WO1999038302A1 - Secure data communication system - Google Patents

Secure data communication system Download PDF

Info

Publication number
WO1999038302A1
WO1999038302A1 PCT/GB1998/000185 GB9800185W WO9938302A1 WO 1999038302 A1 WO1999038302 A1 WO 1999038302A1 GB 9800185 W GB9800185 W GB 9800185W WO 9938302 A1 WO9938302 A1 WO 9938302A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
computer
different portions
communication path
partial
Prior art date
Application number
PCT/GB1998/000185
Other languages
French (fr)
Inventor
Du Yung Yun
Chris Patel
Original Assignee
Maxon Systems Inc. (London) Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Maxon Systems Inc. (London) Ltd. filed Critical Maxon Systems Inc. (London) Ltd.
Priority to KR1020007008014A priority Critical patent/KR20010034297A/en
Priority to EP98900938A priority patent/EP1050144A1/en
Priority to PCT/GB1998/000185 priority patent/WO1999038302A1/en
Publication of WO1999038302A1 publication Critical patent/WO1999038302A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/14Multichannel or multilink protocols

Definitions

  • the present invention is related to a secure data communication system. More specifically, the present invention is related to a secure data communication system in which an end user is capable of interchanging data with a host computer.
  • protection schemes include the encryption of the data by various algorithms (e.g. DES or RSA) .
  • DES e.g. DES
  • RSA e.g. RSA
  • the transmission of information encripted according to such algorithms is not immune to wire tapping and subsequent decryption.
  • the likelihood of a successful decryption is increased by the increased computational power of computer work stations available today.
  • the present invention teaches a secure data communication system comprising a first computer being adapted to transmit/receive information to/from a second computer via a first communication path, wherein the first computer is adapted to transmit/receive information to/ rom a second computer via a second communication path distinct from the first communication path, the first computer is adapted -2 -
  • the second computer being adapted to receive at least two different portions of partial information from the first computer via said first and said second communication path, and combine the at least two different portions of partial information to obtain the original information.
  • the first and the second computer further comprise an information splitting/combination means to split information to be sent and/or to store received different portions of partial information and to combine said received and stored different portions of partial information to obtain the original information.
  • the information splitting/combination means also includes a determination means (preferably implemented by a software program) to determine an splitting scheme according to which the different portions of partial information from the first computer are splitted and sent via said first and said second communication path to said second computer.
  • a determination means preferably implemented by a software program
  • the determination means is adapted to determine the order of splitting according to a predetermined scheme or a random scheme.
  • a predetermined order scheme is easier to implement (on the transmitting side as well as on the receiving side) but also easier to be found out by an intruder.
  • a random order scheme requires a more sophisticated mechanism or protocol to ascertain the correct concatenation of the different portions of partial information at the receiving side of the communication path.
  • the invention is also covering the concept of transceiving information that is accompanied by a PIN (Personal Identification Number) and/or a TAN (Transaction Number) .
  • a PIN Personal Identification Number
  • TAN Transaction Number
  • the PIN and/or the TAN as well as the information itself can be split according to various schemes.
  • One example is to sent any or all Arabic numerals through one communication path, while the remaining -4 -
  • the Arabic numerals would be sent through communication path having the higher security level .
  • Another possibility is to change the communication path after each Arabic numeral character sent.
  • the highly sensitive parts of the information are broken into entities which are meaningless (and hence worthless) to any intruder.
  • the first communication path is provided in a terrestrial telephone system
  • the second communication path is provided in a cellular mobile telephone system.
  • the present invention also encompasses that the first and/or said second computer further comprises an information encrypting/decrypting means in which said information is encrypted prior to being split into said at least two different portions of partial information or said information is encrypted after being split into said at least two different portions of partial information.
  • an information encrypting/decrypting means in which said information is encrypted prior to being split into said at least two different portions of partial information or said information is encrypted after being split into said at least two different portions of partial information.
  • Encrypting the data before the splitting can be advantageous insofar, as the computational power for the encryption algorithm needs to be provided only once while the -5 -
  • computational power to split (and subsequently transmit) the information is relatively limited. It can, however, further increase the security to split the information and to independently encrypt the two parts of the information to be transmitted.
  • an information tagging means in which the at least two different portions of partial information are provided with markings containing an indication regarding the sequential order of the different portions of partial information.
  • the first and the second computer further comprises an information processing means in which information received from a respective other computer is only processed upon an authorization indication generated by a authorization computer connected to the information processing means.
  • this authorization computer is provided at the host computer (i.e. the processing computer) of a bank or the like.
  • This processing computer of the bank will obtain the authorization from the authorization computer which is not accessible from outside. Since the processing computer of the bank is only provided with parts of the information required to carry out a certain transaction while the authorization computer is not accessible from outside but only accessible from the processing computer, an intruder will not be able to obtain the complete information.
  • the present invention is also related to a peripheral device connectable to a computer, said peripheral device comprising: a first input/output connector for transceiving information to/from said computer from/to said peripheral device, a second input/output connector for transceiving information -6 -
  • This device can be easily connected to a PC or an intelligent telephone on the one side and to a terrestrial telephone line and a mobile telephone (or a second terrestrial telephone line) in order to set up two communication paths to a host computer (of a bank etc.) Alternatively, it is also possible to use two mobile telephones to set up the two communication paths.
  • Fig. 1 schematically shows a block diagram of the system according to the present invention.
  • Fig. 2 schematically shows a block diagram of a peripheral device connectable to a computer to implement the present invention.
  • Fig. 3 is a schematical flow chart for the program of the computer in the peripheral device according to Fig. 2.
  • Fig. 4 shows how information presented to the peripheral device according to Fig. 2 is transformed by this device. -7 -
  • a secure data communication system comprises a first computer 10 being adapted to transmit/receive information to/ from a second computer 12 via a first communication path 14.
  • This first computer can be implemented by a PC (personal computer) having a central processing unit including RAM, ROM, hard disk drive, serial interface etc. , a keyboard and a video screen.
  • this computer can also be implemented by a "intelligent" telephone 16 having the standard functions of a telephone plus the capability of entering and displaying one or more lines of alphanumerical characters that are to be transceived by the "intelligent" telephone.
  • This computer/telephone 10, 16 is connected to a peripheral device 22.
  • the peripheral device 22 provides (via a modem or the like) a connection to first communication path 14.
  • This first communication path 14 is a terrestrial telephone network.
  • the first computer 10, 16 is adapted to transmit/receive information to/ from the second computer 12 via a second communication path 20 which is different from the first communication path 14.
  • the peripheral device 22 is adapted to split the information received from the first computer 10, 16 into two or more different portions of partial information prior to transmitting the information to the second computer 12. These portions of partial information are transmitted separately via the first and the second communication paths 14, 20.
  • the second computer 12 is adapted to receive these two different portions of partial information from the first computer 10, 16 via the first and the second communication paths 14, 20, and to combine the two different -8-
  • the first computer 10, 16 is connected to a serial interface 28 of the peripheral device 22 which also includes an information splitting/combination functionality to store the information for further processing, i.e. to split information to be sent into different portions of partial information and to combine received different portions of partial information to obtain the original information.
  • an information splitting/combination functionality to store the information for further processing, i.e. to split information to be sent into different portions of partial information and to combine received different portions of partial information to obtain the original information.
  • the information splitting/combination device 22 comprises a microprocessor 30 (see Fig. 2) , a RAM memory 32 connected thereto, two serial interfaces 34, 36 to provide connections to the mobile telecommunications network 20 and the terrestrial (fixed) network 14, respectively, and a (Flash-) ROM memory 38 for a control software program.
  • the microprocessor 30 is also programmed to act as a determination means for determining an splitting scheme according to which the different portions of partial information from the first computer 10, 16 are splitted and sent via the first and second communication paths 14, 20 to the second computer 12.
  • the entire information is splitted into different portions of partial information by changing the communication path through which the information is sent after each second character.
  • the splitted portions of information are sent out in an alternating fashion through the two serial interfaces 34, 36 to the mobile telephone 18 having a data transmission/reception capability, and the terrestial telephone network 14, respectively.
  • the portion of the information sent out through the mobile telephone 18 is fed -9 -
  • the portion of the information is sent to a transceiving station 40 provided at the site of the second computer 12.
  • the information received from the mobile network 20 is temporarily stored in an authorization server 44.
  • the peripheral device 22 feeds ther other portion of information into the terrestrial telephone network 14.
  • the terrestrial telephone network 14 feeds the information into a transceiving station 42 also provided at the site of the second computer 12.
  • the information received by the transceiving station 42 is fed into the second (main) computer 12.
  • the second computer 12 (and/or the authorization server 44) are programmed to carry out the decryption and recombination required to reverse the transformation of the information carried out in the first computer/telephone 10/16 or the peripheral device 22.
  • the microprocessor 30 in the peripheral device 22 is also programmed to act as a an information encrypting/decrypting means in which the information is encrypted prior to being split into the at two different portions of partial information.
  • both the terrestrial and the mobile telephone lines could obtain the complete information.
  • an intruder capable of monitoring only one of the two telephone lines preferably the terrestrial telephone line
  • could find out at least a part of the sensitive information e.g. the PIN of a user
  • the information can also be encrypted after being split into the two different portions of partial information.
  • the microprocessor 30 is also programmed to act as an information tagging means in which said at least two different portions (AB, CD, EF, GH, IJ, KL) of partial information are provided with markings (1, 2, 3, 4, 5, 6) containing an indication regarding the sequential order of the different portions of partial information.
  • This indication is also be encrypted together with the information portions in order to avoid an intruder being able to immediately gather the order of the information transmitted via one or both communication paths.
  • the microprocessor 30 can carry out a program according to the flow chart of Fig. 3. The corresponding transformation of the data structure is shown in Fig. 4.

Abstract

A secure data communication system comprising a first computer (10, 16) is adapted to transmit/receive information to/from a second computer (12) via a first communication path (14). The first computer (10, 16) is adapted to transmit/receive information to/from a second computer (12) via a second communication path (20) distinct from the first communication path (14), and the first computer (10, 16) is adapted to split the information into at least two different portions of partial information prior to transmitting the information to the second computer, and transmit the at least two different portions of partial information via the first and the second communication path. The second computer (12) is adapted to receive at least two different portions of partial information from the first computer via the first and the second communication path, and combine the at least two different portions of partial information to obtain the original information.

Description

SECURE DATA COMMUNICATION SYSTEM
The present invention is related to a secure data communication system. More specifically, the present invention is related to a secure data communication system in which an end user is capable of interchanging data with a host computer.
Today, an increasing number of transactions are carried out between end users (e.g. at home) and host computers (e.g. of a bank) . These transactions can include money orders occuring when an end user does "electronic shopping" (e.g. home order television) or the transmission of other sensitive data.
In current systems, protection schemes include the encryption of the data by various algorithms (e.g. DES or RSA) . However, the transmission of information encripted according to such algorithms is not immune to wire tapping and subsequent decryption. The likelihood of a successful decryption is increased by the increased computational power of computer work stations available today.
Hence, it is an object of the present invention, to provide a simple but secure data communication system which can be implemented for a virtually unlimited number of end users who want to communicate with a host computer.
To solve this problem, the present invention teaches a secure data communication system comprising a first computer being adapted to transmit/receive information to/from a second computer via a first communication path, wherein the first computer is adapted to transmit/receive information to/ rom a second computer via a second communication path distinct from the first communication path, the first computer is adapted -2 -
to split the information into at least two different portions of partial information prior to transmitting the information to the second computer, transmit the at least two different portions of partial information via the first and the second communication paths, respectively, the second computer being adapted to receive at least two different portions of partial information from the first computer via said first and said second communication path, and combine the at least two different portions of partial information to obtain the original information.
This concept makes it very difficult if not impossible for any intruder to obtain the complete information sent/received. Since the splitting of the information into various portions can be done in a manner unpredictable by an intruder, he/she will not be able to obtain the complete information by only tapping on of said communication paths.
Moreover, even if the intruder were able to tap both or all of said communication paths, there remains still the difficulty for him/her to (re) combine the obtained respective portions of the information in a useful manner.
Preferably, the first and the second computer further comprise an information splitting/combination means to split information to be sent and/or to store received different portions of partial information and to combine said received and stored different portions of partial information to obtain the original information.
This can either be implemented in the respective computers themselves by software programs, or the first and the second computer are connected to external hardware devices, respectively, in which these function are implemented (by a suitably programmed computer) . - 3 -
The information splitting/combination means also includes a determination means (preferably implemented by a software program) to determine an splitting scheme according to which the different portions of partial information from the first computer are splitted and sent via said first and said second communication path to said second computer.
This allows for a pseudo-random splitting of the transmission of the different portions of partial information from the first computer to the second computer (and vice versa) via the two communication paths. This scheme makes it virtually unpredictable for an intruder to obtain the complete information in a legible manner.
To make it even more difficult, it is also possible to additionally reverse or at least change the sequence of the different portions of partial information in each of the two communication paths.
The determination means is adapted to determine the order of splitting according to a predetermined scheme or a random scheme. A predetermined order scheme is easier to implement (on the transmitting side as well as on the receiving side) but also easier to be found out by an intruder.
A random order scheme requires a more sophisticated mechanism or protocol to ascertain the correct concatenation of the different portions of partial information at the receiving side of the communication path.
The invention is also covering the concept of transceiving information that is accompanied by a PIN (Personal Identification Number) and/or a TAN (Transaction Number) . According to the invention, the PIN and/or the TAN as well as the information itself can be split according to various schemes. One example is to sent any or all Arabic numerals through one communication path, while the remaining -4 -
information is sent through the other communication path. Preferably, in the case of the two communication paths having different levels of security, the Arabic numerals would be sent through communication path having the higher security level .
Another possibility is to change the communication path after each Arabic numeral character sent. Thus, especially the highly sensitive parts of the information are broken into entities which are meaningless (and hence worthless) to any intruder.
In a preferred embodiment of the invention, the first communication path is provided in a terrestrial telephone system, and the second communication path is provided in a cellular mobile telephone system. Especially the usage of the widely spread GSM (R) , PCS, CDMA etc. systems with their superior level of safety compared to land lines makes it extremely difficult for an intruder to obtain the complete information transceived (irrespective of whether or not the information is transmitted in an encrypted format or not) .
The present invention also encompasses that the first and/or said second computer further comprises an information encrypting/decrypting means in which said information is encrypted prior to being split into said at least two different portions of partial information or said information is encrypted after being split into said at least two different portions of partial information. Again, this can be implemented either in the respective computers themselves by software programs, or the first and the second computer are connected to external hardware devices in which these function are implemented (by a suitably programmed computer) .
Encrypting the data before the splitting can be advantageous insofar, as the computational power for the encryption algorithm needs to be provided only once while the -5 -
computational power to split (and subsequently transmit) the information is relatively limited. It can, however, further increase the security to split the information and to independently encrypt the two parts of the information to be transmitted.
In case the "natural" sequence of the parts of information is changed for one or all of the communication paths, it is preferred to provide an information tagging means in which the at least two different portions of partial information are provided with markings containing an indication regarding the sequential order of the different portions of partial information.
In a preferred embodiment of the invention, the first and the second computer further comprises an information processing means in which information received from a respective other computer is only processed upon an authorization indication generated by a authorization computer connected to the information processing means.
Usually, this authorization computer is provided at the host computer (i.e. the processing computer) of a bank or the like. This processing computer of the bank will obtain the authorization from the authorization computer which is not accessible from outside. Since the processing computer of the bank is only provided with parts of the information required to carry out a certain transaction while the authorization computer is not accessible from outside but only accessible from the processing computer, an intruder will not be able to obtain the complete information.
The present invention is also related to a peripheral device connectable to a computer, said peripheral device comprising: a first input/output connector for transceiving information to/from said computer from/to said peripheral device, a second input/output connector for transceiving information -6 -
to/from said peripheral device from/to a first interface connectable to a first communication path, a third input/output connector for transceiving information to/from said peripheral device from/to a second interface connectable to a second communication path, and a controller for controlling the transmission/reception of information to/from said computer from/to said peripheral device, processsing said information and transceiving said information to/from said peripheral device from/to said first and/or second interface from/to said first and/or second communication path. This device can be easily connected to a PC or an intelligent telephone on the one side and to a terrestrial telephone line and a mobile telephone (or a second terrestrial telephone line) in order to set up two communication paths to a host computer (of a bank etc.) Alternatively, it is also possible to use two mobile telephones to set up the two communication paths.
Further features, advantages, possible modifications and enhancements of the present invention are explained in more detail in connection with the description of a presently preferred embodiment as schematically shown in the drawings.
Fig. 1 schematically shows a block diagram of the system according to the present invention.
Fig. 2 schematically shows a block diagram of a peripheral device connectable to a computer to implement the present invention.
Fig. 3 is a schematical flow chart for the program of the computer in the peripheral device according to Fig. 2.
Fig. 4 shows how information presented to the peripheral device according to Fig. 2 is transformed by this device. -7 -
In Fig. 1, a secure data communication system is shown. This system comprises a first computer 10 being adapted to transmit/receive information to/ from a second computer 12 via a first communication path 14. This first computer can be implemented by a PC (personal computer) having a central processing unit including RAM, ROM, hard disk drive, serial interface etc. , a keyboard and a video screen. Alteratively, this computer can also be implemented by a "intelligent" telephone 16 having the standard functions of a telephone plus the capability of entering and displaying one or more lines of alphanumerical characters that are to be transceived by the "intelligent" telephone.
One commercially available product fulfilling these criteria is the telecommunications enduser device "MULTIKIT" marketed by the applicant/assignee of the present invention. This computer/telephone 10, 16 is connected to a peripheral device 22. The peripheral device 22 provides (via a modem or the like) a connection to first communication path 14. This first communication path 14 is a terrestrial telephone network.
Additionally, the first computer 10, 16 is adapted to transmit/receive information to/ from the second computer 12 via a second communication path 20 which is different from the first communication path 14. To achieve this, the peripheral device 22 is adapted to split the information received from the first computer 10, 16 into two or more different portions of partial information prior to transmitting the information to the second computer 12. These portions of partial information are transmitted separately via the first and the second communication paths 14, 20. Correspondingly, the second computer 12 is adapted to receive these two different portions of partial information from the first computer 10, 16 via the first and the second communication paths 14, 20, and to combine the two different -8-
portions of partial information to obtain the original (complete) information for further processing.
More specifically, the first computer 10, 16 is connected to a serial interface 28 of the peripheral device 22 which also includes an information splitting/combination functionality to store the information for further processing, i.e. to split information to be sent into different portions of partial information and to combine received different portions of partial information to obtain the original information.
To achieve this, the information splitting/combination device 22 comprises a microprocessor 30 (see Fig. 2) , a RAM memory 32 connected thereto, two serial interfaces 34, 36 to provide connections to the mobile telecommunications network 20 and the terrestrial (fixed) network 14, respectively, and a (Flash-) ROM memory 38 for a control software program.
The microprocessor 30 is also programmed to act as a determination means for determining an splitting scheme according to which the different portions of partial information from the first computer 10, 16 are splitted and sent via the first and second communication paths 14, 20 to the second computer 12.
In the present embodiment, the entire information is splitted into different portions of partial information by changing the communication path through which the information is sent after each second character.
More specifically, the splitted portions of information are sent out in an alternating fashion through the two serial interfaces 34, 36 to the mobile telephone 18 having a data transmission/reception capability, and the terrestial telephone network 14, respectively. The portion of the information sent out through the mobile telephone 18 is fed -9 -
into the mobile telephone network 20. From the mobile telephone network 20, the portion of the information is sent to a transceiving station 40 provided at the site of the second computer 12. The information received from the mobile network 20 is temporarily stored in an authorization server 44.
Parallel to the transmission of information through the wireless (mobile) communications path 20, the peripheral device 22 feeds ther other portion of information into the terrestrial telephone network 14. The terrestrial telephone network 14 feeds the information into a transceiving station 42 also provided at the site of the second computer 12. The information received by the transceiving station 42 is fed into the second (main) computer 12. Once the second computer 12 receives information through the terrestrial network 14, the corresponding (still missing) information received via the mobile network 20 is obtained by the second computer 12 from the authorization server 44 in order to have the authorization server 44 to carry out the respective transaction.
The second computer 12 (and/or the authorization server 44) are programmed to carry out the decryption and recombination required to reverse the transformation of the information carried out in the first computer/telephone 10/16 or the peripheral device 22.
The microprocessor 30 in the peripheral device 22 is also programmed to act as a an information encrypting/decrypting means in which the information is encrypted prior to being split into the at two different portions of partial information.
Although the separation of the information into two different channels already provides a significant enhancement over current procedures, an intruder actually capable of tapping a - 10-
both the terrestrial and the mobile telephone lines could obtain the complete information. Also, an intruder capable of monitoring only one of the two telephone lines (preferably the terrestrial telephone line) , could find out at least a part of the sensitive information (e.g. the PIN of a user) by monitoring and analyzing a sufficient number of information transactions. Hence, an additional encryption is desirable. To achieve this, the information can also be encrypted after being split into the two different portions of partial information.
Moreover, the microprocessor 30 is also programmed to act as an information tagging means in which said at least two different portions (AB, CD, EF, GH, IJ, KL) of partial information are provided with markings (1, 2, 3, 4, 5, 6) containing an indication regarding the sequential order of the different portions of partial information. This indication is also be encrypted together with the information portions in order to avoid an intruder being able to immediately gather the order of the information transmitted via one or both communication paths.
The microprocessor 30 can carry out a program according to the flow chart of Fig. 3. The corresponding transformation of the data structure is shown in Fig. 4.
It is understood that the flow of information from the second computer to the first can be carried out in a way corresponding to the procedure described above.

Claims

-11-Claims
1. A secure data communication system comprising
- a first computer (10, 16) being adapted to transmit/receive information to/from a second computer (12) via a first communication path (14) , characterized in that said first computer (10, 16) being adapted to transmit/receive information to/from a second computer (12) via a second communication path (20) distinct from said first communication path (14) , - said first computer (10, 16) being adapted to split the information into at least two different portions of partial information prior to transmitting the information to the second computer,
ΓÇö transmit the at least two different portions of partial information via said first and said second communication path,
- said second computer (12) being adapted to receive at least two different portions of partial information from the first computer via said first and said second communication path, and
ΓÇö combine said at least two different portions of partial information to obtain the original information.
2. The secure data communication system of claim 1, wherein said first and/or said second computer further comprises an information splitting/combination means to split information to be sent and/or to store received different portions of partial information and to combine said received and stored different portions of partial information to obtain the original information.
3. The secure data communication system of claim 1 or 2 , wherein each information splitting/combination means comprises - a determination means to determine an splitting scheme according to which the different portions of partial -12 -
information from the first computer are splitted and sent via said first and said second communication path to said second computer .
4. The secure data communication system of claim 3, wherein - the determination means is adapted to determine the order of splitting according to a predetermined scheme or a random scheme.
5. The secure data communication system of claim 1, 2, or 3, wherein
- the first communication path is provided in a terrestrial telephone network, and
- the second communication path is provided in a cellular mobile telephone network.
6. The secure data communication system of any of claims 1 to 5, wherein the first and/or said second computer further comprises
- an information encrypting/decrypting means in which ΓÇö said information is encrypted prior to being split into said at least two different portions of partial information or
- said information is encrypted after being split into said at least two different portions of partial information.
7. The secure data communication system of any of claims 1 to 6, wherein the first and/or said second computer further comprises
- an information tagging means in which said at least two different portions of partial information are provided with markings containing an indication regarding the sequential order of the different portions of partial information.
8. The secure data communication system of any of claims 1 to 7 , wherein the first and/or said second computer further comprises -13 -
- an information processing means in which information received from a respective other computer is only processed upon an authorization indication generated by a authorization computer connected to the information processing means.
9. A peripheral device connectable to a computer, said peripheral device comprising:
- a first input/output connector for transceiving information to/from said computer from/to said peripheral device, a second input/output connector for transceiving information to/ from said peripheral device from/to a first interface connectable to a first communication path,
- a third input/output connector for transceiving information to/ from said peripheral device from/to a second interface connectable to a second communication path, and - a controller for controlling the transmission/reception of information to/from said computer from/to said peripheral device, processsing said information and transceiving said information to/from said peripheral device from/to said first and/or second interface from/to said first and/or second communication path.
PCT/GB1998/000185 1998-01-22 1998-01-22 Secure data communication system WO1999038302A1 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
KR1020007008014A KR20010034297A (en) 1998-01-22 1998-01-22 Secure data communication system
EP98900938A EP1050144A1 (en) 1998-01-22 1998-01-22 Secure data communication system
PCT/GB1998/000185 WO1999038302A1 (en) 1998-01-22 1998-01-22 Secure data communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/GB1998/000185 WO1999038302A1 (en) 1998-01-22 1998-01-22 Secure data communication system

Publications (1)

Publication Number Publication Date
WO1999038302A1 true WO1999038302A1 (en) 1999-07-29

Family

ID=10824874

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB1998/000185 WO1999038302A1 (en) 1998-01-22 1998-01-22 Secure data communication system

Country Status (3)

Country Link
EP (1) EP1050144A1 (en)
KR (1) KR20010034297A (en)
WO (1) WO1999038302A1 (en)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002047352A2 (en) * 2000-10-27 2002-06-13 Listen.Com Delivering media data to portable computing devices
WO2002063852A2 (en) * 2001-02-06 2002-08-15 Hewlett-Packard Company Method and apparatus for partial encryption of contents
WO2004063937A2 (en) * 2003-01-08 2004-07-29 Ttp Com Limited Downloading data files
EP1528732A1 (en) * 2003-10-29 2005-05-04 Nokia Corporation Method and System for providing communications security
EP1804454A1 (en) 2005-12-29 2007-07-04 Telefonaktiebolaget LM Ericsson (publ) A method for consolidating data records
US7352998B2 (en) 2003-09-12 2008-04-01 Nokia Corporation Method and system for establishing a wireless communications link
US7499674B2 (en) 2003-09-12 2009-03-03 Nokia Corporation Method and system for repeat request in hybrid ultra wideband-bluetooth radio
US7697893B2 (en) 2004-06-18 2010-04-13 Nokia Corporation Techniques for ad-hoc mesh networking
US7702284B2 (en) 2003-09-12 2010-04-20 Arto Palin Method and system for processing acknowledgments in a wireless communications network
US7782894B2 (en) 2003-09-12 2010-08-24 Nokia Corporation Ultra-wideband/low power communication having a dedicated removable memory module for fast data downloads—apparatus, systems and methods
EP2493234B1 (en) * 2011-02-28 2019-08-28 BlackBerry Limited Providing wireless message data delivery through intermediary wireless communications device

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102192402B1 (en) * 2020-05-22 2020-12-17 주식회사 한터글로벌 Validation and chart data generation system using genuine product authentication
KR102184422B1 (en) * 2020-05-22 2020-11-30 주식회사 한터글로벌 Chart data generation system using genuine product authentication
KR102192401B1 (en) * 2020-05-22 2020-12-17 주식회사 한터글로벌 Chart data generation system using certified genuine data information
KR102192400B1 (en) 2020-05-22 2020-12-17 주식회사 한터글로벌 Chart data generation and user management system using genuine product authentication

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0224895A2 (en) * 1985-12-04 1987-06-10 AT&T Corp. Data communication method and apparatus using multiple physical data links
EP0405989A2 (en) * 1989-06-30 1991-01-02 STMicroelectronics Limited Message routing
US5428671A (en) * 1992-11-09 1995-06-27 Compaq Computer Corporation Modem for tight coupling between a computer and a cellular telephone
WO1995023471A1 (en) * 1994-02-28 1995-08-31 Nokia Telecommunications Oy Traffic distribution in atm network
EP0814589A2 (en) * 1996-06-19 1997-12-29 AT&T Corp. System and method for automated network reconfiguration

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0224895A2 (en) * 1985-12-04 1987-06-10 AT&T Corp. Data communication method and apparatus using multiple physical data links
EP0405989A2 (en) * 1989-06-30 1991-01-02 STMicroelectronics Limited Message routing
US5428671A (en) * 1992-11-09 1995-06-27 Compaq Computer Corporation Modem for tight coupling between a computer and a cellular telephone
WO1995023471A1 (en) * 1994-02-28 1995-08-31 Nokia Telecommunications Oy Traffic distribution in atm network
EP0814589A2 (en) * 1996-06-19 1997-12-29 AT&T Corp. System and method for automated network reconfiguration

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2002047352A3 (en) * 2000-10-27 2002-09-06 Listen Com Delivering media data to portable computing devices
WO2002047352A2 (en) * 2000-10-27 2002-06-13 Listen.Com Delivering media data to portable computing devices
WO2002063852A2 (en) * 2001-02-06 2002-08-15 Hewlett-Packard Company Method and apparatus for partial encryption of contents
WO2002063852A3 (en) * 2001-02-06 2002-12-12 Hewlett Packard Co Method and apparatus for partial encryption of contents
US6976166B2 (en) 2001-02-06 2005-12-13 Hewlett-Packard Development Company, L.P. Method and apparatus for partial encryption of content
WO2004063937A2 (en) * 2003-01-08 2004-07-29 Ttp Com Limited Downloading data files
WO2004063937A3 (en) * 2003-01-08 2005-02-03 Ttp Com Ltd Downloading data files
US7499674B2 (en) 2003-09-12 2009-03-03 Nokia Corporation Method and system for repeat request in hybrid ultra wideband-bluetooth radio
US7702284B2 (en) 2003-09-12 2010-04-20 Arto Palin Method and system for processing acknowledgments in a wireless communications network
US7782894B2 (en) 2003-09-12 2010-08-24 Nokia Corporation Ultra-wideband/low power communication having a dedicated removable memory module for fast data downloads—apparatus, systems and methods
US7352998B2 (en) 2003-09-12 2008-04-01 Nokia Corporation Method and system for establishing a wireless communications link
EP1528732A1 (en) * 2003-10-29 2005-05-04 Nokia Corporation Method and System for providing communications security
US7278084B2 (en) 2003-10-29 2007-10-02 Nokia Corporation Method and system for providing communications security
US7697893B2 (en) 2004-06-18 2010-04-13 Nokia Corporation Techniques for ad-hoc mesh networking
US7765210B2 (en) 2005-12-29 2010-07-27 Telefonaktiebolaget Lm Ericsson (Publ) Method for consolidating data records
EP1804454A1 (en) 2005-12-29 2007-07-04 Telefonaktiebolaget LM Ericsson (publ) A method for consolidating data records
EP2493234B1 (en) * 2011-02-28 2019-08-28 BlackBerry Limited Providing wireless message data delivery through intermediary wireless communications device

Also Published As

Publication number Publication date
EP1050144A1 (en) 2000-11-08
KR20010034297A (en) 2001-04-25

Similar Documents

Publication Publication Date Title
US4484025A (en) System for enciphering and deciphering data
WO1999038302A1 (en) Secure data communication system
EP0687087B1 (en) Secure data transmission method
AU726397B2 (en) Pocket encrypting and authenticating communications device
US6490687B1 (en) Login permission with improved security
US20020103008A1 (en) Cordless communication between PDA and host computer using cradle
EP0756397B1 (en) System and method for key distribution and authentication between a host and a portable device
EP1274194A1 (en) Method and apparatus for wireless data communication, using an encryption unit
CN1575578B (en) Method and apparatus for personal information access control
US7284123B2 (en) Secure communication system and method for integrated mobile communication terminals comprising a short-distance communication module
KR20030095342A (en) Ic card and cryptographic communication method between ic cards
MY123202A (en) Management of authentication and encryption user information in digital user terminals
JPH0730504A (en) Device for preventing use of information without permission in radio communication
CN100493072C (en) A encryption system and method for wireless transmissions from personal palm computers to world wide web terminals
US20040158707A1 (en) Mobile terminal for use restriction and copyright protection for content, and content security system using the same
EP1286242A1 (en) System and method for protected data input of security data
JPH1065652A (en) System and method for communication secrecy information
JPH063905B2 (en) Authentication method between the center and the user
CN101426199B (en) ZigBee wireless network data safe transmission system
JP2003309552A (en) Control system for electronic certificate by portable telephone
KR101384702B1 (en) Method of providing financial service using smart card
JP2004040278A (en) Information transmission system
US7933582B2 (en) Telecommunication system with improved confidentiality
JP4106459B2 (en) Input device with security function and identification code registration system
KR20010091134A (en) Date communication systems having security device

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): KR US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1998900938

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 1020007008014

Country of ref document: KR

NENP Non-entry into the national phase

Ref country code: CA

WWP Wipo information: published in national office

Ref document number: 1998900938

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 1020007008014

Country of ref document: KR

WWR Wipo information: refused in national office

Ref document number: 1998900938

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1998900938

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 1020007008014

Country of ref document: KR