EP2920687A1 - Installation de logiciels de commande de bâtiment protégée contre les manipulations dans des environnements d'exécution validés - Google Patents
Installation de logiciels de commande de bâtiment protégée contre les manipulations dans des environnements d'exécution validésInfo
- Publication number
- EP2920687A1 EP2920687A1 EP13792324.9A EP13792324A EP2920687A1 EP 2920687 A1 EP2920687 A1 EP 2920687A1 EP 13792324 A EP13792324 A EP 13792324A EP 2920687 A1 EP2920687 A1 EP 2920687A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- software
- runtime environment
- identity
- lui
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000009434 installation Methods 0.000 title abstract description 3
- 238000000034 method Methods 0.000 claims abstract description 37
- 230000005540 biological transmission Effects 0.000 claims abstract description 7
- 238000013475 authorization Methods 0.000 claims abstract description 5
- 230000008901 benefit Effects 0.000 description 4
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/61—Installation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/40—Support for services or applications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Definitions
- the invention relates to a method for installing building control software.
- the method can be applied both in Clearin ⁇ workmanship practices of software as well as software or data updates by overwriting, replacing or patching.
- the invention relates to a device as a software delivery entity and a device as a runtime environment.
- the latter device which is intended to act as a runtime environment, may include more than one device.
- the software to be installed can be installed and / or released on a first device for subsequent execution.
- An independent second device can be prepared to retrieve the software to be installed from the software delivery instance and / or to obtain a release for an already installed software from the software delivery instance, and the
- the first device may be for example a Collegesteue ⁇ tion.
- the second device is typically a service PC or a service smartphone.
- Processes are known in which a building control regularly contacted a server to retrieve from the server aktuali ⁇ catalyzed building control software.
- the invention has for its object to provide a method be ⁇ riding determine with which a building control software can only be loaded in that runtime environment or activated only in those runtime environment manipu ⁇ lationsêt for which it is intended. This can be, for example, a specific runtime environment for which the load or to be unlocked building control software has been paid.
- this object is achieved by providing a method for installing building control software, comprising the following steps:
- the object is achieved in that the device is prepared to serve as Softwareaus ⁇ delivery instance and / or as a runtime environment of one of the inventive methods.
- an authentication by means of a symmetrical and / or by means of an asymmetrical encryption method is used for transmitting the identity of the runtime environment from the runtime environment to the software delivery instance. Can be checked with a regulatory procedure closures ⁇ a trustworthiness of the communicating ⁇ th identity end-to-end, without that it comes to a reliability of transmission paths used.
- An authentication means of an asymmetrical encryption method has the advantage over a authenticatio ⁇ tion by means of a symmetric encryption method, the advantage that is simplified particularly with a large number of participating runtime environments the key exchange, because the key trustworthiness for checking the encryption administered in a public database, and (for example, on a public website). The public Since ⁇ tenbank has a notary function and therefore must itself be trust ⁇ ens Cons.
- an encryption by means of a symmetrical and / or by means of an asymmetrical encryption method is used for transmitting the identity of the runtime environment from the runtime environment to the software delivery instance.
- Encryption by means of an asymmetrical encryption method has compared to a closure
- the method also comprises the step of: checking authorization of the runtime environment to cause downloading, installing or using software to be installed under the identity transmitted to the software delivery instance. This will prevent the software from being downloaded from a runtime environment that may not be due to lack of hardware and / or software requirements, lack of proper contractual relationship, legal regulations, non-payment, misuse, and / or other cause is entitled to download this software.
- the step of checking the authorization comprises a credit check and / or a payment transaction. This can be ensured before the download of the software, the provision of consideration, which is intended for downloading and / or use of the software to be downloaded.
- a further development provides that the identity of the running ⁇ -time environment and the software to be installed to generate the signed file to be signed separately or that the identity of the runtime environment and the hash of the software to be installed to generate the signed file to be signed separately. In this way, the signed identity can be res ⁇ checked source saving without consideration of the signed shares of the software to be installed.
- An alternative development provides that the file which contains the identity of the runtime environment and the hash of the software to be installed, or which contains the identity of the running time environment and the software to be installed, is signed by the software delivery entity as a whole. As a result, an abusive combination of signed file portions of different transactions can be excluded.
- the ge in FIG 1 on the basis of a message exchange diagram ⁇ showed method 100 for installing building control ⁇ software S includes the following steps.
- a first step 110 an identity LUi of a runtime environment LU is transmitted to a software delivery entity AI in a trustworthy and / or audio-secure manner.
- an authentication means of a symmetrical and / or by means of a step unsymmet ⁇ encryption method may be applied.
- the Ü bpe the identity Lui of the runtime environment LU to the software delivery instance AI can (coded for example by means of a PGP method), for example via email or via an Internet site (for example by means of a secure hyper ⁇ text transfer protocol (for example using HTTPS)) take place.
- a PGP method for example via email or via an Internet site
- a secure hyper ⁇ text transfer protocol for example using HTTPS
- the retrieval of the software S is subject to certain pre ⁇ preconditions, such as the adoption of terms and conditions or to the payment of a purchase price, a use or an upgrade fee.
- the method 100 also includes the following second step 120: checking 120 an authorization of the runtime environment LU, downloading 150, installing 170 or using a software to be installed. S would have to be caused by the identity LUi that was transmitted to the software delivery instance AI.
- a file D is generated by the software delivery entity AI, the file D comprising the transmitted identity LUi and the software S to be installed and / or a hash H (S) of the software to be installed.
- the generated file D is signed by the software delivery entity AI by means of a key Kai of the software delivery entity AI. By checking the signature Kai can be determined whether the file D has been changed.
- the signed file Kai (D) is transmitted from the Softwareausliefe ⁇ approximately instance AI to the runtime environment LU.
- the runtime environment LU compares whether the identityizi the runtime environment LU with the Identi tyizi ⁇ 'matches, the (D) has actually been transmitted in the signed file Kai.
- the software S to be installed in the runtime environment LU is then and only then installed and / or released for use if the comparison 160 has shown that the identity LUi of the runtime environment LU matches the identity LUi ' which was actually transmitted in the signed file Kai (D).
- An embodiment provides that the identity LUi of the runtime environment LU and the software S to be installed for generating the signed file Kai (D) are signed separately or that the identity LUi of the runtime environment LU and the hash H (S) of the software S to be installed to sign the signed file D separately.
- Another embodiment provides that the file D, wel ⁇ che the identity LUi of the runtime environment LU and the hash H (S) of the software to be installed S or which the Iden- LUi of the runtime environment LU and the software to be installed S, is signed by the software delivery entity AI as a whole.
- the identity LUi of the runtime environment LU and the hash H (S) of the software to be installed S is signed by the software delivery entity AI as a whole.
- Runtime environment LU is transmitted from the runtime environment LU together with a designation B (V) of a desired software version V to a software delivery entity AI. It is preferred if the following steps are carried out in step 170 of installing and / or releasing the software S to be installed: Downloading 172 of the software S to be installed from the software delivery instance AI to the runtime environment LU, generating 173 a hash H (S ') of downloaded software S ', Compare 174 of the
- Hash H (S) Compare Hash H (S) to Hash H '(S)
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102012220767.8A DE102012220767A1 (de) | 2012-11-14 | 2012-11-14 | Verfahren und Vorrichtungen zum Installieren von Gebäudesteuerungssoftware |
PCT/EP2013/073696 WO2014076116A1 (fr) | 2012-11-14 | 2013-11-13 | Installation de logiciels de commande de bâtiment protégée contre les manipulations dans des environnements d'exécution validés |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2920687A1 true EP2920687A1 (fr) | 2015-09-23 |
Family
ID=49596277
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP13792324.9A Ceased EP2920687A1 (fr) | 2012-11-14 | 2013-11-13 | Installation de logiciels de commande de bâtiment protégée contre les manipulations dans des environnements d'exécution validés |
Country Status (6)
Country | Link |
---|---|
US (1) | US9858061B2 (fr) |
EP (1) | EP2920687A1 (fr) |
CN (1) | CN104956324B (fr) |
DE (1) | DE102012220767A1 (fr) |
HK (1) | HK1211359A1 (fr) |
WO (1) | WO2014076116A1 (fr) |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10303891B2 (en) * | 2014-12-30 | 2019-05-28 | Data I/O Corporation | Automated manufacturing system with job packaging mechanism and method of operation thereof |
DE102015112040A1 (de) | 2015-07-23 | 2017-01-26 | Phoenix Contact Gmbh & Co. Kg | Verfahren und System zur Firmware-Aktualisierung einer Steuereinrichtung zur Prozesssteuerung |
EP3157272A1 (fr) * | 2015-10-16 | 2017-04-19 | Gemalto Sa | Procédé de gestion d'applications |
US20180232529A1 (en) * | 2017-02-15 | 2018-08-16 | Microsoft Technology Licensing, Llc | Client-side exposure control |
GB2565052B (en) | 2017-07-27 | 2020-08-19 | Arm Ip Ltd | Authorized operations in electronic systems |
US11726766B2 (en) * | 2021-11-29 | 2023-08-15 | Trane International Inc. | Method and apparatus for maintaining software of a control unit for an industrial control system |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7146645B1 (en) * | 1999-12-30 | 2006-12-05 | Nokia Mobile Phones Ltd. | Dedicated applications for user stations and methods for downloading dedicated applications to user stations |
US6760441B1 (en) * | 2000-03-31 | 2004-07-06 | Intel Corporation | Generating a key hieararchy for use in an isolated execution environment |
US20020078380A1 (en) * | 2000-12-20 | 2002-06-20 | Jyh-Han Lin | Method for permitting debugging and testing of software on a mobile communication device in a secure environment |
EP1429224A1 (fr) * | 2002-12-10 | 2004-06-16 | Texas Instruments Incorporated | Autentification du firmware en temps d'exécution |
DE10304877A1 (de) * | 2003-02-06 | 2004-08-19 | Siemens Ag | Verfahren zur Installation eines Plug-in-Programms |
US20090249492A1 (en) * | 2006-09-21 | 2009-10-01 | Hans Martin Boesgaard Sorensen | Fabrication of computer executable program files from source code |
US7913086B2 (en) * | 2007-06-20 | 2011-03-22 | Nokia Corporation | Method for remote message attestation in a communication system |
US8341715B2 (en) * | 2008-02-29 | 2012-12-25 | Research In Motion Limited | System and method for shared resource owner based access control |
CN102110199A (zh) * | 2009-12-28 | 2011-06-29 | 北京安码科技有限公司 | 一种利用Elgamal公钥算法生成软件注册码的方法 |
US8984293B2 (en) * | 2010-11-19 | 2015-03-17 | Microsoft Corporation | Secure software product identifier for product validation and activation |
CN102195978A (zh) | 2011-04-26 | 2011-09-21 | 深圳市共济科技有限公司 | 一种软件分布部署方法及系统 |
US8800058B2 (en) * | 2011-07-27 | 2014-08-05 | Microsoft Corporation | Licensing verification for application use |
-
2012
- 2012-11-14 DE DE102012220767.8A patent/DE102012220767A1/de not_active Withdrawn
-
2013
- 2013-11-13 US US14/442,961 patent/US9858061B2/en not_active Expired - Fee Related
- 2013-11-13 CN CN201380059692.0A patent/CN104956324B/zh not_active Expired - Fee Related
- 2013-11-13 EP EP13792324.9A patent/EP2920687A1/fr not_active Ceased
- 2013-11-13 WO PCT/EP2013/073696 patent/WO2014076116A1/fr active Application Filing
-
2015
- 2015-12-09 HK HK15112129.2A patent/HK1211359A1/xx not_active IP Right Cessation
Non-Patent Citations (2)
Title |
---|
None * |
See also references of WO2014076116A1 * |
Also Published As
Publication number | Publication date |
---|---|
CN104956324A (zh) | 2015-09-30 |
HK1211359A1 (en) | 2016-05-20 |
US9858061B2 (en) | 2018-01-02 |
CN104956324B (zh) | 2018-05-22 |
US20150277887A1 (en) | 2015-10-01 |
WO2014076116A1 (fr) | 2014-05-22 |
DE102012220767A1 (de) | 2014-05-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2014076116A1 (fr) | Installation de logiciels de commande de bâtiment protégée contre les manipulations dans des environnements d'exécution validés | |
EP2159653B1 (fr) | Procédé de concession d'une justification d'accès sur un objet informatique dans un système d'automatisation, programme informatique et système d'automatisation | |
EP2332284B1 (fr) | Activation d'un service sur un appareil électronique | |
DE102013108020A1 (de) | Authentifizierungsschema zum Aktivieren eines Spezial-Privileg-Modus in einem gesicherten elektronischen Steuergerät | |
WO2012130461A2 (fr) | Actualisation d'une application de support de données | |
DE102013108022A1 (de) | Verfahren zum Aktivieren des Entwicklungsmodus eines gesicherten elektronischen Steuergeräts | |
DE60212969T3 (de) | Verfahren und vorrichtung zum verfolgen des status eines betriebsmittels in einem system zur verwaltung der benutzung der betriebsmittel | |
EP3576368A1 (fr) | Procédé et système de commande d'une libération d'une ressource | |
EP2885907B1 (fr) | Procédé d'installation des applications de sécurite dans un élèment de sécurité d'un terminal | |
EP1668466B1 (fr) | Amenagement d'un acces a un objet informatise | |
EP3718263B1 (fr) | Procédé et système de contrôle pour le contrôle et/ou la surveillance d'appareils | |
EP3113438B1 (fr) | Procede de configuration d'appareils electriques, en particulier de configuration de composants d'un systeme de controle d'acces | |
DE102018217431A1 (de) | Sicherer Schlüsseltausch auf einem Gerät, insbesondere einem eingebetteten Gerät | |
EP1671201B1 (fr) | Systeme d'acces autorise a un objet informatise | |
EP2191407A2 (fr) | Procédé de vérification d'une version d'un logiciel à installer ou à exécuter sur un premier dispositif | |
CN113411311A (zh) | Ecu诊断授权验证方法、存储介质和系统 | |
EP3884636A1 (fr) | Procédé de traitement des programmes d'application sur un système d'automatisation distribué | |
EP2278515B1 (fr) | Procédé d'activation d'un environnement de temps d'exécution d'une unité de microprocesseur | |
WO2019096489A1 (fr) | Procédé et dispositif de traitement d'attestations d'authenticité pour des entités, en particulier des certificats numériques liés à des personnes, liés à des services et/ou liés à des objets | |
EP3358488B1 (fr) | Procédé de reconnaissance de copies non autorisées de jetons de sécurité numériques | |
WO2023117327A1 (fr) | Procédé d'utilisation légale de cryptomonnaies dans des véhicules et véhicule | |
EP4114050A1 (fr) | Vérification d'une licence d'utilisation d'au moins une caractéristique de performance dans un appareil internet des objets (ido) | |
DE102021211755A1 (de) | Verfahren zur Gewährleistung einer IT-Sicherheit einer Automatisierungsanlage und Sicherheitssystem | |
WO2023194051A1 (fr) | Former une connexion cryptographiquement protégée | |
WO2019091935A1 (fr) | Procédé et équipement de validation destinés à valider un certificat numérique |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20150505 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR |
|
AX | Request for extension of the european patent |
Extension state: BA ME |
|
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: EXAMINATION IS IN PROGRESS |
|
17Q | First examination report despatched |
Effective date: 20170720 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20191220 |