Abstract: The invention relates to any electronic device such as a chip card, a passport, a dongle or any other object requiring personalization of the content of a memory. More precisely, the invention provides for a method for processing a data item of a container stored in a memory, said method being implemented by the electronic device by utilizing in particular a table of identifiers. The invention furthermore provides for a prior step for associating a data identifier with a data item of a container and creating said table of identifiers.

Abstract: A method for operating a wireless device within a cellular network having at least two base nodes and providing common channels and at least one downlink non-common channel. The wireless device decodes at least one common channel and the downlink non-common channel, and performs the steps of determining a value relative to the total amount of resources provided by one of the base nodes, determining a value relative to the amount of resources provided by the one base node for the common channels out of the total resources, determining a value relative to the amount of resources suitable of being received by the wireless device, calculating the share of usable resources in comparison to said total resources excluding common resources, and adapting the operation of the wireless device within the cellular network in dependence of the calculated share of usable resources.

Abstract: The present invention relates to a method to authenticate a user using an authenticator at an access device using another registered device named personal device, said authenticator being stored by the access device after registration of the personal device comprising a double encryption using an access device's secret key and a personal device's public key to be retrieved at each request of authentication received from the personal device, encrypted using a session key and sent with the session key encrypted using the personal device's public key to the personal device for partial decryption using the decrypted session key and the personal device's private key, re-encryption using the session key and sending back to the access device for total decryption of the authenticator, using the session key and the access device's secret key, and use of the thus decrypted authenticator to authenticate at the access device.

Abstract: A method of replacing an authentication parameter for authenticating a security element co-operating with a terminal includes storing in the security element a first authentication parameter; transmitting to a mobile network operator the first authentication parameter for the operator to record it in its authentication system; on occurrence of an event, having a remote platform transmit to the security element an indicator informing the security element that it is authorized to replace the first authentication parameter with a second authentication parameter if its authentication fails; on occurrence of the event, having the entity transmit to the operator a second authentication parameter to replace the first authentication parameter; and in the event of subsequent failure of the security element to connect to the mobile network and if the indicator is present at the security element, replacing the first authentication parameter with the second authentication parameter at the security element.

Abstract: The invention is a method for managing a secure channel between a server and a secure element embedded in a first device, wherein a user agent embedded in a second device establishes a HTTPS session with the server and retrieves a web application from the server, the method comprising the steps: the server sends to the web application an application certificate which is linked to a specific data reflecting the identity of the server, the secure element gets the application certificate and the specific data, the secure element checks the validity of the application certificate and that the application certificate is consistently linked to the specific data, in case of successful checks, the secure element and the server generate an ephemeral session key and use it for opening a secure channel.

Abstract: The present invention relates to a data carrier, especially a security document, such as an identification card, comprising authentication data comprising personalized data, the data carrier comprising a first side and a second opposite side, and a plurality of layers comprising personalized data, a transparent recording layer, a transparent plastic upper layer and an opaque layer between the recording layer and the upper layer.

Abstract: A system, method and computer-readable storage medium for decrypting a code c using a modified Extended Euclidean Algorithm (EEA) having an iteration loop independent of the Hamming weight of inputs to the EEA and performing a fixed number of operations regardless of the inputs to the EEA thereby protecting a cryptographic device performing the decryption from side-channel attacks.

Abstract: A method for protecting data on a mass storage device. The device has a security module and a data storage area configured to be switched between a protected state, in which accessing the data storage area is forbidden and an unprotected state, in which accessing the data storage area is authorized. Switching the data storage area from the protected state to the unprotected state by sending a request to a remote server, receiving a one-time password on a communication device, in response to the sent request, providing the received one-time password to the security module, authorizing access to the data storage area by the security module, once the provided one-time password is deemed valid by the security module.

Abstract: A secure element equips a device usable by N image owners, and comprises a first non-volatile memory divided into N parts storing image owner data, a second non-volatile memory storing a primary boot loader, a third non-volatile memory divided into N parts storing image owner session private data, a first random access memory divided into N parts associated to the N first non-volatile memory parts, a second random access memory for temporarily storing image owner data during an access session, and a controller activated by the primary boot loader when the device starts an access session, and then controlling accesses to the non-volatile memories and random access memories according to rules, and erasing the second random access memory each time the device starts an access session.

Abstract: The present invention relates to a method for transmitting system information from a base station to a user equipment, the user equipment being a limited-bandwidth device, camping on the base station, wherein the system information are divided in a plurality of system information blocks, which are at least once transmitted during one broadcast channel modification period, the method comprising the step of—transmitting a first system information block the first system information block comprising at least—a broadcast channel change notification tag, and—a barring indication flag for limited-bandwidth devices, and wherein each other of the plurality of system information blocks is larger in size than the first system information block.

Abstract: The invention relates to a method for creating a multi-component device, including the following steps, creating a module having a multilayer structure comprising electrical/electronic components arranged on at least one substrate in stacked layers, the components each having a main surface exposed to the outside, wherein the components are arranged such that the respective main surfaces thereof are oriented in mutually opposite directions. The invention also relates to the corresponding device.

Abstract: The present invention relates to a method for transmitting system information from a base station to a user equipment, the user equipment being a limited-bandwidth device, camping on the base station, wherein the system information is divided in a plurality of system information blocks, and the system information further has associated a validity period, the validity period indicating how long the transmitted system information stays valid, while no change of system information occurs, wherein the validity period for system information relating to limited-bandwidth devices is longer than for system information relating to non-limited-bandwidth devices.

Abstract: The present invention relates to a method for transmitting system information from a base station to a user equipment, the user equipment being a limited-bandwidth device, camping on the base station, wherein the system information is divided in a plurality of system information blocks, which are at least once transmitted during one broadcast channel modification period, wherein the minimum broadcast channel modification period for limited-bandwidth devices lasts at least 10.24 seconds.

Abstract: A method for operating a wireless communication device comprising a communication unit comprising a radio mode decision unit and a transceiver unit, the radio mode decision unit further maintaining a set of network operation modes, the wireless communication device further comprising a controlling appliance, interconnected with the communication unit by means of a command interface. The communication unit ascertains at least one communication behavior parameterization conforming to a preconfigured communication behavior demand of a cellular network1 The controlling appliance submits a transport template dataset comprising a data element relating to an envisaged communication behavior to the communication unit by means of the command interface.

Abstract: A device comprises a memory. The memory stores data relating to at least one service profile template. The service profile template includes executable data. A server sends to the device a first message including a request for creating or modifying at least one service profile based upon a service profile template. The device executes the executable data. The device creates or modifies a memory area. The memory area is associated with a service profile by using the service profile template. The device sends to the server at least one second message including a request for loading into the device data relating to at least one service profile. The server sends to the device at least one third message including data relating to at least one service profile. And the device stores within the created or modified memory area the data relating to at least one service profile.

Abstract: (EN) The invention relates to a portable electronic device (SC, TK) comprising electric input means (VCC, GND, ANT) for receiving electric power from an external power supply. The portable electronic device (SC, TK) comprises an application, the application being set to be triggered when power is supplied to said electric input means (VCC, GND, ANT), and to not communicate with entities external to the portable electronic device (SC, TK), or to only notify such entities of an event. The application is further set to configure the portable electronic device (SC, TK), and to be successfully executable at most once. The invention also relate to a manufacturing equipment (M) for configuring a portable electronic device (SC, TK) and to a method for configuring a portable electronic device (SC, TK).

Abstract: The invention is a method of transferring user data from a first instance of a package to a second instance of another package corresponding to an upgraded version. The first instance stores the user data in its own storage format. The two instances are embedded in a secure element. The method comprises the steps of: establishing a direct channel within the portable secure device between the two instances, the first instance gets in a locked state where it refuses any service requests except the communication with the second instance, prepares a pack by formatting the user data in a transport format, and automatically sends the pack to the second instance through the direct channel, the second instance retrieves the user data from the pack and stores the user data in another storage format.

Abstract: The present invention relates to a method for data transmission from a wireless device to a base node, the base node is part of a cellular network and is configured to support frequency division multiple access method, the bandwidth receivable by the base node comprising a plurality of subcarriers, the wireless device is camping on the base node, the method comprises the steps of: —for the base node, assigning to the wireless device a subcarrier of the plurality of subcarriers, —transmitting data from the wireless device to the base node for the period of at least one data service session using only the assigned subcarrier, whereby using for said data transmission a first modulation scheme on the assigned subcarrier different from the modulation scheme used for more than one of the plurality of the subcarriers by at least one second wireless device camping on said base node.