Storing and accessing data in a mobile device and a user module

US 20050120225A1
Filed: 12/02/2002
Published: 06/02/2005
Est. Priority Date: 12/04/2001
Status: Active Grant

First Claim

Patent Images

1-19. -19. (canceled)

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to methods for storing and accessing user data (48) and configuration data (62) in a mobile device (10) that is connected to a user module (12). According to a first aspect of the invention, the user data (48) is stored in the mobile device (10) at least partially in encrypted form, and is decrypted, in access operations, using a decrypting function (66) of the user module (12). According to a second aspect of the invention, the configuration data (62) is stored in the user module (12). The configuration data (62) indicates whether, or to what extent, an application program (46) is allowed to be executed by the mobile device (10). Security and protection against unauthorised access to user data (48) and application programs (46) in the mobile device (10) are increased by the invention.

177 Citations

45 Claims

1-19. -19. (canceled)

20. Method for storing and accessing user data in a mobile device, the mobile device comprising a device memory and being connected to a user module via an interface, wherein the user data is stored in the device memory of the mobile device at least partially in encrypted form, and at least the decryption of the user data in access operations is performed using a decrypting function, which is provided by the user module and which is executed, at least in part, by a processor unit of the user module.
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27)
- - 21. Method according to claim 20, wherein the encryption of the user data in storage operations is performed using an encrypting function, which is provided by the user module.
  - 22. Method according to claim 20, wherein the encryption of the user data in storage operations is performed using an encrypting function, which is provided by the user module, the user module comprises a module memory, in which the encrypting and decrypting functions provided by the user module, as well as key data used by these functions, are contained, and the encrypting and decrypting functions are executed, at least in part, by a processor unit of the user module.
  - 23. Method according to claim 22, wherein at least one function for generating the key data and for writing the key data into the module memory is provided by the user module.
  - 24. Method according to claim 20, wherein at least the execution of the decrypting function is protected by at least one of a password and a biometric test.
  - 25. Method according to claim 20, wherein the mobile device is a device that is also set up for telecommunications functions.
  - 26. Method according to claim 20, wherein the mobile device is one of a mobile telephone and a personal digital assistant.
  - 27. Method according to claim 20, wherein the user module is a subscriber identity module that is also provided for logging into a telecommunications network.

28. Mobile device comprising a device memory and an interface for connecting a user module, the device memory comprising at least one region for storing user data in at least partially encrypted form, wherein the mobile device is set up to use a decrypting function at least for decrypting the user data in access operations, the decrypting function being provided by the user module and being executed, at least in part, by a processor unit of the user module.
- View Dependent Claims (29)
- - 29. Mobile device according to claim 28, wherein the mobile device is one of a mobile telephone and a personal digital assistant.

30. User module comprising a processor unit and being set up to be connected to a mobile device via an interface, the mobile device comprising a device memory having at least one region for storing user data in at least partially encrypted form, wherein the user module is set up to provide the mobile device via the interface with a decrypting function at least for decrypting the user data in access operations, the decrypting function being executed, at least in part, by the processor unit of the mobile device.
- View Dependent Claims (31)
- - 31. User module according to claim 30, wherein the user module is a subscriber identity module for a telecommunications network.

32. Method for storing and accessing configuration data and for executing at least one application program in a mobile device, the mobile device comprising a device memory for the application program and being connected, via an interface, to a user module comprising a module memory, wherein the configuration data concerns at least the availability of the application program, or of individual functions thereof, and the configuration data is stored in the module memory and is read out therefrom, in order to determine whether, or to what extent, the application program will be executed.
- View Dependent Claims (33, 34, 35, 36, 37, 38, 39, 40)
- - 33. Method according to claim 32, wherein the reading-out of the configuration data from the module memory is protected by at least one of a password and a biometric test.
  - 34. Method according to claim 32, wherein at least parts of the application program are loaded into the device memory according to the configuration data.
  - 35. Method according to claim 32, wherein the mobile device is a device that is also set up for telecommunications functions.
  - 36. Method according to claim 34, wherein the mobile device is a device that is also set up for telecommunications functions, and wherein at least parts of the application program are transferred into the device memory using at least one of the telecommunications functions of the mobile device.
  - 37. Method according to claim 32, wherein the mobile device is one of a mobile telephone and a personal digital assistant.
  - 38. Method according to claim 32, wherein the user module is a subscriber identity module that is also provided for logging into a telecommunications network.
  - 39. Method according to claim 32, further being adapted for storing and accessing user data in a mobile device, wherein the user data is stored in the device memory of the mobile device at least partially in encrypted form, at least the decryption of the user data in access operations is performed using a decrypting function, which is provided by the user module and which is executed, at least in part, by a processor unit of the user module.
  - 40. Method according to claim 39, wherein the encryption of the user data in storage operations is performed using an encrypting function, which is provided by the user module, the user module comprises a module memory, in which the encrypting and decrypting functions provided by the user module, as well as key data used by these functions, are contained, and the encrypting and decrypting functions are executed, at least in part, by a processor unit of the user module.

41. Mobile device comprising a device memory for an application program and being connected, via an interface, to a user module comprising a module memory, wherein configuration data, which concern at least the availability of the application program, or of individual functions thereof, may be read out from the module memory via the interface, and the mobile device is set up to determine, depending on the configuration data read out from the module memory, whether, or to what extent, the application program will be executed.
- View Dependent Claims (42, 43)
- - 42. Mobile device according to claim 41, wherein the mobile device is one of a mobile telephone and a personal digital assistant.
  - 43. Mobile device according to claim 41, which is set up to store and access, in cooperation with the user module, user data in the mobile device, wherein the user data is stored in the device memory of the mobile device at least partially in encrypted form, at least the decryption of the user data in access operations is performed using a decrypting function, which is provided by the user module and which is executed, at least in part, by a processor unit of the user module.

44. User module comprising a module memory and being set up to be connected via an interface to a mobile device, the mobile device comprising a device memory for an application program, wherein the user module is set up to store configuration data in the module memory, the configuration data concerning at least the availability of the application program, or of individual functions thereof, and the user module is set up to allow the mobile device to read out the configuration data via the interface in order to determine whether, or to what extent, the application program will be executed.
- View Dependent Claims (45)
- - 45. User module according to claim 44, wherein the user module is a subscriber identity module for a telecommunications network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Original Assignee
Giesecke & Devrient GmbH
Inventors
Eckardt, Stefan, Kirsch, Jochen, Klaasen, Ralf

Granted Patent

US 7,962,762 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/183
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

H04L 63/0853   using an additional device,...

H04L 63/102   Entity profiles

H04M 2215/2026   Wireless network, e.g. GSM,...

H04M 2215/32   Involving wireless systems

H04W 12/033   of the user plane, e.g. use...

H04W 12/08   Access security

H04W 4/24   Accounting or billing

H04W 8/183   Processing at user equipmen...

H04W 8/22   Processing or transfer of t...

H04W 8/245   from a network towards a te...

H04W 92/18   between terminal devices

Storing and accessing data in a mobile device and a user module

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

177 Citations

45 Claims

Specification

Use Cases

Quick Links

Others

Storing and accessing data in a mobile device and a user module

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

177 Citations

45 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others