Techniques for securing supply chain electronic transactions

US 9,306,750 B2
Filed: 07/16/2009
Issued: 04/05/2016
Est. Priority Date: 07/16/2009
Status: Active Grant

First Claim

Patent Images

1. A computer readable storage device storing a plurality of instructions which, when executed by a processor, cause the processor to authenticate an identity of a party to a transaction in a supply chain by:

registering, by a hub registry system, one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;

receiving, by the hub registry system, a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system;

decrypting, by the hub registry system, the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods;

storing, by the hub registry system, the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain;

receiving, by the hub registry system, a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods;

decrypting, by the hub registry system, the second encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods;

updating, by the hub registry system, the audit history for the transaction with the decrypted transaction data;

rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed; and

providing, by the hub registry system, the audit history to the shipper and the receiver.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Techniques for authenticating the identity of shippers and receivers of goods at each point along a supply chain. A central hub repository issues shippers and receivers a pair of public and private keys for encrypting communications between the shippers and receivers and the hub repository and for authenticating the identity of shippers and receivers. The hub repository may also maintain a log of all transactions between shippers and receivers to provide an audit trail that may be used to track the progress of goods along a supply chain.

15 Citations

View as Search Results

17 Claims

1. A computer readable storage device storing a plurality of instructions which, when executed by a processor, cause the processor to authenticate an identity of a party to a transaction in a supply chain by:
- registering, by a hub registry system, one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;
  
  receiving, by the hub registry system, a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system;
  
  decrypting, by the hub registry system, the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods;
  
  storing, by the hub registry system, the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain;
  
  receiving, by the hub registry system, a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods;
  
  decrypting, by the hub registry system, the second encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods;
  
  updating, by the hub registry system, the audit history for the transaction with the decrypted transaction data;
  
  rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed; and
  
  providing, by the hub registry system, the audit history to the shipper and the receiver.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer readable storage device of claim 1 wherein the first set of transaction information and the second set of transaction information include a unique identifier associated with the shipment of goods.
  - 3. The computer readable storage device of claim 2 wherein the unique identifier associated with the shipment of goods is associated with a radio-frequency identification (RFID) tag associated with the shipment of goods and wherein the reader device registered by the shipper and the reader device registered by the receiver each comprise RFID reader devices.
  - 4. The computer readable storage device of claim 1 wherein authenticating further comprises:
    - storing a unique identifier associated with the shipment of goods, an identifier associated with the shipper of the goods, and an identifier associated with the receiver of the goods in the audit history for the shipment of goods.
  - 5. The computer readable storage device of claim 4 wherein rejecting the transaction if authentication of one or more of the sender or the receiver of the goods failed further comprises:
    - generating a shipment exception message indicating authentication of one or more of the sender or the receiver of the goods failed;
      
      sending the shipment exception message to the shipper and the receiver of the goods; and
      
      storing information from the shipment authentication message in the audit history for the shipment of goods.
  - 6. The computer readable storage device of claim 3 wherein registering one or more reader devices comprises:
    - receiving a request to register the reader device from a shipper or receiver of goods, the reader device being configured to read the unique identifier associated with the shipment from an identifier tag associated with the shipment of goods;
      
      validating the network address associated with the request to determine whether the network address is including a set of network addresses of registered shippers and receivers;
      
      adding at least one of a network address and a hardware-specific identifier of the reader device to a set of registered devices associated with the shipper or receiver of goods;
      
      generating a private encryption key and a public encryption key for the reader device based on the at least one of a network address and a hardware-specific identifier of the reader device.
  - 7. The computer readable storage device of claim 6 wherein the first set of transaction information is encrypted by the shipper using a private key associated with a reader device located at a facility associated with the shipper, the reader device having been used to read the unique identifier associated with the shipment from the identifier tag associated with the shipment;
    - andwherein decrypting the first encrypted transaction data further comprises;
      
      identifying the public key associated with the reader device based on at least one of the network address and the hardware-specific identifier of the reader device;
      
      decrypting the first encrypted transaction data using the public key associated with the identified reader device.
  - 8. The computer readable storage device of claim 6 wherein the second set of transaction information is encrypted by the receiver using a private key associated with a reader device located at a facility associated with the receiver, the reader device having been used to read the unique identifier associated with the shipment of from the identifier tag associated with the shipment;
    - andwherein decrypting the second encrypted transaction data further comprises;
      
      identifying the public key associated with the reader device based on at least one of the network address and the hardware-specific identifier of the reader device;
      
      decrypting the second encrypted transaction data using the public key associated with the identified reader device.

9. A system comprising:
- a processor;
  
  a memory coupled with the processor and storing a plurality of instructions which, when executed by the processor, cause the processor to authenticate a transaction in a supply chain by;
  
  registering one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;
  
  receiving a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system;
  
  decrypting the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods;
  
  storing the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain;
  
  receiving a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods;
  
  decrypting the second encrypted transaction data-using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods;
  
  updating the audit history for the transaction with the decrypted transaction data;
  
  rejecting the transaction if authentication of one or more of the sender or the receiver of the goods failed; and
  
  providing the audit history to the shipper and the receiver.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9 wherein the first set of transaction information and the second set of transaction information include a unique identifier associated with the shipment of goods.
  - 11. The system of claim 10 wherein the unique identifier associated with the shipment of goods is associated with a radio-frequency identification (RFID) tag associated with the shipment of goods and wherein the reader device registered by the shipper and the reader device registered by the receiver each comprise RFID reader devices.
  - 12. The system of claim 9 wherein authenticating further comprises:
    - storing the unique identifier associated with the shipment of goods, an identifier associated with the shipper of the goods, and an identifier associated with the receiver of the goods in an audit history for the shipment of goods.
  - 13. The system of claim 12 wherein rejecting the transaction if authentication of one or more of the sender or the receiver of the goods failed further comprises:
    - generating a shipment exception message indicating authentication of one or more of the sender or the receiver of the goods failed;
      
      sending the shipment exception message to the shipper and the receiver of the goods; and
      
      storing information from the shipment authentication message in the audit history for the shipment of goods.
  - 14. The system of claim 11 wherein registering one or more reader devices comprises:
    - receiving a request to register the reader device from a shipper or receiver of goods, the reader device being configured to read the unique identifier associated with the shipment from an identifier tag associated with the shipment of goods;
      
      validating the network address associated with the request to determine whether the network address is including a set of network addresses of registered shippers and receivers;
      
      adding at least one of a network address and a hardware-specific identifier of the reader device to a set of registered devices associated with the shipper or receiver of goods;
      
      generating a private encryption key and a public encryption key for the reader device based on the at least one of a network address and a hardware-specific identifier of the reader device.
  - 15. The system of claim 14 wherein the first set of transaction information is encrypted by the shipper using a private key associated with a reader device located at a facility associated with the shipper, the reader device having been used to read the unique identifier associated with the shipment from the identifier tag associated with the shipment;
    - andwherein decrypting the first encrypted transaction data further comprises;
      
      identifying the public key associated with the reader device based on at least one of the network address and the hardware-specific identifier of the reader device;
      
      decrypting the first encrypted transaction data using the public key associated with the identified reader device.
  - 16. The system of claim 14 wherein the second set of transaction information is encrypted by the receiver using a private key associated with a reader device located at a facility associated with the receiver, the reader device having been used to read the unique identifier associated with the shipment of from the identifier tag associated with the shipment;
    - andwherein decrypting the second encrypted transaction data further comprises;
      
      identifying the public key associated with the reader device based on at least one of the network address and the hardware-specific identifier of the reader device;
      
      decrypting the second encrypted transaction data using the public key associated with the identified reader device.

17. A computer-implemented method for authenticating a transaction in a supply chain, the method comprising:
- registering, by a hub registry system, one or more reader devices at each of a plurality of points along the supply chain, each reader device registered by a network address of the reader device and associated with a public encryption key and a private encryption key;
  
  receiving, by the hub registry system, a first encrypted transaction data for a shipment of goods from a reader device registered by a shipper of the goods, the shipper comprising a first point of a plurality of points along the supply chain, the first encrypted transaction data identifying the goods being shipped and the shipper of the goods, the first encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the shipper and associated with the shipper by the hub registry system;
  
  decrypting, by the hub registry system, the first encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the shipper of the goods to authenticate the sender of the goods;
  
  storing, by the hub registry system, the decrypted transaction data in an audit history for the transaction, the audit history providing a chain of custody for the shipment of goods and comprising information tracking the progress of goods between the plurality of points along the supply chain;
  
  receiving, by the hub registry system, a second encrypted transaction data from a reader device registered to a receiver of the goods, the receiver comprising a second point of the plurality of points along the supply chain, the second encrypted transaction data being encrypted using the private encryption key associated with the reader device registered by the receiver of the goods and associated with the receiver of the goods by the hub registry system, wherein the second encrypted transaction data includes the first encrypted transaction data from the shipper of the goods and additional information identifying the goods being received and the receiver of the goods;
  
  decrypting, by the hub registry system, the second encrypted transaction data using a public encryption key associated with the registered network address of the reader device registered by the receiver of the goods to authenticate the receiver of the goods;
  
  updating, by the hub registry system, the audit history for the transaction with the decrypted transaction data;
  
  rejecting, by the hub registry system, the transaction if authentication of one or more of the sender or the receiver of the goods failed; and
  
  providing, by the hub registry system, the audit history to the shipper and the receiver.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Syngkon, Daio, Flierl, Susan
Primary Examiner(s)
Najjar, Saleh
Assistant Examiner(s)
Pan, Peiliang

Application Number

US12/504,596
Publication Number

US 20110016318A1
Time in Patent Office

2,455 Days
Field of Search

713/170, 726/2, 380/282
US Class Current

1/1
CPC Class Codes

G06Q 10/08   Logistics, e.g. warehousing...

G06Q 10/0833   Tracking

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/805   Lightweight hardware, e.g. ...

H04L 63/0428   wherein the data content is...

H04L 9/3247   involving digital signatures

Techniques for securing supply chain electronic transactions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Techniques for securing supply chain electronic transactions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links