利索-全球专利检索

  1. Login
  2. Sign Up

Search Results

10 records (took 0.014 seconds)

    REMOTE PERSONALIZATION OF SECURE ELEMENTS COOPERATING WITH TELECOMMUNICATION TERMINALS
    1.
    发明申请
    REMOTE PERSONALIZATION OF SECURE ELEMENTS COOPERATING WITH TELECOMMUNICATION TERMINALS 审中-公开
    与电信终端合作的安全元素的远程个性化

    公开(公告)号:WO2016055617A2

    公开(公告)日:2016-04-14

    申请号:PCT/EP2015/073411

    申请日:2015-10-09

    Applicant: GEMALTO SA

    Inventor: AMIEL, Patrice PICO, Richard BERARD, Xavier ROUSSEL, Nicolas GONZALVO, Benoit PAILLART, Frédéric FAURE, Frédéric DUPREZ, Jérôme LABOURIE, Florent

    IPC: H04L29/06

    CPC classification number: H04W12/08 G06F21/74 H04L63/102

    Abstract: The invention concerns a method for downloading subscriptions in secure elements (10), each secure element (10) cooperating with a telecommunication terminal, the method consisting in: - Preparing, at the level of a Subscriber Manager Data Preparation unit (12) a plurality of subscriptions ready to be loaded on the secure elements (10) on demand, these subscriptions not being linked to any particular secure element (10) a that time; - Securing the subscriptions within a SCP03 script : - linked to a first unique AID as being the identifier of the Security Domain containing data of all subscriptions he would like to manage; - with a first SCP03 keyset as defined in GlobalPlatform SCP03 amendment D; - At the occurrence of a request for downloading one of these subscriptions in one of the secure elements (10), requesting a Subscriber Manager Secure Routing unit (SM-SR) to create a ISD-P in this secure element (10) by using a second AID different from the first unique AID; - Transmitting the second AID from the Subscriber Manager Secure Routing unit (SM-SR) to the Subscriber Manager Data Preparation unit (12); - Executing a key establishment procedure between the Subscriber Manager Data Preparation unit (12) and the ISD-P, identified by the second AID, and set a first private SCP03 keyset with the ISD-P; - Opening a new SCP03 channel between the Subscriber Manager Data Preparation unit (12) and the ISD-P by using the shared private SP03 keyset and a pseudo-random based on the second AID; - Setting the first unique AID on the ISD-P as an additional AID; - Opening a new SCP03 channel between the Subscriber Manager Data Preparation unit (12) and the ISD-P by using the shared private SCP03 keyset and a pseudo-random based on the first unique AID; - Sending from the Subscriber Manager Data Preparation unit (12) the subscription to the secure element (10), including the setting of the first SCP03 keyset; - Executing the subscription in the secure element (10) in order to install it by deciphering the subscription thanks to the first SCP03 keyset and the first unique AID.

    Abstract translation: 本发明涉及一种用于在安全元件(10)中下载订阅的方法,每个安全元件(10)与电信终端协作,所述方法包括: - 在用户管理器数据准备单元(12)的级别准备多个 的订阅可以根据需要被加载到安全元件(10)上,这些订阅在当时不与任何特定的安全元件(10)链接; - 在SCP03脚本中保护订阅: - 链接到第一个唯一AID作为安全域的标识符,其中包含他想要管理的所有订阅的数据; - 在GlobalPlatform SCP03修订版D中定义了第一个SCP03密钥集; - 在所述安全元件(10)之一发出请求下载其中一个订阅的请求时,通过使用所述安全元件(10)请求订户管理器安全路由单元(SM-SR)来创建所述安全元件(10)中的ISD-P 与第一唯一AID不同的第二个AID; - 将第二个AID从订户管理器安全路由单元(SM-SR)发送到订户管理器数据准备单元(12); - 执行订户管理器数据准备单元(12)和由第二AID标识的ISD-P之间的密钥建立过程,并且设置具有ISD-P的第一私人SCP03密钥集; - 通过使用共享私有SP03密钥集和基于第二AID的伪随机在订户管理器数据准备单元(12)和ISD-P之间打开新的SCP03信道; - 将ISD-P上的第一个唯一AID设置为额外的AID; - 通过使用共享私有SCP03密钥集和基于第一唯一AID的伪随机在订户管理器数据准备单元(12)和ISD-P之间打开新的SCP03信道; - 从所述订户管理器数据准备单元(12)发送对所述安全元件(10)的订阅,包括所述第一SCP03密钥组的设置; - 通过第一个SCP03键集和第一个独特的AID,在安全元素(10)中执行订阅,以便通过解密订阅进行安装。

    METHOD FOR ACCESSING A SERVICE AND CORRESPONDING DEVICE
    2.
    发明申请
    METHOD FOR ACCESSING A SERVICE AND CORRESPONDING DEVICE 审中-公开
    用于访问服务和对应设备的方法

    公开(公告)号:WO2015097052A1

    公开(公告)日:2015-07-02

    申请号:PCT/EP2014/078382

    申请日:2014-12-18

    Applicant: GEMALTO SA

    Inventor: ROUSSEL, Nicolas JOUBERT, Nicolas LABOURIE, Florent FAURE, Frédéric

    IPC: H04W8/18 H04W4/18

    CPC classification number: H04W8/183 H04W48/18

    Abstract: The invention relates to a method (20) for accessing a service. A first device (12) comprises a chip. The chip comprises data storing means. The data storing means stores data relating to at least two subscriptions (145, 147). According to the invention, the data storing means stores a subscription manager, the method comprises the following steps. A subscription manager de-activates an active subscription, said first subscription, and activates a non-active subscription, said second subscription. The subscription manager includes a first variable relating to a previous active subscription and sets the first variable to the first subscription. The subscription manager sends, through the first device operating system, to a second device (18) a first request (26) for accessing a service by using the second subscription, as a current active subscription. The first device operating system sends to the subscription manager a message (28) for informing the subscription manager of a failure relating to an access to the service associated with the second subscription. The subscription manager includes a second variable relating to a next active subscription and sets the second variable to a current value of the first variable. The subscription manager sends to the first device operating system a message (214) for requesting the first device operating system to re-launch an execution of the subscription manager and to read data. The subscription manager de-activates, based upon a current value of the second variable, the second subscription and activates, based upon the current value of the second variable, the first subscription. The subscription manager sends, through the first device operating system, to the second device a second request (220) for accessing a service by using the first subscription, as a current active subscription. The second device sends to the subscription manager a message (222) for informing the subscription manager of a success relating to an access to the service associated with the first subscription. The invention also relates to a corresponding first device (12).

    Abstract translation: 本发明涉及一种访问服务的方法(20)。 第一装置(12)包括芯片。 芯片包括数据存储装置。 数据存储装置存储与至少两个订阅(145,147)有关的数据。 根据本发明,数据存储装置存储订阅管理器,该方法包括以下步骤。 订阅管理器禁用所述第一订阅的激活订阅,并激活所述第二订阅的非活动订阅。 订阅管理器包括与先前活动订阅相关的第一变量,并将第一变量设置为第一订阅。 订阅管理器通过第一设备操作系统向第二设备(18)发送用于通过使用第二订阅访问服务的第一请求(26)作为当前活动订阅。 第一设备操作系统向订阅管理器发送消息(28),用于通知订阅管理器有关对与第二订阅相关联的服务的访问的故障。 订阅管理器包括与下一活动订阅相关的第二变量,并将第二变量设置为第一变量的当前值。 订阅管理器向第一设备操作系统发送用于请求第一设备操作系统重新启动订阅管理器的执行并读取数据的消息(214)。 订阅管理器基于第二变量的当前值去激活第二订阅,并基于第二变量的当前值来激活第一订阅。 订阅管理器通过第一设备操作系统向第二设备发送用于通过使用第一订阅访问服务的第二请求(220)作为当前活动订阅。 第二设备向订阅管理器发送消息(222),用于通知订阅管理器有关对与第一订阅相关联的服务的访问的成功。 本发明还涉及相应的第一装置(12)。

    METHOD OF MANAGING THE LOADING OF DATA IN A SECURE DEVICE
    3.
    发明申请
    METHOD OF MANAGING THE LOADING OF DATA IN A SECURE DEVICE 审中-公开
    管理在安全设备中加载数据的方法

    公开(公告)号:WO2013004537A1

    公开(公告)日:2013-01-10

    申请号:PCT/EP2012/062243

    申请日:2012-06-25

    Applicant: GEMALTO SA LABOURIE, Florent COULIER, Charles GONZALVO, Benoît

    Inventor: LABOURIE, Florent COULIER, Charles GONZALVO, Benoît

    IPC: G06F21/02

    CPC classification number: G06F21/72

    Abstract: The invention is a method of managing a non volatile memory embedded in a secure device. The secure device receives a series of ciphered data blocks. A first plain data block is computed by deciphering a first ciphered data block. First plain data block is written into the non volatile memory. The method comprises the step of deciphering the next ciphered data block and computing a first integrity value for the first plain data block in parallel, the computation of first integrity value is carried out by using first plain data block which is stored in the non volatile memory.

    Abstract translation: 本发明是一种管理嵌入在安全装置中的非易失性存储器的方法。 安全设备接收一系列加密的数据块。 通过解密第一加密数据块来计算第一平原数据块。 第一个平滑数据块被写入非易失性存储器。 所述方法包括对下一个加密数据块进行解密并且并行计算第一平原数据块的第一完整性值的步骤,通过使用存储在非易失性存储器中的第一普通数据块来执行第一完整性值的计算 。

    PROACTIVE COMMANDS OVER SECURE CHANNEL BETWEEN A MOBILE EQUIPMENT AND A UICC
    4.
    发明申请
    PROACTIVE COMMANDS OVER SECURE CHANNEL BETWEEN A MOBILE EQUIPMENT AND A UICC 审中-公开
    移动设备和UICC之间的安全通道的主动命令

    公开(公告)号:WO2011070038A1

    公开(公告)日:2011-06-16

    申请号:PCT/EP2010/069110

    申请日:2010-12-07

    Applicant: GEMALTO SA ENNESSER, François JOUBERT, Nicolas LABOURIE, Florent ROUSSEL, Nicolas

    Inventor: ENNESSER, François JOUBERT, Nicolas LABOURIE, Florent ROUSSEL, Nicolas

    IPC: H04L29/06 G06F21/00

    CPC classification number: H04L63/0428 G06F21/606 H04W12/02 H04W92/08

    Abstract: The invention relates to a UICC comprising a toolkit applet. The UICC comprises a toolkit security component for establishing and using a secure channel for proactive commands and events exchanged by the toolkit applet of the UICC with a mobile equipment. Other communications between the UICC and the mobile equipment take place outside of this secure channel. The invention also relates to a system comprising a UICC of the above type and a mobile equipment, such as a cell phone. The invention also relates to a method to selectively protect a UICC.

    Abstract translation: 本发明涉及包括工具包小应用程序的UICC。 UICC包括一个工具包安全组件,用于建立和使用安全通道,用于由移动设备与UICC的工具包小程序交换的主动命令和事件。 UICC和移动设备之间的其他通信发生在该安全通道之外。 本发明还涉及一种包括上述类型的UICC和诸如手机的移动设备的系统。 本发明还涉及一种选择性地保护UICC的方法。

    METHOD FOR ACCESSING A SERVICE AND CORRESPONDING DEVICES
    5.
    发明申请
    METHOD FOR ACCESSING A SERVICE AND CORRESPONDING DEVICES 审中-公开
    用于访问服务和对应设备的方法

    公开(公告)号:WO2015097054A1

    公开(公告)日:2015-07-02

    申请号:PCT/EP2014/078408

    申请日:2014-12-18

    Applicant: GEMALTO SA

    Inventor: ROUSSEL, Nicolas JOUBERT, Nicolas LABOURIE, Florent

    IPC: H04W8/18 H04W4/00 H04W88/06

    CPC classification number: H04W12/06 H04W4/70 H04W8/183 H04W12/08

    Abstract: The invention relates to a method for accessing a service. The method uses a first device comprises a chip. The chip comprises data storing means. The data storing means stores at least one subscription relating, each, to a mobile radio-communication network operator. According to the invention, the data storing means stores at least two applications relating, each, to a service provider. The data storing means stores a link manager. The method comprises the following steps: At least one second device sends to a link manager at least one association command for requesting an association of at least one subscription with at least one application and/or at least one disassociation command for requesting a disassociation of at least one subscription associated with at least one application. The link manager activates and/or de-activates an association or of at least one subscription with at least one application respectively. The invention also relates to corresponding first and second device.

    Abstract translation: 本发明涉及一种用于访问服务的方法。 该方法使用包括芯片的第一装置。 芯片包括数据存储装置。 数据存储装置将至少一个订阅存储在移动无线电通信网络运营商中。 根据本发明,数据存储装置将至少两个应用存储到服务提供商。 数据存储装置存储链接管理器。 该方法包括以下步骤:至少一个第二设备向链路管理器发送至少一个关联命令,用于请求至少一个订阅与至少一个应用的关联和/或至少一个关联命令,用于请求关闭 与至少一个应用程序相关联的至少一个订阅。 链路管理器分别激活和/或去激活与至少一个应用的关联或至少一个订阅。 本发明还涉及相应的第一和第二装置。

    METHOD FOR ACCESSING A SERVICE AND A CORRESPONDING DEVICE
    6.
    发明申请
    METHOD FOR ACCESSING A SERVICE AND A CORRESPONDING DEVICE 审中-公开
    用于访问服务的方法和相应的设备

    公开(公告)号:WO2015097042A1

    公开(公告)日:2015-07-02

    申请号:PCT/EP2014/078270

    申请日:2014-12-17

    Applicant: GEMALTO SA

    Inventor: ROUSSEL, Nicolas JOUBERT, Nicolas LABOURIE, Florent DUPREZ, jérôme FAURE, Frédéric

    IPC: H04W8/18

    CPC classification number: H04W8/20 H04B1/3816 H04L67/02 H04W8/18 H04W92/08

    Abstract: The invention relates to a method (20) for accessing a service. A first device (12) comprises a chip. The chip comprises data storing means. The data storing means stores a subscription manager. The data storing means stores at least two subscriptions. A first subscription is active. At least one second subscription is non-active. A second device sends to the subscription manager a request (22) for switching to the second subscription, as a subscription to be activated. According to the invention,the subscription manager includes a first variable (23) relating to a next active subscription. The method includes the following steps. The subscription manager sets the first variable to the second subscription. The subscription manager sends to the first device operating system a message (210) for requesting the first device operating system to re-launch an execution of the subscription manager and to read data. The first device operating system sends to the subscription manager a message (212) including a command for re-launching an execution of the subscription manager. The subscription manager de-activates, based upon the first variable value, the first subscription. The subscription manager activates, based upon the first variable value,the second subscription. And the subscription manager sends to the first device operating system data (214) relating to the second subscription, as a current active subscription.

    Abstract translation: 本发明涉及一种访问服务的方法(20)。 第一装置(12)包括芯片。 芯片包括数据存储装置。 数据存储装置存储订阅管理器。 数据存储装置存储至少两个订阅。 第一个订阅是活动的。 至少一秒钟的订阅是非活动的。 第二设备向订阅管理器发送用于切换到第二订阅的请求(22)作为被激活的订阅。 根据本发明,订阅管理器包括与下一活动订阅有关的第一变量(23)。 该方法包括以下步骤。 订阅管理器将第一个变量设置为第二个订阅。 订阅管理器向第一设备操作系统发送用于请求第一设备操作系统重新启动订阅管理器的执行并读取数据的消息(210)。 第一设备操作系统向订阅管理器发送包括重新启动订阅管理器的执行的命令的消息(212)。 订阅管理器基于第一可变值去激活第一订阅。 订阅管理器基于第一变量值激活第二订阅。 并且订阅管理器将与第二订阅相关的第一设备操作系统数据(214)作为当前活动订阅发送。

Patent Agency Ranking