Secure updating of telecommunication terminal configuration

US 10,476,875 B2
Filed: 08/04/2017
Issued: 11/12/2019
Est. Priority Date: 04/21/2017
Status: Active Grant

First Claim

Patent Images

1. A method performed by a terminal for telecommunication, the method comprising:

receiving, via a user interface of the terminal, a request to unlock the terminal; and

in response, providing an unlock request to a security processor of the terminal;

retrieving, from a datastore of the terminal, by the security processor, a first configuration record comprising a first device identifier of the terminal and a cryptographic signature of at least a portion of the configuration record;

transmitting, via a network interface of the terminal to a provider services entity of a network operator, an unlock message comprising the first configuration record and data of the first device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator;

receiving, via the network interface from the provider services entity, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record;

verifying, by the security processor, that the second cryptographic signature is valid, and providing, in response, a first validity indication;

verifying, by the security processor, that the second device identifier matches the first device identifier, and providing, in response, a second validity indication; and

in response to a combination of the first validity indication and the second validity indication, replacing the first configuration record in the datastore with the second configuration record.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network terminal, e.g., a smartphone, can retrieve, from a datastore, a cryptographically-signed configuration record including a device identifier of the terminal. The terminal can transmit a request message comprising the configuration record and the device identifier. A network device can verify authenticity of the device identifier and a match between the identifier in the record and the identifier in the message. In response to confirmation of the request by a policy engine, the network device can determine a reply message comprising a cryptographically-signed second configuration record that includes a second device identifier. The terminal can verify that the signature is valid and that the second device identifier matches the device identifier. In response, the terminal can modify data in the datastore according to the second configuration record. The configuration record can lock or unlock the terminal, or determine permitted services or network peers.

63 Citations

View as Search Results

16 Claims

1. A method performed by a terminal for telecommunication, the method comprising:
- receiving, via a user interface of the terminal, a request to unlock the terminal; and
  
  in response, providing an unlock request to a security processor of the terminal;
  
  retrieving, from a datastore of the terminal, by the security processor, a first configuration record comprising a first device identifier of the terminal and a cryptographic signature of at least a portion of the configuration record;
  
  transmitting, via a network interface of the terminal to a provider services entity of a network operator, an unlock message comprising the first configuration record and data of the first device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator;
  
  receiving, via the network interface from the provider services entity, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record;
  
  verifying, by the security processor, that the second cryptographic signature is valid, and providing, in response, a first validity indication;
  
  verifying, by the security processor, that the second device identifier matches the first device identifier, and providing, in response, a second validity indication; and
  
  in response to a combination of the first validity indication and the second validity indication, replacing the first configuration record in the datastore with the second configuration record.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method according to claim 1, further comprising:
    - receiving identification information;
      
      determining, by the security processor, that the second configuration record permits authorization using the identification information; and
      
      in response, transmitting an authorization-request message associated with the identification information via the network interface to the communications network.
  - 3. The method according to claim 2, further comprising:
    - determining a present timestamp; and
      
      determining, by the security processor, that the present timestamp satisfies a timestamp criterion included in the second configuration record.
  - 4. The method according to claim 1, further comprising:
    - providing, by the security processor to the application processor, a request-status value indicating that the unlock request was successful; and
      
      presenting via the user interface, by the application processor, an indication of the request-status value.
  - 5. The method according to claim 1, wherein:
    - the datastore is inaccessible to an application processor of the terminal; and
      
      the receiving the request to unlock the terminal is performed by the application processor.
  - 6. The method according to claim 1, wherein the device identifier comprises an International Mobile Equipment Identity (IMEI) of the terminal.

7. Telecommunication apparatus, comprising:
- a communications interface configured to transmit and receive messages via a telecommunications network;
  
  a datastore configured for storage of a configuration record; and
  
  a security processor communicatively connected with the communications interface and the datastore and configured to;
  
  retrieve, from the datastore, a first configuration record comprising a first device identifier of the terminal and a cryptographic signature of at least a portion of the first configuration record;
  
  transmit, via the communications interface to a provider services entity of a network operator, a request message comprising the first configuration record and data of the first device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator;
  
  receive, via the communications interface, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record;
  
  verify that the second cryptographic signature is valid;
  
  verify that the second device identifier matches the first device identifier; and
  
  in response to the verifications of the second cryptographic signature and the second device identifier, modifying data in the datastore according to the second configuration record.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The apparatus according to claim 7, wherein:
    - the system further comprises a data interface;
      
      the second configuration record includes an authorization requirement; and
      
      the security processor is further configured to;
      
      modify the data in the datastore at least partly by storing the authorization requirement in the datastore;
      
      receive authorization information via the data interface;
      
      determine that the authorization information satisfies the authorization requirement of the second configuration record; and
      
      in response, transmit an authorization-request message associated with the authorization information via the communications network.
  - 9. The apparatus according to claim 7 wherein:
    - the apparatus further comprises an identification module communicatively connectable with the security processor via the data interface; and
      
      the security processor is configured to retrieve the authorization information from the identification module via the data interface.
  - 10. The apparatus according to claim 7, wherein:
    - the apparatus further comprises a user interface and an application processor;
      
      the application processor is configured to;
      
      receive, via the user interface, an update request; and
      
      provide, to the security processor, an indication of the update request;
      
      the security processor is configured to;
      
      transmit the request message in response to the indication of the update request; and
      
      provide, to the application processor, a status indication after modifying the data in the datastore; and
      
      the application processor is configured to present the status indication via the user interface.
  - 11. The apparatus according to claim 7, wherein the security processor is further configured to, in order:
    - store, in the datastore, a public key;
      
      determine a key value;
      
      encrypt the key value using the public key to provide a key message;
      
      transmit the key message via the communications interface;
      
      determine a third cryptographic signature of the request message using the key value; and
      
      transmit the third cryptographic signature via the communications interface in association with the request message.
  - 12. The apparatus according to claim 11, wherein:
    - the security processor is further configured to store, in the datastore, a second public key different from the public key; and
      
      the security processor is configured to verify that the second cryptographic signature is valid using the second public key.
  - 13. The apparatus according to claim 7, wherein the security processor is further configured to:
    - transmit the request message further comprising a first message identifier; and
      
      after modifying the data in the datastore, transmit a second request message comprising;
      
      the second configuration record;
      
      data of the second device identifier; and
      
      a second message identifier;
      
      wherein the second message identifier is different from the first message identifier.

14. A method performed by a terminal for telecommunication, the method comprising:
- retrieving, from a datastore, a configuration record comprising a device identifier of the terminal and a cryptographic signature of at least a portion of the configuration record;
  
  transmitting, via a communications interface to a provider services entity of a network operator, a request message comprising the configuration record and the device identifier of the terminal, wherein the terminal is configured to communicate at least partly via services provided by the network operator;
  
  receiving, via the communications interface, a reply message comprising a second configuration record, wherein the second configuration record includes a second device identifier and a second cryptographic signature of at least a portion of the second configuration record;
  
  verifying that the second cryptographic signature is valid;
  
  verifying that the second device identifier matches the device identifier; and
  
  in response to the verifications of the second cryptographic signature and the second device identifier, modifying data in the datastore according to the second configuration record.
- View Dependent Claims (15, 16)
- - 15. The method according to claim 14, wherein:
    - the second configuration record comprises an authorization requirement; and
      
      the method further comprises;
      
      receiving authorization information from an identification module;
      
      determining that the authorization information satisfies the authorization requirement; and
      
      in response, transmitting an authorization-request message associated with the authorization information to an access-control device of a communications network.
  - 16. The method according to claim 14, wherein:
    - the second configuration record comprises a timestamp criterion; and
      
      the method further comprises;
      
      detecting an identification module;
      
      determining a present timestamp; and
      
      determining that the identification module is authorized for use with the at least one processor based at least in part on the present timestamp satisfying the timestamp criterion.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Original Assignee
T-Mobile USA, Inc. (Deutsche Telekom AG)
Inventors
Magadevan, Poornima, Song, Jeffrey, George, Mathew, Velusamy, Senthil Kumar Mulluppadi, Asandului, Cristian, Lucht, Thomas P., Seward, Shelby, Ramisetty, Phani, Karimli, Yasmin
Primary Examiner(s)
Dolly, Kendall

Application Number

US15/669,350
Publication Number

US 20180309754A1
Time in Patent Office

830 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04L 63/0876   based on the identity of th...

H04L 63/102   Entity profiles

H04L 63/126   the source of the received ...

H04W 12/08   Access security

H04W 12/37   Managing security policies ...

H04W 8/245   from a network towards a te...

Secure updating of telecommunication terminal configuration

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Secure updating of telecommunication terminal configuration

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links