TECHNIQUES FOR SECURING SUPPLY CHAIN ELECTRONIC TRANSACTIONS

US 20160173457A1
Filed: 02/23/2016
Published: 06/16/2016
Est. Priority Date: 07/16/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-readable storage device storing a plurality of instructions which, when executed by one or more processors, cause the one or more processors perform operations comprising:

registering, by a hub registry system, one or more reader devices at each of a plurality of points along a supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;

decrypting, by the hub registry system, first encrypted transaction data using a public encryption key associated with a registered network address of a reader device registered by a shipper of goods to authenticate a sender of the goods; and

decrypting, by the hub registry system, second encrypted transaction data using a public encryption key associated with a registered network address of a reader device registered by a receiver of the goods to authenticate the receiver of the goods.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for authenticating the identity of shippers and receivers of goods at each point along a supply chain. A central hub repository issues shippers and receivers a pair of public and private keys for encrypting communications between the shippers and receivers and the hub repository and for authenticating the identity of shippers and receivers. The hub repository may also maintain a log of all transactions between shippers and receivers to provide an audit trail that may be used to track the progress of goods along a supply chain.

Citations

20 Claims

1. A computer-readable storage device storing a plurality of instructions which, when executed by one or more processors, cause the one or more processors perform operations comprising:
- registering, by a hub registry system, one or more reader devices at each of a plurality of points along a supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;
  
  decrypting, by the hub registry system, first encrypted transaction data using a public encryption key associated with a registered network address of a reader device registered by a shipper of goods to authenticate a sender of the goods; and
  
  decrypting, by the hub registry system, second encrypted transaction data using a public encryption key associated with a registered network address of a reader device registered by a receiver of the goods to authenticate the receiver of the goods.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The computer-readable storage device of claim 1, wherein the operations further comprise:
    - receiving, by the hub registry system, the first encrypted transaction data for a shipment of the goods from the reader device registered by the shipper of the goods.
  - 3. The computer-readable storage device of claim 1, wherein the shipper comprises a first point of a plurality of points along the supply chain.
  - 4. The computer-readable storage device of claim 1, wherein the first encrypted transaction data identifies the goods being shipped and the shipper of the goods.
  - 5. The computer-readable storage device of claim 1, wherein the first encrypted transaction data is encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system.
  - 6. The computer-readable storage device of claim 1, wherein the operations further comprise:
    - storing, by the hub registry system, in an audit history for the transaction, decrypted transaction data resulting from the decrypting of the first encrypted transaction data.
  - 7. The computer-readable storage device of claim 6, wherein the audit history provides a chain of custody for the shipment of goods.
  - 8. The computer-readable storage device of claim 6, wherein the audit history comprises information tracking the progress of goods between the points along the supply chain.
  - 9. The computer-readable storage device of claim 6, wherein the operations further comprise:
    - updating, by the hub registry system, the audit history for the transaction with decrypted transaction data resulting from the decrypting of the second encrypted transaction data.
  - 10. The computer-readable storage device of claim 6, wherein the operations further comprise:
    - providing, by the hub registry system, the audit history to the shipper and the receiver.
  - 11. The computer-readable storage device of claim 1, wherein the operations further comprise:
    - receiving, by the hub registry system, the second encrypted transaction data from the reader device registered to the receiver of the goods.
  - 12. The computer-readable storage device of claim 1, wherein the receiver comprises a second point of the plurality of points along the supply chain.
  - 13. The computer-readable storage device of claim 1, wherein the second encrypted transaction data is encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system.
  - 14. The computer-readable storage device of claim 1, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods.
  - 15. The computer-readable storage device of claim 1, wherein the second encrypted transaction data comprises additional information identifying the goods being received.
  - 16. The computer-readable storage device of claim 1, wherein the second encrypted transaction data identifies the receiver of the goods.
  - 17. The computer-readable storage device of claim 1, wherein the operations further comprise:
    - rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed.
  - 18. The computer-readable storage device of claim 17, wherein the operations further comprise:
    - storing, in the audit history for the shipment of goods, a unique identifier associated with the shipment of goods, an identifier associated with the shipper of the goods, and an identifier associated with the receiver of the goods;
      
      wherein rejecting the transaction if authentication of one or more of the sender or the receiver of the goods failed further comprises;
      
      generating a shipment exception message indicating authentication of one or more of the sender or the receiver of the goods failed;
      
      sending the shipment exception message to the shipper and the receiver of the goods; and
      
      storing information from the shipment authentication message in the audit history for the shipment of goods.
  - 19. The computer-readable storage device of claim 1, wherein the first set of transaction information and the second set of transaction information include a unique identifier associated with the shipment of goods;
    - wherein the unique identifier associated with the shipment of goods is associated with a radio-frequency identification (RFID) tag associated with the shipment of goods; and
      
      wherein the reader device registered by the shipper and the reader device registered by the receiver each comprise RFID reader devices.
  - 20. The computer-readable storage device of claim 19, wherein registering one or more reader devices comprises:
    - receiving a particular request to register a particular reader device from a shipper or receiver of goods;
      
      wherein the particular reader device is configured to read the unique identifier associated with the shipment from an identifier tag associated with the shipment of goods;
      
      validating the network address associated with the particular request to determine whether the network address includes a set of network addresses of registered shippers and receivers;
      
      adding at least one of a network address and a hardware-specific identifier of the particular reader device to a set of registered devices associated with the shipper or receiver of goods; and
      
      generating a private encryption key and a public encryption key for the particular reader device based on the at least one of a network address and a hardware-specific identifier of the particular reader device;
      
      wherein the first set of transaction information is encrypted by the shipper using a private key associated with a reader device located at a facility associated with the shipper;
      
      wherein the reader device located at the facility associated with the shipper has been used to read the unique identifier associated with the shipment from the identifier tag associated with the shipment; and
      
      wherein decrypting the first encrypted transaction data further comprises;
      
      identifying the public key associated with the reader device located at the facility associated with the shipper based on at least one of the network address and the hardware-specific identifier of the reader device located at the facility associated with the shipper; and
      
      decrypting the first encrypted transaction data using the public key associated with the identified reader device located at the facility associated with the shipper;
      
      wherein the second set of transaction information is encrypted by the receiver using a private key associated with a reader device located at a facility associated with the receiver;
      
      wherein the reader device at the facility associated with the receiver has been used to read the unique identifier associated with the shipment of from the identifier tag associated with the shipment; and
      
      wherein decrypting the second encrypted transaction data further comprises;
      
      identifying the public key associated with the reader device located at the facility associated with the receiver based on at least one of the network address and the hardware-specific identifier of the reader device;
      
      decrypting the second encrypted transaction data using the public key associated with the identified reader device located at the facility associated with the receiver.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Syngkon, Daio, Flierl, Susan

Granted Patent

US 10,616,183 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G06Q 10/08   Logistics, e.g. warehousing...

G06Q 10/0833   Tracking

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0428   wherein the data content is...

H04L 9/3247   involving digital signatures

TECHNIQUES FOR SECURING SUPPLY CHAIN ELECTRONIC TRANSACTIONS

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

TECHNIQUES FOR SECURING SUPPLY CHAIN ELECTRONIC TRANSACTIONS

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links