The patent's assignee for patent number 8621231 is Almerys (
News editors obtained the following quote from the background information supplied by the inventors: "Electronic safes comprise storage spaces, with secure access, for electronic data. They offer administrations, companies and private individuals a solution for storing, in electronic form, various content, for example pay slips, bank statements, insurance policies, photographs, etc. (see for example the website www.e-coffrefort.fr).
"Such electronic safes are generally created, and then managed, by means of a server belonging to a trusted third party and accessible from a large number of terminals (computers, mobile telephones with WAP or Internet connection, etc.) by the users of the electronic safes.
"When a company or an administration opens a safe for a user, it generally provides him with a security module, for example hardware (smart card, USB key, etc.), having means of storing in particular authentication data.
"When the user wishes to access his electronic safe, he connects from a terminal, for example to a corresponding HTML page of the website of the company, and then carries out an authentication step using the security module.
"The authentication step generally comprises reading authentication data stored in the security module in order to allow authentication of the user and, consequently, authorize or not the access to an electronic safe.
"A user can have the benefit of several electronic safes: a safe offered by his employer, another by his bank and/or insurance company, by an administration, etc.
"Nevertheless, it may be desirable to have a user take advantage of one and the same secure electronic data storage space or the same electronic safe, even when this service is offered to the user by different companies or administrations, both while allowing on the one hand the latter to manage this service offer independently of one another, and on the other hand while safeguarding security of access to the electronic safes."
As a supplement to the background information on this patent, VerticalNews correspondents also obtained the inventors' summary information for this patent: "According to a first aspect, the invention proposes a method of managing electronic safes, comprising a step of authenticating a user requesting access to a safe, by means of authentication data of said user, said authentication data to be provided by the user being dependant of an entity by means of which the user is requesting said access.
"The present invention therefore allows the use of one and the same electronic safe by a user with the necessary access security, when this electronic safe supply service is made available to him by several companies or administrations (corresponding to the respective entities) by means in particular of respective smart cards comprising the authentication data. The authentication data of the user to be provided for accessing the safe by means of a first entity are different from the authentication data of the user to be provided for accessing this same safe by means of a second entity. The user can also have access to an additional electronic safe specific to the company or administration corresponding to the entity by means of which the user is requesting access.
"The companies or administrations can, independently of one another, stop their electronic safe supply service with regard to a user.
"In one embodiment, the method comprises a step of identifying the entity by means of which the user is requesting access to the safe and a step of determining authentication data to provide depending on the identified entity.
"In one embodiment, the method comprises, when the user requests for the first time an access to the electronic safe by means of an entity from amongst a first and a second entity, a step of transmitting authentication data to a terminal of the user with a view to the storage of said authentication data in a hardware security module assigned to the user and associated specifically with said entity, the authentication data transmitted with a view to storage in the hardware security module associated with a first entity being different from the authentication data transmitted with a view to storage in the hardware security module associated with a second entity.
"This measure makes it possible to control the provision of authentication data according to the entity by means of which the user requests the use of the electronic safe.
"This measure also makes it possible for access to the electronic safe, offered by each company or administration corresponding to a respective entity, to be issued following a strong authentication of the user with the server. A given card allows access by means of a single entity, allowing increased security.
"In one embodiment, the method comprises a step of signing and/or encryption, by means of a signature and/or encryption key, of data to be stored on request of said user in said electronic safe, the key used when the user requests storage in said electronic safe by means of a first entity being identical to that used when the user requests storage in said electronic safe by means of a second entity.
"This measure makes it possible to use electronic data stored in the safe of the user independently of the entity by means of which the data were stored and of the entity by means of which the data are then used.
"According to a second aspect, the invention proposes an electronic safe management server, comprising authentication means designed to authenticate a user requesting access to a safe by means of authentication data of said user, said authentication data to be provided by the user being dependant of an entity by means of which the user is requesting said access. According to a third aspect, the invention proposes a computer program comprising instructions for implementing the steps of a method according to the first aspect of the invention during execution of the program on a computer."
For additional information on this patent, see: Tirbois, Jean-Marie; Chochois, Michael. Method and Server for Accessing an Electronic Safe via a Plurality of Entities. U.S. Patent Number 8621231, filed
Keywords for this news article include: Almerys, Information Technology, Information and Data Encoding and Encryption.
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- 5 Notable Hispanic Technology Executives
- Top Hispanic Tech Companies Push for the Top
- Rand Paul Tops Presidential Straw Poll at Conservative PAC Conference
- Tesla's Alt-Energy Future Aims for Massive Lithium-Ion Battery Production
- New Chat App, Yik Yak, Causes Problems for Students
- China Urges Malaysia Flight Emergency Response
- Gas Prices May Jump from Calif. Emissions Law
- Russia, Crimea Discuss Referendum
- Visa, MasterCard Team Up to Focus on Payment Security
- Obama Meets with Ukraine Prime Minister Wednesday