Security domain management method, apparatus, and system
First Claim
1. A communications terminal, comprising:
- a network interface, a processor, and a bus, wherein the network interface and the processor are interconnected by using the bus;
the network interface is configured to obtain a management request message comprising;
an issuer security domain profile identifier, anda configuration request message;
the processor is configured to manage a security subdomain in a mobile network operator profile corresponding to the issuer security domain profile identifier, wherein the security subdomain is used to store configuration information of a first service;
the network interface is configured to obtain the configuration request message when the first service is being newly subscribed to, wherein the configuration request message comprises the issuer security domain profile identifier and the configuration information of the first service, and the configuration information of the first service comprises application and data of the first service; and
the processor is configured to;
create the security subdomain in the mobile network operator profile corresponding to the issuer security domain profile identifier, and store the configuration information of the first service in the security subdomain,allocate an identifier to the security subdomain created by the processor, andmanage the security subdomain according to the identifier of the security subdomain.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention provides a security domain management method, apparatus, and system, which relate to the communications field, and can manage, according to a service status of a user-subscribed service, a security domain used for storing service configuration information. A specific solution is as follows: A communications terminal obtains a management request message sent by a server, where the management request message includes an issuer security domain profile identifier; and the communications terminal manages a security subdomain in a mobile network operator profile corresponding to the issuer security domain profile identifier, where the security subdomain is used to store configuration information of a first service. The present invention is used for security domain management.
-
Citations
17 Claims
-
1. A communications terminal, comprising:
-
a network interface, a processor, and a bus, wherein the network interface and the processor are interconnected by using the bus; the network interface is configured to obtain a management request message comprising; an issuer security domain profile identifier, and a configuration request message; the processor is configured to manage a security subdomain in a mobile network operator profile corresponding to the issuer security domain profile identifier, wherein the security subdomain is used to store configuration information of a first service; the network interface is configured to obtain the configuration request message when the first service is being newly subscribed to, wherein the configuration request message comprises the issuer security domain profile identifier and the configuration information of the first service, and the configuration information of the first service comprises application and data of the first service; and the processor is configured to; create the security subdomain in the mobile network operator profile corresponding to the issuer security domain profile identifier, and store the configuration information of the first service in the security subdomain, allocate an identifier to the security subdomain created by the processor, and manage the security subdomain according to the identifier of the security subdomain. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A server, comprising:
-
a network interface, a processor, and a bus, wherein the network interface and the processor are interconnected by using the bus; the network interface is configured to; send a query request message to a subscription manager secure routing, wherein the query request message comprises an identifier of the subscription manager secure routing and an identifier of an embedded integrated circuit card, and obtain a query response message sent by the subscription manager secure routing, wherein the query response message comprises an issuer security domain profile identifier of a mobile network operator profile and a status of the mobile network operator profile; the processor is configured to check the status of the mobile network operator profile; and the network interface is further configured to; send a management request message when the status of the mobile network operator profile is an active state, to enable a communications terminal to manage a security subdomain corresponding to the management request message, wherein the management request message comprises a configuration request message, wherein the configuration request message comprises the issuer security domain profile identifier, and the security subdomain is configured to store configuration information of a first service, and send the configuration request message when the first service is being newly subscribed to and the status of the mobile network operator profile is an active state, to enable the communications terminal to create the security subdomain according to the management request message, wherein the configuration request message comprises the issuer security domain profile identifier and the configuration information of the first service, and the configuration information of the first service comprises application information and data that are of the first service. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14)
-
-
15. A security domain management method, comprising:
-
obtaining a management request message comprising an issuer security domain profile identifier and a configuration request message; managing a security subdomain in a mobile network operator profile corresponding to the issuer security domain profile identifier, wherein the security subdomain is configured to store configuration information of a first service; wherein obtaining the management request message comprises; obtaining the configuration request message when the first service is being newly subscribed to, wherein the configuration request message comprises the issuer security domain profile identifier of the mobile network operator profile and the configuration information of the first service, and the configuration information of the first service comprises application and data that are of the first service; wherein managing the security subdomain in the mobile network operator profile comprises; creating the security subdomain in the mobile network operator profile corresponding to the issuer security domain profile identifier, wherein the security subdomain is configured to store the configuration information of the first service; allocating an identifier to the security subdomain; and managing the security subdomain according to the identifier of the security subdomain. - View Dependent Claims (16, 17)
-
Specification