Abstract: A security module (“SM”) implements user cryptographic data by means of a user terminal. The cryptographic data is encrypted by a first encryption key established from a secret key from the terminal and the user's authentication element and by a second encryption key specific to the SM. An authentication is performed between the SM and the terminal, based on an asymmetric cryptographic protocol, and, in the event of a positive authentication of the SM and the terminal, an authentication of the SM and the user is performed. In the event of positive authentication between the SM and the terminal and between the SM and the user, the SM obtains the user's cryptographic data, and the terminal calculates the first encryption key and sends the first encryption key to the SM. The user's cryptographic data is decrypted by the SM using the second encryption key and then the first encryption key.

Abstract: Method of authenticating a signature on a work document in which a remote server generates a digital work fingerprint and a representation file of the work document. The representation file and the digital work fingerprint are transmitted to a client station from the remote server via a wide area communication network, and at least one digital representation fingerprint of the representation file is generated. A file to be signed is generated containing at least the digital work and representation fingerprints. The client station generates only one client signature from the file to be signed, and a client signature file is generated containing at least the file to be signed and the client signature.

Abstract: A security module (“SM”) implements user cryptographic data by means of a user terminal. The cryptographic data is encrypted by a first encryption key established from a secret key from the terminal and the user's authentication element and by a second encryption key specific to the SM. An authentication is performed between the SM and the terminal, based on an asymmetric cryptographic protocol, and, in the event of a positive authentication of the SM and the terminal, an authentication of the SM and the user is performed. In the event of positive authentication between the SM and the terminal and between the SM and the user, the SM obtains the user's cryptographic data, and the terminal calculates the first encryption key and sends the first encryption key to the SM. The user's cryptographic data is decrypted by the SM using the second encryption key and then the first encryption key.

Abstract: Method of authenticating a signature on a work document in which a remote server generates a digital work fingerprint and a representation file of the work document. The representation file and the digital work fingerprint are transmitted to a client station from the remote server via a wide area communication network, and at least one digital representation fingerprint of the representation file is generated. A file to be signed is generated containing at least the digital work and representation fingerprints. The client station generates only one client signature from the file to be signed, and a client signature file is generated containing at least the file to be signed and the client signature.

Abstract: Methods and systems are provided by which a computer system, and in particular, a lockstep fault-tolerant computer system, may be split into a plurality of independently operational subsystems. Each subsystem may be examined, managed or upgraded by an administrator while the overall computer system continues to service end-users. Finally, the separate subsystems may be merged in an efficient fashion and fault-tolerant operation will resume upon the combined system.

Abstract: Methods and systems are provided by which a computer system, and in particular, a lockstep fault-tolerant computer system, may be split into a plurality of independently operational subsystems. Each subsystem may be examined, managed or upgraded by an administrator while the overall computer system continues to service end-users. Finally, the separate subsystems may be merged in an efficient fashion and fault-tolerant operation will resume upon the combined system.

Abstract: The invention includes a method for determining whether a node in a non-recursive network can be removed. The method includes the steps of executing a reachability algorithm for a resource of a system upon initialization of the system. The resource is accessible to the system upon the initialization. A safe to pull manager evaluates the reachability algorithm for each node situated on the network to determine whether the node can be removed without interrupting resource accessibility to the system.