公开(公告)号：US09825917B2

公开(公告)日：2017-11-21

申请号：US14654547

申请日：2013-12-20

Applicant: GEMALTO SA

Inventor： HongQian Karen Lu ,  Laurent Castillo ,  Philippe Smadja

IPC: H04L29/06 ,  G06F21/62 ,  H04L9/32 ,  G06F17/30 ,  G06F21/34 ,  H04L29/08

CPC classification number: H04L63/0421 ,  G06F17/30867 ,  G06F21/34 ,  G06F21/6254 ,  G06F21/6263 ,  H04L9/3234 ,  H04L9/3263 ,  H04L63/0815 ,  H04L67/02 ,  H04L2209/42

Abstract: Method and System for enhanced privacy in privacy-preserving identity solutions. The technology provides for a redirect of a request to generate a proof of an attribute from a service provider to a separator. The separator removes source identification from the attribute-proof request and redirects the attribute-proof request, free of original source identification, to a credential issuer which issues the credential. A security device of the user generates a presentation token from the privacy-preserving credential and presents the presentation token to the service provider as proof of the attribute. Other systems and methods are disclosed.

公开(公告)号：US09935954B2

公开(公告)日：2018-04-03

申请号：US15109401

申请日：2014-11-28

Applicant: GEMALTO SA

Inventor： Philippe Smadja ,  Julien Delsuc ,  Herve Ganem ,  Francois Ennesser

IPC: H04L29/06 ,  H04W4/00 ,  H04W12/06

CPC classification number: H04L63/0884 ,  H04L63/0428 ,  H04L63/062 ,  H04W4/70 ,  H04W12/06

Abstract: This invention concerns the implementation of end-to-end security for the communication between objects in the domain of the Internet of Things (or Internet of Objects). The purpose of the patent is dealing with the setup of secure authorized information channel between data source (M2M device) and data consumers (consumer entity). According to the present invention, the access to a M2M device by a consumer entity (consumer application) is controlled by a M2M authorization server. The M2M authorization server is the entity in charge of managing access rights for the M2M device and makes the decision regarding the access to the resource by the consumer entity (consumer application). The M2M server is an entity that enforces the decision and enables the access to the M2M device. When a consumer application needs to communicate with a M2M device, the present invention proposes a method for authorizing a consumer application to access a M2M device and for encrypting the communication between the consumer application and the M2M device. The M2M authorization server computes security credentials which are sent to the consumer application.