Device using secure storage and retrieval of data

US 10,037,436 B2
Filed: 12/11/2015
Issued: 07/31/2018
Est. Priority Date: 12/11/2015
Status: Active Grant

First Claim

Patent Images

1. An appliance comprising:

a processor;

a memory coupled to the processor;

one or more state monitoring sensors coupled to the processor; and

a computer-readable medium coupled to the processor, including code that is executable by the processor, for implementing a method comprising;

receiving, by the appliance and from a first owner device, a first encryption key and a second encryption key associated with a first owner of the appliance;

storing the first encryption key and the second encryption key in the appliance;

encrypting, by the appliance, first owner private data stored in the appliance using the first encryption key, wherein the first owner private data is not accessible to a second owner of the appliance;

encrypting, by the appliance, owners private data stored in the appliance using the second encryption key to form encrypted owners private data, wherein the owners private data is accessible by the second owner of the appliance;

receiving, by the appliance, from the first owner device associated with the first owner, ownership transfer data including the second encryption key, wherein the second encryption key is encrypted by the first owner device;

generating, by the appliance, an ownership transfer entry comprising the ownership transfer data;

receiving, by the appliance from a second owner device associated with the second owner, a decryption request for the ownership transfer data;

decrypting, by the appliance, the ownership transfer data;

retrieving, by the appliance, the second encryption key from the ownership transfer data; and

sending, by the appliance, the second encryption key to the second owner device, wherein the second owner device utilizes the second encryption key to access the owners private data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An appliance is capable of storing and processing data related to details surrounding its ownership, behavior, and history within itself in a secure and unalterable way. The appliance may experience multiple transfers in ownership during its lifetime. Certain data stored in the appliance may be encrypted such that only qualifying parties (e.g., owners) may be able to access the data. Some data may remain private to an individual owner while other data may be made available to subsequent owners by passing a shared secret that can be utilized to decrypt the other data. Data may be stored in the appliance in chronological order and may be signed by appropriate parties such that it is not possible to alter the data without detection.

Citations

14 Claims

1. An appliance comprising:
- a processor;
  
  a memory coupled to the processor;
  
  one or more state monitoring sensors coupled to the processor; and
  
  a computer-readable medium coupled to the processor, including code that is executable by the processor, for implementing a method comprising;
  
  receiving, by the appliance and from a first owner device, a first encryption key and a second encryption key associated with a first owner of the appliance;
  
  storing the first encryption key and the second encryption key in the appliance;
  
  encrypting, by the appliance, first owner private data stored in the appliance using the first encryption key, wherein the first owner private data is not accessible to a second owner of the appliance;
  
  encrypting, by the appliance, owners private data stored in the appliance using the second encryption key to form encrypted owners private data, wherein the owners private data is accessible by the second owner of the appliance;
  
  receiving, by the appliance, from the first owner device associated with the first owner, ownership transfer data including the second encryption key, wherein the second encryption key is encrypted by the first owner device;
  
  generating, by the appliance, an ownership transfer entry comprising the ownership transfer data;
  
  receiving, by the appliance from a second owner device associated with the second owner, a decryption request for the ownership transfer data;
  
  decrypting, by the appliance, the ownership transfer data;
  
  retrieving, by the appliance, the second encryption key from the ownership transfer data; and
  
  sending, by the appliance, the second encryption key to the second owner device, wherein the second owner device utilizes the second encryption key to access the owners private data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The appliance of claim 1, wherein the first encryption key and the second encryption key are symmetric encryption keys.
  - 3. The appliance of claim 1, wherein the method further comprises:
    - receiving, by the appliance from the second owner device, a subsequent decryption request including the second encryption key for the owners private data;
      
      decrypting, by the appliance, the encrypted owners private data;
      
      retrieving, by the appliance, the owners private data; and
      
      sending, by the appliance, the owners private data to the second owner device.
  - 4. The appliance of claim 1, wherein the method further comprises, prior to encrypting the first owner private data:
    - monitoring, by the one or more state monitoring sensors of the appliance, first data related to the appliance;
      
      generating, by the appliance, the first owner private data based on the first data; and
      
      storing, by the appliance, the first owner private data.
  - 5. The appliance of claim 1, wherein the method further comprises, prior to encrypting the owners private data:
    - monitoring, by the one or more state monitoring sensors of the appliance, second data related to the appliance;
      
      generating, by the appliance, the owners private data based on the second data; and
      
      storing, by the appliance, the owners private data.
  - 6. The appliance of claim 1, wherein the first owner private data is accessible to only the first owner of the appliance.
  - 7. The appliance of claim 1, wherein the owners private data is accessible to the first owner and the second owner of the appliance.

8. A method comprising:
- receiving, by an appliance and from a first owner device, a first encryption key and a second encryption key associated with a first owner of the appliance;
  
  storing the first encryption key and the second encryption key in the appliance;
  
  encrypting, by the appliance, first owner private data stored in the appliance using the first encryption key, wherein the first owner private data is not accessible to a second owner of the appliance; and
  
  encrypting, by the appliance, owners private data stored in the appliance using the second encryption key to form encrypted owners private data, wherein the owners private data is accessible by the second owner of the appliance;
  
  receiving, by the appliance, from the first owner device associated with the first owner, ownership transfer data including the second encryption key, wherein the second encryption key is encrypted by the first owner device;
  
  generating, by the appliance, an ownership transfer entry comprising the ownership transfer data;
  
  receiving, by the appliance from a second owner device associated with the second owner, a decryption request for the ownership transfer data;
  
  decrypting, by the appliance, the ownership transfer data;
  
  retrieving, by the appliance, the second encryption key from the ownership transfer data; and
  
  sending, by the appliance, the second encryption key to the second owner device, wherein the second owner device utilizes the second encryption key to access the owners private data.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein the first encryption key and the second encryption key are symmetric encryption keys.
  - 10. The method of claim 8, further comprising:
    - receiving, by the appliance from the second owner device, a subsequent decryption request including the second encryption key for the owners private data;
      
      decrypting, by the appliance, the owners private data;
      
      retrieving, by the appliance, the owners private data from the owners private data; and
      
      sending, by the appliance, the owners private data to the second owner device.
  - 11. The method of claim 8, further comprising, prior to encrypting the first owner private data:
    - monitoring, by one or more state monitoring sensors of the appliance, first data related to the appliance;
      
      generating, by the appliance, the first owner private data based on the first data; and
      
      storing, by the appliance, the first owner private data.
  - 12. The method of claim 8, further comprising, prior to encrypting the owners private data:
    - monitoring, by one or more state monitoring sensors of the appliance, second data related to the appliance;
      
      generating, by the appliance, the owners private data based on the second data; and
      
      storing, by the appliance, the owners private data.
  - 13. The method of claim 8, wherein the first owner private data is accessible to only the first owner of the appliance.
  - 14. The method of claim 8, further comprising:
    - generating, by the appliance, a digest of the first owner private data and owners private data;
      
      digitally signing, by the appliance, the digest to form a signed digest; and
      
      storing the signed digest in the appliance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
White, David
Primary Examiner(s)
Armouche, Hadi
Assistant Examiner(s)
Naghdali, Khalil

Application Number

US14/967,066
Publication Number

US 20170169250A1
Time in Patent Office

963 Days
Field of Search

713193
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2107   File encryption

G06F 2221/2147   Locking files

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

Device using secure storage and retrieval of data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Device using secure storage and retrieval of data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links