Access control
US-2018225466-A1 · Aug 9, 2018 · US
Permissions using blockchain
US10356102B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10356102-B2 |
| Application number | US-201715442235-A |
| Country | US |
| Kind code | B2 |
| Filing date | Feb 24, 2017 |
| Priority date | Feb 24, 2017 |
| Publication date | Jul 16, 2019 |
| Grant date | Jul 16, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A network device receives a smart contract for permissions to access a service, wherein the smart contract is in an initial block for authorizations in a shared ledger. The network device receives, from an authorization server device, an update to the shared ledger, wherein the update is a proposed block in the shared ledger requiring validation. The network device stores, in a local memory, a copy of the shared ledger with the update, when the update is validated by the distributed consensus network. The network device receives, from a client device, an item request for an item associated with the service, wherein the item request includes a client identifier. The network device identifies if there is match of the client identifier and the item in the copy of the shared ledger and sends, to the client device, the item when there is match of the client identifier and the item.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: receiving, by a network device in a distributed consensus network, a smart contract for permissions to access a service, wherein the smart contract is in an initial block for authorizations in a shared ledger; receiving, by the network device and from an authorization server device, an update to the shared ledger, wherein the update is a proposed block in the shared ledger requiring validation; storing, by the network device and in a local memory, a copy of the shared ledger with the update, when the update is validated by the distributed consensus network; receiving, by the network device and from a client device, an item request for an item associated with the service, wherein the item request includes a client identifier; identifying, by the network device, if there is match of the client identifier and the item in the copy of the shared ledger with the update; and sending, by the network device and to the client device, the item, when there is match of the client identifier and the item. 2. The method of claim 1 , wherein the network device and the authorization server device are computing devices within different private domains. 3. The method of claim 1 , further comprising: receiving, by the authorization server device, human-readable input to define the smart contract; converting, by the authorization server device, the human-readable input to compiled code; and converting, by the authorization server device, the update to compiled code. 4. The method of claim 1 , wherein the update includes a timestamp and a link to a previous version of the shared ledger. 5. The method of claim 4 , wherein the update includes information specifying one or more of a new item for the service, a new user for the service, or a new permission parameter for an item. 6. The method of claim 1 , further comprising: receiving, by the authorization server device, an address within the shared ledger. 7. The method of claim 1 , wherein the distributed consensus network includes a combination of nodes in a private domain and other nodes in a different private domain. 8. The method of claim 1 , wherein the smart contract includes a read-only application binary interface (ABI) for use by the network device. 9. The method of claim 1 , further comprising: storing, by another network device, another copy of the shared ledger; receiving, by the network device and from the client device, another item request for another item associated with the service, wherein the other item request includes the client identifier; identifying, by the network device, if there is a match of the client identifier and the other item in the other copy of the shared ledger; and providing, by the other service node and to the client device, the other item, when there is match of the client identifier and the other item. 10. The method of claim 1 , wherein the smart contract includes a read-only application binary interface (ABI) for use by the authorization server device to audit fields in the shared ledger. 11. The method of claim 1 , further comprising: providing, by the authorization server device and to the client device, an address for service node. 12. One or more network devices in a distributed consensus network, comprising: one or more memory devices for storing instructions; and one or more processors configured to execute the instructions to: receive a smart contract for permissions to access a service, wherein the smart contract is in an initial block for authorizations in a shared ledger; receive, from an authorization server device, an update to the shared ledger, wherein the update is a proposed block in the shared ledger requiring validation; store, in a local memory, a copy of the shared ledger with the update, when the update is validated by the distributed consensus network; receive, from a client device, an item request for an item associated with the service, wherein the item request includes a client identifier; identify if there is match of the client identifier and the item in the copy of the shared ledger with the update; and send, to the client device, the item, when there is match of the client identifier and the item. 13. The one or more network devices of claim 12 , wherein the one or more network devices are in a separate domain from the distributed consensus network. 14. The one or more network devices of claim 12 , wherein the update includes information that specifies one or more of a new item for the service, a new user for the service, or a new permission parameter for an item. 15. The one or more network devices of claim 12 , wherein the smart contract identifies items and users that have permission to access the items. 16. The one or more network devices of claim 15 , wherein the smart contract further identifies permissions and conditions for a pair of the user and the item. 17. A non-transitory computer-readable medium containing instructions executable by at least one processor, the computer-readable medium comprising one or more instructions to: receive a smart contract for permissions to access a service, wherein the smart contract is in an initial block for authorizations in a shared ledger; receive, from an authorization server device, an update to the shared ledger, wherein the update is a proposed block in the shared ledger requiring validation; store, in a local memory, a copy of the shared ledger with the update, when the update is validated by the distributed consensus network; receive, from a client device, an item request for an item associated with the service, wherein the item request includes a client identifier; identify if there is match of the client identifier and the item in the copy of the shared ledger with the update; and send, to the client device, the item, when there is match of the client identifier and the item. 18. The non-transitory computer-readable medium of claim 17 , wherein the smart contract includes a read-only application binary interface (ABI) for use by the authorization server device to audit fields in the shared ledger. 19. The non-transitory computer-readable medium of claim 17 , wherein the smart contract includes a read-only application binary interface (ABI) for use by the network device. 20. The non-transitory computer-readable medium of claim 17 , wherein the smart contract includes a read-write application binary interface (ABI) for use by the authorization server device to update the shared ledger.
Assignees
Inventors
Classifications
involving time stamps, e.g. generation of time stamps · CPC title
involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD · CPC title
- H04L63/101Primary
Access control lists [ACL] · CPC title
Electricity · mapped topic
using hash chains, e.g. blockchains or hash trees · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10356102B2 cover?
- A network device receives a smart contract for permissions to access a service, wherein the smart contract is in an initial block for authorizations in a shared ledger. The network device receives, from an authorization server device, an update to the shared ledger, wherein the update is a proposed block in the shared ledger requiring validation. The network device stores, in a local memory, a …
- Who is the assignee on this patent?
- Verizon Patent & Licensing Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/101. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Jul 16 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).