CH716571A2 - Portable electronic authentication device. - Google Patents

Portable electronic authentication device. Download PDF

Info

Publication number
CH716571A2
CH716571A2 CH01134/19A CH11342019A CH716571A2 CH 716571 A2 CH716571 A2 CH 716571A2 CH 01134/19 A CH01134/19 A CH 01134/19A CH 11342019 A CH11342019 A CH 11342019A CH 716571 A2 CH716571 A2 CH 716571A2
Authority
CH
Switzerland
Prior art keywords
portable electronic
communication means
authentication device
electronic authentication
control system
Prior art date
Application number
CH01134/19A
Other languages
French (fr)
Inventor
Stauffer Jérôme
Scordilis Thierry
De Rosa Luca
Original Assignee
Swatch Group Res & Dev Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Swatch Group Res & Dev Ltd filed Critical Swatch Group Res & Dev Ltd
Priority to CH01134/19A priority Critical patent/CH716571A2/en
Publication of CH716571A2 publication Critical patent/CH716571A2/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • GPHYSICS
    • G04HOROLOGY
    • G04GELECTRONIC TIME-PIECES
    • G04G21/00Input or output devices integrated in time-pieces
    • G04G21/04Input or output devices integrated in time-pieces using radio waves
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00341Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks keyless data carrier having more than one limited data transmission ranges
    • G07C2009/00357Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks keyless data carrier having more than one limited data transmission ranges and the lock having more than one limited data transmission ranges
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00388Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method
    • G07C2009/00396Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method starting with prompting the keyless data carrier
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/28Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un dispositif électronique d'authentification portable (10) pour fournir l'accès à un site ou ressource informatique ou lieu sécurisé. Le dispositif électronique portable comprend un premier moyen de communication (11) et un second moyen de communication (12) différent du premier moyen de communication. Le premier moyen de communication est destiné à recevoir un signal d'interrogation (S P ) d'un dispositif de contrôle d'un système de contrôle, qui comprend le dispositif électronique portable. Le second moyen de communication est destiné à transmettre un signal réponse (S L ) qui comprend des données d'identification du dispositif électronique portable pour authentifier le dispositif électronique portable dans le système de contrôle et permettre l'accès à un site ou ressource informatique ou lieu sécurisé.The present invention relates to a portable electronic authentication device (10) for providing access to a site or computer resource or secure location. The portable electronic device comprises a first communication means (11) and a second communication means (12) different from the first communication means. The first communication means is intended to receive an interrogation signal (S P ) from a control device of a control system, which comprises the portable electronic device. The second means of communication is intended to transmit a response signal (S L ) which comprises identification data of the portable electronic device to authenticate the portable electronic device in the control system and allow access to a site or computer resource or place secure.

Description

Description Description

DOMAINE TECHNIQUE DE L'INVENTION TECHNICAL FIELD OF THE INVENTION

[0001] L'invention concerne un dispositif electronique d'authentification portable pour avoir acces ä un site informatique defini ou ä un appareil ou lieu determine. [0001] The invention relates to a portable electronic authentication device for gaining access to a defined computer site or to a determined apparatus or place.

[0002] L'invention concerne aussi un Systeme de contröle comprenant un dispositif electronique d'authentification portable. The invention also relates to a control system comprising a portable electronic authentication device.

ETAT DE LA TECHNIQUE STATE OF THE ART

[0003] Comme actuellement des vols d'identite et de donnees personnelles sont effectues, il est necessaire de disposer de moyens d'authentification, qui soient fiables et robustes aux differentes attaques, et simples d'utilisation. II est notamment connu plusieurs dispositifs pour ameliorer la securite des comptes informatiques, tels que des des USB, des badges d'authentification, des cartes intelligentes, des capteurs biometriques, voire des applications pour telephones mobiles. Cependant toutes ces technologies comportent de nombreux problemes, tels que le risque de perte ou de vol, la copie et la falsification, et une Utilisation fastidieuse, ce qui constitue des inconvenients. [0003] As identity and personal data thefts are currently being carried out, it is necessary to have means of authentication which are reliable and robust to the various attacks, and which are easy to use. Several devices are known in particular for improving the security of computer accounts, such as USBs, authentication badges, smart cards, biometric sensors, even applications for mobile telephones. However, all these technologies have many problems, such as the risk of loss or theft, copying and falsification, and tedious use, which constitute disadvantages.

[0004] Le brevet EP 1 420 524 B1 decrit un dispositif de communication d'information sans fil, fei qu'une montre, et un Systeme de communication d'information sans fil ä courte distance entre le dispositif et un appareil electronique. Le dispositif peut recevoir des signaux radiofrequences et transmettre une information par d'autres signaux, qui sont principalement des signaux parasites depuis l'oscillateur. D'autres moyens de communication de signaux sont aussi prevus tels que des signaux acoustiques ou des signaux lumineux. Par contre, rien n'est decrit concernant un dispositif electronique d'authentification portable donnant acces ä un site Internet defini ou ä un lieu determine. [0004] Patent EP 1 420 524 B1 describes a wireless information communication device, such as a watch, and a short distance wireless information communication system between the device and an electronic device. The device can receive radio frequency signals and transmit information by other signals, which are mainly parasitic signals from the oscillator. Other signal communication means are also provided, such as acoustic signals or light signals. On the other hand, nothing is described concerning a portable electronic authentication device giving access to a defined Internet site or to a determined place.

[0005] La demande de brevet WO 2012/166115 A1 decrit un reseau de telecommunications mobiles de maniere ä echanger des donnees d'authentification avec un dispositif de communication mobile. Un premier moyen de propagation peut etre utilise tel qu'une source de radiation lumineuse infrarouge, ultraviolette ou visible, et un second moyen de propagation peut etre utilise tel que des signaux radiofrequences. Le premier moyen de propagation ne peut pas etre regu ä l'exterieur de l'endroit oü se trouve le dispositif de communication mobile. Le dispositif de communication mobile s'authentifie aupres du dispositif, qui lui a transmis un Signal d'interrogation, mais pas aupres des dispositifs tiers, ce qui constitue un inconvenient. [0005] Patent application WO 2012/166115 A1 describes a mobile telecommunications network for exchanging authentication data with a mobile communication device. A first means of propagation can be used such as an infrared, ultraviolet or visible light radiation source, and a second means of propagation can be used such as radio frequency signals. The first propagation medium cannot be received outside of the location of the mobile communication device. The mobile communication device authenticates itself with the device, which has transmitted an interrogation signal to it, but not with the third-party devices, which constitutes a disadvantage.

[0006] La demande de brevet EP 3 419 241 A1 decrit un procede et un Systeme pour empecher des attaques par relais intermediaires pour avoir acces ä un vehicule. II est utilise une combinaison de deux moyens de propagation differents pour la communication entre un dispositif portable (cle de voiture) et le vehicule pour authentifier le dispositif afin d'avoir acces au vehicule. Une authentification du dispositif portable est effectuee en mesurant la distance entre le dispositif portable et le vehicule par un emetteur acoustique. Le vehicule refuse des commandes transmises par signaux radiofrequences si le dispositif est trop eloigne. Cela complique l'authentification d'un tel dispositif, ce qui constitue un inconvenient. [0006] Patent application EP 3 419 241 A1 describes a method and a system for preventing attacks by intermediate relays to gain access to a vehicle. A combination of two different means of propagation is used for communication between a portable device (car key) and the vehicle to authenticate the device in order to gain access to the vehicle. Authentication of the portable device is performed by measuring the distance between the portable device and the vehicle by an acoustic transmitter. The vehicle refuses commands transmitted by radio frequency signals if the device is too far away. This complicates the authentication of such a device, which constitutes a disadvantage.

RESUME DE L'INVENTION SUMMARY OF THE INVENTION

[0007] L'invention a donc pour but de pallier les inconvenients cites ci-dessus avec un dispositif electronique d'authentification portable pour avoir acces ä un site informatique defini ou ä un appareil ou lieu determine sans complication, de maniere semi-automatique et localisee. [0007] The object of the invention is therefore to overcome the drawbacks mentioned above with a portable electronic authentication device for gaining access to a defined computer site or to a determined device or place without complication, in a semi-automatic and located.

[0008] A cet effet, l'invention concerne un dispositif electronique d'authentification portable, qui comprend les caracteristiques de la revendication independante 1. To this end, the invention relates to a portable electronic authentication device, which comprises the features of independent claim 1.

[0009] Des formes d'execution particulieres du dispositif electronique portable sont definies dans les revendications dependantes 2 ä 8. [0009] Particular embodiments of the portable electronic device are defined in dependent claims 2 to 8.

[0010] Un avantage du dispositif electronique d'authentification portable reside dans le fait que deux moyens de communication differents sont utilises pour une communication d'authentification d'un dispositif portable en communication avec un dongle ou dispositif de contröle lie ä un ensemble de connexion informatique. D'une part, le premier moyen de communication est utilise pour une communication de proximite ou faible distance si le dispositif portable se trouve proche du dongle ou dispositif de contröle. D'autre part, le second moyen de communication est orthogonal du premier moyen de communication et peut etre ä longue distance. [0010] An advantage of the portable electronic authentication device lies in the fact that two different means of communication are used for authentication communication of a portable device in communication with a dongle or control device linked to a connection assembly. computer science. On the one hand, the first means of communication is used for proximity or short distance communication if the portable device is close to the dongle or control device. On the other hand, the second communication means is orthogonal to the first communication means and can be long distance.

[0011] Avantageusement, le premier moyen de communication transmet ou regoit un Signal infrarouge, optique, sonore, ultrasonore ou en champ proche (NEC). Le second moyen de communication transmet ou regoit un Signal RF, HF, UHF ou Bluetooth. Ainsi cela permet d'ajouter une couche de securite supplementaire au mecanisme d'authentification car l'echange de donnees permettant l'authentification a lieu sur deux moyens orthogonaux dont Tun est tres localise autour de la ressource necessitant une authentification de l'utilisateur. Le mecanisme d'authentification en soi est base sur des technologies connues de l'homme du metier. [0011] Advantageously, the first means of communication transmits or receives an infrared, optical, sound, ultrasonic or near-field (NEC) signal. The second means of communication transmits or receives an RF, HF, UHF or Bluetooth Signal. Thus, this makes it possible to add an additional layer of security to the authentication mechanism because the exchange of data allowing the authentication takes place on two orthogonal means of which Tun is very localized around the resource requiring authentication of the user. The authentication mechanism itself is based on technologies known to those skilled in the art.

[0012] La presente invention porte uniquement sur l'authentification du dispositif portable et non pas sur la securisation des Communications. De plus, le lieu oü se trouve la ressource ä acceder n'a pas besoin d'etre opaque aux milieux de communication. The present invention relates only to the authentication of the portable device and not to the securing of communications. Moreover, the place where the resource to be accessed is located does not need to be opaque to the communication mediums.

[0013] Avantageusement, avec l'authentification du dispositif portable, il peut y avoir acces automatiquement ä des postes et ressources informatiques, une signature digitale de documents ou de courriers electroniques, un cryptage ou decryptage de divers documents ou courriers, un stockage securise de mots de passe, et une ouverture automatique de portes avec gestion des acces aux utilisateurs. [0013] Advantageously, with the authentication of the portable device, there may be automatic access to computer stations and resources, a digital signature of documents or electronic mails, encryption or decryption of various documents or mails, secure storage of passwords, and automatic door opening with user access management.

[0014] Avantageusement, le dispositif portable est difficile ä voler ou perdre, toujours avec soi, bien visible pour une connexion ä un ordinateur, pratique et esthetique, desactivation possible si le dispositif est vole, mot de passe ou sequence d'identification ou autre pour reactiver la fonction une fois que le dispositif est remis au poignet s'il s'agit d'une montrebracelet ou bracelet. [0014] Advantageously, the portable device is difficult to steal or lose, always with you, clearly visible for connection to a computer, practical and aesthetic, possible deactivation if the device is stolen, password or identification sequence or other to reactivate the function once the device is put back on the wrist if it is a wristwatch or bracelet.

[0015] A cet effet, l'invention concerne egalement un Systeme de contröle comprenant un dispositif electronique d'authentification portable, qui comprend les caracteristiques de la revendication independante 9. [0015] To this end, the invention also relates to a control system comprising a portable electronic authentication device, which comprises the features of independent claim 9.

[0016] Des etapes particulieres du Systeme de contröle sont definies dans les revendications dependantes 10 ä 14. [0016] Particular steps of the Control System are defined in dependent claims 10 to 14.

BREVE DESCRIPTION DES FIGURES BRIEF DESCRIPTION OF FIGURES

[0017] Les buts, avantages et caracteristiques du dispositif electronique d'authentification portable et du Systeme le comprenant apparaitront mieux dans la description suivante sur la base d'au moins une forme d'execution non limitative illustree par les dessins sur lesquels : The aims, advantages and characteristics of the portable electronic authentication device and of the system comprising it will appear better in the following description on the basis of at least one non-limiting form of execution illustrated by the drawings in which:

- la figure 1 represente un Schema bloc simplifie des composants electroniques d'un Systeme de contröle ayant undispositif electronique d'authentification portable selon l'invention, et - Figure 1 shows a simplified block diagram of the electronic components of a control system having a portable electronic authentication device according to the invention, and

- la figure 2 represente plus en detail les composants electroniques du dispositif electronique d'authentification portableselon l'invention. - Figure 2 shows in more detail the electronic components of the portable electronic authentication device according to the invention.

DESCRIPTION DETAILLEE DE L'INVENTION DETAILED DESCRIPTION OF THE INVENTION

[0018] Dans la description suivante, tous les composants electroniques d'un Systeme de contröle ayant un dispositif electronique d'authentification portable, qui sont bien connus d'un homme du metier dans ce domaine technique, ne sont decrits que de maniere simplifiee. [0018] In the following description, all the electronic components of a control system having a portable electronic authentication device, which are well known to a person skilled in the art in this technical field, are only described in a simplified manner.

[0019] La figure 1 represente de maniere schematique un Systeme de contröle 1, qui comprend principalement un dispositif electronique d'authentification portable 10 personnalise ä la personne le portant. Ce dispositif electronique d'authentification portable 10 peut etre une montre-bracelet, un bracelet, un badge, un bijou ou un autre dispositif apte ä etre portepar une personne. [0019] Figure 1 schematically represents a control system 1, which mainly comprises a portable electronic authentication device 10 personalized to the person wearing it. This portable electronic authentication device 10 can be a wristwatch, a bracelet, a badge, a piece of jewelery or another device capable of being worn by a person.

[0020] Le Systeme de contröle 1 comprend encore un dongle ou dispositif de contröle 2, qui peut etre branche ou connecte par l'intermediaire d'une interface de connexion 5 ä un ensemble 6 de connexion necessitant une authentification du dispositif portable 10. Le dongle 2 peut etre sous la forme d'une cle USB branchee ä l'ensemble de connexion 6, tel qu'un ordinateur, ou etre integre ä l'ensemble de connexion 6 comme du materiel informatique par exemple. L'ensemble de connexion 6 peut donc etre un ordinateur portable ou fixe, un serveur informatique, une porte d'acces ou autre appareil necessitant l'authentification du dispositif portable 10 pour l'acces ä un site ou ressource informatique ou lieu securise. [0020] The control system 1 further comprises a dongle or control device 2, which can be plugged in or connected via a connection interface 5 to a connection assembly 6 requiring authentication of the portable device 10. The dongle 2 can be in the form of a USB key connected to the connection set 6, such as a computer, or be integrated into the connection set 6 such as computer equipment for example. The connection assembly 6 can therefore be a portable or fixed computer, a computer server, an access door or other device requiring the authentication of the portable device 10 for access to a site or computer resource or secure location.

[0021] Le dongle ou dispositif de contröle 2, qui est alimente electriquement par l'ensemble de connexion 6, comprend encore un premier moyen de communication 3 pour transmettre un Signal d'interrogation SP (challenge) et un second moyen de communication 4, different du premier moyen de communication 3, pour recevoir un Signal reponse SL. Le premier moyen de communication 3 peut etre une unite de transmission de proximite 3 d'un Signal d'interrogation SP, alors que le second moyen de communication 4 peut etre une unite de reception longue distance 4 d'un Signal de reception SL. Meme si non represente en figure 1, le dongle ou dispositif de contröle 2 peut comprendre un contröleur, tel qu'un microcontröleur ou un reseau de portes programmables (FPGA) ou autre Circuit de traitement, qui est dispose entre l'interface 5 et les unites de transmission et reception 3, 4. The dongle or control device 2, which is electrically powered by the connection assembly 6, further comprises a first means of communication 3 for transmitting an interrogation signal SP (challenge) and a second means of communication 4, different from the first means of communication 3, to receive a response signal SL. The first communication means 3 can be a proximity transmission unit 3 of an interrogation signal SP, whereas the second communication means 4 can be a long distance reception unit 4 of a reception signal SL. Even if not represented in FIG. 1, the dongle or control device 2 can comprise a controller, such as a microcontroller or a programmable gate array (FPGA) or other processing circuit, which is arranged between the interface 5 and the transmission and reception units 3, 4.

[0022] Le Signal d'interrogation SP, qui est de preference crypte notamment gere par l'ensemble de connexion 6 lie au dongle ou dispositif de contröle 2, est transmis au dispositif portable 10 s'il se trouve ä proximite du dongle ou dispositif de contröle 2. Le dispositif portable 10 regoit et decrypte le Signal d'interrogation SP de maniere ä calculer une reponse d'authentification, qu'il transmet par le Signal reponse SL au dongle ou dispositif de contröle 2. [0022] The interrogation signal SP, which is preferably encrypted in particular managed by the connection assembly 6 linked to the dongle or control device 2, is transmitted to the portable device 10 if it is close to the dongle or device 2. The portable device 10 receives and decrypts the interrogation signal SP so as to calculate an authentication response, which it transmits via the response signal SL to the dongle or control device 2.

[0023] Le premier moyen de communication 3, tel que I'unite de transmission de proximite, est un moyen de communication de proximite pour la transmission un Signal d'interrogation SP, qui peut etre un Signal infrarouge, optique, ultrasonore, sonore ou en champ proche (NFC). Le second moyen de communication 4, tel que l'unite de reception longue distance, est un moyen de communication longue distance pour recevoir un Signal reponse SL, qui peut etre un Signal RF, HF, UHF, voire Bluetooth. Les moyens de transmission 3 et de reception 4 peuvent etre separes ou combines dans un seul composant. The first communication means 3, such as the proximity transmission unit, is a proximity communication means for transmitting an interrogation signal SP, which may be an infrared, optical, ultrasonic, sound or near field (NFC). The second communication means 4, such as the long-distance reception unit, is a long-distance communication means for receiving a response signal SL, which can be an RF, HF, UHF or even Bluetooth signal. The means of transmission 3 and reception 4 can be separated or combined in a single component.

[0024] La figure 2 represente le dispositif electronique d'authentification portable 10. Ce dispositif portable 10 comprend un premier moyen de communication 11, tel qu'une interface de reception ou unite de reception 11 pour recevoir un Signal d'interrogation SP provenant du dongle ou dispositif de contröle. De preference, le premier moyen de communication est de proximite pour recevoir le Signal d'interrogation SP lorsque le dispositif portable 10 se trouve ä proximite du dongle ou dispositif de contröle. La distance de proximite peut etre inferieure ä 1 m. Le dispositif portable 10 comprend encore un FIG. 2 represents the portable electronic authentication device 10. This portable device 10 comprises a first communication means 11, such as a reception interface or reception unit 11 for receiving an interrogation signal SP coming from the dongle or control device. Preferably, the first means of communication is close to receive the interrogation signal SP when the portable device 10 is close to the dongle or control device. The proximity distance can be less than 1 m. The portable device 10 further comprises a

Claims (14)

second moyen de communication 12, tel qu'une interface de transmission ou unite de transmission 12 pour transmettre un Signal reponse SL en direction du dengle ou dispositif de contröle suite au calcul d'une reponse d'authentification. Le second moyen de communication 12 peut etre utilise pour une communication ä longue distance. Le dispositif portable 10 comprend encore une unite de traitement 13 reliee aux deux interfaces de reception et de transmission 11,12 pour le traitement des signaux regus et transmis cryptes. Une memoire 14 peut encore etre prevues pour Stocker notamment des donnees d'identification pour authentifier la personne qui porte le dispositif portable 10. La memoire peut etre une memoire non volatile. Le dispositif portable 10 peut etre alimente en electricite par une batterie ou pile ou une cellule solaire ou un generateur thermoelectrique, si le dispositif portable est sous la forme d'une montre-bracelet ou un bracelet.second means of communication 12, such as a transmission interface or transmission unit 12 for transmitting a response signal SL towards the dengle or control device following the calculation of an authentication response. The second communication means 12 can be used for long distance communication. The portable device 10 further comprises a processing unit 13 connected to the two reception and transmission interfaces 11,12 for the processing of signals received and transmitted encrypted. A memory 14 can also be provided for storing in particular identification data to authenticate the person wearing the portable device 10. The memory can be a non-volatile memory. The portable device 10 can be supplied with electricity by a battery or battery or a solar cell or a thermoelectric generator, if the portable device is in the form of a wristwatch or a bracelet. [0025] L'unite de traitement 13 peut etre par exemple un microcontröleur, qui comprend une base de temps pour le cadencement de toutes les operations de reception ou transmission d'un Signal par les interfaces, et un module de cryptage (Hardware ou Software) pour le calcul d'un Signal reponse SL. [0025] The processing unit 13 can be for example a microcontroller, which includes a time base for the timing of all reception or transmission operations of a Signal by the interfaces, and an encryption module (Hardware or Software ) for the calculation of a response signal SL. [0026] II est ä noter que l'interface de reception 11 et l'interface de transmission 12 peuvent etre separes ou combines dans un seul composant ou integrees dans un meme Circuit integre avec les autres composants electroniques du dispositif portable 10It should be noted that the reception interface 11 and the transmission interface 12 can be separated or combined in a single component or integrated in the same integrated circuit with the other electronic components of the portable device 10 [0027] Apres reception du Signal reponse SL, le dongle ou dispositif de contröle du Systeme transmet ce Signal reponse SL requ ä l'ensemble de connexion pour authentifier le dispositif portable 10 apres une comparaison ä un prototype de reponse pre-calcule dans l'ensemble de connexion, tel qu'un ordinateur relie ä un reseau Internet par exemple. Si ledispositif portable est authentifie, une autorisation est fournie par l'ensemble de connexion pour avoir acces ä un site ou ressource informatique ou lieu securise. [0027] After reception of the Response Signal SL, the dongle or control device of the System transmits this Response Signal SL requested to the connection assembly to authenticate the portable device 10 after a comparison with a pre-calculated response prototype in the connection set, such as a computer linked to an Internet network for example. If the portable device is authenticated, authorization is provided by the connection set to gain access to a site or computer resource or secure location. [0028] A partir de la description qui vient d'etre faite, plusieurs variantes de realisation dispositif electronique d'authentification portable et du Systeme de contröle le comprenant sont possibles sans sortir du cadre de l'invention definie par les revendications suivantes. From the description which has just been given, several embodiment variants of the portable electronic authentication device and of the control system comprising it are possible without departing from the scope of the invention defined by the following claims. RevendicationsClaims 1. Dispositif electronique d'authentification portable (10) pour fournir l'acces ä un site ou ressource informatique ou lieu securise,1. Portable electronic authentication device (10) for providing access to a computer site or resource or secure location, caracterise en ce que le dispositif electronique portable (10) comprend un premier moyen de communication (11) et un second moyen de communication (12) different du premier moyen de communication (11), le premier moyen de communication (11) etant destine ä recevoir un Signal d'interrogation (SP) d'un dispositif de contröle (2) d'un Systeme de contröle (1), qui comprend le dispositif electronique portable (10), et le second moyen de communication (12) etant destine ä transmettre un Signal reponse (SL) qui comprend des donnees d'identification du dispositif electronique portable (10) pour authentifier le dispositif electronique portable (10) dans le Systeme de contröle (1) et permettre l'acces ä un site ou ressource informatique ou lieu securise. characterized in that the portable electronic device (10) comprises a first communication means (11) and a second communication means (12) different from the first communication means (11), the first communication means (11) being intended for to receive an Interrogation Signal (SP) from a control device (2) of a Control System (1), which comprises the portable electronic device (10), and the second communication means (12) being intended to transmit a Response Signal (SL) which includes identification data of the portable electronic device (10) to authenticate the portable electronic device (10) in the Control System (1) and allow access to a site or computer resource or secure place. 2. Dispositif electronique d'authentification portable (10) selon la revendication 1, caracterise en ce que le premier moyen de communication (11) est un moyen de communication de proximite pour une communication ä faible distance avec un dispositif de contröle (2) d'un Systeme de contröle (1). 2. Portable electronic authentication device (10) according to claim 1, characterized in that the first communication means (11) is a proximity communication means for a short distance communication with a control device (2) d a control system (1). 3. Dispositif electronique d'authentification portable (10) selon la revendication 1, caracterise en ce que le premier moyen de communication (11) est une interface ou unite de reception (11) d'un Signal d'interrogation, qui est un Signal infrarouge, optique, sonore, ultrasonore ou en champ proche MFC. 3. Portable electronic authentication device (10) according to claim 1, characterized in that the first communication means (11) is an interface or reception unit (11) of an interrogation signal, which is an interrogation signal. infrared, optical, sonic, ultrasonic or near field MFC. 4. Dispositif electronique d'authentification portable (10) selon la revendication 1, caracterise en ce que le second moyen de communication (12) est un moyen de communication longue distance. 4. Portable electronic authentication device (10) according to claim 1, characterized in that the second communication means (12) is a long distance communication means. 5. Dispositif electronique d'authentification portable (10) selon la revendication 4, caracterise en ce que le second moyen de communication (12) est un moyen de communication longue distance pour transmettre un Signal reponse RF, HR UHF ou Bluetooth. 5. Portable electronic authentication device (10) according to claim 4, characterized in that the second communication means (12) is a long distance communication means for transmitting an RF, HR UHF or Bluetooth response signal. 6. Dispositif electronique d'authentification portable (10) selon la revendication 1, caracterise en ce qu'il comprend une unite de traitement (13) reliee aux premier et second moyens de communication (11, 12) pour traiter le Signal d'interrogation crypte regu (SP) et calculer un Signal reponse crypte (SL) avec des donnees d'identification du dispositif electronique portable (10) pour l'authentifier. 6. Portable electronic authentication device (10) according to claim 1, characterized in that it comprises a processing unit (13) connected to the first and second communication means (11, 12) to process the interrogation signal encrypted received (SP) and calculate an encrypted response signal (SL) with identification data of the portable electronic device (10) to authenticate it. 7. Dispositif electronique d'authentification portable (10) selon la revendication 6, caracterise en ce que l'unite de traitement (13) est un microcontröleur avec un module de cryptage. 7. Portable electronic authentication device (10) according to claim 6, characterized in that the processing unit (13) is a microcontroller with an encryption module. 8. Dispositif electronique d'authentification portable (10) selon la revendication 1, caracterise en ce qu'il est alimente par une batterie ou pile ou une cellule solaire ou un generateur thermoelectrique. 8. Portable electronic authentication device (10) according to claim 1, characterized in that it is powered by a battery or battery or a solar cell or a thermoelectric generator. 9. Systeme de contröle (1) comprenant un dispositif electronique d'authentification portable (10) selon l'une des revendications precedentes, le Systeme de contröle comprenant un outre un dispositif de contröle (2) lie ä un ensemble de connexion informatique (6), caracterise en ce que le dispositif de contröle (2) comprend un premier moyen de communication (3) pour transmettre un Signal d'interrogation (SP) au dispositif electronique d'authentification portable9. Control system (1) comprising a portable electronic authentication device (10) according to one of the preceding claims, the control system further comprising a control device (2) linked to a computer connection assembly (6). ), characterized in that the control device (2) comprises a first communication means (3) for transmitting an interrogation signal (SP) to the portable electronic authentication device (10) et un second moyen de communication (4), different du premier moyen de communication (3), pour recevoir un signai reponse (SL) du dispositif electronique d'authentification portable (10). (10) and a second communication means (4), different from the first communication means (3), for receiving a response signal (SL) from the portable electronic authentication device (10). 10. Systeme de contröle (1) selon la revendication 9, caracterise en ce que le premier moyen de communication (3) est une unite de transmission de proximite (3) pour communiquer avec le dispositif electronique d'authentification portable (10) ä faible distance. 10. Control system (1) according to claim 9, characterized in that the first communication means (3) is a proximity transmission unit (3) for communicating with the portable electronic authentication device (10) at low distance. 11. Systeme de contröle (1) selon la revendication 10, caracterise en ce que l'unite de transmission de proximite (3) transmet un Signal d'interrogation infrarouge, optique, sonore, ultrasonore ou en champ proche NFC. 11. Control system (1) according to claim 10, characterized in that the proximity transmission unit (3) transmits an infrared, optical, sound, ultrasonic or NFC near-field interrogation signal. 12. Systeme de contröle (1) selon la revendication 9, caracterise en ce que le second moyen de communication (4) est une unite de reception longue distance (4) pour recevoir le Signal reponse (SL) du dispositif electronique d'authentification portable (10) avec des donnees d'identification du dispositif electronique portable (10) pour l'authentifier dans l'ensemble de connexion informatique (6). 12. Control system (1) according to claim 9, characterized in that the second communication means (4) is a long distance reception unit (4) for receiving the response signal (SL) from the portable electronic authentication device (10) with identification data of the portable electronic device (10) to authenticate it in the computer connection assembly (6). 13. Systeme de contröle (1) selon la revendication 12, caracterise en ce que l'unite de reception de longue distance (4) reqoit un Signal reponse (SL) RF, HF, UHF ou Bluetooth du dispositif electronique d'authentification portable (10). 13. Control system (1) according to claim 12, characterized in that the long distance reception unit (4) receives an RF, HF, UHF or Bluetooth response signal (SL) from the portable electronic authentication device ( 10). 14. Systeme de contröle (1) selon la revendication 9, caracterise en ce que le Signal d'interrogation (SP) transmis au dispositif electronique d'authentification portable (10) est crypte par l'ensemble de connexion informatique (6), et en ce que le Signal reponse crypte (SL) est regu par le dispositif de contröle (2) pour une authentification dans l'ensemble de connexion informatique (6). 14. Control system (1) according to claim 9, characterized in that the interrogation signal (SP) transmitted to the portable electronic authentication device (10) is encrypted by the computer connection assembly (6), and in that the encrypted response Signal (SL) is received by the control device (2) for authentication in the computer connection assembly (6).
CH01134/19A 2019-09-09 2019-09-09 Portable electronic authentication device. CH716571A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CH01134/19A CH716571A2 (en) 2019-09-09 2019-09-09 Portable electronic authentication device.

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CH01134/19A CH716571A2 (en) 2019-09-09 2019-09-09 Portable electronic authentication device.

Publications (1)

Publication Number Publication Date
CH716571A2 true CH716571A2 (en) 2021-03-15

Family

ID=74859541

Family Applications (1)

Application Number Title Priority Date Filing Date
CH01134/19A CH716571A2 (en) 2019-09-09 2019-09-09 Portable electronic authentication device.

Country Status (1)

Country Link
CH (1) CH716571A2 (en)

Similar Documents

Publication Publication Date Title
EP2517141B1 (en) Multiple application chip card having biometric validation
EP1390921B1 (en) Electronic payment terminal, smart card adapted to such a terminal et method for loading a secret key in such a terminal
WO2013053860A1 (en) Remote control system, and method for automatically locking and/or unlocking at least one movable panel of a motor vehicle and/or for starting a motor vehicle engine using a remote control system
WO2001099337A1 (en) Method for secure biometric authentication/identification, biometric data input module and verification module
EP3108424A1 (en) Electronic transaction method and system via a portable accessory
CA2888662A1 (en) System and method for securing data exchange, portable user object and remote device for downloading data
EP3552327B1 (en) Method of personalizing a secure transaction during a radio communication
EP1794896A1 (en) Contactless privacy protection device
WO2008107607A2 (en) Portable authentication device
WO2019120971A1 (en) Aggregator of identification devices
EP2118825B1 (en) Portable electronic entity and communication method
EP3104320A1 (en) Method for programming bank data in an integrated circuit of a watch
CH716571A2 (en) Portable electronic authentication device.
EP3110190B1 (en) Method and device for managing contactless applications
WO2017100864A1 (en) A mobile earth station
EP3790248A1 (en) Electronic device for portable authentication
EP1358748B1 (en) Device and method for automatic and secure pairing of appliances in a radiofrequency network
CA2973836A1 (en) Data-processing method by an electronic data-acquisition device, device and corresponding program
FR2835951A1 (en) Vehicle zone access electronic authentication having transponder signal sent with secret/public security identification code.
EP3038396B1 (en) Beacon with multiple communication interfaces with secure deactivation/reactivation
EP1965328B1 (en) Securitisation method and mobile device thus secured
EP3531615B1 (en) Method for authenticating a transponder communicating with a server
FR2800245A1 (en) Footwear sole with integrated circuit and antenna for actuating transaction and mechanical operations
FR3074462A1 (en) DEVICE FOR IDENTIFYING THE POSITION OF AN IDENTIFIER IN RELATION TO A MOTOR VEHICLE
FR3133463A1 (en) Portable and autonomous device for securing data transfer and corresponding method.