Dynamic object tag and systems and methods relating thereto
First Claim
1. A method for identifying a product, the method being conducted at an interrogation device having a unique digital user identifier, and comprising the steps of:
- exchanging dynamic authentication parameters with a dynamic object tag to establish a secure communication channel with the dynamic object tag, wherein the dynamic object tag comprises (a) a communication module and (b) a hardware security module, the hardware security module comprising (i) a public processing unit in communication with the communication module, and (ii) a secure processing unit that is only exposed to the public processing unit, and comprises a cryptoprocessor and a secure memory storage including a cryptographic key storage, wherein one or both of a physical separation and a logical separation is provided between the secure processing unit and the public processing unit, wherein one or both of the logical and physical separation creates a division in hardware roles to protect the secure processing unit, and wherein the public processing unit is configured to serve as a gatekeeper or a firewall to ensure that unauthorized or unwanted communications are not sent to the secure processing unit;
requesting product information including at least a product identifier from the dynamic object tag; and
,receiving the requested product information over the secure communication channel.
1 Assignment
0 Petitions
Accused Products
Abstract
A dynamic object tag for a product and systems and methods relating thereto is disclosed. The dynamic object tag comprises a hardware security module, including an electronic storage module, and a communication module for communicating with an interrogation device. The hardware security module is adapted to establish a secure communication channel with the interrogation device, to exchange dynamic authentication parameters with the interrogation device, and to communicate product information stored on the electronic storage module to the interrogation device over the secure communication channel.
-
Citations
27 Claims
-
1. A method for identifying a product, the method being conducted at an interrogation device having a unique digital user identifier, and comprising the steps of:
-
exchanging dynamic authentication parameters with a dynamic object tag to establish a secure communication channel with the dynamic object tag, wherein the dynamic object tag comprises (a) a communication module and (b) a hardware security module, the hardware security module comprising (i) a public processing unit in communication with the communication module, and (ii) a secure processing unit that is only exposed to the public processing unit, and comprises a cryptoprocessor and a secure memory storage including a cryptographic key storage, wherein one or both of a physical separation and a logical separation is provided between the secure processing unit and the public processing unit, wherein one or both of the logical and physical separation creates a division in hardware roles to protect the secure processing unit, and wherein the public processing unit is configured to serve as a gatekeeper or a firewall to ensure that unauthorized or unwanted communications are not sent to the secure processing unit; requesting product information including at least a product identifier from the dynamic object tag; and
,receiving the requested product information over the secure communication channel. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
Specification