公开(公告)号：US20180373897A1

公开(公告)日：2018-12-27

申请号：US16060134

申请日：2016-11-18

Applicant: Alcatel Lucent

Inventor： Serge Papillon ,  Haithem El Abed

IPC: G06F21/73 ,  G06F21/85 ,  G06F21/31 ,  G06F21/44

Abstract: For ensuring a universal serial bus, USB, attack protection between a communication device (CD) and an accessory device (AD), a protection device (PD) being inserted between the communication device (CD) and the accessory device (AD) through a USB link, the communication device (CD): memorizes the highest value (HV) of indexes of string descriptor found in a USB Device Descriptor received from the accessory device (AD), sends a request (Req) for a string descriptor to the accessory device (AD) with a value (Val1) of index higher than said highest value (HV), receives a response (Res) generated and sent from the protection device (PD), the response containing an identifier (Id P) of the protection device validates the presence of the protection device (PD) if the identifier (Id P) is found in a database.

公开(公告)号：US10091647B2

公开(公告)日：2018-10-02

申请号：US15962825

申请日：2018-04-25

Applicant: Alcatel Lucent

Inventor： Sylvain L'Haridon ,  Serge Papillon ,  Wael Kanoun

IPC: H04W12/02 ,  H04W4/02 ,  H04W8/16

Abstract: Process for preserving the privacy of a user connected to a network through a terminal that comprises geolocation means adapted to emit geolocation information about the geographical position of said user, said process providing for: analyzing a packet from said terminal to detect the eventual presence of geolocation information into said packet; replacing in said packet said detected geolocation information by virtual geolocation information that have been computed for said user; forwarding through said network said packet with said virtual geolocation information.

公开(公告)号：US09686239B2

公开(公告)日：2017-06-20

申请号：US14364605

申请日：2012-12-24

Applicant: Alcatel Lucent

Inventor： Vincent Toubiana ,  Serge Papillon

IPC: H04L29/06 ,  H04L29/08 ,  H04L12/28 ,  H04W36/24

CPC classification number: H04L63/04 ,  H04L12/2854 ,  H04L12/287 ,  H04L63/00 ,  H04L63/0428 ,  H04L63/06 ,  H04L63/105 ,  H04L63/18 ,  H04L67/02 ,  H04L67/32 ,  H04W36/24

Abstract: To securely transmit data from a communication terminal (TC) to an application server (SA) over a telecommunications network (RT), the communication terminal (TC) being connected to the application server (SA) via an unsecure access network (RAns) and being able to communicate with the application server (SA) via at least one secure access network (RAs), the communication terminal (TC) switches the connection with the application server (SA) from the unsecure access network (RAns) to a secure access network (RAs), when personal data (DonP) is likely to be entered or is entered by the user, transmits the personal data (DonP) to the application server (SA) via the secure access network (RAs), and switches the connection with the application server (SA) from the secure access network (RAs) to an unsecure access network (RAns).

公开(公告)号：US20150188904A1

公开(公告)日：2015-07-02

申请号：US14412521

申请日：2013-06-14

Applicant: Alcatel Lucent

Inventor： Serge Papillon ,  Haithem El-Abed

IPC: H04L29/06

CPC classification number: H04L63/083 ,  G06F21/34 ,  H04L9/3234 ,  H04L9/3271 ,  H04L63/0428 ,  H04L63/0853

Abstract: For authenticating a user of a communication device implementing a client application connected to an application server through a telecommunication network, the application server having sent a challenge to the client application to authenticate the user, a user device associated with the communication device establishes a connection with the client application that invites the user to enter secret data on a screen of the communication device, retrieves the challenge from the client application, prompts the user to enter secret data, calculates a response to the challenge, based on secret data entered by the user and the retrieved challenge, and sends the response to the client application that forwards the response to the application server.

Abstract translation: 为了认证实现通过电信网络连接到应用服务器的客户端应用的通信设备的用户，应用服务器已经向客户端应用发送了询问以验证用户，与通信设备相关联的用户设备建立与 邀请用户在通信设备的屏幕上输入秘密数据的客户端应用程序从客户端应用程序检索挑战，提示用户输入秘密数据，根据用户输入的秘密数据计算对挑战的响应 和检索到的挑战，并将响应发送到将响应转发到应用服务器的客户端应用程序。

公开(公告)号：US20140359282A1

公开(公告)日：2014-12-04

申请号：US13907044

申请日：2013-05-31

Applicant: Alcatel- Lucent

Inventor： Abdullatif Shikfa ,  Serge Papillon

IPC: G06F21/60

CPC classification number: G06F21/602 ,  G06F21/6227

Abstract: A system and method for enabling searchable encryption of encrypted documents stored by a client on one or more storage providers includes a broker server in communication with the client and the one or more storage providers. The broker server is adapted to transfer the encrypted documents between the client and the one or more storage providers and to maintain information indicating where the encrypted documents are transferred. The broker server further stores information for at least one encrypted index for the encrypted documents and a test function for a searchable encryption mechanism used to encrypt the at least one encrypted index.

Abstract translation: 用于对客户端在一个或多个存储提供商上存储的加密文件进行可搜索加密的系统和方法包括与客户机和一个或多个存储提供商通信的代理服务器。 代理服务器适于在客户机和一个或多个存储提供商之间传送加密的文档，并且维护指示加密的文档被传送到哪里的信息。 代理服务器还存储用于加密文档的至少一个加密索引的信息和用于加密至少一个加密索引的可搜索加密机制的测试功能。

公开(公告)号：US10747906B2

公开(公告)日：2020-08-18

申请号：US16060134

申请日：2016-11-18

Applicant: Alcatel Lucent

Inventor： Serge Papillon ,  Haithem El Abed

IPC: G06F21/00 ,  G06F21/73 ,  G06F21/44 ,  G06F21/85 ,  G06F21/31

Abstract: For ensuring a universal serial bus, USB, attack protection between a communication device (CD) and an accessory device (AD), a protection device (PD) being inserted between the communication device (CD) and the accessory device (AD) through a USB link, the communication device (CD): memorizes the highest value (HV) of indexes of string descriptor found in a USB Device Descriptor received from the accessory device (AD), sends a request (Req) for a string descriptor to the accessory device (AD) with a value (Val1) of index higher than said highest value (HV), receives a response (Res) generated and sent from the protection device (PD), the response containing an identifier (Id P) of the protection device validates the presence of the protection device (PD) if the identifier (Id P) is found in a database.

公开(公告)号：US20150161411A1

公开(公告)日：2015-06-11

申请号：US14401236

申请日：2013-04-18

Applicant: Alcatel Lucent

Inventor： Abdullatif Shikfa ,  Serge Papillon

IPC: G06F21/62

CPC classification number: G06F21/6218 ,  G06F3/0604 ,  G06F3/0605 ,  G06F3/0607 ,  G06F3/062 ,  G06F3/0638 ,  G06F3/067 ,  G06F21/62 ,  G06F21/6209 ,  G06F21/6227 ,  G06F21/6272 ,  G06F21/64 ,  G06F2221/2149 ,  H04L9/0894

Abstract: This method comprises the steps of: —choosing (1) a security parameter n,—segmenting (2) the file in n chunks S1, . . . , Sn, —randomly choosing (3) n2 coefficients aij for i=1, . . . , n and j=1, . . . , n,—verifying (3) that the vectors ai1, . . . , ain, for i=1, . . . , n, are linearly independent, otherwise generating the coefficients again,—computing (4) n linear combinations Ci=ai1S1+ . . . + aijSj+ . . . + ain·Sn, for i=1, n,—choosing (5) n storage service providers Oi, . . . , On among said plurality of storage service provider,—generating (6a; 6b; 6c) n file identifiers ID′1, . . . , ID′n designating said file (F),—storing (6a; 6b; 6c) the combination Ci at the storage service provider Oi in association with the file identifier ID′i, for i=1, . . . , n,—storing the file identifier ID′i and the provider identifier Oi, for i=1, . . . , n, in a file descriptor corresponding to the file (F), this file descriptor being stored in a local memory (LM),—storing the set of coefficients ai,1, . . . , ainso that it can be re-associated with the combination Ci, for i=1, n;—randomly choosing n super-coefficients a′1, . . . , a′j, . . . , a′n for j=1, . . . , n,—computing a linear over-combination OC′=a′1-C1+ . . . + a′j·Cj+ . . . + a′n·Cn,—and storing the over-combination OC′ and the coefficients a′1, . . . , a′j, . . . , a′n for j=1, . . . , n.

Abstract translation: 该方法包括以下步骤： - 选择（1）安全参数n， - 分割（2）n个块S1中的文件。 。 。 ，Sn，随机选择（3）i = 1的n2系数aij。 。 。 ，n和j = 1，。 。 。 ，n， - 验证（3）向量ai1，。 。 。 对于i = 1，ain。 。 。 ，n是线性独立的，否则再次产生系数，计算（4）n个线性组合Ci = ai1S1 +。 。 。 + aijSj +。 。 。 + ain·Sn，对于i = 1，n，选择（5）n个存储服务提供商Oi。 。 。 在所述多个存储服务提供商中，生成（6a; 6b; 6c）n个文件标识符ID'1。 。 。 ，指定所述文件（F）的ID， - 对于i = 1，将与所述文件标识符ID'i相关联的组合Ci存储在存储服务提供商Oi上（6a; 6b; 6c）。 。 。 对于i = 1，n，存储文件标识符ID'i和提供者标识符Oi。 。 。 ，n，在与文件（F）对应的文件描述符中，该文件描述符被存储在本地存储器（LM）中， - 存储该组系数ai，1，...。 。 。 ，还可以与组合Ci重新相关联，对于i = 1，n;随机选择n个超系数a'1。 。 。 ，a'j，。 。 。 ，a'n为j = 1，。 。 。 ，n， - 计算线性过组合OC'= a'1-C1 +。 。 。 + a'j·Cj +。 。 。 + a'n·Cn，并存储过组合OC'和系数a'1。 。 。 ，a'j，。 。 。 ，a'n为j = 1，。 。 。 ，n。

公开(公告)号：US20150141057A1

公开(公告)日：2015-05-21

申请号：US14414927

申请日：2013-06-12

Applicant: Alcatel Lucent

Inventor： Serge Papillon ,  Antony Martin

IPC: H04W4/20 ,  H04W4/02

CPC classification number: H04W4/20 ,  G06F3/017 ,  G06F3/0346 ,  G06F3/0486 ,  H04L67/38 ,  H04W4/02 ,  H04W4/023 ,  H04W4/027 ,  H04W4/04 ,  H04W4/043 ,  H04W4/185 ,  H04W4/21 ,  H04W4/70

Abstract: A method and system for providing conditional interaction for a virtual object (2) accessible with a mobile device (1), said mobile device (1) comprising geolocation means for assessing a real-world geographic location (PI) to said mobile device (1), and said virtual object (2) being assessed a location information (P2) corresponding to a real-world geographic location, In various embodiments at least one interaction is conditioned with said virtual object (2) through said mobile device (1), at least in function of the real-world geographic location (PI) of said mobile device (1) and the location information (P2) of said virtual object (2). In case said conditioning step is satisfied, interacting (7) with said mobile device (1) on said virtual object by modifying said location information (P2) of the virtual object (2).

Abstract translation: 一种用于为可由移动设备（1）访问的虚拟对象（2）提供条件交互的方法和系统，所述移动设备（1）包括用于评估所述移动设备（1）的真实世界地理位置（PI）的地理定位装置 ），并且所述虚拟对象（2）被评估与真实世界地理位置相对应的位置信息（P2）。在各种实施例中，至少一个交互通过所述移动设备（1）与所述虚拟对象（2）调节， 至少根据所述移动设备（1）的真实世界地理位置（PI）和所述虚拟对象（2）的位置信息（P2）的功能。 在满足所述调节步骤的情况下，通过修改虚拟对象（2）的所述位置信息（P2）与所述移动设备（1）在所述虚拟对象上进行交互（7）。

公开(公告)号：US20140089669A1

公开(公告)日：2014-03-27

申请号：US14027438

申请日：2013-09-16

Applicant: Alcatel Lucent

Inventor： Serge Papillon ,  Haithem El Abed ,  Antony Martin ,  Abdullatif Shikfa

IPC: H04L9/08

CPC classification number: H04L9/0838 ,  H04L9/0844 ,  H04L9/0891 ,  H04W4/60 ,  H04W4/70 ,  H04W8/205 ,  H04W12/04

Abstract: A method and apparatus for personalizing a smart card coupled with a communication device of a user who is a subscriber of a first telecommunication network and wishes to become a subscriber of a second telecommunication network is disclosed. A first authentication key is stored in both the smart card and in an first application server included in the first telecommunication network. A secure session is established with a second application server included in the second telecommunication network via the first telecommunication network by negotiating with the first application server and the second application server in order that the smart card and the second application server agree on an second authentication key. Shared values and shared functions according to a secure multiparty computation protocol are used to compute a second authentication key which replaces the first authentication key in the smart card.

Abstract translation: 公开了一种用于个性化与作为第一电信网络的订户并且希望成为第二电信网络的订户的用户的通信设备相结合的智能卡的方法和装置。 第一认证密钥存储在智能卡和包括在第一电信网络中的第一应用服务器中。 通过与第一应用服务器和第二应用服务器协商来使通过第一电信网络包括在第二电信网络中的第二应用服务器建立安全会话，以便智能卡和第二应用服务器同意第二认证密钥 。 使用根据安全多方计算协议的共享值和共享功能来计算替代智能卡中的第一认证密钥的第二认证密钥。

公开(公告)号：US10509904B2

公开(公告)日：2019-12-17

申请号：US15573890

申请日：2016-04-22

Applicant: Alcatel Lucent

Inventor： Haithem El Abed ,  Serge Papillon

IPC: G06F21/55 ,  G06F21/73 ,  G06F21/85

Abstract: A system and method for protecting a universal serial bus device from being used in an attack during communication between a communication device and an accessory device is disclosed. A protection device inserted between them through a USB link performs steps of receiving a message from the accessory device, including fields of characteristics of the accessory device; generating a random identifier; sending it to the communication device that creates a registration rule based on the generated random identifier; modifying an intercepted response from the accessory device to a request from the communication device, the request being dedicated to get a value associated with a serial number of the accessory device, by including the generated random identifier; and sending the modified response to the communication device, the modified response triggering a query for registration of the accessory device by means of the modified response and the created registration rule.