Architecture and method to secure database records from tampering in devices such as postage value dispensing mechanisms
First Claim
Patent Images
1. A method for ensuring the freshness of records in a system comprising the steps of:
- storing a plurality of customer records, each customer record including a counter indicative of the transaction status of the customer record;
storing a plurality of freshness records, each freshness record including at least a subset of the total number of counters for all of the customer records and also including a freshness record counter that is related to the subset of the total number of counters in the freshness record;
storing in a cryptographic device separate from the customer and freshness records a cryptographic device counter initially set to be consistent with an initial value in the freshness record counter;
upon a request to update a specific customer record, identifying the freshness record that includes the counter associated with the specific customer record and sending the freshness record and the specific customer record to the cryptographic device;
extracting at the cryptographic device from the freshness record the freshness record counter;
determining if a first predetermined relationship exists between the extracted freshness record counter and the cryptographic device counter; and
if the first predetermined relationship exists, extracting the counter associated with the specific customer record from the customer record and comparing it to the counter associated with the specific customer record stored in the freshness record to determine if a second predetermined relationship exists; and
if the second predetermined relationship exists, permitting the specific customer record to be updated.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for protecting against a replay attack in a database system makes use of customer records including a counter, and freshness records that include the customer counters and a freshness record counter. The counter from the customer records, the customer records in the freshness records, and the freshness record counter are used by a cryptographic device together with a cryptographic device counter to verify the freshness of the customer record prior to updating the customer record with respect to a recent transaction.
-
Citations
8 Claims
-
1. A method for ensuring the freshness of records in a system comprising the steps of:
-
storing a plurality of customer records, each customer record including a counter indicative of the transaction status of the customer record; storing a plurality of freshness records, each freshness record including at least a subset of the total number of counters for all of the customer records and also including a freshness record counter that is related to the subset of the total number of counters in the freshness record; storing in a cryptographic device separate from the customer and freshness records a cryptographic device counter initially set to be consistent with an initial value in the freshness record counter; upon a request to update a specific customer record, identifying the freshness record that includes the counter associated with the specific customer record and sending the freshness record and the specific customer record to the cryptographic device; extracting at the cryptographic device from the freshness record the freshness record counter; determining if a first predetermined relationship exists between the extracted freshness record counter and the cryptographic device counter; and if the first predetermined relationship exists, extracting the counter associated with the specific customer record from the customer record and comparing it to the counter associated with the specific customer record stored in the freshness record to determine if a second predetermined relationship exists; and if the second predetermined relationship exists, permitting the specific customer record to be updated. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system comprising:
-
a database including a plurality of customer records, each customer record including a counter indicative of the transaction status of the customer record and a plurality of freshness records, each freshness record including at least a subset of the total number of counters for all of the customer records and also including a freshness record counter that is related to the subset of the total number of counters in the freshness record; a cryptographic device, separate from the database, including a cryptographic device counter initially set to be consistent with an initial value in the freshness record counter; and means, upon a receiving a request to update a specific customer record, for identifying the freshness record that includes the counter associated with the specific customer record and sending the freshness record and the specific customer record to the cryptographic device; wherein the cryptographic device extracts from the freshness record the freshness record counter, determines if a first predetermined relationship exists between the extracted freshness record counter and the cryptographic device counter;
if the first predetermined relationship exists extracts the counter associated with the specific customer record from the customer record and compares it to the counter associated with the specific customer record stored in the freshness record to determine if a second predetermined relationship exists; and
if the second predetermined relationship exists initiates the update of the specific customer record.
-
Specification