Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/60—Protecting data
  • G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
  • G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
  • G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
  • G06F21/6254—Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L63/00—Network architectures or network communication protocols for network security
  • H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
  • H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden

Definitions

• the present invention relates to the field of detection of intellectual property infringement in a completely distributed environment open to sharing and in particular data security.
• the collection server upon receipt of encrypted collected profile data, the collection server selects a targeted advertisement based on the decrypted profile data, - the collection server transmits to the anonymization server a targeted message including the anonymized identification data and the targeted advertisement
• the anonymization server transmits the targeted announcement to the user terminal corresponding to the decrypted identification data.
• This system teaches the use of an anonymization server by a data collection server.
• the document US2014304825 or EP 2 734 953 teaches a data anonymization method comprising: the reading of parameters of an anonymization procedure from a configurable anonymization procedure resource, the reading parameters defining a flow of job to receive data to anonymize and apply one or more transformations to it, and in which the read parameters also include an indication of an authorized number of simultaneous processing threads to receive the data and apply the transformation (s) anonymization; receiving data to be anonymized from a data source in accordance with the defined workflow, the data source being identifiable from one or more of the read parameters; and applying one or more anonymization transformations to the data received according to the defined workflow, in which the transformation or transformations comprise the transformation of at least an original part of the data received into a transformed part, and in which the steps consisting to receive data and apply one or more anonymization transformations are performed using no more than the allowed number of concurrent processing threads specified in the read parameters.
• This document teaches a limitation to a number of authorized threads, which is incompatible with a public platform intended for any user and any reprocessing of the data with a view to its protection.
• This document limits the anonymization transformation (s) applied which are one or more selected from the group comprising: a hash; write; filter; find and replace; replacement with random values; validation; and masking.
• the offer of data security and / or desensitization services must not be limited by a number of threads or by the choice of transformations.
• the present invention aims to overcome certain drawbacks of the prior art and in particular to encourage and facilitate the sharing of data in a decentralized environment, by offering the owner the possibility of protecting or and securing all or part of his data. .
• the present invention relates to a platform for securing data managed or manipulated in an information system (IS), the platform comprising:
• At least one multiprocessing service comprising at least:
• a request service comprising an IT and software infrastructure to analyze the requests transmitted by each client via a client / web service channel interface (webservice);
• at least one processing server comprising at least one processor, a memory comprising a set of programs / algorithms, the execution of which on said processor implements a set of processing methods for securing client data, for storing them in a database, said set of processing methods comprising at least:
• the platform being characterized in that said set of methods also includes a combined security method of tokenization and anonymization of data, the choice of implementation of choice being carried out automatically by the result of the analysis of the needs formulated by the client in his request (s) and security instructions formulated by the manager.
• the requests are transmitted encrypted from the client terminal by a key assigned to the user or the company, the platform receiving the user's certificate authenticates it, searches the trunk for the associated decryption key and decrypts and analyzes the data in the request message.
• the platform for securing data managed or manipulated in an information system comprises at least one manager interface to allow a client manager of an IS to transmit data securing instruction files specific to each client of said IS.
• the platform for securing data managed or manipulated in an information system comprises at least one certificate service comprising at least one IT infrastructure comprising at least one processor, a memory containing at least one program of which the execution on the processor generates an authentication certificate specific to each client of said SI to connect to the platform and / or to the multiprocessing service and issue data security processing requests.
• the platform for securing data managed or manipulated in an information system (IS) is characterized in that the multiprocessing service comprises a program, the execution of which on said processor makes it possible to compare entries made by the client as and when with the data of the GDPR file stored in its own dedicated secure safe audit client and generate an error indication or a modification suggestion satisfying the GDPR standard, the entries validated by the client being stored in said safe and, in the event that the client overrides the suggestion, systematically send a message with a token or anonymous message with a flag indicating GDPR non-compatibility.
• the multiprocessing service comprises a program, the execution of which on said processor makes it possible to compare entries made by the client as and when with the data of the GDPR file stored in its own dedicated secure safe audit client and generate an error indication or a modification suggestion satisfying the GDPR standard, the entries validated by the client being stored in said safe and, in the event that the client overrides the suggestion, systematically send a message with a token or anonymous message with a flag indicating GDPR non-comp
• the multiprocessing service is based on a multi-column and multi-site architecture and comprises at least two data centers having a column structure for data processing, at least one data replicator device for configuring each data center data so as to obtain identical data in each of the columns of the data centers, at least one load distributor (4) configured to distribute dynamically and without interruption treatment requests independently on each of the columns according to their load, at least a data bus configured to allow synchronization of the data between said data centers, each column comprising at least one processing server and at least one secure database.
• each data center (10a, 10b) comprises at least one security layer comprising at least one device comprising at least one processor, a memory comprising a set of programs whose execution makes it possible to generate, store and protect cryptographic keys to secure at least the data processed.
• the data processing server is connected to the device of the security layer via a communication means in order to recover cryptographic keys used to secure the data according to the type of processing requested by each client of the IS.
• the processing server of each data center comprises wired / wireless communication means for transferring the processed data into at least one secure database and securing access to said data via the cryptographic keys recovered in the security device of the security layer.
• the processing server of each data center comprises wired / wireless communication means for connecting to the dedicated dedicated safe of each IS client and transferring the data processed by said customer according to his preferences.
• the data is first sent to the tokenization module and then the anonymization module having received the data during the tokenization combines the data with the token received from the token creation module. (tokenizer) to generate tokenized-anonymized information to send to the client.
• the invention also relates to a server, comprising one or more computer safes and implementing a service allowing an information system (IS) accessing the server to set up security for its sensitive data which it stores and / or manipulates, by: implementing the correct security methods, such as anonymization or pseudonymization, vis-à-vis sensitive data by configuring the configuration of the security instructions transmitted by an interface the manager and authorizing their storage in one or more areas of safes dedicated to each manager,
• IS information system
• the desensitization of a data can be carried out by association of the token (Token) with a concatenation of personal data (Name, First name, Address, Telephone number, ...) and storage.
• a final object of the invention is to propose an architecture allowing the implementation of the service. This goal is achieved by a multi-column and multi-site computer system, allowing batch processing, comprising an application web interface with firewall, a server as described in the present request, as well as a database.
• each manager to memorize the security configurations as a function of the data or of a plurality of users to memorize each certificate assigned to each user and other security services for each column, a load balancing device allowing requests to be broadcast independently on all columns of the architecture and a replication system allowing identical columns, each server providing specific reception for IS managers via a specific interface allowing the definition of '' at least one storage security for each type of data and user authentication and p opening providing each user with a token serving as pivot data.
• the server includes a software tool for
• a second Randomization to reduce the accuracy of the data by adding noise, by replacing one data with another while keeping the substitution or permutation in the memory of the safe.
• the server (60, 6a, 6b, 6c, 6d) provides a specific reception for IS managers realizing an interface for the manager's terminal to allow the manager to define by selection in several menus the type of data (personal, scientific, technical, commercial,) for each type a data definition attribute, for personnel, name, telephone, home address, employer, office address, etc., for scientist, calculations, new product, etc. ..., for commercial: new market, etc ).
• type of data personal, scientific, technical, commercial,
• the server provides a specific reception of the IS managers realizing an interface for the terminal to define a plurality of users with for each a certificate to allow an authentication of each user and a definition of the types of accessible data or types of accessible services, this data being stored in a safe specific to the company represented by the manager.
• the server providing a specific reception for the IS managers realizes an interface to define according to the classifications of the data the Desensitization Rules to be respected according to the classification of the data.
• the desensitization of a data is carried out in association with the Token with a concatenation of the personal data (Name, First name, Address, Telephone number, ...) and storage.
• FIG 1 Figure 1 schematically shows an SI system architecture according to the invention.
• Figure 2 shows schematically the use of the platform
• FIG 3 presents the scenario which makes it possible to replace the data with an irreversible token while retaining the uniqueness of the entry;
• FIG. 4 presents the scenario allowing anonymization of personal data by the application of a blurring method .
• FIG. 6 shows an example of the result of using the data desensitization rules applied to a bank card
• FIG. 7 shows an example of algorithm (tokenization) generation of a token corresponding to a data
• the present invention relates to a data security platform.
• the solution works on a multi-column and multi-site IT architecture allowing batch processing comprising a load distribution device (4) allowing requests to be broadcast independently on all columns.
• a replication system makes it possible to have identical columns.
• This multi-column architecture or computer system or “redundant architecture” allows for a service close to continuous service despite the technical and security developments that are imposed to comply with a security policy.
• Each IS management client is isolated on a specific reception by a specific interface allowing secure storage and authentication.
• the data security platform managed or manipulated in an information system includes:
• At least one multiprocessing service comprising at least:
• a request service comprising an IT and software infrastructure for analyzing the requests transmitted by each client via a client / web service channel interface (webservice);
• At least one processing server (60, 6a, 6b, 6c, 6d) comprising at least one processor, a memory comprising a set of programs / algorithms whose execution on said processor implements a set of processing methods securing customer data, to save it in a database (7a, 7b, 7c, 7d), said set of processing methods comprising at least:
• Said set of processing methods also includes a combined security method of tokenization and anonymization of the data, the choice of implementation according to choice being carried out automatically by the result of the analysis of the needs formulated by the customer in his or its requests and security instructions formulated by the manager
• the solution allows, through machine learning, using numerous use cases, to be able to produce different results according to the constraints linked to the GDPR standard.
• the solution provides one or more data desensitization methods, for example by anonymizing predefined personal data and / or by providing a reference token on this data.
• the solution allows the clear data to be given back to the user who has the token by simply calling this token on the server.
• batch processing allows large volumes to be taken into account.
• the solution works on a quad-column architecture with an input load distributor (4).
• This technical architecture is distributed, for example, on two datacenters (data center (10a, 10b)).
• the columns are application synchronized by a data bus (5) (for example and without limitation, a payment bus) between the two data centers.
• a data bus (5) for example and without limitation, a payment bus
• the offer is deployed on dedicated physical servers to allow monitoring of permanent security and application upgrades.
• the reception of flows can be done according to expected volumes on dedicated or shared safes (71, 72).
• the safe (71, 72) can hold up to 200 million sensitive data (PAN, IBAN or other ..).
• the data is stored on a MYSQL database (7a, 7b, 7c, 7d).
• the architecture also includes in each column or data center (10a, 10b) and of computation (datacenter) a security layer comprising at least one device (8a, 8b, 8c, 8d) or one (Hardware Security Module HSM) Hardware Module Security which is a device considered inviolable offering cryptographic functions.
• a security layer comprising at least one device (8a, 8b, 8c, 8d) or one (Hardware Security Module HSM) Hardware Module Security which is a device considered inviolable offering cryptographic functions.
• the security keys are present in the HSM (8a, 8b, 8c, 8d) of the security layer.
• a security hardware module (HSM) is a dedicated encryption processor, specially designed to offer a security service which consists of generating, storing and protecting security cryptographic keys throughout their life cycle.
• the multiprocessing service is based on a multi-column and multi-site architecture and comprises at least two data centers having a columnar structure for data processing, at least one replicating device for configuring each data center (10a, 10b ) so as to obtain identical data in each of the columns of the data centers, at least one load distributor (4) configured to distribute dynamically and without interruption treatment requests independently on each of the columns according to their load, at least a data bus (5) configured to allow synchronization of data between said data centers, each column comprising at least one processing server and at least one secure database (7a, 7b, 7c, 7d).
• each data center (10a, 10b) comprises at least one security layer comprising at least one device (8a, 8b, 8c, 8d) comprising at least one processor, a memory comprising a set of programs including the execution makes it possible to generate, store and protect cryptographic keys to secure at least the data processed.
• the data processing server is connected to the device (8a, 8b, 8c, 8d) of the security layer via a communication means in order to retrieve cryptographic keys used to secure the data according to the type of processing requested by each IS customer.
• the processing server of each data center (10a, 10b) comprises wired / wireless communication means for transferring the data processed in at least one database (7a, 7b, 7c, 7d) secure and secure access to said data via the cryptographic keys recovered in the security device (8a, 8b, 8c, 8d) of the security layer.
• the processing server of each data center (10a, 10b) comprises wired / wireless communication means for connecting to the dedicated secure safe (71, 72) of each IS client and transferring the data processed by said customer according to his preferences.
• the requests are transmitted encrypted from the client terminal by a key assigned to the user or the company, the platform receiving the user's certificate authenticates it, searches in the safe (71, 72) the key associated decryption and decrypts and then analyzes the data of the request message.
• the platform comprises at least one manager interface to allow a client managing an IS to transmit data security instruction files specific to each client of said SI.
• K-anonymity / Aggregation consists of modifying the actual data (partially or totally)
• K-anonymity / Aggregation The techniques of aggregation and k-anonymity aim to prevent a data subject from being isolated by grouping it with, at least, k other individuals.
• the connections to the safe (71, 72) are made by WEBServices with a client certificate.
• it comprises at least one certificate service comprising at least one IT infrastructure comprising at least one processor, a memory containing at least one program whose execution on the processor generates an authentication certificate specific to each client of said IS to connect to the platform and / or the multiprocessing service and issue data security processing requests.
• the multiprocessing service includes a program, the execution of which on said processor makes it possible to compare entries made by the client as they go along with the data of the GDPR file stored in the dedicated dedicated safe (71, 72) own customer audit and generate a error indication or a modification suggestion satisfying the GDPR standard, the entries validated by the customer being memorized in said safe (71, 72) and, in the event that the customer exceeds (overdoes) the suggestion, systematically send a message with a token or anonymous message with a flag indicating GDPR non-compatibility.
• the tool uses various and combinable techniques of data desensitization and at the choice of the user.
• pseudonymization can be an alternative to anonymization. Unlike the latter, pseudonymization is a reversible process which consists in replacing one attribute by another within a record. Pseudonymization is a technique, for example, preferred in projects where the identity of an individual is not essential
• the tool (63) (DANNY.
• the Danny tool can include at least one tokenizer (62)) for data desensitization is based on three nested concepts:
• Authentication Control of the validity of the certificate (1 per calling customer) certified by a certification authority.
• This authentication is mutual authentication
• this authentication allows entry into the PCI zone; only the serial number of the certificate allows access to the associated safe (71, 72).
• Second concept -The implementation of a large number of anonymization and / or pseudonymization methods existing on the server to meet any need to secure sensitive data.
• Pseudonymization Make impossible any link between the pseudonym and the real person, so reversibility is impossible.
• BPS Preserving Encryption
• Masking consists of modifying the actual data (partially or totally)
• K-anonymity / Aggregation The techniques of aggregation and k-anonymity aim to prevent a data subject from being isolated by grouping them together with at least k other individuals.
• the pivot data can be composed of an elementary data or the concatenation of several data. This pivotal data will be encrypted using a algorithm which will respect the unique input.
• the cryptographic implementation allows irreversibility and respects uniqueness. It is subjected to robustness tests.
• a scenario allows both to anonymize and tokenize data.
• This processing consists in tokenizing a pivot data and in associating with this token (3) additional data for customer feedback with this anonymized data.
• the data is first sent to the tokenization module and then the anonymization module having received the data during the tokenization combines the data with the token received from the tokeniser (62). to generate tokenized- anonymized information to send to the customer.
• Associated services can be:
• the server may preferably implement, in its tokenization software component (63) a BPS encryption algorithm, with n iterations, preserving the format of the initial data.
• the principle of this algorithm is represented in FIG. 7 and consists in the first iteration to truncate or decompose the sensitive data into two character strings (CHAO and CHBO) then to use the right chain CHBO in an encryption function F performing an encryption of (CHBO) from a key K contained in HSM (8a, 8b, 8c, 8d) and a setting value Tr to which the value zero is added, the result of this function being added to the left chain (CHAO) to form the result (CHA1) of the first iteration and (CHBO) becoming (CHB1).
• CHBO tokenization software component
• the result on the left (CHA1) is used in the same encryption function F to perform an encryption of (CHA1) using the same key K and the setting value TL to which the value 1 is added. to generate the result added to the previous right chain (CHB1) to constitute the next right chain (CHB2), the left result (CHA1) becoming (CHA2).
• the left (CHAw) and right (CHBw) chains are obtained to be concatenated and constitute the number (CHy).
• a discrete logarithm calculation Ld is applied to the value (CHy) to generate the token (3).
• the tokenization module can also implement a FF3 process for tokenizing very long data (beyond 19 characters, for example).
• the method may include a combination of the BPS algorithm or method described above and an algorithm known as "elliptical curves".
• the BPS method is first used, with at least 10 turns or iterations, the result is then coupled to the "elliptic curves" algorithm to give it (the token) this irreversibility function.
• the job can be done as follows:
• the token generated retains the length of the initial PAN, in addition it may or may not retain certain characteristics of the PAN.
• the MULTI algorithm which allows the tokenization of any type of data (PAN, BIC, IBAN, telephone numbers, email addresses 7), the field to be tokenized is an area of 10 to 96 characters.
• the length of the token generated may vary depending on the length of the data received as input.
• the tool (63) can propose desensitization of personal data by association of the Token with a concatenation of personal data (Name, First name, Address, Telephone number, ... ).
• the server (6a, 6b, 6c, 6d, 60) provides a specific reception for IS managers realizing an interface for the manager's terminal to allow the manager to define by selection in several menus the type of data (personal, scientific, technical, commercial,) for each type a data definition attribute, for personnel: telephone name, home address, employer, office address, etc., for scientist: calculations, new product, etc., for salesperson : new market, etc ...), and associate with each type or attribute a processing of the data or associated service to desensitize and secure it.
• type of data personal, scientific, technical, commercial,
• the server (60) thus allows the manager to determine the rules to be respected, the data classifications, the security methods to be applied according to the types of data, it also makes it possible to determine the user certificates associated with each user managed by the manager, the certificate having to be received by the server before any processing for securing the data.
• the inference can we deduce information about an individual? b.
• the data classification is at least one of the following:
• Pseudo Direct Data giving access to a single individual (Data correlation)
• Indirect Data called non-personal but allowing to find the person (Joining of various information)
• the security method (s) are chosen at least from one of the following:
• Pseudonymisation reversible, hash or token (FPE or not)
• the server (60) allows at least one proposal for data desensitization, such as for example:
• Figure 3 presents the scenario which makes it possible to replace the data with an irreversible token (3) while retaining the uniqueness of the entry.
• the pivot data being the PAN or another data defined during configuration as pivot data by the client manager
• this data will be sent encrypted to the server by a key belonging to or associated with the client in HSM and the server 60 will decrypt the data, will analyze it according to the criteria defined during configuration and will trigger the appropriate processing, namely in this case tokenization.
• the pivot / token data pair is stored in a safe (71, 72) secured to authorize associated services stored during configuration such as:
• Figure 4 presents the scenario allowing anonymization of personal data by the application of a blurring method contained in the tool (63).
• the data is not kept during processing and during configuration by the client manager, the blurred data was defined as data requiring irreversibility and the manager chose blurring as the anonymization type in its configuration menu.
• the configuration being stored in the safe (71, 72) corresponding to the company represented by the manager, each time an authenticated user sends data of the same type in a secure manner, it will be returned blurred to the user
• FIG. 5 shows the scenario for both anonymizing and tokenizing data.
• Data (1) is made up of pivot data and additional data.
• the processing consists in tokenizing the pivot data (2) and in processing the additional data by the anonymization tool then in associating this additional anonymized data with the token (3) for a return of the token to the customer with this anonymized data.
• the associated services during configuration can be:
• the invention also relates to a server for securing the data.
• the server comprises one or more computer safes (71, 72) and implementing a service allowing an information system (IS) accessing the server to set up security for its sensitive data that it stores and / or handles, by setting up the right security methods with regard to sensitive data by configuring by an interface the configuration of the security instructions transmitted by the manager and by authorizing their saving in one or more several safe zones (71, 72) dedicated to each manager,
• IS information system
• desensitization of data can be achieved by associating the token with a concatenation of personal data (Name, First name, Address, Telephone number, ...) and storage.
• the invention also relates to a computer architecture for secure data processing.
• the IT architecture is multi-column and multi-site. It allows batch processing, and includes an application web interface with firewall (5a, 5b, 5c, 5d), a server and a database (7a, 7b, 7c, 7d) managing one or more safes.
• each manager to memorize the security configurations as a function of the data or of a plurality of users to memorize each certificate assigned to each user and other security services for each column
• a load distribution device (4) allowing the requests to be broadcast independently on all the columns of the architecture and a replication system allowing identical columns
• each server providing a specific reception for IS managers via an interface specific allowing the definition of at least one storage security for each type of data and user authentication and which can provide each user with a token serving as pivot data.
• the computer architecture server includes a software tool for data desensitization using two families of methods:
• a Generalization first to cancel the uniqueness of the data, such as by Masking or by K-anonymity / Aggregation;
• a second Randomization to reduce the accuracy of the data by Adding noise, by replacing one data by another while keeping the memory in the safe (71, 72) the substitution or by permutation.
• the server (6a, 6b, 6c, 6d, 60) provides a specific reception for IS managers realizing an interface for the manager's terminal to allow the manager to define by selection in several menus the type of data (personal, scientific, technical, commercial,) for each type a data definition attribute, for personnel: telephone name, home address, employer, office address, etc., for scientist: calculations, new product, etc. ..., for commercial: new market, etc ).
• type of data personal, scientific, technical, commercial,
• the server provides a specific reception for the IS managers realizing an interface for the terminal to define a plurality of users with, for each one, a certificate to allow authentication of each user and a definition of the types of data accessible or accessible types of services, these data being stored in a safe (71, 72) specific to the company represented by the manager.
• the server providing a specific reception for the IS managers realizes an interface to define according to the data classifications the Desensitization Rules to be respected according to the classification of the data.
• the rules to be observed, in the IT architecture or the server are:
• the data classification rules, in the IT architecture or the server are:
• Direct Nickname Data giving access to a unique individual (Data correlation)
• Indirect Data said to be non-personal but used to find the person (Joining of various information).
• the desensitization of a data, in the IT architecture or the server is carried out in association with the token with a concatenation of personal data (Name, First name, Address, Telephone number, ...) and memorization.
• modules can be implemented by electronic circuit, such as an integrated circuit for example or by other types of arrangement of components, such as for example semiconductors, logic gates, transistors or other discrete components.
• modules can also be implemented by one or more software application (s) or portion (s) of executable code (s) within at least one software environment, for execution by various types of
• An identified module can, for example, include one or more physical or logical blocks of machine instructions which can, for example, be organized into object, process, or function.
• routines and instructions of an identified module do not need to be physically located together, but can include disparate instructions stored in different locations which, when joined functionally and logically together, form the module and perform the purpose indicated for the module.
• a module can be a single executable code instruction, or a plurality of instructions, and can even be distributed among several different code segments or among different programs and stored in several memory blocks.
• operational data can be identified and illustrated in modules, and can be incorporated in any suitable form and organized in any suitable type of data structure. Operational data may be collected or may be distributed to different locations including different finished storage devices, and may exist, at least partially, simply as signals
• system is understood here to mean any type of terminal or device arranged to perform the functions described with reference to the modules.
• the system includes data processing means enabling these described functions to be carried out and may therefore include specific circuits performing these functions or, in general, include computer resources making it possible to execute the instructions described above.
• references in the present description to an implementation, an embodiment or an alternative embodiment means that a device, or a module, or a structure, or a particular characteristic described is included in at least one embodiment of the present invention and that the different examples do not necessarily relate to the same embodiment.
• One or more devices, processors or processing devices can be configured to perform the function or functions of each of the elements and modules of the structural arrangement described here.
• the device (s), processors or processing devices may be configured to execute one or more sequences of one or more instructions executable by the machine contained in a main memory in order to implement the method (s) or the method (s) functions described herein.
• the execution of the sequences of instructions contained in a main memory causes the processors to execute at least some of the steps of the process or of the functions of the elements described here.
• One or more processors in a multiprocessing arrangement can also be used to execute sequences of instructions contained in main memory or a memory readable computer.
• wired circuits can be used in place of or in combination with software instructions.
• the embodiments are not limited to any specific combination of hardware and software circuits.
• Non-volatile media include, for example, optical or magnetic discs.
• Volatile media include dynamic memory.
• Transmission media include coaxial cables, copper wire and optical fibers.
• Computer-readable media include, for example, a floppy disk, flexible disk, hard drive, magnetic tape, other magnetic media, CD-ROM, DVD, other optical media, punch cards, another physical medium with hole patterns, RAM, PROM and EPROM, FLASH-EPROM, any other memory chip or cartridge, a carrier wave as described below, or any other medium that can be read by a computer .
• Various forms of computer-readable media may be involved in transporting one or more sequences of one or more instructions to the processor for execution.
• Computer programs comprising instructions executable by a machine for the implementation of at least one of the steps of the methods and / or aspects and / or concepts of the invention described here or one or more functions of various elements of the structural arrangement described here can be implemented or several computers comprising at least one interface, a physical processor and a non-transient memory (also generally called a non-transient machine-readable storage or read medium) .
• the computer is a special purpose computer because it is programmed to perform specific steps in the process (es) described above.
• the non-transient memory is coded or programmed with specific code instructions for implementing the above method or methods and its associated steps.
• the non-transient memory can be arranged in communication with the physical processor so that the physical processor, in use, reads and executes the specific code instructions incorporated in the non-transient memory.
• the interface of the special purpose computer can be arranged in communication with the physical processor and receive input parameters which are processed by the physical processor.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• General Engineering & Computer Science (AREA)
• Computer Hardware Design (AREA)
• Bioethics (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Health & Medical Sciences (AREA)
• Computing Systems (AREA)
• General Health & Medical Sciences (AREA)
• Theoretical Computer Science (AREA)
• Databases & Information Systems (AREA)
• Software Systems (AREA)
• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Medical Informatics (AREA)
• Storage Device Security (AREA)
• Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
• Hardware Redundancy (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=67999695

Family Applications (1)

Country Status (3)

Families Citing this family (2)

Family Cites Families (6)

• 2018
  • 2018-12-27 FR FR1874254A patent/FR3091369B1/fr active Active
• 2019
  • 2019-12-24 EP EP19836809.4A patent/EP3903463A1/de active Pending
  • 2019-12-24 WO PCT/EP2019/087026 patent/WO2020136206A1/fr unknown

Also Published As

Similar Documents

Legal Events