EP1316189A2 - Systeme et procede pour l'acces sans fil responsable a des prestations de service informatiques - Google Patents

Systeme et procede pour l'acces sans fil responsable a des prestations de service informatiques

Info

Publication number
EP1316189A2
EP1316189A2 EP01969662A EP01969662A EP1316189A2 EP 1316189 A2 EP1316189 A2 EP 1316189A2 EP 01969662 A EP01969662 A EP 01969662A EP 01969662 A EP01969662 A EP 01969662A EP 1316189 A2 EP1316189 A2 EP 1316189A2
Authority
EP
European Patent Office
Prior art keywords
service
handheld device
computer
software
mobile handheld
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP01969662A
Other languages
German (de)
English (en)
Inventor
Max Mühlhäuser
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SAP SE
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to EP04009553A priority Critical patent/EP1439682A3/fr
Publication of EP1316189A2 publication Critical patent/EP1316189A2/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/08Payment architectures
    • G06Q20/12Payment architectures specially adapted for electronic shopping systems
    • G06Q20/123Shopping for digital content
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/322Aspects of commerce using mobile devices [M-devices]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F17/00Coin-freed apparatus for hiring articles; Coin-freed facilities or services
    • G07F17/16Coin-freed apparatus for hiring articles; Coin-freed facilities or services for devices exhibiting advertisements, announcements, pictures or the like
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/04Protocols specially adapted for terminals or networks with limited capabilities; specially adapted for terminal portability
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/51Discovery or management thereof, e.g. service location protocol [SLP] or web services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/02Constructional features of telephone sets
    • H04M1/0202Portable telephone sets, e.g. cordless phones, mobile phones or bar type handsets
    • H04M1/0254Portable telephone sets, e.g. cordless phones, mobile phones or bar type handsets comprising one or a plurality of mechanically detachable modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/72Mobile telephones; Cordless telephones, i.e. devices for establishing wireless links to base stations without route selection
    • H04M1/724User interfaces specially adapted for cordless or mobile telephones
    • H04M1/72403User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality
    • H04M1/72409User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories
    • H04M1/72412User interfaces specially adapted for cordless or mobile telephones with means for local support of applications that increase the functionality by interfacing with external accessories using two-way short-range wireless interfaces
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers
    • H04M3/487Arrangements for providing information services, e.g. recorded voice services or time announcements
    • H04M3/493Interactive information services, e.g. directory enquiries ; Arrangements therefor, e.g. interactive voice response [IVR] systems or voice portals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers
    • H04M3/487Arrangements for providing information services, e.g. recorded voice services or time announcements
    • H04M3/493Interactive information services, e.g. directory enquiries ; Arrangements therefor, e.g. interactive voice response [IVR] systems or voice portals
    • H04M3/4938Interactive information services, e.g. directory enquiries ; Arrangements therefor, e.g. interactive voice response [IVR] systems or voice portals comprising a voice browser which renders and interprets, e.g. VoiceXML
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/065Continuous authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M1/00Substation equipment, e.g. for use by subscribers
    • H04M1/26Devices for calling a subscriber
    • H04M1/27Devices whereby a plurality of signals may be stored simultaneously
    • H04M1/271Devices whereby a plurality of signals may be stored simultaneously controlled by voice recognition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2207/00Type of exchange or network, i.e. telephonic medium, in which the telephonic communication takes place
    • H04M2207/18Type of exchange or network, i.e. telephonic medium, in which the telephonic communication takes place wireless networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2250/00Details of telephonic subscriber devices
    • H04M2250/02Details of telephonic subscriber devices including a Bluetooth interface
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2250/00Details of telephonic subscriber devices
    • H04M2250/12Details of telephonic subscriber devices including a sensor for measuring a physical value, e.g. temperature or motion
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2250/00Details of telephonic subscriber devices
    • H04M2250/14Details of telephonic subscriber devices including a card reading device
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/68Gesture-dependent or behaviour-dependent
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Definitions

  • the invention relates to a method for wireless, attributable access to computer-based services by means of a mobile handheld device by a service user.
  • the invention is generally directed to applications of computers and computer networks and more specifically to techniques to enable users to have wireless, predictable access to functions offered or initiated by means of computers, so-called services.
  • the invention is also closely related to mobile electronic commerce.
  • mobile commerce and “mobile electronic commerce” are commonly used to refer to any type of electronic commerce that is not from a user's desk, i.e. is triggered or carried out from home or his workplace.
  • mobile electronic trading it is assumed that the buyer is on the move, and the seller's software can run on almost any computer or computer network.
  • a service in the sense of the invention is generally something what is offered by means of computer software and / or firmware and which establishes a relationship between the user and the service provider which in the legal sense represents a contract, ie consists of an offer and acceptance.
  • the software and / or firmware mentioned is referred to as service software in the context of the invention.
  • “User” here means the user of the service software, hereinafter referred to as the service user, with the service provider the person or party who provides the service, which is represented in the service software or is initiated by the service software.
  • a service user is understood more precisely to mean a person who is on the move and is potentially in question to accept the service offered. This person is temporarily near a computer on which the service software is running or is being offered.
  • the service user carries with them a mobile handheld device such as a cell phone or a pocket computer that is permanently in his possession or temporarily uniquely personalized, which therefore clearly reflects the identity of the service user.
  • the service may include the delivery of physical or electronic goods or services, but may also represent any other relationship between service user and service provider for which accountability is desired, for example passing through a security gate.
  • service software in the context of the invention is understood to mean any software whose operation by changing users is desirable or necessary, for example on the basis of legally binding effects such as in mobile electronic commerce and electronic auctions, in dealing with authorities and information and service providers, in dealing with information or places of business worth protecting or in dealing with personal data such as in personnel time recording.
  • the attributability can include different details, for example the details of an ordered service in electronic trading, for example location and time when passing through a security gate, usually also the identity of the service user and the provider of the service as well as possibly other parties involved, but possibly only the occurrence of one Relationship between service user and service provider in general. Interest in accountability can exist on the part of the service provider and on the part of the service user, but possibly also from one of the two sides.
  • the Internet and electronic commerce are spreading and many services, such as services and products, are offered via computers.
  • Internet browser software often runs on these computers, which in turn accesses servers on which details of the service offered are stored.
  • a potential service user is assumed to leaf through the offer and possibly enter data that specify the details of orders. This is usually done by filling out an electronic form. Filling out the form often consists of selecting options from the offer and entering personal data such as identity, address and bank details.
  • a particular embodiment of the invention aims to use Internet browser software on the service computer. A realizable with the help of Internet browser software
  • the flow chart can also be found for services other than the direct purchase of a service or a product. Examples of this are the offering of non-commercial services, for example by an authority, or services that are attributable to advertising or the preparation of a sale, for example when ordering a free catalog. Another example is the conclusion of a non-commercial legal contract between the party represented by the service computer and the service user, for example a non-disclosure agreement as an example of business and operational processes that are supposed to be attributable. For other processes of this type, the use of Internet browser software does not lend itself to the realization of methods and systems according to the invention, for example for passing through security gates as described or for personnel time recording. Which methods and systems according to the invention are implemented with the special embodiment which is tailored to Internet browser software and which are not, must be decided in individual cases, for example on the basis of prevailing corporate practice.
  • Another application example relates to electronic auctions, whereby the roles of seller and buyer can be distributed differently in the commercial sense.
  • the offer of the party providing the software may be limited to providing the virtual auction house, ie the means, so that things can be offered for auction and bids can be made;
  • the role of the service user can be to agree to the terms of the auction and to submit bids, and possibly also to offer something for auction.
  • computers offering services are so-called “embedded systems”, that is to say integrated into a surrounding machine; examples include copiers and vending machines which service users use.
  • Attributability refers to the possibility that details of the use of a service software according to the invention can be proven for the service user and / or for the provider of the service.
  • the method according to the invention uses the methods of digital signature and the use of digital certificates known from the prior art.
  • the protective goal of attributability is generally known from computer-aided communication with a contract-forming character or with legally binding components, for example in electronic trading, where it must be ensured that negotiated contract contents, ie sent data and triggered functions, can be attributed to the contracting parties and the identities of the contracting parties and, if applicable, others involved in the process are beyond doubt.
  • Digital signatures are encrypted checksums of the data to be signed in such a way that 1. recipients and third parties can clearly reproduce the checksum from the data, 2. neither the original data nor other meaningful data can be constructed from the checksum with a worthwhile effort, 3. The checksum can only be encrypted by the original sender with his secret key with a worthwhile effort and 4. decryption of the checksum by the recipient and
  • the service software then establishes a secure connection to the Paybox service and transmits the amount to be paid, the account details of the service provider and the mobile phone number of the service user requested by the service user, the Paybox service then calls the service user, transfers data about the amount to be paid and the service provider and requests the service user to transfer the money from his account the account of the An provider by entering their PIN.
  • This known method has several disadvantages. It is only suitable for processing payments from a buyer to a provider, the buyer's mobile phone number must be disclosed to the seller, a third party, the Paybox service, must be involved in the transaction and the transaction requires time-consuming and costly setup a cellular connection between the buyer and the Paybox service. In particular, the buyer cannot browse through the offer himself using his mobile phone.
  • a mobile radio terminal is known from document WO 97/05729, which has an additional chip card reader with which prepaid chip cards can be used to pay the fees for the use of the mobile radio service.
  • This device is for fee collection only suitable by the mobile network operator and has no general functionality for performing mobile electronic trading.
  • the document DE 19747603 AI discloses a method for digitally signing a message by means of a mobile handheld device, preferably a mobile phone.
  • the mobile hand-held device takes on the function of a marking device that does not, e.g. common in ATMs, via a local wire connection, but wirelessly via a telephone network, e.g. a mobile phone network is connected, for example to sign an Internet banking transaction.
  • a marking device that does not, e.g. common in ATMs, via a local wire connection, but wirelessly via a telephone network, e.g. a mobile phone network is connected, for example to sign an Internet banking transaction.
  • the known method is only suitable for signing and does not enable interactive access to a service by means of the mobile hand-held device via a contactless, wireless connection to a service computer which offers a service in the vicinity of a service user.
  • a method for encrypted data transfer between a transmitter and a receiver, in particular a pager, is known from document US Pat. No. 6,038,549, with which messages can be authenticated and confirmed. This method also does not enable interactive access to a service by means of a mobile hand-held device via a contactless, wireless connection to a service computer which offers a service in close proximity to a service user.
  • the invention is based on the object of providing a system and a method for attributable access to computer-based service to create solutions that meet the requirements described, for example, in connection with mobile electronic commerce.
  • the identity of the parties involved and data relating to the service should be communicable in an calculable manner and should be able to be recorded by the parties involved.
  • the security requirements with regard to integrity and security should also be taken into account, at least in preferred configurations and developments.
  • service software runs on a service computer for providing a service by a service provider for potential service users who are temporarily in the area of a service computer.
  • a service user staying in the area of a service computer can access the service software by means of a service entry.
  • the service user uses a personal, mobile hand-held device which includes standard input / output and advantageously facial expressions for the interactive input of service data for the service software and programs for service access.
  • the mobile handheld device for accessing a service connects to a service computer via a wireless connection.
  • the process of using the service itself and any descriptive data about it are exchanged in an attributable manner between the service computer and the mobile handheld device using digital signatures.
  • the mobile handheld device and the service computer exchange digital certificates via the service user and via the service software that realizes the service, and thus via the service, furthermore via the mobile handheld device and the service computer.
  • Such a method is suitable for applications in mobile electronic commerce and, moreover, for all applications in mobile computing for which accountability is desired.
  • this relates to applications in which the service is provided by a company, an authority, a provider of sales or advertising documents, an auction organizer or a device, for example a copier, a vending machine or a personal time attendance device.
  • mobile handsets that are widespread, palm-top handheld computers or comparable devices come into question as mobile handheld devices.
  • the invention has further advantages.
  • the service user can use a mobile handheld device that is trusted, e.g. use his own mobile phone and need secret data and
  • the present invention has, among other things, two special features. On the one hand, it is aimed at applications that are more restricted in such a way that it is assumed that the buyer or service user carries a personal, electronic device, namely the mobile handheld device. He can have the handheld device permanently or it can be assigned to him temporarily, for example at the entrance to a shop or a shopping area, in order to make purchases or access other services.
  • the field of application is expanded, since the invention any kind of computer-aided communication between a service user, i.e. his personal mobile handheld device, and a service computer that the service user can access temporarily.
  • the latter is the case, for example, when passing through security gates, in connection with working time recording, when entering into a non-disclosure agreement or a negotiated contract.
  • FIG. 2 a protocol to FIG. 1,
  • Fig. 3 a mobile telephone equipped according to the invention
  • FIG. 4 shows the chronological sequence of a so-called handshake
  • FIG. 5 shows an expanded representation of a system according to the invention.
  • FIG. 1 illustrates a method according to the invention and a corresponding system for wireless, contact-free, calculable and tamper-proof access to computer-based services 1 by means of a mobile handheld device 11 by a service user 2 who is temporarily in the visual or audible range of a local service computer 26 ,
  • a local service computer 26 is understood to mean the computer on which some or all of the service software 3 is running and which is in the vicinity during use by the service user 2, possibly together with other components of an intranet or the Internet, which may be involved in the provision of the service 1 and the transmission of the service 1.
  • the local service computer 26 can be an “embedded system” in a device, for example, a vending machine or a copier can be integrated.
  • the local service computer 26 is the mandatory service computer which, except in the embodiment according to claim 9, is connected directly to the mobile handheld device 11 of the service user 2 in a wireless connection.
  • the service software 3 comprises the computer software and / or firmware that is involved in the service 1, including all data and media that are accessed in connection with the service 1.
  • This software can be distributed over the local service computer 26 and one or more further connected service computers 4, i.e. run on this. The latter is the case, for example, if an Internet browser is running on the local service computer 26 and is connected to a remote server.
  • the local service computer 26 advantageously comprises a means for the service output 6 for transmitting information about the service 1 to the service user 2.
  • the means for service output 6 comprises a monitor that can be viewed by service user 2, together with a window system-based display system of the local operating system and the standard display output of an Internet browser.
  • Standard Internet browser software such as Microsoft TM Internet Explorer TM or Netscape TM can be used.
  • Navigator can be used as service software 3 on the local service computer 26, which runs on a standard PC with a monitor.
  • Corresponding web servers such as Apache TM, database servers etc., as described in a standard, web-based service software 3 can be used on other service computers 4 or the local service computer
  • Internet browser is a common term that refers to software that is capable of storing multimedia documents (so-called World Wide Web or WWW or Web documents) that are stored on Internet computers and
  • multimedia documents such as World Wide Web or WWW or Web documents
  • the Microsoft TM Internet Explorer TM and the Netscape Navigator TM are well-known examples of such Internet browsers, and the currently preferred language for describing such documents is the so-called HTML family, but other formats and protocols such as XML, XHTML or FTP can also be considered.
  • the local service computer 26 enables the service input 5 to control the service software 3.
  • the facial expressions 12 simulate standard input means of the mobile handheld device 11, such as, for example, function buttons of a mobile telephone on standard input means of the local service computer 26, in particular keyboard inputs and mouse movements. In this way, the service user 2 is able to operate the service software 3 in a manner that is familiar to him.
  • the mobile user device 11 makes entries in Mouse movements on a visible for the service user 2
  • Monitor of the local service computer 26 are implemented.
  • Such inputs can be carried out using standard means 14 for input and output, which are customarily present in the mobile hand-held device 11, for example the letter or number keyboard, cursor keys, a mouse or a device which simulates mouse movements, such as a pen or touch. panel.
  • Other forms of input such as, for example, voice control are also possible.
  • the service output 6 can, in addition to the embodiment described, be designed as voice, sound or music output.
  • the facial expressions 12 comprise an inertial navigation system for detecting the movement of the mobile handheld device by the service user 2 and for generating service inputs 5 as a function thereof.
  • an inertial navigation system is used to detect how a service user 2 moves the mobile handheld device 11 in the air; these movements are converted into mouse movements and transmitted to the service input 5 via the wireless connection 10 and a service access 17.
  • a specific key on the keyboard of the mobile handheld device 11 can preferably be used to imitate a left mouse click.
  • an inertial navigation system of facial expressions 12 has an accelerometer or a gyroscope. It is known to build ordinary computer mice (pointing devices) that can be used in the air on the basis of devices that measure the acceleration or rotation of the mouse. Such devices can be manufactured as micro devices and thus integrated into a mobile hand-held device 11 or attached to them. miniaturization Accelerometers are available, for example, from AMD (Analog Devices, Norwood, USA). A gyro-based mouse was proposed by Gyropoint Inc., Saratoga, California, using a micro accelerometer from Gyration Inc., Saratoga, California.
  • the facial expressions 12 for keyboard inputs can use the standard input means 14 which are present on the hand-held device 11.
  • the handheld mobile device 11 is a cellular phone that has only a numeric keypad
  • numeric keys can be used to enter both numeric data that are directly associated and alphanumeric inputs such as telephone keys.
  • the device-specific input means depend on the type of device, for example a pen with handwriting recognition, a miniature keyboard etc.
  • Service access 17 and wireless connection 10 are used to transmit the inputs to the service input of the local service computer 26 ,
  • facial expressions 12 in the context of the invention are understood to mean the means which map interactive inputs on the mobile handheld device by the service user 2 to mimicked interactive inputs to the service software 3, insofar as the standard input / output means used on the mobile handheld device are expected from those expected in the service input 5 differ. If the service input 5 is based on keyboard inputs and mouse movements or mouse actions, the facial expressions 12 must convert relevant inputs into this type of inputs by means of the mobile handheld device 11.
  • the standard output of the local service computer 26 does not have to be transmitted or redirected to the mobile handheld device 11, since the service user 2 who is in the area of the local service computer 26 has the standard output of the local service computer 26, e.g. a monitor display or audio output.
  • service access 17 is understood to mean all software and / or firmware, including all corresponding data and media, on the mobile handheld device 11 and the local service computer 26, which contribute to the correct execution of the method according to the invention as follows.
  • This software ensures the coordinated use of certificates, personal identifiers 15, service data 16, means for standard input / output 14, possibly reading devices 13, plug-in accessories, facial expressions 12 and wireless communication 10 on the mobile handheld device 11 as well as wireless communication 10 and the service input 5 on the local service computer 26 and the transaction data record 9 in order to enable access to the service software 3 from the mobile handheld device 11.
  • the service access 17 will be implemented on both the handheld device 11 and the local service computer 26. If, according to claim 9, a public wireless telephone network is used and the local service computer 26 does not have the appropriate hardware for the wireless se communication is equipped, for example for economic reasons, an additional intermediate module for the service access 17 will be required on the computer with which the mobile handheld device 11 connects.
  • the mobile handheld device 11 is, in preferred embodiments, a cell phone or a palm top handheld computer. In general, it is a portable electronic device, namely the computer carried by the service user 2 and possibly in his possession. This computer can be integrated in a device, for example in a mobile phone. In addition to the means for standard input / output 14 and a service access 17 by means of the wireless connection 10, the mobile handheld device 11 can also include the facial expressions 12 and one or more reading devices 13.
  • Such a reading device 13 generally designates the hardware and the functions which are used either for reading data from natural or artificial data carriers or for connecting to external functions. Reading data relates, for example, to biometric data or external data carriers, for example fingerprints, credit cards, etc. "External functions" refers to objects to be read that contain code and optionally execution logic, such as chip cards (cash cards, smart cards).
  • a reading device 13 is not absolutely necessary to carry out the invention. However, it is convenient to use a credit card reader, for example.
  • the credit card and the associated PIN can be used to automatically cause the software of the service access 17 on the handheld device 11, a secret key to an application certificate for the holder link the card, ideally a certificate issued by the credit card company, to the service user 2 of the handheld device 11. This option is practical for the widespread use of devices according to the invention.
  • Service users 2 without a credit card reader can then make use of a subset of the services 1 generally offered by service providers; Services 1 which are more critical to security, for example those which are associated with high costs, can then be restricted to service users 2 who have a handheld device 11 with a credit card reader and a certificate issued by a credit card company.
  • the wireless connection 10 between the handset 11 and the local service computer 26 can be implemented as a local connection or via a public telephone network.
  • the wireless connection 10 includes the hardware and software parts of both the handheld device 11 and the service computer 4 and 26, respectively, which are used to transfer data back and forth between them.
  • a local wireless connection is preferred which connects the handheld device 11 to the local service computer 26, for example by radio or infrared.
  • Many common handheld devices such as cell phones or palmtops already have appropriate facilities for local communication, e.g. using the Bluetooth TM method or using infrared interfaces.
  • basic identifications and security functions in terms of data protection and data security can also be carried out in the module for the wireless connection instead of in service software 3 and service access 17.
  • the wireless connection 10 between the mobile Handheld device 11 and the service computer 4, 26 is automatically set up when the service user 2 comes close to the local service computer 26. This is particularly advantageous if the wireless connection 10 is local.
  • the use of public networks for wireless communication is generally only sensible if the handheld device 11 or the local service computer (26) has no device for local wireless communication, since communication is via public Networks is usually subject to charges.
  • the "detour" via the public network can make sense for the sufficient market penetration of a service software, as long as mobile phones do not have extensive wireless local communication options, such as so-called SmartPhones with Bluetooth TM communication capability or other, possibly future developments the case is.
  • the wireless connection 10 takes place by means of a Bluetooth TM transmitting and receiving device.
  • a Bluetooth TM transmitting and receiving device In this case, no public telephone network is required.
  • Handheld device 10 and local service computer 26 are each equipped with a transmitting and receiving device.
  • the so-called Bluetooth TM host controller interface can advantageously be used to transmit inputs from the service user 2 from which the facial expressions 12 come to the local service computer 26.
  • Bluetooth TM is a wireless, short-range, digital
  • Bluetooth TM works in the 2.4 GHz band;
  • FH Freguency Hopping
  • Bluetooth Communication protocols based on each other in Bluetooth Framework ensure important functions such as the actual signal transmission, secure communication relationships, exchange of device characteristics, Internet-compatible communication, transmission of structured data via the "OBEX" (object exchange) known from the infrared communication standard "IrDA”, etc
  • OBEX object exchange
  • Bluetooth also supports protection goals such as confidentiality (through encrypted communication) and authentication (at device level, ensuring the identity of the device, not software or users). The extent to which these goals were achieved has been the subject of much discussion and criticized; Ultimately, security for Bluetooth is not a priority due to the limited spatial extent and original application scenarios ("cordless desktop"). The attributability required in the present patent specification requires additional measures.
  • the service user 2 identifies himself to the service computer 4, 26 by means of digitally signed data.
  • the digitally signed data can advantageously be read into the mobile handheld device 11 by means of a reading device, in particular a chip or credit card reader or a biometric sensor and / or by means of the standard input means 14 of the mobile handheld device 11, in particular in the form of a PIN or a password or with a digital pen, into the mobile handheld device 11.
  • the application certificates involved in the method according to the invention advantageously comprise a digital application certificate 7 via the service user 2 and / or a digital application certificate 27 via the service software 3 and thus via the service 1. It is recommended that the current standard for digital certificates, ISO Standard X. 509 to use.
  • the application certificate 7 of the service user 2 is stored on a computer that can be connected to the Internet and the mobile handheld device 11 provides the digitally signed Internet address of the application certificate of the service user 2.
  • the service software 3 can then query the application certificate 7 of the service user 2 by means of the service access 17 and verify the identity of the service user 2 by decrypting the signature using the public key extracted from the certificate.
  • a digital system certificate 33 for system components such as software, hardware or system extensions of the mobile handheld device 11 according to the invention and / or a digital tales system certificate 8 for system components of the local
  • Service computer 26 is used.
  • X.509 is also a recommended standard for this.
  • These certificates serve to establish trust in the non-local software to which a connection is being established, in particular service access 17.
  • the service access 17 can be implemented on the handheld device 11 in such a way that it only accepts connections to correspondingly correctly certified software for the service access 17 on the local service computer 26; the same can apply to the implementation of service access 17 on local service computer 26.
  • Each of the digital certificates 7, 8, 27, 33 can consist of several independent partial certificates, for example in the case of application certificates if different features of the service user 2 or the service 1 are described in different certificates, or for system certificates if different system components are identified by different certificates ,
  • Such a transaction data record 9 is used according to an additional advantageous feature. It contains data about the service use 24 of the service 1 by the service user 2, including an identification of the service 1 and the service user 2. According to a further advantageous feature, the transaction data record 9 is created or completed at the end of a negotiation phase 22 at the start of a contract conclusion phase 23 , According to a preferred feature, it can be provided that an Internet browser software used for the service access 17 on the local service computer 26 comprises a plug-in for generating a transaction data record 9.
  • plug-in denotes a standard method for supplementing browser software.
  • the plug-in according to the invention generates a transaction data record 9, which is essential in the preferred embodiment. It contains the content of the completed form based on the Internet browser, which is confirmed by the service user 2.
  • confirmation refers to the action that causes the service access 17 to leave a negotiation stage 22 and prepare the phase of the conclusion of the contract 23.
  • the confirmation takes place when the Internet browser is used in such a way that a form that is currently displayed for the user is completed, which is usually done by clicking on a specific button with the mouse.
  • This action is interrupted by the plug-in and a transaction data record 9 is generated in which the contents of the form are contained in a specific description.
  • personal identifier 15 of the service user 2 is stored in the mobile handheld device 11.
  • personal identifiers in this sense are data and / or functions that uniquely identify the service user 2, plus data that describe the service user 2 and that can be queried by the service software 3.
  • Such personal identifiers 15 are, for example, the address, bank details, etc.
  • part of the personal identifiers 15 of the service user 2 is permanently stored in the mobile handheld device 11 and / or a part is stored volatile.
  • the permanent storage of personal identifiers 15 simplifies the use of the system by the service user 2. In order to protect the personal data against changes or unauthorized use, it can be provided that the part of the personal identifiers 15 permanently stored in the mobile handheld device 11 is not clearly attributable Identification of the service user 2 is sufficient so that such a change or unauthorized use can only cause minor damage.
  • a volatile stored part of personal identification 15 is advantageously after a predetermined time, preferably shortly after entering or reading into the handheld device 11, or when a predetermined event occurs, in particular after the end of the use of a service 1 or when switching off or storing of the mobile
  • Handheld device 11 automatically deleted. In these cases, the volatile part of the personal identifier 15 must be re-entered or read in for the further use of the hand-held device 11 become. It is advisable to store highly sensitive data or functions in a volatile memory.
  • Means of standard input / output 14 or reading devices 13 can be used for entering or reading in volatile personal identifiers 15 into the handheld device 11.
  • the service user 2 enters the volatile part of his personal identifier 15 (e.g. PIN, password, etc.) using the normal input and output means of the handheld device 11, for example a keyboard or pen.
  • the service user 2 has an external medium on which the volatile personal identifiers 15 are available.
  • external media can be plastic cards or body parts, for example.
  • the characteristic of volatility relates only to the storage in the handheld device 11, since the data (e.g. iris, fingerprint, credit card) on the corresponding external medium are not volatile, but permanent. This can lead to a security risk that is outside of the invention, for example if a credit card is lost or stolen. Such risks can be reduced if means for standard input / output 14 and reading devices 13 are used in combination, for example by combining a PIN with a credit card.
  • FIG. 5 the representation of FIG. 1 is expanded.
  • the service data 16 are shown there. They denote the information that the service user 2 additionally loaned to the personal identifier 15 is transmitted to the service software 3. This may also include selection data relating to details of the service 1 accepted. 5 also shows the certificates explained.
  • these three categories can also differ from case to case: whether in non-electronic trading, for example, a customer presents a trustworthy account card to provide his account details, takes a slip of this information out of his pocket or writes the information down again usual practice, the habits and, if applicable, the circumstances of the case.
  • the greeting 21 includes in the example shown a discovery 18, a security handshake 19 and one
  • the discovery 18 encompasses the procedures and protocols of the wireless communication 10 and other parts of the system that make the mobile handheld device 11 and the service computer 4 or local service computer 26 and their relevant properties known to one another and that the machine-readable details and, if applicable, those for make known to people understand descriptions of the service software 3 and the service 1 for the mobile hand-held device 11.
  • the security handshake 19 comprises the procedures and protocols by which the mobile handheld device 11 and the service computer 4 or local service computer 26 communicate their identity to one another in digitally signed form, exchange system certificates 8, 33, exchange application certificates 7, 27 or for that Handheld device 11 additionally transmit the storage location of the application certificate, stipulate the type and scope of the communication elements to be digitally signed for the purpose of accountability, such as a transaction data record 9, agree on further security processes, for example a certain encryption, and, depending on the other requirements, exchange keys. see.
  • the encryption of the transmitted data represents an advantageous option against falsification, eavesdropping or misuse of the data.
  • the importance of the encryption is not high in applications in which the requirements of confidentiality and confidentiality are low. This also applies in particular to applications in which the transmission takes place via a local network, since normally there against the spatially limited listening options
  • the security handshake 19 can overlap with the phase of the discovery 18, for example if an advanced wireless communication technology such as Bluetooth TM is used, since within the scope of the discovery 18 as part of the preinstalled functions not all of the required authentication, but at least device authentication, is used - fication is carried out. Therefore, a system according to the invention which uses Bluetooth TM will carry out the part of the security handshake 19 connected to Bluetooth TM as part of the connection establishment at the device level, i.e. before the discovery 18 phase ends.
  • an advanced wireless communication technology such as Bluetooth TM
  • the modalities agreement 20 relates to the protocols and procedures that are used to exchange information on the following points: the service input means offered by the local service computer 26, such as mouse, numerical inputs, alphanumeric inputs, language, etc., in addition to query criteria such as “mandatory”, “Preferred”, “optional”, etc.; the input means of the facial expressions 12 provided by the handheld device 11 for the service user 2, which are specified analogously to the above by details such as ⁇ “mouse”, “preferred”>etc.; input means to be used in the further course, plus details about their use as necessary; only input means to be used are those that are offered both on the handheld device 11 and on the local service computer 26; - available and expected options regarding the upcoming ones Service use phase 24; the options to be used in the further course.
  • the service input means offered by the local service computer 26 such as mouse, numerical inputs, alphanumeric inputs, language, etc., in addition to query criteria such as “mandatory”, “Preferred”, “optional”, etc.
  • the facial expressions 12 map inputs of the service user 2 to mouse and keyboard inputs.
  • the input means provided by the handset 11 as will ⁇ "Mouse & ...> so called, even when for is playing as an accelerometer or gyroscope used mouse movements imitate because the reaction in mouse movements for the service software 3 critical is.
  • Other details such as the name and version number of a document description language such as ⁇ HTML 1.1> can be exchanged between the local service computer 26 and the handheld device 11 as part of the modalities agreement 20.
  • the negotiation 22 relates to the mimicked inputs of the service user 2 to the service software 3, which are transmitted from the facial expressions 12 via the service access 17 and the wireless connection 10 to the service input 5 with the intention of selecting and specifying all the information that is required to provide the corresponding service 1 and optionally further information requested or provided by the service user 2 in this context.
  • the conclusion of the contract 23 converts the previously requested request for a service 1 made by the service user in negotiation 22 into a legally binding service request from the service software 3 and thus from the service provider.
  • the phase of the conclusion of the contract 23 is started when the phase of the negotiation 22 can be regarded as completed and the service user 2 triggers a specific action which is excellent in the service software 3, for example clicking on an excellent button on an electronic form.
  • the click takes place via the standard input / output 14 and possibly via the facial expressions 12, as described in the negotiation 22; the excellent For example, the button can be labeled "Click here to send the order".
  • the submission of forms by clicking on an excellent button is a common procedure in Internet browser software. In the preferred embodiment of the invention described here, before the software function usually associated with this click, the process of concluding the contract 23 described here is inserted.
  • Transaction data record 9 generated by the service software 3 and / or the part of the service access 17 which is arranged on the service computer 4 or 26; the transaction record 9 is digitally signed with the digital signature of the service software 3 and then signed by the service access 17.
  • the first signature uses the private key that corresponds to the application certificate 27 of the service 1 and the service software 3
  • the second signature uses the private key that corresponds to the system certificate 8 of the local service computer 26.
  • the transaction data record 9 is then transmitted to the mobile handheld device 11.
  • two signatures are added, one corresponding to the application certificate 7 of the service user 2 and the other to the system certificate 33 of the mobile handheld device 11.
  • the signatures are each optional.
  • additional actions can be inserted between the end of the negotiation phase 22 and the end of the contract conclusion phase 23, which may require user input.
  • Such actions can Prerequisite for the final approval of the service user 2 and / or the party offering the service 1 to the service described in the transaction data record 9.
  • the software for the service access 17 on the mobile handheld device 11 can explicitly request the service user 2; Agree to the conclusion of the contract, for example by displaying a message such as "Do you really want to sign the form that is shown on the display of the service computer? (yes / no) "or by local display and request for confirmation of the transaction record
  • a payment procedure such as the “paybo” scheme explained at the beginning can be inserted.
  • the service use 24 relates to the connection of one.
  • a phase of a security handshake 19 and a modalities agreement 20 can be followed by several phases of service use 24.
  • Communication can be terminated at any time. Communication can in particular be interrupted at any time if a procedure or a data protocol cannot be successfully completed. Entries by the service user 2 during the negotiation 22 can be omitted if all the necessary data for describing the service request, in the special execution
  • the 15 can be commissioned by the user, so that an entry does not have to be requested from the service user 2 in each such process, for example if the repeated passing through a security lock is to be logged in a short time interval, so that the person passing through can be logged.
  • FIG. 3 shows an embodiment of a mobile hand-held device 11. It is a mobile phone with a reading device 13 in the form of a credit card reader. It includes an attachment module 28 that provides functionality for local
  • the attachment module 28 also includes facial expressions 12 in the form of an inertial navigation system with which movements of the mobile handheld device
  • the attachment module 28 can be attached to the mobile handheld device 11.
  • the transaction data record 9 combines all communication elements in the sense of contract components for which accountability is desired, and is signed by both communicating parties. It is comparable to a summary of receipts that a service user 2 usually receives when using a credit card in non-electronic trading: there, details of the service request, such as purchased items or services, are listed on a purchase receipt, customer and credit card data, including the invoice amount, on a transaction receipt. If the risk appetite is higher, credit card transactions can also be carried out paperless, e.g. for convenience or to avoid losing customers. For similar and other reasons, the use of the signed transaction data record can also be omitted in the sequence according to the invention, although its use is recommended.
  • FIG. 4 illustrates a preferred embodiment of the security handshake 19 which begins after the discovery 18 has ended.
  • Bluetooth TM technology please note that the state of the art Bluetooth TM procedure only devices, but no user authenticated; the Bluetooth TM technology can also be used on a case-by-case basis, for example in order to restrict access to handheld devices 11 which have been handed over to potential service users 2 in closed environments (for example shops or exhibitions).
  • the Bluetooth TM protocol and driver model RFCOMM is used in this embodiment to connect the facial expressions 12 and service access 17 of the mobile handheld device 11 directly with a keyboard and mouse driver of the local service computer 26 and with a driver that is part of the service access 17 on the local Service computer 26 is to be connected.
  • TLS Transport Layer Security
  • SSL Secure Socket Layer
  • TLS can be used as part of the service access 17 in order to implement the security handshake 19.
  • This TLS variant can be placed directly on Bluetooth TM -RFCOMM.
  • Other embodiments can be based on PPP or TCP, for example.
  • the TLS message “Client Hallo” 29 additionally contains, for example, additional information about the legal validity associated with the signing of a transaction data record 9, ie the contractual terms and conditions, in particular an optional period of time until a signed agreement is revoked
  • This option is important for two reasons. on the other hand, different countries can have different legal frameworks in this regard; For example, it may be required by law that a contract concluded with electronic trading can be revoked within at least four days.
  • the mobile handheld device 11 may or may not have means for locally displaying the transaction data record 9 to the service user 2 in the context of the contract 23; if this is not possible, the service user 2 can only read and personally verify the transaction data record 9 after returning home or to his office. In this case, it may depend on the certificates, for example, which terms and conditions the service user 2 would like to agree to.
  • the corresponding behavior of the service access 17 on the handheld device 11 can be done in advance, for example at home
  • the TLS message "server hello" 30 contains information on the meaning of the transaction data record 9 in accordance with the foregoing; for successful connection establishment, this information must correspond to the terms and conditions to which the handheld device 11 is willing to agree in accordance with the message "client hello" 29.
  • the TLS message “server certificate” 31 is sent twice in succession. Once for the system certificate 8 and once for the application certificate 27 on the part of the local service computer 26. As described in the context of the invention, the use of certificates is each optional. System certificates can be used here to simplify the certification of the instance corresponding to the respective application certificate be certified or vice versa, whereby the certifying is regarded as a superordinate certificate.
  • the TLS message “client certificate” 32 is also sent twice in succession and authenticates the side of the mobile handset 11 using the system certificate 33 and the application certificate 7.
  • SHA is used for all digital signatures, a method which is proposed among other things in the context of TLS and is described in detail as the "Secure Hash Standard" SHS of the American National Institute of Standards and Technology NIST.
  • SHS Secure Hash Standard
  • MD5 method comes into question for alternative embodiments, but is generally rated inferior to SHA.
  • the system certificates are used to authenticate the implementations of the service access 17 and in particular contain the public keys for verifying the two system-related signatures of the transaction data records 9. Further encryption methods and keys are determined on the basis of the application certificates.

Abstract

L'invention concerne un procédé selon lequel un utilisateur de service (2), se trouvant temporairement dans la zone d'un ordinateur de service local (26) sur lequel s'exécute un logiciel de service (3) pourvu d'une entrée de service (5) et, de manière avantageuse, d'une sortie de service (6), peut accéder sans fil et en engageant sa responsabilité à des prestations de service informatiques au moyen d'un appareil portatif mobile (11), le logiciel de service (3) pouvant être réparti sur d'autres ordinateurs de service (4). A cet effet, l'utilisateur de service (2) utilise un appareil portatif mobile personnel (11) qui comprend une entrée/sortie standard (14) ainsi que, de manière avantageuse, une émulation (12) pour la saisie interactive de données de service. L'appareil portatif mobile (11) servant à accéder à une prestation de service se connecte, par l'intermédiaire d'un accès de service réparti (17) et d'une liaison sans fil (10), au logiciel de service (3), et l'appareil portatif mobile (11) et l'ordinateur de service (3) transmettent des données dont la responsabilité doit être garantie, en utilisant des signatures numériques selon un protocole convenu (25). Ces données peuvent être regroupées dans des certificats et des enregistrements de transaction (9) et obtenues partiellement sur l'appareil portatif mobile (11) au moyen de dispositifs de lecture (13).
EP01969662A 2000-09-01 2001-08-29 Systeme et procede pour l'acces sans fil responsable a des prestations de service informatiques Withdrawn EP1316189A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP04009553A EP1439682A3 (fr) 2000-09-01 2001-08-29 Système et procédé pour l'accès sans fil responsable aux fournisseurs de service sur ordinateur

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US23015600P 2000-09-01 2000-09-01
US230156P 2000-09-01
PCT/EP2001/009915 WO2002019648A2 (fr) 2000-09-01 2001-08-29 Systeme et procede pour l'acces sans fil responsable a des prestations de service informatiques

Related Child Applications (1)

Application Number Title Priority Date Filing Date
EP04009553A Division EP1439682A3 (fr) 2000-09-01 2001-08-29 Système et procédé pour l'accès sans fil responsable aux fournisseurs de service sur ordinateur

Publications (1)

Publication Number Publication Date
EP1316189A2 true EP1316189A2 (fr) 2003-06-04

Family

ID=22864147

Family Applications (1)

Application Number Title Priority Date Filing Date
EP01969662A Withdrawn EP1316189A2 (fr) 2000-09-01 2001-08-29 Systeme et procede pour l'acces sans fil responsable a des prestations de service informatiques

Country Status (4)

Country Link
US (1) US20040002902A1 (fr)
EP (1) EP1316189A2 (fr)
AU (1) AU2001289845A1 (fr)
WO (1) WO2002019648A2 (fr)

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FI20002899A0 (fi) * 2000-12-29 2000-12-29 Nokia Corp Järjestely informaation kommunikoimiseksi
US8751571B2 (en) * 2001-02-27 2014-06-10 Verizon Data Services Llc Methods and systems for CPN triggered collaboration
US8761363B2 (en) 2001-02-27 2014-06-24 Verizon Data Services Llc Methods and systems for automatic forwarding of communications to a preferred device
US20060276179A1 (en) * 2001-02-27 2006-12-07 Reza Ghaffari Methods and systems for integrating communications services
US8774380B2 (en) 2001-02-27 2014-07-08 Verizon Patent And Licensing Inc. Methods and systems for call management with user intervention
US8503650B2 (en) 2001-02-27 2013-08-06 Verizon Data Services Llc Methods and systems for configuring and providing conference calls
US7912199B2 (en) * 2002-11-25 2011-03-22 Telesector Resources Group, Inc. Methods and systems for remote cell establishment
US8873730B2 (en) * 2001-02-27 2014-10-28 Verizon Patent And Licensing Inc. Method and apparatus for calendared communications flow control
US8472428B2 (en) 2001-02-27 2013-06-25 Verizon Data Services Llc Methods and systems for line management
US8488761B2 (en) * 2001-02-27 2013-07-16 Verizon Data Services Llc Methods and systems for a call log
US8750482B2 (en) * 2001-02-27 2014-06-10 Verizon Data Services Llc Methods and systems for preemptive rejection of calls
US8798251B2 (en) * 2001-02-27 2014-08-05 Verizon Data Services Llc Methods and systems for computer enhanced conference calling
US8467502B2 (en) 2001-02-27 2013-06-18 Verizon Data Services Llc Interactive assistant for managing telephone communications
US8488766B2 (en) * 2001-02-27 2013-07-16 Verizon Data Services Llc Methods and systems for multiuser selective notification
US8503639B2 (en) * 2001-02-27 2013-08-06 Verizon Data Services Llc Method and apparatus for adaptive message and call notification
US8494135B2 (en) * 2001-02-27 2013-07-23 Verizon Data Services Llc Methods and systems for contact management
US8472606B2 (en) * 2001-02-27 2013-06-25 Verizon Data Services Llc Methods and systems for directory information lookup
US7234168B2 (en) * 2001-06-13 2007-06-19 Mcafee, Inc. Hierarchy-based method and apparatus for detecting attacks on a computer system
GB2377782A (en) * 2001-07-21 2003-01-22 Ibm Method and system for the communication of assured reputation information
US9392120B2 (en) 2002-02-27 2016-07-12 Verizon Patent And Licensing Inc. Methods and systems for call management with user intervention
US20060085308A1 (en) * 2003-03-17 2006-04-20 Abanco International, Llc System and method for sales and service reconciliation
US8364547B2 (en) * 2003-03-17 2013-01-29 Gate Gourmet Switzerland, Gmbh System for real-time sales and inventory reconciliation
EP1606753A4 (fr) * 2003-03-17 2006-03-29 Abanco Internat Llc Systeme et procede destines au rapprochement entre les ventes et l'inventaire
US20040225616A1 (en) * 2003-05-09 2004-11-11 Arnold Gordon K. Method, system and computer program product for third-party verification of anonymous e-marketplace transactions using digital signatures
US8260673B2 (en) * 2003-05-09 2012-09-04 International Business Machines Corporation Method, system and computer program product for selective data disclosure and contract negotiation in an E-marketplace based on predetermined preferences
US7590837B2 (en) * 2003-08-23 2009-09-15 Softex Incorporated Electronic device security and tracking system and method
US9336393B2 (en) * 2003-08-23 2016-05-10 Softex Incorporated System and method for protecting files stored on an electronic device
SE526066C2 (sv) * 2004-02-12 2005-06-28 Precise Biometrics Ab Portabel databärare, extern uppställning, system och förfarande för trådlös dataöverföring
EP1675076A1 (fr) * 2004-12-21 2006-06-28 Italtel S.p.a. Système et équipement associé pour authentification personnelle et pour gérer des données dans des réseaux intégrés
FR2903266A1 (fr) * 2006-06-29 2008-01-04 France Telecom Serveur de navigation xml, systeme de navigation xml, dispositif de generation d'instructions pour un navigateur xml, et procede de communication
US8353048B1 (en) * 2006-07-31 2013-01-08 Sprint Communications Company L.P. Application digital rights management (DRM) and portability using a mobile device for authentication
KR101561428B1 (ko) 2007-01-09 2015-10-19 비자 유에스에이 인코포레이티드 비접촉 트랜잭션
US20080195750A1 (en) * 2007-02-09 2008-08-14 Microsoft Corporation Secure cross platform auditing
US8205093B2 (en) * 2007-06-29 2012-06-19 At&T Intellectual Property I, L.P. Restricting access to information
TWI376109B (en) * 2008-04-23 2012-11-01 Compal Communications Inc Wireless access system capable of controlling electronic devices and control method thereof
US9363108B2 (en) * 2008-06-05 2016-06-07 Cisco Technology, Inc. System for utilizing identity based on pairing of wireless devices
US9230259B1 (en) 2009-03-20 2016-01-05 Jpmorgan Chase Bank, N.A. Systems and methods for mobile ordering and payment
IT1395175B1 (it) * 2009-08-18 2012-09-05 Nfc Alias S R L Metodo e sistema per applicativo universale per procedure transazionali con tecnologia nfc
US9516017B2 (en) * 2009-10-23 2016-12-06 Apriva, Llc System and device for consolidating SIM, personal token, and associated applications for electronic wallet transactions
US8588758B2 (en) * 2009-10-30 2013-11-19 Immersion Corporation Interfacing a mobile device with a computer
US8914628B2 (en) 2009-11-16 2014-12-16 At&T Intellectual Property I, L.P. Method and apparatus for providing radio communication with an object in a local environment
US9202059B2 (en) 2011-03-01 2015-12-01 Apurva M. Bhansali Methods, systems, and apparatuses for managing a hard drive security system
US20150130613A1 (en) * 2011-07-12 2015-05-14 Aliphcom Selectively available information storage and communications system
US8711118B2 (en) 2012-02-15 2014-04-29 Immersion Corporation Interactivity model for shared feedback on mobile devices
US8493354B1 (en) 2012-08-23 2013-07-23 Immersion Corporation Interactivity model for shared feedback on mobile devices
US8570296B2 (en) 2012-05-16 2013-10-29 Immersion Corporation System and method for display of multiple data channels on a single haptic display
KR101625321B1 (ko) 2012-05-24 2016-05-27 미쓰비시덴키 가부시키가이샤 표시용 정보 수집 장치 및 hmi 시스템
US10908929B2 (en) * 2012-10-15 2021-02-02 Famous Industries, Inc. Human versus bot detection using gesture fingerprinting
WO2014062730A1 (fr) 2012-10-15 2014-04-24 Famous Industries, Inc. Manipulation efficace de surfaces dans un espace multidimensionnel effectuée en utilisant des agents énergétiques
US10877780B2 (en) 2012-10-15 2020-12-29 Famous Industries, Inc. Visibility detection using gesture fingerprinting
US9088450B2 (en) 2012-10-31 2015-07-21 Elwha Llc Methods and systems for data services
US9886458B2 (en) 2012-11-26 2018-02-06 Elwha Llc Methods and systems for managing one or more services and/or device data
US10091325B2 (en) 2012-10-30 2018-10-02 Elwha Llc Methods and systems for data services
US20140123325A1 (en) 2012-11-26 2014-05-01 Elwha Llc Methods and systems for managing data and/or services for devices
US20140123300A1 (en) 2012-11-26 2014-05-01 Elwha Llc Methods and systems for managing services and device data
US9749206B2 (en) 2012-10-30 2017-08-29 Elwha Llc Methods and systems for monitoring and/or managing device data
EP2759991A1 (fr) 2013-01-25 2014-07-30 Friesland Brands B.V. Procédé et applet pour commander une boisson
US9294468B1 (en) * 2013-06-10 2016-03-22 Google Inc. Application-level certificates for identity and authorization
GB2541469B (en) 2015-08-17 2019-10-30 Dan Ram Method and system for preventing unauthorized computer processing
EP3817280A4 (fr) * 2018-06-26 2022-03-16 Japan Communications, Inc. Système de fourniture de service en ligne, puce ci, et programme d'application

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19844677A1 (de) * 1998-08-07 2000-02-17 Khaja Ali Hassan Al System zur drahtlosen elektronischen Abwicklung von Transaktionen
WO2000039958A1 (fr) * 1998-12-16 2000-07-06 Sonera Smarttrust Oy Procede et systeme de mise en oeuvre d'une signature numerique

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5440326A (en) * 1990-03-21 1995-08-08 Gyration, Inc. Gyroscopic pointer
US5754655A (en) * 1992-05-26 1998-05-19 Hughes; Thomas S. System for remote purchase payment and remote bill payment transactions
US5978773A (en) * 1995-06-20 1999-11-02 Neomedia Technologies, Inc. System and method for using an ordinary article of commerce to access a remote computer
US5657390A (en) * 1995-08-25 1997-08-12 Netscape Communications Corporation Secure socket layer application program apparatus and method
US5825350A (en) * 1996-03-13 1998-10-20 Gyration, Inc. Electronic pointing apparatus and method
EP1012694A4 (fr) * 1996-11-08 2005-04-06 Neomedia Tech Inc Acces automatique a des informations electroniques au moyen de codes lisibles par machine imprimes sur des documents
US6016476A (en) * 1997-08-11 2000-01-18 International Business Machines Corporation Portable information and transaction processing system and method utilizing biometric authorization and digital certificate security
US6038549A (en) * 1997-12-22 2000-03-14 Motorola Inc Portable 1-way wireless financial messaging unit
US6754485B1 (en) * 1998-12-23 2004-06-22 American Calcar Inc. Technique for effectively providing maintenance and information to vehicles
US8903737B2 (en) * 2000-04-25 2014-12-02 Accenture Global Service Limited Method and system for a wireless universal mobile product interface

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE19844677A1 (de) * 1998-08-07 2000-02-17 Khaja Ali Hassan Al System zur drahtlosen elektronischen Abwicklung von Transaktionen
WO2000039958A1 (fr) * 1998-12-16 2000-07-06 Sonera Smarttrust Oy Procede et systeme de mise en oeuvre d'une signature numerique

Also Published As

Publication number Publication date
US20040002902A1 (en) 2004-01-01
WO2002019648A3 (fr) 2002-12-12
WO2002019648A2 (fr) 2002-03-07
AU2001289845A1 (en) 2002-03-13

Similar Documents

Publication Publication Date Title
WO2002019648A2 (fr) Systeme et procede pour l'acces sans fil responsable a des prestations de service informatiques
DE60007883T2 (de) Verfahren und vorrichtung zum durchführen von elektronischen transaktionen
US7457950B1 (en) Managed authentication service
CN102244674B (zh) 使用标准演示引擎作数字权限管理的系统
DE60036713T2 (de) System und verfahren für gesicherte netzwerkstransaktionen
WO2002084565A1 (fr) Systeme et procede de controle d'acces et utilisation d'informations privees
DE10296888T5 (de) System und Verfahren zur sicheren Eingabe und Authentifikation von verbraucherzentrierter Information
CN110826043A (zh) 一种数字身份申请系统及方法、身份认证系统及方法
DE102017217342B4 (de) Verfahren zum Verwalten eines elektronischen Transaktionsdokuments
KR101672496B1 (ko) 임대차 간편 계약 및 결제 시스템 및 그 동작 방법
KR100494975B1 (ko) 스크린 스크래핑 기술을 이용한 고객 자산 관리 방법 및시스템
KR20090000792A (ko) 비대면 실명확인 방법 및 시스템과 이를 위한 기록매체
EP2783320B1 (fr) Procédé pour authentifier une personne se trouvant au niveau d'une instance de serveur
EP2879073B1 (fr) Procédé de transaction électronique et système informatique
KR100948162B1 (ko) 금융 기관 직접 연결을 통한 금융 계좌 통합 조회 방법, 그방법을 수행하는 프로그램이 기록된 컴퓨터로 읽을 수 있는 기록 매체 및 통합 조회 서버
EP1439682A2 (fr) Système et procédé pour l'accès sans fil responsable aux fournisseurs de service sur ordinateur
KR20210091983A (ko) 스마트 티켓의 통합 서비스 제공 시스템 및 그 방법
KR102019730B1 (ko) 온라인 보험 계약 서비스 제공 방법
JP4000395B2 (ja) Web3Dオーサリングシステム
JP2002150002A (ja) コンテンツ・アクセス・システムおよびコンテンツアクセス方法ならびに認証・課金サーバ
EP2916252A1 (fr) Procédé de transaction électronique et système informatique
KR100885170B1 (ko) 위탁대행 실명확인 방법 및 시스템과 이를 위한 기록매체
DE102013022438B3 (de) Elektronisches Transaktionsverfahren und Computersystem
DE102013022447B3 (de) Elektronisches Transaktionsverfahren und Computersystem
DE102013022435B3 (de) Elektronisches Transaktionsverfahren und Computersystem

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20030401

AK Designated contracting states

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO SI

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SAP AG

RIN1 Information on inventor provided before grant (corrected)

Inventor name: MUEHLHAEUSER, MAX

17Q First examination report despatched

Effective date: 20040129

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SAP AG

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20050810