EP1410128A1 - Datenverarbeitungsvorrichtung - Google Patents
DatenverarbeitungsvorrichtungInfo
- Publication number
- EP1410128A1 EP1410128A1 EP00953060A EP00953060A EP1410128A1 EP 1410128 A1 EP1410128 A1 EP 1410128A1 EP 00953060 A EP00953060 A EP 00953060A EP 00953060 A EP00953060 A EP 00953060A EP 1410128 A1 EP1410128 A1 EP 1410128A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- file
- key
- data
- unit
- volume
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
Definitions
- the present invention relates to a data processing device according to the preamble of claim 1
- password-protected access or start routines usually offer insufficient protection. Even if, for example, password protection of a workstation computer as access protection for the computer offered via the relevant operating system cannot be started by an unauthorized user, there is a risk that either the mass storage device assigned to this workstation will be accessed via a detour, or that the entire contents of such a mass storage device, such as a hard disk, can be read out, for example by means of a backup routine, and then later with a other system is illegally analyzed and read 5
- E5 keys can be calculated from a limited data context due to the mentioned internal redundancy of the language or the standard in which the electronic document in question was written, then the entire content in which this key was used is readable
- the object of the present invention is therefore to improve a generic data processing device with regard to the data security of locally stored useful or volume data, and in particular to reduce the risk of unauthorized data access by completely copying a mass storage content, for example by means of backup 5 to overcome the security disadvantages of known cryptography methods against decryption and to increase encryption security
- an essential feature of the present invention is then any ED (or a selected one and / or determined by the operating system) for - access-protected -
- each volume file to be backed up within the scope of the present invention preferably the entirety of the files to be stored on the file storage system, is provided with an individual key which is stored separately (i.e. not in a manner directly associated with the file storage system), and a volume file can only be opened and used together with the associated, individualized key.
- a user within the scope of the invention is to be understood as a "user” in this respect also a user type / ppe
- the present invention only access the volume files provided or authorized for it, and this is - in contrast to the prior art - achieved in particular also via the individualized key file or key data record of a database
- at least one identification and authorization of a respective user must take place, and only by linking to a separately stored or generated key file can one be stored in the file storage system 5 preferably permanently saved volume files are saved or used in a usable form
- the further advantage of a user- and file-specific encryption according to the invention is that, if an individual key becomes known, the effort required for a key change or a change in access remains relatively low
- a further security level which is realized in the form of an encrypted intermediate file (intermediate layer) and is not stored on a common back-up unit, which in particular the security of the access to The key is further increased.
- Such a self-encrypted, physically removed intermediate layer ensures that the actual key file is not directly accessible
- the result of the present invention also shows that, in principle, the reading of the D-encrypted file storage system, for example for the purpose of backup, is permitted as such and is generally accessible and, in particular, is made independent of authorization (since the result of such a backup also remains encrypted )
- backup processes such as the backup process, are independent of a special, secure access status (usually supervisor or system administrator), since 5 the actual read right or the ability to access the electronic document in plain text (ie open and unencrypted), can be assigned independently of the backup function and thus by a supervisor or the like -O-
- semantic i.e. content- and / or meaning-distorting encryption methods are also used, the content of a volume file to be protected being given a correspondingly unusable version here and only by an associated file - 5 as well as customized key file, which then contains, for example, a sequence index for a correct arrangement of interchanged individual terms or sentences of a text in the combination of such an encrypted text
- 1Q ren in particular in the present context of encryption at the level of the file system, a number of advantages.
- the security of encryption in particular due to the possibility of inserting or exchanging any information components, is almost absolute, in particular any context or content-dependent -
- the key of the encrypted text is no longer available You can also use
- this encryption method in a particularly simple way to relate to the respective user.
- encryption can also be carried out in such a way that a respective content is distorted and changed in relation to the original content, insofar So it is useless from the user's point of view, but nevertheless makes sense
- the present invention requires a metalanguage in the form of a linear concatenation of modules (information components) which each give meaning from themselves, which is broken down for the purpose of the present method and by the actions of exchanging 3G removal, addition and / or exchange into the form unusable for the user (Arrangement) is brought
- a device for handling an electronically stored original amount of data, which is particularly suitable and designed for implementing the semantic encryption described above
- the functionality of a key generation and administration unit is implemented by such a device, which is able to generate the semantically encrypted volume data together with key data 5 from an original document to be protected (namely the original data volume or user file), as well as to manage and further process the data quantities generated in this way.
- the analysis unit according to the invention is provided in order to create the prerequisites for subsequent content-related or meaning-related encryption within the given format structure and / or grammar of the original document, and that of the analysis unit downstream encryption unit IG then takes the core operations of semantic encryption, namely the exchange, removal, addition and exchange, on the information components of the original data set under Ber account the analyzed format structure and grammar, before
- an operation is also carried out by the encryption unit taking into account the grammar (the underlying
- the encryption unit provided according to the invention is able to generate an encryption result that corresponds to the original date grammatical, format and / or syntactic structure
- 3 G has, so that there is equivalence not only with regard to the respective individual information components (e.g. words in a text), but also with regard to the structures and / or format-based arrangements (e.g. the arrangement of terms in one Sentence according to the rules of grammar) is in conformity with the rules and insofar as it does not reveal without an examination of the content that an operation causing the encryption effect on 5 the information components has taken place
- any elements of a language are to be understood that are meaningful in a meaningful sense WO 01/06341 _j_ PCT / EP00 / 06824
- the encryption unit is assigned a control unit which randomizes the encryption operation (ie the application and effect of the individual encryption operations) by generating and taking into account a random component, for example a random number generated in an otherwise known manner and taking it into account making a dependent number
- ⁇ 5 encryption depth with the number of the basic operations of exchanging, removing, adding or exchanging, which effects the encryption, and in this respect also determines the volume of the key file generated.
- the volume data as a document by means of the conversion unit provided for further training
- the key file as executable script data of a suitable structural or script language, e.g. XML, SGML, XSL, Visual Basic (Script), javascript etc.
- a suitable structural or script language e.g. XML, SGML, XSL, Visual Basic (Script), javascript etc.
- the original data can then be restored in a particularly simple manner, in the simplest case by executing the script which directly brings about the restoration (which has been introduced via a suitable connection that takes the interest of the protection seeker into account) and which also offers starting points for further security mechanisms, e.g. data integrity or server contact
- the infrastructure according to the invention can be used to create a highly secure and, at the same time, user-friendly protection architecture which not only protects the interests of the creator of an electronic document worthy of protection significantly better than is the case with conventional options, but also the potential users of the protected content enables easy, convenient access and handling of the document, and ultimately it must be borne in mind that only the existence of an effective protective instrument against unauthorized copying and redistribution can guarantee that electronic documents will continue to produce valuable content and with a high level of quality and generality in the future will be available
- a key file (amount of data) generated according to the invention is encrypted separately (conventional or semantic) for third parties, at least twice, with a first person receiving the result of the first encryption and a second person the result of the subsequent second encryption is assigned.
- Such a procedure according to the invention then has the advantageous effect that even if the actual key data volume is lost, the user file can be restored by both recipients of the subsequent encryption results generating the underlying key data volume with one another by successive decryption , which in this respect corresponds to a four-eyes principle, the present invention was advantageously independent of the original key, namely ch the amount of key data generated first, and to prevent accidents, such as the loss of the original key, e.g. due to the death of a password holder, an additional, double encryption of the correct key file is provided, a first result of the additional locking is assigned to a first third party second result of the additional Encryption is assigned to a second third party and the correct key file can be restored by successively decrypting the first and second results
- the user file encrypted in this way is a volume file, that is to say that it has a comparable or at most little changed volume volume compared to the open content
- key storage unit to be provided locally, i.e. within the spatial limits of the data processing device (e.g. as an additional hard disk or other medium that is spatially separated from the file storage system, or else logically and structurally separated, for example in the form of another partition with its own drive identifier on one common hard disk unit)
- volume data (as the original amount of data) using a drive letter in the manner of a file system and then access the key database, and / or to address the key database in the manner of a hierarchical file system and, for example, by means of a drive
- the key database is provided locally in the data processing device, but is structurally or physically separate from a drive or mass storage unit assigned to the local file storage system, and the key database is by means of its own drive letter, a drive object (connected to a database function) or the like addressable in the manner of a file system
- the present invention thus leads to a significantly increased level of data security, in particular with regard to a copy (backup) of the entire file which is otherwise possible with little effort by unauthorized or unlawful persons.
- the bidirectional local encryption implemented by means of the present invention creates usable - and thus also valuable for third parties - data and information at the time of the query or only exists before being stored in the file storage system, so that the present Invention can also be understood as a fundamental modification of a conventionally open file handling system towards a system protected in both 5 directions (based on a locally assigned mass storage device) by encryption WO 01/06341 _ 1 Q _ PCT / EP00 / 06824
- Another significant advantage of the encryption method according to the invention is that active data can be used for encryption in the form of any link function, so that this key gives direct properties of the encrypted or decrypted document (eg sequence or gaps)
- classic encryption functions that - clearly and specifically - establish a relationship between the key and the document to be encrypted are rather passive, ie the encryption function or operation has no relationship to the document
- a further, potentially usable aspect of the present invention lies in the fact that, in contrast to classic, known encryption methods, the result of the semantic encryption can be an electronic document, which for a viewer or user can have a character that at first glance seems appropriate applies to decryption, with the result that in principle every encryption or decryption
- E0 key files are designed for each volume file, the key management unit being connected to a key database provided as part of the local file storage system, logically separate therefrom and for linking a key file stored in the key database to a volume file stored in the local file storage system so that in the case using a correct one of the plurality
- the correct electronic document is generated from generated and assigned key files, and in the event that an incorrect one of the stored key files is used, an electronic document that is apparently correct for a user is generated
- Semantic encryption thus leads to potentially increased security when dealing with encrypted or decrypted documents, whereby there is also the need, for example, to indicate to a user after successful, successful decryption that he actually has the open, decrypted result , and not a document that is still encrypted (since a decryption process has been unsuccessful)
- Such a display can be achieved, for example, by means of an additional originality signal, for example in the form of an optical indication (only) known to the user in this sense
- the semantic encryption used in the context of the present invention obtains an additional quality by not only using the information components manipulated according to the invention with the interchanging, removing, adding or exchanging operations for encryption purposes, but also an encryption effect being achieved in that the information about the exchanged, removed, added and / or exchanged information components present in the key data volume generated by semantic encryption itself is subjected to operations of exchanging or exchanging.
- the semantic encryption used in the context of the present invention obtains an additional quality by not only using the information components manipulated according to the invention with the interchanging, removing, adding or exchanging operations for encryption purposes, but also an encryption effect being achieved in that the information about the exchanged, removed, added and / or exchanged information components present in the key data volume generated by semantic encryption itself is subjected to operations of exchanging or exchanging.
- the semantic encryption used in the context of the present invention obtains an additional
- semantic encryption lies in the semantic encryption of the linguistic / textual / structural meta-level on which a respective document is based (which itself can be understood as a way of describing the electronic document).
- the information e.g. Commands or syntax elements
- TAG elements such as formatting instructions for tables or the like.
- format and / or structural elements of a document which are to a certain extent superior to the actual content-giving words or Sentences exist, can be treated within the scope of the present invention by the basic operations of exchanging, removing, adding or exchanging, and can therefore be protected by ES
- FIG. 1 shows a schematic block diagram of the data processing device according to a first, preferred embodiment of the invention
- FIG. 2 shows a schematic block diagram of a key generation and management unit within the scope of the invention 1 illustrates on the basis of a single-user computer system how the present invention can be implemented with assemblies and components of a commercially available PC.
- a local computing unit 10 accesses a local file storage system 12, implemented as a hard disk, the connection between the computing unit and the file storage system being bidirectional, that is to say both writing processes of the computing unit can be performed on the file system, and vice versa files of the unit 12 are read (called up) and then open via suitable input / output units 14 (e.g. a screen, printer, G interfaces for connecting other computer systems, data lines, etc.) readable or usable.
- suitable input / output units 14 e.g. a screen, printer, G interfaces for connecting other computer systems, data lines, etc.
- the file storage system 12 can be a logically and structurally separate file storage system, which is specifically provided 5 as part of a larger file storage for the present purpose.
- a key management unit 16 is interposed between the computing unit 10 and the file storage system 12, which performs bidirectional encryption of user files — G text files, image files, etc. — that are to be stored and are directed toward the local file storage system 12. and which, in the opposite direction, also decrypts volume files stored in the local file storage system as unreadable (ie unusable) back into a usable user file.
- the key management unit uses individual keys which are generated specifically for users (groups) and files and are stored in a key storage unit 18.
- the key storage unit is physically contained on the same hard disk as the file storage system 12, but is logically and structurally separated from this by the key storage unit 18 (alternatively or additionally: the file storage system 12) being assigned its own drive identifier.
- FIG. 1 provides that, connected to the computing unit, a user identification unit is present, for example can be implemented by a suitable software module within the framework of the computer operating system or a correct application program
- Such user identification makes it possible to assign the key files stored in the key storage unit 18 in a user-specific manner and to make them available, so that in this way a particular user can only access volume files authorized for him in the file storage system 12 in the exemplary embodiment shown, the drive provided for the key storage unit is subdivided into invisible for the user for each intended key file, so that the security of access to the file storage system is further increased
- semantic encryption that is to say the planned modification of the content of a volume file by, for example, rearranging the order of content components of content that is only meaningful and (completely) usable in this specific sequence (that is to say rearrangement of words or sentences) within an overall text), the generated and stored in the key storage unit 18
- E 0 stored key receives correct sequence information
- Other possibilities of such a semantic encryption were the exchange, omission or replacement of predetermined or randomly selected keywords, the creation of gaps or the insertion of meaning-changing additions
- volume file and key file in such a way that in particular a (for example particularly extensive) volume file can also be assigned a plurality of key files, in which case the term "volume file specific "with regard to the respective file sections or areas for an associated key file
- FIG. 1 It will be described below how the embodiment according to FIG. 1 can be accessed by an - authorized or unauthorized - user in the manner of a file system, so that the type of access itself becomes part of the security structure of the present invention
- the key task of the key management unit 16 is to establish a logical relationship between volume data 12 and respective (user- and document-specific) key data 18.
- the combination of key management unit 16 and key storage unit 18 can be used as a special form of representation that can be solved in terms of programming understand that, for example in the manner of the Explorer for the Windows operating system, is able to display individual (ie user-specific, depending on the respective authorization) views of electronic documents in a hierarchical arrangement, such as the file order and the respective authorization
- the user receives a hierarchical arrangement of documents authorized for him as a view (and also for access), ideally in such a way that he detects the circumstance of a V Encryption of the respective documents shown (or a non-encryption) not noticed He can therefore act within this individual, user-specific view determined by an autonegotiation process as if no protective mechanisms existed
- Such a user-friendly (still comfortable) possibility of working with the present invention is based on a superordinate, secure assignment and document or key management, as is the actual task of the unit 16, with the help of typically a database system, in the simplest case
- a database system In a concordance table, which assigns different people the volume files, key files, associated attributes, etc. authorized for them, the display unit contained in unit 16 is able to create the user-specific view individually and then, if necessary, encrypt it within the scope of this user-specific view Correctly merging documents with associated key files and thus reconstructing them.
- a database system of this type which determines the function of the unit 16 (table example), typically contains the relevant key and volume files.
- path information in particular, reconstruction instructions as components of key files can also be directly contained in such a table for access (which is particularly useful if such a table is generated dynamically and the advantage obtained is exploited that the whole 5 file system is not additionally loaded)
- a "key file" in the context of the present invention should be understood in particular as an entry in such a database (table) in such a way that this entry enables correct reconstruction within the scope of the invention.
- This approach also offers intervention - or approaches for the preferred protection method of semantic encryption not
- E 0 is part of the user-specific views or the processing environments provided by it, regulated by the fiiesystem, the possibility of an update or an update for contents of a respective electronic document that have been changed by user intervention, in particular regarding the updating of the encryption mechanism between the volume file (in units 12) and key file (in
- the key database or the key management unit is therefore a component of the data processing device according to the invention, the logical and thus virtual, hierarchically ordered and individual
- a further possible development of the present invention lies in using the database and system design of the present data processing device to delimit the boundaries between users individually, selectively to display (and access) electronic documents and those documents that do not have any access rules at all subject to blurring (i.e. not to separate the views of the directories and the documents then contained) and insofar insecurity about whether the electronic documents presented within a user-specific view are protected against access at all.
- an advantageous further development of the present invention consists in generating the user-specific views of the files in the file system dynamically and in particular in connection with a respective beginning of a user session of a user, so that a fixed one .
- Semantic encryption i.e. the encryption of the meaning, consists of the division of original data (OD) into volume data (VD) and work instructions or recon
- E Q structuring instructions It is in the underlying concept of the method that the volume data can be distributed freely and without additional protection.
- the RA must be kept separate from the VD. The use of the OD and the access to the OD is only possible if the access to the RA is subject to regulations and the RAs are stored with appropriate protection and can only be accessed in a regulated manner
- the administration of the RA or the key data and the access to this RA is done by a database, hereinafter also referred to as the key database or key unit. Since access to this central key unit also takes place with a key and / or with 3G a password and since this data is particularly sensitive and therefore represents the first target for attacks on the confidentiality and confidentiality of the data contained therein, security must be ensured unauthorized access can be ensured by additional encryption.
- This key unit allows access data or access data (ZD) to be saved and thus offers access to the data as part of an access control.
- ZD access data
- the access control decides whether the rights for the intended access operation exist at all.
- the access control decides whether the requested RA can be activated for an identified subject or whether the transfer of the RA to this subject must be blocked.
- the access protection to the document thus consists of semantic encryption of the document on a mass storage device and of a classically or semantically encrypted access to the RA, which belongs to the semantically encrypted VD.
- the data in the key unit can also be saved during a backup. Access to the data within this key unit can be made more difficult if the key with which the key server can be accessed is not S unique. If more than one key for the decryption is plausible or even only theoretically possible, then additional criteria are required to convince yourself and others that the key is correct.
- semantic encryption provides a very large number of possible keys that, when applied to volume data, provide meaningful and possibly also useful data. Even an amateur attacker could come up with a whole class of keys that, when applied to the encrypted data, seem to provide correct content. Proof of originality can also be provided later, regardless of the encryption and decryption.
- the sentence can serve as an example: Pick up Mr. Manfred Schmidt tomorrow (date) at 5 12:17 from the train station in Kunststoff. Although the location, the time and the action have been precisely specified, no statement can be made about what the original content represents with semantic encryption.
- anyone can develop reconstruction instructions that can change the meaning of this sentence. So the date, the time, WO 01/06341 _ 1 Q _ PCT / EP00 / 06824
- the proof of originality can consist, for example, in the fact that a criterion can be agreed between the creator and the user of this encrypted data, that both were accepted as proof of originality.
- This criterion unlike classical cryptography, cannot be mathematical and / or be of a statistical nature If the producer and user are one and the same person, for example, the signing of the correct decryption can be shown in the display of an image previously only known to him as correct. An attacker would also always see an image, but he could not know which one and whether it is correct
- a mathematical criterion managed in the key unit such as that of a digital signature, applied to a part of the inventory that was not visible in the context, could increase the I S reliability of the overall system for the user without being able to obtain information about an attack on the key
- the backup data can also be accessed via the key unit that is also saved.
- the key data can be managed in such a way that reading out this data and management in another key unit can be prevented by comparing the stored relative or absolute data position within the mass storage device of
- the access control within the key unit can determine whether access is from a backup or from the original key unit
- semantic encryption for transmission security in the context of 5 communication consists in the exchange of encrypted data between at least 2 participants A and B.
- the protection of a backup or a long-term archive is a transmission process that is considered in terms of duration as an extreme example of the Application of the transmission security view, since when the backup is stolen, all unprotected data become known to an unauthorized participant
- a backup assumes that the data is used asynchronously and is also stored in this way should ensure that access to the encrypted data is available at any time and several times, even without knowledge of the participant.
- the transmission of the RA can be done before / after / during the I & A and or the transmission of the VD.
- the one or more times transmission of the RA can be adapted to the transmission security and the situation.
- the key unit also stored during the backup is managed via the Access control access to the backup
- the VD and RA must be transmitted with the correct timing. If the application is to work asynchronously to the transmission with the OD, the RA can also be transmitted without correction and, if necessary, also semantically with the VD or classic
- Transmission security can generally be understood to mean the protection of confidentiality or the protection against changes in the transmission of data.
- semantic encryption the protection of confidentiality is immediately given at VD.
- additional classic encryption is based on a small number of data, eg limited to session-wise, individually encrypted RA
- the unnoticed change in the decrypted data to be output can only occur when the VD is changed below a resolution that is not recognizable by the attacker, if, for example, the reconstruction only consisted in restoring the correct order of sentences.
- semantic encryption only in the If there was a change in the order of the sentences, the change of words within a sentence cannot be determined. For the registration of a change, the visual inspection is not sufficient.Therefore, an additional procedure for the digital preservation of evidence for the detection of changes in the volume data and with the semantic Encryption can be combined
- volume data is compressed during communication as a whole or as usable partial data, then the data can be transferred faster and more reliably.
- the security of the data transferred in this way results from the non-linear link between the compressed data.
- the downloaded compressed file can be downloaded the local computer can be changed in the manner described above so that classic methods of preserving evidence can also be used to prevent these manipulations
- the focus is on whether the data EO is genuine, i.e. in the sense that it is original, unchanged or intact a certain date has been created.
- the context of the data may have to be displayed for the preservation of evidence.
- the context may also include the access data.
- the volume data, the RA and the database on which the access data are stored are, have not been changed or cannot be changed without leaving traces
- the verifiability of data integrity i.e. the detection of a change in data that may have been manipulated either at the source (server), during transmission or on the local computer, is important for the trustworthiness of the semantically encrypted data 15
- a mathematical evidence procedure such as the use of a one-way function together with a local file or an unchanged characteristic on a server can be used with the corresponding evidence
- this check either takes place on the local machine or on the server, depending on how the interests are distributed during this check.
- the data can be changed at any time using the mathematical evidence-based methods, i.e. also before the user immediately uses it be performed
- a semantic check of the data integrity can be carried out flexibly by means of a metalanguage, in which the semantic encryption and decryption has a flexible effect on the reconstructed result by means of a minimally changed metalanguage, so that the correctness of the key is relatively simple when the data thus reconstructed is viewed
- 3 G can be recognized by visual inspection
- the key when managing keys, a distinction must be made with regard to the key as a password for identification and authentication, hereinafter referred to as password, and key as Reconstruction instructions for the electronic documents
- the keys themselves can contain instructions which in turn can trigger more complex encryption operations and which can be converted into a set of keys
- the keys can also only be used temporarily for communication or for a number of communication steps, e.g. for a user session.
- the storage of the RA in the database can also be encrypted.
- the use of keys (hereinafter referred to as RA key) can be used Thereby, for a quantity formation within the data encrypted in this way, IQ can then be used to encrypt, for example, all RAs for a document or all RAs for a chapter with all version changes contained therein
- An original data source is always encrypted, which is built up with a defined vocabulary. All languages, in particular natural human languages, consist of a set of words that can be listed in a lexicon. The use of context-related sentences can still conjugate words and be declined
- the encryption of a backup has an additional problem that has no equivalent meaning when transferring data. Since backup bands and their illegally made copies can be kept for a very long time, there is the problem of having an access password, even after Years can be remembered and used again, on the other hand there is the problem that the final camouflage of the password has far-reaching consequences for data security If the passwords are too difficult to remember, then there is a 3Q risk of forgetting If, on the other hand, the password for the manufacturer of the backup or If a user whose data is stored is very easy to remember, then traditional encryption methods are no longer protection. Semantic encryption of the key unit, on the other hand, would not provide any evidence or evidence that the simple key is actually the correct key
- the use of a local key unit saves the user from having to take extensive failure measures in the event that the key server fails.
- the more flexible distribution the key enables online access to an external, if necessary, centrally managed key server, in the event of an additional comparison to ensure that it is up to date
- RA keys can be stored centrally, locally or distributed
- the security of the password administration results on the one hand from the one-way 3G function used and on the other hand from the selection of the password by the user.
- the specification of a length and a selection from the largest possible character set improves the quality of a password in order to guess passwords difficult to exclude are formed.
- Password management is like key management.
- passwords are usually set by the user. They can also be entered 3 seconds by the user or changed if necessary
- the activation of the key unit that was retrieved from the backup can only work correctly if additional information is tion is fetched by a trustworthy and computer, who may only collect information for this purpose, but only release answers after overcoming several individual steps, possibly also of an organizational nature
- the key unit is an important target due to its importance for the security of the data within the overall solution. If a user reveals his password to this key unit during identification, then the security of the overall system is at risk. For this reason, the password entry must protect itself from so-called Trojan horses that pretend to be the user, they were actually the key unit, but in reality they are only programs that are intended to induce the user to enter the password. This spying out of the password is also called spoofing.
- the key unit can also be equipped with additional methods for preventing spoofing, e.g. the generation of a plurality of access passwords for each user (advantageously only one correct one), so that an insecurity component in one unauthorized access is created
- Access control to a backup can also be implemented as a copy protection method
- the key for encryption can be used immediately to identify the key for decryption. In this sense, exchanging and replacing data can be understood as a symmetrical encryption procedure.
- the associated decryption RA can be obtained immediately through the work instruction for decryption. In the same way, after decryption, it is known how the encryption was carried out. In order to separate these two processes more strongly, a semantic intermediate layer must be introduced
- the instructions for swapping or deleting etc. consist of a vocabulary or at least of tokens to which a defined task has been assigned.
- the vocabulary is linked to an action by the interpretation of the reconstruction unit.
- the interpretation of this vocabulary can be realized by the implementation of the operations of a metalanguage. If the assignment of the vocabulary to operations can in turn be changed by a metalanguage, an additional key can be used to interpret the operation of the first key in a more complex manner. This additional key can then be added to either the sender or the recipient of the RA Additional assignments between vocabulary and operations can interact with one another in such a functional way that back-counting from one key to the other fails due to the complexity and uniqueness of the problem.
- One-way functions can be used to support this process From this link, semantic encryption can also be used in such a way that asymmetric encryption can be made possible with all of its applications known from the prior art. 5
- MD Message digits
- the application can be restricted to a class of entities specified by the semantic encryption or to their complementary quantity. In this way, several independent part message digits can be created, each one for itself Provide protection against random and deliberate changes Since MD are used at the byte level and are therefore relatively time-consuming to create for very large amounts of data, a semantic MD can be used at the semantic level whether it is a change in the volume data or the key data or key unit
- FIG. 2 shows a schematic block diagram representation of the structure of an EG key generation and management unit with the associated functional components in the context of the present invention, which can be used to convert electronic documents to be protected by the semantic encryption technology according to the invention into protected volume files and
- the embodiment described in connection with FIG. 2, in particular ES also enables not only to generate a key data set (which leads to the original, correct data set when restoring), but also a plurality of key data sets, so that this aspect of the Having a plurality of possible keys (of which in turn only one leads to the result which is also correct in terms of content and not only apparently correct) can further increase the security of the present invention
- the train is on time is stored in a memory 52 according to FIG. 2 and is to be semantically encoded in the manner to be described below by the action of the further functional components shown in FIG. 2
- IG document storage unit 52 for the analysis unit 58 downstream of the reading / access unit 54 is now able to analyze and evaluate this on the basis of the document information read by the reading unit 54, the analysis unit 58 firstly the electronic document into its individual information components disassembled and stores this in an information component storage unit 60 (in the present example
- the content of the document structure storage unit after the analysis of the source document by the analysis unit could look as follows
- Theorem 1 (1, 2 3, 4)
- Theorem 2 (1, 2 3), E 5 while the information component storage unit 60 contains information components corresponding to this structural analysis, that is to say words
- Thomas comes from the cemetery at 4 p.m. The train is on time.
- this sentence appears to be an open, unencrypted result, so that an essential, protective foundation of the present invention is that an attacker may not even get the impression that this text is encryption , and thus refrains from attacking this text from the beginning of the EC.
- an equivalent unit 70 (which in its simplest version can be understood as a table or database of equivalent, i.e. corresponding and interchangeable, terms):
- a semantic control unit 72 which is also connected to the encryption unit 64 and influences the described encryption operation, 5 ensured that the encryption result "... comes ... from the cemetery is grammatically and syntactically correct, so that it is not manipulated can be identified. (The additional “to” would also be correct here). Also using the encryption unit 64 and the cooperating equivalence unit WO 01/06341 _2 Q _ PCT / EP00 / 06824
- the content component "the train” of the following sentence is related in terms of content to the content component "graveyard” newly introduced in the previous sentence, so that even without encryption of the second sentence a completely different meaning (and thus an encryption effect)
- volume data storage unit 10 is output as volume data and stored in a volume data storage unit, while a key that enables reconstruction (in the present exemplary embodiment, information about the words interchanged in each case with their position in the sentence and in respective content terms) is stored in a key data storage unit 74, corresponding to FIG. 15 the associated key file for storage unit 74 could look like this (in the following example, the reconstruction unit interprets the EXCHANGE command in order to carry out the swap specified in the argument)
- the vocabulary of the command language itself is dynamic and can be changed by functions of a script language, the EXCHANGE command itself could thus be replaced by any other expression
- these two storage units are additionally followed by an output unit 78, which in a particularly simple manner prepares the key data 74 in the form of a script and can output it as an executable script file 84; this is done with the aid of a conversion unit 80 which is otherwise known from the
- volume data of the storage unit 76 generates a volume document 82 corresponding to the encrypted version, and from the index or reconstruction data of the storage unit 74 a structure description, script, e.g. as Javascript, XML, VB-Script or the like, and which then automatically processes the volume document 82 when it runs and transfers it to the original
- 3Q can then be secured (and in particular also to carry out a suitable identification that authorizes proper access to the document). and / or payment process), the script file 84 is transmitted to the authorized user, who can then easily (and ideally without being confronted with the encrypted volume document) restore the open original version.
- the embodiment shown schematically in FIG. 2 is suitable not only for generating a key file for the storage unit 74 (or as an executable script file 84), but also a plurality, of which, however, ideally only one content the result is actually correct, while other key files than scripts trigger a decryption process, which also leads to a meaningful (and thus apparently correct) result, but does not match the original version in terms of content.
- the present invention is not limited to the exemplary example of text files.
- it also makes sense to encrypt any further electronic documents in the manner described in principle, as long as these electronic documents are suitable for the basic operations of exchanging, removing, adding or exchanging Structure from content components have typical others
- EO application cases were, in particular, music files, which are usually available in the so-called MP3 format and, where it is possible within the scope of the present invention, the data structures (so-called frames) specified by the MP3 format individually or in blocks (ideally also clockwise or section by section, based on the respective piece of music) to be removed or exchanged
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE1999132703 DE19932703C2 (de) | 1999-07-15 | 1999-07-15 | Datenverarbeitungsvorrichtung |
DE19932703 | 1999-07-15 | ||
PCT/EP2000/006824 WO2001006341A1 (de) | 1999-07-15 | 2000-07-17 | Datenverarbeitungsvorrichtung |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1410128A1 true EP1410128A1 (de) | 2004-04-21 |
Family
ID=7914611
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP00953060A Withdrawn EP1410128A1 (de) | 1999-07-15 | 2000-07-17 | Datenverarbeitungsvorrichtung |
Country Status (4)
Country | Link |
---|---|
US (1) | US20020111133A1 (de) |
EP (1) | EP1410128A1 (de) |
DE (1) | DE19964198A1 (de) |
WO (1) | WO2001006341A1 (de) |
Families Citing this family (49)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10028265A1 (de) * | 2000-06-09 | 2001-12-13 | Erland Wittkoetter | Vorrichtung und Verfahren zum Entschlüsseln eines verschlüsselten elektronischen Dokuments |
US7480857B2 (en) * | 2004-09-10 | 2009-01-20 | Igt | Method and apparatus for data communication in a gaming system |
US20030177378A1 (en) * | 2001-06-01 | 2003-09-18 | Erland Wittkotter | Apparatus and method for the decryption of an encrypted electronic document |
US7136883B2 (en) * | 2001-09-08 | 2006-11-14 | Siemens Medial Solutions Health Services Corporation | System for managing object storage and retrieval in partitioned storage media |
DE10205316B4 (de) | 2002-02-08 | 2008-01-17 | Infineon Technologies Ag | Schlüsselmanagementeinrichtung und Verfahren zur verschlüsselten Ablage von digitalen Datenwörtern |
US8010405B1 (en) | 2002-07-26 | 2011-08-30 | Visa Usa Inc. | Multi-application smart card device software solution for smart cardholder reward selection and redemption |
US9852437B2 (en) | 2002-09-13 | 2017-12-26 | Visa U.S.A. Inc. | Opt-in/opt-out in loyalty system |
US8015060B2 (en) | 2002-09-13 | 2011-09-06 | Visa Usa, Inc. | Method and system for managing limited use coupon and coupon prioritization |
US8626577B2 (en) | 2002-09-13 | 2014-01-07 | Visa U.S.A | Network centric loyalty system |
JP4536330B2 (ja) * | 2003-03-06 | 2010-09-01 | ソニー株式会社 | データ処理装置、および、その方法 |
US7827077B2 (en) | 2003-05-02 | 2010-11-02 | Visa U.S.A. Inc. | Method and apparatus for management of electronic receipts on portable devices |
US8554610B1 (en) | 2003-08-29 | 2013-10-08 | Visa U.S.A. Inc. | Method and system for providing reward status |
US7051923B2 (en) | 2003-09-12 | 2006-05-30 | Visa U.S.A., Inc. | Method and system for providing interactive cardholder rewards image replacement |
US8407083B2 (en) | 2003-09-30 | 2013-03-26 | Visa U.S.A., Inc. | Method and system for managing reward reversal after posting |
US8005763B2 (en) | 2003-09-30 | 2011-08-23 | Visa U.S.A. Inc. | Method and system for providing a distributed adaptive rules based dynamic pricing system |
US7653602B2 (en) | 2003-11-06 | 2010-01-26 | Visa U.S.A. Inc. | Centralized electronic commerce card transactions |
US7359902B2 (en) | 2004-04-30 | 2008-04-15 | Microsoft Corporation | Method and apparatus for maintaining relationships between parts in a package |
US7487448B2 (en) | 2004-04-30 | 2009-02-03 | Microsoft Corporation | Document mark up methods and systems |
US7383500B2 (en) | 2004-04-30 | 2008-06-03 | Microsoft Corporation | Methods and systems for building packages that contain pre-paginated documents |
US7549118B2 (en) | 2004-04-30 | 2009-06-16 | Microsoft Corporation | Methods and systems for defining documents with selectable and/or sequenceable parts |
US7418652B2 (en) | 2004-04-30 | 2008-08-26 | Microsoft Corporation | Method and apparatus for interleaving parts of a document |
US7512878B2 (en) | 2004-04-30 | 2009-03-31 | Microsoft Corporation | Modular document format |
US8661332B2 (en) | 2004-04-30 | 2014-02-25 | Microsoft Corporation | Method and apparatus for document processing |
US7634775B2 (en) * | 2004-05-03 | 2009-12-15 | Microsoft Corporation | Sharing of downloaded resources |
US7755786B2 (en) * | 2004-05-03 | 2010-07-13 | Microsoft Corporation | Systems and methods for support of various processing capabilities |
US7519899B2 (en) * | 2004-05-03 | 2009-04-14 | Microsoft Corporation | Planar mapping of graphical elements |
US7580948B2 (en) * | 2004-05-03 | 2009-08-25 | Microsoft Corporation | Spooling strategies using structured job information |
US8363232B2 (en) | 2004-05-03 | 2013-01-29 | Microsoft Corporation | Strategies for simultaneous peripheral operations on-line using hierarchically structured job information |
US8243317B2 (en) | 2004-05-03 | 2012-08-14 | Microsoft Corporation | Hierarchical arrangement for spooling job data |
US7440132B2 (en) * | 2004-05-03 | 2008-10-21 | Microsoft Corporation | Systems and methods for handling a file with complex elements |
JP2006033646A (ja) * | 2004-07-20 | 2006-02-02 | Sony Corp | 情報処理システム及び情報処理方法、並びにコンピュータプログラム |
US7617450B2 (en) | 2004-09-30 | 2009-11-10 | Microsoft Corporation | Method, system, and computer-readable medium for creating, inserting, and reusing document parts in an electronic document |
US7584111B2 (en) * | 2004-11-19 | 2009-09-01 | Microsoft Corporation | Time polynomial Arrow-Debreu market equilibrium |
US7617451B2 (en) * | 2004-12-20 | 2009-11-10 | Microsoft Corporation | Structuring data for word processing documents |
US7752632B2 (en) | 2004-12-21 | 2010-07-06 | Microsoft Corporation | Method and system for exposing nested data in a computer-generated document in a transparent manner |
US7770180B2 (en) | 2004-12-21 | 2010-08-03 | Microsoft Corporation | Exposing embedded data in a computer-generated document |
US7590868B2 (en) * | 2005-02-09 | 2009-09-15 | Hewlett-Packard Development Company, L.P. | Method and apparatus for managing encrypted data on a computer readable medium |
US7660797B2 (en) * | 2005-05-27 | 2010-02-09 | Microsoft Corporation | Scanning data in an access restricted file for malware |
DE102005028066B3 (de) | 2005-06-16 | 2006-12-07 | Deutsche Exide Gmbh | Polbrücke für eine Batterie |
US7818395B2 (en) * | 2006-10-13 | 2010-10-19 | Ceelox, Inc. | Method and apparatus for interfacing with a restricted access computer system |
US8069251B2 (en) * | 2007-06-01 | 2011-11-29 | Adobe Systems Incorporated | System and/or method for client-driven server load distribution |
US9251382B2 (en) * | 2007-12-20 | 2016-02-02 | International Business Machines Corporation | Mapping encrypted and decrypted data via key management system |
US10642692B2 (en) * | 2008-04-18 | 2020-05-05 | Ncr Corporation | System of method of storing data in a self-service terminal |
US20110145082A1 (en) | 2009-12-16 | 2011-06-16 | Ayman Hammad | Merchant alerts incorporating receipt data |
US8429048B2 (en) | 2009-12-28 | 2013-04-23 | Visa International Service Association | System and method for processing payment transaction receipts |
US9124430B2 (en) * | 2013-09-23 | 2015-09-01 | Venafi, Inc. | Centralized policy management for security keys |
US9369279B2 (en) | 2013-09-23 | 2016-06-14 | Venafi, Inc. | Handling key rotation problems |
CN104142838A (zh) * | 2014-07-02 | 2014-11-12 | 青岛海信移动通信技术股份有限公司 | 一种移动通信终端开机启动的方法和设备 |
CN112154437A (zh) * | 2018-05-30 | 2020-12-29 | 瑞典爱立信有限公司 | 用于处置电子设备的入侵的方法和入侵管理器 |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2659896B2 (ja) * | 1992-04-29 | 1997-09-30 | インターナショナル・ビジネス・マシーンズ・コーポレイション | 構造化文書複製管理方法及び構造化文書複製管理装置 |
MX9602773A (es) * | 1994-01-13 | 1997-05-31 | Bankers Trust Co | Sistema criptografico y metodo con aspecto de deposito de plica de clave. |
US5765152A (en) * | 1995-10-13 | 1998-06-09 | Trustees Of Dartmouth College | System and method for managing copyrighted electronic media |
US6393569B1 (en) * | 1996-12-18 | 2002-05-21 | Alexander S. Orenshteyn | Secured system for accessing application services from a remote station |
DE69724947T2 (de) * | 1997-07-31 | 2004-05-19 | Siemens Ag | Rechnersystem und Verfahren zur Sicherung einer Datei |
US6385596B1 (en) * | 1998-02-06 | 2002-05-07 | Liquid Audio, Inc. | Secure online music distribution system |
US6374402B1 (en) * | 1998-11-16 | 2002-04-16 | Into Networks, Inc. | Method and apparatus for installation abstraction in a secure content delivery system |
US6708187B1 (en) * | 1999-06-10 | 2004-03-16 | Alcatel | Method for selective LDAP database synchronization |
-
1999
- 1999-07-15 DE DE19964198A patent/DE19964198A1/de not_active Ceased
-
2000
- 2000-07-17 WO PCT/EP2000/006824 patent/WO2001006341A1/de not_active Application Discontinuation
- 2000-07-17 EP EP00953060A patent/EP1410128A1/de not_active Withdrawn
-
2002
- 2002-01-15 US US10/047,275 patent/US20020111133A1/en not_active Abandoned
Non-Patent Citations (1)
Title |
---|
See references of WO0106341A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2001006341A1 (de) | 2001-01-25 |
US20020111133A1 (en) | 2002-08-15 |
DE19964198A1 (de) | 2001-04-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1410128A1 (de) | Datenverarbeitungsvorrichtung | |
DE69736310T2 (de) | Erzeugung und Verteilung digitaler Dokumente | |
DE60200616T2 (de) | Gesicherte Inhaltsobjekte | |
DE69634880T2 (de) | Verfahren und gerät zum kontrollierten zugriff zu verschlüsselten datenakten in einem computersystem | |
DE69531082T2 (de) | Verfahren und Vorrichtung mit einem Verschlüsselungskopfteil, die es ermöglicht, Software zu erproben | |
EP1944716B1 (de) | Verfahren und Vorrichtung zum Sichern eines Dokuments mit eingefügtem Signaturabbild und biometrischen Daten in einem Computersystem | |
DE3689569T2 (de) | Verfahren zur Systemdateiensicherung und Datenverarbeitungseinheit zu dessen Durchführung. | |
DE112014000408B4 (de) | Sicheres Speichern und Zugreifen auf digitale Artefakte | |
WO2001090855A1 (de) | Verschlüsseln von abzuspeichernden daten in einem iv-system | |
DE10319435A1 (de) | Verfahren zur Verarbeitung von Daten | |
WO2003013167A1 (de) | Vorrichtung zur digitalen signatur eines elektronischen dokuments | |
EP3497615B1 (de) | Verfahren zur handschriftlichen elektronischen signatur | |
EP1228410A1 (de) | Vorrichtung und verfahren zur geschützten ausgabe eines elektronischen dokuments über ein datenübertragungsnetz | |
WO2018104275A1 (de) | Server-computersystem zur bereitstellung von datensätzen | |
EP3552140B1 (de) | Datenbankindex aus mehreren feldern | |
EP1256040A2 (de) | Vorrichtung zum zugriffsgeschützten behandeln elektronischer daten | |
WO2001047175A2 (de) | Vorrichtung zum passwort-geschützten handhaben eines elektronischen dokuments | |
EP3629516A1 (de) | Dezentralisierte identitätsmanagement-lösung | |
DE19932703C2 (de) | Datenverarbeitungsvorrichtung | |
EP2491513B1 (de) | Verfahren und system zum bereitstellen von edrm-geschützten datenobjekten | |
DE102013019487A1 (de) | Verfahren, Vorrichtungen und System zur Online-Datensicherung | |
WO1999008171A1 (de) | Vorrichtung und verfahren zur geschützten ausgabe elektronisch übertragener und gespeicherter dokumente | |
EP4080847A1 (de) | Sicheres verändern von anwendungsdaten in einer blockchain | |
EP4033694B1 (de) | Verfahren und vorrichtung zur vereinheitlichung von blockchain adressen | |
DE19755182A1 (de) | Vorrichtung und Verfahren zur geschützten Ausgabe elektronisch übertragener und gespeicherter Dokumente |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20020702 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): DE FR GB |
|
17Q | First examination report despatched |
Effective date: 20041213 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: WITTKOETTER, ERLAND |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: DER ERFINDER HAT AUF SEINE NENNUNG VERZICHTET. |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: WITTKOETTER, ERLAND |
|
18D | Application deemed to be withdrawn |
Effective date: 20050624 |