-
公开(公告)号:WO2015197722A1
公开(公告)日:2015-12-30
申请号:PCT/EP2015/064300
申请日:2015-06-24
Applicant: GEMALTO SA
Inventor: DAO, Frederic , STANKOWSKI, Stephan , ARNAUD, Jean-François , GILLET, Thierry , DUPREZ, Jérôme , HALLE, David
IPC: B60R25/20 , B60R25/24 , G08B23/00 , G07C9/00 , B60R25/045 , H04L9/08 , H04L9/32 , G07C5/00 , B60R25/30
CPC classification number: H04L9/321 , B60R25/045 , B60R25/2018 , B60R25/246 , B60R25/307 , B60R2325/20 , H04L9/3226 , H04L9/3273 , H04L2209/80 , H04L2209/84
Abstract: La présente invention concerne un véhicule V comprenant une pluralité d'équipements CE. Le véhicule comprend un premier élément sécurisé SE1 et un deuxième élément sécurisé SE2. L'un des premier et deuxième éléments sécurisés SE1, SE2 est solidaire dudit véhicule V, l'autre étant intégré dans un équipement CE. Le premier élément sécurisé SE1 comprend une première clef K1. Le deuxième élément sécurisé SE2 comprend une deuxième clef et est adapté pour : - établir une première liaison de communication L1 avec un serveur distant SERV; - effectuer une authentification mutuelle avec ledit serveur distant SERV; et - si ladite authentification mutuelle est établie, recevoir une troisième clef K1 envoyée par ledit serveur distant SERV pour appairer ledit premier élément sécurisé SE1 avec ledit deuxième élément sécurisé SE2 via ladite première liaison de communication L1.
Abstract translation: 本发明涉及一种车辆V,其包括多个设备项目CE。 车辆包括第一安全元件SE1和第二安全元件SE2。 第一和第二安全元件SE1,SE2中的一个内置在所述车辆V中,另一个被集成到设备CE的项目中。 第一安全元件SE1包括第一密钥K1。 第二安全元件SE2包括第二密钥,并且适于: - 与远程服务器SERV建立第一通信链路L1; - 与所述远程服务器SERV执行相互认证; 以及 - 如果所述相互认证建立,则接收由所述远程服务器SERV调度的第三密钥K1,以经由所述第一通信链路L1将所述第一安全元件SE1与所述第二安全元件SE2配对。
-
公开(公告)号:WO2019007849A1
公开(公告)日:2019-01-10
申请号:PCT/EP2018/067650
申请日:2018-06-29
Applicant: GEMALTO SA
Inventor: SCHMITT, Sébastien , MAUNIER, Gérald , TRESSOL, Ludovic , DAO, Frederic
Abstract: The invention relates to a method for granting access to a service provided by a connected device (202) for a user having a user's device (201) and requesting said access, the method comprising the steps of: receiving (211) by the user's device (201) from the connected device (202) a request to validate a user profile, a user profile corresponding to a list of at least one data item representing the user's capabilities to use a service provided by the given connected device; requesting by the user's device (201) to a verification server (203) associated to the at least one data item to validate said data item, and receiving (213) a digital signature of said data item generated by the verification server (203) as a proof of the validation; transmitting (214) the data item of the user profile and its digital signature to a device (200) belonging to the owner of the connected device (202) for it to be informed that said data item is validated, the user profile being considered as validated when the digital signatures of all the data items listed in the user profile are correctly verified by the owner's device; granting (230, 231) for the user access to the service provided by the connected device (202) when the user profile is validated.
-
3.发明申请
公开(公告)号:WO2018162678A1
公开(公告)日:2018-09-13
申请号:PCT/EP2018/055832
申请日:2018-03-08
Applicant: GEMALTO SA
Inventor: MAUNIER, Gérald , TRESSOL, Ludovic , DAO, Frederic , SCHMITT, Sébastien
Abstract: This invention relates to a method for anticipating the setup of a relation of trust between a first vehicle (100) called central vehicle and at least a second vehicle, wherein two interaction areas (130, 140) are defined relatively to the position of the central vehicle (100), the first interaction area (130) called exchange area comprising the central vehicle (100) and the second interaction area (140) called pre-authentication area being defined in a way that it has to be crossed by said second vehicle for it to enter into the exchange area (130), the method comprising the steps of: detecting if the second vehicle is localized in the pre-authentication area (140) associated with the central vehicle (100); authenticating the central vehicle (100) and the second vehicle if not already authenticated; upon successful authentication, providing the central vehicle (100) and the second vehicle with at least one credential to set up the relation of trust for it to be already established when the second vehicle is present in the exchange area associated with the central vehicle (100).
-
4.发明申请
公开(公告)号:WO2019121075A1
公开(公告)日:2019-06-27
申请号:PCT/EP2018/084056
申请日:2018-12-07
Applicant: GEMALTO SA
Inventor: MAUNIER, Gérald , TRESSOL, Ludovic , DAO, Frederic
CPC classification number: H04W12/02 , G06F2221/2115 , H04L9/321 , H04L9/3247 , H04W4/70
Abstract: The invention relates to a method for controlling by a server (201) called secure server the use of a first set of at least one data element of a data owner and provided by a communication device (200), the method comprising the steps of: receiving (204) at least one digital signature representative of a process authorized by the data owner and adapted to carry out a series of at least one instructions using the first set of at least one data element; receiving (209) from a process entity (202) the series of at least one instruction, and a ciphered version of the first set of at least one data element which is communicated to the process entity (202) by the communication device (200); verifying that the series of at least one instruction correspond to a process authorized by the data owner of the communication device by comparing the at least one digital signature received (204) by the secure server (201) with a digital signature obtained by the secure server (201) using as an input the series of at least one instruction received by the secure server (201); and if the series of at least one instruction correspond to an authorized process: deciphering the first set of at least one data element; generating a result data by executing the series of at least one instruction using the first set of at least one data element as an input; transmitting the result data to the process entity (202).
-
-
-
Search Results
4
records
(took 0.011 seconds)
