Method for reading attributes from an ID token

10142324 · 2018-11-27

Assignee

Bundesdruckerei GmbH (Berlin, DE)

Inventors

Cpc classification

International classification

Abstract

The invention relates to a method for reading at least one attribute stored in an ID token, wherein the ID token is assigned to a user, comprising the following steps: authenticating the user with respect to the ID token, authenticating a first computer system with respect to the ID token, after successful authentication of the user and the first computer system with respect to the ID token, read-access by the first computer system to the at least one attribute stored in the ID token for transfer of the at least one attribute to a second computer system.

Claims

1. A method for a first computer system to read at least one attribute stored in an identification (ID) token associated with a user, and transmit the at least one attribute to a second computer system, the method comprising: sending a request from a third computer system, associated with the user, to the second computer system; providing, by the second computer system, an attribute specification identifying the at least one attribute from the ID token in response to the request from the third computer system; sending, by the second computer system, the attribute specification to the first computer system without interposition of the third computer system; selecting, by the first computer system, at least one certificate of a plurality of certificates of the first computer system based on the attribute specification, each of the plurality of certificates including a different indication of attributes for which the first computer is authorized for read access, the at least one certificate including an indication of the at least one attribute identified in the attribute specification; authenticating, by the ID token, the user; authenticating, by the ID token, the first computer system using the at least one certificate of the first computer system, the at least one certificate being received by the ID token via a protected connection with end-to-end encryption between the ID token and the first computer system; checking, by the ID token, an authorization of the first computer system for a read access to the at least one attribute identified in the attribute specification using the at least one certificate, the checking following successful authentication of the user and the first computer system; effecting read access, by the first computer system, to the at least one attribute stored in the ID token if the first computer system is authorized for the read access; signing, by the first computer system, the at least one attribute read from the ID token; and sending, by the first computer system, the at least one signed attribute to the second computer system without interposition of the third computer system.

2. The method as claimed in claim 1, further comprising: sending, by the first computer system, a request to the third computer system to authenticate the user to the ID token when the first computer system has received the attribute specification from the second computer system.

3. The method as claimed in claim 2, wherein the authenticating the first computer system is performed in response to receiving, by the first computer system, confirmation from the third computer system that the authenticating the user has been performed successfully.

4. The method as claimed in claim 1, further comprising: receiving, by the first computer system, an identifier of the second computer system with the attribute specification; and charging, by the first computer system, the second computer system for an identification service provided by the first computer system using the identifier.

5. The method as claimed in claim 1, wherein the first computer system is an officially certified trust center.

6. The method as claimed in claim 1, wherein the first computer system is specified by the second computer system.

7. A non-transitory computer readable medium containing program instructions that, when executed on at least one computer processor of a first computer system, cause the at least one computer processor to perform a method for reading at least one attribute stored in an identification (ID) token associated with a user, the method comprising: receiving an attribute specification from a second computer system without interposition of a third computer system associated with the user, the attribute specification being provided by the second computer system in response to a request from the third computer system, the attribute specification identifying the at least one attribute from the ID token; selecting at least one certificate of a plurality of certificates of the first computer system based on the attribute specification, each of the plurality of certificates including a different indication of attributes for which the first computer is authorized for read access, the at least one certificate including an indication of the at least one attribute identified in the attribute specification; sending the at least one certificate to the ID token via a protected connection with end-to-end encryption, the ID token using the at least one certificate to authenticate the first computer system; effecting read access to the at least one attribute stored in the ID token following successful checking of the authorization for read access to the at least one attribute, the checking of the authorization being performed by the ID token using the at least one certificate after the ID token successfully authenticates the user and the first computer system; signing the at least one attribute read from the ID token; and sending the at least one signed attribute to the second computer system.

8. A system for storing and reading at least one attribute of a user, the system comprising: a first computer system having a network interface, the first computer system configured to receive an attribute specification via the network interface directly from a second computer system, the attribute specification identifying the at least one attribute, select at least one certificate of a plurality of certificates, each of the plurality of certificates including a different indication of attributes for which the first computer is authorized for read access, the at least one certificate including an indication of the at least one attribute identified in the attribute specification, generate a request to the user for user authentication by an identification (ID) token based on the receipt of the attribute specification, authenticate to the ID token over a protected connection in response to receiving a confirmation of successful user authentication by the ID token, the protected connection providing end-to-end encryption between the ID token and the first computer system, sign the at least one attribute, and send the at least one signed attribute directly to the second computer system; and the ID token associated with the user, the ID token having an electronic circuit, the electronic circuit includes a protected memory area configured to store the at least one attribute, and at least one processor coupled to the protected memory area, the at least one processor configured to authenticate the user, authenticate the first computer system using the at least one certificate of the first computer system, the at least one certificate being received via the protected connection, set up the protected connection to the first computer system, and send the at least one attribute to the first computer system via the protected connection after the authentication of the user and the first computer system has been performed successfully.

9. The system as claimed in claim 8, wherein the ID token comprises an electronic appliance.

10. The system as claimed in claim 8, wherein the ID token comprises a Universal Serial Bus (USB) memory stick.

11. The system as claimed in claim 8, wherein the ID token comprises an electronic document.

12. The system as claimed in claim 8, wherein the first computer system is further configured to: receive an identifier of the second computer system with the attribute specification; and charge the second computer system for an identification service provided by the first computer system using the identifier.

13. The system as claimed in claim 8, wherein the first computer system is an officially certified trust center.

14. A system for storing and reading at least one attribute of a user, the system comprising: a first computer system having a first network interface to a network, the first computer system configured to select at least one certificate of a plurality of certificates, each of the plurality of certificates including a different indication of attributes for which the first computer is authorized for read access, the at least one certificate including an indication of the at least one attribute identified in an attribute specification, effect read access to read the at least one attribute from an identification (ID) token following successful authentication of the user and the first computer system by the ID token, sign the at least one attribute, and send the at least one signed attribute to a second computer system without interposition of a third computer system; the second computer system having a second network interface to the network, the second computer system configured to provide the attribute specification identifying the at least one attribute, and send the attribute specification to the first computer system without interposition of a third computer system; and the ID token associated with the user, the ID token having an electronic circuit, the electronic circuit including a protected memory area configured to store the at least one attribute, and at least one processor coupled to the protected memory area, the at least on processor configured to authenticate the user, authenticate a first computer system using the at least one certificate of the first computer system, the certificate being received via a protected connection providing end-to-end encryption between the ID token and the first computer system, and check an authorization of the first computer system for a read access to the at least one attribute identified in the attribute specification using the at least one certificate.

Description

(1) Embodiments of the invention are explained in more detail below with reference to the drawings, in which:

(2) FIG. 1 shows a block diagram of a first embodiment of computer systems according to the invention,

(3) FIG. 2 shows a flowchart of an embodiment of a method according to the invention,

(4) FIGS. 3A, 3B, 3C show a block diagram of further embodiments of computer systems according to the invention, and

(5) FIG. 4 shows a UML diagram of a further embodiment of a method according to the invention.

(6) Elements of the embodiments below which correspond to one another are identified by the same reference symbols.

(7) FIG. 1 shows a user computer system 100 of a user 102. The user computer system 100 may be a personal computer, a portable computer, such as a laptop or palmtop computer, a personal digital assistant, a mobile telecommunication appliance, particularly a smart phone or the like. The user computer system 100 has an interface 104 for communication with an ID token 106 which has an appropriate interface 108.

(8) The user computer system 100 has at least one processor 110 for executing program instructions 112 and also a network interface 114 for communication via a network 116. The network may be a computer network, such as the Internet.

(9) The ID token 106 has an electronic memory 118 with protected memory areas 120, 122 and 124. The protected memory area 120 is used for storing a reference value which is required for authenticating the user 102 to the ID token 106. Said reference value is an identifier, for example, particularly what is known as a personal identification number (PIN), or is reference data for a biometric feature of the user 102 which can be used for authenticating the user to the ID token 106.

(10) The protected area 122 is used for storing a private key and the protected memory area 124 is used for storing attributes, for example of the user 102, such as his name, place of residence, date of birth, sex, and/or attributes which relate to the ID token itself, such as the institution which produced or issued the ID token, the validity period of the ID token, or an identifier for the ID token, such as a passport number or a credit card number.

(11) The electronic memory 118 may also have a memory area 126 for storing a certificate. The certificate contains a public key which is associated with the private key stored in the protected memory area 122. The certificate may have been produced on the basis of a public key infrastructure (PKI) standard, for example on the basis of the X.509 standard.

(12) The certificate does not necessarily have to be stored in the electronic memory 118 of the ID token 106. Alternatively or in addition, the certificate may also be stored in a public directory server.

(13) The ID token 106 has a processor 128. The processor 128 is used for executing program instructions 130, 132 and 134. The program instructions 130 are used for user authentication, i.e. for authenticating the user 102 to the ID token.

(14) In an embodiment using PINs, the user 102 inputs his PIN, in order to authenticate himself, into the ID token 106, for example via the user computer system 100. Execution of the program instructions 130 then accesses the protected memory area 120 in order to compare the input PIN with the reference value stored therein for the PIN. If the input PIN matches the reference value of the PIN, the user 102 is deemed to have been authenticated.

(15) Alternatively, a biometric feature of the user 102 is captured. By way of example, the ID token 106 has a fingerprint sensor for this purpose, or a fingerprint sensor is connected to the user computer system 100. The biometric data captured from the user 102 are compared with the biometric reference data stored in the protected memory area 120 by executing the program instructions 130 in this embodiment. If there is a sufficient match between the biometric data captured from the user 102 and the biometric reference data then the user 102 is deemed to have been authenticated.

(16) The program instructions 134 are used for executing the steps of a cryptographic protocol which relate to the ID token 106 in order to authenticate an ID provider computer system 136 to the ID token 106. The cryptographic protocol may be a challenge/response protocol based on a symmetric key or an asymmetric key pair.

(17) By way of example, the cryptographic protocol implements an extended access control method, as is specified for machine-readable travel documents (MRTDs) by the international aviation authority (ICAO). Successful execution of the cryptographic protocol authenticates the ID provider computer system 136 to the ID token, thus proving its read authorization for reading the attributes stored in the protected memory area 124. The authentication may also be reciprocal, i.e. the ID token 106 then also needs to authenticate itself to the ID provider computer system 136 on the basis of the same or a different cryptographic protocol.

(18) The program instructions 132 are used for the end-to-end encryption of data transmitted between the ID token 106 and the ID provider computer system 136, but at least of the attributes read by the ID provider computer system 136 from the protected memory area 124. For the end-to-end encryption, it is possible to use a symmetric key which is agreed between the ID token 106 and the ID provider computer system 136 when the cryptographic protocol is executed, for example.

(19) As an alternative to the embodiment shown in FIG. 1, the user computer system 100 can use its interface 104 to communicate with the interface 108 not directly but rather via a reader, connected to the interface 104, for the ID token 106. This reader, for example what is known as a class 2 chip card terminal, can also be used to input the PIN.

(20) The ID provider computer system 136 has a network interface 138 for communication via the network 116. The ID provider computer system 136 also has a memory 140 which stores a private key 142 for the ID provider computer system 136 and also the appropriate certificate 144. This certificate may also be a certificate based on a PKI standard, for example, such as X.509.

(21) The ID provider computer system 136 also has at least one processor 145 for executing program instructions 146 and 148. By executing the program instructions 146, the steps of the cryptographic protocol which relate to the ID provider computer system 136 are executed. Overall, the cryptographic protocol is thus implemented through execution of the program instructions 134 by the processor 128 of the ID token 106 and also through execution of the program instructions 146 by the processor 145 of the ID provider computer system 136.

(22) The program instructions 148 are used to implement the end-to-end encryption on the ID provider computer system 136, for example on the basis of the symmetric key which has been agreed between the ID token 106 and the ID provider computer system 136 when the cryptographic protocol is executed. In principle, it is possible to use any method for agreeing the symmetric key for the end-to-end encryption which is known per se beforehand, such as a Diffie-Hellman key exchange.

(23) The ID provider computer system 136 is preferably situated in a particularly protected environment, particularly in what is known as a trust center, so that the ID provider computer system 136 forms the confidence anchor for the authenticity of the attributes read from the ID token 106 in combination with the need for authentication of the user 102 to the ID token 106.

(24) A service computer system 150 may be designed to take an order or a commission for a service or a product, particularly an online service. By way of example, the user 102 can open an account at a bank or use another financial or banking service online via the network 116. The service computer system 150 may also be in the form of an online warehouse, so that the user 102 can purchase a mobile telephone or the like online, for example. In addition, the service computer system 150 may also be designed to deliver digital content, for example for the download of music data and/or video data.

(25) To this end, the service computer system 150 has a network interface 152 for connection to the network 116. In addition, the service computer system 150 has at least one processor 154 for executing program instructions 156. Execution of the program instructions 156 generates dynamic HTML pages, for example, which the user 102 can use to input his commission or his order.

(26) Depending on the nature of the commissioned or ordered product or the service, the service computer system 150 needs to check one or more attributes of the user 102 and/or his ID token 106 using one or more prescribed criteria. Only if this check is passed is the order or the commission from the user 102 taken and/or performed.

(27) By way of example, opening a bank account or purchasing a mobile telephone with an associated contract requires the user 102 to disclose his identity to the service computer system 150 and requires this identity to be checked. In the prior art, the user 102 must do this by presenting his identification card, for example. This process is replaced by the reading of the digital identity of the user 102 from his ID token 106.

(28) Depending on the instance of application, however, the user 102 does not need to disclose his identity to the service computer system 150, but rather it suffices to communicate only one of the attributes, for example. By way of example, the user 102 can use one of the attributes to provide evidence that he belongs to a particular group of people which is authorized to access data held on the service computer system 150 for download. By way of example, such a criterion may be a minimum age of the user 102 or the association of the user 102 with a group of people which has access authorization for particular confidential data.

(29) To use the service provided by the service computer system 150, the procedure is as follows: 1. Authentication of the user 102 to the ID token 106.

(30) The user 102 authenticates himself to the ID token 106. In an implementation using PINs, the user 102 does this by inputting his PIN, for example using the user computer system 100 or a chip card terminal connected thereto. By executing the program instructions 130, the ID token 106 then checks the correctness of the input PIN. If the input PIN matches the PIN's reference value stored in the protected memory area 120, the user 102 is deemed to have been authenticated. The procedure may be similar if a biometric feature of the user 102 is used to authenticate him, as described above. 2. Authentication of the ID provider computer system 136 to the ID token 106.

(31) To this end, a connection is set up between the ID token 106 and the ID provider computer system 136 via the user computer system 100 and the network 116. By way of example, the ID provider computer system 136 transmits its certificate 144 via this connection to the ID token 106. The program instructions 134 then generate what is known as a challenge, i.e. a random number, for example. This random number is encrypted using the public key of the ID provider computer system 136, which is contained in the certificate 144. The resulting cipher is sent from the ID token 106 via the connection to the ID provider computer system 136. The ID provider computer system 136 decrypts the cipher using its private key 142 and in this way obtains the random number. The random number is returned by the ID provider computer system 136 to the ID token 106 via the connection. By executing the program instructions 134, said ID token checks whether the random number received from the ID provider computer system 136 matches the originally generated random number, i.e. the challenge. If this is the case, the ID provider computer system 136 is deemed to have been authenticated to the ID token 106. The random number can be used as a symmetric key for the end-to-end encryption. 3. When the user 102 has successfully authenticated himself to the ID token 106, and when the ID provider computer system 136 has successfully authenticated itself to the ID token 106, the ID provider computer system 136 is provided with read authorization for reading an attribute, a plurality of attributes or all of the attributes stored in the protected memory area 124. On the basis of a relevant read command which the ID provider computer system 136 sends to the ID token 106 via the connection, the requested attributes are read from the protected memory area 124 and they are encrypted by executing the program instructions 132. The encrypted attributes are transmitted via the connection to the ID provider computer system 136, where they are decrypted by executing the program instructions 148. This provides the ID provider computer system 136 with knowledge of the attributes read from the ID token 106.

(32) These attributes are signed by the ID provider computer system using its certificate 144 and are transmitted via the user computer system 100 or directly to the service computer system 150. This notifies the service computer system 150 of the attributes read from the ID token 106, so that the service computer system 150 can check these attributes using the prescribed one or more criteria so as then possibly to provide the service requested by the user 102.

(33) The need to authenticate the user 102 to the ID token 106 and to authenticate the ID provider computer system 136 to the ID token 106 provides the necessary confidence anchor, so that the service computer system 150 can be certain that the attributes of the user 102 which have been communicated to it by the ID provider computer system 136 are correct and not falsified.

(34) Depending on the embodiment, the order of the authentication may be different. By way of example, provision may be made for the user 102 to have to authenticate himself to the ID token 106 first of all, followed by the ID provider computer system 136. In principle, however, it is also possible for the ID provider computer system 136 to have to authenticate itself to the ID token 106 first of all, followed only then by the user 102.

(35) In the first case, the ID token 106 is designed, by way of example, such that it is unlocked only through input of a correct PIN or a correct biometric feature by the user 102. Only this unlocking allows the program instructions 132 and 134 to start and hence the ID provider computer system 136 to be authenticated.

(36) In the second case, it is also possible to start the program instructions 132 and 134 even when the user 102 has not authenticated himself to the ID token 106. In this case, by way of example, the program instructions 134 are in a form such that the ID provider computer system 136 cannot perform read access to the protected memory area 124 for the purpose of reading one or more of the attributes until after the program instructions 130 have signaled that the user 102 has also been successfully authenticated.

(37) Of particular advantage is the utilization of the ID token 106 for e-commerce and e-government applications, for example, specifically without media disruption and legally on the basis of the confidence anchor formed by the need for the user 102 and the ID provider computer system 136 to be authenticated to the ID token 106. Of particular advantage is also the fact that central storage of the attributes of various users 102 is not necessary, which means that the data protection problems which exist in the prior art are solved hereby. As far as the convenience of the application of the method is concerned, it is of particular advantage that prior registration of the user 102 in order to use the ID provider computer system 136 is not necessary.

(38) FIG. 2 shows an embodiment of a method according to the invention. In step 200, a service request is sent from the user computer system to the service computer system. By way of example, the user does this by starting an Internet browser on the user computer system and inputting a URL to call a web page on the service computer system. The user then inputs his service request into the called web page, for example in order to order or commission a service or a product.

(39) In step 202, the service computer system 150 then specifies one or more attributes which it requires in order to check the user's authorization for the service request. In particular, the service computer system can specify attributes which determine the digital identity of the user 102. This specification of the attributes by the service computer system 150 may be firmly prescribed or can be determined individually by the service computer system 150 using prescribed rules, depending on the service request.

(40) In step 204, the attribute specification, i.e. the specification performed in step 202 for the one or more attributes, is transmitted from the service computer system to the ID provider computer system, specifically either directly or via the user computer system.

(41) In order to provide the ID provider computer system with the opportunity to read attributes from his ID token, the user authenticates himself to the ID token in step 206.

(42) In step 208, a connection is set up between the ID token and the ID provider computer system. This is preferably a protected connection, for example on the basis of what is known as a secure messaging method.

(43) In step 210, the ID provider computer system is at least authenticated to the ID token via the connection which has been set up in step 208. In addition, there may also be provision for the ID token to be authenticated to the ID provider computer system.

(44) When both the user and the ID provider computer system have been successfully authenticated to the ID token, the ID provider computer system is provided with the access authorization for reading the attributes by the ID token. In step 212, the ID provider computer system sends one or more read commands for reading the attributes required according to the attribute specification from the ID token. The attributes are then transmitted using end-to-end encryption via the protected connection to the ID provider computer system, where they are decrypted.

(45) The attribute values which have been read are signed by the ID provider computer system in step 214. In step 216, the ID provider computer system sends the signed attribute values via the network. The signed attribute values reach the service computer system either directly or via the user computer system. In the latter case, the user may have the opportunity to take note of the signed attribute values and/or to add further data to them. Provision may be made for the signed attribute values, possibly with the added data, to be forwarded from the user computer system to the service computer system only following release by the user. This provides the greatest possible transparency for the user in terms of the attributes sent from the ID provider computer system to the service computer system.

(46) FIG. 3 shows further embodiments of an ID token according to the invention and computer systems according to the invention. In the embodiment in FIG. 3, the ID token 106 is in the form of a document, such as a paper-based and/or plastic-based document with an integrated electronic circuit, which forms the interface 108, the memory 118 and the processor 128. By way of example, the integrated electronic circuit may be what is known as a radio tag, which is also called an RFID tag or RFID label. Alternatively, the interface 108 may be equipped with contacts or be in the form of a dual mode interface.

(47) In particular, the document 106 may be a value document or security document, such as a machine-readable travel document (MRTD), such as an electronic passport or an electronic identification card, or may be payment means, such as a credit card.

(48) In the embodiment under consideration in the present case, the protected memory area 124 stores the attributes i, wherein 1in. It is subsequently assumed, without any limitation of the general nature, that the ID token 106 shown by way of example in FIG. 3 is an electronic identification card. By way of example, the attribute i=1 is the surname, the attribute i=2 is the first name, the attribute i=3 is the address and the attribute i=4 is the date of birth, etc.

(49) In the embodiment under consideration here, the interface 104 of the user computer system 100 may be in the form of an RFID reader, which may form an integral part of the user computer system or may be connected thereto as a separate component.

(50) The user 102 has one or more further ID tokens which are basically of the same design, such as an ID token 106 which is a credit card.

(51) The user computer system 100 may store a plurality of configuration data records 158, 160, . . . . Each of the configuration data records indicates for a particular set of attributes a data source and an ID provider computer system which can read the specified data source. In this embodiment, the user computer system 100 can use the network 116 to address different ID provider computer systems 136, 136, . . . which may respectively be associated with different trust centers. By way of example, the ID provider computer system 136 is associated with the trust center A, and the ID provider computer system 136, which is of the same design in principle, may be associated with another trust center B. The configuration data record 158, which is also called an ID container, has the set of attributes for the attributes i=1 to i=4 defined in it. These attributes respectively have the data source identification card, i.e. the ID token 106, and the trust center A, i.e. the ID provider computer system 136, associated with them. The latter may be specified in the form of its URL, for example, in the configuration data record 158.

(52) By contrast, the configuration data record 116 has a set of attributes I, II and III defined in it. The data source indicated for these attributes is the respective credit card, i.e. the ID token 106. The ID token 106 has a protected memory area 124 which stores the attributes I, II, III. The attribute I may be the name of the holder of the credit card, for example, the attribute II may be the credit card number and the attribute III may be the validity of the credit card, etc.

(53) The ID provider computer system indicated in the configuration data record 160 is the ID provider computer system 136 of the trust center B.

(54) As an alternative to the embodiment shown in FIG. 3, it is also possible for different data sources and/or different ID provider computer systems to be indicated in the same configuration data record for different attributes.

(55) In the embodiment in FIG. 3, each of the ID provider computer systems 136, 136, . . . may have a respective plurality of certificates.

(56) By way of example, the memory 140 of the ID provider computer system 136, which is shown by way of example in FIG. 3, stores a plurality of certificates, such as the certificates 144.1 and 144.2 with the respective associated private keys 142.1 and 142.2. In the certificate 144.1, read rights for the ID provider computer system 136 are defined for the attributes i=1 to i=4, whereas in the certificate 144.2, read rights are defined for the attributes I to III.

(57) To use a service provided by the service computer system 150, the user 102 first of all makes a user input 162 into the user computer system 100, for example in order to input his request for the desired service into a web page on the service computer system 150. Said service request 164 is transmitted from the user computer system 100 via the network 116 to the service computer system 150. The service computer system 150 then responds with an attribute specification 166, i.e. by specifying those attributes which the service computer system 150 requires in order to handle the service request 164 from the user 102. By way of example, the attribute specification can be made in the form of the attribute name, such as surname, first name, address, credit card number.

(58) The receipt of the attribute specification 166 is signaled to the user 102 by the user computer system 100. The user 102 can then select one or, if necessary, a plurality of the configuration data records 158, 160, . . . which respectively define sets of attributes which contain the attributes according to the attribute specification 166, at least as a subset.

(59) If the attribute specification 166 merely requires notification of the surname, the first name and the address of the user 102, for example, the user 102 can select the configuration data record 158. If, by contrast, the credit card number is additionally specified in the attribute specification 166, the user 102 can additionally select the configuration data record 160. This process can also be performed fully automatically by the user computer system 100, for example by executing the program instructions 112.

(60) Subsequently, it is first of all assumed that only one of the configuration data records, such as the configuration data record 158, is selected on the basis of the attribute specification 166.

(61) The user computer system 100 then sends a request 168 to the ID provider computer systems indicated in the chosen configuration data record, in the example under consideration to the ID provider computer system 136 of the trust center A. Said request 168 contains an indication of the attributes, according to the attribute specification 166, which need to be read by the ID provider computer system 136 from the data source indicated in the configuration data record 158.

(62) The ID provider computer system 136 then selects one or more of its certificates which have the read rights required for reading these attributes. If, by way of example, the attributes i=1 to 3 are to be read from the identification card, the ID provider computer system 136 selects its certificate 144.1, which defines the read rights required therefor. This selection of the certificate is performed by executing the program instructions 149.

(63) Next, the execution of the cryptographic protocol is started. By way of example, the ID provider computer system 136 to this end sends a response to the user computer system 100. The user computer system 100 then asks the user 102 to authenticate himself to the specified data source, i.e. in this case to the identification card.

(64) The user 102 then brings his identification card, i.e. the ID token 106, into the range of the RFID reader 104, and inputs his PIN, for example, in order to authenticate himself. The successful authentication of the user 102 to the ID token 106 unlocks the latter for performance of the cryptographic protocol, i.e. for performance of the program instructions 134. Subsequently, the ID provider computer system 136 authenticates itself to the ID token 106 using the selected certificate 144.1, for example using a challenge/response method. This authentication may also be reciprocal. Following successful authentication of the ID provider computer system 136 to the ID token 106, the ID provider computer system sends a read request for reading the requisite attributes to the user computer system 100, and the latter forwards this via the RFID reader 104 to the ID token 106. The ID token 106 uses the certificate 144.1 to check whether the ID provider computer system 136 has the requisite read rights. If this is the case, the desired attributes are read from the protected memory area 124 and are transmitted by means of end-to-end encryption to the ID provider computer system via the user computer system 100.

(65) The ID provider computer system 136 then sends a response 170, which contains the attributes which have been read, via the network 116 to the service computer system 150. The response 170 is digitally signed with the certificate 144.1.

(66) Alternatively, the ID provider computer system 136 sends the response 170 to the user computer system 100. The user 102 is then provided with the opportunity to read the attributes contained in the response 170 and to decide whether or not he actually wishes to forward these attributes to the service computer system 150. Only when a release command from the user 102 has been input into the user computer system 100 is the response 170 then forwarded to the service computer system 150. In this embodiment, it is also possible for the user 102 to add further data to the response 170.

(67) If a plurality of ID provider computer systems 136, 136, . . . are involved, the individual responses from the ID provider computer systems can be combined by the user computer system 100 in a single response which all of the attributes according to the attribute specification 166 contain, said response then being sent from the user computer system 100 to the service computer system 150.

(68) According to one embodiment of the invention, the user 102 can disclose one or more of his attributes to the service computer system 150 on the occasion of the service request 164, for example by transmitting said attributes of the user to the service computer system via the network 116 as part of the service request 164. In particular, the user 102 can input said attributes into the web page on the service computer system 150. The correctness of these attributes is then confirmed by the response 170, i.e. the service computer system 150 can compare the attributes received from the user 102 with the attributes read from the ID token 106 by the ID provider computer 136 and can check them for a match.

(69) According to a further embodiment of the invention, it is also possible for at least one further attribute to be indicated in the attribute specification 166, said attribute not being stored on one of the ID tokens of the user 102 but rather being able to be requested from an external data source. By way of example, this may involve an attribute relating to the creditworthiness of the user 102. To this end, the user computer system 100 may contain a further configuration data record 161 which contains the indication of a data source and of an ID provider computer system for the attribute Ae.g. creditworthiness. The data source may be an online credit agency, such as a credit bureau, Dun & Bradstreet or the like. By way of example, the ID provider computer system indicated is a trust center C, as in the embodiment in FIG. 3. In this case, the data source may be located in the trust center C.

(70) In order to request the attribute A, the user computer system 100 thus sends an appropriate request (not shown in FIG. 3) to the trust center C, i.e. the ID provider computer system 136. The latter then delivers the attribute A, which the user computer system 100 forwards to the service computer system 150 together with the further attributes which have been read from the ID token(s) of the user 102.

(71) Preferably, the attribute A is requested after the attributes relating to the digital identity of the user 102 have already been requested from one of the ID tokens of the user 102, and have been received as a signed response 170 by the user computer system 100, for example. The request for the attribute A from the ID provider computer system 136 by the user computer system 100 then contains the signed response 170, so that the ID provider computer system 136 has reliable information about the identity of the user 102.

(72) FIG. 4 shows a further embodiment of a method according to the invention. A user input from a user 102 into a user computer system 100 is used by the user 102 to specify a service on a service computer system which he or she wishes to use. By way of example, this is done by calling an Internet page on the service computer system and selecting one of the services provided thereon. The service request from the user 102 is transmitted from the user computer system 100 to the service computer system 150.

(73) The service computer system 150 responds to the service request with an attribute specification, i.e. for example a list of attribute names. When the attribute specification has been received, the user computer system 100 asks the user 102 to authenticate himself to the ID token 106, for example by means of an input request.

(74) The user 102 then authenticates himself to the ID token 106, for example by inputting his PIN. Following successful authentication, the attribute specification is forwarded from the user computer system 100 to an ID provider computer system 136. The latter then authenticates itself to the ID token 106 and sends a read request for reading the attributes according to the attribute specification to the ID token 106.

(75) Assuming the prior successful authentication of the user 102 and of the ID provider computer system 136, the ID token 106 responds to the read request with the desired attributes. The ID provider computer system 136 signs the attributes and sends the signed attributes to the user computer system 100. Following release by the user 102, the signed attributes are then transmitted to the service computer system 150, which can then provide the desired service as appropriate.

LIST OF REFERENCE SYMBOLS

(76) 100 User computer system 102 User 104 Interface 106 ID token 108 Interface 110 Processor 112 Program instructions 114 Network interface 116 Network 118 Electronic memory 120 Protected memory area 122 Protected memory area 124 Protected memory area 126 Memory area 128 Processor 130 Program instructions 132 Program instructions 134 Program instructions 136 ID provider computer system 138 Network interface 140 Memory 142 Private key 144 Certificate 145 Processor 146 Program instructions 148 Program instructions 149 Program instructions 150 Service computer system 152 Network interface 154 Processor 156 Program instructions 158 Configuration data record 160 Configuration data record 161 Configuration data record 162 User input 164 Service request 166 Attribute specification 168 Request 170 Response

Method for reading attributes from an ID token

Assignee

Inventors

Cpc classification

Classification Explorer

H04L63/0823

ELECTRICITY

Classification Explorer

H04L63/0428

ELECTRICITY

Classification Explorer

G06F21/33

PHYSICS

Classification Explorer

G07F7/1016

PHYSICS

Classification Explorer

G06F2221/2119

PHYSICS

Classification Explorer

H04L63/10

ELECTRICITY

Classification Explorer

G06F21/445

PHYSICS

Classification Explorer

G06Q20/40

PHYSICS

Classification Explorer

G06F21/43

PHYSICS

Classification Explorer

G07F7/1008

PHYSICS

Classification Explorer

G06F21/31

PHYSICS

Classification Explorer

H04L63/083

ELECTRICITY

Classification Explorer

G07F7/1075

PHYSICS

Classification Explorer

H04L2209/56

ELECTRICITY

Classification Explorer

H04L2209/805

ELECTRICITY

Classification Explorer

H04L9/3234

ELECTRICITY

Classification Explorer

G07F7/10

PHYSICS

Classification Explorer

G06F21/35

PHYSICS

Classification Explorer

G06F2221/2115

PHYSICS

Classification Explorer

G07F7/1091

PHYSICS

Classification Explorer

G06Q20/40975

PHYSICS

Classification Explorer

H04L63/0853

ELECTRICITY

Classification Explorer

G06Q20/347

PHYSICS

Classification Explorer

G06Q20/341

PHYSICS

Classification Explorer

H04L9/3263

ELECTRICITY

Classification Explorer