E. Cards, P. Urien, C. Kiennert, E. Marie, E. Cards et al., Best Paper Award ? A New Convergent Identity System Based on IEEE SAR-SSI 2011, 6è Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information La Rochelle ? A breakthrough for prepaid payment: end to end token exchange and management using secure SSL channels created by EAP-TLS smart cards, Publications Conférences ? An Innovative Solution for Cloud Computing Authentication: Grids of IEEE CTS 2011, International Conference on Collaboration Technologies and Systems for Delivering Services IEEE SAR- SSI 2012, 7è Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information (accepté) ? A New Cooperative Architecture For Sharing Services Managed by Secure Elements Control By Android Phones With IP Objects IEEE CTS 2012, International Conference on Collaboration Technologies and Systems, pp.13-19, 2010.

?. System, . Lock, . Based, N. Interface, A. Chips et al., Procédé de sécurisation d'une architecture d'authentification, dispositifs matériels et logiciels correspondants, IEEE CCNC 2012 Demo, 15-16 Janvier, Las Vegas Brevets ? Ethertrust, 2004.

:. P. Mockapetris, Domain Names ? Concepts and Facilities, RFC, vol.882, 1983.

:. A. Freier, P. Karlton, and P. Kocher, The SSL protocol version 3.0, Internet Draft, 1996.

:. T. Dierks and C. Allen, The TLS protocol version 1.0, RFC 2246, 1999.

:. P. Urien and S. Elrharbi, Tandem smart cards: enforcing trust for TLS-based network services, 8th International Workshop on Applications and Services in Wireless Networks, October 9th ? 10th PKCS #1: RSA Cryptography Specifications version 2.0, RFC 2437, 1998.

:. V. Miller, Use of Elliptic Curves in Cryptography, pp.417-426
DOI : 10.1007/3-540-39799-X_31

:. D. Boneh and M. K. Franklin, Identity-Based Encryption from the Weil Pairing Advances in Cryptology -Proceedings of CRYPTO, 2001.

:. M. Stevens, A. Sotirov, J. Appelbaum, A. Lenstra, D. Molnar et al., Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. Cryptology ePrint Archive, Report, vol.11117, 1999.

S. Cantor, Assertion and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, 1999.

:. W. Arbaugh, An inductive chosen plaintext attack against WEP/WEP2, 2001.

:. C. Shannon, A Mathematical Theory of Communication, Bell System Technical Journal, vol.27, issue.3, pp.379-423, 1948.
DOI : 10.1002/j.1538-7305.1948.tb01338.x

:. N. Haller, The S/KEY One?Time Password System, Proceedings of the ISOC Symposium on Network and Distributed System Security, pp.151-157, 1994.
DOI : 10.17487/rfc1760

:. D. M-'raihi, M. Bellare, F. Hoornaert, D. Naccache, and O. Ranen, HOTP : An HMAC-Based One- Time Password Algorithm, 2005.

:. D. M-'raihi, S. Machani, M. Pei, and J. , TOTP : Time-Based One-Time Password Algorithm, 2011.

:. B. Elad, E. Biham, and N. Keller, Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication, pp.600-616, 2003.

:. M. Marlinspike, online : https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating- SSL.pdf [37] : SSLStrip, a HTTPS stripping attack tool, online : http://www.thoughtcrime.org/software/sslstrip, American National Standard X9, pp.84-2001, 2001.

:. T. Matsumoto, H. Matsumoto, K. Yamada, and S. Hoshino, Impact of Artificial Gummy Fingers on Fingerprint Systems, Proceedings of SPIE, vol.4677, 2002.

:. Y. Singh and S. K. Singh, Vitality detection from biometrics: State-of-the-art, 2011 World Congress on Information and Communication Technologies, 2011.
DOI : 10.1109/WICT.2011.6141226

:. H. Krawczyk, M. Bellare, and R. Canetti, HMAC: Keyed-Hashing for Message Authentication, 1997.
DOI : 10.17487/rfc2104

:. R. Rivest, The MD5 message-digest algorithm, RFC 1321, 1992.

:. X. Wang and Y. Yu, How to Break MD5 and Other Hash Functions, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT, 2005.
DOI : 10.1007/11426639_2

:. S. Manuel, Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1, IACR ePrint Archive, Report, p.469, 2008.

:. O. Acucmez, J. P. Seifert, and C. K. Koc, Micro-Architectural Cryptanalysis, Security & Privacy Magazine, IEEE, vol.5, issue.4, pp.62-64, 2007.

:. D. Osvik, A. Shamir, and E. Tromer, Cache attacks and countermeasures: the case of AES, proceedings of RSA Conference Cryptographers Track (CT-RSA), LNCS, vol.3860, pp.1-20, 2006.

:. P. Eronen and H. Tschofenig, Pre-Shared Key Ciphersuites for Transport Layer Security (TLS), RFC 4279, 2005.

:. L. Paulson, Inductive analysis of the Internet protocol TLS, ACM Transactions on Information and System Security, vol.2, issue.3, pp.332-351, 1999.
DOI : 10.1145/322510.322530

:. C. He, M. Sundararajan, A. Datta, A. Derek, and J. Mitchell, A Modular Correctness Proof of IEEE 802, TLS, CCS'05, 2005.

T. Wason, Liberty ID-FF Architecture Overview, Liberty Alliance Project, online : http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_ff_1_2_specifications, Microsoft, Introducing Windows CardSpace Shibboleth Architecture, Protocols and Profiles The Kerberos Network Authentication Service (V5), RFC 4120, 2005.

:. E. Maler and D. Reed, The Venn of Identity: Options and Issues in Federated Identity Management, IEEE Security & Privacy Magazine, vol.6, issue.2, 2008.
DOI : 10.1109/MSP.2008.50

:. A. Nanda, Identity Selector Interoperability Profile V1.0, Microsoft, 2007.

:. W. Alrodhan and C. J. Mitchell, Improving the security of CardSpace, In : EURASIP Journal on Information Security, 2009.

1. and S. T. Jurgensen, OpenID Provider Authentication Policy Extension 1.0 online : http://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html Smart Cards: The Developer's Toolkit, 2002.

:. G. Yang, Introduction to TCP/IP Network Attacks, online : http://seclab.cs.sunysb, pdf [73] : L. Blunk, and J. Vollbrecht, PPP Extensible Authentication Protocol (EAP), RFC 2284, 1998.

:. W. Simpson, The Point-to-Point Protocol (PPP), RFC 1661, 1994.

P. Ieee-draft, 1X/D11, Standards for local and metropolitan area networks: Standard for port based network access control, 2001.

/. Pc, . Sc-workgroup-specifications, P. /. Overview, and . Workgroup, Cryptographic Token Information Syntax Standard, 2000.

:. D. Naccach and D. , Cryptographic smart cards, IEEE Micro, vol.16, issue.3, pp.16-24, 1996.
DOI : 10.1109/40.502402

:. M. Badra and P. Urien, Adding Identity Protection to EAP-TLS Smartcards, 2007 IEEE Wireless Communications and Networking Conference, pp.2951-2956, 2007.
DOI : 10.1109/WCNC.2007.547

:. J. Jonsson and B. Kaliski, Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, RFC 3447, 2003.

:. D. Bleichenbacher, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology ? CRYPTO'98, pp.1-12, 1998.
DOI : 10.1007/BFb0055716

:. T. Dierks and E. Rescorla, The Transport Layer Security (TLS) Protocol Version 1, 2008.

:. P. Urien and S. Elrharbi, Tandem Smart Cards: Enforcing Trust for TLS-Based Network Services, 2008 Eighth International Workshop on Applications and Services in Wireless Networks (aswn 2008), 2008.
DOI : 10.1109/ASWN.2008.10

:. J. Garrett, Ajax: A New Approach to Web Applications online : http://www.adaptivepath.com/ideas/ajax-new-approach-web-applications [88] : What is Android ?, online : http://developer.android.com/guide/basics/what-is-android.html, Chaumette et. al., Secure distributed computing on a Java Card grid, 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05), 2005.

:. P. Mell and T. Grance, The NIST Definition of Cloud Computing, Recommendations of the National Institute of Standards and Technology, Special Publication, pp.800-145

:. N. Asokan, P. A. Janson, M. Steiner, and M. Waidner, The state of the art in electronic payment systems, Computer, vol.30, issue.9, 1997.

:. J. Liu, Y. Xiao, H. Chen, S. Ozdemir, S. Dodle et al., A Survey of Payment Card Industry Data Security Standard, Communications Surveys & Tutorials IEEE, vol.12, issue.3, 2010.

. Pci-ssc-data-security-standards, . Overview, . Pci-security-standards, O. S. Council, M. Cakaj et al., EMV Books, 1 -Application Independent ICC to Terminal Interface Requirement and Application Selection, Book 2 -Security and Key Management, Book 3 ? Application Specification, Book 4 - Cardholder, Attendant, and Acquirer Interface Require Implementation of prepaid services in Kosovo's fixed network, ELMAR '09, International Symposium [99] : What is NFC ?, NFC ForumIEC 14443 : Identification cards --Contactless integrated circuit cards --Proximity cards, pp.1-4, 2008.

. Iso, Information technology --Telecommunications and information exchange between systems --Near Field Communication --Interface and Protocol, 2004.

:. P. Baentsch, P. Buhler, T. Eirich, F. Horing, and M. Oestreicher, JavaCard-from hype to reality, IEEE Concurrency, vol.7, issue.4, 1999.
DOI : 10.1109/4434.806977

B. Certification-report, for Philips Secure Smart Card Controller P5CT072V0P, P5CC072V0P, P5CD072V0P and P5CD036V0P each with specific IC Dedicated Software from Philips Semiconductors GmbH Business Line Identification, online : https://www.bsi.bund.de/SharedDocs, IEC 9798-2 : Information technology --Security techniques --Entity authentication --Part 2: Mechanisms using symmetric encipherment algorithms, 1999.

:. G. De-koning-gans, J. H. Hoepman, and F. D. Garcia, A Practical Attack on the MIFARE Classic, Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications, pp.267-282, 2008.
DOI : 10.1007/11908739_11

:. F. Garcia, Dismantling MIFARE Classic, Computer Security ? ESORICS '08, pp.97-114, 2008.
DOI : 10.1109/32.345827