US20220353074A1 - Systems and methods for minting a physical device based on hardware unique key generation - Google Patents
Systems and methods for minting a physical device based on hardware unique key generation Download PDFInfo
- Publication number
- US20220353074A1 US20220353074A1 US17/864,597 US202217864597A US2022353074A1 US 20220353074 A1 US20220353074 A1 US 20220353074A1 US 202217864597 A US202217864597 A US 202217864597A US 2022353074 A1 US2022353074 A1 US 2022353074A1
- Authority
- US
- United States
- Prior art keywords
- metering device
- public key
- computing device
- transactions
- ledger
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims description 28
- 238000012545 processing Methods 0.000 claims description 14
- 238000004891 communication Methods 0.000 description 7
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000004590 computer program Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 238000012550 audit Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000007792 addition Methods 0.000 description 2
- 230000001413 cellular effect Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000008707 rearrangement Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 235000006679 Mentha X verticillata Nutrition 0.000 description 1
- 235000002899 Mentha suaveolens Nutrition 0.000 description 1
- 235000001636 Mentha x rotundifolia Nutrition 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013474 audit trail Methods 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011176 pooling Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000012552 review Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
- H04L9/3073—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G01—MEASURING; TESTING
- G01D—MEASURING NOT SPECIALLY ADAPTED FOR A SPECIFIC VARIABLE; ARRANGEMENTS FOR MEASURING TWO OR MORE VARIABLES NOT COVERED IN A SINGLE OTHER SUBCLASS; TARIFF METERING APPARATUS; MEASURING OR TESTING NOT OTHERWISE PROVIDED FOR
- G01D4/00—Tariff metering apparatus
- G01D4/002—Remote reading of utility meters
- G01D4/006—Remote reading of utility meters to a non-fixed location, i.e. mobile location
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/23—Updating
- G06F16/2365—Ensuring data consistency and integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
- G06Q20/0655—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash e-cash managed centrally
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/085—Payment architectures involving remote charge determination or related payment systems
- G06Q20/0855—Payment architectures involving remote charge determination or related payment systems involving a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/12—Payment architectures specially adapted for electronic shopping systems
- G06Q20/127—Shopping or accessing services according to a time-limitation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/363—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3678—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes e-cash details, e.g. blinded, divisible or detecting double spending
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
Definitions
- Examples of the present disclosure are related to systems and methods for secure hardware authentication. More particularly, embodiments may utilize blockchain-hyper ledgers using a key pair as a permanent identification element for a physical device or meter.
- Blockchain is a list of records, called blocks, which are linked to cryptology. Each block includes a cryptographic hash of the previous block, a timestamp, and transaction data. Blockchain is resistant to modification of the data and transactions between multiple parties. Once recorded, data in any given block cannot be altered retroactively without the alteration of all subsequent blocks.
- a decentralized, distributed, and public digital ledger can be created to record transactions across many computers. This allows the participants to verify and audit transactions inexpensively.
- a digital wallet may have multiple public and private key pairs and are used to spend cryptocurrency.
- digital wallets are decentralized and are not tied to specific hardware. Situations arise where it is desirable to verify and audit transactions associated with a specific hardware element utilizing blockchain.
- Embodiments are configured to mint, establish, and permanently allocate an address for a physical computing device based on unique key generation, wherein the key generation is configured to create a private-public key pair.
- Embodiments may be configured to tie financial transactions associated with physical equipment with a physical computing device, wherein the physical equipment may be a metering device that is configured to provide a service.
- the data obtained associated with the metering of the physical equipment with the physical computing device may be utilized to determine what services are being created and when. This may allow remote service providers, such as financial institutions, energy companies, or other remote service providers, to remotely track the performance of a physical computing device tied to physical equipment. Utilizing a block chain with the key chain, an immutable record may be created, which may create a proof of origin to automatically track and securely meter this remote performance of the remote physical equipment.
- the key pair may be generated upon initialization of the physical computing device, such that the physical computing device is minted with the key pair.
- the key pair may be utilized as a token for supply-chain billings, payments, auditing, etc. associated with the physical computing device.
- the physical computing device may be a meter that measures and records quantities at specific intervals, such as a power meter, water meter, etc.
- a digital certificate may be issued for the physical computing device, wherein the digital certificate may enable the physical computing device may be registered with a cloud computing service provider.
- the physical computing device may transmit a certificate request with the generated public key to a trusted third party (TTP), such as Digicert.
- TTP trusted third party
- the trusted third party may be configured to facilitate interactions between two parties, such as the physical computing device and the cloud computing service provider.
- the trusted third party may respond to the certificate request with a data associated with the digital certificate that is encoded based on the public key.
- the data to create the digital certificate may only be decrypted utilizing the private key stored only on the physical computing device without the private key being communicated from the physical computing device.
- the physical computing device may transmit the digital certificate to a remote service provider along with a request for computing services.
- the computing service provider may transmit the digital certificate to the trusted third party to authenticate the digital certificate.
- the physical computing device Responsive to authenticating the digital certificate, the physical computing device may be registered with the cloud computing service provider.
- Transactions between the cloud computing service provider and the physical computing device may be automatically updated into a ledger using blockchain technology. For examples, transactions may be associating updating a meter to record the amount of power, water, etc. consumed over a time period, wherein the ledger is updated at continuous intervals with time stamp data and quantity data through the block chain utilizing the block chain.
- FIG. 1 depicts a topology for asymmetrical cryptology between a physical computer device, remote service provider, and trusted third party over a network, according to an embodiment.
- FIG. 2 illustrates a method for a hardware verified feedback loop for content presented on a display device.
- FIG. 1 depicts a topology for asymmetrical cryptology between a physical computer device 130 , remote service provider 110 , and a trusted third party 120 over a network 105 .
- Network 105 may be a wide area network (WAN) that extends over a large geographical distance, a wireless local area network (WLAN) that is configured to link two or more devices within a limited area, such as a home, school, commercial building, office building, etc., or any other type of wireless or wired network.
- network 105 may be a wireless communications network, digital radio, or cellular network operating over CDMA, GSM, etc.
- the network 105 may be operated by telecommunications providers.
- network 105 may be a Wi-Fi network.
- Network 105 may enable the communication of data between remote service provider 110 , trusted third party 120 , and physical computing device 130 .
- Remote service provider 110 may be a computing device, such as a general hardware platform server configured to support mobile applications, software, content, and the like executed on physical computing device 130 .
- Remote service provider 110 may include physical computing devices residing at a particular location or may be deployed in a cloud computing network environment.
- cloud computing may be defined as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned via virtualization and released with minimal management effort or service provider interaction, and then scaled accordingly.
- a cloud model can be composed of various characteristics (e.g., on-demand self-service, broad network access, resource pooling, rapid elasticity, measured service, etc.), service models (e.g., Software as a Service (“SaaS”), Platform as a Service (“PaaS”), Infrastructure as a Service (“IaaS”), and deployment models (e.g., private cloud, community cloud, public cloud, hybrid cloud, etc.).
- Remote service provider 110 may include any combination of one or more computer-usable or computer-readable content.
- remote service provider 110 may supply cloud computing service, such as through amazon web services, to physical computing device 130 .
- remote service provider 110 may be: a cellular network provider that allows communication of data to and from physical computing device 130 , internet service, video service provider, banking provider, general service providers, such as an energy service provider, water service provider, etc.
- Trusted third party 120 may be a hardware processing device that facilities interactions between two other devices, such as physical computing device 130 and remote service provider 110 . In implementations, trusted third party 120 may be configured review critical transaction communications between remote service provider 110 and physical computing device 130 . Trusted third party 120 may be a certificate authority that is configured to issue digital certificates that certify the ownership of a public key. For example, trusted third party 120 may be configured to generate a digital certificate to physical computing device 130 responsive to receiving a public key from physical computing device 130 , wherein the trusted third party 120 is configured to determine that the digital certificate is associated with a physical computing device 130 that has the corresponding private key stored within memory of the physical computing device 130 .
- trusted third party 120 may communicate the digital certificate to the physical computing device 130 , wherein the digital certificate may be encrypted based on the public key. Furthermore, trusted third party 120 may be configured to receive the digital certificate associated with the physical computing device 130 from remote service provider 110 . This may independently verify a secure communication chain between remote service provider 110 and physical computing device 130 .
- Physical computing device 130 may be a computer, tablet, control system, robot, appliance, thin client, mobile telephone, or any other device with a hardware processing device that is configured to automatically implement sequences automatically. Physical computing device 130 may be configured to request and utilize computing resources from remote service provider 110 to implement a wide range or tasks. In implementations, physical computing device 130 may be directed tied to a meter that is configured to continuously and routinely acquire quantity data and time stamp data.
- Physical computing device 130 may include an initialization module 132 , key pair generator 134 , token module 136 , certification module 138 , block chain module 140 .
- Initialization module 132 may be a hardware processing device that is configured to provide runtime services for the operating system and programs associated with physical computing device 130 .
- Initialization module 132 may be configured to scan extensions of physical computing device's memory to determine if physical computing device 130 is powered on, has connectivity to network 105 , what operating system is running, or any other initiation step. Additionally, initialization module 132 may be configured to determine what remote services physical computing device 130 requires, wherein the remote services may be associated with remote service provider 110 . For example, initialization module 132 may have data stored that requires cloud computing resources from remote service provider 110 , connectivity support, hosting website, etc.
- Key pair generator 134 may be a self-contained and isolated hardware processing device configured to determine a key pair including a public key and a private key responsive to initialization module 132 initializing physical computing device 130 .
- key pair generator 136 may utilize elliptic-curve cryptography (ECC) or any other method to generate a key pair, which may be implemented in a just-in-time registration.
- Key pair generator 134 may be configured to generate a single key pair responsive to initializing physical computing device 130 the first time.
- Token module 136 may be a hardware memory device configured to store data associated with the generated key pair, such as the public and private key.
- token module 136 may include a digital wallet that is configured to store cryptocurrencies that are tied to the generated key pair, which can be utilized to pay for remote computing resources.
- Certification module 138 may be a hardware processing and communication device that is configured to certify physical computing device 130 to other computing elements.
- certification module 138 may be configured to transmit the public key associated with physical computing device 130 to trusted third party 120 . Responsive to transmitting the public key, physical computing device 130 may receive a digital certificate from trusted third party 120 , wherein the digital certificate is encrypted based on the public key. Utilizing the private key stored within token module 136 , certification module 138 may decrypt the certificate as well as other data transmitted from trusted third party 120 .
- Blockchain module 140 may be a hardware processing and memory device configured to generate a blockchain ledger from remote computing resources from remote service providers 110 for physical computing device 130 .
- Blockchain module 140 may be configured to record and automatically update transactions between physical computing device 130 and remote service providers 110 that are communicated through trusted third party 120 .
- blockchain module 140 may receive a transaction request that may be posted on the ledger based on the public key, which can be authenticated using the private key stored in token module 136 .
- physical computing device 130 may transmit payment for the transaction requests that can be paid and recorded on the ledger based on the private key stored within token module 136 . This may enable remote service providers 110 to access the ledger to determine if payments for the remote computing services are paid for auditing purposes.
- physical computing device 130 may transmit payment for a transaction associated with the metering data, including the quantity and time stamp data, to remote service providers 110 . This may enable remote service providers to access the ledger to determine the quantities utilized by physical computing device 130 and when.
- the private key at the physical computing device 130 may be utilized to create a dataset associated with the metering of data at the physical computing device 130 . This may be part of requesting the services associated with the remote service provider 110 . Utilizing the cryptology, and without having the private key, the remote service provider 110 may verify that the physical computing device 130 signed the request for services.
- a physical computing device 130 may be configured to transmit the private key to an oracle, which may be another remote computing device that is independent and secure.
- the remote service provider 110 may transmit a data set associated with the request for services to the remote service provider 110 from the physical computing device 130 .
- the oracle may be able to independently verify that the specific private key was utilized to transmit the request for services from the physical computing device 130 .
- third parties may utilize the oracle to determine if the physical computing device 130 transmitted a request for services from the remote service provider 110 .
- physical computing device 130 may be physically located at a water well, with a water meter. Responsive to initialization, the physical computing device 130 may generate a key pair, a public and private key. The physical computing device 130 may transit the public key to a trusted third party 120 , as part of a certificate exchange for a root of trust procedure. The trusted third party 120 may generate a digital certificate for physical computing device 130 , being the water well meter, wherein the digital certificate indicates that the private key is stored remotely from trusted third party 120 .
- the physical computing device 130 may transmit verified service data, including a quantity of services rendered or produced (such as water used, bandwidth consumed, power consumed, etc.) and timestamp data to a remote service provider 110 and trusted third party 120 , wherein this verified service data is added to a block chain ledger.
- the remote service provider 110 may utilize the public key to update the block chain ledger to post transactions associated with the physical computing device, such as payments of goods and services rendered.
- FIG. 2 illustrates a method 200 for a hardware verified feedback loop for content presented on a display device.
- the operations of method 200 presented below are intended to be illustrative. In some embodiments, method 200 may be accomplished with one or more additional operations not described, and/or without one or more of the operations discussed. Additionally, the order in which the operations of method 200 are illustrated in FIG. 2 and described below is not intended to be limiting.
- method 200 may be implemented in one or more processing devices (e.g., a digital processor, an analog processor, a digital circuit designed to process information, an analog circuit designed to process information, a solid-state machine, and/or other mechanisms for electronically processing information).
- the one or more processing devices may include one or more devices executing some or all of the operations of method 200 in response to instructions stored electronically on an electronic storage medium.
- the one or more processing devices may include one or more devices configured through hardware, firmware, and/or software to be specifically designed for execution of one or more of the operations of method 200 .
- a physical computing device may be initialized and generate a private-public key pair.
- the physical computing device may transmit the public key to a trusted third party. This may be part of a certificate exchange for a root of trust procedure.
- the trusted third party may generate a digital certificate for the physical computing device based on the received public key.
- the digital certificate may indicate that the private key is stored remotely from the trusted third party.
- the trusted third party may decrypt the digital certificate based on the public key.
- the digital certificate may be received by the physical computing device, and can be decrypted based on the locally stored private key.
- the physical computing device may request remote computing services from remote service providers, such as web hosting, cloud computing resources, communication resources, etc.
- remote service providers such as web hosting, cloud computing resources, communication resources, etc.
- the physical computing device may transmit the digital certificate to the remote service providers.
- the remote service providers may transmit the digital certificate associated with request for services and the physical computing device to the trusted third party. Responsive to certifying the digital certificate at the trusted third party based on the received digital certificate from the remote service provider, the trusted third party may send an authentication message to the remote service provider indicating that the physical computing device is authenticated.
- the physical computing device may create a blockchain ledger.
- the blockchain ledger may enable remote service providers to post transactions associated with the physical computing device utilizing the public key.
- the blockchain ledger may also enable a customer associated with physical computing device to pay for the transactions based on the private key, and both parties may audit the ledger.
- Embodiments in accordance with the present invention may be embodied as an apparatus, method, or computer program product. Accordingly, the present embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.), or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “module” or “system.” Furthermore, the present invention may take the form of a computer program product embodied in any tangible medium of expression having computer-usable program code embodied in the medium.
- a computer-readable medium may include one or more of a portable computer diskette, a hard disk, a random access memory (RAM) device, a read-only memory (ROM) device, an erasable programmable read-only memory (EPROM or Flash memory) device, a portable compact disc read-only memory (CDROM), an optical storage device, and a magnetic storage device.
- Computer program code for carrying out operations of the present invention may be written in any combination of one or more programming languages.
- each block in the flowcharts or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
- each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations may be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
- These computer program instructions may also be stored in a computer-readable medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable medium produce an article of manufacture including instruction means which implement the function/act specified in the flowcharts and/or block diagrams.
Abstract
Description
- Examples of the present disclosure are related to systems and methods for secure hardware authentication. More particularly, embodiments may utilize blockchain-hyper ledgers using a key pair as a permanent identification element for a physical device or meter.
- Blockchain is a list of records, called blocks, which are linked to cryptology. Each block includes a cryptographic hash of the previous block, a timestamp, and transaction data. Blockchain is resistant to modification of the data and transactions between multiple parties. Once recorded, data in any given block cannot be altered retroactively without the alteration of all subsequent blocks.
- Utilizing a blockchain, a decentralized, distributed, and public digital ledger can be created to record transactions across many computers. This allows the participants to verify and audit transactions inexpensively.
- Conventionally, blockchain technology is utilized for digital wallets based on public and private keys. A digital wallet may have multiple public and private key pairs and are used to spend cryptocurrency. However, digital wallets are decentralized and are not tied to specific hardware. Situations arise where it is desirable to verify and audit transactions associated with a specific hardware element utilizing blockchain.
- Accordingly, needs exist for more effective and efficient systems and methods for a hardware device that is configured to generate a key pair upon initialization to create a blockchain, wherein the blockchain is utilized to produce an audit trail for the hardware device.
- Embodiments are configured to mint, establish, and permanently allocate an address for a physical computing device based on unique key generation, wherein the key generation is configured to create a private-public key pair. Embodiments may be configured to tie financial transactions associated with physical equipment with a physical computing device, wherein the physical equipment may be a metering device that is configured to provide a service. The data obtained associated with the metering of the physical equipment with the physical computing device may be utilized to determine what services are being created and when. This may allow remote service providers, such as financial institutions, energy companies, or other remote service providers, to remotely track the performance of a physical computing device tied to physical equipment. Utilizing a block chain with the key chain, an immutable record may be created, which may create a proof of origin to automatically track and securely meter this remote performance of the remote physical equipment.
- In implementations, the key pair may be generated upon initialization of the physical computing device, such that the physical computing device is minted with the key pair. The key pair may be utilized as a token for supply-chain billings, payments, auditing, etc. associated with the physical computing device. In specific embodiments, the physical computing device may be a meter that measures and records quantities at specific intervals, such as a power meter, water meter, etc.
- Utilizing the key pair, a digital certificate may be issued for the physical computing device, wherein the digital certificate may enable the physical computing device may be registered with a cloud computing service provider. In embodiments, to receive the digital certificate, the physical computing device may transmit a certificate request with the generated public key to a trusted third party (TTP), such as Digicert. The trusted third party may be configured to facilitate interactions between two parties, such as the physical computing device and the cloud computing service provider. The trusted third party may respond to the certificate request with a data associated with the digital certificate that is encoded based on the public key. The data to create the digital certificate may only be decrypted utilizing the private key stored only on the physical computing device without the private key being communicated from the physical computing device.
- The physical computing device may transmit the digital certificate to a remote service provider along with a request for computing services. The computing service provider may transmit the digital certificate to the trusted third party to authenticate the digital certificate. Responsive to authenticating the digital certificate, the physical computing device may be registered with the cloud computing service provider. Transactions between the cloud computing service provider and the physical computing device may be automatically updated into a ledger using blockchain technology. For examples, transactions may be associating updating a meter to record the amount of power, water, etc. consumed over a time period, wherein the ledger is updated at continuous intervals with time stamp data and quantity data through the block chain utilizing the block chain.
- These, and other, aspects of the invention will be better appreciated and understood when considered in conjunction with the following description and the accompanying drawings. The following description, while indicating various embodiments of the invention and numerous specific details thereof, is given by way of illustration and not of limitation. Many substitutions, modifications, additions or rearrangements may be made within the scope of the invention, and the invention includes all such substitutions, modifications, additions or rearrangements.
- Non-limiting and non-exhaustive embodiments of the present invention are described with reference to the following figures, wherein like reference numerals refer to like parts throughout the various views unless otherwise specified.
-
FIG. 1 depicts a topology for asymmetrical cryptology between a physical computer device, remote service provider, and trusted third party over a network, according to an embodiment. -
FIG. 2 illustrates a method for a hardware verified feedback loop for content presented on a display device. - Corresponding reference characters indicate corresponding components throughout the several views of the drawings. Skilled artisans will appreciate that elements in the figures are illustrated for simplicity and clarity and have not necessarily been drawn to scale. For example, the dimensions of some of the elements in the figures may be exaggerated relative to other elements to help improve understanding of various embodiments of the present disclosure. Also, common but well-understood elements that are useful or necessary in a commercially feasible embodiment are often not depicted in order to facilitate a less obstructed view of these various embodiments of the present disclosure.
- In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present embodiments. It will be apparent, however, to one having ordinary skill in the art that the specific detail need not be employed to practice the present embodiments. In other instances, well-known materials or methods have not been described in detail in order to avoid obscuring the present embodiments.
-
FIG. 1 depicts a topology for asymmetrical cryptology between aphysical computer device 130,remote service provider 110, and a trustedthird party 120 over anetwork 105. - Network 105 may be a wide area network (WAN) that extends over a large geographical distance, a wireless local area network (WLAN) that is configured to link two or more devices within a limited area, such as a home, school, commercial building, office building, etc., or any other type of wireless or wired network. For example,
network 105 may be a wireless communications network, digital radio, or cellular network operating over CDMA, GSM, etc. Thenetwork 105 may be operated by telecommunications providers. Alternatively,network 105 may be a Wi-Fi network. Network 105 may enable the communication of data betweenremote service provider 110, trustedthird party 120, andphysical computing device 130. -
Remote service provider 110 may be a computing device, such as a general hardware platform server configured to support mobile applications, software, content, and the like executed onphysical computing device 130.Remote service provider 110 may include physical computing devices residing at a particular location or may be deployed in a cloud computing network environment. In this description, “cloud computing” may be defined as a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned via virtualization and released with minimal management effort or service provider interaction, and then scaled accordingly. A cloud model can be composed of various characteristics (e.g., on-demand self-service, broad network access, resource pooling, rapid elasticity, measured service, etc.), service models (e.g., Software as a Service (“SaaS”), Platform as a Service (“PaaS”), Infrastructure as a Service (“IaaS”), and deployment models (e.g., private cloud, community cloud, public cloud, hybrid cloud, etc.).Remote service provider 110 may include any combination of one or more computer-usable or computer-readable content. - In implementations,
remote service provider 110 may supply cloud computing service, such as through amazon web services, tophysical computing device 130. In other embodiments,remote service provider 110 may be: a cellular network provider that allows communication of data to and fromphysical computing device 130, internet service, video service provider, banking provider, general service providers, such as an energy service provider, water service provider, etc. - Trusted
third party 120 may be a hardware processing device that facilities interactions between two other devices, such asphysical computing device 130 andremote service provider 110. In implementations, trustedthird party 120 may be configured review critical transaction communications betweenremote service provider 110 andphysical computing device 130. Trustedthird party 120 may be a certificate authority that is configured to issue digital certificates that certify the ownership of a public key. For example, trustedthird party 120 may be configured to generate a digital certificate tophysical computing device 130 responsive to receiving a public key fromphysical computing device 130, wherein the trustedthird party 120 is configured to determine that the digital certificate is associated with aphysical computing device 130 that has the corresponding private key stored within memory of thephysical computing device 130. Upon generating the digital certificate for thephysical computing device 130, trustedthird party 120 may communicate the digital certificate to thephysical computing device 130, wherein the digital certificate may be encrypted based on the public key. Furthermore, trustedthird party 120 may be configured to receive the digital certificate associated with thephysical computing device 130 fromremote service provider 110. This may independently verify a secure communication chain betweenremote service provider 110 andphysical computing device 130. -
Physical computing device 130 may be a computer, tablet, control system, robot, appliance, thin client, mobile telephone, or any other device with a hardware processing device that is configured to automatically implement sequences automatically.Physical computing device 130 may be configured to request and utilize computing resources fromremote service provider 110 to implement a wide range or tasks. In implementations,physical computing device 130 may be directed tied to a meter that is configured to continuously and routinely acquire quantity data and time stamp data. -
Physical computing device 130 may include aninitialization module 132,key pair generator 134,token module 136,certification module 138,block chain module 140. -
Initialization module 132 may be a hardware processing device that is configured to provide runtime services for the operating system and programs associated withphysical computing device 130.Initialization module 132 may be configured to scan extensions of physical computing device's memory to determine ifphysical computing device 130 is powered on, has connectivity to network 105, what operating system is running, or any other initiation step. Additionally,initialization module 132 may be configured to determine what remote servicesphysical computing device 130 requires, wherein the remote services may be associated withremote service provider 110. For example,initialization module 132 may have data stored that requires cloud computing resources fromremote service provider 110, connectivity support, hosting website, etc. -
Key pair generator 134 may be a self-contained and isolated hardware processing device configured to determine a key pair including a public key and a private key responsive toinitialization module 132 initializingphysical computing device 130. In implementations,key pair generator 136 may utilize elliptic-curve cryptography (ECC) or any other method to generate a key pair, which may be implemented in a just-in-time registration.Key pair generator 134 may be configured to generate a single key pair responsive to initializingphysical computing device 130 the first time. -
Token module 136 may be a hardware memory device configured to store data associated with the generated key pair, such as the public and private key. In further implementations,token module 136 may include a digital wallet that is configured to store cryptocurrencies that are tied to the generated key pair, which can be utilized to pay for remote computing resources. -
Certification module 138 may be a hardware processing and communication device that is configured to certifyphysical computing device 130 to other computing elements. In implementations,certification module 138 may be configured to transmit the public key associated withphysical computing device 130 to trustedthird party 120. Responsive to transmitting the public key,physical computing device 130 may receive a digital certificate from trustedthird party 120, wherein the digital certificate is encrypted based on the public key. Utilizing the private key stored withintoken module 136,certification module 138 may decrypt the certificate as well as other data transmitted from trustedthird party 120. -
Blockchain module 140 may be a hardware processing and memory device configured to generate a blockchain ledger from remote computing resources fromremote service providers 110 forphysical computing device 130.Blockchain module 140 may be configured to record and automatically update transactions betweenphysical computing device 130 andremote service providers 110 that are communicated through trustedthird party 120. In implementations,blockchain module 140 may receive a transaction request that may be posted on the ledger based on the public key, which can be authenticated using the private key stored intoken module 136. Additionally,physical computing device 130 may transmit payment for the transaction requests that can be paid and recorded on the ledger based on the private key stored withintoken module 136. This may enableremote service providers 110 to access the ledger to determine if payments for the remote computing services are paid for auditing purposes. - In further implementations,
physical computing device 130 may transmit payment for a transaction associated with the metering data, including the quantity and time stamp data, toremote service providers 110. This may enable remote service providers to access the ledger to determine the quantities utilized byphysical computing device 130 and when. In embodiments, the private key at thephysical computing device 130 may be utilized to create a dataset associated with the metering of data at thephysical computing device 130. This may be part of requesting the services associated with theremote service provider 110. Utilizing the cryptology, and without having the private key, theremote service provider 110 may verify that thephysical computing device 130 signed the request for services. - Furthermore, a
physical computing device 130 may be configured to transmit the private key to an oracle, which may be another remote computing device that is independent and secure. Utilizing the oracle, theremote service provider 110 may transmit a data set associated with the request for services to theremote service provider 110 from thephysical computing device 130. The oracle may be able to independently verify that the specific private key was utilized to transmit the request for services from thephysical computing device 130. As, third parties may utilize the oracle to determine if thephysical computing device 130 transmitted a request for services from theremote service provider 110. - For example, in embodiments,
physical computing device 130 may be physically located at a water well, with a water meter. Responsive to initialization, thephysical computing device 130 may generate a key pair, a public and private key. Thephysical computing device 130 may transit the public key to a trustedthird party 120, as part of a certificate exchange for a root of trust procedure. The trustedthird party 120 may generate a digital certificate forphysical computing device 130, being the water well meter, wherein the digital certificate indicates that the private key is stored remotely from trustedthird party 120. Utilizing the digital certificate, thephysical computing device 130 may transmit verified service data, including a quantity of services rendered or produced (such as water used, bandwidth consumed, power consumed, etc.) and timestamp data to aremote service provider 110 and trustedthird party 120, wherein this verified service data is added to a block chain ledger. Further, theremote service provider 110 may utilize the public key to update the block chain ledger to post transactions associated with the physical computing device, such as payments of goods and services rendered. -
FIG. 2 illustrates amethod 200 for a hardware verified feedback loop for content presented on a display device. The operations ofmethod 200 presented below are intended to be illustrative. In some embodiments,method 200 may be accomplished with one or more additional operations not described, and/or without one or more of the operations discussed. Additionally, the order in which the operations ofmethod 200 are illustrated inFIG. 2 and described below is not intended to be limiting. - In some embodiments,
method 200 may be implemented in one or more processing devices (e.g., a digital processor, an analog processor, a digital circuit designed to process information, an analog circuit designed to process information, a solid-state machine, and/or other mechanisms for electronically processing information). The one or more processing devices may include one or more devices executing some or all of the operations ofmethod 200 in response to instructions stored electronically on an electronic storage medium. The one or more processing devices may include one or more devices configured through hardware, firmware, and/or software to be specifically designed for execution of one or more of the operations ofmethod 200. - At
operation 210, a physical computing device may be initialized and generate a private-public key pair. - At
operation 220, the physical computing device may transmit the public key to a trusted third party. This may be part of a certificate exchange for a root of trust procedure. - At
operation 230, the trusted third party may generate a digital certificate for the physical computing device based on the received public key. The digital certificate may indicate that the private key is stored remotely from the trusted third party. The trusted third party may decrypt the digital certificate based on the public key. - At
operation 240, the digital certificate may be received by the physical computing device, and can be decrypted based on the locally stored private key. - At
operation 250, the physical computing device may request remote computing services from remote service providers, such as web hosting, cloud computing resources, communication resources, etc. When requesting the remote computing services, the physical computing device may transmit the digital certificate to the remote service providers. - At
operation 260, the remote service providers may transmit the digital certificate associated with request for services and the physical computing device to the trusted third party. Responsive to certifying the digital certificate at the trusted third party based on the received digital certificate from the remote service provider, the trusted third party may send an authentication message to the remote service provider indicating that the physical computing device is authenticated. - At
operation 270, responsive to authenticating the physical computing device, the physical computing device may create a blockchain ledger. The blockchain ledger may enable remote service providers to post transactions associated with the physical computing device utilizing the public key. The blockchain ledger may also enable a customer associated with physical computing device to pay for the transactions based on the private key, and both parties may audit the ledger. - Although the present technology has been described in detail for the purpose of illustration based on what is currently considered to be the most practical and preferred implementations, it is to be understood that such detail is solely for that purpose and that the technology is not limited to the disclosed implementations, but, on the contrary, is intended to cover modifications and equivalent arrangements that are within the spirit and scope of the appended claims. For example, it is to be understood that the present technology contemplates that, to the extent possible, one or more features of any implementation can be combined with one or more features of any other implementation.
- Reference throughout this specification to “one embodiment”, “an embodiment”, “one example” or “an example” means that a particular feature, structure or characteristic described in connection with the embodiment or example is included in at least one embodiment of the present invention. Thus, appearances of the phrases “in one embodiment”, “in an embodiment”, “one example” or “an example” in various places throughout this specification are not necessarily all referring to the same embodiment or example. Furthermore, the particular features, structures or characteristics may be combined in any suitable combinations and/or sub-combinations in one or more embodiments or examples. In addition, it is appreciated that the figures provided herewith are for explanation purposes to persons ordinarily skilled in the art and that the drawings are not necessarily drawn to scale.
- Embodiments in accordance with the present invention may be embodied as an apparatus, method, or computer program product. Accordingly, the present embodiments may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, micro-code, etc.), or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “module” or “system.” Furthermore, the present invention may take the form of a computer program product embodied in any tangible medium of expression having computer-usable program code embodied in the medium.
- Any combination of one or more computer-usable or computer-readable content may be utilized. For example, a computer-readable medium may include one or more of a portable computer diskette, a hard disk, a random access memory (RAM) device, a read-only memory (ROM) device, an erasable programmable read-only memory (EPROM or Flash memory) device, a portable compact disc read-only memory (CDROM), an optical storage device, and a magnetic storage device. Computer program code for carrying out operations of the present invention may be written in any combination of one or more programming languages.
- The flowcharts and block diagrams in the flow diagrams illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in the flowcharts or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It will also be noted that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, may be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions. These computer program instructions may also be stored in a computer-readable medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable medium produce an article of manufacture including instruction means which implement the function/act specified in the flowcharts and/or block diagrams.
Claims (20)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US17/864,597 US20220353074A1 (en) | 2018-09-26 | 2022-07-14 | Systems and methods for minting a physical device based on hardware unique key generation |
US18/220,002 US20230362002A1 (en) | 2018-09-26 | 2023-07-10 | Systems and methods for block data security for digital communications from a physical device |
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201862736784P | 2018-09-26 | 2018-09-26 | |
US201862740670P | 2018-10-03 | 2018-10-03 | |
PCT/US2019/053141 WO2020069119A1 (en) | 2018-09-26 | 2019-09-26 | Systems and methods for minting a physical device based on hardware unique key generation |
US16/865,671 US11424925B2 (en) | 2018-09-26 | 2020-05-04 | Systems and methods for minting a physical device based on hardware unique key generation |
US17/864,597 US20220353074A1 (en) | 2018-09-26 | 2022-07-14 | Systems and methods for minting a physical device based on hardware unique key generation |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/865,671 Continuation US11424925B2 (en) | 2018-09-26 | 2020-05-04 | Systems and methods for minting a physical device based on hardware unique key generation |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/220,002 Continuation US20230362002A1 (en) | 2018-09-26 | 2023-07-10 | Systems and methods for block data security for digital communications from a physical device |
Publications (1)
Publication Number | Publication Date |
---|---|
US20220353074A1 true US20220353074A1 (en) | 2022-11-03 |
Family
ID=69950780
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/865,671 Active 2040-07-08 US11424925B2 (en) | 2018-09-26 | 2020-05-04 | Systems and methods for minting a physical device based on hardware unique key generation |
US17/864,597 Pending US20220353074A1 (en) | 2018-09-26 | 2022-07-14 | Systems and methods for minting a physical device based on hardware unique key generation |
US18/220,002 Pending US20230362002A1 (en) | 2018-09-26 | 2023-07-10 | Systems and methods for block data security for digital communications from a physical device |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/865,671 Active 2040-07-08 US11424925B2 (en) | 2018-09-26 | 2020-05-04 | Systems and methods for minting a physical device based on hardware unique key generation |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US18/220,002 Pending US20230362002A1 (en) | 2018-09-26 | 2023-07-10 | Systems and methods for block data security for digital communications from a physical device |
Country Status (3)
Country | Link |
---|---|
US (3) | US11424925B2 (en) |
EP (1) | EP3857423A4 (en) |
WO (1) | WO2020069119A1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3891954B1 (en) * | 2019-05-10 | 2022-11-30 | Nec Corporation | Method and system for device identification and monitoring |
DE102019005546B4 (en) * | 2019-08-07 | 2021-05-27 | Daimler Ag | Method for setting up a machine data communication network for the first time, method for replacing a hardware component |
US11727127B2 (en) * | 2020-10-16 | 2023-08-15 | Micron Technology, Inc. | Secure storage device verification with multiple computing devices |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6889324B1 (en) * | 1998-11-17 | 2005-05-03 | Ricoh Company, Ltd. | Digital measurement apparatus and image measurement apparatus |
US20090313473A1 (en) * | 1996-04-08 | 2009-12-17 | Walker Jay S | Method and apparatus for secure measurement certification |
US20120137126A1 (en) * | 2010-11-29 | 2012-05-31 | Renesas Electronics Corporation | Smart meter and meter reading system |
US20200012634A1 (en) * | 2016-05-31 | 2020-01-09 | Christopher Eberhardt | Systems and methods for monitoring equipment |
US11157901B2 (en) * | 2016-07-18 | 2021-10-26 | Dream Payments Corp. | Systems and methods for initialization and activation of secure elements |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20170048234A1 (en) * | 2015-07-14 | 2017-02-16 | Fmr Llc | Social Aggregating, Fractionally Efficient Transfer Guidance, Conditional Triggered Transaction, Datastructures, Apparatuses, Methods and Systems |
BR112018016826A2 (en) * | 2016-02-23 | 2018-12-26 | Nchain Holdings Ltd | method and control system implemented by blockchain |
AU2017330563B2 (en) * | 2016-09-20 | 2021-07-15 | Nant Holdings Ip, Llc | Sample tracking via sample tracking chains, systems and methods |
KR101841566B1 (en) * | 2016-10-11 | 2018-05-04 | 주식회사 코인플러그 | Method for issuing, using, refunding, settling and revocating electric voucher using updated status of balance database by respective blocks in blockchain, and server using the same |
GB2571481A (en) * | 2016-12-14 | 2019-08-28 | Walmart Apollo Llc | Managing a demand on an electrical grid using a publicly distributed transactions ledger |
US10382485B2 (en) * | 2016-12-23 | 2019-08-13 | Vmware, Inc. | Blockchain-assisted public key infrastructure for internet of things applications |
KR101919586B1 (en) * | 2017-05-10 | 2018-11-16 | 주식회사 코인플러그 | METHOD FOR PAYING COST OF IoT DEVICE BASED ON BLOCKCHAIN, AND SERVER, SERVICE PROVIDING TERMINAL, AND DIGITAL WALLET USING THE SAME |
EP3460942A1 (en) * | 2017-09-20 | 2019-03-27 | Hepu Technology Development (Beijing) Co. Ltd. | A smart power meter |
CN108092778B (en) * | 2017-12-28 | 2021-02-02 | 中国人民银行数字货币研究所 | Method and system for inquiring related account based on digital currency wallet |
US20190295069A1 (en) * | 2018-03-20 | 2019-09-26 | Cable Television Laboratories, Inc | Systems and methods for integrating cryptocurrency wallet identifiers with digital certificates |
US20190311443A1 (en) * | 2018-04-05 | 2019-10-10 | Russell Blades | Methods, systems, apparatuses and devices for facilitating provisioning of audit data related to energy consumption, water consumption, water quality, greenhouse gas emissions, and air emissions using blockchain |
CN108447183A (en) * | 2018-04-17 | 2018-08-24 | 赫普科技发展(北京)有限公司 | A kind of intelligent electric meter system of the light wallet of band |
US20190333057A1 (en) * | 2018-04-27 | 2019-10-31 | Jeremie Miller | Systems and methods implementing an independent device-based sub-network of a distributed ledger network |
CN108470401A (en) * | 2018-06-14 | 2018-08-31 | 赫普科技发展(北京)有限公司 | A kind of intelligent gas meter system of the light wallet of band |
US11676122B2 (en) * | 2018-06-29 | 2023-06-13 | Itron, Inc. | Operating smart sensors using distributed ledgers |
KR102559101B1 (en) * | 2020-02-24 | 2023-07-25 | 한국전자통신연구원 | Power metering apparatus, power metering server and, power metering method base on block chain |
-
2019
- 2019-09-26 WO PCT/US2019/053141 patent/WO2020069119A1/en unknown
- 2019-09-26 EP EP19864076.5A patent/EP3857423A4/en active Pending
-
2020
- 2020-05-04 US US16/865,671 patent/US11424925B2/en active Active
-
2022
- 2022-07-14 US US17/864,597 patent/US20220353074A1/en active Pending
-
2023
- 2023-07-10 US US18/220,002 patent/US20230362002A1/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20090313473A1 (en) * | 1996-04-08 | 2009-12-17 | Walker Jay S | Method and apparatus for secure measurement certification |
US6889324B1 (en) * | 1998-11-17 | 2005-05-03 | Ricoh Company, Ltd. | Digital measurement apparatus and image measurement apparatus |
US20120137126A1 (en) * | 2010-11-29 | 2012-05-31 | Renesas Electronics Corporation | Smart meter and meter reading system |
US20200012634A1 (en) * | 2016-05-31 | 2020-01-09 | Christopher Eberhardt | Systems and methods for monitoring equipment |
US11157901B2 (en) * | 2016-07-18 | 2021-10-26 | Dream Payments Corp. | Systems and methods for initialization and activation of secure elements |
Also Published As
Publication number | Publication date |
---|---|
US11424925B2 (en) | 2022-08-23 |
WO2020069119A1 (en) | 2020-04-02 |
EP3857423A1 (en) | 2021-08-04 |
US20200266987A1 (en) | 2020-08-20 |
US20230362002A1 (en) | 2023-11-09 |
EP3857423A4 (en) | 2022-06-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2022042301A1 (en) | Data processing method and apparatus, smart device and storage medium | |
US11184394B1 (en) | Methods, systems, and devices for encrypted electronic storage and confidential network transfer of private data through a trustless distributed ledger technology system | |
CN108600272B (en) | Block chain data processing method, device, processing equipment and system | |
US11743052B2 (en) | Platform for generating authenticated data objects | |
US20220353074A1 (en) | Systems and methods for minting a physical device based on hardware unique key generation | |
US11196573B2 (en) | Secure de-centralized domain name system | |
US20220318907A1 (en) | Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications | |
Liu et al. | Authorized public auditing of dynamic big data storage on cloud with efficient verifiable fine-grained updates | |
JP2020516104A (en) | Off-chain smart contract service based on trusted execution environment | |
TW202020711A (en) | System and method for information protection | |
US20190295069A1 (en) | Systems and methods for integrating cryptocurrency wallet identifiers with digital certificates | |
CN109617699A (en) | A kind of key generation method, block chain network service platform and storage medium | |
CN109889497A (en) | A kind of data integrity verification method for going to trust | |
JP2022534023A (en) | Computer-implemented system and method | |
US20210217004A1 (en) | Data processing method, apparatus, device, and medium in blockchain fund settlement system | |
CN111049806B (en) | Joint authority control method and device, electronic equipment and storage medium | |
CN113743939A (en) | Identity authentication method, device and system based on block chain | |
CN111814083B (en) | Display result generation method, system, device, readable storage medium and equipment | |
CN114866323B (en) | User-controllable privacy data authorization sharing system and method | |
CN110910110A (en) | Data processing method and device and computer storage medium | |
Homoliak et al. | An air-gapped 2-factor authentication for smart-contract wallets | |
CN111010283B (en) | Method and apparatus for generating information | |
Owoh et al. | Applying Diffie-Hellman algorithm to solve the key agreement problem in mobile blockchain-based sensing applications | |
CN115375312B (en) | Digital wallet data recording method and data verification method for electronic payment | |
Vamshi et al. | Public data auditing scheme using rsa and blockchain for cloud storage |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: VITRO TECHNOLOGY CORPORATION, TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:GOODMAN, DAVID;REEL/FRAME:060503/0953 Effective date: 20200509 |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: FINAL REJECTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: ADVISORY ACTION MAILED |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION |
|
STPP | Information on status: patent application and granting procedure in general |
Free format text: NON FINAL ACTION MAILED |