Abstract: The invention relates to a secure portable object of the smart card type comprising (a) an object body and (b) a micro-module comprising a processor and at least one memory in which a first application executed by a first execution engine in a first execution space is stored. The invention is characterized in that a second application is further stored in the said at least one memory, where the said second application is executed by a second execution engine distinct from the first execution engine, in a second execution space distinct from the first execution space. The invention particularly applies to smart cards.

Abstract: A mobile station includes a radio section which communicates with a base station, and a short-range radio section for performing short range radio communication independently of the radio section. A backlight mounted on a display portion of the mobile station can be selectively turned on and off. The operation of the short-range radio section is disabled when the backlight is deactivated, and the operation of the short-range radio section is enabled when the backlight is activated.

Abstract: The invention relates to a system and method for making data secure. The inventive system is characterized in that it comprises:—a monotonic counter;—a computational entity;—a physical data medium comprising one or a plurality of data blocks, a first master block comprising the last value recovered from the monotonic counter, an identifier of the last data block written on said medium, a first authentication code guaranteeing the authenticity of the written data block or blocks, a second authentication code calculated from the last written data block, said data being fixed at a neutral value, and a third authentication code guaranteeing the authenticity of the first master block, and a second master block forming a replica of the first master block; and—an authentication key. The invention is used, in particular, to make data secure against playback and sudden interruptions in service in embedded systems.

Abstract: The invention relates to a method for securing a user interface that comprises a user interface including one or more peripheral hardware devices of the user interface for interaction with said interface, said peripheral hardware devices being driven by driver software, and one or more applications using the user interface. The invention also relates to a method for securing such an interface. The system of the invention is characterised in that the same further comprises a hypervisor and one or more virtual machines, the drivers of the peripheral hardware devices of the user interface being divided into two portions, i.e. a main portion of said drivers under the control of the hypervisor and a front-end portion of said drivers under the control of the virtual machines, wherein the front-end portion of the securing software component is in charge of managing the front-end portion of the drivers and the main portion of the securing software component is in charge of managing the main portion of the drivers.

Abstract: (EN)An electronic system (1) comprises a trusted processor (2), a trusted cache memory (3) and a mass storage memory (4). The data are stored in the mass storage memory (4), where the memories are divided into blocks, each block is identified by an address and the data are addressed via a verification tree. The verification tree is a tree structure comprising nodes where descendent nodes are attached to a root node and each node stores the address of the block containing each of its child nodes and a digest value of each block. A method for the verification of the data of such an electronic system comprises access to searched data at the same time reporting the corruption of data if a calculated digest is different from the current digest value.

Abstract: A method of securing a telecommunication terminal that is connected to a module used to identify a user of the terminal is described. The method includes a step including executing a procedure in which the terminal is matched to the identification module, consisting in: securely loading a first software program including a data matching key onto the identification module; securely loading a second software program which can operate in conjunction with the first software program onto the telecommunication terminal; transmitting a data matching key that corresponds to that of the first software program to the second software program; storing the transmitted data matching key in the secured storage zone of the telecommunication terminal; and conditionally submitting every response from the first software program to a request from the second software program upon verification at the true value of the valid possession of the data matching key by the second program.

Abstract: A method for loading, installing and running software, called loading units, having different levels of confidence by a data processing unit (1). The method includes at least associating at least one structure of information data concerning security requirements and characteristics of this loading unit with each loading unit (2, 3, 7); associating a dynamic data structure (10) representative of the state of security in the data processing unit (1) to the data processing unit (1); validating the security requirements and characteristics of each loading unit (2, 3, 7) with regard to the state in the data processing unit (1) contained in the dynamic data structure (10via an autonomous security module (9), and; if the validation is positive, authorizing, via the security module (9), the loading, installation or running of the loading unit (2, 3, 7).

Abstract: The inventive method for controlling access to data which is used by reference in a program execution system (including processes and aims) during the program execution consists in memorising by the system the totality of references obtainable by said program with the aid of means considered legal, before any operation which can be prohibited if it relates to values which are not legal references, in verifying by the system whether said values are amongst the legal references memorized for the program and in accepting or rejecting the operation, respectively.

Abstract: A mobile station includes a radio section which communicates with a base station, and a short-range radio section for performing short range radio communication independently of the radio section. A backlight mounted on a display portion of the mobile station can be selectively turned on and off. The operation of the short-range radio section is disabled when the backlight is deactivated, and the operation of the short-range radio section is enabled when the backlight is activated.

Abstract: The invention relates to a secure portable object of the smart card type comprising (a) an object body and (b) a micro-module comprising a processor and at least one memory in which a first application executed by a first execution engine in a first execution space is stored. The invention is characterised in that a second application is further stored in the said at least one memory, where the said second application is executed by a second execution engine distinct from the first execution engine, in a second execution space distinct from the first execution space. The invention particularly applies to smart cards.

Abstract: A secure system (1) for processing data includes a first device (2), and at least one second device (3) is characterized in that—each second device (3) comprises monitoring elements (7) suitable for transmitting operating information to the first device (2), and—the first device (2) includes elements (8) for storing a behavioral model of each second device (3) and elements (9) for comparing the operating information received from each second device (3) with the behavioral model so as to determine whether the operation of the second device (3) is compliant with the behavioral model stored, and validation elements (10) suitable for preventing the running of a sensitive operation on this second device or for instructing a change of state of the second device if the second device does not manifest compliant operation. A method and a computer program are also described.

Abstract: (EN)An electronic system (1) comprises a trusted processor (2), a trusted cache memory (3) and a mass storage memory (4). The data are stored in the mass storage memory (4), where the memories are divided into blocks, each block is identified by an address and the data are addressed via a verification tree. The verification tree is a tree structure comprising nodes where descendent nodes are attached to a root node and each node stores the address of the block containing each of its child nodes and a digest value of each block. A method for the verification of the data of such an electronic system comprises access to searched data at the same time reporting the corruption of data if a calculated digest is different from the current digest value.

Abstract: According to the inventive method, the chip card, a counting function (FC), a counter (Cpt) and a private key (Cf) stored in the write-only part of the memory region are stored in a persistent memory, the counter and the private key (Cf) being accessible only by the counting function (FC). When the chip card receives a counter request emitted by an requesting entity (ER), the counting function (FC) performs a modification of the counter (Cpt) and a calculation of a signature, and sends a response to the applicant entity (ER). When the on-board system receives the response to the counter request, the signature contained in the response is checked.

Abstract: The invention relates to a system and method for making data secure. The inventive system is characterized in that it comprises:—a monotonic counter;—a computational entity;—a physical data medium comprising one or a plurality of data blocks, a first master block comprising the last value recovered from the monotonic counter, an identifier of the last data block written on said medium, a first authentication code guaranteeing the authenticity of the written data block or blocks, a second authentication code calculated from the last written data block, said data being fixed at a neutral value, and a third authentication code guaranteeing the authenticity of the first master block, and a second master block forming a replica of the first master block; and—an authentication key. The invention is used, in particular, to make data secure against playback and sudden interruptions in service in embedded systems.

Abstract: The invention relates to a method for securing a user interface that comprises a user interface including one or more peripheral hardware devices of the user interface for interaction with said interface, said peripheral hardware devices being driven by driver software, and one or more applications using the user interface. The invention also relates to a method for securing such an interface. The system of the invention is characterised in that the same further comprises a hypervisor and one or more virtual machines, the drivers of the peripheral hardware devices of the user interface being divided into two portions, i.e. a main portion of said drivers under the control of the hypervisor and a front-end portion of said drivers under the control of the virtual machines, wherein the front-end portion of the securing software component is in charge of managing the front-end portion of the drivers and the main portion of the securing software component is in charge of managing the main portion of the drivers.

Abstract: The inventive method for controlling a program execution integrity by verifying execution trace prints consists in updating the representative print of an execution path and/or data applied for a program execution, comparing the actual print value (dynamically calculated to an expected value (statistically fixed, equal to a value of the print if the program execution is not disturbed) at a determined program spots and in carrying out a particular processing by the program when the actual print differs from the expected value.

Abstract: The invention relates to a user interface-equipped computing device comprising means for implementing a series of applications, said means including two execution spaces. According to the invention, the applications of the second execution space (100, P1, 200, P2) have a level of security specifically higher than that of the applications of the first execution space (100, P1, 200, P2), said two execution spaces being hosted by a physical processing means which is designed such that it cannot be separated into two parts without destroying the physical processing means.

Abstract: The inventive method for determining operational characteristics of a program includes a verification procedure involving the following stages: the first stage for expressing the operational characteristics of the program in the form of functions related to events producible during possible executions of the program, a second stage for simultaneously estimating, by program analysis, the program structure, the possible ways of execution and values used at different program points and the third stage for determining said characteristics by calculating associated functions by means of information extracted with the aid of the analysis.

Abstract: A method and system for transforming and verifying downloaded programs fragments with data type restriction in an embedded system in which a program fragment being temporarily stored a verification process of the stored program fragment object code is executed instruction by instruction so as to discriminate for each instruction the existence of a target, a branching instruction target, a target of an exception handler call or a target of a subroutine call. On the occurrence of a target of a branching instruction as the current instruction, the empty status of the stack is verified and the program fragment is rejected otherwise. A verification process and updating of the effect of the current instruction on the data types of the type stack and the table of register types is performed. The verification process is successfully executed instruction by instruction until the table of register types is stable, with no modification being present, and interrupted with the program fragment being rejected otherwise.

Abstract: A secure system (1) for processing data includes a first device (2), and at least one second device (3) is characterized in that—each second device (3) comprises monitoring elements (7) suitable for transmitting operating information to the first device (2), and—the first device (2) includes elements (8) for storing a behavioural model of each second device (3) and elements (9) for comparing the operating information received from each second device (3) with the behavioural model so as to determine whether the operation of the second device (3) is compliant with the behavioural model stored, and validation elements (10) suitable for preventing the running of a sensitive operation on this second device or for instructing a change of state of the second device if the second device does not manifest compliant operation. A method and a computer program are also described.