Secure Software Execution Such as for Use with a Cell Phone or Mobile Device
First Claim
1. A security system for securely providing data between a server computer and multiple mobile telecommunications devices, the system comprising:
- at least one server computer having at least one database, wherein the database stores software programs, scripts, and/or data, and wherein the server computer is configured to;
generate a unique number,store the unique number in the database, andprovide the unique number to a specific one of the multiple mobile telecommunications devices; and
,wherein the server computer is further configured to;
receive a hash value from the specific mobile telecommunications device,encrypt or digitally sign at least one file containing a software program, script, or data using the hash value, andprovide to the specific mobile telecommunications device the encrypted or digitally signed file; and
a Subscriber Identification Module (SIM), smart card, or tamper resistant memory module, at least releasable secured to the specific mobile telecommunications device, wherein the specific mobile telecommunications device wirelessly receives the unique number, andwherein the SIM, smart card, or tamper resistant memory module stores a locally resident secret or secure number, and generates the hash value based at least in part on the locally resident number and the received unique number; and
,wherein the specific mobile telecommunications device wirelessly provides the hash value to the at least one server computer, wirelessly receives the encrypted or digitally signed file, and locally decrypts or verifies the digital signature based at least in part on the generated hash value and without connectivity to the server or other external computer.
4 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely executing software or securely loading data generates a secret value at a destination device based on a value transmitted to the destination device, which is algorithmically combined with a secure value stored at the destination device. The destination device, such as a cell phone, remotely accesses an entity or otherwise receives the software or data, where the software or data is encrypted or digitally signed based on the secret value. The cell phone then selectively employs the software or data.
-
Citations
20 Claims
-
1. A security system for securely providing data between a server computer and multiple mobile telecommunications devices, the system comprising:
-
at least one server computer having at least one database, wherein the database stores software programs, scripts, and/or data, and wherein the server computer is configured to; generate a unique number, store the unique number in the database, and provide the unique number to a specific one of the multiple mobile telecommunications devices; and
,wherein the server computer is further configured to; receive a hash value from the specific mobile telecommunications device, encrypt or digitally sign at least one file containing a software program, script, or data using the hash value, and provide to the specific mobile telecommunications device the encrypted or digitally signed file; and a Subscriber Identification Module (SIM), smart card, or tamper resistant memory module, at least releasable secured to the specific mobile telecommunications device, wherein the specific mobile telecommunications device wirelessly receives the unique number, and wherein the SIM, smart card, or tamper resistant memory module stores a locally resident secret or secure number, and generates the hash value based at least in part on the locally resident number and the received unique number; and
,wherein the specific mobile telecommunications device wirelessly provides the hash value to the at least one server computer, wirelessly receives the encrypted or digitally signed file, and locally decrypts or verifies the digital signature based at least in part on the generated hash value and without connectivity to the server or other external computer. - View Dependent Claims (2, 3, 4)
-
-
5. A method for securely executing software on a remote mobile device, comprising:
-
remotely accessing, from a mobile device, an entity providing software for mobile devices; downloading from the entity to the mobile device a software program for execution on the mobile device; determining if the mobile device is authorized to execute the downloaded software program; and selectively executing the software on the mobile device based upon the determining. - View Dependent Claims (6, 7, 8, 9, 10)
-
-
11. A computer-readable medium whose contents cause at least one telecommunication mobile device or at least one telecommunications server, associated with a wireless telecommunications network, to perform a method to securely process data, or securely execute programs, the method comprising:
-
generating a unique number; storing the unique number; wirelessly providing the unique number to a specific receiving telecommunications device; receiving a hash value from the specific receiving telecommunications device, wherein the hash value is generated at least in part on the unique number and a locally resident number at the specific receiving telecommunications device, wherein the locally resident number is locally stored in a secure memory location at the specific receiving telecommunications device; encrypting or digitally signing at least one file using at least the hash value; and providing to the specific receiving telecommunications device the encrypted or digitally signed file for locally decrypting or authenticating the file using at least the hash value and without connectivity to an external computer coupled to the wireless telecommunications network. - View Dependent Claims (12, 13, 14, 15, 16)
-
-
17. A mobile telecommunications apparatus for use with a telecommunications server coupled to a wireless telecommunications network, wherein the mobile telecommunications apparatus is associated with at least one subscriber to wireless telecommunication services from a telecommunications service provider, the apparatus comprising:
-
means for wirelessly exchanging communications with the telecommunications server and for receiving an encrypted or digitally signed file; means for storing data; and means for processing, wherein the means for processing is coupled among the means for wirelessly exchanging communications and the means for storing, wherein the means for processing includes; means for algorithmically generating, without an active wireless connection to the wireless telecommunications network, a value based on any combination of a subscriber specific code associated with the subscriber, a code specific to the mobile telecommunications apparatus, and a code specific to the telecommunications service provider, and wherein the value is specific to the mobile telecommunications apparatus; and
,means for locally authenticating or decrypting the encrypted or digitally signed file on the mobile telecommunications apparatus based at least in part on the algorithmically generated value. - View Dependent Claims (18, 19, 20)
-
Specification