EP1577840A2 - Procédé de gestion à l'aide d'un serveur pour le contrôle de la sécurité des services et dispositif pour fournir des données en fonction de la gestion de la sécurité dans un système d'affranchissement - Google Patents

Procédé de gestion à l'aide d'un serveur pour le contrôle de la sécurité des services et dispositif pour fournir des données en fonction de la gestion de la sécurité dans un système d'affranchissement Download PDF

Info

Publication number
EP1577840A2
EP1577840A2 EP05003805A EP05003805A EP1577840A2 EP 1577840 A2 EP1577840 A2 EP 1577840A2 EP 05003805 A EP05003805 A EP 05003805A EP 05003805 A EP05003805 A EP 05003805A EP 1577840 A2 EP1577840 A2 EP 1577840A2
Authority
EP
European Patent Office
Prior art keywords
data
security
franking
server
data center
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP05003805A
Other languages
German (de)
English (en)
Other versions
EP1577840A3 (fr
Inventor
Gerrit Dr. Bleumer
Clemens Heinrich
Dirk Rosenau
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Francotyp Postalia GmbH
Original Assignee
Francotyp Postalia GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Francotyp Postalia GmbH filed Critical Francotyp Postalia GmbH
Publication of EP1577840A2 publication Critical patent/EP1577840A2/fr
Publication of EP1577840A3 publication Critical patent/EP1577840A3/fr
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00016Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
    • G07B17/0008Communication details outside or between apparatus
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00016Relations between apparatus, e.g. franking machine at customer or apparatus at post office, in a franking system
    • G07B17/0008Communication details outside or between apparatus
    • G07B2017/00153Communication details outside or between apparatus for sending information
    • G07B2017/00169Communication details outside or between apparatus for sending information from a franking apparatus, e.g. for verifying accounting
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07BTICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
    • G07B17/00Franking apparatus
    • G07B17/00733Cryptography or similar special procedures in a franking system
    • G07B2017/00959Cryptographic modules, e.g. a PC encryption board
    • G07B2017/00967PSD [Postal Security Device] as defined by the USPS [US Postal Service]

Definitions

  • the invention relates to a method for a server-controlled security management of deliverable services according to the generic term of claim 1 and an arrangement for providing data after a security management for a franking system according to the The preamble of claim 5.
  • the invention is for franking machines and for other mail processing devices and their peripherals used, which is a service of a remote Use data center.
  • the franking machine JetMail® of the Applicant is with a base and with equipped with a removable meter.
  • the latter is one in the base housing integrated static balance operatively connected and is u.a. also used for postage calculation.
  • In connection with a service of reloading a postage rate table will not taken special security measures, although on the aforementioned Table based on the accuracy of the postage calculation and although the Meter contains a security module, with the security module next to a canceling unit also equipped with a cryptographic unit is.
  • the latter only serves to secure the postage fee data to be printed.
  • the meter also includes a control for controlling printing and controlling peripheral components of the postage meter.
  • the base contains a mail transport device and a Inkjet printing device for printing the postage stamp on the Postal matter. Replacing the printhead is unnecessary as the ink tank is separated from the printhead and can be replaced. Also, no special security measures are required for the printhead or for protection of the control and data signals when inserted with a special piezo inkjet printhead Security imprint is printed with a mark, which is an inspection the authenticity of the security print (US 6,041,704) allowed.
  • a credit of which is deducted from the stamped postal value before printing can be another service in the base tracking exist.
  • the postal authority is about information interested in the location of the printing unit, if the base with one meter is operated again.
  • the base tracking is released only that printing unit, which by an identification code can be identified by the data center (EP 1154381 A1).
  • ink tank and bubble-jet printhead are integrated into a replaceable ink cartridge, as it is already known from the 1 ⁇ 2 inch ink cartridges from Hewlet Packard (HP).
  • HP Hewlet Packard
  • the contacting of the electrical contacts of the print head of the replaceable ink cartridge can be done via a connector of a commercial Pen Driver Board's company HP.
  • Pen Driver Board's company HP Both the postal authority and the customer have an increased interest in high evaluation security of the mark printed on the mail piece.
  • Another service of the data center can therefore consist of piracy protection.
  • additional pirate protection enabling data for example, a code of the printhead can be queried and sent via modem to the data center.
  • the data center then performs a code comparison with a reference code stored in a database and transmits a message to the postage meter machine about the result of the check (EP 1103924 A2).
  • the security module participates in such services in different ways, but at least when security-relevant data has to be exchanged with a remote data center via an unsecured data transmission path during the communication.
  • the meter housing or the housing of a franking machine offers a first protection against manipulation in the intention of forgery. Enclosing the safety module with a special housing provides additional mechanical protection.
  • Such an encapsulated security module corresponds to the current postal requirements and is also referred to below as a post-security device (PSD).
  • PSD post-security device
  • the credit recharge in some countries requires security measures that only one PSD can deliver.
  • the applicant's franking machines are connected to a teleportation data center in a manner known per se for telephone credit recharge and can be expanded with other devices to form a franking system.
  • the data set comprises at least temporarily and locally valid at the franking location data in the data center assigned to a number code in a database are stored.
  • the customer is a pre-initialized franking device purchased through a distributor of dealers, is thus able to do so be completely put into operation, without the franking device that a customer service or service technician must be called and without a visit to the post office.
  • the data stored in the data center Data are all subject to the same security measure. Independently of which, in the postage meter machine, the graphics data will be without further Safety measures in a memory of the motherboard's Postage meter saved.
  • the graphics data can be a stamp image, for example, concern the city stamp.
  • EP 780 803 A2 the possibility becomes after an initialization provided that from a data center news or carrier specific Advertising will be provided if this is an order in the Data center is present.
  • the customer must first have a contract with the Service provider or operator of the data center.
  • Another service of a mail carrier is associated with a statistical collection of franked mail by statistical class (EP 892368 A2).
  • For storing data about using a Terminal are also from EP 992947 A2 and EP 101383 A2 already Solutions known according to which the entries according to statistical classes (Class of Mail) are stored until the remote data center on it accesses to query or determine the user profile.
  • the invention is based on the object, an arrangement and a To develop a process that ensures that both the Franking system as well as the postal security device security data save and process.
  • the invention assumes that one is authorized by the manufacturer operated data center is safest against manipulation and thus also a security for remote services is given, which can use a franking system. For the future, it can not be ruled out that next to a franking machine also other or other Devices of a franking system also provide services of a remote Use data center. If now following safety information is spoken to save in the form of records and to be further processed, should be included and taken into account, that the security requirements for each remote services in the countries are very different or sometimes even missing.
  • the record may result in the request for a service be transmitted from the remote data center to the franking system and contains in its header the information about it Security policy.
  • a desired one with the respective safety category associated header equipped record can by means of Transmission means, for example wirelessly or via modem, from Data center transmitted by the franking system and stored internally in the PSD or stored externally by the PSD.
  • the logical channel is either an unsecured channel or a secured channel automatically formed to a selected one To transmit data record to the franking machine or system.
  • the relevant data record can also be used during operation of the franking system be called or read again.
  • a Safety category can be addressed, whether the desired Record from the franking system from inside or outside of the PSD's is read.
  • the arrangement for providing data for security management for a franking system assumes that a remote Data Center provides the data records requested by the franking system, which application data and security information contain.
  • the data center a server comprising at least one server communication means and with a database management system in operational Connection stands that the requested records data for a Safety category included, the latter at least information for the security measure for a data exchange between the Franking system and data center and / or location of storage in Franking system used by the database management system of the Data center recorded in accordance with a security policy, be processed, transmitted and provided that the Franking system has a microprocessor, the at least one postal security device, with a first non-volatile memory and with a communication means for receiving the requested Data sets is connected, wherein the microprocessor is programmed, the Evaluate data for a security category to a corresponding one logical channel to form and the place of storage of Determine application data in the franking system.
  • the microprocessor is programmed to store the application data and the first non-volatile memory or a second non-volatile memory for storing the application data is formed, wherein only the second non-volatile memory is part of the postal security device (PSD).
  • a third non-volatile memory may be located externally of the postage meter machine in another mailing machine connected to the postage meter, which is designed to store the application data.
  • FIG. 1 shows a block diagram with components of a known franking system 1, comprising a franking machine 2, to which a storage box 4 is connected downstream of the downstream post and an automatic supply station 7 is connected upstream.
  • a stack 6 is fed on edge-mounted mail items.
  • the storage box 4 is a stack 5 can be removed to lying mailpieces.
  • the automatic feed station 7 and a personal computer 9 are electrically connected via cables 71 and 91.
  • the franking machine 2 can be communicatively connected to a remote teleportation data center 8 for the purpose of credit recharging and to a remote service center 11.
  • the franking machine 2 has an internal static balance 22 and is equipped with means for postage calculation. From the remote service center 11, a current postage fee table can be transmitted to the franking machine 2 or to the franking system 1.
  • the franking system may optionally have a - not shown - dynamic balance, which can be arranged between the automatic feed station 7 and the franking machine 2.
  • Another known franking system of the type horril® corresponds in principle likewise to the block diagram shown in FIG. 1, with the difference that the stack 6 is fed to horizontal mail pieces of the automatic feed station 7 and no dynamic scale can be retrofitted.
  • FIG. 2 shows a block diagram of an arrangement for providing data in accordance with a security management for a franking system.
  • the assemblies of a franking system 1 are shown, which has at least one franking machine 2 and optionally a static balance 22.
  • further mail processing stations (not shown) can be connected, for which services via the franking machine 2 can also be provided.
  • the static balance 22 is preferably an optional component of the franking machine 2.
  • the franking machine 2 comprises a postal meter 20 which has at least one communication means 21, a mainboard 24 and a postal security device (PSD) 23.
  • PSD postal security device
  • the motherboard 24 is provided with a first nonvolatile memory 241 and a microprocessor 242 in operative communication with the PSD 23, the memory 241 and the communication means 21.
  • the communication means 21 is, for example, a modem which can be communicated via a telephone network 12 to a modem 31 of the data center 3 in terms of communication.
  • the PSD 23 is - not shown - connected via an interface on the motherboard 24 and includes, inter alia, a second non-volatile memory 232 for booking data and security-related data for secure communication with the remote data center. Further details on the PSD can be found in the publications EP 789333 B1, EP 1035513 A1, EP 1035516 A1, EP 1035517 A1, EP 1035518 A1, EP 1063619 A1, EP 1069492 A1 and EP 1278164 A1.
  • the data center 3 comprises a server 30 which is in operative connection with at least the one server communication means 31 and with a database management system (DBMS) 32.
  • the server communication means 31 is in a - not shown - variant part of a communication server that allows a variety of separate connections to the network 12.
  • the database management system 32 may be implemented in a separate server or within the existing server 30.
  • a control unit 34 of the server 30 is provided with a selector 341 and a microprocessor 342 in operative communication with the server security module (SSM) 33, the selector 341, and the at least one server communication means 31.
  • SSM server security module
  • the selector 341 is hardware and / or software implemented.
  • the plurality of separate connections of the communication server to the network 12 allows the connection of several franking machines 2 or franking systems 1 with the data center 3 to a security management system 10.
  • Data center 3 has a list of records containing security information and related security policy information. Both information is typically stored in a database of a database management system (DBMS) 32. Each record containing the security information is assigned a security category, for example a number on the scale 1 to 10. By specifying the security category, it can optionally be addressed whether the desired data set is exchanged with the franking system 1 from inside or outside the PSD 23, in which way the transmitted data is saved during the data exchange, or which elements of the franking system influence the transmitted data.
  • the security policy defines, for example, which elements of the franking imprint are influenced by the transmitted data.
  • the desired data record is stored in a non-volatile memory of a franking machine of the franking system arranged inside or outside the PSD.
  • a remote service it may be necessary for data to be read from the franking system 1 and remotely transmitted to the data center 3. So reads the data center 3, the security data from the franking system 1, it can also be addressed by specifying a security category, whether the desired record from the franking system 1 is read from within or outside of the PSD 23.
  • the control unit 34 of the data center 3 ensures that records are communicated, stored and processed according to their security category.
  • the control unit uses selector 341 for this purpose.
  • the latter offers the possibility of selecting one of two logical communication channels in order to address a memory of the franking system inside or outside the PSD.
  • Each logical communication channel is protected by individual security mechanisms and parameters applied by a component of the control unit 34.
  • This component of the control unit 34 is also referred to as server security module (SSM) 33.
  • SSM server security module
  • the security category of a data record is also taken into account for its control.
  • the record contains in its header at least the information on the associated security policy.
  • the control unit can also use this information for the associated security policy to select a suitable security mechanism for protection during the communication and / or during the subsequent storage. This will be shown below with some examples.
  • FIG. 3 shows a franking imprint according to the Frankit requirements the Deutsche Post AG.
  • the franking imprint shows a one-dimensional left Bar code (1 D barcode) 15 for an identcode, which will be explained below.
  • the Franking imprint in the value impression a two-dimensional bar code (2D barcode) 17 for verification of proper payment the mailpiece transport fee.
  • FIG. 4 shows a flowchart for a server-controlled security management.
  • the data center 3 waits in step A on the Receiving a service request.
  • For editing a Remote service selects the postage meter in Data Center and requests the desired remote service.
  • After this Receiving the service request determines the data center in Step B in the security policy of this remote service to choose the Security features.
  • step C a selection of the logical takes place Channel and a record submission from Data Center 3 to Franking machine 2 or the franking system 1. This is the logical Channel to the memory I of the mainboard or to the memory II of the PSD selected.
  • the record transmission takes place via the already established Modem connection from the data center 3 to the franking machine 2 or to the franking system 1.
  • step D the determination of the end of requested service.
  • step E becomes determined whether the communication link from the franking machine has been finished. If that is the case, then the point e reached. Otherwise it will point to a starting point a before the first one Step A branches back to receive another service request.
  • security categories are shown in the following table: safety category protection target Logical channel Memory place Components of the franking system Place in the impression identcodes Uniqueness / uniqueness Plain Session Motherboard NVM printer control 1D barcode outside value impression Price / Product Table (PPT) Data Integrity / Origin Authentication / Timeliness Plain Session Motherboard NVM Price calculation module --- User profile of origin authentication Data Integrity / Plain Session Motherboard NVM Recording in the NVM --- PVD Protection of Remuneration / Data Integrity / Source Authentication / Receiver Data Protection Secure Session PSD NVM printer control 2D barcode in the value impression withdraw Protection of the remaining balance Secure Session PSD NVM Postal registers, --- MAC key encryption Secure Session PSD NVM Keystore, and Klicheé exam and generation ---
  • the table columns protection target and logical channel describe for each the categories of security referred to in the first column, to which Way the transmitted data is backed up during data exchange.
  • the remaining table columns indicate the location that affected Components of the franking system and where in the impression the influence becomes visible.
  • IdentCodes are reference numbers that uniquely identify postal items, as long as they have not been successfully delivered. Based on his IdentCodes can be a mailpiece in a letter distribution center or at the Delivery be clearly recognized. The IdentCode can be used to provide tracking information about mail pieces and for to query the sender. Each IdentCode may be used during its validity only once (uniqueness) for a maximum of a mailpiece (uniqueness) will be awarded. As storage location is the non-volatile memory used on the motherboard of the franking machine.
  • the transferred data will be a price calculation module and the footprint affects.
  • a price / product table (or postage rate table) has a validity date from which it is valid.
  • the entries of a price product table should be protected against manipulation (data integrity).
  • the source of a price-product table should be authorized (Source Authentication), and a price-product table should be be provided at the latest on their validity date (timeliness).
  • the user profiles are passively recorded and logged on the machine transfer the data center.
  • the entries of a user profile should protected against manipulation (data integrity). Alternatively, it is enough also an integrity protection of the total volume of a user profile.
  • the origin should be authenticated (original authentication).
  • This particular booking value is one ordinary non-printable MAC-saved sum value of all summed Postal values that were franked during a billing period. If the above value is printed on a postcard, then speaks one also from a billing franking.
  • the aforementioned MAC Message Authorization Code
  • the storage location is the nonvolatile memory used the motherboard of the franking machine. After transferring the CoM data to the data center becomes the non-volatile memory cleared to create space for newly recorded data.
  • the data that is transferred during a postage value download is partially relevant to the fee. That means if, for example, an amount of 50 is requested and recorded and confirmed in the data center, then only 50 are allowed in the security module more credits are available. Would there be 100
  • the deliverer would be (ie, for example, a postal authority) to the difference of 50 cheated. Therefore, the messages transmitted in a postage value download must be protected against tampering and their respective data origin must be authenticated.
  • the privacy of the recipient can be a protection goal here. For example, outsiders should not be aware of the amount a customer is currently charging from the data center. To achieve this protection goal, certain messages between the data center and the security module are encrypted.
  • the storage location is the non-volatile memory of the PSD.
  • the affected components of the franking system are the PSD and its postal registers.
  • the repayment (withdraw) of the remaining credit balance of the customer is an essential protection goal when returning a machine.
  • Storage location is the non-volatile memory of the PSD.
  • the influenced Components of the franking system are the PSD and its postal Register.
  • the main protection goal when transferring the MACKeys is the Keys to outsiders (including the user of Franking machine). Therefore, this key is before the Transmission encrypted and decrypted only in the security module again.
  • the storage location is the non-volatile memory of the PSD. Due to the transmitted data, components of the franking system, like PSD, keystore, cliché checking and generation in the franking machine influenced.
  • a plain text session is a reliable data connection over a telephone network, in which the data is transmitted without cryptographic security. If necessary, error-correcting codes can be used to improve the reliability of the transmission link. Because of the general notoriety, it is not necessary to take a closer look at the characteristics of a plaintext channel.
  • a security text session is a reliable data connection over a telephone network where the data is transmitted cryptographically secured. If necessary, error-correcting codes can also be used here in order to improve the reliability of the transmission path.
  • the selector controls the selection of the channel (secure / unsecured), for example, based on a decision matrix that holds the appropriate treatment for, for example, the requested service or a pending message to be pending.
  • the decision matrix may be in the form of one or more database tables, so that channel assignment changes can be made dynamically during operation of the server.
  • FIG. 5 shows a detail of the block diagram of the control unit 34 of FIG Server.
  • the selector 341 is, for example, a hardware and / or Software component that is intended to create a record D1 ... Dn to Dx from a memory 321 of the database management system 32 and at least partially temporarily store, until the processing of the record by the operationally with the Selector 341 connected microprocessor 342 is completed.
  • the record D1 ... Dn to Dx comprises at least first data, i. an addressable one Data part of the assigned application data identifies and / or includes application data AD directly.
  • the record also includes associated safety data SD and an assignment rule, the further steps, data tables or a decision matrix points, which puts the micro-processor in the position, in the result one to generate selected logical channel.
  • This assignment rule is also referred to as security category SC of a security policy.
  • Microprocessor 342 accesses this in a program memory 343 stored program and works the program and the desired protocols.
  • the first data is application data AD of the addressed data record D1 and are via a bus to the micro-processor 342 or at the lowest level of security categories directly transmitted to input / output unit 344. To the latter, for example be connected to a modem.
  • the selector further safety data SD and data of the Security category SC caches a predetermined security policy is an interrupt I or a control signal for the Microprocessor generated 342, based on the selector of the micro-processor passed second data CD the type of further data processing finds.
  • the first data transmitted to the micro-processor 342 can be further processed while being encrypted, for example, i.e. be further treated according to the type which the passed second (control) data CD informs.
  • the in the figure 5 shown record D1 contains data AD, SD and SC, with their Order can be realized differently than was drawn.
  • a record Dn contains in its header at least the safety category SC, i. Information about associated security policy.
  • the selector is from the microprocessor to the Example via an address bus ADD-BUS 345 addressable and from the Selector passed second (control) data CD can thus be repeated be queried by the microprocessor.
  • the selector controls the logical channel by the use of cryptographic methods on messages or submessages (or their omission); ie to the methods of technical transport of the information, for example by a transmission via modem or via another suitable server communication means 31, mathematical methods of cryptography are used. Another possibility is to firmly link the allocation of the channel to the services or data fields at the time of development, that is, to firmly code which channel is to be used.
  • the selector is a logical component of the sequence program in the server.
  • secure channels are characterized by authentication of messages or partial messages by means of message authentication Codes (MAC) that are a typically encrypted (cryptographic) Contain checksum. Methods such as HMAC-SHA1 do this.
  • messages or sub messages with Help by encryption method (3DES, AES) be encrypted.
  • the used key material for authentication and encryption is chosen statically and for example during production imprinted on the service device or based on a key exchange procedure recreated for each session.
  • the identity of the two communication partners can e.g. through digital Signatures can be determined with certainty in the sense of a common Public key hierarchy are linked together. Both entities are in In this case, it has its own key identity.
  • the as part of a remote service from the data center provided security information can be both from the postage meter as well as used by other devices of a franking system become.
  • a franking system can also be a so-called PC meter be understood, which at least from a personal computer with PSD and a commercial office printer exists.
  • DBMS Database Management System
EP05003805A 2004-03-19 2005-02-23 Procédé de gestion à l'aide d'un serveur pour le contrôle de la sécurité des services et dispositif pour fournir des données en fonction de la gestion de la sécurité dans un système d'affranchissement Ceased EP1577840A3 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102004014427 2004-03-19
DE102004014427A DE102004014427A1 (de) 2004-03-19 2004-03-19 Verfahren für ein servergesteuertes Sicherheitsmanagement von erbringbaren Dienstleistungen und Anordnung zur Bereitstellung von Daten nach einem Sicherheitsmanagement für ein Frankiersystem

Publications (2)

Publication Number Publication Date
EP1577840A2 true EP1577840A2 (fr) 2005-09-21
EP1577840A3 EP1577840A3 (fr) 2007-07-25

Family

ID=34833241

Family Applications (1)

Application Number Title Priority Date Filing Date
EP05003805A Ceased EP1577840A3 (fr) 2004-03-19 2005-02-23 Procédé de gestion à l'aide d'un serveur pour le contrôle de la sécurité des services et dispositif pour fournir des données en fonction de la gestion de la sécurité dans un système d'affranchissement

Country Status (3)

Country Link
US (1) US7996884B2 (fr)
EP (1) EP1577840A3 (fr)
DE (1) DE102004014427A1 (fr)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102004001622A1 (de) * 2004-01-09 2005-08-04 Francotyp-Postalia Ag & Co. Kg Vorbereitung und Durchführung von Diensten für eine Datenverarbeitungseinheit
US8161281B1 (en) * 2006-04-13 2012-04-17 Rockwell Collins, Inc. High assurance data tagger for I/O feeds
DE102006022315A1 (de) * 2006-05-11 2007-11-15 Francotyp-Postalia Gmbh Anordnung und Verfahren zum Erstellen eines Frankierabdrucks
DE102006060700A1 (de) * 2006-12-18 2008-06-19 Francotyp-Postalia Gmbh Verfahren zur Datenverarbeitung mit Bereitstellung von Portogebührentabellen und zu deren Auswahl aus einer Datenbank eines Datenzentrums sowie Anordnung zur Durchführung des Verfahrens
DE102007052458A1 (de) * 2007-11-02 2009-05-07 Francotyp-Postalia Gmbh Frankierverfahren und Postversandsystem mit zentraler Portoerhebung
KR101541911B1 (ko) * 2008-07-16 2015-08-06 삼성전자주식회사 사용자 인터페이스에서 보안 서비스를 제공하는 장치 및 방법

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999048053A1 (fr) * 1998-03-18 1999-09-23 Ascom Hasler Mailing Systems Inc. Systeme et procede de gestion de licences d'affranchisseuses
EP0948158A2 (fr) * 1998-04-01 1999-10-06 Francotyp-Postalia GmbH Procédé de distribution sécurisée de clés
DE19830055A1 (de) * 1998-06-29 1999-12-30 Francotyp Postalia Gmbh Verfahren zur sicheren Übertragung von Dienstdaten an ein Endgerät und Anordnung zur Durchführung des Verfahrens
EP0986028A2 (fr) * 1998-09-11 2000-03-15 Francotyp-Postalia Aktiengesellschaft & Co. Procédé d'entrée de données dans un appareil de service et dispositif pour la mise en oeuvre de ce procédé
US20020083020A1 (en) * 2000-11-07 2002-06-27 Neopost Inc. Method and apparatus for providing postage over a data communication network
EP1244064A1 (fr) * 2001-03-21 2002-09-25 Francotyp-Postalia AG & Co. KG Machine à affranchir avec un dispositif de transmission de données
WO2004001617A1 (fr) * 2002-06-24 2003-12-31 United States Postal Service Systeme et procedes de fabrication d'une etiquette de courrier express

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4831554A (en) 1986-04-10 1989-05-16 Pitney Bowes Inc. Postage meter message printing system
US4933849A (en) 1987-07-16 1990-06-12 Pitney Bowes Security system for use with an indicia printing authorization device
DE4034292A1 (de) 1990-10-25 1992-04-30 Francotyp Postalia Gmbh Verfahren zum frankieren von postgut und anordnung zu dessen durchfuehrung
US5414851A (en) * 1992-06-15 1995-05-09 International Business Machines Corporation Method and means for sharing I/O resources by a plurality of operating systems
DE4422263A1 (de) 1994-06-24 1996-01-04 Francotyp Postalia Gmbh Verfahren zum Abstimmen des Datenbestandes zwischen einer elektronischen Frankiermaschine und einem Datenzentrum
US6587843B1 (en) 1995-12-15 2003-07-01 Francotyp-Postalia Ag & Co. Method for improving the security of postage meter machines in the transfer of credit
US5742683A (en) * 1995-12-19 1998-04-21 Pitney Bowes Inc. System and method for managing multiple users with different privileges in an open metering system
DE19549305A1 (de) 1995-12-22 1997-07-03 Francotyp Postalia Gmbh Verfahren und Anordnung zur Dateneingabe in eine Frankiermaschine
DE69735672T2 (de) * 1996-09-24 2007-03-29 Ascom Hasler Mailing Systems, Inc., Shelton Frankierung mit digitalem postgebührennachweis
DE19731304B4 (de) 1997-07-14 2005-02-24 Francotyp-Postalia Ag & Co. Kg Verfahren zur Statistikmodusnachladung und zur statistischen Erfassung nach Statistikklassen bei der Speicherung eines Datensatzes
DE19748954A1 (de) 1997-10-29 1999-05-06 Francotyp Postalia Gmbh Verfahren für eine digital druckende Frankiermaschine zur Erzeugung und Überprüfung eines Sicherheitsabdruckes
US6064993A (en) * 1997-12-18 2000-05-16 Pitney Bowes Inc. Closed system virtual postage meter
US6820065B1 (en) * 1998-03-18 2004-11-16 Ascom Hasler Mailing Systems Inc. System and method for management of postage meter licenses
DE19818708A1 (de) * 1998-04-21 1999-11-04 Francotyp Postalia Gmbh Verfahren zum Nachladen eines Portoguthabens in eine elektronische Frankiereinrichtung
DE19847951A1 (de) 1998-10-09 2000-04-20 Francotyp Postalia Gmbh Anordnung und Verfahren zur Speicherung von Daten über eine Benutzung eines Endgerätes
DE19847947A1 (de) 1998-10-09 2000-04-20 Francotyp Postalia Gmbh Anordnung und Verfahren zur Speicherung von Daten über eine Benutzung eines Endgerätes
DE19913067A1 (de) 1999-03-17 2000-09-21 Francotyp Postalia Gmbh Verfahren zur automatischen Installation von Frankiereinrichtungen und Anordnung zur Durchführung des Verfahrens
EP1067482B1 (fr) * 1999-07-05 2012-11-14 Francotyp-Postalia GmbH Image imprimée
WO2001037224A1 (fr) * 1999-11-16 2001-05-25 Neopost Inc. Gestion de plusieurs fonctions postales sur un seul compte et systeme a cet effet
DE19958941B4 (de) 1999-11-26 2006-11-09 Francotyp-Postalia Gmbh Verfahren zum Schutz eines Gerätes vor einem Betreiben mit unzulässigem Verbrauchsmaterial
DE10023145A1 (de) 2000-05-12 2001-11-15 Francotyp Postalia Gmbh Frankiermaschine und Verfahren zur Freigabe einer Frankiermaschine
US7000107B2 (en) * 2000-09-30 2006-02-14 Microsoft Corporation System and method for using dynamic web components to remotely control the security state of web pages
US20020169874A1 (en) * 2001-05-09 2002-11-14 Batson Elizabeth A. Tailorable access privileges for services based on session access characteristics
US20030097337A1 (en) * 2001-11-16 2003-05-22 George Brookner Secure data capture apparatus and method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1999048053A1 (fr) * 1998-03-18 1999-09-23 Ascom Hasler Mailing Systems Inc. Systeme et procede de gestion de licences d'affranchisseuses
EP0948158A2 (fr) * 1998-04-01 1999-10-06 Francotyp-Postalia GmbH Procédé de distribution sécurisée de clés
DE19830055A1 (de) * 1998-06-29 1999-12-30 Francotyp Postalia Gmbh Verfahren zur sicheren Übertragung von Dienstdaten an ein Endgerät und Anordnung zur Durchführung des Verfahrens
EP0986028A2 (fr) * 1998-09-11 2000-03-15 Francotyp-Postalia Aktiengesellschaft & Co. Procédé d'entrée de données dans un appareil de service et dispositif pour la mise en oeuvre de ce procédé
US20020083020A1 (en) * 2000-11-07 2002-06-27 Neopost Inc. Method and apparatus for providing postage over a data communication network
EP1244064A1 (fr) * 2001-03-21 2002-09-25 Francotyp-Postalia AG & Co. KG Machine à affranchir avec un dispositif de transmission de données
WO2004001617A1 (fr) * 2002-06-24 2003-12-31 United States Postal Service Systeme et procedes de fabrication d'une etiquette de courrier express

Also Published As

Publication number Publication date
DE102004014427A1 (de) 2005-10-27
US7996884B2 (en) 2011-08-09
EP1577840A3 (fr) 2007-07-25
US20050209875A1 (en) 2005-09-22

Similar Documents

Publication Publication Date Title
EP0944027B1 (fr) Machine à affranchir et un procédé pour générer des données valables pour affranchir
EP0779601B1 (fr) Procédé de paiement du rechargement d'une machine à affranchir
DE3712138B4 (de) Verfahren zum Betrieb eines Frankiermaschinensystems
DE69634397T2 (de) Verfahren zum Erzeugen von Wertmarken in einem offenen Zählsystem
DE69533611T2 (de) Frankiermaschinenvorrichtung, System und Verfahren zum Kommunizieren mit Frankiermaschinen
DE19731304B4 (de) Verfahren zur Statistikmodusnachladung und zur statistischen Erfassung nach Statistikklassen bei der Speicherung eines Datensatzes
EP2058769A1 (fr) Procédé d'affranchissement et système d'expédition de courrier avec augmentation de frais de port centrale
DE69729915T2 (de) Verfahren und Vorrichtung zur ferngesteuerten Änderung von Sicherheitsmerkmalen einer Frankiermaschine
EP1577840A2 (fr) Procédé de gestion à l'aide d'un serveur pour le contrôle de la sécurité des services et dispositif pour fournir des données en fonction de la gestion de la sécurité dans un système d'affranchissement
EP0930586B1 (fr) Dispositif et méthode pour l'échange de données entre une machine d'affranchissement et des cartes à puce
EP0866427B1 (fr) Système de traitement de courrier avec une station de base de machine commandée par un ordinateur individuel
DE19757653C2 (de) Verfahren und postalisches Gerät mit einer Chipkarten-Schreib/Leseeinheit zum Nachladen von Änderungsdaten per Chipkarte
EP0969420B1 (fr) Procédé pour sécuriser la transmission de données de service à un terminal et dispositif pour la mise en oeuvre de ce procédé
DE10305730B4 (de) Verfahren zum Überprüfen der Gültigkeit von digitalen Freimachungsvermerken
EP1337974B1 (fr) Procede servant a porter des marques d'affranchissement sur des envois postaux
EP1619630A2 (fr) Procédé et dispositif pour rembourser des frais d'affranchissement
EP1037172B1 (fr) Procédé pour l'installation automatique de machines à affranchir et dispositif pour sa mise en oeuvre
DE60015907T2 (de) Verfahren und Vorrichtung zur Erzeugung von Nachrichten welche eine prüfbare Behauptung enthalten dass eine Veränderliche sich innerhalb bestimmter Grenzwerte befindet
DE69930202T2 (de) Verfahren zur Begrenzung der Schlüsselbenutzung in einem Frankiersystem welches kryptographisch gesicherte Briefmarken produziert
EP1202223B1 (fr) Machine postale et procédé pour l'initialisation
DE102004033598A1 (de) Verfahren zur Speicherung und Verwaltung von Daten und Anordnung zur Durchführung des Verfahrens
EP1279147A1 (fr) Procede servant a pourvoir des envois postaux de mentions d'affranchissement
EP0952560A2 (fr) Procédé de rechargement du solde postal d'une machine à affranchir électronique
EP1486028B1 (fr) Procede et dispositif permettant de creer des documents infalsifiables verifiables
WO2005038416A1 (fr) Procede pour effectuer un paiement sans numeraire

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR LV MK YU

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: FRANCOTYP-POSTALIA GMBH

PUAL Search report despatched

Free format text: ORIGINAL CODE: 0009013

AK Designated contracting states

Kind code of ref document: A3

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA HR LV MK YU

RIC1 Information provided on ipc code assigned before grant

Ipc: G07B 17/04 20060101ALI20070619BHEP

Ipc: G07B 17/00 20060101AFI20070619BHEP

17P Request for examination filed

Effective date: 20070905

17Q First examination report despatched

Effective date: 20071012

AKX Designation fees paid

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20100511