Abstract: A method for adapting the security settings of a communication station (12) depending on a security relevant event is disclosed, wherein the communication station (12) comprises a mobile terminal (16) with an identification module (18). In a first step, the security relevant event occurring in said communication station and/or said mobile terminal (16) is identified in an event handler (26, 261, 262, 27) and stored in an event registry (28). In a second step, a security registry (30) in the identification module (18) is updated according to the identified event. In a third step, the security level of the communication station (12) and/or the mobile terminal (16) is adapted according to the security registry (30) of the identification module (18). The invention also relates to a communication station (12) and to an identification module (18).

Abstract: A method for adapting the security settings of a communication station (12) depending on a security relevant event is disclosed, wherein the communication station (12) comprises a mobile terminal (16) with an identification module (18). In a first step, the security relevant event occurring in said communication station and/or said mobile terminal (16) is identified in an event handler (26, 261, 262, 27) and stored in an event registry (28). In a second step, a security registry (30) in the identification module (18) is updated according to the identified event. In a third step, the security level of the communication station (12) and/or the mobile terminal (16) is adapted according to the security registry (30) of the identification module (18). The invention also relates to a communication station (12) and to an identification module (18).

Abstract: Methods and systems are provided for managing security of a communication setup. The communication setup may be associated with an identification module that stores identification information used in a communications network. Security related data stored in the identification module may be updated based on an event that relates to hardware configuration of the communication setup, and security functions in the communication setup may be controlled based on the security related data. Controlling the security functions may comprise restricting access setup applications in the identification module by other components of the communication setup, limiting right of one or more applications executed in the communication setup, and/or determining authentication requirements for an application run by the identification module. The communication setup may comprise a workstation and a mobile terminal with the identification module.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyzes and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: Methods and systems are provided for managing security of a communication setup. The communication setup may be associated with an identification module that stores identification information used in a communications network. Security related data stored in the identification module may be updated based on an event that relates to hardware configuration of the communication setup, and security functions in the communication setup may be controlled based on the security related data. Controlling the security functions may comprise restricting access setup applications in the identification module by other components of the communication setup, limiting right of one or more applications executed in the communication setup, and/or determining authentication requirements for an application run by the identification module. The communication setup may comprise a workstation and a mobile terminal with the identification module.

Abstract: Methods and systems are provided for adapting security settings of a communication station based on security relevant events. The communication station may be associated with an identification module. A security registry in the identification module may be updated according to an identified security related event occurring in the communication station, and a security level of the communication station may be adapted and/or enforced according to the security registry (e.g., as updated according to the identified even) of the identification module. The security relevant event may be identified and stored in an event registry, in one or both of the communication station and the identification module. The communication station may comprise a workstation and a mobile terminal that includes the identification module.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyzes and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: Methods and systems are provided for adapting security settings of a communication station based on security relevant events. The communication station may be associated with an identification module. A security registry in the identification module may be updated according to an identified security related event occurring in the communication station, and a security level of the communication station may be adapted and/or enforced according to the security registry (e.g., as updated according to the identified even) of the identification module. The security relevant event may be identified and stored in an event registry, in one or both of the communication station and the identification module. The communication station may comprise a workstation and a mobile terminal that includes the identification module.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: A method for adapting the security settings of a communication station (12) depending on a security relevant event is disclosed, wherein the communication station (12) comprises a mobile terminal (16) with an identification module (18). In a first step, the security relevant event occurring in said communication station and/or said mobile terminal (16) is identified in an event handler (26, 261, 262, 27) and stored in an event registry (28). In a second step, a security registry (30) in the identification module (18) is updated according to the identified event. In a third step, the security level of the communication station (12) and/or the mobile terminal (16) is adapted according to the security registry (30) of the identification module (18). The invention also relates to a communication station (12) and to an identification module (18).

Abstract: For a communication terminal (10), proposed is a security module (1) configured to authenticate a telecommunications network (2). The security module (1) comprises a locking module (12), for disabling usability of an application module (11), an unlocking module (13), for re-enabling usability of the application module (11), and a control module (14) for activating the unlocking module (13), depending on received data that is assignable in an authenticated way to a specific telecommunications network (2). The control module (14) is configured to activate the locking module (12) depending on the selection and usage of the application module (11). The control module (14) is configured to activate the unlocking module (12) depending on the reception of authorization messages, that can be authenticated, or authentication data of the telecommunications network (2).

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: Authentication method of at least one application using resources stored in a security module associated to an equipment connected to a control server via a network. The control server receives via the network, analyses and verifies identification data comprising at least an identifier of the equipment and an identifier of the security module, generates a cryptogram comprising a digest of the application, the identification data and instructions intended for the security module and transmits the cryptogram, via the network and the equipment, to the security module. The latter verifies the application by comparing the digest extracted from the cryptogram with a calculated digest, wherein, during at least one of initialization and activation of the application, the security module executes the instructions extracted from the cryptogram and either releases or blocks access to certain resources of said security module according to a result of the verification of the application.

Abstract: A method for managing the security of applications with a security module associated to an equipment connected to a network managed by a control server of an operator. The applications use resources as data or functions stored in the security module locally connected to the equipment. The method may include steps of receiving, analyzing and verifying, by the control server, identification data from the equipment and the security module, generating a cryptogram from the result of the verification of the identification data, transmitting the cryptogram to the security module of the equipment, and selectively activating or selectively deactivating by the security module at least one resource as data or functions of the security module by executing instructions included in the cryptogram and conditioning the functioning of an application according to criteria established by a supplier of the application or the operator or a user of the equipment.

Abstract: The invention relates to an authorization verification method and devices suited therefor, which play back authorization data via a user interface (11) of an electronic playback device (1). During the playback of authorization data via the user interface (11) of a first playback device (1), the playback attributes are modified. The playback of authorization data via the user interface (11) of the first playback device (1) is compared with the playback of reference data via a user interface (21) of a second electronic playback device (2). Authorization is granted in the event the playback of authorization data via the user interface (11) of the first playback device (1) matches the playback of reference data via the user interface (21) of the second playback device (2), and modifications of the playback attributes are, in essence, time-synchronized.

Abstract: Proposed are a method and a system for management of resources of portable resource modules, each connected to a communication terminal, which modules comprise electronic memory units and are designed in particular as chipcards. A first resource management instruction comprising a module identification is transmitted to a resource management center. A second resource management instruction is transmitted from the resource management center via a communication network to the resource module identified through the module identification. In the particular resource module, resources are made ready or released by a resource control mechanism corresponding to the received second resource management instruction. A resource management confirmation is transmitted by the particular resource module via the communication network to the resource management center, and in the resource management center information about the resources made ready or released is stored assigned to the module identification.

Abstract: The invention relates to an authorization verification method and devices suited therefor, which play back authorization data via a user interface (11) of an electronic playback device (1). During the playback of authorization data via the user interface (11) of a first playback device (1), the playback attributes are modified. The playback of authorization data via the user interface (11) of the first playback device (1) is compared with the playback of reference data via a user interface (21) of a second electronic playback device (2). Authorization is granted in the event the playback of authorization data via the user interface (11) of the first playback device (1) matches the playback of reference data via the user interface (21) of the second playback device (2), and modifications of the playback attributes are, in essence, time-synchronized.

Abstract: The invention relates to an authorization verification method and devices suited therefor, which play back authorization data via a user interface (11) of an electronic playback device (1). During the playback of authorization data via the user interface (11) of a first playback device (1), the playback attributes are modified. The playback of authorization data via the user interface (11) of the first playback device (1) is compared with the playback of reference data via a user interface (21) of a second electronic playback device (2). Authorization is granted in the event the playback of authorization data via the user interface (11) of the first playback device (1) matches the playback of reference data via the user interface (21) of the second playback device (2), and modifications of the playback attributes are, in essence, time-synchronized.