Abstract: A first server exchanges with a second server a master (symmetric) key(s). The first server sends to the first application the master key(s). The second server generates dynamically a first derived key by using a generation parameter(s) and a first master key. The second server sends to the second application the first derived key and the generation parameter(s). The second application generates and sends to the first application a first (key possession) proof and the generation parameter(s). The first application verifies successfully by using the generation parameter(s), the first master key and the first proof, that the first proof has been generated by using the first derived key, generates and sends to the second application a second (key possession) proof. The second application verifies successfully that the second proof has been generated by using the first derived key, as a dynamically generated and proven shared key.

Abstract: The present invention relates to a method to authenticate a subscriber (IMSIi) within a local network (LNj) comprising preliminary step of deriving a subscriber key (SMKi) in local keys (LKi), one local key (LKiLNj) for each local network (LNj) the subscriber (IMSIi) is authorized to access, provisioning each local network (LNj) the subscriber (IMSIi) is authorized to access with its own local key (LKiLNj). When an authentication is required in a given local network (LNj), an UICC application derives a local key (LKiLNj) in the UICC application of the subscriber (IMSIi) using the network identifier (LNj), the key derivation function (KDF) and the subscriber key (SMKi) and use the derived local key (LKiLNj) in the algorithm to perform local authentication in the local network (LNj).

Abstract: A system and method for transmitting a provisioning dataset from a cellular network to a user equipment. The cellular network includes a plurality of base nodes providing access to the user equipment, a remote provisioning server accessible by the cellular network, and a core network, including at least two network slices. At least one of the network slices includes at least one network node exclusively assigned to the network slice. At least one of the network slices is dedicated for operating a predefined class of user equipment. At least one remote provisioning network slice includes an assigned network node giving access to the remote provisioning server, and at least one base node assigned to the remote provisioning network slice.

Abstract: A first server exchanges with a second server a master (symmetric) key(s). The first server sends to the first application the master key(s). The second server generates dynamically a first derived key by using a generation parameter(s) and a first master key. The second server sends to the second application the first derived key and the generation parameter(s). The second application generates and sends to the first application a first (key possession) proof and the generation parameter(s). The first application verifies successfully by using the generation parameter(s), the first master key and the first proof, that the first proof has been generated by using the first derived key, generates and sends to the second application a second (key possession) proof. The second application verifies successfully that the second proof has been generated by using the first derived key, as a dynamically generated and proven shared key.

Abstract: The present invention relates to transmitting a provisioning dataset from a cellular network to a user equipment. The cellular network includes a plurality of base nodes providing access to the user equipment, a remote provisioning server accessible by the cellular network, and a core network, comprising at least two network slices. At least one of the network slices includes at least one network node exclusively assigned to the network slice. At least one of the network slices is dedicated for operating a predefined class of user equipments. At least one remote provisioning network slice includes an assigned network node giving access to the remote provisioning server, and at least one base node assigned to the remote provisioning network slice.

Abstract: A method, a device and a system for printing a three dimensional object are disclosed. A printing device, as a first device, or a second device stores predetermined data relating to one or several printings. The second device cooperates with the first device. The first or the second device stores a predetermined printing threshold. The first or the second device determines and stores, during a printing of the three dimensional object, at least one current printing progress rate. The first or the second device compares the current printing progress rate to the predetermined printing threshold. As soon as the current printing progress rate is greater than or equal to the predetermined printing threshold, the first or the second device updates the data relating to one or several printings, so as to validate the printing of the three dimensional object.

Abstract: A method, a device and a system for printing a three dimensional object are disclosed. A printing device, as a first device, or a second device stores predetermined data relating to one or several printings. The second device cooperates with the first device. The first or the second device stores a predetermined printing threshold. The first or the second device determines and stores, during a printing of the three dimensional object, at least one current printing progress rate. The first or the second device compares the current printing progress rate to the predetermined printing threshold. As soon as the current printing progress rate is greater than or equal to the predetermined printing threshold, the first or the second device updates the data relating to one or several printings, so as to validate the printing of the three dimensional object.

Abstract: The present invention relates to a method to authenticate a subscriber (IMSIi) within a local network (LNj) comprising preliminary step of deriving a subscriber key (SMKi) in local keys (LKi), one local key (LKiLNj) for each local network (LNj) the subscriber (IMSIi) is authorized to access, provisioning each local network (LNj) the subscriber (IMSIi) is authorized to access with its own local key (LKiLNj). When an authentication is required in a given local network (LNj), an UICC application derives a local key (LKiLNj) in the UICC application of the subscriber (IMSIi) using the network identifier (LNj), the key derivation function (KDF) and the subscriber key (SMKi) and use the derived local key (LKiLNj) in the algorithm to perform local authentication in the local network (LNj).

Abstract: This invention is aimed at a method for the anonymisation of data that could help identify the user while a profile of said user is collected by a targeting data collection server. To implement such anonymisation, an anonymisation server is placed between a user terminal and the collections server. The profile data collected are encrypted by the terminal using a secret key shared with the data collection server. Those profile data supplemented with data that could help identify the user are then sent to the anonymisation server. The anonymisation server encrypts the data that could help identify the user with an anonymisation key of said anonymisation server before sending on the encrypted collected data and the anonymised identification data to said collection server.

Abstract: Two service signals are transmitted from a service server through a first network in such a way that users' terminal devices display personalized service data items. When service signals are filtered, a terminal device extracts common data items accessible for several terminal devices and a parameter type from a service signal identified by a stored identifier. An end address is determined by applying a stored parameter, related to the parameter type, to a pre-recorded or transmitted algorithm. The end address is transmitted, through a second network, to a server which transmits a first personalized file associated with the end address and bearing personalized data items displayed with the common data items in the device.

Abstract: The invention relates to a value-added service applied to the broadcasting of video programs or content and more particularly to mobile television (Mobile TV). The invention promotes service continuity during the broadcasting of programs having an undefined duration and the broadcasting of which has been subject to a Pay-Per-View type purchase.

Abstract: In a terminal device for controlling access to multicast services over a broadcasting network, an application outputs a user-preselected broadcast service request to a router that receives the broadcast services. The request contains an address of the selected service. The device includes a filtering entity that compares the address in the request with addresses in an address list generated on the basis of at least one filtering criterion, in order to authorize the transmission of the selected service from the router to the application so that the service is delivered when the address is included in the list.

Abstract: The invention relates to a method for controlling an audience measurement relating to broadcast data. According to the invention, the method comprises the following steps: an information sending step in which a server sends to at least one device at least one piece of information for disallowing an execution of an audience measurement relating to at least one piece of identified content data that is broadcast or to be broadcast; and an audience measurement stopping step in which the device stops an audience measurement relating to the identified content data. The invention also relates to corresponding server, device and system for controlling an audience measurement relating to broadcast data.

Abstract: The invention relates to a method for accessing a service offered from a token. The token is coupled with a terminal. The terminal is capable of receiving broadcast messages. The messages are broadcasted from at least one server. According to the invention, the server sends, through the terminal, within the broadcast messages, at least one piece of data intended for the token and executable by the token. The token executes the executable data by triggering an execution of an application embedded at least in part within the token. The invention relates also to a corresponding token and system.

Abstract: A personal mobile TV system (T, CP) stores an end-user profile, and it stores and runs a content personalization program controlling the system into automatic selection of a video segment source (BN2) depending on the end-user profile.

Abstract: The invention relates to a value-added service applied to the broadcasting of video programs or content and more particularly to mobile television (Mobile TV). The invention promotes service continuity during the broadcasting of programs having an undefined duration and the broadcasting of which has been subject to a Pay-Per-View type purchase.

Abstract: A broadcast system includes a terminal system having a display module for displaying an Electronic Service Guide (ESG) of programs to be broadcasted. The ESG initiates the storing of a program selected through such ESG and broadcasted to the terminal system. The broadcast system includes a module for creating and displaying a local ESG on the terminal system. This local ESG corresponds to programs which have been selected, broadcasted and stored in the terminal system. The local ESG launches the rendering of a stored program in response to actuating a corresponding item in the local ESG.

Abstract: Two service signals are transmitted from a service server through a first network in such a way that users' terminal devices display personalized service data items. When service signals are filtered, a terminal device extracts common data items accessible for several terminal devices and a parameter type from a service signal identified by a stored identifier. An end address is determined by applying a stored parameter, related to the parameter type, to a pre-recorded or transmitted algorithm. The end address is transmitted, through a second network, to a server which transmits a first personalized file associated with the end address and bearing personalized data items displayed with the common data items in the device.

Abstract: In a terminal device for controlling access to multicast services over a broadcasting network, an application outputs a user-preselected broadcast service request to a router that receives the broadcast services. The request contains an address of the selected service. The device includes a filtering entity that compares the address in the request with addresses in an address list generated on the basis of at least one filtering criterion, in order to authorize the transmission of the selected service from the router to the application so that the service is delivered when the address is included in the list.

Abstract: Services are distributed via a distribution network to terminal devices. One of the services is an electronic service guide stored in the terminal devices and providing descriptive data on the distributed services. To control access to the services distributed to a terminal device, the device includes a module for filtering descriptive data on the distributed services in accordance with at least one filtering criterion, and a graphics module for displaying the filtered descriptive data that meets the filtering criterion so as to enable services associated with the displayed filtered descriptive data to be selected.