System and method for providing a representational state transfer proxy service for a blockchain cloud service
US-2019104196-A1 · Apr 4, 2019 · US
Protecting sensitive data in a distributed ledger system using a blockchain channel hierarchy
US2019190896A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2019190896-A1 |
| Application number | US-201715845752-A |
| Country | US |
| Kind code | A1 |
| Filing date | Dec 18, 2017 |
| Priority date | Dec 18, 2017 |
| Publication date | Jun 20, 2019 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A blockchain hierarchy comprises an arrangement of blockchain channels organized such that a blockchain channel at a lower level feeds data to another blockchain channel, e.g., a relatively higher level. At least one blockchain channel comprises a private autonomous subset of peers in the set of peers that comprise the blockchain network. Within that particular subset, one of the peers is elected as a leader entity, which has the capability of also joining another private or public blockchain channel, e.g., one at a higher level in the hierarchy. The leader entity includes a capability to enforce a data protection policy within the blockchain channel that it leads. To this end, the leader filters or declassifies data based on some task-specific (or blockchain channel-specific) data protection policy, and it then makes that data available to one or more other blockchain channels in the hierarchy (directly or indirectly).
First claim
Opening claim text (preview).
Having described the invention, what is claimed is as follows. 1 . A method of protecting data in a peer-to-peer distributed network having a set of computing entities, comprising: associating at least respective first and second subsets of the computing entities into respective first and second blockchain channels, wherein a channel is a private subnet of communication between or among two or more specific peers in the respective subset for conducting one or more private transactions; upon a determination that data associated with the first blockchain channel should be shared with the second blockchain channel, processing the data within the first blockchain channel according to a data protection policy to generate processed data; and sharing the processed data to the second blockchain channel. 2 . The method as described in claim 1 wherein the subset of the computing entities that comprise the first channel apply the data protection policy on sensitive data provided by one or more individual computing entities within the first subset. 3 . The method as described in claim 2 wherein the data protection policy is associated with a task that is specific to the subset of the computing entities. 4 . The method as described in claim 1 further including selecting a computing entity in each subset as a leader for the respective channel. 5 . The method as described in claim 4 wherein the computing entity selected as the leader in the first blockchain channel processes the data and shares the processed data with the second blockchain channel. 6 . The method as described in claim 5 wherein processing the data comprises applying a policy comprising one or more data processing operations. 7 . The method as described in claim 1 wherein the respective first or second channel is created dynamically by associating the respective subset of computing entities upon a determination that one or more private transactions between or among the subset are required to be transacted. 8 . An apparatus, comprising: a processor; and computer memory holding computer program instructions executed by the processor and configured to protect data in a peer-to-peer distributed network having a set of computing entities, the computer program instructions comprising program code configured to: associate at least respective first and second subsets of the computing entities into respective first and second blockchain channels, wherein a channel is a private subnet of communication between or among two or more specific peers in the respective subset for conducting one or more private transactions; upon a determination that data associated with the first blockchain channel should be shared with the second blockchain channel, process the data within the first blockchain channel according to a data protection policy to generate processed data; and share the processed data to the second blockchain channel. 9 . The apparatus as described in claim 8 wherein the subset of the computing entities that comprise the first channel apply the data protection policy on sensitive data provided by one or more individual computing entities within the first subset. 10 . The apparatus as described in claim 9 wherein the data protection policy is associated with a task that is specific to the subset of the computing entities. 11 . The apparatus as described in claim 8 wherein the computer program instructions further include program code configured to select a computing entity in each subset as a leader for the respective channel. 12 . The apparatus as described in claim 11 wherein the computing entity selected as the leader in the first blockchain channel processes the data and shares the processed data with the second blockchain channel. 13 . The apparatus as described in claim 12 wherein processing the data comprises applying a policy comprising one or more data processing operations. 14 . The apparatus as described in claim 8 wherein the respective first or second channel is created dynamically by associating the respective subset of computing entities upon a determination that one or more private transactions between or among the subset are required to be transacted. 15 . A computer program product in a non-transitory computer readable medium for use in a data processing system, the computer program product holding computer program instructions which, when executed by the data processing system, are configured to protect data in a peer-to-peer distributed network having a set of computing entities, the data processing system being a computing entity of the set of computing entities, the computer program instructions comprising program code configured to: associate at least respective first and second subsets of the computing entities into respective first and second blockchain channels, wherein a channel is a private subnet of communication between or among two or more specific peers in the respective subset for conducting one or more private transactions; upon a determination that data associated with the first blockchain channel should be shared with the second blockchain channel, process the data within the first blockchain channel according to a data protection policy to generate processed data; and share the processed data to the second blockchain channel. 16 . The computer program product as described in claim 15 wherein the subset of the computing entities that comprise the first channel apply the data protection policy on sensitive data provided by one or more individual computing entities within the first subset. 17 . The computer program product as described in claim 16 wherein the data protection policy is associated with a task that is specific to the subset of the computing entities. 18 . The computer program product as described in claim 15 wherein the computer program instructions further include program code configured to select a computing entity in each subset as a leader for the respective channel. 19 . The computer program product as described in claim 18 wherein the computing entity selected as the leader in the first blockchain channel processes the data and shares the processed data with the second blockchain channel. 20 . The computer program product as described in claim 19 wherein processing the data comprises applying a policy comprising one or more data processing operations. 21 . The computer program product as described in claim 15 wherein the respective first or second channel is created dynamically by associating the respective subset of computing entities upon a determination that one or more private transactions between or among the subset are required to be transacted.
Assignees
Inventors
Classifications
Protecting access to data via a platform, e.g. using keys or access control rules · CPC title
Protecting personal data, e.g. for financial or medical purposes · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
between heterogeneous systems · CPC title
- H04L63/0435Primary
wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption (cryptographic mechanisms or cryptographic arrangements for symmetric key encryption H04L9/06) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2019190896A1 cover?
- A blockchain hierarchy comprises an arrangement of blockchain channels organized such that a blockchain channel at a lower level feeds data to another blockchain channel, e.g., a relatively higher level. At least one blockchain channel comprises a private autonomous subset of peers in the set of peers that comprise the blockchain network. Within that particular subset, one of the peers is elect…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0435. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jun 20 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).