Method for allocating secured resources in a security module

US 20070009101A1
Filed: 06/22/2004
Published: 01/11/2007
Est. Priority Date: 06/25/2003
Status: Abandoned Application

First Claim

Patent Images

1. Resource allocation method for a security module of an apparatus connected to a network, this network being administrated by an operator, said resources being used by application suppliers, the method comprising:

generating a pair of asymmetric keys and storage of the private key in the security module, the public key being stored by an authority;

introducing at least one public key of the authority in the security module;

receiving, by the operator, a request from a supplier and transmission of the request to the authority, this request comprising at least the supplier'"'"'s public key;

transmitting, by the authority of at least the public key of the supplier to the operator;

transmitting, by the operator, a resource reservation instruction to the security module together with the supplier'"'"'s public key;

transmitting, by the operator of the public key of the security module, to the supplier;

establishing a secure communication channel between the supplier and the security module;

loading of an application in the security module by the supplier; and

at least one of deactivating and clearing, by the operator, of at least part of the memory zone dedicated to a predefined resource when the clearing conditions are met.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The aim of this invention is to provide a method to allocate resources on a security module of a portable apparatus such as a telephone, taking into account the security imperatives of the different intervening parties, such as the operator and application suppliers. This aim is achieved by a resource allocation method of a security module of an apparatus connected to a network, this network being administrated by an operator, said resources being used by the application suppliers, this method comprising the following steps: generation of a pair of asymmetric keys and storage of the private key in the security module, the public key being stored by the operator, introduction of at least one public key of the operator in the security module, reception by the operator of a request from a supplier, this request comprising at least the public key of the supplier, transmission by the operator of a resource reservation instruction to the security module together with the public key of the supplier, transmission by the operator of the security module'"'"'s public key to the supplier, establishment of a secure communication channel between the supplier and the security module.

11 Citations

View as Search Results

12 Claims

1. Resource allocation method for a security module of an apparatus connected to a network, this network being administrated by an operator, said resources being used by application suppliers, the method comprising:
- generating a pair of asymmetric keys and storage of the private key in the security module, the public key being stored by an authority;
  
  introducing at least one public key of the authority in the security module;
  
  receiving, by the operator, a request from a supplier and transmission of the request to the authority, this request comprising at least the supplier'"'"'s public key;
  
  transmitting, by the authority of at least the public key of the supplier to the operator;
  
  transmitting, by the operator, a resource reservation instruction to the security module together with the supplier'"'"'s public key;
  
  transmitting, by the operator of the public key of the security module, to the supplier;
  
  establishing a secure communication channel between the supplier and the security module;
  
  loading of an application in the security module by the supplier; and
  
  at least one of deactivating and clearing, by the operator, of at least part of the memory zone dedicated to a predefined resource when the clearing conditions are met.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. Resource allocation method according to claim 1, wherein the pair of asymmetric keys is generated by the security module, the public key then being transmitted to the authority.
  - 3. Resource allocation method according to claim 1, wherein the initialization parameters of a session key pertaining to the operator are stored in the security modules during the initialization.
  - 4. Resource allocation method according to claim 1, wherein the supplier transmits the initialization parameters of a session key to the operator, these parameters being transmitted to the security module during the reservation of a resource.
  - 5. Resource allocation method according to claim 1, wherein the establishment of a secure communication between the supplier and the security module is based on the use of the supplier'"'"'s public key by the security module and the use of the security module'"'"'s public key by the supplier.
  - 6. Resource allocation method according to claim 3, wherein the establishment of a secure communication between the operator and the security module is based on the generation of a session key using the initialization parameters of the operator.
  - 7. Resource allocation method according to claim 4, wherein the establishment of a secure communication between the supplier and the security module is based on the generation of a session key using the initialization parameters of the supplier.
  - 8. Resource allocation method according to claim 1, wherein the authority and the operator form the same entity.
  - 9. Resource allocation method according to claim 1, wherein the resource reservation instruction includes the sending of a domain key, which is specific to an application and common to all the security modules having this application, this key being used for the establishment of a secure communication between the supplier and the security module.
  - 10. Resource allocation method according to claim 1, wherein the deactivating or clearing of at least part of the memory zone dedicated to a predefined resource consist in clearing at least the public key of the supplier.
  - 11. Resource allocation method according to claim 1, wherein the clearing conditions are met when the resource has been executed a number of time equal or greater than a predefined limit.
  - 12. Resource allocation method according to claim 1, wherein the clearing conditions are met when the resource has been executed a during a time equal or greater than a predefined time limit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nagracrad S.A. (Kudelski SA)
Original Assignee
Swisscom Mobile AG (Government of Switzerland), Nagracrad S.A. (Kudelski SA)
Inventors
Cantini, Renato, Ksontini, Rached, Joly, Stephane, Tazi, Mehdi

Application Number

US10/562,036
Publication Number

US 20070009101A1
Time in Patent Office

Days
Field of Search
US Class Current

380/247
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/35765   Access rights to memory zones

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

Method for allocating secured resources in a security module

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

11 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method for allocating secured resources in a security module

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links