Abstract: Provided is a method to monitor the management of network slices by a communication device (ME) having a secure element (USIM), said communication device being compliant with at least a technology implementing network slicing using a route selection policy, said communication device further supporting a USIM application toolkit framework implementing event download envelops, said secure element having a memory to store rules for the route selection policies, said method comprising the steps of, for the communication device active in a network of the technology implementing network slicing. It receives a slice status and slice information from the network, and pushes the slice status and slice information to the secure element using an event download envelop as defined in the USIM application toolkit framework supported by the communication device.

Abstract: The disclosure concerns a method of replacing a current key in a security element co-operating with a terminal in a network operated by a network operator, the method includes trying to decrypt the encrypted message by using the current key; selecting in a table stored in the secure element another key and try to decrypt the encrypted message by using the other key; replacing atomically the current key by the rescue key and do not use the current key anymore, the rescue key replacing the current key and, otherwise, try to decrypt the encrypted message by using another rescue key of the window if such another rescue key exists, until all rescue keys have been selected and used for decrypting the encrypted message and, if none of the rescue keys permit to decrypt the encrypted message, select the blocking key; and blocking the corresponding functionality of the security element.

Abstract: A method for transmitting a subscription profile that includes transmitting from a POS of the MNO the unique identifier of the secure element to a SM-DP; creating or reserving the subscription profile at the SM-DP; provisioning in a D-HSS server having the first MCC/MNC the unique identifier and a temporary IMSI including a second MCC, a second MNC; provisioning in the HSS of the MNO the temporary IMSI and an ephemeral Ki; at the first attempt of the secure element to connect to the D-HSS server with its temporary profile, exchanging data in signaling messages between the secure element and the D-HSS for provisioning the secure element with the temporary IMSI; at the next attempt of the secure element to connect to the MNO network with the temporary IMSI, open an APN and send from the SM-DP to the secure element the subscription profile.

Abstract: A system comprising a secure element cooperating with a telecommunication terminal is provided. The secure element or the terminal comprises files in which MCC/MNC codes of MNOs are stored. The telecommunication terminal is configured to select the files in order to attach the terminal to the telecommunication network of a MNO. The secure element or the terminal also comprise a file, called National like network file, for storing national network codes (MCC/MNC) of networks of the country of the Home PLMN of the secure element. The terminal selects the National like network file in order to try to connect the terminal to one of the networks referenced in the National like network file. Other embodiments are disclosed.

Abstract: A method comprises: Sending, by a first Chip Interface Device (CID), to a second CID, using a CID type protocol, a request for establishing a secure channel over a wireless protocol. Sending, by the second CID, to a Personal Computer Smart Card (PCSC), a first request for establishing a connection to the chip. Establishing, by the PCSC, a connection to the chip. Establishing, by the PCSC, a connection to the second CID. Establishing, by the second CID, a secure session with the first CID by using a session key. And sending, by the second CID, to the first CID, while using the CID type protocol, a secure CID channel establishment success that allows sending or receiving APDU(s) via the established secure channel over the wireless protocol. The second CID renders apparent to the first CID the chip as being connected.

Abstract: Provided is a secure online authentication method of a user by a relying party using a mobile ID document uses a secret to consent to a retrieval of a dedicated data field, wherein an access token is generated, including a proof, which is used by the relying party to transmit an access request to the mobile document issuer, trading the token for an authentication document comprising the personal data related to the dedicated data field by the document issuer to the relying party, wherein the proof verification material is extracted from the authentication document and checked to access said personal data and accepting the online authentication of the user. Other embodiments disclosed.

Abstract: Provided is a method to operate a subscriber identification module connected to a communication equipment configured to operate in a cellular network and communicatively coupled with a remote server. The method includes receiving from the communication equipment an information element indicating a time range relating to a suspend time of the communication equipment, receiving from the remote server a target access time information element indicating an expected time for an access request from the subscriber identification module to the remote server, and determining a suspension time period considering the suspend time range. The method includes providing to the communication equipment the suspension time period, and in case after resuming from the suspension instructed by the communication equipment the accumulated duration of at least one successive time period derived from the suspension time period exceeds the target access time, sending a polling message.

Abstract: Provided is a low capability device (UE) active in a communication system comprising a plurality of satellites (Si, Sj) insuring a temporally continuous communication coverage for the low capability device (UE), said satellites being further grouped in families (S1x), satellites of a same family (S1x) sharing same and common access information, said device (UE) comprises a power saving module to send to the serving satellite (S11), during a first data session, a next access request for a next or continued data session with time indications including at least a desired next time interval to be granted for communication. Other embodiments disclosed.

Abstract: A device comprises a hash tree including a root node and a leaf node. An issuing authority having agreed to generate a signature of the root node after having successfully checked validity of an attribute stored in the leaf node. The device identifies a subset of nodes by using a template specifying the structure of the hash tree, said subset comprising, for all paths of the hash tree that do not comprise said leaf node, the node which is the closest to the reference root node and which does not belong to the path comprising said leaf node. A verifier computes a test hash and then computes a test root node by applying a preset rule. The verifier checks that the signature is valid using a data whose authenticity is certified by the issuing authority.

Abstract: Provided is a method for steering a terminal cooperating with a secure element in a telecommunication network to the user's home MNO or MVNO. The method includes steps of Detecting (10) a cell ID change in the telecommunication network; Verifying (11) that the terminal is present in another country than his MNO/MVNO; Verifying (12) if the secure element is connected to his MNO/MVNO; Verifying (13) if the cell ID is already memorized in the terminal or the secure element; Clearing the location information files of the secure element and make a Refresh (14) of the secure element; Verifying (15) again if the secure element is connected to the home MNO or MVNO; and G-Storing (16) the cell ID of the current telecommunication network in the terminal or in the secure element with the associated national MNO partner if it has not been previously stored.

Abstract: Provided is a method for attaching a terminal cooperating with a secure element to the network of a MNO of a visited country. The method includes steps of switching a set of files of said secure element to a new value, including a new SUPI, called entity support SUPI; Building at the level of said secure element an entity support SUCI; Routing an attachment request to said support entity with said entity support SUCI; Decrypting in said support entity said entity support SUCI back in said entity support SUPI; and Swapping said support entity SUPI to the SUPI corresponding to the MNO of the home country. If an authentication is performed that is positive, an attachment acknowledgement message is sent to connect said terminal to said network of said MNO of said visited country.

Abstract: Provided is an assembly that includes a first shield part and a second shield part. The first shield part is foldable on the second shield part. Each of the first shield part and the second shield part includes or is connected to at least one closure element, so that the at least one closure element associated with the first shield part is in contact with at least one corresponding closure element associated with the second shield part. The contact allows ensuring an electrical continuity between the first shield part and the second shield part and generating a Faraday cage. Other embodiments disclosed.

Abstract: Provided is a telecommunications system comprising a core network, an Integrated Access Backhaul donor arranged in connection with the core network; and a plurality of Integrated Access Backhaul nodes connected to one Integrated Access Backhaul donor, either directly or by means of other Integrated Access Backhaul nodes. At least some of the Integrated Access Backhaul nodes are configured to operate in different backhauling profiles, and at least some of these Integrated Access Backhaul nodes comprise a UICC which is configured to manage a set of backhauling profiles of the corresponding Integrated Access Backhaul node.

Abstract: A method for authenticating by a network server a communication apparatus, the communication apparatus contains a tamper resistant area adapted to memorize a first secret, by receiving from the communication apparatus a request message including a subscriber identifier; providing, by consulting a database accessible by the network server, a device identifier associated to the received subscriber identifier allowing to identify the communication apparatus; identifying in a secure distributed ledger a record published by a manufacturer of at least a portion of the communication apparatus, the record including a second secret attributed to the identified communication apparatus; generating a challenge message including a random number and sending it to the communication apparatus for it to generate a first result; receiving from the communication apparatus a response message including the first result, the communication apparatus being authenticated by the network server if the first result is equal to a second

Abstract: Provided is a method for securing a security device against side-channel analysis attacks while performing a sensitive operation. It includes training an attack neural network to perform a side-channel attack against the security device while performing a sensitive operation, creating a training data set for a protective neural network by applying a plurality of elementary protection combinations to the sensitive operation while performing the sensitive operation, training a protective neural network executing on a coprocessor of the security device using the training data set for the protective neural network, and programming the coprocessor of the security device with the set of parameters for the protective neural network. Other embodiments disclosed.

Abstract: Provided is a method for performing a plurality of cryptographic operations, that upon reception of a request to perform one of said cryptographic operations, prevents an execution by said processing system of said requested cryptographic operation until a predetermined waiting time (G) has elapsed, and before said predetermined waiting time has elapsed, receives one or more requests to perform another cryptographic operation, and after said predetermined waiting time (G) has elapsed, answers (S3) said requests by executing operations comprising mutualized calculations. The method determines said waiting time depending on execution times of said cryptographic operations to be performed and of said mutualized calculations.

Abstract: Generation of an executable file derived from a parent executable file having ranges of physical addresses referencing a binary code of at least one core feature (CR), a binary code of a set of native features (F), bytecodes of a set of java features (Pkg), by selecting at least one native feature from the set of native features to be removed, defining the range of physical addresses where the binary code of the selected native feature is stored, selecting at least one java feature from the set of java features to be relocated, and relocating the bytecodes of said at least one selected java feature in the defined range of physical addresses.

Abstract: Provided is an authentication method, the method comprising sending, by an entity, to a chip, at least one request for getting data; receiving, by the entity, from the chip, data; and, authenticating, by the entity, based on the received data, a family relating to the chip. Other embodiments disclosed.

Abstract: A connected device with at least one sensor adapted to measure at least a physical quantity and to report a measure of this physical quantity to a remote device, the at least one sensor system providing an output Z which is then digitized in order to provide an output signal Y having a first and a second component, the first component being representative of the measured physical quantity X and the second component being representative of the structural noise R introduced by the at least one sensor. The connected device also has a noise generator configured to generate using as an input at least one parameter representative of the structural noise R a blurring noise V which is uncorrelated with said structural noise R; combine the digital output signal Y with the blurring noise V in order to generate a signal Y?; transmit signal Y? to the remote device.

Abstract: Provided is a process for manufacturing a standard chip-card module comprising metallized contacts (P1-P6) defining a graphic design comprising visible parts formed from lines, segments or dots, a first portion (2A, 12A) of which passes right through the thickness of the metallized contacts (P1-P6) and a second portion (2B, 12B) of which is formed only superficially on the upper external surface of the metallized contacts (P1-P6). The second portion (2A, 12A) is produced in the continuity of the first portion, to form said graphic design. Other embodiments directed to a module resulting from the process is disclosed.