System and method for implementing hybrid public-private block-chain ledgers

US 10,282,711 B2
Filed: 08/11/2016
Issued: 05/07/2019
Est. Priority Date: 08/13/2015
Status: Active Grant

First Claim

Patent Images

1. An apparatus, comprising:

a communications unit;

a storage device; and

at least one processor coupled to the storage device and to the communications unit, the storage device storing software instructions for controlling the at least one processor when executed by the at least one processor, and the at least one processor being operative with the software instructions and configured to;

detect an occurrence of an event involving an asset tracked within a distributed storage ledger;

obtain encrypted trigger-event data from at least one block of the distributed storage ledger and decrypt the encrypted trigger-event data using a private cryptographic key associated with an owner of the tracked asset;

when the detected event corresponds to at least one triggering event identified within the decrypted trigger-event data, obtain encrypted rules data identifying one or more rules from the at least one block of the distributed storage ledger, the one or more rules being established by a centralized authority associated with the tracked asset;

decrypt the encrypted rules data using a master cryptographic key associated with the centralized authority;

identify, based on the decrypted rules data, at least one of the one or more rules that exhibits a causal relationship with the detected event; and

perform first operations consistent with the at least one identified rule, the first operations involving the tracked asset.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The disclosed embodiments include computerized systems and methods that generate secured distributed storage ledger structures, such as block-chain-based ledger structures, that facilitate event-based control of tracked assets. In one embodiment, an apparatus associated with a centralized authority of the secured distributed storage ledger may detect an occurrence of a triggering event, and may access and decrypt a set of rules hashed into the secured distributed storage ledger using a confidentially-held master cryptographic key. The apparatus may identify a rule associated with the detected event, and perform one or more operations consistent with the rule and involving at least one of assets tracked within the secured distributed storage ledger or an owner of a portion of the tracked assets.

Citations

41 Claims

1. An apparatus, comprising:
- a communications unit;
  
  a storage device; and
  
  at least one processor coupled to the storage device and to the communications unit, the storage device storing software instructions for controlling the at least one processor when executed by the at least one processor, and the at least one processor being operative with the software instructions and configured to;
  
  detect an occurrence of an event involving an asset tracked within a distributed storage ledger;
  
  obtain encrypted trigger-event data from at least one block of the distributed storage ledger and decrypt the encrypted trigger-event data using a private cryptographic key associated with an owner of the tracked asset;
  
  when the detected event corresponds to at least one triggering event identified within the decrypted trigger-event data, obtain encrypted rules data identifying one or more rules from the at least one block of the distributed storage ledger, the one or more rules being established by a centralized authority associated with the tracked asset;
  
  decrypt the encrypted rules data using a master cryptographic key associated with the centralized authority;
  
  identify, based on the decrypted rules data, at least one of the one or more rules that exhibits a causal relationship with the detected event; and
  
  perform first operations consistent with the at least one identified rule, the first operations involving the tracked asset.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 2. The apparatus of claim 1, wherein:
    - the detected event further involves an owner of the tracked asset or a transaction involving the tracked asset;
      
      the centralized authority is associated with the tracked asset, the owner, or the transaction; and
      
      the performed first operations involve the tracked asset or the owner of the tracked asset.
  - 3. The apparatus of claim 1, wherein the distributed storage ledger is a block-chain ledger.
  - 4. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - determine that the detected event corresponds to the at least one triggering event identified within the decrypted trigger-event data;
      
      in response to the determination, generate and transmit, via the communications unit, a first signal to a device associated with the centralized authority, the first signal comprising a request for the encrypted rules data; and
      
      receive, via the communications unit, a second signal comprising additional elements of encrypted rules data from the device, in response to the request.
  - 5. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - generate the master cryptographic key;
      
      store the generated master cryptographic key in a portion of a secure data repository; and
      
      establish at least one access permission for the stored master cryptographic key, the at least one established access permission preventing a device of an owner of the tracked asset from accessing the stored master cryptographic key.
  - 6. The apparatus of claim 1, wherein the decrypted rules data comprises a plurality of candidate rules, the candidate rules being causally related to corresponding triggering events.
  - 7. The apparatus of claim 6, wherein the at least one processor is further configured to:
    - determine that corresponding one of the candidate rules exhibits a causal relationship with the detected event; and
      
      establish the corresponding one of the candidate rules as the at least one identified rule.
  - 8. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - generate at least a portion of the one or more rules;
      
      encrypt the generated portion of the rules using the master cryptographic key;
      
      store the encrypted portion of the rules within the storage device; and
      
      generate and transmit, via the communications unit, a first signal comprising the encrypted portion of the rules to at least one mining system, the first signal further comprising information that instructs the at least one mining system to perform operations that hash the encrypted rules into a genesis block of the distributed storage ledger.
  - 9. The apparatus of claim 8, wherein the at least one processor is further configured to generate a first portion of the rules based on at least one of a regulation of a policy set forth by at least one of a governmental entity, a non-governmental entity, a regulatory entity, or the centralized authority associated with the distributed storage ledger.
  - 10. The apparatus of claim 9, wherein the at least one processor is further configured to:
    - receive a second signal via the communications unit, the second signal comprising input data generated by a device of an owner of the tracked asset; and
      
      generate a second portion of the rules based on the input data.
  - 11. The apparatus of claim 8, wherein the at least one processor is further configured to:
    - generate trigger-event data identifying a plurality of candidate triggering events;
      
      encrypt the trigger-event data using a private cryptographic key associated with an owner of the tracked asset;
      
      store the encrypted trigger-event data within the storage device; and
      
      generate and transmit, via the communications unit, a second signal comprising the encrypted trigger-event data to the at least one mining system, the second signal comprising additional information that instructs the at least one mining system to perform operations that hash the encrypted trigger-event data into the genesis block of the distributed storage ledger.
  - 12. The apparatus of claim 11, wherein the at least one processor is further configured to:
    - based on the decrypted trigger-event data, identify one of the candidate triggering events that corresponds to the detected event; and
      
      establish the identified candidate triggering event as the at least one identified triggering event.
  - 13. The apparatus of claim 11, wherein the at least one processor is further configured to:
    - generate the private cryptographic key associated with the owner of the tracked asset; and
      
      generate and transmit, via the communications unit, a third signal to a device associated with the owner of the tracked asset, the third signal comprising the private cryptographic key.
  - 14. The apparatus of claim 11, wherein the at least one processor is further configured to:
    - receive a third signal via the communications unit, the third signal comprising input data generated by a device associated with the owner of the tracked asset; and
      
      generate at least a portion of the trigger-event data based on the input data.
  - 15. The apparatus of claim 11, wherein the at least one processor is further configured to:
    - modify at least a portion of the decrypted trigger-event data;
      
      encrypt the modified trigger-event data using the private cryptographic key; and
      
      generate and transmit, via the communication unit, a third signal comprising the encrypted modified trigger-event data to the at least one mining system, the third signal further comprising information that instructs the at least one mining system to perform operations that hash the encrypted modified trigger-event data into a block of the distributed storage ledger corresponding to a special transaction.
  - 16. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - modify at least a portion of the decrypted rules data, the modified portion comprising at least one of an additional rule or an update to an existing rule;
      
      encrypt the modified rules data using the master encryption key; and
      
      generate and transmit, via the communications unit, a signal that includes the encrypted modified rules data to at least one mining system, the first signal comprising information that instructs the at least one mining system to perform operations that hash the encrypted modified rules data into a block of the distributed storage ledger corresponding to a special transaction.
  - 17. The apparatus of claim 1, wherein:
    - the detected event corresponds to a request to regenerate a private block-chain key of an owner of the tracked asset the request being received from a device of the owner;
      
      the at least one identified rule identifies second operations that regenerate the private block-chain key; and
      
      the at least one processor is further configured to perform the second operations, the second operations comprising;
      
      regenerating the private block-chain key; and
      
      generate and transmit, via the communications unit, a signal that includes the regenerated private block-chain key to the device of the owner.
  - 18. The apparatus of claim 1, wherein:
    - the detected event corresponds to a receipt, via the communications unit, of information identifying at least one of a lost or stolen portion of the tracked asset, the information being provided by at least one of a governmental entity, a law enforcement entity, or an owner of the tracked asset;
      
      the at least one identified rule identifies second operations that recover the at least one lost or stolen portion of the tracked asset; and
      
      the at least one processor is further configured to perform the second operations, the second operations comprising;
      
      generating and transmitting, via the communications unit, a first signal to at least one mining system, the signal comprising data requesting a transfer of ownership of the at least one lost or stolen portion of the tracked asset to the owner;
      
      generating a replacement pair of public and private cryptographic keys for the owner; and
      
      generating and transmitting, via the communications unit, a second signal that includes the replacement pair of public and private cryptographic keys to a device of the owner.
  - 19. The apparatus of claim 1, wherein the at least one identified rule specifies the one or more first operations.
  - 20. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - determine that the detected event corresponds to the at least one triggering event identified within the decrypted trigger-event data;
      
      in response to the determination, obtain the encrypted rules data from the at least one block of the distributed storage ledger;
      
      load the master cryptographic key from the storage device; and
      
      decrypt the encrypted rules data using the master cryptographic key.
  - 21. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - load, from the storage device, the private cryptographic key associated with an owner of the tracked asset;
      
      decrypt the encrypted trigger-event data using the private cryptographic key; and
      
      based on the decrypted trigger-event data, determine that the detected event corresponds to at least one triggering event.
  - 22. The apparatus of claim 1, wherein the at least one processor is further configured to:
    - load the at least one block of the distributed storage ledger from the storage unit, the at least one block comprising a genesis block of the distributed storage ledger;
      
      obtain at least one of the encrypted trigger-event data or the encrypted rules data from the genesis block;
      
      generate transaction data that characterizes the performance of the first operations involving the tracked asset; and
      
      generate and transmit, via the communications unit, a signal to at least one mining system that includes the transaction data and the at least one of the encrypted trigger-event data or the encrypted rules data, the signal comprising information that instructs the at least one mining system to perform operations that hash the transaction data and the at least one of the encrypted trigger-event data or the encrypted rules data into an additional block of the distributed storage ledger.

23. A computer-implemented method, comprising:
- detecting, using at least one processor, an occurrence of an event involving an asset tracked within a distributed storage ledger;
  
  using the at least one processor, obtaining encrypted trigger-event data from at least one block of the distributed storage ledger and decrypting the encrypted trigger-event data using a private cryptographic key associated with an owner of the tracked asset;
  
  when the detected event corresponds to at least one triggering event identified within the decrypted trigger-event data, obtaining, using the at least one processor, encrypted rules data identifying one or more rules from the at least one block of the distributed storage ledger, the one or more rules being established by a centralized authority associated with the tracked asset;
  
  decrypting, using the at least one processor, the encrypted rules data using a master cryptographic key associated with the centralized authority;
  
  based on the decrypted rules data, identifying, using the at least one processor, at least one of the one or more rules that exhibits a causal relationship with the detected event; and
  
  performing, using the at least one processor, first operations consistent with the at least one identified rule, the first operations involving the tracked asset.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40)
- - 24. The method of claim 23, wherein:
    - the detected event further involves an owner of the tracked asset or a transaction involving the tracked asset;
      
      the centralized authority is associated with the tracked asset, the owner, or the transaction; and
      
      the performed first operations involve the tracked asset or the owner of the tracked asset.
  - 25. The method of claim 23, wherein the distributed storage ledger is a block-chain ledger.
  - 26. The method of claim 23, further comprising:
    - generating the master cryptographic key;
      
      storing the generated master cryptographic key in a portion of a secure data repository; and
      
      establishing at least one access permission for the stored master cryptographic key, the at least one established access permission preventing a device of an owner of the tracked asset from accessing the stored master cryptographic key.
  - 27. The method of claim 23, wherein the decrypted rules data comprises a plurality of candidate rules, the candidate rules being causally related to corresponding triggering events.
  - 28. The method of claim 27, further comprising:
    - determining that a corresponding one of the candidate rules exhibits a causal relationship with the detected event; and
      
      establishing the corresponding one of the candidate rules as the at least one identified rule.
  - 29. The method of claim 23, further comprising:
    - generating at least a portion of the rules;
      
      encrypting the generated portion of the rules using the master cryptographic key; and
      
      generating and transmitting a first signal comprising the encrypted portion of the rules to at least one mining system, the first signal further comprising information that instructs the at least one mining system to perform operations that hash the encrypted portion of the rules into a genesis block of the distributed storage ledger.
  - 30. The method of claim 29, further comprising generating a first portion of the rules based on at least one of a regulation of a policy set forth by at least one of a governmental entity, a non-governmental entity, a regulatory entity, or the centralized authority associated with the distributed storage ledger.
  - 31. The method of claim 30, further comprising:
    - receiving a second signal that includes input data generated by a device of an owner of the tracked asset; and
      
      generating a second portion of the rules based on the input data.
  - 32. The method of claim 30, further comprising:
    - generating trigger-event data identifying a plurality of candidate triggering events;
      
      encrypting the trigger-event data using a private cryptographic key associated with an owner of the tracked asset;
      
      storing the encrypted trigger-event data within the storage device; and
      
      generating and transmitting a second signal comprising the encrypted trigger-event data to the at least one mining system, the second signal comprising additional information that instructs the at least one mining system to perform operations that hash the encrypted trigger-event data into the genesis block of the distributed storage ledger.
  - 33. The method of claim 32, further comprising:
    - based on the decrypted trigger-event data, identifying one of the candidate triggering events that corresponds to the detected event; and
      
      establishing the identified candidate triggering event as the at least one identified triggering event.
  - 34. The method of claim 32, further comprising:
    - generating the private cryptographic key associated with the owner of the tracked asset; and
      
      generating and transmitting a third signal to a device associated with the owner of the tracked asset, the third signal comprising the private cryptographic key.
  - 35. The method of claim 32, further comprising:
    - receiving a third signal comprising input data generated by a device associated with the owner of the tracked asset; and
      
      generating at least a portion of the trigger-event data based on the input data.
  - 36. The method of claim 32, further comprising:
    - modifying at least a portion of the decrypted trigger-event data;
      
      encrypting the modified trigger-event data using the private cryptographic key; and
      
      generating and transmitting a third signal comprising the encrypted modified trigger-event data to the at least one mining system, the third signal further comprising information that instructs the at least one mining system to perform operations that hash the encrypted modified trigger-event data into a block of the distributed storage ledger corresponding to a special transaction.
  - 37. The method of claim 23, further comprising:
    - modifying at least a portion of the decrypted rules data, the modified portion comprising at least one of an additional rule or an update to an existing rule;
      
      encrypting the modified rules data using the master encryption key; and
      
      generating and transmitting a first signal that includes the encrypted modified rules data to at least one mining system, the first signal comprising information that instructs the at least one mining system to perform operations that hash the encrypted modified rules data into a block of the distributed storage ledger corresponding to a special transaction.
  - 38. The method of claim 23, wherein:
    - the detected event corresponds to a request to regenerate a private block-chain key of an owner of the tracked asset, the request being received from a device associated with the owner;
      
      the at least one identified rule identifies second operations that regenerate the private block-chain key; and
      
      the method further comprises performing the second operations, the second operations comprising;
      
      regenerating the private block-chain key; and
      
      generating and transmitting a signal that includes the regenerated private block-chain key to a device associated with the owner.
  - 39. The method of claim 23, wherein:
    - the detected event corresponds to information identifying at least one of a lost or stolen portion of the tracked asset, the information being provided by at least one of a governmental entity, a law enforcement entity, or an owner of the tracked asset;
      
      the at least one identified rule identifies second operations that recover the at least one lost or stolen portion of the tracked asset; and
      
      the method further comprises performing the second operations, the operations comprising;
      
      generating and transmitting, via the communications unit, a first signal to at least one mining system, the signal comprising data requesting a transfer of ownership of the at least one lost or stolen portion of the tracked asset to the owner;
      
      generating a replacement pair of public and private cryptographic keys for the owner; and
      
      generating and transmitting, via the communications unit, a second signal that includes the replacement pair of public and private cryptographic keys to a device associated with the owner.
  - 40. The method of claim 23, wherein the at least one identified rule specifies the first operations.

41. A tangible, non-transitory computer-readable medium storing instructions that, when executed by at least one processor, perform a method comprising:
- detecting, using at least one processor, an occurrence of an event involving an asset tracked within a distributed storage ledger;
  
  obtaining encrypted trigger-event data from at least one block of the distributed storage ledger and decrypting the encrypted trigger-event data using a private cryptographic key associated with an owner of the tracked asset;
  
  when the detected event corresponds to at least one triggering event identified within the decrypted trigger-event data, obtaining encrypted rules data identifying one or more rules from the at least one block of the distributed storage ledger, the one or more rules being established by a centralized authority associated with the tracked asset;
  
  decrypting the encrypted rules data using a master cryptographic key associated with the centralized authority;
  
  based on the decrypted rules data, identifying at least one of the one or more rules that exhibits a causal relationship with the detected event; and
  
  performing first operations consistent with the at least one identified rule, the first operations involving the tracked asset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Toronto-Dominion Bank
Original Assignee
Toronto-Dominion Bank
Inventors
Chan, Paul Mon-Wah, Lee, John Jong Suk, Haldenby, Perry Aaron Jones
Primary Examiner(s)
Lemma, Samson B

Application Number

US15/234,947
Publication Number

US 20170046526A1
Time in Patent Office

999 Days
Field of Search

713193
US Class Current
CPC Class Codes

G06F 21/62   Protecting access to data v...

G06F 21/645   using a third party

G06Q 10/0631   Resource planning, allocati...

G06Q 10/063114   Status monitoring or status...

G06Q 10/08   Logistics, e.g. warehousing...

G06Q 10/103   Workflow collaboration or p...

G06Q 10/1097   Task assignment

G06Q 20/065   using e-cash

G06Q 20/0655   e-cash managed centrally

G06Q 20/102   Bill distribution or payments

G06Q 20/367   involving electronic purses...

G06Q 20/3829   involving key management

G06Q 20/401   Transaction verification

G06Q 20/4016   involving fraud or risk lev...

G06Q 20/405   Establishing or using trans...

G06Q 2220/00   Business processing using c...

G06Q 2220/10   Usage protection of distrib...

G06Q 2230/00   Voting or election arrangem...

G06Q 30/0214   Referral reward systems

G06Q 40/08   Insurance

G06Q 40/128 : Check-book balancing, updat...

G06Q 50/08 : Construction

G06Q 50/18 : Legal services

H04L 2209/24 : Key scheduling, i.e. genera...

H04L 2209/56 : Financial cryptography, e.g...

H04L 63/0435 : wherein the sending and rec...

H04L 63/0442 : wherein the sending and rec...

H04L 63/061 : for key exchange, e.g. in p...

H04L 63/062 : for key distribution, e.g. ...

H04L 63/08 : for authentication of entit...

H04L 63/0876 : based on the identity of th...

H04L 63/12 : Applying verification of th...

H04L 9/0816 : Key establishment, i.e. cry...

H04L 9/0861 : Generation of secret inform...

H04L 9/0891 : Revocation or update of sec...

H04L 9/0894 : Escrow, recovery or storing...

H04L 9/3247 : involving digital signatures

H04L 9/50 : using hash chains, e.g. blo...

H04N 2005/91342 : the copy protection signal ...

H04N 5/913 : for scrambling ; for copy p...

Y02P 90/80 : Management or planning

Y04S 10/50 : Systems or methods supporti...

View All

System and method for implementing hybrid public-private block-chain ledgers

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for implementing hybrid public-private block-chain ledgers

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links