Management of cryptographic transactions
US-2019108364-A1 · Apr 11, 2019 · US
Technologies for data broker assisted transfer of device ownership
US2017366347A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2017366347-A1 |
| Application number | US-201615187635-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jun 20, 2016 |
| Priority date | Jun 20, 2016 |
| Publication date | Dec 21, 2017 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Technologies for transferring ownership of a compute device include a data broker device to receive a provenance verification key of the compute device from a manufacturer device, receive attestation data of the compute device, and verify a provenance of the compute device based on the attestation data. The attestation data is indicative of one or more security attributes of the compute device. The data broker device updates a block chain with an acknowledgment of an assignment of the compute device to the data broker device, wherein the block chain identifies each transaction associated with ownership of the compute device.
First claim
Opening claim text (preview).
1 . A data broker device for transferring ownership of a compute device, the data broker device comprising: a verification module to (i) receive a provenance verification key of the compute device from a manufacturer device, (ii) receive attestation data of the compute device, wherein the attestation data is indicative of one or more security attributes of the compute device, and (iii) verify a provenance of the compute device based on the attestation data; and a block chain module to update a block chain with an acknowledgment of an assignment of the compute device to the data broker device, wherein the block chain identifies each transaction associated with ownership of the compute device. 2 . The data broker device of claim 1 , wherein to receive the provenance verification key comprises to receive a public cryptographic key of the compute device provisioned to the compute device during manufacture of the compute device. 3 . The data broker device of claim 1 , wherein the provenance verification key is a cryptographic key associated with a transaction identifier of an ownership transfer of the compute device. 4 . The data broker device of claim 1 , wherein to receive the attestation data comprises to perform a zero knowledge proof with the compute device. 5 . The data broker device of claim 1 , wherein to receive the attestation data comprises to receive one or more public cryptographic keys from the compute device. 6 . The data broker device of claim 1 , wherein to receive the attestation data comprises to negotiate a long-term session key with the compute device. 7 . The data broker device of claim 1 , wherein to verify the provenance of the compute device comprises to verify an embedded cryptographic key of the compute device based on the received provenance verification key. 8 . The data broker device of claim 1 , wherein the embedded cryptographic key is a private Enhanced Privacy Identification (EPID) key and the provenance verification key is a public EPID key corresponding with the private EPID key. 9 . The data broker device of claim 1 , wherein to update the block chain comprises to post the provenance verification key and a public cryptographic key of the data broker device to the block chain. 10 . A method for transferring ownership of a compute device by a data broker device, the method comprising: receiving, by the data broker device, a provenance verification key of the compute device from a manufacturer device; receiving, by the data broker device, attestation data of the compute device, wherein the attestation data is indicative of one or more security attributes of the compute device; verifying, by the data broker device, a provenance of the compute device based on the attestation data; and updating, by the data broker device, a block chain with an acknowledgment of an assignment of the compute device to the data broker device, wherein the block chain identifies each transaction associated with ownership of the compute device. 11 . The method of claim 10 , wherein receiving the provenance verification key comprises receiving a public cryptographic key of the compute device provisioned to the compute device during manufacture of the compute device. 12 . The method of claim 10 , wherein the provenance verification key is a cryptographic key associated with a transaction identifier of an ownership transfer of the compute device. 13 . The method of claim 10 , wherein receiving the attestation data comprises performing a zero knowledge proof with the compute device. 14 . The method of claim 10 , wherein receiving the attestation data comprises negotiating a long-term session key with the compute device. 15 . The method of claim 10 , wherein verifying the provenance of the compute device comprises verifying an embedded cryptographic key of the compute device based on the received provenance verification key. 16 . The method of claim 10 , wherein the embedded cryptographic key is a private Enhanced Privacy Identification (EPID) key and the provenance verification key is a public EPID key corresponding with the private EPID key. 17 . The method of claim 10 , wherein updating the block chain comprises posting the provenance verification key and a public cryptographic key of the data broker device to the block chain. 18 . One or more machine-readable storage media comprising a plurality of instructions stored thereon that, when executed, cause a computing device to: receive a provenance verification key of the compute device from a manufacturer device; receive attestation data of the compute device, wherein the attestation data is indicative of one or more security attributes of the compute device; verify a provenance of the compute device based on the attestation data; and update a block chain with an acknowledgment of an assignment of the compute device to the data broker device, wherein the block chain identifies each transaction associated with ownership of the compute device. 19 . The one or more machine-readable storage media of claim 18 , wherein to receive the provenance verification key comprises to receive a public cryptographic key of the compute device provisioned to the compute device during manufacture of the compute device. 20 . The one or more machine-readable storage media of claim 18 , wherein the provenance verification key is a cryptographic key associated with a transaction identifier of an ownership transfer of the compute device. 21 . The one or more machine-readable storage media of claim 18 , wherein to receive the attestation data comprises to perform a zero knowledge proof with the compute device. 22 . The one or more machine-readable storage media of claim 18 , wherein to receive the attestation data comprises to negotiate a long-term session key with the compute device. 23 . The one or more machine-readable storage media of claim 18 , wherein to verify the provenance of the compute device comprises to verify an embedded cryptographic key of the compute device based on the received provenance verification key. 24 . The one or more machine-readable storage media of claim 18 , wherein the embedded cryptographic key is a private Enhanced Privacy Identification (EPID) key and the provenance verification key is a public EPID key corresponding with the private EPID key. 25 . The one or more machine-readable storage media of claim 18 , wherein to update the block chain comprises to post the provenance verification key and a public cryptographic key of the data broker device to the block chain.
Assignees
Inventors
Classifications
- H04L63/08Primary
for authentication of entities (cryptographic mechanisms or cryptographic arrangements for entity authentication H04L9/32) · CPC title
using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates · CPC title
- H04L9/321Primary
involving a third party or a trusted authority · CPC title
interactive zero-knowledge proofs · CPC title
Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these (network architectures or network communication protocols for key exchange in a packet data network H04L63/061) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2017366347A1 cover?
- Technologies for transferring ownership of a compute device include a data broker device to receive a provenance verification key of the compute device from a manufacturer device, receive attestation data of the compute device, and verify a provenance of the compute device based on the attestation data. The attestation data is indicative of one or more security attributes of the compute device.…
- Who is the assignee on this patent?
- Smith Ned M
- What technology area does this patent fall under?
- Primary CPC classification H04L63/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Dec 21 2017 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).