Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
  • G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
  • G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
  • G06Q20/322—Aspects of commerce using mobile devices [M-devices]
  • G06Q20/3229—Use of the SIM of a M-device as secure element
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q20/00—Payment architectures, schemes or protocols
  • G06Q20/38—Payment protocols; Details thereof
  • G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
  • G06Q20/3821—Electronic credentials
  • G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/80—Wireless

Definitions

• a method for arranging the certificate of an end user for a service to be used on a terminal de- vice, which terminal device has been equipped with a subscriber identity module, in a certification system comprising a trusted database on which an initialisation file has been stored that contains information stored on the subscriber identity module when manufac- tured; a trust manager that controls the transmission of messages relating to the certificates in a certification system; a trust mapper that controls the information content of the certificates to be created; a certification authority who is responsible for the certificates; and a trusted database on which the assigned certificates are stored that verify the digital signature of the end user and ensure safe use of the service .
• GSM Global System for Mobile communications
• the additional services connected with the mobile networks have correspond- ingly increased at an accelerating tempo.
• the application fields are most versatile.
• the mobile telephone may be used as a means of payment for, e.g. petty purchases, such as soft drinks and car wash automates. Everyday activities, such as payment transactions, bank services, etc., have been added, and will be added also in the future, to the functionality of the present mobile phones.
• the mobile stations of the next generation will be more advanced in respect of the service level and data transfer capacity as compared with the previous ones.
• a digital GSM mobile station for commercial transactions, such as electronic payments of a bill or a fee.
• the patent publication US 5,221,838 discloses a device that may be used for paying.
• the publication describes an electronic payment system in which as the payment terminal, a terminal device capable of wireless and/or wired data transfer is used.
• the terminal device as described in the publication comprises a card reader, a keyboard, and a bar code reader for feeding the information, and a display for displaying the payment related information.
• the patent publication WO 94/11849 discloses a method for using telecommunication services and for effecting payment traffic by means of a mobile telephone system.
• the publication describes a method which comprises a terminal device that is in connection via the telephone network with the mainframe of the service provider that comprises the payment system of the service provider.
• a subscriber identity module may be inserted that comprises the subscriber details for identifying the subscriber and for encrypting the telephone traffic.
• the details may be downloaded into the terminal device to be used in the mobile phones.
• a GSM system is mentioned in which a subscriber identity module or a SIM card is used (Subscriber Identity Module, SIM) as the subscriber identification device.
• SIM Subscriber Identity Module
• the mobile station is in connection with the base station of the mobile communication network.
• the connection in accordance with the publication is established from the base station to the payment system, and the sum liable to a charge as well as the data required for the subscriber identification is transmitted to the payment system.
• the client inserts a service card of a bank that contains a SIM unit in the terminal device of a GSM network.
• the terminal device may be a standard GSM mobile station.
• the digital signature is derived by encrypting the hash total computed at the information to be sent with a sender's private key. As nobody, except the sender, knows the private key, the recipient may, when decoding the encryption with the sender's public key, make sure that the information is unmodified and generated by using the private key only known to the sender.
• An example of an algorithm used in digital signing is the RSA ciphering algorithm, which is an encryption system of both the public key and the pri- vate key and which is also used for encrypting messages .
• an electronic identity is needed as well as means for identifying and authenticating the identity.
• This kind of electronic identity may also be a so-called network identity (Net-ID, Network Identity) .
• An electronic identity is based on personal data stored on a subscriber identity module or equivalent and a pair of keys, a private key and a public key that have been stored on a certification database for a trusted third party. This kind of technique makes it possible to provide the authorities or other service providers with, for instance, the identification of parties, electronic signature, encryption and non- repudiation of transaction safely enough.
• the identity is used to mean an individualising piece of information relating to a person that helps to identify the person.
• the identity may be used to mean an indi- vidualising piece of information standing for an application or service that helps to identify the application or service.
• the user keeps the private key only to himself/herself , but the public key is available to all entities. It is not enough that the public key is stored as such, e.g. on an electronic mail directory because somebody might forge it and appear as the authentic holder of the key. Instead, a certification service and certificates are needed which serve as a proof given by the trusted party (certification authority) of the fact that the name, identification number and public key belong to the same person.
• the certificate is usually a combination consisting of a public key, name and identifica- tion number etc. which the certification authority signs with his/her private key.
• the recipient of a digitally signed message wishes to make sure of the authenticity of the message, at first he or she has to obtain the digital certificate which gives him or her the public key and the name. After that he or she has to authenticate the certificate. To be able to perform this, he or she may have to obtain some more additional certificates (a certification chain) , which have been used to authen- ticate the certificate in question.
• a certification chain a certification chain
• the recipient authenticates the message by using the public key received along with the certificate. If the signature passes the test, the sender is the person identified by the certificate. In certification, a special revocation list is used in which certificates are en- tered that have been taken out of use . Directory services are needed for both the certificates and the revocation list.
• the objective of the present invention is to eliminate the drawbacks presented above or at least significantly to alleviate them.
• One specific objective of the invention is to disclose a method that makes it possible to safely and dependably introduce the certificates required in the services.
• Yet another objective of the invention is to disclose a method that enables one to ease the measures required of the client when introducing a new service and a certificate associated with it.
• the method in accordance with the invention makes it possible to attach a certificate to a private key using the encryption method of the private and public key stored on a subscriber identity module.
• the end user makes a service initialisation request which is transmitted to a trust manager operating in the network.
• the manager verifies the identity of the user and authenticates the subscriber identity module used by the user, and based on it, sends a certification request further on to a certification authority.
• a certificate is issued, it is transmitted to the database of a local service provider, or a public certification database in both of which it is further available, if the end user wishes to use it in a service.
• the invention relates to a method for arranging the certificate of an end user to be used in a service on a terminal device .
• the terminal device has been preferably equipped with a subscriber identity module.
• the environment in which the certificate is arranged for the user is a so-called certification system which comprises at least a trusted database on which an initialisation file has been stored that com- prises the data stored on the subscriber identity module when manufactured.
• the certification system comprises a trust manager that controls the transmission of messages associated with the certificates; a trust mapper that controls the information content of the certificates to be created; a certification authority who is responsible for the certificates; and a certification database on which the issued certifi- cates have been stored that authenticate the signature of the end user and ensure safe use of the service.
• the certification database may be a public database available to all entities, or it may be a local data- base to which only the service provider has access.
• the method comprises the following steps. At first a service initialisation request is made that comprises the details of the service provider and the time stamps associated with the aforementioned subscriber identity module.
• the aforementioned service initialisation request is transmitted to the trust manager who checks the authenticity of the time stamps; it is checked that the subscriber identity module is authorised to use the services of the aforementioned service provider, and if the checking proves to be correct, a certificate is being applied for the end user by means of a certification request.
• the certification request is sent, e.g. to a certification authority who checks the identity of the aforementioned end user, and if the checking proves to be correct, the end user is assigned a certificate.
• the assigned certificate is attached to the pair of keys relating to the subscriber identity module of the aforementioned end user and is stored on the aforementioned certification database.
• the certificate mentioned in this application is some kind of an instrument which enables the use of safe and dependable services .
• the certificate might be compared, e.g. with a bank card or a credit card which are used in payment services.
• the certificate is, however, not restricted to these examples.
• the data relating to the aforementioned subscriber identity module is downloaded from an initialisation file stored on a trusted database.
• the initialisation file may contain at least the following information: the public key of the issuing party, the public key of the end user for use in encrypting and decoding, the public key of the end user for use in digital signing, a predetermined fingerprint identifier along with a shared secret, a piece of shared encryption information for each card, a code corresponding to the personal identification number, a network identity and the number of the card.
• the aforementioned service initialisation request is undersigned and encrypted with the private key of the end user stored on the subscriber identity module.
• the encryption is decoded in the aforementioned trust manager and the authenticity of the signature is verified. If these are successful, the aforementioned steps are taken in order to apply for the certificate for the end user.
• the assigned certificate is attached to the client data of the aforementioned service provider in the trust mapper. Further, the aforementioned trust mapper challenges the valid certificate of the end user from the certifica- tion database.
• the certification request is sent from the trust manager to be signed and encrypted by the terminal device. After this, the undersigned and encrypted certification request is transmitted via the trust manager to the certification authority who decodes the encryption and authenticates the signature. This makes it possible to implement the identification of the end user to reach the certification authority as well .
• the time stamp mentioned in one embodiment is generated for each card separately, and the details of the time stamp are stored on a trusted database. In addition, the aforementioned time stamp may be generated for a lot of cards separately and stored on the database.
• the present invention provides the advantage that it makes it possi- ble to dependably and without any difficulty assign a certificate to the end user and to the subscriber identity module at the disposal of the end user. All the end user has to do is to fill in a form for a service initialisation request and to send it to a predetermined address.
• the certifica- tion authority may count on the identity of the end user and the subscriber identity module used by him or her and issue the certificate and further to handily include the assigned certificate in the services provided by the service provider and to store it on a necessary certification database.
• Fig. 1 schematically represents one certification system of the present invention
• Fig. 2 represents one form using which the service initialisation request may be made; and Fig. 3 represents a schematic certification system which has a message communication as defined in the invention.
• Fig. 1 schematically represents one advanta- geous certification system in accordance with the invention.
• the certification system comprises a trusted database TDB that contains the initialisation file IF stored on it, which initialisation file IF comprises the data stored on the subscriber identity module SIM when manufactured.
• the trusted database TDB communicates with the card factory CF that manufactured the subscriber identity module, i.e. the card, and further on with the trust manager TM who controls the transmission of messages relating to the certificates in the certification system.
• the trust manager TM is equipped with the necessary software and equipment so that it is able to use the encryption and signature method of the private and public keys.
• the certification system comprises a trust mapper TMA which controls the information content of the certificates to be created.
• the trust manager TM and the trust mapper TMA may be included in the one and the same physical device, but logically, their functions are separated from each other.
• the trust mapper is used to manage the attaching of passwords or other codes that may have been already assigned to the user by the service provider to the certificate to be assigned to the end user EU.
• Fig. 1 includes also a certification authority described in it who is responsible for the certificates, assigns them and if necessary, takes out the certificates from the end user.
• the certification authority communicates with the certification database LDB on which there are the issued certificates stored that authenticate the digital signature of the end user and ensure safe use of the service .
• the database is further in connection with the system of the service provider, in which case the service provider may verify the certificate from the certification database while the end user EU is using a service.
• the terminal device appears a mobile station MS which includes the subscriber identity module SIM inserted in it. It must be noticed that also other terminal devices may be used as the terminal device.
• the certification environment also comprises a registering office which the end user EU may contact when ordering a certificate.
• This function is implemented when the service provider wants the end user to be identified personally by a clerk. This may be the question, e.g. when introducing certain bank services.
• the service initialisation request SIR comprises as an obligatory part at least the identifying details, name or equivalent of the service provider for whose serv- ice the certificate is applied for.
• a user ID that is already valid for a service provider SP and an associated password may be attached to the service initialisation request SIR.
• an address (chal- lenge-URL) may be attached from which the certificate may be challenged.
• a shared secret is attached that is used in challenging. In practise, in challenging it is checked that the shared secret given in two different places is the same, i.e.
• Fig. 3 schematically represents one advantageous operating pattern, when the end user EU introduces a new service using the distribution system of certificates of the present invention.
• the end user EU creates the service initialisation request SIR on his or her terminal device that is sent to the trust manager TM.
• the trust manager TM checks the authenticity of the details coming along with the service initialisation request, i.e. in practise the time stamps of the subscriber identity module, from the trusted database TDB.
• the trust mapper TMA tries to fit the id with the already exist- ing ids of the service provider. If this proves successful, the service mapper TMA signs a certification request that is sent to the certification authority CA.
• the certification authority CA Upon receiving the certification request, the certification authority CA checks whether the end user may be assigned a certificate for the service of the service provider in question. If the certificate may be assigned, then the certification authority informs thereof the trust manager who transmits the certifi- cate to the terminal device MS, or at least a notification informing that the private key of the terminal device and the subscriber identity module SIM have been included in the issued certificate. Further, the issued certificate and the notification thereof are stored on the certification database LDB from which the service provider SP may check whether the end user has got a valid certificate when using the services of the service provider.
• the end user EU When the end user EU has received the cer- tificate for a service, he may apply for other certificates using the already existing certificate. In that case, the trust mapper TMA challenges the exist- ing certificate of the end user, and if it is informed of a valid certificate, the operation is carried on as described in the above-mentioned example. Instead of the existing certificate, the end user EU may also use a certificate verifying the electronic identity of a person (HST) instead of the existing user id and password of the service provider SP.
• HAT electronic identity of a person

Landscapes

• Engineering & Computer Science (AREA)
• Business, Economics & Management (AREA)
• Computer Security & Cryptography (AREA)
• Accounting & Taxation (AREA)
• General Business, Economics & Management (AREA)
• Physics & Mathematics (AREA)
• Strategic Management (AREA)
• General Physics & Mathematics (AREA)
• Theoretical Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Finance (AREA)
• Management, Administration, Business Operations System, And Electronic Commerce (AREA)
• Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Applications Claiming Priority (3)

Publications (1)

Family

ID=8555437

Family Applications (1)

Country Status (5)

Families Citing this family (13)

Citations (1)

Family Cites Families (8)

• 1999
  • 1999-10-12 FI FI992197A patent/FI19992197A/fi unknown
• 2000
  • 2000-10-11 CN CNB008142343A patent/CN1139902C/zh not_active Expired - Fee Related
  • 2000-10-11 WO PCT/FI2000/000874 patent/WO2001027886A1/en not_active Application Discontinuation
  • 2000-10-11 AU AU77929/00A patent/AU7792900A/en not_active Abandoned
  • 2000-10-11 EP EP00967940A patent/EP1242981A1/en not_active Withdrawn

Patent Citations (1)

Also Published As

Similar Documents

Legal Events