A portion of the disclosure of this patent document contains material, which is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent file or records, but otherwise reserves all copyright rights whatsoever.
The present invention generally relates to methods and systems of Auto-ID enabled logistics track and trace data management. More particularly, the invention related to protocols, method and system of privacy protection and security control for RFID and sensor based logistics track and trace data sharing between involved stakeholders with business subcontracting relationships.
Subcontracting is a common practice in logistics industry for delivering goods from a consigner to a consignee, meaning that a prime logistics service provider, e.g. a third-party logistics company, usually outsources its contracted logistics service from the consigner to specialized companies to execute individual logistics operations, such as consolidation and deconsolidation, warehousing, cross-border ocean shipping, train and truck transportation.
Visibility and security are key concerns of the prime logistics enterprise and its subcontractors in sharing logistics track and trace data. Auto-ID technologies, e.g. Radio Frequency Identification (RFID) and sensor, are promising enabling technologies that allow automatic identification and trajectory capture of moving logistics objects, e.g. items, products, pallets and containers, which can greatly improve the visibility and efficiency of logistics and supply chain management operations. But, the adoption of Auto-ID technologies presents these companies with potential risks of disclosing sensitive and valuable business information to unauthorized invaders or business competitors. Dynamics of the subcontracting relationships also make it very difficult for the prime company and its subcontractors to share track and trace data in efficient ways using traditional static database administration model. Thus, flexible data sharing policies and reliable security control mechanisms have to be developed to facilitate the wider adoption of Auto-ID technologies in track and trace applications of logistics and supply chain management.
There are two levels of security control in deploying Auto-ID technologies in logistics track and trace applications: lower data communication level and higher data sharing level in the context of business relationship. In the following description, we just take RFID as an example, which can be easily extended to other Auto-ID technologies enabled applications. Low level security control mainly focuses on the authentication of RFID reader and tag, encryption and decryption of the message transmitted between reader and tag. The details of which are disclosed in the papers: An Juels, RFID Security and Privacy: A Research Survey, 2006 and Filippo Gandino et al., Tampering in RFID: A Survey on Risks and Defenses, 2010; the contents of both documents are incorporated herein by reference in their entirety. High level security control focuses on identity or role based data accessing and data sharing mechanisms, which are widely used in traditional database management applications.
A series of standards developed by industrial consortium EPCglobal, including “The EPCglobal Architecture Framework”, “EPC Information Services (EPCIS) Specification,” “The Application Level Events (ALE) Specification,” provide architectural and technical guidance on RFID data management including data capturing, filtering, storage, accessing and sharing in global supply chain track and trace applications. The standards assume RFID data is collected at different sites and stored in a network of distributed databases when items and products move between organizations. Track and trace data accessing and sharing are implemented through standardized query interfaces provided by each database. Though the recently published specification, titled “EPCglobal Certificate Profile Specification”, describes how security functions, such as authentication, access control, validation, and privacy protection of individuals and corporations, will be distributed across many of the roles/interfaces operating within the EPCglobal network, security is still a major issue not fully addressed in EPCglobal's standards to handle the complexities of global supply chain track and trace.
By leveraging EPCglobal standards, an integrated security control mechanism can be employed to handle the privacy protection and security issues in dynamic supply chain track and trace applications. The details of the EPCglobal standards are disclosed in the paper: W. He et al., A Secure RFID-based Track and Trace Solution in Supply Chains, 2008; the content of which is incorporated herein by reference in its entirety. The mechanism integrates lower level tag-reader security scheme for RFID data capturing and updating and higher level Circle-of-Trust model (COT) for sharing track and trace data. To apply this mechanism in the track and trace application of enterprises with complex and dynamic subcontracting business relationships, a distributed network like EPCglobal network has to be established and a COT model has to be developed, which is not practicable in current logistics operations, especially for small and medium sized logistics enterprises.
A generic traceability data model and an innovative combination of query processing and data sharing techniques from P2P networks, distributed and parallel databases are presented in the paper: Rakesh Agrawal et al., Towards Traceability across Sovereign, Distributed RFID Databases, 2006, and in the U.S. Utility Patent Application titled: Middleware for Query Processing across a Network of RFID Databases (Rakesh Agrawal et al., U.S. Patent Application Publication No. 2008/0129452 A1); the contents of both documents are incorporated herein by reference in their entirety. The model and the techniques enhance the security of track and trace data sharing throughout the supply chain in the sense that: 1) each involved stakeholder is given complete sovereignty over its own data including business relationships information; 2) incoming query is executed and rewritten based upon pre-designed data sharing policies, which can be installed and modified without interaction with other parties.
Another access control model is proposed for monitoring mobile physical objects in logistics and supply chain, which allows users to implement security control and data sharing measures based on pre-set trajectory visibility policies. Referring to the paper: Florian Kerschbaum, An Access Control Model for Mobile Physical Objects, 2010; the content of which is incorporated herein by reference in its entirety. Being well-suited for distributed RFID systems, this model is an extension to attribute-based access control model, which originally aims to enable dynamic and fine-grained data sharing in service oriented environment. Referring to the paper: Eric Yuan et al., Attributed Based Access Control for Web Services, 2005; the content of which is incorporated herein by its entirety.
For central RFID data management solution, an RFID cube is introduced to support warehousing and analysis of massive RFID data sets. The details are disclosed in the paper: Hector Gonzalez et al., Warehousing and Analyzing Massive RFID Data Sets, 2006; the content of which is incorporated herein by reference in its entirety. The Oracle Corporation presented a new bitmap data type for Oracle DBMS to support RFID-based item tracking applications. Referring to the paper: Ying Hu et al., Supporting RFID-based Item Tracking Applications in Oracle DBMS Using a Bitmap Datatype, 2005; the content of which is incorporated herein by reference in its entirety. Both solutions assume that RFID data is collected and updated from separate users, and is stored within a single data repository.
To tackle the efficiency issues arising from incremental real-time RFID data update and analytical ad-hoc querying of central RFID data management solution, a single database approach is introduced, which merges OLAP (On-Line Analysis Processing) and OLTP (On-line Transaction Processing) components in only one central database system. Referring to the paper: Veneta Doreva et al., Put All Eggs in One Basket: An OLTP and OLAP Database Approach for Traceability Data, 2010. Security and confidentiality of RFID data are not fully addressed in all of these central management solutions once it is collected and uploaded into the central data repository.
In spite of the prior arts described above on RFID data management, security control and data sharing mechanisms, there remains a great need of efficient and lightweight methods for the prime logistics enterprise and its subcontractors to share logistics track and trace data over dynamic business subcontracting relationships.
It is an objective of the presently claimed invention to provide methods and systems of Auto-ID enabled logistics track and trace data management. It is a further objective of the presently claimed invention to provide a light-weight mechanism comprising protocols, a method and a system of privacy protection and security control for RFID and sensor based logistics track and trace data sharing between involved stakeholders with business subcontracting relationships.
It is a further objective of the presently claimed invention to provide a protocol for a prime logistics enterprise to register and de-register subcontracting relationship with its subcontractors; a protocol for the prime logistics enterprise to set up and clear outsourced logistics jobs; a protocol for subcontractors to update, upload and clear the outsourced jobs related data; a protocol for stakeholders to track outsourced jobs execution progress and trace job execution history based on business subcontracting relationships; and a protocol for public users to query traceability report of items and products with product code.
In accordance to various embodiments of the presently claimed invention, the methods comprise the steps and processes for the prime logistics enterprise and its subcontractors to upload and share track and trace data by utilizing the described protocols. In accordance to various embodiments of the presently claimed invention, the systems include at least a data repository to manage the static information on the involved enterprises and their subcontract relationships, a data repository to maintain the dynamic updates of track and trace data, and processing engines for handling transactional and analytical queries from end users.
In accordance to various embodiments of the presently claimed invention, the systems include a track and trace service platform with lightweight privacy control mechanism. The platform provides small and medium enterprises with an Auto-ID enabled affordable and secure solution to logistics track and trace applications, which integrates both the lower level data security control mechanism and higher level business subcontract relationship based data sharing strategies.
Embodiments of the invention, including artifacts for implementing the aforementioned protocols, methods, and systems, major user cases sequence diagrams and system architecture schematics are described in more detail hereinafter with reference to the drawings, in which:
In the following description, protocols of lightweight privacy protection, methods, and systems for RFID and sensor based logistics track and trace data sharing over business subcontracting relations are set forth as preferred examples. It will be apparent to those skilled in the art that modifications, including additions and/or substitutions may be made without departing from the scope and spirit of the invention. Specific details may be omitted so as not to obscure the invention; however, the disclosure is written to enable one skilled in the art to practice the teachings herein without undue experimentation.
The presently claimed invention discloses a lightweight privacy protection mechanism for logistics enterprises with subcontracting relationships to securely share and efficient query logistics track and trace data collected with Auto-ID enabled systems. The mechanism comprises a set of protocols for data security control and data sharing, a method and system to implement the protocols. Different embodiments of the invention will be described below in detail with reference to the drawings so that those skilled in the art can practice and implement the invention fully or partially.
A typical cross-border logistics scenario is demonstrated in
As illustrated in
As shown in
The prime enterprise 304 needs to initialize and set up job information for outsourcing it to subcontractors (see solid lines in
As shown in
Data capturing system E can upload captured data into P over secure communication protocols (see dashed lines in
The prime enterprise and its subcontractors can track the outsourced job's execution progress or trace back its execution history by enquiring P with user identity information and job identity information (see dash-dotted lines in
Public users and supervision organizations can obtain traceability report of specified items and products by querying P with identification code, such as Electronic Product Code (see long dashed lines in
As illustrated in
The prime enterprise 304 can request the track and trace service platform P to clear a specified job data by sending to P its user identity information and the information of the job to be cleared (see long dash-dotted lines in
In some embodiments, the present invention includes a computer storage medium having computer instructions or software codes stored therein which can be used to program a computer or microprocessor to perform any of the processes of the presently claimed invention. The storage medium can include, but is not limited to, floppy disks, optical discs, Blu-ray Disc, DVD, CD-ROMs, and magneto-optical disks, ROMs, RAMs, flash memory devices, or any type of media or device suitable for storing instructions, codes, and/or data.
The foregoing description of the presently claimed invention has been provided for the purposes of illustration and description. It is not intended to be exhaustive or to limit the invention to the precise forms disclosed. Many modifications and variations will be apparent to the practitioner skilled in the art.
The embodiments were chosen and described in order to best explain the principles of the presently claimed invention and its practical application, thereby enabling others skilled in the art to understand the invention for various embodiments and with various modifications that are suited to the particular use contemplated. It is intended that the scope of the presently claimed invention be defined by the following claims and their equivalence.
This application is a divisional application of U.S. patent application Ser. No. 13/417,209, filed Mar. 10, 2012, the disclosure of which is incorporated herein by reference in its entirety.
Number | Date | Country | |
---|---|---|---|
61451556 | Mar 2011 | US |
Number | Date | Country | |
---|---|---|---|
Parent | 13417209 | Mar 2012 | US |
Child | 14109962 | US |