Abstract: A system to perform processing operations of input (video) streams, including is disclosed. The system consists of an input module, a stream type detection engine, a plurality of processing resources a resource monitoring engine, an attribution module, a dispatching module, and various other optional interface modules.

Abstract: Remote subscription management of an eUICC comprising a private key and a public certificate, the public certificate comprising information allowing a subscription manager server to decide if it can agree to manage the eUICC.

Abstract: A method for an eUICC embedded into a machine type communication device to trigger the download of a subscription profile from a first network operator, the eUICC being provisioned with an eUICC identifier and a pre-loaded data set memorizing a range of International Mobile Subscription Identifiers associated to a second network operator by selecting randomly by the eUICC an IMSI number in the range memorized in the pre-loaded data set, sending an attachment request comprising the randomly selected IMSI, receiving in an authentication request message the request for getting the eUICC identifier, as a response, sending to the discovery server a authentication failure message, receiving in an authentication request message a temporary IMSI from the discovery server so that the machine type communication device is able to attach to the first network operator and download the pending subscription profile.

Abstract: A method of replacing an authentication parameter for authenticating a security element co-operating with a terminal includes storing in the security element a first authentication parameter; transmitting to a mobile network operator the first authentication parameter for the operator to record it in its authentication system; on occurrence of an event, having a remote platform transmit to the security element an indicator informing the security element that it is authorized to replace the first authentication parameter with a second authentication parameter if its authentication fails; on occurrence of the event, having the entity transmit to the operator a second authentication parameter to replace the first authentication parameter; and in the event of subsequent failure of the security element to connect to the mobile network and if the indicator is present at the security element, replacing the first authentication parameter with the second authentication parameter at the security element.

Abstract: The invention is a method for managing a response generated by an application embedded in a secure token in response to a command requesting opening a proactive session. An applicative server relies on an OTA server to securely send the command to the application. The method comprises the steps of: the application retrieves a data from the command and derives a key using a preset function, the application generates the response to the command, builds a secured response packet comprising the response secured with the derived key and sends the secured response packet to the applicative server.

Abstract: A method for establishing a first secured communication channel between an administrative agent in a device and a distant server, the device comprising a secure element communicating with the administrative agent, the secure element being administrated through the administrative agent by the distant server, the administrative agent being administrated by a third party server through a second secured communication channel, the distant server and the third party server being connected through a third secured channel. The third party server requests, from the distant server, an operation on the secure element and a one-time PSK. The distant server sends, to the third party server, the one-time PSK. The third party server sends, to the administrative agent, a triggering message including the one-time PSK. A TLS-PSK handshake is performed between the administrative agent and the distant server with the one-time PSK to establish the first secured communication channel.

Abstract: The invention is a method for managing a response from an application embedded in a secure token acting as an UICC, in response to a command requesting opening a proactive session. The command is sent by an applicative server to the secure token via an OTA server providing a security layer. The method comprises the steps of sending another command from the applicative server to the secure token using the security layer provided by the OTA server, and in response to this second command, the secure token send the response of the first command to the applicative server using the security layer provided by the OTA server.

Abstract: A system to perform processing operations of input (video) streams, including is disclosed. The system consists of an input module, a stream type detection engine, a plurality of processing resources a resource monitoring engine, an attribution module, a dispatching module, and various other optional interface modules.

Abstract: The invention related to a method for an eUICC embedded into a machine type communication device to trigger the download of a subscription profile from a first network operator, the eUICC being provisioned with an eUICC identifier and a pre-loaded data set memorizing a range of International Mobile Subscription Identifiers-associated to a second network operator, the method comprising the steps of: selecting randomly by the eUICC an IMSI number in the range memorized in the pre-loaded data set; sending an attachment request comprising the randomly selected IMSI; receiving in an authentication request message the request for getting the eUICC identifier; as a response, sending to the discovery server a authentication failure message; receiving in an authentication request message a temporary IMSI from the discovery server so that the machine type communication device is able to attach to the first network operator and download the pending subscription profile.

Abstract: A method for establishing OTA sessions between terminals and an OTA server in a telecommunications network, each of the terminals interacting with a security element capable of interrogating the OTA server to establish a secure session in order to download data from the OTA server via a reverse proxy server in order to update security elements. The method includes provision by an OTA server to reverse proxy server of a list of identifiers of security elements for which an update is available; only establishing a secure session between the security elements and the OTA server for the security elements having identifiers included in said list.

Abstract: The invention is a method of communicating between a server and a distant secure element through a point-to-point link. The server is provided with a set comprising a plurality of data and a plurality of identifiers, each of the data is associated with one of the identifiers. The plurality of data comprises a first data compatible with the distant secure element and a second data incompatible with the distant secure element. The whole set is sent from the server to the distant secure element through the point-to-point link. A control operation is run with respect to a reference value stored in the distant secure element for each identifier. The data associated with the identifiers for which the control operation failed is discarded.

Abstract: A method of replacing an authentication parameter for authenticating a security element co-operating with a terminal includes storing in the security element a first authentication parameter; transmitting to a mobile network operator the first authentication parameter for the operator to record it in its authentication system; on occurrence of an event, having a remote platform transmit to the security element an indicator informing the security element that it is authorized to replace the first authentication parameter with a second authentication parameter if its authentication fails; on occurrence of the event, having the entity transmit to the operator a second authentication parameter to replace the first authentication parameter; and in the event of subsequent failure of the security element to connect to the mobile network and if the indicator is present at the security element, replacing the first authentication parameter with the second authentication parameter at the security element.

Abstract: Remote subscription management of an eUICC comprising a private key and a public certificate, the public certificate comprising information allowing a subscription manager server to decide if it can agree to manage the eUICC.

Abstract: The invention is a method for managing communication between a secure element and a device. The secure element comprises a physical communication interface and first and second virtual profiles. It is configured to exchange data targeting the virtual profiles with the device through the physical communication interface. The method comprises the steps of: running simultaneously said first and second virtual profiles, demultiplex incoming data received through the physical communication interface and multiplex outgoing data sent through the physical communication interface, resetting one of said virtual profiles individually without affecting the other virtual profiles in response to receiving a specific signal sent by the device through the physical communication interface.

Abstract: A system to perform processing operations of input (video) streams, including is disclosed. The system consists of an input module, a stream type detection engine, a plurality of processing resources a resource monitoring engine, an attribution module, a dispatching module, and various other optional interface modules.

Abstract: The invention proposes several improvements related to the management of secure elements, like UICCs embedding Sim applications, these secure elements being installed, fixedly or not, in terminals, like for example mobile phones. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.

Abstract: The invention is a method for managing a response generated by an application embedded in a secure token in response to a command requesting opening a proactive session. An applicative server relies on an OTA server to securely send the command to the application. The method comprises the steps of: the application retrieves a data from the command and derives a key using a preset function, the application generates the response to the command, builds a secured response packet comprising the response secured with the derived key and sends the secured response packet to the applicative server.

Abstract: The invention proposes a method consisting in: opening, at the request of the UICC, a data channel between the terminal and the server; performing a mutual authentication between the UICC and the server by using the bootstrap credentials; requesting, from the UICC to the server, the delivery of a subscription profile by using the unique serial number; if a subscription profile exists for the UICC, downloading the subscription profile to the UICC.

Abstract: The invention is a method for managing a response from an application embedded in a secure token acting as an UICC, in response to a command requesting opening a proactive session. The command is sent by an applicative server to the secure token via an OTA server providing a security layer. The method comprises the steps of sending another command from the applicative server to the secure token using the security layer provided by the OTA server, and in response to this second command, the secure token send the response of the first command to the applicative server using the security layer provided by the OTA server.

Abstract: A method for establishing a first secured communication channel between an administrative agent in a device and a distant server, the device comprising a secure element communicating with the administrative agent, the secure element being administrated through the administrative agent by the distant server, the administrative agent being administrated by a third party server through a second secured communication channel, the distant server and the third party server being connected through a third secured channel. The third party server requests, from the distant server, an operation on the secure element and a one-time PSK. The distant server sends, to the third party server, the one-time PSK. The third party server sends, to the administrative agent, a triggering message including the one-time PSK. A TLS-PSK handshake is performed between the administrative agent and the distant server with the one-time PSK to establish the first secured communication channel.