Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04N—PICTORIAL COMMUNICATION, e.g. TELEVISION
  • H04N7/00—Television systems
  • H04N7/16—Analogue secrecy systems; Analogue subscription systems
  • H04N7/161—Constructional details of the subscriber equipment
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
  • G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
  • H04L63/101—Access control lists [ACL]
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/16—Implementing security features at a particular protocol layer
  • H04L63/164—Implementing security features at a particular protocol layer at the network layer

Definitions

• the invention relates to a protocol for adapting the degree of interactivity between interlocutor IT equipment, subject to an interactive dialogue.
• certain computer equipment such as a terminal equipped with a microprocessor card reader and microprocessor card, in particular descrambling terminal, also designated decoder, and card associated with the latter, are capable of proposing an adaptation of the 15 behavior of one of the items of equipment according to the specific qualities of the other of these items of equipment, with which this item of equipment comes into contact.
• the terminal is able to adapt its behavior towards the card when it is put in contact with a card, depending on the type of card connected.
• the abovementioned adaptation is implemented on the basis of the reading by the terminal, in the memory of the card, of information specific to the card.
• the object of the present invention is to remedy the drawbacks of the known prior art, and in particular to allow adaptation of the behavior of at least one of the items of equipment by either authorization, prohibition or even conditional authorization of internal functions of each item of equipment based on the identification of the equipment connected to it.
• Another object of the present invention is the implementation of an adaptive behavior of each computer equipment
• the protocol object of the present invention also consists in carrying out an authentication procedure between the interlocutor equipment and reciprocal interlocutor equipment, and, to search for the identifier of the authenticated reciprocal interlocutor equipment in the list of identifiers, read the associated behavior identifier, apply, at the level of the interlocutor equipment, the or behaviors with respect to the authenticated reciprocal interlocutor equipment, this behavior being selected as a function of the result of the authentication procedure and associated with the behavior identifier and with the identifier of the reciprocal interlocutor equipment.
• the computer equipment in accordance with the subject of the present invention, comprises an input / output circuit making it possible to ensure the transmission and / or the reception of messages within the framework of an interactive dialogue with another computer equipment, a calculation module connected to the input / output circuit, a working working memory and at least one programmable non-volatile memory. It is remarkable in that it comprises at least, recorded in non-volatile memory, a list of identifiers of computer equipment, accessible via the input / output circuit, a list of identifiers of relevant behaviors in as part of the interactive dialogue and at least one association between an equipment identifier and a behavior identifier.
• the protocol and the computer equipment objects of the present invention find application in securing network transactions, and, in particular, in peer-to-peer or multi-user transactions, for terminals constituting these equipment interconnected in network according to the IP protocol. , to transactions between microprocessor card reader terminal and microprocessor card terminal, interconnected according to ISO 7816 protocol for example.
• FIG. 1 shows, by way of illustration, a flowchart of implementation of the protocol object of the present invention between a computer equipment, playing the role of interlocutor equipment, and another computer equipment, brought together in order to execute an interactive dialogue, this other equipment playing the role, vis-à-vis this interlocutor equipment, of reciprocal interlocutor equipment prior to the actual execution of this interactive dialogue, at least one of these computer equipments carrying out an adaptation the degree of interactivity of this interactive dialogue with respect to this other computer equipment, in accordance with the protocol which is the subject of the present invention;
• FIG. 2a shows, by way of illustration, a flowchart of implementation of the protocol object of the present invention between a computer equipment, playing the role of interlocutor equipment, and another computer equipment, brought together in order to execute an interactive dialogue, this other equipment, playing the role, vis-à-vis this interlocutor equipment, of reciprocal interlocutor equipment prior to the actual execution of this interactive dialogue, each of these computer equipment adapting the degree of interactivity of this interactive dialogue with vis-à-vis this other computer equipment, the adaptations of the degree of interactivity of each computer equipment vis-à-vis this other computer equipment being independent, but linked to the identity of the computer equipment brought together to execute this interactive dialogue , all of the computer equipment brought into contact performing, in accordance with the protocol which is the subject of the present invention, a reciprocal adaptation of the interactivity of this interactive dialogue;
• FIG. 2b represents, purely by way of illustration, an example of non-limiting preferential implementation of the protocol which is the subject of the present invention, in which the authentication procedure is a procedure with more than one level of authentication, in order to allow an adaptation of the behaviors associated with the interlocutor equipment and / or the reciprocal interlocutor equipment, according to the verified authentication level;
• FIG. 2c represents, by way of illustration, a first, nonlimiting example, of implementing a list of equipment identifiers, a list of behavior identifiers and a list of associations between an equipment identifier and a behavior identifier for a first computer equipment, equipment A, and a second computer equipment, equipment B, one of these computer equipment playing the role of interlocutor equipment and the other of these computer equipment playing the role of equipment reciprocal interlocutor, the interactive dialogue between these computer equipments which can itself, by way of nonlimiting example, be conducted by an IP protocol for example;
• FIG. 2d represents, by way of illustration, a second, nonlimiting example, of implementation of a list of equipment identifiers, of list of behavior identifiers, and of list of associations between an equipment identifier and a behavior identifier for a first computer equipment, constituted by a terminal, and a second computer equipment, constituted by a microprocessor card, the terminal constituting the first computer equipment being provided with a card reader device, the terminal and the card executing the interactive dialogue according to the ISO 7816 protocol for example;
• - Figure 3a shows, by way of illustration, a particular mode of implementation of the protocol object of the present invention for a set of computer equipment interconnected in a network, each equipment being capable of performing an interactive dialogue with one of the other computer equipment of this set of equipment, the protocol object of the present invention, as illustrated in FIG. 2a, being implemented by pairs of equipment to which the quality of interlocutor respectively of mutual interlocutor has been assigned;
• FIG. 3b shows, by way of illustration, a particular mode of implementation of the protocol object of the present invention for a set of computer equipment, one of the equipment playing the role of interlocutor equipment, such as a terminal , each of the other pieces of equipment playing the role of reciprocal interlocutor, such as a card, vis-à-vis this interlocutor equipment;
• - Figure 4a shows, by way of illustration, another particular mode of implementation of the protocol object of the present invention for a set of computer equipment interconnected in a network, each equipment being capable of performing an interactive dialogue with one other computer equipment of this set of equipment, the protocol object of the present invention being implemented so as to apply a common behavior of any equipment of this set of equipment vis-à-vis the other equipment of this set of 'equipment, the common behavior being able to correspond to a list resulting from a logical operation carried out on lists of behaviors of the equipment considered;
• FIG. 4b represents, purely by way of illustration, examples of implementing a list of equipment identifiers, a list of behavior identifiers and a list of associations between an equipment identifier and a behavior identifier for the execution of the protocol object of the present invention in accordance with the mode of implementation of FIG. 4a;
• FIG. 4c and 4d show, purely by way of illustration, a method of calculating the resulting list, intersection of lists of behavior identifiers, for computer equipment connected to the network respectively for a terminal equipped with a card reader and two separate cards;
• FIGS. 4e and 4f represent, purely by way of illustration, a method of calculating the resulting list, union of lists of behavior identifiers, for computer equipment connected to the network respectively for a terminal provided with a card reader and two separate cards;
• FIG. 5 shows, by way of illustration, another particular mode of implementation of the protocol object of the present invention for a set of computer equipment interconnected in a network, each equipment being capable of performing an interactive dialogue with one other computer equipment of this set of equipment, the protocol object of the present invention being implemented so as to apply a joint behavior of any equipment of this set of equipment with respect to the other equipment of this set of 'equipment, the joint behavior possibly corresponding to an adaptation of the interactivity of each computer equipment vis-à-vis the subset of other IT equipment of this set of IT equipment, adaptation according to which the subset of other equipment IT is established, from the point of view of interactivity, as a united reciprocal interlocutor that vis-à-vis this computer equipment.
• interlocutor equipment designates any computer equipment of this set of equipment which takes the initiative of a interactive dialogue with other equipment from this set of IT equipment.
• the other computer equipment is designated “reciprocal interlocutor equipment", within the framework of this interactive dialogue.
• the equipment A is designated “interlocutor equipment”
• the equipment B is designated “reciprocal interlocutor equipment” with reference to the definition mentioned above.
• the object of the protocol of the present invention is, in particular, to achieve an adaptation of the degree of interactivity between the interlocutor equipment and the aforementioned reciprocal interlocutor equipment, when the interlocutor equipment and the reciprocal interlocutor equipment are subject to dialogue previously mentioned interactive.
• the protocol which is the subject of the invention consists in registering, in the interlocutor equipment, a list of identifiers of reciprocal interlocutor equipment and a list of identifiers of behaviors, these behaviors being relevant. as part of the interactive dialogue.
• the protocol which is the subject of the invention also consists in registering, in the interlocutor equipment, equipment A, at least one association between an equipment identifier and a behavior identifier. The above association can itself be made up of a list of associations.
• list of equipment identifiers such as the aforementioned list of reciprocal interlocutor equipment, covers any reference to a single given equipment or to a class or set of equipment defined, for example, by a reference version, manufacturing or marketing brand, certification, authorization or other.
• the interlocutor equipment has at least one set of lists, list of identifiers of reciprocal interlocutor equipment, list of behavior identifiers and list of association previously mentioned.
• the steps for registering the list of reciprocal interlocutor equipment identifiers, the list of behavior identifiers and the list of associations are carried out at least once for the purpose of implementation of the protocol object of the present invention, and can, of course, be repeated to update the equipment and / or behavior identifiers and the association list between a equipment identifier and a behavior identifier, as will be described later.
• the interlocutor equipment, equipment A has at least one list of reciprocal interlocutor equipment identifiers, the list L_ID A representing the plurality of these identifiers, this list verifying the relationship:
• L_ID A [ldB, ldC, ..., ldF, IdH] where Ide to ICIH are deemed to each designate an identifier of reciprocal interlocutor equipment.
• interlocutor equipment A has a list of behavior identifiers, noted L__CA, verifying the relationship:
• L_C A [RCAi, RCA 2 , ..., RCA k , ..., RCA n ].
• L_CA In the list of behavior identifiers, L_CA, RCA k denotes an identifier of specific behaviors of the interlocutor equipment A with respect to the reciprocal interlocutor equipment, the equipment B.
• each identifier of RCA behaviors k can itself be formed by a list of elementary behaviors still designated behavior references, each identifier of RCA behaviors k verifying the relationship:
• the elementary behaviors or behavior references CA P can correspond to behavior reference codes, as will be described later.
• the interlocutor equipment A has a list of associations between an equipment identifier and a behavior identifier, the aforementioned list of associations being noted LJCA and verifying the relationship:
• LJC A [[ldB [RCA ⁇ ]]; [ldC [RCA k ]]; ...].
• each IdB identifier, or IdC, or other is associated a behavior identifier, that is to say the behavior RCAi relative to the IdB identifier, the RCA k behavior relative to the IdC identifier and so on.
• the protocol object of the present invention consists, first of all, in performing an authentication procedure between the interlocutor equipment A and reciprocal interlocutor equipment B.
• the aforementioned authentication procedure can consist, for example, in a conventional manner and known as such, following the emission of an interactive dialogue request sent by the equipment A, equipment interlocutor, to equipment B, reciprocal interlocutor equipment, to be transmitted, from reciprocal interlocutor equipment B to interlocutor equipment A, not only the IdB identifier of the reciprocal interlocutor equipment B, but also authentication values of reciprocal partner equipment B vis-à-vis partner equipment A.
• the aforementioned authentication values are noted Auth (ldB).
• the authentication procedure at the level of the interlocutor equipment A, then consists, as shown in FIG. 1, of carrying out, in a step 1, recovery of the identifier IdB of the reciprocal interlocutor equipment B thus, of course, that a verification of the authentication values Auth (ldB) communicated by the reciprocal interlocutor equipment B.
• the verification of the authentication values is noted: O (Auth (ldB)).
• the step of recovering the IdB identifier and verifying the Auth authentication values (ldB) may consist, as shown in FIG. 1, of verifying the Auth authentication values (ldB) communicated by the reciprocal interlocutor equipment. B. This step can be used to deliver an authentication procedure result corresponding to different authentication levels, as will be described later.
• the protocol which is the subject of the invention may consist, in a test step 2, of finding the identifier of the reciprocal interlocutor equipment in the list of equipment identifiers, that is to say in the list L_ID A previously cited.
• the protocol which is the subject of the invention may consist, in a step 3, of being applied by the 'interlocutor equipment A, so-called "default" behavior with respect to reciprocal interlocutor equipment B.
• the aforementioned default behavior can advantageously be established and selected as a function of the result of the authentication procedure, in particular, the authentication level checked.
• the protocol object of l may consist in returning a request from the interlocutor equipment A to the reciprocal interlocutor equipment B, so that the latter ensures retransmission of its value of identifier of equipment IdB for example.
• Other procedures can be provided, such as for example the allocation, within the framework of the only transaction, of a replacement identifier associated with the authentication values Auth (ldB) and the authentication level previously mentioned.
• the protocol object of the invention can consist in recovering the behavior associated with the equipment identifier found and with the result of the authentication procedure. This operation is carried out in step 4 in FIG. 1.
• step 4 can then be followed by a step 5 consisting in applying to the level of the interlocutor equipment A the behavior with respect to the reciprocal interlocutor equipment.
• any identifier of RCA behaviors k constituted by a plurality of coded values each representative of an elementary behavior, such as CAi, CA 2 , ..., CA P can be defined as a function functional and / or technical specificities, that is to say the reaction capabilities of the reciprocal interlocutor equipment B, within the framework of the interactive dialogue mentioned above.
• the list of associations LJCA can be replaced by a one-to-one correspondence between an equipment identifier and a behavior identifier by the rank of the identifier d 'equipment and the rank of behavior identifier in the list of equipment identifiers L_ID A and the list of behavior identifiers L_C A for example.
• the protocol which is the subject of the present invention is not limited to the implementation of an adaptation of the degree of interactivity between an interlocutor equipment and a reciprocal interlocutor equipment, as described previously with FIG. 1.
• this allows the implementation of the adaptation of the degree of interactivity between equipment interlocutor A and equipment interlocutor reciprocal B in any set of IT equipment, each of the equipment interlocutor A respectively equipment reciprocal interlocutors B implementing, in a substantially independent manner, the protocol for adapting the degree of interactivity of one vis-à-vis the other equipment interlocutor, which allows the implementation of a protocol d reciprocal adaptation of the interactivity between an interlocutor equipment and a reciprocal interlocutor equipment d 'A set of interlocutor equipment subject to an interactive dialogue, as will now be described in connection with Figure 2a.
• FIG. 2a there is shown an interlocutor equipment, equipment A, and a reciprocal interlocutor equipment, equipment B.
• the protocol object of the invention consists, of course, in performing the steps of registering in the interlocutor equipment A respectively in the reciprocal interlocutor equipment B of a plurality of identifiers of reciprocal interlocutor equipment respectively d '' interlocutor equipment.
• the interlocutor equipment A has the list of identifiers of reciprocal interlocutor equipment L_ID A and that the reciprocal interlocutor equipment B has, for its part, a list of identifiers of interlocutor equipment L_ID B .
• the protocol which is the subject of the invention also consists in registering, in each interlocutor equipment, equipment A, respectively in the reciprocal interlocutor equipment B, a list of identifiers of behaviors, behaviors being relevant in the context of interactive dialogue.
• the interlocutor equipment A comprises the list of behaviors L_C A and that the reciprocal interlocutor equipment B comprises a list of behaviors L_C ⁇ .
• the protocol which is the subject of the invention also consists in entering a list of associations between an equipment identifier and a behavior identifier in each interlocutor equipment A and each reciprocal interlocutor equipment B. Under these conditions, with reference to FIG. 2a, it is indicated that the interlocutor equipment A has the list of associations LJCA and that the reciprocal interlocutor equipment has a list of associations LJC ⁇ .
• the protocol object of the present invention consists in performing a reciprocal authentication procedure between the interlocutor equipment A and the reciprocal interlocutor equipment B.
• the reciprocal authentication procedure can consist, at the request of the interlocutor equipment A of an interactive dialogue, in:
• the authentication processes are independent and the protocol which is the subject of the present invention for adapting the interactivity of the interlocutor equipment A with respect to the reciprocal interlocutor equipment B can be made completely independent the protocol for adapting the interactivity of the reciprocal partner equipment B vis-à-vis the partner equipment A or vice versa.
• each of these pieces of equipment implements step 1 for recovering the identifier IdB of the reciprocal interlocutor equipment B, for the interlocutor equipment A, respectively of the identifier IdA of the interlocutor equipment A, for the reciprocal interlocutor equipment B, and of authentication verification ° D (Auth (ldB)), ° D (Auth (ldA)) of the data Authentication Auth (ldB) respectively Auth (ldA) for the interlocutor equipment A respectively reciprocal interlocutor equipment B.
• step 1 for recovering the identifier IdB of the reciprocal interlocutor equipment B, for the interlocutor equipment A, respectively of the identifier IdA of the interlocutor equipment A, for the reciprocal interlocutor equipment B, and of authentication verification ° D (Auth (ldB)), ° D (Auth (ldA)) of the data Authentication Auth (ldB) respectively Auth (ldA) for the
• the interlocutor equipment A and the interlocutor equipment reciprocal B implement step 2 of verification of membership of the identifier of the reciprocal interlocutor equipment B respectively of the inte equipment rlocutor A, i.e. IdB respectively IdA, to the list of identifiers available to the interlocutor equipment A and respectively the reciprocal interlocutor equipment B.
• stage 2 The tests of stage 2 verify respectively the relations: - IdB e L_ID A ? - IdA e LJD B ?
• the interlocutor equipment A respectively the reciprocal interlocutor equipment B can call a procedure 3 of default behavior, which can correspond to that defined previously in the description in conjunction with FIG. 1.
• the interlocutor equipment A respectively the reciprocal interlocutor equipment B can call the procedure 4 for recovering the behavior of the interlocutor equipment A with respect to the identifier IdB and the reciprocal interlocutor equipment B, respectively for recovering the behavior of the reciprocal interlocutor equipment B with respect to the identifier IdA and the interlocutor equipment A, then, finally, step 5 of application of the associated behavior to reciprocal interlocutor equipment B via the equipment identifier IdB respectively to interlocutor equipment A via the equipment identifier of the latter IdA.
• these behaviors are associated not only with the corresponding equipment identifier, but also with the authentication level actually verified.
• the steps 4 of recovering the behavior of the interlocutor equipment A, with respect to the reciprocal interlocutor equipment B respectively of the behavior of the reciprocal interlocutor equipment B with respect to the 'interlocutor equipment A are implemented by identifying the identifiers IdB of the reciprocal interlocutor equipment B respectively of the identifier IdA of the interlocutor equipment A and reading the identifiers of corresponding behaviors in the lists of associations L_IC A respectively L_IC B , as mentioned previously in the description relative to FIG. 1.
• FIG. 2b the same steps have the same references as in the case of FIG. 1 or of FIG. 2a.
• the equipment A constitutes the interlocutor equipment and that the equipment B constitutes the reciprocal interlocutor equipment in a nonlimiting manner.
• the authentication procedure between interlocutor equipment A and reciprocal interlocutor equipment B comprises, by way of nonlimiting example, three levels of authentication, one level of authentication strong, an intermediate authentication level and a zero authentication level.
• the strong authentication level corresponds to an authentication procedure implementing, for example, signature verification and decryption algorithms which are particularly suitable, that, in addition, the level of intermediate authentication corresponds, for example, to the absence of verification of the level of strong authentication, an intermediate authentication procedure then being introduced, and that the level of null authentication corresponds to the absence of verification of level d strong authentication and intermediate authentication level, only the identifier IdB of the reciprocal interlocutor equipment B being deemed to belong to the list of equipment identifiers contained in the interlocutor equipment A for example.
• step 0 corresponding to the step of transmitting the reciprocal interlocutor equipment B to the interlocutor equipment A with the identifier IdB and authentication values Auth (ldB) corresponds to a first sub-step 0 ⁇ of transmission of these elements to the interlocutor equipment A.
• step 0 ⁇ is then followed by step 1, step 2, where appropriate step 3, as well as in the case of FIG. 1 or of FIG. 2a previously described.
• the step of recovering the identifier IdB of the reciprocal interlocutor equipment B, then of verifying the authentication values can then be carried out according to a level authentication procedure strong authentication, signature calculation and verification, for example by means of suitable algorithms, being carried out during the aforementioned step 1.
• the mentioned step 1 is then followed by the aforementioned test step 2 and step 3, as well as in the case of FIG. 1 or of FIG. 2a.
• step 4 of FIG. 1 or of FIG. 2a is called taking into account the plurality of authentication levels capable of being verified.
• the aforementioned step 4 may include a test step 4 ⁇ consisting in verifying at the true value the result of the verification of the authentication value, obtained following the calculation of the aforementioned O (Auth (ldB)).
• step 4 2 makes it possible to recover the behavior associated with the identifier IdB in the context of the verification of a strong authentication level.
• step 4 2 is then followed by step 5 consisting in applying the behavior associated with the identifier IdB by the interlocutor equipment A, as in the case of FIGS. 1 or 2a.
• reciprocal interlocutor B for example, in step 0 2 shown in FIG. 2b.
• the aforementioned carrier code is designated PIN (ldB). In any event, it may consist of information present in the card or, where appropriate, a code entered by the keyboard by the user for example.
• test step 4 ⁇ is then followed by a step 6 1 for recovering and verifying the aforementioned carrier code PIN (ldB).
• the verification step can consist of a test step of verifying the value of the aforementioned carrier code, verifying the relationship: - PIN (ldB) correct ?.
• Substeps 6 1 and 6 2 constitute, in fact, a step 6 corresponding to an authentication step of intermediate authentication level.
• the behavior associated with the IdB identifier for the verified carrier code previously mentioned is then recovered.
• the corresponding behavior recovered is then applied in step 5.
• null authentication level may, by way of nonlimiting example, simply consist in the prior verification of the membership of the identifier IdB in the list of identifiers L_ID A previously mentioned.
• FIG. 2c shows the aforementioned lists allocated, by way of nonlimiting example, to the interlocutor equipment A, the aforementioned lists being deemed identical to those allocated to the interlocutor equipment A in FIG. 1 so as not to overload the notation.
• RCA k respectively RCB h , it is indicated that the latter can be constituted by a list comprising at least one element constituting a behavioral reference or elementary behavior of acceptance of interactive dialogue, refusal of interactive dialogue or conditional acceptance of interactive dialogue .
• each list defining a behavior identifier RCA k respectively RCB h may include a value of elementary behavior or specific behavior reference, placed for example at the head list, that is to say the list element CAi respectively CBi for example corresponding to a coded value of interactive dialogue acceptance, interactive dialogue refusal or conditional interactive dialogue acceptance.
• the coded values can be any, with each corresponding coded value being associated, on simple reading, either the acceptance of interactive dialogue, or the refusal of the interactive dialogue or even the conditional acceptance of this interactive dialogue.
• the coded value corresponds to a coded value of conditional acceptance of dialogue interactive
• reading this coded value at the top of the list allows the calling of a function of elementary behaviors or references of successive behaviors CA 2 , ..., CA P respectively CB 2 , ..., CB q for example.
• the coded values of the aforementioned elementary behaviors can correspond to coded values of call of primitives of functions implemented by the interlocutor equipment A vis-à-vis the reciprocal interlocutor equipment B and respectively of the primitives of functions of the reciprocal interlocutor equipment B implemented with respect to the interlocutor equipment A.
• FIG. 2d represents examples of implementation of the aforementioned lists in a more particular case where the interlocutor equipment A is constituted by a terminal and where the reciprocal interlocutor equipment B is constituted by a microprocessor card or a software module playing the role of such a card with respect to the aforementioned terminal, the terminal being equipped with a card reader and the exchange of data between the terminal and the card being carried out in accordance with ISO 7816 protocol.
• the description of the examples of implementation of the list of equipment identifiers, list of behavior identifiers, and list of associations between an equipment identifier and a behavior identifier will be given in the more specific non-limiting case where the interlocutor equipment is constituted by a decoder terminal and constitutes a descrambling terminal for scrambled information and where the card constituting the reciprocal interlocutor equipment is constituted by a dedicated card allocated to any authorized user of this descrambling terminal.
• the scrambled information is transmitted in point-to-multipoint mode for example from a transmission center and that the set of interlocutor equipment A, descrambling terminal, reciprocal interlocutor equipment B, card microprocessor, allows access control to this scrambled information.
• access control to this information is carried out from access control messages, ECM messages, containing the cryptogram of a control word and access criteria transmitted periodically with the scrambled information.
• the dedicated microprocessor card acts as an access control module.
• the access control module comprises at least one security processor and a secure programmable non-volatile memory comprising access rights recorded in the aforementioned programmable non-volatile memory.
• the management of registered access rights is carried out on the basis of access rights management messages, these messages being transmitted with the scrambled information.
• access control to this information is carried out on verification of the identity of at least one access control right entered in the card and one of the access criteria transmitted by the control messages. access, this identity verification being followed by a decryption by the reciprocal interlocutor equipment, that is to say by the microprocessor card, of the cryptogram of the control word from an operating key to restore the original control word.
• the original control word is transmitted, after decryption by the microprocessor card, that is to say by the reciprocal interlocutor equipment B, to the descrambling terminal, interlocutor equipment A, to allow descrambling of the scrambled information. by the latter from the restored control word.
• FIG. 2d there is shown, by way of nonlimiting example, the lists LJDA and L_C A , lists of equipment identifiers and lists of identifiers of behaviors of the interlocutor equipment A, that is to say -Tell the descrambling terminal. These lists are deemed to be identical to those described in connection with FIG. 1 so as not to overload the notation.
• the values indicated in FIG. 2d are completely arbitrary and correspond to a number of determined successive bits, concatenated to constitute the abovementioned behaviors.
• each successive bit constituting the value of the behavior constitutes in fact an elementary behavior or behavior reference whose position corresponds to the list elements CA P respectively CB q of FIG. 2c for the same values of behaviors identified by RCA k respectively RCB h .
• each bit in the bit chain constituting the behaviors in fact defines an elementary behavior or behavior reference and the value of the corresponding bit one or zero denotes the implementation of a function or the absence of implementation of a corresponding function, defining this elementary behavior or behavior reference.
• a dedicated microprocessor card allocated to a subscriber is capable of processing various actions, which can be requested of it by the management messages transmitted during the access control process.
• these actions include, without limitation:
• the card refuses to execute this action, if it is set to one, the card can, on the contrary, execute this action or this function.
• the terminal similarly, is also capable of carrying out various processing operations which are requested of it in the management messages for example or within the framework of its interactive dialogue with the microprocessor card, the terminal descrambling playing the role of interlocutor equipment A and the microprocessor card the role of reciprocal interlocutor equipment B for example.
• the descrambling terminal is able to carry out the following operations:
• the aforementioned examples relate, in particular, to the steps of recovering identifiers, of verifying authentication values, of testing the true values of these authentication values, of applying a behavior associated with authentication verified at false value, application of the default behavior, as described previously in connection with FIGS. 1, 2a and 2d.
• the card when the authentication procedure for the descrambling terminal by the card is not successful, that is to say on a negative response to test 2 of FIG. 2a for the reciprocal interlocutor equipment B for example, the card could not proceed to the authentication of the descrambling terminal or in the case where the card has successfully authenticated, the latter knows the identifier IdA of the descrambling terminal.
• the card when, following the authentication procedure of the card by the descrambling terminal, interlocutor equipment A, the latter has not authenticated the reciprocal interlocutor equipment card B, or in the case where it has authenticated, the latter knows the IdB identifier of the card, that is to say of the reciprocal interlocutor equipment B.
• the identifier IdB of the card can be constituted by the unique address UA of the latter.
• Each interlocutor equipment element A, reciprocal interlocutor equipment B, ie terminal and card, is then able to select the behavior to be applied with respect to the other card element, terminal respectively.
• Such behavior may be applied by the card, that is to say by the reciprocal interlocutor equipment B, if the latter has authenticated the interlocutor equipment descrambling terminal A and if the identifier of the terminal IdA is associated with an identifier behavior towards terminals considered to be included in a black list.
• the specific behavior value corresponds to a bit string of which all the bits are at the value zero, except the bit corresponding to the authentication of the descrambling terminal, interlocutor equipment A.
• Behavior controlling the adaptation that is to say the pairing, of the interactivity of the reciprocal interlocutor equipment card B with one or more interlocutor equipment descrambling terminals A, the terminal or terminals being considered to be included in the list of authorized terminals:
• Such behavior is applied by the reciprocal interlocutor equipment card B if the latter has authenticated the interlocutor equipment terminal A and if the identifier of the terminal IdA is in the list known by the card of the terminals considered to be registered in the list of authorized terminals , because of the behaviors associated with them.
• the default behavior is applied. For example, for this default behavior, all actions of the reciprocal interlocutor card B can be authorized.
• the interlocutor equipment descrambling terminal A can, of course, have card identifiers considered to be included in a black list, which, although entitled to engage in interactive dialogue, have been deprived of the option of engaging in this interactive dialogue due, in particular, to non-compliance with established constraints for the execution of this interactive dialogue. It is understood, in particular, that this withdrawal can be carried out when the card includes an application for managing token holders or electronic purse when an overly frequent reaching of a debit balance in number of tokens by the user of the card for example.
• All terminal processing can then be authorized, in particular that concerning the exchange of messages with the card according to the ISO 7816 protocol, the selection of other validated processing depending on the functionality desired in the context of this adaptation.
• the behavior of the descrambling terminal, interlocutor equipment A may correspond to an invalidation of the processing operations relating to the exchange with the card of messages relating to the management of the access tickets registered on the card, that is to say - tell the invalidation of EMM type messages, management messages for example.
• the selection of other validated treatments, for the interlocutor equipment descrambling terminal A depends on the desired functionality with respect to this type of card. In particular, and to ensure the use of the card by the user who has acquired this card for the period authorized by the pre-registered rights, the sending of access control messages, known as ECM messages to the card, is, of course, valid.
• This behavior is applied by the interlocutor equipment terminal A if the latter has authenticated the reciprocal interlocutor equipment card B and if the type of card corresponds to a non-rechargeable preloaded card.
• This default behavior corresponds to step 3 of FIG. 2a relative to the interlocutor equipment A.
• Such behavior is applied by the terminal with respect to the card if the latter has authenticated the card, and if, in response to the membership test of step 2, the identifier of the IdB card does not belong to the LJDA list of the terminal. Under these conditions, no specific behavior can be selected for the terminal, interlocutor equipment A, with respect to the card, reciprocal interlocutor equipment B. Under these conditions, the default behavior can be, for example not limiting: - all terminal processing is authorized, in particular that concerning the exchange of messages with the card.
• the steps consisting in registering, in each interlocutor equipment or each reciprocal interlocutor equipment, the list of equipment identifiers, list of behavior identifiers and list of associations between an equipment identifier and a behavior identifier are preferably implemented by transmission of access rights management messages , EMM messages, as mentioned previously in the description. It is understood, in particular, that the aforementioned registration procedures can relate either to the first registration of the aforementioned lists in existing equipment, or, on the contrary, the updating of existing lists as described above.
• the process, or operating mode, of the protocol which is the subject of the present invention in the above-mentioned case, is strictly in accordance with the protocol described in connection with FIG. 2b, the authentication procedure comprising a strong authentication level, an authentication level intermediate and a zero authentication level, as described above in conjunction with the aforementioned figure.
• the object of the invention protocol may consist, depending on the level of successful authentication and depending on the identity of the reciprocal interlocutor equipment for example:
• the protocol object of the invention can then consist in authorizing the processing of all management messages, EMM messages, and all access control messages, ECM messages, previously mentioned in the description outside of the access mode by impulse purchase.
• this authorization is made consecutive to the verification of a strong authentication level in order, for example, to ensure the security of transactions relating to impulse purchases.
• the zero authentication level corresponds to a strong authentication level that was not successful and to a presentation of a code carrying reciprocal interlocutor equipment, that is to say a card, that was not successful.
• the protocol which is the subject of the invention then consists in authorizing the processing of only management messages, EMM messages previously mentioned in the description.
• FIG. 3a relates to the application of the protocol object of the present invention to a set of N pieces of equipment connected in a network for example and each capable of executing an interactive dialogue with another piece of equipment from this set of pieces of equipment.
• the number of devices is deliberately limited to five in order not to overload the drawing.
• the protocol which is the subject of the present invention consists in assigning to a piece of equipment, equipment A for example, the quality of interlocutor equipment for any transaction by transmission of a request message to another equipment of this set. equipment.
• the equipment A is interlocutor equipment e, for a first transaction with respect to equipment D, which is then reciprocal interlocutor equipment eir-i, for the same transaction 1.
• the protocol which is the subject of the invention also consists in assigning, to this other equipment, equipment D and, for this transaction, transaction 1, the quality of reciprocal interlocutor equipment.
• interlocutor equipment A assigns to interlocutor equipment A the quality of reciprocal interlocutor, for any other transaction distinct from this transaction, transaction 1, on reception by this equipment, interlocutor equipment A, of a message of request from other separate equipment belonging to all of the aforementioned equipment.
• interlocutor equipment A becomes reciprocal interlocutor equipment eir 4 with respect to the transaction 4 initiated by the equipment E, interlocutor equipment for the aforementioned transaction 4.
• Equipment E constitutes the other equipment distinct from equipment A to which, for transaction 4, the quality of interlocutor equipment ei 4 has been assigned.
• the protocol object of the present invention thus consists in applying, successively, this protocol between any equipment, any other equipment and any other distinct equipment belonging to the set of equipment to which the quality of equipment involved and / or the quality of Reciprocal interlocutor equipment has been allocated successively.
• the protocol which is the subject of the present invention makes it possible to execute an adapted interactive dialogue between all of the equipments of this set of equipments by pairs of equipments to which the quality of interlocutor respectively of mutual interlocutor has been assigned. It is understood, in particular, that the succession of transactions and the serial number assigned to them are not representative of the temporal succession of these.
• a table relating to FIG. 3a is introduced below, in which the successive states of interlocutor equipment respectively of reciprocal interlocutor equipment are indicated for the equipment A, B, C, D, E and the transactions 1, 2, 3, 4 shown in Figure 3a.
• FIG. 3b Another example of implementation of the protocol object of the present invention, in the case of the use of a terminal and of a plurality of cards intended to conduct an interactive dialogue with this terminal will now be given in connection with the figure. 3b.
• a descrambling terminal for example or a bank card reader terminal for example, which is intended to execute an interactive dialogue with several of these cards, successively.
• FIG. 3b a terminal is shown, formed by computer equipment A constituting interlocutor equipment for example, and a plurality of cards B, C, D, E intended to enter into communication successively with terminal A.
• each card can be introduced successively into the card reader of terminal A or, on the contrary, that each card can be coupled to a card reader and to an auxiliary system not shown in the drawing, the auxiliary system fitted with the card being able to enter into communication successively with terminal A for example.
• terminal A is assigned, for example, the role of interlocutor equipment for each transaction successively.
• the equipment A is the interlocutor equipment eii, ei 2 , ei 3 , ei 4 successively for each of the transactions.
• each device B, C, D, E is therefore, consequently, reciprocal interlocutor device for the corresponding transaction, transactions 3, 4, 1, 2, as shown in FIG. 3b.
• the table relating to FIG. 3b summarizes the successive state of each of the items of equipment shown in the above-mentioned figure.
• the number N of equipment is not limited, but that, in order not to overload the drawings, the number of equipment represented in FIGS. 4a and 5 for example is reduced to three without limitation.
• the protocol which is the subject of the present invention consists in assigning to one of the items of equipment, equipment A for example, the quality of interlocutor equipment for any transaction by transmission of a message of request to a plurality of other items of equipment subset of the above-mentioned set of items of equipment.
• equipment A for example, the quality of interlocutor equipment for any transaction by transmission of a message of request to a plurality of other items of equipment subset of the above-mentioned set of items of equipment.
• equipment sub-assembly is represented by equipment B and equipment C.
• the equipment A playing the role of interlocutor equipment has the list of identifiers of equipment LJDA, the list of identifiers of behaviors L_C A comprising the different identifiers of RCA k behaviors and the LJCA list of associations between an equipment identifier and a behavior identifier.
• the aforementioned lists correspond, for example, to the lists already defined in relation to FIG. 1 or FIG. 2a.
• equipment B which has the list of equipment identifiers LJDB, the list of behavior identifiers L_C B , the behavior identifiers RCB h and the list of associations L_IC B. These lists also correspond to the lists available to the equipment B in FIG. 2a for example.
• the equipment C has a list of equipment identifiers verifying the relationship:
• - RCCi [CCL CC 2 , ..., CC 0 ], the elements CCi to CC 0 defining behavioral references or elementary behavior for example; - a list of associations between an equipment identifier and a behavior identifier verifying the relationship:
• the protocol which is the subject of the present invention consists in assigning, to each of the other devices receiving the request message, that is to say to the devices B and C, for the aforementioned transaction, the quality of reciprocal interlocutor equipment vis-à-vis interlocutor equipment A.
• the latter comprises, at the level of the interlocutor equipment A, an authentication procedure between the interlocutor equipment and each of the other equipments of the plurality of equipments to which the quality of reciprocal interlocutor equipment has been assigned, that is to say equipment B and C.
• This authentication procedure is implemented from step 1 represented in FIG. 4a with respect to equipment B and equipment C respectively, these steps being in accordance with the mode of implementation as shown in FIG. 1 or 2a for example.
• the discrimination procedure includes a test step 2 comparable to that implemented in the context of FIG. 2a, making it possible to check that the IdB identifier IdC respectively belongs to the list of LJDA identifiers of the interlocutor equipment A. If the above test 2 is negative for each of the other equipment B and C, the default behavior 3 is called. On the contrary, upon a positive response to test 2 of belonging of the identifiers to the aforementioned list of equipment identifiers, step 4 of recovering the behavior of the interlocutor equipment A associated with the identifier IdB, IdC is called so similar to the operating mode of FIG. 2a for example. As in the case of the aforementioned figure, the behavior is associated with each equipment identifier and with the result of the authentication procedure.
• the aforementioned behavior recovery steps 4 can then be followed by a procedure 5 for determining the common behavior of the interlocutor equipment A with respect to each of the other equipment B and C, to which the quality of reciprocal interlocutor equipment has been assigned.
• step 5 can consist, for the calculation of the aforementioned common behavior, from the list of associations LJCA and, in particular, with respect to the elements of lists whose head corresponds to the identifiers IdB, respectively IdC, to determine the corresponding behaviors RCA-i, RCA P , the common behavior being determined by the. calculation of the intersection of the representative lists of the behaviors identified by RCAi and RCA P for example, according to the relation:
• CCABC RCAi n RCA P.
• FIG. 4c While the operating mode of FIG. 4c is more particularly reserved for terminals, that is to say equipment connected in a network, in the case where the protocol which is the subject of the present invention is implemented from a descrambling terminal constituting, for example, interlocutor equipment A and where a plurality of dedicated cards allocated to subscribers is associated with such a descrambling terminal, the protocol which is the subject of the present invention can also be implemented, as shown in FIG. 4d.
• each bit string is again viewed as a list item or equivalent data structure.
• the logical operation on the behaviors identified by the behavior identifiers can then be implemented in a manner similar to that represented in FIG. 4c.
• bitand function designates the intersection operation, that is to say the logical bitwise AND AND operation between the elements b and c for example.
• the logical operation on the behaviors represented by lists is not limited to the operation of intersection of lists.
• the procedure for determining the common behavior can consist in calculating the list resulting from the union of the lists of behaviors.
• step 5 represented in FIG. 4a can consist of calling up the LJCA list, list of associations between an equipment identifier and a behavior identifier of the interlocutor equipment A and in a calculation of the union of the lists of elementary behaviors identified by RCAi and RCA P for example to define the common behavior CCABC verifying the relation:
• bitor relation represents the bitwise OR (OR) operation between the elements b and c.
• OR bitwise OR
• the number of devices N constituting the set of devices is not limited, but that, in order not to overload the drawing, the number of other equipment distinct from equipment A, considered as interlocutor equipment, is limited to two, equipment B and C.
• each equipment interlocutor equipment A and reciprocal interlocutor equipment B and C, has list of equipment identifiers L_ID A , L_ID B and LJD C , list of identifiers of behaviors L_C A , L_CB and L_C C , list of associations between an identifier of equipment and an identifier of behaviors LJCA, LJCB and LJCc, as defined previously in relation to FIG. 4a mentioned above.
• the aforementioned lists can correspond to those represented in FIG. 4b.
• the elementary behavior identified by the behavior identifier with which an equipment identifier is associated can itself consist of a list of elementary behaviors or behavior references, which can be behaviors independent of the functionalities of each IT equipment A, B or C.
• the protocol which is the subject of the invention then consists in assigning to a piece of equipment, the equipment A for example, the quality of the interlocutor equipment for any transaction by transmission of a request message to a plurality of other devices, devices B and C limited to two, as in the case of FIG. 4a.
• the protocol which is the subject of the invention furthermore consists in assigning, to the assembly made up of the other recipient equipments, the abovementioned equipments B and C, of this request message, for the transaction considered, the quality of reciprocal interlocutor equipment vis- vis-à-vis interlocutor equipment A.
• the authentication procedure corresponds to step 1 of FIG. 4a for example, during which the recovery of the identifiers IdB respectively IdC is carried out, then the verification of the authentication values according to the ° D (Auth (ldB)) and O (Auth (ldC)) operations are performed.
• the authentication procedure can correspond to that described in connection with the preceding figures 1, 2a or 4a.
• each reciprocal interlocutor device is considered as capable, individually, of carrying out an interactive dialogue with the interlocutor device. AT.
• the subset of reciprocal interlocutor equipment B and C is authenticated as joint reciprocal interlocutor equipment for the execution of the transaction vis-à-vis the interlocutor equipment. AT.
• the joint authentication procedure operation is represented in the form of step 1 ⁇ making it possible to calculate the logical value of joint authentication verifying the relationship:
• the joint authentication procedure 1 ⁇ can then be followed by a procedure 2 for joint authorization of the subset of reciprocal interlocutor equipment, upon execution of the interactive dialogue with respect to interlocutor equipment A.
• the joint authorization procedure can consist in verifying the membership of the identifier of the set consisting of equipment A and B, reciprocal interlocutor, this set being limited to two in the non-limiting framework of FIG. 5, to the list of identifiers of equipment LJDA of the equipment interlocutor A.
• the procedure for applying the default behavior 3 can be called, this procedure possibly, for example, corresponding to the procedure for default behavior 3 previously described in the description in conjunction with the Figure 4a.
• the default behavior is, in this case, defined according to the result of the O cc joint authentication procedure.
• a procedure 4 for discrimination or recovery of the joint behavior of the interlocutor equipment A with respect to the subset of reciprocal interlocutor equipment B, C, subset to which the quality of joint reciprocal interlocutor has been attributed is called, this discrimination procedure corresponding substantially to a procedure for recovering joint behavior, as will be described later in the description.
• the step 4 of discrimination of the joint behavior is then followed by a procedure 5 of application of the joint behavior of the interlocutor equipment with respect to the other equipments forming the subset to which the quality of joint reciprocal interlocutor has been assigned.
• the protocol object of the present invention makes it possible to apply a joint behavior of any item of equipment of a set of equipment with respect to any plurality of items of equipment forming a subset of this set of items of equipment, sub-set to which the quality of joint reciprocal interlocutor has been attributed.
• step 2 consists in determining whether the compound identifier, formed by the identifiers (IdB, IdC), is included in the list of equipment identifiers L_ID A of equipment Interlocutor A.
• the composite identifier (IdB, IdC) formed by the identifier of the reciprocal interlocutor equipment B and C represents an identifier of reciprocal interlocutor equipment authorized to participate in the transaction and approved as an identifier of reciprocal joint interlocutor equipment vis- vis-à-vis interlocutor equipment A.
• the procedure for discriminating the joint behavior of the interlocutor equipment A with respect to the subset of the reciprocal interlocutor equipment B and C may consist in selecting the association between the identifier compound and behavior identifier.
• Step 4 is then followed by step 5 consisting in applying the joint behavior.
• the joint behavior can be defined by a logical operation on the aforementioned behavior identifiers RCAi, RCA k . This behavior is applied to the sub-assembly formed by the reciprocal interlocutor equipment B and C.
• the above-mentioned logical product corresponds to joint behavior as a function of the logic applied to the above-mentioned product.
• the elementary behavior CAi can consist of an encoded value, constituting a common element held by all of the users equipment interlocutors and reciprocal interlocutors, this common element consisting, for example, of a code or a password authorizing each user, by means of the equipment at his disposal, to take part in the aforementioned transaction.
• the other successive behaviors CA 2 to CA P can, for example, correspond to very diverse functional parameters, such as use of a common language among several languages for the transaction, use of specific encryption / decryption parameters for the transaction or the like .

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Signal Processing (AREA)
• Computer Hardware Design (AREA)
• Computing Systems (AREA)
• General Engineering & Computer Science (AREA)
• Computer Networks & Wireless Communication (AREA)
• Multimedia (AREA)
• Business, Economics & Management (AREA)
• Human Resources & Organizations (AREA)
• Tourism & Hospitality (AREA)
• General Health & Medical Sciences (AREA)
• Health & Medical Sciences (AREA)
• Marketing (AREA)
• Primary Health Care (AREA)
• Strategic Management (AREA)
• Economics (AREA)
• Physics & Mathematics (AREA)
• General Business, Economics & Management (AREA)
• General Physics & Mathematics (AREA)
• Theoretical Computer Science (AREA)
• Computer And Data Communications (AREA)
• Communication Control (AREA)
• Management, Administration, Business Operations System, And Electronic Commerce (AREA)
• Information Transfer Between Computers (AREA)

Applications Claiming Priority (3)

Publications (1)

Family

ID=29724909

Family Applications (1)

Country Status (8)

Families Citing this family (18)

Citations (1)

Family Cites Families (7)

• 2002
  • 2002-06-26 FR FR0207954A patent/FR2841714B1/fr not_active Expired - Fee Related
• 2003
  • 2003-06-25 AU AU2003260628A patent/AU2003260628A1/en not_active Abandoned
  • 2003-06-25 WO PCT/FR2003/001964 patent/WO2004004339A1/fr active Application Filing
  • 2003-06-25 US US10/518,901 patent/US20060075098A1/en not_active Abandoned
  • 2003-06-25 EP EP03761642A patent/EP1552693A1/de active Pending
  • 2003-06-25 CN CNB038204975A patent/CN100452865C/zh not_active Expired - Fee Related
  • 2003-06-25 KR KR10-2004-7021180A patent/KR20050013632A/ko not_active Application Discontinuation
  • 2003-06-25 JP JP2004516867A patent/JP2005534089A/ja active Pending

Patent Citations (1)

Also Published As

Similar Documents

Legal Events