Method for managing the security of applications with a security module
First Claim
1. A method for managing security of at least one additional application associated to a main application with a security module of an equipment connected, via a network, to a control server managed by an operator, the main application and the additional applications use resources as data or functions stored in the security module locally connected to said equipment, comprising:
- the equipment, periodically sending via the network to the control server identification data including at least a type and software version of the equipment and a type and software version of the security module,analyzing and verifying by the control server the identification data upon an occurrence of at least one;
after each connection of the equipment to the network,after each updating of the software version of the equipment,after at least one of each activation and deactivation of the additional application on the equipment,after each updating of the software version of the security module,after each updating of resources on the security module, andperiodically at a rate given by the control server,generating, by the control server, a cryptogram from a result of the verification of the identification data by comparing the identification data to a subscriber database content,transmitting, by the control server, the cryptogram, via the network and the equipment, to the security module,receiving and analyzing the cryptogram by the security module for acting on specific applications according to instructions included in the cryptogram, andselectively activating or deactivating at least one resource as data or functions stored in said security module by executing the instructions included in the cryptogram and using the selected resource to condition the functioning of the at least one additional application stored in the equipment according to criteria established by at least one of a supplier of said additional application or the operator managing the control server,wherein the resources as data or functions of the security module used by the main application are left active for connection of the equipment to the network so as to obtain further cryptograms from the control server.
3 Assignments
0 Petitions
Accused Products
Abstract
A method for managing the security of applications with a security module associated to an equipment connected to a network managed by a control server of an operator. The applications use resources as data or functions stored in the security module locally connected to the equipment. The method may include steps of receiving, analyzing and verifying, by the control server, identification data from the equipment and the security module, generating a cryptogram from the result of the verification of the identification data, transmitting the cryptogram to the security module of the equipment, and selectively activating or selectively deactivating by the security module at least one resource as data or functions of the security module by executing instructions included in the cryptogram and conditioning the functioning of an application according to criteria established by a supplier of the application or the operator or a user of the equipment.
-
Citations
13 Claims
-
1. A method for managing security of at least one additional application associated to a main application with a security module of an equipment connected, via a network, to a control server managed by an operator, the main application and the additional applications use resources as data or functions stored in the security module locally connected to said equipment, comprising:
-
the equipment, periodically sending via the network to the control server identification data including at least a type and software version of the equipment and a type and software version of the security module, analyzing and verifying by the control server the identification data upon an occurrence of at least one; after each connection of the equipment to the network, after each updating of the software version of the equipment, after at least one of each activation and deactivation of the additional application on the equipment, after each updating of the software version of the security module, after each updating of resources on the security module, and periodically at a rate given by the control server, generating, by the control server, a cryptogram from a result of the verification of the identification data by comparing the identification data to a subscriber database content, transmitting, by the control server, the cryptogram, via the network and the equipment, to the security module, receiving and analyzing the cryptogram by the security module for acting on specific applications according to instructions included in the cryptogram, and selectively activating or deactivating at least one resource as data or functions stored in said security module by executing the instructions included in the cryptogram and using the selected resource to condition the functioning of the at least one additional application stored in the equipment according to criteria established by at least one of a supplier of said additional application or the operator managing the control server, wherein the resources as data or functions of the security module used by the main application are left active for connection of the equipment to the network so as to obtain further cryptograms from the control server. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A system having a security module including resources as data or functions intended to be locally accessed by a main application and at least one additional application installed in an equipment connected, via a network, to a control server configured for managing security of the at least one additional application on at least one of each initialization, activation or deactivation of the at least one additional application, comprising:
-
the equipment configured to read and transmit identification data periodically via the network to the control server including at least a type and software version of the equipment and a type and software version of the security module; the control server configured to analyze and verify the identification data upon an occurrence of at least one; after each connection of the equipment to the network, after each updating of the software version of the equipment, after at least one of each activation and deactivation of the additional application on the equipment, after each updating of the software version of the security module, after each updating of resources on the security module, and periodically at a rate given by the control server, the control server configured to generate a cryptogram from a result of the verification of the identification data by comparing the identification data to a subscriber database content; the security module configured to receive and analyze the cryptogram for acting on specific applications according to instructions included in the cryptogram; and configured to selectively activate or deactivate at least one resource as data or functions stored in the security module by executing the instructions included in the cryptogram and using the selected resource to condition the functioning of the at least one additional application stored in the equipment according to criteria established by at least one of the supplier of said additional application or the operator managing the control server, wherein the resources as data or functions of the security module used by the main application are left active for connection of the equipment to the network so as to obtain further cryptograms from the control server. - View Dependent Claims (13)
-
Specification