WO2005039103A1 - Arrangement within the field of biomedicine - Google Patents

Arrangement within the field of biomedicine Download PDF

Info

Publication number
WO2005039103A1
WO2005039103A1 PCT/SE2004/001523 SE2004001523W WO2005039103A1 WO 2005039103 A1 WO2005039103 A1 WO 2005039103A1 SE 2004001523 W SE2004001523 W SE 2004001523W WO 2005039103 A1 WO2005039103 A1 WO 2005039103A1
Authority
WO
WIPO (PCT)
Prior art keywords
picture
time
unit
arrangement
information
Prior art date
Application number
PCT/SE2004/001523
Other languages
English (en)
French (fr)
Inventor
Margareta KÖNIG
Mats Malmqvist
Original Assignee
Koenig Margareta
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koenig Margareta filed Critical Koenig Margareta
Publication of WO2005039103A1 publication Critical patent/WO2005039103A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Definitions

  • the modified picture may not contain elements that the image editor believed to be unimportant, but which another person may have considered important from an overall viewpoint.
  • small "self deceptions” are more common than is probably imagined and there is sometimes a hair-fine boundary between touching up a picture to accentuate what it shows and removing information that may contradict the claimed result.
  • there may even be reasons e.g. obtaining research grants, employees feeling the pressure to show results, etc.
  • a further disadvantage of this system is that it is not computerised. Administration via logbooks impedes both searching for results and exchanging information inside and outside the company.
  • the present invention proposes a system that solves these problems and makes it difficult to cheat or to unintentionally adjust pictures incorrectly in the photograph stages.
  • the system is computerised and comprises a digital logbook in which it is possible to study the unedited, original photograph and various adjusted versions. Thus, in cases of uncertainty, it is always possible to access the original picture and have an independent party make any adjustments.
  • a further advantage of the system is that every original photograph that is adjusted can be traced back to the point of time when it was saved.
  • the proposed system additionally entails a simple process for administering digital logbooks.
  • the invention uses a technique involving time stamps and digital signatures. These are detailed hereinafter.
  • the invention does not modify the customary testing procedures.
  • Use of the invention begins only when a digital photograph of test results is taken. When taken, the photograph is time stamped and signed using a digital signature. It is then sent directly to the change tracker.
  • Time stamping can advantageously be carried out over the internet by an authorised time stamping company. This involves encrypted time information being linked to the picture.
  • the signature is created by the analyst signing with a unique digital signature that automatically links his/her name to the digital picture. This picture is completely unmodified and provides the basis for the photograph of the test results.
  • the picture is given a first version number (e.g. 1.0) and is a digitally unaltered reproduction of the test results. The authenticity of the picture is safeguarded by the time stamp and the digital signature.
  • raw data (version 1.0) can be downloaded and touched up in an image editing program, e.g. Photoshop. Work can be done on this picture over several days and saved locally.
  • image editing program e.g. Photoshop. Work can be done on this picture over several days and saved locally.
  • the picture can be uploaded to the change tracker.
  • the picture is time stamped, signed digitally and then saved (by the change tracker) under a new version number (1.0xxx). This means that several different variants of the picture can be saved in an unambiguous way.
  • the picture with the raw data remains available throughout and it is possible to identify the various aspects that the image editor has chosen to emphasise in other versions.
  • Digital signatures can be used to: ensure that electronically transmitted information packages are not altered; verify who has sent information; and, prevent the sender later denying the sending of the message.
  • the connection between a digital signature and a definite person can be testified in a certificate.
  • the certificates are issued by a trusted third party, a Certification Authority (CA).
  • a digital signature is a function that guarantees the contents and authenticity of an electronic document.
  • the function is the result of a combination of asymmetric encryption technology and hash function technology.
  • the hash function is used first to create a compressed package of the electronic document. In this package, the document is firmly tied to the original message.
  • the asymmetric encryption with a private (secret) key, ties the originator to the compressed package.
  • a "global time stamp” involves a checksum (calculated on the data) and time information being signed by a "trusted third party" (TTP).
  • TTP trusted third party
  • the time stamp comprises a checksum, time, signature and information (the "certificate") identifying the trusted third party.
  • any future investigator can determine whether information has been changed after the time stamping. It is perhaps worth noting that only the checksum (and not the information) is sent to the TTP.
  • Figure 1 shows a schematic overview of the system.
  • Figure 2 shows a block diagram of a first possible design of the invention.
  • Figure 3 shows a block diagram of a second possible design of the invention.
  • Figure 4 shows a block diagram of a third possible design of the invention.
  • Figure 5 shows a block diagram of a fourth possible design of the invention.
  • Figure 6 shows an example of a system design in practice (with an external change tracker, "picture storage provider")
  • FIG. 1 shows a schematic overview of the system.
  • Photographic documentation equipment takes a picture of the laboratory test. This picture is time stamped and signed using a digital signature. It then goes to the change tracking system where a first, unmodified version is stored.
  • Said change tracker comprises a computer that communicates with the time stamping and signature units so that pictures or documents that are uploaded to the system are given a time stamp (corresponding to the time of uploading) and a digital signature.
  • the files, with their attached time stamp and digital signature are saved digitally on a specially created (for the change tracker) area of a hard disk.
  • the files are given a version number corresponding to the file's "history".
  • the original data from the photographic equipment is given version number "1.0".
  • other numbering variants can also be used. Only original data from the photographic equipment is given a first version number (e.g. 1.0).
  • FIRST to FOURTH a number of designs (FIRST to FOURTH) are described using various block arrangements with the image editor also serving as the change tracker.
  • FIFTH design where the image editor interacts with an external change tracker (picture storage provider) via a communication medium, e.g. the internet or similar.
  • FIG. 2 shows a block diagram of a first possible design of the invention.
  • the time stamping unit (201 ) and the signature unit (203) are built into the reproduction unit.
  • Reproduction unit here means equipment such as cameras and scanners.
  • One of the photograph documentation components (200) in the reproduction unit scans or photographs the object to be reproduced, e.g. a microplate. How photographing/scanning is carried out is not of importance to the invention.
  • a digital picture is created. This picture is sent directly to time stamping unit 201 , where it receives a time stamp.
  • Time stamping unit 201 calculates a unique hash value for the picture.
  • Via communication unit 202 unit 201 makes contact with an authorised time stamping company and sends a checksum.
  • a time stamp comprising a checksum, time, signature and information is returned to the time stamping unit. Contact can be via the internet, the telephone system or other communication equipment. Under these conditions, both the time stamping unit (201 ) and the communication unit (202) can be software.
  • Signature unit 203 is to add one or more digital signatures to the digital picture.
  • signature unit 203 requests a code that is necessary for digitally signing the picture. It then signs the picture.
  • This code could be, for example: a personal number combination that is keyed in by the operator; a code based on a fingerprint, DNA or retina scan; or, a code on a personal card that is read digitally.
  • Signature unit 203 can-also add a reproduction unit unique number to the picture and, to assist the change tracker, a version identification number. Under these conditions, the signature unit (203) can be software.
  • the time stamped and electronically signed picture is then sent from the reproduction unit to the change tracking system (205). Assigning it a version number, change tracking system 205 saves the time stamped and electronically signed picture. As this picture is based on untreated raw data from photographing/scanning, it is stored as such and cannot be modified without changing the version number. From the change tracking system (205) an image editing program can now download the picture and adjust it as necessary. When worthwhile adjustment has been made, the adjusted picture can be uploaded to change tracker 205 so that a new version of the picture can be stored. To time stamp the new version, change tracker 205 contacts time stamping unit 201 via communication unit 202. The time stamped picture is then sent to signature unit 203 for digital signing.
  • the picture once again returns (time stamped and electronically signed) to change tracking system 205, where it receives a new version number. Consequently, it is possible to follow the various handling stages through which a picture has gone and see its entire history.
  • the image editing program can thus download both new and old versions as well as create new versions in the way described above.
  • FIG. 3 shows a block diagram of a second design.
  • time stamping unit 301 time stamps the picture using the time it receives from timer 304.
  • Timer 304 is a clock, the time of which cannot be altered. It is powered by an in-built battery that lasts throughout the timer's service life. To ensure its credibility, communication is encrypted internally using a key that is installed during the production of the timer.
  • Time stamping unit 301 uses the time from timer 304 and enters encrypted time information and a checksum. These make it possible for an independent examiner to determine the point of time at which the information was created. The advantage of this design is that the equipment is not dependent on a continuous connection to an authorised time stamp provider.
  • Time stamping unit 304 can be software.
  • the encryption key can be time limited and replaced using encrypted key updating from an external party. This key transfer can also take place over the internet, the telephone system or other type of communication means. In this way, the timer can receive a time limited certificate that can itself be updated at a later date.
  • Figure 4 shows a block diagram of a third possible design.
  • time stamping and signing takes place in a unit that is separate from the reproduction unit.
  • Communication between the reproduction unit and this separate unit is encrypted.
  • Said communication can take place via various communication channels, e.g. series port, parallel port, ethernet, USB, firewire or other communication means.
  • the encryption of the communication between the reproduction unit and the external unit is analogue.
  • the reproduction unit sends an encrypted digital picture to communication unit 401.
  • the picture then goes to time stamping unit 402 to be time stamped.
  • Time stamping unit 402 calculates a unique hash value for the picture and, via communication unit 401 , makes contact with an authorised time stamping company and sends a checksum.
  • a time stamp comprising a checksum, time, signature and information is returned to time stamping unit 402.
  • Contact can be via the internet, the telephone system or other communication equipment. Under these conditions, both the time stamping unit (402) and the communication unit (401 ) can be software.
  • Signature unit 403's function is to add one or more electronic signatures to the digital picture. Via communication unit 404, signature unit 403 requests a code that is necessary for electronically signing the picture. It then signs the picture. Signature unit 403 can also add a reproduction unit unique number to the picture and, to assist the change tracker, a version identification number. Under these conditions, the time signature unit (403) can be software.
  • the time stamped and electronically signed picture is then sent from the reproduction unit to the change tracking system (405).
  • communication unit 404 With the difference that communication is via communication unit 404, communication between the change tracking system and the separate unit is as per design one. Under these conditions, both the time signature unit (403) and the communication unit (404) can be software.
  • FIG. 5 shows a block diagram of a fourth possible design.
  • the principle difference between the third and fourth designs is that the timer (504) has been placed in the separate unit.
  • time stamping unit 502 time stamps the picture using the time it receives from timer 504.
  • Timer 504 is a clock, the time of which cannot be altered. It is powered by an in-built battery that lasts throughout the equipment's service life. To ensure its credibility, communication is encrypted internally using a key that is installed during the production of the timer.
  • Time stamping unit 502 uses the time from timer 504 and enters an encrypted time and a checksum. These make it possible for an independent examiner to determine the point of time at which the information was created.
  • the advantage of this design is that the equipment is not dependent on a continuous connection to an authorised time stamp provider.
  • Time stamping unit 502 can be software.
  • the encryption key can be time limited and replaced using encrypted key updating from an external party. This key transfer can also take place over the internet, the telephone system or other type of communication means. In this way, the timer can receive a time limited certificate that can itself be updated at a later date.
  • Figure 6 shows a diagram of a design with an external change tracker, here called “picture storage provider” or “storage provider”.
  • picture storage provider or “storage provider”.
  • This design integrates into the selected program and technology solutions set out in the designs described above.
  • the description below introduces slightly different terminology such as “operator” (the picture creator), etc. These are made clear in the text. See figure 6.
  • the main actor is the operator, e.g. a research laboratory or a DNA analysis laboratory that has prepared an object (1 ) that it wishes to be pictorially documented.
  • This object (1 ) is here sketched as being placed on a table with a suitable background, lighting, etc.
  • the operator has an appropriate system (software, chip with microcode, account with a storage provider, etc.).
  • the camera (2) is connected, via an interface (3), to the operator's computer (4). To help in composing the picture, this shows what the camera sees. Via the chosen communication medium, e.g. the internet, the interface (3) can communicate directly with the picture storage provider.
  • the computer (4) is connected, via a secure line (5), to the communication medium (6) - internet, telephone line/broadband modem, fibre cable, etc. - to the picture storage provider (7).
  • the picture storage provider in its turn, is connected (8) to the medium and, thereby, also to an external time information provider (9) or to its own, secure time delivery system (10).
  • an external time information provider 9 or to its own, secure time delivery system (10).
  • the picture storage provider may have access to, and also be connected to, other suppliers (12) of, for example, encryption programs or other programs of interest to the picture storage provider, operator or any customers to which, for the purpose of obtaining copies of pictures, the operator has granted access to the picture storage provider's service.
  • the operator who is on-line with the picture storage provider, decides when the object is ready to be photographed.
  • the picture storage provider receives the go-ahead from the operator, the provider sends a trigger signal to the interface (3) and the operator's computer.
  • the time of the trigger signal is unknown to the operator, but it is within milliseconds of the go-ahead.
  • the trigger signal is processed in the interface. Via a signal to the camera, this commences the picture taking process.
  • the signal may carry encrypted time information that the interface obtained directly from the picture storage provider and which can only be interpreted by the software in the interface.
  • the security of the software can be safeguarded by, for example, microcode in a unique chip (or any other accepted means).
  • the picture taken at this point is automatically "defined” as the original and is instantaneously sent to the storage provider where it is provided (integrated) with encrypted time information, a picture identification code, information on the connected operator, etc. It is then stored in a register of originals and also in a physically separate service register at the picture storage provider's premises. Before storage, the calculation/attribution of picture authentication codes, etc. takes place partly in the interface and partly within the picture storage provider's facilities. This process cannot be affected by the operator (i.e. the creator of the picture).
  • the picture defined as the original is physically tied to the added picture security information. This latter cannot be removed from the original without the original becoming unusable or it being readily obvious that the picture is not classed as an original and that it has been modified/manipulated.
  • the picture storage provider holds the authentic original and, at the same time, a copy defined as original.
  • a "picture service” this can be made available, in accordance with the operator's wishes and own needs, to stipulated "interested parties”.
  • the service embraces dispatch and reception of pictures (copies, etc.), each request or event being automatically logged with, amongst other things, time, identity, account, storage, etc. information.
  • the first copy (in all respects "authenticity safeguarded") is automatically and immediately sent back to the operator. Neither the operator nor anyone else can remove the authenticity information. Similarly, it cannot be called up in any way that makes it understandable and accessible for public purposes. However, the operator can modify/manipulate the picture and instruct the storage provider that the modified picture is to be stored and (with the new picture's authenticity information revealed and available for public purposes) made accessible to others, etc. (as per any agreements on scope, etc.).
  • Deviation is calculated/quantified by the picture storage provider and linked to the relevant picture in the storage medium. It is only made available on order and, for example, in different classes (as per agreement with the operator).
  • the essentials of the above-detailed application of the invention are that: a) the operator and picture storage provider have separate roles. b) picture taking is effected in a system that is controlled entirely by the picture storage provider. c) picture taking occurs after the object, camera, etc. have been correctly adjusted, but otherwise without the operator's participation. It is also automatic through online connection via an unbroken, electronic communication line that itself senses if it is incorrectly connected. d) an externally involved party acts as the authorised issuer of the definition and the authenticity information of the original picture, e) each copy receives its own authenticity declaration and sequence number through an external party (the picture storage provider/change tracker) and not through the operator or any other party.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
PCT/SE2004/001523 2003-10-21 2004-10-21 Arrangement within the field of biomedicine WO2005039103A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE0302785A SE0302785L (sv) 2003-10-21 2003-10-21 Anläggning inom biomedicinen
SE0302785-1 2003-10-21

Publications (1)

Publication Number Publication Date
WO2005039103A1 true WO2005039103A1 (en) 2005-04-28

Family

ID=29546602

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SE2004/001523 WO2005039103A1 (en) 2003-10-21 2004-10-21 Arrangement within the field of biomedicine

Country Status (2)

Country Link
SE (1) SE0302785L (sv)
WO (1) WO2005039103A1 (sv)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL1032340C2 (nl) * 2006-08-17 2008-02-25 Hieronymus Watse Wiersma Systeem en werkwijze voor het digitaal ondertekenen van gegevensbestanden.
NL1043769B1 (nl) * 2020-08-27 2022-04-29 Paul Visser Ing Werkwijzen en systeem voor veilige foto

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2000051286A1 (en) * 1999-02-26 2000-08-31 Bitwise Designs, Inc. Digital file management and imaging system and method including secure file marking
US6470449B1 (en) * 1989-07-05 2002-10-22 Robert Roy Blandford Time-stamped tamper-proof data storage

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6470449B1 (en) * 1989-07-05 2002-10-22 Robert Roy Blandford Time-stamped tamper-proof data storage
WO2000051286A1 (en) * 1999-02-26 2000-08-31 Bitwise Designs, Inc. Digital file management and imaging system and method including secure file marking

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
NL1032340C2 (nl) * 2006-08-17 2008-02-25 Hieronymus Watse Wiersma Systeem en werkwijze voor het digitaal ondertekenen van gegevensbestanden.
US8359471B2 (en) 2006-08-17 2013-01-22 Hieronymus Watse Wiersma System and method for generating a signature
NL1043769B1 (nl) * 2020-08-27 2022-04-29 Paul Visser Ing Werkwijzen en systeem voor veilige foto

Also Published As

Publication number Publication date
SE0302785L (sv) 2005-04-22
SE0302785D0 (sv) 2003-10-21

Similar Documents

Publication Publication Date Title
US20200294032A1 (en) Methods and devices for acquiring and recording tracking information on blockchain
US20050226473A1 (en) Electronic Documents Signing and Compliance Monitoring Invention
US20100161993A1 (en) Notary document processing and storage system and methods
KR100472584B1 (ko) 얼굴 사진이 있는 신청서 데이터 작성 방법 및 그 시스템과 프로그램을 기록한 컴퓨터 판독가능 기록매체
WO2006116715A2 (en) Methods and systems for clinical trial data management
US7607018B2 (en) Method and apparatus for collecting electronic signatures
US20080104408A1 (en) Notary document processing and storage system and methods
US20080267511A1 (en) Method for Certifying and Subsequently Authenticating Original, Paper of Digital Documents for Evidences
US20080097786A1 (en) Digital data security in healthcare enterprise
US20020004800A1 (en) Electronic notary method and system
US20100205660A1 (en) System, method and program product for recording creation of a cancelable biometric reference template in a biometric event journal record
US20070079139A1 (en) Signature authentication
WO2013054993A1 (ko) 전자 계약서를 이용한 통합 인증 시스템
WO2008070335A2 (en) Notary document processing and storage system and methods
US20160020909A1 (en) A method, a system, a computer system and a computer program product for certifying a procedure of signature of an electronic file relating to an agreement between at least two parties
CN113886860B (zh) 一种基于移动终端的电子数据保全系统和方法
EP1964015A1 (en) Establishing proof of existence and possession of digital content
EP2606458A1 (en) A service for signing documents electronically
WO2007034255A1 (en) Method, apparatus and system for generating a digital signature linked to a biometric identifier
CN110392043B (zh) 一种赋予电子合同公证强制执行效力的方法及系统
JP2002049311A (ja) 認証書系図の自動追跡方法及びシステム
Corby et al. Using biometrics for participant identification in a research study: a case report
WO2005039103A1 (en) Arrangement within the field of biomedicine
WO2006075396A1 (ja) 認証システム
WO2022063844A1 (fr) Procédé et plateforme de traçabilité d'un document annexe généré par un tiers à partir d'un document d'origine via un système à chaîne de blocs

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 69(1) EPC (EPO FORM 1205A) DATED 01.08.2006

122 Ep: pct application non-entry in european phase