Auditing and permission provisioning mechanisms in a distributed secure asset-management infrastructure

Assignee

• Cryptography Research, Inc. · US

Inventors

• Michael Alexander Hamburg · 's-Hertogenbosch, NL
• Benjamin Che-Ming Jun · Oakland, US
• Paul C. Kocher · Menlo Park, US
• Daniel O'Loughlin · Capitola, US
• Denis Alexandrovich Pochuev · San Francisco, US
• Ambuj Kumar · Sunnyvale, US

Key dates

Classification

• Technology area (CPC —)General

Abstract

The embodiments described herein describe technologies for ticketing systems used in consumption and provisioning of data assets, such as a pre-computed (PCD) asset. A ticket may be a digital file or data that enables enforcement of usage count limits and uniqueness issuance ore sequential issuance of target device parameters. On implementation includes an Appliance device of a cryptographic manager (CM) system that receives a Module and a ticket over a network from a Service device. The Module is an application that securely provisions a data asset to a target device in an operation phase of a manufacturing lifecycle of the target device. The ticket is digital data that grants permission to the Appliance device to execute the Module. The Appliance device verifies the ticket to execute the Module. The Module, when executed, results in a secure construction of a sequence of operations to securely provision the data asset to the target device.