WO2002033886A2 - Transmission securisee et archivage de donnees - Google Patents

Transmission securisee et archivage de donnees Download PDF

Info

Publication number
WO2002033886A2
WO2002033886A2 PCT/AT2001/000300 AT0100300W WO0233886A2 WO 2002033886 A2 WO2002033886 A2 WO 2002033886A2 AT 0100300 W AT0100300 W AT 0100300W WO 0233886 A2 WO0233886 A2 WO 0233886A2
Authority
WO
WIPO (PCT)
Prior art keywords
data
archiving
dat
encrypted
sys
Prior art date
Application number
PCT/AT2001/000300
Other languages
German (de)
English (en)
Other versions
WO2002033886A3 (fr
Inventor
Thomas Freiberger
Erich Krammer
Original Assignee
Siemens Ag Österreich
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Ag Österreich filed Critical Siemens Ag Österreich
Publication of WO2002033886A2 publication Critical patent/WO2002033886A2/fr
Publication of WO2002033886A3 publication Critical patent/WO2002033886A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • the invention relates to a method for secure transmission of data using a device for data processing, which can be connected to a storage device that is physically separate from the device via at least one data line, via which data can be exchanged between the device for data processing and the storage device.
  • the invention relates to a method for archiving data on an archiving device which are transmitted from a transmission device to the archiving device via at least one data line.
  • the invention also relates to a device for the secure transmission of data, which can be connected to a storage device via at least one data line, with means for processing data and storage means, and
  • an archiving device for archiving data, with storage means and means for processing data, the archiving device being connectable to at least one transmission device via at least one data line and being set up to receive at least data therefrom.
  • the invention also relates to an archiving system comprising at least one device for secure data transmission and at least one archiving device, the at least one device and the at least one archiving device being connected to one another via at least one data line.
  • an electronic archive can be more easily protected against fire, burglary and other external influences, and by simply making backup copies of the data, this can be additionally protected.
  • the data in electronic form can easily be called up by others or transmitted to them, for example by e-mail, if this is desired and permissible.
  • a lot of data, such as contracts, certificates, invoices, payments, certificates, patents, medical histories, expert reports, plans, X-rays, etc. are subject to special security measures, as they can only be accessible to a very limited group of users under certain conditions and are otherwise often strictly confidential unauthorized third parties. So far, this data has mostly been stored in secure data safes, such as safes. Of course, there are also wishes in this area for the reasons mentioned above to convert archiving to electronic systems. In particular, it is desirable to carry out the archiving at a central point so that this data can also be called up and viewed by authorized third parties.
  • the data are initially provided with a digital signature of the transmitter and then encrypted for secure transmission.
  • a recipient can determine whether the sender is actually the person for whom the sender claims to be.
  • the integrity i. H. the authenticity of the data is checked. So that the signature and the data cannot be viewed by third parties, at least the data is encrypted, and to further increase security, the data and the signature are also encrypted again for transport.
  • the method according to the invention can be designed to be particularly secure if the digital signature is encrypted together with the data in step b) and the signature encrypted with the data and the encrypted data are provided with the transport encryption in step c).
  • a signature key stored on a chip card is used to generate the digital signature in step a).
  • step b) In order to enable fast encryption of the data, the encryption in step b) is carried out with a symmetrical key.
  • the symmetrical key is generated on the chip card and then, for example, transferred to the computer, where it is used for the encryption of the signed data is used, or the digital signature is generated in a reader for the chip card, for example, and then transferred to the computer.
  • the signed and encrypted data is also provided with attribute data which, for example, contain the creation date and other information relating to the data.
  • the attribute data are usually at least partially encrypted. This takes place for the reason that notary data, for example, must be avoided so that if an unauthorized person inspects the attribute data, they cannot conclude who and what content the corresponding data contains. For this reason, at least that part of the attribute data which contains the so-called "subject of the certification" is encrypted. For the reason, the other attribute data are usually not yet encrypted in this step, in order to enable searches for keywords such as a name.
  • the partial encryption of the attribute data is usually carried out again with a symmetrical key, for which purpose the key generated on the chip card is expediently used.
  • the symmetrical key is then added to the data at step b), the added key being encrypted with a public key of the storage device.
  • the public key of the archiving device By encrypting the symmetrical key with the public key of the archiving device, it is only possible for the archiving device to decrypt it and then to decrypt the other transmitted data and attachments. If a third party intercepts the data, decryption is not possible because the symmetric key is only available in encrypted form.
  • a digital certificate of the chip card is attached to the data.
  • this transmission can be omitted, since a recipient can also download the corresponding certificates from a designated location, such as a so-called trust center, and carry out the verification with them.
  • this validity should still be verifiable even after a long time;
  • the digital signature and thus also the certificate can change for various reasons, for example if the chip card is lost, it is convenient to send this with every transmission so that it is under Under certain circumstances it is also archived, so that the validity of a signature can still be checked even after a long time.
  • a checksum is formed over the encrypted, signed data and additions and the data is added. After receiving the data including attachments, a recipient can then also create a checksum, compare this with the transmitted one, and immediately determine if the checksums do not match whether the encrypted data or the attachments have been tampered with.
  • a particularly secure transmission of the data is guaranteed if the transport encryption is carried out using an SSL or S-HTTP protocol.
  • the archived device accepts and at least temporarily stores the transmitted data and decrypts a transport encryption, b) subsequently decrypts at least the encrypted data from the archiving device is carried out, c) furthermore a digital signature of the data is checked by the archiving device, and d) if the signature check is successful, at least the data are stored in the archiving device.
  • step b the digital signature encrypted together with the data is usually decrypted.
  • the encryption ensures that the data can only be viewed by a recipient if the recipient is the authorized recipient and decryption is possible.
  • the authorized recipient uses the digital signature to check the transmitted data to determine whether the data actually comes from the sender. In addition, a check is carried out to determine whether the data has not been manipulated during transport, and only when this can also be excluded is the data stored in the archiving device.
  • the decryption of the transport encryption is usually carried out using an SSL or S-HTTP protocol.
  • the data have attachments provided by means of transport encryption, so that they are protected from the insights and manipulations of third parties. These are then also decrypted as part of the archiving process.
  • the additions usually contain at least one symmetrical key encrypted by means of a public key of the archiving device, so that it cannot be used by unauthorized persons. This is decrypted by the archiving device with a private, secret key of the archiving device.
  • a checksum is formed and this is compared with a checksum attached to the data, also generated via the data and the attachments. Only if the checksums match can it be assumed that no changes have occurred here.
  • the additions include attribute data, which is at least partially encrypted. This encryption is then also decrypted using the symmetric key.
  • the archiving device forms a checksum over the decrypted data and compares this with a checksum transmitted together with the data and formed over the data before transmission.
  • the checksum transmitted with the data arises during the creation of the digital signature, in which a checksum is initially formed, for example by means of a hash method, about the data and this is then encrypted with the signature key on the chip card.
  • the digital signature is checked in step c) using a certificate attached to the data.
  • This attached certificate is usually stored in the archiving device so that the validity of the corresponding digital signature can be checked even after a long period of time. If there are no changes to the data and the authenticity of the transmitter is also guaranteed, the data can be stored on the archiving device.
  • the signed data encrypted with the symmetrical key is stored on the archiving device, so that only someone who has the corresponding key can decrypt and view it.
  • the attribute data are at least partially encrypted with a secret key of the archiving device and then stored.
  • those parts of the attribute data which relate to the so-called "object of certification", for example in the case of notaries, are encrypted, while other attribute data remain unencrypted in order to allow a rapid search in the archiving device.
  • a checksum is formed at least over the stored data, which is stored together with the data. By regularly recalculating this checksum, for example weekly, and comparing it with the originally created checksum, changes to the data can be determined and corresponding steps such as restoring the respective data from a backup copy can be taken if necessary.
  • At least one log file is created for the stored data, which contains at least information regarding access to the data. Every access to the corresponding data is logged in the log file. When accessing information is stored at least with regard to the time of access, the type of access and the access.
  • an input device is particularly suitable, which according to the invention is set up to a) provide at least temporarily stored data on the device or a memory assigned to the device with a digital signature, b) at least the data to encrypt, and c) to provide the data and the digital signature with a transport encryption and thus to transmit them via the data line to the storage device.
  • an archiving device mentioned at the outset is particularly suitable, which according to the invention is set up to a) accept the transmitted data, at least temporarily store it and decrypt a transport encryption, b) subsequently decrypt at least the encrypted data, c) digitally sign the To check data, and d) in the case of a positive check of the signature, at least to store the data on storage means.
  • FIG. 1 shows an example of an archiving system according to the invention
  • FIG. 2 schematically shows an exemplary sequence of a method necessary for secure transmission.
  • FIG. 1 shows an archiving device ARC, to which a device for data processing COM, for example a computer, is connected via a data line DAT.
  • a device for data processing COM for example a computer
  • DAT data line
  • a user would now like to use his computer COM to store data that is at least temporarily stored on his computer or a storage means assigned to the computer, for example a contract, on the central archiving device ARC.
  • this data is stored in an archive area ARS of the archiving device.
  • this archiving area is generally designed as an archiving server, which, among other things, has the corresponding storage means SPA for storing the data and means for processing data, such as a processor PRA, working memory RAA, etc.
  • the user Before the transmission of data can be started by a user, it is first necessary to log on to the archiving device. Via his computer COM, the user enters a user password assigned to him and the associated password, and the software installed on the computer, which is necessary for communication with the archiving device, only allows the user to use it if the input is correct. It can be provided that the password and the user ID are only checked locally on the user's computer, but it is also possible to transfer them to the archiving device and check them there. let, which further increases security.
  • FIG. 2 an advantageous example schematically shows the steps required by the user for a secure transfer of data to the archiving device, most of these steps being carried out automatically by software running on the user's computer COM.
  • an original document signed by the user is first scanned with a scanner connected to the computer and output on a display on the computer.
  • the user now uses the display to check whether the data displayed on the screen match the original. After having checked the agreement, he confirms this by providing the data with his digital signature.
  • This digital signature has * is usually formed from a checksum has, which is determined via the data dat and is then encrypted with a secret signature key of the user.
  • a memory card in particular a chip card, on which the user's private, secret signature key, with which the digital signature is created, is stored.
  • the use of a chip card is necessary or cheap for the reason that this is stipulated in many signature laws, in particular the Austrian and the German signature law.
  • the checksum has is usually formed using a hash method, which is why it is often referred to alternatively as a hash value.
  • the computer COM is usually connected to a reading device LEG, by means of which the signature key is read from the chip card and used to generate a digital signature.
  • LEG a reading device
  • the exact creation of the digital signature should not be dealt with at this point, since this is not the subject of the present invention and certain security-relevant aspects must also be observed here.
  • the computer can of course also have an internal reader for chip cards, although this is rarely the case.
  • the chip cards are protected against use by unauthorized persons by means of a PIN code (“personal identification number”), which the user must enter before the signature is created.
  • PIN code personal identification number
  • Attribute data att * ags can now be added to the signed, encrypted data dat *.
  • the attribute data att is about the creation date of the data, about the person (s) concerned with the document, etc.
  • the attribute data ags is about the so-called "subject of certification" in notary circles. In this attribute ags is listed what the document is, for example in the form of a title of the document.
  • the "normal" attribute data att are added to the data dat * in unencrypted form, while the subject of the authentication is added in encrypted form ags *, since at an insight of unauthorized persons is to be avoided that conclusions can be drawn from the name of the person to whom the document refers and the subject of the certification. It is useful if the subject of the ags * certificate is encrypted again with the symmetrical key sys on the chip card.
  • the data encrypted with the symmetrical key sys, etc. can be decrypted, it is necessary to transmit this key to the recipient.
  • the key sys is also added to the encrypted data dat * and the other elements added, but in encrypted form sys *. So that the symmetrical key sys * is not accessible to an unauthorized person, it is encrypted with a public key of the recipient, which the recipient can only decrypt with his secret key.
  • the certificate dat stored on the chip card is then added to the data dat *. With this the recipient can check the validity of the digital signature has *.
  • the transmission of the certificate is in principle not absolutely necessary, since the archiving device also sends the respective certificates from one central point EXS, for example a so-called “trust center”, can be downloaded and used. However, as will also be explained later, the certificate is archived in the archiving device in order to check the validity of the signature even after a long time to be able to.
  • the "archiving order" now available consisting of the data dat, which was encrypted together with the digital signature has *, the attribute data att, ags *, the encrypted symmetric key sys *, and the certificate zer has a checksum has' preferably with a hash procedure, formed and attached to the archiving order.
  • the archiving job is now encrypted together with the hash value has for the transport, preferably using an SSL ("Secure Sockets Layer”) or S-HTTP (“Secure-HTTP”) protocol ssl, and so to the recipient , that is, the archiving device ARC is transmitted via the data line DAT.
  • SSL Secure Sockets Layer
  • S-HTTP Secure-HTTP
  • ssl the transport protocol
  • the SSL protocol is primarily used to encrypt HTTP ("Hypertext Transfer Protocol") and LD AP transport connections ("Lightweight Directory Access Protocol”).
  • Various encryption methods can be used for encryption, for example using the RSA algorithm (“Rivest-Shamir-Adleman”), in which the data is encrypted by the user using the recipient's public key, in this case the archiving system. The recipient can then decrypt the transport encryption with his secret key.
  • S-HTTP S-HTTP
  • S-HTTP Secure HyperText Transfer Protocol
  • the archiving device ARC can consist of a single server, which carries out all the steps necessary for archiving. In practice, however, the device ARC consists of at least two areas which are formed separately from one another, namely an archiving area ARS and a security area SES, which are generally formed from at least one server each. Both servers have means for data processing, such as a working memory RAA, RAS, a processor PRA, PRS, and further storage means SPA, PLC for the permanent storage of data, such as hard disks.
  • data processing such as a working memory RAA, RAS, a processor PRA, PRS, and further storage means SPA, PLC for the permanent storage of data, such as hard disks.
  • the archiving area is used in particular for the permanent storage of data, while in the security area mainly encryption and decryption tasks, integrity and authenticity checks etc. are carried out. Since, for example, secret keys of the archiving device are also stored in the security area, the security area is particularly secure in terms of software and hardware and access is also possible, for example, for an administrator only under the supervision of at least one supervisor.
  • the archiving device ARC ie. H. in the security server SES, decrypted the transport encryption ssl.
  • a checksum is then formed via the archiving request and compared with the has 'has' transmitted together with the archiving request. The integrity, i.e. the unchanged nature of the archiving job during transport, is only given if the checksums match.
  • the archiving process is continued and the enclosed, encrypted symmetrical key sys * is decrypted with a secret key of the archiving device.
  • the resulting symmetric key sys is then used to decrypt the object attribute ags * and the data dat * encrypted together with the digital signature has *.
  • the attached certificate verifies whether the digital signature has * is valid.
  • a checksum is also formed over the decrypted data dat and compared with the checksum has formed on the user side in order to be able to determine the integrity of the data. If any of the above checks result in deviations, the archiving process is canceled.
  • the data dat is stored in the archiving device, ie on the storage means SPA of the storage area ARS.
  • the data dat * encrypted by the user together with the digital signature and with the symmetrical key sys are stored.
  • the attributes att and the object attributes ags are also stored, unencrypted, as is the certificate.
  • the object attributes ags are previously encrypted with a secret key of the archiving device ARC.
  • the symmetrical key sys, encrypted with the private, secret key of the archiving device is stored together with the data, just as the digital signature of the user has * is again stored separately. A new checksum is formed over all these stored elements and also stored together with the data.
  • This checksum can also be encrypted with a signature key of the archiving device, so that the stored elements are provided with a digital signature of the archiving device. For this reason, the attribute data att are stored in unencrypted form in order to enable research under the data stored in the archiving device. chen. After the successful saving, a confirmation message about this process is transmitted to the user.
  • the security server SES is used, in which the user IDs and associated passwords are then stored.
  • the certificates required to check the digital signatures can also be stored in the SES security server so that they do not have to be constantly accessed online from a central EXS location, for example in the event that no certificate was sent when the archiving order was sent.
  • the corresponding database is then updated at regular intervals, for example daily, by calling up the current certificates.
  • So-called revocation lists are also stored in the central “trust centers” EXS, which can be used to determine which certificates and thus digital signatures are no longer valid. These revocation lists can also be at least partially stored in a corresponding database of the security server Also to keep the up-to-date status of the blacklists used as up-to-date as possible, these are also brought up to date by ongoing updates.
  • the stored data is now fundamentally accessible to the person who initiated the archiving of the data or to a group of people around this person, for example notary public.
  • access can be severely restricted. An inspection of the data is only possible, provided that permission is given at all, only after prior authentication with the device using a chip card.
  • a checksum is formed regularly, for example daily or weekly, over the elements archived per order and compared with the above-mentioned checksum created by the archiving device, which was archived together with the various elements of the archiving order.
  • the archiving device creates a log file for the stored data or elements of an archiving job, in which all accesses to the data are also logged.
  • the access time, the type of access and information about the access user are stored in these log files. To this Manipulations to the data can be followed up in a simple manner.
  • all data are given a time stamp and can therefore be restored on a per-second basis.
  • the archiving device usually has a double structure, i. H. that both the archive area and the security area are duplicated and that data is constantly compared. If one of these duplicated areas should fail, there is no data loss associated with it and the ongoing operation is not disturbed.
  • the stored data is also backed up, for example on magnetic tapes, which can be stored independently of the archiving device. With the help of this fuse u. a. individual archiving jobs that have been changed are restored.
  • the data are advantageously stored in a pixel-based data format, for example as images, since this is a particularly secure format.
  • Usual hard disks can be used as storage media, but it is also possible to store the data on optical media, by means of which the integrity of the data can itself be guaranteed.
  • Data are usually never deleted in the archiving device, but when changes are made to the data or archiving orders, the originally stored data / orders are still stored in the background in addition to the current data / orders.
  • a further safety factor is that, in addition to logging every access to data, in principle every access to the archiving device is logged and is therefore traceable. In this context, for example, logging is also carried out when a user carries out a search query for specific data records, but without then accessing a data record.
  • a high-security archive for data is created which meets both the Austrian and the German Signature Act, the Data Protection Act and the requirements for such an archive with regard to the topics of integrity, confidentiality and authenticity.
  • the data are highly encrypted in the archiving device and also stored in a long-term secure manner.
  • test mechanisms are used to ensure the originality of the data and thus to prevent loss or falsification of the data.
  • a transfer of the data to the archiving system is only possible with prior transport encryption possible, and only by an authorized user who has to authenticate himself to the system beforehand.
  • Data can also only be viewed by users or user groups who have the necessary authorizations and who have to authenticate themselves to the archiving device beforehand, preferably by means of a chip card. Every such access is also logged.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Communication Control (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé de transmission sécurisée de données, selon lequel au moins des données stockées temporairement sur un appareil de traitement de données (COM) sont munies d'une signature numérique avec ledit appareil, au moins les données sont cryptées et les données ainsi cryptées, ainsi que la signature numérique sont munies d'un code de transport et peuvent ainsi être transmises par la ligne de données (DAT) au dispositif de mémorisation (ARC). L'invention concerne en outre un procédé permettant d'archiver des données sur un dispositif d'archivage (ARC), ainsi qu'un dispositif d'archivage. Un codage de données des données transmises est effectué, les données sont cryptées, une signature numérique des données est vérifiée et en cas de résultat positif de cette vérification, au moins les données sont mémorisées dans le dispositif d'archivage (ARC). Pour finir, l'invention concerne également un système d'archivage comprenant un appareil (COM) s'utilisant pour la transmission sécurisée de données, ainsi qu'un dispositif d'archivage (ARC), qui sont reliées par l'intermédiaire d'une ligne de données (DAT).
PCT/AT2001/000300 2000-10-18 2001-09-24 Transmission securisee et archivage de donnees WO2002033886A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ATA1790/2000 2000-10-18
AT17902000 2000-10-18

Publications (2)

Publication Number Publication Date
WO2002033886A2 true WO2002033886A2 (fr) 2002-04-25
WO2002033886A3 WO2002033886A3 (fr) 2003-01-30

Family

ID=3688957

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/AT2001/000300 WO2002033886A2 (fr) 2000-10-18 2001-09-24 Transmission securisee et archivage de donnees

Country Status (1)

Country Link
WO (1) WO2002033886A2 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110038687A (ko) * 2008-07-08 2011-04-14 아르텍 컴퓨터 게엠베하 인증된 서명 데이터를 장기 보존하기 위한 방법 및 컴퓨터 시스템

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MEI LIN HUI ET AL: "Safe simplifying transformations for security protocols or not just the Needham Schroeder pubic key protocol" COOMPUTER SECURITY FOUNDATIONS WORKSHOP, 1999. PROCEEDINGS OF THE 12TH IEEE MORDANO, ITALY 28-30 JUNE 1999, LOS ALAMITOS, CA, USA,IEEE COMPUT. SOC, US, 28. Juni 1999 (1999-06-28), Seiten 32-43, XP010343727 ISBN: 0-7695-0201-6 *
RSA LABORATORIES: "PKCS #7: Cryptographic Message Syntax Standard, Version 1.5" RSA LABORATORIES TECHNICAL NOTE, [Online] 1. November 1993 (1993-11-01), Seiten 1-30, XP002207635 Redwood City, CA 94065 USA Gefunden im Internet: <URL:http://citeseer.nj.nec.com/> [gefunden am 2002-07-26] *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20110038687A (ko) * 2008-07-08 2011-04-14 아르텍 컴퓨터 게엠베하 인증된 서명 데이터를 장기 보존하기 위한 방법 및 컴퓨터 시스템
KR101644890B1 (ko) 2008-07-08 2016-08-02 아르텍 컴퓨터 게엠베하 인증된 서명 데이터를 장기 보존하기 위한 방법 및 컴퓨터 시스템
EP2300958B1 (fr) * 2008-07-08 2019-03-20 Artec Computer GmbH Procédé et système informatique pour l'archivage à long terme de données signées

Also Published As

Publication number Publication date
WO2002033886A3 (fr) 2003-01-30

Similar Documents

Publication Publication Date Title
EP3447667B1 (fr) Sécurité cryptographique pour un stockage de données réparti
DE19960978B4 (de) Verfahren zum Steuern des Zugriffs auf in einem Datenarchivsystem gespeicherte elektronische Datendateien
DE19960977B4 (de) System für ein elektronisches Datenarchiv mit Erzwingung einer Zugriffskontrolle beim Datenabruf
EP2367128B1 (fr) Procédé et dispositif de signature électronique
DE10084964B3 (de) Verfahren zum sicheren Speichern, Übertragen und Wiedergewinnen inhaltsadresssierbarer Informationen
EP2013811B1 (fr) Procédé et dispositif pour pseudonymiser des données numériques
DE112020005075B4 (de) Effiziente schwellenwertspeicherung von datenobjekten
DE112020005289B4 (de) Teilweise sortierte blockchain
DE69727198T2 (de) Durchführen digitaler Unterschriften für Datenströme und Archive
DE69431944T2 (de) Verfahren zum effizienten Aktualisieren des Hashwertes eines Dateien
DE60034159T2 (de) Verfahren zur elektronischen speicherung und wiedergewinnung von authentifizierten originaldokumenten
DE112021000608T5 (de) Schnellere ansichtsänderung für eine blockchain
DE102018004423A1 (de) Sicherer Datenaustausch
DE102012102867A1 (de) Vorrichtung und Verfahren zum Online-ID-Handling
DE112021001671T5 (de) Netzübergreifendes bereitstellen von identitäten
DE112021002053T5 (de) Verrauschte Transaktion zum Schutz von Daten
DE112021000688T5 (de) Indexstruktur für blockchain-ledger
DE112022000906T5 (de) Trennen von blockchain-daten
WO2011061061A1 (fr) Procédé et dispositif pour l&#39;accès à des fichiers d&#39;un serveur de fichiers sécurisé
DE60221861T2 (de) Server mit dateiverifikation
DE60122828T2 (de) Vorrichtung und Verfahren zur Erzeugung eines Unterschriftszertifikats in einer Infrastruktur mit öffentlichen Schlüsseln
DE112021006165T5 (de) Schlüsselwiederherstellung in einem blockchain-netzwerk mit oprf
DE102006021347B4 (de) Verfahren zur gerichtsverwertbaren Durchführung von Transaktionen
WO2002033886A2 (fr) Transmission securisee et archivage de donnees
DE112021004120T5 (de) Schwellenwertverschlüsselung für sendeinhalt

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): CZ HU PL RU US

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase