WO2004055744A1 - Communication entre un appareil de commande, un module de vendeur et un module de client - Google Patents
Communication entre un appareil de commande, un module de vendeur et un module de client Download PDFInfo
- Publication number
- WO2004055744A1 WO2004055744A1 PCT/EP2003/014254 EP0314254W WO2004055744A1 WO 2004055744 A1 WO2004055744 A1 WO 2004055744A1 EP 0314254 W EP0314254 W EP 0314254W WO 2004055744 A1 WO2004055744 A1 WO 2004055744A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- module
- customer
- provider
- provider module
- operating device
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0866—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means by active credit-cards adapted therefor
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/363—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes with the personal data of a user
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/12—Card verification
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
Definitions
- the invention relates generally to the field of electronic communication and in particular to the field of secure handling of data in transactions between a provider and a customer.
- the invention further relates to the use of at least one portable data carrier, e.g. a smart card in this context.
- the object of the invention is to provide a technology for communication between an operating device, a provider module and a customer module which, on the one hand, offers great flexibility for a large number of possible applications and, on the other hand, offers good protection against unauthorized use.
- the invention should also be able to be implemented inexpensively.
- this object is achieved in whole or in part by a method having the features of claim 1, a provider module according to claim 8, a customer module according to claim 10 and a computer program product according to claim 11.
- the dependent claims define preferred embodiments of the invention.
- the invention is based on the basic idea of using the provider module on the one hand to mediate a data exchange between the operating device and the customer module and on the other hand for authentication to the customer module.
- This measure creates a system in which the customer module can only check the authorization of the querying body before issuing confidential information.
- the system structure according to the invention makes it possible to use customer and provider modules which are based on a client-server communication model with requests and responses. Such modules are available in a variety of configurations.
- provider module and "customer module” denotes the role of the users of these modules in typical applications.
- the provider module is assigned to a provider of goods, services or intangible services, for example a dealer, a pharmacist, a doctor, an issuing agency for bonus points and so on.
- the customer module is owned by the customer.
- these typical roles are only to be understood as examples and not as a restriction of the scope of protection. Rather, all modules that can request authentication should rather be regarded as customer modules in the sense of the present invention, and all modules that are able to authenticate themselves as provider modules.
- the invention is particularly flexible because it separates the security-critical authentication method from the actual application - for example, the submission of prescriptions or the administration of bonus points.
- the application can be developed with significantly less effort and with significantly greater freedom than with previously known systems.
- the invention enables the interaction between the provider module, for example a dealer card, and the customer module to be implemented via a local or global network, for example the Internet, without media break.
- the system according to the invention can in principle also be used as a system for cashless payment or as a wallet system - similar to the already mentioned Mondex system or the money card known in Germany.
- the customer module is designed as a portable data carrier
- the provider module can also be a portable data carrier in preferred embodiments.
- portable data carriers are, in particular, chip cards with their own intelligence (smart cards) that are the size of credit cards or in compact designs, such as Mobile phone SIMs can be configured.
- the portable data carrier can also be a non-card-shaped assembly, e.g. a USB dongle.
- the provider module is a program executed on a secure server that simulates the function of a physical provider module and is therefore referred to as a "virtual provider module".
- the communication between the operating device and the provider module and / or between the provider module and the customer module takes place via at least one Internet protocol.
- Internet protocols are TCP / IP (Transmission Control Protocol / Internet Protocol), UDP / IP (User Datagram Protocol / Internet Protocol), IPSec (IP Security Protocol), TLS (Transport Layer Security), SSL (Secure Sockets Layer ), HTTP (Hypertext Transfer Protocol) and S-HTTP (Secure HTTP).
- the provider module can be authenticated to the customer module by means of HTTP digest authentication or by means of SSL client authentication.
- the protocols mentioned are well known per se and are described in detail in the corresponding RFC standards and other documents. The protocols as such are not the subject of the present invention.
- an authentication of the customer module to the provider module is preferably also provided.
- the data transmission takes place between the
- Provider module and the customer module in a secure, e.g. encrypted, form can be used for a plurality of communication processes between the provider module and the customer module without repeated authentication.
- authentication of one or both communication partners and / or encryption of the transmitted messages can also take place in the communication between the operating device and the provider module.
- the computer program product according to the invention has program commands in order to implement or execute the method according to the invention in a data carrier.
- a computer program product can be a physical medium for example a semiconductor memory or a floppy disk or a CD-ROM.
- the computer program product can also be a non-physical medium, for example a signal transmitted over a computer network.
- the computer pro computer program product can be a data carrier operating system or a part thereof or a program provided for execution by the data carrier.
- the provider module, the customer module and the computer program product have features which correspond to the features mentioned above and / or to the features mentioned in the dependent method claims.
- Fig. 1 is a block diagram with components of an embodiment of the invention.
- FIG. 2 shows an exemplary flow chart of a communication process.
- the operating device 10 is a personal computer (PC) with input means, such as a keyboard and a mouse, and output means, such as a screen.
- the operating device 10 executes an Internet browser, such as the browser known by the Internet Explorer brand. In Fig. 1, this browser is symbolic by a on the screen of the operating device 10 shown browser window 18.
- the operating device 10 can also be designed differently, for example as a compact device with a display and a keypad.
- the provider module 12 and the customer module 14 are each designed as a portable data carrier.
- each of these data carriers is a chip card which, in a manner known per se, has a semiconductor chip with a processor core, a plurality of memory fields designed in different technologies and an interface for wired or wireless communication.
- the data carriers are each connected to the network 16 via an interface device 20, 22.
- the interface devices 20, 22 are shown as external devices.
- alternative embodiments provide for integrating the interface device 20 and / or the interface device 22 into the operating device 10.
- the provider module 12 can be permanently or removably installed in the operating device 10, while the customer module 14 can generally be easily inserted into the interface device 22 and removed again.
- both the provider module 12 and the customer module 14 are designed as an Internet smart card, that is to say as a chip card in which an Internet protocol stack is implemented.
- the Internet protocol stack includes, for example, the Internet protocols TCP / IP for the transport and network layer and HTTP for the application layer, a security layer using SSL being placed on the transport layer.
- TCP / IP Internet protocols
- HTTP HyperText Transfer Protocol
- SSL Secure Sockets Layer
- other or additional protocols can also be used, in particular for security and authentication purposes.
- the network 16 is a local TCP / IP network, which can either be separated from the outside world or can be connected to the Internet via suitable protective devices. In particular, in configurations in which one or both interface devices 20, 22 are or are integrated in the operating device 10, the network 16 can only make one or two point-to-point connections between the operating device 10 and the provider module 12 and / or between the provider module 12 and de customer module 14.
- the browser can, for example, by entering the IP address in the
- the provider module 12 Access the browser's address list directly to the provider module 12.
- the provider module 12 then presents a website that allows the selection of various transactions and the entry of the network parameters of the customer module.
- the network parameters of the customer module 14 are set, then a transaction is selected, whereupon the provider module 12 establishes a network connection to the customer module 14, authenticates itself and transmits the instructions and parameters required for the transaction into the customer module.
- the customer module 14 then transmits the requested data to the provider module 12, which processes the data received and transmits a suitable success message to the browser.
- the browser running on the operating device 10 is configured such that it uses the provider module 12 as a proxy for the communication with the customer module 14.
- an address of the provider module 12 is entered in a configuration field of the browser provided for setting up proxies. Name conflicts cannot occur in a local network 16.
- the browser then routes all actually directed to the customer module 14 Requirements for the provider module 12.
- the provider module 12 is also configured such that it can access the customer module 14 via the local network 16 and works as a proxy for the customer module 14.
- the address of the customer module 14 (e.g. http: // ambience.loca!) Is entered in the address bar of the browser running on the operating device 10.
- the browser then sends a request to the provider module 12 serving as a proxy. If the request does not include access to specially protected data, the provider module 12 can easily forward it to the customer module 14.
- the customer module 14 works as an Internet server and responds to the incoming HTTP request with a suitable HTTP response.
- the response may include an HTML document that defines selection fields for several operations offered by customer module 14.
- the answer is passed on to the operating device 10 via the provider module 12.
- There the browser displays the HTML document from the customer module 14 on the screen.
- a section of the HTML document is visible, which contains the operation "output recipe" offered by the customer module 14 as the only selection field.
- FIG. 2 shows an example flow that is executed when this request concerns confidential data. This is for example wise in the operation "issue prescription" of a patient card, because the stored prescription should only be made accessible to authorized persons - eg pharmacists.
- the request generated when the "Issue recipe" operation is selected is marked as security-critical, for example in that it does not specify "http:” but "https:” as the protocol.
- Step 30 in FIG. 2 relates to the transmission of this request from the operating device 10 to the provider module 12.
- the provider module 12 analyzes the incoming request and determines that authentication with the customer module 14 is required, because otherwise the customer module 14 would not answer the request. The provider module 12 then carries out the authentication. In the present exemplary embodiment, this is done in the communication steps 32 and 34, which are only shown schematically in FIG. 2, in that the provider module 12 establishes a secure SSL connection with the customer module 14. The provider module 12 forms the client and the customer module 14 forms the server.
- the client In connection with the establishment of the SSL connection, in addition to authenticating the server with the client and agreeing on a session key for the further, encrypted communication, the client is also authenticated with the server, which is known as SSL Client Authentication.
- SSL Client Authentication For example, a challenge-response method known per se can be used for this authentication.
- the client receives data from the server - the so-called challenge - that the client processes in a cryptographic operation using a private key of the client.
- the client sends the result to the server, which then uses the complementary, public the client's public key checks whether the client actually has the correct private key.
- the keys of the provider modules 12 used in the SSL authentication are issued by trustworthy organizations - so-called trust centers.
- the trust centers are also entered in the customer module 14 as trustworthy.
- PKI Public Key Infrastructure
- Such a key management known as Public Key Infrastructure (PKI) is particularly necessary if a group of dealers or service providers is to be given access to customer modules 14.
- the provider module 12. Forwards the request to the customer module 14 in step 36.
- the customer module 14 processes the request and generates the desired answer in step 38.
- This can be, for example, an HTTP response with the recipe stored in the customer module 14 in the form of an HTML document.
- the answer is sent in step 40 from the customer module 14 to the provider module 12 ; transmitted and forwarded in step 42 from the provider module 12 to the operating device 10.
- There the HTML document contained in the answer is displayed in step 44 by the browser in the browser window 18. Further communication steps can now follow, each of which has a request directed from the operating device 10 via the provider module 12 to the customer module 14 and a response directed from the customer module 14 via the provider module 12 to the operating device 10.
- a renewed authentication is generally not necessary, especially not if - as in the present exemplary embodiment - a secure data transmission path has been established between the provider module 12 and the customer module 14 in the course of the first authentication.
- alternative embodiments are also provided in which the method shown in FIG. 2, including the authentication, is repeated for each request-response pair.
- the provider module 12 is set up to monitor the requests arriving from the operating device 10 and to initiate the authentication in steps 32 and 34 before forwarding the first security-critical request.
- the provider module 12 initially forwards all incoming requests to the customer module 14 and the authentication process only begins in response to an error message or another authentication request from the customer module 14.
- design variants are conceivable in which the provider module 12 always authenticates itself with the customer module 14 - possibly in connection with the establishment of a secure data transmission channel - before it begins to act as a proxy for the transmission of messages between the operating device 10 and the customer module 14 ,
- versions are particularly useful for online retailers in which the customer module 14 is accessed by means of a browser and this then initiates communication with the provider module 12.
- the provider module 12 is designed as a virtual provider module.
- the secure server over the network 16 - either locally or over a virtual private network (VPN) or via 'a secure data transmission channel in the Internet - to reach.
- the virtual provider module which is provided by the secured server, then communicates with the operating device 10 and the customer module 14, just as in the sequence shown in FIG. 2, and carries out the required authentication with respect to the customer module 14.
- the secured server provides a plurality of virtual provider modules - for a single provider or for several providers.
Abstract
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2003296651A AU2003296651A1 (en) | 2002-12-16 | 2003-12-15 | Communication between an operator device, a seller module and a customer module |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE10258769.8 | 2002-12-16 | ||
DE10258769.8A DE10258769C5 (de) | 2002-12-16 | 2002-12-16 | Kommunikation zwischen einem Bediengerät, einem Anbietermodul und einem Kundenmodul |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2004055744A1 true WO2004055744A1 (fr) | 2004-07-01 |
Family
ID=32336379
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP2003/014254 WO2004055744A1 (fr) | 2002-12-16 | 2003-12-15 | Communication entre un appareil de commande, un module de vendeur et un module de client |
Country Status (3)
Country | Link |
---|---|
AU (1) | AU2003296651A1 (fr) |
DE (1) | DE10258769C5 (fr) |
WO (1) | WO2004055744A1 (fr) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE10356512A1 (de) * | 2003-12-03 | 2005-07-07 | Siemens Ag | Vorrichtung zur Ermöglichung eines elektronischen Zahlungsverkehrs im Gesundheitssystem mit Hilfe von maschinenlesbaren Medien für Patienten und Leistungserbringer |
DE102006057201B4 (de) * | 2006-12-05 | 2008-08-21 | Vita-X Ag | Chipkarte und Verfahren zur Verwendung als Patientenkarte |
DE102007055653A1 (de) * | 2007-11-21 | 2009-05-28 | Giesecke & Devrient Gmbh | Portabler Datenträger mit Web-Server |
DE102008000897B4 (de) | 2008-03-31 | 2018-05-03 | Compugroup Medical Se | Kommunikationsverfahren einer elektronischen Gesundheitskarte mit einem Lesegerät |
DE102008002588B4 (de) | 2008-05-15 | 2010-06-02 | Compugroup Holding Ag | Verfahren zur Erzeugung eines asymmetrischen kryptografischen Schlüsselpaares und dessen Anwendung |
DE202008013415U1 (de) | 2008-10-10 | 2009-03-19 | Compugroup Holding Ag | Datenverarbeitungssystem zur Bereitstellung von Berechtigungsschlüsseln |
DE102009001718B4 (de) | 2009-03-20 | 2010-12-30 | Compugroup Holding Ag | Verfahren zur Bereitstellung von kryptografischen Schlüsselpaaren |
EP2348452B1 (fr) | 2009-12-18 | 2014-07-02 | CompuGroup Medical AG | Procédé implémenté par ordinateur pour générer un pseudonyme, support de stockage lisible sur ordinateur et système informatique |
EP2348449A3 (fr) | 2009-12-18 | 2013-07-10 | CompuGroup Medical AG | Procédé implémenté informatique pour générer un pseudonyme, support de stockage lisible sur ordinateur et système informatique |
EP2348447B1 (fr) | 2009-12-18 | 2014-07-16 | CompuGroup Medical AG | Procédé implémenté informatique pour générer un pseudonyme, support de stockage lisible sur ordinateur et système informatique |
US8266435B2 (en) | 2010-01-25 | 2012-09-11 | Compugroup Holding Ag | Method for generating an asymmetric cryptographic key pair and its application |
EP2365456B1 (fr) | 2010-03-11 | 2016-07-20 | CompuGroup Medical SE | Procédé implémenté informatique pour générer un pseudonyme, support de stockage lisible sur ordinateur et système informatique |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2681165A1 (fr) * | 1991-09-05 | 1993-03-12 | Gemplus Card Int | Procede de transmission d'information confidentielle entre deux cartes a puces. |
WO1997022092A2 (fr) * | 1995-12-14 | 1997-06-19 | Venda Security Corporation | Carte de donnees personnelles protegees et procede d'utilisation de cette carte |
US5878134A (en) * | 1994-10-03 | 1999-03-02 | News Data Com Ltd. | Secure access systems utilizing more than one IC card |
US5979773A (en) * | 1994-12-02 | 1999-11-09 | American Card Technology, Inc. | Dual smart card access control electronic data storage and retrieval system and methods |
WO2000079411A2 (fr) * | 1999-06-21 | 2000-12-28 | Sun Microsystems, Inc. | Procede et appareil pour la realisation de transactions commerciales via internet |
US6247644B1 (en) * | 1998-04-28 | 2001-06-19 | Axis Ab | Self actuating network smart card device |
US6250557B1 (en) * | 1998-08-25 | 2001-06-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and arrangements for a smart card wallet and uses thereof |
EP1111505A1 (fr) * | 1999-12-21 | 2001-06-27 | Motorola, Inc. | Architecture pour l'exécution d'applications dans un environnement de communication de données |
US20020065730A1 (en) * | 2000-11-30 | 2002-05-30 | Naoaki Nii | Method of and a system for distributing electronic content |
Family Cites Families (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6725200B1 (en) * | 1994-09-13 | 2004-04-20 | Irmgard Rost | Personal data archive system |
GB9513379D0 (en) * | 1995-06-30 | 1995-09-06 | Jonhig Ltd | Electronic purse system |
JPH0950465A (ja) * | 1995-08-04 | 1997-02-18 | Hitachi Ltd | 電子ショッピング方法、電子ショッピングシステムおよび文書認証方法 |
NL1001509C2 (nl) * | 1995-10-26 | 1997-05-02 | Nederland Ptt | Werkwijze voor het annuleren van een transactie met een elektronisch betaalmiddel, alsmede betaalmiddel voor toepassing van de werkwijze. |
US7036738B1 (en) * | 1999-05-03 | 2006-05-02 | Microsoft Corporation | PCMCIA-compliant smart card secured memory assembly for porting user profiles and documents |
US6845367B2 (en) * | 1999-12-23 | 2005-01-18 | International Business Machines Corporation | Process and device for internet payments by means of security modules |
JP2001216400A (ja) * | 2000-02-04 | 2001-08-10 | Teikoku Databank Ltd | 電子商取引システム |
AU2001236812A1 (en) * | 2000-02-09 | 2001-08-20 | Internetcash.Com | Method and system for making anonymous electronic payments on the world wide web |
DE10031220C2 (de) * | 2000-06-27 | 2002-05-29 | Ulrich Michael Kipper | Verfahren und Vorrichtung zur Abwicklung einer Transaktion in einem elektronischen Kommunikationsnetzwerk |
US20020029169A1 (en) * | 2000-09-05 | 2002-03-07 | Katsuhiko Oki | Method and system for e-transaction |
DE10058249A1 (de) * | 2000-11-23 | 2002-06-13 | Anthros Gmbh & Co Kg | Verfahren zur gesicherten elektronischen Übermittlung von Transaktionsdaten |
US7114178B2 (en) * | 2001-05-22 | 2006-09-26 | Ericsson Inc. | Security system |
-
2002
- 2002-12-16 DE DE10258769.8A patent/DE10258769C5/de not_active Expired - Fee Related
-
2003
- 2003-12-15 WO PCT/EP2003/014254 patent/WO2004055744A1/fr not_active Application Discontinuation
- 2003-12-15 AU AU2003296651A patent/AU2003296651A1/en not_active Abandoned
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2681165A1 (fr) * | 1991-09-05 | 1993-03-12 | Gemplus Card Int | Procede de transmission d'information confidentielle entre deux cartes a puces. |
US5878134A (en) * | 1994-10-03 | 1999-03-02 | News Data Com Ltd. | Secure access systems utilizing more than one IC card |
US5979773A (en) * | 1994-12-02 | 1999-11-09 | American Card Technology, Inc. | Dual smart card access control electronic data storage and retrieval system and methods |
WO1997022092A2 (fr) * | 1995-12-14 | 1997-06-19 | Venda Security Corporation | Carte de donnees personnelles protegees et procede d'utilisation de cette carte |
US6247644B1 (en) * | 1998-04-28 | 2001-06-19 | Axis Ab | Self actuating network smart card device |
US6250557B1 (en) * | 1998-08-25 | 2001-06-26 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and arrangements for a smart card wallet and uses thereof |
WO2000079411A2 (fr) * | 1999-06-21 | 2000-12-28 | Sun Microsystems, Inc. | Procede et appareil pour la realisation de transactions commerciales via internet |
EP1111505A1 (fr) * | 1999-12-21 | 2001-06-27 | Motorola, Inc. | Architecture pour l'exécution d'applications dans un environnement de communication de données |
US20020065730A1 (en) * | 2000-11-30 | 2002-05-30 | Naoaki Nii | Method of and a system for distributing electronic content |
Non-Patent Citations (3)
Title |
---|
BLOBEL B ET AL: "Securing interoperability between chip card based medical information systems and health networks", INTERNATIONAL JOURNAL OF MEDICAL INFORMATICS, ELSEVIER SCIENTIFIC PUBLISHERS, SHANNON, IR, VOL. 64, NR. 2-3, PAGE(S) 401-415, ISSN: 1386-5056, XP004329226 * |
JEAN S ET AL: "Smart cards integration in Distributed Information Systems: the Interactive execution model", XP002273457 * |
WON JAY SONG ET AL: "The internet- and digital signature-based prescription order communication system using synchronized smart cards in the 2-way type terminal", PROCEEDINGS OF THE 23RD. ANNUAL INTERNATIONAL CONFERENCE OF THE IEEE ENGINEERING IN MEDICINE AND BIOLOGY SOCIETY. 2001 CONFERENCE PROCEEDINGS. (EMBS). INSTANBUL, TURKEY, OCT. 25 - 28, 2001, ANNUAL INTERNATIONAL CONFERENCE OF THE IEEE ENGINEERING IN M, ISBN: 0-7803-7211-5, XP010593918 * |
Also Published As
Publication number | Publication date |
---|---|
DE10258769B4 (de) | 2012-05-31 |
DE10258769C5 (de) | 2017-08-17 |
DE10258769A1 (de) | 2004-06-24 |
AU2003296651A1 (en) | 2004-07-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1108308B1 (fr) | Systeme et procede permettant de controler le deroulement d'une session dans les applications en reseau | |
DE60200093T2 (de) | Sichere Benutzerauthenifizierung über ein Kommunikationsnetzwerk | |
EP1358533B1 (fr) | Procede, systeme et moyen de securite pour authentifier un utilisateur | |
DE60214632T2 (de) | Multidomäne Berechtigung und Authentifizierung | |
DE60200081T2 (de) | Sichere Benutzer- und Datenauthenifizierung über ein Kommunikationsnetzwerk | |
DE60209217T2 (de) | Endgeräte-kommunikationssystem | |
EP2769330B1 (fr) | Procédé d'appel d'un programme client | |
DE10065667A1 (de) | Verfahren und Vorrichtung zur Gemeinschaftsverwaltung bei einem Vornehmen von Diensten bei entfernten Systemen | |
EP2856437A1 (fr) | Procédé et dispositif pour commander un mécanisme de verrouillage au moyen d'un terminal mobile | |
DE112004002462T5 (de) | Mit dem Internetprotokoll kompatibles Zugangsauthentifizierungs-System | |
WO2010112368A2 (fr) | Procédé de lecture d'attributs sur un jeton d'identification, via une liaison radio mobile | |
EP2454704A1 (fr) | Procédé de lecture d'attributs d'un jeton d'identification | |
WO2010031700A2 (fr) | Procédé de télécommunications, produit de programme informatique, et système informatique | |
EP1792248A1 (fr) | Appareil portatif pour liberer un acces | |
DE10258769B4 (de) | Kommunikation zwischen einem Bediengerät, einem Anbietermodul und einem Kundenmodul | |
EP3748521B1 (fr) | Méthode pour lire les attributs d'un témoin d'identité | |
EP2080147A1 (fr) | Procédé pour l'exécution d'une application à l'aide d'un support de données portable | |
DE602004012059T2 (de) | Techniken zum dynamischen Aufbauen und Handhaben von Authentisierung und Vertrauensverhältnissen | |
DE102008062984A1 (de) | Prozess zur Authentifizierung eines Nutzers durch ein Zertifikat unter Verwendung eines Ausserband-Nachrichtenaustausches | |
EP1697820B1 (fr) | Procede pour activer un acces a un systeme informatique ou a un programme | |
WO2009052983A1 (fr) | Carte à puce internet | |
DE10250195A1 (de) | Verfahren und Anordnung zum Authentifizieren einer Bedieneinheit sowie Übertragen einer Authentifizierungsinformation zu der Bedieneinheit | |
WO2002067532A1 (fr) | Procede pour transmettre des donnees, serveur mandataire et systeme de transmission de donnees | |
DE102018204447A1 (de) | Automatisiertes Verfahren zum Schutz von elektronischen Daten zum Zwecke der Datenverarbeitung durch Dritte unter Einbezug transparenter und unterbrechungssicherer Vergütung | |
EP3502971B1 (fr) | Carte à puce de processeur et son procédé de fonctionnement |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): BW GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
122 | Ep: pct application non-entry in european phase | ||
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Country of ref document: JP |