摘要:
An ID token includes a sensor, a communication interface, and a first microcontroller. The ID token includes a protected second microcontroller having at least one microcontroller communication interface, which is arranged in a holder of the ID token, wherein the microcontroller communication interface provides a data input and a data output. The first microcontroller is configured as a proxy for switching between the sensing of the measurement data by the sensor and forwarding of the sensed measurement data from the sensor to the first application of the protected second microcontroller by the microcontroller communication interface thereof on the one hand and forwarding of notifications for establishing a connection between the second application and the reading device and/or forwarding of APDUs by the connection between the second application and the reading device on the other hand.
摘要:
A document having a non-volatile memory area for storing a secret identifier that has a first n-digit character sequence from a predefined character set; a random generator for selecting at least one character from the predefined character set for replacement of at least one character of the first character sequence, such that a second n-digit character sequence is defined as a result of this replacement; a volatile memory area for storing the at least one selected character; a display device for displaying the at least one selected character; an interface for inputting a third character sequence; and a processor element for authenticating the user to the document, wherein the processor element is configured to access the non-volatile memory area and the volatile memory area in order to read the second character sequence and check for a match between the second and third character sequences in order to authenticate the user.
摘要:
The invention relates to a computer-implemented method for controlling access of a terminal (118) to an attribute (112) stored in an ID token (100), wherein the ID token (100) is associated with a user, wherein the method comprises receipt of an identification of the terminal (118) by the ID token (100) and checking by the ID token (100) if a session identification validly associated with the identification of the terminal (118) is stored in the ID token (100), wherein, if a session identification validly associated with the identification of the terminal (118) is stored in the ID token (100), the ID token (100) transmits the session identification to the terminal (118) and grants the terminal (118) access to the attribute (112), wherein a subsequent communication with access to the attribute (112) is carried out in an encrypted manner using a session-specific session key, wherein the session-specific session key is stored in the ID token (100) in a manner associated with the session identification or the identification of the terminal (118).
摘要:
A document having a non-volatile memory area for storing a secret identifier that has a first n-digit character sequence from a predefined character set; a random generator for selecting at least one character from the predefined character set for replacement of at least one character of the first character sequence, such that a second n-digit character sequence is defined as a result of this replacement; a volatile memory area for storing the at least one selected character; a display device for displaying the at least one selected character; an interface for inputting a third character sequence; and a processor element for authenticating the user to the document, wherein the processor element is configured to access the non-volatile memory area and the volatile memory area in order to read the second character sequence and check for a match between the second and third character sequences in order to authenticate the user.