ATE253745T1 - Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk - Google Patents
Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerkInfo
- Publication number
- ATE253745T1 ATE253745T1 AT02006514T AT02006514T ATE253745T1 AT E253745 T1 ATE253745 T1 AT E253745T1 AT 02006514 T AT02006514 T AT 02006514T AT 02006514 T AT02006514 T AT 02006514T AT E253745 T1 ATE253745 T1 AT E253745T1
- Authority
- AT
- Austria
- Prior art keywords
- data
- user
- card reader
- signature
- data authentication
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3674—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/76—Proxy, i.e. using intermediary entity to perform cryptographic operations
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP02006514A EP1349031B1 (de) | 2002-03-18 | 2002-03-18 | Sichere Benutzer- und Datenauthenifizierung über ein Kommunikationsnetzwerk |
Publications (1)
Publication Number | Publication Date |
---|---|
ATE253745T1 true ATE253745T1 (de) | 2003-11-15 |
Family
ID=27798792
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
AT02006514T ATE253745T1 (de) | 2002-03-18 | 2002-03-18 | Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk |
Country Status (4)
Country | Link |
---|---|
US (1) | US7296149B2 (de) |
EP (1) | EP1349031B1 (de) |
AT (1) | ATE253745T1 (de) |
DE (2) | DE60200081T2 (de) |
Families Citing this family (71)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2809892B1 (fr) * | 2000-05-31 | 2002-09-06 | Gemplus Card Int | Procede de protection contre la modification frauduleuse de donnees envoyees a un support electronique securise |
US7401224B2 (en) | 2002-05-15 | 2008-07-15 | Qualcomm Incorporated | System and method for managing sonic token verifiers |
BRPI0407722B1 (pt) * | 2003-02-21 | 2017-03-14 | Blackberry Ltd | sistema e método de controle de múltiplos níveis de dispositivos eletrônicos |
US20040186855A1 (en) * | 2003-03-20 | 2004-09-23 | Hiroshi Gotoh | Client/server system and method of reproducing information therein |
US8676249B2 (en) * | 2003-05-19 | 2014-03-18 | Tahnk Wireless Co., Llc | Apparatus and method for increased security of wireless transactions |
US7392534B2 (en) * | 2003-09-29 | 2008-06-24 | Gemalto, Inc | System and method for preventing identity theft using a secure computing device |
US7930412B2 (en) * | 2003-09-30 | 2011-04-19 | Bce Inc. | System and method for secure access |
US10109141B2 (en) * | 2003-12-24 | 2018-10-23 | Intel Corporation | Method and apparatus for establishing trust in smart card readers |
US7249283B2 (en) * | 2004-03-22 | 2007-07-24 | Xerox Corporation | Dynamic control system diagnostics for modular architectures |
EP1754158B1 (de) | 2004-04-30 | 2013-11-27 | BlackBerry Limited | Verfahren und vorrichtung zur behandlung von peripheren verbindungen zu mobilen einrichtungen |
DE102004046847A1 (de) * | 2004-09-27 | 2006-04-13 | Giesecke & Devrient Gmbh | System, Verfahren und tragbarer Datenträger zur Erzeugung einer digitalen Signatur |
US7788483B1 (en) * | 2004-10-22 | 2010-08-31 | Winbond Electronics Corporation | Method and apparatus of identifying and enabling of functions of a trusted platform module device |
EP1836792A1 (de) * | 2004-12-30 | 2007-09-26 | BCE Inc. | System und verfahren für sicheren zugang |
US7356539B2 (en) | 2005-04-04 | 2008-04-08 | Research In Motion Limited | Policy proxy |
EP1916632A1 (de) * | 2005-04-04 | 2008-04-30 | Research In Motion Limited | Tragbarer Smart Card-Leser mit sicherer Funkkommunikationsfunktion |
US7562219B2 (en) | 2005-04-04 | 2009-07-14 | Research In Motion Limited | Portable smart card reader having secure wireless communications capability |
US7878395B2 (en) | 2005-09-08 | 2011-02-01 | Research In Motion Limited | Alerting a smart card reader of probable wireless communication |
US20070124589A1 (en) * | 2005-11-30 | 2007-05-31 | Sutton Ronald D | Systems and methods for the protection of non-encrypted biometric data |
FR2895610B1 (fr) * | 2005-12-23 | 2008-02-08 | Thales Sa | Systeme de transactions securisees d'unites de valeur portees par des cartes. |
US7775427B2 (en) * | 2005-12-31 | 2010-08-17 | Broadcom Corporation | System and method for binding a smartcard and a smartcard reader |
DE102006004237A1 (de) * | 2006-01-30 | 2007-08-16 | Siemens Ag | Verfahren und Vorrichtung zur Vereinbarung eines gemeinsamen Schlüssels zwischen einem ersten Kommunikationsgerät und einem zweiten Kommunikationsgerät |
US20070203973A1 (en) * | 2006-02-28 | 2007-08-30 | Microsoft Corporation | Fuzzing Requests And Responses Using A Proxy |
US7613891B2 (en) * | 2006-05-04 | 2009-11-03 | Intel Corporation | Methods and apparatus for providing a read access control system associated with a flash device |
US8495380B2 (en) | 2006-06-06 | 2013-07-23 | Red Hat, Inc. | Methods and systems for server-side key generation |
US20080276309A1 (en) * | 2006-07-06 | 2008-11-06 | Edelman Lance F | System and Method for Securing Software Applications |
US8079068B2 (en) | 2006-07-17 | 2011-12-13 | Research In Motion Limited | Management of multiple connections to a security token access device |
US8341411B2 (en) | 2006-08-16 | 2012-12-25 | Research In Motion Limited | Enabling use of a certificate stored in a smart card |
US20080046739A1 (en) * | 2006-08-16 | 2008-02-21 | Research In Motion Limited | Hash of a Certificate Imported from a Smart Card |
US20090037729A1 (en) * | 2007-08-03 | 2009-02-05 | Lawrence Smith | Authentication factors with public-key infrastructure |
DE102007037715A1 (de) † | 2007-08-09 | 2009-02-19 | Kobil Systems Gmbh | Installationsloser Chipkartenleser für sicheres Online-Banking |
TW200929974A (en) * | 2007-11-19 | 2009-07-01 | Ibm | System and method for performing electronic transactions |
US8839386B2 (en) * | 2007-12-03 | 2014-09-16 | At&T Intellectual Property I, L.P. | Method and apparatus for providing authentication |
US20090177892A1 (en) * | 2008-01-09 | 2009-07-09 | Microsoft Corporation | Proximity authentication |
US9130915B2 (en) * | 2008-05-27 | 2015-09-08 | Open Invention Network, Llc | Preference editor to facilitate privacy controls over user identities |
FR2933560B1 (fr) * | 2008-07-07 | 2012-09-28 | Eci Sarl | Dispositif d'attestation electronique |
US8201224B1 (en) * | 2008-09-30 | 2012-06-12 | Symantec Corporation | Systems and methods for temporarily adjusting control settings on computing devices |
US8965811B2 (en) * | 2008-10-04 | 2015-02-24 | Mastercard International Incorporated | Methods and systems for using physical payment cards in secure E-commerce transactions |
US7896247B2 (en) * | 2008-12-01 | 2011-03-01 | Research In Motion Limited | Secure use of externally stored data |
US8401964B2 (en) * | 2009-04-28 | 2013-03-19 | Mastercard International Incorporated | Apparatus, method, and computer program product for encoding enhanced issuer information in a card |
US8707413B2 (en) * | 2010-01-15 | 2014-04-22 | Bank Of America Corporation | Authenticating a chip card interface device |
WO2011110539A1 (en) * | 2010-03-08 | 2011-09-15 | Gemalto Sa | System and method for using a portable security device to cryptographically sign a document in response to signature requests from a relying party to a digital signature service |
US8819792B2 (en) | 2010-04-29 | 2014-08-26 | Blackberry Limited | Assignment and distribution of access credentials to mobile communication devices |
WO2011141579A2 (en) * | 2010-05-14 | 2011-11-17 | Gemalto Sa | System and method for providing security for cloud computing resources using portable security devices |
TW201206129A (en) * | 2010-07-20 | 2012-02-01 | Gemtek Technology Co Ltd | Virtual private network system and network device thereof |
EP2426652A1 (de) * | 2010-09-06 | 2012-03-07 | Gemalto SA | Vereinfachtes Verfahren zur Personalisierung von Chipkarten, und entsprechende Vorrichtung |
WO2013025938A2 (en) | 2011-08-16 | 2013-02-21 | Sl-X Ip Sarl | Systems and methods for electronically initiating and executing securities lending transactions |
US8706610B2 (en) | 2011-08-16 | 2014-04-22 | Sl-X Technology Uk Ltd. | Systems and methods for electronically initiating and executing securities lending transactions |
US8967477B2 (en) | 2011-11-14 | 2015-03-03 | Vasco Data Security, Inc. | Smart card reader with a secure logging feature |
DE102011122273A1 (de) * | 2011-12-23 | 2013-06-27 | Giesecke & Devrient Gmbh | Vorrichtung und Verfahren zum Erzeugen von digitalen Bildern |
KR101151367B1 (ko) * | 2011-12-26 | 2012-08-07 | 한국전자통신연구원 | 온라인 금융거래 인증 방법 및 그 장치 |
US20130185214A1 (en) * | 2012-01-12 | 2013-07-18 | Firethorn Mobile Inc. | System and Method For Secure Offline Payment Transactions Using A Portable Computing Device |
US9471533B1 (en) * | 2013-03-06 | 2016-10-18 | Amazon Technologies, Inc. | Defenses against use of tainted cache |
US9398066B1 (en) | 2013-03-06 | 2016-07-19 | Amazon Technologies, Inc. | Server defenses against use of tainted cache |
CN103544037B (zh) * | 2013-10-29 | 2016-08-17 | 飞天诚信科技股份有限公司 | 一种支持OpenSC的软硬件驱动的实现方法 |
EP2874421A1 (de) * | 2013-11-13 | 2015-05-20 | Gemalto SA | System und Verfahren zur Sicherung der Kommunikation zwischen einer Kartenleservorrichtung und einem entfernten Server |
KR102144517B1 (ko) * | 2013-12-31 | 2020-08-14 | 원스팬 인터내셔널 게엠베하 | 전자 서명 방법들, 시스템들 및 장치 |
US10277560B2 (en) * | 2014-02-23 | 2019-04-30 | Samsung Electronics Co., Ltd. | Apparatus, method, and system for accessing and managing security libraries |
US10438187B2 (en) * | 2014-05-08 | 2019-10-08 | Square, Inc. | Establishment of a secure session between a card reader and a mobile device |
US8990121B1 (en) | 2014-05-08 | 2015-03-24 | Square, Inc. | Establishment of a secure session between a card reader and a mobile device |
WO2015171939A1 (en) * | 2014-05-08 | 2015-11-12 | Square, Inc. | Establishment of a secure session between a card reader and a mobile device |
GB2528043B (en) * | 2014-07-03 | 2021-06-23 | Vodafone Ip Licensing Ltd | Security authentication |
US9509661B2 (en) * | 2014-10-29 | 2016-11-29 | Aruba Networks, Inc. | Method and apparatus for displaying HTTPS block page without SSL inspection |
CN106447323A (zh) | 2015-08-05 | 2017-02-22 | 阿里巴巴集团控股有限公司 | 业务验证方法及装置 |
US10158490B2 (en) * | 2015-08-17 | 2018-12-18 | The Boeing Company | Double authentication system for electronically signed documents |
US11593780B1 (en) | 2015-12-10 | 2023-02-28 | Block, Inc. | Creation and validation of a secure list of security certificates |
US9940612B1 (en) | 2016-09-30 | 2018-04-10 | Square, Inc. | Fraud detection in portable payment readers |
US10803461B2 (en) | 2016-09-30 | 2020-10-13 | Square, Inc. | Fraud detection in portable payment readers |
US10958640B2 (en) * | 2018-02-08 | 2021-03-23 | Citrix Systems, Inc. | Fast smart card login |
EP3573000A1 (de) * | 2018-05-22 | 2019-11-27 | Mastercard Asia/Pacific Pte. Ltd. | Verfahren und system zur bereitstellung eines dienstes |
US10573163B1 (en) * | 2019-04-25 | 2020-02-25 | Capital One Services, Llc | Real-time ATM alert if user forgets card |
US11528267B2 (en) * | 2019-12-06 | 2022-12-13 | Bank Of America Corporation | System for automated image authentication and external database verification |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5778071A (en) * | 1994-07-12 | 1998-07-07 | Information Resource Engineering, Inc. | Pocket encrypting and authenticating communications device |
JPH1079733A (ja) * | 1996-09-03 | 1998-03-24 | Kokusai Denshin Denwa Co Ltd <Kdd> | Icカードを用いた認証方法及び認証システム |
US6226744B1 (en) * | 1997-10-09 | 2001-05-01 | At&T Corp | Method and apparatus for authenticating users on a network using a smart card |
US6073237A (en) * | 1997-11-06 | 2000-06-06 | Cybercash, Inc. | Tamper resistant method and apparatus |
WO2000026838A1 (en) * | 1998-11-02 | 2000-05-11 | Smartdisk Corporation | Home point of sale (pos) terminal and electronic commerce method |
AU5296200A (en) * | 1999-05-28 | 2000-12-18 | Utm Systems Corporation | Network authentication with smart chip and magnetic stripe |
US20010045451A1 (en) * | 2000-02-28 | 2001-11-29 | Tan Warren Yung-Hang | Method and system for token-based authentication |
US6895502B1 (en) * | 2000-06-08 | 2005-05-17 | Curriculum Corporation | Method and system for securely displaying and confirming request to perform operation on host computer |
WO2002001522A1 (en) * | 2000-06-26 | 2002-01-03 | Covadis S.A. | Computer keyboard unit for carrying out secure transactions in a communications network |
US7093133B2 (en) * | 2001-12-20 | 2006-08-15 | Hewlett-Packard Development Company, L.P. | Group signature generation system using multiple primes |
-
2002
- 2002-03-18 AT AT02006514T patent/ATE253745T1/de not_active IP Right Cessation
- 2002-03-18 DE DE60200081T patent/DE60200081T2/de not_active Expired - Lifetime
- 2002-03-18 EP EP02006514A patent/EP1349031B1/de not_active Expired - Lifetime
- 2002-03-21 DE DE10212620A patent/DE10212620A1/de not_active Withdrawn
- 2002-09-06 US US10/235,936 patent/US7296149B2/en active Active
Also Published As
Publication number | Publication date |
---|---|
DE10212620A1 (de) | 2003-10-09 |
US20030177353A1 (en) | 2003-09-18 |
EP1349031B1 (de) | 2003-11-05 |
DE60200081D1 (de) | 2003-12-11 |
DE60200081T2 (de) | 2004-04-22 |
US7296149B2 (en) | 2007-11-13 |
EP1349031A1 (de) | 2003-10-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
ATE253745T1 (de) | Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk | |
DE60200093D1 (de) | Sichere Benutzerauthenifizierung über ein Kommunikationsnetzwerk | |
CN103415858B (zh) | 移动应用条形码识别方法和系统 | |
KR100548638B1 (ko) | 스마트카드를 이용한 원 타임 패스워드 생성 및 인증방법그리고 이를 위한 스마트카드 | |
MY139673A (en) | Data communication system, agent system server, computer program, and data communication method | |
DE60306648D1 (de) | Vorrichtung und Verfahren zur sicheren Kommunikation basierend auf Chipkarten | |
WO2006069330A3 (en) | Biometric personal data key (pdk) authentication | |
WO2002073877A3 (en) | System and method of user and data verification | |
NO20010427L (no) | Fremgangsmåte for å åpne hele eller deler av et smartkort | |
WO2005086569A3 (en) | System, method and apparatus for electronic authentication | |
EP1376983A3 (de) | Verfahren und System zur Authentifizierung von Kommunikationsendgeräten | |
MXPA05003546A (es) | Modelo modificado para verificacion con tag. | |
DE602005018638D1 (de) | Authentifizierungsverfahren | |
ATE536601T1 (de) | Individuelles zertifikationsverfahren | |
KR20080062445A (ko) | 이동통신 단말기를 이용한 인터넷 사이트에서의 사용자인증 방법 및 장치 | |
JP2006190175A (ja) | Rfid利用型認証制御システム、認証制御方法及び認証制御プログラム | |
KR20070084801A (ko) | 스마트카드를 이용한 원 타임 패스워드 생성 및 인증방법그리고 이를 위한 스마트카드 | |
CN106027243A (zh) | 一种电子凭证生成方法、客户端、云平台、授权端和系统 | |
US8601270B2 (en) | Method for the preparation of a chip card for electronic signature services | |
US20070074040A1 (en) | Online authorization using biometric and digital signature schemes | |
KR20070020772A (ko) | 무선단말기 번호를 이용한 금융거래 처리방법 및 시스템과이를 위한 금융거래 처리장치와, 금융거래 단말장치와,단말 장치와 기록매체 | |
KR100858146B1 (ko) | 이동통신 단말기 및 가입자 식별 모듈을 이용한 개인 인증방법 및 장치 | |
CN110659470B (zh) | 离线物理隔离的认证方法及其认证系统 | |
EP2051469A1 (de) | Delegierung einer Authentifizierung | |
KR20070021580A (ko) | 금융거래 처리방법 및 시스템과 이를 위한 금융거래처리장치와, 금융거래 단말장치와, 단말 장치와 기록매체 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
RER | Ceased as to paragraph 5 lit. 3 law introducing patent treaties |