[go: up one dir, main page]

WO1995015522A1 - Systeme de verification de donnees numeriques - Google Patents

Systeme de verification de donnees numeriques Download PDF

Info

Publication number
WO1995015522A1
WO1995015522A1 PCT/US1994/013360 US9413360W WO9515522A1 WO 1995015522 A1 WO1995015522 A1 WO 1995015522A1 US 9413360 W US9413360 W US 9413360W WO 9515522 A1 WO9515522 A1 WO 9515522A1
Authority
WO
WIPO (PCT)
Prior art keywords
computer
file
date
computer file
time
Prior art date
Application number
PCT/US1994/013360
Other languages
English (en)
Inventor
Robert F. Jones
Original Assignee
Scheele, Drew
Martonick, Michael
Levi, Dean, F.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Scheele, Drew, Martonick, Michael, Levi, Dean, F. filed Critical Scheele, Drew
Priority to AU11821/95A priority Critical patent/AU1182195A/en
Publication of WO1995015522A1 publication Critical patent/WO1995015522A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • This invention relates to verifying digital data and, more particularly, verifying the authenticity of digital computer files.
  • a system for verifying computer files as authentic includes a central computer that can be accessed by a plurality of peripheral computers via an interface network. Users create computer files via the peripheral computers, e.g., a desktop personal computer, a laptop computer, a palmtop computer, etc. Methods in accordance with this invention are performed on the peripheral computers and the central computer to "fingerprint" a file after it is created. This way the file can be later verified to determine whether the file has been altered since it was fingerprinted. In particular, after a user creates a file on a peripheral computer, the user can fingerprint the file for later verification.
  • the peripheral computer To fingerprint a file, the peripheral computer first calculates a fingerprint using a technique that produces a fingerprint that is unique to the data contained in the file. The peripheral computer then accesses the central computer and the central computer stores the file fingerprint. Later, to verify the content of a file stored on a peripheral computer, the fingerprint of the file is recalculated using the same technique. The recalculated fingerprint is then compared to the fingerprint stored on the central computer. If the fingerprints match, the file is verified as unaltered. On the other hand, if the fingerprints do not match, then one knows that the file has either been altered or corrupted. In accordance with further aspects of the invention, when the file is fingerprinted, the file is also date and time stamped.
  • the central computer includes a clock that provides the date and time at which the file is fingerprinted.
  • the date and time is then stored in the central computer along with the fingerprint.
  • the date and time is also stored along with the file on the peripheral computer. Then, when verifying the file, the date and time stored with the file on the peripheral computer is verified along with the fingerprint by comparing the date and time with that stored on the central computer.
  • the author of the file must identify himself before the file is fingerprinted.
  • the central computer then keeps a record of the author along with the fingerprint and date and time stamp of the file. In this way, the author of the file can be verified.
  • the author identifies himself by entering a previously assigned password.
  • the central computer verifies the password before fingerprinting and date and time stamping the file.
  • the fingerprint and date and time stamp are stored in a database assigned exclusively to the author (i.e., user or subscriber), thereby maintaining a record of the file's author.
  • the fingerprinting of a file includes calculating the cyclic redundancy check (CRC) value for the file.
  • CRC cyclic redundancy check
  • the fingerprint also includes the size of the file.
  • the system includes the ability to store complete files on the central computer by downloading the files from a peripheral computer. This way, the file can be deleted on the peripheral computer to free up memory, and then uploaded from the central computer when needed. Also, if a file on a peripheral computer becomes corrupted, the original file can be uploaded from the central computer if it was previously stored on the central computer.
  • a central computer is used to store fingerprints of files created on various peripheral computers.
  • the fingerprint of a file stored on a peripheral computer is recalculated and then compared to the fingerprint stored on the central computer. If the fingerprints match, the content of the file is verified as unaltered.
  • the system also includes the ability to date and time stamp files. The date and time stamp is stored along with the fingerprint on the central computer so that the date and time of creation of the file can be later verified.
  • the system also includes the ability to record on the central computer the file's author so that the author of the file can be verified as well.
  • the central computer By tightly maintaining the security of the central computer, the fingerprint, author, and date and time stamp verification data are preserved. This way, despite lax security on numerous peripheral computers, computer files created on the peripheral computer can be later verified. In other words, a high security of data, on numerous computers is achieved by simply maintaining the security of a single computer, namely, the central computer. As a result, a relatively low cost system for verifying the authenticity (i.e., content, author, and date and time of creation) of computer files is provided. It will be further appreciated that the invention also allows the downloading of files from a peripheral computer to the central computer so that the central computer can store a file for later retrieval (i.e., uploading) in case the file is either deleted or corrupted on one of the peripheral computers. As a result, computers can be used to create records required to have a high level of authenticity and veracity such as patient medical records, research laboratory records, and financial records.
  • FIGURE 1 is a system block diagram of a multi-computer system structured in accordance with the present invention
  • FIGURE 2A is a block diagram illustrating the types of files, including document files, stored on a peripheral computer in accordance with the invention, and FIGURE 2B shows a document file in more detail;
  • FIGURE 3A is a block diagram illustrating the types of files, including subscriber databases, stored on a central computer in accordance with the invention, and FIGURE 3B shows a subscriber database in more detail;
  • FIGURES 4A-4D show a composite flow diagram illustrating in part how the invention operates;
  • FIGURE 5 contains a flow diagram illustrating in part the operation of a peripheral computer in accordance with the invention.
  • FIGURE 1 is a system block diagram of multiple computers configured and interconnected in accordance with the invention.
  • the verification system includes a central computer 10, multiple peripheral computers 12, and a universal time clock (UTC) 14, all interconnected via an interface network 16.
  • the peripheral computers 12 are computers on which computer files are created by an author (i.e., user or subscriber of the verification system).
  • the peripheral computers 12 can take many forms, including personal computers such as desktop computers, laptop computers, notebook computers, or palmtop computers.
  • the file can be "fingerprinted," so that the content of the file can be verified as unaltered at a later time.
  • the peripheral computer uses a particular technique to generate a fingerprint that is unique to the particular data stored in the file.
  • the peripheral computer 12 then accesses the central computer 10 via the interface network 16 and the fingerprint is stored on the central computer.
  • the peripheral computer recalculates the fingerprint using the same technique, and the recalculated fingerprint is then compared to the fingerprint stored on the central computer. If the fingerprints match, the file content is verified as unaltered since the file was fingerprinted.
  • the verification system provided by the invention could be offered by a verification service company.
  • the service company would have the central computer 10 and would provide software for various users or subscribers for use on their own computers, i.e., peripheral computers 12.
  • the peripheral computers would access the central computer 10 via the interface network 16.
  • the interface network could include modems on each of the peripheral computers, a modem on the central computer, and a telephone network to interconnect the modems.
  • the interface network 16 could also be a commonly used wide area network.
  • the verification service company would tightly morutor the security of the central computer 10 so as to maintain the veracity of file fingerprints stored on the central computer 10.
  • a business having many computers could implement the data verification system shown in FIGURE 1 in-house.
  • the peripheral computers 12 would be computers used throughout the business, and the central computer 10 would be a computer for verifying the files on the peripheral computers.
  • the interface network 16 could then be some form of local area network.
  • the central computer 10 In addition to fingerprinting files created on the peripheral computers 12, the central computer 10 preferably date and time stamps each file. This way, the date and time of creation, as well as the content of a file can be later verified. The central computer accurately and robustly tracks the date and time so that files can be properly date and time stamped.
  • the central computer includes an internal clock and a battery backup as is commonly available in today's computers. The central computer 10 periodically updates its internal clock by comparing its time with the universal time clock 14, which maintains, for example, Greenwich mean time.
  • the author of a file cannot gain access to the central computer 10 to have a file fingerprinted and date and time stamped unless the author properly identifies himself.
  • the central computer verifies that the author is a user or subscriber of the verification system and then maintains a record of the author along with the file fingerprint and date and time stamp. In this way, the author of the file can be later verified. In one preferred embodiment, this is accomplished by assigning a unique password to each user or subscriber. The user must correctly enter the password to gain access to the central computer 10.
  • the central computer 10 stores a subscriber database for each user. When a file is fingerprinted and date and time stamped for a particular user identified by their password, the file fingerprint and date and time stamp is stored in the subscriber database assigned to that user. As a result, the file's author is recorded, namely, the user associated with the subscriber database.
  • the central computer also preferably has the ability to store copies of files created on the peripheral computers 12. i particular, a peripheral computer 12 can download a copy of a file to the central computer 10 via the interface network 16. This way, if a file is deleted from a peripheral computer or if a file on the peripheral computer is altered or corrupted, the copy can be uploaded from the central computer 10.
  • FIGURES 2 and 3 illustrate the type of files stored on the peripheral computers 12 and the central computer 10.
  • the peripheral computer 12 includes memory 18 that can be formed of any presently available memory or storage devices, e.g., random access memory (RAM), disc drives, laser discs, etc.
  • the memory 18 stores, among other things, document files 22 and a program 20 referred to as the Digital Data Verifier Peripheral (DDVP).
  • the DDVP program 20 is programmed according to the invention to work in conjunction with the central computer to provide verification of user created documents.
  • a document file 22 is created by the verification system upon fingerprinting a user created document 24 by appending a document activity log (DAL) 28 to the user created document 24.
  • DAL document activity log
  • a document file 22 is shown in greater detail in FIGURE 2B.
  • the document 24 is the computer file created by the user to contain the data 27, and the document activity log 28 contains file identification information 25 assigned to the document 24 and an ongoing record of activity 26 performed on the document file 22.
  • the document files 22 are preferably stored in a section of the memory 18 that is configured to be noneditable, i.e., a nonedit archive 30.
  • the nonedit archive provides a first level of security against file tampering and, just as importantly, prevents a user from inadvertently altering a fingerprinted file.
  • the nonedit archive can be formed using techniques presently well known in the computer arts area.
  • the nonedit attribute of the archive 30 formed with present techniques can be easily defeated by persons highly skilled in computers, so that storing files in the nonedit archive 30 does not provide a sufficient level of file verification. Accordingly, in accordance with the present invention, a fingerprint for each document is stored on the central computer 10 — the security of which is highly maintained — to provide an acceptable level of file verification.
  • FIGURE 3A shows the usage of memory 32 included in the central computer 10.
  • the memory 32 can be formed of any presently available memory or storage devices.
  • a portion of the memory 32 is used to store a program 34 referred to as the Digital Data Verifier Central (DDVC), which is programmed in accordance with the invention to provide file verification in conjunction with the DDVP program 20.
  • DDVC Digital Data Verifier Central
  • Another portion 36 of the memory 32 stores subscriber databases 38, one for each subscriber or user.
  • the composition of a subscriber database 38 is shown in greater detail in FIGURE 3B.
  • a subscriber database 38 includes an account log 40 that stores subscriber information and a record of system usage, which can be used, for example, for purposes of billing the subscriber.
  • a subscriber database 38 also includes document data 42 and downloaded documents 44.
  • the document data 42 includes a document record 46 for each user created document 24 entered into the verification system, i.e., a document record 46 for each document file 22.
  • the document records 46 include file fingerprints, date and time stamps, as well as other data as described in detail hereinafter.
  • the downloaded documents 44 include copies 48 of selected document files 22 stored on a peripheral computer 12.
  • FIGURES 4A-4D The operation of the DDVP program 20 and the DDVC program 34 is illustrated by the flow diagrams shown in FIGURES 4A-4D and FIGURE 5.
  • FIGURE 5 illustrates a portion of the steps of the DDVP program 20 performed on a peripheral computer
  • FIGURES 4A-4D illustrate steps performed by the combination of the DDVC program 34 and the DDVP program 20, respectively on the central computer and a peripheral computer.
  • the flow diagrams shown include oval blocks, such as the block 50, that indicate the start and end of a program; rectangular blocks, such as the block 54, that illustrate an operational step; diamond blocks, such as the decision diamond 52, that indicate a decision step that determines which subsequent steps are performed; and eight-sided blocks, such as the page connector 58, which indicate that program flow is returning from or going to a portion of a flow diagram illustrated in another figure.
  • FIGURE 5 illustrates the high level operation of the DDVP program 20 on a peripheral computer.
  • the DDVP program 20 is started at the block 160.
  • the program first determines whether or not the DDVP software has been installed, as indicated by the decision diamond 162. If the software has not been installed, it is installed as indicated by the block 164 and then the nonedit archive 30 shown in FIGURE 2A is established, as indicated by the block 166.
  • program control continues at the decision diamond 168, where a determination is made whether the user wants to review a previously fingerprinted (FP'ed) document 24, i.e., review a document file 22.
  • FP'ed previously fingerprinted
  • Program control then continues in FIGURE 4A, as indicated by the page connector 178, to fingerprint (and date and time stamp) the file, as hereinafter described.
  • the decision diamond 170 the user instead chooses to verify, upload or download a previously fingerprinted document
  • the step at the block 180 is performed to allow the user to select the desired document file 22 by entering the file's identification number. Thereafter, contact is established with the central computer (indicated at the block 176), and program control continues in FIGURE 4A (indicated by the page connector 178) to verify, upload or download the selected file, as hereinafter described.
  • the decision diamond 168 the user requests to review a document file 22, the steps 182, 184, and 186 are performed.
  • the user selects the identification number ID# of the document file 22 they want to review, as indicated at the block 182.
  • the user is then able to review the document file 22 on a computer screen of the peripheral computer and/or print the document file 22, as indicated by the block 184.
  • This activity is recorded in the document activity log 28 of the document file 22, as indicated by the block 186.
  • the user is then given the option to exit the DDVP program, as indicated by the decision diamond 188. If the user decides to exit the DDVP program, the program is terminated at the block 190. On the other hand, if the user does not wish to terminate the DDVP program, program control loops back to the decision diamond 168, where the user is again given the choice to review a fingerprinted document.
  • the starting of the DDVC program 34 on the central computer 10 begins at the block 50, as shown in FIGURE 4A. Operation begins with the steps 52, 54, and 56 to maintain the clock on the central computer and to determine whether a new user has come on line. At the decision diamond 52, a determination is made as to whether the central computer clock should be recalibrated. As shown, preferably, the clock is recalibrated every midnight, and whenever a power interruption, system reinitialization, or system tampering occurs. If recalibration is needed, the clock is recalibrated as indicated by the block 54. In one preferred embodiment, the clock is calibrated by contacting a universal time clock 14 via the interface network 16, as shown in FIGURE 1.
  • the universal time clock 14 preferably maintains Greenwich mean time (GMT). After recalibrating the clock, the step at the decision diamond 52 is again performed. Unless some intervening event has occurred, the clock will not need recalibrating and program control will continue at the decision diamond 56. Similarly, if upon first execution of the step 52, the clock does not need recalibrating, program flow continues at the decision diamond 56.
  • GCT Greenwich mean time
  • a user coming on line is illustrated in FIGURE 4A by the page connector 58, which is reached from the previously described steps shown in FIGURE 5, in particular, from the page connector 178. If a determination is made that a new user is not on line, program control loops back to the decision diamond 52 to again determine whether the clock needs to be recalibrated and then to determine whether a new user has come on line. This sequence repeats until a new user comes on line. When a new user comes on line, the hereinafter described log-in steps indicated by the blocks 60-76 are performed.
  • program control loops back to the decision diamond 52 to again determine whether the clock needs to be recalibrated and then to determine whether another user has come on line.
  • the central computer can support several users concurrently.
  • the concurrent operation can be accomplished by either time sharing a single processor of the central computer or by using multiple processors in parallel, or by other techniques currently known by those skilled in the computer art area.
  • the log-in steps 60-76 are performed.
  • the central computer determines whether correct DDVP software, registered to a valid user, is installed on the peripheral computer, as indicated by the decision diamond 64. If the DDVP software is not correct, e.g., an incorrect version, or if the software is not registered to a valid user, a message indicating such is sent to the peripheral computer, as indicated at the block 66, and then the user is logged off at the block 78, which is reached through the page connectors 62 and 80.
  • the user password is then checked by steps 68-74. The user is given three chances to correctly enter their password.
  • a counter #TR_ES is set to zero.
  • the central computer determines whether the password is correct, as indicated at the decision diamond 70. If the password is not correct, the central computer increments the counter #TR_ES, as indicated at the block 72. If the counter #TR_ES is not yet equal to three, as determined at the decision diamond 74, then the user is allowed to reenter their password and the password is again checked at the decision diamond 70.
  • the counter #TRIES reaches three and the determination at the decision diamond 74 causes program control to go to the block 76.
  • a message is sent to the peripheral computer to inform the user of the incorrect password.
  • the user is then logged off at the block 78, reached through the page connectors 62 and 80.
  • program control flows from the decision diamond 70 to FIGURE 4B as indicated by the page connectors 82 and 84, respectively in FIGURE 4A and FIGURE 4B.
  • FIGURE 4B a determination is first made at the decision diamond 86 as to whether the user wants to fingerprint or verify a document. If the user requested to fingerprint or verify a document, the hereinafter described steps shown in FIGURE 4C are performed, as indicated by the page connector 88. On the other hand, if the user does not want to fingerprint or verify a document, the hereinafter described steps shown in FIGURE 4D are performed to either download or upload a document, as indicated by the page connector 90.
  • program control After either performing the steps shown in FIGURE 4C or the steps shown in FIGURE 4D, program control returns to FIGURE 4B to execute the step at the decision diamond 92, where a determination is made as to whether the user wants to terminate communication with the central computer. If the user does not want to terminate communication, program control loops back through the blocks 170', 172' and 174' or 170' and 180* to the decision diamond 86 to again determine whether the user wants to fingerprint or verify a file or download or upload a file.
  • the steps 170', 172', 174' and 180' are identical to the steps 170, 172, 174 and 180, shown in FIGURE 5. As described with reference to FIGURE 5, these steps allow the user to select a file for fingerprinting or for verifying, uploading or downloading.
  • the user activity e.g., the user connect time
  • the account log 40 of the subscriber database 38 shown in FIGURE 3B (indicated at the block 94).
  • the user is then logged off at the block 78 and the DDVP program control returns to FIGURE 5, as indicated by the page connector 95.
  • the DDVP program continues from the page connector 179 in FIGURE 5 to the step at the decision diamond 188, where the user is given the option of either terminating the DDVP program or performing further activity, as previously described.
  • FIGURE 4B when a determination is made at the decision diamond 86 that a user wants to fingerprint (FP) or verify a document the steps shown in FIGURE 4C are performed. In particular, to fingerprint (and date and time stamp) a file, the steps 98 and 100 flowing from the page connector 96 are performed.
  • the peripheral computer determines a fingerprint for a user selected document 24 using a preselected technique that produces a fingerprint unique to the content of the document. It will be recalled that the user selects the document to be fingerprinted at the block 172 in FIGURE 5 (or at the block 172' in FIGURE 4B).
  • the fingerprint calculated at the block 98 in FIGURE 4C includes the cyclic redundancy check (CRC) value of the file.
  • CRC cyclic redundancy check
  • the algorithm for calculating the CRC value of a file is well known in the computer art and is commonly used for data communication.
  • the fingerprint may also include the size of the document, as indicated in the block 98.
  • the fingerprint and other information are stored in the subscriber database 38 assigned to the user.
  • a document record 46 as shown in FIGURE 3B is created.
  • the fingerprint of the document including the document's CRC and size in one preferred embodiment, is stored in this record.
  • the present date and time is also determined by reference to the clock on the central computer, and this date and time is stored in the document record 46 so as to date and time stamp the document.
  • the identification number ID# established by the step at the block 174 in FIGURE 5 (or at the block 174' in FIGURE 4B) is also stored in the document record 46 to identify the record.
  • the peripheral computer stores the document CRC, the document's size, and the date and time in the document activity log 28 of the document file 24, as shown in FIGURE 2B.
  • fingerprinting and date and time stamping of the file is complete, and program control returns via the page connector 102 to FIGURE 4B at the page connector 88.
  • the central computer searches the user's subscriber database 38 for the document selected by the user (at the block 180 in FIGURE 5 or at the block 180' in FIGURE 4B) and retrieves the information recorded in the corresponding document record 46.
  • the peripheral computer then recalculates the CRC and size of the document 24 archived on the peripheral computer, as indicated by the block 108.
  • the peripheral computer also retrieves the date and time stamp stored in the document activity log 28 attached to the document 24.
  • the central computer compares the CRC, file size, and date and time stamp determined by the peripheral computer to the corresponding verification data stored in the subscriber database 38 on the central computer, as indicated at the block 110.
  • a query is then made as to whether the verification data match. If the data match, the document 24 is valid (i.e., verified) and this determination is recorded in the document activity log 28 on the peripheral computer and in the document record 46 in the subscriber database 38 on the central computer, as indicated by the block 114. Thereafter, program control is returned via the page connector 102 to FIGURE 4B at the page connector 88.
  • the steps shown in FIGURE 4D are performed.
  • the steps beginning at the page connector 120 are performed.
  • the document file 22 selected by the user (at the block 180 in FIGURE 5 or at the block 180' in FIGURE 4B) is downloaded from the peripheral computer to the user's subscriber database 38 on the central computer, as indicated at the block 122.
  • the downloaded document file 48 is checked at the blocks 124, 126 and 128 to determine whether the downloading was successful, i.e., error free.
  • the file size and CRC of the downloaded document file 48 is calculated by the central computer at the block 124.
  • the calculated data are then compared to the CRC and file size in the document activity log 28 on the peripheral computer, as indicated at the block 126.
  • a determination is made as to whether the data match. If the data do not match, the file downloading was unsuccessful. In this case, the downloaded document file 48 is deleted from the subscriber database 38 and an error message is sent at the block 132 to inform the user that the downloading was unsuccessful. The user is then given the opportunity to retry the downloading, as indicated at the decision diamond 134. If the user decides not to retry downloading, program control is returned via the page connector 136 to FIGURE 4B at the page connector 90. On the other hand, if the user wants to retry downloading, program control loops back to the block 122 to repeat the downloading process.
  • the decision diamond 1208 a determination is made that the CRCs and file sizes match, the file downloading was successful (i.e., error free). Then, at the blocks 127 and 129, the downloaded document file 48 is verified to ensure that the downloaded document is identical to the document that was earlier fingerprinted (and date and time stamped). This ensures that only valid (i.e., verified) documents are downloaded and stored on the central computer.
  • the CRC, file size, and date and time in the downloaded document file 48 are compared to the corresponding data in the document record 46 generated when the file was fingerprinted. If the verification data do not match (determined at the decision diamond 129), the document file 48 is deleted from the subscriber database and an error message is sent, as indicated at the block 132.
  • the central computer searches the user's subscriber database 38 for the requested document (selected at the block 180 in FIGURE 5 or at the block 180' in FIGURE 4B), and uploads the document file 48 to the peripheral computer, as indicated at the block 138.
  • the uploaded document is then verified by comparing its CRC and size to that stored on the central computer.
  • the file size and CRC of the uploaded document are calculated by the peripheral computer, as indicated at the block 140.
  • the central computer compares the file size and CRC calculated by the peripheral computer to the file size and CRC stored in the subscriber database 36 on the central computer, as indicated by the block 142.
  • a determination is made as to whether the data match.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

Est décrit un vérificateur de fichiers informatiques permettant d'attester l'authenticité de fichiers informatiques. Ce vérificateur est mis en ÷uvre sur un système multiprocesseur, comportant un ou plusieurs ordinateurs périphériques (12), un ordinateur central (10) comprenant une mémoire protégée, et un réseau d'interface (16) interconnectant les ordinateurs. Les ordinateurs périphériques (12) servent à créer des fichiers informatiques (24). Si un fichier informatique (24) doit être vérifié ultérieurement, un ordinateur périphérique (12) génère une empreinte de ce fichier. Cette empreinte est ensuite stockée dans la mémoire protégée de l'ordinateur central (10). Pour vérifier le contenu du fichier, l'ordinateur périphérique (12) régénère l'empreinte et l'empreinte régénérée est comparée à l'empreinte stockée dans l'ordinateur central (10). La concordance des empreintes permet d'attester la non-modification du contenu du fichier informatique. La date et l'heure de création ainsi que le nom de l'auteur du fichier informatique (24) sont de préférence également stockés dans la mémoire protégée de l'ordinateur central (10), afin de permettre également la vérification de ces informations.
PCT/US1994/013360 1993-12-02 1994-11-18 Systeme de verification de donnees numeriques WO1995015522A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU11821/95A AU1182195A (en) 1993-12-02 1994-11-18 Digital data verification system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US16093893A 1993-12-02 1993-12-02
US08/160,938 1993-12-02

Publications (1)

Publication Number Publication Date
WO1995015522A1 true WO1995015522A1 (fr) 1995-06-08

Family

ID=22579114

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US1994/013360 WO1995015522A1 (fr) 1993-12-02 1994-11-18 Systeme de verification de donnees numeriques

Country Status (2)

Country Link
AU (1) AU1182195A (fr)
WO (1) WO1995015522A1 (fr)

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998053386A1 (fr) * 1997-05-21 1998-11-26 At & T Corp. Systeme et procede permettant de stocker un element de donnee provenant d'une premiere ressource dans une liste directe d'une deuxieme ressource
WO1998053385A1 (fr) * 1997-05-21 1998-11-26 At & T Corp. Systeme et procede servant a utiliser une deuxieme ressource afin de memoriser un element de donnees depuis une premiere ressource dans une pile premier entre dernier sorti
WO1998054634A1 (fr) * 1997-05-29 1998-12-03 Sol Aisenberg Procede et appareil servant a produire des timbres horodateurs pour des documents et des fichiers informatiques
EP0893763A1 (fr) * 1997-07-25 1999-01-27 Computer Forensics Limited Vérification de l'intégrité et authentification de copies de données d'ordinateur
WO1999032973A1 (fr) * 1997-12-22 1999-07-01 Square D Company Procede d'identification de la validite de la description d'un fichier executable
WO1999038076A1 (fr) * 1998-01-22 1999-07-29 Symantec Corporation Verification de l'integrite de fichiers informatiques
EP1065595A1 (fr) * 1999-06-30 2001-01-03 Texas Instruments Incorporated Génération et analyse d'une signature de données statistiques
US6237094B1 (en) 1997-05-21 2001-05-22 At&T Corporation System and method for using a second resource to store a data element from a first resource in a first-in first-out queue
US6484288B1 (en) 1999-12-17 2002-11-19 Texas Instruments Incorporated Statistics signature generation and analysis
GB2378780A (en) * 2001-08-14 2003-02-19 Elan Digital Systems Ltd An arrangement for preventing the re-use of tokens in accessing pay-per-use software
WO2002058246A3 (fr) * 2001-01-17 2003-03-20 Koninkl Philips Electronics Nv Sommes de controle robustes
US7334163B1 (en) 2004-06-16 2008-02-19 Symantec Corporation Duplicating handles of target processes without having debug privileges
US7334722B1 (en) 2005-02-14 2008-02-26 Symantec Corporation Scan-on-read
US7337327B1 (en) 2004-03-30 2008-02-26 Symantec Corporation Using mobility tokens to observe malicious mobile code
US7509680B1 (en) 2004-09-01 2009-03-24 Symantec Corporation Detecting computer worms as they arrive at local computers through open network shares
US7571448B1 (en) 2004-07-28 2009-08-04 Symantec Corporation Lightweight hooking mechanism for kernel level operations
US7650643B2 (en) 1999-09-28 2010-01-19 Baytsp.Com, Inc. Method, apparatus, and system for managing, reviewing, comparing and detecting data on a wide area network
US7735100B1 (en) 2004-04-22 2010-06-08 Symantec Corporation Regulating remote registry access over a computer network
US8108937B1 (en) 2004-04-26 2012-01-31 Symantec Corporation Robustly regulating access to executable class registry entries

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5050212A (en) * 1990-06-20 1991-09-17 Apple Computer, Inc. Method and apparatus for verifying the integrity of a file stored separately from a computer
US5097504A (en) * 1986-03-19 1992-03-17 Infoscript Method and device for qualitative saving of digitized data

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5097504A (en) * 1986-03-19 1992-03-17 Infoscript Method and device for qualitative saving of digitized data
US5050212A (en) * 1990-06-20 1991-09-17 Apple Computer, Inc. Method and apparatus for verifying the integrity of a file stored separately from a computer

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
COMPUTERS & SECURITY, Volume 8, No. 6, issued October 1989, DR. HAROLD JOSEPH HIGHLAND, "Random Bits & Bytes", pages 460-476. *
COMPUTERS AND SECURITY, Volume 8, No. 7, issued November 1989, "How to Detect a Computer Virus in Your System", pages 557-561. *

Cited By (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998053385A1 (fr) * 1997-05-21 1998-11-26 At & T Corp. Systeme et procede servant a utiliser une deuxieme ressource afin de memoriser un element de donnees depuis une premiere ressource dans une pile premier entre dernier sorti
WO1998053386A1 (fr) * 1997-05-21 1998-11-26 At & T Corp. Systeme et procede permettant de stocker un element de donnee provenant d'une premiere ressource dans une liste directe d'une deuxieme ressource
US6249871B1 (en) 1997-05-21 2001-06-19 At&T Corporation System and method for using a second resource to store a data element from a first resource in a first-in last-out stack
US6098170A (en) * 1997-05-21 2000-08-01 At&T Corporation System and method for using a second resource to store a data element from a first resource in a first-in first-out queue
US6101603A (en) * 1997-05-21 2000-08-08 At&T Corporation System and method for using a second resource to store a data element from a first resource in a first-in last-out stack
US6237094B1 (en) 1997-05-21 2001-05-22 At&T Corporation System and method for using a second resource to store a data element from a first resource in a first-in first-out queue
US6209090B1 (en) 1997-05-29 2001-03-27 Sol Aisenberg Method and apparatus for providing secure time stamps for documents and computer files
WO1998054634A1 (fr) * 1997-05-29 1998-12-03 Sol Aisenberg Procede et appareil servant a produire des timbres horodateurs pour des documents et des fichiers informatiques
EP0893763A1 (fr) * 1997-07-25 1999-01-27 Computer Forensics Limited Vérification de l'intégrité et authentification de copies de données d'ordinateur
WO1999032973A1 (fr) * 1997-12-22 1999-07-01 Square D Company Procede d'identification de la validite de la description d'un fichier executable
US6122738A (en) * 1998-01-22 2000-09-19 Symantec Corporation Computer file integrity verification
WO1999038076A1 (fr) * 1998-01-22 1999-07-29 Symantec Corporation Verification de l'integrite de fichiers informatiques
EP1065595A1 (fr) * 1999-06-30 2001-01-03 Texas Instruments Incorporated Génération et analyse d'une signature de données statistiques
US7934097B1 (en) * 1999-09-28 2011-04-26 Baytsp.Com, Inc. Method, apparatus, and system for managing, reviewing, comparing and detecting data on a wide area network
US7650643B2 (en) 1999-09-28 2010-01-19 Baytsp.Com, Inc. Method, apparatus, and system for managing, reviewing, comparing and detecting data on a wide area network
US6484288B1 (en) 1999-12-17 2002-11-19 Texas Instruments Incorporated Statistics signature generation and analysis
CN100431271C (zh) * 2001-01-17 2008-11-05 皇家菲利浦电子有限公司 鲁棒的检查和
US7016846B2 (en) 2001-01-17 2006-03-21 Koninklijke Philips Electronics N.V. Robust checksums
WO2002058246A3 (fr) * 2001-01-17 2003-03-20 Koninkl Philips Electronics Nv Sommes de controle robustes
GB2378780B (en) * 2001-08-14 2003-07-09 Elan Digital Systems Ltd Data integrity
GB2378780A (en) * 2001-08-14 2003-02-19 Elan Digital Systems Ltd An arrangement for preventing the re-use of tokens in accessing pay-per-use software
US7337327B1 (en) 2004-03-30 2008-02-26 Symantec Corporation Using mobility tokens to observe malicious mobile code
US7735100B1 (en) 2004-04-22 2010-06-08 Symantec Corporation Regulating remote registry access over a computer network
US8108937B1 (en) 2004-04-26 2012-01-31 Symantec Corporation Robustly regulating access to executable class registry entries
US7334163B1 (en) 2004-06-16 2008-02-19 Symantec Corporation Duplicating handles of target processes without having debug privileges
US7571448B1 (en) 2004-07-28 2009-08-04 Symantec Corporation Lightweight hooking mechanism for kernel level operations
US7509680B1 (en) 2004-09-01 2009-03-24 Symantec Corporation Detecting computer worms as they arrive at local computers through open network shares
US7334722B1 (en) 2005-02-14 2008-02-26 Symantec Corporation Scan-on-read

Also Published As

Publication number Publication date
AU1182195A (en) 1995-06-19

Similar Documents

Publication Publication Date Title
WO1995015522A1 (fr) Systeme de verification de donnees numeriques
US10162951B2 (en) Non-intrusive background synchronization when authentication is required
US7966644B2 (en) Method, apparatus, and computer program for managing access to documents
US6314425B1 (en) Apparatus and methods for use of access tokens in an internet document management system
CN1322449C (zh) 无服务器的分布式文件系统
US20010037454A1 (en) Computer networked system and method of digital file management and authentication
US20070136200A1 (en) Backup broker for private, integral and affordable distributed storage
US20060161460A1 (en) System and method for a graphical user interface for healthcare data
EP1544768A1 (fr) Syst me de gestion d'information m dicale
US20050210054A1 (en) Information management system
WO2003017069A2 (fr) Integrite de donnees
WO2002009007A1 (fr) Systeme et procede d'organisation d'un dossier juridique au moyen d'un sous-ensemble de regles personnalisable
US20040103284A1 (en) System and method for archiving authenticated research and development records
JP3867188B2 (ja) セキュリティ管理システムおよびそのプログラム記録媒体
EP0762261A2 (fr) Serveur de vérification et procédé d'authentification pour authentification sur réseaux
US20050267919A1 (en) System for interactive processing of form documents
Oakley et al. Scrybe: a secure audit trail for clinical trial data fusion
JP2005346120A (ja) ネットワークマルチアクセス方法およびネットワークマルチアクセス用の生体情報認証機能を備えた電子デバイス
EP1198762B1 (fr) Dispositif et procedes pour l'utilisation de jetons d'acces dans un systeme de gestion de documents via internet
CN117318975A (zh) 适用于企业数据化的智能检索处理方法及系统
CN119226235B (zh) 一种基于区块链的用户文档存储处理方法及系统
JP2006040076A (ja) データ管理方法
JP2002140244A (ja) ネットワークサービス提供方法及びそれに利用する装置
CN119513925A (zh) 文件校验方法、装置、计算机设备和存储介质
Heinlein Special feature: Medical records security

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AM AT AU BB BG BR BY CA CH CN CZ DE DK EE ES FI GB GE HU JP KE KG KP KR KZ LK LR LT LU LV MD MG MN MW NL NO NZ PL PT RO RU SD SE SI SK TJ TT UA UZ VN

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): KE MW SD SZ AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: CA

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642