Abstract: Disclosed is a method, a device, and/or a system of initiation and transfer of a cryptographic database and/or a cryptographic unit. In one embodiment, an electronic mint generates and mints proofs in an indelible media using a hash function. The proofs and/or an origin hash based on the proofs may be usable to seed a hash chain of a cryptographic bearer database and/or a cryptographic unit with an evolving state hash. The database and/or unit is issued from a treasury server and transferred between user devices as coordinated by a tracking server that utilizes one or more immutable records to track the database and/or unit and retain uniqueness of the bearer database in its most evolved state. Transfers may update user state hash of an evolving user profile usable as an authentication token and/or to show assent to a transaction resulting in a seal hash of acceptance.

Abstract: Disclosed is a method, a device, and/or a system of ledger token transfer of a distributed ledger network through cryptographic binding to a transferrable possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a ledger token includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the asset with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Abstract: Disclosed is a method, a device, and/or a system of rapid and secure off-ledger cryptocurrency transactions through cryptographic binding of a private key to a possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a quantity of cryptocurrency includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the quantity of cryptocurrency with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Abstract: Disclosed is a method, a device, and/or a system of ephemeral control of a data resource according to a use policy. In one embodiment, a method for ephemeral control of a data resource includes receiving a request from a device to use a protected resource stored in a non-hierarchical data structure. A use policy defining an authorized context for which the device can use the protected resource based on one or more contextual value is extracted from a data node. A set of use terms is generated and returned to the device. The protected resource is then streamed to the device, where the device includes a process to enforce ephemerality of the protected resource by maintaining a ledger comprising data identifying the protected resource that is in an active use by the device and a corresponding instance of the use terms associated with the authorized use of the protected resource.

Abstract: Disclosed is a method, a device, and/or a system of controlling permissible actions a computing device can perform on a data resource based on a use policy evaluating an authorized context of the device. In one embodiment, a request is received from a device to use a protected resource stored in a non-hierarchical data structure. A use policy defining an authorized context for which the device can use the protected resource based on contextual value(s) is extracted from a data node. A use transaction is initiated that gathers the contextual values to determine whether the use request satisfies the authorized context. A set of use terms is generated and returned to the device. The protected resource is then streamed to the device, where the device includes a process to enforce ephemerality of the protected resource by maintaining the protected resource in association with the set of use terms.

Abstract: Disclosed is a method, a device, and/or a system of authentication through use of an unforgeable hash function-based credential. In one embodiment, method for electronic authentication includes receiving an authentication request including an identity claim from a first device, the identity claim including a device root hash computed by a hash function using inputs comprising a previously calculated hash value of the device. The method retrieves data of a user profile associated with the first device, the user profile including a profile root hash computed by the hash function using inputs comprising a previously calculated hash value of the user profile. The method extracts the profile root hash and compares the device root hash with the profile root hash. The method determines that the device root hash and the profile root hash are not identical, denies the authentication request, and optionally locks the user profile.

Abstract: Disclosed is a method, a device, and/or a system of authentication through verification of an evolving identity credential. In one embodiment, an authentication method includes receiving an identity claim from a device that includes a device root hash of a hashed history of the device, referred to as a device hastory. Data of a user profile associated with the device that includes a profile root hash of a profile hastory is retrieved. The device root hash and the profile root hash, each of which may be computed as the output of a hash function with inputs including one or more previous authentication transactions, are compared and determined to be identical to verify an identity of a user and/or a device. Alternatively, a comparison may be determined to be non-identical and the authentication request rejected and/or the user profile suspended.

Abstract: Disclosed is a method, a device, a system and/or a manufacture of efficient data query and utilization through a semantic storage model. In one embodiment, a method includes generating a unique identifier (UID) to uniquely address a domain within a datastore, defining a content element (NT element) storing a primitive data and/or drawing reference(s) to other domains within the datastore according to a directed acyclic graph architecture, an identity entity element (TY element) of the domain storing data that alone or in combination distinguishes the domain from one or more other domains within the datastore, and a context element (XT element) of the domain that further characterizes the domain and/or draws reference(s) to other domains within the datastore which may violate the directed acyclic graph architecture to define a flexible contextual reference. A key may be generated such that the TY element is individually addressable within the datastore.

Abstract: Disclosed is a method, a device, and/or a system of control over data resource utilization through a security node control policy evaluated in the context of an authorization request. In one embodiment, a method includes receiving an authorization request from a device to utilize a protected resource within a datastore. A control policy extracted from a security node defines an authorized context for the device to utilize the protected resource. The control policy includes a control algorithm comprising one or more conditionals comparing context values to control ranges. Context values are retrieved to form a context dataset. Utilization of the protected resource is authorized when it is determined by the control algorithm that the context dataset conforms to the authorized context. The security node may organize data into a domain structure that includes a unique identifier, an identity element, a content element, and a context element.

Abstract: Disclosed is a method, a device, and/or a system of rapid and secure off-ledger cryptocurrency transactions through cryptographic binding of a private key to a possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a quantity of cryptocurrency includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the quantity of cryptocurrency with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Abstract: Disclosed is a method, a device, and/or a system of secure custody of a ledger token and/or a quantity of cryptocurrency of a distributed ledger network through binding to a possession token. In one embodiment, a private key controlling an entry in a ledger database of a distributed ledger network is stored in a cryptographically secured data container. The private key may be generated and securely maintained by a server. The data container is cryptographically tied to a possession token that can be issued to a user that may be an evolving dataset that may evolve in state on each transfer to maintain a real time global state across a network of computing devices. Decryption of the private key on the server may depend on data stored in the possession token. The possession token may therefore bestow title of the ledger token and allow for transfer of title while protecting the private key from threats such as hacking and inadvertent loss.

Abstract: Disclosed is a method, a device, and/or a system of controlling permissible actions a computing device can perform on a data resource based on a use policy evaluating an authorized context of the device. In one embodiment, a request is received from a device to use a protected resource stored in a non-hierarchical data structure. A use policy defining an authorized context for which the device can use the protected resource based on contextual value(s) is extracted from a data node. A use transaction is initiated that gathers the contextual values to determine whether the use request satisfies the authorized context. A set of use terms is generated and returned to the device. The protected resource is then streamed to the device, where the device includes a process to enforce ephemerality of the protected resource by maintaining the protected resource in association with the set of use terms.

Abstract: Disclosed is a method, a device, and/or a system of authentication through verification of an evolving identity credential. In one embodiment, an authentication method includes receiving an identity claim from a device that includes a device root hash of a hashed history of the device, referred to as a device hastory. Data of a user profile associated with the device that includes a profile root hash of a profile hastory is retrieved. The device root hash and the profile root hash, each of which may be computed as the output of a hash function with inputs including one or more previous authentication transactions, are compared and determined to be identical to verify an identity of a user and/or a device. Alternatively, a comparison may be determined to be non-identical and the authentication request rejected and/or the user profile suspended.

Abstract: Disclosed is a method, a device, and/or a system of authorization of access to a data resource in addition to specific actions to be performed on the data resource based on an authorized context enforced by a use policy. A computer-implemented method includes receiving a use request from a device to use a protected resource. The method extracts from a security node a use policy comprising defining an authorized context for use the protected resource. First, access to the protected resource is authorized when the use request conforms to the authorized context. Use keys are generated and returned to the device for redemption. Second, after the protected resource is streamed to the device, a process of the device monitors use of and enforce ephemerality of the protected resource by maintaining an active use ledger. A use policy update may generate new use terms that are pushed to the device, terminating use.

Abstract: Disclosed is a method, a device, and/or a system of initiation and transfer of a cryptographic database and/or a cryptographic unit. In one embodiment, an electronic mint generates and mints proofs in an indelible media using a hash function. The proofs and/or an origin hash based on the proofs may be usable to seed a hash chain of a cryptographic bearer database and/or a cryptographic unit with an evolving state hash. The database and/or unit is issued from a treasury server and transferred between user devices as coordinated by a tracking server that utilizes one or more immutable records to track the database and/or unit and retain uniqueness of the bearer database in its most evolved state. Transfers may update user state hash of an evolving user profile usable as an authentication token and/or to show assent to a transaction resulting in a seal hash of acceptance.

Abstract: Disclosed is a method, a device, and/or a system of authentication of a user and/or a device through parallel synchronous update of immutable hash histories. In one embodiment, a computer-implemented method for authentication includes receiving an identity claim from a device that includes a device root hash of a hashed history of the device, referred to as a device hastory. Data of a user profile associated with the device that includes a profile root hash of a profile hastory is retrieved. The device root hash and the profile root hash are compared and determined to be identical to verify an identity of a user and/or a device. A transaction record is generated and deposited as a new block in both in the profile hastory and device hastory. A new profile root hash is computed to evolve the identity of the user profile for a prospective authentication request.

Abstract: Disclosed is a method, a device, a system and/or a manufacture of efficient data query and utilization through a semantic storage model. In one embodiment, a method includes generating a unique identifier (UID) to uniquely address a domain within a datastore, defining a content element (NT element) storing a primitive data and/or drawing reference(s) to other domains within the datastore according to a directed acyclic graph architecture, an identity entity element (TY element) of the domain storing data that alone or in combination distinguishes the domain from one or more other domains within the datastore, and a context element (XT element) of the domain that further characterizes the domain and/or draws reference(s) to other domains within the datastore which may violate the directed acyclic graph architecture to define a flexible contextual reference. A key may be generated such that the TY element is individually addressable within the datastore.

Abstract: Disclosed is a method, a device, and/or a system of uniqueness and auditing of a data resource through an immutable record of transactions in a hash history. In one embodiment, a method includes maintaining uniqueness of a “data organism” that has a hash history, referred to as a hastory, forming a unique identity based on previous transactions in which the data organism participated. The method may be usable to verify an original of the data organism, control copies, transfer ownership and/or audit the datastore. The hastory includes a set of blocks in a sequential chain, each block including a transaction record. A root hash is unique within the datastore for a given data within each block and a given block order of the sequential chain. A transaction record is deposited as a new block in the sequential and the root hash is re-calculated to evolve identity of the data organism.

Abstract: Disclosed is a method, a device, a system and/or a manufacture of a semantic data structure. In one embodiment, a physical memory usable to store information within a datastore comprises a number of domains. Each domain includes a unique identifier and organizes data into a domain structure that includes and an identity element, a content element, and a context element, each of which may be implemented as an EAV triplet. A fundamental instantiation of the domain structure contains a primitive data and a relational instantiation of the domain structure contains references to other domains. The references of the content element may be constrained, for example to a directed acyclic graph architecture, while references of the context element may reference any domain. Additional instantiations may build orders of referential structure, provide security and control of data resources within the datastore, and model users and application programs.

Abstract: Disclosed is a method, a device, and/or a system of control over data resource utilization through a security node control policy evaluated in the context of an authorization request. In one embodiment, a method includes receiving an authorization request from a device to utilize a protected resource within a datastore. A control policy extracted from a security node defines an authorized context for the device to utilize the protected resource. The control policy includes a control algorithm comprising one or more conditionals comparing context values to control ranges. Context values are retrieved to form a context dataset. Utilization of the protected resource is authorized when it is determined by the control algorithm that the context dataset conforms to the authorized context. The security node may organize data into a domain structure that includes a unique identifier, an identity element, a content element, and a context element.