System and method for access control and for supply chain management via a shared bill of material

US 6,983,278 B1
Filed: 04/10/2002
Issued: 01/03/2006
Est. Priority Date: 04/10/2001
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

storing a plurality of bills of material (BOMs) in a processing system, each BOM describable as a tree with each node an element, each BOM being associated with an owner of a set of owners, such that BOMS associated with different owners are stored in the same processing system; and

uploading data via a network from a local file system for storage in a data server for association with a particular BOM of the BOMs, wherein the uploading includes;

selecting the data for upload and linking to the particular BOM;

requesting the upload from an application program;

receiving from the application program a redirect to the data server;

sending the data selected for upload to the data server according to the redirect;

at the data server, receiving a ticket issued and authorized by the application program;

at the data server, storing the data in encrypted form; and

linking the stored data with the particular BOM to form additional information for the particular BOM,such that different users may be assigned different remote access privileges to the uploaded data, the assigning of privileges automatic according to the role assigned to the user or an entity of which the user is an employee.

View all claims

9 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and computer program product for securely uploading and downloading data from a client to a remote data storage location under control of a remote application program. The data is stored in encrypted form so that the data server has no access to the data. The data is associated with a bill of material (BOM) and may be accessed by users without providing access to the data space of the client. Also disclosed is a method and computer program so automatically assign access privileges to one or more users of data in a bill of material stored in a shared database such that the step of refining a role for the user for a data item automatically assigns access privileges for the user for the data and other related data items. Also described is linking BOMs to provide peer-to-peer access and views to different users. Also described is a method and software program that provides of propagation of data through the supply chain via one or more bills of materials.

107 Citations

View as Search Results

31 Claims

1. A method comprising:
- storing a plurality of bills of material (BOMs) in a processing system, each BOM describable as a tree with each node an element, each BOM being associated with an owner of a set of owners, such that BOMS associated with different owners are stored in the same processing system; and
  
  uploading data via a network from a local file system for storage in a data server for association with a particular BOM of the BOMs, wherein the uploading includes;
  
  selecting the data for upload and linking to the particular BOM;
  
  requesting the upload from an application program;
  
  receiving from the application program a redirect to the data server;
  
  sending the data selected for upload to the data server according to the redirect;
  
  at the data server, receiving a ticket issued and authorized by the application program;
  
  at the data server, storing the data in encrypted form; and
  
  linking the stored data with the particular BOM to form additional information for the particular BOM,such that different users may be assigned different remote access privileges to the uploaded data, the assigning of privileges automatic according to the role assigned to the user or an entity of which the user is an employee.

2. A method comprising:
- receiving an upload request from a client system over a network, the upload request including authentication information of a user, and identifying data to be uploaded for storage in a data server, the upload request further including identifying information of a particular bill of material (BOM) with which the data is to be associated, the BOM stored in a processing system with at least one other BOMs, each BOM describable as a tree with each node an element, each BOM associated with an owner of a set of owners, such that BOMS associated with different owners are stored in the same processing system;
  
  issuing a redirect to the data server and issuing a ticket, such that the data and the corresponding issued ticket can be sent to the data server;
  
  receiving the previously issued ticket for the data for authorization;
  
  authorizing the previously issued ticket;
  
  communicating the authorization to the data server, such that the data server, receiving the identified data and the authorized ticket, stores the data in encrypted form, and sends results of the storing; and
  
  receiving from the data server an acknowledgement of the result of storing of the data, and updating the particular BOM accordingly, such that different users may be assigned different remote access privileges to the uploaded data, the assigning of privileges automatic according to the role assigned to the user or an entity of which the user is an employee.
- View Dependent Claims (3, 4, 5, 6, 7, 8)
- - 3. A method as recited in claim 2, wherein unrestricted access to the stored data is limited to the owner and any designates of the owner of the BOM.
  - 4. A method as recited in claim 2, wherein the data is received at the data server in secure form.
  - 5. A method as recited in claim 4, wherein the encrypting of the data for storage occurs at the client, such that the data server does not receive the encryption key.
  - 6. A method as recited in claim 2, wherein the ticket includes a key to use for encryption.
  - 7. A method as recited in claim 6, wherein the encrypting of the data occurs at the data server prior to storage.
  - 8. A method as recited in claim 6, wherein the key is a one way key such that a different key is needed for decryption.

9. A method comprising:
- receiving a download request from a client system over a network, the download request including information identifying the data to be downloaded, the data stored in encrypted form in a data server and associated with a particular bill of material (BOM), the BOM stored in a processing system with at least one other BOMs, each BOM describable as a tree with each node an element, each BOM associated with an owner of a set of owners, such that BOMS associated with different owners are stored in the same processing system;
  
  issuing a ticket to the client, including information on the location of the data in the data server;
  
  receiving from the data server the previously issued ticket for authentication as a result of the data server receiving from the client a data server download request and the previously issued ticket;
  
  authorizing the previously issued ticket, such that the data server is authorized to send the stored data to the client, and such that the data can be decrypted;
  
  decrypting the stored data; and
  
  sending the decrypted data to the client.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. A method as recited in claim 9, wherein the data is sent to the client in secure form.
  - 11. A method as recited in claim 9, wherein the key to decrypt the data is sent to the client, and wherein the decryption occurs at the client, such that the data server has no access to decrypting keys.
  - 12. A method as recited in claim 9, wherein the authorizing includes, when successful, sending the decryption key to the data server, and wherein the decryption occurs at the data server.
  - 13. A method as recited in claim 9, wherein the ticket includes the decryption key to use for encryption, such that the data server download request includes the decryption key.
  - 14. A method as recited in claim 9, wherein the key to decrypt the data has a short validity time.
  - 15. A method as recited in claim 9, wherein the key to decrypt the data is a use once key.
  - 16. A method as recited in claim 9, wherein the data is stored in encrypted form encrypted by a one way key such that a different key is used for decryption than was used for encryption.

17. A carrier medium carrying one or more computer readable code segments to instruct a processor of a processing system to execute a method, the method comprising:
- receiving an upload request from a client system over a network, the upload request including authentication information of a user, and identifying data to be uploaded for storage in a data server, the upload request further including identifying information of a particular bill of material (BOM) with which the data is to be associated, the BOM stored in a processing system with at least one other BOMs, each BOM describable as a tree with each node an element, each BOM associated with an owner of a set of owners, such that BOMS associated with different owners are stored in the same processing system;
  
  issuing a redirect to the data server and issuing a ticket, such that the data and the corresponding issued ticket can be sent to the data server;
  
  receiving the previously issued ticket for the data for authorization;
  
  authorizing the previously issued ticket;
  
  communicating the authorization to the data server, such that the data server, receiving the identified data and the authorized ticket, stores the data in encrypted form, and send results of the storing; and
  
  receiving from the data server an acknowledgement of the result of storing of the data, and updating the particular BOM accordingly, such that different users may be assigned different remote access privileges to the uploaded data, the assigning of privileges automatic according to the role assigned to the user or an entity of which the user is an employee.
- View Dependent Claims (18, 19, 20, 21, 22, 23)
- - 18. A carrier medium as recited in claim 17, wherein unrestricted access to the stored data is limited to the owner and any designates of the owner of the BOM.
  - 19. A carrier medium as recited in claim 17, wherein the data is received at the data server in secure form.
  - 20. A carrier medium as recited in claim 19, wherein the encrypting of the data for storage occurs at the client, such that the data server does not receive the encryption key.
  - 21. A carrier medium as recited in claim 17, wherein the ticket includes a key to use for encryption.
  - 22. A carrier medium as recited in claim 21, wherein the encrypting of the data occurs at the data server prior to storage.
  - 23. A carrier medium as recited in claim 21, wherein the key is a one way key such that a different key is needed for decryption.

24. A carrier medium carrying one or more computer readable code segments to instruct a processor of a processing system to execute a method, the method comprising:
- receiving a download request from a client system over a network, the download request including information identifying the data to be downloaded, the data stored in encrypted form in a data server and associated with a particular bill of material (BOM), the BOM stored in a processing system with at least one other BOMs, each BOM describable as a tree with each node an element, each BOM associated with an owner of a set of owners, such that BOMS associated with different owners are stored in the same processing system;
  
  issuing a ticket to the client, including information on the location of the data in the data server;
  
  receiving from the data server the previously issued ticket for authentication as a result of the data server receiving from the client a data server download request and the previously issued ticket;
  
  authorizing the previously issued ticket, such that the data server is authorized to send the stored data to the client, and such that the data can be decrypted;
  
  decrypting the stored data; and
  
  sending the decrypted data to the client.
- View Dependent Claims (25, 26, 27, 28, 29, 30, 31)
- - 25. A carrier medium as recited in claim 24, wherein the data is sent to client in secure form.
  - 26. A carrier medium as recited in claim 24, wherein the key to decrypt the data is sent to the client, and wherein the decryption occurs at the client, such that the data server has no access to decrypting keys.
  - 27. A carrier medium as recited in claim 24, wherein the authorizing includes, when successful, sending the decryption key to the data server, and wherein the decryption occurs at the data server.
  - 28. A carrier medium as recited in claim 24, wherein the ticket includes the decryption key to use for encryption, such that the data server download request includes the decryption key.
  - 29. A carrier medium as recited in claim 24, wherein the key to decrypt the data has a short validity time.
  - 30. A carrier medium as recited in claim 24, wherein the key to decrypt the data is a use-once key.
  - 31. A carrier medium as recited in claim 24, wherein the data is stored in encrypted form encrypted by a one way key such that a different key is used for decryption than was used for encryption.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Arena Solutions, Inc
Original Assignee
Arena Solutions, Inc
Inventors
Yu, Janet, Larkin, Eric, Topolovac, Michael
Primary Examiner(s)
ROBINSON, GRETA LEE

Application Number

US10/120,898
Time in Patent Office

1,364 Days
Field of Search

707/10, 707/9, 707/100, 707/200, 707/201, 705/21, 705/64, 709/217, 709/238, 709/203
US Class Current

1/1
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/6218   to a system of files or obj...

G06F 2221/2115   Third party

G06Q 10/00   Administration; Management

G06Q 10/0875   Itemisation or classificati...

Y10S 707/99939   Privileged access

System and method for access control and for supply chain management via a shared bill of material

First Claim

9 Assignments

0 Petitions

Accused Products

Abstract

107 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for access control and for supply chain management via a shared bill of material

First Claim

9 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

107 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links