, Best Paper Award ? A New Convergent Identity System Based on IEEE SAR-SSI 2011, 6è Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information La Rochelle ? A breakthrough for prepaid payment: end to end token exchange and management using secure SSL channels created by EAP-TLS smart cards, Publications Conférences ? An Innovative Solution for Cloud Computing Authentication: Grids of IEEE CTS 2011, International Conference on Collaboration Technologies and Systems for Delivering Services IEEE SAR- SSI 2012, 7è Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information (accepté) ? A New Cooperative Architecture For Sharing Services Managed by Secure Elements Control By Android Phones With IP Objects IEEE CTS 2012, International Conference on Collaboration Technologies and Systems, pp.13-19, 2010.
, Procédé de sécurisation d'une architecture d'authentification, dispositifs matériels et logiciels correspondants, IEEE CCNC 2012 Demo, 15-16 Janvier, Las Vegas Brevets ? Ethertrust, 2004.
, Domain Names ? Concepts and Facilities, RFC, vol.882, 1983.
, The SSL protocol version 3.0, Internet Draft, 1996.
, The TLS protocol version 1.0, RFC 2246, 1999.
, Tandem smart cards: enforcing trust for TLS-based network services, 8th International Workshop on Applications and Services in Wireless Networks, October 9th ? 10th PKCS #1: RSA Cryptography Specifications version 2.0, RFC 2437, 1998.
, Use of Elliptic Curves in Cryptography, pp.417-426
DOI : 10.1007/3-540-39799-X_31
, Identity-Based Encryption from the Weil Pairing Advances in Cryptology -Proceedings of CRYPTO, 2001.
, Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. Cryptology ePrint Archive, Report, vol.11117, 1999.
, Assertion and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, 1999.
, An inductive chosen plaintext attack against WEP/WEP2, 2001.
, A Mathematical Theory of Communication, Bell System Technical Journal, vol.27, issue.3, pp.379-423, 1948.
DOI : 10.1002/j.1538-7305.1948.tb01338.x
, The S/KEY One?Time Password System, Proceedings of the ISOC Symposium on Network and Distributed System Security, pp.151-157, 1994.
DOI : 10.17487/rfc1760
, HOTP : An HMAC-Based One- Time Password Algorithm, 2005.
, TOTP : Time-Based One-Time Password Algorithm, 2011.
, Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication, pp.600-616, 2003.
, online : https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating- SSL.pdf [37] : SSLStrip, a HTTPS stripping attack tool, online : http://www.thoughtcrime.org/software/sslstrip, American National Standard X9, pp.84-2001, 2001.
, Impact of Artificial Gummy Fingers on Fingerprint Systems, Proceedings of SPIE, vol.4677, 2002.
, Vitality detection from biometrics: State-of-the-art, 2011 World Congress on Information and Communication Technologies, 2011.
DOI : 10.1109/WICT.2011.6141226
, HMAC: Keyed-Hashing for Message Authentication, 1997.
DOI : 10.17487/rfc2104
, The MD5 message-digest algorithm, RFC 1321, 1992.
, How to Break MD5 and Other Hash Functions, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT, 2005.
DOI : 10.1007/11426639_2
, Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1, IACR ePrint Archive, Report, p.469, 2008.
, Micro-Architectural Cryptanalysis, Security & Privacy Magazine, IEEE, vol.5, issue.4, pp.62-64, 2007.
, Cache attacks and countermeasures: the case of AES, proceedings of RSA Conference Cryptographers Track (CT-RSA), LNCS, vol.3860, pp.1-20, 2006.
, Pre-Shared Key Ciphersuites for Transport Layer Security (TLS), RFC 4279, 2005.
, Inductive analysis of the Internet protocol TLS, ACM Transactions on Information and System Security, vol.2, issue.3, pp.332-351, 1999.
DOI : 10.1145/322510.322530
, A Modular Correctness Proof of IEEE 802, TLS, CCS'05, 2005.
, Liberty ID-FF Architecture Overview, Liberty Alliance Project, online : http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_ff_1_2_specifications, Microsoft, Introducing Windows CardSpace Shibboleth Architecture, Protocols and Profiles The Kerberos Network Authentication Service (V5), RFC 4120, 2005.
, The Venn of Identity: Options and Issues in Federated Identity Management, IEEE Security & Privacy Magazine, vol.6, issue.2, 2008.
DOI : 10.1109/MSP.2008.50
, Identity Selector Interoperability Profile V1.0, Microsoft, 2007.
, Improving the security of CardSpace, In : EURASIP Journal on Information Security, 2009.
, OpenID Provider Authentication Policy Extension 1.0 online : http://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html Smart Cards: The Developer's Toolkit, 2002.
, Introduction to TCP/IP Network Attacks, online : http://seclab.cs.sunysb, pdf [73] : L. Blunk, and J. Vollbrecht, PPP Extensible Authentication Protocol (EAP), RFC 2284, 1998.
, The Point-to-Point Protocol (PPP), RFC 1661, 1994.
, 1X/D11, Standards for local and metropolitan area networks: Standard for port based network access control, 2001.
, Cryptographic Token Information Syntax Standard, 2000.
, Cryptographic smart cards, IEEE Micro, vol.16, issue.3, pp.16-24, 1996.
DOI : 10.1109/40.502402
, Adding Identity Protection to EAP-TLS Smartcards, 2007 IEEE Wireless Communications and Networking Conference, pp.2951-2956, 2007.
DOI : 10.1109/WCNC.2007.547
, Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, RFC 3447, 2003.
, Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology ? CRYPTO'98, pp.1-12, 1998.
DOI : 10.1007/BFb0055716
, The Transport Layer Security (TLS) Protocol Version 1, 2008.
, Tandem Smart Cards: Enforcing Trust for TLS-Based Network Services, 2008 Eighth International Workshop on Applications and Services in Wireless Networks (aswn 2008), 2008.
DOI : 10.1109/ASWN.2008.10
, Ajax: A New Approach to Web Applications online : http://www.adaptivepath.com/ideas/ajax-new-approach-web-applications [88] : What is Android ?, online : http://developer.android.com/guide/basics/what-is-android.html, Chaumette et. al., Secure distributed computing on a Java Card grid, 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05), 2005.
, The NIST Definition of Cloud Computing, Recommendations of the National Institute of Standards and Technology, Special Publication, pp.800-145
, The state of the art in electronic payment systems, Computer, vol.30, issue.9, 1997.
, A Survey of Payment Card Industry Data Security Standard, Communications Surveys & Tutorials IEEE, vol.12, issue.3, 2010.
, EMV Books, 1 -Application Independent ICC to Terminal Interface Requirement and Application Selection, Book 2 -Security and Key Management, Book 3 ? Application Specification, Book 4 - Cardholder, Attendant, and Acquirer Interface Require Implementation of prepaid services in Kosovo's fixed network, ELMAR '09, International Symposium [99] : What is NFC ?, NFC ForumIEC 14443 : Identification cards --Contactless integrated circuit cards --Proximity cards, pp.1-4, 2008.
, Information technology --Telecommunications and information exchange between systems --Near Field Communication --Interface and Protocol, 2004.
, JavaCard-from hype to reality, IEEE Concurrency, vol.7, issue.4, 1999.
DOI : 10.1109/4434.806977
, for Philips Secure Smart Card Controller P5CT072V0P, P5CC072V0P, P5CD072V0P and P5CD036V0P each with specific IC Dedicated Software from Philips Semiconductors GmbH Business Line Identification, online : https://www.bsi.bund.de/SharedDocs, IEC 9798-2 : Information technology --Security techniques --Entity authentication --Part 2: Mechanisms using symmetric encipherment algorithms, 1999.
, A Practical Attack on the MIFARE Classic, Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications, pp.267-282, 2008.
DOI : 10.1007/11908739_11
, Dismantling MIFARE Classic, Computer Security ? ESORICS '08, pp.97-114, 2008.
DOI : 10.1109/32.345827