公开(公告)号：US20150017949A1

公开(公告)日：2015-01-15

申请号：US14369440

申请日：2012-12-28

Applicant: GEMALTO SA

Inventor： Julien Delsuc

IPC: H04M1/725 ,  H04W12/06 ,  H04W12/04

CPC classification number: H04M1/7253 ,  H04M2250/02 ,  H04M2250/04 ,  H04M2250/06 ,  H04M2250/52 ,  H04W12/04 ,  H04W12/06

Abstract: A wireless device presents a predetermined identifier and at least one code comprising connection data. A terminal communicates over a short range radio-frequency link, with a wireless device. The terminal has a camera and a display screen. The terminal detects, through the camera, an identifier relating to a wireless device in a vicinity of the terminal. The terminal presents, through the display screen, at least one object for each detected identifier, the object being associated with a wireless device. A terminal user selects, through the display screen, one object amongst the presented objects. The terminal reads or extracts the connection data comprised within the selected code associated with the corresponding selected wireless device. And the terminal establishes, a connection, over the short range radio-frequency link, to the corresponding selected wireless device.

Abstract translation: 无线设备呈现预定的标识符和包括连接数据的至少一个代码。 终端通过短距离射频链路与无线设备进行通信。 终端有摄像头和显示屏。 终端通过相机检测与终端附近的无线设备有关的标识符。 终端通过显示屏显示每个检测到的标识符的至少一个对象，该对象与无线设备相关联。 终端用户通过显示屏选择所呈现的对象之中的一个对象。 终端读取或提取包含在与相应的所选无线设备相关联的所选代码内的连接数据。 并且终端通过短距离射频链路建立到相应的所选无线设备的连接。

公开(公告)号：US09935954B2

公开(公告)日：2018-04-03

申请号：US15109401

申请日：2014-11-28

Applicant: GEMALTO SA

Inventor： Philippe Smadja ,  Julien Delsuc ,  Herve Ganem ,  Francois Ennesser

IPC: H04L29/06 ,  H04W4/00 ,  H04W12/06

CPC classification number: H04L63/0884 ,  H04L63/0428 ,  H04L63/062 ,  H04W4/70 ,  H04W12/06

Abstract: This invention concerns the implementation of end-to-end security for the communication between objects in the domain of the Internet of Things (or Internet of Objects). The purpose of the patent is dealing with the setup of secure authorized information channel between data source (M2M device) and data consumers (consumer entity). According to the present invention, the access to a M2M device by a consumer entity (consumer application) is controlled by a M2M authorization server. The M2M authorization server is the entity in charge of managing access rights for the M2M device and makes the decision regarding the access to the resource by the consumer entity (consumer application). The M2M server is an entity that enforces the decision and enables the access to the M2M device. When a consumer application needs to communicate with a M2M device, the present invention proposes a method for authorizing a consumer application to access a M2M device and for encrypting the communication between the consumer application and the M2M device. The M2M authorization server computes security credentials which are sent to the consumer application.

公开(公告)号：US09191481B2

公开(公告)日：2015-11-17

申请号：US14369440

申请日：2012-12-28

Applicant: GEMALTO SA

Inventor： Julien Delsuc

IPC: H04M1/725 ,  H04W12/04 ,  H04W12/06

CPC classification number: H04M1/7253 ,  H04M2250/02 ,  H04M2250/04 ,  H04M2250/06 ,  H04M2250/52 ,  H04W12/04 ,  H04W12/06

Abstract: A wireless device presents a predetermined identifier and at least one code comprising connection data. A terminal communicates over a short range radio-frequency link, with a wireless device. The terminal has a camera and a display screen. The terminal detects, through the camera, an identifier relating to a wireless device in a vicinity of the terminal. The terminal presents, through the display screen, at least one object for each detected identifier, the object being associated with a wireless device. A terminal user selects, through the display screen, one object amongst the presented objects. The terminal reads or extracts the connection data comprised within the selected code associated with the corresponding selected wireless device. And the terminal establishes, a connection, over the short range radio-frequency link, to the corresponding selected wireless device.

Abstract translation: 无线设备呈现预定的标识符和包括连接数据的至少一个代码。 终端通过短距离射频链路与无线设备进行通信。 终端有摄像头和显示屏。 终端通过相机检测与终端附近的无线设备有关的标识符。 终端通过显示屏显示每个检测到的标识符的至少一个对象，该对象与无线设备相关联。 终端用户通过显示屏选择所呈现的对象之中的一个对象。 终端读取或提取包含在与相应的所选无线设备相关联的所选代码内的连接数据。 并且终端通过短距离射频链路建立到相应的所选无线设备的连接。

公开(公告)号：US09571583B2

公开(公告)日：2017-02-14

申请号：US15028321

申请日：2014-10-07

Applicant: GEMALTO SA

Inventor： Julien Delsuc ,  Sylvain Chafer

IPC: G06F15/177 ,  H04L29/08 ,  H04W4/00

CPC classification number: H04L67/125 ,  H04L67/2838 ,  H04L67/34 ,  H04W4/70

Abstract: The invention is a method of communicating between a caller device and an executor device wherein the executor device comprises a memory having a layout which defines formats and addresses used for storing data in the memory. The executor device comprises an application including a service and the method comprises the steps of: providing the caller device with the layout and an indicator reflecting the service during the handshake phase, sending to the executor device a data block corresponding to a command targeting the service, wherein the data block complies with the layout and is devoid of metadata, sending to the caller device a response block which complies with the layout and which corresponds to a result generated by execution of the command.

Abstract translation: 本发明是一种在呼叫者设备和执行器设备之间通信的方法，其中执行器设备包括具有定义用于在存储器中存储数据的格式和地址的布局的存储器。 所述执行器设备包括包括服务的应用，所述方法包括以下步骤： - 在所述握手阶段期间向所述呼叫者设备提供所述布局和反映所述服务的指示符， - 向所述执行器设备发送与命令定位相对应的数据块 所述服务，其中所述数据块符合所述布局并且没有元数据， - 向所述呼叫者设备发送符合所述布局的响应块，并且对应于通过执行所述命令而产生的结果。

公开(公告)号：US09444815B2

公开(公告)日：2016-09-13

申请号：US14647269

申请日：2013-11-27

Applicant: GEMALTO SA

Inventor： Julien Delsuc ,  Sylvain Chafer ,  Sébastien Hecart

IPC: G06F7/04 ,  H04L29/06

CPC classification number: H04L63/0853 ,  H04L63/0815 ,  H04L63/0884 ,  H04L63/18

Abstract: To access a service, each user device stores one first key. The user device is connected to a first server. A terminal sends to a second server a connection request. The second server responds with first data relating to a transaction identifier and an associated challenge. The terminal determines a first result depending upon the first data and the first key. The terminal sends to the first server the first result and user device data. The first server identifies a user device based upon the user device data and sends to the device the first result. The device determines the challenge and the transaction identifier based upon the first result and the first key and sends to the second server the challenge and the transaction identifier. The second server verifies whether the data received from the device matches the first data and, if so, authorizes the terminal to connect.

Abstract translation: 为了访问服务，每个用户设备存储一个第一密钥。 用户设备连接到第一服务器。 终端向第二台服务器发送连接请求。 第二服务器响应与事务标识符和相关联的挑战相关的第一数据。 终端根据第一数据和第一密钥确定第一结果。 终端向第一台服务器发送第一个结果和用户设备数据。 第一服务器基于用户设备数据识别用户设备，并向设备发送第一个结果。 设备基于第一结果和第一密钥来确定挑战和交易标识符，并向第二服务器发送质询和交易标识符。 第二服务器验证从设备接收的数据是否与第一数据匹配，如果是，则授权终端连接。