-
公开(公告)号:US20220116230A1
公开(公告)日:2022-04-14
申请号:US17421079
申请日:2020-01-08
申请人: Bundesdruckerei GMBH
发明人: Frank DIETRICH , Marian MARGRAF , Tim OHLENDORF , Matthias SCHWAN
摘要: The invention relates to a method for securely providing a personalized electronic identity on a terminal (2) which can be used by a user (1) for identification purposes when claiming an online service. In the method, an identification application is ran on a terminal (2), which is assigned to a user (1), in a system comprising data processing devices (9; 10; 11; 12) and said terminal (2), and additionally a personalization application and an identity provider application are ran. The method has the following steps in particular; transmitting a request to transmit an identity attribute assigned to the user (1) front the personalization application to the identity provider application; transmitting the identity attribute from the identity provider application to the personalization application after an agreement to transmit the identity attribute by means of the identity provider application is received from the user (1); generating an asymmetric key pair with a public and a private key on the terminal (2) by means of the identification application; transmitting the public-key from tire identification application on the terminal (2) to the personalization application; and generating an electronic certificate for the public-key by means of tire personalization application and storing the electronic certificate in a data storage device in order to form a first public-key infrastructure of the personalization application, additionally having the steps of: generating a hash value for the identity attribute and recording the hash value onto the electronic certificate. The identity attribute is encoded and transmitted together with the electronic certificate from the personalization application to the identification application (14) on the terminal (2), where both are stored in a local storage device of the terminal (2).
-
公开(公告)号:US20150256531A1
公开(公告)日:2015-09-10
申请号:US14694372
申请日:2015-04-23
申请人: BUNDESDRUCKEREI GmbH
发明人: Frank DIETRICH , Frank BYSZIO , Manfred PAESCHKE
IPC分类号: H04L29/06
CPC分类号: H04L63/0823 , G06F21/31 , G06F21/33 , G06F21/35 , G06F21/43 , G06F21/445 , G06F2221/2115 , G06F2221/2119 , G06Q20/341 , G06Q20/347 , G06Q20/40 , G06Q20/40975 , G07F7/10 , G07F7/1008 , G07F7/1016 , G07F7/1075 , G07F7/1091 , H04L9/3234 , H04L9/3263 , H04L41/28 , H04L63/0428 , H04L63/083 , H04L63/0853 , H04L63/10 , H04L2209/56 , H04L2209/805
摘要: The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system.
摘要翻译: 本发明涉及一种用于读取存储在ID令牌中的至少一个属性的方法,其中ID令牌被分配给用户,包括以下步骤:相对于ID令牌认证用户,相对于第一计算机系统认证 所述ID令牌在所述用户和所述第一计算机系统相对于所述ID令牌成功认证之后,所述第一计算机系统对存储在所述ID令牌中的所述至少一个属性进行读取访问以传送所述至少一个属性 到第二个计算机系统。
-
公开(公告)号:US20230133418A1
公开(公告)日:2023-05-04
申请号:US17912116
申请日:2021-03-25
申请人: Bundesdruckerei GMBH
发明人: Frank DIETRICH
IPC分类号: H04L9/40
摘要: The authentication mechanism provides a personalized, server-specific authentication of a user with respect to a service server using an authentication token. The method includes a registration of a user with a service server, which includes a creation of a personalized user account for the user with the service server. Furthermore, a server-specific, asymmetric cryptographic key pair is generated for the user by an authentication token, the key pair including an authentication key and an authenticating key. The authenticating key is made available to the service server and assigned to the personalized user account thereby.
-
公开(公告)号:US20160294815A1
公开(公告)日:2016-10-06
申请号:US15177389
申请日:2016-06-09
申请人: BUNDESDRUCKEREI GmbH
发明人: Frank DIETRICH , Frank BYSZIO , Manfred PAESCHKE
CPC分类号: H04L63/0823 , G06F21/31 , G06F21/33 , G06F21/35 , G06F21/43 , G06F21/445 , G06F2221/2115 , G06F2221/2119 , G06Q20/341 , G06Q20/347 , G06Q20/40 , G06Q20/40975 , G07F7/10 , G07F7/1008 , G07F7/1016 , G07F7/1075 , G07F7/1091 , H04L9/3234 , H04L9/3263 , H04L41/28 , H04L63/0428 , H04L63/083 , H04L63/0853 , H04L63/10 , H04L2209/56 , H04L2209/805
摘要: The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system.
-
公开(公告)号:US20150033028A1
公开(公告)日:2015-01-29
申请号:US14452694
申请日:2014-08-06
申请人: BUNDESDRUCKEREI GMBH
发明人: Frank DIETRICH
CPC分类号: H04L63/0853 , G06F21/33 , G06F21/34 , G06F21/62 , G06F2221/2103 , G06F2221/2115 , G06F2221/2141 , G06F2221/2151 , H04L9/3234 , H04L9/3247 , H04L63/0823 , H04L63/102
摘要: A method for reading at least one attribute stored in an ID token assigned to a user involving: authenticating the user to the ID token, authenticating a first computer system to the ID token, and, assuming successful authentication of the user and the first computer system to the ID token, read access by the first computer system to the at least one attribute stored in the ID token for transmission of the at least one attribute to a second computer system, and generating of a time indication for the at least one attribute by the first computer system.
摘要翻译: 一种用于读取存储在分配给用户的ID令牌中的至少一个属性的方法,包括:将用户认证为ID令牌,将第一计算机系统认证为ID令牌,以及假设用户和第一计算机系统的成功认证 所述ID令牌将所述第一计算机系统读取存储在所述ID令牌中的所述至少一个属性,以将所述至少一个属性传送到第二计算机系统,以及通过以下步骤生成所述至少一个属性的时间指示: 第一台电脑系统。
-
-
-
-