Abstract: The present disclosure relates to a method including: the generation, by a computing device, of a first key and a bootstrapping key; the provision of the first key and an identifier of the bootstrapping key to an electronic device and the provision of the bootstrapping key and the identifier to a server; the fully homomorphic encryption, by the electronic device, of a first data value, stored in the electronic device, by using the first key; and the provision, by the electronic device, of the encrypted first data value and of the identifier, to the server.

Abstract: In an embodiment an electronic device includes at least a first electronic module, a secure element, a router configured to transmit first data between the first module and a second module and a third-party module different from the first module and the second module, wherein the electronic device is configured to verify, via an authentication method, whether the third-party module is authorized when it requests access to the first data.

Abstract: A method of managing memory in an integrated circuit card comprising a non-volatile memory portion and a RAM memory portion, the method comprising creating in a non-volatile memory heap one or more array pointers, corresponding to one or more transient arrays to be allocated, each array pointer comprising a transient array size and a transient array address, wherein the creating comprises creating one or more array pointers comprising as transient array address a logical address of the area of the RAM memory portion in which the respective transient array is to be allocated, and assigning then in the RAM memory area memory only to transient arrays, corresponding to the respective one or more array pointers, which comprise at least a value different from zero.

Abstract: A tamper resistant device can be used for an integrated circuit card. The device includes memory storing a first security domain that includes a telecommunication profile and a second security domain that includes an application profile. A first physical interface is configured to be coupled to a baseband processor configured to operate with a mobile telecommunications network. A second physical interface configured to be coupled to an application processor. The first physical interface configured to allow the baseband processor to access the telecommunication profile and the second physical interface is configured to allow the application processor to access the application profile. The tamper resistant device is configured to enable accessibility to the application profile if corresponding commands are received at the first interface and to enable accessibility to the telecommunication profile if corresponding commands are received at the second interface.

Abstract: A secure device operating with a secure tamper-resistant platform including a tamper-resistant hardware platform and a virtual primary platform operating with a low level operating system performing an abstraction of resources of the hardware platform, and a secondary platform with a high level operating system providing a further abstraction of resources to applications in which respective internal hosts are embedded, the secure device including an internal host domain including the internal hosts, the secure device including a plurality of physical and/or logical input/output interfaces through which external hosts can access the internal hosts, the virtual primary platform being configured to set interactions between the external hosts and the internal hosts, wherein the internal host domain includes a further set of virtual hosts each configured to operate as a proxy between an input/output interface and an application, each input/output interface being configured to address only one among the virtual hos

Abstract: A method for concealing a subscription identifier at a user equipment including a mobile equipment and an integrated circuit card storing the subscription identifier, the method including receiving a corresponding request by a server to provide a corresponding subscription identifier, performing an elliptical curve encryption of the subscription identifier generating a concealed subscription identifier, the concealing operation including the mobile equipment sending an identity retrieve command to the card, performing, before receiving the identity retrieve command at the card, a pre-calculation of the ephemeral key pair including an ephemeral private key and ephemeral public key and the shared secret key, and in response to the respective state of completion indicating that completion of the computation of a valid ephemeral key pair or shared secret key, storing the corresponding values of the ephemeral key pair and shared secret key in a table in a memory of the card.

Abstract: A method for the personalization of an integrated circuit card, includes: simulating a downloading of a single image corresponding to a fixed part of personalization data of the integrated circuit card; simulating an execution of a sequence of personalization commands for the integrated circuit card to generate a set of personalization data; combining the set of personalization data with the single image to obtain a card image comprising the fixed part of personalization data and the set of personalization data; encrypting the card image to obtain an encrypted single image; and downloading the encrypted single image in a memory of the integrated circuit card.

Abstract: A communication device includes an integrated smart card and a software profile management module. The software profile management module is configured to store profiles in the smart card, receive an operation request that includes an indication of a requested operation and an identifier of the smart card, check whether the operation request corresponds to an identifier of the smart card that is available in a repository server, and perform the requested operation only if the operation request is available in the repository server.

Abstract: An embedded electronic system includes a volatile memory and a processor configured to execute a low-level operating system that manages allocation of areas of the volatile memory to a plurality of high-level operating systems. Each high-level operating system executes one or more applications. The system is configured so that execution data of one or a plurality of tasks of a first application are partly transferred, by the low-level operating system, from the volatile memory to a non-volatile memory when the execution of the task of the first application is interrupted by the execution of a task of a second application. The system is also configured so that the applications of any one of the high-level operating systems do not have access to the areas of the volatile memory allocated to the applications of all the other high-level operating systems.

Abstract: An embedded electronic system includes a volatile memory and a processor configured to execute a low-level operating system that manages allocation of areas of the volatile memory to a plurality of high-level operating systems. Each high-level operating system executes one or more of applications. The volatile memory includes a first portion reserved for execution data of a first application and a second portion intended to store execution data of a second application. The system is configured so that once the execution data of the first application are loaded in the first portion, the low-level operating system forbids unloading of the execution data of the first application from the first portion so that the execution data of the first application remain in the volatile memory in case of a deactivation or of a setting to standby of the first application.

Abstract: A method for managing storage of an operating system in an integrated circuit card, includes: subdividing an operating system into a plurality of operating system components; associating one or more operating system components of the plurality of operating system components to a descriptor indicating a version of the one or more operating system components; downloading the one or more operating system components to a memory of the integrated circuit card, wherein the downloading includes verifying if an operating system component stored in the integrated circuit card is a same version of the one or more operating system components being downloaded; based on the verifying, storing the one or more operating system components in the card if the version is different; and based on the verifying discarding the one or more operating system components from the download operation if the version is the same.

Abstract: An embodiment apparatus comprises a first processing system executing a first portion of a neural network comprising a first subset of a set of neural network layers providing a first intermediate output, and a second processing system receiving the first intermediate output, and operating a second portion of the neural network comprising a second subset of the set of layers providing a respective output, the second processing system configured to supply to the first processing system an output information function of the respective output, and the first processing system configured to obtain as a function of the output information a final output of the neural network. The second processing system includes a secure element storing a model of the second portion, and executes the second portion by applying the input information to the model of the second portion to provide the respective output.

Abstract: A secure device operating with a secure tamper-resistant platform including a tamper-resistant hardware platform and a virtual primary platform operating with a low level operating system performing an abstraction of resources of the hardware platform, and a secondary platform with a high level operating system providing a further abstraction of resources to applications in which respective internal hosts are embedded, the secure device including an internal host domain including the internal hosts, the secure device including a plurality of physical and/or logical input/output interfaces through which external hosts can access the internal hosts, the virtual primary platform being configured to set interactions between the external hosts and the internal hosts, wherein the internal host domain includes a further set of virtual hosts each configured to operate as a proxy between an input/output interface and an application, each input/output interface being configured to address only one among the virtual hos

Abstract: A communication device includes an integrated smart card and a software profile management module. The software profile management module is configured to store profiles in the smart card, receive an operation request that includes an indication of a requested operation and an identifier of the smart card, check whether the operation request corresponds to an identifier of the smart card that is available in a repository server, and perform the requested operation only if the operation request is available in the repository server.

Abstract: A tamper resistant device can be used for an integrated circuit card. The device includes memory storing a first security domain that includes a telecommunication profile and a second security domain that includes an application profile. A first physical interface is configured to be coupled to a baseband processor configured to operate with a mobile telecommunications network. A second physical interface configured to be coupled to an application processor. The first physical interface configured to allow the baseband processor to access the telecommunication profile and the second physical interface is configured to allow the application processor to access the application profile. The tamper resistant device is configured to enable accessibility to the application profile if corresponding commands are received at the first interface and to enable accessibility to the telecommunication profile if corresponding commands are received at the second interface.

Abstract: A method for managing storage of an operating system in an integrated circuit card, includes: subdividing an operating system into a plurality of operating system components; associating one or more operating system components of the plurality of operating system components to a descriptor indicating a version of the one or more operating system components; downloading the one or more operating system components to a memory of the integrated circuit card, wherein the downloading includes verifying if an operating system component stored in the integrated circuit card is a same version of the one or more operating system components being downloaded; based on the verifying, storing the one or more operating system components in the card if the version is different; and based on the verifying discarding the one or more operating system components from the download operation if the version is the same.

Abstract: A method for the personalization of an integrated circuit card, includes: simulating a downloading of a single image corresponding to a fixed part of personalization data of the integrated circuit card; simulating an execution of a sequence of personalization commands for the integrated circuit card to generate a set of personalization data; combining the set of personalization data with the single image to obtain a card image comprising the fixed part of personalization data and the set of personalization data; encrypting the card image to obtain an encrypted single image; and downloading the encrypted single image in a memory of the integrated circuit card.

Abstract: A method is provided for performing a management of a multi-subscription SIM module. The multi-subscription SIM module includes at least one memory adapted to store at least a first and a second profile associated with a respective first and a second mobile network operator. The memory includes a volatile portion. The operation of storing includes installing or updating profiles by downloading one or more downloaded profiles from a remote host. The management includes selecting one or more enabled profiles including an application to be executed and allocating a partition of the volatile portion of the memory to the one or more enabled profile.

Abstract: A method is provided for performing a management of a multi-subscription SIM module. The multi-subscription SIM module includes at least one memory adapted to store at least a first and a second profile associated with a respective first and a second mobile network operator. The memory includes a volatile portion. The operation of storing includes installing or updating profiles by downloading one or more downloaded profiles from a remote host. The management includes selecting one or more enabled profiles including an application to be executed and allocating a partition of the volatile portion of the memory to the one or more enabled profile.

Abstract: A method is provided for performing a management of a multi-subscription SIM module. The multi-subscription SIM module includes at least one memory adapted to store at least a first and a second profile associated with a respective first and a second mobile network operator. The memory includes a volatile portion. The operation of storing includes installing or updating profiles by downloading one or more downloaded profiles from a remote host. The management includes selecting one or more enabled profiles including an application to be executed and allocating a partition of the volatile portion of the memory to the one or more enabled profile.