EP1483645A2 - Device and method for making secure sensitive data, in particular between two parties via a third party entity - Google Patents

Device and method for making secure sensitive data, in particular between two parties via a third party entity

Info

Publication number
EP1483645A2
EP1483645A2 EP03717408A EP03717408A EP1483645A2 EP 1483645 A2 EP1483645 A2 EP 1483645A2 EP 03717408 A EP03717408 A EP 03717408A EP 03717408 A EP03717408 A EP 03717408A EP 1483645 A2 EP1483645 A2 EP 1483645A2
Authority
EP
European Patent Office
Prior art keywords
entity
personal
sensitive data
party
personal electronic
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP03717408A
Other languages
German (de)
French (fr)
Inventor
Murielle Rose
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gemplus SA
Original Assignee
Gemplus Card International SA
Gemplus SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemplus Card International SA, Gemplus SA filed Critical Gemplus Card International SA
Publication of EP1483645A2 publication Critical patent/EP1483645A2/en
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes

Definitions

  • the invention relates to the management of sensitive data in data exchange systems.
  • An example of such systems is based on the realization of electronic contracts between two parties or entities, for example a user and a service provider, using a third party entity. The latter then acts as a representative of the user, being able to negotiate on his behalf with service providers, while protecting his personal data.
  • the trusted intermediary 2 keeps in memory the data characteristic of a contract concluded between two entities, such as a user and a commercial entity for example.
  • the trusted intermediary provides electronic proof of the contract signed.
  • the operating principle of such an organization is presented schematically in FIG. 1.
  • the trusted intermediary 2 has two interfaces: a so-called “service provider agent” 4 which dialogues with the service providers FS, and a so-called “agent staff "6 who dialogues with U users. These two agents 4 and 6 interact with each other via a dedicated link 8.
  • the user U is connected to the personal agent 6 by the Internet network 10, for example by means of a personal computer PC 12.
  • a disadvantage of this system is that the trusted third party 2 needs to know all of the user's personal data in order to carry out the transactions in place of the latter, and that this personal data is vulnerable in two respects of view: they are stored on a computer which is not by nature secure, and they escape the control of ' their owner.
  • the invention provides technical security means which can be integrated functionally in such a system. These means are based on a personal electronic medium held by a user and which can dialogue with the personal agent or other trusted organization.
  • the support manages, under the own control of its holder user, the disclosure of certain sensitive data for which this user judges it undesirable to leave the management of the disclosure to his personal agent. Sensitive data as well are selected by the user.
  • the invention provides, according to a first aspect, a method of representing a first entity by a third entity to which a second entity is addressed to request sensitive data from the first entity, characterized in that it involves the following steps:
  • - the third party entity dialogues with the second entity and with the first entity using a personal agent interface;
  • - the first entity controls the communication of at least part of the sensitive data from the third entity to the second entity by means of a personal electronic medium, via the following steps: - a security agent of the electronic medium personnel ensures dialogue with the personal agent; the security agent of the personal electronic support ensures the reading of at least the part of the sensitive data and / or of the criteria for the inhibition of their disclosure.
  • control can be carried out by interfacing with the user in order to obtain his authorization or prohibition, ensured by the security agent of the personal electronic medium, or by secure storage of at least part of the data. sensitive in the personal electronic medium, outside the third party entity.
  • the invention provides a system for exchanging data between a first and a second entity via a third entity, the system being characterized by a means of communication in the third entity and a support. electronics in the first entity with the characteristics described below.
  • the invention provides a personal electronic medium intended for the method according to the first aspect, comprising:
  • the invention provides a communicating terminal allowing a first entity to communicate with a third entity which represents it, characterized in that it implements a support according to the third aspect.
  • the invention provides a third-party entity representing a first entity, characterized in that it comprises means for dialogue with a personal electronic medium according to the third aspect, making it possible to transmit at least one data item belonging to the first entity under control of said medium.
  • This third-party entity can store in memory the characteristics of a contract concluded between the first entity and a second entity.
  • FIG. 1 is a simplified diagram showing the operation of a trusted third party organization forming a link between service providers and users; and - Figure 2 is a diagram which reproduces that of Figure 1 by adding the elements allowing the implementation of the invention according to a • preferred embodiment.
  • a user U of the trusted third party organization 2 has a personal electronic medium which ensures the management of his sensitive data. These are the data for which he wishes to retain a right of control as to their disclosure by the trusted organization 2 to a service provider for example.
  • the latter can be a commercial enterprise offering online services or wishing to prospect online, an institutional body allowing remote exchanges, etc.
  • the personal electronic medium is a smart card 14 of the SIM or USIM type (English acronym for “(universal) subscriber identification module”) integrated into a mobile telephone terminal 16 of the user U, thus conferring a new function to this card.
  • a SIM chip card in itself contains enough basic technical resources to perform this function: microprocessor 15, memories: RAM of the "RAM” type 18, frozen of the "ROM” type 20, electrically programmable of the "EEPROM” type 22, communication interface (by contacts), communication programs, means of loading data and programs , etc.
  • Card 14 - which constitutes the personal electronic medium - intervenes in management in two possible ways:
  • the sensitive data or data DS in its own memory (for example the EEPROM memory 22), these data then not being stored with the personal agent 6, and / or
  • the card 14 can selectively exercise one or the other of these ways of intervening as a function of the sensitive data in question.
  • Management at the level of the card 14 is carried out by application software, called "security agent application" 24, contained in the support (for example in the EEPROM memory 22 of the card 14).
  • the security application ensures in particular: i) the dialogue with the personal agent 6, ii) the reading of the memory 22 storing the sensitive data DS and / or of the criteria CD for 1 inhibition of their disclosure and iii) 1 interfacing with the user.
  • the personal agent 6 has software 26 for dialog with the security agent application 24.
  • the security agent application 24 presents the user with a request for authorization to transmit (with indication of the data item and its disclosure condition).
  • the security agent application 24 extracts in response the sensitive data in question from the memory 22 and transmits it to the personal agent 6.
  • the security agent application 24 blocks the sensitive data in its memory 22. 2.
  • the personal agent 6 has the sensitive data, but in association with an indication not to disclose it to a third party only with the user's prior agreement to each request. Two possibilities are then taken into account: - 2.1. .
  • the security guard application 24 in the card 14 includes an indication of the disclosure condition.
  • the personal agent 6 indicates on the card, with his request, the disclosure condition (for example the name of the requesting third party).
  • the security guard application 24 first determines whether it is able to pass judgment on the condition transmitted by the agent. If the answer is negative, it goes to the possibility presented in section 2.2 below; if the answer is positive, it compares the condition indicated by the agent with that (s) recorded for this data.
  • the security agent application 24 sends a validation signal to the personal agent 6, allowing the latter to disclose the data to the requesting third party (for example a service provider FS).
  • a service provider FS for example a service provider FS
  • the security application 24 sends an inhibition signal to the personal agent 6, preventing the latter from extracting the data from its memory.
  • the security guard application 24 in the card 14 has not recorded conditions for disclosing the sensitive data, or is confronted with a condition indication of a type not listed among its possible conditions (for example the name of a new third party).
  • the security agent application 24 presents the user U with a request for authorization to disclose (with indication of the data item and its disclosure condition).
  • the security application 24 sends a validation signal to the personal agent 6, allowing the latter to disclose the data to the requesting third parties. If he expresses his refusal, the security agent application sends an inhibition signal to the personal agent, preventing the latter from extracting the data from his memory.
  • the safety officer applying • 24 is in the form of an applet (called "Applet security agent") loaded into the card 14 is in personalization, either postpersonnalisation.
  • the security agent applet 24 also manages the interface with the user U on the mobile telephone terminal 16, in particular to communicate to him a request for authorization to transmit sensitive data or to accept a validation or inhibition signal. access by the personal agent 6.
  • This interface advantageously uses the display 16a of the mobile terminal to present the conditions and the keyboard 16b to receive a response from the user U.
  • the communication between the applet security guard 24 and the personal agent 6 is carried out on the wireless channel used by the mobile telephone terminal 16, for example according to the GSM protocol. In the example, this communication passes through a mobile telephone network operator 28 and the communications are advantageously made by SMS messages.
  • MMS (acronym for "multimedia messaging service”).
  • the security agent applet 24 can respond to the personal agent 6, via the dialogue software 26, also by SMS messages, the latter serving to transmit sensitive data, a validation signal or a signal inhibition.
  • the security agent applet 24 can respond to the personal agent 6, via the dialogue software 26, also by SMS messages, the latter serving to transmit sensitive data, a validation signal or a signal inhibition.
  • the dialogue between the card 14 and the personal agent 6 can be secured by any known means (encryption, etc.).
  • the recipient of sensitive data (or inhibition / validation signals) emitted by the medium this recipient can be any centralized private or public management system; - the personal electronic medium held by the user, this medium being able to be a smart card of any type, an electronic token, an electronic badge, or any other personal electronic object making it possible to communicate via a platform or by himself, terminal on the user side, this terminal can be any mobile telephone, landline telephone, communicating personal digital assistant, personal computer, etc., of the link connecting the material medium held by the user or his terminal with the recipient of sensitive data , this link can be based on any wireless or wired communication protocol,
  • the security agent applet 24 (or the like) can be provided for transmitting a secure data item not in return to the personal agent 6 (or the like) having made the request, but directly to the final recipient (for example the service provider FS), by calling the connection number of the latter.
  • the hardware support 14, 16 held by the user can also allow an update or a controlled loading of sensitive data from the personal agent 6 (or any other authorized third party).
  • the security agent applet 24 will then ensure the validation of the loading or modification under control of the user, either by presenting the request for loading or updating with the possibility of accepting or refusing, or by performing automatic filtering on the basis of criteria fixed beforehand by the user.
  • the invention is suitable for financial transactions, in particular for processing electronic payment in the context of electronic commerce.
  • the bank details will be stored on the smart card of the personal electronic medium and used as described above in section 1.2.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The invention concerns a method for representing a first entity (U) by a third party entity (2) who is addressed by a second entity (FS) to request sensitive data (DS) from the first entity. The securing method consists in controlling the transmission of part at least of the sensitive data using a personal electronic medium (14) held by the first entity (U). Said medium can itself contain the sensitive data instead of the third party entity, and/or means for selectively locking or unlocking the third party entity if the latter holds it. The medium can be in the form of a smart card, for example a SIM card for the mobile telephone system.

Description

DISPOSITIF ET PROCEDE DE SECURISATION DE DONNEES SENSIBLES, NOTAMMENT ENTRE DEUX PARTIES VIA UN DEVICE AND METHOD FOR SECURING SENSITIVE DATA, PARTICULARLY BETWEEN TWO PARTS VIA A
ORGANISME TIERSTHIRD PARTY ORGANIZATION
L'invention concerne la gestion de données sensibles dans des systèmes d'échange de données.The invention relates to the management of sensitive data in data exchange systems.
Un exemple de tels systèmes est basé sur la réalisation de contrats électroniques entre deux parties ou entités, par exemple un utilisateur et un fournisseur de services, à l'aide d'une entité tiers. Cette dernière agit alors en représentant de l'utilisateur, étant apte à négocier en son nom auprès des fournisseurs de services, tout en protégeant ses données personnelles.An example of such systems is based on the realization of electronic contracts between two parties or entities, for example a user and a service provider, using a third party entity. The latter then acts as a representative of the user, being able to negotiate on his behalf with service providers, while protecting his personal data.
Dans ce cadre, il existe des comités en matière de standardisation des échanges entre les fournisseurs d'accès et les utilisateurs, parties respectives d'un contrat. L'organisation dénommée "XNS.org", dont le site Internet se situe à l'adresse http : //www.xns . org/ . est un exemple d'un tel comité, qui spécifie le rôle d'une entité tiers en tant qu'intermédiaire de confiance sur le réseau Internet .In this context, there are committees in terms of standardization of exchanges between access providers and users, respective parties to a contract. The organization called "XNS.org", whose website is located at http: //www.xns. org /. is an example of such a committee, which specifies the role of a third party as a trusted intermediary on the Internet.
Cette dernière garde en mémoire les données caractéristiques d'un contrat passé entre deux entités, comme un utilisateur et une entité commerciale par exemple. Ainsi, en cas de litige postérieur au contrat, comme la non livraison d'un produit, le non paiement, ou la diffusion abusive de données personnelles, l'intermédiaire de confiance apporte la preuve électronique du contrat passé. Le principe de fonctionnement d'une telle organisation est présenté schématiquement à la figure 1. L'intermédiaire de confiance 2 comporte deux interfaces : une dite "agent fournisseur de services" 4 qui dialogue avec les fournisseurs de services FS, et une dite "agent personnel" 6 qui dialogue avec les utilisateurs U. Ces deux agents 4 et 6 dialoguent entre eux par un lien dédié 8.The latter keeps in memory the data characteristic of a contract concluded between two entities, such as a user and a commercial entity for example. Thus, in the event of litigation subsequent to the contract, such as the non-delivery of a product, non-payment, or the improper dissemination of personal data, the trusted intermediary provides electronic proof of the contract signed. The operating principle of such an organization is presented schematically in FIG. 1. The trusted intermediary 2 has two interfaces: a so-called "service provider agent" 4 which dialogues with the service providers FS, and a so-called "agent staff "6 who dialogues with U users. These two agents 4 and 6 interact with each other via a dedicated link 8.
Dans l'exemple illustré, l'utilisateur U est relié à l'agent personnel 6 par le réseau Internet 10, par exemple au moyen d'un ordinateur personnel PC 12.In the example illustrated, the user U is connected to the personal agent 6 by the Internet network 10, for example by means of a personal computer PC 12.
Un inconvénient de ce système est que l'organisme tiers de confiance 2 a besoin de connaître l'ensemble des donnée personnelles de l'utilisateur afin de réaliser les transactions à la place de ce dernier, et que ces données personnelles sont vulnérables de deux points de vue : elles sont stockées dans un ordinateur qui n'est pas par nature sécurisé, et elles échappent au contrôle de ' leur propriétaire.A disadvantage of this system is that the trusted third party 2 needs to know all of the user's personal data in order to carry out the transactions in place of the latter, and that this personal data is vulnerable in two respects of view: they are stored on a computer which is not by nature secure, and they escape the control of ' their owner.
Il en résulte que des utilisateurs sont réticents, à juste titre, de laisser toutes leurs données personnelles sur le site de l'organisme de confiance, certaines de ces données étant sensibles pour l'utilisateur U pour diverses raisons, s 'agissant par exemple de son numéro, de téléphone personnel, des éléments de son état civil, ses coordonnée bancaires, ses cartes de visite électroniques, son dossier médical, etc. Au vu de ce qui précède, l'invention prévoit des moyens techniques de sécurisation pouvant s ' intégrer fonctionnellement dans un tel système. Ces moyens sont basés sur un support électronique personnel détenu par un utilisateur et pouvant dialoguer avec l'agent personnel ou autre organisme de confiance. Le support gère, sous le propre contrôle de son utilisateur détenteur, la divulgation de certaines données sensibles pour lesquelles cet utilisateur juge indésirable d'en laisser la gestion de la divulgation à son agent personnel . Les données sensibles ainsi protégées sont sélectionnées par l'utilisateur. Elle peuvent concerner tout élément, d ' information qu'il juge sensible, concernant sa vie privée, institutionnelle, etc . Plus particulièrement, l'invention prévoit, selon un premier aspect, un procédé de représentation d'une première entité par une entité tiers à laquelle s'adresse une deuxième entité pour requérir des données sensibles de la première entité, caractérisé en ce qu'il comporte les étapes suivantes :As a result, users are rightly reluctant to leave all their personal data on the site of the trusted organization, some of this data being sensitive for user U for various reasons, such as his number, personal telephone number, elements of his marital status, his bank details, his electronic business cards, his medical file, etc. In view of the above, the invention provides technical security means which can be integrated functionally in such a system. These means are based on a personal electronic medium held by a user and which can dialogue with the personal agent or other trusted organization. The support manages, under the own control of its holder user, the disclosure of certain sensitive data for which this user judges it undesirable to leave the management of the disclosure to his personal agent. Sensitive data as well are selected by the user. They may relate to any element of information that he considers sensitive, concerning his private, institutional life, etc. More particularly, the invention provides, according to a first aspect, a method of representing a first entity by a third entity to which a second entity is addressed to request sensitive data from the first entity, characterized in that it involves the following steps:
- l'entité tiers dialogue avec la deuxième entité et avec la première entité à l'aide d'une interface agent personnel ; - la première entité contrôle la communication au moins d'une partie des données sensibles de l'entité tiers vers la deuxième entité au moyen d'un support électronique personnel, par l'intermédiaire des étapes suivantes : - un agent de sécurité du support électronique personnel assure le dialogue avec l'agent personnel ; l'agent de sécurité du support électronique personnel assure la lecture d'au moins la partie des données sensibles et/ou des critères pour l'inhibition de leur divulgation.- the third party entity dialogues with the second entity and with the first entity using a personal agent interface; - the first entity controls the communication of at least part of the sensitive data from the third entity to the second entity by means of a personal electronic medium, via the following steps: - a security agent of the electronic medium personnel ensures dialogue with the personal agent; the security agent of the personal electronic support ensures the reading of at least the part of the sensitive data and / or of the criteria for the inhibition of their disclosure.
Selon ce procédé, le contrôle peut être réalisé par un interfaçage avec l'utilisateur afin d'obtenir son autorisation ou interdiction, assuré par l'agent de sécurité du support électronique personnel, ou par stockage sécurisé d'une partie au moins des données sensibles dans le support électronique personnel, hors de l'entité tiers.According to this method, the control can be carried out by interfacing with the user in order to obtain his authorization or prohibition, ensured by the security agent of the personal electronic medium, or by secure storage of at least part of the data. sensitive in the personal electronic medium, outside the third party entity.
Selon un deuxième aspect, l'invention prévoit un système d'échange de données entre un première et une second entité par l'intermédiaire d'une entité tiers, le système étant caractérisé par un moyen de communication dans l'entité tiers et un support électronique dans la première entité comportant les caractéristiques décrites ci-après. Selon un troisième aspect, l'invention prévoit un support électronique personnel destiné au procédé selon le premier aspect, comprenant :According to a second aspect, the invention provides a system for exchanging data between a first and a second entity via a third entity, the system being characterized by a means of communication in the third entity and a support. electronics in the first entity with the characteristics described below. According to a third aspect, the invention provides a personal electronic medium intended for the method according to the first aspect, comprising:
- une zone mémoire destinée au stockage d'au moins une donnée sensible dont l'émission est à gérer et/ou au stockage d'une condition d'émission par l'entité tiers d'au moins une donnée sensible stockée par celle-ci, et une application agent de sécurité qui assure le dialogue avec l'agent personnel de l'entité tiers, et qui assure la lecture de la' mémoire . Selon un quatrième aspect, l'invention prévoit un terminal communicant permettant à une première entité de communiquer avec une entité tiers qui le représente, caractérisé en ce qu'il met en œuvre un support selon le troisième aspect. Selon un cinquième aspect, l'invention prévoit une entité tiers de représentation d'une première entité, caractérisée en ce qu'elle comprend des moyens de dialogue avec un support électronique personnel selon le troisième aspect, permettant de transmettre au moins une donnée appartenant à la première entité sous contrôle dudit support. Cette entité tiers peut stocker en mémoire les caractéristiques d'un contrat passé entre la première entité et une seconde entité. L'invention et les avantages qui en découlent apparaîtront plus clairement à la lecture de la description qui suit d'un mode de réalisation préféré, donné purement à titre d'exemple non-limitatif, par référence aux dessins annexés dans lesquels :- a memory zone intended for the storage of at least one sensitive datum whose emission is to be managed and / or for the storage of a condition of emission by the third party of at least one sensitive datum stored by it and a security agent application that ensures dialogue with the personal agent of the entity thirds, and ensures the reading of the memory. According to a fourth aspect, the invention provides a communicating terminal allowing a first entity to communicate with a third entity which represents it, characterized in that it implements a support according to the third aspect. According to a fifth aspect, the invention provides a third-party entity representing a first entity, characterized in that it comprises means for dialogue with a personal electronic medium according to the third aspect, making it possible to transmit at least one data item belonging to the first entity under control of said medium. This third-party entity can store in memory the characteristics of a contract concluded between the first entity and a second entity. The invention and the advantages which ensue therefrom will appear more clearly on reading the following description of a preferred embodiment, given purely by way of non-limiting example, with reference to the appended drawings in which:
-' la figure 1, déjà décrite, est un schéma simplifié montrant le fonctionnement d'un organisme tiers de confiance formant un lien entre fournisseurs de services et utilisateurs ; et - la figure 2 est un schéma qui reprend celui de la figure 1 en ajoutant les éléments permettant la mise en œuvre de l'invention selon un mode de réalisation préféré.- ' Figure 1, already described, is a simplified diagram showing the operation of a trusted third party organization forming a link between service providers and users; and - Figure 2 is a diagram which reproduces that of Figure 1 by adding the elements allowing the implementation of the invention according to a preferred embodiment.
Les éléments de la figure 2 reprenant ceux de la figure 1 portent les mêmes références et ne seront pas décrits de nouveau par souci de concision.The elements of Figure 2 repeating those of Figure 1 have the same references and will not be described again for the sake of brevity.
Conformément à l'invention, un utilisateur U de l'organisme tiers de confiance 2 dispose d'un support électronique personnel qui assure la gestion de ses données sensibles. Ces dernières sont les données pour lesquelles il souhaite conserver un droit de contrôle quant à leur divulgation par l'organisme de confiance 2 à un fournisseur de services par exemple. Ce dernier peut être une entreprise commerciale offrant des services en ligne ou souhaitant prospecter en ligne, un organisme institutionnel permettant des échanges à distance, etc ..According to the invention, a user U of the trusted third party organization 2 has a personal electronic medium which ensures the management of his sensitive data. These are the data for which he wishes to retain a right of control as to their disclosure by the trusted organization 2 to a service provider for example. The latter can be a commercial enterprise offering online services or wishing to prospect online, an institutional body allowing remote exchanges, etc.
Dans l'exemple, le support électronique personnel est une carte à puce 14 du type SIM ou USIM (acronyme anglais de " (universal) subscriber identification module") intégrée dans un terminal de téléphonie mobile 16 de l'utilisateur U, conférant ainsi une nouvelle fonction à cette carte. En effet, une carte à puce SIM comporte en elle-même suffisamment de ressources techniques de base pour réaliser cette fonction : microprocesseur 15, mémoires : vive du type "RAM" 18, figée du type "ROM" 20, programmable électriquement du type "EEPROM" 22, interface de communication (par contacts) , programmes de communication, moyens de chargement de données et de programmes, etc.In the example, the personal electronic medium is a smart card 14 of the SIM or USIM type (English acronym for "(universal) subscriber identification module") integrated into a mobile telephone terminal 16 of the user U, thus conferring a new function to this card. Indeed, a SIM chip card in itself contains enough basic technical resources to perform this function: microprocessor 15, memories: RAM of the "RAM" type 18, frozen of the "ROM" type 20, electrically programmable of the "EEPROM" type 22, communication interface (by contacts), communication programs, means of loading data and programs , etc.
La carte 14 - qui constitue le support électronique personnel - intervient dans la gestion de deux manières possibles :Card 14 - which constitutes the personal electronic medium - intervenes in management in two possible ways:
- en stockant la ou les données sensibles DS dans sa propre mémoire (par exemple la mémoire EEPROM 22), ces données n'étant alors pas stockés auprès de l'agent personnel 6, et/ouby storing the sensitive data or data DS in its own memory (for example the EEPROM memory 22), these data then not being stored with the personal agent 6, and / or
- en exerçant une capacité d'inhibition de la divulgation de données sensibles stockées par l'agent personnel .- by exercising a capacity to inhibit the disclosure of sensitive data stored by the personal agent.
Bien entendu, la carte 14 peut exercer sélectivement l'une ou l'autre de ces manières d'intervenir en fonction de la donnée sensible en question. La gestion au niveau de la carte 14 est réalisée par un logiciel applicatif, dit "application agent de sécurité" 24, contenue dans le support (par exemple dans la mémoire EEPROM 22 de la carte 14) . L'application sécurité assure notamment : i) le dialogue avec l'agent personnel 6, ii) la lecture de la mémoire 22 stockant les données sensible DS et/ou des critères CD pour 1 ' inhibition de leur divulgation et iii) 1 ' interfaçage avec l'utilisateur.Of course, the card 14 can selectively exercise one or the other of these ways of intervening as a function of the sensitive data in question. Management at the level of the card 14 is carried out by application software, called "security agent application" 24, contained in the support (for example in the EEPROM memory 22 of the card 14). The security application ensures in particular: i) the dialogue with the personal agent 6, ii) the reading of the memory 22 storing the sensitive data DS and / or of the criteria CD for 1 inhibition of their disclosure and iii) 1 interfacing with the user.
L'agent personnel 6 possède de son côté un logiciel 26 de dialogue avec l'application agent de sécurité 24.The personal agent 6 has software 26 for dialog with the security agent application 24.
Plusieurs cas de figure peuvent se présenter pour la transmission à un tiers d'une donnée sensible par l'agent personnel 6 sous le contrôle de la carte 14 : 1. Premier cas : l'agent personnel 6 ne possède pas .la donnée sensible et cette donnée DS est stockée dans la carte 14. Deux possibilités sont alors prises en compte : - 1.1. L'utilisateur U accepte de transmettre la donnée sensible systématiquement. L'application agent de sécurité 24 dans la carte est alors paramétrée pour extraire la donnée de la mémoire 22 en carte et la transmettre automatiquement à l'agent personnel 6 systématiquement à chaque requête de ce dernier, sans demande d'autorisation de l'utilisateur en personne. L'utilisateur garde néanmoins le droit de rendre cette donnée hors d'accès par l'agent personnel 6, soit en l'effaçant de la mémoire 22, soit en retirant la carte 14 de son terminal 16 ;Several cases can arise for the transmission to a third party of sensitive data by the personal agent 6 under the control of the card 14: 1. First case: the personal agent 6 does not have the sensitive data and this DS data is stored in the card 14. Two possibilities are then taken into account: - 1.1. The user U agrees to transmit the sensitive data systematically. The security guard application 24 in the card is then configured to extract the data from the memory 22 in the card and automatically transmit it to the personal agent 6 systematically at each request of the latter, without the user's authorization request. in person. The user nevertheless retains the right to make this data inaccessible by the personal agent 6, either by erasing it from the memory 22, or by removing the card 14 from its terminal 16;
1.2. L'utilisateur U n'accepte pas de transmettre la donnée sensible systématiquement. En réponse à une requête de l'agent personnel, l'application agent de sécurité 24 présente à l'utilisateur une demande d'autorisation de transmission (avec indication de la donnée et sa condition de divulgation) .1.2. The user U does not accept to transmit the sensitive data systematically. In response to a request from the personal agent, the security agent application 24 presents the user with a request for authorization to transmit (with indication of the data item and its disclosure condition).
Si l'utilisateur exprime son acceptation, l'application agent de sécurité 24 extrait en réponse la donnée sensible en question de la mémoire 22 et la transmet à 1 ' agent personnel 6.If the user expresses his acceptance, the security agent application 24 extracts in response the sensitive data in question from the memory 22 and transmits it to the personal agent 6.
Si l'utilisateur refuse, l'application agent de sécurité 24 bloque la donnée sensible dans sa mémoire 22. 2. Second cas : l'agent personnel 6 possède la donnée sensible, mais en association avec une indication de ne la divulguer à un tiers qu'avec l'accord préalable de l'utilisateur à chaque requête. Deux possibilités sont alors prises en compte : - 2.1. . L'application agent de sécurité 24 dans la carte 14 comporte une indication de la condition de divulgation. L'agent personnel 6 indique à la carte, avec sa requête, la condition de divulgation (par exemple le nom du tiers demandeur) . L'application agent de sécurité 24 détermine d'abord si elle est à même de porter un jugement sur la condition transmise par l'agent. Si la réponse est négative, elle- passe à la possibilité présentée à la section 2.2 plus bas ; si la réponse est positive, elle compare la condition indiquée par l'agent avec celle (s) enregistrée (s) pour cette donnée.If the user refuses, the security agent application 24 blocks the sensitive data in its memory 22. 2. Second case: the personal agent 6 has the sensitive data, but in association with an indication not to disclose it to a third party only with the user's prior agreement to each request. Two possibilities are then taken into account: - 2.1. . The security guard application 24 in the card 14 includes an indication of the disclosure condition. The personal agent 6 indicates on the card, with his request, the disclosure condition (for example the name of the requesting third party). The security guard application 24 first determines whether it is able to pass judgment on the condition transmitted by the agent. If the answer is negative, it goes to the possibility presented in section 2.2 below; if the answer is positive, it compares the condition indicated by the agent with that (s) recorded for this data.
S'il y a concordance, l'application agent de sécurité 24 émet un signal de validation à l'agent personnel 6, permettant à ce dernier de divulguer la donnée aux tiers demandeur (par exemple un fournisseur de services FS) .If there is a match, the security agent application 24 sends a validation signal to the personal agent 6, allowing the latter to disclose the data to the requesting third party (for example a service provider FS).
S'il n'y a pas concordance, l'application sécurité 24 émet un signal d'inhibition à l'agent personnel 6, empêchant ce dernier d'extraire la donnée de sa mémoire.If there is no agreement, the security application 24 sends an inhibition signal to the personal agent 6, preventing the latter from extracting the data from its memory.
- 2.2. L'application agent de sécurité 24 dans la carte 14 n'a pas enregistré de conditions pour divulguer la donnée sensible, ou est confrontée à une indication de condition d'un type non répertorié parmi ses conditions possibles (par exemple le nom d'un nouveau tiers) . En réponse à une requête provenant de l'agent personnel 6, l'application agent de sécurité 24 présente à l'utilisateur U une demande d'autorisation de divulgation (avec indication de la donnée et sa condition de divulgation) .- 2.2. The security guard application 24 in the card 14 has not recorded conditions for disclosing the sensitive data, or is confronted with a condition indication of a type not listed among its possible conditions (for example the name of a new third party). In response to a request from the personal agent 6, the security agent application 24 presents the user U with a request for authorization to disclose (with indication of the data item and its disclosure condition).
Si l'utilisateur exprime son acceptation, l'application sécurité 24 émet un signal de validation à l'agent personnel 6, permettant à ce dernier de divulguer la donnée aux tiers demandeur. S'il exprime son refus, l'application agent de sécurité émet un signal d'inhibition à l'agent personnel, empêchant ce dernier d'extraire la donnée de sa mémoire . Dans le mode ' de réalisation, l'application agent de sécurité 24 se présente sous la forme d'un Applet (dit "Applet agent de sécurité") chargé dans la carte 14 soit en personnalisation, soit en postpersonnalisation. L'Applet agent de sécurité 24 gère également l'interface avec l'utilisateur U sur le terminal de téléphonie mobile 16, notamment pour lui communiquer une demande d'autorisation de transmettre une donnée sensible ou pour accepter un signal de validation ou d'inhibition de son accès par l'agent personnel 6. Cette interface utilise avantageusement l'affichage 16a du terminal mobile pour présenter les conditions et le clavier 16b pour recevoir une réponse de l'utilisateur U. La communication entre 1 'Applet agent de sécurité 24 et l'agent personnel 6 s'effectue sur le canal sans fil "wireless" utilisé par le terminal de téléphonie mobile 16, par exemple selon le protocole GSM. Dans l'exemple, cette communication passe par un opérateur de réseau de téléphonie mobile 28 et les communications se font avantageusement par messages SMSIf the user expresses his acceptance, the security application 24 sends a validation signal to the personal agent 6, allowing the latter to disclose the data to the requesting third parties. If he expresses his refusal, the security agent application sends an inhibition signal to the personal agent, preventing the latter from extracting the data from his memory. In the mode of realization, the safety officer applying 24 is in the form of an applet (called "Applet security agent") loaded into the card 14 is in personalization, either postpersonnalisation. The security agent applet 24 also manages the interface with the user U on the mobile telephone terminal 16, in particular to communicate to him a request for authorization to transmit sensitive data or to accept a validation or inhibition signal. access by the personal agent 6. This interface advantageously uses the display 16a of the mobile terminal to present the conditions and the keyboard 16b to receive a response from the user U. The communication between the applet security guard 24 and the personal agent 6 is carried out on the wireless channel used by the mobile telephone terminal 16, for example according to the GSM protocol. In the example, this communication passes through a mobile telephone network operator 28 and the communications are advantageously made by SMS messages.
(de l'acronyme anglais "short message service"), EMS(from the acronym "short message service"), EMS
(de l'acronyme anglais "enhanced messaging service") ou(from the acronym "enhanced messaging service") or
MMS (de l'acronyme .anglais "multimédia messaging service") .MMS (acronym for "multimedia messaging service").
De son côté, 1 'Applet agent de sécurité 24 peut répondre à l'agent personnel 6, via le logiciel de dialogue 26, également par messages SMS, ces derniers servant à transmettre une donnée sensible, un signal de validation ou un signal d'inhibition. Il existe de nombreux protocoles possibles pour coder les commandes et les signaux échangés entre 1 'Applet agent de sécurité 24 et le logiciel de dialogue 26 de l'agent personnel 6. A titre indicatif, chaque type de donnée sensible peut être libellé >par un code selon un arrangement préétabli entre 1 'Applet agent de sécurité 24 et le logiciel de dialogue 26 de l'agent personnel 6 (par exemple : code 012 = No. de sécurité social) . De même, les fournisseurs de services FS demandeurs d'une donnée sensible peuvent être codés par catégorie (par exemple : code C08 = organisme commercial de services d'assurance) et nommément (par exemple : code Al9 = La Picarde S.A.) . Un exemple de contenu de SMS venant de l'agent personnel 6 à 1 'Applet agent de sécurité 24 serait alors C08 + Al9 + 012. L1Applet agent de sécurité 24 pourra déduire à partir de ce message dans lequel de ces cas de figure (cf. sections 1.1, 1.2, 2.1, 2.2 supra) il se trouve. Il pourra ainsi, par exemple, faire afficher le message suivant sur l'écran 16a du terminal de téléphone mobile "Demande No. Sécurité Soc. de Co . Assurances La Picarde. Accept . : 1. Refus 2." Selon que l'utilisateur tape sur la touche 1 ou 2 , cette donnée sera libérée ou bloquée pour divulgation auprès de ce tiers.For its part, the security agent applet 24 can respond to the personal agent 6, via the dialogue software 26, also by SMS messages, the latter serving to transmit sensitive data, a validation signal or a signal inhibition. There are many possible protocols for coding the commands and signals exchanged between the security agent applet 24 and the personal agent dialog software 26 6. As an indication, each type of sensitive data can be labeled> by a code according to a predetermined arrangement between the security agent applet 24 and the dialogue software 26 of the personal agent 6 (for example: code 012 = social security number). Similarly, FS service providers requesting sensitive data can be coded by category (for example: code C08 = commercial organization for insurance services) and by name (for example: code Al9 = La Picarde SA). An example of content of SMS coming from the personal agent 6 to the security guard applet 24 would then be C08 + Al9 + 012. L 1 security guard applet 24 will be able to deduce from this message in which of these cases (cf. sections 1.1, 1.2, 2.1, 2.2 above) it is found. He can thus, for example, display the following message on the screen 16a of the mobile telephone terminal "Request Security No. Company of La Picarde Insurance Co.. Accept.: 1. Refusal 2." Depending on whether the user presses the 1 or 2 key, this data will be released or blocked for disclosure to this third party.
Au besoin, le dialogue entre la carte 14 et l'agent personnel 6 peut être sécurisé par tout moyen connu (cryptage, ....).If necessary, the dialogue between the card 14 and the personal agent 6 can be secured by any known means (encryption, etc.).
L'invention permet de nombreuses variantes, notamment au niveau : du destinataire des données sensibles (ou signaux d' inhibition/validation) émises par le support, ce destinataire pouvant être tout système de gestion centralisée privée ou public ; - du support électronique personnel détenu par l'utilisateur, ce support pouvant être une carte à puce de tout type, un jeton électronique, un badge électronique, ou tout autre objet électronique personnel permettant de communiquer via une plateforme ou par lui-même, du terminal côté utilisateur, ce terminal pouvant être tout téléphone mobile, poste de téléphone fixe, assistant numérique personnel communicant, ordinateur personnel, ..., de la liaison reliant le support matériel détenu par l'utilisateur ou son terminal avec le destinataire des données sensibles, cette liaison pouvant être basée sur tout protocole de communication sans fil "wireless" ou filaire,The invention allows many variants, in particular at the level of: the recipient of sensitive data (or inhibition / validation signals) emitted by the medium, this recipient can be any centralized private or public management system; - the personal electronic medium held by the user, this medium being able to be a smart card of any type, an electronic token, an electronic badge, or any other personal electronic object making it possible to communicate via a platform or by himself, terminal on the user side, this terminal can be any mobile telephone, landline telephone, communicating personal digital assistant, personal computer, etc., of the link connecting the material medium held by the user or his terminal with the recipient of sensitive data , this link can be based on any wireless or wired communication protocol,
- du protocole de commandes, d'identification des données sensibles et des signaux de d'inhibition/validation, de communication avec le 1 'utilisateur, - des applications institutionnelles et commerciales ,- control protocol, identification of sensitive data and inhibition / validation signals, communication with the user, - institutional and commercial applications,
- etc .- etc.
A titre illustratif, 1 'Applet agent de sécurité 24 (ou analogue) peut être prévu pour transmettre une donnée sécurisée non pas en retour à l'agent personnel 6 (ou analogue) ayant émis la requête, mais directement au destinataire final (par exemple le fournisseur de services FS) , en appelant le numéro de connexion de ce dernier. Le support matériel 14, 16 détenu par l'utilisateur peut aussi permettre une mise à jour ou un chargement contrôlé des données sensibles depuis l'agent personnel 6 (ou tout autre tiers autorisé) . L 'Applet agent de sécurité 24 assurera alors la validation du chargement ou de la modification sous contrôle de l'utilisateur, soit en lui présentant la demande de chargement ou de mise à jour avec possibilités d'accepter ou de refuser, soit en exécutant un filtrage automatique sur la base de critères fixés au préalable par l'utilisateur.By way of illustration, the security agent applet 24 (or the like) can be provided for transmitting a secure data item not in return to the personal agent 6 (or the like) having made the request, but directly to the final recipient (for example the service provider FS), by calling the connection number of the latter. The hardware support 14, 16 held by the user can also allow an update or a controlled loading of sensitive data from the personal agent 6 (or any other authorized third party). The security agent applet 24 will then ensure the validation of the loading or modification under control of the user, either by presenting the request for loading or updating with the possibility of accepting or refusing, or by performing automatic filtering on the basis of criteria fixed beforehand by the user.
L'invention est apte aux transactions financières, notamment pour le traitement du paiement électronique dans un contexte de commerce électronique. Par exemple, les coordonnées bancaires seront stockées au sein de la carte à puce du support électronique personnel et utilisées de la manière décrite ci-dessus à la section 1.2. The invention is suitable for financial transactions, in particular for processing electronic payment in the context of electronic commerce. For example, the bank details will be stored on the smart card of the personal electronic medium and used as described above in section 1.2.

Claims

R E V E N D I C A T I O N S
1. Procédé de représentation d'une première entité (U) par une entité tiers (2) à laquelle s'adresse une deuxième entité (FS) pour requérir des données sensibles (DS) de la première entité, caractérisé en ce qu'il comporte les étapes suivantes : l'entité tiers (2) dialogue avec la deuxième entité (FS) et. avec la , première entité (U) à l'aide d'une interface agent personnel (6) ; - la première entité (U) contrôle la communication au moins d'une partie des données sensibles (DS) de l'entité tiers (2) vers la deuxième entité (FS) au moyen d'un support électronique personnel (14), par l'intermédiaire des étapes suivantes : - un agent de sécurité (24) du support électronique personnel1. Method for representing a first entity (U) by a third entity (2) to which a second entity (FS) is addressed to request sensitive data (DS) from the first entity, characterized in that it comprises the following stages: the third entity (2) dialogues with the second entity (FS) and. with the first entity (U) using a personal agent interface (6); - the first entity (U) controls the communication of at least part of the sensitive data (DS) of the third entity (2) to the second entity (FS) by means of a personal electronic medium (14), by through the following steps: - a security agent (24) of the personal electronic support
(14) assure le dialogue avec l'agent personnel (6) ;(14) ensures dialogue with the personal agent (6);
.l'agent de sécurité (24)- du support électronique personnelthe security guard (24) - personal electronic support
(14) assure la lecture d'au moins la partie des données sensibles (DS) et/ou des critères pour l'inhibition de leur divulgation.(14) reads at least the portion of sensitive data (DS) and / or criteria for inhibiting their disclosure.
2. Procédé selon la revendication 1, caractérisé en ce que le contrôle est réalisé par un interfaçage avec l'utilisateur afin d'obtenir son autorisation ou interdiction, assuré par l'agent de sécurité (24) du support électronique personnel (14) . 2. Method according to claim 1, characterized in that the control is carried out by interfacing with the user in order to obtain his authorization or prohibition, provided by the security agent (24) of the personal electronic medium (14).
3. Procédé selon la revendication 1 ou 2, caractérisé en ce que le contrôle est réalisé par stockage sécurisé d'une partie au moins des données sensibles (DS) dans le support électronique personnel (14) , hors de l'entité tiers (2) .3. Method according to claim 1 or 2, characterized in that the control is carried out by secure storage of at least part of the sensitive data (DS) in the personal electronic medium (14), outside the third party entity (2 ).
4. Procédé selon l'une des revendications 1 à 3, caractérisé en ce que des données stockées sont transmises à l'entité tiers (2) en vue de la réalisation d'une transaction financière dans le cadre d'une opération électronique.4. Method according to one of claims 1 to 3, characterized in that stored data is transmitted to the third party (2) for the purpose of carrying out a financial transaction in the context of an electronic transaction.
5. Procédé selon l'une quelconque des revendications 1 à 4, caractérisé en ce que la communication entre le support électronique personnel (14) et l'entité tiers est réalisée par une liaison sans fil.5. Method according to any one of claims 1 to 4, characterized in that the communication between the personal electronic medium (14) and the third party entity is carried out by a wireless link.
6. Procédé selon la revendication 4, caractérisé en ce que la communication entre le support électronique personnel (14) et l'entité tiers est réalisée par un opérateur de téléphonie mobile (28) .6. Method according to claim 4, characterized in that the communication between the personal electronic medium (14) and the third party entity is carried out by a mobile operator (28).
7. Support électronique personnel (14) destiné au procédé selon l'une quelconque des revendications 1 à 6, caractérisé en ce qu'il comprend :7. Personal electronic support (14) intended for the method according to any one of claims 1 to 6, characterized in that it comprises:
- une zone mémoire (22) destiné au stockage d'au moins une donnée sensible dont l'émission est à gérer et/ou au stockage d'une condition d'émission par l'entité tiers (2) d'au moins une donnée sensible stockée par celle-ci, une application agent de sécurité (24) qui assure le dialogue avec l'agent personnel (6) de l'entité tiers (2), et qui assure la lecture de la mémoire (22) .- a memory area (22) intended for the storage of at least one sensitive datum whose transmission is to be managed and / or for the storage of a condition for emission by the third party entity (2) of at least one datum sensitive stored by it, a security agent application (24) which ensures the dialogue with the personal agent (6) of the third-party entity (2), and which reads the memory (22).
8. Support électronique personnel (14) selon la revendication précédente, caractérisé en ce que l'agent de sécurité (24) assure en outre un interfaçage avec l'utilisateur afin de requérir une autorisation ou interdiction de divulgation de données sensibles.8. Personal electronic support (14) according to the preceding claim, characterized in that the security agent (24) also provides interfacing with the user in order to request an authorization or prohibition of disclosure of sensitive data.
9. Support selon la revendication 7 ou 8, caractérisé en ce qu'il se présente sous la forme d'une carte à puce (14) .9. Support according to claim 7 or 8, characterized in that it is in the form of a smart card (14).
10. Support selon la revendication 9, caractérisé en ce qu'il se présente sous la forme d'une carte à puce (14) servant au fonctionnement d'un terminal de téléphonie mobile (16) .10. Support according to claim 9, characterized in that it is in the form of a smart card (14) used for the operation of a mobile telephone terminal (16).
11. Terminal communicant (16) permettant à une première entité (U) de communiquer avec une entité tiers (2) qui le représente, caractérisé en ce qu'il comporte un support électronique personnel (14) selon l'une quelconque des revendications 7 à 10.11. Communicating terminal (16) allowing a first entity (U) to communicate with a third entity (2) which represents it, characterized in that it comprises a personal electronic medium (14) according to any one of claims 7 to 10.
12. Entité tiers (2) de représentation d'une première entité (U) , caractérisée en ce qu'elle comprend des moyens (26) de dialogue avec un support électronique personnel (14) selon l'une quelconque des revendications 7 à 10, permettant de transmettre à une seconde entité (FS) au moins une donnée appartenant à la première entité sous contrôle dudit support . 12. Third-party entity (2) representing a first entity (U), characterized in that it comprises means (26) for dialogue with a personal electronic medium (14) according to any one of claims 7 to 10 , allowing to transmit to a second entity (FS) at least one data item belonging to the first entity under control of said medium.
13. Entité tiers (2) de représentation d'une première entité (U) selon la revendication 12, caractérisée en ce qu'elle comprend en outre un moyen pour stocker les caractéristiques d'un contrat passé13. Third-party entity (2) representing a first entity (U) according to claim 12, characterized in that it further comprises means for storing the characteristics of a contract concluded
5 entre la première entité et une seconde entité (FS) .5 between the first entity and a second entity (FS).
14. système d'échange de données entre une première entité (U) et une deuxième entité (FS) par l'intermédiaire d'une entité tiers (2) à laquelle l'o s'adresse la deuxième entité (FS) pour requérir des données sensibles (DS) de la première entité, fi caractérisé en ce que l'entité tiers (2) comporte un moyen de communication agent personnel (6) pour communiquer avec la première entité ' (U) et avec la14. Data exchange system between a first entity (U) and a second entity (FS) via a third entity (2) to which the o the second entity address (FS) for requesting sensitive data (DS) of the first entity, characterized in that the third entity (2) includes a personal agent communication means (6) for communicating with the first entity ' (U) and with the
15 deuxième entité (FS) et en ce que la première entité15 second entity (FS) and in that the first entity
(U) comprend un support électronique personnel (14) qui comprend :(U) includes a personal electronic medium (14) which includes:
- une zone mémoire (22) destiné au stockage d'au moins une donnée sensible dont l'émission est à gérer 0 et/ou destiné au stockage d'une condition d'émission par l'entité tiers (2) d'au moins une donnée sensible stockée par celle-ci,- a memory area (22) intended for the storage of at least one sensitive datum whose transmission is to be managed 0 and / or intended for the storage of a condition for transmission by the third party entity (2) of at least sensitive data stored by it,
- une application agent de sécurité (24) pour assurer le dialogue avec un agent personnel (6) de 5 l'entité tiers (2) et pour assurer la lecture de la mémoire (22) . - a security agent application (24) for ensuring the dialogue with a personal agent (6) of the third entity (2) and for ensuring the reading of the memory (22).
EP03717408A 2002-02-18 2003-02-18 Device and method for making secure sensitive data, in particular between two parties via a third party entity Ceased EP1483645A2 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0202028A FR2836251B1 (en) 2002-02-18 2002-02-18 DEVICE AND METHOD FOR SECURING SENSITIVE DATA, PARTICULARLY BETWEEN TWO PARTS VIA A THIRD PARTY ORGANIZATION
FR0202028 2002-02-18
PCT/FR2003/000529 WO2003071400A2 (en) 2002-02-18 2003-02-18 Device and method for making secure sensitive data, in particular between two parties via a third party entity

Publications (1)

Publication Number Publication Date
EP1483645A2 true EP1483645A2 (en) 2004-12-08

Family

ID=27636271

Family Applications (1)

Application Number Title Priority Date Filing Date
EP03717408A Ceased EP1483645A2 (en) 2002-02-18 2003-02-18 Device and method for making secure sensitive data, in particular between two parties via a third party entity

Country Status (6)

Country Link
US (1) US20050177729A1 (en)
EP (1) EP1483645A2 (en)
JP (1) JP2005518039A (en)
AU (1) AU2003222576A1 (en)
FR (1) FR2836251B1 (en)
WO (1) WO2003071400A2 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070073889A1 (en) * 2005-09-27 2007-03-29 Morris Robert P Methods, systems, and computer program products for verifying an identity of a service requester using presence information
US7788499B2 (en) * 2005-12-19 2010-08-31 Microsoft Corporation Security tokens including displayable claims
US8104074B2 (en) 2006-02-24 2012-01-24 Microsoft Corporation Identity providers in digital identity system
US8117459B2 (en) 2006-02-24 2012-02-14 Microsoft Corporation Personal identification information schemas
US20070208750A1 (en) * 2006-03-01 2007-09-06 International Business Machines Corporation Method and system for access to distributed data
US20070220009A1 (en) * 2006-03-15 2007-09-20 Morris Robert P Methods, systems, and computer program products for controlling access to application data
US8078880B2 (en) 2006-07-28 2011-12-13 Microsoft Corporation Portable personal identity information
CA2571666A1 (en) * 2006-12-12 2008-06-12 Diversinet Corp. Secure identity and personal information storage and transfer
US8087072B2 (en) 2007-01-18 2011-12-27 Microsoft Corporation Provisioning of digital identity representations
US8407767B2 (en) 2007-01-18 2013-03-26 Microsoft Corporation Provisioning of digital identity representations
US8689296B2 (en) 2007-01-26 2014-04-01 Microsoft Corporation Remote access of digital identities

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0917119A3 (en) * 1997-11-12 2001-01-10 Citicorp Development Center, Inc. Distributed network based electronic wallet
US20020004783A1 (en) * 1997-11-12 2002-01-10 Cris T. Paltenghe Virtual wallet system
WO2001050299A2 (en) * 1999-12-29 2001-07-12 Pango Systems B.V. System and method for incremental disclosure of personal information to content providers
WO2001055921A1 (en) * 2000-01-28 2001-08-02 Fundamo (Proprietary) Limited Personal information data storage system and its uses
WO2001055981A1 (en) * 2000-01-28 2001-08-02 Fundamo (Proprietary) Limited Banking system with enhanced identification of financial accounts

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO03071400A3 *

Also Published As

Publication number Publication date
WO2003071400A2 (en) 2003-08-28
AU2003222576A1 (en) 2003-09-09
FR2836251B1 (en) 2004-06-25
WO2003071400A3 (en) 2003-11-13
JP2005518039A (en) 2005-06-16
US20050177729A1 (en) 2005-08-11
FR2836251A1 (en) 2003-08-22

Similar Documents

Publication Publication Date Title
FR2774238A1 (en) METHOD FOR TRANSFERRING INFORMATION BETWEEN A SUBSCRIBER IDENTIFICATION MODULE AND A MOBILE RADIO COMMUNICATION TERMINAL, CORRESPONDING SUBSCRIBER IDENTIFICATION MODULE AND MOBILE TERMINAL
WO1998013991A2 (en) Method and system for ensuring the security of telephone call management centres
FR2821225A1 (en) REMOTE ELECTRONIC PAYMENT SYSTEM
FR2751814A1 (en) SERVICE CONTROL AND MANAGEMENT SYSTEM
EP0426541A1 (en) Method of protection against fraudulent use of a microprocessor card and device for its application
EP1483645A2 (en) Device and method for making secure sensitive data, in particular between two parties via a third party entity
FR2809260A1 (en) Method for crediting a prepaid account through a telecommunication network, uses information on banking card stored in mobile telephone SIM which is sent to a prepaid account management system
WO2001030093A1 (en) System and method for transmitting messages and use of said system for transmitting messages for investigating services that are provided
FR2810433A1 (en) ELECTRONIC COUPLING SYSTEM AND METHOD
WO2002052389A2 (en) Anti-cloning method
WO2002059845A1 (en) Integrated circuit card or smart card incorporating a security software card and communication device co-operating with same
EP1749415B1 (en) Methods of securing devices such as mobile terminals, and secured assemblies comprising such devices
FR2867650A1 (en) User`s eligibility identifying method for telecommunication applications, involves sending response confirming or invalidating authenticity of barcode based on presence or absence of barcode in database and displaying response on terminal
EP0172047B1 (en) Method and system for enciphering and deciphering data transmitted between a transmitting apparatus and a receiving apparatus
EP0817144B1 (en) Method to control the use of a pager, pager functioning with this method and ic card for conditional access to a pager
WO1997031343A1 (en) Multiple account management system and method using same
EP0831434A1 (en) Method for blocking a plurality of services by blacklisting them, and associated blocking server, receiving terminal and portable device
EP1479255A1 (en) Method for access control to at least certain functions of a mobile telephone terminal
FR3042374A1 (en) ASSISTANCE IN ESTABLISHING TELEPHONE COMMUNICATION BY PROVIDING USER INFORMATION CALLING
FR2752977A1 (en) Portable card for cancelling or blocking bankers or credit card
EP4099249A1 (en) Method and device for transmitting an identifier of a user during an electronic payment made by the user
EP1400935A1 (en) System and applications for transfering information, which is simplified by a pre-established relation
WO2003065181A1 (en) Method for controlling the use of digital contents by means of a security module or a chipcard comprising said module
WO2002075674A2 (en) System and method for replacing identification data on a portable transaction device
FR2808636A1 (en) Method for secure payment via the Internet, stores transaction data on client card and at transaction center, and has bank read client card when transaction details arrive from transaction center

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20040920

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK RO

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20070415