+

WO2001028154A1 - Transmission d'informations confidentielles - Google Patents

Transmission d'informations confidentielles Download PDF

Info

Publication number
WO2001028154A1
WO2001028154A1 PCT/FI2000/000896 FI0000896W WO0128154A1 WO 2001028154 A1 WO2001028154 A1 WO 2001028154A1 FI 0000896 W FI0000896 W FI 0000896W WO 0128154 A1 WO0128154 A1 WO 0128154A1
Authority
WO
WIPO (PCT)
Prior art keywords
confidential information
information
receiver
transmitted
sender
Prior art date
Application number
PCT/FI2000/000896
Other languages
English (en)
Inventor
Tuomas Salste
Original Assignee
Helsingin Puhelin Oyj
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Helsingin Puhelin Oyj filed Critical Helsingin Puhelin Oyj
Priority to EP00969597A priority Critical patent/EP1221224A1/fr
Priority to AU79269/00A priority patent/AU7926900A/en
Publication of WO2001028154A1 publication Critical patent/WO2001028154A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/42Confirmation, e.g. check or permission by the legal debtor of payment
    • G06Q20/425Confirmation, e.g. check or permission by the legal debtor of payment using two different networks, one for transaction and one for security confirmation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Definitions

  • This invention relates to a method and a system for transmission of confidential information. Particularly the invention concerns the transmission of this information in various telecommunication networks.
  • an open data network means a network used for data transfer, which is in public use and to which anyone can be connected when he so wishes.
  • a typical open data network is the Internet, for example.
  • Confidential information is most often transferred in facilities related to electric trade. In international electric trade, for instance, information related to credit cards is very important. When paying for purchases made electrically, the customer transmits to the seller the credit card number, the validity of the credit card and his personal data via e-mail, a www browser, telephone or telefax. The data security of the two first mentioned is much worse than that of the two last. In the worst case, a third party might obtain the credit card information transmitted through the data network and use it illegally for his own purposes.
  • a data security risk may arise for at least three different reasons.
  • the sender of the message may request confidential information in the e-mail message, and the receiver may easily give the information without noticing that the sender is not entitled to receive the information.
  • the receiver does not even know who is requesting the confidential information. Neither is any proof left to the receiver about the person who asked for the confidential information, if the e-mail message is removed.
  • Another problem is a potential third party intercepting between the sender and the receiver.
  • the third party can copy the transmitted information for himself, but the original sender or the receiver of the message does not notice any problems in transmission.
  • the copier of the messages will know the contents of the messages and can utilize the information. It is also possible that the third party "captures" the message, changes the contents and forwards the message to the receiver.
  • the third obvious problem which is related to the previous, is the fact that the sender cannot be sure who the ultimate receiver of the message is. The message may go to a different receiver than was intended by the sender.
  • the specification EP 0 889 620 A2 discloses a method and a system, in which two different routes are used for data transfer.
  • Information which is not confidential, is transmitted via an open data network, such as the Internet.
  • a closed network which may be a telephone network, for example, is used for transmitting confidential information. It is an objective of this invention to provide a method and a system, by which especially confidential information can be transmitted from the sender to the receiver so that no unauthorized third party has access to the information.
  • the objectives of the invention are achieved by an arrangement, by which confidential information is encoded and transmitted via a closed telecommunication network from the sender to the receiver.
  • a special method which can be tailored separately for each data transmission situation, is used for handling confidential information.
  • the method according to the invention is characterized in what is set forth in the characterizing part of the independent claim concerning the method.
  • the system according to the invention is characterized in what is set forth in the characterizing part of the independent claim concerning the system.
  • the sender transmits the confidential information to the receiver via the closed telecommunication network.
  • a closed telecommunication network is the public switched telephone network.
  • the transmission of confidential information takes place so that the sender encodes the confidential information by a method agreed on between the sender and receiver. This method is preferably one that the receiver has provided for the use of the sender either for this data transfer event or for an earlier, corresponding data transfer event.
  • the sender After the encoding, the sender transmits the coded data to the receiver over the closed telecommunication network by means of a telefax, for example.
  • the receiver When the receiver has received the encoded data, he can use various methods for decoding it. In view of the efficiency of the system, the best are mechanical, automated decoding methods.
  • all the data, which does not contain confidential information is transmitted via the open data network.
  • FIG. 1 illustrates the principle of the first system according to the invention
  • Fig. 2 shows a flow chart of a method according to the invention
  • Fig. 3 shows the signals of a system according to one embodiment of the invention
  • Fig. 4 shows the signals of a system according to another embodiment of the invention.
  • Fig. 5 illustrates the principle of another system according to the invention.
  • a central idea of the invention is to use a closed telecommunication network, such as a public switched telephone network, for transmitting confidential information.
  • a system like this provides many advantages. Firstly, because confidential information is not transmitted in the open data network, the risk of an unauthorized third party gaining access to the confidential information can be reduced. Because the confidential information is transmitted by a telefax, for example, via the public switched telephone network, it is possible when desired and required to send to the receiver a document with the sender's signature as an official indication of acceptance. Similarly, the sender thus has a receipt on paper of the information transmitted. Typically, the operator of the telephone network has information of the owners of each terminal.
  • the person sending confidential information can verify the telefax number of the receiver and thus make sure that the information to be transmitted goes to the right receiver.
  • the idea according to the invention is very useful, because credit card companies regard the telephone network as a safe way of transmitting confidential information and accept orders transmitted via a telephone network, unlike orders transmitted via open data networks.
  • a sender 101 is about to transmit confidential information to a receiver 107.
  • the sender 101 has entered the confidential information into a computer and encodes it by means of a separate encoding device or program 102, for example.
  • a separate encoding device or program 102 for example.
  • Such an encoder may be e.g. a bar code encoder or the like, and in practice it may be either a completely separate device, an encoding card or circuit installed in the computer or an arrangement implemented entirely by means of software, or some combination thereof, by which the confidential information can be encoded.
  • the sender prints the encoded confidential information, inputs it to a telefax device and sends to the receiver.
  • the confidential information is transmitted via a Public Switched Telephone Network (PSTN) to the receiver.
  • PSTN Public Switched Telephone Network
  • the telefax device prints the received data, which is inputted to a decoder 106, which decodes the information that was encoded at the transmitting end.
  • the decoding device 106 is inverse to the encoding device 102, and it may similarly be implemented either as a completely separate device, a decoding card or circuit installed in the computer or an arrangement implemented entirely by means of software in the computer, or a combination thereof.
  • the decoded, plain data is inputted to the receiver's computer 107, for example, by means of which the receiver can read the message received.
  • Telecommunications between two computers can be handled via an open data network, such as the Internet (WWW; World Wide Web) 108, when the data to be transmitted does not contain confidential information.
  • the solution according to the invention provides the advantage that confidential information can be transmitted as almost completely protected from the sender to the receiver.
  • the above mentioned public switched telephone network can be understood more widely as a network in which data security is better than in an open data network.
  • One such network is the mobile communication network, for example.
  • the use of separate encoding in the transmission of confidential information has been mentioned, but it is clear that encoding can also be left out when desired. When desired, encoding can also be used in connection with the information, which is transmitted via an open data network.
  • the system according to the invention comprises at least first means by which at least part of the information to be transmitted can be transmitted via an open data network and second means by which at least confidential information can be transmitted via a closed telecommunication network.
  • a system according to the invention can comprise means for encoding and/or decoding the information to be transmitted.
  • the means can be, for example, such that the information can be encoded as bar codes.
  • Fig. 2 shows a flow chart of the method according to the invention in a simple manner.
  • the sender gives the information, after which a decision is taken 202 as to whether the information given contains such information to which access should not be allowed for third parties. If the information does not contain confidential information, the information is transmitted from the sender to the receiver in an open data network 203. If again the information contains confidential information, the information is transmitted in a closed telecommunication network 204, such as a public switched telephone network.
  • a closed telecommunication network 204 such as a public switched telephone network.
  • step 301 the buyer sends in step 301 the selected information, or information telling what he wants to buy, to the receiver or seller via an open data network.
  • step 301 no confidential information is transmitted between the sender and receiver, although in order to protect the privacy of the buyer it may sometimes be important that no outsiders will know who wants to buy what from whom.
  • step 301 any method which is intended for use in an open data network and is known as such, but this is of no consequence with regard to the invention.
  • the system of the seller When the system of the seller has received the order information, it transmits in step 302 either automatically or as guided by the user a reply to the seller, in which reply it asks for the credit card information from the buyer, for example.
  • Other information that can be requested include the personal data and address data, by means of which the seller can deliver the selected products to the buyer.
  • the seller's system in connection with the reply, also transmits to the buyer a separate encoding program, by means of which the buyer can encode the required confidential information to improve the protection.
  • the purpose of the encoding program is both to offer the buyers an easy possibility of inputting confidential information to the terminal at their disposal and to make confidential transmission of this information to the receiver as easy and reliable as possible.
  • the encoding program includes a so-called form, which is a file or a part of a file, which can be presented to the buyer via the user interface of the terminal at his disposal.
  • the form is a file or a part of a file, which can be presented to the buyer graphically in the display of a computer or a corresponding terminal.
  • the form contains fields in which the buyer should enter certain data, at least part of which are confidential.
  • the form preferably includes instructions for filling in the fields.
  • all the fields of the form may be empty or there may be some prefilled data in some of them.
  • the prefilled data used by the seller's system can be either purely exemplary, in which case they have nothing to do with the buyer in question, or they can be data, which the seller's system has collected of the buyer in question either during the buyer's establishment of a connection in step 301 or earlier when the same buyer has had a connection with the seller's system.
  • the encoding program also includes some kind of a filling-in function, by means of which the buyer can fill in the data wanted in the form.
  • a function like this includes means for moving a cursor to a certain field as a response to a control command given by the user and means for saving a certain piece of input data when the user has moved the cursor to a certain field and keys in a certain character string.
  • the implementation of the form and the filling-in function represent a technology well known as such in the art.
  • the encoding program includes an encoding function.
  • the term encoding is used for any operation in which the input data given by the user are converted into a form in which they can be delivered to the seller via a closed telecommunication network and in which they can be later read by the seller or the system at the seller's disposal.
  • One well-known encoding method is converting character strings into a bar code, which is printed on paper or saved in a form, which corresponds to the optically read bar code.
  • bar code means a sequence formed by consecutive areas with a simple shape and different optical reflectivity.
  • the bar code can be one-dimensional, in which case it can be read simply by reading the optical reflectivity profile along an imaginary line running over the bar code, or it may be two-dimensional, in which case it can also be called square code.
  • Another well-known encoding method is printing character strings on paper with marks that are intended to be read optically. An example of the latter marks are alphanumeric marks that are used in cheques and other paper documents used in the banking business.
  • Encoding may also include a function in which a piece of input data given in a human-readable form (such as a plain credit card number) is converted into a form in which it is not readable by humans.
  • a coding function which reduces readability, is not necessary with regard to the invention.
  • encoding may be a null operation, which means saving the character strings entered by the buyer as such.
  • the encoding program includes a printing function, which may be an independent part of the encoding program or part of the encoding described above.
  • Printing as such means in this connection final conversion of the encoded input information into a form in which they can be left to be transmitted by the closed telecommunication network. If it is assumed that a system according to Fig. 1 is used, printing means concrete printing of the encoded input information on paper, which can be fed to a telefax device used by the buyer. Producing a paper print can also be avoided so that the encoded input data are directly converted electrically to the form into which the transmitting telefax device would in any case convert them when optically reading the paper fed into it.
  • the printing function of the encoding program is of the type of a programmed fax modem, which can "print" the electric data in computer-readable form into a bitmap used by the telefax devices in their mutual data transfer.
  • Implementing such a function may require that the buyer's computer has a modem either as a separate device or in the form of a modem card installed in the computer.
  • the printing function must be one that converts the encoded input data into tone frequency signals.
  • Many alternative printing forms and means for using them in connection with the invention essentially in the above described manner are known from the prior art.
  • the encoding program may also include an encrypting function.
  • Encryption means all such operations the purpose of which is to convert the input data given by the buyer into a form in which it is possible to read and to interpret them correctly only when using the right decrypting key.
  • a so-called public and private key method in which the keys form unambiguous pairs.
  • Information that has been encrypted by a certain so-called public key can only be opened with a corresponding private key. It is impossible to determine the shape of the other half of the pair of keys only on the basis of the other half.
  • the encoding program may contain the public key of the seller and means for encrypting the information given by the buyer with this key before encoding it or at the latest before printing it.
  • the use of encryption improves data security, because it protects the parties of the connection against tapping of the telephone network, wrongly dialled telephone numbers or the possibility that a transmitted or received telefax message remains lying on the telefax device, where it can be read by a large number of people, for example.
  • the encoding program may include a function to identify the buyer, the purpose of which is that only the buyer who at the time wants to do business with the seller can transmit the information formed by the encoding program through the closed data network.
  • a simple method of identifying the buyer is based on the fact that the buyer has either earlier in step 301 delivered his public encryption key to the seller or placed one in a public database for the use of the seller.
  • the seller encrypts it with the buyer's public key. Only the intended buyer can utilize such an encoding program transmitted as encrypted, because only he has the private key by which the encryption can be opened.
  • the encoding program may include an electric signing function.
  • signing can also be done traditionally with a pen: the buyer writes his signature on the printed paper before inputting it to the telefax.
  • Electric signing means that the input data are encrypted with the buyer's private key at some stage before sending them to the seller. Information that has been so encrypted can only be opened with the buyer's public key, which must be verified: a so-called independent party has verified that a certain public key belongs to a certain buyer.
  • An electric signature is easier to use than the traditional method, because an electric signature can also be verified electrically, unlike the traditional signature based on handwriting and its special physical characteristics.
  • the encoding program can also include a transmission function, by means of which the confidential information is transmitted via the closed data transfer network to the seller.
  • a transmission program is not needed in the embodiment of Fig. 1, for example, because the transmission is handled by a program which controls the operation of the buyer's telefax device.
  • the printing operation is handled by a program of the type of a telefax or tone frequency modem and a modem in the buyer's computer, the transmission function is naturally combined with printing, because in addition to the actual processing, the modems can also handle the setup and use of a telecommunication connection so that the data can be transmitted to the seller via a closed telecommunication network.
  • the encoding program can have the form of a Java program, i.e. an applet, a JavaScript or VBScript program, i.e. a script, a browser or a part thereof, i.e. a plug-in or executable binary program or an exe file.
  • a Java program i.e. an applet, a JavaScript or VBScript program, i.e. a script, a browser or a part thereof, i.e. a plug-in or executable binary program or an exe file.
  • the form of the encoding program must be such that the operating system of the mobile station or a program running under it and controlling the operation of the mobile station can recognize the encoding program as an executable program and install it to executable readiness.
  • the buyer's original connection setup in step 301 may contain information about the type of the buyer's terminal or some other information as to what kind of an encoding program the buyer's terminal can utilize. It is common knowledge to a person skilled in the art how to write encoding programs which can be utilized by buyers' different terminals.
  • step 303 the encoding program is installed and started automatically to executable readiness or the buyer starts it with a separate command given to the terminal.
  • the program can also be installed automatically but require a command to be started.
  • step 303 the buyer inputs the information requested by the encoding program, and the encoding program encodes it.
  • the fact that the encoding program is a program intended to be executed by a computer or the like constitutes a certain risk for the buyer.
  • the buyer should be able to make sure that no virus is installed to his terminal with the encoding program.
  • the virus risk can be prevented by using authentication of the seller and controlling the integrity of the encoding program, of which the previous means the use of cryptographic means known as such to make sure that the party acting as the seller is what the buyer thinks it is.
  • the control of the integrity of the encoding program means using cryptographic means known as such to make sure that the contents of the executable program acting as an encoding program have not changed after the seller has produced it for transmission to the buyer(s).
  • Internet browsers which represent the prior art at the priority day of this patent application, have security properties which can, for example, prevent writing any kind of information received via the network on the fixed disk of the buyer's terminal.
  • Such a data security property does not impede the use of an encoding program described above, because the encoding program can be executed without needing to write anything on the hard disk. This is the case especially if the coding program is in the form of a script. After the execution or in connection with the next shutting down of the computer or other operation which means emptying the runtime memory of the computer, such a program which is executed without saving disappears from the memory of the terminal.
  • the confidential information received by it from the buyer are not saved in the buyer's computer, either.
  • Step 304 means printing in the sense described above.
  • the buyer prints the information on paper, signs the information by pen or stamp and transmits the information by telefax or a corresponding device, which converts graphical information into electric form via the public switched telephone network to the seller.
  • the transmission has been denoted with the reference number 305.
  • the buyer forwards the confidential information, which may be encoded, to be transmitted electrically by telefax.
  • Such an arrangement requires of the buyer's system that the computer or computer network and the telefax device are connected to each other, but such connecting is a technique known as such.
  • the buyer also signs the confidential information electrically, e.g.
  • the information of an electric identification card can be used instead of the signature.
  • the buyer has at his disposal means for reading and transmitting the information of the chip of the identification card.
  • the seller receives the confidential information by means of a device in his own use, which can communicate via a closed telecommunication network.
  • a telefax has been frequently mentioned above, and thus it can again be assumed as an example that the seller receives confidential information by a separate telefax device or a telefax modem operating as a part of the computer system.
  • the seller's telefax device is physically separate and not directly a part of a computer or a computer system, it can have a local data transfer connection to a data system of the seller, which comprises means for reading, decoding and saving information received from the buyers.
  • the seller's data system can automatically combine the received confidential information to purchase information transmitted earlier in step 301.
  • the combining can take place on the basis of the transmitting telefax number or the like, which has been given to the seller already when purchases have been made via the Internet.
  • the transmission of confidential information of the buyer 305 is marked with a broken line, which means that this transmission of information takes place via a closed telecommunication network.
  • the seller sends in step 306 to the buyer verification of successful reception of confidential information.
  • a so-called acknowledgement is preferably arranged to take place automatically as a consequence of the operation of the seller's data system.
  • the acknowledgement 306 is marked in the figure with a solid line to indicate that an open telecommunication network can be used as a transmission channel for it. Alternatively it can be sent in the closed telecommunication network; the channel in which the acknowledgement is sent is of no consequence with regard to the invention. Neither is the acknowledgement a necessary event in trading with regard to the invention, and it can be omitted when the seller and/or buyer so wishes.
  • the main purpose of the acknowledgement is to give a quick feedback to the buyer to indicate that the purchase event has proceeded in the intended manner.
  • the actual delivery of the purchased goods to the buyer may take so long that the buyer may get nervous if he has no evidence of a successful purchase prior to the delivery.
  • the next example is the application of the invention to such a telecommunication event between a seller and a receiver, in which information, which should not become known by third parties, is transmitted several times.
  • Such information may include information related to personal goods and services, such as ordering medicines or care services for various illnesses, or consulting a doctor via the data network.
  • the buyer goes to the home page of the pharmacy, from which the buyer selects the required medicines by filling in a form in the Internet.
  • the buyer can print the form, which contains confidential information, the names of the medicines in this example, and sends it by telefax in step 401 to the pharmacy.
  • the buyer can forward the form electrically to be transmitted by a telefax.
  • the encoding of the information can be arranged e.g. so that the buyer can download from the home page of the seller an encoding program to his personal computer and encode the confidential information before sending it to the seller.
  • the seller's telefax and preferably also other data system receives the information sent by the buyer and transfers the information to the trade database. If the information is encoded, it is decoded, whereafter the information is transferred to the trade database.
  • the trade system sends in step 402 acknowledgement to the buyer, in which acknowledgement it asks for the buyer's personal data and credit card data.
  • This acknowledgement can be sent via an open data network, such as the Internet, because in this connection confidential information is not transmitted at all.
  • the buyer receives the acknowledgement and fills in the required data, whereafter the buyer again transmits 403 the confidential information in a similar manner as above, i.e. via a closed telecommunication network to the seller.
  • this confidential information can be encoded with the same encoding program, for example, as the information transmitted previously.
  • the receiver or in this exemplary embodiment the seller's telefax receives the transmitted information and transfers it to the data system.
  • the seller's data system preferably combines the last received information with earlier information by means of a selected identifier, such as the telefax number.
  • the seller can transmit 404 to the buyer verification of the reception of the confidential information, if the buyer and seller have so agreed. The verification can again be transmitted via the open data network.
  • the solution according to the invention can also be used in cases in which the sender and receiver use other terminal devices than personal computers.
  • the mobile station is a mobile station 501 using the Global System for Mobile communications (GSM), which comprises means, by which it is possible to do business in the Internet.
  • GSM Global System for Mobile communications
  • the mobile station 501 can also be e.g. a mobile station of a third generation mobile communication system, such as the UMTS (Universal Mobile Telecommunication System), or a mobile station 501 of any other telecommunication system, by which it is possible to establish a connection with an open data network, such as the Internet.
  • UMTS Universal Mobile Telecommunication System
  • the user communicates with the Internet 108 by means of a mobile station 501.
  • a mobile station 501 establishing a connection with the Internet 108 takes place so that there is a connection from the mobile station 501 to an open data network via a mobile communication network 502.
  • the mobile communication network 502 is comparable to the public switched telephone network, or generally speaking represents a closed telecommunication network.
  • the mobile communication network 502 comprises typical elements of a mobile communication network 502, such as base stations, base station controllers, mobile switching centres etc. It is clear to a person skilled in the art that the elements that belong to the mobile communication network 502 are dependent on the network being used, and the names and functions of the network elements can differ considerably between different networks.
  • the user 501 of the mobile station selects the desired products from the Internet pages of a shop and sends his selection to the seller.
  • the selection information or purchase information is transmitted partly via the mobile communication network 502 and partly via the Internet network 108.
  • the seller's data system receives the transmission and transmits a form asking e.g. for the personal data and credit card data.
  • the form can be transmitted to the buyer's mobile station 501 e.g. via the Internet 108 and the mobile communication network 502.
  • Another possibility is that the seller transmits the form via the public switched telephone network 104 and the mobile communication network 502 to the mobile station 501.
  • the form can be transmitted by using, for example, the Short Message Service (SMS) available in many telecommunication networks.
  • SMS Short Message Service
  • the buyer transmits the required information by sending e.g. a short message to the seller.
  • the user of the mobile station 501 sends the required confidential information as a telefax to the seller's data system, in which the telefax is handled in a similar manner as in the embodiments presented above.
  • a short message can be sent directly to the telefax device. This is possible at least in the GSM system.
  • Complete telefax services are being planned at least in the services of the future mobile communication networks.
  • the seller can send to the user of the mobile station 501 acknowledgement of the reception of confidential information and e.g.
  • the encoding can also be arranged in the mobile station 501, if desired.
  • the seller can send an encoding program to the mobile station 501, which encoding program can be used by the user of the mobile station 401 to encode the confidential information.
  • Fig. 5 presents an arrangement in which the buyer uses a mobile station 501 and the seller a personal computer 107, it can also be implemented in other ways.
  • the seller also uses a mobile station 501 instead of a personal computer, by means of which mobile station 501 the seller can request confidential information from the buyer.
  • the seller has arranged his home pages on a server in the open data network 108, whereby the buyer can get information about the products of the seller.
  • Information about the products selected by the buyer is transmitted to the seller's mobile station 501.
  • the transmission of confidential information is preferably implemented in such a case completely via the mobile communication network 502.
  • the mobile station 501 presented can be any other terminal, by which the operations mentioned above can be performed.
  • the essential requirement is that in addition to the open data network, the terminal can also be connected to at least one other closed telecommunication network, which has better data security than an open data network.

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Finance (AREA)
  • Telephonic Communication Services (AREA)
  • Facsimile Transmission Control (AREA)

Abstract

L'invention concerne un procédé et un système destinés à la transmission d'informations confidentielles. Le procédé selon l'invention est appliqué de manière particulièrement avantageuse lorsqu'une partie des informations à transmettre peut être transmise par l'intermédiaire d'un réseau de télécommunication ouvert, et une autre partie est transmise par l'intermédiaire d'un réseau de télécommunication fermé. Selon l'invention, les informations transmises par l'intermédiaire du réseau de télécommunication fermé sont des informations confidentielles telles qu'un numéro de carte de crédit. Selon l'invention, les informations à transmettre par l'intermédiaire du réseau de télécommunication fermé sont de préférence codées pour augmenter la sécurité des données. Le système selon l'invention comporte des premiers moyens de transmission d'informations au moins partiellement par l'intermédiaire d'un réseau de télécommunication ouvert, des deuxièmes moyens de codage d'informations, et des troisièmes moyens de transmission d'informations par l'intermédiaire d'un réseau de télécommunication fermé.
PCT/FI2000/000896 1999-10-13 2000-10-13 Transmission d'informations confidentielles WO2001028154A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP00969597A EP1221224A1 (fr) 1999-10-13 2000-10-13 Transmission d'informations confidentielles
AU79269/00A AU7926900A (en) 1999-10-13 2000-10-13 Transmission of confidential information

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI19992204 1999-10-13
FI992204A FI112417B (fi) 1999-10-13 1999-10-13 Luottamuksellisten tietojen välitys

Publications (1)

Publication Number Publication Date
WO2001028154A1 true WO2001028154A1 (fr) 2001-04-19

Family

ID=8555442

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2000/000896 WO2001028154A1 (fr) 1999-10-13 2000-10-13 Transmission d'informations confidentielles

Country Status (4)

Country Link
EP (1) EP1221224A1 (fr)
AU (1) AU7926900A (fr)
FI (1) FI112417B (fr)
WO (1) WO2001028154A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2828966A1 (fr) * 2001-08-23 2003-02-28 Schlumberger Systems & Service Procede pour communiquer de facon securisee des donnees d'identification d'une carte de paiement
EP1189180A3 (fr) * 2000-07-17 2003-12-17 Pioneer Corporation Méthode pour fournir un service d'informations
EP1385131A1 (fr) * 2002-07-24 2004-01-28 Koninklijke KPN N.V. Procédé pour la communication d'un numéro de référence à travers un réseau non-sécurisé
FR2843664A1 (fr) * 2002-08-16 2004-02-20 Alain Deblock Procede et systeme de securisation de transmission d'informations sur des reseaux de telecommunication
EP1692795A4 (fr) * 2003-11-12 2007-05-30 Interdigital Tech Corp Systeme d'acces autonome a un serveur d'applications sur differents types de reseaux de technologie d'acces
FR2985400A1 (fr) * 2012-01-03 2013-07-05 Alcatel Lucent Transmission securisee de donnees
US8976953B2 (en) * 2011-11-22 2015-03-10 Incontact, Inc. Systems and methods of controlling confidential communication in contact handling systems
US9237503B2 (en) 2002-07-02 2016-01-12 Interdigital Technology Corporation Method and apparatus for handoff between a wireless local area network (WLAN) and a universal mobile telecommunication system (UMTS)
WO2016077679A1 (fr) * 2014-11-14 2016-05-19 Citrix Systems, Inc. Communication de données entre dispositifs clients utilisant une connexion hybride comprenant un trajet de communications ordinaires et un trajet de communications hautement confidentielles
US9380501B2 (en) 2004-03-12 2016-06-28 InterDigital Technology Corporation, Inc. Method and system for switching a radio access technology between wireless communication systems with a multi-mode wireless transmit/receive unit
US10045271B2 (en) 2003-11-13 2018-08-07 Interdigital Technology Corporation Method and system for facilitating inter-system handover for wireless communication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0765068A2 (fr) * 1995-09-22 1997-03-26 AT&T Corp. Système de facturation téléphonique pour services de données interactives et d'informations
EP0889620A2 (fr) * 1997-07-03 1999-01-07 Oki Electric Industry Co., Ltd. Procédé et système de communication de données sécurisé
WO1999034547A1 (fr) * 1997-12-24 1999-07-08 Interactive Magazines Ltd. Procede de communication secrete entre trois participants

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0765068A2 (fr) * 1995-09-22 1997-03-26 AT&T Corp. Système de facturation téléphonique pour services de données interactives et d'informations
EP0889620A2 (fr) * 1997-07-03 1999-01-07 Oki Electric Industry Co., Ltd. Procédé et système de communication de données sécurisé
WO1999034547A1 (fr) * 1997-12-24 1999-07-08 Interactive Magazines Ltd. Procede de communication secrete entre trois participants

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1189180A3 (fr) * 2000-07-17 2003-12-17 Pioneer Corporation Méthode pour fournir un service d'informations
FR2828966A1 (fr) * 2001-08-23 2003-02-28 Schlumberger Systems & Service Procede pour communiquer de facon securisee des donnees d'identification d'une carte de paiement
US9237503B2 (en) 2002-07-02 2016-01-12 Interdigital Technology Corporation Method and apparatus for handoff between a wireless local area network (WLAN) and a universal mobile telecommunication system (UMTS)
EP1385131A1 (fr) * 2002-07-24 2004-01-28 Koninklijke KPN N.V. Procédé pour la communication d'un numéro de référence à travers un réseau non-sécurisé
EP1862979A1 (fr) * 2002-07-24 2007-12-05 Koninklijke KPN N.V. Procédé de communication d'un numéro de référence sur des réseaux non sécurisés
FR2843664A1 (fr) * 2002-08-16 2004-02-20 Alain Deblock Procede et systeme de securisation de transmission d'informations sur des reseaux de telecommunication
WO2004017269A1 (fr) * 2002-08-16 2004-02-26 Alain Deblock Procede et systeme de securisation de transmission d'informations sur des reseaux de telecommunication
EP1692795A4 (fr) * 2003-11-12 2007-05-30 Interdigital Tech Corp Systeme d'acces autonome a un serveur d'applications sur differents types de reseaux de technologie d'acces
EP2228931A3 (fr) * 2003-11-12 2010-11-17 Interdigital Technology Corporation Système pour l'application d'un accès autonome au serveur dans différents types de réseaux de technologie d'accès
US10045271B2 (en) 2003-11-13 2018-08-07 Interdigital Technology Corporation Method and system for facilitating inter-system handover for wireless communication
US9380501B2 (en) 2004-03-12 2016-06-28 InterDigital Technology Corporation, Inc. Method and system for switching a radio access technology between wireless communication systems with a multi-mode wireless transmit/receive unit
US10165478B2 (en) 2004-03-12 2018-12-25 Interdigital Technology Corporation Method and system for switching a radio access technology between wireless communication systems with a multi-mode wireless transmit/receive unit
US8976953B2 (en) * 2011-11-22 2015-03-10 Incontact, Inc. Systems and methods of controlling confidential communication in contact handling systems
KR101575552B1 (ko) * 2012-01-03 2015-12-07 알까뗄 루슨트 안전한 데이터 전송
CN104025551A (zh) * 2012-01-03 2014-09-03 阿尔卡特朗讯公司 安全的数据传输
WO2013102596A1 (fr) * 2012-01-03 2013-07-11 Alcatel Lucent Transmission securisee de donnees
US9686239B2 (en) 2012-01-03 2017-06-20 Alcatel Lucent Secure data transmission
CN104025551B (zh) * 2012-01-03 2017-07-04 阿尔卡特朗讯公司 用于以安全方式传送数据的方法和通信终端
FR2985400A1 (fr) * 2012-01-03 2013-07-05 Alcatel Lucent Transmission securisee de donnees
WO2016077679A1 (fr) * 2014-11-14 2016-05-19 Citrix Systems, Inc. Communication de données entre dispositifs clients utilisant une connexion hybride comprenant un trajet de communications ordinaires et un trajet de communications hautement confidentielles
US9646163B2 (en) 2014-11-14 2017-05-09 Getgo, Inc. Communicating data between client devices using a hybrid connection having a regular communications pathway and a highly confidential communications pathway

Also Published As

Publication number Publication date
FI19992204L (fi) 2001-04-14
AU7926900A (en) 2001-04-23
EP1221224A1 (fr) 2002-07-10
FI112417B (fi) 2003-11-28

Similar Documents

Publication Publication Date Title
US6516996B1 (en) Electronic payment system
US7380125B2 (en) Smart card data transaction system and methods for providing high levels of storage and transmission security
US6434561B1 (en) Method and system for accessing electronic resources via machine-readable data on intelligent documents
US6954532B1 (en) Selective encryption of mixed raster content layers
US7003497B2 (en) System and method for confirming electronic transactions
US20040068470A1 (en) Distributing public keys
CA2880608C (fr) Procede permettant de generer un code, procede d'autorisation et systeme d'autorisation permettant d'autoriser une operation
EP0166541A2 (fr) Réseau de communications utilisant un dispositif de chiffrage et de déchiffrage
EP1142194B1 (fr) Procede et systeme de mise en oeuvre d'une signature numerique
WO1998052163A2 (fr) Ensemble cle de transport pour carte a circuit integre
WO1998011716A1 (fr) Procede et systeme de certification de documents electroniques
CN1304610A (zh) 用于保密数据传送系统的保密方法和设备
JPH06176036A (ja) 認証可能な複製作成方法
AU2004240278A1 (en) Method and apparatus for creating and validating an encrypted digital receipt for third-party electronic commerce transactions
EP1221224A1 (fr) Transmission d'informations confidentielles
FI118832B (fi) Menetelmä ja järjestelmä palvelun tarjoamiseksi tietoverkon välityksellä
EP1146684B1 (fr) Impression limitée d'une information transmise de manière électronique
KR20130095363A (ko) 해쉬함수 또는 전자서명을 이용하는 디지털 코드 기반 송금 방법
US6141116A (en) System and method for secured transmission of data over telephone communications system
US20060239455A1 (en) Data transmission system, data transmission method, and device
JP2002117350A (ja) サービス発行方法並びにサービス提供方法及びそのシステム
US20080235394A1 (en) Secure Document Management System
JP2002099209A (ja) 印刷物検証情報付加及び印刷物検証に関連する装置、システム、方法、プログラム、印刷物及び記録媒体
CN101124766A (zh) 创建电子签名的文档的方法
KR20030014743A (ko) 매트릭스 코드를 이용한 에스엠에스 티켓팅 시스템 및 그방법

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
WWE Wipo information: entry into national phase

Ref document number: 2000969597

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2000969597

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2000969597

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载