Abstract: There is disclosed a method for managing content, including generating, by a service provider, an authenticable management script configured to manage content comprised in a secure element; providing, by the service provider, the authenticable management script to the secure element. Furthermore, there is disclosed a method for managing content, comprising: receiving, by a secure element, an authenticable management script for managing content comprised in the secure element; authenticating, by the secure element, the authenticable management script; executing, by the secure element, the management script if the management script is authentic. Furthermore, there are disclosed corresponding computer program products and a corresponding secure element.

Abstract: Provisioning an integrated circuit with confidential data, by receiving in the integrated circuit encrypted confidential data, the encrypted confidential data having been encrypted with a transport key, deriving in the integrated circuit the transport key by applying a key derivation function to a customer identifier, the customer identifier having been previously stored in the integrated circuit, decrypting in the integrated circuit the encrypted confidential data with the transport key to obtain decrypted confidential data, deriving in the integrated circuit a product key by applying a key derivation function to an integrated circuit identifier, the integrated circuit identifier having been previously stored in the integrated circuit, encrypting in the integrated circuit the decrypted confidential data with the product key to obtain re-encrypted confidential data, and storing the re-encrypted confidential data in a confidential data memory of the integrated circuit.

Abstract: There is disclosed a method of providing a software update to a secure element comprised in a host device, comprising converting the software update into a sequence of ciphertext blocks using a chained encryption scheme, and transmitting said sequence of ciphertext blocks to the host device. Furthermore, there is disclosed a method of installing a software update on a secure element comprised in a host device, comprising receiving, by the host device, a sequence of ciphertext blocks generated by a method of providing a software update of the kind set forth, converting said sequence of ciphertext blocks into the software update, and installing the software update on the secure element. Furthermore, corresponding computer program products and a corresponding host device are disclosed.

Abstract: As may be implemented in accordance with one or more embodiments, and apparatus and/or method may involve a first circuit that initiates secure operations by interfacing with a user and providing operation trigger data that is signed cryptographically and secured from alteration, based on the interfacing. A second circuit, including a secure element, stores data secured from access by the first circuit, and executes secure operations separately from operations executed by the first circuit based on one or more commands provided by the first circuit. Validation circuitry validates and controls accesses to the second circuit by verifying a characteristic of the operation trigger data by executing stored validation instructions with the operation trigger data, and communicating information to the second circuit based on the verifying. The second circuit is responsive to the communicated information by initiating execution of the secure operations.

Abstract: There is disclosed a method for managing content, comprising: generating, by a service provider, an authenticable management script configured to manage content comprised in a secure element; providing, by said service provider, the authenticable management script to the secure element. Furthermore, there is disclosed a method for managing content, comprising: receiving, by a secure element, an authenticable management script for managing content comprised in said secure element; authenticating, by said secure element, said authenticable management script; executing, by said secure element, the management script if the management script is authentic. Furthermore, there are disclosed corresponding computer program products and a corresponding secure element.

Abstract: There is disclosed a method for configuring a secure element, the method comprising: storing an application in the secure element; storing a master key in the secure element; storing a key derivation program in the secure element; generating, by the key derivation program, at least one application key for use by the application, wherein said generating comprises deriving the application key from the master key and an identifier of the secure element. Furthermore, a corresponding key derivation program, computer program product and configurable secure element are disclosed.

Abstract: There is disclosed a method of providing a software update to a secure element comprised in a host device, comprising converting the software update into a sequence of ciphertext blocks using a chained encryption scheme, and transmitting said sequence of ciphertext blocks to the host device. Furthermore, there is disclosed a method of installing a software update on a secure element comprised in a host device, comprising receiving, by the host device, a sequence of ciphertext blocks generated by a method of providing a software update of the kind set forth, converting said sequence of ciphertext blocks into the software update, and installing the software update on the secure element. Furthermore, corresponding computer program products and a corresponding host device are disclosed.

Abstract: Provisioning an integrated circuit with confidential data, by receiving in the integrated circuit encrypted confidential data, the encrypted confidential data having been encrypted with a transport key, deriving in the integrated circuit the transport key by applying a key derivation function to a customer identifier, the customer identifier having been previously stored in the integrated circuit, decrypting in the integrated circuit the encrypted confidential data with the transport key to obtain decrypted confidential data, deriving in the integrated circuit a product key by applying a key derivation function to an integrated circuit identifier, the integrated circuit identifier having been previously stored in the integrated circuit, encrypting in the integrated circuit the decrypted confidential data with the product key to obtain re-encrypted confidential data, and storing the re-encrypted confidential data in a confidential data memory of the integrated circuit.

Abstract: Disclosed is a method and associated apparatus for defining an interface between a peripheral device and a computer application using standard driver(s) without use of specific peripheral device drivers. The method provides for processing one command in a multifunction peripheral device comprising a communication interface capable of connecting the peripheral device to a host system, the processing being in accordance with at least one of the functions of the multifunction peripheral device, called first function. After reception, the command is processed according to the first function and analyzed to determine whether at least one specific parameter related to at least one other function, separate from the first function, called second function, is associated with said one command. In response to said analysis, if at least one specific parameter related to said second function is associated with the one command, a request related to the second function is executed.

Abstract: Disclosed is a method and associated apparatus for defining an interface between a peripheral device and a computer application using standard driver(s) without use of specific peripheral device drivers. The method provides for processing one command in a multifunction peripheral device comprising a communication interface capable of connecting the peripheral device to a host system, the processing being in accordance with at least one of the functions of the multifunction peripheral device, called first function. After reception, the command is processed according to the first function and analyzed to determine whether at least one specific parameter related to at least one other function, separate from the first function, called second function, is associated with said one command. In response to said analysis, if at least one specific parameter related to said second function is associated with the one command, a request related to the second function is executed.