What technology area does this patent fall under?

Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Feb 04 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).

Techniques for shared private data objects in a trusted execution environment

US10554634B2 · US · B2

Patent metadata
Field	Value
Publication number	US-10554634-B2
Application number	US-201715721723-A
Country	US
Kind code	B2
Filing date	Sep 29, 2017
Priority date	Aug 18, 2017
Publication date	Feb 4, 2020
Grant date	Feb 4, 2020

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with the PDO in a secure enclave. A distributed ledger may serve as a “public commit log” to ensure that there is a single, authoritative instance of the object and provide a means of guaranteeing atomicity of updates across interacting objects.

First claim

Opening claim text (preview).

The invention claimed is: 1. A computer-implemented method for sharing private data objects, comprising: provisioning one or more contract enclaves from a plurality of contract enclaves; preparing a smart contract and initial state for a private data object (PDO); receiving an encrypted and signed PDO and signature from one or more of the provisioned contract enclaves, the encrypted and signed PDO to comprise terms of the smart contract and a state of the smart contract; verifying the signature of the encrypted and signed PDO; and communicating the PDO and verified signature to a distributed ledger. 2. The computer-implemented method of claim 1 , wherein the PDO includes one or more rights managed within a contract manager. 3. The computer-implemented method of claim 2 , wherein the contract manager executes exclusively within a provisioned contract enclave. 4. The computer-implemented method of claim 2 , wherein the one or more rights includes a limitation on data visibility. 5. The computer-implemented method of claim 1 , wherein the distributed ledger is used as a data commit log. 6. The computer-implemented method of claim 5 , wherein the distributed ledger is configured to allow, at most, a single authoritative instance of the PDO. 7. The computer-implemented method of claim 1 , wherein interactions with the PDO can exclusively be performed within one of the provisioned contract enclaves. 8. The computer-implemented method of claim 1 , wherein the smart contract is a non-deterministic smart contract. 9. The computer-implemented method of claim 1 , further comprising: requesting the PDO from the distributed ledger; receiving the PDO from the distributed ledger; and sending the PDO to one of the provisioned contract enclaves. 10. The computer-implemented method of claim 9 , further comprising: receiving a new iteration of the PDO from the one of the provisioned contract enclaves, one or more signed state transitions, and one or more method parameters; and submitting the new iteration of the PDO from the one of the provisioned contract enclaves, one or more signed state transitions, and one or more method parameters to the distributed ledger. 11. A system for sharing private data objects, comprising: a plurality of contract enclaves; and a client device including one or more processor circuits, the client device configured to: provision one or more contract enclaves from the plurality of contract enclaves; prepare a smart contract and initial state for a private data object (PDO); receive an encrypted and signed PDO and signature from one or more of the provisioned contract enclaves, the encrypted and signed PDO to comprise terms of the smart contract and a state of the smart contract; verifying the signature of the encrypted and signed PDO; and communicate the PDO and verified signature to a distributed ledger. 12. The system of claim 11 , wherein the PDO includes one or more rights managed within a contract manager. 13. The system of claim 12 , wherein the contract manager executes exclusively within a provisioned contract enclave. 14. The system of claim 12 , wherein the one more rights includes a limitation on data visibility. 15. The system of claim 11 , wherein the distributed ledger is used as a data commit log. 16. The system of claim 15 , wherein the distributed ledger is configured to allow, at most, a single authoritative instance of the PDO. 17. The system of claim 11 , wherein interactions with the PDO can exclusively be performed within one of the provisioned contract enclaves. 18. The system of claim 11 , wherein the smart contract is a non-deterministic smart contract. 19. The system of claim 11 , the client device configured to: request the PDO from the distributed ledger; receive the PDO from the distributed ledger; and send the PDO to one of the provisioned contract enclaves. 20. The system of claim 19 , the client device configured to: receive a new iteration of the PDO from the one of the provisioned contract enclaves, one or more signed state transitions, and one or more method parameters; and submit the new iteration of the PDO from the one of the provisioned contract enclaves, one or more signed state transitions, and one or more method parameters to the distributed ledger. 21. An article comprising a non-transitory computer-readable storage medium that stores instructions for execution by processing circuitry of a client device, the instructions to cause the client device to: provision one or more contract enclaves from a plurality of contract enclaves; prepare a smart contract and initial state for a private data object (PDO); receive an encrypted and signed PDO and signature from one or more of the provisioned contract enclaves, the encrypted and signed PDO to comprise terms of the smart contract and a state of the smart contract; verifying the signature of the encrypted and signed PDO; and communicate the PDO and verified signature to a distributed ledger. 22. The article of claim 21 , wherein the PDO includes one or more rights managed within a contract manager. 23. The article of claim 22 , wherein the contract manager executes exclusively within a provisioned contract enclave. 24. The article of claim 21 , further comprising instructions to cause the client device to: requesting the PDO from the distributed ledger; receiving the PDO from the distributed ledger; and sending the PDO to one of the provisioned contract enclaves. 25. The article of claim 24 , further comprising instructions to cause the client device to: receive a new iteration of the PDO from the one of the provisioned contract enclaves, one or more signed state transitions, and one or more method parameters; and submit the new iteration of the PDO from the one of the provisioned contract enclaves, one or more signed state transitions, and one or more method parameters to the distributed ledger.

Assignees

Intel Corp

Inventors

Classifications

H04L63/0428Primary
wherein the data content is protected, e.g. by encrypting or encapsulating the payload · CPC title
G06F21/57
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
G06F21/6218
to a system of files or objects, e.g. local or distributed file system or database · CPC title
H04L9/0822
using key encryption key · CPC title
H04L63/123
received data contents, e.g. message integrity · CPC title

Patent family

Related publications grouped by family.

View patent family 65360790

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US10554634B2 cover?: Techniques for sharing private data objects in a trusted execution environment using a distributed ledger are described. The techniques described herein may enable sharing of data objects, referred to herein as private data objects (PDOs), between individuals and organizations with access and update policies mediated by execution of code (referred to herein as a “smart contract”) carried with t…
Who is the assignee on this patent?: Intel Corp
What technology area does this patent fall under?: Primary CPC classification H04L63/0428. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Feb 04 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).