Apparatus and method for managing security domains for a universal integrated circuit card
First Claim
Patent Images
1. A device comprising:
- a universal integrated circuit card;
a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
generating a third-party security domain root structure for the universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a trusted service manager of the mobile network operator;
adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the trusted service manager of the mobile network operator; and
responsive to a determination to allow the third-party trusted service manager to utilize a third-party over-the-air platform, adjusting the third-party security domain root structure to include a service provider link provider operator security domain in the hierarchy below the mobile network operator trusted security domain and to include a second service provider trusted security domain in the hierarchy below the service provider link provider operator security domain.
1 Assignment
0 Petitions
Accused Products
Abstract
A device that incorporates the subject disclosure may perform, for example, generating a security domain root structure for a universal integrated circuit card of an end user device, where the security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, where the link provider operator security domain enables transport management by a link provider operator, and where the mobile network operator trusted security domain enables card content management and subscription eligibility verification by a mobile network operator trusted service manager. Other embodiments are disclosed.
254 Citations
20 Claims
-
1. A device comprising:
-
a universal integrated circuit card; a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising; generating a third-party security domain root structure for the universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a trusted service manager of the mobile network operator; adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the trusted service manager of the mobile network operator; and responsive to a determination to allow the third-party trusted service manager to utilize a third-party over-the-air platform, adjusting the third-party security domain root structure to include a service provider link provider operator security domain in the hierarchy below the mobile network operator trusted security domain and to include a second service provider trusted security domain in the hierarchy below the service provider link provider operator security domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A universal integrated circuit card comprising:
-
a memory that stores executable instructions that, when executed by a processor, facilitate performance of operations, comprising; generating a third-party security domain root structure for the universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a trusted service manager of the mobile network operator; adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the trusted service manager of the mobile network operator; and responsive to a determination to allow another third-party trusted service manager to utilize a third-party over-the-air platform, adjusting the third-party security domain root structure to include a service provider link provider operator security domain in the hierarchy below the mobile network operator trusted security domain and to include a third service provider trusted security domain in the hierarchy below the service provider link provider operator security domain. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method, comprising:
-
generating a third-party security domain root structure for a universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a trusted service manager of the mobile network operator; adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the trusted service manager of the mobile network operator; and responsive to a determination to allow another third-party trusted service manager to utilize a third-party over-the-air platform, adjusting the third-party security domain root structure to include a service provider link provider operator security domain in the hierarchy below the mobile network operator trusted security domain and to include a third service provider trusted security domain in the hierarchy below the service provider link provider operator security domain. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification