Abstract: Disclosed is a method, a device, a system and/or a manufacture of an evolving actual possession token with verifiable evolution state. In one embodiment, a method of ledgerless ownership through actual possession of an electronic token receives an electronic token that includes a set of data blocks each having a transaction data beginning with an issue transaction, with each data block having a block hash dependent on a previous block hash and on a secret value used to evolve the electronic token when adding a new block upon a transfer transaction. A new block and a new secret value is generated and input into a cryptographic hash function, resulting in an output that is a new block hash representing an evolved state of the token. The evolved state may be published to an a state dataset that may establish an independent evidence of evolution of the electronic token.

Abstract: In one embodiment, a method may include generating a first public-private key pair having a public key usable as a public address of the ledger token of a distributed ledger network and a private key usable to transfer the ledger token of the distributed ledger network. The method may verify that a ledger transaction occurred. The method may include generating a possession token storable in physical memory and having a state indicated by a state indicator, where the state of the possession token evolves upon transfer between two computing devices over a network. The method may include cryptographically associating the ledger token and the possession token through incorporation of the public address into data generating the state indicator of the state of the possession token. The method may include encrypting the private key to form an encrypted private key and storing the encrypted private key in the possession token.

Abstract: Disclosed is a method, a device, and/or a system of authentication through use of an unforgeable hash function-based credential. In one embodiment, method for electronic authentication includes receiving an authentication request including an identity claim from a first device, the identity claim including a device root hash computed by a hash function using inputs comprising a previously calculated hash value of the device. The method retrieves data of a user profile associated with the first device, the user profile including a profile root hash computed by the hash function using inputs comprising a previously calculated hash value of the user profile. The method extracts the profile root hash and compares the device root hash with the profile root hash. The method determines that the device root hash and the profile root hash are not identical, denies the authentication request, and optionally locks the user profile.

Abstract: Disclosed is a method, a device, and/or a system of ledger token transfer of a distributed ledger network through cryptographic binding to a transferrable possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a ledger token includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the asset with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Abstract: Disclosed is a method, a device, and/or a system of initiation and transfer of a cryptographic database and/or a cryptographic unit. In one embodiment, an electronic mint generates and mints proofs in an indelible media using a hash function. The proofs and/or an origin hash based on the proofs may be usable to seed a hash chain of a cryptographic bearer database and/or a cryptographic unit with an evolving state hash. The database and/or unit is issued from a treasury server and transferred between user devices as coordinated by a tracking server that utilizes one or more immutable records to track the database and/or unit and retain uniqueness of the bearer database in its most evolved state. Transfers may update user state hash of an evolving user profile usable as an authentication token and/or to show assent to a transaction resulting in a seal hash of acceptance.

Abstract: Disclosed is a method, a device, and/or a system of ledger token transfer of a distributed ledger network through cryptographic binding to a transferrable possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a ledger token includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the asset with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Abstract: Disclosed is a method, a device, and/or a system of rapid and secure off-ledger cryptocurrency transactions through cryptographic binding of a private key to a possession token. In one embodiment, a method for rapid and secure ledger-less transfer of a quantity of cryptocurrency includes generating a public-private key pair, securely storing the private key and utilizing the public key as a public address. The method verifies a ledger transaction on a distributed ledger network associated the quantity of cryptocurrency with the public address. The method generates a possession token having a state indicated by a state indicator. The state evolves upon transfer between two computing devices. The method cryptographically associates the ledger token and the possession token through incorporation of the public address into data generating the state indicator. The possession token is transferred to a computing device over the network while retaining the private key in secure custody.

Abstract: Disclosed is a method, a device, and/or a system of ephemeral control of a data resource according to a use policy. In one embodiment, a method for ephemeral control of a data resource includes receiving a request from a device to use a protected resource stored in a non-hierarchical data structure. A use policy defining an authorized context for which the device can use the protected resource based on one or more contextual value is extracted from a data node. A set of use terms is generated and returned to the device. The protected resource is then streamed to the device, where the device includes a process to enforce ephemerality of the protected resource by maintaining a ledger comprising data identifying the protected resource that is in an active use by the device and a corresponding instance of the use terms associated with the authorized use of the protected resource.

Abstract: Disclosed is a method, a device, and/or a system of controlling permissible actions a computing device can perform on a data resource based on a use policy evaluating an authorized context of the device. In one embodiment, a request is received from a device to use a protected resource stored in a non-hierarchical data structure. A use policy defining an authorized context for which the device can use the protected resource based on contextual value(s) is extracted from a data node. A use transaction is initiated that gathers the contextual values to determine whether the use request satisfies the authorized context. A set of use terms is generated and returned to the device. The protected resource is then streamed to the device, where the device includes a process to enforce ephemerality of the protected resource by maintaining the protected resource in association with the set of use terms.

Abstract: Disclosed is a method, a device, and/or a system of authentication through use of an unforgeable hash function-based credential. In one embodiment, method for electronic authentication includes receiving an authentication request including an identity claim from a first device, the identity claim including a device root hash computed by a hash function using inputs comprising a previously calculated hash value of the device. The method retrieves data of a user profile associated with the first device, the user profile including a profile root hash computed by the hash function using inputs comprising a previously calculated hash value of the user profile. The method extracts the profile root hash and compares the device root hash with the profile root hash. The method determines that the device root hash and the profile root hash are not identical, denies the authentication request, and optionally locks the user profile.

Abstract: Disclosed is a method, a device, and/or a system of authentication through verification of an evolving identity credential. In one embodiment, an authentication method includes receiving an identity claim from a device that includes a device root hash of a hashed history of the device, referred to as a device hastory. Data of a user profile associated with the device that includes a profile root hash of a profile hastory is retrieved. The device root hash and the profile root hash, each of which may be computed as the output of a hash function with inputs including one or more previous authentication transactions, are compared and determined to be identical to verify an identity of a user and/or a device. Alternatively, a comparison may be determined to be non-identical and the authentication request rejected and/or the user profile suspended.

Abstract: Disclosed is a method, a device, a system and/or a manufacture of efficient data query and utilization through a semantic storage model. In one embodiment, a method includes generating a unique identifier (UID) to uniquely address a domain within a datastore, defining a content element (NT element) storing a primitive data and/or drawing reference(s) to other domains within the datastore according to a directed acyclic graph architecture, an identity entity element (TY element) of the domain storing data that alone or in combination distinguishes the domain from one or more other domains within the datastore, and a context element (XT element) of the domain that further characterizes the domain and/or draws reference(s) to other domains within the datastore which may violate the directed acyclic graph architecture to define a flexible contextual reference. A key may be generated such that the TY element is individually addressable within the datastore.

Abstract: Disclosed is a method, a device, and/or a system of control over data resource utilization through a security node control policy evaluated in the context of an authorization request. In one embodiment, a method includes receiving an authorization request from a device to utilize a protected resource within a datastore. A control policy extracted from a security node defines an authorized context for the device to utilize the protected resource. The control policy includes a control algorithm comprising one or more conditionals comparing context values to control ranges. Context values are retrieved to form a context dataset. Utilization of the protected resource is authorized when it is determined by the control algorithm that the context dataset conforms to the authorized context. The security node may organize data into a domain structure that includes a unique identifier, an identity element, a content element, and a context element.

Abstract: Disclosed is a method, a device, and/or a system of secure custody of a ledger token and/or a quantity of cryptocurrency of a distributed ledger network through binding to a possession token. In one embodiment, a private key controlling an entry in a ledger database of a distributed ledger network is stored in a cryptographically secured data container. The private key may be generated and securely maintained by a server. The data container is cryptographically tied to a possession token that can be issued to a user that may be an evolving dataset that may evolve in state on each transfer to maintain a real time global state across a network of computing devices. Decryption of the private key on the server may depend on data stored in the possession token. The possession token may therefore bestow title of the ledger token and allow for transfer of title while protecting the private key from threats such as hacking and inadvertent loss.

Abstract: Disclosed is a method, a device, and/or a system of controlling permissible actions a computing device can perform on a data resource based on a use policy evaluating an authorized context of the device. In one embodiment, a request is received from a device to use a protected resource stored in a non-hierarchical data structure. A use policy defining an authorized context for which the device can use the protected resource based on contextual value(s) is extracted from a data node. A use transaction is initiated that gathers the contextual values to determine whether the use request satisfies the authorized context. A set of use terms is generated and returned to the device. The protected resource is then streamed to the device, where the device includes a process to enforce ephemerality of the protected resource by maintaining the protected resource in association with the set of use terms.

Abstract: Disclosed is a method, a device, and/or a system of authentication through verification of an evolving identity credential. In one embodiment, an authentication method includes receiving an identity claim from a device that includes a device root hash of a hashed history of the device, referred to as a device hastory. Data of a user profile associated with the device that includes a profile root hash of a profile hastory is retrieved. The device root hash and the profile root hash, each of which may be computed as the output of a hash function with inputs including one or more previous authentication transactions, are compared and determined to be identical to verify an identity of a user and/or a device. Alternatively, a comparison may be determined to be non-identical and the authentication request rejected and/or the user profile suspended.

Abstract: Disclosed is a method, a device, and/or a system of authorization of access to a data resource in addition to specific actions to be performed on the data resource based on an authorized context enforced by a use policy. A computer-implemented method includes receiving a use request from a device to use a protected resource. The method extracts from a security node a use policy comprising defining an authorized context for use the protected resource. First, access to the protected resource is authorized when the use request conforms to the authorized context. Use keys are generated and returned to the device for redemption. Second, after the protected resource is streamed to the device, a process of the device monitors use of and enforce ephemerality of the protected resource by maintaining an active use ledger. A use policy update may generate new use terms that are pushed to the device, terminating use.

Abstract: Disclosed is a method, a device, and/or a system of initiation and transfer of a cryptographic database and/or a cryptographic unit. In one embodiment, an electronic mint generates and mints proofs in an indelible media using a hash function. The proofs and/or an origin hash based on the proofs may be usable to seed a hash chain of a cryptographic bearer database and/or a cryptographic unit with an evolving state hash. The database and/or unit is issued from a treasury server and transferred between user devices as coordinated by a tracking server that utilizes one or more immutable records to track the database and/or unit and retain uniqueness of the bearer database in its most evolved state. Transfers may update user state hash of an evolving user profile usable as an authentication token and/or to show assent to a transaction resulting in a seal hash of acceptance.

Abstract: Disclosed is a method, a device, and/or a system of authentication of a user and/or a device through parallel synchronous update of immutable hash histories. In one embodiment, a computer-implemented method for authentication includes receiving an identity claim from a device that includes a device root hash of a hashed history of the device, referred to as a device hastory. Data of a user profile associated with the device that includes a profile root hash of a profile hastory is retrieved. The device root hash and the profile root hash are compared and determined to be identical to verify an identity of a user and/or a device. A transaction record is generated and deposited as a new block in both in the profile hastory and device hastory. A new profile root hash is computed to evolve the identity of the user profile for a prospective authentication request.

Abstract: Disclosed is a method, a device, a system and/or a manufacture of efficient data query and utilization through a semantic storage model. In one embodiment, a method includes generating a unique identifier (UID) to uniquely address a domain within a datastore, defining a content element (NT element) storing a primitive data and/or drawing reference(s) to other domains within the datastore according to a directed acyclic graph architecture, an identity entity element (TY element) of the domain storing data that alone or in combination distinguishes the domain from one or more other domains within the datastore, and a context element (XT element) of the domain that further characterizes the domain and/or draws reference(s) to other domains within the datastore which may violate the directed acyclic graph architecture to define a flexible contextual reference. A key may be generated such that the TY element is individually addressable within the datastore.