Verification of process integrity
Abstract
A system implements a secure transaction of data between a server and a remote device. The remote device comprises: processing means adapted to process input data according to a security process; data storage means adapted to store verification information derived from the input data according to an encryption algorithm; and communication means for communicating the input data which has been processed by the security process to the server. The server is adapted to transmit a verification request to the remote device, and to verify the integrity of the security process based on verification information received from the communication means of the remote device in response to the verification request.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. A system comprising a server and a remote device and in a system comprising a server, the remote device configured to implement a secure transaction of data between with the server and remote device, wherein the remote device comprises:
a processing device configured to process input data according to a security process;
a data storage device configured to store verification information derived from the input data;
a communication device configured to communicate the processed input data which has been processed by the security process to the server, wherein the server is configured to transmit receive a verification request to from the remote device server, verify integrity of the security process based on and communicate the stored verification information received from the data storage device in response to the verification request for the server to verify integrity of the security process; and
a secure processor, wherein the verification information is derived from the input data according to an encryption algorithm implemented by the secure processor,
wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.
2. The system remote device according to claim 1 , wherein the remote device is a vehicle mounted unit comprising a global navigation system receiver configured to implement a position tracking function, and wherein the communication device comprises a mobile telephony receiver.
3. The system remote device according to claim 2 , wherein the input data is derived from data output from the global navigation system receiver.
4. The system remote device according to claim 1 , wherein the security process is configured to process input data such that the processed data does not disclose information related to the content of the input data.
5. The system remote device according to claim 4 , wherein the security process is a cryptographically secure one-way hash function.
6. The system remote device according to claim 1 , wherein the server is configured to process verification information received from the remote device according to a supplementary security process so as to verify the integrity of the security process undertaken by the remote device.
7. The system remote device of claim 1 , further comprising:
a database, local to the remote device, that is configured to store the verification information.
8. A method of implementing at a remote device a secure transaction of data between with a server and a remote device, the method comprising:
processing input data, in the remote device, according to a security process;
storing verification information derived from the input data;
communicating the processed input data to the server;
transmittingreceiving a verification request from the server to the remote device;
communicating, from the remote device, the stored verification information to the server in response to the verification request; verifying, at for the server, to verify integrity of the security process based on the verification information communicated to the server; and
deriving the verification information from the input data according to an encryption algorithm implemented by a secure processor,
wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.
9. The method as claimed in claim 8 , wherein the remote device is a vehicle mounted unit comprising a global navigation system receiver configured to implement a position tracking function, and wherein the step of communicating is implemented using a mobile telephony receiver.
10. The method as claimed in claim 9 , further comprising:
deriving the input data from data output from the global navigation system receiver.
11. The method as claimed in claim 8 , wherein the step of processing input data comprises:
processing input data such that the processed data does not disclose information related to the content of the input data.
12. The method as claimed in claim 11 , wherein the step of processing input data comprises:
processing input data using a cryptographically secure one-way hash function.
13. The method as claimed in claim 8 , wherein the step of verifying comprises: processing integrity of the verification information received from communicated by the remote device is verified according to a supplementary security process.
14. The method of claim 8 , further comprising:
storing the verification information in a database which is local to the remote device.
15. The method of claim 8 , further comprising:
notifying a user that the remote device has received an enforcement a verification request requiring data to be sent to the server.
16. The method of claim 8 , wherein further comprising verifying, at the server, further comprises by:
verifying a signature of binding data; and
subsequently verifying the binding data.
17. The method of claim 8 , further comprising:
communicating, to the server, a package identifier, computed cost, GPS data hash, and a signature.
18. A non-transitory medium readable by a machine, the non-transitory medium comprising:
instructions for processing input data, in a remote device, according to a security process;
instructions for storing verification information derived from the input data;
instructions for communicating the processed input data to the server;
instructions for transmitting processing a verification request from the server to the remote device;
instructions for communicating the stored verification information from the remote device to the server in response to the verification request;
instructions for verifying, at the server, for the server to verify integrity of the security process based on the verification information communicated to the server; and
instructions for deriving the verification information from the input data according to an encryption algorithm implemented by a secure processor,
wherein the remote device is configured to communicate verification information to the server only in response to receiving a verification request from the server.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.