System for centralized control of secure access to process data network

US 10,142,347 B2
Filed: 04/04/2016
Issued: 11/27/2018
Est. Priority Date: 02/10/2016
Status: Active Grant

First Claim

Patent Images

1. A system for supporting and controlling access to a private block chain within a private block chain distributed network, the system comprising:

one or more memory devices storing computer-readable code; and

one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer-readable code to;

receive a request from a user utilizing a node to access the private block chain, wherein the request includes received authentication credentials, wherein the private block chain network comprises a distributed network of nodes managed by one or more entities, wherein nodes from the distributed network of nodes are operatively coupled to each other, have at least a portion of a private ledger, and share information on the ledger through electronic communication, and wherein the received authentication credentials comprises user authentication credentials and node authentication credentials;

compare the received authentication credentials with stored authentication credentials for the user and the node;

allow the user to access the private block chain distributed network when the received authentication credentials meet the stored authentication credentials for the user and the node;

determine one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials;

receive an indication that the user took an action for an event within the private block chain, wherein the action occurred on the node from the distributed network of nodes, and wherein the action is validating the event using event information on the private ledger of the node from the distributed network of nodes of the private block chain, storing the event information for the event on the private ledger of the node from the distributed network of nodes of the private block chain, or disseminating the event information for the event on the private ledger of the node to one or more other nodes of the distributed network of nodes of the private block chain;

determine limits, wherein the limits comprise one or more user limits, one or more node limits, one or more entity limits, one or more event limits, and one or more action limits;

compare the action taken and the user, the node, an entity associated with the user, and the event associated with the action to the limits, including the one or more user limits, the one or more node limits, the one or more entity limits, the one or more event limits, and the one or more action limits; and

allow or deny the action based on the determination of the one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials and based on the comparison of the action and the user, the node, the entity, and the event associated with the action to the limits.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A distributed block chain network having at least a private block chain portion, and in some cases a public block chain portion, allows users to take actions (e.g., accessing, viewing, storing, disseminating, validating, or the like) with respect to event information associated with events. In some aspects of the invention the distributed block chain network with the private block chain portion may be utilized to verify events and separate the private information associated with the events from the public information associated with the events. As such, the present invention provides systems for centralized control of secure access to process data networks by utilizing a private block chain; and moreover, provide systems for control of secure access and communication with different process data networks with different security requirements by utilizing one or more block chains with private block chain portions and/or public block chain portions.

149 Citations

20 Claims

1. A system for supporting and controlling access to a private block chain within a private block chain distributed network, the system comprising:
- one or more memory devices storing computer-readable code; and
  
  one or more processing devices operatively coupled to the one or more memory devices, wherein the one or more processing devices are configured to execute the computer-readable code to;
  
  receive a request from a user utilizing a node to access the private block chain, wherein the request includes received authentication credentials, wherein the private block chain network comprises a distributed network of nodes managed by one or more entities, wherein nodes from the distributed network of nodes are operatively coupled to each other, have at least a portion of a private ledger, and share information on the ledger through electronic communication, and wherein the received authentication credentials comprises user authentication credentials and node authentication credentials;
  
  compare the received authentication credentials with stored authentication credentials for the user and the node;
  
  allow the user to access the private block chain distributed network when the received authentication credentials meet the stored authentication credentials for the user and the node;
  
  determine one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials;
  
  receive an indication that the user took an action for an event within the private block chain, wherein the action occurred on the node from the distributed network of nodes, and wherein the action is validating the event using event information on the private ledger of the node from the distributed network of nodes of the private block chain, storing the event information for the event on the private ledger of the node from the distributed network of nodes of the private block chain, or disseminating the event information for the event on the private ledger of the node to one or more other nodes of the distributed network of nodes of the private block chain;
  
  determine limits, wherein the limits comprise one or more user limits, one or more node limits, one or more entity limits, one or more event limits, and one or more action limits;
  
  compare the action taken and the user, the node, an entity associated with the user, and the event associated with the action to the limits, including the one or more user limits, the one or more node limits, the one or more entity limits, the one or more event limits, and the one or more action limits; and
  
  allow or deny the action based on the determination of the one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials and based on the comparison of the action and the user, the node, the entity, and the event associated with the action to the limits.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The system of claim 1, wherein the one or more processing devices are configured to execute the computer-readable program code to:
    - assign the user authentication credentials to a plurality of users for access to the private block chain distributed network, wherein the user provides the user authentication credentials to access the distributed network of nodes for the private block chain distributed network.
  - 3. The system of claim 1, wherein the one or more processing devices are configured to execute the computer-readable program code to:
    - assign the node authentication credentials to a plurality of nodes for access to the private block chain distributed network, wherein the node provides the node authentication credentials to access the distributed network of nodes for the private block chain distributed network.
  - 4. The system of claim 1, wherein the one or more processing devices are configured to execute the computer-readable program code to:
    - assign the user authentication credentials and the node authentication credentials for a plurality of nodes and a plurality of users.
  - 5. The system of claim 1, wherein the event within the private block chain distributed network is a transaction of a customer using a financial account of a financial institution, and wherein the event information is used to verify the transaction is legitimate.
  - 6. The system of claim 1, wherein the event is a contract between entities, an analyst report, or earnings statements.
  - 7. The system of claim 1, wherein the action is validating, storing, and disseminating the event and the event information to prove the event is legitimate.
  - 8. The system of claim 1, wherein the private block chain is linked with a public block chain, or the private block chain is a private block chain portion of a hybrid block chain having the private block chain portion and a public block chain portion, and wherein a first portion of the event information remains private, while a second portion of the event information is published publically on the public block chain or the public block chain portion.
  - 9. The system of claim 1, wherein a single entity controls access to the private block chain network.
  - 10. The system of claim 1, wherein two or more entities control access to the private block chain network.
  - 11. The system of claim 1, wherein the one or more processing devices are configured to execute the computer-readable program code to:
    - receive the limits for one or more users, one or more nodes, one or more entities, and one or more events or one or more actions associated with the one or more events; and
      
      store the limits.

12. A method for supporting and controlling access to a private block chain within a private block chain distributed network, the method comprising:
- receiving, by one or more processing devices, a request from a user utilizing a node to access the private block chain, wherein the request includes received authentication credentials, wherein the private block chain network comprises a distributed network of nodes managed by one or more entities, wherein nodes from the distributed network of nodes are operatively coupled to each other, have at least a portion of a private ledger, and share information on the ledger through electronic communication, and wherein the received authentication credentials comprises user authentication credentials and node authentication credentials;
  
  comparing, by the one or more processing devices, the received authentication credentials with stored authentication credentials for the user and the node;
  
  allowing, by the one or more processing devices, the user to access the private block chain distributed network when the received authentication credentials meet the stored authentication credentials for the user and the node;
  
  determining, by the one or more processing devices, one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials;
  
  receiving, by the one or more processing devices, an indication that the user took an action for an event within the private block chain, wherein the action occurred on the node from the distributed network of nodes, and wherein the action is validating the event using event information on the private ledger of the node from the distributed network of nodes of the private block chain, storing the event information for the event on the private ledger of the node from the distributed network of nodes of the private block chain, or disseminating the event information for the event on the private ledger of the node to one or more other nodes of the distributed network of nodes of the private block chain; and
  
  determining, by the one or more processing devices, limits, wherein the limits comprise one or more user limits, one or more node limits, one or more entity limits, one or more event limits, and one or more action limits;
  
  comparing, by the one or more processing devices, the action taken and the user, the node, an entity associated with the user, and the event associated with the action to the limits, including the one or more user limits, the one or more node limits, the one or more entity limits, the one or more event limits, and the one or more action limits; and
  
  allowing or denying, by the one or more processing devices, the action based on the determination of the one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials and based on the comparison of the action and the user, the node, the entity, and the event associated with the action to the limits.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19)
- - 13. The method of claim 12, further comprising:
    - assigning, by the one or more processing devices, the user authentication credentials to a plurality of users for access to the private block chain distributed network, wherein the user provides the user authentication credentials to access the distributed network of nodes for the private block chain distributed network.
  - 14. The method of claim 12, further comprising:
    - assigning, by the one or more processing devices, the node authentication credentials to a plurality of nodes for access to the private block chain distributed network, wherein the node provides the node authentication credentials to access the distributed network of nodes for the private block chain distributed network.
  - 15. The method of claim 12, further comprising:
    - assigning, by the one or more processing devices, the user authentication credentials and the node authentication credentials for a plurality of nodes and a plurality of users.
  - 16. The method of claim 12, wherein the event within the private block chain distributed network is a transaction of a customer using a financial account of a financial institution, and wherein the event information is used to verify the transaction is legitimate.
  - 17. The method of claim 12, wherein the action is validating, storing, and disseminating the event and the event information to prove the event is legitimate.
  - 18. The method of claim 12, wherein the private block chain is linked with a public block chain, or the private block chain is a private block chain portion of a hybrid block chain having the private block chain portion and a public block chain portion, and wherein a first portion of the event information remains private, while a second portion of the event information is published publically on the public block chain or the public block chain portion.
  - 19. The method of claim 12, further comprising:
    - receiving, by the one or more processing devices, the limits for one or more users, one or more nodes, one or more entities, and one or more events or one or more actions associated with the one or more events; and
      
      storing, by the one or more processing devices, the limits.

20. A computer program product for supporting and controlling access to a private block chain within a private block chain distributed network, the computer program product comprising at least one non-transitory computer-readable medium having computer-readable program code portions embodied therein, the computer-readable program code portions comprising:
- an executable portion configured to receive a request from a user utilizing a node to access the private block chain, wherein the request includes received authentication credentials, wherein the private block chain network comprises a distributed network of nodes managed by one or more entities, wherein nodes from the distributed network of nodes are operatively coupled to each other, have at least a portion of a private ledger, and share information on the ledger through electronic communication, and wherein the received authentication credentials comprises user authentication credentials and node authentication credentials;
  
  an executable portion configured to compare the received authentication credentials with stored authentication credentials for the user and the node;
  
  an executable portion configured to allow the user to access the private block chain distributed network when the received authentication credentials meet the stored authentication credentials for the user and the node;
  
  an executable portion configured to determine one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials;
  
  an executable portion configured to receive an indication that the user took an action for an event within the private block chain, wherein the action occurred on the node from the distributed network of nodes, and wherein the action is validating the event using event information on the private ledger of the node from the distributed network of nodes of the private block chain, storing the event information for the event on the private ledger of the node from the distributed network of nodes of the private block chain, or disseminating the event information for the event on the private ledger of the node to one or more other nodes of the distributed network of nodes of the private block chain;
  
  an executable portion configured to determine limits, wherein the limits comprise one or more user limits, one or more node limits, one or more entity limits, one or more event limits, and one or more action limits;
  
  an executable portion configured to compare the action taken and the user, the node, an entity associated with the user, and the event associated with the action to the limits, including the one or more user limits, the one or more node limits, the one or more entity limits, the one or more event limits, and the one or more action limits; and
  
  an executable portion configured to allow or deny the action based on the determination of the one or more types of actions that the user is allowed to, or prevented from, taking based on the comparison of the received authentication credentials with the stored authentication credentials and based on the comparison of the action and the user, the node, the entity, and the event associated with the action to the limits.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bank of America Corp.
Original Assignee
Bank of America Corp.
Inventors
Kurian, Manu Jacob
Primary Examiner(s)
Plecha, Thaddeus J

Application Number

US15/090,299
Publication Number

US 20170230375A1
Time in Patent Office

967 Days
Field of Search
US Class Current
CPC Class Codes

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 20/382   insuring higher security of...

G06Q 2220/00   Business processing using c...

H04L 63/08   for authentication of entit...

H04L 63/102   Entity profiles

H04L 63/104   Grouping of entities

H04L 63/105   Multiple levels of security

H04L 63/20   for managing network securi...

H04L 9/50   using hash chains, e.g. blo...

System for centralized control of secure access to process data network

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

149 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System for centralized control of secure access to process data network

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

149 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links