Abstract: A method for personalizing a secure element, had the following steps: receiving, in a data generator, a request for a bundle of storage images for a plurality of secure elements; obtaining, in the data generator, at least one subscription data set for at least one securing element to be personalized of the plurality of secure elements; providing an operating system or a part of the operating system for the secure element to be personalized; generating, by means of the data generator, a storage image for each of the secure elements according to the received request; and bundling the generated storage image and providing the bundled storage image in the form of a storage image bundle by means of the data generator in order to complete the terminal, thereby introducing at least the storage image of the secure element to be personalized into the secure element.

Abstract: A method for personalizing an integrated secure element, which is permanently installed in a mobile end device. The method involves the agreement of a shared secret between the secure element and an HSM, encrypting an operating system, and possibly personalization data and/or one or several profiles, in the HSM based on the shared secret and transferring the encrypted operating system to the secure element, and re-encrypting the operating system in the secure element for storage in the NVM memory of the mobile end device.

Abstract: The invention relates to a method for producing a hardened, steel component with regions of different hardness and/or ductility; a blank is stamped out and either heated in some regions to a temperature ?Ac3, and then transferred to a forming die, is formed, and is cooled at a speed that is greater than the critical hardening speed and thus hardened or is cold formed into the finished shape and the formed blank is heated in some regions to a temperature >Ac3 and then transferred to a hardening die and is hardened at a speed greater than the critical hardening speed; the steel material is adjusted in a transformation-delaying fashion so that a quench hardening through transformation of austenite into martensite takes place at a forming temperature that lies in the range from 450° C. to 700° C.; after the heating and before the forming, an active cooling takes place at >15 K/s.

Abstract: A method for operating a security element, preferably in the form of a chip card, having a processor, and a memory. stores an operating system comprising an operating-system kernel and at least one additional operating-system module for supplying optional operating-system functionalities, and at least one access permission associated with the operating-system module and determining whether the operating-system module can be accessed during operation of the security element. The method comprises the step of changing the access permission for the operating-system module for supplying optional operating-system functionalities in reaction to the receiving of a message from a server. The message from the server may be an OTA message sent from the server to the security element via a mobile radio network.

Abstract: A method for activating an operating system in a security module, wherein the security module is operational either by means of a first operating system or by means of a second operating system. The method comprises the steps of: operating the security module by means of the first operating system and shifting the security module from the first operating system to the second operating system. A primary application incorporated in the security module accesses the respective operating system by means of an operating-system interface. The above concept are incorporated in a security module and employment of a security module in an end device.

Abstract: A method for operating a security element, preferably in the form of a chip card, having a processor, and a memory. stores an operating system comprising an operating-system kernel and at least one additional operating-system module for supplying optional operating-system functionalities, and at least one access permission associated with the operating-system module and determining whether the operating-system module can be accessed during operation of the security element. The method comprises the step of changing the access permission for the operating-system module for supplying optional operating-system functionalities in reaction to the receiving of a message from a server. The message from the server may be an OTA message sent from the server to the security element via a mobile radio network.

Abstract: A method for activating an operating system in a security module, wherein the security module is operational either by means of a first operating system or by means of a second operating system. The method comprises the steps of: operating the security module by means of the first operating system and shifting the security module from the first operating system to the second operating system. A primary application incorporated in the security module accesses the respective operating system by means of an operating-system interface. The above concept are incorporated in a security module and employment of a security module in an end device.

Abstract: A method for producing a component with a sandwich structure, in which at least one essentially flat top layer is produced from a ferrous material, a structure is introduced into an essentially flat intermediate layer composed of a ferrous material, contact regions of the intermediate layer are at least partially galvanized, the at least one top layer and the intermediate layer are superposed to form a composite so that the contact regions rest against the top layer, and the composite is then press hardened. The invention produces an easily recyclable component with a sandwich structure, which has good rigidity and strength properties.

Abstract: The invention relates to a method for producing a hardened, steel component with regions of different hardness and/or ductility; a blank is stamped out and either heated in some regions to a temperature ?Ac3, and then transferred to a forming die, is formed, and is cooled at a speed that is greater than the critical hardening speed and thus hardened or is cold formed into the finished shape and the formed blank is heated in some regions to a temperature >Ac3 and then transferred to a hardening die and is hardened at a speed greater than the critical hardening speed; the steel material is adjusted in a transformation-delaying fashion so that a quench hardening through transformation of austenite into martensite takes place at a forming temperature that lies in the range from 450° C. to 700° C.; after the heating and before the forming, an active cooling takes place at >15 K/s.

Abstract: The invention relates to a method for producing a hardened steel component with a coating composed of zinc or a zinc alloy; a blank is stamped out of a sheet coated with the zinc or zinc alloy, the stamped-out blank is heated to a temperature ?Ac3 and if need be, kept at this temperature for a predetermined time in order to induce the formation of austenite, and then the heated blank is transferred to a forming die, is formed in the forming die, and is cooled at a speed that is greater than the critical hardening speed and thus hardened; the steel material is adjusted in a transformation-delaying fashion so that a quench hardening through transformation of austenite into martensite takes place at a forming temperature that lies in the range from 450° C. to 700° C.; after the heating and before the forming, an active cooling takes place at >15K/s.

Abstract: The invention relates to a process for conditioning the surface of hardened, corrosion-protected sheet-steel components; the steel plate is a steel plate that is covered with a metallic coating and is heated for hardening and is then quench hardened and after the hardening, oxides that are present on the corrosion protection coating due to the heating are removed; the component undergoes a slide grinding in order to condition the surface of the metallic covering or corrosion protection layer.

Abstract: Data items are selected for inclusion in a data set so as to discourage a transmission of the entire set. Each data item includes section(s) which constitute(s) the complete data set. Each section contains a watermark that includes an identifier of the section, and an identifier of the data set. The identifier of the section may be the address of the section, and the identifier of the data set may be the serial number and an indicator of the total size of the data set. The presence of the data set is confirmed by checking the watermarks of randomly selected sections to verify that the original section that formed the data set is present. If a section is discovered to be missing or altered, subsequent processing of data items of the data set is prevented. The identifiers may be stored as a combination of robust and fragile watermarks.

Abstract: A number of data items are selected for inclusion in a data set so as to discourage a transmission of the entire set over a limited bandwidth communications path, such as the Internet. Each data item comprises one or more sections, and the totality of sections constitute the complete data set. Each section of the data set contains a watermark that includes an identifier of the section, and an identifier of the data set. In a preferred embodiment, the identifier of the section is the address of the section, and the identifier of the data set is a serial number and an indicator of the total size of the data set. The presence of the data set is confirmed by checking the watermarks of randomly selected sections to verify that the original section that formed the data set is present. If a section is discovered to be missing or altered, subsequent processing of data items of the data set is prevented. In a preferred embodiment, the identifiers are stored as a combination of robust and fragile watermarks.

Abstract: A number of data items are selected for inclusion in a data set so as to discourage a transmission of the entire set over a limited bandwidth communications path, such as the Internet. Each data item comprises one or more sections, and the totality of sections constitute the complete data set. Each section of the data set contains a watermark that includes an identifier of the section, and an identifier of the data set. In a preferred embodiment, the identifier of the section is the address of the section, and the identifier of the data set is a serial number and an indicator of the total size of the data set. The presence of the data set is confirmed by checking the watermarks of randomly selected sections to verify that the original section that formed the data set is present. If a section is discovered to be missing or altered, subsequent processing of data items of the data set is prevented. In a preferred embodiment, the identifiers are stored as a combination of robust and fragile watermarks.

Abstract: A system and method determines the proximity of the target node to the source node from the time required to communicate messages within the node-verification protocol. The node-verification protocol includes a query-response sequence, wherein the source node communicates a query to the target node, and the target node communicates a corresponding response to the source node. The target node is configured to communicate two responses to the query: a first response that is transmitted immediately upon receipt of the query, and a second response based on the contents of the query. The communication time is determined based on the time duration between the transmission of the query and receipt of the first response at the source node and the second response is compared for correspondence to the query, to verify the authenticity of the target node.

Abstract: Methods and apparatus for secure distribution of music and other types of content. The invention allows content to be registered with a centralized trusted registration authority (TRA) in such a way that it can be distributed anonymously, such that the identity of the content provider need not be disclosed until a dispute arises. A first illustrative embodiment of the invention provides unbound rights management, i.e., secure registration of content such that usage rights for the content are not bound to the content itself. In this embodiment, distributed content is not protected by encryption, i.e., confidentiality of content is not provided. However, the content is protected against piracy, due to the fact that the content provider is certified by the TRA, and thus can be traced or otherwise identified in the event that irregularities are detected. Since the usage rights are not bound to the content, the content provider can change the usage rights after the content has been registered with the TRA.

Abstract: The common encryption of content material is provided for decryption at a plurality of destination devices, each destination device having a unique private key of a public-private key pair. A multiple device key exchange is utilized to create a session key for encrypting the content material that is based on each of the public keys of the plurality of destination devices. The content material is encrypted using this session key. A partial key is also created for each of the intended destination devices that relies upon the private key of the destination device to form a decryption key that is suitable for decrypting the encrypted content material. The encrypted content material and the corresponding partial key are communicated to each destination device via potentially insecure means, including broadcast over a public network. Each destination device decrypts the encrypted content material using the decryption key that is formed from its private key and the received partial key.

Abstract: A system and method for enabling a consumer, in a television or audio broadcast environment, to access specific enhanced services, for example, interactive advertisements embedded in television programs, based on a contract between a product vendor and a video receiver manufacturer. The video receiver manufacturer is the TV or set-top box manufacturer, licensee or affiliated party. Purchasing transactions, including billing, are automatically managed by a data aggregator.

Abstract: Methods and apparatus for preventing an attack on a screening algorithm. A method includes the steps of identifying content to be downloaded, determining a total number of sections of a predetermined duration of time in the content to be downloaded, and screening a predetermined number of sections of the total number of sections to determine whether the predetermined number of sections verify correctly through the screening algorithm. The number of predetermined sections screened during the screening step of the method of preventing an attack on a screening algorithm is two for content having a duration of three minutes or less and is incremented by one for each one minute of duration over the initial three minutes.

Abstract: Methods and apparatus for attacking a screening algorithm. The methods include the steps of searching a medium to determine a location of at least one sample stored on the medium, and applying the sample to content, wherein the content would not pass the screening algorithm but for the application of the sample. Once the locations of the samples are known, the attacker can use the samples to distribute a compressed version of the disk or a song contained on the disk from which the samples are derived, use the samples to import any disk into the SDMI domain, or use the samples to smuggle pirated music into the SDMI domain.