Secure data storage on open systems

US 20040059676A1
Filed: 10/20/2003
Published: 03/25/2004
Est. Priority Date: 06/19/2000
Status: Abandoned Application

First Claim

Patent Images

1. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:

receiving (720) data relating to a parameter of each item in the batch; and

cryptographically protecting (800) the database using a crypto engine in a secure vault.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of storing data relating to a batch of items, such as mail items, on a processor-based system in a secure fashion is described. The method comprises receiving data relating to a parameter of each item in the batch and cryptographically protecting the database using a crypto engine in a secure vault. In a preferred embodiment, the method comprises sending the received data for each item to the crypto engine in the vault, which is operable to produce a message authentication code based on the received data and to tag the received data with the message authentication code, writing the data tagged with the message authentication code to the openly accessible database, and repeating the aforementioned steps for each subsequent item in the batch. The parameter of each item may be a physical parameter of the items, such as their respective weights, or a rating parameter, such as a postage value or class.

17 Citations

View as Search Results

22 Claims

1. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
- receiving (720) data relating to a parameter of each item in the batch; and
  
  cryptographically protecting (800) the database using a crypto engine in a secure vault.
- View Dependent Claims (2, 3, 5, 6, 7, 8, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. A method according to claim 1, wherein the step of cryptographically protecting (800) the database using the crypto engine comprises attaching an electronic signature to the database.
  - 3. A method according to claim 1 or 2 further comprising:
    - sending (730) the received data for each item to said crypto engine in the vault which is operable to produce (740) a message authentication code based on the received data and to tag the received data with the message authentication code;
      
      writing (760) the data tagged with the message authentication code to said openly accessible database; and
      
      repeating (780) the aforementioned steps for each subsequent item in the batch.
  - 5. A method according to claim 3 or 4 further comprising:
    - validating (790) the tagged database entries using the crypto engine.
  - 6. A method according to claim 5 wherein the step of validating (790) the database comprises:
    - producing a message authentication code using the crypto engine from the data for an item in the database; and
      
      comparing the message authentication code thus produced with the message authentication code from the database corresponding to the data in question.
  - 7. A method according to claim 5 wherein the step of validating (790) the database comprises:
    - decrypting a message authentication code from the database using the crypto engine; and
      
      comparing the result of the decryption with the data for the item in the database corresponding to the message authentication code in question.
  - 8. A method according to any one of claims 3 to 7 further comprising:
    - setting (710) a plurality of batch counters in said secure vault to initial numerical values respectively representing an initial count of the number of items in the batch and an initial value of said parameter of the items in the batch;
      
      incrementing (750) the batch counter numerical value representing the number of items in the batch and incrementing the numerical value of the batch counter representing the value of the parameter by an amount determined on the basis of the received data relating to the value of the parameter for each item; and
      
      repeating (780) the aforementioned steps for each subsequent item in the batch.
  - 10. A method according to claim 8 or 9, further comprising:
    - setting (710) a further batch counter in the secure vault to an initial numerical value representing an initial value of a rating parameter for the items in the batch;
      
      receiving (720) data relating to the value of the rating parameter for said item;
      
      sending (730) the received data relating to the value of the rating parameter for said item to the crypto engine which produces (740) said message authentication code based on the value of the rating parameter as well as on the value of the physical parameter of the item;
      
      incrementing (750) the numerical value of the further batch counter representing the value of the rating parameter of the items in the batch by an amount determined on the basis of the received data relating to the value of the rating parameter for the item in question; and
      
      repeating (780) the aforementioned steps conducted following the initial setting of the further batch counter for each subsequent item in the batch.
  - 11. A method according to claim 10, wherein the items are mail items and the rating parameter is the postage value of the items of mail.
  - 12. A method according to claim 10, wherein the items are mail items and the rating parameter is a postal service code corresponding to the postage class and/or mode of sending of the items of mail.
  - 13. A method according to any one of claims 9 to 12, wherein the step of validating (790) the database comprises:
    - comparing the total number (820) of item entries in the database with the batch counter in the vault representing the number of items in the batch and or comparing the total value (830) of the physical parameter of the items in the database with the batch counter in the vault representing the value of the physical parameter of the items in the batch.
  - 14. A method according to any one of claims 9 to 12, wherein the step of validating (790) the database comprises comparing the total value (840) of the rating parameter of the items in the database with the batch counter in the vault representing the value of the rating parameter of the items in the batch.
  - 15. A method according to any preceding claim, wherein the parameter is the weight of the items in the batch.
  - 16. A method according to any preceding claim, wherein the parameter is the size format of the items in the batch.
  - 17. A method according to any preceding claim, further comprising transmitting an electronic message relating to the database to a postal service.
  - 18. A method according to any preceding claim, further comprising generating (770) a postage indicium from the data received in relation to an item of mail in the batch and attaching the postage indicium to said item.

4. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
- receiving (720) data relating to a parameter of an item in the batch;
  
  sending (730) the received data relating to the value of the parameter for said item to a crypto engine in a secure vault which is operable to produce (740) a message authentication code based on the received data and to tag the received data with the message authentication code;
  
  writing (760) the data tagged with the message authentication code to an openly accessible database; and
  
  repeating (780) the aforementioned steps for each subsequent item in the batch.

9. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
- setting (710) a plurality of batch counters in a secure vault to initial numerical values respectively representing an initial count of the number of items in the batch and an initial value of a physical parameter of the items in the batch;
  
  receiving (720) data relating to the value of the physical parameter of an item in the batch;
  
  sending (730) the received data relating to the value of the physical parameter for said item to a crypto engine in the vault which produces (740) a message authentication code based on the received data and which tags the received data with the message authentication code;
  
  incrementing (750) the batch counter numerical value representing the number of items in the batch by one and incrementing the numerical value of the batch counter representing the value of the physical parameter of the items in the batch by an amount determined on the basis of the received data relating to the value of the physical parameter for the item in question;
  
  writing (760) the data tagged with the message authentication code to an openly accessible database;
  
  repeating (780) the aforementioned steps conducted following the initial setting of the batch counters for each subsequent item in the batch;
  
  validating (790) the tagged database entries using the numerical value of at least one of the batch counters; and
  
  cryptographically protecting (800) the database using the crypto engine.

19. A processor-based system (14) for storing data pertaining to a batch of items such as items of mail in a secure fashion, the system comprising:
- a crypto engine in a secure vault adapted to receive data relating to the value of a parameter of an item in the batch, generate a message authentication code on the basis thereof and tag the received data with the message authentication code; and
  
  an openly accessible database for storing the tagged data.

20. A processor-based system (14) for storing data pertaining to a batch of items such as items of mail in a secure fashion, the system comprising:
- a secure vault comprising a plurality of batch counters for recording numerical values respectively representing the number of items in the batch and a value of a physical parameter of the items in the batch;
  
  a crypto engine in the vault adapted to receive data relating to the value of the physical parameter of an item in the batch, generate a message authentication code on the basis thereof and tag the received data with the message authentication code;
  
  an openly accessible database for storing the tagged data; and
  
  means for cryptographically protecting the database using the crypto engine.
- View Dependent Claims (21, 22)
- - 21. A processor-based system according to claim 20, wherein the secure vault further comprises a batch counter for recording a numerical value representing the value of a rating parameter for the items in the batch and wherein the crypto engine is also adapted to receive data relating to the value of the rating parameter of said item and generate said message authentication code on the basis thereof as well as on the basis of data relating to the value of the physical parameter of the item in question.
  - 22. A processor-based system according to claim 20 or 21 further comprising:
    - means for validating the tagged database entries using the numerical value of at least one of the batch counters and/or using the crypto engine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Pitney Bowes Limited (Böwe Systec AG)
Original Assignee
Pitney Bowes Limited (Böwe Systec AG)
Inventors
Kelly, Stephen, Rozendaal, Vincent

Application Number

US10/311,737
Publication Number

US 20040059676A1
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G07B 17/00362   Calculation or computing wi...

G07B 2017/00427   Special accounting procedur...

G07B 2017/00483   Batch processing of mailpieces

G07B 2017/00766   Digital signature, e.g. DSA...

G07B 2017/00774   MAC (Message Authentication...

G07B 2017/00967   PSD [Postal Security Device...

Secure data storage on open systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

17 Citations

22 Claims

Specification

Use Cases

Quick Links

Others

Secure data storage on open systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

17 Citations

22 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others