ATE253745T1 - Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk - Google Patents

Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk

Info

Publication number
ATE253745T1
ATE253745T1 AT02006514T AT02006514T ATE253745T1 AT E253745 T1 ATE253745 T1 AT E253745T1 AT 02006514 T AT02006514 T AT 02006514T AT 02006514 T AT02006514 T AT 02006514T AT E253745 T1 ATE253745 T1 AT E253745T1
Authority
AT
Austria
Prior art keywords
data
user
card reader
signature
data authentication
Prior art date
Application number
AT02006514T
Other languages
English (en)
Inventor
Alain P Dr Hiltgen
Original Assignee
Ubs Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ubs Ag filed Critical Ubs Ag
Application granted granted Critical
Publication of ATE253745T1 publication Critical patent/ATE253745T1/de

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0841Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
    • H04L9/0844Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/76Proxy, i.e. using intermediary entity to perform cryptographic operations
AT02006514T 2002-03-18 2002-03-18 Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk ATE253745T1 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP02006514A EP1349031B1 (de) 2002-03-18 2002-03-18 Sichere Benutzer- und Datenauthenifizierung über ein Kommunikationsnetzwerk

Publications (1)

Publication Number Publication Date
ATE253745T1 true ATE253745T1 (de) 2003-11-15

Family

ID=27798792

Family Applications (1)

Application Number Title Priority Date Filing Date
AT02006514T ATE253745T1 (de) 2002-03-18 2002-03-18 Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk

Country Status (4)

Country Link
US (1) US7296149B2 (de)
EP (1) EP1349031B1 (de)
AT (1) ATE253745T1 (de)
DE (2) DE60200081T2 (de)

Families Citing this family (71)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2809892B1 (fr) * 2000-05-31 2002-09-06 Gemplus Card Int Procede de protection contre la modification frauduleuse de donnees envoyees a un support electronique securise
US7401224B2 (en) 2002-05-15 2008-07-15 Qualcomm Incorporated System and method for managing sonic token verifiers
BRPI0407722B1 (pt) * 2003-02-21 2017-03-14 Blackberry Ltd sistema e método de controle de múltiplos níveis de dispositivos eletrônicos
US20040186855A1 (en) * 2003-03-20 2004-09-23 Hiroshi Gotoh Client/server system and method of reproducing information therein
US8676249B2 (en) * 2003-05-19 2014-03-18 Tahnk Wireless Co., Llc Apparatus and method for increased security of wireless transactions
US7392534B2 (en) * 2003-09-29 2008-06-24 Gemalto, Inc System and method for preventing identity theft using a secure computing device
US7930412B2 (en) * 2003-09-30 2011-04-19 Bce Inc. System and method for secure access
US10109141B2 (en) * 2003-12-24 2018-10-23 Intel Corporation Method and apparatus for establishing trust in smart card readers
US7249283B2 (en) * 2004-03-22 2007-07-24 Xerox Corporation Dynamic control system diagnostics for modular architectures
EP1754158B1 (de) 2004-04-30 2013-11-27 BlackBerry Limited Verfahren und vorrichtung zur behandlung von peripheren verbindungen zu mobilen einrichtungen
DE102004046847A1 (de) * 2004-09-27 2006-04-13 Giesecke & Devrient Gmbh System, Verfahren und tragbarer Datenträger zur Erzeugung einer digitalen Signatur
US7788483B1 (en) * 2004-10-22 2010-08-31 Winbond Electronics Corporation Method and apparatus of identifying and enabling of functions of a trusted platform module device
EP1836792A1 (de) * 2004-12-30 2007-09-26 BCE Inc. System und verfahren für sicheren zugang
US7356539B2 (en) 2005-04-04 2008-04-08 Research In Motion Limited Policy proxy
EP1916632A1 (de) * 2005-04-04 2008-04-30 Research In Motion Limited Tragbarer Smart Card-Leser mit sicherer Funkkommunikationsfunktion
US7562219B2 (en) 2005-04-04 2009-07-14 Research In Motion Limited Portable smart card reader having secure wireless communications capability
US7878395B2 (en) 2005-09-08 2011-02-01 Research In Motion Limited Alerting a smart card reader of probable wireless communication
US20070124589A1 (en) * 2005-11-30 2007-05-31 Sutton Ronald D Systems and methods for the protection of non-encrypted biometric data
FR2895610B1 (fr) * 2005-12-23 2008-02-08 Thales Sa Systeme de transactions securisees d'unites de valeur portees par des cartes.
US7775427B2 (en) * 2005-12-31 2010-08-17 Broadcom Corporation System and method for binding a smartcard and a smartcard reader
DE102006004237A1 (de) * 2006-01-30 2007-08-16 Siemens Ag Verfahren und Vorrichtung zur Vereinbarung eines gemeinsamen Schlüssels zwischen einem ersten Kommunikationsgerät und einem zweiten Kommunikationsgerät
US20070203973A1 (en) * 2006-02-28 2007-08-30 Microsoft Corporation Fuzzing Requests And Responses Using A Proxy
US7613891B2 (en) * 2006-05-04 2009-11-03 Intel Corporation Methods and apparatus for providing a read access control system associated with a flash device
US8495380B2 (en) 2006-06-06 2013-07-23 Red Hat, Inc. Methods and systems for server-side key generation
US20080276309A1 (en) * 2006-07-06 2008-11-06 Edelman Lance F System and Method for Securing Software Applications
US8079068B2 (en) 2006-07-17 2011-12-13 Research In Motion Limited Management of multiple connections to a security token access device
US8341411B2 (en) 2006-08-16 2012-12-25 Research In Motion Limited Enabling use of a certificate stored in a smart card
US20080046739A1 (en) * 2006-08-16 2008-02-21 Research In Motion Limited Hash of a Certificate Imported from a Smart Card
US20090037729A1 (en) * 2007-08-03 2009-02-05 Lawrence Smith Authentication factors with public-key infrastructure
DE102007037715A1 (de) 2007-08-09 2009-02-19 Kobil Systems Gmbh Installationsloser Chipkartenleser für sicheres Online-Banking
TW200929974A (en) * 2007-11-19 2009-07-01 Ibm System and method for performing electronic transactions
US8839386B2 (en) * 2007-12-03 2014-09-16 At&T Intellectual Property I, L.P. Method and apparatus for providing authentication
US20090177892A1 (en) * 2008-01-09 2009-07-09 Microsoft Corporation Proximity authentication
US9130915B2 (en) * 2008-05-27 2015-09-08 Open Invention Network, Llc Preference editor to facilitate privacy controls over user identities
FR2933560B1 (fr) * 2008-07-07 2012-09-28 Eci Sarl Dispositif d'attestation electronique
US8201224B1 (en) * 2008-09-30 2012-06-12 Symantec Corporation Systems and methods for temporarily adjusting control settings on computing devices
US8965811B2 (en) * 2008-10-04 2015-02-24 Mastercard International Incorporated Methods and systems for using physical payment cards in secure E-commerce transactions
US7896247B2 (en) * 2008-12-01 2011-03-01 Research In Motion Limited Secure use of externally stored data
US8401964B2 (en) * 2009-04-28 2013-03-19 Mastercard International Incorporated Apparatus, method, and computer program product for encoding enhanced issuer information in a card
US8707413B2 (en) * 2010-01-15 2014-04-22 Bank Of America Corporation Authenticating a chip card interface device
WO2011110539A1 (en) * 2010-03-08 2011-09-15 Gemalto Sa System and method for using a portable security device to cryptographically sign a document in response to signature requests from a relying party to a digital signature service
US8819792B2 (en) 2010-04-29 2014-08-26 Blackberry Limited Assignment and distribution of access credentials to mobile communication devices
WO2011141579A2 (en) * 2010-05-14 2011-11-17 Gemalto Sa System and method for providing security for cloud computing resources using portable security devices
TW201206129A (en) * 2010-07-20 2012-02-01 Gemtek Technology Co Ltd Virtual private network system and network device thereof
EP2426652A1 (de) * 2010-09-06 2012-03-07 Gemalto SA Vereinfachtes Verfahren zur Personalisierung von Chipkarten, und entsprechende Vorrichtung
WO2013025938A2 (en) 2011-08-16 2013-02-21 Sl-X Ip Sarl Systems and methods for electronically initiating and executing securities lending transactions
US8706610B2 (en) 2011-08-16 2014-04-22 Sl-X Technology Uk Ltd. Systems and methods for electronically initiating and executing securities lending transactions
US8967477B2 (en) 2011-11-14 2015-03-03 Vasco Data Security, Inc. Smart card reader with a secure logging feature
DE102011122273A1 (de) * 2011-12-23 2013-06-27 Giesecke & Devrient Gmbh Vorrichtung und Verfahren zum Erzeugen von digitalen Bildern
KR101151367B1 (ko) * 2011-12-26 2012-08-07 한국전자통신연구원 온라인 금융거래 인증 방법 및 그 장치
US20130185214A1 (en) * 2012-01-12 2013-07-18 Firethorn Mobile Inc. System and Method For Secure Offline Payment Transactions Using A Portable Computing Device
US9471533B1 (en) * 2013-03-06 2016-10-18 Amazon Technologies, Inc. Defenses against use of tainted cache
US9398066B1 (en) 2013-03-06 2016-07-19 Amazon Technologies, Inc. Server defenses against use of tainted cache
CN103544037B (zh) * 2013-10-29 2016-08-17 飞天诚信科技股份有限公司 一种支持OpenSC的软硬件驱动的实现方法
EP2874421A1 (de) * 2013-11-13 2015-05-20 Gemalto SA System und Verfahren zur Sicherung der Kommunikation zwischen einer Kartenleservorrichtung und einem entfernten Server
KR102144517B1 (ko) * 2013-12-31 2020-08-14 원스팬 인터내셔널 게엠베하 전자 서명 방법들, 시스템들 및 장치
US10277560B2 (en) * 2014-02-23 2019-04-30 Samsung Electronics Co., Ltd. Apparatus, method, and system for accessing and managing security libraries
US10438187B2 (en) * 2014-05-08 2019-10-08 Square, Inc. Establishment of a secure session between a card reader and a mobile device
US8990121B1 (en) 2014-05-08 2015-03-24 Square, Inc. Establishment of a secure session between a card reader and a mobile device
WO2015171939A1 (en) * 2014-05-08 2015-11-12 Square, Inc. Establishment of a secure session between a card reader and a mobile device
GB2528043B (en) * 2014-07-03 2021-06-23 Vodafone Ip Licensing Ltd Security authentication
US9509661B2 (en) * 2014-10-29 2016-11-29 Aruba Networks, Inc. Method and apparatus for displaying HTTPS block page without SSL inspection
CN106447323A (zh) 2015-08-05 2017-02-22 阿里巴巴集团控股有限公司 业务验证方法及装置
US10158490B2 (en) * 2015-08-17 2018-12-18 The Boeing Company Double authentication system for electronically signed documents
US11593780B1 (en) 2015-12-10 2023-02-28 Block, Inc. Creation and validation of a secure list of security certificates
US9940612B1 (en) 2016-09-30 2018-04-10 Square, Inc. Fraud detection in portable payment readers
US10803461B2 (en) 2016-09-30 2020-10-13 Square, Inc. Fraud detection in portable payment readers
US10958640B2 (en) * 2018-02-08 2021-03-23 Citrix Systems, Inc. Fast smart card login
EP3573000A1 (de) * 2018-05-22 2019-11-27 Mastercard Asia/Pacific Pte. Ltd. Verfahren und system zur bereitstellung eines dienstes
US10573163B1 (en) * 2019-04-25 2020-02-25 Capital One Services, Llc Real-time ATM alert if user forgets card
US11528267B2 (en) * 2019-12-06 2022-12-13 Bank Of America Corporation System for automated image authentication and external database verification

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5778071A (en) * 1994-07-12 1998-07-07 Information Resource Engineering, Inc. Pocket encrypting and authenticating communications device
JPH1079733A (ja) * 1996-09-03 1998-03-24 Kokusai Denshin Denwa Co Ltd <Kdd> Icカードを用いた認証方法及び認証システム
US6226744B1 (en) * 1997-10-09 2001-05-01 At&T Corp Method and apparatus for authenticating users on a network using a smart card
US6073237A (en) * 1997-11-06 2000-06-06 Cybercash, Inc. Tamper resistant method and apparatus
WO2000026838A1 (en) * 1998-11-02 2000-05-11 Smartdisk Corporation Home point of sale (pos) terminal and electronic commerce method
AU5296200A (en) * 1999-05-28 2000-12-18 Utm Systems Corporation Network authentication with smart chip and magnetic stripe
US20010045451A1 (en) * 2000-02-28 2001-11-29 Tan Warren Yung-Hang Method and system for token-based authentication
US6895502B1 (en) * 2000-06-08 2005-05-17 Curriculum Corporation Method and system for securely displaying and confirming request to perform operation on host computer
WO2002001522A1 (en) * 2000-06-26 2002-01-03 Covadis S.A. Computer keyboard unit for carrying out secure transactions in a communications network
US7093133B2 (en) * 2001-12-20 2006-08-15 Hewlett-Packard Development Company, L.P. Group signature generation system using multiple primes

Also Published As

Publication number Publication date
DE10212620A1 (de) 2003-10-09
US20030177353A1 (en) 2003-09-18
EP1349031B1 (de) 2003-11-05
DE60200081D1 (de) 2003-12-11
DE60200081T2 (de) 2004-04-22
US7296149B2 (en) 2007-11-13
EP1349031A1 (de) 2003-10-01

Similar Documents

Publication Publication Date Title
ATE253745T1 (de) Sichere benutzer- und datenauthenifizierung über ein kommunikationsnetzwerk
DE60200093D1 (de) Sichere Benutzerauthenifizierung über ein Kommunikationsnetzwerk
CN103415858B (zh) 移动应用条形码识别方法和系统
KR100548638B1 (ko) 스마트카드를 이용한 원 타임 패스워드 생성 및 인증방법그리고 이를 위한 스마트카드
MY139673A (en) Data communication system, agent system server, computer program, and data communication method
DE60306648D1 (de) Vorrichtung und Verfahren zur sicheren Kommunikation basierend auf Chipkarten
WO2006069330A3 (en) Biometric personal data key (pdk) authentication
WO2002073877A3 (en) System and method of user and data verification
NO20010427L (no) Fremgangsmåte for å åpne hele eller deler av et smartkort
WO2005086569A3 (en) System, method and apparatus for electronic authentication
EP1376983A3 (de) Verfahren und System zur Authentifizierung von Kommunikationsendgeräten
MXPA05003546A (es) Modelo modificado para verificacion con tag.
DE602005018638D1 (de) Authentifizierungsverfahren
ATE536601T1 (de) Individuelles zertifikationsverfahren
KR20080062445A (ko) 이동통신 단말기를 이용한 인터넷 사이트에서의 사용자인증 방법 및 장치
JP2006190175A (ja) Rfid利用型認証制御システム、認証制御方法及び認証制御プログラム
KR20070084801A (ko) 스마트카드를 이용한 원 타임 패스워드 생성 및 인증방법그리고 이를 위한 스마트카드
CN106027243A (zh) 一种电子凭证生成方法、客户端、云平台、授权端和系统
US8601270B2 (en) Method for the preparation of a chip card for electronic signature services
US20070074040A1 (en) Online authorization using biometric and digital signature schemes
KR20070020772A (ko) 무선단말기 번호를 이용한 금융거래 처리방법 및 시스템과이를 위한 금융거래 처리장치와, 금융거래 단말장치와,단말 장치와 기록매체
KR100858146B1 (ko) 이동통신 단말기 및 가입자 식별 모듈을 이용한 개인 인증방법 및 장치
CN110659470B (zh) 离线物理隔离的认证方法及其认证系统
EP2051469A1 (de) Delegierung einer Authentifizierung
KR20070021580A (ko) 금융거래 처리방법 및 시스템과 이를 위한 금융거래처리장치와, 금융거래 단말장치와, 단말 장치와 기록매체

Legal Events

Date Code Title Description
RER Ceased as to paragraph 5 lit. 3 law introducing patent treaties