Secure updating of telecommunication terminal configuration
First Claim
1. A method performed by a terminal for telecommunication, the method comprising:
- receiving, via a user interface of the terminal, a request to unlock the terminal; and
in response, providing an unlock request to a security processor of the terminal;
retrieving, from a datastore of the terminal, by the security processor, a first configuration record comprising a first device identifier of the terminal and a cryptographic signature of at least a portion of the configuration record;
transmitting, via a network interface of the terminal to a provider services entity of a network operator, an unlock message comprising the first configuration record and data of the first device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator;
receiving, via the network interface from the provider services entity, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record;
verifying, by the security processor, that the second cryptographic signature is valid, and providing, in response, a first validity indication;
verifying, by the security processor, that the second device identifier matches the first device identifier, and providing, in response, a second validity indication; and
in response to a combination of the first validity indication and the second validity indication, replacing the first configuration record in the datastore with the second configuration record.
3 Assignments
0 Petitions
Accused Products
Abstract
A network terminal, e.g., a smartphone, can retrieve, from a datastore, a cryptographically-signed configuration record including a device identifier of the terminal. The terminal can transmit a request message comprising the configuration record and the device identifier. A network device can verify authenticity of the device identifier and a match between the identifier in the record and the identifier in the message. In response to confirmation of the request by a policy engine, the network device can determine a reply message comprising a cryptographically-signed second configuration record that includes a second device identifier. The terminal can verify that the signature is valid and that the second device identifier matches the device identifier. In response, the terminal can modify data in the datastore according to the second configuration record. The configuration record can lock or unlock the terminal, or determine permitted services or network peers.
63 Citations
16 Claims
-
1. A method performed by a terminal for telecommunication, the method comprising:
-
receiving, via a user interface of the terminal, a request to unlock the terminal; and in response, providing an unlock request to a security processor of the terminal; retrieving, from a datastore of the terminal, by the security processor, a first configuration record comprising a first device identifier of the terminal and a cryptographic signature of at least a portion of the configuration record; transmitting, via a network interface of the terminal to a provider services entity of a network operator, an unlock message comprising the first configuration record and data of the first device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator; receiving, via the network interface from the provider services entity, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record; verifying, by the security processor, that the second cryptographic signature is valid, and providing, in response, a first validity indication; verifying, by the security processor, that the second device identifier matches the first device identifier, and providing, in response, a second validity indication; and in response to a combination of the first validity indication and the second validity indication, replacing the first configuration record in the datastore with the second configuration record. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. Telecommunication apparatus, comprising:
-
a communications interface configured to transmit and receive messages via a telecommunications network; a datastore configured for storage of a configuration record; and a security processor communicatively connected with the communications interface and the datastore and configured to; retrieve, from the datastore, a first configuration record comprising a first device identifier of the terminal and a cryptographic signature of at least a portion of the first configuration record; transmit, via the communications interface to a provider services entity of a network operator, a request message comprising the first configuration record and data of the first device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator; receive, via the communications interface, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record; verify that the second cryptographic signature is valid; verify that the second device identifier matches the first device identifier; and in response to the verifications of the second cryptographic signature and the second device identifier, modifying data in the datastore according to the second configuration record. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. A method performed by a terminal for telecommunication, the method comprising:
-
retrieving, from a datastore, a configuration record comprising a device identifier of the terminal and a cryptographic signature of at least a portion of the configuration record; transmitting, via a communications interface to a provider services entity of a network operator, a request message comprising the configuration record and the device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator; receiving, via the communications interface, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record; verifying that the second cryptographic signature is valid; verifying that the second device identifier matches the device identifier; and in response to the verifications of the second cryptographic signature and the second device identifier, modifying data in the datastore according to the second configuration record. - View Dependent Claims (15, 16)
-
Specification