Mobile solution for purchase orders
US-2015248714-A1 · Sep 3, 2015 · US
End-to-end tamper protection in presence of cloud integration
US9906367B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9906367-B2 |
| Application number | US-201414451645-A |
| Country | US |
| Kind code | B2 |
| Filing date | Aug 5, 2014 |
| Priority date | Aug 5, 2014 |
| Publication date | Feb 27, 2018 |
| Grant date | Feb 27, 2018 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
The present disclosure involves systems and methods for providing end-to-end tamper protection in a cloud integration environment. One example method includes receiving, at a receiver in a cloud-based integration scenario, a B2B communication from a sender including data associated with a business transaction, the received communication in a target format. The cloud-based integration system transforms the original communication in a source format into the target format of the receiver. A digitally-signed sender fingerprint of critical fields extracted from the set of data associated with the at least one business transaction in the source format of the original B2B communication are received and verified as signed by the sender. A receiver fingerprint in the target format is generated using the critical fields from the received communication based on a pre-defined algorithm. The sender fingerprint and the generated receiver fingerprint are compared to determine if they are identical.
First claim
Opening claim text (preview).
What is claimed is: 1. A computerized method performed by one or more processors, the method comprising: receiving, at a receiving entity via a cloud-based integration system, a business-to-business (B2B) communication from a sending entity, wherein the B2B communication includes a set of data associated with at least one business transaction, where the received B2B communication is in a target format, and wherein the cloud-based integration system transforms an original B2B communication in a source format sent from the sending entity into the target format of the B2B communication received at the receiving entity; after receiving the B2B communication transformed by the cloud-based integration system, receiving, at the receiving entity, a digitally-signed sender fingerprint of critical fields from the sending entity, wherein the digitally-signed sender fingerprint of critical fields is received without transformation by the cloud-based integration system, wherein the critical fields are extracted by the sending entity from the set of data associated with the at least one business transaction in the source format of the original B2B communication, wherein the critical fields represent a particular subset of fields within the set of data identified and predefined by the sending entity and the receiving entity prior to the B2B communication being sent, and wherein the set of data includes the critical fields and one or more non-critical fields; verifying, at the receiving entity, that the received sender fingerprint was signed by the sending entity; and in response to verifying that the received sender fingerprint was signed by the sending entity: extracting, at the receiving entity, the critical fields from the received B2B communication in the target format based on a pre-defined algorithm; in response to extracting the critical fields from the received B2B communication, generating, at the receiving entity, a receiver fingerprint based on the extracted critical fields from the received B2B communication; and comparing the received sender fingerprint and the generated receiver fingerprint to determine that the received sender fingerprint and the generated receiver fingerprint are identical. 2. The method of claim 1 , wherein the sender fingerprint is received via the cloud-based integration system. 3. The method of claim 2 , wherein the sender fingerprint is included within the B2B communication. 4. The method of claim 1 , wherein the sender fingerprint is received via a channel other than the cloud-based integration system. 5. The method of claim 1 , wherein transformation of the original B2B communication from the source format to the target format is based on predefined rules. 6. The method of claim 1 , wherein signing the fingerprints creates hash values calculated by applying the digital signatures. 7. The method of claim 1 , wherein generating the receiver fingerprint of the received B2B communication in the target format based on the critical fields includes: extracting a set of critical fields from the received B2B communication; and de-normalizing the structure of the extracted set of critical fields based on a set of predefined normalization rules. 8. The method of claim 7 , where generating the receiver fingerprint of the received B2B communication in the target format based on the critical fields further includes normalizing at least one value associated with at least one critical field based on the set of predefined normalization rules. 9. The method of claim 1 , wherein the pre-defined algorithm is used by the sending entity to generate the verified sender fingerprint received by the receiving entity. 10. The method of claim 1 further comprising, in response to determining that the verified sender fingerprint and the generated receiver fingerprint are identical, processing the received B2B communication at the receiving entity. 11. The method of claim 1 further comprising, in response to determining that the verified sender fingerprint and the generated receiver fingerprint are not identical, not processing the B2B communication at the receiving entity and notifying the cloud-based integration system. 12. The method of claim 1 , wherein determining that the verified sender fingerprint and the generated receiver fingerprint are identical indicates that the sender fingerprint was unchanged after signing by the sending entity. 13. The method of claim 1 , wherein the critical fields represent key message semantics for verification. 14. A computing system, comprising a memory, one or more processors, and instructions stored on the memory and operable when executed by the one or more processors to cause the computing system to perform operations comprising: receiving, at a receiving entity via a cloud-based integration system, a business-to-business (B2B) communication from a sending entity, wherein the B2B communication includes a set of data associated with at least one business transaction, where the received B2B communication is in a target format, and wherein the cloud-based integration system transforms an original B2B communication in a source format sent from the sending entity into the target format of the B2B communication received at the receiving entity; after receiving the B2B communication transformed by the cloud-based integration system, receiving, at the receiving entity, a digitally-signed sender fingerprint of critical fields from the sending entity, wherein the digitally-signed sender fingerprint of critical fields is received without transformation by the cloud-based integration system, wherein the critical fields are extracted by the sending entity from the set of data associated with the at least one business transaction in the source format of the original B2B communication, wherein the critical fields represent a particular subset of fields within the set of data identified and predefined by the sending entity and the receiving entity prior to the B2B communication being sent, and wherein the set of data includes the critical fields and one or more non-critical fields; verifying, at the receiving entity, that the received sender fingerprint was signed by the sending entity; and in response to verifying that the received sender fingerprint was signed by the sending entity: extracting, at the receiving entity, the critical fields from the received B2B communication in the target format based on a pre-defined algorithm; in response to extracting the critical fields from the received B2B communication, generating, at the receiving entity, a receiver fingerprint based on the extracted critical fields from the received B2B communication; and comparing the received sender fingerprint and the generated receiver fingerprint to determine that the received sender fingerprint and the generated receiver fingerprint are identical. 15. The system of claim 14 , wherein the pre-defined algorithm is used by the sending entity to generate the verified sender fingerprint received by the receiving entity. 16. The system of claim 14 , wherein the signing the fingerprints creates hash values calculated by applying the digital signatures. 17. The system of claim 14 , wherein generating the receiver fingerprint of the received B2B communication in the target format based on the critical fields includes: extracting a set of critical fields from the received B2B communication; and de-normalizing the structure of the extracted set of critical fields based on a set of predefined normalization rules. 18. The system of claim 17 , wherein g
Assignees
Inventors
Classifications
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
Applying verification of the received information (cryptographic mechanisms or cryptographic arrangements for data integrity or data verification H04L9/32) · CPC title
received data contents, e.g. message integrity · CPC title
Entity profiles · CPC title
specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9906367B2 cover?
- The present disclosure involves systems and methods for providing end-to-end tamper protection in a cloud integration environment. One example method includes receiving, at a receiver in a cloud-based integration scenario, a B2B communication from a sender including data associated with a business transaction, the received communication in a target format. The cloud-based integration system tra…
- Who is the assignee on this patent?
- Hoffmann Frank Oliver, Becker Christian, Sap Se
- What technology area does this patent fall under?
- Primary CPC classification H04L9/3247. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 27 2018 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).