DE102017205309A1 - Data processing arrangement and method for its operation - Google Patents

Abstract

The invention relates to a data processing arrangement (1) for exchanging information, comprising a network device (5) which connects a plurality of data processing devices as subscribers (10, 20, 30), with at least one first information providing subscriber (10) having at least one information request at least a second, information requesting participant (20) receives. Moreover, the invention relates to a method (100) for operating such a data processing arrangement (1). It is proposed to provide the at least one first participant (10) with at least one treatment device (12), which converts the at least one information query into an encoded format, in addition to provide the first participant (10) with at least one conversion device (14), which coded, displayed information queries detected without contact and converted into a machine-readable format, and the at least one first participant (10) to be provided with a processing device (16), which generates at least one response information based on the information query under comparison with a held information stock (50) and by returning the at least one response information in the direction of the second subscriber (20) the at least one information query answers

Description

The invention relates to a data processing arrangement for exchanging information with a network device, which connects a plurality of data processing devices as participants, with at least one first information-providing subscriber, which receives at least one information request of at least one second, information-requesting subscriber. Moreover, the invention relates to a method for operating such a data processing arrangement.

Many processes and processes of daily life are already based on information being exchanged by data processing devices connected in a network, be it that mainframes exchange or align with one another, or even that a single user uses a single computer or even their smartphone or tablet an information query in the form of a search query addressed to a corresponding search engine. Regularly it comes to accesses to a target computer, which seeks to answer this information query by accessing a stored in his or her databases information stock.

Regrettably, in the networks in question, not only users with noble intentions are on the way, so that a threat of both individual participants of the networks, as well as entire infrastructure by so-called malicious programs is omnipresent. Some examples of this are, for example, programs by means of which so-called (D) DOS attacks (Distributed) denial of service are carried out and as a result individual data processing devices as well as entire arrangements can be paralyzed. Next you could also blackmail in the form of ransomware, for example. U.a. to so-called crypto-Trojans, think, which encrypts their own data and releases the required key for decryption only against payment of a sum of money. Finally, there is a large amount of spy software that is able to spy on data assets to extract from the knowledge advantage e.g. To gain competitive advantages.

The scenarios described here have in common that a computer as a data processing device per se initially can not distinguish whether an instruction is in the owner's sense or not. Therefore, security gaps can not be excluded for the future in the area of system programs or application programs. In today's connection technology, therefore, an attack on computers or databases will always be possible. As soon as there is a direct physical connection, e.g. B. over the Internet, between two participating in the respective network data processing devices running in the background from a variety of programs that allow it due to, for example, security vulnerabilities described above, to inject malicious code into a target computer as a participant, and gain access to usable data.

It is therefore an object to provide an apparatus and a method which, independently of the network architecture, permits a reliable, secure answering of an information request by an information-requesting subscriber, without a participating information-requesting data processing apparatus gaining access to or control over data that is received information-giving participant processed.

This object is solved by the features of the independent claims. The solution thus consists, in particular, of providing the at least one first subscriber with at least one treatment device in a device of the type mentioned above, which converts the at least one information request into a coded format, and also to provide the first subscriber with at least one conversion device which coded records detected information requests contactlessly and converts them into a machine-readable format, and provides the at least one first party with a processing device which generates at least one response information based on the information retrieval by matching with a reserved information inventory and by returning the at least one response information in the direction of the second participant which answers at least one information query.

The invention thus consists, in particular, of converting an inquiry made electronically to the first subscriber into a format which allows an illustration (in principle of any kind), for example a graphic representation which does not provide for further direct electronic processing. This mapping of the encoded format is detected non-contact by a conversion device, converted back and then passed to a processing entity of the first participant between the images and the converter so no direct communication takes place, so the image of the encoded format essentially represents a disclosure of Information in just the selected encoded format, the mapping can therefore also be regarded as a "send" without specific addressee and in particular without a send / receive protocol, the image can then be detected without contact. Here, the term figure should not be interpreted too narrowly, even playing a sequence of notes can represent such a picture. In this way, the first participant is the processing of the information request allows, without the second, requesting participant gets access to data of the first. The request is decoupled at this point from the communication protocol between the participants

In this case, the interaction of two devices of the first user, namely the processor and converter of the first user, causes a response process performed by the first user to be physically disconnected from the network device with its associated users. In the case of a communication of participants of the network device via so-called sockets, this means that this "ends" on the part of the first subscriber in the query direction at the treatment facility and is only "continued" with the return response given, without the socket having access to data structures of the first Participant takes place.

With regard to the method according to the invention, this means, mutatis mutandis, that a plurality of data processing devices are connected as subscribers, so that there is a physical connection between at least two subscribers of the network device, an information query is made by at least one second information requesting subscriber, The information query is first received by a first, information-giving subscriber and converted into a coded format by means of a treatment device and displayed. The coded and mapped information query is detected by at least one converter of the first user and then converted into a machine-readable format, the converted information query is processed by the at least one first user by means of a processor by matching the converted information query with a reserved information resource, and the information query becomes Generating at least one response information and return the at least one response information to the at least one second information requesting participant answered.

In both the arrangement and the method, the transmission of response information in response to that portion of the first party handling the network communication may take place via some type of handling that allows only unidirectional communication while avoiding physical connection. However, in an embodiment of the data processing arrangement according to the invention, it is preferred if the first subscriber processes the answer information in the same way as the information request, which means that, for example, an encoded representation of the information takes place again, which after being recorded in a plain text again To convert response information is. In that regard, the previous conversion device now forms the treatment device and the previous treatment device now the conversion device. These can then also be equipped with the respective technical means provided for the corresponding function, some of which will be mentioned later in the text.

An advantageous embodiment of the data processing arrangement can consist of having the treatment device of the at least one first subscriber convert the at least one information query into a graphically displayable format, wherein the at least one conversion device records and displays graphically representable or displayed information queries and converts them into a machine-readable format. The graphically representable format in this case forms a practically manageable example of an encoding that can be further processed without contact after imaging by means of optical detection and without the need for further interaction between treatment device and conversion device.

An expedient embodiment of the data processing arrangement may in this context provide for providing the treatment device and the conversion device in each case with at least one display means and one recording means so that the conversion and transfer path works in both directions. It can be provided for both directions and in principle any number of such representation and recording means to treat a corresponding number of requests simultaneously. It would also be conceivable to subdivide a query into different subqueries to be processed in parallel and to have these subqueries transferred to different means or to have different types of information queries processed by different means. Finally, it is also conceivable and preferred that the processing of both information retrieval and response takes the same route, ie first of all processing a treatment facility and then processing a conversion facility.

In a preferred embodiment of the data processing arrangement according to the invention, this can be at least one display means with at least one display unit and / or one graphics card. As a result, a graphical representation of the information query is realized, which allows, for example, a character-based reproduction of this query. But there are other forms the coding of the query conceivable, for example, as a one- or multi-dimensional bar code.

A specific data processing arrangement can also be designed, for example, with a presentation means formed by at least one graphics card whose memory contents can be read out and transmitted to the conversion device or the treatment device. Again, the memory content for physical separation of the participants is to be coded in a suitable manner. Actually unusual coding, by way of example only, could also function as acoustic coding in which the transmission takes place by means of loudspeakers and microphones, whereby the "mapping" of the coded format could then consist of playing a sound sequence. A transfer to the respective conversion device would then not take place, as in the case of a modem, but only by the treatment device without a protocol in a separate sending process, which can then be detected without contact by the conversion device.

An additional aspect of security, which can better safeguard the device and the method, can be to have the information query in the code or encoded format to be encoded by the treatment device with at least one check characteristic, such as a check digit or a check sum, which further processing of the converted format is only finally initiated. For example, the relevant feature of the requested information query can be provided by a mask into which query information has been entered. In another variant, however, this feature can also be added, for example, only on receipt at the treatment facility.

In the negative case of the non-conformity of the inspection feature, the request is then rejected by the treatment facility, also here, for example, a corresponding response information can be generated.

Not only with at least one such test feature, but especially with such, the inventive data processing arrangement for a gatekeeper function in the context of general information request systems is suitable, which can fulfill a release function.

In an advantageous embodiment of the data processing arrangement according to the invention, for example, a separate communication channel is provided, which takes over the transmission of the coded memory contents of the at least one graphics card to the conversion device, which then reverses the coding in question by conversion into the machine-readable format.

Another preferred development of the data processing system may be to allow at least one of the recording means of the treatment device and the conversion device to optically record the information request or response converted into a graphically displayable format. Therefore, information detected on the receiving means can be detected in a suitable manner and subsequently further processed if the receiving means is formed by at least one scanning unit or an optical sensor. Such trained recording means can convey both a positional information of an information detail, as well as, after appropriate interpretation, for example by an OCR program, content information.

Also in the method according to the invention, as already mentioned, the reliable and at the same time safe return of the response information in the first participant is based on the fact that the method steps are handled in reverse order, ie in this case a coded, in particular graphic, implementation of the information query is performed. Here, too, the communication between the first and the second subscriber is physically separate from the processing of the information request, in that a non-contact detection of the encoded, mapped information request by at least one conversion device of the first subscriber takes place.

In an advantageous variant of the method, which simplifies the communication between the subscribers, because it permits a clear assignment of queries, the information request supplied to the first subscriber can be assigned an identification feature when supplied, which permits an assignment to a specific second subscriber. This possibly to be encoded with identification feature may consist, for example, in a unique address of the querying, second participant, such as an IP address that is exchanged when communicating over the Internet in the context of the protocol anyway between communicating participants.

A further advantageous variant of the method, which increases the security in the treatment of the query, can be based on the information request supplied to the first subscriber being structured in such a way or structured by the first subscriber such that each query part has an unambiguous position specification within the coding, in particular a graphic representation is assignable or is assigned. In a two-dimensional representation, this means an association of the Type of information about an x / y coordinate that can not be influenced from the outside.

This can be realized both by an input mask, which already structures the information requests transmitted to the first subscriber in this way; the mentioned structuring can be restructured independently of the input format only after receipt of the query by the first subscriber, so that the structure concerned does not necessarily have to be disclosed, both in terms of the local and content distribution to the outside, which further increases security. In this way, a location in the image of the information query, for example, a kind of formatted content to be assigned, the scope of which is very narrowly defined, so that a miscode, depending on a certain, narrow tolerance level, further processing of the information query in terms of higher security difficult or in derogation.

In a preferred variant of the method according to the invention, the information request supplied to the first subscriber can therefore be structured by means of an input mask, in particular an input mask provided by the first subscriber.

If the encoded format is a character-based format, an advantageous variant of the method according to the invention may consist of the information request represented by a presentation means in one direction and the response represented by a presentation means in the opposite direction after detection by the respective recording means by an OCR Program to process so that the relevant information from the imaged and captured format can then be easily extracted again.

In order to facilitate the handling of the response for the requesting subscriber, for example with regard to clarity, a variant of the method can provide that the response transmitted back to the second subscriber can be displayed or displayed in clear data within a response mask.

The above embodiments and developments can, if appropriate, combine with each other as desired. Further possible refinements, developments and implementations of the invention also include combinations of features of the invention which have not been explicitly mentioned above or described below with regard to the exemplary embodiments. In particular, the person skilled in the art will also add individual aspects as improvements or additions to the respective basic form of the present invention, the essential advantage of which is a non-contact interaction of a treatment device and a conversion device of the first participant exchanging an encoded information query and / or an encoded response information that the processing of the information inquiry and its implementation in a response, which are performed by the first participant, physically take place separately from the network device within which the participants communicate.

• 1 ein erstes Ausführungsbeispiel einer erfindungsgemäßen Datenverarbeitungsanordnung mit einem informationsanfordernden zweiten Teilnehmer und einem informationsangebenden ersten Teilnehmer, die in einer Netzwerkeinrichtung verbunden sind, wobei die Informationsabfrage von einer Behandlungseinrichtung codiert und abgebildet und von einer Umsetzungseinrichtung erfasst und behandelt wird und mit einer Verarbeitungseinrichtung, die die Informationsabfrage unter Abgleichmit einem Informationsbestand beantwortet; und die
• 2 ein zweites Ausführungsbeispiel mit einem Flussdiagramm eines erfindungsgemäßen Verfahrens, welches die bei einer konkreten Informationsabfrage ablaufenden Verfahrensschritte verdeutlicht.

The invention is explained below with reference to embodiments in the drawing. In partially highly schematic representation here show the

• 1 a first embodiment of a data processing arrangement according to the invention with an information requesting second subscriber and an information-providing first participant, which are connected in a network device, wherein the information request is encoded and mapped by a treatment device and detected and treated by a conversion device and with a processing device, the information query under Reconciliation with an information base answered; and the
• 2 a second embodiment with a flow chart of a method according to the invention, which illustrates the running at a specific information query process steps.

In all figures, the same or functionally identical elements and devices - unless otherwise stated - have been given the same reference numerals.

In the 1 First, one recognizes a data processing arrangement designated as a whole by 1 for exchanging information, in which a plurality of data processing devices as subscribers 10 . 20 . 30 via a network device 5 connected, wherein a second participant 20 an information query that represents a first participant 10 to answer receives what by double arrows 11 . 21 is illustrated that the communication in question via the network device 5 suggest. The pictured network device 5 is in the 1 with a first participant 10 connected, the information queries answered. The ring-like representation of the network device 5 in the 1 is arbitrary and is not intended to be limiting to a particular topology of a network.

The first participant 10 is here with a treatment facility 12 provided, which the converts at least one present in a machine-readable format information query into a coded format and maps in this coded format. This coding takes place at the treatment facility 12 of the first participant 10 the data processing arrangement 1 of the 1 in a character-based, graphical format, as shown by the detail of the 1 recognize which with a number of display devices designed as displays 13 is provided, in each of the two rows shown there every second installation. The means of presentation 13 Opposite is at the first participant 10 in each case designed as a scanner receiving means 15 provided (and vice versa), with which a conversion device 14 of the first participant 10 is provided and which on the display means 13 Here, the contents of the information query are optically recorded and converted back to machine-readable format. In this way, non-contact detection of the coded, mapped information query takes place.

The in the detail of the 1 unit shown from treatment facility 12 and conversion device 14 is not in terms of their positioning on a placement about in a case of the first participant 10 rather, the organizations concerned may 12 . 14 with their means of presentation 13 or receiving means 15 for example, also between structure of the network device 5 and the first participant 10 , the first participant 10 and the information stock 50 or be arranged as a completely separate unit. In this case, a separate common arrangement may be provided, each with necessary control means, but these functions can also take over, for example, a function provided for this purpose member of the first participant.

The first participant 10 also has a processing device 16 Subsequently, the information query in question is compared with a reserved information stock 50 processed and thereby generates a response information, this response information is on the same path in the direction of the second party 20 led back, so they first return to the treatment device 12 happens, which encodes the response information and converts it into a graphically displayable format and means of representation 13 maps. The picture in question will be taken up again 15 the conversion device 14 recorded and converted back into machine-readable format, so that then the first participant, the response information as a response to the second participant 20 can return, whereby the information query is answered. Accordingly, both the information request and the response information go through in the first party 10 the data processing arrangement 1 a stage in which the coding and mapping of the respective information with a presentation means 13 the treatment device 12 takes place, after which a detection and reconversion by means of a receiving means 15 the treatment device 14 is carried out. treatment device 12 with means of representation 13 and treatment device 14 with receiving means 15 are therefore effective in the interrogation process in both directions, what the alternating, opposite arrangement of means of representation 13 and receiving means 15 in both rows of the detail representation in the 1 explained.

Now the 2 Turning to recognize there a flow chart of the inventive method for operating a data processing device 1 not shown here in more detail and by the only requesting second participant 20 and the information stock 50 , on the basis of which the information query is answered, can be seen. The double arrow 121 of the second participant 20 with the symbolic representation of the provision 105 the network device 5 This again gives the communication with the relevant network device 5 in the context of the information inquiry again. Considering a concrete example, one could think of this as an information request from a customer to a booking computer or a travel portal for information about or the booking of a flight at any given time to a particular destination. So suppose the customer in question wants a second participant 20 , which can be any computer, book a flight with an airline, with the exemplary assumptions in a mask "flight 10.10. to Hamburg on 12.10. - with return flight -1 person - Economy class ", the relevant inputs should form the information request.

In a next process step, the receiving 107 the information request by a first, information-giving participant 10 pictured, who is also in communication with the network device 5 stands and an information stock 50 holds, so that when adjusting the information request a response information by the first participant 10 can generate that to the second participant 20 is returned. The above-mentioned concrete input of the flight request as an information request is therefore by the first participant 10 receive (step 107 of the method), this first participant "remembers (stores)" in addition to this to be regarded as travel information query also the IP address and an automatically assigned request number of the requesting participant 20 ,

In the next process step, a treatment takes place 109 the information request from the at least one first participant 10 by a treatment device, not shown 12 with the help of a means of representation 13 instead of which the at least one information query is converted into a coded format and mapped in this format. Consequently, the concrete input with the flight request on a display as a means of presentation 13 in a field assigned for each information item, so that partial information of the information request can be assigned a unique position on the two-dimensional display in the form of a coordinate or a field counter.

After that, the conversion is 111 the coded and mapped information query by a conversion device, not shown 14 by means of a receiving means 15 of the first participant 10 performed, wherein the coded information query detected without contact and then converted into a machine-readable format. Treating between the step 109 and the step to implement 111 recognizable dashed line 115 is intended to contactless capture and the physical separation of processing achieved thereby 125 from the rest of the communication of the participants 10 . 20 symbolically clarify. For this process is in the specific request for information with the flight request by a scanner as recording means 15 the means of representation 13 scanned along with its content, where in addition to the information to be converted and the information forwarded, where on the means of representation 13 the respective information was located. The conversion device 14 it first participant 10 translates the coded graphic image information back to plain text / plain data using an OCR program.

The processing 125 the converted information query by the at least one first participant 10 by means of a processing device, not shown 16 includes a comparison of the converted information requests with the held information stock 50 , For this purpose, in the case of the concrete information query, the aforementioned clear data is forwarded, for example, to an interrogation program with a connected database, which records the specific information request with the information stock 50 can match. For this purpose, the connected database can know, for example, on which coordinates of the screen which information is located. B. Place of departure is at y 15-30 - x 12-18, this information is assigned to the corresponding query fields. The same procedure is used for all other information.

The processing device 16 also leads the answering 127 the information query, wherein a response information is generated in the direction of the second, information requesting participant 20 is returned. In the specific case, therefore, the processing device 16 from the response generated by the query program and the database, which generate suitable response information and a return in the direction of the information-requesting second party 20 respectively.

The sequence of the method in the direction of the processing device not shown 16 is through the full arrows of the 2 recognizable, after generating the response information, it can be given back on a suitable path in the direction of the second subscriber, a separate communication path used for this purpose 131 is indicated by the dot-dashed arrow.

The return of the response information according to the processing device, not shown 16 of the first participant 10 but can also run in the same order as in the information query, which is indicated by the dotted arrows. This means that the answer information is again first dealt with 109 is subjected to coding and mapping, and the response information depicted is then translated 111 passes through capture and conversion before passing through the first participant 10 by sending 113 to the second participant 20 is sent as a reply.

Adapted to the mentioned specific case of the flight request, this may mean, for example, that the response information is first returned to a display as a means of presentation 13 is sent and this again from a scanner as a recording medium 15 is scanned. Again, there is a forwarding of positions of the individual response information shares and again an OCR program converts the coded, displayed information back into plain text. Back at the treatment device 12 of the first subscriber, the answer information may be the second subscriber requesting the information 20 be made available again, for example in the form of a now completed mask, which sets the answers to the relevant request number (see above) in the previously defined areas.

Also, by means of the method shown so can secure communication between querying and answering participants 10 . 20 be ensured by a non-contact detection of the coded, mapped information query or response takes place, and the processing 125 the information request by the first participant 10 physically from the communication of the participants 10 . 20 via the network setup 5 is disconnected.

Although the present invention has been described above with reference to preferred embodiments, it is not limited thereto, but modifiable in a variety of ways. In particular, the invention can be varied or modified in many ways without deviating from the gist of the invention.

LIST OF REFERENCE NUMBERS

1

Data processing device

5

Network Setup

10

first participant

11

double arrow

12

treatment device

13

Notational

14

conversion device

15

receiving means

16

processing device

20

second participant

21

double arrow

30

Attendees

50

information inventory

105

Providing network setup

107

Receive information request by first participant

109

Handling the information request / answer information

111

Implementation of the information query / response information

113

Sending the answer information in the direction of the second party

115

Dash line as a symbol of physical separation

121

double arrow

125

Processing the information request

127

Answer the information request / generate answer information

131

separate communication path

Claims (15)

Data processing arrangement (1) for exchanging information, comprising a network device (5) which connects a plurality of data processing devices as subscribers (10, 20, 30) to at least one first information providing subscriber (10), which requests at least one information request of at least one second information requesting device Subscriber (20), wherein the at least one first participant (10) has at least one treatment device (12) which converts the at least one information query into an encoded format and images it in this format, wherein the first participant (10) comprises at least one conversion device (10). 14), which records coded, displayed information requests without contact and converts them into a machine-readable format, and wherein the at least one first subscriber (10) has a processing device (16) which, on the basis of the information request, is compared with a stored information stock (50) at least generates an answer information and, by returning the at least one response information in the direction of the second subscriber (20), answers the at least one information request. Data processing arrangement according to Claim 1 wherein the processing means (12) of the at least one first party (10) converts the at least one information query into a graphically representable format, and wherein the at least one translation device (14) captures and displays graphically representable or presented informational queries and converts them into a machine readable format. Data processing arrangement according to Claim 1 or 2 wherein the first party (10) processes the answer information in the same way as the information request. Data processing arrangement according to one of the preceding claims, wherein the treatment device (12) and the conversion device (14) are each provided with at least one display means (13) and one receiving means (14). Data processing arrangement according to Claim 4 wherein the at least one display means (13) is provided with at least one screen unit and / or a graphics card. Data processing arrangement according to Claim 5 , wherein the at least one display means is formed by at least one graphics card whose memory contents can be read out and communicated to the conversion device (14) or the processing device (16). Data processing arrangement according to one of the preceding claims, wherein a separate communication channel is provided, which carries out the transmission of the coded memory contents of the at least one graphics card to the conversion device (14). Data processing arrangement according to one of Claims 4 to 7 wherein the receiving means (15) is formed by at least one scanning unit or an (optical) sensor. Method (100) for operating a data processing arrangement for exchanging information, in particular with a data processing arrangement (1) according to one of the preceding claims, having a network device (5) by means of which a plurality of data processing devices are connected as subscribers (10, 20, 30) the following process steps: - providing (105) a physical network connection between at least two subscribers (10, 20) of the network device (5); - providing an information query (121) by at least one second information requesting subscriber (20); Receiving (107) the information request by a first information providing subscriber (10); - treating (109) the information request by the at least one first subscriber (10) by means of a handling device (12), whereby the at least one information request is converted into a coded format and mapped in this format; - converting (111) the coded and mapped information query by at least one conversion device (14) of the first subscriber (10), wherein the coded information query is detected without contact and subsequently converted into a machine-readable format; - processing (125) the converted information request by the at least one first subscriber (10) by means of a processing device (16) by matching the converted information requests with a retained information stock (50); - responding (127) to the information query generating at least one response information and returning the at least one response information to the at least one second information requesting party (20). Method according to Claim 9 wherein the return of the response information at the first participant (10) is performed at least partially in the same order and / or by means of a coded, in particular graphical, implementation. Method according to Claim 9 or 10 in which the information request supplied to the first user (10) is assigned, when supplied, with an identification feature which permits an assignment to a specific second user (20) and / or is associated with a test feature by means of whose verification the further processing by the converter is enabled. Method according to one of Claims 9 to 11 in which the information request supplied to the first subscriber is structured in such a way or is structured by the first subscriber (10) in such a way that each interrogation part can be assigned or assigned an unambiguous position indication within the coding, in particular a graphical representation. Method according to Claim 12 , wherein the information request query parts supplied to the first subscriber (10) are structured by an input mask, in particular an input mask provided by the first subscriber (10). Method according to one of Claims 9 to 13 in which the information request represented in one direction by a display means (13) and the response in the opposite direction from a presentation means (13) are processed by the respective recording means (15) by means of an OCR program. Method according to one of Claims 9 to 14 in which the reply transmitted back to the second subscriber (20) can be displayed or displayed in clear data within a response mask.

Images