EP2356617A1 - Verfahren und system zum bereitstellen einer zielangabe - Google Patents
Verfahren und system zum bereitstellen einer zielangabeInfo
- Publication number
- EP2356617A1 EP2356617A1 EP09782732A EP09782732A EP2356617A1 EP 2356617 A1 EP2356617 A1 EP 2356617A1 EP 09782732 A EP09782732 A EP 09782732A EP 09782732 A EP09782732 A EP 09782732A EP 2356617 A1 EP2356617 A1 EP 2356617A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- tag
- event
- destination
- data
- reader
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/08—Logistics, e.g. warehousing, loading or distribution; Inventory or stock management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/90—Details of database functions independent of the retrieved data types
- G06F16/95—Retrieval from the web
- G06F16/955—Retrieval from the web using information identifiers, e.g. uniform resource locators [URL]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K17/00—Methods or arrangements for effecting co-operative working between equipments covered by two or more of main groups G06K1/00 - G06K15/00, e.g. automatic card files incorporating conveying and reading operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/10009—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
- G06K7/10019—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves resolving collision on the communication channels between simultaneously or concurrently interrogated record carriers.
- G06K7/10108—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves resolving collision on the communication channels between simultaneously or concurrently interrogated record carriers. interrogating only those RFIDs that fulfill a predetermined requirement, e.g. selecting all RFIDs having the same speed and moving in a cloud like fashion, e.g. on the same train; interrogating only RFIDs having a certain predetermined temperature, e.g. in the same fridge, another possibility being the active ignoring of a group of tags that fulfill a predetermined requirement, equivalent to the Boolean NOT operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0492—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload by using a location-limited connection, e.g. near-field communication or limited proximity of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
Definitions
- the invention relates to a method and a system for tamper-resistant provision of at least one destination, in particular routing information, which is embedded in a signed digital certificate of a tag.
- Tags or tags can be used for a variety of applications, especially in the fields of logistics, maintenance and access control.
- tags may be attached to a product package or to the product itself.
- tags are integrated in a product.
- Tagged goods or goods can be traced in a logistical chain where the goods pass through different places, companies and systems.
- Tags are read out by associated tag readers or readers.
- the presence of a tag or the recognition of a tag represents an event. This event may, for example, form an elementary base event in the form of a data access to the tag or an application-specific event of an application program.
- a tag is read by a reader, this represents, on the one hand, a base event in the form of a data access to the tag and, moreover, can represent an event at an application level, for example a goods receipt to a warehouse.
- the events are fed to the application program for their evaluation, which can be executed on a different computer than the reading device.
- the evaluation of an application event is performed by an application program that runs on a remote target computer.
- such events which are triggered by a tag, are targeted by the reader to a designated one
- Target computer forwarded.
- the event message is switched by the reader to a target computer of the background system, which evaluates the event message.
- a significant disadvantage of such systems is that they are completely inflexible. For example, if the system is reconfigured to have the application program evaluate an event to a new or different one
- the forwarding of the event message by the reader must, if necessary, be reconfigured so that the event messages are redirected or switched to the new target computer. This reconfiguration of the event forwarding represents a considerable effort.
- the invention provides a method for providing at least one destination indication of an event message for an event occurring on a tag reader, wherein the destination indication is taken from a signed digital certificate of a tag.
- An advantage of the method according to the invention is that the destination specification of an event message is provided tamper-proof, that is, it is not readily possible for a third party to specifically redirect the event message.
- the event message is forwarded via a network to a destination computer, which is addressed by the destination information.
- the forwarding can be direct or indirect.
- the event message has a tag ID of the tag and a reader ID of the tag reader. This information allows the evaluation of the event to take into account the location where the event occurred.
- the event message contains information data which contains location data of the tag reader, an event time and user data provided by the tag.
- the tag reader is a mobile reader.
- the mobile reading device may include an integrated GPS receiver which provides location data of the tag reading device.
- the tag includes one or more sensors that provide sensor data that is passed as payload data in the event message.
- an event caused by a tag is reported in an associated event message to the destination computer addressed by the destination if the tag is authenticated by the tag reader by means of a public tag key taken from the signed certificate which is transmitted from the respective tag to the tag reader.
- the forwarding of the event message takes place only after the authentication of the respective tags has been carried out and is therefore particularly tamper-proof.
- the event caused by the tag is formed by a base event in the form of a data access to the tag.
- This data access can be a read or a write.
- the event caused by the tag is formed by an application-specific event of an application program.
- This application program can be executed on the tag reader itself or on a remote target computer. The application program evaluates the application-specific event.
- the extracted destination is formed by a destination address, which may be a URL, an IP address or a MAC address of a target computer.
- the extracted target information may also include a plurality of destination addresses of a signal path, so that it can be ensured that the event message reaches the target computer via a desired signal path, which may include a plurality of computers, from the tag reader.
- a desired signal path which may include a plurality of computers
- the extracted destination is a compressed map value that references a destination address stored in a memory or a stored signal path.
- the compressed mapping value may be, for example, a hash value of an address.
- the invention further provides a system having the features specified in patent claim 9.
- the invention provides a system for providing at least one destination indication of an event message for an event occurring on a tag reader, the destination indication being contained in a signed digital certificate of a tag.
- the event message comprises a data packet which can be forwarded via at least one network to a destination computer which is addressed by the destination information.
- the event message contains information data having location data of the reading device, an event time and user data provided by the tag.
- the tag reader is locally mobile and has a location detection device for generating location data.
- the invention further provides a tag and system for providing an event message destination indication to an event encountered on a tag reader, the destination indication being included in a signed digital certificate of the tag, the tag comprising:
- nonvolatile memory with a reserved memory area for a signed digital certificate and with a non-reserved memory area for user data and
- An authentication unit for authenticating the tag for authenticating the tag.
- the tag has at least one sensor for generating sensor payload data.
- the tag is an RFID tag.
- the tag is attached to a product package or to a product.
- the tag is integrated in a product.
- Figure 1 is a block diagram of a possible embodiment of the system according to the invention.
- Figure 2 is a signal diagram illustrating a possible embodiment of the system according to the invention.
- Figure 3 is a block diagram of a possible embodiment of a system used in the system according to the invention.
- Figure 4 is a block diagram of another embodiment of the system according to the invention.
- FIG. 5 shows a further block diagram of a possible embodiment of the system according to the invention.
- the system 1 comprises at least one tag reader 2, which can communicate with a tag 4 via a radio interface 3.
- the tag reader 2 is connected to a target computer 6 via a data network 5.
- the tag reader 2 may be a permanently installed reader or a reader located, for example, at the door of a warehouse.
- a tag reader 2 may also be a mobile reader which has, for example, a GPS receiver.
- the tag 4 shown in FIG. 1 may be attached to a product or to a product package.
- the tag 4 is integrated within an article, for example within a designated spare part.
- the marked goods may be, for example, spare parts of the automotive or aircraft industry.
- tag 4 is an RFID tag.
- the RFID tag can be an active RFID tag with its own power supply or a passive RFID tag.
- tag 4 is a one-dimensional or multi-dimensional barcode.
- At least one destination indication ZA of an event message is made available, the destination indication ZA being taken from a signed digital certificate Z of the tag 4.
- the extracted destination ZA can include at least one destination address or multiple destination addresses. The addresses are included For example, a URL address, an IP address or a MAC address of the target computer 6.
- the extracted destination ZA may also be a compressed image value, for example, a hash value, which references a stored in a memory destination address. This memory may be located, for example, in the tag reader 2.
- the event message can be formed by a data packet that is forwarded via at least one network, for example the network 5, to the destination computer 6, which is addressed by the destination information ZA.
- This data packet or this event message may contain, in addition to the destination information ZA, a tag ID of the tag 4 and a reader ID of the tag reader 2.
- information data may be contained in the event message, such as location data of the tag reader 2, an event time of an event and also user data supplied by the tag 4.
- the location data of the tag reader 2 for example, have the spatial coordinates of the site of the tag reader 2 or contain general location information, such as "Warehouse A" or "Warehouse Kunststoff".
- the tag 4 has one or more sensors, which provide sensor data, which are transmitted as user data in the event message to the target computer 6.
- the event time indicates a time at which a base event or an application-specific event of an application program has occurred.
- the event time indicates, for example, the time at which the tag 4 is read by the tag reader 2.
- FIG. 2 shows a signal diagram for explaining a possible embodiment of the system 1 according to the invention.
- the tag reader 2 first requests a certificate Z from the tag 4.
- the tag reader 2 has a public key Kpub certificate which is provided by a certification authority or a certification authority CA.
- the tag reader 2 checks the received tag.
- a destination statement ZA is contained in the received signed digital certificate Z via an event message to be generated.
- the certificate Z may contain a public key for authentication.
- the certificate Z contains a digital signature that signs the public key KpubT of the tag 4 and the destination ZA.
- the tag reader 2 may in one possible embodiment of the method according to the invention perform an authentication of the tag 4, for example by means of a challenge-response method.
- a challenge-response method the possession of a secret is indirectly interrogated by asking the tag 4 a challenge that can only answer the tag 4 if the tag 4 is in possession of this secret.
- This secret is usually a cryptographic key.
- the tag reader 2 sends a random number to the tag 4 and the tag 4 then calculates a response using the secret key and sends this answer R back to the tag reader 2. This becomes the secret or the cryptographic key not transferred.
- the challenge-response method may be based on symmetric or asymmetric cryptography.
- An asymmetric cryptographic encryption offers the advantage of a simpler key management.
- the content of the transmitted certificate Z is used in the system according to the invention.
- the certificate Z is readably stored in a data memory of the tag 4 together with the public key. Private keys, on the other hand, are not readable.
- the tag reader 2 transmits the challenge C, for example a random number, to the tag 4, which uses the private tag key KPivT to encrypt the received challenge C for calculating a response R.
- the response R is then transmitted from the tag 4 to the tag reader 2, which uses the public tag key KpubT taken from the certificate Z to decrypt or decode the received response for calculating a challenge C '. If the decrypted challenge C matches the sent challenge C, the tag 4 is authenticated and the tag reader 2 can report the event by transmitting an event message to the target computer 6 indicated by the target ZA.
- the event caused by the tag 4, for example a data access to the tag 4 is reported in an associated event message, for example in a data packet, to the destination computer 6 addressed by the destination statement ZA if the tag 4 is tagged by the tag reader 2 is authenticated by the public tag key KpubT taken from the signed certificate Z transmitted from the respective tag 4 to the tag reader 2.
- the event message or the data packet is transmitted directly to the target computer 6.
- not only one destination address but several addresses of a signal path or routing information are taken from the certificate Z.
- routing information for tag or RFID events is thus embedded in that certificate Z of the respective tag 4, which is used to authenticate the tag by the reader 2.
- This information codes to which back-end system or to which target computer 6 the day event of the respective tag 4 is to be sent in order to be evaluated or stored there. This approach significantly reduces the overhead of configuring and maintaining System 1, as it does not need to be configured in the infrastructure to which which tag or RFID event needs to be sent.
- the routing information is also efficiently protected and coupled with the respective day 4, since the already existing day certificate Z can be used and its functionality only needs to be extended. This is particularly relevant to a multi-domain tag environment in which a common tag reading infrastructure is used for different tags of 4 different publishers.
- the invention
- System 1 is thus particularly suitable for independently operated tag applications that use a shared tag reading infrastructure or common tag readers 2.
- an efficiency increase is achieved by the system 1 according to the invention, since the tag event data only to the intended
- Destination destination or the desired target computer 6 are transmitted and not to other entities. Furthermore, no filter rules have to be administratively configured in the infrastructure.
- a security gain is achieved by accepting only signed routing information from an event switching network. In this way, for example, tag data infiltrated by attackers, for example, with changed user data or so-called malware, can be sorted out immediately and will not be further processed.
- the digital certificate Z which is stored on the tag 4 in a data memory, contains the public key of the tag which is used to authenticate the tag 4 and the associated signature of the certificate Z.
- information data about the destination or the target computer 6 is encoded into the certificate Z for the evaluation of the day event data.
- This destination ZA indicates where the tag events of the respective day 4 should be transmitted.
- the destination can be encoded as a URL in one possible embodiment.
- destination details or destination details can be entered in the certificate Z if the event is to be reported to a plurality of target computers 6.
- it can additionally be encoded which specific additional data (useful data) is to be delivered to the target computer 6 for evaluating the event.
- the actual destination destination is not coded, for example as a destination address, but an image value of the destination address.
- the mapping value may be, for example, a hash value of the destination address, wherein the transmitted hash value may be resolved by the tag reader 2 into a complete URL.
- the hash value of the URL e.g., SHAl or MD5
- a wildcard expression or a regular expression of the destination or destination is encoded in the certificate Z.
- An example of this is "rfidevent: // *. Siemens.com / *" and in a separate memory area the actual destination is encoded on day 4, for example "rfidevent: //rfid.containertracking. Industry. Siemens.com / track / customer / 317 / ".
- this is not part of the tag certificate Z and therefore not protected by its digital signature.
- the use of wildcard expressions offers increased flexibility while still providing protection by the Z certificate.
- the tag certificate Z restricts the permitted destination or destination addresses. However, a changed destination address can be stored on day 4 without having to issue a new certificate Z for the respective day 4.
- a check between the specified destination and the issuer of the digital certificate of the respective day 4 can continue to take place.
- the issuer of the certificate Z is the one who has digitally signed the certificate Z, for example a certification authority or certification authority CA.
- a specified destination or destination is only accepted if it belongs to the issuer CA. This is preferably checked on the basis of the certificate Z issued by the certification authority CA.
- Information about the issuer may be encoded, for example "*. Siemens.com". On the basis of this information, it can be checked whether the destination information or the event destination matches the respective issuer, that is, matches the information in the certificate Z. In this way, it can be restricted for which destinations ZA or destinations can issue a certification authority tag certificates Z.
- the embedding of the routing information or the destination data ZA in the digital certificate Z protects it by digital signature of the certificate Z.
- This digital signature makes manipulation of the routing information or routing data considerably more difficult.
- this information can be checked efficiently since the tag reader 2 evaluates the certificate Z of the tag 4 anyway.
- FIG. 3 shows a block diagram of a possible embodiment of a tag 4, as can be used in the system 1 according to the invention.
- day 4 is on RFID tag.
- the tag 4 has a radio interface 4A for data exchange with the tag reader 2.
- the tag 4 contains a nonvolatile memory 4B.
- This nonvolatile memory 4B has a reserved memory area for a signed digital certificate Z and a non-reserved memory area for user data.
- the non-volatile memory 4B is, for example, a flash memory or E 2 PROM memory.
- the tag 4 contains an authentication unit 4C for authenticating the tag 4, for example by means of a challenge-response method.
- the authentication unit 4C has, for example, an integrated memory or a register for storing a non-readable private key KprivT.
- the certificate Z within the non-volatile memory 4B contains a signed public key KpbT of the tag 4 as well as routing information or destinations ZA for forwarding the event message.
- the stored certificate Z is issued and signed by the certification authority CA (Certificate Authority). It signs the content of the certificate Z, ie the public key of the tag 4 and the target data ZA.
- the tag 4 shown in FIG. 3 can be attached to any product or product packaging.
- day 4 may be integrated into a subject. For example, it is possible to provide higher-quality replacement parts, for example aircraft replacement parts with an integrated tag 4 according to FIG. 3, in order to ensure the use of original spare parts in the repair of aircraft.
- FIG. 4 shows schematically the structure of a system 1.
- This system 1 consists of one or more RFID tags 4 and one or more RFID readers 2, an event switching network 7, an event processing system 8 and one or more Entities 9 accessing the RFID event data.
- the event processing system 8 may be the target computer 6 shown in FIG.
- the information about a read-out RFID tag 4 via the event switching network or the data network to forward the event message to the associated system for data processing of the event are transmitted.
- the reported event is processed, for example, the event is stored in a database.
- An entity or a device or an application program can access the acquired information in order, for example, to query the last detected location of a tag 4 or to read out sensor data, for example a temperature, acquired by a sensor of the tag 4.
- FIG. 5 shows a further exemplary embodiment of a system 1 according to the invention.
- the event switching network 5-1 is, for example, a network of a warehouse, the tag reader 2-1 being located in the entrance of the warehouse and the tag reader 2-2 being located at an exit of the warehouse. renlagers is attached.
- FIG. 5 shows a further exemplary embodiment of a system 1 according to the invention.
- the event switching network 5-1 is, for example, a network of a warehouse, the tag reader 2-1 being located in the entrance of the warehouse and the tag reader 2-2 being located at an exit of the warehouse. renlagers is attached.
- FIG. 5 shows a further exemplary embodiment of a system 1 according to the invention.
- the event switching network 5-1 is, for example, a network of a warehouse, the tag reader 2-1 being located in the entrance of the warehouse and the tag reader 2-2 being located at an exit of the warehouse. renlagers is attached.
- FIG. 5 shows a further exemplary embodiment of a system 1 according to the invention.
- Embodiment is another tag reader 2-3 in another warehouse and is connected to its own event switching network 7-2.
- a server for event data processing is provided for each tag reader.
- Different application programs or entities 9-1, 9-2, 9-3, 9-4 run on the different servers 8-1, 8-2, 8-3.
- the entities 9-1 to 9-4 are separate devices on each of which an application software for evaluating event data of the tags 4 is executed.
- the event can be transmitted in any form from a message or a data packet to the specified destination address or destination.
- the event message can be an XML or text file.
- the network 5 shown in FIG. 1 can be composed of several subnetworks.
- the network 5 is the Internet.
- the transmission of data from the tag reader 2 to the network 5 wired.
- the transmission of the data between the tag reader 2 and the network 5 takes place wirelessly via a radio interface.
- the target information embedded in the certificate Z is the destination specification of a target computer 6, as shown in FIG.
- the destination ZA is the destination of another day 4 ', that is, the event which is triggered by the day 4 shown in Figure 1, is reported in another day in a possible embodiment based on the destination ZA.
- user data can be selectively transferred from one day to another day.
- sensor data of one day can be transmitted to another day for its evaluation.
- the tag 4 not only has a sensor but also an actuator.
- actuators of a different tag are controlled in dependence on the sensor data originating in a first day.
- the inventive system, as shown in Figure 1 can be used in many ways, especially in the field of logistics, maintenance and access control.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Economics (AREA)
- Databases & Information Systems (AREA)
- Toxicology (AREA)
- Health & Medical Sciences (AREA)
- Quality & Reliability (AREA)
- General Business, Economics & Management (AREA)
- Tourism & Hospitality (AREA)
- Strategic Management (AREA)
- Development Economics (AREA)
- Operations Research (AREA)
- Entrepreneurship & Innovation (AREA)
- Human Resources & Organizations (AREA)
- Marketing (AREA)
- Data Mining & Analysis (AREA)
- Artificial Intelligence (AREA)
- General Health & Medical Sciences (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Electromagnetism (AREA)
- Information Transfer Between Computers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE102008061481 | 2008-12-10 | ||
PCT/EP2009/061596 WO2010066480A1 (de) | 2008-12-10 | 2009-09-08 | Verfahren und system zum bereitstellen einer zielangabe |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2356617A1 true EP2356617A1 (de) | 2011-08-17 |
Family
ID=41338485
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP09782732A Ceased EP2356617A1 (de) | 2008-12-10 | 2009-09-08 | Verfahren und system zum bereitstellen einer zielangabe |
Country Status (4)
Country | Link |
---|---|
US (1) | US8981935B2 (de) |
EP (1) | EP2356617A1 (de) |
CN (1) | CN102246190A (de) |
WO (1) | WO2010066480A1 (de) |
Families Citing this family (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8981935B2 (en) | 2008-12-10 | 2015-03-17 | Siemens Aktiengesellschaft | Method and system for supplying target information |
US9113234B2 (en) * | 2010-07-27 | 2015-08-18 | The Boeing Company | Wireless device association system |
US9197984B2 (en) * | 2011-04-19 | 2015-11-24 | Qualcomm Incorporated | RFID device with wide area connectivity |
DE102011103740A1 (de) * | 2011-05-31 | 2012-12-06 | Smartrac Ip B.V. | Verfahren und Anordnung zum Bereitstellen und Verwalten von mit RFID-Datenträgern verknüpften Informationen in einem Netzwerk |
US8464960B2 (en) | 2011-06-30 | 2013-06-18 | Verisign, Inc. | Trusted barcodes |
US11817939B2 (en) | 2012-03-31 | 2023-11-14 | Intel Corporation | Proximate communication with a target device |
US9125006B2 (en) | 2012-03-31 | 2015-09-01 | Intel Corporation | Proximate communication with a target device |
US9667360B2 (en) | 2012-03-31 | 2017-05-30 | Intel Corporation | Proximate communication with a target device |
EP2973285A4 (de) | 2013-03-12 | 2016-03-30 | Intertrust Tech Corp | Sichere transaktionssysteme und -verfahren |
US9419803B2 (en) * | 2013-12-31 | 2016-08-16 | Nxp B.V. | Flexible data authentication |
CN104992136B (zh) * | 2015-07-29 | 2018-08-03 | 北京京东尚科信息技术有限公司 | 识别条形码的方法及装置 |
US10699178B1 (en) * | 2017-09-21 | 2020-06-30 | Impinj, Inc. | Digital identities for physical items |
EP3672308B1 (de) * | 2018-12-14 | 2021-08-25 | Deutsche Telekom AG | Authorization method and terminal for releasing or blocking resources |
Family Cites Families (34)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7005985B1 (en) * | 1999-07-20 | 2006-02-28 | Axcess, Inc. | Radio frequency identification system and method |
US6744528B2 (en) | 2000-11-30 | 2004-06-01 | Pitney Bowes Inc. | Method and system for remote printing of documents |
DE10161968A1 (de) | 2001-12-17 | 2003-07-10 | Henkel Kgaa | Verfahren und System zum Ermitteln einer einem Objekt zugeordneten Information |
US6667690B2 (en) * | 2002-01-22 | 2003-12-23 | Carrier Corporation | System and method for configuration of HVAC network |
US20030161475A1 (en) * | 2002-02-28 | 2003-08-28 | Crumly James D. | Encryption of digitized physical information based on physical tags |
US20040046642A1 (en) * | 2002-09-05 | 2004-03-11 | Honeywell International Inc. | Protocol for addressing groups of RFID tags |
JP2004258734A (ja) | 2003-02-24 | 2004-09-16 | Nippon Telegr & Teleph Corp <Ntt> | 無線タグを用いた状態判定方法及び状態判定システム |
US20040268132A1 (en) * | 2003-06-30 | 2004-12-30 | Nokia Corporation | Radio frequency identification (RFID) based network access management |
US7774604B2 (en) * | 2003-12-10 | 2010-08-10 | Mcafee, Inc. | Verifying captured objects before presentation |
US7165722B2 (en) * | 2004-03-10 | 2007-01-23 | Microsoft Corporation | Method and system for communicating with identification tags |
KR101015499B1 (ko) | 2004-06-19 | 2011-02-16 | 삼성전자주식회사 | 복수의 파장을 발생시키는 반도체 레이저 소자 및 상기반도체 레이저 소자용 레이저 펌핑부 |
US7366806B2 (en) * | 2004-07-27 | 2008-04-29 | Intel Corporation | Method and apparatus for RFID tag wherein memory of RFID tag is partitioned into two sections for reading using wireless interface and writing using bus |
US7924151B2 (en) * | 2004-08-10 | 2011-04-12 | Schneider Electric Buildings Ab | Field device management |
US7562223B2 (en) * | 2004-12-17 | 2009-07-14 | Xerox Corporation | Multifunction device with secure job release |
EP1710764A1 (de) * | 2005-04-07 | 2006-10-11 | Sap Ag | Authentifizierung von Produkten mit Identifikationsetiketten |
US7864040B2 (en) | 2005-05-31 | 2011-01-04 | Siemens Aktiengesellschaft | Localization system and localization method and mobile position data transmitter |
DE102005025806B4 (de) | 2005-06-02 | 2008-04-17 | Bundesdruckerei Gmbh | Verfahren zum Zugriff von einer Datenstation auf ein elektronisches Gerät |
CN100375111C (zh) | 2005-07-07 | 2008-03-12 | 复旦大学 | 一种基于射频识别技术的防伪验证方法及防伪*** |
KR100733986B1 (ko) * | 2005-12-08 | 2007-06-29 | 한국전자통신연구원 | Ip주소 기반 rfid 서비스를 위한 rfid 태그 및그를 이용한 ip주소 기반 rfid 서비스 방법 |
FI119623B (fi) * | 2006-09-08 | 2009-01-30 | Savox Comm Oy Ab Ltd | Viestintälaite, -järjestelmä ja -menetelmä omavaraiseen hengityslaitteeseen |
US7683773B1 (en) * | 2006-09-15 | 2010-03-23 | G2 Microsystems Pty, Ltd. | Telemetry data in packet exchanges |
JP4952169B2 (ja) * | 2006-09-26 | 2012-06-13 | 富士通株式会社 | 情報アクセス・システムおよびアクティブ型非接触情報記憶装置 |
US8552839B2 (en) * | 2006-11-29 | 2013-10-08 | Verizon Patent And Licensing Inc. | Method and apparatus for managing radio frequency identification (RFID) tags |
CN101206713B (zh) * | 2006-12-18 | 2012-07-11 | 国际商业机器公司 | 标签识别***和方法 |
CN100472562C (zh) | 2006-12-20 | 2009-03-25 | 杭州华三通信技术有限公司 | 光模块的电子标签、制作和识别方法及识别装置 |
DE102007009023B4 (de) * | 2007-02-23 | 2011-12-22 | Siemens Ag | Vorrichtung und Verfahren zum Bereitstellen von RFID-Identifizierungsdaten für einen Authentisierungsserver |
KR100805273B1 (ko) | 2007-02-28 | 2008-02-20 | 고려대학교 산학협력단 | 무선 식별 시스템을 이용한 진열된 물품의 정보 확인 방법,무선 식별 시스템을 이용한 구매된 물품의 정보 확인방법, 그 기록매체 및 그 시스템 |
CN101192234A (zh) | 2007-06-07 | 2008-06-04 | 腾讯科技(深圳)有限公司 | 一种基于网页抽取的搜索***及搜索方法 |
GB2452251B (en) * | 2007-08-21 | 2010-03-24 | Motorola Inc | Method and apparatus for authenticating a network device |
US8325914B2 (en) * | 2007-11-27 | 2012-12-04 | Cisco Technology, Inc. | Providing secure communications for active RFID tags |
FI126720B (fi) * | 2007-12-04 | 2017-04-28 | Sensire Oy | Menetelmä, järjestelmä ja laitteet datan keräämiseksi |
CN101236677B (zh) | 2008-02-15 | 2011-11-30 | 南华大学 | 一种商品防伪及防伪税控综合*** |
US8334755B2 (en) * | 2008-12-05 | 2012-12-18 | Electronics And Telecommunications Research Institute | Method for recognizing radio frequency identification tag reader and apparatus thereof |
US8981935B2 (en) | 2008-12-10 | 2015-03-17 | Siemens Aktiengesellschaft | Method and system for supplying target information |
-
2009
- 2009-09-08 US US13/139,096 patent/US8981935B2/en active Active
- 2009-09-08 EP EP09782732A patent/EP2356617A1/de not_active Ceased
- 2009-09-08 WO PCT/EP2009/061596 patent/WO2010066480A1/de active Application Filing
- 2009-09-08 CN CN2009801497038A patent/CN102246190A/zh active Pending
Non-Patent Citations (2)
Title |
---|
ANONYMOUS: "Wildcard certificate - Wikipedia, the free encyclopedia", 7 August 2015 (2015-08-07), XP055223387, Retrieved from the Internet <URL:https://en.wikipedia.org/wiki/Wildcard_certificate> [retrieved on 20151026] * |
See also references of WO2010066480A1 * |
Also Published As
Publication number | Publication date |
---|---|
US20110248852A1 (en) | 2011-10-13 |
WO2010066480A1 (de) | 2010-06-17 |
CN102246190A (zh) | 2011-11-16 |
US8981935B2 (en) | 2015-03-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2356617A1 (de) | Verfahren und system zum bereitstellen einer zielangabe | |
EP3108610B1 (de) | Verfarhen und system zum erstellen und zur gültigkeitsprüfung von gerätezertifikaten | |
DE102015217855A1 (de) | Prüfung einer Konsistenz zwischen Referenzdaten eines Fertigungsobjektes und Daten eines digitalen Zwillings des Fertigungsobjektes | |
EP3673623A1 (de) | Verfahren und steuersystem zum steuern und/oder überwachen von geräten | |
DE112011100182T5 (de) | Transaktionsprüfung für Datensicherheitsvorrichtungen | |
EP2891102A1 (de) | Rfid-tag und verfahren zum betreiben eines rfid-tags | |
DE102010027586B4 (de) | Verfahren zum kryptographischen Schutz einer Applikation | |
EP3688928B1 (de) | Dataculestruktur und verfahren zum manipulationssicheren speichern von daten | |
EP3763089B1 (de) | Verfahren und steuersystem zum steuern und/oder überwachen von geräten | |
DE102009039823A1 (de) | Verfahren zur Überprüfung einer Ware als Orginalware eines Warenherstellers | |
DE102020205993B3 (de) | Konzept zum Austausch von kryptographischen Schlüsselinformationen | |
WO2019081434A1 (de) | Verfahren und steuersystem zum steuern und/oder überwachen von geräten | |
EP3718263B1 (de) | Verfahren und steuersystem zum steuern und/oder überwachen von geräten | |
EP3248324B1 (de) | Verteiltes bearbeiten eines produkts auf grund von zentral verschlüsselt gespeicherten daten | |
DE102018212098A1 (de) | Verfahren zum Betrieb eines blockchainbasierten Produktschutzsystems und blockchainbasiertes Produktschutzsystem | |
DE112020004797T5 (de) | Verwalten physischer objekte unter verwendung von krypto-ankern | |
DE102018115348B4 (de) | Fälschungssicherung und Abgabekontrolle von Verbrauchsgütern | |
EP3345364A1 (de) | Indirekter berechtigungstransport | |
DE102013105727A1 (de) | Verfahren zum Deaktivieren einer Sicherheitsanlage | |
EP3186741B1 (de) | Zugriffsschutz für fremddaten im nichtflüchtigen speicher eines tokens | |
DE102020205994A1 (de) | Konzept zum Austausch von verschlüsselten Daten | |
EP4141713A1 (de) | Verfahren zum zuordnen eines digitalen modells zu einer physikalischen komponente eines automatisierungssystems, automatisierungssystem und fertigungsanlage | |
WO2023011756A1 (de) | Sicheres element, verfahren zum registrieren von token und tokenreferenzregister | |
EP4123960A1 (de) | Verfahren und vorrichtung zum bereitstellen eines einem geschützten datenobjekt zugeordneten digitalen nutzergeheimnisses | |
EP3817315A1 (de) | Prüfvorrichtung, vorrichtung und verfahren zum validieren von transaktionen |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20110517 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR |
|
DAX | Request for extension of the european patent (deleted) | ||
17Q | First examination report despatched |
Effective date: 20120921 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SIEMENS AKTIENGESELLSCHAFT |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20160414 |