公开(公告)号：JPH10301854A

公开(公告)日：1998-11-13

申请号：JP7476798

申请日：1998-03-24

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER ,  ALBERT SCHARRE

IPC: G06F12/14 ,  G06F9/445 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G07F7/10

Abstract: PROBLEM TO BE SOLVED: To prevent the import of information to the non-permitted area of a chip card memory and to reinforce the security standard of a chip card by activating the change of the contents of the chip card memory in the case that matching is established between an electronic fingerprint and at least one other electronic fingerprint at the time of comparison. SOLUTION: This chip card is put into a terminal and the function of the terminal for transferring a command code to the chip card is selected. After writing the command code to a binary file A102, the binary file A102 is marked as inactive. The electronic fingerprint calculated on the chip card is compared with a fingerprint arranged inside a registration file 3F01 by a card supplier. In the case that matching with one of the other electronic fingerprints is established, the command code inside the binary file A102 is activated. That is, use is made possible by the context of an application A100.

公开(公告)号：JPH10224345A

公开(公告)日：1998-08-21

申请号：JP871498

申请日：1998-01-20

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER ,  SCHAAL ALBERT

IPC: G07F7/10 ,  G09C1/00 ,  H04L9/32

Abstract: PROBLEM TO BE SOLVED: To improve the freedom degree of cipher key authentication against a chip card by transferring an authentication key to the chip card and checking an electronic signature based on the authentication key of the chip card. SOLUTION: An authentication key is transferred to a chip card. The certificate which is used on the chip card based on the authentication of the cipher key has a 1st part that includes the actual data containing the cipher key and a 2nd part including an electronic signature of data received from the 1st part. The electronic signature of the 1st part that is included in the 2nd part of the certificate is checked based on the authentication key of the chip card, and the cipher key of the chip card is authenticated. When the electronic signature is checked, the signature is converted by the authentication key and the electronic fingerprint of the 1st part of the certificate is generated. Then the fingerprint is compared with a converted electronic signature.

公开(公告)号：JPH10198606A

公开(公告)日：1998-07-31

申请号：JP18484997

申请日：1997-07-10

Applicant: IBM

Inventor： DEINDL MICHAEL ,  WITZEL MARTIN

IPC: G06F12/14 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G06K19/10 ,  G07F7/10 ,  H04L9/10 ,  H04L9/32

Abstract: PROBLEM TO BE SOLVED: To allow only an authorized user to input or read information by enciphering data with a random key, encoding the random key with a chip card and preserving it together with data. SOLUTION: This system is provided with a computer, reader/writer for patient card, reader/writer for user card, and user card. Patient data are preserved on the patient card or can be preserved on the other storage medium. It is suitable the patient card is the chip card having an optical mass memory. The chip controls access to data and both enciphering and deciphering functions. The random key itself is enciphered and preserved together with data. There is a dedicated record key for each patient card. The chip card preserves a generator for exchanging data between the computer and the storage medium and preparing a new cryptographic key when the computer requests the cryptographic key.

公开(公告)号：DE69737905D1

公开(公告)日：2007-08-23

申请号：DE69737905

申请日：1997-11-21

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER ,  SCHAAL ALBERT

IPC: H04L9/32 ,  G07F7/10 ,  G09C1/00

Abstract: The invention relates to a procedure for the certification of cryptographic keys for chipcards. In this procedure, a certification-key and a certificate are transferred to the chipcard. The first part of the certificate includes the cryptographic key and the second part of the certificate includes a digital signature of the first part of the certificate. The digital certificate is subsequently checked by means of the certification-key on the chipcard.

公开(公告)号：DE69731338D1

公开(公告)日：2004-12-02

申请号：DE69731338

申请日：1997-07-08

Applicant: IBM

Inventor： DEINDL MICHAEL ,  WITZEL MARTIN

IPC: G06F12/14 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G06K19/10 ,  G07F7/10 ,  H04L9/10 ,  H04L9/32

Abstract: The present invention describes a method and system for the secure transmission and storage of protectable information, in particular, of patient information, by means of a patient card. The data stored on the patient card are protected by cryptographic methods. The data can be decrypted only with the same patient card if a doctor is authorised and the patient has given his agreement. All information which the patient card needs in order to decide whether the doctor is authorised and the key for protecting the control data and the random key are held on the chip. The patient data can be freely transmitted to any storage medium. The chip controls both the access to the data and the encryption and decryption functions. Random keys, which are themselves stored encrypted together with the data ensure that every data record remains separate from every other and that only authorised persons can access it. Every patient card has its own record key. The system and method in accordance with the invention is not directed exclusively to patient data but can be applied to any protectable data to which right of access is to be restricted.

公开(公告)号：GB2324894A

公开(公告)日：1998-11-04

申请号：GB9804703

申请日：1998-03-06

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER ,  SCHAAL ALBERT

IPC: G06F12/14 ,  G06F9/445 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G07F7/10

Abstract: A method of importing application information onto a chip card which has a memory with a directory. The contents of the memory are changed according to the application information but left in an inactive status. An electronic fingerprint is calculated from both the application information and additional information regarding the change of contents, such as a path indication in the chip card directory. The electronic fingerprint is compared with at least one other electronic fingerprint, which is preferably stored on the card, and the change of contents of the memory of the chip card is activated if on comparison a match is established between the electronic fingerprint and the at least one other electronic fingerprint.

公开(公告)号：DE69731338T2

公开(公告)日：2006-02-16

申请号：DE69731338

申请日：1997-07-08

Applicant: IBM

Inventor： DEINDL MICHAEL ,  WITZEL MARTIN

IPC: G06F12/14 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G06K19/10 ,  G07F7/10 ,  H04L9/10 ,  H04L9/32

Abstract: The present invention describes a method and system for the secure transmission and storage of protectable information, in particular, of patient information, by means of a patient card. The data stored on the patient card are protected by cryptographic methods. The data can be decrypted only with the same patient card if a doctor is authorised and the patient has given his agreement. All information which the patient card needs in order to decide whether the doctor is authorised and the key for protecting the control data and the random key are held on the chip. The patient data can be freely transmitted to any storage medium. The chip controls both the access to the data and the encryption and decryption functions. Random keys, which are themselves stored encrypted together with the data ensure that every data record remains separate from every other and that only authorised persons can access it. Every patient card has its own record key. The system and method in accordance with the invention is not directed exclusively to patient data but can be applied to any protectable data to which right of access is to be restricted.

公开(公告)号：DE19702049C1

公开(公告)日：1998-05-14

申请号：DE19702049

申请日：1997-01-22

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER DIPL PHYS ,  SCHAAL ALBERT DIPL ING

IPC: G07F7/10 ,  G09C1/00 ,  H04L9/32

Abstract: The certification method involves using a certification key which is transferred to a chipcard. The certification incorporates a cryptographic key and a digital signature which is verified via the certification key provided by the card. The first part of the certification can be provided by an electronic finger pressure, with which the digital signature converted using the certification key is compared.

公开(公告)号：DE19716015A1

公开(公告)日：1998-10-29

申请号：DE19716015

申请日：1997-04-17

Applicant: IBM

Inventor： SCHAAL ALBERT ,  HAENEL WALTER DIPL PHYS ,  DEINDL MICHAEL

IPC: G06F12/14 ,  G06F9/445 ,  G06F12/00 ,  G06F21/24 ,  G06K17/00 ,  G06K19/073 ,  G07F7/10

Abstract: The invention relates to a method of importing information, in particular application information, onto a chip card which has a memory with a directory. The information being transferred onto the chip card comprises data and code, and it is often necessary to distribute these data and the code to different files in the directory. The method of the invention establishes whether the data and the code have been placed properly in the various files. The invention makes it possible to verify whether the information has been placed in the proper location allocated to it in the memory of the chip card. When an application is to be placed onto a chip card, the information is loaded into the chip card memory but is no allowed to be used until its location on the card is verified. Verification is accomplished by calculating an electronic fingerprint of the information and it's location. The fingerprint is compared with at least one other electronic fingerprint, and the stored information is activated only if on comparison a match is established between the electronic fingerprint and at least one other electronic fingerprint.

公开(公告)号：DE69737905T2

公开(公告)日：2008-04-03

申请号：DE69737905

申请日：1997-11-21

Applicant: IBM

Inventor： DEINDL MICHAEL ,  HAENEL WALTER ,  SCHAAL ALBERT

IPC: H04L9/32 ,  G07F7/10 ,  G09C1/00

Abstract: The invention relates to a procedure for the certification of cryptographic keys for chipcards. In this procedure, a certification-key and a certificate are transferred to the chipcard. The first part of the certificate includes the cryptographic key and the second part of the certificate includes a digital signature of the first part of the certificate. The digital certificate is subsequently checked by means of the certification-key on the chipcard.