Abstract: This invention relates to a method for granting, for a mobile device which is not provisioned with a subscription to access a wireless network, the establishment of an initial wireless communication over a second wireless network (Se-PLMN) operated by a second wireless network operator (Se-MNO), the mobile device belonging to a user, the method comprising the steps of: receiving (801) by the second wireless network (Se-PLMN) an identifier of the mobile device; verifying (802), in an immutable distributed database hosted by a first wireless network operator (Fi-MNO) and the second mobile network operator (Se-MNO) in which data is replicated across a plurality of compute nodes of a network, if at least a published assertion comprising said identifier of the mobile device demonstrates that the user owns a first subscription to the first mobile network operator (Fi-MNO), said subscription allowing said first operator (Fi-MANO) to be charged by the second mobile network operator (Se-MNO) for the establishment of a

Abstract: This invention relates to a method for granting, for a mobile device which is not provisioned with a subscription to access a wireless network, the establishment of an initial wireless communication over a second wireless network (Se-PLMN) operated by a second wireless network operator (Se-MNO), the mobile device belonging to a user, the method comprising the steps of: receiving (801) by the second wireless network (Se-PLMN) an identifier of the mobile device; verifying (802), in an immutable distributed database hosted by a first wireless network operator (Fi-MNO) and the second mobile network operator (Se-MNO) in which data is replicated across a plurality of compute nodes of a network, if at least a published assertion comprising said identifier of the mobile device demonstrates that the user owns a first subscription to the first mobile network operator (Fi-MNO), said subscription allowing said first operator (Fi-MANO) to be charged by the second mobile network operator (Se-MNO) for the establishment of a

Abstract: The services of an HTTP or HTTPS server, being implemented by or running on a first electronic device that is a portable device, are offered to an application running on a second electronic device by exchanging HTTP messages between the first electronic device and the second electronic device over a local communication channel according to the Bearer Independent Protocol. The application running on the second electronic device may use the TCP/IP protocol for exchanging HTTP messages with the server. A gateway is employed on the second electronic device, which manages the local communication channel and performs protocol conversion, Bearer Independent Protocol—TCP/IP, for messages received from the application running on the second electronic device, and protocol conversion, TCP/IP—Bearer Independent Protocol, for messages being sent to the server, where the second electronic device is a terminal hosting the portable device.

Abstract: The invention relates to an authentication and/or rights containing retrievable token such as an IC card comprising at least one physical channel of communication to at least one apparatus and at least two logical channels of communication with said at least one apparatus wherein each logical channel of communication is associated with a different execution environment.

Abstract: The invention relates to a system (S) comprising a first authenticating entity (MOB_OP_SRV) and a portable communication device (MP) equipped with an NFC antenna (MP_A), and comprising means (SIM) to authenticate the user of the portable communication device (MP) to the first authenticating entity (MOB_OP_SRV), The system (S) further comprises a second authenticating entity (3RD_PTY_SRV), and a portable authentication device (SC) equipped with an NFC antenna (SC_A). The portable authentication device (SC) stores authentication credentials (3RD_PTY_K) for authenticating the user to the second authenticating entity (3RD_PTY_SRV), The portable communication device (MP) comprises means to authenticate the user to the second authenticating entity (3RD_PTY_SRV) by communicating with the portable authentication device (SC) through the NFC antennas (NAP_A; SC_A). The invention also relate to a portable communication device (MP) and to a method for authenticating a user to an authenticating entity (3RD_PTY_SRV).

Abstract: Access of a first device, communicating with a second, portable device, to digital content is controlled by authentication of the first device by a remote server; upon successful authentication of the first device by the remote server, securely providing by the remote server credentials to the portable device, the credentials enabling the portable device to authenticate the first device; securely providing by the remote server rights objects to the portable device, the rights objects comprising usage rights and information which is necessary to access the content; authentication of the first device by the portable device using the credentials received from the remote server; and, upon successful authentication of the first device by the portable device, delivering by the portable device to the first device the information which is necessary to access the content.

Abstract: A method for calculating hashing of a message in a device communicating with a smart card involves storing a same hash function in said device and said smart card, wherein the message includes-data blocks including secret data and other public data, and wherein secret data is only known by the smart card, performing a calculation of the hash function of the secret data in the smart card, and performing the calculation of the hash function of all or part of other public data in the device.

Abstract: Access of a first device, communicating with a second, portable device, to digital content is controlled by authentication of the first device by a remote server; upon successful authentication of the first device by the remote server, securely providing by the remote server credentials to the portable device, the credentials enabling the portable device to authenticate the first device; securely providing by the remote server rights objects to the portable device, the rights objects comprising usage rights and information which is necessary to access the content; authentication of the first device by the portable device using the credentials received from the remote server; and, upon successful authentication of the first device by the portable device, delivering by the portable device to the first device the information which is necessary to access the content.

Abstract: The services of an HTTP or HTTPS server, being implemented by or running on a first electronic device, are offered to a second electronic device by exchanging HTTP messages between the first electronic device and the second electronic device over a communication channel according to the Bearer Independent Protocol. An application running on the second electronic device can use the TCP/IP protocol for exchanging HTTP messages with the server A gateway is employed on the second electronic device, which manages the communication channel and which performs protocol conversion Bearer Independent Protocol—TCP/IP for messages received from the application running on the second electronic device, and protocol conversion TCP/IP—Bearer Independent Protocol for messages being sent to the server.

Abstract: The invention relates to an authentication and/or rights containing retrievable token such as an IC card comprising at least one physical channel of communication to at least one apparatus and at least two logical channels of communication with said at least one apparatus wherein each logical channel of communication is associated with a different execution environment.

Abstract: This invention concerns a system to update encoded data stored in a memory of a data processing device such as a smartcard. In this system, the data is represented by a tree structure in directories and files according to an object representation. According to the invention, the update system comprises a specific referencing object able to reference all or some of the attributes of the encoded data in memory. A microcontroller is then programmed to extract from the referencing object the information required to locate the memory block occupied by this attribute, and update this block, replacing it by the new previously encoded data.

Abstract: A method for calculating hashing of a message in a device communicating with a smart card involves storing a same hash function in said device and said smart card, wherein the message includes—data blocks including secret data and other public data, and wherein secret data is only known by the smart card, performing a calculation of the hash function of the secret data in the smart card, and performing the calculation of the hash function of all or part of other public data in the device.

Abstract: Method for controlling the access to a security token (CAR) in a communication apparatus (MOB) by downloaded applications (DA) accessing the security token. The method includes a service-accessing step in which a downloaded application (DA) requests an access to the security token (CAR), a service-checking step in which a security token manager (STM), stored in the communication apparatus, checks the corresponding rights. The communication apparatus stores a plurality of security token interfaces (STI), and the Security Token Manager (STM) delivers the demanded Security Token Interface (STI) to the application (DA) if rights are satisfied or reject the demand.

Abstract: This invention concerns a system to update encoded data stored in a memory of a data processing device such as a smartcard. In this system, the data is represented by a tree structure in directories and files according to an object representation. According to the invention, the update system comprises a specific referencing object able to reference all or some of the attributes of the encoded data in memory. A microcontroller is then programmed to extract from the referencing object the information required to locate the memory block occupied by this attribute, and update this block, replacing it by the new previously encoded data.