Attestation device custody transfer protocol
First Claim
1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
- send, from a particular gateway device, a start of transfer request to an attestation device over a short range wireless communication channel;
receive, at the particular gateway device, a nonce from the attestation device in association with the start of transfer request;
sign the nonce at the particular gateway device;
send the signed nonce to the attestation device;
receive a transfer confirmation message from the attestation device; and
send a transfer message to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device, wherein;
the transfer message comprises the transfer confirmation message;
the transfer confirmation message is based on log data generated by the attestation device and the nonce, and comprises the log data and a hash of the nonce and the log data; and
the hash of the nonce and the log data comprises a hash of the nonce, the signed nonce, a copy of the nonce signed by the other gateway device, and the log data.
12 Assignments
0 Petitions
Accused Products
Abstract
A custody transfer of a device can include sending a start of transfer request to an attestation device over a short range wireless communication channel, a nonce is received from the attestation device in association with the start of transfer request, and the nonce is signed at the particular gateway device. The signed nonce is sent to the attestation device, a transfer confirmation message is received from the attestation device, and a transfer message is sent to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device.
23 Citations
16 Claims
-
1. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
send, from a particular gateway device, a start of transfer request to an attestation device over a short range wireless communication channel; receive, at the particular gateway device, a nonce from the attestation device in association with the start of transfer request; sign the nonce at the particular gateway device; send the signed nonce to the attestation device; receive a transfer confirmation message from the attestation device; and send a transfer message to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device, wherein; the transfer message comprises the transfer confirmation message; the transfer confirmation message is based on log data generated by the attestation device and the nonce, and comprises the log data and a hash of the nonce and the log data; and the hash of the nonce and the log data comprises a hash of the nonce, the signed nonce, a copy of the nonce signed by the other gateway device, and the log data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. At least one non-transitory machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
receive, at an attestation device, a first custody transfer request from a first gateway device; generate a nonce in response to the first custody transfer request; send a copy of the nonce to the first gateway device; receive, at the attestation device, a first signed copy of the nonce from the first gateway device; receive, at the attestation device, a second custody transfer request from a second gateway device; send another copy of the nonce to the second gateway device; receive, at the attestation device, a second signed copy of the nonce from the second gateway device; generate a transfer confirmation message based on the first and second signed copies of the nonce, wherein the transfer confirmation message represents a transfer in custody of the attestation; and send the transfer confirmation message to at least one of the first and second gateway devices, wherein; the transfer confirmation message is based on log data generated by the attestation device and the nonce, and comprises the log data and a hash of the nonce and the log data; and the hash of the nonce and the log data comprises a hash of the nonce, the first signed copy of the nonce, the second signed copy of the nonce, and the log data. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A system comprising:
-
a gateway device comprising; a short range communications module to; send a signal to a particular attestation device; and receive attestation data from the particular attestation device; a second communication module to; send a message to a remote management system over a wide area network, wherein the message identifies the gateway device and includes the received attestation data; and protocol logic to support a custody transfer protocol, wherein the custody transfer protocol comprises; sending a custody transfer request to the particular attestation device;
receiving a nonce from the particular attestation device in response to the custody transfer request;signing the nonce; sending a signed nonce to the particular attestation device; receiving a transfer confirmation data from the particular attestation device; and sending a transfer message to a management system to report a transfer in custody of the attestation device involving the particular gateway device and another gateway device based on the transfer confirmation data, wherein; the transfer message comprises the transfer confirmation data; the transfer confirmation data is based on log data generated by the attestation device and the nonce, and comprises the log data and a hash of the nonce and the log data; and the hash of the nonce and the log data comprises a hash of the nonce, the signed nonce, a copy of the nonce signed by the other gateway device, and the log data. - View Dependent Claims (16)
-
Specification