Patents by Inventor Renato Cantini
Renato Cantini has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230147772Abstract: A method for adapting the security settings of a communication station (12) depending on a security relevant event is disclosed, wherein the communication station (12) comprises a mobile terminal (16) with an identification module (18). In a first step, the security relevant event occurring in said communication station and/or said mobile terminal (16) is identified in an event handler (26, 261, 262, 27) and stored in an event registry (28). In a second step, a security registry (30) in the identification module (18) is updated according to the identified event. In a third step, the security level of the communication station (12) and/or the mobile terminal (16) is adapted according to the security registry (30) of the identification module (18). The invention also relates to a communication station (12) and to an identification module (18).Type: ApplicationFiled: January 4, 2023Publication date: May 11, 2023Applicant: InterDigital CE Patent Holdings, SASInventors: Renato Cantini, Paul Aebi
-
Publication number: 20220014919Abstract: A method for adapting the security settings of a communication station (12) depending on a security relevant event is disclosed, wherein the communication station (12) comprises a mobile terminal (16) with an identification module (18). In a first step, the security relevant event occurring in said communication station and/or said mobile terminal (16) is identified in an event handler (26, 261, 262, 27) and stored in an event registry (28). In a second step, a security registry (30) in the identification module (18) is updated according to the identified event. In a third step, the security level of the communication station (12) and/or the mobile terminal (16) is adapted according to the security registry (30) of the identification module (18). The invention also relates to a communication station (12) and to an identification module (18).Type: ApplicationFiled: July 1, 2021Publication date: January 13, 2022Inventors: Renato Cantini, Paul Aebi
-
Patent number: 11153755Abstract: Methods and systems are provided for managing security of a communication setup. The communication setup may be associated with an identification module that stores identification information used in a communications network. Security related data stored in the identification module may be updated based on an event that relates to hardware configuration of the communication setup, and security functions in the communication setup may be controlled based on the security related data. Controlling the security functions may comprise restricting access setup applications in the identification module by other components of the communication setup, limiting right of one or more applications executed in the communication setup, and/or determining authentication requirements for an application run by the identification module. The communication setup may comprise a workstation and a mobile terminal with the identification module.Type: GrantFiled: January 25, 2016Date of Patent: October 19, 2021Inventors: Renato Cantini, Paul Aebi
-
Patent number: 9531681Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyzes and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: GrantFiled: August 13, 2015Date of Patent: December 27, 2016Assignee: NAGRAVISION S.A.Inventors: Rached Ksontini, Renato Cantini
-
Publication number: 20160323747Abstract: Methods and systems are provided for managing security of a communication setup. The communication setup may be associated with an identification module that stores identification information used in a communications network. Security related data stored in the identification module may be updated based on an event that relates to hardware configuration of the communication setup, and security functions in the communication setup may be controlled based on the security related data. Controlling the security functions may comprise restricting access setup applications in the identification module by other components of the communication setup, limiting right of one or more applications executed in the communication setup, and/or determining authentication requirements for an application run by the identification module. The communication setup may comprise a workstation and a mobile terminal with the identification module.Type: ApplicationFiled: January 25, 2016Publication date: November 3, 2016Inventors: Renato Cantini, Paul Aebi
-
Patent number: 9276961Abstract: Methods and systems are provided for adapting security settings of a communication station based on security relevant events. The communication station may be associated with an identification module. A security registry in the identification module may be updated according to an identified security related event occurring in the communication station, and a security level of the communication station may be adapted and/or enforced according to the security registry (e.g., as updated according to the identified even) of the identification module. The security relevant event may be identified and stored in an event registry, in one or both of the communication station and the identification module. The communication station may comprise a workstation and a mobile terminal that includes the identification module.Type: GrantFiled: July 9, 2014Date of Patent: March 1, 2016Assignee: SWISSCOM AGInventors: Renato Cantini, Paul Aebi
-
Publication number: 20150350169Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: ApplicationFiled: August 13, 2015Publication date: December 3, 2015Inventors: Rached KSONTINI, Renato CANTINI
-
Patent number: 9143888Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyzes and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: GrantFiled: July 16, 2014Date of Patent: September 22, 2015Assignee: NAGRAVISION S.A.Inventors: Rached Ksontini, Renato Cantini
-
Publication number: 20150007257Abstract: Methods and systems are provided for adapting security settings of a communication station based on security relevant events. The communication station may be associated with an identification module. A security registry in the identification module may be updated according to an identified security related event occurring in the communication station, and a security level of the communication station may be adapted and/or enforced according to the security registry (e.g., as updated according to the identified even) of the identification module. The security relevant event may be identified and stored in an event registry, in one or both of the communication station and the identification module. The communication station may comprise a workstation and a mobile terminal that includes the identification module.Type: ApplicationFiled: July 9, 2014Publication date: January 1, 2015Inventors: Renato Cantini, Paul Aebi
-
Publication number: 20140321646Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: ApplicationFiled: July 16, 2014Publication date: October 30, 2014Inventors: Rached KSONTINI, Renato CANTINI
-
Patent number: 8813253Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: GrantFiled: July 25, 2012Date of Patent: August 19, 2014Assignee: Nagravision S.A.Inventors: Rached Ksontini, Renato Cantini
-
Patent number: 8792858Abstract: A method for adapting the security settings of a communication station (12) depending on a security relevant event is disclosed, wherein the communication station (12) comprises a mobile terminal (16) with an identification module (18). In a first step, the security relevant event occurring in said communication station and/or said mobile terminal (16) is identified in an event handler (26, 261, 262, 27) and stored in an event registry (28). In a second step, a security registry (30) in the identification module (18) is updated according to the identified event. In a third step, the security level of the communication station (12) and/or the mobile terminal (16) is adapted according to the security registry (30) of the identification module (18). The invention also relates to a communication station (12) and to an identification module (18).Type: GrantFiled: October 3, 2006Date of Patent: July 29, 2014Assignee: Swisscom AGInventors: Renato Cantini, Paul Aebi
-
Patent number: 8509737Abstract: For a communication terminal (10), proposed is a security module (1) configured to authenticate a telecommunications network (2). The security module (1) comprises a locking module (12), for disabling usability of an application module (11), an unlocking module (13), for re-enabling usability of the application module (11), and a control module (14) for activating the unlocking module (13), depending on received data that is assignable in an authenticated way to a specific telecommunications network (2). The control module (14) is configured to activate the locking module (12) depending on the selection and usage of the application module (11). The control module (14) is configured to activate the unlocking module (12) depending on the reception of authorization messages, that can be authenticated, or authentication data of the telecommunications network (2).Type: GrantFiled: June 23, 2006Date of Patent: August 13, 2013Assignee: Swisscom AGInventors: Renato Cantini, Paul Aebi
-
Publication number: 20120314859Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: ApplicationFiled: July 25, 2012Publication date: December 13, 2012Inventors: Rached Ksontini, Renato Cantini
-
Patent number: 8261365Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.Type: GrantFiled: November 26, 2004Date of Patent: September 4, 2012Assignee: Nagravision S.A.Inventors: Rached Ksontini, Renato Cantini
-
Patent number: 8001615Abstract: A method for managing the security of applications with a security module associated to an equipment connected to a network managed by a control server of an operator. The applications use resources as data or functions stored in the security module locally connected to the equipment. The method may include steps of receiving, analyzing and verifying, by the control server, identification data from the equipment and the security module, generating a cryptogram from the result of the verification of the identification data, transmitting the cryptogram to the security module of the equipment, and selectively activating or selectively deactivating by the security module at least one resource as data or functions of the security module by executing instructions included in the cryptogram and conditioning the functioning of an application according to criteria established by a supplier of the application or the operator or a user of the equipment.Type: GrantFiled: November 3, 2004Date of Patent: August 16, 2011Assignees: Nagravision S.A., Swisscom Mobile AGInventors: Rached Ksontini, Renato Cantini
-
Patent number: 7967200Abstract: The invention relates to an authorization verification method and devices suited therefor, which play back authorization data via a user interface (11) of an electronic playback device (1). During the playback of authorization data via the user interface (11) of a first playback device (1), the playback attributes are modified. The playback of authorization data via the user interface (11) of the first playback device (1) is compared with the playback of reference data via a user interface (21) of a second electronic playback device (2). Authorization is granted in the event the playback of authorization data via the user interface (11) of the first playback device (1) matches the playback of reference data via the user interface (21) of the second playback device (2), and modifications of the playback attributes are, in essence, time-synchronized.Type: GrantFiled: November 17, 2009Date of Patent: June 28, 2011Assignee: Swisscom AGInventors: Roger Lagadec, Renato Cantini, Bruno Messmer
-
Patent number: 7801492Abstract: Proposed are a method and a system for management of resources of portable resource modules, each connected to a communication terminal, which modules comprise electronic memory units and are designed in particular as chipcards. A first resource management instruction comprising a module identification is transmitted to a resource management center. A second resource management instruction is transmitted from the resource management center via a communication network to the resource module identified through the module identification. In the particular resource module, resources are made ready or released by a resource control mechanism corresponding to the received second resource management instruction. A resource management confirmation is transmitted by the particular resource module via the communication network to the resource management center, and in the resource management center information about the resources made ready or released is stored assigned to the module identification.Type: GrantFiled: December 31, 2008Date of Patent: September 21, 2010Assignees: Swisscom AG, NagraCard S.A.Inventors: Renato Cantini, Karin Busch Lauper, Roger Lagadec
-
Publication number: 20100059588Abstract: The invention relates to an authorization verification method and devices suited therefor, which play back authorization data via a user interface (11) of an electronic playback device (1). During the playback of authorization data via the user interface (11) of a first playback device (1), the playback attributes are modified. The playback of authorization data via the user interface (11) of the first playback device (1) is compared with the playback of reference data via a user interface (21) of a second electronic playback device (2). Authorization is granted in the event the playback of authorization data via the user interface (11) of the first playback device (1) matches the playback of reference data via the user interface (21) of the second playback device (2), and modifications of the playback attributes are, in essence, time-synchronized.Type: ApplicationFiled: November 17, 2009Publication date: March 11, 2010Inventors: Roger Lagadec, Renato Cantini, Bruno Messmer
-
Patent number: 7658328Abstract: The invention relates to an authorization verification method and devices suited therefor, which play back authorization data via a user interface (11) of an electronic playback device (1). During the playback of authorization data via the user interface (11) of a first playback device (1), the playback attributes are modified. The playback of authorization data via the user interface (11) of the first playback device (1) is compared with the playback of reference data via a user interface (21) of a second electronic playback device (2). Authorization is granted in the event the playback of authorization data via the user interface (11) of the first playback device (1) matches the playback of reference data via the user interface (21) of the second playback device (2), and modifications of the playback attributes are, in essence, time-synchronized.Type: GrantFiled: October 15, 2004Date of Patent: February 9, 2010Assignee: Swisscom AGInventors: Roger Lagadec, Renato Cantini, Bruno Messmer