Microsoft Technology Licensing, LLC (20240320624). STORAGE AND CONSUMPTION OF SOFTWARE BILL OF MATERIALS ON PUBLIC BLOCKCHAIN simplified abstract
Contents
STORAGE AND CONSUMPTION OF SOFTWARE BILL OF MATERIALS ON PUBLIC BLOCKCHAIN
Organization Name
Microsoft Technology Licensing, LLC
Inventor(s)
Nelson Paily Varghese of Hyderabad (IN)
STORAGE AND CONSUMPTION OF SOFTWARE BILL OF MATERIALS ON PUBLIC BLOCKCHAIN - A simplified explanation of the abstract
This abstract first appeared for US patent application 20240320624 titled 'STORAGE AND CONSUMPTION OF SOFTWARE BILL OF MATERIALS ON PUBLIC BLOCKCHAIN
The patent application describes a secure and distributed system for storing and consuming software bill of materials (SBOM).
- Software publishers can create a software component and generate an SBOM that describes its dependencies.
- A web API securely stores the SBOM on a distributed file system and publishes a hash of the SBOM to a public blockchain.
- When the software component is updated, a new SBOM is generated, and a signed hash of the new SBOM is stored in a new node on the blockchain.
- This preserves the history and auditability of the application's SBOMs.
- Third parties can query the web API to obtain the SBOM while ensuring the integrity and provenance of the information.
- Potential Applications:
The technology can be used in software development, supply chain management, and cybersecurity industries.
- Problems Solved:
The system addresses the need for secure storage and tracking of software components and their dependencies.
- Benefits:
Enhanced security, transparency, and traceability in software development processes.
- Commercial Applications:
The technology can be utilized by software development companies, cybersecurity firms, and organizations managing complex supply chains.
- Prior Art:
Researchers can explore existing systems for storing software metadata and blockchain-based solutions for data integrity.
- Frequently Updated Research:
Stay updated on advancements in blockchain technology, software security, and supply chain management practices.
- Questions about the Technology:
1. How does the system ensure the integrity of the SBOM stored on the blockchain? 2. What are the potential challenges in implementing this technology in large-scale software development projects?
Original Abstract Submitted
disclosed is a secure and distributed system for storing and consuming software bill of materials (sbom). the system allows software publishers to create a software component and generate an sbom that describes its dependencies. a web api then securely stores the sbom on a distributed file system and publishes a hash of the sbom to a public blockchain. when the software component is updated, a new sbom is generated, and a signed hash of the new sbom is stored in a new node on the blockchain. this preserves the history and auditability of the application's sboms. third parties may query the web api to obtain the sbom while ensuring the integrity and provenance of the information.