-
公开(公告)号:US11463251B2
公开(公告)日:2022-10-04
申请号:US16470358
申请日:2017-12-14
申请人: GEMALTO SA
IPC分类号: H04L9/08
摘要: The present invention relates to a method of securely using a first tenant secret key stored under an encrypted form in a first token (TKA) of a first tenant (A) identified by a first tenant identifier (UIDA) and having said first tenant secret key, wherein: each tenant identifier (UIDT) for a tenant (T) comprises a first value and, when said tenant (T) is allowed to use a secret key of a parent tenant (Tp) identified by a parent tenant identifier (UIDTP), said parent tenant identifier, appended before said first value, and said first token (TKA) has been generated from said first tenant identifier (UIDA) and a first tenant secret key encrypted with said first tenant identifier (UIDA) and with a first tenant customer master key (CMKA), said first tenant customer master key (CMKA) having been derived from said first tenant identifier (UIDA) and a secure domain master key (SDMK), said method comprising the following steps performed by a secure device storing said secure domain master key (SDMK), on request of a second tenant (B) identified by a second tenant identifier (UIDB): —getting a first tenant identifier (UIDA) of said first tenant (A) from said first token (TKA), —checking if the first tenant identifier (UIDA) is a prefix of or is equal to said second tenant identifier (UIDB), —when said first tenant identifier (UIDA) is a prefix of or is equal to said second tenant identifier (UIDB), recovering said first tenant secret key stored in said first token (TKA) and using it for the second tenant (B).
-
公开(公告)号:US11146653B2
公开(公告)日:2021-10-12
申请号:US16338595
申请日:2017-10-02
申请人: GEMALTO SA
发明人: Frédéric Dao , Frédéric Clement-Gonzales , David Halle , Jérôme Duprez , David Huguenin , Sébastien Schmitt , Christine Nersessian , Philippe Allouche , Thomas Dandelot
IPC分类号: H04L29/08 , H04L29/06 , H04W8/20 , H04W12/088
摘要: The invention relates to a method for sending data to at least one device. According to the invention, a data sending control server sends to at least one data storage server at least one predetermined rule or a first request for sending data to at least one data processing server. The data storage server sends, based upon the at least one predetermined rule or the first request for sending data, data to the data processing server. The data sending control server sends to the data processing server a second request for sending to the device the data received or to be received by the data processing server. The data processing server sends, based upon the second request for sending the data, the received data to the at least one device.
-
3.发明授权公开(公告)号:US11019672B2
公开(公告)日:2021-05-25
申请号:US16305306
申请日:2016-05-31
申请人: GEMALTO SA
发明人: Andrei Marian Hagiu
摘要: The invention relates to a method for detecting a failure in a PDP context or an EPS PDN connection. A chip incorporated within or coupled to a device receives from the device a call control PDP context activation type event or a call control EPS PDN connection activation type event. The chip receives from the device an updated value relating to an HFN start PS. The chip compares the last updated value relating to the HFN start PS to a predetermined value relating to the HFN start PS. If the last updated value relating to the HFN start PS is greater than or is less than/equal to the predetermined value relating to the HFN start PS, then the chip detects that the PDP context or the EPS PDN connection has been successfully or unsuccessfully activated respectively.
-
公开(公告)号:US11019054B2
公开(公告)日:2021-05-25
申请号:US15569481
申请日:2016-04-28
申请人: GEMALTO SA
发明人: John Philip Wilson
IPC分类号: H04L29/06 , H04W12/02 , H04W12/033 , H04W12/06 , H04L9/32
摘要: A method and system for providing proof of personal information includes a first device sending a request to a server for proving user information and data identifying a requester. The server generates (i) requester authentication data and associated data identifying a transaction, and (ii) a proof of user information using the user information and the requester authentication data. The server then sends the proof of user information and the associated data identifying the transaction to the first device. A second device sends to the server a request for getting authentication data associated with data identifying a transaction and the associated data identifying the transaction. In response to the request, the server sends authentication data associated with the data identifying the transaction to the second device. The second device or a verifier may then authenticate the user information only if the received authentication data matches the requester authentication data.
-
公开(公告)号:US10963167B2
公开(公告)日:2021-03-30
申请号:US15858882
申请日:2017-12-29
申请人: GEMALTO SA , SafeNet Inc.
发明人: Didier Hugot , Asad Ali , Gorav Arora
摘要: The invention relates to a method for managing data access. The method includes receiving at least one request for accessing data; capturing data relating to at least one current context signal during each data access request; comparing, as a current authorization step, the data relating to at least one captured current context signal to predetermined reference data relating to at least one corresponding context signal according to at least one corresponding predetermined authorization policy; determining, based upon the current authorization result and at least one predetermined dynamic data access policy, whether the data access is or is not authorized, as a data access decision; and issuing the data access decision. The invention also relates to corresponding first device, second device and system.
-
公开(公告)号:US10957398B2
公开(公告)日:2021-03-23
申请号:US15779311
申请日:2016-11-25
申请人: GEMALTO SA
发明人: Frederic Gallas , Rudy Yanto , Vincent Dumas , Fabrice Vergnes
摘要: The invention relates to a method for managing an memory LNVM erasable by block. The method comprises an index management of the memory blocks wherein the index indicates if a block is erased (Erased) or to be erased (TBE). A memory manager performs a block erasing when the memory is not in use and a block is to be erased and when the number of erased blocks is lower than a predetermined number.
-
公开(公告)号:US10885297B2
公开(公告)日:2021-01-05
申请号:US16323426
申请日:2017-08-11
申请人: GEMALTO SA
发明人: Brett A. Howell , Brian L. Linzie
IPC分类号: G06K9/00
摘要: The non-contact capture device allows for an image of an object to be captured when the object is not making contact with any portion of the non-contact capture device. The non-contact capture device comprises an electronic compartment comprising a camera and a light source, wherein the camera and light source are directed to an image capture region, a housing guide comprising a leg extending away from the electronic compartment to support a collar, and an image capture region spaced away from the electronic compartment and the housing guide. The collar extends laterally around only a portion of the image capture region forming an entry gap into the image capture region.
-
公开(公告)号:US20200301467A1
公开(公告)日:2020-09-24
申请号:US16083504
申请日:2017-02-28
申请人: GEMALTO SA
发明人: Pascal LEROY , Hervé POIRIER , Stéphane TOUVET
摘要: This invention relates to a method to compensate by a server a clock deviation of a card i by maintaining a time base Tbase (i) synchronized with card i, the method comprising the steps of: receiving at a time TS a dynamic card verification dCVV code value generated by card i; providing a set of at least two dCVV code corresponding to two successive dCVV time periods; if the dCVV code received from card i corresponds to one of the dCVV codes of the provided set but is different from the reference dCVV code, determine the minimum possible timing drift Min_td between the time base maintained by the server for the card and the time base Tbase(i) of the card; updating time base Tbase(i) by addition of a time drift correction equal to the minimum possible time drift Min_td.
-
公开(公告)号:US10717312B2
公开(公告)日:2020-07-21
申请号:US16342145
申请日:2017-10-24
申请人: GEMALTO SA
IPC分类号: B42D25/45 , B42D25/351 , B42D25/373 , B42D25/382 , B42D25/387 , B42D25/435 , B42D25/328 , B42D25/46 , B42D25/455 , B42D25/24 , B42D25/324 , B42D25/23 , B42D25/309
摘要: The present invention relates generally to a data carrier comprising an opaque layer and a method for making the data carrier. During personalization phase, the ablation of the opaque layer by laser through the data carrier allows to define a see-through portion of the data carrier carrying opaque security, said see-through portion having an improved security corresponding to opaque embossing pattern overlapping at least partially the opaque security partially destroyed. Said defined see-through portion carrying opaque security partially destroyed with opaque embossing pattern on its surface is even more difficult to reproduce by forger, even more difficult to remove, replace or exchange and easy to check.
-
10.发明申请公开(公告)号:US20200187287A1
公开(公告)日:2020-06-11
申请号:US16305306
申请日:2016-05-31
申请人: GEMALTO SA
发明人: Andrei Marian Hagiu
摘要: The invention relates to a method for detecting a failure in a PDP context or an EPS PDN connection. A chip incorporated within or coupled to a device receives from the device a call control PDP context activation type event or a call control EPS PDN connection activation type event. The chip receives from the device an updated value relating to an HFN start PS. The chip compares the last updated value relating to the HFN start PS to a predetermined value relating to the HFN start PS. If the last updated value relating to the HFN start PS is greater than or is less than/equal to the predetermined value relating to the HFN start PS, then the chip detects that the PDP context or the EPS PDN connection has been successfully or unsuccessfully activated respectively.
-
-
-
-
-
-
-
-
-
搜索结果
383 条记录 (耗时 0.019 秒)
