EP3134845A1 - Procédé et système de détection d'une manipulation d'enregistrements de données - Google Patents

Procédé et système de détection d'une manipulation d'enregistrements de données

Info

Publication number
EP3134845A1
EP3134845A1 EP15723672.0A EP15723672A EP3134845A1 EP 3134845 A1 EP3134845 A1 EP 3134845A1 EP 15723672 A EP15723672 A EP 15723672A EP 3134845 A1 EP3134845 A1 EP 3134845A1
Authority
EP
European Patent Office
Prior art keywords
secret
computing device
cryptographic key
security
sec
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP15723672.0A
Other languages
German (de)
English (en)
Inventor
Jens-Uwe Busser
Jorge Cuellar
Michael Munzert
Heiko Patzlaff
Jan Stijohann
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Publication of EP3134845A1 publication Critical patent/EP3134845A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Definitions

  • the invention relates to a method and a system for detecting a manipulation of data records in a system having at least one computing device and an external security device, wherein the data sets are stored in the computing device.
  • security-relevant data sets For monitoring and detecting malicious interventions in a computing device, different security-relevant data sets, which are generated for example by application programs or the operating system, are stored in a file system of the operating system. Such security-relevant data records are, for example, logging data which indicate, for example, failed login attempts by users to the computing device or changes in system-relevant parameters. These security-relevant data records are stored in the computing device and protected by a rights-based access protection on the operating system. If there is a suspicion of manipulation of the computing device, then these data sets can be used for a later forensic analysis of the computing device.
  • the object of the present invention to provide a way to detect even after the fact whether and, if appropriate, which security-relevant data sets have been manipulated and thus determine that an attack on the computing device took place.
  • the method according to the invention can also be used to save other, successively new data records-referred to below as "security-relevant data records" - against later, unnoticed changes.
  • the object is achieved by the measures described in the independent claims.
  • advantageous developments of the invention are shown.
  • the method according to the invention for detecting a manipulation of security-relevant data records in a system that includes a computing device in which security-relevant data records are stored and an external security device is assigned a secret as the first method step of a computing device.
  • the next method step is to generate a first cryptographic key by a one-way function in dependence on the secret and subsequently to store the secret on a security device different from the computing device, as well as to ensure that the secret is not accessible in the computing device.
  • the first cryptographic key is used to secure the first security-relevant data record.
  • a next cryptographic key is generated by the same one-way function as a function of the respective preceding cryptographic key for securing the next security-relevant data record on the computing device and at the same time previous cryptographic keys deleted or overwritten.
  • the secret is generated in the computing device and transmitted securely to the security device.
  • the secret is formed, for example, by means of a pseudo random number generator from an externally generated seed, which is used for the initial configuration, and - if available - is generated by means of an integrated real, physical random number generator
  • the secret is encrypted in the computing device, for example, with a public asymmetric key of the security device and transmitted to this.
  • a public asymmetric key of the security device can be used.
  • any other secure transmission such as an existing IPSEC or TLS connection can be used.
  • the secret is generated in the security device.
  • a central component such as a security device a high-quality, cryptographically secure random number generator must be available.
  • a central management of secrets is easily possible.
  • the transmission of the secret from the security device to the computing device must be done via a secure connection.
  • This can be, for example, an existing IPSEC or TLS connection.
  • a manual distribution by means of a mobile data memory such as USB memory stick or the manual input by a technician is also possible in principle, but more complex.
  • the secret can be recorded together with the configuration before the individual computing devices are put into operation by the security device. During the configuration, there is usually no access to an external network and thus a secure transmission is provided.
  • the safety device in an industrial automation system can in particular be the engineering station.
  • the secret and the first cryptographic key are generated on the security device and only the first cryptographic key is subsequently transmitted to the computing device.
  • the security of the security-relevant data record is executed by encrypting the data record with the cryptographic key.
  • the security of the security-relevant data record is executed by assigning a message authentication code generated with the cryptographic key to the security-relevant data record.
  • a message authentication code is usually generated by a hash function from the underlying data, here the security-relevant data record and the assigned cryptographic key.
  • a new secret is assigned to the computing device as a function of a predetermined event, and the method steps already described are carried out with the new secret.
  • a new secret is assigned to the computing device after a query of the security-relevant data records and the method steps described above are carried out with the new secret.
  • the two variants described have the advantage that the number of log entries generated with the secret is limited. This shortens the time for replicating the cryptographic keys used, in particular the recently formed cryptographic keys.
  • the inventive system for detecting a manipulation of security-relevant data sets comprises a computing device and an external security device remote from the computing device, wherein the computing device is designed to supply security-relevant data sets, a first cryptographic key that is protected by a one-way function as a function of a secret was used to secure the first safety record and to ensure that the heimnis is not accessible in the computing device, and each to generate a next cryptographic key by the same one-way function depending on the respective previous cryptographi Service key to secure a next security record, and at the same time delete the previous cryptographic key or overwrite.
  • the security device is designed to permanently store the secret.
  • Such a system has the advantage that a manipulation of the system, in particular of the computing device, is still recognized in retrospect, since missing security-relevant data records or modified data records are detected. This results from the fact that only a single cryptographic key is present in the computing device itself and this cryptographic key can not be used for the preceding security-relevant data records for security purposes. Therefore, an attacker can neither decode nor modify and re-encrypt an already existing data record with this cryptographic key. If individual data records are missing between the existing, non-manipulated data records, the number of missing data records can be determined by the number of unused consecutive cryptographic keys. In addition, an earliest possible time of successful penetration can be determined from which the records were manipulated, since usually with each record and thus with each cryptographic used
  • the computing device is designed to generate the secret and to transmit it to the security device. Since a secret has to be generated only once or at great intervals, even a simple computing device can generate a sufficiently random secret.
  • the computing device and thus also the timing of the generation of the secret are very flexible and, for example, independent of the constant availability of a communication connection to a higher-level unit, for example the security device.
  • the security device for example the security device.
  • Security device designed to generate the secret and transmit it to the computing device.
  • a central distribution and a central administration of the secrets can be carried out via the security device.
  • the security device is designed to also generate the first cryptographic key and then only to transmit this first cryptographic key to the computing device.
  • the computing device is designed to protect the security-relevant data record by encrypting the data record with the cryptographic key or by
  • FIG. 3 is a schematic illustration of exemplary safety-relevant data records secured by means of attached message authentication code
  • FIG. 4 is a schematic representation of exemplary data records secured by cryptographic encryption
  • Figure 5 shows a first embodiment of a system according to the invention in a schematic representation
  • FIG. 6 shows a second embodiment of a system according to the invention in a schematic representation.
  • Security relevant events such as failed logon attempts or a change of system relevant parameters are typically recorded by computing devices, but also field devices in automation systems, and stored in each individual computing device.
  • security-relevant events can also be transmitted to a central monitoring unit and stored there.
  • these security-relevant events are initially only stored locally as data records and access to these data records is secured by special role-based access rights by the operating system. If a successful attack on a computing device has been carried out, the attacker can also obtain the necessary access rights and secure them. Delete or change data records relevant to your health. As a result, the attack can be obscured in retrospect.
  • FIG. 1 shows an embodiment of the method according to the invention as a flowchart 30, with which it is possible to detect changes to the safety-related data records also in retrospect.
  • the initial state 31 is a computing device at an initialization time, for example, at the time of commissioning of the computing device, before.
  • the computing device is now assigned a secret.
  • the secret may have been generated, for example, in the computing device itself.
  • the secret may also have been generated in a security device which may be embodied as a separate entity physically separate from the computing device or else may be present as a specially protected entity within the computing device if both a readout and a later overwriting of the in security device stored secret are not possible by the computing device.
  • a first cryptographic key is now generated from the secret by means of a one-way function. This can be done in the computing device. Alternatively, if the secret has been generated in a security device implemented separately by the computing device, the first cryptographic key in the security device may be generated by the same one-way function that is also used in the computing device based on the secret. In this case, the first cryptographic key is then transmitted to the computing device. At the end of method step 33, the first cryptographic key is present in the computing device.
  • it is ensured that the secret is not accessible in the computing device and the secret is stored on a security device that is different from the computing device. Was that Secret generated in the security device, it is only stored there. If the secret has been generated in the computing device, the secret must be transmitted to the security device. Thereafter, in the computing device, the secret is then immediately deleted, for example, or overwritten by the first cryptographic key.
  • the first cryptographic key is used to secure a first security-relevant data record.
  • the next cryptographic key is now generated by the same one-way function as a function of the preceding cryptographic key, in this case the first cryptographic key, and at the same time the preceding cryptographic key, here the first cryptographic key, deleted or, for example, by the new cryptograph Overwritten key.
  • the next cryptographic key present in the computing device is now used in method step 38.
  • a predetermined event for example exceeding an incremented counter for each generation of a cryptographic key
  • Another predefined event can be, for example, the query of the security-relevant data records from the computing device by means of, for example, a central component.
  • the method in method step 32 is continued by assigning the computing device a new secret.
  • the new secret is transmitted to the security device. Subsequently, cryptographic keys based on this new secret are used to back up all other security-related records. It is further ensured that the new secret in the computing device is no longer accessible.
  • step 39 the method is continued in step 36 by respectively generating a next cryptographic key by the same one-way function as a function of the respective preceding cryptographic key, used in step 37 to secure the next security-relevant data record and then is deleted or overwritten.
  • the final state 40 is achieved, for example, when decommissioning the computing device.
  • the secret is then accessible only in the security device and may later be used in a forensic analysis of the computing device to generate all the cryptographic keys used in the computing device.
  • the secured security-relevant data records can subsequently be read or their integrity can be checked in retrospect.
  • the one-way function used to generate the first and all subsequent cryptographic keys may typically be a hash function.
  • the one-way function must have the property that the knowledge of the value H (X) resulting from the one-way function can not be deduced from the input parameter X.
  • Cryptographic hash functions typically have this property and are thus suitable for use as a one-way function in the described method.
  • a one-way functions for example, the methods SHA2, SHA3 and Whirlpool can be used.
  • other one-way methods, such as are commonly used to derive cryptographic keys can be used, provided that all generated keys can be reproducibly derived from the original secret.
  • the secret used to compute the first cryptographic key in the various computing devices must be as independent as possible from the secrets in the other computing devices. Therefore, to generate such a secret, random numbers are preferably used, based as far as possible on actually random physical events. These are usually generated in a random number generator.
  • a secret SEC can have a second component ANS in addition to a random number RAND as the first component.
  • the second component ANS can be a response to a security inquiry, which, for example, must be given by a technician during the installation of the computing device.
  • Spying on the secret SEC can be made more difficult by storing the second portion ANS and the first portion RAND of the secret SEC at different spatial locations, and only when reviewing the secured security-relevant data records will the secret be merged from both parts. In this case, it must be ensured that when checking the secured security-relevant data records, this response ANS of a security query can be accessed. For example, the answer to the security question could be kept in a safe.
  • FIGS. 3 and 4 the safety-relevant data sets L0G1, LOGn, LOGn incurred over a time t are now shown in a secured form.
  • the respectively used cryptographic key and how this key was generated is specified.
  • FIG. 3 shows the stored security-relevant data record LOG1, LOGn.
  • a message authentication code HMAC (LOGn, Kn) is stored here, which is located above a function from the security-relevant data record LOGn and the respective associated cryptograph
  • the first cryptographic key, Kl results from the one-way function applied to the secret, and accordingly, the message authentication code becomes the first record with the first record
  • the second cryptographic key is then formed by applying the one-way function to the first cryptographic key, and then the first cryptographic key is immediately deleted or overwritten by the second cryptographic key Accordingly, all subsequent security-relevant data records are handled accordingly, so as for the data records LOGn and
  • the cryptographic key Kn + 1 is formed in each case from the preceding cryptographic key Kn by using a one-way function H, for example a cryptographic hash function.
  • FIGS. 3 and 4 in each case, the data actually available or stored in the computing device is shown surrounded by a border.
  • the security-relevant data sets L0G1, LOGp and the associated message authentication codes HMAC (L0G1, K1), HMAC (LOGp, Kp) only the cryptographic key Kp + 1 to be used for the next data record is stored in the computing device. All previous cryptographic keys are no longer available.
  • the message authentication code now allows the stored security-relevant data records to be tegrity be checked. This must be done by the in the
  • Security device stored again all cryptographic keys by iterative application of the one-way function on the secret or the respective generated cryptographic keys, generated and a message authentication code from the stored data set and the associated key are generated.
  • the record has not changed. If the two message authentication codes do not match, the stored security-relevant data set differs from the original data record. This indicates a manipulation.
  • the security-relevant data records have been secured by the fact that the data record LOGn itself is encrypted with the associated cryptographic key Kn and stored in encrypted form only as E_Kn ⁇ L0Gn ⁇ .
  • an encryption method e.g. a symmetric encryption method such as 3DES, AES or IDEA.
  • FIGS. 5 and 6 now show two embodiments of a system according to the invention.
  • the system 10 in FIG. 5 and the system 20 in FIG. 6 comprise a safety device 12, 22 and one or more computing devices 11, 21.
  • the computing device 11 can be, for example, a field device or sensor device of an automation system or an energy distribution system, but also a Device from medical technology, in which security-relevant data, such as patient data are stored protected.
  • the computing device may also be a tachograph within a vehicle.
  • the system 10 thereby supports the generation of the secret in the computing device 11 and communicates with the security device 12 in, for example, via a communication connection, such as a system communication network Connection.
  • the computing device 11 comprises a secret generation unit 18 which, for example, comprises a random number generator or receives a random number from the random number generator of the computing device as the basis for the formation of the secret.
  • the secret SEC is transmitted to the security device 12 via the communication link.
  • the security device 12 includes a secret memory 16, in which the secret SEC is stored.
  • the computing device 11 comprises a key generation unit 14, which comprises a one-way function H, with which the following cryptographic key K1 or Kn is generated from the secret SEC or a preceding cryptographic key Kn-1.
  • the generated current key Kl or Kn is stored in a key storage unit 17.
  • the secret SEC or the previous key Kn-1 is overwritten by the subsequently formed key Kl or Kn.
  • predetermined events or predetermined parameters can be stored.
  • the control unit 15 is designed to check the existing conditions against the predefined events before triggering the generation of the next cryptographic key and, if necessary, initiate a new secret generation in the computing device 11.
  • the computing device also includes a security data storage unit 13 in which the secured security-relevant data sets are stored.
  • FIG. 6 shows a system 20 in which a security device 22 generates the secret and makes it available to the computing device 21 via a communication link.
  • the computing device 21 here comprises only the key generation unit 14 as well as the key storage unit 17, a control unit 15 and a security data Storage unit 13, in which the secured security-relevant data records are stored.
  • the security device 22 here comprises a secret generation unit 28 in which the secret SEC is generated.
  • a secret generation unit 28 in which the secret SEC is generated.
  • a second part ANS of a secret for example a response to a security query, can be stored which, when a new secret must be generated, is used with the newly formed random number to form a new secret.
  • the security device 22 further comprises a
  • Key generation unit 24 in which a first cryptographic key K1 is generated by means of a one-way function H from the secret SEC.
  • the security device 22 comprises a secret storage unit 16 for securely storing the secret SEC for subsequent verification of the security-relevant data records.
  • a function for checking predetermined events that require re-assigning a secret is checked and executed.
  • 21 can be calculated from the secret SEC in a simple manner, all subsequent cryptographic keys. With the help of this key can also be detected whether the security-relevant data records were changed or deleted.
  • a deletion of security-relevant data can be determined by the fact that between two consecutively stored data sets not the successive cryptographic keys were used to secure, but a later cryptographic key. From this, the number of deleted records can be determined. Since a time stamp is usually generated and stored with each stored data record, it can also be used to determine at what point in time the data structures can be used. were nippled. Thus, by means of said method 30 and said system 10, 20 it can also be recognized retrospectively whether security-relevant data records have been manipulated.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé de détection d'une manipulation d'enregistrements de données (LOG1, …, LOGn) dans un système comportant un dispositif de calcul et un dispositif de sécurité externe, les enregistrements de données étant stockés dans le dispositif de calcul. Ledit procédé comprend les étapes suivantes : l'attribution d'un secret à un dispositif de calcul ; la génération d'une première clé cryptographique (K1) par une fonction unidirectionnelle (H) en fonction du secret (SEC) ; le stockage du secret (SEC) dans un dispositif de sécurité différent du dispositif de calcul ; l'utilisation de la première clé cryptographique (K1) pour la sécurisation d'un premier enregistrement de données (LOG1) ; et la génération respectivement d'une prochaine clé cryptographique (Kn) par la même fonction unidirectionnelle (H) en fonction de la clé cryptographique (Kn-1) précédente pour la sécurisation (38) d'un prochain enregistrement de données (LOGn) dans le dispositif de calcul et l'effacement ou l'écrasement simultané de la clé cryptographique respectivement précédente (Kn-1).
EP15723672.0A 2014-07-10 2015-05-08 Procédé et système de détection d'une manipulation d'enregistrements de données Withdrawn EP3134845A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102014213454.4A DE102014213454A1 (de) 2014-07-10 2014-07-10 Verfahren und System zur Erkennung einer Manipulation von Datensätzen
PCT/EP2015/060209 WO2016005075A1 (fr) 2014-07-10 2015-05-08 Procédé et système de détection d'une manipulation d'enregistrements de données

Publications (1)

Publication Number Publication Date
EP3134845A1 true EP3134845A1 (fr) 2017-03-01

Family

ID=53191653

Family Applications (1)

Application Number Title Priority Date Filing Date
EP15723672.0A Withdrawn EP3134845A1 (fr) 2014-07-10 2015-05-08 Procédé et système de détection d'une manipulation d'enregistrements de données

Country Status (4)

Country Link
US (1) US20170149561A1 (fr)
EP (1) EP3134845A1 (fr)
DE (1) DE102014213454A1 (fr)
WO (1) WO2016005075A1 (fr)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10097351B1 (en) 2016-09-15 2018-10-09 ISARA Corporation Generating a lattice basis for lattice-based cryptography
US9673977B1 (en) 2016-09-15 2017-06-06 ISARA Corporation Refreshing public parameters in lattice-based cryptographic protocols
US20220358251A1 (en) * 2021-05-10 2022-11-10 Vmware, Inc. Secure recovery key management for removable drive encryption enforcement

Family Cites Families (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6788800B1 (en) * 2000-07-25 2004-09-07 Digimarc Corporation Authenticating objects using embedded data
WO1998045980A2 (fr) * 1997-03-10 1998-10-15 Fielder Guy L Systeme securise de generateur de cle cryptographique deterministe et procede correspondant
US6212635B1 (en) * 1997-07-18 2001-04-03 David C. Reardon Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place
US6393565B1 (en) * 1998-08-03 2002-05-21 Entrust Technologies Limited Data management system and method for a limited capacity cryptographic storage unit
US6931549B1 (en) * 2000-05-25 2005-08-16 Stamps.Com Method and apparatus for secure data storage and retrieval
US20020069252A1 (en) * 2000-07-10 2002-06-06 Songpro.Com, Inc. Personal multimedia device and methods of use thereof
US7085923B2 (en) * 2001-06-05 2006-08-01 International Business Machines Corporation High volume secure internet server
US9544297B2 (en) * 2002-03-08 2017-01-10 Algorithmic Research Ltd. Method for secured data processing
US7349538B2 (en) * 2002-03-21 2008-03-25 Ntt Docomo Inc. Hierarchical identity-based encryption and signature schemes
US7272231B2 (en) * 2003-01-27 2007-09-18 International Business Machines Corporation Encrypting data for access by multiple users
WO2006034428A2 (fr) * 2004-09-20 2006-03-30 Pgp Corporation Appareil et procede de cryptage a base d'identite au sein d'une infrastructure a cle publique conventionnelle
GB2419762A (en) * 2004-11-01 2006-05-03 Sony Uk Ltd Method of generating protected media signals by replacing data bits with hash values
US20080005024A1 (en) * 2006-05-17 2008-01-03 Carter Kirkwood Document authentication system
US20100005318A1 (en) * 2008-07-02 2010-01-07 Akram Hosain Process for securing data in a storage unit
US8315395B2 (en) * 2008-12-10 2012-11-20 Oracle America, Inc. Nearly-stateless key escrow service
US20110047371A1 (en) * 2009-08-18 2011-02-24 Benjamin William Timby System and method for secure data sharing
US8539234B2 (en) * 2010-03-30 2013-09-17 Salesforce.Com, Inc. Secure client-side communication between multiple domains
US8788842B2 (en) * 2010-04-07 2014-07-22 Apple Inc. System and method for content protection based on a combination of a user PIN and a device specific identifier
US8589680B2 (en) * 2010-04-07 2013-11-19 Apple Inc. System and method for synchronizing encrypted data on a device having file-level content protection
US8510552B2 (en) * 2010-04-07 2013-08-13 Apple Inc. System and method for file-level data protection
JP5897040B2 (ja) * 2011-02-01 2016-03-30 コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. 緊急時の個人健康記録へのセキュアなアクセス
US9489528B2 (en) * 2011-12-12 2016-11-08 Microsoft Technology Licensing, Llc Single use recovery key
US8667284B2 (en) * 2012-01-13 2014-03-04 Microsoft Corporation Detection of invalid escrow keys
US9589143B2 (en) * 2014-04-17 2017-03-07 Xerox Corporation Semi-trusted Data-as-a-Service platform
CN105093489B (zh) * 2014-04-18 2017-10-20 玉晶光电(厦门)有限公司 可携式电子装置与其光学成像镜头

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
None *
See also references of WO2016005075A1 *

Also Published As

Publication number Publication date
WO2016005075A1 (fr) 2016-01-14
DE102014213454A1 (de) 2016-01-14
US20170149561A1 (en) 2017-05-25

Similar Documents

Publication Publication Date Title
EP2899714B1 (fr) Préparation sécurisée d'une clé
EP2689553B1 (fr) Appareil de commande pour véhicule automobile avec dispositif cryptographique
EP2567501B1 (fr) Procédé pour la protection cryptographique d'une application
EP2235598B1 (fr) Appareil de terrain et son procédé de fonctionnement
DE102017214359A1 (de) Verfahren zum sicheren Ersetzen eines bereits in ein Gerät eingebrachten ersten Herstellerzertifikats
EP2863610B1 (fr) Procédé et système inviolables de mise à disposition de plusieurs certificats numériques pour plusieurs clés publiques d'un appareil
EP3552344B1 (fr) Structure de chaîne de blocs à chaînage bidirectionnel
EP2272199A1 (fr) Dispositif de stockage de données réparti
EP3134845A1 (fr) Procédé et système de détection d'une manipulation d'enregistrements de données
WO2015180867A1 (fr) Génération d'une clé cryptographique
WO2015185508A1 (fr) Procédé de routage pour transférer des instructions de tâches entre des systèmes informatiques, infrastructure de réseau d'ordinateurs ainsi que produit-programme d'ordinateur
EP3105898A1 (fr) Procédé de communication entre des systèmes informatiques sécurisés et infrastructure de réseau informatique
DE102015202215A1 (de) Vorrichtung und Verfahren zum sicheren Betreiben der Vorrichtung
EP3191902B1 (fr) Procédé pour accéder à des fonctions d'un appareil embarqué
DE102016215520A1 (de) Verfahren und Anordnung zur gesicherten elektronischen Datenkommunikation
DE102019109341B4 (de) Verfahren zum sicheren Austausch von verschlüsselten Nachrichten
EP3288215A1 (fr) Procede et dispositif de sortie de certificats d'authentification et module de securite
DE102015208176A1 (de) Gerät und Verfahren zur Autorisierung eines privaten kryptographischen Schlüssels in einem Gerät
EP3105703B1 (fr) Procédé et système de sécurisation de relations de bases de données contre un accès non autorisé
DE102018102608A1 (de) Verfahren zur Benutzerverwaltung eines Feldgeräts
EP4270863B1 (fr) Reconstruction sécurisée de clés privées
EP3586261A1 (fr) Procédé d'accès sécurisé à des données
DE102015223152A1 (de) Schutzvorrichtung, Sicherheitssystem und Schutzverfahren
DE102014210434B4 (de) Verfahren und System zur Herstellung einer gesicherten Kommunikationsverbindung zwischen einer ersten und zweiten Vorrichtung
DE102014114222A1 (de) Verfahren zum Verschlüsseln von Quell-Nutzdaten

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20161123

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: SIEMENS AKTIENGESELLSCHAFT

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20190425

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20191106