System, method, and device for delivering communications and storing and delivering data

US 9,910,969 B2
Filed: 09/25/2017
Issued: 03/06/2018
Est. Priority Date: 04/06/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising:

an authentication server; and

a modified permission access device in communication with said authentication server, said modified permission access device comprising;

a modified permission access device processor physically associated, and in communication, with memory; and

a data storage physically separate from said memory and readable by said modified permission access device processor, wherein said data storage is operative to store, in non-volatile storage, an executable sensor and a vault which secures data, an executable detector, and at least one executable wrap which secures an executable controller, custom libraries, and a permissions file defining transaction requests permitted by said modified permission access device and wherein said at least one wrap includes instructions executable by said modified permission access device processor to (a) contact a remote server separate from said modified permission access device to prompt said remote server to transmit an executable application to said modified permission access device, (b) install said application into said memory, collect identifying information about said modified permission access device and transmit said identifying information to said remote server, authenticate said modified permission access device using said application, and, upon authentication of said modified permission access device, create a user account associated with said modified permission access device using said identifying information, and (c) only when said modified permission access device is authenticated using said application, install said executable sensor to said memory, wherein said application in said memory cooperates with said executable controller in said data storage to automatically and continuously permit or deny access by said modified permission access device processor to only permit said modified permission access device processor to access said secure data protected by said vault when both said application in said memory and said executable controller in said data storage are accessible and to otherwise deny access, wherein said modified permission access device processor can execute only said application and is prevented by said at least one wrap from executing said executable controller directly, and wherein said executable sensor is operative to monitor at least one of said modified permission access device and said data storage for anomalies and, upon detecting an anomaly, deny access to said secure data secured by said vault by said executable sensor deleting said application from said memory upon detecting an anomaly thereby rendering said secure data inaccessible to said modified permission access device processor, and wherein said executable detector is operative to confirm the integrity of said data secured by said vault and, in the event that the integrity of said data is unconfirmed, rendering said executable controller inoperable for said unconfirmed data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system, method, and device includes a platform data storage that stores a wrap that secures an executable controller and executable sensors. The wrap is verified, optionally through a downloaded authentication driver. After verifying the wrap, the wrap is opened and a sister of the executable controller is installed into the platform memory to cooperate with the executable controller. Additionally or alternatively, the authentication driver may cooperate with the executable controller. The executable controller allows the platform processor to access data secured in a vault and/or verify the platform to create a connection to an application server.

8 Citations

20 Claims

1. A system comprising:
- an authentication server; and
  
  a modified permission access device in communication with said authentication server, said modified permission access device comprising;
  
  a modified permission access device processor physically associated, and in communication, with memory; and
  
  a data storage physically separate from said memory and readable by said modified permission access device processor, wherein said data storage is operative to store, in non-volatile storage, an executable sensor and a vault which secures data, an executable detector, and at least one executable wrap which secures an executable controller, custom libraries, and a permissions file defining transaction requests permitted by said modified permission access device and wherein said at least one wrap includes instructions executable by said modified permission access device processor to (a) contact a remote server separate from said modified permission access device to prompt said remote server to transmit an executable application to said modified permission access device, (b) install said application into said memory, collect identifying information about said modified permission access device and transmit said identifying information to said remote server, authenticate said modified permission access device using said application, and, upon authentication of said modified permission access device, create a user account associated with said modified permission access device using said identifying information, and (c) only when said modified permission access device is authenticated using said application, install said executable sensor to said memory, wherein said application in said memory cooperates with said executable controller in said data storage to automatically and continuously permit or deny access by said modified permission access device processor to only permit said modified permission access device processor to access said secure data protected by said vault when both said application in said memory and said executable controller in said data storage are accessible and to otherwise deny access, wherein said modified permission access device processor can execute only said application and is prevented by said at least one wrap from executing said executable controller directly, and wherein said executable sensor is operative to monitor at least one of said modified permission access device and said data storage for anomalies and, upon detecting an anomaly, deny access to said secure data secured by said vault by said executable sensor deleting said application from said memory upon detecting an anomaly thereby rendering said secure data inaccessible to said modified permission access device processor, and wherein said executable detector is operative to confirm the integrity of said data secured by said vault and, in the event that the integrity of said data is unconfirmed, rendering said executable controller inoperable for said unconfirmed data.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1 further comprising:
    - an application server in communication with said modified permission access device having an application server processor operative to execute program instructions to conduct the steps of;
      
      receiving a transaction request from said modified permission access device, wherein said data secured by said wrap includes instructions for said modified permission access device to transmit said transaction request from said modified permission access device to said application server only if said transaction request is permitted by said permissions file;
      
      authenticating said modified permission access device;
      
      generating a transaction code after authenticating said modified permission access device;
      
      opening an application server port identified by an application server port address;
      
      reconnecting to said authenticated modified permission access device via said application server port at said application server port address; and
      
      communicating between said application server and said authenticated modified permission access device via said application server port;
      
      an authorization server in communication with said application server, said authorization server having an authorization server processor operative to execute program instructions to conduct the steps of;
      
      receiving said transaction code from said application server; and
      
      authenticating said transaction code received from said application server;
      
      a data server in communication via a connection with said application server, said data server comprising;
      
      a data server processor;
      
      a data server communication device controlled by said data server processor and operative for selective communication with said application server; and
      
      a data server data storage readable by said data server processor, wherein said data server data storage is operative to store, in non-volatile storage, at least one account, an account history for each said account, and program instructions executable by said data server processor to conduct the steps of;
      
      conducting a transaction for at least one account in response to said transaction request; and
      
      recording said transaction in said account history for said account.
  - 3. The system of claim 2 wherein said application server stores confirmation data and said step of confirming the integrity of said data secured by said vault comprises comparing at least a portion of said data secured by said vault to said confirmation data stored at said application server.
  - 4. The system of claim 2 further comprising at least one custodian server in communication via a connection with said application server and said data server, said custodian server having a custodian server processor operative to execute program instructions to conduct the steps of:
    - receiving said transaction request from said application server after said authorization server has authenticated said transaction code;
      
      verifying said transaction request;
      
      generating a transaction authorization key after verifying said transaction request; and
      
      transmitting said transaction authorization key to said application server authorizing said transaction request after verifying said transaction request.
  - 5. The system of claim 4 comprising a plurality of custodian servers each having a custodian server processor, wherein said step of generating a transaction authorization key comprises generating a transaction authorization key having a plurality of components with at least two of said plurality of custodian servers adding a component to said transaction authorization key after verifying said transaction request.
  - 6. The system of claim 2 wherein said data server data storage further stores a transaction registry for all accounts and said program instructions executable by said data server processor further comprise recording said transaction in said transaction registry.
  - 7. The system of claim 6 wherein said modified permission access device further comprises a display, wherein said permissions file defines the transactions, if any, in said transaction registry accessible by said modified permission access device, and wherein said modified permission access device processor and said application server cooperate to display at said modified permission access device only said transactions permitted by said permissions file.

8. A system comprising:
- an authentication server; and
  
  a hardware platform in communication with said authentication server, said platform comprising;
  
  a platform processor physically associated, and in communication, with memory; and
  
  a data storage physically separate from said memory and readable by said platform processor, wherein said data storage is operative to store, in non-volatile storage, an executable sensor and a vault which secures data, an executable detector, and at least one executable wrap which secures an executable controller, custom libraries, and a permissions file defining transaction requests permitted by said platform and wherein said at least one wrap includes instructions executable by said platform processor to (a) contact a remote server separate from said platform to prompt said remote server to transmit an executable application to said platform, (b) install said application into said memory, collect identifying information about said platform and transmit said identifying information to said remote server, authenticate said platform using said application, and, upon authentication of said platform, create a user account associated with said platform using said identifying information, and (c) only when said platform is authenticated using said application, install said executable sensor to said memory, wherein said application in said memory cooperates with said executable controller in said data storage to automatically and continuously permit or deny access by said platform processor to only permit said platform processor to access said secure data protected by said vault when both said application in said memory and said executable controller in said data storage are accessible and to otherwise deny access, wherein said platform processor can execute only said application and is prevented by said at least one wrap from executing said executable controller directly, and wherein said executable sensor is operative to monitor at least one of said platform and said data storage for anomalies and, upon detecting an anomaly, deny access to said secure data secured by said vault by said executable sensor deleting said application from said memory upon detecting an anomaly thereby rendering said secure data inaccessible to said platform processor, and wherein said executable detector is operative to confirm the integrity of said data secured by said vault and, in the event that the integrity of said data is unconfirmed, rendering said executable controller inoperable for said unconfirmed data.
- View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
- - 9. The system of claim 8 further comprising:
    - an application server in communication with said platform having an application server processor operative to execute program instructions to conduct the steps of;
      
      receiving a transaction request from said platform, wherein said data secured by said wrap includes instructions for said platform to transmit said transaction request from said platform to said application server only if said transaction request is permitted by said permissions file;
      
      authenticating said platform;
      
      generating a transaction code after authenticating said platform;
      
      opening an application server port identified by an application server port address;
      
      reconnecting to said authenticated platform via said application server port at said application server port address; and
      
      communicating between said application server and said authenticated platform via said application server port;
      
      an authorization server in communication with said application server, said authorization server having an authorization server processor operative to execute program instructions to conduct the steps of;
      
      receiving said transaction code from said application server; and
      
      authenticating said transaction code received from said application server;
      
      a data server in communication via a connection with said application server, said data server comprising;
      
      a data server processor;
      
      a data server communication device controlled by said data server processor and operative for selective communication with said application server; and
      
      a data server data storage readable by said data server processor, wherein said data server data storage is operative to store, in non-volatile storage, at least one account, an account history for each said account, and program instructions executable by said data server processor to conduct the steps of;
      
      conducting a transaction for at least one account in response to said transaction request; and
      
      recording said transaction in said account history for said account.
  - 10. The system of claim 9 wherein said application server stores confirmation data and said step of confirming the integrity of said data secured by said vault comprises comparing at least a portion of said data secured by said vault to said confirmation data stored at said application server.
  - 11. The system of claim 9 further comprising at least one custodian server in communication via a connection with said application server and said data server, said custodian server having a custodian server processor operative to execute program instructions to conduct the steps of:
    - receiving said transaction request from said application server after said authorization server has authenticated said transaction code;
      
      verifying said transaction request;
      
      generating a transaction authorization key after verifying said transaction request; and
      
      transmitting said transaction authorization key to said application server authorizing said transaction request after verifying said transaction request.
  - 12. The system of claim 11 comprising a plurality of custodian servers each having a custodian server processor, wherein said step of generating a transaction authorization key comprises generating a transaction authorization key having a plurality of components with at least two of said plurality of custodian servers adding a component to said transaction authorization key after verifying said transaction request.
  - 13. The system of claim 9 wherein said data server data storage further stores a transaction registry for all accounts and said program instructions executable by said data server processor further comprise recording said transaction in said transaction registry.
  - 14. The system of claim 13 wherein said platform further comprises a display, wherein said permissions file defines the transactions, if any, in said transaction registry accessible by said platform, and wherein said platform processor and said application server cooperate to display at said platform only said transactions permitted by said permissions file.
  - 15. The system of claim 14 wherein said vault is expandable in size such that additional space within said data storage may be allocated to said vault.

16. A system comprising:
- an authentication server;
  
  a plurality of hardware platforms in communication with said authentication server each having a unique platform identification, each said platform comprising;
  
  a platform processor physically associated, and in communication, with memory;
  
  a data storage physically separate from said memory and readable by said platform processor, wherein said data storage is operative to store, in non-volatile storage, an executable sensor and a vault which secures data, an executable detector, and at least one executable wrap which secures an executable controller, wherein said data secured by said wrap includes a permissions file defining transaction requests permitted by said platform and wherein said at least one wrap includes instructions executable by said platform processor to (a) contact a remote server separate from said platform to prompt said remote server to transmit an executable application to said platform, (b) install said application into said memory, collect identifying information about said platform and transmit said identifying information to said remote server, authenticate said platform using said application, and, upon authentication of said platform, create a user account associated with said platform using said identifying information and said unique platform identification, and (c) only when said platform is authenticated using said application, install said executable sensor to said memory, wherein said application in said memory cooperates with said executable controller in said data storage to automatically and continuously permit or deny access by said platform processor to only permit said platform processor to access said secure data protected by said vault when both said application in said memory and said executable controller in said data storage are accessible and to otherwise deny access, wherein said platform processor can execute only said application and is prevented by said at least one wrap from executing said executable controller directly, and wherein said executable sensor is operative to monitor at least one of said platform and said data storage for anomalies and, upon detecting an anomaly, deny access to said secure data secured by said vault by said executable sensor deleting said application from said memory upon detecting an anomaly thereby rendering said secure data inaccessible to said platform processor, and wherein said executable detector is operative to confirm the integrity of said data secured by said vault and, in the event that the integrity of said data is unconfirmed, rendering said executable controller inoperable for said unconfirmed data;
  
  an application server in communication with said platforms having an application server processor operative to execute program instructions to conduct the steps of;
  
  receiving a transaction request from at least one of said platforms, wherein said data secured by said wrap includes instructions for each said platform to transmit said transaction request from said platform to said application server only if said transaction request is permitted by said unique permissions file stored at said platform, wherein said transaction request includes the unique platform identification for each platform associated with said transaction request;
  
  authenticating said platform from which said transaction request was received;
  
  generating a single transaction code after authenticating said platform from which said transaction request was received such that each platform associated with said transaction request utilizes the same transaction code;
  
  opening an application server port identified by an application server port address;
  
  reconnecting to said authenticated platform via said application server port at said application server port address; and
  
  communicating between said application server and said authenticated platform via said application server port;
  
  an authorization server in communication with said application server, said authorization server having an authorization server processor operative to execute program instructions to conduct the steps of;
  
  receiving said transaction code from said application server; and
  
  authenticating said transaction code received from said application server;
  
  a data server in communication via a connection with said application server, said data server comprising;
  
  a data server processor;
  
  a data server communication device controlled by said data server processor and operative for selective communication with said application server; and
  
  a data server data storage readable by said data server processor, wherein said data server data storage is operative to store, in non-volatile storage, at least one account, an account history for each said account, and program instructions executable by said data server processor to conduct the steps of;
  
  conducting a transaction for at least one account in response to said transaction request; and
  
  recording said transaction in said account history for said account.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The system of claim 16 further comprising at least one custodian server in communication via a connection with said application server and said data server, said custodian server having a custodian server processor operative to execute program instructions to conduct the steps of:
    - receiving said transaction request from said application server after said authorization server has authenticated said transaction code;
      
      verifying said transaction request;
      
      generating a transaction authorization key after verifying said transaction request; and
      
      transmitting said transaction authorization key to said application server authorizing said transaction request after verifying said transaction request.
  - 18. The system of claim 17 comprising a plurality of custodian servers each having a custodian server processor, wherein said step of generating a transaction authorization key comprises generating a transaction authorization key having a plurality of components with at least two of said plurality of custodian servers adding a component to said transaction authorization key after verifying said transaction request.
  - 19. The system of claim 16 wherein said data server data storage further stores a transaction registry for all accounts and said program instructions executable by said data server processor further comprise recording said transaction in said transaction registry.
  - 20. The system of claim 19 wherein said platform further comprises a display, wherein said permissions file defines the transactions, if any, in said transaction registry accessible by said platform, and wherein said platform processor and said application server cooperate to display at said platform only said transactions permitted by said permissions file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Karolyn Gee
Original Assignee
Karolyn Gee, Wayne Odom
Inventors
Odom, Wayne, Gee, Karolyn
Primary Examiner(s)
Popham, Jeffrey D

Application Number

US15/715,105
Publication Number

US 20180025135A1
Time in Patent Office

162 Days
Field of Search

726 28
US Class Current
CPC Class Codes

G06F 21/1078   Logging; Metering

G06F 21/109   by using specially-adapted ...

G06F 21/121   Restricting unauthorised ex...

G06F 21/125   by manipulating the program...

G06F 21/53   by executing in a restricte...

G06F 21/54   by adding security routines...

G06F 21/57   Certifying or maintaining t...

G06F 21/6209   to a single file or object,...

G06F 21/6281   at program execution time, ...

G06F 21/64   Protecting data integrity, ...

G06F 21/79   in semiconductor storage me...

G06F 9/46   Multiprogramming arrangements

G06F 9/5016   the resource being the memory

G06F 9/5038   considering the execution o...

G06Q 2220/10   Usage protection of distrib...

G11B 20/00086   Circuits for prevention of ...

G11B 20/00731   involving a digital rights ...

G11B 20/00855   involving a step of exchang...

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/603   Digital right managament [DRM]

H04L 2209/76 : Proxy, i.e. using intermedi...

H04L 2463/101 : applying security measures ...

H04L 63/0209 : Architectural arrangements,...

H04L 63/0428 : wherein the data content is...

H04L 63/061 : for key exchange, e.g. in p...

H04L 63/08 : for authentication of entit...

H04L 63/102 : Entity profiles

H04L 63/1425 : Traffic logging, e.g. anoma...

H04L 65/612 : for unicast

H04L 67/02 : based on web technology, e....

H04L 9/0861 : Generation of secret inform...

H04L 9/3236 : using cryptographic hash fu...

H04L 9/50 : using hash chains, e.g. blo...

H04W 4/38 : for collecting sensor infor...

View All

System, method, and device for delivering communications and storing and delivering data

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

8 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

System, method, and device for delivering communications and storing and delivering data

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others