Protection of a security module in a telecommunication device coupled to an NFC circuit

US 10,716,007 B2
Filed: 03/22/2019
Issued: 07/14/2020
Est. Priority Date: 03/09/2010
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium having contents which configure a telecommunication device to protect data stored in a security module of the telecommunication device, the telecommunication device having a near field communication (NFC) router, the NFC router having a plurality of individually assignable gates and a routing table, the protecting including:

in response to receiving a request to assign a communication pipe to one of the individually assignable gates, creating and storing a reference signature for the communication pipe based on at least one of a personal code of an authorized user of the telecommunication device or an identifier of a radio frequency gate of the router;

in response to receiving a request to provide data from the security module to the NFC router, creating a current signature corresponding to the request to provide data;

verifying whether the current signature corresponds to the stored reference signature; and

preventing a provision of the requested data from the security module based on a failure to verify that the current signature corresponds to the stored reference signature.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A telecommunication device protects data stored in a security module. The device has a near field communication (NFC) router with a plurality of individually assignable gates and a routing table. In response to a request to assign a communication pipe to one of the gates, the device creates and stores a reference signature for the pipe based on at least one of a personal code of an authorized user of the device or an identifier of a radio frequency gate of the router. In response to a request to provide data from the security module to the NFC router, the device creates a current signature corresponding to the request to provide data. The device verifies whether the current signature corresponds to the stored reference signature and prevents a provision of the requested data based on a failure to verify the current signature corresponds to the stored reference signature.

Citations

27 Claims

1. A non-transitory computer-readable medium having contents which configure a telecommunication device to protect data stored in a security module of the telecommunication device, the telecommunication device having a near field communication (NFC) router, the NFC router having a plurality of individually assignable gates and a routing table, the protecting including:
- in response to receiving a request to assign a communication pipe to one of the individually assignable gates, creating and storing a reference signature for the communication pipe based on at least one of a personal code of an authorized user of the telecommunication device or an identifier of a radio frequency gate of the router;
  
  in response to receiving a request to provide data from the security module to the NFC router, creating a current signature corresponding to the request to provide data;
  
  verifying whether the current signature corresponds to the stored reference signature; and
  
  preventing a provision of the requested data from the security module based on a failure to verify that the current signature corresponds to the stored reference signature.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The non-transitory computer-readable medium of claim 1, wherein creating and storing the reference signature for the communication pipe is based on the personal code of an authorized user of the telecommunication device.
  - 3. The non-transitory computer-readable medium of claim 1, wherein the reference signature is calculated by the security module.
  - 4. The non-transitory computer-readable medium of claim 1, wherein the reference signature is calculated by the NFC router.
  - 5. The non-transitory computer-readable medium of claim 1 wherein the protecting comprises:
    - verifying at least one of the current signature of the routing table and the reference signature using the security module on each initialization of the NFC router.
  - 6. The non-transitory computer-readable medium of claim 1 wherein the protecting comprises:
    - in response to receiving a further request to provide data from the security module to the NFC router, creating a further signature corresponding to the further request to provide data;
      
      verifying whether the further signature corresponds to the stored reference signature; and
      
      providing the requested data from said security module on a gate of said NFC router based on verifying that the further signature corresponds to the stored reference signature.
  - 7. The non-transitory computer-readable medium of claim 1 wherein the protecting comprises:
    - receiving the personal code keyed in by the authorized user;
      
      verifying the personal code; and
      
      updating the routing table depending on the verification of the personal code.
  - 8. The non-transitory computer-readable medium of claim 1 wherein the telecommunication device comprises a microprocessor and the verifying is performed by the microprocessor.
  - 9. The non-transitory computer-readable medium of claim 1 wherein the telecommunication device comprises a SIM card and the reference signature is created and stored by the SIM card in response to receiving the request to assign the communication pipe and the reference signature is based on an identifier transmitted to the NFC router by the SIM card and a pipe identifier provided by NFC router.
  - 10. The non-transitory computer-readable medium of claim 1 wherein the protecting occurs during a boot procedure of the telecommunication device.
  - 11. The non-transitory computer-readable medium of claim 1 wherein the protecting includes resetting the NFC router in response to a failure to verify that the current signature corresponds to the stored reference signature.

12. A telecommunication device, comprising:
- a security circuit, which, in operation, stores data;
  
  a near field communication (NFC) router coupled to the security circuit, the NFC router having a plurality of individually assignable gates, each individually assignable gate being a physical gate; and
  
  a memory, which, in operation, stores a routing table defining linking assignments of individual ones of the plurality of individually assignable gates of the NFC router, wherein the telecommunication device, in operation;
  
  in response to receiving a request to assign a communication pipe to one of the individually assignable gates, creates and stores a reference signature for the communication pipe based on at least one of a personal code of an authorized user of the telecommunication device or an identifier of a radio frequency gate of the router;
  
  in response to receiving a request to provide data from the security module to the NFC router, creates a current signature corresponding to the request to provide data;
  
  verifies whether the current signature corresponds to the stored reference signature; and
  
  prevents a provision of the requested data from the security circuit in response to a failure to verify that the current signature corresponds to the stored reference signature.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
- - 13. The telecommunication device of claim 12, wherein the telecommunication device, in operation, creates and stores the reference signature for the communication pipe based on the personal code of an authorized user of the telecommunication device.
  - 14. The telecommunication device of claim 12, wherein the security circuitry, in operation, verifies whether the current signature corresponds to the stored reference signature by comparing the current signature with the reference signature.
  - 15. The telecommunication device of claim 12, wherein the telecommunication device, in operation, prevents a modification of the routing table absent verification of the personal code entered by a user.
  - 16. The telecommunication device of claim 12, wherein the telecommunication device, in operation calculates the current signature based on an identifier of the communication pipe, an identifier of a first gate, and an identifier of a second gate, the first and second gates of the NFC router being linked by the communication pipe.
  - 17. The telecommunication device of claim 12, comprising a microprocessor, which, in operation, performs the verifying.
  - 18. The telecommunication device of claim 12, comprising a SIM card, which, in operation, creates and stores the reference signature in response to receiving the request to assign the communication pipe, wherein the reference signature is based on an identifier transmitted to the NFC router by the SIM card and a pipe identifier provided by NFC router.
  - 19. The telecommunication device of claim 12 wherein the request to assign the communication pipe is received during a boot procedure of the telecommunication device.
  - 20. The telecommunication device of claim 12 wherein the NFC router is reset in response to a failure to verify that the current signature corresponds to the stored reference signature.

21. A telecommunication device comprising:
- near field communication (NFC) routing circuitry having an associated routing table to store assignments of individually assignable gates of the NFC routing circuitry; and
  
  security circuitry having a memory to store data, wherein the security circuitry, in operation, prevents transfer of data stored in the security circuitry absent verification of a current signature of the routing table, wherein the verification is a joint operation performed using both the NFC routing circuitry and the security circuitry, and wherein the device, in operation;
  
  in response to receiving a request to assign a communication pipe to one of the individually assignable gates, creates and stores a reference signature for the communication pipe based on at least one of a personal code of an authorized user of the telecommunication device or an identifier of a radio frequency gate of the router;
  
  in response to receiving a request to provide data from the security circuitry to the NFC router, creates a current signature corresponding to the request to provide data;
  
  verifies whether the current signature corresponds to the stored reference signature; and
  
  prevents a provision of the requested data from the security circuitry in response to a failure to verify that the current signature corresponds to the stored reference signature.
- View Dependent Claims (22, 23, 24)
- - 22. The telecommunication device of claim 21 wherein the request to assign the communication pipe is received during a boot procedure of the telecommunication device.
  - 23. The telecommunication device of claim 21 wherein the NFC routing circuitry is reset in response to a failure to verify that the current signature corresponds to the stored reference signature.
  - 24. The telecommunication device of claim 21 wherein the NFC routing circuitry comprises an NFC router.

25. A telecommunication device, comprising:
- means for routing near field communications (NFC);
  
  means for storing assignments of individually assignable gates associated with the means for routing in a routing table; and
  
  means for securing data to prevent transfer of data stored in the means for securing data absent verification of a current signature of the routing table, wherein the verification is a joint operation performed using both the means for routing and the means for securing, and wherein the verifying includes;
  
  in response to receiving a request to assign a communication pipe to one of the individually assignable gates, creating and storing a reference signature for the communication pipe based on at least one of a personal code of an authorized user of the telecommunication device or an identifier of a radio frequency gate;
  
  in response to receiving a request to provide data from the means for securing to the means for routing, creating a current signature corresponding to the request to provide data;
  
  verifying whether the current signature corresponds to the stored reference signature; and
  
  preventing a provision of the requested data from the means for securing in response to a failure to verify that the current signature corresponds to the stored reference signature.
- View Dependent Claims (26, 27)
- - 26. The telecommunication device of claim 25 wherein the means for securing includes:
    - means for calculating the reference signature on each modification of the routing table; and
      
      means for storing the reference signature.
  - 27. The telecommunication device of claim 25 wherein the means for securing includes:
    - means for verifying whether the current signature corresponds to the reference signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Proton World International N.V. (STMicroelectronics NV)
Original Assignee
Proton World International N.V. (STMicroelectronics NV)
Inventors
Huque, Thierry, Van Nieuwenhuyze, Olivier
Primary Examiner(s)
Eng, George
Assistant Examiner(s)
Du, Hung K

Application Number

US16/362,131
Publication Number

US 20190223020A1
Time in Patent Office

480 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0492   by using a location-limited...

H04W 12/10   Integrity

H04W 12/12   Detection or prevention of ...

H04W 12/128   Anti-malware arrangements, ...

H04W 4/80   Services using short range ...

Protection of a security module in a telecommunication device coupled to an NFC circuit

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Protection of a security module in a telecommunication device coupled to an NFC circuit

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links