EP2245834A1 - Communication de données sécurisée - Google Patents

Communication de données sécurisée

Info

Publication number
EP2245834A1
EP2245834A1 EP09702111A EP09702111A EP2245834A1 EP 2245834 A1 EP2245834 A1 EP 2245834A1 EP 09702111 A EP09702111 A EP 09702111A EP 09702111 A EP09702111 A EP 09702111A EP 2245834 A1 EP2245834 A1 EP 2245834A1
Authority
EP
European Patent Office
Prior art keywords
data
message
command data
terminal
communication protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09702111A
Other languages
German (de)
English (en)
Inventor
Stephan Spitz
Walter Hinz
Erich Englbrecht
Thomas Palsherm
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Giesecke and Devrient Mobile Security GmbH
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of EP2245834A1 publication Critical patent/EP2245834A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/025Protocols based on web technology, e.g. hypertext transfer protocol [HTTP] for remote control or remote monitoring of applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/565Conversion or adaptation of application format or content

Definitions

  • the present invention relates to a method for secure data communication between a terminal and a data processing device.
  • a secure data communication connection is understood as meaning a data communication connection in which the data processing device, preferably when establishing the connection, authenticates to the terminal, the terminal or a user of the terminal authenticates itself to the data processing device and the following data communication is encrypted is carried out.
  • SSH Secure Shell
  • the SSH protocol supports authentication of the data processing device in the role of the "server” in relation to the terminal in the role of the "client” by means of an authentication key of the server, which is also called a host key.
  • an authentication key of the server which is also called a host key.
  • the client and the server exchange a secret transport key, eg by means of the Diffie-Hellman key exchange method, which during data communication is stored at each of the client and the server.
  • the encryption itself then takes place according to a known symmetric encryption method, eg 3DES, IDEA, AES or the like.
  • the integrity of the transmitted data is ensured by a checksum.
  • the SSH protocol further supports an authentication of the client or a user of the client with respect to the server, for example by means of a password, and finally provides various logical channels for now bi-directionally authenticated and encrypted data communication.
  • the client can check the received authentication key by comparing it with a corresponding copy stored locally at the client.
  • the client must already know the authentication key of the server.
  • the authentication key of the server is provided by means of a certificate of a certification authority, which can then be checked by the client. If the client accepts an authentication key of the server which he does not know and which he can not check, there is a risk that a third instance behind the alleged server merely pretends to be the server. At the same time, this instance can pretend to be the client to the actual server and thereby track the entire subsequent data communication between client and server unencrypted or decrypted for the third instance.
  • PC personal computer
  • an SSH-secured data communication connection to a server can only be set up by such clients on which a corresponding security communication-Qient application is implemented.
  • this is true for a large class of terminals, e.g. Mobilfunkend- rate, handhelds and the like, usually not the case.
  • the invention is based on the basic concept of providing the functionality of a security communication client device on a portable data carrier which can be connected to the terminal device and the data processing device for data communication.
  • a portable data carrier which is a security communication client device, provided and connected to the terminal and the data processing device.
  • the data carrier receives a command data message, which comprises command data of the terminal for the data processing device, according to an Internet communication protocol from the terminal.
  • a command data forwarding message is then created in the data carrier according to a security communication protocol based on the command data from the received command data message.
  • the security communication client device of the data carrier then sends the command data forwarding message according to the security communication protocol to a security communication server device of the data processing device.
  • secure data communication can be established between any terminal and a data processing device comprising a security communication server device.
  • the terminal itself does not require a security communication client device for this purpose.
  • Secure protocol conversion between the Internet communication protocol, according to which the command data is sent from the terminal to the data carrier, and the security communication protocol, according to which the security communication client device forwards the created command data forwarding message to the data processing device, takes place in the portable data carrier .
  • secret data in connection with the data communication between the terminal and the data processing device for example a secret transport key for encrypting the data communication, can be securely stored on the data carrier instead of on the terminal.
  • the disk can be against Attacks by means of malicious code and the like are better protected than the terminal and can safely store the secret data in a protected storage area of the data carrier from the access of third parties.
  • authentication data that enable unambiguous authentication of the server with respect to the client for example a host key of the server, can also be securely and verifiably stored on the data carrier.
  • the terminal can remotely control the data processing device by means of the method.
  • the Internet needed to not compromise the security and integrity of the computing device, are all provided by the secure communications client device on the media and by the security communications protocol supported by that device.
  • a data communication connection is made between a web browser of the terminal and a web server of the data carrier in accordance with the Internet communication protocol.
  • the web server of the volume receives the command data message about the established data communication connection from the web browser of the terminal according to the Internet communication protocol.
  • a user of the terminal is provided with a data input and output interface to the security communication client device on the data carrier, which supports data communication between the terminal and the data carrier in a simple and standardized manner.
  • Each device has a web browser or can be easily equipped with it.
  • the data carrier comprises a switching device.
  • the command data message is transferred from the web server to the switch.
  • the switch extracts the command data from the command data message and passes the extracted command data to the security communications client device.
  • the switching device acts as a bridge between the web server and the security communication client device on the data carrier, supports an implementation of the various communication protocols and thus ensures a simple and secure data communication between the terminal and the data processing device.
  • the security communication gateway preferably transforms the command data extracted and transferred by the switching device from the command data message into a command data forwarding message according to the security communication protocol.
  • the switching device is set up to transfer the extracted command data of the security communication client device as user data, ie without a specific protocol frame and the like, and the security communication client device is for transforming the command data into the command data forwarding message according to the security communication protocol set up, ie for creating a data message in accordance with thecorekommunikationprotokoU, which includes the command data ais useful data.
  • the security communication protocol set up ie for creating a data message in accordance with the cuisinekommunikationprotokoU, which includes the command data ais useful data.
  • Such a transformation can also be made wholly or partly by the switching device.
  • An implementation between the Internet communication protocol and the Security communication protocol is thus carried out in cooperation between the web server, the switching device and the security communication client device on the disk safely.
  • a portable data carrier therefore comprises at least one communication interface, a web server application, a security communication client application and a switching device.
  • the web server application is set up to receive a command data message transmitted by a web browser of a terminal connectable to the data carrier in accordance with an Internet communication protocol and comprising command data of the terminal for a data processing device, and to forward the received command data message to the switching device to hand over.
  • the switch is set up to extract the command data from the command data message and to pass it to the security communication QI application.
  • the security communication client application is in turn configured to send a command data forwarding message, which comprises the command data, to a security communication server application of the data processing device connectable to the data carrier via the at least one communication interface in accordance with the security communication protocol.
  • the security communications client application receives on the volume a response data message comprising response data for the terminal according to the security communication protocol from the security communications server application of the computing device in response to the command data forwarding message and transmits the response data message to the switch.
  • the Switching device extracts the response data from the response data message and passes the response data to the web server application.
  • the web server application sends a reply data forwarding message comprising the response data according to the internet communication protocol in response to the command data message to the web browser of the terminal.
  • the switching device is preferably set up to at least partially transform the response data into a response data forwarding message in accordance with the Internet communication protocol and to transmit the response data in the form of the response data forwarding message already protocol-transformed to the web server.
  • the switching device In this direction of the data communication, from the data processing device to the terminal, the switching device essentially assumes the task of protocol conversion. However, it is also possible for components of the web server to assume this task of integrating response data transmitted by the switching device as user data into a protocol-related response data forwarding message.
  • the security communication client application is embodied as an SSH client application which supports the SSH communication protocol as a security communication protocol. Accordingly, the command data forwarding message and the reply data message are sent between such a client application and a correspondingly established security communication server application in the form of an SSH server application according to the SSH communication protocol.
  • This standardized protocol supports all desirable security features, eg a two-sided authentication and an encrypted data transmission of data protected by a hash value integrity-protected. Other security communication protocols may however be used.
  • the command data message and the response data forwarding message between the terminal's web browser and the data carrier's web server are preferably sent in accordance with the HTTP or HTTPS communication protocol.
  • the latter also allows encrypted data communication on the part of the data communication link between the web browser and the web server.
  • Other Internet communication protocols may also be used.
  • SSH and HTTP are protocols of an application layer, preferably the application layer according to the OSI layer model (layer 7 of FIG. 7) or optionally also the application layer according to the TCP / IP layer model corresponding to layers 5-7 of the OSI layer model.
  • the portable data carrier is preferably designed as a chip card, (U) SIM mobile radio card, USB token, mass storage card or the like.
  • Figure 1 shows a preferred embodiment of an inventive
  • a data carrier 10 which is shown here as a chip card, comprises a communication interface 20, a processor (CPU) 30 and a number of memories 40, 50 and 60.
  • the communication interface 20 is in the form of a contact field in accordance with ISO / IEC 7816 trained and serves the disk 10 for communication with external devices, eg with a personal computer via a card reader or with a mobile terminal.
  • the communication interface 20 may also be of another standard, e.g. USB or SD standard, or proprietary.
  • the data carrier 10 alternatively or additionally a contactless communication interface (not shown), e.g. an antenna coil.
  • a non-volatile, non-rewritable ROM 40 an operating system (OS) 42 controlling the data carrier 10 is stored.
  • a volatile, rewritable RAM memory 50 serves as a working memory and a non-volatile, rewritable flash memory 60 is used for storing data and applications, eg. As a web server application 62, a switching device 64 and a security communication client application 68, which is designed here as an SSH client application.
  • the respective applications will be described in more detail with reference to FIG. It is possible to store the operating system 42 or parts thereof in the flash memory 60, which alternatively may be embodied as EEPROM memory.
  • a web browser 110 is used as the data input and output interface on the terminal 100.
  • an HTML form can be used to provide an input mask, e.g. by means of an HTML form a command line is simulated.
  • the HTML page as a result of data communication between the terminal 100 and the PC 200 is dynamically changed and can be used in this way for data output from such data on the web browser, the terminal 100 via the web browser 110 of the PC 200 is receiving.
  • a user of the terminal 100 enters a command for the PC 200.
  • the HTML page with the entered command data is sent to the web server 62 by the web browser 110 as a command data message, as mentioned using the HTTP or HTTPS communication protocol.
  • the web server 62 transfers the command data message described above to the switching device 64, which extracts the command data, ie the command for the PC 200 entered in the form, from the command data message and transfers it to the SSH client 68 in step S3.
  • the switch 64 may be configured in various ways. In a Java environment, the switch can be implemented by means of suitable Java servlets. Other ways to build the switch are scripting languages such as PHP, Perl, and the like. Other technologies for dynamically generating HTML content, eg based on the programming languages C / C ++, are also suitable.
  • the switching device 64 essentially extracts the user data, ie the command entered in the form, from the HTML document provided by the web server 62, ie protocol-specific components, such as headers and the like, are removed, and only pure user data is removed to the SSH Client 68, which in turn is arranged to form a command data forwarding message comprising the command data according to the SSH communication protocol and to send in step S4 to the SSH server 210 of the PC 200.
  • the invention will be explained here with reference to the SSH communication protocol. Any other communication protocol that enables secure data transmission between the data carrier 10 and the PC 200 is also applicable.
  • a first level of the SSH protocol the "Transport Layer Protocol” relies on a common transport protocol, e.g. TCP, and serves to authenticate the PC 200 in the role of the "server” against the disk 10 in the role of the "client". Furthermore, this level guarantees confidentiality of the data communication by exchanging a secret transport key between the communication partners for encrypting the subsequent data communication and ensures integrity of the transmitted data by providing a checksum.
  • a second level of the SSH protocol enables authentication of the user of the terminal 100 via the SSH client 68 at the PC 200, e.g. by a password and / or a public key of the user.
  • the password may have previously been transmitted via the HTML form secured in steps S1, S2 and S3 via the web browser 110, the web server 62 and the switching device 64 to the SSH client 68.
  • a third level the "Connection Protocol” provides various logical channels for now bi-directionally authenticated and encrypted data communication. For the transmission of data by means of the SSH communication protocol, all transmission technologies are available, e.g. are arranged to transmit transport and switching protocols of the TCP / IP protocol stack, e.g. GPRS, WLAN, Ethernet, UMTS.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

L'invention concerne un procédé pour réaliser une communication de données sécurisée entre un appareil terminal (100) et un dispositif de traitement de données (200). Un message de données d'instruction, qui comprend des données d'instruction de l'appareil terminal (100) pour le dispositif de traitement de données (200), est ici reçu (S1) par un support de données portable (10) pouvant être relié à l'appareil terminal (100). Ensuite, un message de transmission des données d'instruction est élaboré (S2, S3) dans le support de données (10) selon un protocole de communication sécurisée, puis un dispositif client (68) de communication sécurisée du support de données (10) envoie (S4) selon le protocole de communication sécurisée le message élaboré de transmission des données d'instruction à un dispositif serveur (210) de communication sécurisée du dispositif de traitement de données (200). On rend ainsi possible une maintenance simple et fiable du dispositif de traitement de données (200) par l'appareil terminal (100), indépendamment du lieu où se trouve l'appareil terminal (100) et de son environnement système.
EP09702111A 2008-01-15 2009-01-14 Communication de données sécurisée Withdrawn EP2245834A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102008004384A DE102008004384A1 (de) 2008-01-15 2008-01-15 Sichere Datenkommunikation
PCT/EP2009/000175 WO2009090046A1 (fr) 2008-01-15 2009-01-14 Communication de données sécurisée

Publications (1)

Publication Number Publication Date
EP2245834A1 true EP2245834A1 (fr) 2010-11-03

Family

ID=40599551

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09702111A Withdrawn EP2245834A1 (fr) 2008-01-15 2009-01-14 Communication de données sécurisée

Country Status (3)

Country Link
EP (1) EP2245834A1 (fr)
DE (1) DE102008004384A1 (fr)
WO (1) WO2009090046A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2461544A1 (fr) * 2010-12-03 2012-06-06 Gemalto SA Procédé permettant d'accéder à un service depuis une machine hôte
US10286391B2 (en) 2012-02-17 2019-05-14 Inaeris Technologies, Llc Catalyst system having meso and macro hierarchical pore structure
CN113742762B (zh) * 2021-11-05 2022-04-15 中关村芯海择优科技有限公司 数据交互方法、装置、终端设备及存储介质

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10310351A1 (de) * 2003-03-10 2004-09-23 Giesecke & Devrient Gmbh Laden von Mediendaten in einen tragbaren Datenträger
US7392534B2 (en) * 2003-09-29 2008-06-24 Gemalto, Inc System and method for preventing identity theft using a secure computing device
EP1608123A1 (fr) * 2004-06-15 2005-12-21 Axalto SA Procédé et dispositif pour communiquer de messages HTTP avec des dispositifs portables
DE102005056112A1 (de) * 2005-11-23 2007-05-31 Giesecke & Devrient Gmbh Sichere Voice-over-IP-Telefonie
DE102007026870A1 (de) * 2007-06-11 2008-12-18 Giesecke & Devrient Gmbh Ressourcenzugriff unter Vermittlung durch ein Sicherheitsmodul

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2009090046A1 *

Also Published As

Publication number Publication date
WO2009090046A1 (fr) 2009-07-23
DE102008004384A1 (de) 2009-07-16

Similar Documents

Publication Publication Date Title
EP2749003B1 (fr) Procédé pour authentifier un terminal de communication comprenant un module d'identité au niveau d'un dispositif serveur d'un réseau de télécommunication, utilisation d'un module d'identité,module d'identité et programme informatique
DE602004010703T2 (de) Eine persistente und zuverlässige sitzung, die neztwerkkomponenten unter verwendung eines verkapselungsprotokolls sicher durchläuft
DE60209475T2 (de) Datensicherungs-kommunikationsvorrichtung und -verfahren
DE60116610T2 (de) Netzwerkadressenübersetzungsgateway für lokale netzwerke unter verwendung lokaler ip-adressen und nicht übersetzbarer portadressen
DE60220665T3 (de) Verfahren und system für den aufbau einer verbindung zwischen einem personal security device und einem fernrechnersystem
EP1777907B1 (fr) Méthode et dispositifs pour effectuer des opérations cryptographiques dans un réseau type client-server
DE60026838T2 (de) Dynamische verbindung zu mehreren quellen-servern in einem transcodierungs-proxy
DE69923954T2 (de) Kommunikationssystem und verfahren
EP3077952B1 (fr) Procédé d'accès à une mémoire de données d'un système informatique en nuage
EP3078177B1 (fr) Procédé d'accès à une mémoire de données d'un système informatique en nuage à l'aide d'un système de nom de domaine (dns) modifié
EP2856437A1 (fr) Procédé et dispositif pour commander un mécanisme de verrouillage au moyen d'un terminal mobile
DE10052312A1 (de) Automatische Sperre gegen unberechtigten Zugriff im Internet (Snoop Avoider) für virtuelle private Netze
DE60203277T2 (de) Verfahren und system zur authentifizierung eines personal security device gegenüber mindestens einem fernrechnersystem
EP2572494B1 (fr) Procédé et système pour une transmission de données sûre à l'aide d'une boîte vpn
EP1289227A2 (fr) Procédé, système et ordinateur pour négocier une association de sécurité au niveau de la couche d'application
EP2215806B1 (fr) Carte à puce internet
WO2009090046A1 (fr) Communication de données sécurisée
DE19939281A1 (de) Verfahren und Vorrichtung zur Zugangskontrolle zu Inhalten von Web-Seiten unter Verwendung eines mobilen Sicherheitsmoduls
EP3613193A1 (fr) Procédé, dispositifs et produit-programme d'ordinateur pour vérifier des paramètres de liaison d'une liaison de communication protégée de manière cryptographique pendant l'établissement de la liaison
DE10107883B4 (de) Verfahren zur Übertragung von Daten, Proxy-Server und Datenübertragungssystem
AT521914B1 (de) Kommunikationsmodul
DE102006038599B3 (de) Verfahren zur Wiederaktivierung einer sicheren Kommunikationsverbindung
EP1496665B1 (fr) Procédé de configuration de sécurité dans un réseau d'automatisation
DE102023103260A1 (de) Verfahren zum Aufbauen einer Kommunikationsverbindung zwischen einer Applikationssoftware in einer Applikations-Laufzeitumgebung eines Kraftfahrzeugs zu einem fahrzeugexternen Dienstanbieter sowie zugehöriges Datennetzwerk, Kraftfahrzeug und Applikationssoftware
DE102023105822A1 (de) Verfahren, Anordnung und Gerät zur Herstellung von Fernzugriffen

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20100816

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL BA RS

17Q First examination report despatched

Effective date: 20110118

DAX Request for extension of the european patent (deleted)
GRAP Despatch of communication of intention to grant a patent

Free format text: ORIGINAL CODE: EPIDOSNIGR1

INTG Intention to grant announced

Effective date: 20161202

RIC1 Information provided on ipc code assigned before grant

Ipc: H04L 29/06 20060101AFI20161121BHEP

Ipc: H04L 29/08 20060101ALI20161121BHEP

GRAS Grant fee paid

Free format text: ORIGINAL CODE: EPIDOSNIGR3

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: GIESECKE+DEVRIENT MOBILE SECURITY GMBH

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20170413