Techniques for securing supply chain electronic transactions
First Claim
1. A computer readable storage device storing a plurality of instructions which, when executed by a processor, cause the processor to authenticate an identity of a party to a transaction in a supply chain by:
- registering, by a hub registry system, one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;
receiving, by the hub registry system, a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system;
decrypting, by the hub registry system, the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods;
storing, by the hub registry system, the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain;
receiving, by the hub registry system, a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods;
decrypting, by the hub registry system, the second encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods;
updating, by the hub registry system, the audit history for the transaction with the decrypted transaction data;
rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed; and
providing, by the hub registry system, the audit history to the shipper and the receiver.
1 Assignment
0 Petitions
Accused Products
Abstract
Techniques for authenticating the identity of shippers and receivers of goods at each point along a supply chain. A central hub repository issues shippers and receivers a pair of public and private keys for encrypting communications between the shippers and receivers and the hub repository and for authenticating the identity of shippers and receivers. The hub repository may also maintain a log of all transactions between shippers and receivers to provide an audit trail that may be used to track the progress of goods along a supply chain.
15 Citations
17 Claims
-
1. A computer readable storage device storing a plurality of instructions which, when executed by a processor, cause the processor to authenticate an identity of a party to a transaction in a supply chain by:
-
registering, by a hub registry system, one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key; receiving, by the hub registry system, a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system; decrypting, by the hub registry system, the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods; storing, by the hub registry system, the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain; receiving, by the hub registry system, a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods; decrypting, by the hub registry system, the second encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods; updating, by the hub registry system, the audit history for the transaction with the decrypted transaction data; rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed; and providing, by the hub registry system, the audit history to the shipper and the receiver. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system comprising:
-
a processor; a memory coupled with the processor and storing a plurality of instructions which, when executed by the processor, cause the processor to authenticate a transaction in a supply chain by; registering one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key; receiving a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system; decrypting the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods; storing the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain; receiving a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods; decrypting the second encrypted transaction data-using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods; updating the audit history for the transaction with the decrypted transaction data; rejecting the transaction if authentication of one or more of the sender or the receiver of the goods failed; and providing the audit history to the shipper and the receiver. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer-implemented method for authenticating a transaction in a supply chain, the method comprising:
-
registering, by a hub registry system, one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key; receiving, by the hub registry system, a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system; decrypting, by the hub registry system, the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods; storing, by the hub registry system, the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain; receiving, by the hub registry system, a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods; decrypting, by the hub registry system, the second encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods; updating, by the hub registry system, the audit history for the transaction with the decrypted transaction data; rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed; and providing, by the hub registry system, the audit history to the shipper and the receiver.
-
Specification