WO2010128060A1 - Procédé de protection d'un logiciel mémorisé dans un support de données portable et support de données portable - Google Patents

Procédé de protection d'un logiciel mémorisé dans un support de données portable et support de données portable Download PDF

Info

Publication number
WO2010128060A1
WO2010128060A1 PCT/EP2010/056059 EP2010056059W WO2010128060A1 WO 2010128060 A1 WO2010128060 A1 WO 2010128060A1 EP 2010056059 W EP2010056059 W EP 2010056059W WO 2010128060 A1 WO2010128060 A1 WO 2010128060A1
Authority
WO
WIPO (PCT)
Prior art keywords
software
program
portable data
data carrier
modified
Prior art date
Application number
PCT/EP2010/056059
Other languages
German (de)
English (en)
Inventor
Markus Belau
Original Assignee
Giesecke & Devrient Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke & Devrient Gmbh filed Critical Giesecke & Devrient Gmbh
Priority to EP10721140A priority Critical patent/EP2427847A1/fr
Publication of WO2010128060A1 publication Critical patent/WO2010128060A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/451Execution arrangements for user interfaces
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/16Obfuscation or hiding, e.g. involving white box

Definitions

  • the invention relates to a method for protecting software stored on a portable data carrier as well as a corresponding portable data carrier.
  • Code Obfuscation (Code Obfuscation) technology converts readable program code into a more difficult-to-understand version, which makes the analysis of program code by an attacker more complex. This complicates the development of so-called Trojans, which hog into programs and unwanted functions, e.g. spying on secret data. With the help of these obfuscation techniques, the analysis of program code is more difficult, but not impossible. Moreover, obfuscation techniques do not alter the executable software generated from the program code so that a Trojan developed based on the obscured program code poses a threat to all computers on which the software is used.
  • the document WO 2008/034900 A1 describes a method for protecting a computer program against malicious programs, in which individualized copies of the executable software are generated for different users or user groups.
  • the individual copies of the software perform the same operations and the user interfaces of the programs are identical. With each copy, only one output can be created, which is different for the different copies of the software. This method is associated with increased effort because by the software manufacturer different versions of the software must be created and sent to the appropriate user groups.
  • the document DE 102004 011 488 B4 describes a method for protecting software intended for execution by a processor of a portable data carrier. It creates individual configurations of the software for each volume or groups of volumes, while preserving the function of the software for each configuration.
  • the document EP 1 722 336 A2 describes a method for generating initialization data for security data carriers, in which a USB token generates the initialization data with the aid of secret data stored on the token and transmits it to a personal computer.
  • the object of the invention is to further improve the protection of software stored on a portable data carrier in comparison to the method known from the prior art.
  • the inventive method protects software stored on a portable data carrier.
  • the data carrier can be configured as desired, in particular, it can be a smart card, such as a smart card, a token, in particular a USB token, and any other type of portable data carrier.
  • the software to be protected is designed in such a way that when the software is called by a Terminal, to which the software is copied or which is contact-bound when contacted with the portable data carrier and possibly also contactless, a program is executed, which generates a user interface on the terminal for entering and optionally outputting data. The user interface is thereby generated on a corresponding output unit, in particular a display, of the terminal with the aid of the software.
  • the terminal can also be configured as desired, in particular it may be a personal computer, a mobile phone, a PDA and the like act.
  • the inventive method is characterized in that the software is modified on the portable data carrier such that when calling the modified software, a modified program is executed, wherein the user interface on the terminal in comparison to the program executed when calling the unmodified software under Maintaining the functionality of the program is changed.
  • the modification of the software is preferably carried out by the data carrier itself, for example by means of a corresponding processor on the data carrier.
  • the creation of the modified software occurs repeatedly at intervals, in particular at predetermined time intervals (eg: hourly, daily, weekly, ...) and / or in response to a predetermined event ((each) call the software, each x- calling the soft- ware, restarting the data carrier, ).
  • predetermined time intervals eg: hourly, daily, weekly, .
  • the generated modified software can be based both on a previously created modified software and on the original, unmodified software.
  • unmodified software on the portable data carrier is not in executable form, but is a precursor thereof, for example as source text or in an intermediate code. Only in the context of the production of the modified software, the executable software is generated from the source code or the intermediate code.
  • the executable software which is present, for example, as an executable file, is modified in such a way that a change in the user interface occurs.
  • the functionality of the program is retained. In particular, it is ensured that even with the changed user interface, the same data is still requested for input by the user and, if appropriate, the same outputs are always generated via the user interface.
  • an effective protection against such malware is achieved, in which the user inputs are spied out.
  • the changed user interface is recognizable as not or only slightly changed from the perspective of the user. According to the invention, it is sufficient if the user interface appears to be modified so far from the point of view of malware that an attack is at least considerably more difficult.
  • the software is preferably stored in a public storage area of the portable data medium on which devices connected to the data carrier have access.
  • the software is modified by a modification program whose software is stored in a secure storage area of the portable data carrier on which devices connected to the data carrier have no access, is stored. In this way one becomes particularly high protection of the software, since the corresponding program for modifying the software can not be easily read and analyzed. This protection can be improved even further by modifying the modification program by a processor of the portable data carrier secured against external accesses.
  • a user interface of the user interface of the terminal generated by the software is modified such that the input sequence of data and / or the positioning of one or more input fields is changed.
  • this provides protection against Trojans which spy on and / or manipulate a graphical user interface or inputs of the user on the surface, in particular keystrokes, mouse clicks and movements, and possibly time sequences.
  • a modified program is executed when the modified software is called, in which one or more internal parameters of the program are changed in comparison with the program executed when the unmodified software is called, while retaining the functionality of the program.
  • the internal parameters may in particular relate to internal data structures, such as the storage of data in a memory used by the program, and / or one or more keys for data encryption and / or one or more codes for data encoding and / or the internal timing of the program.
  • the program can consist of different parts, with each part being parameterized, in order thereby to allow variable data structures which can be changed by the modification of the software.
  • variable data structures can For example, the sequence of the fields of a "typedef" can be varied, for example, the data can also be scattered randomly in the memory used by the program
  • the stack layout can also be changed by software modification, which can be done by rearranging / reorganizing the bytecode in bytecode programs.
  • the program executed when the software is called enables communication between the terminal and the portable data carrier, ie a communication interface is established between the terminal and the data carrier.
  • One or more internal parameters of the communication are changed in comparison to the program executed when the unmodified software is called.
  • one or more session keys used in the communication between the terminal and the data carrier are modified for encrypting transmitted data and / or codings for coding transmitted data.
  • the transmission order of the data transmitted in the communication between the terminal and the portable data carrier can be changed.
  • the portable data carrier can simply construct the necessary algorithms in the software code, for example in the form of coding or decoding tables and / or parameterizable algorithms or else with the aid of hard-coded algorithms in which the parameters generated during software compilation.
  • the protection of the software is further improved because a malicious software for real-time attack is forced to take place during the execution of the program communication between the terminal and the disk.
  • the program executed when the software is called in a further embodiment of the invention queries a user identifier and / or a secret code (for example a PIN) via the user interface. Only if the user ID or permissible secret code is permitted will further program execution continue.
  • a secret code for example a PIN
  • the software is modified after a call, in particular after each call, on the portable data carrier.
  • a particularly high level of security is achieved since the use of a software is permitted only once.
  • the information determined by a corresponding analysis of the program just executed can not be used again for a re-execution of the program.
  • the software is invalidated after a predetermined period of time after its modification. This ensures that software does not remain disproportionately long.
  • the software stored on the data carrier for executing a transaction program is used to enter transaction data, in particular banking transaction data.
  • the transaction data are entered via the user interface of the program, wherein the entered transaction data are transmitted by the program from the terminal to the portable data carrier.
  • the transmitted transaction data is then sent to a server via the transactional program being executed or in a separate transfer step via a secure end-to-end connection between the portable data carrier and the server.
  • the data transmission to the server can thus be part of the executed program or be carried out in a separate transmission step.
  • the terminal In the secured end-to-end connection, the terminal only takes on a forwarding function and can not manipulate the transmitted data.
  • the secure connection is a secure Internet connection.
  • the invention further relates to a portable data carrier, in particular a token, for example a USB token, or a chip card, for example a smartcard.
  • Software is stored on the data carrier, a program being executed by the terminal when the software is called up, which program generates a user interface on the terminal for inputting data.
  • the portable data carrier is designed in such a way that the software is modified in time intervals by the portable data carrier in such a way that a modified program is executed when the modified software is called the user interface on the terminal is changed in comparison to the program executed when the unmodified software is called, while retaining the functionality of the program.
  • FIG. 1 shows the sequence of a transaction program for executing a banking transaction, wherein the software of this program is changed based on an embodiment of the method according to the invention.
  • a transaction program is carried out which is based on software which is stored in a portable data carrier in the form of a USB token 1.
  • the software is stored on the token in a public storage area, which is visible to the user when the token is connected to a corresponding terminal via a file management program.
  • the USB token 1 contains a secret memory area which can not be viewed when the token is connected to a terminal.
  • This secret storage area contains hidden software in the form of a modification program, which can change the software of the transaction program in the public storage area, as will be explained in more detail below.
  • the token 1 includes a processor secured against external access and a corresponding RAM memory with a few kilobytes of storage capacity. The hidden software is executed by the processor.
  • a user To perform a transaction with the token 1, a user connects the token to the terminal he is currently using, which is a PC 2 in the embodiment of FIG.
  • the user invokes the file system on the token, ie the user looks at the file structure of the token with a corresponding file management program of the operating system installed on the PC.
  • the public memory area of the token becomes visible.
  • the corresponding software for the transaction program is available in this memory area as an executable file with the extension .exe, this file also being referred to below as an exe file.
  • the display of the exe file is indicated in Fig. 1 by step S2.
  • step S3 The user then starts this exe file in step S3, for example by double-clicking through the computer mouse connected to the PC 2. After starting the exe file, this is transmitted to the PC 2 in step S4.
  • the exe file is invalidated by reading the token for a further execution and the token creates a new exe file, as indicated in FIG. 1 by step S5.
  • the creation of the new exe file is carried out by means of the hidden software in the secret memory area of the token.
  • the modified software in the form of the new exe file contains a transaction program with the same functionality as the program measured in the old exe file
  • a corresponding user ID and a PIN Personal Identification Number
  • PIN Personal Identification Number
  • the user ID and PIN are entered by the user via an appropriate user interface, which is generated by starting the exe file on the screen of the PC 2.
  • the identifier and the PIN are transmitted to the token and compared there with a corresponding identifier and PIN stored in the token. If the identifier and PIN on the token agree with the entered identifier and the entered PIN, the user has successfully authenticated to the token, and in step S8 an authentication confirmation is returned to the PC 2.
  • step S9 the user then inputs corresponding transaction data for executing a banking transaction, for example, a bank account and a cash amount for making a transfer.
  • the user interface used for input and generated by the transaction program changes after each modification of the exe file.
  • an effective protection against malware in the form of Trojans is achieved, which spy on and / or manipulate the user interface and corresponding keystrokes of the user in input fields of the user interface.
  • step S10 the entered transaction data is transmitted to the token 1.
  • step Sil a secure connection is established between token 1 and a server 3, this server being a bank server for processing corresponding transaction data.
  • the establishment of the secure connection takes place via the Internet, for which purpose the PC 2 has a corresponding Internet connection.
  • the connection is an encrypted end-to-end connection between token 1 and server 3 via respective protocols, the PC 2 acting as a forwarding node in this connection and being unable to manipulate the transmitted data.
  • step S5 After establishing the secure connection in step S5, finally, the transaction data stored on the token is transmitted to the bank server 3 in step S12, which finally executes the transaction for performing the banking in step S13. Subsequently, the execution of the transaction is confirmed by the bank server 3 to the token 1 in step S14, and the confirmed execution of the transaction is reproduced on the user's PC in step S15.
  • a communication interface with corresponding session keys for data encryption is provided. used. These keys are changed after each modification of the exe file underlying the program.
  • the layout of the data stored by the program or the temporal program sequence can also be changed after each modification. This achieves efficient protection against such Trojans, which plug into the executed program in order to manipulate the data entered or to be output internally, ie directly in the executed exe file.
  • by modifying the exe file it can be achieved, for example, that the program logs on to the operating system of the PC after each modification under a different name.
  • the order of some of the above-described steps of the method of FIG. 1 may be suitably varied, for example, the establishment of the secure connection between bank server 3 and token 1 may also be made earlier in the method, and the PIN may be entered prior to access of the user via the PC 2 on the tokens are required.
  • several modified versions of the software of the transaction program can be generated at the beginning of the power supply of the token by connecting to the PC.
  • the resulting individual exe files can then be used for later are stored in the secret memory area of the token, wherein after each read-out of an exe file by the PC, a modified exe file is moved from the secret memory area in the public memory area.
  • the method of modifying software described above may be varied in further embodiments to increase the protection of the software.
  • the validity of a particular exe file is limited so that the token to which the exe file sends the data will only accept it for a certain period of time. If this period is exceeded, the user must start a new exe file on the token again via the PC.
  • the period of validity may be varied according to the complexity of the transaction and may be between a few minutes to about one hour. This will ensure that an exe file is not intentionally or accidentally valid for several days or hours.
  • an exe file will in any case become invalid if it has been read from the token.
  • a particularly high level of protection of the software is achieved since information obtained by secret reading of the file can not be reused.
  • the method according to the invention according to the embodiment described above has a number of advantages.
  • the respective embodiment of the modified exe file for the transaction partner of the transaction, ie the server 3, does not matter at all.
  • the change in the exe file is only relevant for the communication between token 1 and PC 2 and transparent to the bank server 3, ie The bank server always receives similar data via the secure end-to-end connection.
  • the partner involved in the transaction which in the example of FIG. 1 is the bank that operates the bank server, neither has to create the issued exe files themselves nor regularly update them or send them to the authorized users. Rather, the issuance of a corresponding token by the bank to authorized users, possibly including customary personalization, possibly with additional keys, ensures that the user has access to the transaction program.
  • the transaction program may be made transparent to the user, for example, a startup software installed on the PC may be provided to invoke an exe file to execute the transaction on the USB token.
  • a fake exe file is not possible, because the exe file can be designed so that the token only accepts data from this exe file. This can be achieved, for example, by encoded keys, a predefined time behavior of the program expected by the token as well as a predefined format expected by the token data transfer between token and exe file are guaranteed.
  • the server uses only key and certificate-secured connections to exchange data between the token and the server.
  • the token may also be used on untrusted PCs to perform transactions, as the execution of the transaction is not tied to a particular PC due to the token's provision of the exe file.
  • the method can also be used on other terminals than PCs; in particular, the method can also be carried out in a mobile telephone, a PDA and the like.
  • a SIM card can be used as a token, which communicates with the mobile phone as a terminal.
  • the transaction carried out with the transaction program of the data carrier is also combined with other methods for securing transactions, in particular with corresponding TAN methods, in which a transaction number must be entered by the user to confirm a transaction.
  • the fact that the user interface is provided via an token's exe file means that the transaction does not need to have a corresponding interface, for example based on HTML, managed by a server. Rather, it is sufficient if the server receives a suitably signed and encrypted transaction record, which it can then process to execute the transaction.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Human Computer Interaction (AREA)
  • Mathematical Physics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé de protection d'un logiciel mémorisé dans un support de données portable (1), selon lequel l'interrogation du logiciel par un terminal (2) provoque l'exécution d'un programme qui génère une interface utilisateur sur le terminal (2) pour l'entrée de données. Selon ce procédé, le logiciel mémorisé dans le support de données portable est modifié dans des intervalles de temps donnés de façon que l'interrogation du logiciel modifié provoque l'exécution d'un programme modifié selon lequel l'interface utilisateur sur le terminal (2) est modifiée comparativement au programme exécuté lors de l'interrogation du logiciel non modifié, la fonctionnalité du programme étant conservée.
PCT/EP2010/056059 2009-05-05 2010-05-05 Procédé de protection d'un logiciel mémorisé dans un support de données portable et support de données portable WO2010128060A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP10721140A EP2427847A1 (fr) 2009-05-05 2010-05-05 Procédé de protection d'un logiciel mémorisé dans un support de données portable et support de données portable

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102009019981.0 2009-05-05
DE102009019981A DE102009019981A1 (de) 2009-05-05 2009-05-05 Verfahren zum Schutz von auf einem tragbaren Datenträger gespeicherter Software und tragbarer Datenträger

Publications (1)

Publication Number Publication Date
WO2010128060A1 true WO2010128060A1 (fr) 2010-11-11

Family

ID=42646403

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2010/056059 WO2010128060A1 (fr) 2009-05-05 2010-05-05 Procédé de protection d'un logiciel mémorisé dans un support de données portable et support de données portable

Country Status (3)

Country Link
EP (1) EP2427847A1 (fr)
DE (1) DE102009019981A1 (fr)
WO (1) WO2010128060A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0768601A1 (fr) * 1995-04-27 1997-04-16 Casio Computer Company Limited Dispositif pour l'execution d'un programme chiffre
WO1998025372A2 (fr) * 1996-11-22 1998-06-11 Voltaire Advanced Data Security Ltd. Procede et dispositif assurant la securite d'informations
US20020016918A1 (en) * 2000-05-12 2002-02-07 David Tucker Information security method and system
WO2002046890A2 (fr) * 2000-12-08 2002-06-13 Cloakware Corporation Systeme et procede pour la protection d'un logiciel informatique contre une attaque en boite blanche
EP1477883A1 (fr) * 2003-05-09 2004-11-17 STMicroelectronics, Inc. Carte à puce avec caractéristiques de securité améliorés et système associé, circuit intégré et méthodes
DE102004011488A1 (de) * 2004-03-09 2005-10-13 Giesecke & Devrient Gmbh Schutz von Software gegen Angriffe

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102004030263A1 (de) * 2004-06-23 2006-01-19 Schwenk, Jörg, Prof. Dr. Schutz von Webbrowsern gegen Visual Spoofing/Phishing
DE102005020313A1 (de) 2005-05-02 2006-11-16 Giesecke & Devrient Gmbh Vorrichtung und Verfahren zur Erzeugung von Daten für eine Initialisierung von Sicherheitsdatenträgern
WO2008034900A1 (fr) 2006-09-21 2008-03-27 Boesgaard Soerensen Hans Marti Fabrication de fichiers de programme exécutables par ordinateur à partir d'un code source

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0768601A1 (fr) * 1995-04-27 1997-04-16 Casio Computer Company Limited Dispositif pour l'execution d'un programme chiffre
WO1998025372A2 (fr) * 1996-11-22 1998-06-11 Voltaire Advanced Data Security Ltd. Procede et dispositif assurant la securite d'informations
US20020016918A1 (en) * 2000-05-12 2002-02-07 David Tucker Information security method and system
WO2002046890A2 (fr) * 2000-12-08 2002-06-13 Cloakware Corporation Systeme et procede pour la protection d'un logiciel informatique contre une attaque en boite blanche
EP1477883A1 (fr) * 2003-05-09 2004-11-17 STMicroelectronics, Inc. Carte à puce avec caractéristiques de securité améliorés et système associé, circuit intégré et méthodes
DE102004011488A1 (de) * 2004-03-09 2005-10-13 Giesecke & Devrient Gmbh Schutz von Software gegen Angriffe

Also Published As

Publication number Publication date
EP2427847A1 (fr) 2012-03-14
DE102009019981A1 (de) 2010-11-11

Similar Documents

Publication Publication Date Title
EP2899714B1 (fr) Préparation sécurisée d'une clé
DE102009013384B4 (de) System und Verfahren zur Bereitstellung einer sicheren Anwendungsfragmentierungsumgebung
EP2417550B1 (fr) Procéde d'execution d'une application à l'aide d'un support de données portable
WO2008113521A2 (fr) Procédé de production de données de transaction confirmées et dispositif à cet effet
EP3748521B1 (fr) Méthode pour lire les attributs d'un témoin d'identité
EP2692157A2 (fr) Actualisation d'une application de support de données
DE102006048797A1 (de) Verfahren zum Ausführen einer Applikation mit Hilfe eines tragbaren Datenträgers
DE102007008651A1 (de) Chipkarte und Verfahren zur Freischaltung einer Chipkarten-Funktion
EP2885907B1 (fr) Procédé d'installation des applications de sécurite dans un élèment de sécurité d'un terminal
EP2434424B1 (fr) Procédé d'augmentation de la sécurité de services en ligne relevant de la sécurité
EP3576001A1 (fr) Procédé mis en uvre par ordinateur permettant de transférer une chaîne de données à partir d'une application vers un dispositif de protection des données à caractère personnel
EP1912184A2 (fr) Dispositif et procédé destinés à la production de données
WO2010128060A1 (fr) Procédé de protection d'un logiciel mémorisé dans un support de données portable et support de données portable
DE102006006489A1 (de) Verfahren zur Durchführung eines Schreibzugriffs, Computerprogrammprodukt, Computersystem und Chipkarte
DE102005046696A1 (de) Verfahren zum Erzeugen von geschütztem Programmcode und Verfahren zum Ausführen von Programmcode eines geschützten Computerprogramms sowie Computerprogrammprodukt
DE102012224083A1 (de) Verfahren zur Personalisierung eines Secure Elements (SE) und Computersystem
AT503263A2 (de) Vorrichtung zur erstellung digitaler signaturen
EP1365363B1 (fr) Méthode pour effectuer des transactions de données à l'aide d'un dispositif de transaction comportant un composant principal et un composant annexe séparable
CH712679B1 (de) Verfahren zur Maskierung und eindeutigen Signierung von Datenbank-Quellcodes.
DE202007002971U1 (de) Vorrichtung zur Erstellung digitaler Signaturen
EP3329415B1 (fr) Carte a puce avec une application principale et une application persistante permettant de mettre a jour l'application principale sans modifier les donnees d'utilisateur stockees dans l'application persistante
DE10006062A1 (de) Tastaturschlüssel
DE102004058882A1 (de) Erzeugen von Programmcode in einem Ladeformat und Bereitstellen von ausführbarem Programmcode
AT524619A1 (de) Computerimplementiertes Verfahren zum autorisierten Ausführen einer Software, System zur Datenverarbeitung, Computerprogrammprodukt und computerlesbares Speichermedium
EP1720096B1 (fr) Procédé pour l'addition de fonctionnalité à un module d'un paquetage de logiciel

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10721140

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2010721140

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE