WO2017190857A1 - Procédé et dispositif de sécurisation d'accès à des appareils - Google Patents

Procédé et dispositif de sécurisation d'accès à des appareils Download PDF

Info

Publication number
WO2017190857A1
WO2017190857A1 PCT/EP2017/053453 EP2017053453W WO2017190857A1 WO 2017190857 A1 WO2017190857 A1 WO 2017190857A1 EP 2017053453 W EP2017053453 W EP 2017053453W WO 2017190857 A1 WO2017190857 A1 WO 2017190857A1
Authority
WO
WIPO (PCT)
Prior art keywords
service
entity
specific
key
request
Prior art date
Application number
PCT/EP2017/053453
Other languages
German (de)
English (en)
Inventor
Hans Aschauer
Steffen Fries
Original Assignee
Siemens Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Aktiengesellschaft filed Critical Siemens Aktiengesellschaft
Publication of WO2017190857A1 publication Critical patent/WO2017190857A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • H04L9/0847Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving identity based encryption [IBE] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • H04L9/3073Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves involving pairings, e.g. identity based encryption [IBE], bilinear mappings or bilinear pairings, e.g. Weil or Tate pairing

Definitions

  • the invention relates to a method and a device for securing device access.
  • a first company supplies automation terminals
  • a second company network components and a third company supplies necessary office components / devices in the backend (or control center).
  • a certificate or password is often used.
  • Such a transition to ⁇ mechanism must, however advance on the computer are (usually a laptop) the service technician install or configure.
  • An object of the present invention is to provide a method and a device for securing device access, which allow access to an access-protected device as simply as possible.
  • the invention relates to a method for the secure access of a specific service entity to a device with the method steps:
  • a "specific Serviceenttician” may be related to the patent application, for example, a service technician or a software component understood edit ei ⁇ ne service request or execute.
  • a “device” may be understood to mean, for example, a technical device, for example a production robot or a field device, for example in a production plant or a power plant.
  • a "public key" for encrypting particular a security token may be related to the patent application, for example, an identity insbesonde ⁇ re in the form of an e-mail address
  • the email address may be generated from the unique service identifier and domain information from the public parameter.
  • the public key is generated, in particular, only from the unique service identifier.
  • the public key may serve as the specific service entity for processing the service request as an identity, which may also be referred to as a temporary identity. After processing this identity can be, for example nulliert to ⁇ .
  • the assignment of the temporary identity to the specific service entity can also take place, for example, by the allocation module. This identity can be used, for example, in identity-based encryption [1].
  • a public parameter in particular for forming a public key may be associated with the Patent Application, for example, a domain (eg example.com) or a subdomain (eg service.example.com) in particular the second service entity to be understood.
  • the public parameter may also contain cryptographic parameters that are used to encrypt the
  • a "public parameter” may, for example, also be understood to mean, in particular, a public parameter, as used in an identity-based encryption [1].
  • a "security token” in connection with the patent application for example, key material (Engl. Secu rity credentials), in particular user name and password or digital certificates to be understood that as example ⁇ required for a remote maintenance of the specific Serviceentmaschine on one-to-maintain equipment ,
  • a "unique service identifier" can be understood, for example, as a unique ticket number.
  • this ticket number can be issued by the key server.
  • the unique service identifier may be used as a public key of an identity-based encryption.
  • a "service request” may advises ⁇ , a request for updating firmware of a device or for reading log data for a device of a power plant be understood in connection with the patent application, for example, a service order for a Ge.
  • a "request entity” can be understood, for example, as an operator of an operational network or of a part of the IT infrastructure of a power plant.
  • a “second service entity” may, for example, be understood as an operator of a communications network of a power plant.
  • the term "encrypt” and / or “decrypting” for example, an encrypting / decrypting a security token with geeigne ⁇ th asymmetric cryptographic method may be understood in connection with the patent application. In particular, methods of identity-based encryption [1] are used.
  • An external Comp ⁇ component may, for example over a communications link, such as a network, in particular Ethernet or Internet connection, communicate with the Serviceenttician and / or the components of the Serviceenttician and / or the Request entity and / or components of the Request entity in conjunction.
  • a communications link such as a network, in particular Ethernet or Internet connection
  • the method is advantageous in that authorization is relocated to the time of key collection by the service entity.
  • the specific service entity can be addressed via its temporary identity.
  • Security Token can then be sent encrypted.
  • the release of the private key for decrypting the encrypted security token then takes place, for example after the authentication of the specific service entity.
  • the Request entity for example, has no information on internal structures of the Serviceenttician, especially not on the membership be ⁇ certain specific service entities in a group.
  • asymmetric encryption for example, only one method could be implemented in which, in particular, the security token is encrypted by the request entity, for example with a generic public key of the service entity.
  • Encrypting security tokens and issuing them after successful authentication of the specific service entity has the disadvantage, in particular in comparison to the method according to the invention, that at the time of encryption of the security token, the assignment to a specific service entity must be established. In addition, no separation of the encryption key from the security token can be realized, since the assignment is already established at the time of encryption.
  • the key server comes into contact with the encrypted and / or unencrypted security token, so that decryption is only possible with the authenticated and authorized specific service entity (end-to-end security).
  • the format of the security token does not have to be fixed.
  • a standard token format for example SAML (Security Assertion Markup Language) or even a proprietary format can be used.
  • SAML Security Assertion Markup Language
  • the specific Serviceenttician decrypts the encrypted secure ⁇ integral token and engages by means of the decrypted security tokens to the device to.
  • the security token is generated specifically for each service request.
  • the method is particularly advantageous then go, as the key ⁇ material is generated for the access to the device, for example, for each service request individually. This ensures high reliability is achieved, for example, because the security token is valid, for example, only for a predefined period or the security token for a waste work of the service request by the specific Serviceen ⁇ tity is canceled.
  • checking whether the specific service entity is access-controlled is carried out on the basis of a user name and password and / or a digital certificate and / or predefined rules and / or on the basis of biometric information.
  • the method is particularly advantageous in that, for example, it can be individually determined for each service request how an authentication of the specific service entity to the device takes place.
  • the security token is bound to a security policy.
  • the method is particularly advantageous since, for example of the scope and / or validity is on the Security Policy Setting a ⁇ bar permanently in particular centrally.
  • the security policy specifies how to check whether the specific service entity is access-corrected.
  • a private parameter associated with the public parameter is used to calculate the private key.
  • the method is particularly advantageous in that, for example, as a result, the key server private
  • Key to decrypt the encrypted security tokens can calculate.
  • the key server may calculate the public key based on the service request that includes the unique service identifier.
  • the identity of the specific Serviceenti ⁇ ty, which corresponds to the public key the Keyring ⁇ selserver is transmitted.
  • the method of the public parameters of the Request entity before Locks ⁇ clauses is made known and the private parameter is the
  • the method is particularly advantageous in that for example the encrypted security token can thereby be decrypted by the specific service entity without the key server needing access to the encrypted or decrypted security token. It is for example conceivable that advertising in particular ⁇ sondere is performed only once. It is playing as well as possible at ⁇ that advertising is particular only performed when, for example on ⁇ result of new safety requirements, an updated pub- fentaji parameters is needed.
  • the key server computes the public parameter and the private parameter and advertises the public parameter. The method is particularly advantageous since, for example, the public parameter to thereby mög ⁇ lichst easily can be made public.
  • the invention relates to a system for securely accessing a specific service entity to a device comprising:
  • an encryption module for encrypting a security token by the request entity, wherein a public key is used together with a public parameter for encryption, wherein the public key is derived from a unique service identifier; a generation module for generating a service request encompassed by the Request entity, wherein the request Ser vice ⁇ the unique service identifier and the encrypted security token; a first transmission module for transmitting the service request to a second service entity;
  • an assignment module that assigns the service request to the specific service entity
  • a second transmission module for transmitting the service request by the specific Serviceent relieve to an authorization module, the authorization module checks whether the specific Serviceen ⁇ tity is authorized to access the device in terms of service request;
  • a third transmission module for transmitting an identity of the specific service entity and the unique service identifier to a key server by the authorization module when the specific service entity is assigned to the device; is authorized to access, wherein the key server ei ⁇ NEN private key for decrypting the encrypted security token calculated on the basis of clear ⁇ service identifier; and a fourth transmission module for transmitting the private key to the specific service entity by the key server.
  • the second service entity comprises the authorization module and / or the key server and / or the specific service entity.
  • the authorization module and / or the key server are external components, wherein the public parameter of the request entity can be disclosed in particular by means of the key server.
  • a variant of the computer program product is claimed with program instructions for configuring a creation device, for example a 3D printer or a device suitable for creating processors and / or devices and / or devices, wherein the creation device is configured with the program instructions such that it is compo ⁇ nenten of said system of the invention, preferably the entire system created.
  • a provision device for storing and / or providing the computer program product is claimed .
  • the provisioning device is, for example, a data carrier which stores and / or makes available the computer program product.
  • the provisioning device is, for example, a network service, a computer system, a server system, in particular a distributed computer system, a cloud-based computer system and / or virtual computer system which Computerpro ⁇ program product preferably in the form of a data stream stores and / or provides.
  • This provision takes place, for example, as a download in the form of a program data block and / or command data block, preferably as a file, in particular as a download file, or as a data stream, in particular as a download data stream, of the complete computer program product.
  • This provision for example, but also as a partial download SUC ⁇ gen, which consists of several parts, in particular through a peer-to-peer network downloaded or is provided as a data stream.
  • Such a computer program product is read, for example, using the provision device in the form of the data carrier in a system and executes the program instructions, so that the inventive method is executed on a computer or the authoring device configured such that this system according to the invention or one of his Components created.
  • FIG. 1 shows a flowchart of a first exemplary embodiment of a method according to the invention
  • FIG 2 implements a system of a second embodiment, wel ⁇ ches an inventive method.
  • Fig. 3 shows a system of a third embodiment implemented wel ⁇ ches an inventive method.
  • functionally identical elements are provided with the same reference numerals, unless stated otherwise.
  • the following embodiments are preferably imple mented ⁇ by a processor and / or a memory module, unless otherwise specified.
  • FIG. 1 shows a flow chart of a first exemplary embodiment of a method according to the invention.
  • the method provides a secure access, for example a remote maintenance access, a specific service entity, for example a service technician, to a device, for example a field device of a power plant.
  • a specific service entity for example a service technician
  • the specific service entity can, for example, perform a firmware update in order to eliminate, in particular, security gaps in outdated firmware.
  • the method comprises a first method step for encrypting 110 a security token , for example
  • Key material in particular a remote maintenance access to the device, by a requesting entity, wherein for encrypting a public key is used together with a public parameter, wherein the public key is derived from a unique service identifier.
  • an asymmetrical cryptographic method in particular an identity-based cryptographic method [1] can be used as encryption method.
  • the method includes a second method step for generating 120 a service request by the requesting entity, wherein the service request is unique
  • Service identifier such as a unique ticket number
  • the encrypted security token includes.
  • the service request can additionally contain a description of the service case, for example a precise error description.
  • the unique service identifier it is preferable to ensure that there is a one-to-one relationship between unique service identifiers and service requests, even across different operators of networks or operators of request entities. For example, different namespaces can be defined for this purpose.
  • the security token is preferably generated for exactly this service request and is valid only for this service request.
  • the public key for the encrypted security token is preferably the unique service identifier.
  • the method comprises a third method step for transmitting 130 the service request to a second service entity.
  • the transmission can be carried out, for example, via a network, in particular an Ethernet network or a public Internet communication between the requesting entity and the service entity.
  • the method comprises a fourth method step 140 to assign the service request through a Zuwei ⁇ sungsmodul to the specific Serviceentmaschine.
  • the assignment module for example, a list of specific service-entities which, for example by means of a table or database specific tasks, such as a Aktualisie ⁇ tion firmware for specific devices, are assigned.
  • the allocation module can decide based on predefined rules which Re ⁇ specific Serviceentmaschine the Ser- vice request is assigned.
  • the method comprises a fifth step of transmitting 150 the service request by the spe ⁇ -specific Serviceentmaschine to an authorization module.
  • the method comprises a sixth method step in which the authorization module checks 160 whether the specific service entity for the device is entitled to access the service request.
  • the authorization module checks based on internal rules or based on predefined rules or possibly on the basis of a security policy, whether the specific Ser ⁇ viceenttician is entitled to take over the service request in question and / or to get access to the device.
  • the authentication required for this purpose can be carried out, for example, with digital signatures. This is ensured in particular by the fact that the encrypted / decrypted security token is not made known to the key server at any time.
  • the method includes a seventh method step of transmitting, by the authorization module, an identity of the specific service entity and the unique service identifier to a key server, if the specific service entity is authorized for the device.
  • the authorization module for example, can also be a tegraler in ⁇ part of the key server.
  • the method comprises an eighth method step for calculating 180 a private key for decrypting the encrypted security token by means of the unique service identifier by the key server.
  • the method includes a ninth method step of transmitting 190 the private key to the specific service entity by the key server.
  • the key server may be formed in this embodiment, for example, as an external component. Alternatively, however, the key server may also be an integral component of the second service entity.
  • the method uses identity-based encryption to provide the specific service entity To provide security tokens for access to a serviceable component, such as the device.
  • identity-based encryption to provide the specific service entity
  • security tokens for access to a serviceable component, such as the device.
  • the specific service entity from the allocation module receives the encrypted security token for accessing the component to be serviced.
  • the specific service entity may also fetch this security token from the work dispatcher as part of its maintenance task . To decrypt this security token, the specific service entity must access the associated key server.
  • the authorization of the service technician is checked by the authorization module.
  • the authorization of the specific service entity is typically tied to the authentication.
  • the authentication of the specific see Serviceenttician can reali of typical mechanisms ⁇ Siert such as a user name and pass word ⁇ or a digital certificate especially in the form of an X.509 certificate and corresponding private key.
  • the peculiarity of using identity-based encryption is that the identity of the recipient (eg the e-mail address or a telephone number) is identical to the recipient's public key. This means for example that a transmitter to a receiver one (with this public key) encrypted mail ski ⁇ CKEN can, and it does not require a certificate that binds a öf ⁇ lic key to a given identity.
  • certain attributes can also become part of the identity, which, for example, can include a specific service case in the form of the unique service identifier.
  • Ticket_4711@example.com In the example, this would be interpreted as meaning that the mail is addressed to the service technician who is to process ticket No. 4711.
  • ticket # 4711 the request entity encrypts the security token required for access. Until that time, the Request entity does not have to communicate with the two ⁇ th Serviceentmaschine to exchange the security token.
  • the Request entity sends a message containing the service request and the encryptedreato ⁇ ken, to the email address that is identical to the identity, assuming that the domain
  • com belongs to the second service entity.
  • the email is assigned within the second service entity to a specific service entity that is to process the service case (authorization).
  • the specific service entity is now given the private key with which it can decrypt the encrypted security token.
  • the key material comprising the security token is then used as an authentication feature to detect a remote access ⁇ forth to the device.
  • security token to a particular security policy may, in particular with regard to its off his ⁇ delivery / creation, bound.
  • the following conditions may apply to the delivery / creation:
  • a time or time interval that determines a pickup of the service request or the processing of the service request.
  • FIG. 2 shows a system of a second embodiment implementing a method according to the invention.
  • FIG. 2 may be a concrete implementation of the first embodiment.
  • the system includes a second service entity 210 and a request entity 252.
  • the request entity 252 is part of an attachment 250.
  • the attachment 250 may include additional request entities 257.
  • the installation may comprise a plurality of networks, in particular a first network 253 and / or a second network 260, to which a request entity, in particular the request entity 252 or the further inquiry entity 257, is communicatively connected.
  • Devices are preferably additionally connected to the first network, in particular a device 255 and a second device 254.
  • To the second network devices, and in particular ⁇ sondere another device 258 are preferably additionally connected.
  • Thestationentitä ⁇ th 252, 257 are each a operators 251, 256 of the request entity 252, 257 and / or the networks 253, 260 assigned.
  • the Request entity 252 is configured to service requests and to generate the second Serviceenttician 210 to exceed mittein 130.
  • the service request contains a previously ver ⁇ encrypted security token and a unique service identifier.
  • the Request entity generates 252 and übermit ⁇ telt in this embodiment, for the first device 255, the service request.
  • the second Serviceenttician 210 which may also be a part of the system 250 comprises an assignment module 211, a specifi ⁇ specific Serviceenttician 212, at least one further specific Serviceenttician 213, an authorization module 214, and a key server 215.
  • the authorization module 214 may be game designed as an integral component of the key server 215 in ⁇ .
  • the key server 215 and / or the authorization module 214 can also be designed as an external component.
  • the allocation module 211 allocates the service request of the spe ⁇ -specific Serviceenttician 212, which is suitable for processing the service request.
  • the specific Serviceenttician 212 received 150 the service request to the authorization module 214 and the authorization module 214 checks whether the specific ⁇ fish Serviceenttician for the device 255 is authorized to access in terms of Ser ⁇ vice request.
  • Represents the authorization module 214 determines that the specific Serviceentmaschine is authorized to access 212 for the first device 255, transmitted 170, the authorization module 214, a Identi ⁇ ty of the specific Serviceenttician 212 and the unique service identifier to the key server 215. If found, however, that the specific Serviceenttician 212 is not access-corrected, the transmission is not souge ⁇ leads and thus an access to the first device 255 underb ⁇ the.
  • the key server 215 calculates a private key for decrypting the encrypted security token using the unique service identifier. Subsequently, the key server 215 communicates 190 the identity by means of the private key to the specific service entity 212. This is done suitably in encrypted form, e.g. depending on the authentication of the specific service entity.
  • the specific service entity 212 decrypts the security token with the private key and accesses 236 the first device 255 by using the specific service entity 212, for example, the key material contained in the security token .
  • FIG. 2 shows the interaction between operators 251, 256 of the request entities 252, 257 with operators of communication networks, in particular the second service entity 210.
  • Service Level Agreements (SLA) typically exist between the various operators.
  • the specific Serviceenttician 212 in particular a service technician or a service process that is responsible for the devices 254, 255, 258, and in particular the first Ge ⁇ advises 255, login to change some of this parameterization or read maintenance data.
  • Domain-specific protocols such as IEC 61850 can be used, as well as standard web protocols such as https. The latter especially in that many devices already support integrated web server.
  • the goal here is that the specific service entity 212 may log on to the first device 255 in an authorized manner, with the first device 255 authenticating this access. Often, it is sufficient to review the role of the specific service entity 212 rather than the specific service entity 212 as a single entity.
  • the access is realized via a network by the second service entity 210, which, although trustworthy with respect to. the transport of the data is considered, but should not allow access to the unencrypted security token. Access to this network is provided by second Service entity 210 controlled in accordance with the Service Level Agreement.
  • Fig. 3 shows a system of a third exemplary embodiment, which advantage implemen ⁇ an inventive method.
  • Fig. 3 shows a concrete imple ⁇ tion of the first embodiment may be, for example.
  • the system is configured to allow secure access, in particular remote access, of a specific service entity 212 to a device 254.
  • the system is part of a system 250 and comprises a request entity 252 and / or a further request entity 257, which can each be assigned to an operator 251, 256.
  • the system includes a second service entity 210.
  • the request entity 252 further includes an encryption module 410, a generation module 420, and a first transmission module 430 that are communicatively coupled to one another via a bus 402.
  • the Request entity 252 is in particular ⁇ sondere connected via a first network 253 with a first device 254 and a second device 255th
  • the request entity 252 may additionally have a processor and / or a memory device.
  • the Request entity 252 encrypted with the closures ⁇ averaging module 410 includes a security token, its scrambling system for a public key is used together with a public parameter, wherein the public Keyring ⁇ sel is derived from a unique service identifier. Request entity 252 generates with the generation module
  • the service request has been generated, for example, for the first device 254.
  • the Request entity 252 transmits to the first Mattermitt- averaging module 430, the service request to the second Serviceenti ⁇ ty.
  • the second Serviceenttician 210 comprises an assignment module 211, a second transmission module 450, an authorization module 214, a third transmission module 470, a Keyring ⁇ selserver 215 and a fourth transmission module 490, which, via a third network 401, for example an ether netnetztechnik 401 Communicating with each other.
  • the second service entity 210, the authorization module 214 and / or the key server 215 may additionally each additionally have a processor and / or a memory device.
  • the assignment module 211 may also include another transmission module 255 to allow it to communicate the service request to the specific service entity 212.
  • the second service entity 210 assigns the service request of the specific service entity 212 with the assignment module 211.
  • the specific service entity 212 may additionally comprise a processor and / or a memory device.
  • the specific Serviceenttician 212 communicated with the two ⁇ th transmission module 450, the service request to a authoritarianism s istsmodul 214;
  • the authorization module 214 checks whether the specific Serviceent relieve 212 is authorized to access the device, especially the first Ge ⁇ advises 254 with respect to the service request.
  • the authorization module 214 transmits to the third About ⁇ averaging module 470 an identity of the specific Serviceen- entity and the unique service identifier to a key server 215 when the specific service entity 212 is authorized for the device.
  • the key server 215 calculates a private key for decrypting the encrypted security token using the unique service identifier.
  • the key server 215 transmitted with the fourth Letmitt- averaging module 490 the private key to the specific Ser ⁇ viceent relieve by the key server.
  • the request entities are embodied, for example, as IBM-compatible computers, which include a computer mouse and a keyboard as input devices.
  • a Request entity can a screen, for example ei ⁇ nen TFT monitor include.
  • the components (modules, entities, servers) of the invention may each have their own processor and / or memory device to implement and / or execute the method unless otherwise stated or already mentioned.
  • the components may also include other typical devices known to those skilled in the art. For example, input devices and / or display devices.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé et un dispositif de sécurisation d'accès à des appareils. L'invention concerne un procédé d'accès sécurisé d'une entité de service spécifique (212) à un appareil (254). Le procédé comprend une étape de chiffrement (110) d'un jeton de sécurité au moyen d'une entité d'appel (252), une clé publique étant utilisée conjointement avec un paramètre public pour le chiffrement, la clé publique étant dérivée d'un identificateur de service unique. Le procédé comprend une autre étape de génération (120) d'une demande de service par l'entité d'appel (252), la demande de service incluant l'identificateur de service et le jeton de sécurité chiffré. Le procédé comprend une autre étape de transmission (130) de la demande de service à une deuxième entité de service (210). Le procédé comprend une autre étape d'attribution (140) de la demande de service à l'entité de service spécifique (212) par un module d'attribution fixe (211). Le procédé comprend une autre étape de transmission (150) de la demande de service par l'entité de service spécifique (212) à un module d'autorisation (214). Le procédé comprend une autre étape de vérification (160), par le module d'autorisation (214), si l'entité de service spécifique (212) de l'appareil (254) est autorisée à accéder à la demande de service (254). Le procédé comprend une autre étape de transmission (170) d'une identité de l'entité de service spécifique (212) et de l'identificateur de service unique à un serveur de clés (215) par le module d'autorisation (214) lorsque l'entité de service spécifique (212) accède au dispositif (254). Le procédé comprend une autre étape de calcul (180) d'une clé privée pour déchiffrer le jeton de sécurité chiffré, en fonction de l'identificateur de service unique, par le serveur de clés (215). Le procédé comprend une autre étape de transmission (190) de la clé privée à l'entité de service spécifique (212) par le serveur de clés (215).
PCT/EP2017/053453 2016-05-03 2017-02-16 Procédé et dispositif de sécurisation d'accès à des appareils WO2017190857A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102016207635.3 2016-05-03
DE102016207635.3A DE102016207635A1 (de) 2016-05-03 2016-05-03 Verfahren und Vorrichtung zur Absicherung von Gerätezugriffen

Publications (1)

Publication Number Publication Date
WO2017190857A1 true WO2017190857A1 (fr) 2017-11-09

Family

ID=58108584

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/053453 WO2017190857A1 (fr) 2016-05-03 2017-02-16 Procédé et dispositif de sécurisation d'accès à des appareils

Country Status (2)

Country Link
DE (1) DE102016207635A1 (fr)
WO (1) WO2017190857A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112187786A (zh) * 2020-09-25 2021-01-05 深圳乐信软件技术有限公司 网络服务的业务处理方法、装置、服务器及存储介质

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1843509A1 (fr) * 2005-01-14 2007-10-10 Nan, XiangHao Procede et dispositif pour generer une cle privee sur la base d'un identifiant
US20100017593A1 (en) * 2008-06-23 2010-01-21 Putz Ingrum O Identity-based-encryption system
US8300811B2 (en) 2008-12-10 2012-10-30 Siemens Aktiengesellschaft Method and device for processing data
US8531247B2 (en) 2008-04-14 2013-09-10 Siemens Aktiengesellschaft Device and method for generating a random bit sequence
US8843761B2 (en) 2007-08-16 2014-09-23 Siemens Aktiengesellschaft Method and apparatus for protection of a program against monitoring flow manipulation and against incorrect program running
US8892616B2 (en) 2007-08-27 2014-11-18 Siemens Aktiengesellschaft Device and method for generating a random bit sequence
US20150082025A1 (en) * 2012-02-27 2015-03-19 Nachiket Girish Deshpande Authentication and secured information exchange system, and method therefor
EP2870565A1 (fr) 2012-09-28 2015-05-13 Siemens Aktiengesellschaft Test d'intégrité de données sur les propriétés d'un appareil par un appareil de test
EP2891102A1 (fr) 2013-01-02 2015-07-08 Siemens Aktiengesellschaft Etiquette rfid et procédé permettant de faire fonctionner une étiquette rfid
US9147088B2 (en) 2011-04-18 2015-09-29 Siemens Aktiengesellschaft Method for monitoring a tamper protection and monitoring system for a field device having tamper protection
EP2605445B1 (fr) 2011-12-14 2015-09-30 Siemens Aktiengesellschaft Procédé et dispositif de sécurisation de chiffrement par blocs contre les attaques par templates

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8831228B1 (en) * 2009-08-28 2014-09-09 Adobe Systems Incorporated System and method for decentralized management of keys and policies
JP5618881B2 (ja) * 2011-03-25 2014-11-05 三菱電機株式会社 暗号処理システム、鍵生成装置、暗号化装置、復号装置、暗号処理方法及び暗号処理プログラム

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1843509A1 (fr) * 2005-01-14 2007-10-10 Nan, XiangHao Procede et dispositif pour generer une cle privee sur la base d'un identifiant
US8843761B2 (en) 2007-08-16 2014-09-23 Siemens Aktiengesellschaft Method and apparatus for protection of a program against monitoring flow manipulation and against incorrect program running
US8892616B2 (en) 2007-08-27 2014-11-18 Siemens Aktiengesellschaft Device and method for generating a random bit sequence
US8531247B2 (en) 2008-04-14 2013-09-10 Siemens Aktiengesellschaft Device and method for generating a random bit sequence
US20100017593A1 (en) * 2008-06-23 2010-01-21 Putz Ingrum O Identity-based-encryption system
US8300811B2 (en) 2008-12-10 2012-10-30 Siemens Aktiengesellschaft Method and device for processing data
US9147088B2 (en) 2011-04-18 2015-09-29 Siemens Aktiengesellschaft Method for monitoring a tamper protection and monitoring system for a field device having tamper protection
EP2605445B1 (fr) 2011-12-14 2015-09-30 Siemens Aktiengesellschaft Procédé et dispositif de sécurisation de chiffrement par blocs contre les attaques par templates
US20150082025A1 (en) * 2012-02-27 2015-03-19 Nachiket Girish Deshpande Authentication and secured information exchange system, and method therefor
EP2870565A1 (fr) 2012-09-28 2015-05-13 Siemens Aktiengesellschaft Test d'intégrité de données sur les propriétés d'un appareil par un appareil de test
EP2891102A1 (fr) 2013-01-02 2015-07-08 Siemens Aktiengesellschaft Etiquette rfid et procédé permettant de faire fonctionner une étiquette rfid

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Proceedings of Crypto 2001", vol. 2139, 2001, SPRINGER-VERLAG, pages: 213 - 229
APPEARS IN SIAM J. OF COMPUTING, vol. 32, no. 3, 2003, pages 586 - 615
DAN BONEH ET AL: "Identity-Based Encryption from the Weil Pairing", SIAM JOURNAL ON COMPUTING, 2001, Philadelphia, pages 586 - 615, XP055370165, Retrieved from the Internet <URL:https://crypto.stanford.edu/~dabo/papers/bfibe.pdf> [retrieved on 20170508], DOI: 10.1137/S0097539701398521 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112187786A (zh) * 2020-09-25 2021-01-05 深圳乐信软件技术有限公司 网络服务的业务处理方法、装置、服务器及存储介质
CN112187786B (zh) * 2020-09-25 2023-08-22 深圳乐信软件技术有限公司 网络服务的业务处理方法、装置、服务器及存储介质

Also Published As

Publication number Publication date
DE102016207635A1 (de) 2017-11-09

Similar Documents

Publication Publication Date Title
EP3488555B1 (fr) Traitement sécurisé d&#39;une demande d&#39;attestation d&#39;autorisation
DE602005001613T2 (de) Einrichten eines sicheren kontexts zur übermittlung von nachrichten zwischen computersystemen
EP3125492B1 (fr) Procede et systeme de fabrication d&#39;un canal de communication sur pour des terminaux
DE60214632T2 (de) Multidomäne Berechtigung und Authentifizierung
DE102007033615B4 (de) Verfahren und Vorrichtung zum Umwandeln von Authentisierungs-Token zur Ermöglichung von Interaktionen zwischen Anwendungen
DE112011101729B4 (de) Verwaltung von Ressourcenzugriff
EP2250598B1 (fr) Système client/serveur de communication selon le protocole standard opc ua comportant des mécanismes d&#39;authentification single sign-on et procédé d&#39;exécution de single sign-on dans ce système
EP3292496B1 (fr) Dispositif et procédé d&#39;emploi d&#39;un certificat d&#39;appareil de client sur un appareil
EP2593897B1 (fr) Procédé d&#39;authentification sur la base de certificats
DE112018005203T5 (de) Authentifizierung unter Verwendung von delegierten Identitäten
WO2007045395A1 (fr) Dispositifs et procédés permettant de réaliser des opérations cryptographiques dans un système de réseau informatique serveur-client
WO2010026152A1 (fr) Procédé d&#39;attribution d&#39;une autorisation d&#39;accès à un objet informatisé dans un système d&#39;automatisation, programme informatique et système d&#39;automatisation
DE112011102224B4 (de) Identitätsvermittlung zwischen Client- und Server-Anwendungen
DE112017007393T5 (de) System und verfahren für netzwerkvorrichtungssicherheits- und vertrauenswertbestimmung
DE102013203101A1 (de) Erweitern der Attribute einer Credentialanforderung
EP3672142A1 (fr) Procédé et système de transmission sécurisée d&#39;un ensemble de données
DE102017211267A1 (de) Verfahren zum Schützen einer Zertifikatsanforderung eines Clienten-Rechners und entsprechendes Kommunikationssystem
WO2017190857A1 (fr) Procédé et dispositif de sécurisation d&#39;accès à des appareils
EP3734478A1 (fr) Procédé d&#39;attribution des certificats, système de guidage, utilisation d&#39;un tel système de guidage, installation technique, composants d&#39;installation et utilisation d&#39;un fournisseur d&#39;identité
WO2019243054A1 (fr) Dispositif d&#39;autorisation d&#39;accès à un sous-réseau d&#39;un réseau radio mobile
DE60219915T2 (de) Verfahren zur Sicherung von Kommunikationen in einem Computersystem
EP2449494A1 (fr) Dispositifs et procédé pour établir et valider un certificat numérique
EP3739834A1 (fr) Dispositif, procédé et agencement de traitement de données
EP4179758B1 (fr) Authentification d&#39;un partenaire de communication sur un appareil
DE102010021655A1 (de) Verfahren zum Bereitstellen von EDRM (Enterprise Digital Rights Management) geschützten Datenobjekten

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17706707

Country of ref document: EP

Kind code of ref document: A1

122 Ep: pct application non-entry in european phase

Ref document number: 17706707

Country of ref document: EP

Kind code of ref document: A1