WO1991011794A1 - Installation pour la protection des donnees dans un appareil de traitement des donnees - Google Patents

Installation pour la protection des donnees dans un appareil de traitement des donnees Download PDF

Info

Publication number
WO1991011794A1
WO1991011794A1 PCT/AT1991/000011 AT9100011W WO9111794A1 WO 1991011794 A1 WO1991011794 A1 WO 1991011794A1 AT 9100011 W AT9100011 W AT 9100011W WO 9111794 A1 WO9111794 A1 WO 9111794A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
encryption
data processing
processing device
data
Prior art date
Application number
PCT/AT1991/000011
Other languages
German (de)
English (en)
Inventor
Kurt Schmid
Artur Wenzel
Stefan Kollingbaum
Manfred Tiefenbacher
Original Assignee
Safeware Gesellschaft M.B.H.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Safeware Gesellschaft M.B.H. filed Critical Safeware Gesellschaft M.B.H.
Publication of WO1991011794A1 publication Critical patent/WO1991011794A1/fr

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1016Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • G06Q20/40975Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Definitions

  • the invention relates to a system for backing up data to be stored and / or processed in a data processing device or a data processing device and / or to be transferred between several such data processing devices and data processing devices with a data processing device or data processing device Encryption device assigned to the device for changing the data on the basis of security keys stored in a key module.
  • Such known systems - according to DE-OS 33 40 582 - use a so-called key storage module which interacts with an encryption unit in the system.
  • the key storage module is provided with a key generator, to which a separate data memory is assigned.
  • This data memory has a charging input.
  • the outputs of the data memory are only connected to the outputs of the key memory module via the key generator.
  • the disadvantage here is that the data memory can be overwritten from the outside via the input connected to it before it is misused and thus the result of the encryption can be falsified without reading its content in such a way that it can be appropriately used prepared counter key can be decrypted by an unauthorized user.
  • the present invention has for its object to provide a key module for a system of the type mentioned, fraud by signatories or recipients of the data or any third party and protection against falsification of the signature, the document content or denial of Signature or the document content met with high security and also enables simple manipulation of the key module from the key distribution center to the user.
  • the encryption device is assigned a communication device and a receiving device for a transportable security module, which has a computer module, a key storage device and an encryption module, and that the encryption device and the encryption Module is connected to key storage elements configured in the same way.
  • the advantages of this surprisingly simple solution are that the connection of the key storage element to the communication device, using only an encryption module, also means that reading the data does not lead to any result. Clear text data can only be obtained if that Encryption module can be controlled or addressed with appropriately correctly encrypted or encoded data.
  • the structure of the key storage device on a transportable security module in conjunction with the aforementioned security criteria means that the security modules can be easily dispatched at any time, for example by normal mail as a registered letter. Should there be a loss of the card, misuse can also be ruled out by slightly changing the internal encryption element.
  • the encryption device and the transportable security module have at least one coordinated identification key which is assigned to a common transmission key, so that only in connection with the unchanged identification keys in the transportable security module and in a communication between the system and the security module can be established for the encryption device.
  • the transportable security module is designed as a card, in particular a chip card, or is integrated into it, since this makes it possible for a preventive perpetrator to recognize the security module among a multitude of different ones Chip cards become almost impossible and the additional security effect for the security module is achieved due to the low differentiation.
  • the transportable security module and / or the encryption device form an electronic component which is connected to the data processing device or the data processing device and / or via a coupling device is interchangeably coupled to a mass storage device, so that it is not possible to read out the key information directly, since this key information can only be queried or used to generate a key after a corresponding power supply has been built up and correspondingly configured signals have been transmitted.
  • the key storage element of the security module is formed by a logic circuit, since this makes it easy to retrofit existing systems with appropriate security keys to secure the data or the data transmission.
  • the logic circuit or the security module is connected via the encryption module and the communication device to the encryption device and to an energy source of the data processing device or the data processing device and / or the encryption device is. Due to the fact that the connection to the energy source can only be established via the encryption device, unauthorized manipulation of the security module is additionally prevented.
  • the logic circuit or the security module comprises a key generator, as a result of which the key required for operating the system can only be generated by the interplay of the key information from the encryption device and the security module consequently, only the exact cooperation of this information enables access to the system.
  • the logic circuit and / or the key storage device can only be connected to the communication device via the encryption module, as a result of which it is likewise not possible to recognize the function of the logic circuit without the key data relevant to the decision.
  • the key storage element of the transportable security module can be coupled, if necessary, via the communication device with the key storage element or a key generator of a data processing device or a data processing device, since this also enables complex keys to be constructed using conventional EDP systems. Systems is possible and therefore already the keys, if they are stored in plain text, can be very extensive and still be inexpensive to manufacture.
  • the encryption module and the encryption device have an identical program structure that runs in mirror image, which means that even with the slightest deviations in the program structure between the encryption module and the encryption device, access to the data or a Veri ⁇ Specification of signatures or the like is prevented.
  • the transportable security module associated with an encryption device of a data processing device or a data processing device at least one further one from the data processing device or the data processing device, in particular from the portable security module and the encryption device distant memory and / or processing device is assigned, which are provided with key storage elements, so that secondary storage and / or processing devices can be monitored or protected using any number of secondary keys using the master key.
  • Another embodiment is also advantageous according to which the memory and / or processing device is designed as a chip card or is integrated into it, since this enables a component produced in large numbers to be used as a security module.
  • At least one key is included in the processing device, which is matched to a key stored in the transportable security module, thereby increasing security against unauthorized use or manipulation of data, even in storage and / or processing devices arranged at a distance from the main system can be.
  • the key of the storage and / or processing device is designed as identification and / or as a component of a transmission key, since the degree of security for distant storage and / or processing is also possible with little additional effort processing facilities can be used.
  • Figure 1 is a circuit diagram of a system according to the invention in the form of a block diagram.
  • Fig. 2 is a circuit board with an inventive
  • FIG. 3 shows a receiving device for the transportable security module in a simplified schematic diagrammatic representation
  • FIG. 4 shows the arrangement and design of a security module formed by a chip card
  • 5 shows the sequence of an encryption and decryption process for forming a key for encrypting the data in the encryption device in a system according to the invention using a block diagram
  • 6 shows the sequence of an encryption and decryption process in a system according to the invention using a block diagram
  • FIG. 7 shows the sequence of an encryption and decryption process in a system according to the invention using different user keys on the basis of a block diagram.
  • FIG. 1 shows a system 1 for backing up data processed in a data processing device 2, 3 or a data processing device and possibly stored or stored in a mass storage device 4.
  • the data processing devices 2, 3 or mass storage devices 4 have encryption devices 9,10 and 11 upstream. For better understanding, these are shown outside of the data processing devices 2, 3 or the mass storage device 4, but in practice they are predominantly arranged in the housings of these data processing devices 2, 3 or the mass storage device 4. Both the data processing devices 2, 3 and the mass storage device 4 and the encryption devices 9 to 11 are connected to energy sources 12 and 13, respectively.
  • the energy sources 12 are mostly used to supply the devices or the mass storage device with a mains voltage, for example 220 V AC, while the
  • Energy sources 13 low voltage sources for a stabilized direct voltage of e.g. + 5 V or - 5 V or the like.
  • the encryption devices 9 to 11 are of identical design in the present exemplary embodiment and are arranged on a printed circuit board 14.
  • the encryption device 9 to 11 is connected to a receiving device 16 for a transportable security module 17 via a communication device 15, which can be constructed from any circuit components known from the prior art.
  • On the transportable security module 17 there is an encryption module 18, a computer Module 19 and a key storage device 20 arranged.
  • the encryption module 18, the computer module 19 and the key storage device 20 are connected to the communication device 15 and the energy source 13 via contacts 21 to 23 of the receiving device 16.
  • the electronic components 24 to 26 formed by the encryption device 9 to 11, the communication device 15, the receiving device 16 and the security module 17 can be plugged into a coupling device 27 into the lines 5 to 7 or into the housing the data processing devices 2, 3 and the mass storage device 4.
  • the security module 17 is formed by a so-called chip card 35 which is inserted into the receiving device 16 formed by a chip card reader 36.
  • the component 24 is connected to the data processing devices 2, 3 or the mass storage device 4 via the coupling devices 27.
  • FIG. 3 shows such a chip card reader 36 for a chip card 35 on a larger scale with the cover plate lifted off.
  • a computing unit 37 which is composed of the encryption module 18 shown schematically in FIG. 1, the computing module 19 and the key storage device 20, has four movable contact lugs 38 with the remaining parts of the printed circuit board bearing the chip card reader 36.
  • Lines 39 which connect it to an energy source 13, serve to supply power to the chip card reader 36.
  • locking arms 40 are provided which hold the chip card 35 in a fixed position when the chip card 35 is inserted.
  • the computing unit 37 is formed by a microcomputer, which can be designed, for example, as a SPOM (self-programmable single-chip microcomputer).
  • This has a central processor as a computer module 19 and a key storage device 20 assigned to it, which as EPROM or EEPROM, i.e. an electrically programmable read-only memory or an electrically buildable, programmable read-only memory can be formed.
  • the encryption module 18 is provided by further key storage elements 41 which interact with the computer module 19, e.g. RAM or ROM formed.
  • This microcomputer or the computing unit 37 can be coupled to the contact tabs 38 of the chip card reader 36 via a contact button.
  • a secret key or identification key with the letter sequence IKEV is stored in a key storage element 42.
  • the encryption device comprises a number generator 43 for the formation of random numbers. If the encryption device 9 is now supplied with current, the number generator 43 is activated at the same time and forms a random number. The random number is then encrypted in the encryption device 9 with the secret key IKEV and fed to the computer module 19 of the transportable security module 17 via the communication device 15.
  • a further number generator 43 is integrated in the computer module, which in turn generates a random number BSK which is encrypted with the secret key IKEV which is also stored in the key storage device 20.
  • the key storage device can be a RAM, ROM or EPROM EEPROM be formed. This result is then compared with the random number RND VER-EX-ORD received by the encryption device 9 and decrypted by the computer module 19. This means that the value of the random number BSK encrypted with the secret key IKEV is linked to the random number RND via an exclusive OR function.
  • the value of the random number BSK is then determined from the signal sequence supplied via the communication device 15 by means of the secret key IKEV stored in the encryption device 9 in the key storage element 42 and the random number RND.
  • the random number BSK is used as the sequence key until a new connection is established, i.e. for example, the power supply is interrupted and switched on again. If such an encryption has been manipulated, in particular on the key storage element 41 or on the security module 17, the entered data are encrypted, but are then unusable for further use or the removable data are incorrect and thus unusable or they make no logical sense at all, so that it can then be immediately recognized that manipulation in the area of the data processing device 2, 3 or the mass storage device 4 or the entire system must have been carried out.
  • the encryption and decryption of the at least one to be transferred from the security module 17 to the encryption device 9 is preferably also carried out on the security module 17 stored usage key.
  • the data to be transferred to the individual data processing devices 2, 3 or a mass storage device 4 are then encrypted under this usage key.
  • the usage key (s) preferably stored on the security module 17 can be permanently stored. However, it is also possible for a new usage key to be calculated in the security module 17 if required.
  • FIG. 6 the data traffic between two data processing devices 2, 3 or a mass storage device 4 is then shown schematically.
  • the encryption of the data is only used in the area of a single data processing device for entering and storing the data, so that only an authorized user can read this data out again.
  • the mass memory 4 it is also possible for the mass memory 4 to be a component of this data processing device 2 or 3 or to be arranged externally in any place in a data processing device network, the data then being stored in encrypted form on the respective mass storage device. Encryption and decryption can then only take place via a data processing device 2, 3 or an appropriately designed encryption device 9, 10, 11 assigned to them.
  • the data supplied by the data processing device 2 via the line 5 to the encryption device 9 are now encrypted in such a way that a key name KN for encrypting the data must be supplied to the security module 17 by an authorized person.
  • This can be done, for example, by the authorized user using a chip card 44 to adds, which contains a corresponding key name KN, for example in a read-only memory. If such a chip card 44 is now inserted into a reading device 45, this reading device 45 establishes a connection with the transportable security module 17 without any external influence.
  • the key name KN is then transferred to the security module 17 and there releases it so that the key value permanently stored in a key storage element 46 can be used for encryption.
  • the key value KV is supplied encrypted via the key BSK to the encryption device 9 and can then be used there to encrypt the data which are supplied to the encryption device 9 via the line 5.
  • the key value KV can be stored in a key storage element 47 in the encryption device 9.
  • Key name KN which is also stored, for example, on a chip card 44, again, for example, via a reader 45 to the transportable security module 17 in the encryption device 11.
  • the key KV becomes there on the basis of the request by the key name KN encrypted with the key value BSK 1 and fed to the encryption device 11 and also stored there in a key storage element 47.
  • the encrypted data coming from the data processing device 2 or from the mass storage device 4 can then be decrypted by means of the key stored in the key storage element 47.
  • the two key names KN are the names of two mutually dual keys, which enable the data to be encrypted or decrypted in the same way.
  • the scope of authorization of the user can only be restricted to decryption or encryption.
  • FIG. 7 Another block diagram is shown in FIG. 7, which essentially corresponds to the block diagram in FIG. Therefore, the same reference numbers are used for the same parts.
  • the only difference between the two design variants is that two keys that are dual to one another are made asymmetrical by means of special methods and thus each user is assigned a separate key name KNE or KND.
  • KNE key name
  • KND key name
  • a user with the key name KNE can only forward the transfer of a key KVE from the key storage element 46, in which this key is stored, to the key storage element 47 in the area of the encryption device 9.
  • At least one further key storage element 48 is also arranged in all or only individual security modules 17 assigned to the encryption devices 9, 10, 11, in which, as permanent keys, other dual keys different from the key in the key storage element 47 however, key values KVD made asymmetrical by a special procedure are stored.
  • the functional sequence of the encryption process now corresponds to the process as has already been described in detail with reference to FIG. 6, but differs only in that the chip cards 44 have differently configured key storage elements 49 and 50, respectively , for example the key storage element 49 storing a key name KNE, while the key storage element 50 storing a key name KND.
  • either the key value KVE or KVD is supplied to the encryption device 9 or 11, or in its key storage element 47 for further encryption of the data, which are supplied via lines 5, 7 and 6, respectively.
  • a device it is also possible with such a device to use the key value KV according to FIG. 6 or the key values KVE or KVD to supply an independent line to a further storage and / or processing device 51, for example an automatic teller machine or a further operating device or reading device or a printer. It is thus possible to ensure the issuance of banknotes or documents via this separate storage and / or processing device 51 via a chip card 44 with a corresponding key name KN or KNE or KND. Furthermore, it is also possible that a separate key generator 52 can be assigned in the memory and / or processing device 51, which generates a separate work key for the memory from the key name KNE and, for example, the random number RND encrypted by the key KVE. and / or processing device 51.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
  • Emergency Protection Circuit Devices (AREA)

Abstract

L'invention concerne une installation pour la protection des données mises en mémoire et/ou à traiter dans un appareil de traitement des données (2, 3) ou dans un système de traitement des données et/ou à transférer entre plusieurs de ces appareils de traitement des données (2, 3) et plusieurs de ces systèmes de traitement des données. A l'appareil de traitement des données (2, 3) ou au système de traitement des données est associé un système de chiffrement (9, 10, 11) servant à modifier les données au moyen d'une clé de sécurité conservée dans un module de clés. Au système de chiffrement (9, 10, 11) sont associés un système de communication (15) et un dispositif de réception (16) pour un module de sécurité transportable (17). Celui-ci est constitué d'un module de calcul (19), d'un système de mise en mémoire de clés (20) et d'un module de chiffrement (18). Le système de chiffrement (9, 10, 11) et le module de chiffrement (18) sont reliés à des élément de mise en mémoire de clés de même configuration.
PCT/AT1991/000011 1990-01-24 1991-01-21 Installation pour la protection des donnees dans un appareil de traitement des donnees WO1991011794A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
AT15490 1990-01-24
ATA154/90 1990-01-24

Publications (1)

Publication Number Publication Date
WO1991011794A1 true WO1991011794A1 (fr) 1991-08-08

Family

ID=3482975

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AT1991/000011 WO1991011794A1 (fr) 1990-01-24 1991-01-21 Installation pour la protection des donnees dans un appareil de traitement des donnees

Country Status (3)

Country Link
AU (1) AU7215691A (fr)
DE (2) DE4190201A1 (fr)
WO (1) WO1991011794A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102007023206A1 (de) * 2006-11-18 2008-05-21 Dica Technologies Gmbh Verfahren und Einrichtung zur sicheren Erzeugung und Verwaltung von Schlüsseln und deren Nutzung in Netzwerken zur sicheren Übertragung von Daten

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3023427A1 (de) * 1979-06-28 1981-01-08 Gretag Ag Mobiler datenbehaelter
US4691355A (en) * 1984-11-09 1987-09-01 Pirmasafe, Inc. Interactive security control system for computer communications and the like
US4694492A (en) * 1984-11-09 1987-09-15 Pirmasafe, Inc. Computer communications security control system
DE3340582C2 (fr) * 1983-11-10 1989-09-21 Ant Nachrichtentechnik Gmbh, 7150 Backnang, De
EP0400362A2 (fr) * 1989-05-31 1990-12-05 Siemens Aktiengesellschaft Procédé d'administration hiérarchique de clés à clés partielles pour la transmission d'informations numériques

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3023427A1 (de) * 1979-06-28 1981-01-08 Gretag Ag Mobiler datenbehaelter
DE3340582C2 (fr) * 1983-11-10 1989-09-21 Ant Nachrichtentechnik Gmbh, 7150 Backnang, De
US4691355A (en) * 1984-11-09 1987-09-01 Pirmasafe, Inc. Interactive security control system for computer communications and the like
US4694492A (en) * 1984-11-09 1987-09-15 Pirmasafe, Inc. Computer communications security control system
EP0400362A2 (fr) * 1989-05-31 1990-12-05 Siemens Aktiengesellschaft Procédé d'administration hiérarchique de clés à clés partielles pour la transmission d'informations numériques

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102007023206A1 (de) * 2006-11-18 2008-05-21 Dica Technologies Gmbh Verfahren und Einrichtung zur sicheren Erzeugung und Verwaltung von Schlüsseln und deren Nutzung in Netzwerken zur sicheren Übertragung von Daten
DE102007023206B4 (de) * 2006-11-18 2008-10-09 Dica Technologies Gmbh Verfahren und Einrichtung zur sicheren Erzeugung und Verwaltung von Schlüsseln und deren Nutzung in Netzwerken zur sicheren Übertragung von Daten

Also Published As

Publication number Publication date
DE4190201D2 (de) 1992-12-10
AU7215691A (en) 1991-08-21
DE4190201A1 (fr) 1992-12-10

Similar Documents

Publication Publication Date Title
DE3407642C2 (fr)
DE3613007B4 (de) System zur Ermittlung von nicht-abgerechneten Drucken
EP0281057B1 (fr) Circuit pour la sécurité de l'accès à un ordinateur à l'aide d'une carte à circuit intégré
DE19532617C2 (de) Verfahren und Vorrichtung zur Versiegelung von Computerdaten
DE2760486C2 (fr)
EP0373411B1 (fr) Elément de sécurisation de données pour un dispositif de traitement électronique de données, système de sécurisation de données et méthode d'application
DE2738113A1 (de) Vorrichtung zur durchfuehrung von bearbeitungsvorgaengen mit einem in eine aufnahmeeinrichtung der vorrichtung eingebbaren identifikanden
DE3103514A1 (de) Verfahren und vorrichtung zum steuern einer gesicherten transaktion
EP0654919A2 (fr) Procédé d'authentification d'une partie par une autre partie dans un système de transfert d'informations selon le principe Challenge-Response
DE3122534C1 (de) Verfahren zur Erzeugung sowie Kontrolle von Dokumenten, sowie Dokument und Vorrichtung zur Durchführung des Verfahrens
DE19860177C2 (de) Verfahren und Vorrichtung zur benutzerkontrollierten Freischaltung von Chipkartenfunktionen
EP2122588B1 (fr) Carte à puce ayant une fonction de premier utilisateur, procédé de sélection d'une identification et système informatique
EP0030381A2 (fr) Procédé et dispositif pour la production et le contrôle de documents protégés contre des falsifications et document utilisé à cet effet
WO2001039133A1 (fr) Systeme et procede de controle automatique du passage d'une frontiere
EP1002393A2 (fr) Systeme pour la creation de signatures electroniques en toute securite
DE102006011402A1 (de) Verfahren und Apparatur zur sicheren Verarbeitung von schützenswerten Informationen
DE102005005378A1 (de) Vorrichtung zur Eingabe und Übertragung von verschlüsselten Signalen
EP0990226B1 (fr) Systeme permettant une lecture et un traitement proteges de donnees sur des supports de donnees intelligents
DE19502657C1 (de) Verfahren und Vorrichtung zum Nachweis einer Manipulation an übertragenen Daten
DE19961403A1 (de) System und Verfahren zur automatisierten Kontrolle des Passierens einer Grenze
EP0203542A2 (fr) Méthode et dispositif de vérification de cartes à circuit intégré
WO1991011794A1 (fr) Installation pour la protection des donnees dans un appareil de traitement des donnees
WO1999026182A2 (fr) Systeme d'authentification de fichiers electroniques
EP0970449B1 (fr) Support de donnees portable et procede permettant son utilisation de fa on protegee par voie cryptographique avec des cles de chiffrement interchangeables
EP0203543B1 (fr) Méthode et dispositif de vérification de cartes à circuit intégré

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AT AU BB BG BR CA CH DE DK ES FI GB HU JP KP KR LK LU MC MG MW NL NO PL RO SD SE SU US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE BF BJ CF CG CH CM DE DK ES FR GA GB GR IT LU ML MR NL SE SN TD TG

REF Corresponds to

Ref document number: 4190201

Country of ref document: DE

Date of ref document: 19921210

WWE Wipo information: entry into national phase

Ref document number: 4190201

Country of ref document: DE

ENP Entry into the national phase

Ref document number: 1991 9016

Country of ref document: AT

Date of ref document: 19910808

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 19919016

Country of ref document: AT

NENP Non-entry into the national phase

Ref country code: CA