EP2163030A2 - Zugangsverwaltungsverfahren - Google Patents

Zugangsverwaltungsverfahren

Info

Publication number
EP2163030A2
EP2163030A2 EP08806056A EP08806056A EP2163030A2 EP 2163030 A2 EP2163030 A2 EP 2163030A2 EP 08806056 A EP08806056 A EP 08806056A EP 08806056 A EP08806056 A EP 08806056A EP 2163030 A2 EP2163030 A2 EP 2163030A2
Authority
EP
European Patent Office
Prior art keywords
user
resource
access
management system
secret
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP08806056A
Other languages
English (en)
French (fr)
Inventor
Vincent Frey
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Orange SA
Original Assignee
France Telecom SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by France Telecom SA filed Critical France Telecom SA
Publication of EP2163030A2 publication Critical patent/EP2163030A2/de
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/104Grouping of entities

Definitions

  • the invention relates to a data transmission method including a step of accessing a resource by a first user or at least a second user.
  • the term "user” may cover, for example, a natural person, an organization, a service, a resource or a process.
  • a request for access to a resource always relates to a single user.
  • the methods known from the state of the art are unusable when it is decided that a first user will have access to any resource if and only if at least a second user has previously requested access to the same resource as the first user.
  • An example would be the consultation of a will by all the legatees on the internet. The legatees can know the content of the will only from the moment all the legatees have requested access to it.
  • Another example would be the access to a telephone bridge by several users of the telephone bridge as soon as (and only if) all the users are ready, that is to say connected on the bridge.
  • the fact that the known methods are unusable in the situations described above has a disadvantage of the current state of the art.
  • the present invention aims to overcome this disadvantage by proposing to link access to a resource to a condition.
  • the method according to the invention is characterized in that said access to said resource is inhibited until said first and said second user have requested to access it.
  • the method is characterized in that it further comprises:
  • the method according to the invention has the advantage of allowing access to a resource if a first user requests access to it, as well as at least one second user.
  • the method is characterized in that it further comprises after said first access request step a step of notifying at least said second completion user of said first step.
  • the method is characterized in that it also comprises
  • a step of determining a code according to the specific information said access step being executed only in the case where said code corresponds to a reference specific to said resource.
  • the method is characterized in that it also comprises
  • the method is characterized in that said specific information is chosen by a resource manager.
  • the method is characterized in that said specific information is chosen by said users.
  • said specific information is chosen by said users.
  • a user can choose specific information that he can easily memorize.
  • the method is characterized in that the step of determining said code comprises a change of a variable as a function of said specific information.
  • the invention also relates to a management system comprising: means for authenticating a first user,
  • the invention also relates to a computer program, comprising program code instructions for performing at least one of the steps of a method described above, when said program is executed on a computer.
  • the invention also relates to a computer program product, comprising program code means, stored on a computer readable medium, for implementing at least one of the steps of a method as described above. when said program is running on a computer.
  • the invention also relates to a data carrier including a program as described above.
  • FIG. 1 represents a flowchart describing the steps of a method for accessing a resource according to the state of the art
  • FIG. 2 represents a flowchart describing the steps of a method for accessing a resource according to the invention.
  • An example of an authentication comprising only one step is the entry by a user of a code known by himself to a management system, for example a code
  • PI N in English: "personal identification number”
  • An example of an authentication comprising more than one step is an authentication divided into two steps: a so-called “identification” step and a so-called “authenticating” step itself.
  • the management system will ask a user to enter for example a login.
  • the management system will ask the user to enter a password, corresponding to the login.
  • This information (called the authorization) is stored in a management system G1 in a non-volatile memory, for example a database.
  • the management system G1 recognizes that the user U has the right to access the resource R1.
  • the management system G1 expects, during a step 13, to enter a specific code only known by the user U to authenticate it, in the broad sense of the word, with the management system G1.
  • the user enters his code, for example a PI N code known by him alone.
  • the system G1 can authenticate the user U. If the user U is not authenticated with the system G1, the process will remain in the step 13. If on the other hand, the user U is authenticated with the system G1, the process continues to a request step of access.
  • step 15 the user U requests access to the resource R1. Because the user U has been authorized before accessing the resource R1, the management system G1 or the resource R1 itself on call of the management system G1, authorizes access to the resource
  • the user U was not previously authorized to access the resource R1 and therefore does not have the rights to this resource R1, the user U will be authenticated but not authorized to access the resource R1. However, in this method above, the user U has access to the resource R1 yes or no independently of the steps of any other user.
  • I l is illustrated by the diagram of Figure 2. It is assumed that previously a first user U1 and at least a second user U2 have been authorized to access any resource R2 any.
  • the information concerning this authorization is stored in a management system G2 in a non-volatile memory M1, for example a database.
  • the G2 identity management system recognizes that the U1 and U2 users have the right to access the resource R2.
  • the user U1 and the user U2 belong to a group of users, previously created, who have a priori the right to access the resource R2.
  • U1 authenticates, during a step referenced 21, and requests, during a step referenced 23, access to the resource R2.
  • the management system G2 checks whether the two users U1 and U2 have requested access to the resource R2, in this case, if the other, second user U2 has also requested access to the resource R2.
  • the check may include checking the presence of a record of an access request by the user U2 in for example another memory M2 of the system G2. If this is not the case (the registration is not present), the management system G2 does not allow the user U1 access to the resource R2 and therefore the user U1 can not access to resource R2. However, the request, meanwhile, the user U1 is recorded, for example in the same memory M2 system G2.
  • the second user U2, in turn, now authenticates during a step referenced 25, and also requests, during a step referenced 27, access to the resource R2.
  • the method then checks during step 29 whether the two users U1 and U2 have requested access to the resource R2, so in this case, the presence of the record of the other (first) user U1 in the memory M2.
  • the result of the verification during the step 29 is now positive and the management system G2 authorizes, during an access step referenced 215, the two users U1 and U2 to access the resource R2.
  • a management system G2 recognizes that the users U1, U2, .., A have the right to access an resource R3.
  • the user U1, the user U2, ... and the user A belong to a group of users, previously created, who have a priori the right to access the resource R3.
  • the method verifies during a next verification step 215, if all the users U1,..., A have requested access to the resource R3. As soon as the result of the verification during step 29 is positive, the users U1,..., A can access the resource R3.
  • This step includes, for example, checking records in an M3 memory, requests from (n-1) users.
  • Each user U1,..., One in any order, must perform the steps 21 1 and 213 described above, synchronously or asynchronously, and without the need for the users to be physically located on the same site. location.
  • the user U1 authenticates with the management system G2 and at the moment when U1 requests access to the resource R3, the management system G2 indicates to U1 that it is waiting for the other users U2. , ..., One also request access to the resource R3. From this moment, the other users U2,..., A are notified by the management system G2. Once they have authenticated themselves and requested access to the resource, the management system allows U1 access to the resource R3. Meanwhile, the G2 management system allows other users U2, ..., One to access the resource R3.
  • the management system G2 asks him to provide a secret that is specific to this user. Then, the management system only authorizes access to the resource provided that all the users U1,..., One have each provided their respective secret to the management system G2 and after control by the management system G2 that the secrets provided are the secrets that are specific to the respective users.
  • the users U1,..., A obtain, for example, when they register beforehand with the management system G2 during a recording step, the secret which will be proper to them.
  • the secret can be chosen by a user himself or attributed to him by an R3 resource manager. In the latter case, the resource manager will therefore know the secrets of users U1, .., A.
  • the secret is for example a string of alphanumeric characters.
  • the channel is specific to the user and known only to him, that is to say not known to other users.
  • the secret that is unique to a user is a part of a cut of a complete secret that protects the resource R3.
  • the complete (or "global") secret that protects the R3 resource will be called later SR secret.
  • the step 29 of waiting includes, in this embodiment, not only the verification that all users U1, .., A have requested access to the resource R but also the control that the secrets SU1, .., SUn specific to the users U1, ..., Un have been provided In this embodiment, the access to the resource R3, as for it is protected by the management system
  • the secret SR would be produced by the notary as a resource manager (indeed, in the state of notarial practice, the notary has good access at any time in the will and therefore knows all the parts of the secret SR.
  • the secret SR would for example functionally closer to the combination of the trunk where the notary stores the will).
  • the management system G2 In order for the method according to the invention to operate, the management system G2 must know the following data:
  • the G2 management system obtains this data as follows:
  • the function C could for example be chosen by the person in charge of the resource R3, or could be registered in the management system G2 during its initialization.
  • the second asymmetric encryption function f also could for example be chosen by the person in charge of the resource R3, or could be registered in the management system G2 during its initialization.
  • a management system database might contain the array: ⁇ resource access permission R3, (SU1: 1), .., (SUn: n) ⁇ .
  • R3 resource access permission
  • (SU1: 1) indicates that the secret of the user U1 occupies the position 1 in the secret cut SR
  • (SUn: n) indicates that the secret of the user A occupies the position n in the SR secret.
  • the management system G2 therefore knows the position occupied by the secret SU1, .., SUn of each user.
  • C (SUi) be the result of an encryption of a secret of a user Ui.
  • the management system will include, for example, a database with the array: ⁇ C, (C (SUI): 1), .., (C (SUn): n) ⁇ .
  • This estimation is obtained in the following manner.
  • the management system G2 on the fly by the function f the result of the concatenation of all secret ciphers SUi users U1, .., One by the function C.
  • the concatenation is done by positioning each secret cipherment C (SUi) in its associated position, that is to say the position chosen by the resource manager for the secret of the user Ui.
  • the management system G2 could contain in a database the couple: ⁇ f, SR_crypted ⁇ .
  • SR_ciphered f (C (SUI), C (SU2), ..., C (SUn)) where C (SUI), C (SU2), ..., C (SUn) represents here the concatenation of all the ciphers of the secrets SUi of the users U1, .., A in setting each secret cipher C (Sui) to the position associated with the secret of the user Ui.
  • the management system Since the management system has stored f and SR_deleted, whoever provides all the parts SUi of the secret SR to the management system can access the resource R3. Indeed, if all SUi_fourni are communicated to the management system G2, the management system G2 can calculate the value of the result of the operation f (C (SU1_fourni), C (SU2_fourni), ..., C (SUn_fourni) ) and compare it with the value of SR_crypted it has stored.
  • the management system can give access to the resource R3 to the one who communicated all the Parties SuiJourni SR secret.
  • SR_file_funded f (C (SU1_provided), C (SU2_provided), ..., C (SUnavailable)) (because the management system G2 knows the position p of each secret part SUi in the cutting of the secret SR), and compare it to the stored SR_value it has stored to allow users to access the R3 resource.
  • the waiting step 29 is performed from a temporary variable V.
  • the resource manager logically breaks the SR secret into 4 parts.
  • the person in charge of the resource FS knows all the parts SU1, .., SU4 but the users U1, .., U4 each know only their part SU1, .., SU4 (that is to say their own secret) respectively . It is also possible that each user U1, ... U4 can choose his own secret SU1, ... SU4 and the resource manager does not know them.
  • the secrets SUi of the users U1, .., A can also be used during the authentication steps 21, 25, 211.
  • the management system after a request from a given user to access the resource R1 waits for another given user to request access to the resource R1.
  • the order could for example be U1, U2, U3 up to Un.
  • the condition can also be related to the time that can occur between two successive requests, for example after the request of a given first user to access the resource R1, the next user must request access within one hour. If the next user does not request access within one hour, the first user's request will be removed.
  • Other conditions or combinations of conditions can easily be contemplated by those skilled in the art.
  • the invention also provides that a user can withdraw his access request, for example if he has not been authorized to access the resource after a predetermined period of time.
  • the invention can also be generalized to the problem of strong authentication, considering that a single user has several secrets and it is necessary for him to provide all his secrets to access a resource.
  • It is also possible to link the access to the resource on the condition that a part of the users U1, .., A has requested access to it. For example, if n 10, only 7 users have requested access to the resource so that all 10 users can actually access it.
  • the conference call is a resource accessible by all the guests who are the users.
  • the conference call is protected by the identity management system as described in the operation of the invention.
  • the solution guarantees that the opening of the conference bridge will be done only when all the guests have asked to connect to it. In addition, it provides evidence that all guests attended the meeting.
  • a notary wants to be able to store the wills in electronic form and make the reading available on the internet.
  • the notary could have an intranet protected by a management system. The will is stored on the intranet and only he and the testator have the right to access it. This is done with traditional techniques. The day the testator dies, the notary sends an order to the management system, which then proposes to all the legatees to create an account (if it does not already exist) on the notary's intranet management system. . The secret protecting the will is then constructed as indicated in the operation of the invention. The invention guarantees that the will can be read by all the legatees via the internet provided that all have consented. The solution further provides evidence that reading to all legatees has been done.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
EP08806056A 2007-06-27 2008-06-23 Zugangsverwaltungsverfahren Withdrawn EP2163030A2 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0756083 2007-06-27
PCT/FR2008/051124 WO2009007578A2 (fr) 2007-06-27 2008-06-23 Procede de gestion d'acces

Publications (1)

Publication Number Publication Date
EP2163030A2 true EP2163030A2 (de) 2010-03-17

Family

ID=38829578

Family Applications (1)

Application Number Title Priority Date Filing Date
EP08806056A Withdrawn EP2163030A2 (de) 2007-06-27 2008-06-23 Zugangsverwaltungsverfahren

Country Status (3)

Country Link
US (1) US8752136B2 (de)
EP (1) EP2163030A2 (de)
WO (1) WO2009007578A2 (de)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5787169A (en) * 1995-12-28 1998-07-28 International Business Machines Corp. Method and apparatus for controlling access to encrypted data files in a computer system
US6775668B1 (en) * 2000-09-11 2004-08-10 Novell, Inc. Method and system for enhancing quorum based access control to a database
US6959394B1 (en) * 2000-09-29 2005-10-25 Intel Corporation Splitting knowledge of a password
US8474028B2 (en) * 2006-10-06 2013-06-25 Fmr Llc Multi-party, secure multi-channel authentication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None *

Also Published As

Publication number Publication date
US8752136B2 (en) 2014-06-10
WO2009007578A3 (fr) 2009-05-07
WO2009007578A2 (fr) 2009-01-15
US20100180320A1 (en) 2010-07-15

Similar Documents

Publication Publication Date Title
EP2071798B1 (de) Verfahren und Server für elektronische Safes mit Informationsbündelung
US9189615B2 (en) Systems and methods for system login and single sign-on
EP2619941B1 (de) Verfahren, server und system zur authentifizierung einer person
FR3048530B1 (fr) Systeme ouvert et securise de signature electronique et procede associe
WO2009096999A1 (en) Apparatus, and an associated methodology, for facilitating authentication using a digital music authentication token
EP3586258B1 (de) Segmentiertes schlüsselauthentifikationssystem
EP3765984A1 (de) Sichere datenverarbeitung
EP2163030A2 (de) Zugangsverwaltungsverfahren
CA2694335A1 (fr) Gestion et partage de coffres-forts dematerialises
EP2071799B1 (de) Verfahren und Server für den Zugang zu einem elektronischen Safe über mehrere Einheiten
FR2867577A1 (fr) Procede permettant de remplir automatiquement des donnees utilisateur en utilisant une identification d'empreintes digitales
WO2015197930A1 (fr) Procédé de partage de fichiers numériques entre plusieurs ordinateurs, et ordinateur, ensemble de stockage de données et système de partage de fichiers numériques associés
FR3090254A1 (fr) Accès sécurise à des données chiffrées d’un terminal utilisateur
WO2024079144A1 (fr) Procédé de gestion de données d'authentification permettant l'accès à un service d'un utilisateur depuis un terminal
FR2913551A1 (fr) Methode d'authentification mutuelle et recurrente sur internet.
WO2022184726A1 (fr) Procédé pour permettre à des utilisateurs de déployer des contrats intelligents dans une chaîne de blocs au moyen d'une plateforme de déploiement
EP3926499A1 (de) Verfahren zur authentifizierung eines benutzers auf einem client-gerät
EP3899765A1 (de) Neuinitialisierung eines anwendungsgeheimnisses über das endgerät
FR3137769A1 (fr) Procédé de sauvegarde de données personnelles sensibles sur une chaîne de blocs
EP2413260A1 (de) Tragbares Endgerät mit sicheren Identifikationssystem
FR3013868A1 (fr) Procede de transmission securisee d'une image d'un document d'identite electronique vers un terminal
FR3007929A1 (fr) Procede d'authentification d'un utilisateur d'un terminal mobile
FR3068801A1 (fr) Procede et systeme de gestion de licences de logiciel d'une entreprise fournissant des services a une entreprise cliente
FR2888437A1 (fr) Procede et systeme de controle d'acces a un service d'un fournisseur d'acces implemente sur un serveur multimedia, module, serveur, terminal et programmes pour ce systeme
FR3041196A1 (fr) Procede de gestion d'une liste d'au moins un mot de passe

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20100118

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA MK RS

DAX Request for extension of the european patent (deleted)
RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: ORANGE

17Q First examination report despatched

Effective date: 20151030

GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

RIC1 Information provided on ipc code assigned before grant

Ipc: G06F 21/31 20130101ALI20180209BHEP

Ipc: H04L 9/08 20060101AFI20180209BHEP

Ipc: G06F 21/30 20130101ALI20180209BHEP

Ipc: H04L 29/06 20060101ALI20180209BHEP

Ipc: H04L 9/32 20060101ALI20180209BHEP

Ipc: G06F 21/62 20130101ALI20180209BHEP

INTG Intention to grant announced

Effective date: 20180306

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20180717

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 9/08 20060101AFI20180209BHEP

Ipc: H04L 9/32 20060101ALI20180209BHEP

Ipc: H04L 29/06 20060101ALI20180209BHEP

Ipc: G06F 21/62 20130101ALI20180209BHEP

Ipc: G06F 21/31 20130101ALI20180209BHEP

Ipc: G06F 21/30 20130101ALI20180209BHEP