| 摘要 |
595256 Disclosed is a secured computer system for accessing confidential data by means of at least one remote unit (4) used by a user. The secured computer system is specifically designed for the secured access to data and only for the secured access to data. The data is stored in a secured centralised computer means (3) which includes means for processing the data intended for producing results. An encrypted tunnel computer connection (2) over a public network is established between the remote unit (4) and the centralised computer means (3). The remote unit (4) is a microcomputer operating under the dependency of a local operating system starting by a boot phase. The system is configured in such a manner that, when data are accessed, the remote unit (4) receives only display information related to the process carried out on the data and results produced by the centralised computer means (3). The data stored in the centralised computer means (3) is not transmitted to the remote unit (4). The microcomputer of the remote unit (4) is an electronic card having inputs and/or outputs and further comprising an encryption electronic circuit. The remote unit (4) consists of a sealed unit (6) containing the electronic card. The electronic card includes one identification means input and/or output connected to at least one user identification means, and one computer network input and/or output intended for the encrypted tunnel connection (2). Given that the user has been authentified using the identification means of the remote unit (4), the remote unit (4) includes means allowing only the opening of a local session on the remote unit (4) and the establishment of the encrypted tunnel connection (2) between the user’s remote unit and the secured centralised computer means (3). Otherwise, the remote unit (4) includes means allowing only a local configuration of local parameters by a local configuration means. the local configuration means including a display (5) and a set of keys arranged on the unit (4) and allowing the configuration of the network address of the unit (4). The operating system, as well as the information required for the operation of the remote unit (4), is stored in encrypted form in the remote unit (4). The remote unit (4) and the secured centralised computer means (3) constitute the secured computer system forming a functionally integral assembly. The remote unit (4) is only able to connect to the centralised computer means (3) and, conversely, the centralised computer means (3) accepts connection only from the authentified remote unit. |
