EP2805446A1 - Fonction de dérivation de défi pour protéger des éléments dans un protocole d'authentification par défi-réponse - Google Patents
Fonction de dérivation de défi pour protéger des éléments dans un protocole d'authentification par défi-réponseInfo
- Publication number
- EP2805446A1 EP2805446A1 EP13715910.9A EP13715910A EP2805446A1 EP 2805446 A1 EP2805446 A1 EP 2805446A1 EP 13715910 A EP13715910 A EP 13715910A EP 2805446 A1 EP2805446 A1 EP 2805446A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- authenticator
- authorization
- request message
- unit
- product
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3273—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
Definitions
- the present invention relates to an apparatus and method for authenticating a product to an authenticator.
- a product is authenticated, such as a device or an object, by means of a challenge-response method.
- a request message or challenge message is transmitted to the product to be authenticated by the authenticator, which e.g. is formed as a function of a random number.
- the product to be authenticated then calculates a response value, a response message or a response message, for example as a function of a secret cryptographic key.
- This response message is returned to the authenticator, which checks the response message for correctness. Since only an original product or an original device can calculate a correct answer message, an original product or an original device can thus be reliably distinguished from a counterfeit.
- challenge-response authentication may also be performed using a physical object property, i. a Physical Unclonable Function (PUF).
- PEF Physical Unclonable Function
- PUF Physical Unclonable Functions
- the document DE 10 2009 030 019 B3 shows a system and a method for the reliable authentication of a device.
- a request message is bound by means of a scholarerkontextinformation to an auditing device. Therefore, it is difficult for an attacker to fake an identity of a device.
- This application is used in authentication scenarios, especially in telecommunications, where sensitive messages are exchanged.
- a device for authenticating a product to at least one authenticator has a receiving unit, a test unit and a transmitting unit.
- the receiving unit is set up to receive a request message sent by the authenticator.
- the checking unit is set up to check authorization of the authenticator for receiving a response message to the sent request message.
- the transmitting unit is set up to send a predetermined response message to the authenticator depending on the checked authorization and the received request message.
- the present device offers increased security in the authentication, since only such request messages (challenge messages, challenges) are actually answered with a corresponding response message from the transmitting unit, which were sent by an authenticator, who is also entitled accordingly. In other words, if an authorization check reveals that the use of the received request message or challenge is permissible, the associated response message or response is sent by the sending unit to the authenticator.
- a product to be authenticated may be an object such as a semiconductor device, a sensor node, a controller, a particular code in an FPGA, a battery or a toner cartridge, or an RFID tag on a toner Be cartridge.
- An authenticator may be any device capable of communicating that may participate in a challenge-response procedure.
- the authenticator may be, for example, an authentication server.
- the request message may also be referred to as a challenge, challenge value or challenge message.
- the response message may also be referred to as response, response message or response value.
- the authorization may also be referred to as an authentication token or authorization token or coded. Examples include SAML assertion, attribute certificate, and XML assertion.
- the authorization token codes the authorization.
- the authorization token is protected with a cryptographic checksum, or it is provided over a secure communication link. Examples of cryptographic checksums include message authentication code and digital signature. Examples of such a protected communication link include IPsec, SSL and TLS.
- Possible criteria for the authorization check can be an identity information of the authenticator (eg a Network Access Identifier (NAI), IP address, MAC address, public key, public key hash, process ID, hash of the program code or file name of the program code).
- NAI Network Access Identifier
- IP address IP address
- MAC address public key
- public key hash public key hash
- process ID hash of the program code or file name of the program code
- contextual information such as current location, current time or current operating status can be used for the authorization check.
- the number of followed uses of a challenge value are used.
- the time of the last use of this challenge value or the time span since the last use of this challenge value for the authorization check can be used.
- the number of free, unused challenge-response pairs of an authenticator or the number of checks by this authenticator can also be included in the authorization check.
- the present authorization check of the challenges is particularly advantageous for PUFs, since not all challenges can be used here, but only those for which reference data are available for the check.
- the device is integrated with the receiving unit, the testing unit and the transmitting unit in the product.
- the product for example a battery, has the device or authentication device.
- the receiving unit and the transmitting unit are integrated in the product. Furthermore, the test unit precedes the product in such a way that request messages directed to the receiving unit of the product can be transmitted exclusively via the test unit of the apparatus.
- a conventional product can be authenticated unchanged according to the invention, since the test unit is not part of the product, but only upstream of this product.
- the test unit is designed as a ballast or upstream challenge authorization test device.
- the receiving unit is configured to receive identification information with the request message from the authenticator.
- the checking unit is set up to check the authorization of the au- thentiser for receiving the reply message to the sent request message as a function of the received identity information.
- the authentication information of the authenticator is a simple implementation for the authorization check for receiving a response message by the authenticator.
- the device has a memory device for storing at least one authorization information for the authorization of at least one authenticator.
- the checking unit is set up to check the authorization of the authenticator as a function of the received request message and the at least one stored authorization information item.
- the product can verify the authority to allow the request message based on locally stored authorization information.
- a set of acceptable challenge values or even a permissible challenge value range can be assigned to a respective authenticator.
- the receiving unit is configured to receive authorization information with the request message from the authenticator.
- the checking unit is set up to check the authorization of the authenticator for receiving the reply message to the sent request message as a function of the received authorization information.
- the authorization information can be designed, for example, as a protected authorization token.
- the authorization token or authentication token is sent by the authenticator in particular with the request message to the direction.
- the authorization token confirms the legitimate use of a challenge value against the device.
- the device has a memory device for storing a number of authorization information for the authorization of a number of au- thentisier, wherein the respective authorization information is associated with a request message to be received. Furthermore, the device has an updating unit for updating the respective authorization information when the receiver unit receives the request message associated with the respective authorization information.
- the updating unit is configured to update the respective authorization information such that the associated authorization is revoked when the receiving unit receives the request message associated with the respective authorization information.
- the security level information can be used to display the security level of the current challenge-response authentication to the authenticator.
- the security level information can be embodied, for example, as a flag or a trust value in the response message.
- the update unit provides security level information for the received request message in response to the updated authorization information.
- the transmission unit is set up to provide the security level To send information with the predetermined response message to the authenticator.
- the system can have a plurality of PUF authentication servers, because in such a case it can be controlled according to the invention which PUF authentication server may use which challenge values. It can also be restricted according to the invention when a particular authentication server can authenticate a product or object, e.g. only until its expiration date has expired. Also, an object may only be authenticated as long as it is in a particular location or area. This information can be included in the authorization check from the context information.
- the checking unit is set up to check the format and / or the content of the received request message before checking the authorization of the authenticator.
- the respective unit, receiving unit, test unit and transmitting unit can be implemented by hardware and / or software technology.
- the respective unit may be embodied as a device or as part of a device, for example as a computer or as a microprocessor.
- the respective unit may be designed as a computer program product, as a function, as a routine, as part of a program code or as an executable object.
- the authenticator is for sending a request message to the device and for receiving and checking a response message received in response to the sent request message from the device.
- the authenticator and the device are set up in such a way that the authenticator authenticates himself to the device.
- the system has at least a first authenticator and a second authenticator.
- the first authenticator is configured to have authorization to receive a response message from the device by sending a request message to the device and by receiving a corresponding response message from the device and forward the generated authorization to the second authenticator with an integrity-protected forwarding message.
- a method for authenticating a product to at least one authenticator is proposed.
- a request message sent by the authenticator is received.
- an authorization of the authenticator for receiving a reply message to the sent request message is checked.
- a predetermined response message is sent to the authenticator in dependence on the checked authorization and the received request message.
- a computer program product such as a computer program means can be provided or supplied, for example, as a storage medium, such as a memory card, USB stick, CD-ROM, DVD or in the form of a downloadable file from a server in a network. This can be done, for example, in a wire loose communication network; by transmitting a corresponding file with the computer program product or the computer program means.
- FIG. 1 is a block diagram of a first embodiment of a device for authenticating a product
- Fig. 2 is a block diagram of a second embodiment of a device for authenticating a product
- FIG. 3 is a block diagram of a third embodiment of a device for authenticating a product
- Fig. 4 is a block diagram of an embodiment of a
- FIG. 1 shows a block diagram of a first embodiment of a device 10 for authenticating a product 1 to an authenticator 2.
- the device 10 and the authenticator 2 are coupled via a communication link.
- the device 10 is part of the product 1 to be authenticated.
- the device 10 has a receiving unit 11, a checking unit 12 and a transmitting unit 13.
- the receiving unit 11 is configured to receive a request message C sent by the authenticator 2.
- the checking unit 12 checks the authorization B of the authenticator 2 for receiving a response message R on the sent request message C.
- the transmitting unit 13 is configured to send a predetermined response message R to the authenticator 2 in dependence on the checked authorization B and the received request message C. That is, the checked permission B indicates whether or not to send a response message R to the authenticator 2. Only with a positive authorization B of the authenticator 2 is such a response message R sent to it. In the case of a positive authorization of the authenticator 2, the type of the response message R is determined in particular as a function of the checked authorization B and / or the received request message C. With the request message C, the authenticator 2 a
- the identi- fication information can be used for authorization checking of the authenticator 2.
- the authenticator 2 can transmit an authorization information with the request message C to the receiving unit 11 of the device 10.
- the authorization information may directly indicate that the authenticator 2 is authorized to receive response messages R from the device 10.
- the checking unit 12 then checks the authorization B of the authenticator 2 for receiving the response message R on the sent request message C as a function of the received authorization information.
- the checking unit 12 may be configured to check the format of the received request message C before checking the authorization B of the authenticator 2. For example, the authorization B of the authenticator 2 is checked by the checking unit 12 only if the format of the received request message C corresponds to a predetermined format.
- FIG. 2 shows a block diagram of a second exemplary embodiment of a device 10 for authenticating a product 1 with respect to an authenticator 2.
- the second exemplary embodiment of FIG. 2 differs from the first exemplary embodiment of FIG. 1 in that the receiving unit 11 and the transmitting unit 13 of the device 10 are integrated in the product 1 to be authenticated, but the checking unit 12 is not part of the product 1 , but this is upstream.
- the test unit 12 is connected upstream of the product 1 such that request messages C directed to the receiving unit 11 of the product 1 can be transmitted exclusively via the test unit 12 of the device 10.
- the test unit 12 may have a test device 15 which checks the authorization B of the authenticator 2. With a positive permission B transmits the test means 15 an authorization signal B to a switching means 16, which then accomplishes the communication connection between the transmitting unit 13 of the device 10 and the authenticator 2. If an unauthorized authorization is detected by the checking means 15, this controls
- a memory device 14 is provided for storing at least one authorization information Ref for the authorization of the authenticator 2.
- the checking unit 12 can then check the authorization B of the authenticator 2 as a function of the received request message C and the stored authorization information Ref.
- the stored authorization information Ref can also be referred to as reference values or reference data.
- the memory device 14 can also be set up for storing a plurality of authorization information Ref for the authorization of a plurality of authenticators 2, wherein the respective authorization information Ref is associated with a request message C to be received.
- FIG. 3 shows a block diagram of a third exemplary embodiment of a device 10 for authenticating a product 1.
- the third exemplary embodiment of FIG. 3 is based on the first exemplary embodiment of FIG. 1, the device 10 of FIG. 3 additionally having a memory device 14 and an updating unit 17.
- the memory device 14 of the device 10 is configured to store a number of authorization information Ref for the authorization of a number of authenticators 2, wherein the respective authorization information Ref is associated with a request message C to be received.
- the memory device 14 is in particular coupled between the updating unit 17 and the test unit 12.
- the updating unit 17 is set up to update the respective authorization information Ref of the memory device 14 by means of an updating signal A when the receiver unit 11 receives the request message C assigned to the respective authorization information Ref from an authenticator 2.
- the update device 17 can also be set up to update the respective authorization information Ref in such a way that the associated authorization B is revoked when the reception unit 11 receives the request message C assigned to the respective authorization information Ref.
- the updating unit 17 can be set up to generate a security level information for the received request message C as a function of the updated authorization information Ref. Then, the transmitting unit 13 can be configured to send the generated security level information with the predetermined response message R to the authenticator 2.
- a first authentication server 21 carries out a so-called enrollment phase (steps 401-403), in which challenge-response Pairs of challenges and responses are generated.
- a challenge-response pair indicates an authorization of the requesting authentication server.
- the first authentication server 21 can forward or delegate these authorizations to the further second authentication server 22.
- the second authentication server 22 can use the delegated authorization of the authentication server 21. This will be explained below with reference to FIG. 4 in detail.
- the first authentication server 21 sends a challenge C to the device 10.
- the device 10 responds with a response R in step 402.
- the first authentication server 21 sends a forwarding message W with authority B to receive
- step 404 the second authentication server 22 generates a challenge C with the transmitted authorization B.
- step 405 the second authentication server 22 transmits the generated challenge C to the device 10.
- step 406 the device 10 checks the received authorization received from the first authentication server
- the device 10 may request a response R in step 406 to the second authentication server
- FIG. 5 illustrates a flow chart of one embodiment of a method for authenticating a product to an authenticator.
- step 501 an inquiry message sent by the authenticator is received by the product.
- step 502 an authorization of the authenticator to receive a response message to the sent request message from the product is checked.
- step 503 a predetermined response message is sent from the product to the authenticator depending on the examined authorization and the received request message.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
L'invention concerne un dispositif d'authentification d'un produit vis-à-vis d'au moins une entité authentifiante. Le dispositif présente une unité réceptrice, une unité de vérification et une unité émettrice. L'unité réceptrice est conçue pour recevoir un message-interrogation émis par l'entité authentifiante. L'unité de vérification est conçue pour vérifier une autorisation de l'entité authentifiante en vue de la réception d'un message-réponse au message-interrogation envoyé. L'unité émettrice est conçue pour envoyer un message-réponse prédéfini à l'entité authentifiante en fonction de l'autorisation vérifiée et du message-interrogation reçu. Cela permet de garantir une sécurité accrue lors de l'authentification. L'invention concerne enfin un système pourvu d'un tel dispositif et d'une entité authentifiante ainsi qu'un procédé et un produit programme d'ordinateur destiné à l'authentification d'un produit.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102012208834A DE102012208834A1 (de) | 2012-05-25 | 2012-05-25 | Authentisierung eines Produktes gegenüber einem Authentisierer |
PCT/EP2013/055923 WO2013174540A1 (fr) | 2012-05-25 | 2013-03-21 | Fonction de dérivation de défi pour protéger des éléments dans un protocole d'authentification par défi-réponse |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2805446A1 true EP2805446A1 (fr) | 2014-11-26 |
Family
ID=48092908
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP13715910.9A Withdrawn EP2805446A1 (fr) | 2012-05-25 | 2013-03-21 | Fonction de dérivation de défi pour protéger des éléments dans un protocole d'authentification par défi-réponse |
Country Status (5)
Country | Link |
---|---|
US (1) | US20150143545A1 (fr) |
EP (1) | EP2805446A1 (fr) |
CN (1) | CN104322005A (fr) |
DE (1) | DE102012208834A1 (fr) |
WO (1) | WO2013174540A1 (fr) |
Families Citing this family (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101404673B1 (ko) * | 2013-07-02 | 2014-06-09 | 숭실대학교산학협력단 | Rfid태그 인증 시스템 |
US10177933B2 (en) | 2014-02-05 | 2019-01-08 | Apple Inc. | Controller networks for an accessory management system |
KR102138027B1 (ko) | 2014-02-05 | 2020-07-27 | 애플 인크. | 제어기와 액세서리 사이의 통신을 위한 균일한 통신 프로토콜 |
US9619633B1 (en) | 2014-06-18 | 2017-04-11 | United Services Automobile Association (Usaa) | Systems and methods for upgrading authentication systems |
US10206170B2 (en) | 2015-02-05 | 2019-02-12 | Apple Inc. | Dynamic connection path detection and selection for wireless controllers and accessories |
US20170100862A1 (en) | 2015-10-09 | 2017-04-13 | Lexmark International, Inc. | Injection-Molded Physical Unclonable Function |
DE102016215917A1 (de) | 2016-08-24 | 2018-03-01 | Siemens Aktiengesellschaft | Gesichertes Verarbeiten einer Berechtigungsnachweisanfrage |
US10496508B2 (en) | 2017-06-02 | 2019-12-03 | Apple Inc. | Accessory communication control |
US11805009B2 (en) | 2018-06-03 | 2023-10-31 | Apple Inc. | Configuring accessory network connections |
US10595073B2 (en) | 2018-06-03 | 2020-03-17 | Apple Inc. | Techniques for authorizing controller devices |
US10728230B2 (en) * | 2018-07-05 | 2020-07-28 | Dell Products L.P. | Proximity-based authorization for encryption and decryption services |
US11290290B2 (en) * | 2019-03-22 | 2022-03-29 | Lexmark International, Inc. | Physical unclonable function variable read sensor |
US11269999B2 (en) * | 2019-07-01 | 2022-03-08 | At&T Intellectual Property I, L.P. | Protecting computing devices from malicious tampering |
EP3817315A1 (fr) * | 2019-10-29 | 2021-05-05 | Siemens Aktiengesellschaft | Dispositif de vérification, dispositif et procédé de validation de transactions |
EP3917103A1 (fr) * | 2020-05-29 | 2021-12-01 | Siemens Aktiengesellschaft | Procédé, système, émetteur et récepteur d'authentification d'un émetteur |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6954792B2 (en) * | 2001-06-29 | 2005-10-11 | Sun Microsystems, Inc. | Pluggable authentication and access control for a messaging system |
JP4763726B2 (ja) * | 2005-02-04 | 2011-08-31 | クゥアルコム・インコーポレイテッド | 無線通信のための安全なブートストラッピング |
DE102005038106A1 (de) * | 2005-08-11 | 2007-02-15 | Giesecke & Devrient Gmbh | Verfahren zur Absicherung der Authentisierung eines tragbaren Datenträgers gegen ein Lesegerät über einen unsicheren Kommunikationsweg |
WO2007023420A1 (fr) * | 2005-08-23 | 2007-03-01 | Koninklijke Philips Electronics N.V. | Methode d'authentification de support d'informations faisant appel a une fonction unidirectionnelle physique |
ATE527797T1 (de) * | 2005-10-05 | 2011-10-15 | Privasphere Ag | Verfahren und einrichtungen zur benutzerauthentifikation |
CN101331707A (zh) * | 2005-12-20 | 2008-12-24 | 松下电器产业株式会社 | 认证系统及认证装置 |
US8006300B2 (en) * | 2006-10-24 | 2011-08-23 | Authernative, Inc. | Two-channel challenge-response authentication method in random partial shared secret recognition system |
DE102007026836A1 (de) * | 2007-06-06 | 2008-12-11 | Bundesdruckerei Gmbh | Verfahren und System zur Prüfung der Echtheit eines Produkts und Lesegerät |
WO2009079050A2 (fr) | 2007-09-19 | 2009-06-25 | Verayo, Inc. | Authentification avec des fonctions non clonables physiques |
CN100553193C (zh) * | 2007-10-23 | 2009-10-21 | 西安西电捷通无线网络通信有限公司 | 一种基于可信第三方的实体双向鉴别方法及其系统 |
EP2141883A1 (fr) * | 2008-07-04 | 2010-01-06 | Alcatel, Lucent | Procédé homologue pour authentifier l'homologue vers un sceau électronique, dispositif correspondant, et produit de programme informatique correspondant |
WO2010124390A1 (fr) * | 2009-04-30 | 2010-11-04 | Certicom Corp. | Système et procédé d'authentification d'étiquettes rfid |
DE102009030019B3 (de) | 2009-06-23 | 2010-12-30 | Siemens Aktiengesellschaft | System und Verfahren zur zuverlässigen Authentisierung eines Gerätes |
US20110167477A1 (en) * | 2010-01-07 | 2011-07-07 | Nicola Piccirillo | Method and apparatus for providing controlled access to a computer system/facility resource for remote equipment monitoring and diagnostics |
-
2012
- 2012-05-25 DE DE102012208834A patent/DE102012208834A1/de not_active Withdrawn
-
2013
- 2013-03-21 CN CN201380027298.9A patent/CN104322005A/zh active Pending
- 2013-03-21 EP EP13715910.9A patent/EP2805446A1/fr not_active Withdrawn
- 2013-03-21 US US14/403,512 patent/US20150143545A1/en not_active Abandoned
- 2013-03-21 WO PCT/EP2013/055923 patent/WO2013174540A1/fr active Application Filing
Non-Patent Citations (1)
Title |
---|
See references of WO2013174540A1 * |
Also Published As
Publication number | Publication date |
---|---|
US20150143545A1 (en) | 2015-05-21 |
DE102012208834A1 (de) | 2013-11-28 |
WO2013174540A1 (fr) | 2013-11-28 |
CN104322005A (zh) | 2015-01-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2013174540A1 (fr) | Fonction de dérivation de défi pour protéger des éléments dans un protocole d'authentification par défi-réponse | |
EP3574625B1 (fr) | Procédé de réalisation d'une authentification | |
EP3125492B1 (fr) | Procede et systeme de fabrication d'un canal de communication sur pour des terminaux | |
EP2765752B1 (fr) | Procédé destiné à pourvoir un terminal mobile d'un certificat d'authentification | |
DE102017212618B3 (de) | Hardwaresystem mit Blockchain | |
EP3057025A1 (fr) | Procédé mis en uvre par ordinateur destiné au contrôle d'accès | |
EP2561461A1 (fr) | Procédé de lecture d'un attribut à partir d'un jeton id | |
EP3246839B1 (fr) | Contrôle d'accès comprenant un appareil radio mobile | |
WO2010031700A2 (fr) | Procédé de télécommunications, produit de programme informatique, et système informatique | |
EP3417395B1 (fr) | Détermination de l'authenticité d'un appareil à l'aide d'un certificat d'autorisation | |
EP2446390B1 (fr) | Système et procédé pour authentifier de manière fiable un appareil | |
EP3114600B1 (fr) | Système de sécurité à contrôle d'accès | |
DE102020121533A1 (de) | Vertrauenswürdige authentifizierung von automotiven mikrocon-trollern | |
EP3465513B1 (fr) | Authentification d'utilisateur au moyen d'un jeton d'identification | |
DE102017121648B3 (de) | Verfahren zum anmelden eines benutzers an einem endgerät | |
EP3935808B1 (fr) | Fourniture d'un certificat numérique protégée de manière cryptographique | |
EP3767513B1 (fr) | Procédé de mise en uvre sécurisée d'une signature à distance ainsi que système de sécurité | |
DE102017006200A1 (de) | Verfahren, Hardware und System zur dynamischen Datenübertragung an ein Blockchain Rechner Netzwerk zur Abspeicherung Persönlicher Daten um diese Teils wieder Blockweise als Grundlage zur End zu Endverschlüsselung verwendet werden um den Prozess der Datensammlung über das Datenübertragungsmodul weitere Daten in Echtzeit von Sensoreinheiten dynamisch aktualisiert werden. Die Blockmodule auf dem Blockchaindatenbanksystem sind unbegrenzt erweiterbar. | |
EP3882796A1 (fr) | Authentification de l'utilisateur à l'aide de deux éléments de sécurité indépendants | |
EP3336732A1 (fr) | Authentification d'utilisateur à l'aide de plusieurs caractéristiques | |
EP3336736B1 (fr) | Jeton auxiliaire id destiné à l'authentification mulifacteur | |
DE102017012249A1 (de) | Mobiles Endgerät und Verfahren zum Authentifizieren eines Benutzers an einem Endgerät mittels mobilem Endgerät | |
DE102021103997A1 (de) | Nutzerauthentifizierung unter Verwendung zweier unabhängiger Sicherheitselemente | |
WO2023217645A1 (fr) | Système d'accès sécurisé | |
EP3809661A1 (fr) | Procédé d'authentification d'un dispositif client lors d'un accès à un serveur d'application |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20140820 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
DAX | Request for extension of the european patent (deleted) | ||
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SIEMENS AKTIENGESELLSCHAFT |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20171003 |