DE10108408A1 - Virtual private network has secure data exchange with internet key distribution - Google Patents

Abstract

A virtual private network exchanges data over the internet (2) in synchronous and asynchronous modes between subscribers (3) by sending a key from a central key status unit to the remote equipment (9).

Description

The invention relates to a communication system for an exchange of information between at least two participants via a central communication switch are interconnectable.

Communication systems of this type are used, for example, in corporate VPN Systems (Virtual Private Networks) realized, in which external participants in one company-internal data network are integrated to give you access to a to offer data storage located therein. This ensures that the read data cannot come into the possession of unauthorized parties, d. H. a "secure" transfer of data to the external subscriber takes place. This is accomplished by the data exchanged with the external participants in encrypted form are transmitted over the Internet, the encryption and Decryption of the data by means of fixed on the computer of the external participant installed hardware with associated software happens. These are elaborate Installations and configurations necessary.  

Other communication systems enable data conferencing over the Internet, at where data of all types are exchanged between participants without encryption can, in particular, presentations and applications can be shared by the participants of a conference. There is a so-called Electronic whiteboard is available on the conference participants can create and save drawings and drafts together.

Due to the constantly growing need for "safe" exchange of Information between different parties in a wide range of Situations and locations can affect the existing communication systems attached to them no longer satisfactorily meet the increased demands.

In view of these problems in the prior art, the object of the invention based, a communication system of the type mentioned with increased capability to create skills.

According to the invention, this object is achieved by means of a communication system solved type mentioned at the beginning, for which the exchange of information message-based communication mode in which the exchange of information through Transmission of information to at least one receiving participant in the Batch mode occurs, and a real-time communication mode in which the information exchange takes place through simultaneous communication between participants, is provided, a list of subscribers is stored in the central communications exchange is, each of which is assigned to at least one subscriber Internet access device, each Participants in the list each have an electronic key assigned to them by the central Communication exchange via the Internet to the subscriber Internet access device of the subscriber concerned is transmitted and stored there in the central communication exchange on the keys of the participants coordinated electronic key is stored by which each participant with the central communication switching center forms a pair of transmissions each electronic keys of the members of a transmission pair each for Decryption of these members using their electronic key encrypted information serve each subscriber Internet access device and the central Communication switching center each an encryption state conversion  has device, through the information key-dependent mutually between encrypted and unencrypted state is convertible, and at a Transmission of information between the two members of a transmission pair via the Internet sending the encryption state conversion device Member by means of the electronic key assigned to him the information into one encrypted state converts and the encryption state conversion device of the receiving member by means of the electronic member assigned to it Encrypt the information back to its original, unencrypted state transforms.

The communication system differentiates between message-based communication cation and real-time communication. One can also contrast from asynchronous (offline) speak to synchronous communication (online). When communicating based on Messages are not exchanged by sender and recipient at the same time, but rather sequentially. The time lag between sending and receiving messages is defined by the medium and the availability of the participants and is therefore not determinable. The exchange of information takes place in batch mode, i. H. with everyone When a message is transmitted, a completed set of information becomes packet-like transfer. With synchronous communication, different users communicate in Real time. The medium of communication here is mostly language. she will increasingly supported by the use of data and video. The most typical form of Real-time communication is phone calls, or in the case of multiple participants Conference calls. Data and video become alternative or also supportive communication technologies offered. These allow viewing of Presentations, the processing of so-called electronic blackboards (electronic whiteboards) and collaborative editing of applications.

This invention is based on the recognition that the utility and flexibility of one Communication system for an exchange of information between at least two Participants can be significantly increased if this is the exchange of information both in a message-based and a real-time based Communication mode supports when exchanging information via the Internet it is ensured that the information content of the transmitted between the participants Information not in the possession of non-intended recipients  Parties and to involve new participants in the communication system required preparation time is kept as short as possible.

It has proven to be preferred according to the invention if the central one Communication switching center is assigned only a single electronic key. In a particularly advantageous embodiment, each of the differs Subscriber Internet access devices and the central communication exchange assigned electronic key from the other electronic keys.

According to the central communications switching center can Data storage for storing information received from participants exhibit. The presence of a data store enables the availability of information to a larger group of people, to whom and when Extent of access to this information is optional. So on the Data storage z. B. Summaries of meetings or results of certain work projects are documented.

In a preferred embodiment, each participant has individual information is assigned, which it transmits to the central communication switching center and the central communication switching center subscriber authentication device which the participants in the list of participants based on their respective recognizes individual information, and has a data storage readout device which only the participant identified as being in the participant list Allows participants to read out the information stored on the data memory. This increases data security by ensuring that the data storage stored information can only be read by predefined participants.

In a particularly advantageous embodiment, before a transmission of Information from a subscriber internet access device to the central communication Exchange the information from the subscriber Internet access device with a individual electronic signature, through which the Subscriber Internet access device as the sender of the information for the central Communication exchange is identifiable, has the central communication switch an access device authentication device which a Subscriber Internet access device based on this in the transmitted by them  Recognizes information contained individual electronic signature, and a Data storage readout device, which exclusively as the participant Internet access devices identified Internet access devices reading the on the Data storage stored information allows. This property increases the Data security continues by ensuring that data stored on the data store Information can only be read out via predefined Internet access devices.

Furthermore, it has proven to be preferred according to the invention if a Transfer of information between the central communication exchange and a participant in the participant list via an Internet access device that not by the access device authentication device as a to the subscriber assigned subscriber Internet access device is recognized, the information in a Standard encryption generally used for information transmission on the Internet is transmitted over the Internet. This standard encryption can be done using a server-side encryption done with standard certificates. This is done using Use of the SSL protocol (secure socket layer) and only guarantees one encrypted transmission over the Internet, but no access device authentication. This also enables the participant in the participant list to receive information share with other participants over the Internet if he only has access to one Internet access device, which the communication system does not consider it to be assigned subscriber Internet access device is known. The participant can z. B. use an internet computer provided in an internet cafe.

It is also advantageous according to the invention in the central communication exchange a list of participants identified as guests can be stored, the in this list and on the list of participants, each one Subscriber Internet access device is assigned, guided subscriber communication are participants, to which each individual information is assigned, which they each transmitted to the central communication switching center, the central one Communication switching center a subscriber authentication device, which recognizes the communication participants based on their individual information and has an information blocking device which enables the exchange of information between Communication participants and other participants prevented. In addition to the participants listed on the participant list, one participant each Internet access device is assigned to another circle of on the guest list  registered participants who do not have their own subscriber internet access device but is assigned information exchange with other participants of the Communication system should be allowed to be defined.

It has proven to be preferred according to the invention if for information transfer between the participants and the central communication exchange in each case at least one of the Internet and public telephone networks Information transmission networks is provided. By including all of these networks Information transfer increases the flexibility for the participant regarding his Choice of the interface and thus the access device to the communication system and This makes it easier to connect to any communication center Locations and in any situation. According to the invention, when using the public Telephone networks for information transfer between subscribers and central Communication switching center of the participants the information on at least one the fixed network telephone, mobile telephone and fax machine comprising telephone network access devices communicate. This option for both landline phone, mobile phone and fax machine Using information transfer makes it easier for the participant at any place and in to come into contact with the communication system in any situation.

In a particularly advantageous embodiment, communicates when using the Internet for information transfer between participants and central communication exchange of the participants the information on at least one of the computers and Personal Digital Assistant (PDA) comprehensive Internet access devices. This possibility, use both computer and personal digital assistant for information transfer Being able to connect to the communication system is easier for the participant anywhere, in any situation.

Furthermore, it has proven to be preferred according to the invention if the Storage device a list stored thereon with the type and scope of each Information which the respective participants receive and which they send to others Participant may transmit defining information authorization information and the central communication switching center has a restriction device, which selectively enables participants to exchange information in accordance with the Information authorization information is restricted by providing appropriate information filtered out before being forwarded to the participants. This opens up the possibility of  Ability of a participant to act in a conference or the one communicated to him Restrict or completely prevent information. So z. B. a Participants can be removed from a conference, he can only listen restricted or he is neither allowed to "hear nor speak", he can but participate in the data conference taking place at the same time. Through the above Restricting options allow participants of different information Integrate needs and information permits into a conference, e.g. B. can be a Representatives of a supplier attend a customer's conference without being in Learn confidential customer information shown at this conference.

In a particularly advantageous embodiment, the storage device has one on it filed list of participants with conference management authorization on and central communication switching center an authorization device for recognition of participants with conference management authorization by means of identification and then locating the relevant participant on the list of Participants with conference management authorization, as well as an authorization Modification device, by means of which participants with conference management authorization by transmitting control signals the information authorization change the information of the participants. This gives the conference moderator Possibility to react flexibly to changing topics. So this z. B. also one Include new participants in an ongoing conference.

The invention will now be described with reference to the drawings all details essential to the invention are expressly referred to. In the Drawing shows:

Fig. 1 shows the architecture of the communication system according to the invention,

Fig. 2 shows the encryption according to the invention of exchanged over the Internet information by means of the known in the art Diffie-Hellman method,

Fig. 3, the inventive method for providing of transmitted over the Internet information with an electronic signature by means of the known in the art Rivest-Shamir-Adlemen method,

Fig. 4 the linkage of message-based communication with real-time communication, and

Fig. 5 the use of the invention of the communication system to support business processes in the distribution of products.

First, the technical architecture of the communication system is described with reference to FIG. 1. Access to the central communication switching center 1 is via a public telephone network 10 or the Internet 2 . The central communication switching center 1 is therefore connected to the Internet 2 by means of a dedicated line. It is taken into account that the connection provides enough bandwidth to ensure maximum simultaneous operation of users.

As participants in the communication system, both telephone network participants 11 , which can exchange information by means of public telephone networks 10 with the central communication switching center 1 , and Internet participants are provided. The communication system now enables the exchange of information between individual participants in both transmission networks via the central communication switching center 1 . The Internet participants are each connected to the Internet 2 by means of an Internet access device. Any standard computer on which a so-called browser is installed can be used as an Internet access device.

The central communication switching center 1 contains a storage device 5 which contains a subscriber list with VPN subscribers 3 recorded thereon, which are intended to exchange information with the central communication switching center 1 via a so-called VPN (Virtual Private Network) on the Internet. This list of participants is created by an Internet participant with conference management authorization and can be modified by him at any time. According to the definition of the subscriber list, a VPN manager 4 contained in the central communication switching center 1 assigns an electronic key to each VPN party, namely the VPN participants 3 and the central communication switching center 1 . Each of these electronic keys consists of a pair of mathematically related electronic key elements, namely on the one hand a private key that the respective VPN party keeps secret and on the other hand a public key that is given to the outside, ie others Parties can be made accessible. The mathematical relationship between private and public keys of each VPN party results from the applications described below for encrypting information and for creating electronic signatures. The VPN manager 4 also assigns each VPN subscriber 3 a user name and an associated password.

In the next step, the central communication switching center 1 sends the electronic key (private and public key) and user name with the password of the respective VPN subscriber 3 by email to the subscriber Internet access device 9 assigned to the respective VPN subscriber. The electronic key is then stored on the key storage device 6 of the subscriber Internet access device 9 . The central communication switch 1 associated electronic key is stored on the key storage device 6 of the central communication switch. 1 The user name and password that are still contained in the email are noted in a secret place by VPN subscriber 3 . In order to exchange information with the central communication switching center 1 , the VPN subscriber 3 dials into the Internet address (webpage) of the central communication switching center 1 by means of his subscriber internet access device 9 and identifies himself by means of the user name assigned to him and the corresponding password. Information can now be transmitted alternately between the subscriber internet access device 9 of the VPN subscriber and the central communication switching center 1 via the Internet 2 . To this end, the information is encrypted by the encryption state conversion device 7 of the sending VPN party, for example by means of the Diffie-Hellman encryption method known from the prior art, which is explained below. This prevents an unauthorized party, such as an Internet hacker, from gaining possession of the information. After the information has been transmitted, the receiving VPN party decrypts the information accordingly using its encryption state conversion device 7 .

In the Diffie-Hellman encryption method, as shown schematically in FIG. 2, when information is transmitted between party A and party B, the combination of party A's private key 12 and party B's public key 13 produces the same result as the combination of Party B private key 15 and Party A public key 14. These key combinations are referred to as the shared secret key 16 of the two parties. Since the two parties are the only ones who can generate this secret key 16 by exchanging their public keys with one another, a bilateral relationship of trust can be created, characterized in that no other party knows or can generate the secret key 16 . An information unit 17 to be transmitted from one of the parties A or B to the other party is therefore converted into the encrypted information unit 18 by means of the secret key 16 before transmission. The receiving party then converts it back into the original information unit 17 by means of the secret key 16 , which is also available to it.

The transmission of information between the central communication switching center 1 and a VPN subscriber 3 in encryption mode according to Diffie-Hellman is therefore as follows. In the first step, the central communication switching center 1 sends its public key via the Internet 2 to the VPN client 3, which in turn his own communication to the central exchange 1 transmits. In the next step, the VPN subscriber 3 and the central communication switching center 1 each calculate the shared secret key from their own private key and the public key of the transmission partner. Now they can use the shared secret key to encrypt all information exchanged between them before transmission over the Internet and to decrypt it after transmission.

To ensure that a received from a VPN client 3 also information comes from the subscriber Internet access device 9, the central communication switching center 1 checks the information with a sent with so-called electronic signature 21 of the subscriber Internet access device. 9 The central communication switching center 1 preferably only sends information to a VPN subscriber 3 when it has already received a message provided with an electronic signature 21 from the corresponding VPN subscriber 3 . The central communications switching center 1 thus ensures that the VPN subscriber 3 also uses the subscriber Internet access device 9 associated with it for the exchange of information. Information with electronic signature 21 is sent, for example, using the Rivest-Shamir-Adlemen method known from the prior art and described below.

The Rivest-Shamir-Adlemen method is shown schematically in Fig. 3 and works as follows. To transmit an information unit 17 from a sender to a recipient, a processing function 18 of the sender reduces the information unit 17 to a compressed information unit 19 of reduced size in the first step. In the second step, the sender's Internet access device encrypts it using the private key 20 assigned to it, which results in an unmistakable electronic signature 21 of the sending Internet access device. In the next step, this electronic signature 21 is attached to the information unit 17 to be transmitted and sent to the recipient. The latter then verifies the sending Internet access device of the received information by reducing the information unit 17 using the same processing function 18 , which is also used by the sender, and thereby generating the compressed information 19 , then decrypting the electronic signature 21 by means of the sender's public key 22 and decrypting the electronic signature 21 therefrom the resulting new compressed information 23 is compared with the previously generated compressed information 19 . If the two compressed information match, it is ensured that the sending Internet access device has owned the private key 20 , which forms a pair with the public key 22 used to decrypt the electronic signature 21 , thus verifying the identity of the sending Internet access device. Thus, the central communication switching center 1 checks whether the information received from a VPN subscriber 3 has been sent by means of its subscriber internet access device 9 by identifying the electronic signature 21 created using the VPN subscriber's private key using its public key using the above method.

All information that is transmitted by participants in the communication system to the central communication switching center 1 can be stored in a data memory 8 located therein. This includes z. B. Summaries of meetings, reports on work progress or recordings of telephone calls. Access to this information stored in the data memory 8 is only available to VPN subscribers 3 who access the data via their subscriber internet access devices 9 . A VPN subscriber 3 , the z. B. establishes a connection with the central communication switching center 1 via a computer in an Internet cafe, may be able to exchange information with other participants under certain circumstances, but has no access to information stored in the data memory 8 .

The communication system connects, as shown in Fig. 4, communication elements of the message-based communication mode 24 , such as. B. documents, messages or sequences with communication elements of the real-time communication mode 25 .

However, this is done in an integrated process flow and not by a one-off process. So the integration takes place in both directions. Communication elements of the message-based communication mode 24 can represent both the input, the trigger and the result of real-time communication. The same applies vice versa.

All communication elements of the communication system can be defined by Events are addressed. These events can be done by individuals are explicitly triggered as members of a working group of the communication system or can also be predefined events. This can be temporal defined events, reaching certain project times and states of Production processes. So that the two communication modes can be due predefined processes and decision points. This concept is clarified below.

The following example shows the ability of the communication system to do business Supporting communication processes is made clear. This is done using a typical business process for the sale of capital goods. Here are specific teams are formed who look after a customer in the pre-sale phase. there experts from different areas are brought together to provide customers with a guaranteeing the most comprehensive and competent support possible. The working groups typically consist of sales staff, sales engineers, lawyers, Financing experts and representatives from areas such as product management, the Process and organizational advice, as well as product-specific divisions.

As shown in Fig. 5, the communication process is triggered by a customer request, which is received in the form of a message in the system. The system automatically notifies the defined team to process the request and invites you to a conference. The conference serves the internal coordination and distribution of tasks of the sales group. The customer inquiry is presented in the form of a document within the conference. Tasks and timeframes will be set during the conference. It is agreed to repeat the conference every three days, after which this is noted in the system. All participants receive copies of the results of the conference and work on their relevant part. The actual offer document is stored centrally and can be continuously edited by all team members. At the time of the conference, the most up-to-date work status of the offer documents is always loaded and internal coordination takes place using the latest versions. After the offer has been completed, the customer appointment is arranged in the internal coordination conference. For this purpose, a customer employee is involved in the conference call during the conference, this confirms the fixed date, and a telephone and data conference is booked in the central communication switching center 1 . In the customer appointment, all documents can be presented and discussed by the respective experts, competent contacts are available for each area and the last changes are made directly online to the document.

Claims (13)

1. Communication system for an information exchange between at least two participants, which can be coupled to one another via a central communication switching center ( 1 ), characterized in that
that a message-based communication mode ( 24 ), in which the information exchange takes place by transmitting information to at least one receiving subscriber in batch mode, and a real-time communication mode ( 25 ), in which the information exchange takes place through simultaneous communication between subscribers, are provided for the information exchange,
that a list of subscribers is stored in the central communication exchange, each of whom is assigned a subscriber internet access device ( 9 ), that each subscriber of the list is assigned an electronic key that is sent from the central communication exchange via the Internet ( 2 ) to the subscriber internet access device of the person concerned Participant is transmitted and stored there that an electronic key that is matched to the keys of the participants is stored in the central communication exchange, by means of which each participant forms a transmission pair with the central communication exchange that the electronic keys of the members of a transmission pair each for decrypting serve these members encrypted information using their electronic key,
that each subscriber Internet access device and the central communication switching center each have an encryption state conversion device ( 7 ), by means of which information can be mutually converted between the encrypted and unencrypted state depending on the key, and
that in an information transmission between the two members of a transmission pair via the Internet, the encryption state conversion device of the sending member converts the information into an encrypted state by means of the electronic key assigned to it and the encryption state conversion device of the receiving member uses the electronic key assigned to this to convert the information into the original unencrypted Condition converted back. 2. Communication system for an exchange of information between at least two Participants according to claim 1, wherein the central communication exchange only one electronic Key is assigned. 3. Communication system for an exchange of information between at least two Participants according to claim 1 or 2, wherein each of the subscriber internet access devices and the central Electronic switching center assigned electronic keys differ from the other electronic keys. 4. Communication system for an information exchange between at least two participants according to one of the preceding claims, wherein the central communication exchange has a data memory ( 8 ) for storing information received from participants. 5. Communication system for an exchange of information between at least two Participants according to claim 4, wherein each participant is assigned individual information, which he sends to the central communication exchange and transmits the central communication exchange a subscriber authentication device, which the in the List of participants led participants based on their individual information recognizes, and has a data storage read-out device, which exclusively as the Participants in the list of participants identified the readout of the participants Allows information stored on the data storage. 6. Communication system for an exchange of information between at least two participants according to claim 4 or 5, wherein
Before transmitting information from a subscriber internet access device to the central communication switching center, the information from the subscriber internet access device is provided with an individual electronic signature by means of which the subscriber internet access device can be identified as the sender of the information for the central communication switching center,
the central communication switching center has an access device authentication device which a subscriber Internet access device recognizes on the basis of the individual electronic signature contained in the information transmitted by it, and has a data storage readout device which enables only the Internet access devices identified as subscriber Internet access devices to read out the information stored on the data storage device. 7. Communication system for an exchange of information between at least two Participants according to claim 6, wherein with an information transfer between the central communication exchange and a participant in the participant list via a Internet access device that is not from the access device authentication device is recognized as a subscriber internet access device assigned to the subscriber, the information in a generally used in information transmissions on the Internet Standard encryption is transmitted over the Internet. 8. Communication system for an exchange of information between at least two participants according to one of the preceding claims, wherein
A list of subscribers identified as guests can be stored in the central communication switching center, and the subscribers listed in this list and on the list of subscribers, each of whom is assigned a subscriber Internet access device, are communications subscribers, each of whom is assigned individual information that they each send to the central communication switching center,
the central communication switching center a subscriber authentication device, which recognizes the communication participants on the basis of their respective individual information and has an information blocking device which prevents the information exchange between communication participants and other participants. 9. Communication system for an information exchange between at least two subscribers according to one of the preceding claims, wherein at least one of the Internet and public telephone networks ( 10 ) comprising information transmission networks is provided for information transmission between the subscribers and the central communication switching center. 10. Communication system for an exchange of information between at least two Participants according to claim 9, wherein when using public telephone networks for information transfer between Participants and central communication switching center of the participants Information on at least one of the landline phones, mobile phones and fax machines comprehensive telephone network access devices communicates. 11. Communication system for an exchange of information between at least two Participants according to one of the preceding claims, wherein when using the Internet to transfer information between participants and central communication switching center of the participants the information on comprising at least one of the computers and Personal Digital Assistant (PDA) Internet access devices communicated. 12. Communication system for an exchange of information between at least two Participants according to one of the preceding claims, wherein the storage device has a list stored thereon with the type and scope of the respective Information which the respective participants receive and which they send to others Participant may transmit defining information authorization information and the central communication switching center a restriction device which selectively enables participants to exchange information according to the information authorization information by filters the relevant information before forwarding it to the participants. 13. Communication system for an exchange of information between at least two Participants according to claim 12, wherein the storage device has a list of subscribers stored thereon Has conference management authorization and central communication Exchange with an authorization device for recognizing participants Conference management authorization by means of identification and subsequent Find the relevant participant on the list of participants with Conference management authorization, as well as an authorization change has device by means of which participants with Conference management authorization by transmitting control signals Can change information authorization information of the participants.