公开(公告)号：GB2324894B

公开(公告)日：2002-04-17

申请号：GB9804703

申请日：1998-03-06

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER ,  SCHAAL ALBERT

IPC: G06F12/14 ,  G06F9/445 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G07F7/10

Abstract: The invention relates to a method of importing information, in particular application information, onto a chip card which has a memory with a directory. The information being transferred onto the chip card comprises data and code, and it is often necessary to distribute these data and the code to different files in the directory. The method of the invention establishes whether the data and the code have been placed properly in the various files. The invention makes it possible to verify whether the information has been placed in the proper location allocated to it in the memory of the chip card. When an application is to be placed onto a chip card, the information is loaded into the chip card memory but is no allowed to be used until its location on the card is verified. Verification is accomplished by calculating an electronic fingerprint of the information and it's location. The fingerprint is compared with at least one other electronic fingerprint, and the stored information is activated only if on comparison a match is established between the electronic fingerprint and at least one other electronic fingerprint.

公开(公告)号：DE19629856A1

公开(公告)日：1998-01-29

申请号：DE19629856

申请日：1996-07-24

Applicant: IBM

Inventor： DEINDL MICHAEL ,  WITZEL MARTIN

IPC: G06F12/14 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G06K19/10 ,  G07F7/10 ,  H04L9/10 ,  H04L9/32

Abstract: The present invention describes a method and system for the secure transmission and storage of protectable information, in particular, of patient information, by means of a patient card. The data stored on the patient card are protected by cryptographic methods. The data can be decrypted only with the same patient card if a doctor is authorised and the patient has given his agreement. All information which the patient card needs in order to decide whether the doctor is authorised and the key for protecting the control data and the random key are held on the chip. The patient data can be freely transmitted to any storage medium. The chip controls both the access to the data and the encryption and decryption functions. Random keys, which are themselves stored encrypted together with the data ensure that every data record remains separate from every other and that only authorised persons can access it. Every patient card has its own record key. The system and method in accordance with the invention is not directed exclusively to patient data but can be applied to any protectable data to which right of access is to be restricted.