EP2471213A1 - Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés - Google Patents

Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés

Info

Publication number
EP2471213A1
EP2471213A1 EP09747786A EP09747786A EP2471213A1 EP 2471213 A1 EP2471213 A1 EP 2471213A1 EP 09747786 A EP09747786 A EP 09747786A EP 09747786 A EP09747786 A EP 09747786A EP 2471213 A1 EP2471213 A1 EP 2471213A1
Authority
EP
European Patent Office
Prior art keywords
data
key
dial
party
otp
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP09747786A
Other languages
German (de)
English (en)
Inventor
Robert Niggl
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Publication of EP2471213A1 publication Critical patent/EP2471213A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/065Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
    • H04L9/0656Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • G16H10/65ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records stored on portable record carriers, e.g. on smartcards, RFID tags or CD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/14Multichannel or multilink protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/88Medical equipments
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Definitions

  • the present invention relates to a method and a system for the controlled secure partial or complete remote data transmission (EDI) between identified IT systems, which are hereinafter referred to as carrier systems and their entirety ensemble, in particular with a method whose data flow is controlled by means of checkpoints ,
  • EDI controlled secure partial or complete remote data transmission
  • Computer system ⁇ hereafter referred to as data pool; o 'leads to a second party - hereinafter referred to as "inspection body" - which is anonymous by design with respect to R;
  • Transmission path to the control point redirects -following
  • o is first calculated ⁇ or ⁇ 'with the coupling signals ⁇ , ⁇ '; o obtains the coupling signal D via dial-up access to the data pool with an indication of R, P and authorizes for an identifier j;
  • the system has at least one central memory (hereafter
  • Called data pool with an extended storage capacity, which is used as an intermediate storage by means of EDI by carrier systems of the ensemble.
  • the system has at least one checkpoint.
  • the central memory can be used as a key register and
  • control data can still be chosen so that even one
  • the system therefore provides in particular a technology alternative to egk.
  • X is transferred from the source system i to the target system j, as well as a technical specification of the sections;
  • Fig. 2 a diversion of the direct connection
  • FIG. 3 shows a block diagram of the transmission links with a distribution of
  • 4 is a block diagram of the transmission bits / auxiliary data for example 1;
  • Fig. 5 is a block diagram of the transmission / auxiliary data of Example-2;
  • Fig. 6 is a block diagram of the transmission / auxiliary data of Example-3;
  • Fig. 7 a schematic representation of the structure of the architecture of a
  • Encryption techniques are hereafter referred to as tuples (*, **, ⁇ ), where * is the encryption operator, ** the decryption operator, and ⁇ the set of allowed key pairs.
  • the encryption then takes place by selection / calculation of a permissible key pair (S 5 S '), so that
  • ⁇ Encryption is done bit by bit by linking each bit of X to a random bit that is used only for that bit, i. the key S must therefore be at least as long as X, must be generated randomly and may only be used for X.
  • the link can be e.g. via the XOR comparison - known in mathematics as addition in the body
  • the central patient file of the egk is not OPT-encrypted; their encrypted
  • the source text X is encrypted with the auxiliary key (X * H).
  • An exchange procedure is formally understood as a tuple (X, i, j) (called transaction), where X is any data (called primary data) and i, j indices of carrier systems of the ensemble with i ⁇ j (i is called source system index, j target system index):
  • Read X is transferred from E_i (source system) to EJ (target system).
  • Each transaction is assigned ancillary auxiliary data h (X, i j) (called secondary data of the transaction), which are formally defined below.
  • any further data can be transferred in a transaction (tertiary data of the transaction). They are represented in the formal representation by the ellipsis ....
  • X are arbitrary data that can be reconstructed according to the method with h (X, i, j) according to the method, wherein the data h (X, i, j) are to be transmitted according to the method.
  • the ensemble of the delivery systems is extended by a central storage (hereinafter referred to as data pool) which can be addressed via EDI (for example, https).
  • EDI central storage
  • the carrier systems can store or retrieve certain auxiliary data in the data pool (see below).
  • auxiliary data in the data pool.
  • Control bodies either pass on their data unchanged or not at all, whereby they can freely decide on the forwarding.
  • Control posts can be used by persons with appropriate technical devices for
  • Data transmission e.g., telephone
  • technical elements e.g., telephone
  • control posts can be formally understood as “black box” relay elements.
  • the entire system with its elements and connections corresponds to a "circuit” that implements (X, i, j).
  • the "switching logic” generates auxiliary data for X in the source system and then processes them in such a way that X can be reconstructed in the target system.
  • the protection claim covers every form of packet formation which is technically suitable for data transmission on the respective sub-route.
  • Fig. 1 shows transmission links to the transaction (X, i, j), as well as a technical
  • paper can also be used as a data carrier on the control routes in addition to data transmission by telephone or online.
  • control line2 ⁇ There must always be control line2 ⁇ direct connection, i. Two separate transmission paths or media are used.
  • a section T is technically divided into several (parallel) sections and the T-data are distributed arbitrarily on these routes.
  • the direct connection E_i -> EJ can also be diverted via the control point, i. be substituted by a dial-up E_i -> checkpoint -> EJ:
  • control route 2 ⁇ direct diversion 2 is assumed, ie also in Divert case, two separate transmission paths are used and it will be transmitted on at least one transmission path data via dial-up.
  • Direct diversion 1 control section 1 permissible.
  • Fig. 2 shows a diversion of the direct connection.
  • the protection claim covers every protocol that is suitable for the partial routes to the EDI.
  • the protection claim covers every additional encryption of the data.
  • Each transaction is subdivided into phases with corresponding tasks (defined via corresponding auxiliary data and processing logics), which are described below.
  • the task j in phase i is referred to below as Pi-j.
  • Claim The task numbering in a phase should not specify an order. Be aware of any order that is compatible with the auxiliary data or its associated (functionally specified) processing logic.
  • Phase-1 of (X, i »j) Initialization in E i
  • the protection claim covers every password formation, especially composite
  • the protection claim covers every checkpoint selection.
  • f_l f_l (ß, ß ')
  • f_2 f_2 (ß, ß')
  • Result is a key register, i. via ß, ß 'and D finally keys can be calculated.
  • the target system can not pair (provided that ß 1 can not be calculated from ß: see examples) ,
  • the invention can be configured to accommodate both OTP and "small" ⁇ 'sizes that would be suitable for telephonic transmission.
  • control bodies are the data subjects.
  • source systems assign a "pairing password" P ', so that the target system can be sure that the checkpoint is authorized (P always backs up only the
  • ß ' (i, t, P, P', R_2) is on control line 1 by paper and on Kontrollrank2 per Telephone transfer.
  • FIG. 4 shows an overview of the following exemplary embodiment-1
  • R is an anonymous reference
  • the direct message (ß) is initially anonymous and does not allow pool access alone, as the reference is incomplete (R_2 is missing) and the password (P) is missing.
  • the ß'-data can be generated before the ß-data.
  • a patient may be given a small "ß 1 - slip" (also with barcodes) during the visit or when leaving the hospital:
  • the source system does not need to have X at this point in time, nor the target system , ie with the "ß 1 - slip” the patient draws only a "number" - as if he were queuing up!
  • Randomized quantities (B, Q) can apparently be mixed arbitrarily. It is therefore easy to specify efficient mixing methods such that, without knowledge of P ', the value B from D can no longer be efficiently calculated out, that is to say, without any knowledge of P'. As a result, 3 ways are effectively crossed.
  • example-2 is a refinement of example 1:
  • 5 shows an overview of the following exemplary embodiment-2.
  • Example 3 is a refinement of Example 2:
  • Control points are identified (for example via e-mail addresses).
  • H'_k could then be deposited on a chip card or printed out as a barcode.
  • FIG. 6 shows an overview of exemplary embodiment-3 Architecture of launchers
  • Fig. 7 shows an architecture scheme of the present inventive system 1, or the carrier systems.
  • the subsystem that performs the coupling is called the coupling unit.
  • Process-specific subsystems can be implemented as hardware or software components, or via a system of such components that are linked accordingly (shown graphically by a circular border below).
  • non-process specific subsystems e.g. the crypto unit for key generation and encryption / decryption are only outlined (indicated graphically by dashed border)!

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • Epidemiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Primary Health Care (AREA)
  • Public Health (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un système configurable (1) qui permet l'échange sûr et, en particulier, inviolable de données quelconques dans un ensemble de systèmes identifiés de technologie de l'information (systèmes porteurs de l'ensemble) au moyen d'au moins une mémoire centrale et par le biais de points de contrôle. Pour un choix approprié des grandeurs de réglage, le système est caractérisé en ce que des procédés de chiffrement sûrs (méthode du carnet de clés à usage unique) sont mis en oeuvre, en ce que la part principale de la transmission de données se fait par télétransmission de données et en ce que les points de contrôle conservent toutefois le pouvoir de décision final, garanti techniquement, en ce qui concerne l'échange de leurs données.
EP09747786A 2009-08-30 2009-08-30 Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés Withdrawn EP2471213A1 (fr)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/DE2009/001195 WO2011023149A1 (fr) 2009-08-30 2009-08-30 Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés

Publications (1)

Publication Number Publication Date
EP2471213A1 true EP2471213A1 (fr) 2012-07-04

Family

ID=42144829

Family Applications (1)

Application Number Title Priority Date Filing Date
EP09747786A Withdrawn EP2471213A1 (fr) 2009-08-30 2009-08-30 Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés

Country Status (3)

Country Link
EP (1) EP2471213A1 (fr)
DE (1) DE112009005190A5 (fr)
WO (1) WO2011023149A1 (fr)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115470912B (zh) * 2022-03-16 2024-04-05 本源量子计算科技(合肥)股份有限公司 一种量子任务的处理装置、方法及量子计算机

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000018078A1 (fr) * 1998-09-17 2000-03-30 Sopuch David J Procede d'echange de messages securises utilisant des intermediaires
US20020080888A1 (en) * 2000-12-22 2002-06-27 Li Shu Message splitting and spatially diversified message routing for increasing transmission assurance and data security over distributed networks
US20030149869A1 (en) * 2002-02-01 2003-08-07 Paul Gleichauf Method and system for securely storing and trasmitting data by applying a one-time pad
US20080165972A1 (en) * 2007-01-08 2008-07-10 I-Fax.Com Inc. Method and system for encrypted email communication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2011023149A1 *

Also Published As

Publication number Publication date
DE112009005190A5 (de) 2012-06-28
WO2011023149A1 (fr) 2011-03-03

Similar Documents

Publication Publication Date Title
EP3673623B1 (fr) Procédé et système de contrôle pour le contrôle et/ou la surveillance d'appareils
DE60008680T2 (de) Verwaltung eines kryptographischen Schlüssels
WO2016008659A1 (fr) Procédé et dispositif pour la sécurisation d'accès à des portefeuilles dans lesquels sont consignées des crypto-monnaies
EP2409255B1 (fr) Procédé de production de paires de clefs cryptographiques asymétriques
EP1180276B1 (fr) Procede de verification de l'integrite et de l'auteur de textes et de codage et decodage de ces textes
EP2863610B1 (fr) Procédé et système inviolables de mise à disposition de plusieurs certificats numériques pour plusieurs clés publiques d'un appareil
DE19824787C2 (de) Verfahren zum abgesicherten Zugriff auf Daten in einem Netzwerk
WO2021170645A1 (fr) Procédé de transmission directe de jeux de données de pièces de monnaie électroniques entre terminaux, système de paiement, système de protection et unité de surveillance
EP3552344B1 (fr) Structure de chaîne de blocs à chaînage bidirectionnel
EP3480724B1 (fr) Procédé mis en oeuvre par ordinateur destiné au remplacement d'une chaîne de données par un caractère de remplacement
DE102018009949A1 (de) Übertragungsverfahren zum flexiblen Übertragen von spezifisch teilbaren elektronischen Münzdatensätzen
DE10126138A1 (de) Sabotagesichere und zensurresistente persönliche elektronische Gesundheitsakte
WO2015036190A1 (fr) Procédé et système de sécurisation cryptographique d'un flux prédéfini de traitement d'informations
EP2471213A1 (fr) Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés
EP3596709A1 (fr) Procédé de contrôle d'accès
WO2023036458A1 (fr) Procédé et système de transaction pour transmettre des jetons dans un système de transaction électronique
DE102018115348A1 (de) Fälschungssicherung und Abgabekontrolle von Verbrauchsgütern
DE102008035923A1 (de) System zum kontrollierten Datenaustausch zwischen identifizierten IT-Einrichtungen
WO2009106055A2 (fr) Système permettant l'échange contrôlé de données entre au moins deux supports de données par l'intermédiaire de mémoires d'écriture-lecture mobiles
EP3909217A1 (fr) Procédé et système de transmission d'informations
EP3734486B1 (fr) Procédé exécuté par ordinateur permettant de remplacer une chaîne de données
EP4111347B1 (fr) Procédé de transmission directe d'ensembles de données de pièce de monnaie électronique entre terminaux, système de paiement, système de protection et entité de surveillance
AT517151B1 (de) Verfahren zur Autorisierung des Zugriffs auf anonymisiert gespeicherte Daten
WO2021228797A1 (fr) Concept pour échanger mutuellement des données chiffrées
DE10152462A1 (de) Signatur eines Dokuments

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20120228

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20140711

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20141122