FR3032652A1 - METHOD FOR EDITING A SECURE DOCUMENT AND VERIFYING THE INTEGRITY AND AUTHENTICITY OF SUCH A DOCUMENT TRANSMITTED TO A THIRD PARTY - Google Patents

Abstract

The present invention provides a method for verifying the integrity of one or more document (s) and the verification of the identity declared by their author (s) via their signature (s), this for one or more recipient (s), and this regardless of the support (s) of origin to the writing of (s) document (s) (digital (s) or physical (s)) and the support (s) (s) final reading allowing this verification. The method enables these verifications that the document (s) are transmitted by hand (s) own (s) or remotely by any electronic means and that the signature (s) of the author (s) handwritten (s) or electronic (s).

Description

Field of the Invention The present invention relates to the general technical field of editing and using secure documents such as a handwritten or electronic signature. The invention relates to a method for verifying the integrity and authenticity of one or more document (s), for one or more persons (recipient (s) of this or these documents), and this independently of the original medium (s) at the writing of the document (s) (digital or physical) and the final reading medium (s) allowing this verification. The invention also relates to a method allowing the addition of information related to the signed document (s) allowing the exchange of information between recipients about this or these documents. The present invention relates more particularly to the editing and operation of a medical prescription. In order to better understand the invention, the following definitions of words and expressions are used which are used hereinafter. For example: Certificate: a digital identity card that identifies a moral or physical entity and also serves to encrypt digital data interchanges. The latter gathers identification information (name, first name, function, etc.), at least one encryption key, and at least one signature issued by a certification authority. CPS Card: or Professional Health Card. Electronic identification card of a health professional: identity, profession, specialty and exercise situation (firm or establishment). CodeID: abbreviation of Code Identifier, represents a unique identification code specific to a document used in the process. Codified: strictly associated with a CodeID. Encryption: A method that aims to make a document unreadable by an unauthorized person. Asymmetric encryption: encryption method based on the use of a public key, broadcast, and a private key, kept secret, one to encrypt a document, the other to decrypt. Thus, the sender can use the public key of the recipient to encrypt a message that only the recipient (in 3032652 2 possession of the private key) can decrypt, ensuring the confidentiality of the content. Conversely, the sender can use his own private key to encrypt a message that the recipient can decode with the public key; it is the mechanism used by the digital signature to authenticate the author of a message. In this case, the key used to encrypt the data (private key) is unique and associated with the author. This public key is associated with public keys (distributed to readers) used to decrypt the data. This association allows the strict identification of the author of the document. D1VIP: Personal Medical File (described by the French law n ° 2004-810 10 of August 13th, 2004) computerized, available on Internet on which are stored various medical documents allowing the follow-up of the complete file of a patient. Document: refers to a set formed by a medium and information, which is persistently recorded.

15 Digital document: document in digital format, the data of which are directly usable by a computer system. Physical document: A document in physical format (eg paper) whose data are not directly usable by a computer system. Sheet: physical writing surface that can be for example a sheet of paper. Raster Sheet: a physical writing surface on which a position code has been established or printed preferably based on a flat physical medium called a writing tablet. Hash function: A function that transforms a document into a digest of the latter called a "fingerprint". This footprint is unique to a single, non-condensed document. Image format: computer term designating a format of digital images (jpeg, tiff, bmp, png, pdf ...) Materialization: in the present, this term is used to denote the fact of transcribing digital information on a physical medium ( print a document for example).

1VIetadata: is a data used to define or describe another data whatever its support (paper or electronic). In this case, metadata are digital data associated with a digital document within a database.

3032652 3 Printing model: pre-established standard format that can be parameterized, structuring the layout of the data when printing a document. Graphic pattern: representation in the form of a pattern (bar code, QR code 5 ...) readable by an optical reader (barcode reader, smartphone, etc ...). Scanning: converting information from a medium (text, image, etc.) that computing devices can process (eg scan a document). Trusted platform: computer storage place that respects all the technical, normative and legislative characteristics in order to guarantee the authenticity, the integrity and the confidentiality of the digital documents registered there. Querying: Queries (search, retrieval, sorting, and formatting) to databases or information systems.

15 Digital pen: consists of the physical combination of an electronic device (camera, light source, CCD sensor, microprocessor, memory, data transmission system, etc ...) and a pen. The electronic device makes it possible to read, know and record the coordinates (x, y) of all the points which make up the traces made by the pen by interpreting the pre-established or printed frame on the sheet. The data recorded by the pen can be transmitted in continuous flow to the processing unit or when it is put back into its storage and unloading holder type data "USB ink", or by any other means of unloading its internal memory.

25 Medical teleconsultation: medical consultation given by a doctor to a distant patient. Telemedicine: doctor giving teleconsultations. Frame: a position code used to represent the coordinates (x, y) of all the points constituting a surface.

State of the art It is known, when a person wishes to officially indicate that he is in agreement with the content of a document and / or that he is the author, that he affix his signature on the latter. .

35 Depending on the physical or digital nature of the document to be signed, the person will sign his signature, which will be handwritten or electronic, respectively.

3032652 4 Both types of signature have legal value in the majority of countries, that is, they are enforceable before a court. The process of affixing a signature to a document differs according to whether the latter is handwritten or electronic. A description of these two methods is provided below. Thus, in the context of the affixing of a handwritten signature, the signatory person traces on the document concerned a visual mark of his own with a pen held in his hand. If the document is several pages long, he can sign each page or sign 10. Depending on the context, the content and purpose of the document to be signed, additional security elements to better verify later the integrity and authenticity of the document can be implemented as for example: - Write by hand on the document at the same time as the signature, the date and the number of original copies of the document which have been or will be signed in a handwritten manner. - Date and sign next to each correction, addition or deletion of all or part of the initial content. - Establish the handwritten document on secure paper 20 (paper example with particular physical characteristics (grammage, material, hologram, watermark, etc ...) For example, secure prescriptions that only doctors can to obtain). In the context of affixing an electronic signature, the electronic signature is the equivalent in the digital world of the handwritten signature. It meets data security requirements transferred between two entities and ensures the integrity of an electronic document as well as authenticate the author. This method uses two basic functions which are hashing and asymmetric encryption. The hash function is a function that transforms a document into a single condensed document called a "fingerprint". An impression is unique to one and only one non-condensed document, allowing the identification of this document. Asymmetric encryption is a data encryption that uses a key system to encode and decode the information. Asymmetric encryption uses two distinct keys: a so-called private, and the so-called public.

The methods known and described above are not devoid of drawbacks. Indeed, the two methods described above pose problems when verifying the integrity and authenticity of a message or a document in particular when the sender and the receiver are at a distance and do not know each other. . A first disadvantage lies in the difficulty of verifying integrity and authenticity by the recipient of a physical document on which a handwritten signature has been affixed.

By way of example, a doctor writes a handwritten prescription signed by his hand on a secure paper which he gives to the patient during a consultation. Then, the patient goes to get his prescription from a pharmacy by giving the pharmacist the original medical prescription. In the case of the establishment of one or more documents signed on a physical medium, usually paper, the verification of the document by the person receiving it is done in a visual manner, knowing that it is generally not aware of graphic characteristics of the signature that the author has chosen. This signature has a legal value when there is no evidence that it was not infringed by a third party. Similarly, there is no guarantee that the document has not been changed between the time the sign is signed and when the recipient verifies its integrity. Another disadvantage is a difficulty in verifying, by the addressee, the integrity and authenticity of an electronically signed document or in a handwritten manner when the circumstances of transmission of this document between the sender and the recipient to proceed either to its materialization on a physical support, or to its digitization. This is for example the sending by fax of a medical prescription made on paper by the doctor from his office to the pharmacist located in his dispensary. It may be for example the sending by post to the pharmacist located in his dispensary of a medical prescription having been previously established numerically, signed electronically and printed by the doctor 35 from his computer to his office. The change in the nature of the document, when it passes from a physical medium to a digital image, makes it lose its legal value because the signature 3032652 6 of the author is also scanned in the same way as the content it accompanied. At this stage, there are no more visual elements allowing the recipient to find that the signature was not added retrospectively by a third party who was not the author of the document.

5 Similarly, when an electronically signed digital document is printed and delivered to the recipient, the latter loses the ability to control its integrity and authenticity. Another disadvantage is a difficulty in verifying, by the recipient, the integrity and authenticity of an electronically signed document or handwritten document when the recipient is not predetermined. For example, as part of a teleconsultation, the telemedicine sends by email to his remote patient a medical prescription having been previously established numerically, electronically signed and recorded on a trusted platform. The patient prints the medical prescription on a physical medium and the door to a pharmacist (the recipient) of his choice, unknown to the telemedicine. In this context, for the recipient of the physical document, the problem relates to his lack of knowledge of the trust platform used to store the digital document signed electronically and relates to the difficulty of finding this digital document within this platform. form of trust. The consequence of these two difficulties is that the recipient can not use the trusted platform to view the digital document and compare it with the physical document transmitted to it by the wearer to verify its integrity and authenticity. Finally, beyond the subject of the verification, another disadvantage may be identified, especially when the recipient can verify the integrity and authenticity of a document delivered by a third party but the recipient does not know if this third party has not used / exploited / obtained rights in this document from another recipient. For example, a patient will withdraw drugs from a pharmacist through a medical prescription and authenticated, then, will withdraw from another pharmacist these same drugs through the same prescription.

SUMMARY OF THE INVENTION The object of the present invention is to overcome the aforementioned drawbacks and to propose a new document editing method, which are generated and used by different people and whose integrity and authenticity can be verified during the various phases of use or exploitation of said documents. Another object of the present invention is to overcome the aforementioned drawbacks and to provide a simple and reliable system for generating documents whose integrity and authenticity are assured.

The objects assigned to the invention are achieved by means of a method for editing a secure document exploitable by at least one recipient and to verify by said recipient the integrity and authenticity of said secure document, characterized in that what it consists of: a) using an initial support for writing a physical or digital document and converting if necessary the source data contained in this document to obtain digital source data, such as text, structured data () <ML JSON, etc ...), an image or a file in PDF format, - b) if necessary convert digital source data to image format (jpg, 20 tiff, bmp, png, pdf, ...) - c) generating a unique codeID - d) converting the ID code into a graphic pattern - e) aggregating the digital source data in image format and the ID code to the graphic pattern obtained under b) and d) to obtain a coded digital document, - f) materialize the document coded numeric result obtained under e) to create a coded physical document, - g) enter the metadata associated with the coded digital document obtained under e) with the codeID obtained under c) 30 - h) apply an electronic signature to the combination of elements obtained under g) to obtain a coded, encrypted, and electronically signed digital document, - i) store the result obtained under h) in a trusted platform, - j) from the codified physical document obtained under f), submit a request based on the codeID to the trusted platform, in order to search on the latter for the coded digital document obtained under h) - k) if the codeID exists, to decrypt the codified and encrypted digital document, and 3032652 8 - 1 ) compare the coded digital document decrypted under (k) with the physical coded document. According to an exemplary implementation, the method according to the invention consists in adding under e) to the aggregation the ID code in the form of digits in order to obtain under e) a coded digital document on which the codeID appears under form of numbers and graphic pattern. According to an exemplary implementation, the method according to the invention consists of using under a) a sheet of free paper as initial support, and under b) to digitize the physical document thus obtained and to deliver the physical document 10 written to a user. According to an exemplary implementation, the method according to the invention consists in handwriting the physical document before delivery. According to an exemplary implementation, the method according to the invention consists of using under a) a screened sheet, to use a digital pen to write the physical document, to proceed with the acquisition of the traces to generate a digital document . According to an exemplary implementation, the method according to the invention consists of using under a) a halftone sheet bearing the codeID, to use a digital pen to write the codified physical document and to proceed to the acquisition of the traces for generate a coded digital document. According to an exemplary implementation, the method according to the invention consists in affixing a handwritten signature on the physical document coded with the digital pen. According to an exemplary implementation, the method according to the invention consists in: - generating a frame, - using the coded digital document to generate a print template, - printing the coded and rasterized digital document, 30 - signing handwritten the document coded and woven with the digital pen, and - perform the acquisition of the lines and integrate the handwritten signature coded and rasterized digital document to obtain a digital document codified, raster and bearing the trace of the handwritten signature.

According to an exemplary implementation, the method according to the invention consists of delivering the coded physical document to a user.

According to an exemplary implementation of the method according to the invention, the acquisition is carried out by: - connecting the digital pen to a USB base, - transmitting the data contained in the digital pen, 5 - identifying the digital pen used to acquire the traces, - identifier of the physical document traveled by the digital pen, and by - processing the harvested data to digitally render the traces in graphic form. According to an exemplary implementation, the method according to the invention 10 is to transmit to a user the digital document codified by any electronic means. According to an exemplary implementation of the method according to the invention, the codified physical document and the coded digital document constitute a medical prescription comprising prescription care and / or drug.

According to an exemplary implementation, the method according to the invention consists in adding additional information related to the secure document, by at least one recipient allowing the exchange of additional information with other recipients of this secure document.

For example, the addition made by a pharmacist, is to specify the actual delivery of drugs to inform his peers on the latter, in the case where the source data is a medical prescription drug prescription. The objects assigned to the invention are thus also achieved by means of a medical prescription directly obtained by the aforementioned method. The method according to the invention has the advantage of allowing verification by at least a third party recipient of the authenticity and integrity of a document delivered to a user, independently of the initial support 30 used for the drafting a physical or digital document and the nature of the final reading document allowing said verification. Another advantage of the method according to the invention lies in the fact that information related to the signed document can be added to the document to allow an exchange of information between different recipients of said document.

Another advantage of the process according to the invention lies in the fact of being able to edit a remote medical prescription, for example during a medical teleconsultation, and in a secure manner. Another advantage of the method according to the invention is to allow a security of the handwritten signature, by combining the latter with an electronic signature. The recipient can then ensure not only that the handwritten signature is the right one, but also that it has been affixed by the right person and that the content it certifies has not been modified.

BRIEF DESCRIPTION OF THE DRAWINGS Other features and advantages of the present invention will appear more clearly on reading the following description, made with reference to the accompanying drawings, given by way of non-limiting examples, in which: FIG. 1 , illustrates an example of implementation of known encryption and decryption phases, in the context of asymmetric encryption, FIG. 2 illustrates an example of implementation of a known apposition of an electronic signature on a digital document, Figure 3 illustrates an example of verification by a recipient of the integrity of a transmitted digital document and the identity of its signatory, by verification of the electronic signature of said document. FIG. 4 schematically illustrates a first application of the method according to the invention, in the context of a traditional medical consultation, FIG. 5 diagrammatically illustrates a second application of the method according to the invention, within the framework of a teleconsultation, Figure 6, schematically illustrates a first example of implementation of the method according to the invention, when the base document is a digital document, Figure 7 schematically illustrates a second example of implementation of the method according to the invention, when the basic document is written using a digital pen, on a pre-modified paper sheet, FIG. 8 schematically illustrates a variant according to the invention of the example of setting Fig. 7, when the basic document is written using a digital pen on a non-coded screen paper sheet, Fig. 9, illustrates schematic A third example of implementation of the method according to the invention, when the basic document is written on a traditional physical medium, such as a sheet of free paper, Figure 10, schematically illustrates an example of a phase of 5 verification of the integrity and authenticity of a codified physical document, used in the context of the implementation of the method according to the invention, FIG. 11 schematically illustrates a phase of printing the handwritten signature on a digital document in the context of the implementation of the method according to the invention, FIG. 12 schematically illustrates a recording phase of a digital document in a platform of confidence in the context of the implementation of the method according to the invention, and FIG. 13 schematically illustrates a phase of acquisition of traces from a screen paper in the context of the implementation of the method 15 according to the invention. Embodiments and Embodiments of the Invention To better understand the invention, it is useful to detail some general principles.

As illustrated for example in Figure 1, there are two distinct phases in known asymmetric encryption, namely, Coding and Decoding. It starts from a document called "clear" (Clear document) that is readable by all and becomes unintelligible after encryption (Encrypted Document). Once this document has arrived at its destination, it is decoded in order to return to the clear information (Clear document).

Each of these steps requires a different key (in this case: Private Key for Encoding and Public Key for Decoding) without which they can not take place. The key system operates in pairs, a private key is associated with a public key only, that is to say that there is only one public key 30 associated with a particular private key and vice versa. there is only one and only one private key associated with a particular public key. It follows that encrypted information with a certain key will require the possession of the corresponding public key. The private key is used only by the user who codes the document and must be known only to him / herself. On the contrary, the associated public key must be distributed to all persons who may be useful in order to create a secure document communication flow.

The illustration of FIG. 2 makes it possible to explain the method of affixing an electronic signature to a digital document. Once the Document is electronically signed, it undergoes the passage in a hash function to give the footprint of the document. This fingerprint is transformed by private key encryption (or asymmetric encryption). The result of this encryption gives the Signature of the Document. Once these steps are done, the signature is associated with the document to give an electronically signed document. Then, when the electronically signed document is transmitted, the illustration of Fig. 3 explains how the recipient can verify the integrity of the message and the identity of its signer. In the event that the recipient already has in his possession the public key and knows the hash function used, said recipient may, upon receipt of the signed document (Document + Signature), implement the verification by a comparison process. The method requires obtaining the fingerprint of the document received, by the hash function, and comparing it with the result of decryption, using the public key, the signature associated with the received document, which gives the the original footprint of the document.

If the two prints are identical: the document is intact. Otherwise, that is, if the signature and document do not match, the document is not the one signed or it has been changed between writing and reading. If the decryption of the signature is not possible, it is because the association of the private and public keys is not good, casting doubt on the identity of the signatory. Otherwise, the signatory is identified as the one declared at the writing of the document. To understand the invention, two examples of implementation of the method are detailed below. It is a question of implementing the method according to the invention as part of a "standard" medical consultation and then in the context of a teleconsultation. Thus, in the general case of an example of "standard" medical consultation, without the implementation of the invention, the following steps are recognized: 1 °) A patient goes to the office of his attending physician, 35 2 ° ) At the end of the consultation, the doctor makes the decision to prescribe to his patient drugs classified as narcotics, 3032652 13 3 °) According to the law, the doctor writes the prescription on secure paper (paper respecting the characteristics techniques imposed by legislation, for example: natural white watermark without optical brightener, identification number of the apparent lot, etc.), 4 °) The doctor affixes his handwritten signature on the prescription. 5 °) The patient can then recover, thanks to this order, the prescribed drugs. The method according to the invention can advantageously be used in the case, for example, of the transmission of a medical prescription drawn up by a doctor to his patient. The method works in the following two situations, namely: - During a direct medical consultation when the doctor and his patient are in the opposite position, or - During a medical teleconsultation when the doctor and his patient are 15 at a distance from each other. After consulting a patient, a doctor issues a prescription by one of the following means: business software: the prescription is then a digital document; classic prescription: the prescription is then a physical document; pre-established screen scheduler: the prescription is then a physical screened document. The method according to the invention thus makes it possible to verify the integrity of the document and the authenticity of the signature affixed by its author in order to avoid an error or a falsification. With the aid of FIG. 4, the case of a traditional medical consultation is schematized. The patient is examined by a doctor in a doctor's office or any health center. At the end of the consultation, the physician gives the patient a signed paper order and also files an electronic copy on a patient's DMP. The DMP is of course unique for each patient. With the aid of FIG. 5, the case of a patient who is in teleconsultation with a doctor is schematized, that is to say he is being examined remotely. At the end of the consultation, the doctor gives the signed prescription to his patient by any means and places a digital copy in his DMP. In both cases, when the patient goes to the pharmacist with his prescription, the professional can connect to the patient's DMP to compare the two documents and detect any error or falsification of the original document. There are currently three types of basic documents, namely: 3032652 14 - physical documents, - digital documents, and - pre-established physical documents. The pre-established physical documents correspond to documents prepared in advance according to their content. They are characterized by different peculiarities. They will or will not have a CodeID in advance and they will be prepared for easy digitization (for example: instead of a simple visual copy, they will be able to digitize data in an intelligible way, relying on the technology of paper raster and digital pen).

The method according to the invention implements an identification step. This step comes at the beginning of the verification of the integrity of the information. Now that the document (s) have been signed, saved on a trusted platform, issued by the signatory, and then finally received by the recipient, he may decide to check if the document has not been modified. or falsified. The user therefore has the document (s) in his possession, as well as access to the trusted platform, and the public key corresponding to the signatory. At this stage, it is necessary for him to find the document (s) on the database, he has at his disposal two solutions.

The basic solution that is proposed is a simple search in the database, the user has two possibilities: either he knows the location of the files on the sharing space, in which case he performs a search in the tree of the platform -form; or it is able to find the file or files from key elements inherent to this or these document (s).

A solution provided by this method is to use the CodeID (s) in order to directly find this document (s), indeed it will be sufficient to enter the code (s) in a small integrated search tool so that each document is directly open to the user. This functionality will then simplify and make faster search for this or these document (s).

The method according to the invention implements a verification step. This step will be quite simple. This requires that the process compares the document on the platform with the signature also from the trusted platform, in accordance with the verification process of the electronic signature. This first step will verify in the first place 35 that the document has been issued by the alleged signer through the public key that is in the possession of the user.

The system according to the invention, making it possible to implement the method according to the invention, provides for feeding of three types of documents, namely documents of a digital nature (structured data file, image, etc ...), pre-established physical documents (screened sheet with 5 content areas) and documents on conventional physical media (such as a sheet of free paper). We will detail here the mode of operation of the invention specific to each type of document base. In this first method illustrated in FIG. 6, the source data, ie the content of the document to be signed, may come from any software or hardware capable of making them available in the form of digital data, such as text , structured data (XML, JSON, etc ...), an image or a file in PDF format. If necessary, the method provides for conversion of this data into one of the format types usable by the invention, for example, an image format. Therefore, the program automatically integrates this data to feed the content area provided by the print template of the final document. In parallel with this process, the invention generates a unique identifier (CodeID), automatically integrated into the print model. This identifier 20 will appear systematically on the final document in the form of a sequence of clear digital characters allowing the reading and the direct use of this code by the final recipient of the document, as well as in the form of a code. one-dimensional bars readable by means of an electronic sensor (barcode reader) and / or in the form of a two-dimensional barcode (QR code or other) readable by means of photo-taking technologies. At this stage of the process, there is a coded digital document integrating the source data, ready to be transmitted to the patient by any electronic means and to be submitted for hosting to the trusted platform.

The next step is optional insofar as the electronic signature affixed to the document at the end of the process is legally valid and can therefore be substituted for the handwritten signature. However, we may want the handwritten signature to appear on the documents generated by the process. Thus, in the case of direct consultation, it may be desired that at the end of the appointment the patient has in his possession a document presenting the original handwritten signature of the health professional. If this is the case, the method provides the mechanism for acquiring the traces of the handwritten signature illustrated in FIG. 11. At the input of this mechanism: the coded digital document generated by the preceding step. Also, a print template consisting of a frame and providing at least a hosting area of the coded digital document in image format, and a free outline area for collecting the handwritten signature of the health professional. All of these elements are superimposed and can then be printed on a sheet of paper. Once printed, it remains only to affix the handwritten signature 10 with the digital pen in the area provided for this purpose, to acquire the lines of the pen on said sheet. All the coordinates of the points of the different plots made on the sheet are recorded in the memory of the pen which will be able to return them to the software system in order to create a digital copy of these plots. The sheet of paper used for the acquisition of these plots thus presents the contents of the coded digital document (including the graphic representation of the CodeID), as well as the handwritten signature of the health professional. This sheet can be given to the patient while the health professional has a digital copy identical to this sheet (digitized digital document with digital signature), it will only have to submit for 20 accommodation to the trusted platform, submission involving a de facto digital signature. Similarly, in the context of a teleconsultation, for example, the digital document obtained at the end of the first step may have been sent to the patient, thus presenting no form of the handwritten signature.

However, it is considered that it is necessary for said signature to appear on the digital copy hosted at the end of the process on the trusted platform. The process is then exactly the same as that described previously. A frame is generated which will be printed on a sheet of paper with the coded digital document in image format and a plot area suitable for collecting the handwritten signature of the health professional. After unloading the memory of the digital pen, the doctor has a new digital document which this time shows the restitution of the traces of his handwritten signature. All that remains is to submit it to the trusted platform, submission involving a de facto digital signature.

The recording of the final document (including the source data, the CodeID and possibly a digital graphic rendering of the handwritten signature) in the trusted platform uses the mechanism shown in Figure 12.

The method generates a description file in which the information necessary for the storage and, subsequently, the querying of the document, the metadata. This metadata may vary depending on the trusted platform used. In the case which interests us more particularly, the chosen platform of confidence is the DMP. The metadata that can or should be indicated is the title, the date, a comment about the document, the information about the sender (directly read from the doctor's CPS card, such as his signature certificate), the category of the document for classification (in our example, a prescription). CodeID will be written in one of these fields (most often in the comment field) so that it can be found quickly at the time of the query. The digital document to be hosted is encapsulated in this description file and the whole is digitally signed, using the doctor's signature certificate, according to the digital signature method, illustrated for example in FIG. 2. The document is then stored on the Trusted platform, digitally signed and available for consultation within the platform and / or available for download. In this second method according to the invention, illustrated in FIG. 7, the basic document is a pre-codified halftone paper sheet constituted at least by a screened cell intended to collect the traces of a handwritten signature and a content area. It is in this area of content that the health professional will write handwritten data (in our example a prescription).

This sheet will have been previously codified using an integrated application in charge of generating a CodeID and printing it on the sheet in the form of a series of numeric characters and 'a barcode. Upstream coding makes it possible to prepare in advance as many screened sheets as desired in order to constitute a scheduler. Depending on whether or not the original handwritten signature appears on the paper document, the document will be delivered to the patient by any means, or by any non-electronic means. In the case where the screen paper sheet has not been pre-codified, illustrated for example in FIG. 8, the method provides an on-the-fly coding mechanism. Once the document is written, the health professional discharges the memory of the digital pen to allow the application to acquire and reproduce the traces made on the sheet of raster paper. These traces are recorded in a graphical format compatible with the application so that this newly generated digital document can serve as source data for the process illustrated in FIG. 6, which is then reproduced as described above. The third method, illustrated for example in Figure 9, manages cases where the document is written on free paper, constituting a physical document.

Once the document has been prepared (and possibly signed in a handwritten manner), it must be converted into a digital file. It is therefore up to the user to digitize his document, using a scanner for example, then, through the interface of a software program, to indicate the location on the machine of the scanning file. If necessary, the method provides for conversion of these data into one of the compatible format types. The free sheet of paper on which the handwritten data appear can then be delivered to the patient. Once the scanning is done, the resulting file can be used as source data for the process illustrated in Figure 6, which is then reproduced as previously described.

Let us take a very concrete case to explain this process according to the invention. A patient goes to the pharmacy with the physical document that has been sent to him. It may be a document printed by a third party following a teleconsultation such as a document printed by the doctor himself during a direct consultation or a physical document (conventional order). The pharmacist will be able to use the CodeID present on said document to find its digital copy hosted on the platform of trust. To do this, he can enter this code in an interface integrated in the process or, if he has the necessary devices, scan the barcode 35 also present on the document. The application then creates a request based on the CodeID that it submits to the trusted platform. Therefore, either the platform finds no document associated with the CodeID request, in which case it is impossible to verify the authenticity of the document provided by the patient (unless there is a handwritten signature), ie the CodeID does exist and the mechanisms of the platform will decrypt the recording, restoring a document in clear so that it is possible to ensure on the one hand the integrity of the physical document from the request, its authenticity is no doubt since the document will have been signed electronically and secondly that the issuer has been formally authenticated on the platform of trust. Figure 10 schematically illustrates an example of a verification phase used in the implementation of the method according to the invention. This phase is implemented by steps j), k) and 1) of the process according to the invention. Figure 11 schematically illustrates a print phase of the handwritten signature on a digital document as part of the implementation of the method according to the invention. Thus, this phase of the method according to the invention consists of generating a frame and using the coded digital document to generate a print template. The coded and rasterized digital document is then printed. The coded and rasterized document is then signed in a handwritten form and the traces are acquired and the handwritten signature is integrated into the coded and rasterized digital document in order to obtain a coded digital document, with a raster and bearing the trace. of the handwritten signature. FIG. 13 schematically illustrates a phase of acquisition of traces from a screen paper in the context of the implementation of the method according to the invention. This acquisition is done by connecting the digital pen to a USB base. The data contained in the digital pen is then transmitted to a system automaton, such as a PC, and the digital pen used to acquire the traces is identified. The physical document traveled by the digital pen is also identified and the collected data is processed to digitally render the traces in graphical form. It is obvious that the present description is not limited to the examples explicitly described, but also includes other embodiments and / or implementation. Thus, a described technical feature may be replaced by an equivalent technical characteristic without departing from the scope of the present invention and a described step of implementing the method may be replaced by an equivalent step without departing from the scope of the invention.

Claims (15)

REVENDICATIONS1. A method for editing a secure document exploitable by at least one recipient and for verifying by said recipient the integrity and authenticity of said secure document, characterized in that it consists in: a) using an initial support for writing a physical document or and if necessary convert the source data contained in this document to obtain digital source data, such as text, structured data, an image or a file in PDF format, b) convert digital source data to image format if necessary , c) generating a unique codeID, d) converting the ID code into a graphic pattern, - e) aggregating the digital source data in image format and the ID code to the graphic pattern obtained under b) and d) to obtain a coded digital document, f) materialize the coded digital document obtained under e) to create a coded physical document, g) fill in the metadata associated with the digital document e coded obtained under e) with the codeID obtained under c), h) apply an electronic signature to the combination of elements obtained under g) to obtain a coded digital document, encrypted, and electronically signed, i) store the result obtained under (h) in a trusted platform, (j) from the codified physical document obtained under (f), submit a request based on the codelD to the trusted platform, in order to search on the latter for the codified digital document obtained under h), k) if the codeID exists, decrypt the coded and encrypted digital document, and 1) compare the coded digital document decrypted under k) with the codified physical document. 2. Method according to claim 1, characterized in that it consists in adding under e) to the aggregation the ID code in the form of digits in order to obtain under e) a coded digital document on which the codeID appears in the form of numbers and graphic pattern. 3. Method according to claim 1, characterized in that it consists in using under a) a sheet of free paper as initial support, and under b) to 3032652 21 scan the physical document thus obtained and to deliver the physical document written to a user. 4. Method according to claim 3, characterized in that it consists in handwriting the physical document before handing it over. 5. Method according to claim 1, characterized in that it consists in using under a) a halftone sheet, to use a digital pen to write the physical document, to acquire the traces to generate a codified digital document . 6. Method according to claim 1, characterized in that it consists in using under a) a halftone sheet bearing an ID code, to use a digital pen to write the codified physical document and to proceed with the acquisition of the traces 15 and codeID to generate a coded digital document. 7. The method of claim 5 or 6, characterized in that it consists in affixing a handwritten signature on the physical document codified with the digital pen. 20 8. A method according to claim 5 or 6, characterized in that it consists in: generating a frame, using the coded digital document to generate a print template, printing the coded and screened digital document, handwriting the document coded document and rasterized with the digital pen, and perform the acquisition of the traces and integrate the handwritten signature coded digital document and raster to obtain a digital document 30 coded, raster and bearing the trace of the handwritten signature. 9. Method according to any one of claims 1 to 8, characterized in that it consists in delivering the physical document codified to a user. 35 10. Method according to any one of claims 5 to 8, characterized in that the acquisition is performed by: 3032652 22 connecting the digital pen to a USB base, transmit the data contained in the digital pen, identify the digital pen having used to acquire the traces, to identify the physical document traveled by the digital pen, and to process the collected data to digitally render the traces in graphic form. 11. Method according to any one of claims 1 to 10 characterized in that it consists in transmitting to a user the digital document codified by any electronic means. 12. Method according to any one of claims 1 to 11, characterized in that it consists in adding additional information related to the secure document, by at least one of the recipients 15 for the exchange of additional information with other recipients of this secure document. 13. The method of claim 12, characterized in that the addition made by a pharmacist, is to specify the actual delivery of drugs to inform his peers on the latter, in the case where the source data is a medical prescription of prescription medication. 14. Method according to any one of claims 1 to 13, characterized in that the physical document and the digital document constitute a medical prescription comprising prescription care and / or drug. 15. A medical prescription constituting a codified physical document and a coded digital document, which are obtained and verified by the method according to any one of claims 1 to 14.