Verification of process integrity

US 8,776,247 B2
Filed: 08/21/2009
Issued: 07/08/2014
Est. Priority Date: 08/22/2008
Status: Expired

First Claim

Patent Images

1. A system comprising a server and a remote device and configured to implement a secure transaction of data between the server and remote device, wherein the remote device comprises:

a processing device configured to process input data according to a security process;

a data storage device configured to store verification information derived from the input data;

a communication device configured to communicate the input data which has been processed by the security process to the server, wherein the server is configured to transmit a verification request to the remote device, verify integrity of the security process based on the stored verification information received from the data storage device in response to the verification request; and

a secure processor, wherein the verification information is derived from the input data according to an encryption algorithm implemented by the secure processor,wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.

View all claims

14 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system implements a secure transaction of data between a server and a remote device. The remote device comprises: processing means adapted to process input data according to a security process; data storage means adapted to store verification information derived from the input data according to an encryption algorithm; and communication means for communicating the input data which has been processed by the security process to the server. The server is adapted to transmit a verification request to the remote device, and to verify the integrity of the security process based on verification information received from the communication means of the remote device in response to the verification request.

23 Citations

View as Search Results

18 Claims

1. A system comprising a server and a remote device and configured to implement a secure transaction of data between the server and remote device, wherein the remote device comprises:
- a processing device configured to process input data according to a security process;
  
  a data storage device configured to store verification information derived from the input data;
  
  a communication device configured to communicate the input data which has been processed by the security process to the server, wherein the server is configured to transmit a verification request to the remote device, verify integrity of the security process based on the stored verification information received from the data storage device in response to the verification request; and
  
  a secure processor, wherein the verification information is derived from the input data according to an encryption algorithm implemented by the secure processor,wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system according to claim 1, wherein the remote device is a vehicle mounted unit comprising a global navigation system receiver configured to implement a position tracking function, and wherein the communication device comprises a mobile telephony receiver.
  - 3. The system according to claim 2, wherein the input data is derived from data output from the global navigation system receiver.
  - 4. The system according to claim 1, wherein the security process is configured to process input data such that the processed data does not disclose information related to the content of the input data.
  - 5. The system according to claim 4, wherein the security process is a cryptographically secure one-way hash function.
  - 6. The system according to claim 1, wherein the server is configured to process verification information received from the remote device according to a supplementary security process so as to verify the integrity of the security process undertaken by the remote device.
  - 7. The system of claim 1, further comprising:
    - a database, local to the remote device, that is configured to store the verification information.

8. A method of implementing a secure transaction of data between a server and a remote device, the method comprising:
- processing input data, in the remote device, according to a security process;
  
  storing verification information derived from the input data;
  
  communicating the processed input data to the server;
  
  transmitting a verification request from the server to the remote device;
  
  communicating, from the remote device, the stored verification information to the server in response to the verification request;
  
  verifying, at the server, integrity of the security process based on the verification information communicated to the server; and
  
  deriving the verification information from the input data according to an encryption algorithm implemented by a secure processor,wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 9. The method as claimed in claim 8, wherein the remote device is a vehicle mounted unit comprising a global navigation system receiver configured to implement a position tracking function, and wherein the step of communicating is implemented using a mobile telephony receiver.
  - 10. The method as claimed in claim 9, further comprising:
    - deriving the input data from data output from the global navigation system receiver.
  - 11. The method as claimed in claim 8, wherein the step of processing input data comprises:
    - processing input data such that the processed data does not disclose information related to the content of the input data.
  - 12. The method as claimed in claim 11, wherein the step of processing input data comprises:
    - processing input data using a cryptographically secure one-way hash function.
  - 13. The method as claimed in claim 8, wherein the step of verifying comprises:
    - processing verification information received from the remote device according to a supplementary security process.
  - 14. The method of claim 8, further comprising:
    - storing the verification information in a database which is local to the remote device.
  - 15. The method of claim 8, further comprising:
    - notifying a user that the remote device has received an enforcement request requiring data to be sent to the server.
  - 16. The method of claim 8, wherein verifying, at the server, further comprises:
    - verifying a signature of binding data; and
      
      subsequently verifying the binding data.
  - 17. The method of claim 8, further comprising:
    - communicating, to the server, a package identifier, computed cost, GPS data hash, and a signature.

18. A non-transitory medium readable by a machine, the non-transitory medium comprising:
- instructions for processing input data, in a remote device, according to a security process;
  
  instructions for storing verification information derived from the input data;
  
  instructions for communicating the processed input data to the server;
  
  instructions for transmitting a verification request from the server to the remote device;
  
  instructions for communicating the stored verification information from the remote device to the server in response to the verification request;
  
  instructions for verifying, at the server, integrity of the security process based on the verification information communicated to the server; and
  
  instructions for deriving the verification information from the input data according to an encryption algorithm implemented by a secure processor,wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Titan Intelligence Technology Limited
Original Assignee
Telit Automotive Solutions Nv (TUS International Ltd.)
Inventors
Peeters, Michael, Debast, Claude, Motte, Bruno, Froidcoeur, Tim
Primary Examiner(s)
LE, CHAU D

Application Number

US13/059,387
Publication Number

US 20110203003A1
Time in Patent Office

1,782 Days
Field of Search

726/26, 713/168
US Class Current

726/26
CPC Class Codes

G06F 21/52 during program execution, e...

Verification of process integrity

First Claim

14 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

Verification of process integrity

First Claim

14 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links