Secure data storage on open systems
First Claim
1. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
- receiving (720) data relating to a parameter of each item in the batch; and
cryptographically protecting (800) the database using a crypto engine in a secure vault.
1 Assignment
0 Petitions
Accused Products
Abstract
A method of storing data relating to a batch of items, such as mail items, on a processor-based system in a secure fashion is described. The method comprises receiving data relating to a parameter of each item in the batch and cryptographically protecting the database using a crypto engine in a secure vault. In a preferred embodiment, the method comprises sending the received data for each item to the crypto engine in the vault, which is operable to produce a message authentication code based on the received data and to tag the received data with the message authentication code, writing the data tagged with the message authentication code to the openly accessible database, and repeating the aforementioned steps for each subsequent item in the batch. The parameter of each item may be a physical parameter of the items, such as their respective weights, or a rating parameter, such as a postage value or class.
17 Citations
22 Claims
-
1. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
-
receiving (720) data relating to a parameter of each item in the batch; and
cryptographically protecting (800) the database using a crypto engine in a secure vault. - View Dependent Claims (2, 3, 5, 6, 7, 8, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
4. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
-
receiving (720) data relating to a parameter of an item in the batch;
sending (730) the received data relating to the value of the parameter for said item to a crypto engine in a secure vault which is operable to produce (740) a message authentication code based on the received data and to tag the received data with the message authentication code;
writing (760) the data tagged with the message authentication code to an openly accessible database; and
repeating (780) the aforementioned steps for each subsequent item in the batch.
-
-
9. A method of storing data relating to a batch of items such as mail items on a processor-based system in a secure fashion, the method comprising:
-
setting (710) a plurality of batch counters in a secure vault to initial numerical values respectively representing an initial count of the number of items in the batch and an initial value of a physical parameter of the items in the batch;
receiving (720) data relating to the value of the physical parameter of an item in the batch;
sending (730) the received data relating to the value of the physical parameter for said item to a crypto engine in the vault which produces (740) a message authentication code based on the received data and which tags the received data with the message authentication code;
incrementing (750) the batch counter numerical value representing the number of items in the batch by one and incrementing the numerical value of the batch counter representing the value of the physical parameter of the items in the batch by an amount determined on the basis of the received data relating to the value of the physical parameter for the item in question;
writing (760) the data tagged with the message authentication code to an openly accessible database;
repeating (780) the aforementioned steps conducted following the initial setting of the batch counters for each subsequent item in the batch;
validating (790) the tagged database entries using the numerical value of at least one of the batch counters; and
cryptographically protecting (800) the database using the crypto engine.
-
-
19. A processor-based system (14) for storing data pertaining to a batch of items such as items of mail in a secure fashion, the system comprising:
-
a crypto engine in a secure vault adapted to receive data relating to the value of a parameter of an item in the batch, generate a message authentication code on the basis thereof and tag the received data with the message authentication code; and
an openly accessible database for storing the tagged data.
-
-
20. A processor-based system (14) for storing data pertaining to a batch of items such as items of mail in a secure fashion, the system comprising:
-
a secure vault comprising a plurality of batch counters for recording numerical values respectively representing the number of items in the batch and a value of a physical parameter of the items in the batch;
a crypto engine in the vault adapted to receive data relating to the value of the physical parameter of an item in the batch, generate a message authentication code on the basis thereof and tag the received data with the message authentication code;
an openly accessible database for storing the tagged data; and
means for cryptographically protecting the database using the crypto engine. - View Dependent Claims (21, 22)
-
Specification