摘要 |
<p>A method for enhancing security in a tag-based interaction between a mobile device and a tagged object which corresponds to a service offered by an application service provider, wherein said tagged object comprises one or more tags which contain tag information to be read by said mobile device, wherein said read tag information is at least partly to be used as an input to an application service running on said mobile device and offered by said application service provider, said method comprising: Reading by said mobile device identification information from said tagged object which identifies said tagged object,
forwarding said identification information to a security server, said security server comprising a database where application service providers have registered their application services together with their corresponding tagged objects and the identification information identifying said tagged objects, wherein
said database of said security server has stored for each tagged object and its corresponding application service a set of rules which specify what actions and/or
which content of the one or more tags are allowed for this tagged object when executing its corresponding application service, said method further comprising:
based on said identification information, identifying the tagged object and its corresponding set of rules;
reading tag information contained in said one or more tags;
before using said read tag information as an input to said application service,
performing a validity check by checking whether said read data matches with said set of rules corresponding to said tagged object to determine whether said tag information corresponds to a valid interaction when executing said application service;
using said tag information as an input to said application service only if said validity check confirms that said tag information is valid.</p> |