EP1410128A1 - Dispositif de traitement de donnees - Google Patents

Dispositif de traitement de donnees

Info

Publication number
EP1410128A1
EP1410128A1 EP00953060A EP00953060A EP1410128A1 EP 1410128 A1 EP1410128 A1 EP 1410128A1 EP 00953060 A EP00953060 A EP 00953060A EP 00953060 A EP00953060 A EP 00953060A EP 1410128 A1 EP1410128 A1 EP 1410128A1
Authority
EP
European Patent Office
Prior art keywords
file
key
data
unit
volume
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP00953060A
Other languages
German (de)
English (en)
Inventor
Eralnd Dr. Wittkötter
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
WITTKOETTER, ERLAND
Original Assignee
Brainshield Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from DE1999132703 external-priority patent/DE19932703C2/de
Application filed by Brainshield Technologies Inc filed Critical Brainshield Technologies Inc
Publication of EP1410128A1 publication Critical patent/EP1410128A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress

Definitions

  • the present invention relates to a data processing device according to the preamble of claim 1
  • password-protected access or start routines usually offer insufficient protection. Even if, for example, password protection of a workstation computer as access protection for the computer offered via the relevant operating system cannot be started by an unauthorized user, there is a risk that either the mass storage device assigned to this workstation will be accessed via a detour, or that the entire contents of such a mass storage device, such as a hard disk, can be read out, for example by means of a backup routine, and then later with a other system is illegally analyzed and read 5
  • E5 keys can be calculated from a limited data context due to the mentioned internal redundancy of the language or the standard in which the electronic document in question was written, then the entire content in which this key was used is readable
  • the object of the present invention is therefore to improve a generic data processing device with regard to the data security of locally stored useful or volume data, and in particular to reduce the risk of unauthorized data access by completely copying a mass storage content, for example by means of backup 5 to overcome the security disadvantages of known cryptography methods against decryption and to increase encryption security
  • an essential feature of the present invention is then any ED (or a selected one and / or determined by the operating system) for - access-protected -
  • each volume file to be backed up within the scope of the present invention preferably the entirety of the files to be stored on the file storage system, is provided with an individual key which is stored separately (i.e. not in a manner directly associated with the file storage system), and a volume file can only be opened and used together with the associated, individualized key.
  • a user within the scope of the invention is to be understood as a "user” in this respect also a user type / ppe
  • the present invention only access the volume files provided or authorized for it, and this is - in contrast to the prior art - achieved in particular also via the individualized key file or key data record of a database
  • at least one identification and authorization of a respective user must take place, and only by linking to a separately stored or generated key file can one be stored in the file storage system 5 preferably permanently saved volume files are saved or used in a usable form
  • the further advantage of a user- and file-specific encryption according to the invention is that, if an individual key becomes known, the effort required for a key change or a change in access remains relatively low
  • a further security level which is realized in the form of an encrypted intermediate file (intermediate layer) and is not stored on a common back-up unit, which in particular the security of the access to The key is further increased.
  • Such a self-encrypted, physically removed intermediate layer ensures that the actual key file is not directly accessible
  • the result of the present invention also shows that, in principle, the reading of the D-encrypted file storage system, for example for the purpose of backup, is permitted as such and is generally accessible and, in particular, is made independent of authorization (since the result of such a backup also remains encrypted )
  • backup processes such as the backup process, are independent of a special, secure access status (usually supervisor or system administrator), since 5 the actual read right or the ability to access the electronic document in plain text (ie open and unencrypted), can be assigned independently of the backup function and thus by a supervisor or the like -O-
  • semantic i.e. content- and / or meaning-distorting encryption methods are also used, the content of a volume file to be protected being given a correspondingly unusable version here and only by an associated file - 5 as well as customized key file, which then contains, for example, a sequence index for a correct arrangement of interchanged individual terms or sentences of a text in the combination of such an encrypted text
  • 1Q ren in particular in the present context of encryption at the level of the file system, a number of advantages.
  • the security of encryption in particular due to the possibility of inserting or exchanging any information components, is almost absolute, in particular any context or content-dependent -
  • the key of the encrypted text is no longer available You can also use
  • this encryption method in a particularly simple way to relate to the respective user.
  • encryption can also be carried out in such a way that a respective content is distorted and changed in relation to the original content, insofar So it is useless from the user's point of view, but nevertheless makes sense
  • the present invention requires a metalanguage in the form of a linear concatenation of modules (information components) which each give meaning from themselves, which is broken down for the purpose of the present method and by the actions of exchanging 3G removal, addition and / or exchange into the form unusable for the user (Arrangement) is brought
  • a device for handling an electronically stored original amount of data, which is particularly suitable and designed for implementing the semantic encryption described above
  • the functionality of a key generation and administration unit is implemented by such a device, which is able to generate the semantically encrypted volume data together with key data 5 from an original document to be protected (namely the original data volume or user file), as well as to manage and further process the data quantities generated in this way.
  • the analysis unit according to the invention is provided in order to create the prerequisites for subsequent content-related or meaning-related encryption within the given format structure and / or grammar of the original document, and that of the analysis unit downstream encryption unit IG then takes the core operations of semantic encryption, namely the exchange, removal, addition and exchange, on the information components of the original data set under Ber account the analyzed format structure and grammar, before
  • an operation is also carried out by the encryption unit taking into account the grammar (the underlying
  • the encryption unit provided according to the invention is able to generate an encryption result that corresponds to the original date grammatical, format and / or syntactic structure
  • 3 G has, so that there is equivalence not only with regard to the respective individual information components (e.g. words in a text), but also with regard to the structures and / or format-based arrangements (e.g. the arrangement of terms in one Sentence according to the rules of grammar) is in conformity with the rules and insofar as it does not reveal without an examination of the content that an operation causing the encryption effect on 5 the information components has taken place
  • any elements of a language are to be understood that are meaningful in a meaningful sense WO 01/06341 _j_ PCT / EP00 / 06824
  • the encryption unit is assigned a control unit which randomizes the encryption operation (ie the application and effect of the individual encryption operations) by generating and taking into account a random component, for example a random number generated in an otherwise known manner and taking it into account making a dependent number
  • ⁇ 5 encryption depth with the number of the basic operations of exchanging, removing, adding or exchanging, which effects the encryption, and in this respect also determines the volume of the key file generated.
  • the volume data as a document by means of the conversion unit provided for further training
  • the key file as executable script data of a suitable structural or script language, e.g. XML, SGML, XSL, Visual Basic (Script), javascript etc.
  • a suitable structural or script language e.g. XML, SGML, XSL, Visual Basic (Script), javascript etc.
  • the original data can then be restored in a particularly simple manner, in the simplest case by executing the script which directly brings about the restoration (which has been introduced via a suitable connection that takes the interest of the protection seeker into account) and which also offers starting points for further security mechanisms, e.g. data integrity or server contact
  • the infrastructure according to the invention can be used to create a highly secure and, at the same time, user-friendly protection architecture which not only protects the interests of the creator of an electronic document worthy of protection significantly better than is the case with conventional options, but also the potential users of the protected content enables easy, convenient access and handling of the document, and ultimately it must be borne in mind that only the existence of an effective protective instrument against unauthorized copying and redistribution can guarantee that electronic documents will continue to produce valuable content and with a high level of quality and generality in the future will be available
  • a key file (amount of data) generated according to the invention is encrypted separately (conventional or semantic) for third parties, at least twice, with a first person receiving the result of the first encryption and a second person the result of the subsequent second encryption is assigned.
  • Such a procedure according to the invention then has the advantageous effect that even if the actual key data volume is lost, the user file can be restored by both recipients of the subsequent encryption results generating the underlying key data volume with one another by successive decryption , which in this respect corresponds to a four-eyes principle, the present invention was advantageously independent of the original key, namely ch the amount of key data generated first, and to prevent accidents, such as the loss of the original key, e.g. due to the death of a password holder, an additional, double encryption of the correct key file is provided, a first result of the additional locking is assigned to a first third party second result of the additional Encryption is assigned to a second third party and the correct key file can be restored by successively decrypting the first and second results
  • the user file encrypted in this way is a volume file, that is to say that it has a comparable or at most little changed volume volume compared to the open content
  • key storage unit to be provided locally, i.e. within the spatial limits of the data processing device (e.g. as an additional hard disk or other medium that is spatially separated from the file storage system, or else logically and structurally separated, for example in the form of another partition with its own drive identifier on one common hard disk unit)
  • volume data (as the original amount of data) using a drive letter in the manner of a file system and then access the key database, and / or to address the key database in the manner of a hierarchical file system and, for example, by means of a drive
  • the key database is provided locally in the data processing device, but is structurally or physically separate from a drive or mass storage unit assigned to the local file storage system, and the key database is by means of its own drive letter, a drive object (connected to a database function) or the like addressable in the manner of a file system
  • the present invention thus leads to a significantly increased level of data security, in particular with regard to a copy (backup) of the entire file which is otherwise possible with little effort by unauthorized or unlawful persons.
  • the bidirectional local encryption implemented by means of the present invention creates usable - and thus also valuable for third parties - data and information at the time of the query or only exists before being stored in the file storage system, so that the present Invention can also be understood as a fundamental modification of a conventionally open file handling system towards a system protected in both 5 directions (based on a locally assigned mass storage device) by encryption WO 01/06341 _ 1 Q _ PCT / EP00 / 06824
  • Another significant advantage of the encryption method according to the invention is that active data can be used for encryption in the form of any link function, so that this key gives direct properties of the encrypted or decrypted document (eg sequence or gaps)
  • classic encryption functions that - clearly and specifically - establish a relationship between the key and the document to be encrypted are rather passive, ie the encryption function or operation has no relationship to the document
  • a further, potentially usable aspect of the present invention lies in the fact that, in contrast to classic, known encryption methods, the result of the semantic encryption can be an electronic document, which for a viewer or user can have a character that at first glance seems appropriate applies to decryption, with the result that in principle every encryption or decryption
  • E0 key files are designed for each volume file, the key management unit being connected to a key database provided as part of the local file storage system, logically separate therefrom and for linking a key file stored in the key database to a volume file stored in the local file storage system so that in the case using a correct one of the plurality
  • the correct electronic document is generated from generated and assigned key files, and in the event that an incorrect one of the stored key files is used, an electronic document that is apparently correct for a user is generated
  • Semantic encryption thus leads to potentially increased security when dealing with encrypted or decrypted documents, whereby there is also the need, for example, to indicate to a user after successful, successful decryption that he actually has the open, decrypted result , and not a document that is still encrypted (since a decryption process has been unsuccessful)
  • Such a display can be achieved, for example, by means of an additional originality signal, for example in the form of an optical indication (only) known to the user in this sense
  • the semantic encryption used in the context of the present invention obtains an additional quality by not only using the information components manipulated according to the invention with the interchanging, removing, adding or exchanging operations for encryption purposes, but also an encryption effect being achieved in that the information about the exchanged, removed, added and / or exchanged information components present in the key data volume generated by semantic encryption itself is subjected to operations of exchanging or exchanging.
  • the semantic encryption used in the context of the present invention obtains an additional quality by not only using the information components manipulated according to the invention with the interchanging, removing, adding or exchanging operations for encryption purposes, but also an encryption effect being achieved in that the information about the exchanged, removed, added and / or exchanged information components present in the key data volume generated by semantic encryption itself is subjected to operations of exchanging or exchanging.
  • the semantic encryption used in the context of the present invention obtains an additional
  • semantic encryption lies in the semantic encryption of the linguistic / textual / structural meta-level on which a respective document is based (which itself can be understood as a way of describing the electronic document).
  • the information e.g. Commands or syntax elements
  • TAG elements such as formatting instructions for tables or the like.
  • format and / or structural elements of a document which are to a certain extent superior to the actual content-giving words or Sentences exist, can be treated within the scope of the present invention by the basic operations of exchanging, removing, adding or exchanging, and can therefore be protected by ES
  • FIG. 1 shows a schematic block diagram of the data processing device according to a first, preferred embodiment of the invention
  • FIG. 2 shows a schematic block diagram of a key generation and management unit within the scope of the invention 1 illustrates on the basis of a single-user computer system how the present invention can be implemented with assemblies and components of a commercially available PC.
  • a local computing unit 10 accesses a local file storage system 12, implemented as a hard disk, the connection between the computing unit and the file storage system being bidirectional, that is to say both writing processes of the computing unit can be performed on the file system, and vice versa files of the unit 12 are read (called up) and then open via suitable input / output units 14 (e.g. a screen, printer, G interfaces for connecting other computer systems, data lines, etc.) readable or usable.
  • suitable input / output units 14 e.g. a screen, printer, G interfaces for connecting other computer systems, data lines, etc.
  • the file storage system 12 can be a logically and structurally separate file storage system, which is specifically provided 5 as part of a larger file storage for the present purpose.
  • a key management unit 16 is interposed between the computing unit 10 and the file storage system 12, which performs bidirectional encryption of user files — G text files, image files, etc. — that are to be stored and are directed toward the local file storage system 12. and which, in the opposite direction, also decrypts volume files stored in the local file storage system as unreadable (ie unusable) back into a usable user file.
  • the key management unit uses individual keys which are generated specifically for users (groups) and files and are stored in a key storage unit 18.
  • the key storage unit is physically contained on the same hard disk as the file storage system 12, but is logically and structurally separated from this by the key storage unit 18 (alternatively or additionally: the file storage system 12) being assigned its own drive identifier.
  • FIG. 1 provides that, connected to the computing unit, a user identification unit is present, for example can be implemented by a suitable software module within the framework of the computer operating system or a correct application program
  • Such user identification makes it possible to assign the key files stored in the key storage unit 18 in a user-specific manner and to make them available, so that in this way a particular user can only access volume files authorized for him in the file storage system 12 in the exemplary embodiment shown, the drive provided for the key storage unit is subdivided into invisible for the user for each intended key file, so that the security of access to the file storage system is further increased
  • semantic encryption that is to say the planned modification of the content of a volume file by, for example, rearranging the order of content components of content that is only meaningful and (completely) usable in this specific sequence (that is to say rearrangement of words or sentences) within an overall text), the generated and stored in the key storage unit 18
  • E 0 stored key receives correct sequence information
  • Other possibilities of such a semantic encryption were the exchange, omission or replacement of predetermined or randomly selected keywords, the creation of gaps or the insertion of meaning-changing additions
  • volume file and key file in such a way that in particular a (for example particularly extensive) volume file can also be assigned a plurality of key files, in which case the term "volume file specific "with regard to the respective file sections or areas for an associated key file
  • FIG. 1 It will be described below how the embodiment according to FIG. 1 can be accessed by an - authorized or unauthorized - user in the manner of a file system, so that the type of access itself becomes part of the security structure of the present invention
  • the key task of the key management unit 16 is to establish a logical relationship between volume data 12 and respective (user- and document-specific) key data 18.
  • the combination of key management unit 16 and key storage unit 18 can be used as a special form of representation that can be solved in terms of programming understand that, for example in the manner of the Explorer for the Windows operating system, is able to display individual (ie user-specific, depending on the respective authorization) views of electronic documents in a hierarchical arrangement, such as the file order and the respective authorization
  • the user receives a hierarchical arrangement of documents authorized for him as a view (and also for access), ideally in such a way that he detects the circumstance of a V Encryption of the respective documents shown (or a non-encryption) not noticed He can therefore act within this individual, user-specific view determined by an autonegotiation process as if no protective mechanisms existed
  • Such a user-friendly (still comfortable) possibility of working with the present invention is based on a superordinate, secure assignment and document or key management, as is the actual task of the unit 16, with the help of typically a database system, in the simplest case
  • a database system In a concordance table, which assigns different people the volume files, key files, associated attributes, etc. authorized for them, the display unit contained in unit 16 is able to create the user-specific view individually and then, if necessary, encrypt it within the scope of this user-specific view Correctly merging documents with associated key files and thus reconstructing them.
  • a database system of this type which determines the function of the unit 16 (table example), typically contains the relevant key and volume files.
  • path information in particular, reconstruction instructions as components of key files can also be directly contained in such a table for access (which is particularly useful if such a table is generated dynamically and the advantage obtained is exploited that the whole 5 file system is not additionally loaded)
  • a "key file" in the context of the present invention should be understood in particular as an entry in such a database (table) in such a way that this entry enables correct reconstruction within the scope of the invention.
  • This approach also offers intervention - or approaches for the preferred protection method of semantic encryption not
  • E 0 is part of the user-specific views or the processing environments provided by it, regulated by the fiiesystem, the possibility of an update or an update for contents of a respective electronic document that have been changed by user intervention, in particular regarding the updating of the encryption mechanism between the volume file (in units 12) and key file (in
  • the key database or the key management unit is therefore a component of the data processing device according to the invention, the logical and thus virtual, hierarchically ordered and individual
  • a further possible development of the present invention lies in using the database and system design of the present data processing device to delimit the boundaries between users individually, selectively to display (and access) electronic documents and those documents that do not have any access rules at all subject to blurring (i.e. not to separate the views of the directories and the documents then contained) and insofar insecurity about whether the electronic documents presented within a user-specific view are protected against access at all.
  • an advantageous further development of the present invention consists in generating the user-specific views of the files in the file system dynamically and in particular in connection with a respective beginning of a user session of a user, so that a fixed one .
  • Semantic encryption i.e. the encryption of the meaning, consists of the division of original data (OD) into volume data (VD) and work instructions or recon
  • E Q structuring instructions It is in the underlying concept of the method that the volume data can be distributed freely and without additional protection.
  • the RA must be kept separate from the VD. The use of the OD and the access to the OD is only possible if the access to the RA is subject to regulations and the RAs are stored with appropriate protection and can only be accessed in a regulated manner
  • the administration of the RA or the key data and the access to this RA is done by a database, hereinafter also referred to as the key database or key unit. Since access to this central key unit also takes place with a key and / or with 3G a password and since this data is particularly sensitive and therefore represents the first target for attacks on the confidentiality and confidentiality of the data contained therein, security must be ensured unauthorized access can be ensured by additional encryption.
  • This key unit allows access data or access data (ZD) to be saved and thus offers access to the data as part of an access control.
  • ZD access data
  • the access control decides whether the rights for the intended access operation exist at all.
  • the access control decides whether the requested RA can be activated for an identified subject or whether the transfer of the RA to this subject must be blocked.
  • the access protection to the document thus consists of semantic encryption of the document on a mass storage device and of a classically or semantically encrypted access to the RA, which belongs to the semantically encrypted VD.
  • the data in the key unit can also be saved during a backup. Access to the data within this key unit can be made more difficult if the key with which the key server can be accessed is not S unique. If more than one key for the decryption is plausible or even only theoretically possible, then additional criteria are required to convince yourself and others that the key is correct.
  • semantic encryption provides a very large number of possible keys that, when applied to volume data, provide meaningful and possibly also useful data. Even an amateur attacker could come up with a whole class of keys that, when applied to the encrypted data, seem to provide correct content. Proof of originality can also be provided later, regardless of the encryption and decryption.
  • the sentence can serve as an example: Pick up Mr. Manfred Schmidt tomorrow (date) at 5 12:17 from the train station in Kunststoff. Although the location, the time and the action have been precisely specified, no statement can be made about what the original content represents with semantic encryption.
  • anyone can develop reconstruction instructions that can change the meaning of this sentence. So the date, the time, WO 01/06341 _ 1 Q _ PCT / EP00 / 06824
  • the proof of originality can consist, for example, in the fact that a criterion can be agreed between the creator and the user of this encrypted data, that both were accepted as proof of originality.
  • This criterion unlike classical cryptography, cannot be mathematical and / or be of a statistical nature If the producer and user are one and the same person, for example, the signing of the correct decryption can be shown in the display of an image previously only known to him as correct. An attacker would also always see an image, but he could not know which one and whether it is correct
  • a mathematical criterion managed in the key unit such as that of a digital signature, applied to a part of the inventory that was not visible in the context, could increase the I S reliability of the overall system for the user without being able to obtain information about an attack on the key
  • the backup data can also be accessed via the key unit that is also saved.
  • the key data can be managed in such a way that reading out this data and management in another key unit can be prevented by comparing the stored relative or absolute data position within the mass storage device of
  • the access control within the key unit can determine whether access is from a backup or from the original key unit
  • semantic encryption for transmission security in the context of 5 communication consists in the exchange of encrypted data between at least 2 participants A and B.
  • the protection of a backup or a long-term archive is a transmission process that is considered in terms of duration as an extreme example of the Application of the transmission security view, since when the backup is stolen, all unprotected data become known to an unauthorized participant
  • a backup assumes that the data is used asynchronously and is also stored in this way should ensure that access to the encrypted data is available at any time and several times, even without knowledge of the participant.
  • the transmission of the RA can be done before / after / during the I & A and or the transmission of the VD.
  • the one or more times transmission of the RA can be adapted to the transmission security and the situation.
  • the key unit also stored during the backup is managed via the Access control access to the backup
  • the VD and RA must be transmitted with the correct timing. If the application is to work asynchronously to the transmission with the OD, the RA can also be transmitted without correction and, if necessary, also semantically with the VD or classic
  • Transmission security can generally be understood to mean the protection of confidentiality or the protection against changes in the transmission of data.
  • semantic encryption the protection of confidentiality is immediately given at VD.
  • additional classic encryption is based on a small number of data, eg limited to session-wise, individually encrypted RA
  • the unnoticed change in the decrypted data to be output can only occur when the VD is changed below a resolution that is not recognizable by the attacker, if, for example, the reconstruction only consisted in restoring the correct order of sentences.
  • semantic encryption only in the If there was a change in the order of the sentences, the change of words within a sentence cannot be determined. For the registration of a change, the visual inspection is not sufficient.Therefore, an additional procedure for the digital preservation of evidence for the detection of changes in the volume data and with the semantic Encryption can be combined
  • volume data is compressed during communication as a whole or as usable partial data, then the data can be transferred faster and more reliably.
  • the security of the data transferred in this way results from the non-linear link between the compressed data.
  • the downloaded compressed file can be downloaded the local computer can be changed in the manner described above so that classic methods of preserving evidence can also be used to prevent these manipulations
  • the focus is on whether the data EO is genuine, i.e. in the sense that it is original, unchanged or intact a certain date has been created.
  • the context of the data may have to be displayed for the preservation of evidence.
  • the context may also include the access data.
  • the volume data, the RA and the database on which the access data are stored are, have not been changed or cannot be changed without leaving traces
  • the verifiability of data integrity i.e. the detection of a change in data that may have been manipulated either at the source (server), during transmission or on the local computer, is important for the trustworthiness of the semantically encrypted data 15
  • a mathematical evidence procedure such as the use of a one-way function together with a local file or an unchanged characteristic on a server can be used with the corresponding evidence
  • this check either takes place on the local machine or on the server, depending on how the interests are distributed during this check.
  • the data can be changed at any time using the mathematical evidence-based methods, i.e. also before the user immediately uses it be performed
  • a semantic check of the data integrity can be carried out flexibly by means of a metalanguage, in which the semantic encryption and decryption has a flexible effect on the reconstructed result by means of a minimally changed metalanguage, so that the correctness of the key is relatively simple when the data thus reconstructed is viewed
  • 3 G can be recognized by visual inspection
  • the key when managing keys, a distinction must be made with regard to the key as a password for identification and authentication, hereinafter referred to as password, and key as Reconstruction instructions for the electronic documents
  • the keys themselves can contain instructions which in turn can trigger more complex encryption operations and which can be converted into a set of keys
  • the keys can also only be used temporarily for communication or for a number of communication steps, e.g. for a user session.
  • the storage of the RA in the database can also be encrypted.
  • the use of keys (hereinafter referred to as RA key) can be used Thereby, for a quantity formation within the data encrypted in this way, IQ can then be used to encrypt, for example, all RAs for a document or all RAs for a chapter with all version changes contained therein
  • An original data source is always encrypted, which is built up with a defined vocabulary. All languages, in particular natural human languages, consist of a set of words that can be listed in a lexicon. The use of context-related sentences can still conjugate words and be declined
  • the encryption of a backup has an additional problem that has no equivalent meaning when transferring data. Since backup bands and their illegally made copies can be kept for a very long time, there is the problem of having an access password, even after Years can be remembered and used again, on the other hand there is the problem that the final camouflage of the password has far-reaching consequences for data security If the passwords are too difficult to remember, then there is a 3Q risk of forgetting If, on the other hand, the password for the manufacturer of the backup or If a user whose data is stored is very easy to remember, then traditional encryption methods are no longer protection. Semantic encryption of the key unit, on the other hand, would not provide any evidence or evidence that the simple key is actually the correct key
  • the use of a local key unit saves the user from having to take extensive failure measures in the event that the key server fails.
  • the more flexible distribution the key enables online access to an external, if necessary, centrally managed key server, in the event of an additional comparison to ensure that it is up to date
  • RA keys can be stored centrally, locally or distributed
  • the security of the password administration results on the one hand from the one-way 3G function used and on the other hand from the selection of the password by the user.
  • the specification of a length and a selection from the largest possible character set improves the quality of a password in order to guess passwords difficult to exclude are formed.
  • Password management is like key management.
  • passwords are usually set by the user. They can also be entered 3 seconds by the user or changed if necessary
  • the activation of the key unit that was retrieved from the backup can only work correctly if additional information is tion is fetched by a trustworthy and computer, who may only collect information for this purpose, but only release answers after overcoming several individual steps, possibly also of an organizational nature
  • the key unit is an important target due to its importance for the security of the data within the overall solution. If a user reveals his password to this key unit during identification, then the security of the overall system is at risk. For this reason, the password entry must protect itself from so-called Trojan horses that pretend to be the user, they were actually the key unit, but in reality they are only programs that are intended to induce the user to enter the password. This spying out of the password is also called spoofing.
  • the key unit can also be equipped with additional methods for preventing spoofing, e.g. the generation of a plurality of access passwords for each user (advantageously only one correct one), so that an insecurity component in one unauthorized access is created
  • Access control to a backup can also be implemented as a copy protection method
  • the key for encryption can be used immediately to identify the key for decryption. In this sense, exchanging and replacing data can be understood as a symmetrical encryption procedure.
  • the associated decryption RA can be obtained immediately through the work instruction for decryption. In the same way, after decryption, it is known how the encryption was carried out. In order to separate these two processes more strongly, a semantic intermediate layer must be introduced
  • the instructions for swapping or deleting etc. consist of a vocabulary or at least of tokens to which a defined task has been assigned.
  • the vocabulary is linked to an action by the interpretation of the reconstruction unit.
  • the interpretation of this vocabulary can be realized by the implementation of the operations of a metalanguage. If the assignment of the vocabulary to operations can in turn be changed by a metalanguage, an additional key can be used to interpret the operation of the first key in a more complex manner. This additional key can then be added to either the sender or the recipient of the RA Additional assignments between vocabulary and operations can interact with one another in such a functional way that back-counting from one key to the other fails due to the complexity and uniqueness of the problem.
  • One-way functions can be used to support this process From this link, semantic encryption can also be used in such a way that asymmetric encryption can be made possible with all of its applications known from the prior art. 5
  • MD Message digits
  • the application can be restricted to a class of entities specified by the semantic encryption or to their complementary quantity. In this way, several independent part message digits can be created, each one for itself Provide protection against random and deliberate changes Since MD are used at the byte level and are therefore relatively time-consuming to create for very large amounts of data, a semantic MD can be used at the semantic level whether it is a change in the volume data or the key data or key unit
  • FIG. 2 shows a schematic block diagram representation of the structure of an EG key generation and management unit with the associated functional components in the context of the present invention, which can be used to convert electronic documents to be protected by the semantic encryption technology according to the invention into protected volume files and
  • the embodiment described in connection with FIG. 2, in particular ES also enables not only to generate a key data set (which leads to the original, correct data set when restoring), but also a plurality of key data sets, so that this aspect of the Having a plurality of possible keys (of which in turn only one leads to the result which is also correct in terms of content and not only apparently correct) can further increase the security of the present invention
  • the train is on time is stored in a memory 52 according to FIG. 2 and is to be semantically encoded in the manner to be described below by the action of the further functional components shown in FIG. 2
  • IG document storage unit 52 for the analysis unit 58 downstream of the reading / access unit 54 is now able to analyze and evaluate this on the basis of the document information read by the reading unit 54, the analysis unit 58 firstly the electronic document into its individual information components disassembled and stores this in an information component storage unit 60 (in the present example
  • the content of the document structure storage unit after the analysis of the source document by the analysis unit could look as follows
  • Theorem 1 (1, 2 3, 4)
  • Theorem 2 (1, 2 3), E 5 while the information component storage unit 60 contains information components corresponding to this structural analysis, that is to say words
  • Thomas comes from the cemetery at 4 p.m. The train is on time.
  • this sentence appears to be an open, unencrypted result, so that an essential, protective foundation of the present invention is that an attacker may not even get the impression that this text is encryption , and thus refrains from attacking this text from the beginning of the EC.
  • an equivalent unit 70 (which in its simplest version can be understood as a table or database of equivalent, i.e. corresponding and interchangeable, terms):
  • a semantic control unit 72 which is also connected to the encryption unit 64 and influences the described encryption operation, 5 ensured that the encryption result "... comes ... from the cemetery is grammatically and syntactically correct, so that it is not manipulated can be identified. (The additional “to” would also be correct here). Also using the encryption unit 64 and the cooperating equivalence unit WO 01/06341 _2 Q _ PCT / EP00 / 06824
  • the content component "the train” of the following sentence is related in terms of content to the content component "graveyard” newly introduced in the previous sentence, so that even without encryption of the second sentence a completely different meaning (and thus an encryption effect)
  • volume data storage unit 10 is output as volume data and stored in a volume data storage unit, while a key that enables reconstruction (in the present exemplary embodiment, information about the words interchanged in each case with their position in the sentence and in respective content terms) is stored in a key data storage unit 74, corresponding to FIG. 15 the associated key file for storage unit 74 could look like this (in the following example, the reconstruction unit interprets the EXCHANGE command in order to carry out the swap specified in the argument)
  • the vocabulary of the command language itself is dynamic and can be changed by functions of a script language, the EXCHANGE command itself could thus be replaced by any other expression
  • these two storage units are additionally followed by an output unit 78, which in a particularly simple manner prepares the key data 74 in the form of a script and can output it as an executable script file 84; this is done with the aid of a conversion unit 80 which is otherwise known from the
  • volume data of the storage unit 76 generates a volume document 82 corresponding to the encrypted version, and from the index or reconstruction data of the storage unit 74 a structure description, script, e.g. as Javascript, XML, VB-Script or the like, and which then automatically processes the volume document 82 when it runs and transfers it to the original
  • 3Q can then be secured (and in particular also to carry out a suitable identification that authorizes proper access to the document). and / or payment process), the script file 84 is transmitted to the authorized user, who can then easily (and ideally without being confronted with the encrypted volume document) restore the open original version.
  • the embodiment shown schematically in FIG. 2 is suitable not only for generating a key file for the storage unit 74 (or as an executable script file 84), but also a plurality, of which, however, ideally only one content the result is actually correct, while other key files than scripts trigger a decryption process, which also leads to a meaningful (and thus apparently correct) result, but does not match the original version in terms of content.
  • the present invention is not limited to the exemplary example of text files.
  • it also makes sense to encrypt any further electronic documents in the manner described in principle, as long as these electronic documents are suitable for the basic operations of exchanging, removing, adding or exchanging Structure from content components have typical others
  • EO application cases were, in particular, music files, which are usually available in the so-called MP3 format and, where it is possible within the scope of the present invention, the data structures (so-called frames) specified by the MP3 format individually or in blocks (ideally also clockwise or section by section, based on the respective piece of music) to be removed or exchanged

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un dispositif de traitement de données comprenant un système de réception de fichiers local associé à une unité de calcul locale, pour appeler et mémoriser, ainsi que pour assurer une transmission bidirectionnelle de données de fichiers multivolumes au moyen de l'unité de calcul. Le dispositif comprend également une unité d'identification d'utilisateur associée à l'unité de calcul locale, qui, pour permettre un accès par l'unité de calcul à un fichier multivolumes autorisé pour un utilisateur, se présente de manière à réagir à l'identification concluante de l'utilisateur. Le fichier multivolumes est mémorisé dans le système de réception de fichiers, sous une forme codée, non utilisable par un utilisateur. Une unité de gestion des clés associée à une voie de transmission de données de fichiers multivolumes, entre l'unité de calcul locale et le système de réception de fichiers local, se présente sous forme de partie et de fonctionnalité de l'unité de calcul locale, destinée pour chaque fichier multivolumes, à des tâches de production et d'affectation à un fichier des clés spécifique de l'utilisateur et du fichier multivolumes. L'unité de gestion des clés est reliée à une banque de données des clés faisant partie du système de réception de fichiers local, prévue de manière séparée en termes de logique dudit système. L'unité de gestion des clés est destinée à combiner un fichier des clés mémorisé dans la banque de données des clés avec un fichier multivolumes mémorisé dans le système de réception des fichiers local, afin de produire un document électronique utilisable par un utilisateur, ainsi que de combiner un fichier de clés produit avec un document électronique à mémoriser, de manière à produire un fichier multivolumes pour le système de réception de fichiers local. La banque de données des clés est prévue localement dans le dispositif de traitement des données, toutefois séparément sous l'angle structurel ou physique d'une unité de lecture de disque ou de mémoire de masse associée au système de réception de fichiers local.
EP00953060A 1999-07-15 2000-07-17 Dispositif de traitement de donnees Withdrawn EP1410128A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE1999132703 DE19932703C2 (de) 1999-07-15 1999-07-15 Datenverarbeitungsvorrichtung
DE19932703 1999-07-15
PCT/EP2000/006824 WO2001006341A1 (fr) 1999-07-15 2000-07-17 Dispositif de traitement de donnees

Publications (1)

Publication Number Publication Date
EP1410128A1 true EP1410128A1 (fr) 2004-04-21

Family

ID=7914611

Family Applications (1)

Application Number Title Priority Date Filing Date
EP00953060A Withdrawn EP1410128A1 (fr) 1999-07-15 2000-07-17 Dispositif de traitement de donnees

Country Status (4)

Country Link
US (1) US20020111133A1 (fr)
EP (1) EP1410128A1 (fr)
DE (1) DE19964198A1 (fr)
WO (1) WO2001006341A1 (fr)

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE10028265A1 (de) * 2000-06-09 2001-12-13 Erland Wittkoetter Vorrichtung und Verfahren zum Entschlüsseln eines verschlüsselten elektronischen Dokuments
US7480857B2 (en) * 2004-09-10 2009-01-20 Igt Method and apparatus for data communication in a gaming system
GB0106082D0 (en) 2001-03-13 2001-05-02 Mat & Separations Tech Int Ltd Method and equipment for removing volatile compounds from air
US20030177378A1 (en) * 2001-06-01 2003-09-18 Erland Wittkotter Apparatus and method for the decryption of an encrypted electronic document
US7136883B2 (en) * 2001-09-08 2006-11-14 Siemens Medial Solutions Health Services Corporation System for managing object storage and retrieval in partitioned storage media
DE10205316B4 (de) * 2002-02-08 2008-01-17 Infineon Technologies Ag Schlüsselmanagementeinrichtung und Verfahren zur verschlüsselten Ablage von digitalen Datenwörtern
US8010405B1 (en) 2002-07-26 2011-08-30 Visa Usa Inc. Multi-application smart card device software solution for smart cardholder reward selection and redemption
US7121456B2 (en) 2002-09-13 2006-10-17 Visa U.S.A. Inc. Method and system for managing token image replacement
US8015060B2 (en) 2002-09-13 2011-09-06 Visa Usa, Inc. Method and system for managing limited use coupon and coupon prioritization
US9852437B2 (en) 2002-09-13 2017-12-26 Visa U.S.A. Inc. Opt-in/opt-out in loyalty system
US8626577B2 (en) 2002-09-13 2014-01-07 Visa U.S.A Network centric loyalty system
US6920611B1 (en) 2002-11-25 2005-07-19 Visa U.S.A., Inc. Method and system for implementing a loyalty merchant component
JP4536330B2 (ja) * 2003-03-06 2010-09-01 ソニー株式会社 データ処理装置、および、その方法
US7827077B2 (en) 2003-05-02 2010-11-02 Visa U.S.A. Inc. Method and apparatus for management of electronic receipts on portable devices
US8554610B1 (en) 2003-08-29 2013-10-08 Visa U.S.A. Inc. Method and system for providing reward status
US7104446B2 (en) 2003-09-03 2006-09-12 Visa U.S.A., Inc. Method, system and portable consumer device using wildcard values
US7051923B2 (en) 2003-09-12 2006-05-30 Visa U.S.A., Inc. Method and system for providing interactive cardholder rewards image replacement
US8407083B2 (en) 2003-09-30 2013-03-26 Visa U.S.A., Inc. Method and system for managing reward reversal after posting
US8005763B2 (en) 2003-09-30 2011-08-23 Visa U.S.A. Inc. Method and system for providing a distributed adaptive rules based dynamic pricing system
US7653602B2 (en) 2003-11-06 2010-01-26 Visa U.S.A. Inc. Centralized electronic commerce card transactions
US7617447B1 (en) 2003-12-09 2009-11-10 Microsoft Corporation Context free document portions
US7464330B2 (en) 2003-12-09 2008-12-09 Microsoft Corporation Context-free document portions with alternate formats
US7549118B2 (en) 2004-04-30 2009-06-16 Microsoft Corporation Methods and systems for defining documents with selectable and/or sequenceable parts
US7383500B2 (en) 2004-04-30 2008-06-03 Microsoft Corporation Methods and systems for building packages that contain pre-paginated documents
US8661332B2 (en) 2004-04-30 2014-02-25 Microsoft Corporation Method and apparatus for document processing
US7418652B2 (en) 2004-04-30 2008-08-26 Microsoft Corporation Method and apparatus for interleaving parts of a document
US7359902B2 (en) * 2004-04-30 2008-04-15 Microsoft Corporation Method and apparatus for maintaining relationships between parts in a package
US7487448B2 (en) 2004-04-30 2009-02-03 Microsoft Corporation Document mark up methods and systems
US7512878B2 (en) 2004-04-30 2009-03-31 Microsoft Corporation Modular document format
US7440132B2 (en) * 2004-05-03 2008-10-21 Microsoft Corporation Systems and methods for handling a file with complex elements
US7607141B2 (en) 2004-05-03 2009-10-20 Microsoft Corporation Systems and methods for support of various processing capabilities
US8243317B2 (en) 2004-05-03 2012-08-14 Microsoft Corporation Hierarchical arrangement for spooling job data
US7580948B2 (en) 2004-05-03 2009-08-25 Microsoft Corporation Spooling strategies using structured job information
US7755786B2 (en) * 2004-05-03 2010-07-13 Microsoft Corporation Systems and methods for support of various processing capabilities
US8363232B2 (en) 2004-05-03 2013-01-29 Microsoft Corporation Strategies for simultaneous peripheral operations on-line using hierarchically structured job information
US7519899B2 (en) * 2004-05-03 2009-04-14 Microsoft Corporation Planar mapping of graphical elements
US7634775B2 (en) * 2004-05-03 2009-12-15 Microsoft Corporation Sharing of downloaded resources
JP2006033646A (ja) * 2004-07-20 2006-02-02 Sony Corp 情報処理システム及び情報処理方法、並びにコンピュータプログラム
US7617450B2 (en) 2004-09-30 2009-11-10 Microsoft Corporation Method, system, and computer-readable medium for creating, inserting, and reusing document parts in an electronic document
US7584111B2 (en) * 2004-11-19 2009-09-01 Microsoft Corporation Time polynomial Arrow-Debreu market equilibrium
US7617451B2 (en) * 2004-12-20 2009-11-10 Microsoft Corporation Structuring data for word processing documents
US7617444B2 (en) 2004-12-20 2009-11-10 Microsoft Corporation File formats, methods, and computer program products for representing workbooks
US7620889B2 (en) 2004-12-20 2009-11-17 Microsoft Corporation Method and system for linking data ranges of a computer-generated document with associated extensible markup language elements
US7617229B2 (en) 2004-12-20 2009-11-10 Microsoft Corporation Management and use of data in a computer-generated document
US7614000B2 (en) 2004-12-20 2009-11-03 Microsoft Corporation File formats, methods, and computer program products for representing presentations
US7752632B2 (en) 2004-12-21 2010-07-06 Microsoft Corporation Method and system for exposing nested data in a computer-generated document in a transparent manner
US7770180B2 (en) 2004-12-21 2010-08-03 Microsoft Corporation Exposing embedded data in a computer-generated document
US7590868B2 (en) * 2005-02-09 2009-09-15 Hewlett-Packard Development Company, L.P. Method and apparatus for managing encrypted data on a computer readable medium
US7660797B2 (en) * 2005-05-27 2010-02-09 Microsoft Corporation Scanning data in an access restricted file for malware
DE102005028066B3 (de) 2005-06-16 2006-12-07 Deutsche Exide Gmbh Polbrücke für eine Batterie
US7818395B2 (en) * 2006-10-13 2010-10-19 Ceelox, Inc. Method and apparatus for interfacing with a restricted access computer system
US8069251B2 (en) * 2007-06-01 2011-11-29 Adobe Systems Incorporated System and/or method for client-driven server load distribution
US9251382B2 (en) * 2007-12-20 2016-02-02 International Business Machines Corporation Mapping encrypted and decrypted data via key management system
US10642692B2 (en) * 2008-04-18 2020-05-05 Ncr Corporation System of method of storing data in a self-service terminal
US7992781B2 (en) 2009-12-16 2011-08-09 Visa International Service Association Merchant alerts incorporating receipt data
US8429048B2 (en) 2009-12-28 2013-04-23 Visa International Service Association System and method for processing payment transaction receipts
US9124430B2 (en) * 2013-09-23 2015-09-01 Venafi, Inc. Centralized policy management for security keys
US9369279B2 (en) 2013-09-23 2016-06-14 Venafi, Inc. Handling key rotation problems
CN104142838A (zh) * 2014-07-02 2014-11-12 青岛海信移动通信技术股份有限公司 一种移动通信终端开机启动的方法和设备
US11809612B2 (en) * 2018-05-30 2023-11-07 Telefonaktiebolaget Lm Ericsson (Publ) Method and intrusion manager for handling intrusion of electronic equipment

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2659896B2 (ja) * 1992-04-29 1997-09-30 インターナショナル・ビジネス・マシーンズ・コーポレイション 構造化文書複製管理方法及び構造化文書複製管理装置
NZ329891A (en) * 1994-01-13 2000-01-28 Certco Llc Method of upgrading firmware of trusted device using embedded key
US5765152A (en) * 1995-10-13 1998-06-09 Trustees Of Dartmouth College System and method for managing copyrighted electronic media
US6393569B1 (en) * 1996-12-18 2002-05-21 Alexander S. Orenshteyn Secured system for accessing application services from a remote station
DE69724947T2 (de) * 1997-07-31 2004-05-19 Siemens Ag Rechnersystem und Verfahren zur Sicherung einer Datei
US6385596B1 (en) * 1998-02-06 2002-05-07 Liquid Audio, Inc. Secure online music distribution system
US6374402B1 (en) * 1998-11-16 2002-04-16 Into Networks, Inc. Method and apparatus for installation abstraction in a secure content delivery system
US6708187B1 (en) * 1999-06-10 2004-03-16 Alcatel Method for selective LDAP database synchronization

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0106341A1 *

Also Published As

Publication number Publication date
WO2001006341A1 (fr) 2001-01-25
DE19964198A1 (de) 2001-04-12
US20020111133A1 (en) 2002-08-15

Similar Documents

Publication Publication Date Title
EP1410128A1 (fr) Dispositif de traitement de donnees
DE69736310T2 (de) Erzeugung und Verteilung digitaler Dokumente
DE60200616T2 (de) Gesicherte Inhaltsobjekte
DE69634880T2 (de) Verfahren und gerät zum kontrollierten zugriff zu verschlüsselten datenakten in einem computersystem
DE68926606T2 (de) Empfangs- und Annahmeprüfungsverfahren für elektronisch abgegebene Datenobjekte
EP1944716B1 (fr) Procédé et dispositif de sécurisation d'un document comportant une signature apposée et des données biométriques dans un système informatique
DE69132809T2 (de) Verfahren und Anordnung zur Ausführung von Sicherheitswegbefehlen
EP3452941B1 (fr) Procédé de documentation électronique d'informations de licence
WO2001090855A1 (fr) Chiffrement de donnees a memoriser d'un systeme iv
EP3497615B1 (fr) Procédé de signature électronique manuscrite
EP3552140B1 (fr) Index de bases de données constitué de plusieurs champs
DE69737806T2 (de) Datenverschlüsselungsverfahren
DE60221861T2 (de) Server mit dateiverifikation
EP1228410A1 (fr) Dispositif et procede de sortie protegee d'un document electronique via un reseau de transmission de donnees
EP1256040A2 (fr) Dispositif pour le traitement avec controle d'acces de donnees electroniques
EP1245094A2 (fr) Dispositif de maniement, protege par un mot de passe, d'un document electronique
DE19932703C2 (de) Datenverarbeitungsvorrichtung
EP2491513B1 (fr) Procédé et système de fourniture d'objets de données à protection erdm
EP0947072A1 (fr) Procede pour la memorisation protegee electroniquement de donnees dans une banque de donnees
DE102023106510A1 (de) Verfahren zum Durchsuchen von sensiblen Dokumenten und System hierzu
EP1002262B1 (fr) Dispositif et procede permettant la sortie protegee de documents memorises transmis par voie electronique
DE69710789T2 (de) Vorrichtung und verfahren zur geschützten übertragung und darstellung von elektronisch publizierten dokumenten
EP4080847A1 (fr) Changement sécurisé des données d'application dans une chaine de blocs
DE19755182A1 (de) Vorrichtung und Verfahren zur geschützten Ausgabe elektronisch übertragener und gespeicherter Dokumente
DE112023000575T5 (de) Bollwerk-blockchain

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20020702

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): DE FR GB

17Q First examination report despatched

Effective date: 20041213

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: WITTKOETTER, ERLAND

RIN1 Information on inventor provided before grant (corrected)

Inventor name: DER ERFINDER HAT AUF SEINE NENNUNG VERZICHTET.

RIN1 Information on inventor provided before grant (corrected)

Inventor name: WITTKOETTER, ERLAND

18D Application deemed to be withdrawn

Effective date: 20050624