System and method for remote device registration
First Claim
1. A method for distributing and monitoring insertion of sensitive data into devices, said method comprising:
- arranging a controller to be communicably connectable to a server being located remote therefrom, said server configured to be communicably connectable to equipment responsible for inserting said sensitive data into said devices, said controller being configured for distributing said sensitive data to said server to enable said server to provide said sensitive data to said equipment, said controller comprising a secure module for performing cryptographic operations;
said controller using said secure module to cryptographically protect said sensitive data;
said controller sending a cryptographically protected data transmission comprising said sensitive data to said server to enable said server to extract said sensitive data therefrom;
said controller providing a credit value to said server indicative of a number of sensitive data insertions that are permitted before requesting more of said sensitive data from said controller to enable said server to update said credit value according to amounts of said sensitive data provided to said equipment;
said controller receiving a log report from said server, said log report pertaining to the insertion of an amount of said sensitive data into respective devices by said equipment upon said equipment obtaining said amount of sensitive data from said server upon request, said log report having been generated from at least one log record obtained by said server from said equipment; and
said controller enabling said log report to be compared to a record generated by said controller indicative of distribution of said sensitive data to said server to monitor said insertion of said sensitive data.
4 Assignments
0 Petitions
Accused Products
Abstract
A system and method for remote device registration, to monitor and meter the injection of keying or other confidential information onto a device, is provided. A producer who utilizes one or more separate manufacturers, operates a remote module that communicates over forward and backward channels with a local module at the manufacturer. Encrypted data transmissions are sent by producer to the manufacturer and are decrypted to obtain sensitive data used in the devices. As data transmissions are decrypted, credits from a credit pool are depleted and can be replenished by the producer through credit instructions. As distribution images are decrypted, usage records are created and eventually concatenated, and sent as usage reports back to the producer, to enable the producer to monitor and meter production at the manufacturer.
28 Citations
36 Claims
-
1. A method for distributing and monitoring insertion of sensitive data into devices, said method comprising:
-
arranging a controller to be communicably connectable to a server being located remote therefrom, said server configured to be communicably connectable to equipment responsible for inserting said sensitive data into said devices, said controller being configured for distributing said sensitive data to said server to enable said server to provide said sensitive data to said equipment, said controller comprising a secure module for performing cryptographic operations; said controller using said secure module to cryptographically protect said sensitive data;
said controller sending a cryptographically protected data transmission comprising said sensitive data to said server to enable said server to extract said sensitive data therefrom;said controller providing a credit value to said server indicative of a number of sensitive data insertions that are permitted before requesting more of said sensitive data from said controller to enable said server to update said credit value according to amounts of said sensitive data provided to said equipment; said controller receiving a log report from said server, said log report pertaining to the insertion of an amount of said sensitive data into respective devices by said equipment upon said equipment obtaining said amount of sensitive data from said server upon request, said log report having been generated from at least one log record obtained by said server from said equipment; and said controller enabling said log report to be compared to a record generated by said controller indicative of distribution of said sensitive data to said server to monitor said insertion of said sensitive data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A system for distributing and monitoring insertion of sensitive data into devices, said system comprising:
-
a controller device communicably connectable to a server being located remote therefrom, said server configured to be communicably connectable to equipment responsible for inserting said sensitive data into said devices, said controller device being configured for distributing said sensitive data to said server to enable said server to provide said sensitive data to said equipment, said controller device comprising a secure module for performing cryptographic operations; said controller device being configured for; using said secure module to cryptographically protect said sensitive data; sending a cryptographically protected data transmission comprising said sensitive data to said server to enable said server to extract said sensitive data therefrom; providing a credit value to said server indicative of a number of sensitive data insertions that are permitted before requesting more of said sensitive data from said controller device to enable said server to update said credit value according to amounts of said sensitive data provided to said equipment; receiving a log report from said server, said log report pertaining to the insertion of an amount of said sensitive data into respective devices by said equipment upon said equipment obtaining said amount of sensitive data from said server upon request, said log report having been generated from at least one log record obtained by said server from said equipment; and enabling said log report to be compared to a record generated by said controller indicative of distribution of said sensitive data to said server to monitor said insertion of said sensitive data. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
Specification