Abstract: The invention relates to a method for generating and validating a digital authorization request, as well as to the method for supervising said authorization. The method of invention enables the guarantee, due to a combination of a series of signatures, at any time, of the identity of the bearer of the document and of the validating body.

Abstract: The invention relates to a cryptographic method involving an integer division of type q=a div b and r=a mod b, wherein a is a number of m bits, b is a number of n bits, with n being less than or equal to m, and bn?1 being non-null and the most significant bit of b. In addition, each iteration of a loop subscripted by i, which varies between 1 and m?n+1, involves a partial division of a word A of n bits of number a by number b in order to obtain one bit of quotient q. According to the invention, the same operations are performed with each iteration, regardless of the value of the quotient bit obtained. In different embodiments of the invention, one of the following is also performed with each iteration: the addition and subtraction of number b to/from word A; the addition of number b or a complementary number /b of b to word A; or a complement operation at 2n of an updated datum (b or /b) or a dummy datum (c or /c) followed by the addition of the datum updated with word A.

Abstract: The present invention provides a method for binding a (smart) secure device (2) to a wireless phone, said wireless phone comprising an identifier parameter, said secure device (2) being adapted to communicate with an Over-The-Air (OTA) server and being suitable for receiving services from a network operator in an authorised area determined with localisation parameters stored in the OTA server, wherein the method comprises the following steps: a. storing the identifier parameter of the wireless phone into the secure device (2) at a first powering on of the wireless phone; b. requesting a user registration on the OTA server so as to download the localisation parameters from the OTA server into the secure device (2). After successful registration confirmation from OTA server, for each powering on, the secure device (2) compares the above two parameters in the secure device (2) with the values from the phone, if they are not the same, authentication is forbidden.

Abstract: A method for encrypting/decrypting a message includes the initial step of generating keys by the sub-steps of generating a public key; generating a decryption key; and generating a derivation key. For a first entity, the message is encrypted using the public key and a cipher. For a second entity, the cipher is decrypted to find the message. A trapdoor associated with said message is generated. The trapdoor corresponds to a derivative of the derivation key specific to the message. A test cipher is tested, using the trapdoor associated with the message, to determine if the test cipher is an encryption of the message using the public key.

Abstract: An integrated circuit card is used with a terminal. The integrated circuit card includes a memory that stores an interpreter and an application that has a high level programming language format. A processor of the card is configured to use the interpreter to interpret the application for execution and to use a communicator of the card to communicate with the terminal.

Abstract: In general, the invention relates to a method for executing at least a portion of a server operation. The method includes providing an extension to a client connected to the server, where the extension includes a portable object connected to the client. The method further includes performing at least the portion of server operation by the extension, where performing at least the portion of the server operation includes executing a copy of at least a portion of server software stored on the portable object.

Abstract: (EN)The invention relates to a portable security device (SIM) for authenticating a user (USR) of a communication device (MP1, MP2) to a server (SRV), the portable security device (SIM) comprising means for configuring said communication device (MP1, MP2). The portable security device (SIM) further comprises means for filtering the configuration of a first communication device (MP1), creating a backup of the filtered configuration of the communication device (MP1), detecting that the user (USR) changed a first communication device (MP1) for a second communication device (MP2), filtering the backup of the filtered configuration, and restoring the filtered backup of the filtered configuration of the first communication device (MP1) on the second communication device (MP2).

Abstract: The invention provides a method for activating the subscription of an UICC, said UICC comprising an activation application, said method comprising the step of activating the subscription of the holder of the UICC by sending a message to an activation server, said message being sent by the activation application to the activation server by using an IP based communication.

Abstract: The invention relates to a method for the enrichment of an electronic directory stored in a first electronic communication device, based on the changes in a second electronic communication device and by the application of decisional rules. The changes can also be related to a change in the hardware or software functionalities or to a modification of data contained in said second device.

Abstract: The invention relates to a method for communicating data between a first secure element and a network access point. The first secure element is coupled with a network access point. The network access point is comprised within a communication network. According to the invention, at least one of the first secure element and the network access point sends, to the other of the network access point and the first secure element respectively, data relating to an identity of a communication link, as logical link, between the first secure element and the network access point. The invention also relates to a corresponding secure element.

Abstract: The present invention relates to a method for a secure device to resolve an IP address of a target server to which the secure device is willing to access, said secure device being suitable to be inserted in a wireless device, wherein the secure device sends a request to a DNS client that resides on said wireless device to resolve the IP address of the target server, said target server being identified by its FQDN.

Abstract: The invention relates to a method for configuring a mobile device capable of reproducing, for a user, multimedia content previously provided by a remote content server. The invention relates to using a client installed on said electronic device to relay authentication requests between a card, preferably complying with the provisions of the Mobile Commerce Extension standard, and an authentication server that is accessible via an access point.

Abstract: The invention is a method of managing flash memory-allocation in an electronic token. Said token has a memory comprising a list area and a managed area. Said managed area comprises allocated spaces and at least one free memory chunk. Said list area comprises at least one valid entry referencing a free memory chunk. Said valid entry comprises a state field. Said method comprises the step of selecting a free memory chunk further to an allocation request where said free memory chunk is referenced by an old entry, and the step of identifying a new allocated space in the selected free memory chunk. The state field of said valid entry is preset with a virgin state. Said method comprises the step of invalidating the old entry referencing the selected free memory chunk.

Abstract: The invention is a method of managing access to a plurality of data from a server by a client through a point-to-point link. Each of the data is reachable through a set of URIs that belongs to an index list. The method comprises the step of inserting a request to a control message in the index list. The control message applies to a data reachable through one URI belonging to the index list.

Abstract: The invention concerns a method for reducing factory customizing time in a smart card (CPn), wherein a pre-customizing manager (GM) into a customizing machine loads post-customizing data (AP, OP1-OP1, DOP1-DOP1) in the smart card. Then a post-customizing application (AP) included in the smart card is enabled after delivery of the card to a user following a connection of the smart card to a terminal to process the loaded post-customizing data so as to make the smart card operational.

Abstract: The invention is a method of executing an application embedded in a portable electronic device. The application comprises one instruction handling an object. The electronic device comprises a firewall which is intended to check the compliance of the object with preset security rules. The portable electronic device comprises a volatile memory area intended to store a data set uniquely associated to the object. The data set comprises an indicator reflecting the result of the checking of the compliance of the object with the preset security rules. The method comprises the following steps before execution of the instruction, checking the presence in the volatile memory area of a data set associated to the object and comprising an indicator reflecting a successful checking of security rules, and if successful in the checking of the data set, authorizing the execution of the instruction without further security rules checking done by the firewall.

Abstract: The invention relates to a method for monitoring an audience measurement relating to data. The data is broadcast, through a broadcast channel, from a broadcast device and to be received by at least one terminal. According to the invention, the method comprises steps in which the broadcast device broadcasts, through the broadcast channel, at least one piece of information relating to a request for measuring an audience of at least one content of the data, said audience report request; and at least one terminal sends back, through a return channel, to an audience report collecting device, as a response to the audience report request, an audience report relating to the at least one content of the broadcast data processed by the at least one terminal, said audience report response. The invention relates also to corresponding terminal and system comprising the broadcast device and the terminal, and a corresponding token likely to cooperate with a terminal.

Abstract: The invention relates to a method for calculating a first identifier of a secure element of a mobile terminal according to a second identifier of said secure element. The first identifier is a temporary identifier and the second identifier is a final identifier of the secure element in a telecommunications network. According to the invention, the method comprises the steps of: a—during the first attempt to connect the mobile terminal to the telecommunications network, calculating the first identifier according to the second identifier; b—transmitting the first identifier to the telecommunications network; c—in response to a message of acceptance of the first identifier from the telecommunications network, inhibiting the use of the first identifier by the secure element and, for every subsequent attempt to connect to the telecommunications network, using the second identifier to authenticate the secure element.

Abstract: The invention is a method of managing an application embedded in a secured electronic token. The token is intended to receive a message from a server machine. The message has a header and a body. The token comprises an agent able to manage the message. The method comprises the steps of: a) registering the application in the agent by associating a reference of the application with a value of an element of the message header, b) when the message is received from the server machine, forwarding part of the message to the application if the message header contains an element having the value associated to the reference of the application.

Abstract: Method of securing exchanges between two electronic devices, by using an imprint of at least one of the two devices. This imprint is obtained on the basis of all or part of the electronic components of which this device is composed. This imprint will serve, either to protect the confidentiality of the data exchanged, or to attest to the identity of the device issuing the data.