Security and privacy enforcement for discovery services in a network of electronic product code information repositories
First Claim
1. A computer-implemented method for managing security and privacy associations between an electronic product code value and an address of a repository containing information about an item represented by the electronic product code, the method comprising:
- providing a service interface to the repository, the service interface providing access to the repository for one or more parties authorized to use the repository, with respect to the item;
issuing, by an authoritative party and prior to accessing the repository, a security certificate to each of the one or more parties that are authorized to use the repository in conducting a supply chain transaction;
in response to a party among the one or more parties sensing the electronic product code, creating a record in the repository, the record representing the sensing of the electronic product code and including the security certificate belonging to the party that sensed the electronic product code; and
storing a data sharing attribute with each record in the repository, the data sharing attribute being defined by an owner of the electronic product code information in the repository, the data sharing attribute specifying a subset of parties among the one or more parties that has permission to access the record.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods and apparatus, including computer program products, implementing and using techniques for managing security and privacy associations between an electronic product code value and an address of a repository containing information about an item represented by the electronic product code. A security certificate is issued to each of one or more parties that are authorized to use the repository. In response to a party among the one or more parties sensing the electronic product code, a record is created in the repository. The record represents the sensing of the electronic product code and includes a security certificate belonging to the party that sensed the electronic product code.
-
Citations
33 Claims
-
1. A computer-implemented method for managing security and privacy associations between an electronic product code value and an address of a repository containing information about an item represented by the electronic product code, the method comprising:
-
providing a service interface to the repository, the service interface providing access to the repository for one or more parties authorized to use the repository, with respect to the item; issuing, by an authoritative party and prior to accessing the repository, a security certificate to each of the one or more parties that are authorized to use the repository in conducting a supply chain transaction; in response to a party among the one or more parties sensing the electronic product code, creating a record in the repository, the record representing the sensing of the electronic product code and including the security certificate belonging to the party that sensed the electronic product code; and storing a data sharing attribute with each record in the repository, the data sharing attribute being defined by an owner of the electronic product code information in the repository, the data sharing attribute specifying a subset of parties among the one or more parties that has permission to access the record. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer program product comprising a non-transitory computer useable medium including a computer readable program, for managing security and privacy associations between an electronic product code value and an address of a repository containing information about an item represented by the electronic product code, wherein the computer readable program when executed on a computer causes the computer to:
-
provide a service interface to the repository, the service interface providing access to the repository for one or more parties authorized to use the repository, with respect to the item; issue, by an authoritative party and prior to accessing the repository, a security certificate to each of the one or more parties that are authorized to use the repository in conducting a supply chain transaction; in response to a party among the one or more parties sensing the electronic product code, create a record in the repository, the record representing the sensing of the electronic product code and including the security certificate belonging to the party that sensed the electronic product code; and store a data sharing attribute with each record in the repository, the data sharing attribute being defined by an owner of the electronic product code information in the repository, the data sharing attribute specifying a subset of parties among the one or more parties that has permission to access the record. - View Dependent Claims (18, 19, 20, 21, 22, 23)
-
-
24. A discovery service operable to provide a mapping from an electronic product code number to a set of electronic product code information services that include event information and item information about the electronic product code number, the discovery service comprising:
-
a repository containing records that represent a first sensing of the electronic product code by the respective electronic product code information services, each record including a security certificate issued by an authoritative party to the electronic product code information service that sensed the electronic product code, and a data sharing attribute, the data sharing attribute being defined by an owner of the electronic product code information in the repository and specifying a subset of electronic product code information services that has permission to access the record; and a service interface through which electronic product code information services and applications can access the records in accordance with the specified data sharing attributes in each record, the service interface including plurality of services enabling secure traceability of the item represented by the electronic product code, wherein the service interface further defines mechanisms for secure and privacy-preserving network access to the records in the repository, the mechanisms including one or more of;
the use of proxy services, the use of role-based, policy-based, cell level data disclosure control of information in the repository, and the use of visibility control of the repository in one or more discovery services. - View Dependent Claims (25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification