Simplified sensor integrity
First Claim
Patent Images
1. An attestation apparatus comprising:
- at least one processor device;
an energy storage module to power the attestation apparatus;
a memory in which a secret is stored on the attestation apparatus, wherein the secret is provisioned in the memory via a trusted provisioning event by a management system corresponding to a specific use session from a plurality of use sessions of the attestation apparatus and wherein a loss of power event causes the secret to be deleted from the memory;
at least one sensor to sense characteristics of an environment of the apparatus and generate signals indicative of the sensed environmental characteristics;
logic, executable by the at least one processor device, in response to receiving a start of transfer request from a particular gateway device, to;
transmit the stored secret to the particular gateway device and use a signed secret returned from the particular gateway device to generate a custody transfer message to the management system;
generate log data from the signals and store the generated log data in the memory; and
generate attestation data derived from the stored secret along with log data of the attestation apparatus;
a communications interface to send the generated attestation data and the log data to the management system via the particular gateway device to verify integrity and authenticity of the attestation apparatus based on the received attestation data corresponding to said specific use session.
10 Assignments
0 Petitions
Accused Products
Abstract
An apparatus is provided that includes at least one processor device, an energy storage module to power the apparatus, memory to store a secret such that powering down and restarting the apparatus causes the secret to be lost, logic executable by the at least one processor device to generate attestation data using the secret that data abstracts the secret, and a communications interface to send the attestation data to another device.
-
Citations
15 Claims
-
1. An attestation apparatus comprising:
-
at least one processor device; an energy storage module to power the attestation apparatus; a memory in which a secret is stored on the attestation apparatus, wherein the secret is provisioned in the memory via a trusted provisioning event by a management system corresponding to a specific use session from a plurality of use sessions of the attestation apparatus and wherein a loss of power event causes the secret to be deleted from the memory; at least one sensor to sense characteristics of an environment of the apparatus and generate signals indicative of the sensed environmental characteristics; logic, executable by the at least one processor device, in response to receiving a start of transfer request from a particular gateway device, to; transmit the stored secret to the particular gateway device and use a signed secret returned from the particular gateway device to generate a custody transfer message to the management system; generate log data from the signals and store the generated log data in the memory; and generate attestation data derived from the stored secret along with log data of the attestation apparatus; a communications interface to send the generated attestation data and the log data to the management system via the particular gateway device to verify integrity and authenticity of the attestation apparatus based on the received attestation data corresponding to said specific use session. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. At least one non-transitory computer-readable storage medium having instructions stored thereon, the instructions when executed on a processor device, cause the processor device to:
-
receive, at an attestation device, a signal from a particular gateway device, the attestation device comprising; an energy storage module to power the attestation device; a memory in which a secret is stored on the attestation apparatus, wherein the secret is provisioned in the memory via a trusted provisioning event by a management system corresponding to a specific use session from a plurality of use sessions of the attestation apparatus and wherein a loss of power event causes the secret to be deleted from the memory; and at least one sensor to sense characteristics of an environment of the apparatus and generate signals indicative of the sensed environmental characteristics; transmit the stored secret to the particular gateway device and use a signed secret returned from the particular gateway device to generate a custody transfer message to the management system; generate log data from the signals and store the generated log data in the memory; and generate attestation data derived from the stored secret along with log data of the attestation apparatus; a communications interface to send the generated attestation data and the log data to the management system via the particular gateway device to verify integrity and authenticity of the attestation apparatus based on the received attestation data corresponding to said specific use session. - View Dependent Claims (13, 14, 15)
-
Specification