EP2183698A2 - Gestion et partage de coffres-forts dematerialises - Google Patents
Gestion et partage de coffres-forts dematerialisesInfo
- Publication number
- EP2183698A2 EP2183698A2 EP08826806A EP08826806A EP2183698A2 EP 2183698 A2 EP2183698 A2 EP 2183698A2 EP 08826806 A EP08826806 A EP 08826806A EP 08826806 A EP08826806 A EP 08826806A EP 2183698 A2 EP2183698 A2 EP 2183698A2
- Authority
- EP
- European Patent Office
- Prior art keywords
- user
- dematerialized
- safe
- rights
- users
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6272—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
Definitions
- the invention relates to the management of a dematerialized safe, that is to say a secure storage space of dematerialized contents.
- dematerialized safes are only accessible by the owner of the dematerialized safe, possibly by authentication using a security module and, in some solutions such as www.e-coffrefort.fr, the owner can "give a proxy "on his safe dematerialized in its entirety with a third party, that is to say, grant him the right to read all the documents stored in the dematerialized safe.
- security module is meant all memory systems such as smart card, USB having means for storing access data whose reading allows the authentication of the carrier to allow or not access to a storage area.
- these security modules allow or not to their bearer access to the whole of the materialized safe of the carrier.
- the power of attorney can therefore only be used in a limited way.
- the invention relates to a method for managing dematerialized safes, comprising a step of assigning, for at least a first part of a secure storage space associated with a first user, rights of access to a second identified user, the first part constituting an exchange space, associated with the first and second users and accessible via a secure link when implementing at least one transaction between the first and second users involving a second user; performing at least one first action on the contents of the first part.
- the invention is based in particular on a segmentation of the secure storage space associated with a user and management, part by part, access rights. Each part of this space can thus be managed independently and shared or not with another user.
- the secure storage space, - or dematerialized safe - also combines the functions of secure archiving for the owner of the dematerialized safe (the first user) and secure one-to-one exchange box on a specific part of the dematerialized safe with a second user.
- the second user does not have access to the documents of the dematerialized safe of the first user that are not intended for him or even visibility on these documents.
- the exchange space is intended for exchanges between the first and second users.
- the exchange space is especially for use reserved for the first and second users, for an interaction between these users and them alone, with the exception of possible access for management reasons by an administrator user.
- the exchange box as a container or storage space, allows an exchange between the two users for whom this exchange box was created, by performing an action on its contents. Such an action can be an addition, a modification, a deletion, a consultation of contents, etc.
- the exchange box is considered as one-to-one in that it materializes a one-to-one relationship between two users.
- a first set of users - for example a set of client users - comprising the first user and, on the other hand, a second set of users - named set of service provider, business and / or administration users - including the second user.
- the exchange box is said to be secure in that, on the one hand, it is accessible only via a secure link and, on the other hand, the exchanges and operation on the contents of this box are carried out only in an environment secure, for example in the secure environment of a trusted third party.
- the access rights to the game are granted to well-identified users who must be authenticated to benefit from it, and not to groups of users - groups to whom at any time a new user may be added - as is the case for the file management systems usually available under the operating systems of personal computers. It is in particular possible to grant such rights to a single second user, in order to have a secure exchange mode between the first user and the second user and reserved exclusively for these two users.
- Rights granted by one user to another may also be granted reciprocally or only in one direction, as needed.
- the access rights attributed to the second user for said determined part are such that said secure exchange box allows a bidirectional exchange between said first user and said second user.
- the first user has complete control in terms of management rights (sharing, exchange, etc.) on all the content that he transmits and / or receives from this second user using this first part.
- the management method comprises allocating for at least one other determined part of a dematerialized safe of access rights to at least one other second user, so that said at least one other determined part constitutes a secure exchange box between said first user and said at least one other second user.
- the first user has in his electronic safe of several boxes of one-to-one exchanges with different second users, some of these second users may be constituted by a community.
- the method according to the invention comprises, in the event of a request for access to the first part sent by a user, a step of authentication of this user, in particular to verify that he is one of the associated users. at the first part and has access rights on this part.
- the first part is a highly secure space, with a level of security in terms of access identical to that of a safe. Because of this compartment partitioning, there is no risk of involuntary transfer of content to another part of the safe.
- the different parts of the secure storage space associated with a user are formed by safes, the secure storage space associated with a user thus forming a set of chests or room safe for this user.
- the method according to the invention comprises a step of implementing, on request from a user, a transaction between the first and second users involving the execution of at least a first action on the content of the first part, provided that the requesting user is authenticated and has access rights to the first party authorizing said first action.
- a control can be performed each time an action is performed on a safe, and in particular depending on the identity of the user requesting the execution of the transaction.
- the storage space further comprises a second part, called private part, on which the first part user has all access rights and management rights to share elements of the private part with at least a third user.
- the storage space further comprises a third part, called public part, for which the first user has assigned to a plurality of users access rights comprising at least reading rights.
- the first user has at his disposal different types of storage space: shared use (first part), private use (second part) or public use (third part). It can therefore manage its data by associating with each part a type of use.
- the transaction involves performing at least one second action on the content of another part of said storage space or another storage space associated with another user.
- the transaction comprises an action of transferring a content of the first part to another part of a secure storage space or vice versa.
- each access to a safe is conditioned by the existence of sufficient rights to allow a user to trigger the execution of one or more actions on one or more safes.
- the invention relates to a server for managing at least one dematerialized safe, comprising means for assigning access rights for allocating, for at least a first part of a storage space secure access associated with a first user, rights of access to a second identified user, the first part constituting an exchange space, associated with the first and second users and accessible through a secure link during the implementation of the minus a transaction between the first and second users involving execution of at least a first action on the content of the first part.
- the invention relates to a data storage medium comprising a secure storage space associated with a first user, for a first part of which access rights are allocated to a second identified user, the first part constituting an exchange space, associated with the first and second users and accessible through a secure link during the implementation of at least one transaction between the first and second users involving an execution of at least a first action on the content of the first part.
- the invention relates to a security module according to the invention associated with a first user associated with a secure storage space, characterized in that it comprises means for storing access data to a user. determined part of said storage space on which access rights are allocated to a second identified user, the first part constituting an exchange space, associated with the first and second users and accessible through a secure link during implementation at least one transaction between the first and second users involving an execution of at least a first action on the content of the first part.
- the security module according to the invention comprises access data to all of the secure storage space.
- the invention is applicable to all kinds of operations and / or processing involving an exchange via an electronic document.
- the security module according to the invention can be used in particular for the implementation of a transaction between first and second users requiring access to said exchange space, in particular for the implementation of a payment transaction.
- Another object of the invention is a computer program comprising program code instructions for executing the steps of the method of management above when said program is run on a computer.
- the various steps of the method according to the invention are implemented by software or computer program, this software comprising software instructions intended to be executed by a data processor of a management server safes and being designed to control the execution of the different steps of this process.
- the invention is also directed to a program that can be executed by a computer or a data processor, which program includes instructions for controlling the execution of the steps of a method as mentioned above.
- This program can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable shape.
- the invention also relates to a data carrier readable by a computer or data processor, and comprising instructions of a program as mentioned above.
- the information carrier may be any entity or device capable of storing the program.
- the medium may comprise storage means, such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a magnetic recording medium, for example a floppy disk or a disk. hard.
- the information medium may be a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means.
- the program according to the invention can be downloaded in particular on an Internet type network.
- the information carrier may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the method in question.
- FIG. 1 a simplified diagram of an architecture integrating a dematerialized safe according to the invention
- FIG. 2 a simplified block diagram of a dematerialized safe according to the invention
- FIG. 3 a simplified block diagram of certain processes of use of a materialized safe according to the invention
- FIGS. 4a, 4b, and 4c a graphical interface of a dematerialized safe according to the invention when accessing a determined part of said dematerialized safe, respectively during the authentication, when accessing the dematerialized safe as a whole, and when accessing the determined part,
- Figure 5 a graphical interface of a dematerialized safe according to the invention when presenting the content of a given part of the dematerialized safe
- a graphical interface of a dematerialized safe according to the invention during an action of depositing contents in a given part of the dematerialized safe, respectively when choosing the filing action, when selecting the content to be deposited, when choosing to sign and / or encrypt the content to be deposited, when presenting the content after filing.
- Figure 7 illustrates an embodiment of a process running on one or more safes.
- Figure 1 illustrates an infrastructure in which the dematerialized safes are hosted by S servers, especially in bunkers distributed by geographical plate.
- the authentication authorizing or not the access to the vault of materialized is done on the basis of bi-keys (infrastructure PKI with public key and private key) after reading this one in a module of security, such as a smart card, a USB key, an NFC chip, a SIM card of a mobile phone, an RFID support, etc.
- a module of security such as a smart card, a USB key, an NFC chip, a SIM card of a mobile phone, an RFID support, etc.
- the keys and digital certificates used in these two-key infrastructures are in particular of the X509 type. They allow in addition to the authentication, the signature and the encryption of the services proposed by the dematerialized safe, that is to say the data constituting the program implementing these services. In particular embodiments, the principles of elliptic or factorial cryptography will be used.
- the PIN code entered by the user when reading the key for the two-key authentication may be replaced by a biometric capture (retina, fingerprint, facial morphology, etc.).
- strong authentication is used to authenticate a user U1 when accessing a safe C1 associated therewith or a part C1i of the safe.
- FIG. 1 shows, in particular, a server S comprising a memory M and an interface 10.
- the server S forms an access portal to the data stored in memory, which access is made via the interface 10.
- the memory M includes several dematerialized strong dematerialized safes C1, ..., Cj.
- the first user U1 is the possessor of the dematerialized safe C1, that is to say that he has rights to manage the virtual safe deposit box C1 and all the rights of access to this dematerialized safe. C1.
- the interface 10 authorizes the presentation on the terminal of the user U1 of the contents of the dematerialized safe C1.
- the security module SM 1 is a user access device, that is to say used to allow access to safes associated with a user.
- the user U1 when the user U1 wishes to access a specific part C1i his dematerialized safe C1 serving as exchange box with a second user AUi using a terminal connected to a network N , it authenticates with the interface 10 of the server S using the access data stored in the security module SM1 L
- the interface 10 allows the presentation on the terminal of the user U1 of the content of the determined part C1i of the dematerialized safe C1.
- the user U1 wishing to access a determined part C1 i his dematerialized safe C1 will first have to access the entire safe dematerialized with the security module SM1 then to the determined part C1i using the security module SMI i.
- the user U1 will directly access the determined part C1i by only authenticating with the dedicated security module SM1i.
- the security module SMIi is a device for access by use since the determined part C1i corresponds to a particular use of the dematerialized safe C1, such as the interaction with a second user AUi proposed by C1 i, the public provision of elements proposed by C1k of Figure 2, a private secure archiving proposed by C1n of Figure 2, etc.
- the server S having several dematerialized safes, another second user AUj having a dematerialized safe Cj of which he is the first user, the user AUj is able to request the transfer of a content "req_transfert_d" from its dematerialized vault to another dematerialized safe C1 of the server S in which a determined part C1j constitutes a secure exchange box between the first user U1 possessor of the dematerialized safe C1 and the other second user AUj (shown by arrow 1 in Figure 1).
- the interface 10 will then transfer the contents of the dematerialized safe
- the transfer is executed only if the user possessing the data receiving vault has granted sufficient rights to the user who owns the source vault, especially if these rights are sufficient to access reading the content to be transferred.
- the invention makes it possible to implement a simple and secure multi-user exchange method with users having different profiles (companies, individuals, administration, etc.).
- the transmissions between the terminals of the different users U1, AUi, AUj and the dematerialized safes on the server S are secured, for example by encryption of all the data transmitted as illustrates it in FIG. 2 and / or use of a secure one-to-one tunnel between the user (his terminal or a company server) and the dematerialized safe such as HTTPS or a VPN or SSL VPN tunnel and / or signature and / or integrity.
- the invention allows single users to have an up-to-date archive without worrying about storage, storage, durability of content, security.
- the dematerialized safe C1 of FIG. 2 shows the dematerialized safe as the basis of a secure one-to-one multiplex mail box. Indeed, the dematerialized safe C1 is cut into several determined parts C12 ... C1 i, C1i + 1 ... C1j ... C1k ... C1n-1, C1n. The whole of the dematerialized safe C1 is accessible in reading and writing to a first user U1 considered as the possessor of the dematerialized safe C1.
- the first user stores in his dematerialized safe, for example, identification data: for example a credit card number for reading by a second merchant user (the reading rights are granted only when 'a purchase during the duration of the transaction) either manually by the first user, or automatically by the dematerialized safe in response to a purchase order issued by the first user, personal biometric data, medical records accessible by all hospitals as a second user, etc.
- identification data for example a credit card number for reading by a second merchant user (the reading rights are granted only when 'a purchase during the duration of the transaction) either manually by the first user, or automatically by the dematerialized safe in response to a purchase order issued by the first user, personal biometric data, medical records accessible by all hospitals as a second user, etc.
- identification data for example a credit card number for reading by a second merchant user (the reading rights are granted only when 'a purchase during the duration of the transaction) either manually by the first user, or automatically by the dematerialized safe in response to a purchase order issued by the first user, personal biometric data,
- the other users of several predetermined parts are one and the same user AUi authorized to access its parts C1 i and C1i + 1 for reading and / or writing constituting then several boxes of one-to-one exchanges between the first user U1 and the second user AUi.
- the boxes can be dedicated to specific exchanges: the box C1i exchanges linked to the contract (s) between the first user U1 and the second user AUi (the second user AUi being for example an insurance company) , and the exchange box C1 i + 1 exchanges between the first user U1 and the second user AUi related to (s) claim (s) compensation by the first user U1 to the second user AUi.
- Certain C1k determined portions of the C1 electronic safe are read-only to several other users (other second users) AUi, AUj and AUk. These determined parts C1 k of the dematerialized safe
- C1 then constitute a public consultation box (in which the first user stores or archives the proof of address for example).
- the electronic safe C1 nevertheless retains in the example of the figure
- the contents deposited in these different determined parts of the dematerialized safe C1 are stored by the first user U1 and possibly by a second user in one of these specified parts for which he is authorized. If the contents are simply stored, the first user U1 has the complete management, that is to say that in addition to the rights of deposit of contents, he has the right to modify and destroy them. In a variant of the invention, certain contents are archived that is to say stored with prohibition of modifying or destroying them during a given period of time which constitutes the archiving duration, for example for contents such as bank statements for 10 years.
- the applicant chooses to deposit a content in the archive mode
- the first user U1 archives some of the contents stored in the dematerialized safe C1
- the safe -dematerialized CI identifies a content during its filing as to archive (using for example means of identification of the type of content).
- the first user or the electronic safe-deposit box CI indicates the archiving duration of the content to be archived.
- the virtual safe Vault C1 consults, after identification of the content type, a table of archiving duration associating a type of content with an archiving duration by reading for the type of content identified the associated archiving duration .
- FIG. 3 illustrates the use of the determined part C1 i of the dematerialized safe C1 of FIG. 2.
- the owner U1 wishing to perform an action At on the content of this determined part C1 i of the dematerialized safe C1, he authenticates [Authent] possibly by PKI verification [PKI?] (Authentication by bi key) following the reading of access data on a specific security module SM 1 i [read SM 1 i] and / or verification of a PIN code [PIN?] following its input [Key PIN]. If the authentication is negative, access authorization is denied and the first user U1 must re-authenticate.
- PKI verification PKI verification
- the user U1 After a positive authentication, the user U1 is authorized to access the determined part C1 i of the dematerialized safe C1 and a link is established between the first user U1 and the determined part C1 i of the dematerialized safe C1 [Open C1 i] for example by opening a VPN tunnel.
- the structure implemented is a structure in accordance with the standards Pris v2 and X509 v3.
- FIG. 3 shows two examples of types of actions At: the transmission of content to another user [Send C1 i content w ] and an action on the content itself: creation, modification, consultation, printing, destruction, etc. [Action / C1 i content w ].
- the transmission of content to another user AUi is, for example, performed by opening an email having the attachment content.
- the other user AUj does not necessarily have a dematerialized safe required in the case of the transfer illustrated in FIG. 1. If the action on the content modifies the latter (for example creation of a content, repository, modification, etc.), the action ends with the recording of the modified content in the determined part C1i of the semiconductor safe C1 [Store new C1i content w ].
- the second user AUi having access to this determined part C1i of the dematerialized safe C1 and wishing to perform an action At on the content of this determined part C1 i of the dematerialized safe C1, authenticates [Authent] and proceeds with the steps previously described.
- Authentication in the case of another user can be performed using a specific API identification application thus enabling an organization to automate actions on the strong dematerialized vaults of several distinct users in which they have secure exchange boxes (For example, a company wishing to file salary slips for its employees in their personal dematerialized safes).
- each of the users may require the execution of a process involving the execution of a plurality of actions on one or more parts of one or more safes.
- an embodiment of the invention comprises the consultation by another second user AUk without authentication, AUk this user having only read access to this public comment box.
- the interfaces of the first user U1 and / or the second user AUi with the dematerialized safe C1 are, in a variant of the invention, composed of a client interface, for example in the form of a client application implemented. by a computer program and its complement the interface 10 shown in Figure 1.
- the following figures illustrate a variant of the invention in which the interface is composed of a communication interface, for example a client-side Internet browser and a server-side Internet communication interface, and the interface 10 of the safe. dematerialized C1 only server-side.
- the interface 10 transmits the data necessary for the graphic presentation in the Internet browser to the interaction of the first user U1 on the virtual safe deposit box C1. This data is copied temporarily either directly into the terminal of the first user U1 or into the proxy of the terminal.
- the same first user U1 can access his dematerialized safe from any terminal connected to the network N to which the server is attached.
- Figure 4a shows the home page of the server S for access to a dematerialized safe, page on which the first user U1 enters his password or PIN to perform the authentication that will allow access or not the first U1 user to his dematerialized safe Cl
- the first user U1 will only be allowed to enter his code PlN after reading a security module SM 1 indicating that the holder of the security module SM 1 has the right of access to the virtual safe deposit box C1.
- This dematerialized safe C1 which means in our example that it has the rights of reading and writing on the whole of the dematerialized safe C1 and the rights of management of the determined parts of the dematerialized strong C1 which are not specified parts constituting pre-established exchange boxes.
- the management rights are shared between the server administrator and the first user U1, that is to say the owner, of the dematerialized safe C1 or only assigned to the first one. U1 user.
- the administrator has the right to the creation of a dematerialized safe C1 to create specific parts for which he grants rights of access to second users AUi, AUj, AUk so that these parts determined constitute exchange boxes between the first user U1 and the second users AUi, AUj, AUk.
- the first user U1 has more or less limited management rights because composed of only one, a combination or all of the following rights listed in a non-exhaustive manner: - directory creation,
- the access rights granted to the second user AUi are granted or not according to a selection made by the administrator.
- the user AUi with which the part C1 i is shared may also have management rights on this part, to assign or not certain access rights to the user U1.
- the access rights that can be assigned by a user to another user include: - read or write rights; delete or add rights; - modification rights.
- the part AUi being shared, the access rights attributed to the user U1, respectively AUi, are limited, in particular so that the user U1 can not destroy or move a content deposited in this space by the AUi user or vice versa, but only to consult or copy it.
- the management rights allocated to the user U1, respectively AUi are also limited to the allocation of a predetermined subset of the set of access rights.
- a right of access is granted conditionally to an authorization of the managing user assigning this right on this part: in this case a request for authorization is sent to the managing user before executing concerned, for example before making a change. In this way, fine management of access to the contents of a safe is possible.
- an allocation of access rights default to associated users is performed by an administrator user.
- any dematerialized safe generated by the administrator may include a determined part C1i constituting a box of exchange with the same second user AUi because common to a large number of people (banks, distributors of electricity, etc ..) and each first user U1 is free to choose to receive the contents from this second user AUi in dematerialized form in the determined part C1 i of his dematerialized safe constituting a box of exchange with the second user AUi by granting the rights of access provided by the administrator for this second user AUi or to refuse the dematerialized contents of this second user AUi (for example because he wishes to continue receiving the paper document) by granting the access rights provided by the administrator for this second AUi user.
- the dematerialized safe according to the invention thus prohibits multi-user interactions at the dematerialized vault.
- the first user U1 archive for his personal needs in the determined parts of the dematerialized safe constituting private boxes C1 n, or the first user U1 exchange with a second user AUi in a one-to-one and possibly bidirectional way in a specific part of the dematerialized safe constituting an exchange box C1i with this second user AUi, or the first user makes available to several second contents AUi, AUj and / or other second users in a given part of the dematerialized safe constituting a public box C1k equivalent to a subscriber multicast broadcast.
- said rights granted by a first user to a second user on a determined part of a safe or when sharing a directory or a document of a party are limited in the time and / or limited to a given use:
- these rights are granted for a predetermined period of time or for a given date; this means that the action or actions for which these rights have been granted can only be executed during that period of time or on that date; and or - these rights are granted only for the execution of a predetermined maximum number of times the action or actions for which these rights were granted; this means for example a single read / write operation of a content can be performed, or only a limited number of files can be read or saved in the part of the vault for which rights have been granted (eg deposit each month a salary sheet by a company in the shared vault with a user); and or
- these rights are granted only for the execution of the action, or actions for which these rights were granted, as part of a predetermined process; this means, for example, that write / read access to a portion of a vault is only allowed for one or more processes identified and previously selected by the user or administrator with appropriate management rights over the safe concerned.
- These processes correspond, for example, to one or more transactions or basic services or to a complex transaction or service.
- the transactions or services that a user can trigger are offered to him via a user interface, for example in the form of a list. It is sufficient that the user selects a transaction among those proposed and triggers it so that it is then executed automatically.
- Figure 4b shows the graphical interface when the first user U1 is authorized to access the dematerialized safe C1.
- This interface presents the contents of the dematerialized vault C1, namely, in our example, two specific parts C1i and C1n: the determined part C1i constituting an exchange box with a second user AUi and the determined part C1 n being a determined part private, to which only the first user U1 has access.
- the last LA access to each determined part C1 i and C1n is indicated.
- the interface 10 sends the data corresponding to the page presented in FIG. 4c.
- the page proposes to the first user U1 different actions in relation to this determined part C1i: to change management parameters of this determined part C1 i [Param], to display the logbook of this determined part C1i [Diary], of enter [Enter] or return to the previous [Close] page.
- any action At on a content of the dematerialized safe C1 is timestamped: filing date, date of modification, etc.
- the logbook [Diary] viewable in FIG. 4c will provide the history of the actions At on the contents of the determined part C1i based on the dates provided by this timestamp.
- any deposited content will be certified.
- the electronic safe C1 is able to check the integrity of the consulted content, printed, etc. with respect to the same content when it is issued by the applicant and to provide an indication of that integrity.
- the authentication made by the first user U1 when he enters the virtual safe vault C1 is considered sufficient, or the first user U1 is asked for specific authentication, possibly by reading another security module SM1 i indicating the access rights to the determined part C1i of the security module holder SM1i in this case the first user U1.
- the graphical interface allows the first user U1 to view the content of this determined part C1 i as shown in FIG.
- this authentication is done when the first user U1 selects the determined part C1i on the graphical interface presented in FIG. 4b. Then the action of entering the graphical interface of FIG. 4c enables the first user U1 to visualize the content of this determined part C1i as shown in FIG.
- the content of the determined part C1i is composed in our example of a tree of directories including various contents such as documents of any type: audio, images, video, texts, etc., of any format (jpeg, doc, ppt , pps, etc.), compressed (regardless of the type of compression) or not.
- the graphical interface possibly indicate the last LA access to this determined part C1i, and / or the modification date of each document, and / or the signature date if the content is signed, etc.
- the graphical interface also proposes to the first user U1 one or more actions A1,.,., AT on this determined part C1i of the dematerialized safe Ci such as one or more of the following actions:
- the first user by means of a command interface (mouse, keyboard, voice command, etc.) selects the directory in which the content (s) will be deposited and then browses.
- the directories of the terminal to fetch the content, optionally chooses to sign and / or encrypt the content to be deposited, and by means of a return interface (screen, speaker, etc.) verifies that the content or contents are in the chosen repertoire;
- the first user by means of a command interface (mouse, keyboard, voice command, etc.) selects the content (s), chooses for each content to sign and / or to encrypt the contents to be deposited by clicking on sign and / or to encrypt, and by means of a return interface (screen, speaker, etc.) verifies that the chosen content (s) are signed and or to encrypt (an icon appearing highlighting for each document the date or dates of signature and / or encryption operations;
- a command interface mouse, keyboard, voice command, etc.
- a return interface screen, speaker, etc.
- Print existing content For example, by surfing open open vault directories, the first user using a command interface (mouse, keyboard, voice command, etc.) selects the print content (s). and indicates his choice to print by clicking on "Print” and then possibly by validating the type of printer and / or the printing options chosen; - Move in this determined part C1i an existing content,
- the first user when surfing the open dematerialized vault directories, the first user by means of a command interface (mouse, keyboard, voice command, etc.) selects the content or contents to be moved, the recipient directory chooses the option to copy or paste and possibly validate the choice;
- a command interface mouse, keyboard, voice command, etc.
- the first user using a command interface (mouse, keyboard, voice command, etc.) selects the content (s) to be viewed, and clicks
- a command interface mouse, keyboard, voice command, etc.
- the first user when surfing open open vault directories, the first user by means of a command interface (mouse, keyboard, voice command, etc.) selects the content (s) to be sent, the recipient directory indicates its choice to send the content by clicking on "Send" and the recipient (s) possibly using a dialog whose opening was triggered by the choice to send and in which, in a mode of particular embodiment of the invention, the first user can enter an accompanying message, the sending will be done by email, SMS, etc.
- an acknowledgment will be either retransmitted in the mailbox specific to the first user, or deposited in the directory of the dematerialized vault in which the sent content is located; - Transfer to another dematerialized safe an existing content:
- the first user by means of a command interface (mouse, keyboard, voice command, etc.) selects the content (s) to be sent, the recipient directory and the dematerialized safe in which will be transferred the contents, indicates its choice to transfer the content or contents by clicking on "Transfer", in a particular embodiment of the transfer according to the invention, a request for validation of the transfer of safe dematerialized safe to dematerialized safe will be made to the possessor of the dematerialized safe sender and / or to the possessor of the dematerialized safe recipient, in one embodiment particular of the transfer according to the invention, a transfer report may also be presented; such a transfer can therefore be triggered by the owner of the sender's dematerialized safe or that of the receiving dematerialized safe.
- a command interface mouse, keyboard, voice command, etc.
- the first user when surfing open open vault directories, the first user by means of a command interface (mouse, keyboard, voice command, etc.) selects the content (s) to be sent, the recipient directory and the person or the persons with whom to share the content in particular by typing their code, indicates his choice of sharing the content by clicking on "Share", in a particular embodiment of the sharing according to the invention, a sharing state may further be present. These shares are dynamic and can be canceled at any time;
- the actions proposed to the user on the part C1 i of the vault are therefore either actions requiring access to a part and only one of a safe C1, or operations requiring access to at least one other part
- Safety deposit box is either safe C1 or another safety deposit box.
- the graphical interface proposes to the first user U1 to select [select] the content or contents
- the second user AUi in a determined part C1i of a dematerialized safe C1 constituting an exchange box between the first user U1 and the second user AUi, the second user AUi, respectively the first user U1, is notified of a deposit in this determined part C1i of the dematerialized safe C1.
- This notification is carried out by email, SMS, MMS, telephone notification by voice message, etc. indication of a deposit, and / or the name of the deposited content, and / or the type of deposited content, and / or an extract or a copy of all the content deposited, etc.
- the graphical interface proposes to sign [Sign] and / or encrypt [Crypt] each content before it is deposited.
- any movement (writing deposit, modification, etc.) in a dematerialized safe is automatically notarized, that is to say, certified and dated, or even signed.
- the volume of the dematerialized safe is expandable as needed.
- the contents are transmitted in a secure manner, in particular using an https internet link represented by the padlock at the bottom right on the graphical interface of FIG. 6d, of the terminal of the first user U1 to the determined part C1i of the dematerialized safe C1 on the server S so that they are recorded there [New C1i content].
- the invention relates to various aspects of the management of safes.
- the invention relates to a method for managing a dematerialized safe associated with a first user, characterized in that it comprises the allocation for a given part of a dematerialized safe of rights of access to a second user. such that said determined portion constitutes a secure exchange box between said first user and said second user.
- the management method comprises assigning for at least one other determined part of a dematerialized safe of access rights to at least one other second user, such that said at least one other determined part constitutes a secure exchange box between said first user and said at least one other second user.
- the invention also relates to a dematerialized safe associated with a first user.
- the dematerialized vault has at least one determined part whose access rights have been assigned to a second user, such that said determined part constitutes a secure exchange box between said first user and said second user.
- the invention furthermore relates to a server comprising a number of highly dematerialized dematerialized safes such as that described above, said strong dematerialized safes being able to be associated with first distinct users.
- the invention finally relates to a security module associated with a first user of a dematerialized safe.
- the security module comprises means for storing access data to a determined portion of a dematerialized safe, said determined portion being accessible to a second user such that said determined portion constitutes a secure exchange box between said first user and said second user.
- the access data are access data to the whole of said dematerialized safe having at least one determined portion accessible to a second user so that said determined portion constitutes a box of secure exchange between said first user and said second user.
- the security module is a pass allowing the first user to access all the contents of the dematerialized safe.
- the invention allows the implementation of all types of transactions between two or more users: payment, transfer of confidential documents to a bank, sending pay slips, constitution of loan file, etc. It can also be, as illustrated, simple exchanges or sharing of documents between two or more users. These transactions are implemented through one or more parts of one or more safes, thus serving as secure-access exchange spaces reserved for the users associated with this space, for which this space has been created and defined in terms of access rights.
- the transactions are performed by a central entity in the form of a server, acting as a trusted third party, authenticating the users, securing all the records made in the safes, securing all the links established between a vault part and an associated device to user, or between two parts of safes stored, finally securing the execution of the same processes triggering the actions on the safes, this execution taking place in the secure environment of the server S acting as trusted third party.
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Health & Medical Sciences (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Databases & Information Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0756769 | 2007-07-27 | ||
PCT/FR2008/051418 WO2009016327A2 (fr) | 2007-07-27 | 2008-07-28 | Gestion et partage de coffres-forts dematerialises |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2183698A2 true EP2183698A2 (fr) | 2010-05-12 |
Family
ID=39146877
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP08826806A Ceased EP2183698A2 (fr) | 2007-07-27 | 2008-07-28 | Gestion et partage de coffres-forts dematerialises |
Country Status (6)
Country | Link |
---|---|
US (1) | US20100198721A1 (fr) |
EP (1) | EP2183698A2 (fr) |
BR (1) | BRPI0814417A2 (fr) |
CA (1) | CA2694335C (fr) |
MX (1) | MX2010001032A (fr) |
WO (1) | WO2009016327A2 (fr) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8661056B1 (en) * | 2008-11-03 | 2014-02-25 | Salesforce.Com, Inc. | System, method and computer program product for publicly providing web content of a tenant using a multi-tenant on-demand database service |
WO2014016695A2 (fr) | 2012-07-27 | 2014-01-30 | Assa Abloy Ab | Mise à jour d'authentifiants basée sur la présence |
US10001791B2 (en) | 2012-07-27 | 2018-06-19 | Assa Abloy Ab | Setback controls based on out-of-room presence information obtained from mobile devices |
DE102017202183A1 (de) * | 2017-02-10 | 2018-08-16 | Bundesdruckerei Gmbh | Zugriffsverwaltungssystem zum Export von Datensätzen |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6105131A (en) * | 1997-06-13 | 2000-08-15 | International Business Machines Corporation | Secure server and method of operation for a distributed information system |
AU7182701A (en) * | 2000-07-06 | 2002-01-21 | David Paul Felsher | Information record infrastructure, system and method |
JP2002023628A (ja) * | 2000-07-07 | 2002-01-23 | Fujitsu Ltd | 電子的貿易取引サーバ、売主用クライアント、買主用クライアント及び電子的貿易取引方法 |
AUPR372601A0 (en) * | 2001-03-14 | 2001-04-12 | C.R. Group Pty Limited | Method and system for secure information |
US20030088771A1 (en) * | 2001-04-18 | 2003-05-08 | Merchen M. Russel | Method and system for authorizing and certifying electronic data transfers |
US20040260948A1 (en) * | 2003-06-23 | 2004-12-23 | Tatsuhiko Miyata | Server and control method for managing permission setting of personal information disclosure |
-
2008
- 2008-07-28 CA CA2694335A patent/CA2694335C/fr active Active
- 2008-07-28 MX MX2010001032A patent/MX2010001032A/es active IP Right Grant
- 2008-07-28 BR BRPI0814417-6A2A patent/BRPI0814417A2/pt not_active Application Discontinuation
- 2008-07-28 US US12/670,510 patent/US20100198721A1/en not_active Abandoned
- 2008-07-28 WO PCT/FR2008/051418 patent/WO2009016327A2/fr active Application Filing
- 2008-07-28 EP EP08826806A patent/EP2183698A2/fr not_active Ceased
Non-Patent Citations (1)
Title |
---|
See references of WO2009016327A2 * |
Also Published As
Publication number | Publication date |
---|---|
CA2694335A1 (fr) | 2009-02-05 |
BRPI0814417A2 (pt) | 2015-01-20 |
US20100198721A1 (en) | 2010-08-05 |
WO2009016327A2 (fr) | 2009-02-05 |
CA2694335C (fr) | 2017-02-28 |
MX2010001032A (es) | 2010-07-28 |
WO2009016327A3 (fr) | 2009-05-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2071798B1 (fr) | Procédé et serveur de coffres-forts électroniques avec mutualisation d'informations | |
EP3343425B1 (fr) | Système et procédé pour la création et la gestion d'autorisations décentralisées pour des objets connectés | |
EP0619660B1 (fr) | Procédé de signature d'un fichier informatique et dispositif pour la mise en oeuvre | |
EP1327345B1 (fr) | Procede de controle d'acces a des adresses de sites internet | |
WO2006053958A9 (fr) | Support personnel de mémoire de masse portatif et système informatique d'accès sécurisé a un espace utilisateur via un réseau | |
FR2802666A1 (fr) | Systeme informatique pour application a acces par accreditation | |
FR3048530B1 (fr) | Systeme ouvert et securise de signature electronique et procede associe | |
CA2694335C (fr) | Gestion et partage de coffres-forts dematerialises | |
CA2647239C (fr) | Procede et serveur pour l'acces a un coffre-fort electronique via plusieurs entites | |
WO2024079144A1 (fr) | Procédé de gestion de données d'authentification permettant l'accès à un service d'un utilisateur depuis un terminal | |
EP3190530A1 (fr) | Carte médicale duale de gestion administrative et de dossier médical et procédés associés | |
FR2898423A1 (fr) | Procede securise de configuration d'un dispositif de generation de signature electronique. | |
WO2023001846A1 (fr) | Procédé de transaction entre un organisme et un établissement sur une chaîne de blocs | |
WO2022208016A1 (fr) | Procédé et système informatique de stockage decentralisé et de partage de fichiers numériques certifiés | |
WO2022184726A1 (fr) | Procédé pour permettre à des utilisateurs de déployer des contrats intelligents dans une chaîne de blocs au moyen d'une plateforme de déploiement | |
EP4298580A1 (fr) | Carte de paiement, procédé d'authentification et utilisation pour un paiement à distance | |
FR3143143A1 (fr) | Procédé de connexion à un compte personnel sur un service en ligne au moyen d’une chaîne de blocs | |
FR2822255A1 (fr) | Procede d'acces automatise et securise a des pages internet, des courriers electroniques ou comptes bancaires | |
FR2752978A1 (fr) | Procede de fermeture, notamment de mise en opposition, d'une pluralite de services, et serveur d'opposition, terminal d'acception et dispositifs portatifs associes | |
WO2012127024A2 (fr) | Procede de generation et d'utilisation d'un titre dematerialise dans un dispositif portable et système de gestion de titres correspondant | |
FR3114714A1 (fr) | Procédé d’accès à un ensemble de données d’un utilisateur. | |
FR3114891A3 (fr) | Système d’identification biométrique | |
CN101601022A (zh) | 数字身份表示的供应 | |
FR2819909A1 (fr) | Procede pour la creation de fichiers de donnees, prives securises et carte a puce comportant un fichier prive securise | |
FR3023039A1 (fr) | Authentification d'un utilisateur |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20100122 |
|
AK | Designated contracting states |
Kind code of ref document: A2 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA MK RS |
|
17Q | First examination report despatched |
Effective date: 20100630 |
|
APBK | Appeal reference recorded |
Free format text: ORIGINAL CODE: EPIDOSNREFNE |
|
APBN | Date of receipt of notice of appeal recorded |
Free format text: ORIGINAL CODE: EPIDOSNNOA2E |
|
DAX | Request for extension of the european patent (deleted) | ||
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: ALMERYS |
|
APBR | Date of receipt of statement of grounds of appeal recorded |
Free format text: ORIGINAL CODE: EPIDOSNNOA3E |
|
APAF | Appeal reference modified |
Free format text: ORIGINAL CODE: EPIDOSCREFNE |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: ALMERYS |
|
APBT | Appeal procedure closed |
Free format text: ORIGINAL CODE: EPIDOSNNOA9E |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20180718 |