Best Paper Award ? A New Convergent Identity System Based on IEEE SAR-SSI 2011, 6è Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information La Rochelle ? A breakthrough for prepaid payment: end to end token exchange and management using secure SSL channels created by EAP-TLS smart cards, Publications Conférences ? An Innovative Solution for Cloud Computing Authentication: Grids of IEEE CTS 2011, International Conference on Collaboration Technologies and Systems for Delivering Services IEEE SAR- SSI 2012, 7è Conférence sur la Sécurité des Architectures Réseaux et Systèmes d'Information (accepté) ? A New Cooperative Architecture For Sharing Services Managed by Secure Elements Control By Android Phones With IP Objects IEEE CTS 2012, International Conference on Collaboration Technologies and Systems, pp.13-19, 2010. ,
Procédé de sécurisation d'une architecture d'authentification, dispositifs matériels et logiciels correspondants, IEEE CCNC 2012 Demo, 15-16 Janvier, Las Vegas Brevets ? Ethertrust, 2004. ,
Domain Names ? Concepts and Facilities, RFC, vol.882, 1983. ,
The SSL protocol version 3.0, Internet Draft, 1996. ,
The TLS protocol version 1.0, RFC 2246, 1999. ,
Tandem smart cards: enforcing trust for TLS-based network services, 8th International Workshop on Applications and Services in Wireless Networks, October 9th ? 10th PKCS #1: RSA Cryptography Specifications version 2.0, RFC 2437, 1998. ,
Use of Elliptic Curves in Cryptography, pp.417-426 ,
DOI : 10.1007/3-540-39799-X_31
Identity-Based Encryption from the Weil Pairing Advances in Cryptology -Proceedings of CRYPTO, 2001. ,
Short chosen-prefix collisions for MD5 and the creation of a rogue CA certificate. Cryptology ePrint Archive, Report, vol.11117, 1999. ,
Assertion and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0, OASIS Standard, 1999. ,
An inductive chosen plaintext attack against WEP/WEP2, 2001. ,
A Mathematical Theory of Communication, Bell System Technical Journal, vol.27, issue.3, pp.379-423, 1948. ,
DOI : 10.1002/j.1538-7305.1948.tb01338.x
The S/KEY One?Time Password System, Proceedings of the ISOC Symposium on Network and Distributed System Security, pp.151-157, 1994. ,
DOI : 10.17487/rfc1760
HOTP : An HMAC-Based One- Time Password Algorithm, 2005. ,
TOTP : Time-Based One-Time Password Algorithm, 2011. ,
Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication, pp.600-616, 2003. ,
online : https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating- SSL.pdf [37] : SSLStrip, a HTTPS stripping attack tool, online : http://www.thoughtcrime.org/software/sslstrip, American National Standard X9, pp.84-2001, 2001. ,
Impact of Artificial Gummy Fingers on Fingerprint Systems, Proceedings of SPIE, vol.4677, 2002. ,
Vitality detection from biometrics: State-of-the-art, 2011 World Congress on Information and Communication Technologies, 2011. ,
DOI : 10.1109/WICT.2011.6141226
HMAC: Keyed-Hashing for Message Authentication, 1997. ,
DOI : 10.17487/rfc2104
The MD5 message-digest algorithm, RFC 1321, 1992. ,
How to Break MD5 and Other Hash Functions, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT, 2005. ,
DOI : 10.1007/11426639_2
Classification and Generation of Disturbance Vectors for Collision Attacks against SHA-1, IACR ePrint Archive, Report, p.469, 2008. ,
Micro-Architectural Cryptanalysis, Security & Privacy Magazine, IEEE, vol.5, issue.4, pp.62-64, 2007. ,
Cache attacks and countermeasures: the case of AES, proceedings of RSA Conference Cryptographers Track (CT-RSA), LNCS, vol.3860, pp.1-20, 2006. ,
Pre-Shared Key Ciphersuites for Transport Layer Security (TLS), RFC 4279, 2005. ,
Inductive analysis of the Internet protocol TLS, ACM Transactions on Information and System Security, vol.2, issue.3, pp.332-351, 1999. ,
DOI : 10.1145/322510.322530
A Modular Correctness Proof of IEEE 802, TLS, CCS'05, 2005. ,
Liberty ID-FF Architecture Overview, Liberty Alliance Project, online : http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_ff_1_2_specifications, Microsoft, Introducing Windows CardSpace Shibboleth Architecture, Protocols and Profiles The Kerberos Network Authentication Service (V5), RFC 4120, 2005. ,
The Venn of Identity: Options and Issues in Federated Identity Management, IEEE Security & Privacy Magazine, vol.6, issue.2, 2008. ,
DOI : 10.1109/MSP.2008.50
Identity Selector Interoperability Profile V1.0, Microsoft, 2007. ,
Improving the security of CardSpace, In : EURASIP Journal on Information Security, 2009. ,
OpenID Provider Authentication Policy Extension 1.0 online : http://openid.net/specs/openid-provider-authentication-policy-extension-1_0.html Smart Cards: The Developer's Toolkit, 2002. ,
Introduction to TCP/IP Network Attacks, online : http://seclab.cs.sunysb, pdf [73] : L. Blunk, and J. Vollbrecht, PPP Extensible Authentication Protocol (EAP), RFC 2284, 1998. ,
The Point-to-Point Protocol (PPP), RFC 1661, 1994. ,
1X/D11, Standards for local and metropolitan area networks: Standard for port based network access control, 2001. ,
Cryptographic Token Information Syntax Standard, 2000. ,
Cryptographic smart cards, IEEE Micro, vol.16, issue.3, pp.16-24, 1996. ,
DOI : 10.1109/40.502402
Adding Identity Protection to EAP-TLS Smartcards, 2007 IEEE Wireless Communications and Networking Conference, pp.2951-2956, 2007. ,
DOI : 10.1109/WCNC.2007.547
Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, RFC 3447, 2003. ,
Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1, Advances in Cryptology ? CRYPTO'98, pp.1-12, 1998. ,
DOI : 10.1007/BFb0055716
The Transport Layer Security (TLS) Protocol Version 1, 2008. ,
Tandem Smart Cards: Enforcing Trust for TLS-Based Network Services, 2008 Eighth International Workshop on Applications and Services in Wireless Networks (aswn 2008), 2008. ,
DOI : 10.1109/ASWN.2008.10
Ajax: A New Approach to Web Applications online : http://www.adaptivepath.com/ideas/ajax-new-approach-web-applications [88] : What is Android ?, online : http://developer.android.com/guide/basics/what-is-android.html, Chaumette et. al., Secure distributed computing on a Java Card grid, 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05), 2005. ,
The NIST Definition of Cloud Computing, Recommendations of the National Institute of Standards and Technology, Special Publication, pp.800-145 ,
The state of the art in electronic payment systems, Computer, vol.30, issue.9, 1997. ,
A Survey of Payment Card Industry Data Security Standard, Communications Surveys & Tutorials IEEE, vol.12, issue.3, 2010. ,
EMV Books, 1 -Application Independent ICC to Terminal Interface Requirement and Application Selection, Book 2 -Security and Key Management, Book 3 ? Application Specification, Book 4 - Cardholder, Attendant, and Acquirer Interface Require Implementation of prepaid services in Kosovo's fixed network, ELMAR '09, International Symposium [99] : What is NFC ?, NFC ForumIEC 14443 : Identification cards --Contactless integrated circuit cards --Proximity cards, pp.1-4, 2008. ,
Information technology --Telecommunications and information exchange between systems --Near Field Communication --Interface and Protocol, 2004. ,
JavaCard-from hype to reality, IEEE Concurrency, vol.7, issue.4, 1999. ,
DOI : 10.1109/4434.806977
for Philips Secure Smart Card Controller P5CT072V0P, P5CC072V0P, P5CD072V0P and P5CD036V0P each with specific IC Dedicated Software from Philips Semiconductors GmbH Business Line Identification, online : https://www.bsi.bund.de/SharedDocs, IEC 9798-2 : Information technology --Security techniques --Entity authentication --Part 2: Mechanisms using symmetric encipherment algorithms, 1999. ,
A Practical Attack on the MIFARE Classic, Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications, pp.267-282, 2008. ,
DOI : 10.1007/11908739_11
Dismantling MIFARE Classic, Computer Security ? ESORICS '08, pp.97-114, 2008. ,
DOI : 10.1109/32.345827