WO2008084435A1 - Security arrangement - Google Patents

Security arrangement Download PDF

Info

Publication number
WO2008084435A1
WO2008084435A1 PCT/IB2008/050040 IB2008050040W WO2008084435A1 WO 2008084435 A1 WO2008084435 A1 WO 2008084435A1 IB 2008050040 W IB2008050040 W IB 2008050040W WO 2008084435 A1 WO2008084435 A1 WO 2008084435A1
Authority
WO
WIPO (PCT)
Prior art keywords
hash value
user data
computer system
primary
security arrangement
Prior art date
Application number
PCT/IB2008/050040
Other languages
French (fr)
Inventor
Martin Dippenaar
Original Assignee
Martin Dippenaar
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Martin Dippenaar filed Critical Martin Dippenaar
Publication of WO2008084435A1 publication Critical patent/WO2008084435A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data

Definitions

  • the present invention relates to a security arrangement.
  • the present invention relates to a security arrangement using two-factor authentication.
  • Passwords are widely used in industry to control authorised access to electronic media, such as access to computer programs or Internet websites, e.g. Internet banking websites.
  • electronic media such as access to computer programs or Internet websites, e.g. Internet banking websites.
  • the user must enter his login identification and his secret password. These are then checked against entries in a secure database by the program/website and access is only allowed if the login identification and password correctly correlate with the database entries.
  • Such use of a login identification and password to control authorised access is known as one-factor authentication.
  • One-factor authentication provides relatively weak protection as it relies on the user keeping his login identification and password secret. Should the user divulge his login identification and password to a third party they will be able to access the relevant program/website as if they were the user.
  • An alternative, improved authentication is two-factor authentication. This uses a combination of two independent factors selected from the following three options: biometrics or something you are (e.g. a fingerprint); knowledge or something you know (e.g. passwords); and possession or something you have (e.g. smart card).
  • Key-logging software is available that can be installed on computers as so-called spy-ware to log any keystrokes that are entered into a computer via a keyboard.
  • Such software which is often secretly installed by criminals on computers in public places such as in Internet cafes, allows a third party to secretly record a user's login identification and password, which is then later used to the detriment of the user. This is thus a relatively easy method of breaking one-factor authentication.
  • a security arrangement includes:
  • encryption means being adapted to encrypt the first user data to generate a primary hash value
  • a data storing means adapted to store second user data
  • authentication means being adapted to compare the primary hash value with the second user data
  • access control means being adapted to allow access to the computer system if the primary hash value correlates to the second user data and further being adapted to deny access to the computer system if the primary hash value does not correlate to the second user data.
  • a security arrangement includes:
  • encryption means being adapted to encrypt the first user data to generate a primary hash value and a secondary hash value
  • a data storing means adapted to store second user data
  • authentication means being adapted to compare the primary hash value with the second user data
  • access control means being adapted to allow access to the computer system if the primary hash value correlates to the second user data and further being adapted to deny access to the computer system if the primary hash value does not correlate to the second user data;
  • identification means being adapted to generate an identification hash value for comparison with the secondary hash value.
  • the secondary hash value and the identification hash value may be based on the primary hash value.
  • the security arrangement may include communication means for communicating the identification hash value to a user of the electronic device by display on a website or by text message to a mobile telephone.
  • the electronic device may be a mobile telephone or a PDA device.
  • the electronic device may be disconnected from the Internet or any other computer network.
  • the first and second user data may be a user login name and a user password.
  • the primary hash value, the secondary hash value and the identification hash value may include a date/time value.
  • the date/time value may be calculated as a difference from a fixed absolute date/time.
  • the date/time value may be calculated using the universal time code.
  • the primary hash value may be valid only for a predetermined time interval from the date/time value.
  • the primary hash value may include a key number associated with the electronic device.
  • the primary hash value may be valid only for a single use.
  • the primary hash value may be stored by the computer system in the data storing means.
  • the data storing means may be a database or any other persistence store mechanism.
  • the second user data may include a token.
  • the token may be a hash key or other retrievable data pertaining to the user data.
  • a method of authenticating access to a computer system includes the steps:
  • Figure 1 a flow diagram of an encryption program for use in a security arrangement according to the invention.
  • Figure 2 a flow diagram of an authentication program for use in a security arrangement according to the invention.
  • a security arrangement in accordance with the invention includes a form of two-factor authentication using a mobile electronic device and a secret password.
  • the electronic device can be a mobile telephone or a PDA (personal digital assistant) and is preferably not connected to any computer network or the Internet.
  • the electronic device is used to generate a hash value, which is a meaningless number generated from a coded data item or its key.
  • a computer program is installed on the electronic device and the operation of the program is illustrated by the flow diagram, generally indicated by reference numeral 10, shown in Figure 1.
  • first user data consisting of a user identity and a password is entered into the computer program via a keypad on the electronic device.
  • a second step 14 the computer program generates hash numbers for each letter or number in the user identity and password as well as a further hash number associated to the current date/time programmed into the electronic device.
  • the date/time hash number can be based on the universal time code so that the hash number is not affected by any international time zones.
  • a summation of these individual hash numbers is then made to obtain a primary hash value.
  • the computer program subsequently in a similar manner generates a secondary hash value using the primary hash value in combination with the originally entered password and the universal time code. Both the primary and the secondary hash values are displayed on a screen of the electronic device in step 16.
  • FIG. 1 a flow diagram for the user authentication on a computer system is shown, generally indicated by reference numeral 18.
  • the computer system is associated with a data storing means, such as a database 20 or other persistence store mechanism, in which the user has previously stored his user identification, password and a token.
  • the primary hash value displayed in step 16 is entered into the computer system (step 22), e.g. onto the webpage to which access is desired.
  • the computer system then processes 24 the user identification, password and token stored in the database 20 to determine any and all possible primary hash values that may be valid and subsequently determines by comparison (step 26) whether the primary hash value is authentic and valid. Due to the time element contained within the primary hash value, any validity determination can be restricted to a desired time frame window after the primary hash value was generated.
  • step 28 If it is determined that the primary hash value is not one of the possible valid permutations and is thus invalid, access to the computer system is denied (step 28).
  • step 30 a further check is conducted (step 30) to ensure that the relevant primary hash value has not been previously used or stored in the database 20. If the primary hash value has been previously used, then again access to the computer system is denied (step 28).
  • Access to the computer system is allowed (step 32) should it be determined that the primary hash value is valid and is being used for the first time.
  • the primary hash value is then stored in the database 20 for use in future validity determinations.
  • the computer system Once the computer system has identified and validated the primary hash value, it then in step 34 generates an identification hash value from the primary hash value in combination with the user identification, password and token stored in the database 20.
  • the identification hash value is communicated to the user, either by displaying it on the webpage being viewed or by sending an SMS message to the users mobile phone. The user is then able to compare the identification hash value with the secondary hash value displayed on the screen in step 16 to ensure that he has gained access to the desired computer system and has not been diverted to another computer system.
  • the primary hash value can optionally include a key number associated with the electronic device itself, such as a serial number or registration thereof, which number is also previously stored in the database 20.
  • the authentication of the user on the computer system uses a two-factor approach as it requires both a knowledge factor (the password) and a possession factor (the electronic device).
  • the same security arrangement can be used for any type of secure Internet transaction such as credit card purchases and merchant payment transactions, or even for other applications such as access to buildings, venues and virtual private networks.

Abstract

The invention discloses a security arrangement utilising an electronic device to authenticate and obtain access to a computer system The electronic device has data entry means for accepting first user data, which is then encrypted to generate primary and secondary hash values, 5 which are displayed on a screen. The primary hash value is input to the computer system, which then compares the primary hash value with second user data previously stored in a data storage means. Access to the computer system is allowed if the primary hash value correlates to the second user data but is denied if the primary hash value does not 10 correlate to the second user data. The computer system finally generates an identification hash value for comparison with the secondary hash value to identify the computer system to the electronic device.

Description

SECURITY ARRANGEMENT
FIELD OF INVENTION
The present invention relates to a security arrangement.
More particularly, the present invention relates to a security arrangement using two-factor authentication.
BACKGROUND TO INVENTION
Passwords are widely used in industry to control authorised access to electronic media, such as access to computer programs or Internet websites, e.g. Internet banking websites. Often, when a user wishes to gain authorised access to a program/website, the user must enter his login identification and his secret password. These are then checked against entries in a secure database by the program/website and access is only allowed if the login identification and password correctly correlate with the database entries. Such use of a login identification and password to control authorised access is known as one-factor authentication.
One-factor authentication provides relatively weak protection as it relies on the user keeping his login identification and password secret. Should the user divulge his login identification and password to a third party they will be able to access the relevant program/website as if they were the user.
An alternative, improved authentication is two-factor authentication. This uses a combination of two independent factors selected from the following three options: biometrics or something you are (e.g. a fingerprint); knowledge or something you know (e.g. passwords); and possession or something you have (e.g. smart card). Key-logging software is available that can be installed on computers as so-called spy-ware to log any keystrokes that are entered into a computer via a keyboard. Such software, which is often secretly installed by criminals on computers in public places such as in Internet Cafes, allows a third party to secretly record a user's login identification and password, which is then later used to the detriment of the user. This is thus a relatively easy method of breaking one-factor authentication.
It is an object of the invention to suggest a security arrangement, which will assist in overcoming these problems.
SUMMARY OF INVENTION
According to the invention, a security arrangement includes:
a) an electronic device including
i) data entry means for accepting first user data;
ii) encryption means being adapted to encrypt the first user data to generate a primary hash value; and
iii) display means for displaying the primary hash value;
b) a computer system including
i) a data storing means adapted to store second user data;
ii) input means for receiving the primary hash value;
iii) authentication means being adapted to compare the primary hash value with the second user data; and
iv) access control means being adapted to allow access to the computer system if the primary hash value correlates to the second user data and further being adapted to deny access to the computer system if the primary hash value does not correlate to the second user data.
Also according to the invention, a security arrangement includes:
a) an electronic device including
i) data entry means for accepting first user data;
ii) encryption means being adapted to encrypt the first user data to generate a primary hash value and a secondary hash value; and
iii) display means for displaying the primary and secondary hash values;
b) a computer system including
i) a data storing means adapted to store second user data;
ii) input means for receiving the primary hash value;
iii) authentication means being adapted to compare the primary hash value with the second user data;
iv) access control means being adapted to allow access to the computer system if the primary hash value correlates to the second user data and further being adapted to deny access to the computer system if the primary hash value does not correlate to the second user data; and
v) identification means being adapted to generate an identification hash value for comparison with the secondary hash value.
The secondary hash value and the identification hash value may be based on the primary hash value. The security arrangement may include communication means for communicating the identification hash value to a user of the electronic device by display on a website or by text message to a mobile telephone.
The electronic device may be a mobile telephone or a PDA device.
The electronic device may be disconnected from the Internet or any other computer network.
The first and second user data may be a user login name and a user password.
The primary hash value, the secondary hash value and the identification hash value may include a date/time value.
The date/time value may be calculated as a difference from a fixed absolute date/time.
The date/time value may be calculated using the universal time code.
The primary hash value may be valid only for a predetermined time interval from the date/time value.
The primary hash value may include a key number associated with the electronic device.
The primary hash value may be valid only for a single use.
The primary hash value may be stored by the computer system in the data storing means.
The data storing means may be a database or any other persistence store mechanism.
The second user data may include a token. The token may be a hash key or other retrievable data pertaining to the user data.
Further according to the invention, a method of authenticating access to a computer system includes the steps:
a) of having a user enter first user data on an electronic device;
b) of allowing the electronic device to encrypt the first user data to generate a primary hash value and a secondary hash value;
c) of displaying the primary and secondary hash values on the electronic device;
d) of inputting the primary hash value into the computer system;
e) of comparing the primary hash value with second user data stored in the computer system;
f) of allowing access to the computer system if the primary hash value correlates to the second user data and of denying access to the computer system if the primary hash value does not correlate to the second user data; and
g) of having the computer system generate an identification hash value for communication to the user and for comparison with the secondary hash value to identify the computer system accessed.
BRIEF DESCRIPTION OF DRAWINGS
The invention will now be described by way of example with reference to the accompanying schematic drawings.
In the drawings there is shown in: Figure 1 : a flow diagram of an encryption program for use in a security arrangement according to the invention; and
Figure 2: a flow diagram of an authentication program for use in a security arrangement according to the invention.
DETAILED DESCRIPTION OF DRAWINGS
A security arrangement in accordance with the invention includes a form of two-factor authentication using a mobile electronic device and a secret password.
The electronic device can be a mobile telephone or a PDA (personal digital assistant) and is preferably not connected to any computer network or the Internet. The electronic device is used to generate a hash value, which is a meaningless number generated from a coded data item or its key.
A computer program is installed on the electronic device and the operation of the program is illustrated by the flow diagram, generally indicated by reference numeral 10, shown in Figure 1.
In a first step 12, first user data consisting of a user identity and a password is entered into the computer program via a keypad on the electronic device.
In a second step 14, the computer program generates hash numbers for each letter or number in the user identity and password as well as a further hash number associated to the current date/time programmed into the electronic device. The date/time hash number can be based on the universal time code so that the hash number is not affected by any international time zones. A summation of these individual hash numbers is then made to obtain a primary hash value. The computer program subsequently in a similar manner generates a secondary hash value using the primary hash value in combination with the originally entered password and the universal time code. Both the primary and the secondary hash values are displayed on a screen of the electronic device in step 16.
Referring now to Figure 2, a flow diagram for the user authentication on a computer system is shown, generally indicated by reference numeral 18. The computer system is associated with a data storing means, such as a database 20 or other persistence store mechanism, in which the user has previously stored his user identification, password and a token.
The primary hash value displayed in step 16 is entered into the computer system (step 22), e.g. onto the webpage to which access is desired. The computer system then processes 24 the user identification, password and token stored in the database 20 to determine any and all possible primary hash values that may be valid and subsequently determines by comparison (step 26) whether the primary hash value is authentic and valid. Due to the time element contained within the primary hash value, any validity determination can be restricted to a desired time frame window after the primary hash value was generated.
If it is determined that the primary hash value is not one of the possible valid permutations and is thus invalid, access to the computer system is denied (step 28).
If it is determined that the primary hash value is valid, a further check is conducted (step 30) to ensure that the relevant primary hash value has not been previously used or stored in the database 20. If the primary hash value has been previously used, then again access to the computer system is denied (step 28).
Access to the computer system is allowed (step 32) should it be determined that the primary hash value is valid and is being used for the first time. The primary hash value is then stored in the database 20 for use in future validity determinations. Once the computer system has identified and validated the primary hash value, it then in step 34 generates an identification hash value from the primary hash value in combination with the user identification, password and token stored in the database 20. The identification hash value is communicated to the user, either by displaying it on the webpage being viewed or by sending an SMS message to the users mobile phone. The user is then able to compare the identification hash value with the secondary hash value displayed on the screen in step 16 to ensure that he has gained access to the desired computer system and has not been diverted to another computer system.
The primary hash value can optionally include a key number associated with the electronic device itself, such as a serial number or registration thereof, which number is also previously stored in the database 20.
In this manner the authentication of the user on the computer system uses a two-factor approach as it requires both a knowledge factor (the password) and a possession factor (the electronic device).
Although the description given above is in relation to a website, the same security arrangement can be used for any type of secure Internet transaction such as credit card purchases and merchant payment transactions, or even for other applications such as access to buildings, venues and virtual private networks.

Claims

1. A security arrangement including:
a) an electronic device including
i) data entry means for accepting first user data;
ii) encryption means being adapted to encrypt the first user data to generate a primary hash value; and
iii) display means for displaying the primary hash value;
b) a computer system including
i) a data storing means adapted to store second user data;
ii) input means for receiving the primary hash value;
iii) authentication means being adapted to compare the primary hash value with the second user data; and
iv) access control means being adapted to allow access to the computer system if the primary hash value correlates to the second user data and further being adapted to deny access to the computer system if the primary hash value does not correlate to the second user data.
2. A security arrangement including:
a) an electronic device including
i) data entry means for accepting first user data;
ii) encryption means being adapted to encrypt the first user data to generate a primary hash value and a secondary hash value; and iii) display means for displaying the primary and secondary hash values;
b) a computer system including
i) a data storing means adapted to store second user data;
ii) input means for receiving the primary hash value;
iii) authentication means being adapted to compare the primary hash value with the second user data;
iv) access control means being adapted to allow access to the computer system if the primary hash value correlates to the second user data and further being adapted to deny access to the computer system if the primary hash value does not correlate to the second user data; and
v) identification means being adapted to generate an identification hash value for comparison with the secondary hash value.
3. A security arrangement as claimed in claim 2, in which the secondary hash value and the identification hash value are based on the primary hash value.
4. A security arrangement as claimed in claim 2 or 3, including communication means for communicating the identification hash value to a user of the electronic device by display on a website or by text message to a mobile telephone.
5. A security arrangement as claimed in any one of the preceding claims, in which the electronic device is a mobile telephone or a PDA device.
6. A security arrangement as claimed in any one of the preceding claims, in which the electronic device is disconnected from the Internet or any other computer network.
7. A security arrangement as claimed in any one of the preceding claims, in which the first and second user data is a user login name and a user password.
8. A security arrangement as claimed in any one of the preceding claims, in which the primary hash value, the secondary hash value and the identification hash value include a date/time value.
9. A security arrangement as claimed in claim 8, in which the date/time value is calculated as a difference from a fixed absolute date/time.
10. A security arrangement as claimed in claim 8 or 9, in which the date/time value is calculated using the universal time code.
11. A security arrangement as claimed in any one of claims 8 to 10, in which the primary hash value is valid only for a predetermined time interval from the date/time value.
12. A security arrangement as claimed in any one of the preceding claims, in which the primary hash value includes a key number associated with the electronic device.
13. A security arrangement as claimed in any one of the preceding claims, in which the primary hash value is valid only for a single use.
14. A security arrangement as claimed in any one of the preceding claims, in which the primary hash value is stored by the computer system in the data storing means.
15. A security arrangement as claimed in any one of the preceding claims, in which the data storing means is a database or any other persistence store mechanism.
16. A security arrangement as claimed in any one of the preceding claims, in which the second user data may include a token.
17. A security arrangement as claimed in claim 16, in which the token is a hash key or other retrievable data pertaining to the user data.
18. A method of authenticating access to a computer system includes the steps:
a) of having a user enter first user data on an electronic device;
b) of allowing the electronic device to encrypt the first user data to generate a primary hash value and a secondary hash value;
c) of displaying the primary and secondary hash values on the electronic device;
d) of inputting the primary hash value into the computer system;
e) of comparing the primary hash value with second user data stored in the computer system;
f) of allowing access to the computer system if the primary hash value correlates to the second user data and of denying access to the computer system if the primary hash value does not correlate to the second user data; and
g) of having the computer system generate an identification hash value for communication to the user and for comparison with the secondary hash value to identify the computer system accessed.
19. A security arrangement substantially as hereinbefore described with reference to and as illustrated in the accompanying schematic drawings.
20. A method substantially as hereinbefore described with reference to and as illustrated in the accompanying schematic drawings.
PCT/IB2008/050040 2007-01-08 2008-01-08 Security arrangement WO2008084435A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ZA200700191 2007-01-08
ZA2007/00191 2007-01-08

Publications (1)

Publication Number Publication Date
WO2008084435A1 true WO2008084435A1 (en) 2008-07-17

Family

ID=39608408

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2008/050040 WO2008084435A1 (en) 2007-01-08 2008-01-08 Security arrangement

Country Status (1)

Country Link
WO (1) WO2008084435A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009008854A1 (en) * 2009-02-13 2010-08-19 Giesecke & Devrient Gmbh Backup of transaction data
CN103413104A (en) * 2013-08-09 2013-11-27 北京旋极信息技术股份有限公司 Processing method and device for transaction sensitive information

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5661807A (en) * 1993-07-30 1997-08-26 International Business Machines Corporation Authentication system using one-time passwords
US20060083228A1 (en) * 2004-10-20 2006-04-20 Encentuate Pte. Ltd. One time passcode system
US20060136739A1 (en) * 2004-12-18 2006-06-22 Christian Brock Method and apparatus for generating one-time password on hand-held mobile device
US20060174113A1 (en) * 2003-04-01 2006-08-03 Zahari Azman B H System for secure communication
US20060294023A1 (en) * 2005-06-25 2006-12-28 Lu Hongqian K System and method for secure online transactions using portable secure network devices

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5661807A (en) * 1993-07-30 1997-08-26 International Business Machines Corporation Authentication system using one-time passwords
US20060174113A1 (en) * 2003-04-01 2006-08-03 Zahari Azman B H System for secure communication
US20060083228A1 (en) * 2004-10-20 2006-04-20 Encentuate Pte. Ltd. One time passcode system
US20060136739A1 (en) * 2004-12-18 2006-06-22 Christian Brock Method and apparatus for generating one-time password on hand-held mobile device
US20060294023A1 (en) * 2005-06-25 2006-12-28 Lu Hongqian K System and method for secure online transactions using portable secure network devices

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102009008854A1 (en) * 2009-02-13 2010-08-19 Giesecke & Devrient Gmbh Backup of transaction data
CN103413104A (en) * 2013-08-09 2013-11-27 北京旋极信息技术股份有限公司 Processing method and device for transaction sensitive information
CN103413104B (en) * 2013-08-09 2016-02-03 北京旋极信息技术股份有限公司 A kind of disposal route of transaction sensitive information and treating apparatus

Similar Documents

Publication Publication Date Title
US8997177B2 (en) Graphical encryption and display of codes and text
CA2649015C (en) Graphical image authentication and security system
US8041954B2 (en) Method and system for providing a secure login solution using one-time passwords
AU2011201164B2 (en) Methods and Systems for Authenticating Users
CA2417770C (en) Trusted authentication digital signature (tads) system
US8732477B2 (en) Graphical image authentication and security system
RU2742910C1 (en) Encoded information processing
US8079082B2 (en) Verification of software application authenticity
WO2019059964A1 (en) System and method for authorization token generation and transaction validation
US20030163738A1 (en) Universal password generator
EP3090377B1 (en) A method and apparatus for providing client-side score-based authentication
US10050958B2 (en) Validating biometrics without special purpose readers
CN108684041A (en) The system and method for login authentication
Abhishek et al. A comprehensive study on multifactor authentication schemes
TW201544983A (en) Data communication method and system, client terminal and server
CA2611549C (en) Method and system for providing a secure login solution using one-time passwords
US20160021102A1 (en) Method and device for authenticating persons
WO2008084435A1 (en) Security arrangement
US10264450B2 (en) Authentication method using ephemeral and anonymous credentials
US20020073345A1 (en) Secure indentification method and apparatus
Certic The Future of Mobile Security
Mohanty et al. Nfc featured triple tier atm protection
KR20050071391A (en) Multi - rncs
KR101632582B1 (en) Method and system for user authentication using password included random key
MORAKINYO A secure bank login system using a multi-factor authentication

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08700215

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 08700215

Country of ref document: EP

Kind code of ref document: A1