IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0325719
(2006-01-05)
|
등록번호 |
US-8447695
(2013-05-21)
|
발명자
/ 주소 |
- Chenthamarakshan, Vijil Enara
|
출원인 / 주소 |
- International Business Machines Corporation
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
1 인용 특허 :
4 |
초록
▼
A method and system for processing feedback entries received from software provided by a vendor to an end user machine. The end user machine includes the software, a feedback module, and a database. The feedback module: generates a secret key k(0) and makes the key k(0) known to both the vendor and
A method and system for processing feedback entries received from software provided by a vendor to an end user machine. The end user machine includes the software, a feedback module, and a database. The feedback module: generates a secret key k(0) and makes the key k(0) known to both the vendor and a user of the software; generates a secret key n(0) and makes the key n0) known to the vendor but not to but not to the user; generates a secret key s(0) and makes the key s(0) known to the user but not to the vendor; generates an encryption Ek0 of an identification tag using the key (k(0); generates a parameter Hn0 such that Hn0=Hash(n(0)∥Ek0); generates a parameter Hs0 such that Hs0=Hash(s(0)∥Ek0); sends Ek0, Hn0, and Hs0 to the database; and sends Ek0 and Hs0 to the vendor.
대표청구항
▼
1. A method for processing feedback entries received from software, said software provided by a vendor to an end user machine, said end user machine comprising a processor, the software, a feedback module, and a database, wherein a concatenation operator ∥ is defined such that A∥B denotes a concaten
1. A method for processing feedback entries received from software, said software provided by a vendor to an end user machine, said end user machine comprising a processor, the software, a feedback module, and a database, wherein a concatenation operator ∥ is defined such that A∥B denotes a concatenation of strings A and B, wherein E(K,X) defines a symmetric key encryption of a parameter X using a key K, wherein Hash(Y) defines a one way hash function of a parameter Y, and wherein said method comprises: said processor, via execution of the feedback module, establishing a secret key k(0), said feedback module sending the key k(0) to the vendor, and communicating the key k(0) to a user of the software;said processor, via execution of the feedback module, establishing a secret key n(0), the feedback module sending the key n(0) to the vendor, and communicating the key n(0) to a user;said processor, via execution of the feedback module, generating an identification tag FE(0);said processor, via execution of the feedback module, generating a secret key s(0) and communicating the generated key s(0) to the user but not to the vendor;said processor, via execution of the feedback module, generating an encryption Ek0 of an identification tag FE(0) using the secret key k(0) where Ek0=E(k(0),FE(0));said processor, via execution of the feedback module, generating a parameter Hn0 using the secret key n(0) where Hn0=Hash(n(0)∥Ek0);said processor, via execution of the feedback module, generating a parameter Hs0 using the secret key s(0) where Hs0=Hash(s(0)∥Ek0);said processor, via execution of the feedback module, sending Ek0, Hn0, and Hs0 to the database; andsaid processor, via execution of the feedback module, sending Ek0and Hn0 to the vendor. 2. The method of claim 1, said method comprising: said processor, via execution of the feedback module, generating keys k(1), n(1), and s(1) such that k(1)=Hash(k(0)), n(1)=Hash(n(0)), and s(1)=Hash(s(0)); andsaid processor, via execution of the feedback module, sending k(1), n(1), and s(1) to the database. 3. The method of claim 2, said method comprising said processor, via execution of the feedback module, receiving N feedback entries from the software and processing the N feedback entries, said N feedback entries denoted as FE(1), . . . , FE(N), said N at least 1, said processing the feedback entry FE(i) for each of i=1, . . . , N comprising: calculating parameters Eki, Hni, and Hsi such that Eki=E(k(i), FE(i)), Hni=Hash(n(i)∥Eki), and Hsi=Hash(s(i)∥Eki);writing Eki, Hni, and Hsi to the database;said processor, via execution of the feedback module, generating keys k(i+1), n(i+1), and s(i+1) such that k(i+1)=Hash(k(i)), n(i+1)=Hash(n(i)), and s(i+1)=Hash(s(i)); andreplacing keys k(i), n(i), and s(i) in the database with keys k(i+1), n(i+1), and s(i+1),wherein after said processing the N feedback entries, the database comprises k(N+1), n(N+1), and s(N+1). 4. The method of claim 3, said method comprising said processor, via execution of the feedback module, synchronizing content of the database with the vendor, said synchronizing comprising sending to the vendor: (Eki, Hni, i=M, . . . , N) and E(k(N+1), n(N+1)), wherein 1≦M≦N. 5. The method of claim 4, wherein M=1. 6. The method of claim 4, wherein M>1. 7. A validation method for validating the N feedback entries resulting from performance of the method of claim 4, said validation method comprising verifying, by the vendor, an integrity of the N feedback entries received by the vendor as a result of said sending to the vendor: ((Eki, Hni), i=M, . . . , N) and E(k(N+1), n(N+1)), wherein 1≦M≦N. 8. The validation method of claim 7, wherein said verifying comprises: setting i=0 and H(0)=n(0);executing iterations i=0, 1, . . . , N of a loop, wherein executing each iteration i of the loop comprises: setting H′ni=Hash(H(i)∥Eki); determining that H′ni=Hni; and responsive to said determining that H′ni=Hni, setting H(i+1)=Hash(H(i)) and k(i+1)=Hash(k(i));after said executing: decrypting E(k(N+1), n(N+1)) using key k(N+1) to infer n(N+1);determining if n(N+1)=H(N+1); andresponsive to said determining that n(N+1)=H(N+1), ascertaining that the integrity of the N feedback entries received by the vendor has been verified. 9. The validation method of claim 7, wherein the validation method further comprises, as performed by the vendor prior to said verifying: calculating H′n0=Hash(n(0)∥Ek0);determining if H′n0=Hn0; andresponsive to said determining that H′n0=Hn0, decrypting Ek0to infer FE(0) and recording that the database is set. 10. A validation method for validating the N feedback entries resulting from performance of the method of claim 3, said validation method comprising verifying, by the user, an integrity of the N feedback entries in the database as a result of writing ((Eki, Hni, Hsi), i=1, . . . , N) to the database. 11. The validation method of claim 10, wherein said verifying comprises: setting i=0 and S(0)=s(0);executing iterations i=0, 1, . . . , N of a loop, wherein executing each iteration i of the loop comprises: setting H′si=Hash(S(i)∥Eki); determining that H′si=Hsi; and responsive to said determining that H′si=Hsi, setting S(i+1)=Hash(S(i));after said executing: determining if S(N+1)=s(N+1); andresponsive to said determining that S(N+1)=s(N+1), ascertaining that the integrity of the N feedback entries in the database has been verified. 12. The method of claim 1, wherein a communication network is disposed between the end user machine and the vendor, wherein an application firewall is disposed between the end user machine and the communication network, wherein the feedback module is connected to both the application firewall and the database, wherein the software is connected to the feedback module, wherein the software is coupled to the application firewall via the feedback module, wherein the software is coupled to the database via the feedback module, and wherein the method further comprises: said feedback module receiving the feedback entries from the software;said feedback module writing, to the database, the feedback entries that the feedback module received from the software;said application firewall preventing the software from accessing the communication network; andsaid application firewall controlling access of the communication network by the feedback module. 13. The method of claim 12, wherein the communication network comprises the Internet. 14. The method of claim 1, wherein the identification tag is selected from the group consisting of a serial number of the software, a version number of the software and a combination of the serial number of the software and the version number of the software. 15. A computer program product, comprising a non-volatile computer readable storage medium having a computer readable program code stored therein, said computer readable program code, upon being executed by a processor, performs a method for processing feedback entries received from software, said software provided by a vendor to an end user machine, said end user machine comprising the processor, the software, a feedback module, and a database, wherein a concatenation operator ∥ is defined such that A∥B denotes a concatenation of strings A and B, wherein E(K,X) defines a symmetric key encryption of a parameter X using a key K, wherein Hash(Y) defines a one way hash function of a parameter Y, and wherein said method comprises: said processor via execution of the feedback module, establishing a secret key k(0), said feedback module sending the key k(0) to the vendor, and communicating the key k(0) to a user of the software;said processor via execution of the feedback module, establishing a secret key n(0), the feedback module sending the key n(0) to the vendor, and not communicating the key n(0) to the user;said processor, via execution of the feedback module, generating an identification tag FE(0);said processor, via execution of the feedback module, generating a secret key s(0) and communicating the generated key s(0) to the user but not to the vendor;said processor, via execution of the feedback module, generating an encryption Ek0 of the identification tag FE(0) using the secret key k(0) where Ek0=E(k(0),FE(0));said processor, via execution of the feedback module, generating a parameter Hn0 using the secret key n(0) where Hn0=Hash(n(0)∥Ek0);said processor, via execution of the feedback module, generating a parameter Hs0 using the secret key s(0) where Hs0=Hash(s(0)∥Ek0);said processor, via execution of the feedback module, sending Ek0, Hn0, and Hs0 to the database; andsaid processor, via execution of the feedback module, sending Ek0 and Hn0 to the vendor. 16. The computer program product of claim 15, said method comprising: said processor, via execution of the feedback module, generating keys k(1), n(1), and s(1) such that k(1)=Hash(k(0)), n(1)=Hash(n(0)), and s(1)=Hash(s(0)); andsaid processor, via execution of the feedback module, sending k(1), n(1), and s(1) to the database. 17. The computer program product of claim 16, said method comprising said processor, via execution of the feedback module, receiving N feedback entries from the software and processing the N feedback entries, said N feedback entries denoted as FE(1), . . . , FE(N), said N at least 1, said processing the feedback entry FE(i) for each of i=1, . . . , N comprising: calculating parameters Eki, Hni, and Hsi such that Eki=E(k(i), FE(i)), Hni=Hash(n(i)∥Eki), and Hsi=Hash(s(i)∥Eki);writing Eki, Hni, and Hsi to the database;generating keys k(i+1), n(i+1), and s(i+1) such that k(i+1)=Hash(k(i)), n(i+1)=Hash(n(i)), and s(i+1)=Hash(s(i)); andreplacing keys k(i), n(i), and s(i) in the database with keys k(i+1), n(i+1), and s(i+1),wherein after said processing the N feedback entries, the database comprises k(N+1), n(N+1), and s(N+1). 18. The computer program product of claim 17, said method comprising said processor, via execution of the feedback module, synchronizing content of the database with the vendor, said synchronizing comprising sending to the vendor: (Eki, Hni, i=M, . . . , N) and E(k(N+1), n(N+1)), wherein 1≦M≦N. 19. The computer program product of claim 18, wherein M=1. 20. The computer program product of claim 18, wherein M>1. 21. The computer program product of claim 15, wherein a communication network is disposed between the end user machine and the vendor, wherein an application firewall is disposed between the end user machine and the communication network, wherein the feedback module is connected to both the application firewall and the database, wherein the software is connected to the feedback module, wherein the software is coupled to the application firewall via the feedback module, wherein the software is coupled to the database via the feedback module, and wherein the method further comprises: said feedback module receiving the feedback entries from the software;said feedback module writing, to the database, the feedback entries that the feedback module received from the software;said application firewall preventing the software from accessing the communication network; andsaid application firewall controlling access of the communication network by the feedback module. 22. The computer program product of claim 21, wherein the communication network comprises the Internet. 23. The computer program product of claim 15, wherein the identification tag is selected from the group consisting of a serial number of the software, a version number of the software and a combination of the serial number of the software and the version number of the software. 24. A process for deploying (or integrating) computing infrastructure, said process comprising integrating computer-readable code into a computing system, wherein the code in combination with the computing system is capable of performing a method for processing feedback entries received from software, said software provided by a vendor to an end user machine, said end user machine comprising a processor, the software, a feedback module, and a database, wherein a concatenation operator ∥ is defined such that A∥B denotes a concatenation of strings A and B, wherein E(K,X) defines a symmetric key encryption of a parameter X using a key K, wherein Hash(Y) defines a one way hash function of a parameter Y, and wherein said method comprises: said processor via execution of the feedback module, establishing a secret key k(0), said feedback module sending the key k(0) to the vendor, and communicating the key k(0) to a user of the software;said processor via execution of the feedback module, establishing a secret key n(0), the feedback module sending the key n(0) to the vendor, and not communicating the key n(0) to the user;said processor, via execution of the feedback module, generating an identification tag FE(0);said processor, via execution of the feedback module, generating a secret key s(0) and communicating the generated key s(0) to the user but not to the vendor;said processor, via execution of the feedback module, generating an encryption Ek0 of the identification tag FE(0) using the secret key k(0) where Ek0=E(k(0),FE(0));said processor, via execution of the feedback module, generating a parameter Hn0 using the secret key n(0) where Hn0=Hash(n(0)∥Ek0);said processor, via execution of the feedback module, generating a parameter Hs0 using the secret key s(0) where Hs0=Hash(s(0)∥Ek0);said processor, via execution of the feedback module, sending Ek0, Hn0, and Hs0 to the database; andsaid processor, via execution of the feedback module, sending Ek0 and Hn0 to the vendor. 25. The process of claim 24, said method comprising: said processor, via execution of the feedback module, generating keys k(1), n(1), and s(1) such that k(1)=Hash(k(0)), n(1)=Hash(n(0)), and s(1)=Hash(s(0)); andsaid processor, via execution of the feedback module, sending k(1), n(1), and s(1) to the database. 26. The process of claim 25, said method comprising, said processor, via execution of the feedback module, receiving N feedback entries from the software and processing the N feedback entries, said N feedback entries denoted as FE(1), . . . , FE(N), said N at least 1, said processing the feedback entry FE(i) for each of i=1, . . . , N comprising: calculating parameters Eki, Hni, and Hsi such that Eki=E(k(i), FE(i)), Hni=Hash(n(i)∥Eki), and Hsi=Hash(s(i)∥Eki);writing Eki, Hni, and Hsi to the database;generating keys k(i+1), n(i+1), and s(i+1) such that k(i+1)=Hash(k(i)), n(i+1)=Hash(n(i)), and s(i+1)=Hash(s(i)); andreplacing keys k(i), n(i), and s(i) in the database with keys k(i+1), n(i+1), and s(i+1),wherein after said processing the N feedback entries, the database comprises k(N+1), n(N+1), and s(N+1). 27. The process of claim 26, said method comprising said processor, via execution of the feedback module, synchronizing content of the database with the vendor, said synchronizing comprising sending to the vendor: (Eki, Hni, i=M, . . . , N) and E(k(N+1), n(N+1)), wherein 1≦M≦N. 28. The process of claim 27, wherein M=1. 29. The process of claim 27, wherein M>1. 30. The process of claim 24, wherein a communication network is disposed between the end user machine and the vendor, wherein an application firewall is disposed between the end user machine and the communication network, wherein the feedback module is connected to both the application firewall and the database, wherein the software is connected to the feedback module, wherein the software is coupled to the application firewall via the feedback module, wherein the software is coupled to the database via the feedback module, and wherein the method further comprises, and wherein the method further comprises: said feedback module receiving the feedback entries from the software;said feedback module writing, to the database, the feedback entries that the feedback module received from the software;said application firewall preventing the software from accessing the communication network; andsaid application firewall controlling access of the communication network by the feedback module. 31. The process of claim 30, wherein the communication network comprises the Internet. 32. The process of claim 24, wherein the identification tag is selected from the group consisting of a serial number of the software, a version number of the software and a combination of the serial number of the software and the version number of the software.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.