Abstract: A method for unique authentication of a user including federating an identity of said user for said service provider and an identity of the user for an identity provider, the federating including the steps of generating a user alias for that service provider and sending said identity provider a masked alias deduced from said alias, the identity provider associating said masked alias for that service provider with the identity of the user for the identity provider and sending the user elements for calculation by the user of a signature of a message containing the non-masked alias calculating said signature and sending the service provider said message with said signature, and the service provider verifying said signature, authenticating the user, and associating said alias with the user's identity.

Abstract: A system for managing sensitive personal data includes a first data processing subsystem and a second data processing subsystem. The first data processing subsystem includes a generating unit and a private database. The generating unit generates a common key from data identifying a person. The private database associates the common key with the identification data. The second data processing subsystem includes an obtaining unit, a generating unit, a receiving unit and a storing unit. The obtaining unit obtains the common key. The generating unit generates a random number from the common key. The receiving unit receives a registration message including sensitive personal data of the person and the random number. The storing unit stores the personal data in a second database in association with the random number and the common key.

Abstract: The present invention relates to a method of access to a service consisting in i) identifying and registering a client (C), ii) authenticating the client to an anonymous certification authority, iii) authenticating the client by producing an anonymous signature and opening and maintaining an anonymous authentication session with a server (Se), and iv) selectively allowing contact between the server (Se) and the anonymous certification authority (ACA) to revoke the anonymity of the client (C) using the signature provided in step iii). The invention also relates to a system for opening and maintaining an authentication session guaranteeing non-repudiation.

Abstract: The invention relates to a method for unique authentication of a user (U) by at least one service provider (SP), said method including a preliminary identity federation stage of federating an identity (user@sp) of said user for said service provider and an identity (user@idp) of the user (U) for an identity provider (IdP).

Abstract: A system for managing sensitive personal data (DD_A) includes two databases (45, 35) hosted by two independent subsystems (40, 30). One of these databases associates data (ID_A) identifying a person (A) with a common key (IDC_A) shared with the second database, which associates that common key (IDC_A) with the sensitive personal data (DD_A) of that person (A).

Abstract: The present invention relates to a method of access to a service consisting in i) identifying and registering a client (C), ii) authenticating the client to an anonymous certification authority, iii) authenticating the client by producing an anonymous signature and opening and maintaining an anonymous authentication session with a server (Se), and iv) selectively allowing contact between the server (Se) and the anonymous certification authority (ACA) to revoke the anonymity of the client (C) using the signature provided in step iii). The invention also relates to a system for opening and maintaining an authentication session guaranteeing non-repudiation.