AND REMOVABLE DEVICE FOR REGISTRATION IN A DISTRIBUTED REGISTER - Google Patents

Abstract

The unitary and removable device (100) for recording on a distributed register (200) comprises: - a receiver (105) for external data, - a means (110) for recording an entry in the distributed register, each entry comprising at least one data item received, - a calculation core (115) configured to validate the addition of the entry to the distributed register by cryptographic calculation and - a means (120) for storing the distributed register. Figure for the abstract: Figure 1

Description

Description

Title of the invention: UNITARY AND REMOVABLE DEVICE FOR REGISTRATION IN A DISTRIBUTED REGISTER

Technical field of the invention

The present invention relates to a unitary and removable device for registering on a distributed register. It applies, in particular, to the management of a fleet of machines responsible for capturing or actuating a physical element.

State of the art

The standardized certification of the machines makes it possible to guarantee a determined level of operation compatible with the technical promises of the said machines.

To comply with a certification, the machines considered are produced in a single location, tested, certified and then sent to their place of operation.

If, qualitatively, such a process has the merit of guaranteeing the achievement of technical specifications, its execution has disadvantages in ecological, financial and intellectual transmission between the buyer and the seller.

To exemplify one of these disadvantages, remote manufacturing of the machine involves a significant energy expenditure in transport to the site of commissioning.

Statement of the invention

The present invention aims to remedy all or part of these drawbacks.

To this end, the present invention relates to a unitary and removable device for registering on a distributed register, which comprises:

[0008] an external data receiver,

- a means of registering an entry in the distributed register, each entry comprising at least one data item received,

- a computing core configured to validate the addition of the entry to the register distributed by cryptographic calculation and

- A means of storing the distributed register.

Thanks to these provisions, all of the certification operations on a distributed register can be performed locally on a machine, due to the unitary and removable nature of the device. It also follows from the functional nature of this device that it can be designed specifically according to the properties of the distributed register protocol used and the various functions associated with this protocol.

In embodiments, the device which is the subject of the present invention comprises a buffer memory for data received by the receiver, the registration means recording an entry in the distributed register comprising at least one data stored by the buffer memory.

These embodiments make it possible to store, in the same entry, a plurality of received data.

The interest of these embodiments is to be able to save in the event of a network outage a certain number of operations to be recorded in the register distributed in a secure and traced manner. The other advantage of these embodiments is to be able to optimize the writing operations by grouping the information before registration in the distributed register, which reduces the number of transactions for the same volume of information and therefore optimizes consumption. of energy. It is thus possible, according to energy efficiency or speed settings, to gather more or less information in a limited number of transactions, which contributes to an acceleration of the registration speed.

In embodiments, the device object of the present invention comprises a control core of an external device connected to a command transmitter configured to be connected to the external device, the receiver being configured to be connected to the external device transmitting data.

These embodiments make it possible to remotely control the external device, which allows a rearrangement of external devices not provided with control members.

In embodiments, the device object of the present invention comprises a secure memory enclave for storing a smart contract.

These embodiments make it possible to control the execution carried out by the external device supplying the data received or the commands issued by the control core.

In embodiments, the control core is configured to execute the smart contract as a function of the external data received.

In embodiments, the registration means is configured to carry out an entry registration in the register according to an execution parameter of the smart contract.

These embodiments make it possible to record particular transactions on the distributed register according to the execution of the intelligent contract by the device.

In embodiments, the device object of the present invention comprises a storage of computer tokens.

These embodiments allow the storage of value in the device.

In embodiments, the token storage adds a token based on the registration of an entry in the register by the registration means.

These embodiments make it possible to reward the energy expenditure achieved by the computing core, creating an incentive mechanism for participating in a consensus process of the distributed register.

In embodiments, the device object of the present invention comprises a secure memory enclave configured to execute an oracle type computer program.

These embodiments make it possible to authorize or not the carrying out of transactions or of entry in the register according to operating parameters of the oracle.

Brief description of the figures

Other advantages, aims and particular characteristics of the invention will emerge from the following non-limiting description of at least one particular embodiment of the device which is the subject of the present invention, with reference to the appended drawing, in which:

[Fig.l] shows, schematically, a particular functional diagram of the device object of the present invention,

[Fig.2] schematically represents a functional diagram of the interactions of a device which is the subject of this invention,

[Fig.3] schematically represents an infrastructure capable of implementing the device which is the subject of the present invention,

[Fig.4] schematically represents an architecture capable of implementing the device which is the subject of the present invention,

[Fig.5] schematically represents an architecture capable of implementing the device which is the subject of the present invention,

[Fig.6] schematically represents an architecture capable of implementing the device which is the subject of the present invention,

[Fig.7] schematically represents an architecture capable of implementing the device which is the subject of the present invention and

[Fig.8] schematically represents an architecture capable of implementing the device object of the present invention.

Description of the embodiments

This description is given without limitation, each characteristic of an embodiment can be combined with any other characteristic of any other embodiment advantageously.

We note now that the figures are not to scale.

It should be noted that the term “distributed register” designates a computer register simultaneously recorded and synchronized on a network of computers, which evolves by the addition of new information previously validated by the entire network and intended never to be modified or deleted. A distributed registry has no central administrator or centralized data storage. A peer-to-peer network and a consensus algorithm are required to keep the system running. One form of distributed registry is the blockchain system, which can be public, private or consortium. Such a distributed register is, for example, a blockchain.

Note that the unitary nature of the device described below comes from the fact that all of the components it comprises are part of the same electronic circuit or the same circuit assembly, without the need to use a telecommunications network to connect one component to another. This unitary character can also be diagrammed, alternatively, by the fact that all of the components integrate a single housing.

Note that the removable nature of the device comes from the fact that this device can be attached and detached from a third-party data sending device. Thus, at a minimum, the device is only connected by the data link connecting the third-party device to the data receiver 105. In variants, the device is powered by the third-party device. In variants, the device is integrated with the third-party device. In variants, the device is mechanically integral with the third-party device.

In FIG. 1, which is not to scale, there is a schematic view of an embodiment of the device 100 which is the subject of the present invention. This unitary and removable device 100 for recording on a distributed register 200, comprises:

A receiver 105 for external data,

- a means 110 for registering an entry in the distributed register, each entry comprising at least one data item received,

- a calculation core 115 configured to validate the addition of the entry to the register distributed by cryptographic calculation and

- A means 120 for storing the distributed register.

The receiver 105 can be of any type known to those skilled in the art, configured to receive data transmitted by a wired or wireless data network. This receiver 105 can be, for example, a USB port (For "Universal Serial Bus", configured to be "Universal serial bus") configured to be connected to a transmitter of an external data source. In variants, this receiver 105 is an NFC sensor (for “Near Field Communication”, translated by “Near Field Communication”). The exact nature of the receiver 105 is not limiting and this nature depends on the case of use of the device 100.

The registration means 110 is, for example, an electronic circuit configured to add an entry to the distributed register. This electronic circuit is, for example, formed by a microprocessor executing a computer program dedicated to this addition of entries to the register.

To add an entry to the distributed register, the registration means 110 reads, in the distributed register stored by the storage means 120, the identifier of a stored entry, preferably the last entry. The means of registration 110 forms a new entry in:

- assigning, as a previous entry in the register, the entry identifier read,

- assigning as data, either at least one data read, or an identifier representative of this data.

From the data to be added or represented in the distributed register, the registration means 110 operates a hash function (“hash function”, to obtain an entry identifier).

The calculation core 115 is configured to validate the addition to the distributed register by validating the signature of the registration means 110 via a cryptographic calculation. This cryptographic calculation implements a public key / private key mechanism, for example.

In this context, the registration being validated by a component, the mechanism used is a so-called "on chip" mechanism (translated by "embarqué" in French).

A consensus algorithm is a process which makes it possible to find an agreement on a single value of data between processes or distributed systems. These algorithms are designed to ensure the reliability of a network involving several unreliable nodes. A consensus mechanism is essential on multi-agent and distributed systems.

The storage means 120 is, for example, a computer memory, such as a hard disk for example. Once the registration has been validated, the distributed register is memorized by the storage means 120.

In embodiments, the device 100 which is the subject of the present invention comprises a buffer memory 125 for data received by the receiver 105, the means 110 for recording recording an entry in the distributed register 200 comprising at least one stored data. through the buffer.

This buffer memory 125 is, for example, formed from a computer random access memory configured to store a determined number of values received by the receiver 105.

The registration means 110 can, for example, be triggered when a number of stored values is equal to a determined number. Alternatively, the registration means 110 can be triggered periodically. Alternatively, the registration means 110 can be triggered when the calculation core 115 performs a cryptographic calculation, in the manner of a public block chain such as Bitcoin.

In embodiments, the device 100 which is the subject of the present invention comprises a heart 130 for controlling an external device 300 connected to a command transmitter 135 configured to be connected to the external device, the receiver 105 being configured to be connected to the external device transmitting data.

This control core 130 is, for example, a microprocessor executing a computer program for controlling the external device 300. The transmitter 135 can be of any type known to those skilled in the art and suitable for the use case, and in particular to the external device 300, for transmitting data representative of computer commands from said device 300. In variants, the transmitter 135 and receiver 105 are combined.

In embodiments, the device 100 object of the present invention comprises an enclave 140 secure memory for storing a smart contract.

We call "secure enclave" a hardware cryptographic module which provides storage of the information considered (such as a smart contract) directly on the component. This allows with a continuous verification of the smart counter code downloaded from the register distributed in the enclosure with that present on the distributed register in order to ensure its integrity. This allows local code execution without going through a distributed virtual machine and therefore drastically increasing execution speed and saving energy.

The 140 memory enclave is, for example, a memory physically distinct from other memories included in the device 100 and storing an intelligent contract or an identifier of such a contract. This smart contract can also be stored in the distributed register. In variants, the smart contract reads its operating parameters from a distributed register.

We call "smart contract", a computer protocol that facilitates, verifies and executes the negotiation or execution of a contract. Smart contracts generally have a user interface and emulate the logic of contractual clauses.

This smart contract can thus, for example, link the reception of data to a payment or the issuance of a computer token, for example. This intelligent contract can also activate the various components of the device 100 during its execution. For example, the control core 130 can be configured to issue a command of a determined type as a function of parameters of the smart contract.

This smart contract can, for example, include a list of components authorized for the execution of said contract, these components can be software and hardware.

In embodiments, the control core 130 is configured to execute the smart contract as a function of the external data received.

In embodiments, the registration means 110 is configured to carry out an entry registration in the register 200 as a function of an execution parameter of the smart contract.

In embodiments, the device 100 object of the present invention comprises a storage 145 of computer tokens.

This storage 145 is, for example, a computer memory. This memory can be distinct from other memories of the device 100.

In embodiments, the token storage 145 adds a token according to the registration of an entry in the register 200 by the registration means 110.

In embodiments, the device 100 which is the subject of the present invention comprises an enclave 150 secure memory configured to execute an oracle type computer program.

Enclave 150 memory is, for example, a memory physically distinct from other memories included in the device 100 and storing and / or executing an oracle or the execution parameters of this oracle.

A distributed registry oracle is a trusted entity that is part of a computer network, transporting information from the physical world to a smart contract. It creates the link between the physical world and a distributed register that intelligent contracts run through, and allows these contracts not to be limited to information internal to the distributed register. This technology is currently used by decentralized applications using smart contracts requiring access to external information.

The oracle can be linked to a physical sensor of the third-party device transmitting data received by the receiver 105.

A second object of the present invention consists in carrying out a distributed certification process for the compliance of a data processing policy. This data can be, for example, personal data of users of a computer platform. Alternatively, this second object is aimed at carrying out a distributed certification process for bringing a guaranteed treatment of a given object into compliance. This object can be, for example, meat and the guarantee of treatment correspond to a hallal treatment of this meat.

This second object therefore aims, via a platform of the "SaaS" type (for "Software as a service", translated by "Software as a service") or via a conventional server / client platform, the transmission of '' a certificate of compliance with a data processing policy. This compliance is established on the basis of necessary elements, specific to the data policy in question, for the realization of the policy and the progress in a compliance process. At each stage of the process, a certificate is issued, manually or automatically, according to a fixed or variable periodicity. At least two certificates are then consolidated to form a final certificate. Each certificate can be viewed via an audit interface.

Depending on the desired level of confidentiality, only the result of a step may be visible in the audit interface. Alternatively, all of the participants who shared the data can be displayed. These stakeholders, for example, digitally sign certificates during data processing. Representative documents associated with the certificates can also be consulted.

Each certificate can be stored and administered via a smart contract, this smart contract being able to be responsible for requesting updates of these certificates.

To achieve such a result, the object of the present invention is based on an updating mechanism produced by three types of oracles:

An update via an external time oracle, such as an external clock certified on a distributed register,

[0084] - an update via the result of a connected object, such as a counter of a slaughter line for example,

- an update via a request issued by an authorized external third party, such as a regulator for example.

Thus, the system can update or translate a certification or a control action.

An example of such a platform 500 is illustrated in FIG. 2. This platform 500 receives information 505 generated by participants for each step 525 of a process. From this information, the platform 500 generates documents 510 and, upon completion of step 525, a step certificate 515. This 515 certificate is stored on a distributed register such as a block chain. Once the final step 530 has been reached, a final certificate 520 is generated. Each certificate, 515 and 520, can be generated and configured according to the functioning of oracles 535.

An audit module 540 allows external actors 550 to see the certificates and possibly the documents 510. Each actor can have a different level of confidentiality configured 545.

We observe, in FIG. 3, schematically, a particular embodiment of an infrastructure allowing the establishment of a platform as described with reference to FIG. 2. This infrastructure 600 comprises a database 605 and a server responsible for services "outside the distributed register" or "outside the block chain". This database 605 communicates with a generator 610 of cryptographic signatures allowing the recording of data in the distributed register 615, these signatures being stored in the register 615.

The distributed register 615 is linked to an execution block of a smart contract 620 responsible for signing personal data, documents, events triggered according to the oracle or oracles considered.

This infrastructure 600 comprises a block 625 for interaction between the database 605 and the distributed register 615.

Finally, this infrastructure 600 includes a translator 630 for actions in external certification, this translator 630 being supplied with machine identifiers and certificates of these machines.

The present invention also relates to an architecture for building a network of intelligent and self-native machines, that is to say that does not require human intervention to add or remove a machine.

This architecture can be divided into functional sub-assemblies dedicated to the performance of chronologically executed tasks, from the first machine integrated into such a network.

We observe, in FIG. 4, diagrammatically, a first sub-assembly 700 comprises: a machine 710, having a determined operation and emitting at least one data representative of this operation,

- a device 705, as described with reference to FIG. 1, configured to capture the data and certify it in a distributed register 725,

A software 715 for controlling the machine and

- A means 720 of communication over a determined data network.

This first functional sub-assembly 700 is configured so that once the machine 710 has been assembled, associated with a given control software 715 and with a communication means 720, record this assembly 701 comprising the machine on the distributed register 725. 710, the software 715 and the means 720 of communication.

In return, the distributed register 725 provides the machine with a specific cryptographic signature.

This distributed register 725 stores identifiers of machines and smart contracts, for example.

We observe, in Figure 5, schematically, a second subset 800 illustrates a pre-existing intelligent network comprising, at a minimum, a distributed register 815 configured to certify the machines 805 of the network and an infrastructure 810 for controlling the intelligent network. This infrastructure is formed, for example, of physical and software elements configured to control the operation of the 805 machines and / or control an operating mode for the 805 machines.

The machines 805 are certified on the register 815 distributed while the machine

805 is introduced into the network without being initially certified.

In FIG. 6, we observe diagrammatically a subset 900 responsible for an attempt to register the machine 801 in the intelligent network 905.

During this attempt, the software 715 for controlling the machine 710 searches for machines 805 comprising a signature identical to the signature recorded in the sub-assembly 700 as described with reference to FIG. 4. This software 715 of piloting research, moreover, the presence of a device 705 of inscription in the network. This research can be carried out via an Internet network, Ethernet, a cellular network, a radio network or a Wifi network for example.

We observe, in Figure 7, schematically, the sub-assembly 800 illustrated in Figure 5 in which the machine 801 candidate for registration in the network communicates with the machines 805 already present in the network. In this subset 800, the machine 801 sends a request for operating authorization to the other machines 805 on the network. Then, the other machines 805 detect the presence of a device 705 for registering on the candidate machine 801 and temporarily validate the inclusion in the network of the candidate machine 801, without registering this new machine 801 on the distributed register 815. The 801 candidate machine, in this operating mode, preferably exhibits basic operation as long as the complete registration of the 801 candidate machine has not been carried out.

We observe, in Figure 8, schematically, the sub-assembly 800 illustrated in Figure 5 and 7 in which the candidate machine 801 has been entered in the register 815 distributed. This registration can be validated by a human administrator, via the 810 piloting infrastructure or automatically by the 805 machines depending on the signature of the candidate 801 machine.

Claims (1)

Claims [Claim 1] Unit and removable device (100) for recording on a distributed register (200), characterized in that it comprises: an external data receiver (105), - a means (110) for registering an entry in the distributed register, each entry comprising at least one data item received, - a calculation core (115) configured to validate the addition of the entry to the register distributed by cryptographic calculation and - A means (120) for storing the distributed register. [Claim 2] Device (100) according to claim 1, which comprises a buffer memory (125) for data received by the receiver (105), the means (110) for recording recording an entry in the register (200) distributed comprising at least one data stored by the buffer. [Claim 3] Device (100) according to one of claims 1 or 2, which comprises a core (130) for controlling an external device (300) connected to a command transmitter (135) configured to be connected to the external device, the receiver (105) being configured to be connected to the external device transmitting data. [Claim 4] Device (100) according to one of claims 1 to 3, which comprises a secure memory enclave (140) for storing a smart contract. [Claim 5] Device (100) according to claims 3 and 4, wherein the control core (130) is configured to execute the smart contract according to the external data received. [Claim 6] Device (100) according to claim 5, in which the registration means (110) is configured to carry out an entry registration in the register (200) according to an execution parameter of the smart contract. [Claim 7] Device (100) according to one of claims 1 to 6, which comprises a storage (145) of computer tokens. [Claim 8] Device (100) according to claims 6 and 7, wherein the token storage (145) adds a token according to the registration of an entry in the register (200) by the registration means (110). [Claim 9] Device (100) according to one of claims 1 to 8, which comprises a secure memory enclave (150) configured to execute an oracle-type computer program. 1/5