DEVICE USING SECURE STORAGE AND RETRIEVAL OF DATA

US 20170169250A1
Filed: 12/11/2015
Published: 06/15/2017
Est. Priority Date: 12/11/2015
Status: Active Grant

First Claim

Patent Images

1. An appliance comprising:

a processor;

a memory coupled to the processor;

one or more state monitoring sensors coupled to the processor; and

a computer-readable medium coupled to the processor, including code that is executable by the processor, for implementing a method comprising,receiving, by an appliance, a first encryption key and a second encryption key associated with a first owner of the appliance;

storing the first encryption key and the second encryption key in the appliance;

encrypting, by the appliance, first owner private data stored in the appliance using the first encryption key, wherein the first owner private data is not accessible to a subsequent second owner of the appliance; and

encrypting, by the appliance, owners private data stored in the appliance using the second encryption key, wherein the owners private data is accessible by the subsequent second owner of the appliance.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An appliance is capable of storing and processing data related to details surrounding its ownership, behavior, and history within itself in a secure and unalterable way. The appliance may experience multiple transfers in ownership during its lifetime. Certain data stored in the appliance may be encrypted such that only qualifying parties (e.g., owners) may be able to access the data. Some data may remain private to an individual owner while other data may be made available to subsequent owners by passing a shared secret that can be utilized to decrypt the other data. Data may be stored in the appliance in chronological order and may be signed by appropriate parties such that it is not possible to alter the data without detection.

28 Citations

View as Search Results

20 Claims

1. An appliance comprising:
- a processor;
  
  a memory coupled to the processor;
  
  one or more state monitoring sensors coupled to the processor; and
  
  a computer-readable medium coupled to the processor, including code that is executable by the processor, for implementing a method comprising,receiving, by an appliance, a first encryption key and a second encryption key associated with a first owner of the appliance;
  
  storing the first encryption key and the second encryption key in the appliance;
  
  encrypting, by the appliance, first owner private data stored in the appliance using the first encryption key, wherein the first owner private data is not accessible to a subsequent second owner of the appliance; and
  
  encrypting, by the appliance, owners private data stored in the appliance using the second encryption key, wherein the owners private data is accessible by the subsequent second owner of the appliance.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The appliance of claim 1, wherein the first encryption key and the second encryption key are symmetric encryption keys.
  - 3. The appliance of claim 1, wherein the method further comprises:
    - receiving, by the appliance, an indication from a first owner device associated with the first owner that there is a transfer of ownership of the appliance from the first owner to the second owner of the appliance;
      
      generating, by the appliance, an ownership transfer entry comprising information related to the transfer of ownership of the appliance; and
      
      storing, by the appliance, the ownership transfer entry.
  - 4. The appliance of claim 3, wherein the method further comprises:
    - receiving, by the appliance from the first owner device, ownership transfer data including the second encryption key, wherein the second encryption key is encrypted by the first owner device; and
      
      storing, by the appliance, the ownership transfer data in the ownership transfer entry.
  - 5. The appliance of claim 4, wherein the method further comprises:
    - receiving, by the appliance from a second owner device associated with the second owner, a decryption request for the ownership transfer information;
      
      decrypting, by the appliance, the encrypted ownership transfer information;
      
      retrieving, by the appliance, the second encryption key from the decrypted ownership transfer information; and
      
      sending, by the appliance, the second encryption key to the second owner device, wherein the second owner device can utilize the second encryption key to access the owners private data.
  - 6. The appliance of claim 5, wherein the method further comprises:
    - receiving, by the appliance from the second owner device, a decryption request including the second encryption key for the second data;
      
      decrypting, by the appliance, the encrypted owners private data;
      
      retrieving, by the appliance, the owners private data; and
      
      sending, by the appliance, the owners private data to the second owner device.
  - 7. The appliance of claim 1, wherein the method further comprises, prior to encrypting the first owner private data:
    - monitoring, by the one or more state monitoring sensors of the appliance, first data related to the appliance;
      
      generating, by the appliance, the first owner private data based on the first data; and
      
      storing, by the appliance, the first owner private data.
  - 8. The appliance of claim 1, wherein the method further comprises, prior to encrypting the owners private data:
    - monitoring, by the one or more state monitoring sensors of the appliance, second data related to the appliance;
      
      generating, by the appliance, the owners private data based on the second data; and
      
      storing, by the appliance, the owners private data.
  - 9. The appliance of claim 1, wherein the first owner private data is accessible to only the first owner of the appliance.
  - 10. The appliance of claim 1, wherein the owners private data is accessible to the first owner and the second owner of the appliance.
  - 12. The method of claim 1, wherein the first encryption key and the second encryption key are symmetric encryption keys.
  - 13. The method of claim 1, further comprising:
    - receiving, by the appliance, an indication from a first owner device associated with the first owner that there is a transfer of ownership of the appliance from the first owner to the second owner of the appliance;
      
      generating, by the appliance, an ownership transfer entry comprising information related to the transfer of ownership of the appliance; and
      
      storing, by the appliance, the ownership transfer entry.
  - 14. The method of claim 1, further comprising:
    - receiving, by the appliance from the first owner device, ownership transfer data including the second encryption key, wherein the second encryption key is encrypted by the first owner device; and
      
      storing, by the appliance, the ownership transfer data in the ownership transfer entry.
  - 15. The method of claim 1, further comprising:
    - receiving, by the appliance from a second owner device associated with the second owner, a decryption request for the ownership transfer information;
      
      decrypting, by the appliance, the encrypted ownership transfer information;
      
      retrieving, by the appliance, the second encryption key from the decrypted ownership transfer information; and
      
      sending, by the appliance, the second encryption key to the second owner device, wherein the second owner device can utilize the second encryption key to access the owners private data.
  - 16. The method of claim 1, further comprising:
    - receiving, by the appliance from the second owner device, a decryption request including the second encryption key for the second data;
      
      decrypting, by the appliance, the encrypted owners private data;
      
      retrieving, by the appliance, the owners private data from the encrypted owners private data; and
      
      sending, by the appliance, the owners private data to the second owner device.
  - 17. The method of claim 1, further comprising, prior to encrypting the first owner private data:
    - monitoring, by the one or more state monitoring sensors of the appliance, first data related to the appliance;
      
      generating, by the appliance, the first owner private data based on the first data; and
      
      storing, by the appliance, the first owner private data.
  - 18. The method of claim 1, further comprising, prior to encrypting the owners private data:
    - monitoring, by the one or more state monitoring sensors of the appliance, second data related to the appliance;
      
      generating, by the appliance, the owners private data based on the second data; and
      
      storing, by the appliance, the owners private data.
  - 19. The method of claim 1, wherein the first owner private data is accessible to only the first owner of the appliance.
  - 20. The method of claim 1, further comprising:
    - generating, by the appliance, a digest of the first owner private data and owners private data;
      
      digitally signing, by the appliance, the digest; and
      
      storing the signed digest in the appliance.

11. A method comprising:
- receiving, by an appliance, a first encryption key and a second encryption key associated with a first owner of the appliance;
  
  storing the first encryption key and the second encryption key in the appliance;
  
  encrypting, by the appliance, first owner private data stored in the appliance using the first encryption key, wherein the first owner private data is not accessible to a subsequent second owner of the appliance; and
  
  encrypting, by the appliance, owners private data stored in the appliance using the second encryption key, wherein the owners private data is accessible by the subsequent second owner of the appliance.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa International Service Association (Visa, Inc.)
Original Assignee
Visa International Service Association (Visa, Inc.)
Inventors
White, David

Granted Patent

US 10,037,436 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

G06F 21/64   Protecting data integrity, ...

G06F 2221/2101   Auditing as a secondary aspect

G06F 2221/2107   File encryption

G06F 2221/2147   Locking files

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 9/0822   using key encryption key

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0894   Escrow, recovery or storing...

H04L 9/14   using a plurality of keys o...

H04L 9/321   involving a third party or ...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

DEVICE USING SECURE STORAGE AND RETRIEVAL OF DATA

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

DEVICE USING SECURE STORAGE AND RETRIEVAL OF DATA

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others