WO2011023149A1 - Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés - Google Patents
Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés Download PDFInfo
- Publication number
- WO2011023149A1 WO2011023149A1 PCT/DE2009/001195 DE2009001195W WO2011023149A1 WO 2011023149 A1 WO2011023149 A1 WO 2011023149A1 DE 2009001195 W DE2009001195 W DE 2009001195W WO 2011023149 A1 WO2011023149 A1 WO 2011023149A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- key
- dial
- party
- otp
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
- G16H10/65—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records stored on portable record carriers, e.g. on smartcards, RFID tags or CD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/14—Multichannel or multilink protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/88—Medical equipments
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Definitions
- the present invention relates to a method and a system for the controlled secure partial or complete remote data transmission (EDI) between identified IT systems, which are hereinafter referred to as carrier systems and their entirety ensemble, in particular with a method whose data flow is controlled by means of checkpoints ,
- EDI controlled secure partial or complete remote data transmission
- Computer system ⁇ hereafter referred to as data pool; o 'leads to a second party - hereinafter referred to as "inspection body" - which is anonymous by design with respect to R;
- Transmission path to the control point redirects -following
- o is first calculated ⁇ or ⁇ 'with the coupling signals ⁇ , ⁇ '; o obtains the coupling signal D via dial-up access to the data pool with an indication of R, P and authorizes for an identifier j;
- the system has at least one central memory (hereafter
- Called data pool with an extended storage capacity, which is used as an intermediate storage by means of EDI by carrier systems of the ensemble.
- the system has at least one checkpoint.
- the central memory can be used as a key register and
- control data can still be chosen so that even one
- the system therefore provides in particular a technology alternative to egk.
- X is transferred from the source system i to the target system j, as well as a technical specification of the sections;
- Fig. 2 a diversion of the direct connection
- FIG. 3 shows a block diagram of the transmission links with a distribution of
- 4 is a block diagram of the transmission bits / auxiliary data for example 1;
- Fig. 5 is a block diagram of the transmission / auxiliary data of Example-2;
- Fig. 6 is a block diagram of the transmission / auxiliary data of Example-3;
- Fig. 7 a schematic representation of the structure of the architecture of a
- Encryption techniques are hereafter referred to as tuples (*, **, ⁇ ), where * is the encryption operator, ** the decryption operator, and ⁇ the set of allowed key pairs.
- the encryption then takes place by selection / calculation of a permissible key pair (S 5 S '), so that
- ⁇ Encryption is done bit by bit by linking each bit of X to a random bit that is used only for that bit, i. the key S must therefore be at least as long as X, must be generated randomly and may only be used for X.
- the link can be e.g. via the XOR comparison - known in mathematics as addition in the body
- the central patient file of the egk is not OPT-encrypted; their encrypted
- the source text X is encrypted with the auxiliary key (X * H).
- An exchange procedure is formally understood as a tuple (X, i, j) (called transaction), where X is any data (called primary data) and i, j indices of carrier systems of the ensemble with i ⁇ j (i is called source system index, j target system index):
- Read X is transferred from E_i (source system) to EJ (target system).
- Each transaction is assigned ancillary auxiliary data h (X, i j) (called secondary data of the transaction), which are formally defined below.
- any further data can be transferred in a transaction (tertiary data of the transaction). They are represented in the formal representation by the ellipsis ....
- X are arbitrary data that can be reconstructed according to the method with h (X, i, j) according to the method, wherein the data h (X, i, j) are to be transmitted according to the method.
- the ensemble of the delivery systems is extended by a central storage (hereinafter referred to as data pool) which can be addressed via EDI (for example, https).
- EDI central storage
- the carrier systems can store or retrieve certain auxiliary data in the data pool (see below).
- auxiliary data in the data pool.
- Control bodies either pass on their data unchanged or not at all, whereby they can freely decide on the forwarding.
- Control posts can be used by persons with appropriate technical devices for
- Data transmission e.g., telephone
- technical elements e.g., telephone
- control posts can be formally understood as “black box” relay elements.
- the entire system with its elements and connections corresponds to a "circuit” that implements (X, i, j).
- the "switching logic” generates auxiliary data for X in the source system and then processes them in such a way that X can be reconstructed in the target system.
- the protection claim covers every form of packet formation which is technically suitable for data transmission on the respective sub-route.
- Fig. 1 shows transmission links to the transaction (X, i, j), as well as a technical
- paper can also be used as a data carrier on the control routes in addition to data transmission by telephone or online.
- control line2 ⁇ There must always be control line2 ⁇ direct connection, i. Two separate transmission paths or media are used.
- a section T is technically divided into several (parallel) sections and the T-data are distributed arbitrarily on these routes.
- the direct connection E_i -> EJ can also be diverted via the control point, i. be substituted by a dial-up E_i -> checkpoint -> EJ:
- control route 2 ⁇ direct diversion 2 is assumed, ie also in Divert case, two separate transmission paths are used and it will be transmitted on at least one transmission path data via dial-up.
- Direct diversion 1 control section 1 permissible.
- Fig. 2 shows a diversion of the direct connection.
- the protection claim covers every protocol that is suitable for the partial routes to the EDI.
- the protection claim covers every additional encryption of the data.
- Each transaction is subdivided into phases with corresponding tasks (defined via corresponding auxiliary data and processing logics), which are described below.
- the task j in phase i is referred to below as Pi-j.
- Claim The task numbering in a phase should not specify an order. Be aware of any order that is compatible with the auxiliary data or its associated (functionally specified) processing logic.
- Phase-1 of (X, i »j) Initialization in E i
- the protection claim covers every password formation, especially composite
- the protection claim covers every checkpoint selection.
- f_l f_l (ß, ß ')
- f_2 f_2 (ß, ß')
- Result is a key register, i. via ß, ß 'and D finally keys can be calculated.
- the target system can not pair (provided that ß 1 can not be calculated from ß: see examples) ,
- the invention can be configured to accommodate both OTP and "small" ⁇ 'sizes that would be suitable for telephonic transmission.
- control bodies are the data subjects.
- source systems assign a "pairing password" P ', so that the target system can be sure that the checkpoint is authorized (P always backs up only the
- ß ' (i, t, P, P', R_2) is on control line 1 by paper and on Kontrollrank2 per Telephone transfer.
- FIG. 4 shows an overview of the following exemplary embodiment-1
- R is an anonymous reference
- the direct message (ß) is initially anonymous and does not allow pool access alone, as the reference is incomplete (R_2 is missing) and the password (P) is missing.
- the ß'-data can be generated before the ß-data.
- a patient may be given a small "ß 1 - slip" (also with barcodes) during the visit or when leaving the hospital:
- the source system does not need to have X at this point in time, nor the target system , ie with the "ß 1 - slip” the patient draws only a "number" - as if he were queuing up!
- Randomized quantities (B, Q) can apparently be mixed arbitrarily. It is therefore easy to specify efficient mixing methods such that, without knowledge of P ', the value B from D can no longer be efficiently calculated out, that is to say, without any knowledge of P'. As a result, 3 ways are effectively crossed.
- example-2 is a refinement of example 1:
- 5 shows an overview of the following exemplary embodiment-2.
- Example 3 is a refinement of Example 2:
- Control points are identified (for example via e-mail addresses).
- H'_k could then be deposited on a chip card or printed out as a barcode.
- FIG. 6 shows an overview of exemplary embodiment-3 Architecture of launchers
- Fig. 7 shows an architecture scheme of the present inventive system 1, or the carrier systems.
- the subsystem that performs the coupling is called the coupling unit.
- Process-specific subsystems can be implemented as hardware or software components, or via a system of such components that are linked accordingly (shown graphically by a circular border below).
- non-process specific subsystems e.g. the crypto unit for key generation and encryption / decryption are only outlined (indicated graphically by dashed border)!
Abstract
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE112009005190T DE112009005190A5 (de) | 2009-08-30 | 2009-08-30 | Verfahren und system zum kontrollierten datenaustausch zwischen identifizierten it-einrichtungen |
EP09747786A EP2471213A1 (fr) | 2009-08-30 | 2009-08-30 | Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés |
PCT/DE2009/001195 WO2011023149A1 (fr) | 2009-08-30 | 2009-08-30 | Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/DE2009/001195 WO2011023149A1 (fr) | 2009-08-30 | 2009-08-30 | Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2011023149A1 true WO2011023149A1 (fr) | 2011-03-03 |
Family
ID=42144829
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/DE2009/001195 WO2011023149A1 (fr) | 2009-08-30 | 2009-08-30 | Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2471213A1 (fr) |
DE (1) | DE112009005190A5 (fr) |
WO (1) | WO2011023149A1 (fr) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115470912A (zh) * | 2022-03-16 | 2022-12-13 | 合肥本源量子计算科技有限责任公司 | 一种量子任务的处理装置、方法及量子计算机 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000018078A1 (fr) * | 1998-09-17 | 2000-03-30 | Sopuch David J | Procede d'echange de messages securises utilisant des intermediaires |
US20020120874A1 (en) * | 2000-12-22 | 2002-08-29 | Li Shu | Method and system for secure exchange of messages |
US20030149869A1 (en) * | 2002-02-01 | 2003-08-07 | Paul Gleichauf | Method and system for securely storing and trasmitting data by applying a one-time pad |
US20080165972A1 (en) * | 2007-01-08 | 2008-07-10 | I-Fax.Com Inc. | Method and system for encrypted email communication |
-
2009
- 2009-08-30 DE DE112009005190T patent/DE112009005190A5/de active Pending
- 2009-08-30 EP EP09747786A patent/EP2471213A1/fr not_active Withdrawn
- 2009-08-30 WO PCT/DE2009/001195 patent/WO2011023149A1/fr active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2000018078A1 (fr) * | 1998-09-17 | 2000-03-30 | Sopuch David J | Procede d'echange de messages securises utilisant des intermediaires |
US20020120874A1 (en) * | 2000-12-22 | 2002-08-29 | Li Shu | Method and system for secure exchange of messages |
US20030149869A1 (en) * | 2002-02-01 | 2003-08-07 | Paul Gleichauf | Method and system for securely storing and trasmitting data by applying a one-time pad |
US20080165972A1 (en) * | 2007-01-08 | 2008-07-10 | I-Fax.Com Inc. | Method and system for encrypted email communication |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115470912A (zh) * | 2022-03-16 | 2022-12-13 | 合肥本源量子计算科技有限责任公司 | 一种量子任务的处理装置、方法及量子计算机 |
CN115470912B (zh) * | 2022-03-16 | 2024-04-05 | 本源量子计算科技(合肥)股份有限公司 | 一种量子任务的处理装置、方法及量子计算机 |
Also Published As
Publication number | Publication date |
---|---|
DE112009005190A5 (de) | 2012-06-28 |
EP2471213A1 (fr) | 2012-07-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE2855787C2 (de) | Nachrichten-Abweichungsüberwachungseinheit für Datenendgeräte | |
EP3673623B1 (fr) | Procédé et système de contrôle pour le contrôle et/ou la surveillance d'appareils | |
DE60008680T2 (de) | Verwaltung eines kryptographischen Schlüssels | |
WO2016008659A1 (fr) | Procédé et dispositif pour la sécurisation d'accès à des portefeuilles dans lesquels sont consignées des crypto-monnaies | |
EP1180276B1 (fr) | Procede de verification de l'integrite et de l'auteur de textes et de codage et decodage de ces textes | |
EP2863610B1 (fr) | Procédé et système inviolables de mise à disposition de plusieurs certificats numériques pour plusieurs clés publiques d'un appareil | |
DE102009001719A1 (de) | Verfahren zur Erzeugung von asymmetrischen kryptografischen Schlüsselpaaren | |
WO2021170645A1 (fr) | Procédé de transmission directe de jeux de données de pièces de monnaie électroniques entre terminaux, système de paiement, système de protection et unité de surveillance | |
EP3552344B1 (fr) | Structure de chaîne de blocs à chaînage bidirectionnel | |
DE102018009949A1 (de) | Übertragungsverfahren zum flexiblen Übertragen von spezifisch teilbaren elektronischen Münzdatensätzen | |
DE10126138A1 (de) | Sabotagesichere und zensurresistente persönliche elektronische Gesundheitsakte | |
WO2015036190A1 (fr) | Procédé et système de sécurisation cryptographique d'un flux prédéfini de traitement d'informations | |
WO2011023149A1 (fr) | Procédé et système pour l'échange contrôlé de données entre dispositifs de technologie de l'information identifiés | |
WO2023036458A1 (fr) | Procédé et système de transaction pour transmettre des jetons dans un système de transaction électronique | |
DE102008011882B4 (de) | Vorrichtung und Verfahren zum kontrollierten Datenaustausch zwischen mindestens zwei Datenträgern | |
DE102008035923A1 (de) | System zum kontrollierten Datenaustausch zwischen identifizierten IT-Einrichtungen | |
EP3619885B1 (fr) | Procédé de gestion de clés asymétrique, basé sur une chaîne de blocs et installation relative à la sécurité | |
WO2020144123A1 (fr) | Procédé et système de transmission d'informations | |
EP3734486B1 (fr) | Procédé exécuté par ordinateur permettant de remplacer une chaîne de données | |
EP4111347B1 (fr) | Procédé de transmission directe d'ensembles de données de pièce de monnaie électronique entre terminaux, système de paiement, système de protection et entité de surveillance | |
DE102017108128B4 (de) | Hardwarebasiertes Sicherheitsmodul | |
AT517151B1 (de) | Verfahren zur Autorisierung des Zugriffs auf anonymisiert gespeicherte Daten | |
WO2021228797A1 (fr) | Concept pour échanger mutuellement des données chiffrées | |
DE102004038038A1 (de) | Datenverarbeitungssystem zur Verwaltung von sensiblen, anonymisierten und/oder pseudonymisierten Patientendaten und Verfahren zu seiner Anwendung | |
WO2023046317A1 (fr) | Unité de gestion de pièces de monnaie et procédé dans une unité de gestion de pièces de monnaie |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 09747786 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2009747786 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1120090051901 Country of ref document: DE Ref document number: 112009005190 Country of ref document: DE |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: R225 Ref document number: 112009005190 Country of ref document: DE Effective date: 20120628 |