This invention pertains to methods and apparatus for accessing an electronic device by a data terminal as well as a computer program product, an electronic device and a data terminal.
Methods for electronically storing data under cryptographic protection are already well-known from the state of the art. One form of protected storage, which has found broad acceptance over the last two decades, is electronic chip cards, which are standardized by ISO 7816 Sections 1 through 4. One of the most important application areas for chip card technology in the future is the introduction of machine-readable travel documents. Anticipated benefits of this include an increase in security as well as efficiency in checking passengers, particularly when it comes to global air travel. Over the last several years, the International Civil Aviation Organization ICAO has provided standards for machine-readable travel documents.
Seen alongside the secure storage of personal data in machine-readable travel documents is the goal of simplifying security checks by the largest possible number of governmental and non-governmental organizations and the extent to which personal data is worthy of protection from being read without authorization. A suitable balance between both requirements must allow for both differences in the method of legal data protection and varying extents to which individual data objects are worthy of protection.
A system is known from US 2005/0097320A1 which enables communication between a user and an institution, such as a bank. Communication takes place via a network. A “transaction risk assessment” occurs each time the user accesses the institution's system, which determines the risk of the current transaction.
A similar system is known from US 2002/0087894 A1, where the user himself selects the security level for the data transfer.
From “Machine Readable Travel Documents, Technical Report, PKI for Machine Readable Travel Documents offering ICC Read-Only Access, Version 1.1, 1. October 2004, International Civil Aviation Organization, published by Authority of the Secretary General, pages 1-57, procedures for Basic Access Control are known, which are intended to ensure that access to the chip of a travel document cannot occur unnoticed by the holder of the identifying document. The procedures are also used to protect against so-called “Chip Substitution”. The only disclosure regarding possible Extended Access Control is that this can be based either on a symmetrical or asymmetrical encryption process.
On the other hand, the invention is based on the task of creating better procedures for accessing an electronic device by a data terminal, a computer program product, a digital storage medium, an electronic device, a data terminal and an identifying document.