WO1999038302A1 - Systeme sur de telecommunications - Google Patents

Systeme sur de telecommunications Download PDF

Info

Publication number
WO1999038302A1
WO1999038302A1 PCT/GB1998/000185 GB9800185W WO9938302A1 WO 1999038302 A1 WO1999038302 A1 WO 1999038302A1 GB 9800185 W GB9800185 W GB 9800185W WO 9938302 A1 WO9938302 A1 WO 9938302A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
computer
different portions
communication path
partial
Prior art date
Application number
PCT/GB1998/000185
Other languages
English (en)
Inventor
Du Yung Yun
Chris Patel
Original Assignee
Maxon Systems Inc. (London) Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maxon Systems Inc. (London) Ltd. filed Critical Maxon Systems Inc. (London) Ltd.
Priority to KR1020007008014A priority Critical patent/KR20010034297A/ko
Priority to PCT/GB1998/000185 priority patent/WO1999038302A1/fr
Priority to EP98900938A priority patent/EP1050144A1/fr
Publication of WO1999038302A1 publication Critical patent/WO1999038302A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/14Multichannel or multilink protocols

Definitions

  • the present invention is related to a secure data communication system. More specifically, the present invention is related to a secure data communication system in which an end user is capable of interchanging data with a host computer.
  • protection schemes include the encryption of the data by various algorithms (e.g. DES or RSA) .
  • DES e.g. DES
  • RSA e.g. RSA
  • the transmission of information encripted according to such algorithms is not immune to wire tapping and subsequent decryption.
  • the likelihood of a successful decryption is increased by the increased computational power of computer work stations available today.
  • the present invention teaches a secure data communication system comprising a first computer being adapted to transmit/receive information to/from a second computer via a first communication path, wherein the first computer is adapted to transmit/receive information to/ rom a second computer via a second communication path distinct from the first communication path, the first computer is adapted -2 -
  • the second computer being adapted to receive at least two different portions of partial information from the first computer via said first and said second communication path, and combine the at least two different portions of partial information to obtain the original information.
  • the first and the second computer further comprise an information splitting/combination means to split information to be sent and/or to store received different portions of partial information and to combine said received and stored different portions of partial information to obtain the original information.
  • the information splitting/combination means also includes a determination means (preferably implemented by a software program) to determine an splitting scheme according to which the different portions of partial information from the first computer are splitted and sent via said first and said second communication path to said second computer.
  • a determination means preferably implemented by a software program
  • the determination means is adapted to determine the order of splitting according to a predetermined scheme or a random scheme.
  • a predetermined order scheme is easier to implement (on the transmitting side as well as on the receiving side) but also easier to be found out by an intruder.
  • a random order scheme requires a more sophisticated mechanism or protocol to ascertain the correct concatenation of the different portions of partial information at the receiving side of the communication path.
  • the invention is also covering the concept of transceiving information that is accompanied by a PIN (Personal Identification Number) and/or a TAN (Transaction Number) .
  • a PIN Personal Identification Number
  • TAN Transaction Number
  • the PIN and/or the TAN as well as the information itself can be split according to various schemes.
  • One example is to sent any or all Arabic numerals through one communication path, while the remaining -4 -
  • the Arabic numerals would be sent through communication path having the higher security level .
  • Another possibility is to change the communication path after each Arabic numeral character sent.
  • the highly sensitive parts of the information are broken into entities which are meaningless (and hence worthless) to any intruder.
  • the first communication path is provided in a terrestrial telephone system
  • the second communication path is provided in a cellular mobile telephone system.
  • the present invention also encompasses that the first and/or said second computer further comprises an information encrypting/decrypting means in which said information is encrypted prior to being split into said at least two different portions of partial information or said information is encrypted after being split into said at least two different portions of partial information.
  • an information encrypting/decrypting means in which said information is encrypted prior to being split into said at least two different portions of partial information or said information is encrypted after being split into said at least two different portions of partial information.
  • Encrypting the data before the splitting can be advantageous insofar, as the computational power for the encryption algorithm needs to be provided only once while the -5 -
  • computational power to split (and subsequently transmit) the information is relatively limited. It can, however, further increase the security to split the information and to independently encrypt the two parts of the information to be transmitted.
  • an information tagging means in which the at least two different portions of partial information are provided with markings containing an indication regarding the sequential order of the different portions of partial information.
  • the first and the second computer further comprises an information processing means in which information received from a respective other computer is only processed upon an authorization indication generated by a authorization computer connected to the information processing means.
  • this authorization computer is provided at the host computer (i.e. the processing computer) of a bank or the like.
  • This processing computer of the bank will obtain the authorization from the authorization computer which is not accessible from outside. Since the processing computer of the bank is only provided with parts of the information required to carry out a certain transaction while the authorization computer is not accessible from outside but only accessible from the processing computer, an intruder will not be able to obtain the complete information.
  • the present invention is also related to a peripheral device connectable to a computer, said peripheral device comprising: a first input/output connector for transceiving information to/from said computer from/to said peripheral device, a second input/output connector for transceiving information -6 -
  • This device can be easily connected to a PC or an intelligent telephone on the one side and to a terrestrial telephone line and a mobile telephone (or a second terrestrial telephone line) in order to set up two communication paths to a host computer (of a bank etc.) Alternatively, it is also possible to use two mobile telephones to set up the two communication paths.
  • Fig. 1 schematically shows a block diagram of the system according to the present invention.
  • Fig. 2 schematically shows a block diagram of a peripheral device connectable to a computer to implement the present invention.
  • Fig. 3 is a schematical flow chart for the program of the computer in the peripheral device according to Fig. 2.
  • Fig. 4 shows how information presented to the peripheral device according to Fig. 2 is transformed by this device. -7 -
  • a secure data communication system comprises a first computer 10 being adapted to transmit/receive information to/ from a second computer 12 via a first communication path 14.
  • This first computer can be implemented by a PC (personal computer) having a central processing unit including RAM, ROM, hard disk drive, serial interface etc. , a keyboard and a video screen.
  • this computer can also be implemented by a "intelligent" telephone 16 having the standard functions of a telephone plus the capability of entering and displaying one or more lines of alphanumerical characters that are to be transceived by the "intelligent" telephone.
  • This computer/telephone 10, 16 is connected to a peripheral device 22.
  • the peripheral device 22 provides (via a modem or the like) a connection to first communication path 14.
  • This first communication path 14 is a terrestrial telephone network.
  • the first computer 10, 16 is adapted to transmit/receive information to/ from the second computer 12 via a second communication path 20 which is different from the first communication path 14.
  • the peripheral device 22 is adapted to split the information received from the first computer 10, 16 into two or more different portions of partial information prior to transmitting the information to the second computer 12. These portions of partial information are transmitted separately via the first and the second communication paths 14, 20.
  • the second computer 12 is adapted to receive these two different portions of partial information from the first computer 10, 16 via the first and the second communication paths 14, 20, and to combine the two different -8-
  • the first computer 10, 16 is connected to a serial interface 28 of the peripheral device 22 which also includes an information splitting/combination functionality to store the information for further processing, i.e. to split information to be sent into different portions of partial information and to combine received different portions of partial information to obtain the original information.
  • an information splitting/combination functionality to store the information for further processing, i.e. to split information to be sent into different portions of partial information and to combine received different portions of partial information to obtain the original information.
  • the information splitting/combination device 22 comprises a microprocessor 30 (see Fig. 2) , a RAM memory 32 connected thereto, two serial interfaces 34, 36 to provide connections to the mobile telecommunications network 20 and the terrestrial (fixed) network 14, respectively, and a (Flash-) ROM memory 38 for a control software program.
  • the microprocessor 30 is also programmed to act as a determination means for determining an splitting scheme according to which the different portions of partial information from the first computer 10, 16 are splitted and sent via the first and second communication paths 14, 20 to the second computer 12.
  • the entire information is splitted into different portions of partial information by changing the communication path through which the information is sent after each second character.
  • the splitted portions of information are sent out in an alternating fashion through the two serial interfaces 34, 36 to the mobile telephone 18 having a data transmission/reception capability, and the terrestial telephone network 14, respectively.
  • the portion of the information sent out through the mobile telephone 18 is fed -9 -
  • the portion of the information is sent to a transceiving station 40 provided at the site of the second computer 12.
  • the information received from the mobile network 20 is temporarily stored in an authorization server 44.
  • the peripheral device 22 feeds ther other portion of information into the terrestrial telephone network 14.
  • the terrestrial telephone network 14 feeds the information into a transceiving station 42 also provided at the site of the second computer 12.
  • the information received by the transceiving station 42 is fed into the second (main) computer 12.
  • the second computer 12 (and/or the authorization server 44) are programmed to carry out the decryption and recombination required to reverse the transformation of the information carried out in the first computer/telephone 10/16 or the peripheral device 22.
  • the microprocessor 30 in the peripheral device 22 is also programmed to act as a an information encrypting/decrypting means in which the information is encrypted prior to being split into the at two different portions of partial information.
  • both the terrestrial and the mobile telephone lines could obtain the complete information.
  • an intruder capable of monitoring only one of the two telephone lines preferably the terrestrial telephone line
  • could find out at least a part of the sensitive information e.g. the PIN of a user
  • the information can also be encrypted after being split into the two different portions of partial information.
  • the microprocessor 30 is also programmed to act as an information tagging means in which said at least two different portions (AB, CD, EF, GH, IJ, KL) of partial information are provided with markings (1, 2, 3, 4, 5, 6) containing an indication regarding the sequential order of the different portions of partial information.
  • This indication is also be encrypted together with the information portions in order to avoid an intruder being able to immediately gather the order of the information transmitted via one or both communication paths.
  • the microprocessor 30 can carry out a program according to the flow chart of Fig. 3. The corresponding transformation of the data structure is shown in Fig. 4.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Communication Control (AREA)
  • Telephonic Communication Services (AREA)

Abstract

L'invention porte sur un système sûr de télécommunications comportant un premier ordinateur (10, 16) conçu pour émettre et recevoir des informations vers/de un deuxième ordinateur (12) via un premier cheminement (14). Le premier ordinateur (10, 16) est par ailleurs conçu pour émettre et recevoir des informations vers/de le deuxième ordinateur (12) via un deuxième cheminement (20) distinct du premier (14), et pour diviser les informations en au moins deux différentes portions d'informations partielles avant de les émettre vers le deuxième ordinateur via le premier et le deuxième cheminement. Le deuxième ordinateur (12) est conçu pour recevoir les au moins deux portions différentes d'informations partielles du premier ordinateur via le premier et le deuxième cheminement puis à les recombiner pour reconstituer l'information originale.
PCT/GB1998/000185 1998-01-22 1998-01-22 Systeme sur de telecommunications WO1999038302A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
KR1020007008014A KR20010034297A (ko) 1998-01-22 1998-01-22 보안 데이터 통신 시스템
PCT/GB1998/000185 WO1999038302A1 (fr) 1998-01-22 1998-01-22 Systeme sur de telecommunications
EP98900938A EP1050144A1 (fr) 1998-01-22 1998-01-22 Systeme sur de telecommunications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/GB1998/000185 WO1999038302A1 (fr) 1998-01-22 1998-01-22 Systeme sur de telecommunications

Publications (1)

Publication Number Publication Date
WO1999038302A1 true WO1999038302A1 (fr) 1999-07-29

Family

ID=10824874

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB1998/000185 WO1999038302A1 (fr) 1998-01-22 1998-01-22 Systeme sur de telecommunications

Country Status (3)

Country Link
EP (1) EP1050144A1 (fr)
KR (1) KR20010034297A (fr)
WO (1) WO1999038302A1 (fr)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002047352A2 (fr) * 2000-10-27 2002-06-13 Listen.Com Communication de donnees de media a des dispositifs informatiques portatifs
WO2002063852A2 (fr) * 2001-02-06 2002-08-15 Hewlett-Packard Company Procede et appareil de chiffrement partiel de contenus
WO2004063937A2 (fr) * 2003-01-08 2004-07-29 Ttp Com Limited Telechargement de fichiers de donnees
EP1528732A1 (fr) * 2003-10-29 2005-05-04 Nokia Corporation Procédé et systéme pour fournir une sécurité de télécommunications
EP1804454A1 (fr) 2005-12-29 2007-07-04 Telefonaktiebolaget LM Ericsson (publ) Procédé de consolidation d'enregistrements de données
US7352998B2 (en) 2003-09-12 2008-04-01 Nokia Corporation Method and system for establishing a wireless communications link
US7499674B2 (en) 2003-09-12 2009-03-03 Nokia Corporation Method and system for repeat request in hybrid ultra wideband-bluetooth radio
US7697893B2 (en) 2004-06-18 2010-04-13 Nokia Corporation Techniques for ad-hoc mesh networking
US7702284B2 (en) 2003-09-12 2010-04-20 Arto Palin Method and system for processing acknowledgments in a wireless communications network
US7782894B2 (en) 2003-09-12 2010-08-24 Nokia Corporation Ultra-wideband/low power communication having a dedicated removable memory module for fast data downloads—apparatus, systems and methods
EP2493234B1 (fr) * 2011-02-28 2019-08-28 BlackBerry Limited Fourniture d'une transmission de données de message sans fil au moyen d'un dispositif de communications sans fil intermédiaire
US11968186B2 (en) 2004-10-25 2024-04-23 Security First Innovations, Llc Secure data parser method and system

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102184422B1 (ko) * 2020-05-22 2020-11-30 주식회사 한터글로벌 정품 인증을 이용한 차트 데이터 생성 시스템
KR102192401B1 (ko) * 2020-05-22 2020-12-17 주식회사 한터글로벌 인증된 정품 데이터 정보를 이용한 차트 데이터 생성 시스템
KR102192402B1 (ko) * 2020-05-22 2020-12-17 주식회사 한터글로벌 정품 인증을 이용한 정품 확인 및 차트 데이터 생성 시스템
KR102192400B1 (ko) 2020-05-22 2020-12-17 주식회사 한터글로벌 정품 인증을 이용한 차트 데이터 생성 및 사용자 관리 시스템

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0224895A2 (fr) * 1985-12-04 1987-06-10 AT&T Corp. Procédé et dispositif de communication de données utilisant des liaisons de données physiques multiples
EP0405989A2 (fr) * 1989-06-30 1991-01-02 STMicroelectronics Limited Routage de messages
US5428671A (en) * 1992-11-09 1995-06-27 Compaq Computer Corporation Modem for tight coupling between a computer and a cellular telephone
WO1995023471A1 (fr) * 1994-02-28 1995-08-31 Nokia Telecommunications Oy Distribution du trafic dans un reseau mta
EP0814589A2 (fr) * 1996-06-19 1997-12-29 AT&T Corp. Système et méthode pour reconfiguration automatique de réseaux

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0224895A2 (fr) * 1985-12-04 1987-06-10 AT&T Corp. Procédé et dispositif de communication de données utilisant des liaisons de données physiques multiples
EP0405989A2 (fr) * 1989-06-30 1991-01-02 STMicroelectronics Limited Routage de messages
US5428671A (en) * 1992-11-09 1995-06-27 Compaq Computer Corporation Modem for tight coupling between a computer and a cellular telephone
WO1995023471A1 (fr) * 1994-02-28 1995-08-31 Nokia Telecommunications Oy Distribution du trafic dans un reseau mta
EP0814589A2 (fr) * 1996-06-19 1997-12-29 AT&T Corp. Système et méthode pour reconfiguration automatique de réseaux

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002047352A3 (fr) * 2000-10-27 2002-09-06 Listen Com Communication de donnees de media a des dispositifs informatiques portatifs
WO2002047352A2 (fr) * 2000-10-27 2002-06-13 Listen.Com Communication de donnees de media a des dispositifs informatiques portatifs
WO2002063852A2 (fr) * 2001-02-06 2002-08-15 Hewlett-Packard Company Procede et appareil de chiffrement partiel de contenus
WO2002063852A3 (fr) * 2001-02-06 2002-12-12 Hewlett Packard Co Procede et appareil de chiffrement partiel de contenus
US6976166B2 (en) 2001-02-06 2005-12-13 Hewlett-Packard Development Company, L.P. Method and apparatus for partial encryption of content
WO2004063937A2 (fr) * 2003-01-08 2004-07-29 Ttp Com Limited Telechargement de fichiers de donnees
WO2004063937A3 (fr) * 2003-01-08 2005-02-03 Ttp Com Ltd Telechargement de fichiers de donnees
US7499674B2 (en) 2003-09-12 2009-03-03 Nokia Corporation Method and system for repeat request in hybrid ultra wideband-bluetooth radio
US7702284B2 (en) 2003-09-12 2010-04-20 Arto Palin Method and system for processing acknowledgments in a wireless communications network
US7782894B2 (en) 2003-09-12 2010-08-24 Nokia Corporation Ultra-wideband/low power communication having a dedicated removable memory module for fast data downloads—apparatus, systems and methods
US7352998B2 (en) 2003-09-12 2008-04-01 Nokia Corporation Method and system for establishing a wireless communications link
EP1528732A1 (fr) * 2003-10-29 2005-05-04 Nokia Corporation Procédé et systéme pour fournir une sécurité de télécommunications
US7278084B2 (en) 2003-10-29 2007-10-02 Nokia Corporation Method and system for providing communications security
US7697893B2 (en) 2004-06-18 2010-04-13 Nokia Corporation Techniques for ad-hoc mesh networking
US11968186B2 (en) 2004-10-25 2024-04-23 Security First Innovations, Llc Secure data parser method and system
US7765210B2 (en) 2005-12-29 2010-07-27 Telefonaktiebolaget Lm Ericsson (Publ) Method for consolidating data records
EP1804454A1 (fr) 2005-12-29 2007-07-04 Telefonaktiebolaget LM Ericsson (publ) Procédé de consolidation d'enregistrements de données
EP2493234B1 (fr) * 2011-02-28 2019-08-28 BlackBerry Limited Fourniture d'une transmission de données de message sans fil au moyen d'un dispositif de communications sans fil intermédiaire

Also Published As

Publication number Publication date
EP1050144A1 (fr) 2000-11-08
KR20010034297A (ko) 2001-04-25

Similar Documents

Publication Publication Date Title
WO1999038302A1 (fr) Systeme sur de telecommunications
US4484025A (en) System for enciphering and deciphering data
EP0687087B1 (fr) Procédé de transmission de données sécurisées
AU726397B2 (en) Pocket encrypting and authenticating communications device
US5878142A (en) Pocket encrypting and authenticating communications device
US6490687B1 (en) Login permission with improved security
US20020103008A1 (en) Cordless communication between PDA and host computer using cradle
EP0756397B1 (fr) Système et procédé pour la distribution de clé et pour l'authentification entre un ordinateur hôte et un dispositif portable
EP1274194A1 (fr) Méthode et appareil pour la communication de données sans fil en utilisant une unité de chiffrage
CN1575578B (zh) 用于个人信息访问控制的方法和设备
US7284123B2 (en) Secure communication system and method for integrated mobile communication terminals comprising a short-distance communication module
JPH0730504A (ja) 無線通信における情報の無断利用防止装置
CN100493072C (zh) 从个人掌上计算机到万维网的无线传输的加密系统和方法
US20040158707A1 (en) Mobile terminal for use restriction and copyright protection for content, and content security system using the same
US20070217609A1 (en) Portable telephone and program for sending and receiving electronic mail
CN115776413B (zh) 一种基于虹膜加密的数据传输方法和系统
EP1286242A1 (fr) Système et procédé de protection d'entrée de données de sécurité
JPH1065652A (ja) 機密情報通信システムおよび機密情報通信方法
JPH063905B2 (ja) センタと利用者間の相手認証方法
CN101426199B (zh) ZigBee无线网络数据安全传输系统
KR101384702B1 (ko) 스마트 카드를 이용한 금융 서비스 제공 방법
JP2004040278A (ja) 情報伝達システム
US7933582B2 (en) Telecommunication system with improved confidentiality
KR20010091596A (ko) 실시간 보안 인증 전화 시스템
JP4106459B2 (ja) セキュリティ機能付き入力装置および識別コード登録システム

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): KR US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1998900938

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 1020007008014

Country of ref document: KR

NENP Non-entry into the national phase

Ref country code: CA

WWP Wipo information: published in national office

Ref document number: 1998900938

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020007008014

Country of ref document: KR

WWR Wipo information: refused in national office

Ref document number: 1998900938

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1998900938

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1020007008014

Country of ref document: KR