公开(公告)号：WO2008035174A2

公开(公告)日：2008-03-27

申请号：PCT/IB2007/002707

申请日：2007-09-18

Applicant: AXALTO S.A. ,  GANEM, Hervé ,  SJARIF, Krishna

Inventor： GANEM, Hervé ,  SJARIF, Krishna

CPC classification number: H04L29/06027 ,  G06Q20/341 ,  G06Q20/40975 ,  H04L63/029 ,  H04L65/1006 ,  H04L67/02 ,  H04L67/14

Abstract: The invention relates to a method for communicating with a personal token (10) over an IP network, in which method a request is made to the personal token and the personal token provides a response to this request, the method being characterized in that it comprises the step which consists in encapsulating (20) the said request to the personal token inside a message which is a response to a prior request emitted by the personal token for the purpose of such encapsulation.

Abstract translation: 本发明涉及一种用于通过IP网络与个人令牌（10）进行通信的方法，其中对个人令牌进行请求，并且个人令牌提供对该请求的响应，该方法的特征在于，其包括 该步骤包括将所述请求封装（20）到消息内的个人令牌，该消息是对由个人令牌发出的用于这种封装的先前请求的响应。

公开(公告)号：WO2008032161A1

公开(公告)日：2008-03-20

申请号：PCT/IB2007/002575

申请日：2007-09-07

Applicant: AXALTO S.A. ,  BAJANEMANE, Santhosh

Inventor： BAJANEMANE, Santhosh

IPC: H03M7/30

CPC classification number: H03M7/30 ,  H04M1/274516 ,  H04M1/72547

Abstract: The invention relates to a personal token (11,15) comprising a microprocessor and a memory, characterized in that it comprises a compression agent (12,16) for compressing data before the data are stored into the memory of the personal token (11,15).

Abstract translation: 本发明涉及一种包括微处理器和存储器的个人令牌（11,15），其特征在于，它包括一个压缩代理（12,16），用于在将数据存储到个人令牌的存储器之前压缩数据， 15）。

公开(公告)号：WO2007144737A2

公开(公告)日：2007-12-21

申请号：PCT/IB2007/001556

申请日：2007-06-08

Applicant: AXALTO S.A. ,  GANEM, Hervé

Inventor： GANEM, Hervé

IPC: G06F21/34 ,  G06F21/43

CPC classification number: H04L29/06027 ,  G06F21/34 ,  G06F21/43 ,  G06Q20/341 ,  G07F7/10 ,  H04L63/0853 ,  H04L63/18 ,  H04L65/1006 ,  H04L65/1069 ,  H04L67/14

Abstract: The invention relates to a personal token (10) comprising a microprocessor and a memory, said personal token (10) storing and running a software entity which constitutes an end-point for communication over the internet, characterized in that the software entity constitutes an end-point according to a signaling protocol over the internet which signaling protocol is of the type intended at initiating a session (20, 30, 40, 50, 60) of real-time conferencing between end-points.

Abstract translation: 本发明涉及包含微处理器和存储器的个人令牌（10），所述个人令牌（10）存储并运行构成通过因特网进行通信的端点的软件实体，其特征在于，软件实体构成一个终端 根据互联网上的信令协议，信令协议是用于发起端点之间的实时会议的会话（20,30,40,50,60）的类型。

公开(公告)号：WO2007138488A2

公开(公告)日：2007-12-06

申请号：PCT/IB2007/002911

申请日：2007-05-25

Applicant: AXALTO S.A. ,  LU, HongQian Karen ,  ALI, Asad ,  VASSILEV, Apostol

Inventor： LU, HongQian Karen ,  ALI, Asad ,  VASSILEV, Apostol

CPC classification number: G07F7/1008 ,  G06F8/65 ,  G06F21/57 ,  G06F2221/2153 ,  G06Q20/3552

Abstract: Patching of software application. A software application is stored on a smart card as partitions and is loaded from the smart card into the memory of a host computer to which the smart card is connected. The software application is executed on the host computer; which using the instructions of the software application establishes a communications channel between the software application and a remote patch server containing a patch for at least one partition of the software application. Upon detecting that a patch is available for the at least one partition of the software application, downloading the at least one partition from the remote server into volatile memory allocated to the software application on the host computer via the first communications channel, and uploading the at least one partition from the volatile memory allocated to the software application to the smart card. Other systems and methods are disclosed.

Abstract translation: 修补软件应用程序。 软件应用程序作为分区存储在智能卡上，并从智能卡加载到智能卡连接到的主机的存储器中。 软件应用程序在主机上执行; 其使用软件应用程序的指令在软件应用程序和包含用于软件应用程序的至少一个分区的补丁的远程补丁服务器之间建立通信通道。 在检测到补丁可用于软件应用程序的至少一个分区时，经由第一通信信道将至少一个分区从远程服务器下载到分配给主计算机上的软件应用程序的易失性存储器中， 从分配给软件应用程序的易失性存储器到智能卡的至少一个分区。 公开了其它系统和方法。

公开(公告)号：WO2007116277A1

公开(公告)日：2007-10-18

申请号：PCT/IB2007/000829

申请日：2007-03-30

Applicant: AXALTO S.A. ,  LU, HongQian Karen ,  ALI, Asad ,  VASSILEV, Apostol ,  DOLPH, Ed

Inventor： LU, HongQian Karen ,  ALI, Asad ,  VASSILEV, Apostol ,  DOLPH, Ed

IPC: G06F21/00

CPC classification number: G06F21/606 ,  G06F21/34 ,  G06Q20/341 ,  G06Q20/40975 ,  G07F7/1008 ,  H04L9/0897 ,  H04L63/0853 ,  H04L63/166

Abstract: A secure portable electronic device for providing secure services when used in conjunction with a host computer. The secure portable device includes a read-only memory partition, a read/write memory partition, and a secure memory partition. The secure portable device includes instructions stored in the read-only partition including a host agent containing instructions executable by the host computer. The secure portable device also includes instructions stored in the secure memory partition. These instructions include a card agent containing instructions executable by central processing units secure portable electronic device, and includes a card agent communications module for communicating with the host agent; and a security module for accessing private information stored in the secure memory partition. The host agent includes a host agent communications module for communicating with the card agent and at least one function requiring use of private information stored in the secure memory partition of the portable device and operable to transmit a request to the card agent to perform a corresponding function requiring the use of private information stored on the portable device.

Abstract translation: 一种用于在与主机结合使用时提供安全服务的安全便携式电子设备。 安全便携式设备包括只读存储器分区，读/写存储器分区和安全存储器分区。 安全便携式设备包括存储在只读分区中的指令，包括主机代理，其中包含可由主机计算机执行的指令。 安全便携式设备还包括存储在安全存储器分区中的指令。 这些指令包括包含可由中央处理单元安全的便携式电子设备执行的指令的卡代理，并且包括用于与主机代理进行通信的卡代理通信模块; 以及用于访问存储在安全存储器分区中的私人信息的安全模块。 主机代理包括用于与卡代理进行通信的主机代理通信模块和需要使用存储在便携式设备的安全存储器分区中的私有信息的至少一个功能，并且可操作以向卡代理发送请求以执行相应的功能 需要使用存储在便携式设备上的私人信息。

公开(公告)号：WO2007105084A1

公开(公告)日：2007-09-20

申请号：PCT/IB2007/000624

申请日：2007-03-02

Applicant: AXALTO S.A. ,  WILIANTO, Wilianto ,  SJARIF, Krishna

Inventor： WILIANTO, Wilianto ,  SJARIF, Krishna

IPC: G06F17/30

CPC classification number: G06F17/30905

Abstract: The invention relates to a method for displaying content on a mobile communication terminal hosting a personal security token, said method consisting in displaying HTML pages (20, 21, 22, 23) which are linked together so as to constitute a path of pages in which an end-user person can progress according to choices made by the end-user person along such path, characterized in that the personal security token comprises an engine which identifies a command of a set of Sim Tool Kit Service Bytecodes (10, 11, 12, 13) on the basis of a said choice of the end-user person along the path and converts such identified command of the set of Sim Tool Kit Service Bytecodes (10, 11, 12, 13) into an HTML page (20, 21, 22, 23) to be displayed to the end-user person.

Abstract translation: 本发明涉及一种用于在托管个人安全令牌的移动通信终端上显示内容的方法，所述方法包括显示链接在一起的HTML页面（20,21,22,23），以构成页面的路径，其中 最终用户人员可以根据终端用户沿着这样的路径做出的选择来进行，其特征在于，个人安全令牌包括识别一组Sim工具包服务字节码（10,11,12）的命令的引擎 ，13），基于沿路径的最终用户人的所述选择，并将所述一组Sim工具包服务字节码（10,11,12,13）的所识别的命令转换成HTML页面（20,21 ，22,23）显示给终端用户。

公开(公告)号：WO2007010363A2

公开(公告)日：2007-01-25

申请号：PCT/IB2006/001971

申请日：2006-07-18

Applicant: AXALTO S.A. ,  SEIF, Jacques

Inventor： SEIF, Jacques

IPC: H04L29/06

CPC classification number: H04L63/08 ,  H04L63/1441 ,  H04W12/04 ,  H04W12/06 ,  H04W12/12

Abstract: The invention relates to a personal token (PT) for a hosting telecommunication terminal (T) such personal token (PT) storing a secret master key and comprising a microprocessor and a software equipment for interpreting at least one incoming command so as to generate first derived key material on the basis of the stored secret master key and on the basis of the content of said incoming at least one command, said software equipment controlling interpretation of said command so as to determine whether said command indicates that the first derived key material should be delivered to the hosting terminal (T) or not, characterized in that the software equipment performs a checking task as to whether the command comprises a content which complies with a predetermined content format and refuses to proceed to delivery of the first derived key material in case said content does not comply with said content format.

Abstract translation: 本发明涉及用于托管电信终端（T）的个人令牌（PT），这种个人令牌（PT）存储秘密主密钥并且包括微处理器和用于解释至少一个 输入命令，以基于所存储的秘密主密钥并基于所述输入的至少一个命令的内容来产生第一派生密钥材料，所述软件设备控制对所述命令的解释以确定所述命令是否指示 应该将第一派生密钥材料传送到主机终端（T），其特征在于软件设备执行关于命令是否包括符合预定内容格式的内容并拒绝继续传送的检查任务 在所述内容不符合所述内容格式的情况下，所述第一派生密钥材料的一部分

公开(公告)号：WO2006100554A2

公开(公告)日：2006-09-28

申请号：PCT/IB2006/000523

申请日：2006-03-10

Applicant: AXALTO S.A

Inventor： MAHBOOB ALI, Asad ,  MONTGOMERY, Michael

IPC: G06F21/00

CPC classification number: G06F21/36 ,  G06F21/31 ,  G06F21/40

Abstract: A method for authenticating a user for use of a server computing device wherein the server computing device is connected by a network to a host device. Generating a key representation image having thereon a plurality of individual key images placed at random positions, each corresponding to a possible character value in an authentication phrase. Accepting a sequence corresponding to locations of mouse clicks representing user selections of character values in an attempted authentication phrase. Verifying that the sequence of location values corresponds to a correct authentication phrase by mapping the locations of the mouse clicks to the locations of the randomly placed key images. Alternatively, accepting a sequence corresponding to a transformation of personal identification number based on a random number and a numerical operation or selection in a matrix.

Abstract translation: 一种用于认证用户以使用服务器计算设备的方法，其中服务器计算设备通过网络连接到主机设备。 生成其上具有放置在随机位置的多个单独的关键图像的键表示图像，每个对应于认证短语中的可能的字符值。 接受对应于表示用户在尝试的认证短语中选择字符值的鼠标点击的位置的序列。 通过将鼠标点击的位置映射到随机放置的关键图像的位置来验证位置值的顺序对应于正确的认证短语。 或者，基于随机数和矩阵中的数值运算或选择来接受与个人识别号的变换相对应的序列。

公开(公告)号：WO2006100547A1

公开(公告)日：2006-09-28

申请号：PCT/IB2006/000260

申请日：2006-02-10

Applicant: AXALTO S.A. ,  AMADOR, Eric

Inventor： AMADOR, Eric

IPC: G07F7/10

CPC classification number: G07F7/1008 ,  G06Q20/341 ,  G06Q20/355 ,  H04L9/0877 ,  H04L9/0891 ,  H04L9/3234

Abstract: This invention relates to a method for replacing a collective key (K, Km) present in an authentication token by a diversified key (Kd1, Kd2, …, Kdn), said method comprising a first step which consists in acquiring a master key (Km), a second step which consists in acquiring a unique data identifying the token (Id1, Id2, …, Idn), and a third step which consists in performing a calculation on the basis of said a master key (Km) and said unique data (Id1, Id2, …, Idn) so as to provide a unique diversified key (Kd1, Kd2, …, Kdn) and store it in the token, characterized in that said first, second and third steps are performed in the token.

Abstract translation: 本发明涉及一种通过多样化密钥（Kd1，Kd2，...，Kdn）来替换存在于认证令牌中的集合密钥（K，Km）的方法，所述方法包括第一步骤，其包括获得主密钥（Km） 第二步，其特征在于，获取识别令牌（Id1，Id2，Idn）的唯一数据，以及第三步骤，其特征在于，基于所述主密钥（Km）和所述唯一数据（Id1）执行计算 ，Id2，，Idn），以便提供唯一的多样化密钥（Kd1，Kd2，Kdn）并将其存储在令牌中，其特征在于，所述第一，第二和第三步骤在令牌中执行。

公开(公告)号：WO2006038103A1

公开(公告)日：2006-04-13

申请号：PCT/IB2005/002975

申请日：2005-10-06

Applicant: AXALTO S.A

Inventor： PREVOST, Sylvain

IPC: G07F7/10

CPC classification number: G07F7/1008 ,  G06Q20/341 ,  G06Q20/3552 ,  G06Q20/3576

Abstract: Updating system software of a resource-constrained device having a microprocessor. The system software is updated by embedding native code instructions in an application program that is downloaded onto the resource-constrained device. The native code instructions are selected from the instruction set requiring no processing prior to execution by the microprocessor. In response to detecting that an application contains embedded native code, passing the embedded native code directly to the microprocessor for execution.

Abstract translation: 更新具有微处理器的资源受限设备的系统软件。 通过在下载到资源受限设备上的应用程序中嵌入本机代码指令来更新系统软件。 在由微处理器执行之前，从不需要处理的指令集中选择本机代码指令。 响应于检测到应用程序包含嵌入式本机代码，将嵌入式本地代码直接传递到微处理器执行。