Provable traceability

US 10,318,746 B2
Filed: 09/25/2015
Issued: 06/11/2019
Est. Priority Date: 09/25/2015
Status: Active Grant

First Claim

Patent Images

1. A computing device, comprising:

a trusted execution environment (TEE) comprising a memory enclave;

a protected audio-video path (PAVP); and

one or more logic elements, implemented at least partly in hardware, comprising a collaboration engine within the TEE, configured to;

display a secured document without storing a local copy of the secured document on the computing device, the secured document comprising a collaborative multi-author invention description, wherein displaying the secured document comprises rendering the secured document and exporting a display of the secured document via the PAVP;

receive a change to the secured document via the trusted communication channel, the change comprising an instruction to modify the secured document and provably traceable to an author;

apply the change to the secured document;

hash the change;

sign the hash with a key-value pair provably traceable to the author; and

log the change to a ledger provably identifying the author as inventor of an invention embodied in the change.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

There is disclosed in an example, a computing apparatus, including: a trusted execution environment (TEE); and one or more logic elements providing a collaboration engine within the TEE, operable to: receive a change to a secured document via a trusted channel; apply a change to the secured document; log the change to a ledger; and display the document to a client device via a protected audio-video path (PAVP). There is also disclosed a method of providing a collaboration engine, and a computer-readable medium having stored thereon executable instructions for providing a collaboration engine.

13 Citations

23 Claims

1. A computing device, comprising:
- a trusted execution environment (TEE) comprising a memory enclave;
  
  a protected audio-video path (PAVP); and
  
  one or more logic elements, implemented at least partly in hardware, comprising a collaboration engine within the TEE, configured to;
  
  display a secured document without storing a local copy of the secured document on the computing device, the secured document comprising a collaborative multi-author invention description, wherein displaying the secured document comprises rendering the secured document and exporting a display of the secured document via the PAVP;
  
  receive a change to the secured document via the trusted communication channel, the change comprising an instruction to modify the secured document and provably traceable to an author;
  
  apply the change to the secured document;
  
  hash the change;
  
  sign the hash with a key-value pair provably traceable to the author; and
  
  log the change to a ledger provably identifying the author as inventor of an invention embodied in the change.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 22)
- - 2. The computing device of claim 1, wherein the ledger is a public block chain.
  - 3. The computing apparatus of claim 1, wherein the PAVP is configured to be logically disposed between the computing device and an end user.
  - 4. The computing device of claim 1, wherein the collaboration engine is further configured to include a time stamp in the ledger.
  - 5. The computing device of claim 1, wherein the collaboration engine is further configured to log a user authentication factor.
  - 6. The computing device of claim 5, wherein the user authentication factor comprises an authentication type and strength.
  - 7. The computing device of claim 1, wherein the collaboration engine is further configured to apply the change to a baseline of the secured document, and construct a current document state at least partially from the change and the baseline.
  - 8. The computing device of claim 1, wherein the collaboration engine is further configured to perform key management.
  - 9. The computing device of claim 8, wherein the collaboration engine is further configured to manage diverse keys.
  - 10. The computing device of claim 1, wherein the collaboration engine is further configured to provide user privacy via direct anonymous attribution.
  - 22. The computing device of claim 1, wherein the collaboration engine is further to provide process isolation and kernel mode software monitoring;
    - and terminate display of the secured document upon determining that an unverified or untrusted process has started.

11. One or more tangible, non-transitory computer-readable mediums having stored thereon executable instructions for providing a collaboration engine within a trusted execution environment (TEE), the collaboration engine configured to:
- display a secured document via a protected audio-video path (PAVP) without storing a local copy of the secured document, the secured document comprising a collaborative multi-author invention description, wherein displaying the secured document comprises rendering the secured document and exporting a display of the secured document via the PAVP;
  
  receive a change to the secured document via the trusted communication channel, the change comprising an instruction to modify the secured document and provably traceable to an author;
  
  apply the change to the secured document;
  
  hash the change;
  
  sign the hash with a key-value pair provably traceable to the author; and
  
  log the change to a ledger provably identifying the author as inventor of an invention embodied in the change.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 23)
- - 12. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the ledger is a public block chain.
  - 13. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the PAVP is configured to be logically disposed between a computing device and an end user.
  - 14. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the collaboration engine is further configured to include a time stamp in the ledger.
  - 15. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the collaboration engine is further configured to log a user authentication factor.
  - 16. The one or more tangible, non-transitory computer-readable mediums of claim 15, wherein the user authentication factor comprises an authentication type and strength.
  - 17. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the collaboration engine is further configured to apply the change to a baseline of the secured document, and construct a current document state at least partially from the change and the baseline.
  - 18. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the collaboration engine is further configured to perform key management.
  - 19. The one or more tangible, non-transitory computer-readable mediums of claim 18, wherein the collaboration engine is further configured to manage diverse keys.
  - 23. The one or more tangible, non-transitory computer-readable mediums of claim 11, wherein the collaboration engine is further to provide process isolation and kernel mode software monitoring;
    - and terminate display of the secured document upon determining that an unverified or untrusted process has started.

20. A computing apparatus comprising:
- a trusted execution environment (TEE) comprising a memory enclave;
  
  a trusted communication channel; and
  
  one or more logic elements, implemented at least partly in hardware, comprising a collaboration application, configured to;
  
  display a secured document via the trusted communication channel without storing a local copy of the secured document on the computing apparatus, the secured document comprising a collaborative multi-author invention description;
  
  receive a data stream representing the secured document over a protected audio-video path (PAVP); and
  
  display the secured document to a user.
- View Dependent Claims (21)
- - 21. The computing apparatus of claim 20, wherein the collaboration application is further configured to:
    - authenticate the user;
      
      receive a real-time change to the secured document from the user; and
      
      send a change instruction via a secure channel, the change instruction provably traceable to an author and comprising a substantive change and metadata.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
McAfee, LLC
Original Assignee
McAfee, LLC
Inventors
Pogorelik, Oleg, Nayshtut, Alex, Smith, Ned M., Muttik, Igor, Ben-Shalom, Omer
Primary Examiner(s)
Lagor, Alexander
Assistant Examiner(s)
Ahsan, Syed M

Application Number

US14/866,470
Publication Number

US 20170091467A1
Time in Patent Office

1,355 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/10   Protecting distributed prog...

G06F 21/16   Program or content traceabi...

G06F 21/57   Certifying or maintaining t...

G06F 21/6209   to a single file or object,...

G06F 21/645   using a third party

G06F 40/166   Editing, e.g. inserting or ...

Provable traceability

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Provable traceability

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links