公开(公告)号：WO2005062236A2

公开(公告)日：2005-07-07

申请号：PCT/IB2004/004156

申请日：2004-12-16

Applicant: AXALTO SA ,  RHELIMI, Alain

Inventor： RHELIMI, Alain

IPC: G06K9/00

CPC classification number: G07C9/00087 ,  G07C9/00563 ,  G07C2009/00095 ,  G07C2209/62

Abstract: The system comprises a terminal (10, 12), an independent portable device (20) including a data processing means, and a wireless coupling means (RF COMMUNICATION) for exchanging individual-identification data between said terminal and said portable device. A body-medium communication means (OSC COMMUNICATION) including a transmitter in the terminal and a receiver in the portable device is provided to transmit from the terminal to the portable device a connection code (CONNECTION CODE) at the onset of a transaction upon physical contact established by the individual between the terminal and the portable device. A control means in the portable device checks said connection code received and conditionally issues to the terminal through said wireless coupling means (RF COMMUNICATION) a signal for enabling further execution of said transaction in response to said connection code complying with predetermined criteria.

Abstract translation: 该系统包括终端（10,12），包括数据处理装置的独立便携式设备（20）和用于在所述终端和所述便携式设备之间交换个人识别数据的无线耦合装置（RF COMMUNICATION）。 提供一种包括终端中的发射机和便携式设备中的接收机的体媒介通信装置（OSC通信），用于在物理接触交易开始时从终端向便携式设备发送连接码（连接码） 由个人在终端和便携式设备之间建立。 便携式设备中的控制装置通过所述无线耦合装置（RF COMMUNICATION）检查接收到的所述连接码并有条件地向终端发出一个用于响应于符合预定标准的所述连接码进一步执行所述交易的信号。

公开(公告)号：WO2005036397A2

公开(公告)日：2005-04-21

申请号：PCT/IB2004/003237

申请日：2004-10-05

Applicant: AXALTO SA ,  BLOCHET, Marc

Inventor： BLOCHET, Marc

IPC: G06F9/46

CPC classification number: G06F9/463

Abstract: The present invention consists in a method for managing threads in a device comprising data processing means (3), a non-volatile memory (7) and a volatile memory (11). The method consists in storing a thread dynamic execution context of a program, called the thread control block (TCB), in said non-volatile memory (7).

Abstract translation: 本发明在于一种用于在包括数据处理装置（3），非易失性存储器（7）和易失性存储器（11）的装置中管理线程的方法。 该方法在于将所述线程控制块（TCB）的程序的线程动态执行上下文存储在所述非易失性存储器（7）中。

公开(公告)号：WO2005034052A1

公开(公告)日：2005-04-14

申请号：PCT/US2004/031572

申请日：2004-09-28

Applicant: AXALTO SA ,  LU, HongQian Karen? ,  MONTGOMERY, Michael, Andrew ,  ALI, Asad, Mahboob

Inventor： LU, HongQian Karen? ,  MONTGOMERY, Michael, Andrew ,  ALI, Asad, Mahboob

IPC: G07F7/10

CPC classification number: H04L63/0435 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/166

Abstract: Secure communication between a resource-constrained device (101), e.g., smart card, and remote network nodes (103) over a network (105) with the resource-constrained device acting as a network node. The remote network nodes communicate with the resource-constrained device using unmodified network clients and servers. Executing on the resource-constrained device device, a communications module implements one or more link layer communication protocols, operable to communicate with a host computer (109), operable to communicate with remote network nodes and operable to implement network security protocols thereby setting a security boundary inside the resource-constrained device.

Abstract translation: 资源受限设备（101）（例如智能卡）和远程网络节点（103）之间通过网络（105）与资源受限设备充当网络节点之间的安全通信。 远程网络节点使用未修改的网络客户端和服务器与资源受限的设备进行通信。 在资源受限的设备设备上执行的通信模块实现一个或多个链路层通信协议，可操作以与主计算机（109）通信，可操作以与远程网络节点进行通信，并可操作以实现网络安全协议，从而设置安全性 资源受限设备内的边界。

公开(公告)号：WO03073390A8

公开(公告)日：2005-04-07

申请号：PCT/IB0300763

申请日：2003-02-26

Applicant: AXALTO SA ,  SCHLUMBERGER MALCO INC ,  FAMBON OLIVIER ,  FREYSSINET ANDRE ,  LACOURTE SERGE

Inventor： FAMBON OLIVIER ,  FREYSSINET ANDRE ,  LACOURTE SERGE

IPC: G06F12/00 ,  G06F9/44 ,  G06F9/46 ,  G07F7/10 ,  G06F9/54

CPC classification number: G06F9/547 ,  G06F9/548 ,  G06Q20/3552 ,  G07F7/1008

Abstract: This invention concerns an iterative procedure for conversion of structured software objects into a raw data stream and vice versa, providing for their direct transfer using simple communication resources such as those of an embedded computer station, and reset of said software objects or reutilisation of memory space allocated to them.This procedure can be used by an embedded platform (2) or a portable object including at least a processor capable of exchanging information with a terminal in the form of linear data sequences. The procedure includes a step for conversion of a data set, in one direction or the other, between a linear data sequence arrangement on the one hand, and a structured arrangement describing or representing an object-oriented software object on the other hand.

Abstract translation: 本发明涉及用于将结构化软件对象转换为原始数据流的反复过程，反之亦然，提供使用诸如嵌入式计算机站的简单通信资源的直接传送以及所述软件对象的重置或存储器空间的再利用 嵌入式平台（2）或至少包括能够以线性数据序列形式与终端交换信息的处理器的便携式对象可以使用该过程。 该过程包括在一方面的线性数据序列排列与另一方面描述或表示面向对象软件对象的结构化装置之间沿一个方向或另一方向转换数据集的步骤。

公开(公告)号：WO2005025178A1

公开(公告)日：2005-03-17

申请号：PCT/IB2004/002815

申请日：2004-08-30

Applicant: AXALTO SA ,  BERNARD, Eddy ,  SALGADO, Stéphanie

Inventor： BERNARD, Eddy ,  SALGADO, Stéphanie

IPC: H04L29/06

CPC classification number: H04L63/0853 ,  H04L9/0643 ,  H04L9/3242 ,  H04L63/08 ,  H04L63/14 ,  H04L2209/80 ,  H04W12/06 ,  H04W12/12 ,  H04W28/18

Abstract: The invention sets forth an authentication method for use in a system including a first entity and a second entity in a network, the first entity being adapted to authenticate the second entity and data received therefrom, both first and second entities storing the same secret key. The method is implemented in a smart card such as a USIM card, including : a memory storing authentication algorithms and keys; means for receiving a message authenticating code and other parameters; means for computing an expected code from said other parameters and from said secret key; means for comparing said message authenticating code received and said expected code; and means for aborting authentication if the message authenticating code received and the expected code do not match. The smart card further comprises a failure counter adapted to store the number of abortion occurrences, and means for updating said failure counter every time the comparing means indicate that said message authenticating code and said expected code do not match. Thanks to its built-in failure counter and the fact that the updating of this counter is controlled from inside the card, the card becomes tamper-resistant against reiterated fraudulent authentication attempts.

Abstract translation: 本发明提出了一种在包括网络中的第一实体和第二实体的系统中使用的认证方法，所述第一实体适于认证所述第二实体及从其接收的数据，所述第一实体和所述第二实体存储相同的秘密密钥。 该方法在诸如USIM卡的智能卡中实现，包括：存储认证算法和密钥的存储器; 用于接收消息认证码和其他参数的装置; 用于从所述其他参数和所述秘密密钥计算预期代码的装置; 用于比较所接收的所述消息认证码和所述预期码的装置; 以及如果接收到的消息认证码和预期码不匹配则中止认证的方法。 智能卡还包括适于存储流产次数的故障计数器，以及每当比较装置指示所述消息认证码和所述预期码不匹配时更新所述故障计数器的装置。 由于其内置的故障计数器以及该计数器的更新从卡内部控制的事实，该卡对于重复的欺诈认证尝试而变得具有防篡改性。

公开(公告)号：WO2005006265A1

公开(公告)日：2005-01-20

申请号：PCT/IB2004/002255

申请日：2004-07-12

Applicant: AXALTO SA ,  BARBE, Serge ,  JOFFRAY, Olivier

Inventor： BARBE, Serge ,  JOFFRAY, Olivier

IPC: G07F7/10

CPC classification number: G07F7/1008 ,  G06Q20/32 ,  G06Q20/341 ,  G07F7/0886 ,  G07F17/16 ,  H04M1/72527 ,  H04M1/72561 ,  H04M2250/14

Abstract: The invention concerns a first device for delivering a service using an application lodged in a portable object, comprising a portable object reader for receiving said portable object, the portable object incorporating at least one application and the first device including resources for activating said application, characterized in that it includes relay means arranged for performing a communication between said portable object reader and a second device external to said first device and connected thereto so that the second device activates at least one application of the portable object independently of said resources.

Abstract translation: 本发明涉及一种用于使用存在于便携式对象中的应用来传送服务的第一设备，包括用于接收所述便携式对象的便携式对象读取器，包含至少一个应用的便携式对象以及包括用于激活所述应用的资源的第一设备，其特征在于 因为它包括被设置用于执行所述便携式对象阅读器与所述第一设备外部连接的第二设备之间的通信的中继装置，使得第二设备独立于所述资源激活便携式对象的至少一个应用。

公开(公告)号：WO2005006245A1

公开(公告)日：2005-01-20

申请号：PCT/IB2004/002253

申请日：2004-07-12

Applicant: AXALTO SA ,  BARBE, Serge

Inventor： BARBE, Serge

IPC: G06K19/07

CPC classification number: G06K19/07769 ,  G06K19/07

Abstract: L'invention concerne un procédé de gestion d'une mémoire dans un objet portatif du type “mixte” dont les moyens de connexion à un appareil hôte associé comprennent à la fois des contacts galvaniques et des moyens de connexion à distance définissant ainsi un mode de fonctionnement dit mode “contacts” et un mode de fonctionnement dit mode “sans contacts”, ces deux modes de fonctionnement étant éventuellement simultanés, caractérisé en ce qu'il comprend les étapes consistant à : lors de toute demande d'effacement d'un bloc mémoire, différer l'effacement et affecter à ce bloc mémoire un attribut de “bloc mémoire à effacer", si l'objet portatif est dans le seul mode “sans contacts” ; puis lors d'un futur passage en mode “contacts”, déclencher l'effacement de tout ou partie des blocs mémoire possédant l'attribut de “bloc mémoire à effacer“.

Abstract translation: 本发明涉及一种多模便携式物体的存储器管理方法，其中用于连接到相关主机装置的装置包括电流触点和远程连接装置，由此限定了所谓的接触操作模式和所谓的非接触操作模式 哪些操作模式可选地同时进行，其特征在于它包括以下步骤：在存储器块删除请求的情况下推迟存储器块删除，并且当便携式对象仅工作时，将要删除的存储块属性分配给所述存储器块 在非接触模式; 并且随后，在切换到联系人操作模式之后，导致删除具有该存储器块的存储块的全部或部分被删除属性。

公开(公告)号：WO2004111923A1

公开(公告)日：2004-12-23

申请号：PCT/IB2004/001959

申请日：2004-06-08

Applicant: AXALTO SA ,  JOFFRAY, Olivier

Inventor： JOFFRAY, Olivier

IPC: G06K19/07

CPC classification number: G06K19/0719 ,  G06K19/07

Abstract: The present invention concerns a method for performing secure operations that require the input of secure information (e.g. PIN) in a system comprising a processing data unit (PC, …) connected to a portable object (1) such as a smartcard, the portable object being connected to a device (21) (e.g. a PIN-pad), characterized in that it consists in receiving said secure information in said portable object from said device through an input/output of said portable object assigned to be connected with the device, physically distinct from an input/output (e.g. USB interface) of said portable object assigned to be connected with the processing data unit.

Abstract translation: 本发明涉及一种用于执行安全操作的方法，其需要在包括连接到诸如智能卡的便携式对象（1）的处理数据单元（PC，...）的系统中输入安全信息（例如PIN），所述处理数据单元 便携式对象连接到设备（例如PIN-焊盘），其特征在于，其包括通过所分配的与所述便携式对象连接的所述便携式对象的输入/输出从所述设备接收所述便携式对象中的所述安全信息 设备，与物理上不同于分配给与处理数据单元连接的所述便携式对象的输入/输出（例如USB接口）。

公开(公告)号：WO2004100060A3

公开(公告)日：2004-12-16

申请号：PCT/IB2004001780

申请日：2004-05-07

Applicant: AXALTO SA ,  SCHLUMBERGER MALCO INC ,  LEROY PASCAL ,  ROUSSEL FRANCOIS ,  LEIBENGUTH JOSEPH

Inventor： LEROY PASCAL ,  ROUSSEL FRANCOIS ,  LEIBENGUTH JOSEPH

IPC: G06K19/07 ,  H03J5/00 ,  H04B1/16 ,  H04H40/18 ,  H04H60/15 ,  H04N7/03 ,  H04W88/02 ,  H04H1/00 ,  H04Q7/22

CPC classification number: H04W88/02 ,  H04H40/18 ,  H04H60/15

Abstract: An RF reception system including a terminal and a portable object such as a smart card for communicating with the terminal. The system includes an RF receiver for receiving a plurality of data flows from an RF signal. The portable object includes a data storage area. The data storage area includes predetermined data identifying a specific data flow. The system further includes selection means for selecting the specific data flow identified by the predetermined data from the plurality of data flows.

Abstract translation: 一种RF接收系统，包括终端和诸如用于与终端通信的智能卡的便携式对象。 该系统包括用于从RF信号接收多个数据流的RF接收器。 便携式对象包括数据存储区域。 数据存储区域包括标识特定数据流的预定数据。 该系统还包括用于从多个数据流中选择由预定数据识别的特定数据流的选择装置。

公开(公告)号：BRPI0516165B1

公开(公告)日：2019-03-26

申请号：BRPI0516165

申请日：2005-07-28

Applicant: AXALTO SA ,  GEMALTO SA ,  GEMPLUS

Inventor： FRÉDÉRIC MARTINENT ,  GUILLAUME PASCAL ,  LAURENT LOUBAUD ,  NADIR BOUSSOUKAIA

IPC: H04W8/24

Abstract: a invenção resolve o problema de marcação de imagem sistemática de objetos de comunicação portáteis, tais como cartões inteligentes ou terminais móveis, envolvidos em uma campanha em uma base de dados (bd) conectada a um servidor de download, liberando, dessa forma, o servidor, o acesso a um objeto de comunicação (gn) alvejado pela campanha é autorizado por uma operação de unidade única, enquanto o servidor (sac) gerencia o processamento prévio de dados para o objeto de comunicação durante a campanha, e é inibido para uma operação de unidade única referente a um objeto alvejado pela campanha quando o acesso é solicitado quando o servidor gerencia durante a campanha a transmissão da mensagem de dados para o objeto de comunicação, o reconhecimento transmitido pelo objeto de comunicação e o processamento posterior de dados relativos ao objeto de comunicação.