Processing

Please wait...

Settings

Settings

Goto Application

1. WO2007147230 - METHOD AND APPARATUS FOR ENCRYPTION AND PASS-THROUGH HANDLING OF CONFIDENTIAL INFORMATION IN SOFTWARE APPLICATIONS

Publication Number WO/2007/147230
Publication Date 27.12.2007
International Application No. PCT/CA2007/000939
International Filing Date 29.05.2007
IPC
H04L 9/00 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
H04L 12/54 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
12Data switching networks
54Store-and-forward switching systems
H04L 9/28 2006.01
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Arrangements for secret or secure communication
28using particular encryption algorithm
CPC
H04L 2209/20
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
2209Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
20Manipulating the length of blocks of bits, e.g. padding or block truncation
H04L 9/3242
HELECTRICITY
04ELECTRIC COMMUNICATION TECHNIQUE
LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
9Cryptographic mechanisms or cryptographic; arrangements for secret or secure communication
32including means for verifying the identity or authority of a user of the system ; or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
3236using cryptographic hash functions
3242involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
Applicants
  • MCCANN, Daniel [CA]/[CA]
Inventors
  • MCCANN, Daniel
Agents
  • FURMAN, Cory J.
Priority Data
2,550,69819.06.2006CA
Publication Language English (EN)
Filing Language English (EN)
Designated States
Title
(EN) METHOD AND APPARATUS FOR ENCRYPTION AND PASS-THROUGH HANDLING OF CONFIDENTIAL INFORMATION IN SOFTWARE APPLICATIONS
(FR) PROCÉDÉ ET APPAREIL DESTINÉS À LA GESTION DE CHIFFREMENT ET DE TRANSMISSION D'INFORMATIONS CONFIDENTIELLES DANS DES APPLICATIONS LOGICIELLES
Abstract
(EN)
Methods and apparatus for securely transmitting sensitive information to a remote device at the request of an application program are provided. The application program generates a request to a secure channel provider to make a transmission to a remote device. A first message is passed from the from the application program to the secure channel provider containing insertion point codes indicating locations within the first message where the sensitive information should be inserted. Sensitive information is obtained from a source outside of the application program and the sensitive information is inserted into the first message at the locations in the first message indicated by the insertion point codes to form a second message containing the sensitive information. The second message is encrypted and this encrypted message is transmitted to the remote device. The sensitive information is unaccessed by the application program during the execution of the method.
(FR)
La présente invention concerne des procédés et un appareil destinés à transmettre en toute sécurité des informations secrètes à un dispositif distant à la demande d'un programme applicatif. Le programme applicatif génère une demande adressée à un fournisseur de canaux sécurisés pour effectuer une transmission vers un dispositif distant. Un premier message, envoyé du programme applicatif au fournisseur de canaux sécurisés, contient des codes de point d'insertion indiquant les emplacements au sein du premier message où les informations secrètes doivent être insérées. Les informations secrètes sont obtenues à partir d'une source extérieure au programme applicatif et elles sont insérées dans le premier message aux emplacements du premier message indiqués par les codes de point d'insertion de manière à former un deuxième message contenant les informations secrètes. Le second message est chiffré avant d'être transmis au dispositif distant. Le programme applicatif n'accède pas aux informations secrètes pendant l'exécution du procédé.
Other related publications
Latest bibliographic data on file with the International Bureau