Communication system for managing safely and independently a plurality of applications by each user card and corresponding user card and management method
First Claim
1. Communications system of the type having a plurality of terminal devices (MS), each including a terminal (4) cooperating with a microprocessor user card (5),each user card including data storage means (8) including a plurality of objects, this data storage means (8) serving to support at least two different applications, the user card including means (6, 7) for executing commands belonging to these applications, each object included in the data storage means of a user card being associated with a first access control policy defined by a set of first access conditions, each of these first access conditions applying, for the object, to a group of at least one command belonging to the application or applications using this first control access policy, characterized in that each object is also associated with at least one other access control policy, each other control access policy being defined by a set of at least one alternative access conditions, each alternative access condition of another given access control policy applying, for this object, to a group of at least one command belonging to the application or applications using this other given access control policy, and in that each object is also associated with a plurality of access control policy indicators, each access control policy indicator indicating, for these applications, which access control policy, namely the first or another, is to be used with this application, these access control policy indicators being stored in said data storage means (8).
2 Assignments
0 Petitions
Accused Products
Abstract
A communication system comprising multiple terminal equipment (1), each consisting of a terminal (4) cooperating with a microprocessor-driven user card (SIM module; 5). Each user card includes data memory (8) comprising a plurality of objects and serving as medium to at least two separate applications, the user card comprising a microprocessor (6) and ROM (7) for executing instructions pertaining to the applications. Each object contained in the user card data memory is associated with a first defined access control policy by a set of first access conditions. Each object is also associated with at least another access control policy defined by a set of at least one alternative access condition. Each alternative access condition is applicable, for the object, to group of at least on instruction pertaining to the application(s) using the other defined access control policy. Each object is also associated with a plurality of access control policy indicators each indicating, for one of the applications, which access control policy to use with the application, the control access policy indicators being stored in the data memory (8).
173 Citations
22 Claims
-
1. Communications system of the type having a plurality of terminal devices (MS), each including a terminal (4) cooperating with a microprocessor user card (5),
each user card including data storage means (8) including a plurality of objects, this data storage means (8) serving to support at least two different applications, the user card including means (6, 7) for executing commands belonging to these applications, each object included in the data storage means of a user card being associated with a first access control policy defined by a set of first access conditions, each of these first access conditions applying, for the object, to a group of at least one command belonging to the application or applications using this first control access policy, characterized in that each object is also associated with at least one other access control policy, each other control access policy being defined by a set of at least one alternative access conditions, each alternative access condition of another given access control policy applying, for this object, to a group of at least one command belonging to the application or applications using this other given access control policy, and in that each object is also associated with a plurality of access control policy indicators, each access control policy indicator indicating, for these applications, which access control policy, namely the first or another, is to be used with this application, these access control policy indicators being stored in said data storage means (8).
Specification