System and method for remote device registration
First Claim
1. A method for controlling insertion of sensitive data into devices, said method comprising:
- arranging a server to be communicably connectable to a controller responsible for distributing said sensitive data and equipment responsible for injecting said sensitive data into said devices, said server being located remote from said controller, and said server comprising a secure module for performing cryptographic operations;
said server receiving from said controller, a cryptographically protected data transmission comprising said sensitive data;
said server providing said data transmission to said secure module;
said secure module extracting said sensitive data from said data transmission;
said server storing a credit value provided by said controller indicative of a number of sensitive data insertions that are permitted before requesting more of said sensitive data from said controller;
said server receiving a request from said equipment for said sensitive data to inject into one or more of said devices;
said server referencing said credit value and providing an amount of said sensitive data to said equipment for injection into said one or more devices according to said credit value;
if said amount is less than said credit value, said server updating said credit value according to said amount;
said server receiving an equipment log report pertaining to the insertion of said amount of sensitive data into respective devices; and
said server sending said equipment log report to said controller.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method for remote device registration, to monitor and meter the injection of keying or other confidential information onto a device, is provided. A producer who utilizes one or more separate manufacturers, operates a remote module that communicates over forward and backward channels with a local module at the manufacturer. Encrypted data transmissions are sent by producer to the manufacturer and are decrypted to obtain sensitive data used in the devices. As data transmissions are decrypted, credits from a credit pool are depleted and can be replenished by the producer through credit instructions. As distribution images are decrypted, usage records are created and eventually concatenated, and sent as usage reports back to the producer, to enable the producer to monitor and meter production at the manufacturer.
-
Citations
31 Claims
-
1. A method for controlling insertion of sensitive data into devices, said method comprising:
-
arranging a server to be communicably connectable to a controller responsible for distributing said sensitive data and equipment responsible for injecting said sensitive data into said devices, said server being located remote from said controller, and said server comprising a secure module for performing cryptographic operations; said server receiving from said controller, a cryptographically protected data transmission comprising said sensitive data; said server providing said data transmission to said secure module; said secure module extracting said sensitive data from said data transmission; said server storing a credit value provided by said controller indicative of a number of sensitive data insertions that are permitted before requesting more of said sensitive data from said controller; said server receiving a request from said equipment for said sensitive data to inject into one or more of said devices; said server referencing said credit value and providing an amount of said sensitive data to said equipment for injection into said one or more devices according to said credit value; if said amount is less than said credit value, said server updating said credit value according to said amount; said server receiving an equipment log report pertaining to the insertion of said amount of sensitive data into respective devices; and said server sending said equipment log report to said controller. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A server system for controlling insertion of sensitive data into devices, said system comprising:
-
a server communicably connectable to a controller responsible for distributing said sensitive data and equipment responsible for injecting said sensitive data into said devices, said server being located remote from said controller, said server comprising a secure module for performing cryptographic operations, said server comprising computer executable instructions for configuring a processor to; receiving from said controller, a cryptographically protected data transmission comprising said sensitive data; providing said data transmission to said secure module; said secure module extracting said sensitive data from said data transmission; storing a credit value provided by said controller indicative of a number of sensitive data insertions that are permitted before requesting more of said sensitive data from said controller; receiving a request from said equipment for said sensitive data to inject into one or more of said devices; referencing said credit value and providing an amount of said sensitive data to said equipment for injection into said one or more devices according to said credit value; if said amount is less than said credit value, updating said credit value according to said amount; receiving an equipment log report pertaining to the insertion of said amount of sensitive data into respective devices; and sending said equipment log report to said controller. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification