What technology area does this patent fall under?

Primary CPC classification H04L9/3239. Mapped technology areas include Electricity.

When was this patent published?

Publication date Tue Aug 03 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.

What related patents are in patentsdb?

We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).

Auditably proving a usage history of an asset

US11082232B2 · US · B2

Patent metadata
Field	Value
Publication number	US-11082232-B2
Application number	US-201916450127-A
Country	US
Kind code	B2
Filing date	Jun 24, 2019
Priority date	Jun 24, 2019
Publication date	Aug 3, 2021
Grant date	Aug 3, 2021

How to read this patent

A practical reading order for non-experts. Skip the full description unless you need deep technical detail.

Title
What the patent document calls the invention.
Abstract
A short plain-language summary of the technical disclosure.
Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
Key dates
Filing, priority, publication, and grant dates set the timeline.
First independent claim
The legal scope of protection — read this for what is actually claimed.
CPC / IPC classifications
Technology tags used to group this patent with similar filings.
Citations and related patents
Prior art links and similar publications in this corpus.

Abstract

Official abstract text for this publication.

Auditably proving a usage history of an asset, in which the asset includes a hardware security module with at least a public key and a private key. A client application logs hash values of a pair of request data and response data. Usage history of the asset is proved. The proving includes verifying, using the public key, a signature of other hash values of the pair of request data and response data. The other hash values are signed with the private key. The proving further includes comparing the hash values logged by the client application with the other hash values.

First claim

Opening claim text (preview).

What is claimed is: 1. A computer-implemented method of auditably proving a usage history of an asset, the computer-implemented method comprising: logging in a log one set of hash values of a pair of request data and response data, the one set of hash values including hash (request data) and hash (response data); and proving the usage history of the asset, the asset comprising a hardware security module having at least a public key and a private key, the proving comprising: verifying a signature of an other set of hash values of the pair of request data and response data, the other set of hash values being signed with the private key and retrieved from a secure database, the verifying comprising verifying the signature of the other set of hash values with the public key, wherein the secure database from which the other set of hash values is retrieved is separate from the log containing the one set of hash values of the pair of request data and response data; and comparing the one set of hash values that are logged in the log with the other set of hash values retrieved from the secure database. 2. The computer-implemented method of claim 1 , further comprising: generating the response data, by a hardware security module, based on receiving the request data from a server application; generating, by the hardware security module, the other set of hash values of the request data and the response data; sending, by the hardware security module, the response data to the server application; and signing, by the hardware security module, the other set of hash values with the private key and sending the signed other set of hash values to the secure database. 3. The computer-implemented method of claim 2 , further comprising: logging, by the client application, the one set of hash values of the request data and the response data received by the server application; retrieving the signed other set of hash values from the secure database; validating, by the client application, the signature of the other set of hash values using the public key; and comparing, by the client application, the hash values logged by the client application with the other hash values retrieved from the secure database. 4. The computer-implemented method of claim 2 , wherein the server application is controlled by a client. 5. The computer-implemented method of claim 1 , wherein the hardware security module comprises a counter, and wherein the computer-implemented method further comprises: incrementing a value of the counter with each new request data; combining the incremented value of the counter and the signature with the other set of hash values; and verifying gapless request processing of the hardware security module by checking a sequence of the counter values. 6. The computer-implemented method of claim 1 , wherein the secure database is implemented on a server, the server being a blockchain server comprising a blockchain ledger. 7. The computer-implemented method of claim 6 , wherein the secure database is implemented in the blockchain ledger, and the other set of hash values that are signed are stored in the blockchain ledger. 8. The computer-implemented method of claim 1 , wherein the public key is published during an initial setup. 9. The computer-implemented method of claim 1 , wherein the logging is performed by a client application. 10. The computer-implemented method of claim 9 , wherein the client application comprises a local log file, the local log file being the log storing the one set of hash values received from a server application. 11. The computer-implemented method of claim 9 , further comprising: using, by the client application, an application programming interface on a server coupled to the client application to retrieve the other set of hash values from the secure database, the secure database stored on the server. 12. The computer-implemented method of claim 1 , further comprising adding, by the hardware security module, an execution control to the other set of hash values of the request data and the response data. 13. A computer system for auditably proving a usage history of an asset, the computer system comprising: a memory; and a processor in communication with the memory, wherein the computer system is configured to perform a method, said method comprising: logging in a log one set of hash values of a pair of request data and response data, the one set of hash values including hash (request data) and hash (response data); and proving the usage history of the asset, the asset comprising a hardware security module having at least a public key and a private key, the proving comprising: verifying a signature of an other set of hash values of the pair of request data and response data, the other set of hash values being signed with the private key and retrieved from a secure database, the verifying comprising verifying the signature of the other set of hash values with the public key, wherein the secure database from which the other set of hash values is retrieved is separate from the log containing the one set of hash values of the pair of request data and response data; and comparing the one set of hash values that are logged in the log with the other set of hash values stored in retrieved from the secure database. 14. The computer system of claim 13 , wherein the method further comprises: generating the response data, by a hardware security module, based on receiving the request data from a server application; generating, by the hardware security module, the other set of hash values of the request data and the response data; sending, by the hardware security module, the response data to the server application; and signing, by the hardware security module, the other set of hash values with the private key and sending the signed other set of hash values to the secure database. 15. The computer system of claim 14 , wherein the method further comprises: logging, by the client application, the one set of hash values of the request data and the response data received by the server application; retrieving the signed other set of hash values from the secure database; validating, by the client application, the signature of the other set of hash values using the public key; and comparing, by the client application, the hash values logged by the client application with the other hash values retrieved from the secure database. 16. The computer system of claim 13 , wherein the hardware security module comprises a counter, and wherein the method further comprises: incrementing a value of the counter with each new request data; combining the incremented value of the counter and the signature with the other set of hash values; and verifying gapless request processing of the hardware security module by checking a sequence of the counter values. 17. A computer program product for auditably proving a usage history of an asset, the computer program product comprising: a computer readable storage medium readable by a processing circuit and storing instructions for performing a method comprising: logging in a log one set of hash values of a pair of request data and response data, the one set of hash values including hash (request data) and hash (response data); and proving the usage history of the asset, the asset comprising a hardware security module having at least a public key and a private key, the proving comprising: verifying a signature of an other set of hash values of the pair of request data and response data, the other set of hash values being s

Assignees

Inventors

Classifications

H04L9/50
using hash chains, e.g. blockchains or hash trees · CPC title
H04L9/3239Primary
involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD · CPC title
H04L9/14
using a plurality of keys or algorithms · CPC title
H04L9/3247
involving digital signatures · CPC title
H04L9/3297
involving time stamps, e.g. generation of time stamps · CPC title

Patent family

Related publications grouped by family.

View patent family 74039433

External sources

Frequently asked questions

Answers are generated from the same data shown on this page.

What does patent US11082232B2 cover?: Auditably proving a usage history of an asset, in which the asset includes a hardware security module with at least a public key and a private key. A client application logs hash values of a pair of request data and response data. Usage history of the asset is proved. The proving includes verifying, using the public key, a signature of other hash values of the pair of request data and response …
Who is the assignee on this patent?: IBM
What technology area does this patent fall under?: Primary CPC classification H04L9/3239. Mapped technology areas include Electricity.
When was this patent published?: Publication date Tue Aug 03 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
What related patents are in patentsdb?: We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).