SECURE UPGRADE OF A MOBILE DEVICE WITH AN INDIVIDUAL UPGRADE SOFTWARE OVER THE AIR
1 Assignment
0 Petitions
Accused Products
Abstract
The invention concerns a method for securely upgrading a mobile device with an individual upgrade software, the individual upgrade software remaining unusable by a mobile device as long as the individual upgrade software has not been activated. The method includes transmitting its unique identification number to the mobile device management apparatus; calculating a mobile device encryption identity and a management apparatus encryption identity; transmitting only the individual upgrade software and the calculated management apparatus encryption identity; the mobile device calculating an activation encryption identity and an activation decryption identity; comparing the calculated activation decryption identity to the activation encryption identity; and activating the individual upgrade software for use by the mobile device as a result of a positive comparison.
-
Citations
24 Claims
-
1-7. -7. (canceled)
-
8. A method for securely upgrading a mobile device belonging to a plurality of mobile devices with an individual upgrade software, the individual upgrade software remaining unusable by a mobile device as long as the individual upgrade software has not been activated;
-
providing each mobile device with a device processor containing a unique identification number individually identifying the mobile device from the other mobile devices, a device communication interface for communicating with a mobile device management apparatus, a storage unit containing current device operation software and destined to store the individual upgrade software that is communicated over the air by the mobile device management apparatus, a mobile device encryption processor for calculating an activation encryption identity and a decryption processor for calculating an activation decryption identity; the mobile device management apparatus comprising a management apparatus processor, a management apparatus communication interface for communicating with a mobile device, and a management apparatus encryption processor for calculating a mobile device encryption identity and a management apparatus encryption identity; wherein the method comprises for each mobile device; transmitting its unique identification number to the mobile device management apparatus; the mobile device management apparatus calculating a mobile device encryption identity from the individual upgrade software and the unique identification number using a keyed hash function; and
a management apparatus encryption identity from the mobile device encryption identity using a private encryption key known only to the mobile device management apparatus;transmitting only the individual upgrade software and the calculated management apparatus encryption identity over the air; the mobile device calculating an activation encryption identity from the transmitted individual upgrade software and its internal mobile device unique identification number using a keyed hash function; calculating an activation decryption identity from the transmitted management apparatus encryption identity; comparing the calculated activation decryption identity to the activation encryption identity; and activating the individual upgrade software for use by the mobile device as a result of a positive comparison of the activation decryption identity to the activation encryption identity. - View Dependent Claims (9, 10, 11)
-
-
12. A system comprising a plurality of mobile devices and a mobile device management apparatus;
-
each mobile device comprising a device processor containing a unique identification number individually identifying the mobile device from the other mobile devices, a device communication interface for communicating with a mobile device management apparatus, a storage unit containing current device operation software and destined to store the individual upgrade software, a mobile device encryption processor for calculating an activation encryption identity and a decryption processor for calculating an activation decryption identity; the mobile device management apparatus comprising a management apparatus processor, a management apparatus communication interface for communicating with a mobile device, and a management apparatus encryption processor for calculating a mobile device encryption identity and a management apparatus encryption identity; wherein the device processor and the management apparatus processor are designed to put into practice a method for securely upgrading a mobile device belonging to a plurality of mobile devices with an individual upgrade software, wherein the method comprises for each mobile device; transmitting its unique identification number to the mobile device management apparatus; the mobile device management apparatus calculating a mobile device encryption identity from the individual upgrade software and the unique identification number using a keyed hash function; and
a management apparatus encryption identity from the mobile device encryption identity using a private encryption key known only to the mobile device management apparatus;transmitting only the individual upgrade software and the calculated management apparatus encryption identity over the air; the mobile device calculating an activation encryption identity from the transmitted individual upgrade software and its internal mobile device unique identification number using a keyed hash function; calculating an activation decryption identity from the transmitted management apparatus encryption identity; comparing the calculated activation decryption identity to the activation encryption identity; and activating the individual upgrade software for use by the mobile device as a result of a positive comparison of the activation decryption identity to the activation encryption identity. - View Dependent Claims (13, 14, 15)
-
-
16. A mobile device comprising a device processor containing a unique identification number individually identifying the mobile device from other mobile devices, a device communication interface for communicating with a mobile device management apparatus, a storage unit containing current device operation software and destined to store the individual upgrade software that is communicated over the air by the mobile device management apparatus, a mobile device encryption processor for calculating an activation encryption identity and a decryption processor for calculating an activation decryption identity;
-
wherein the device processor is designed to put into practice a method for securely upgrading a mobile device belonging to a plurality of mobile devices with an individual upgrade software, wherein the method comprises for each mobile device; transmitting its unique identification number to the mobile device management apparatus; the mobile device management apparatus calculating a mobile device encryption identity from the individual upgrade software and the unique identification number using a keyed hash function; and
a management apparatus encryption identity from the mobile device encryption identity using a private encryption key known only to the mobile device management apparatus;transmitting only the individual upgrade software and the calculated management apparatus encryption identity over the air; the mobile device calculating an activation encryption identity from the transmitted individual upgrade software and its internal mobile device unique identification number using a keyed hash function; calculating an activation decryption identity from the transmitted management apparatus encryption identity; comparing the calculated activation decryption identity to the activation encryption identity; and activating the individual upgrade software for use by the mobile device as a result of a positive comparison of the activation decryption identity to the activation encryption identity. - View Dependent Claims (17, 18, 19)
-
-
20. A mobile device management apparatus comprising a management apparatus processor, a management apparatus communication interface for communicating with a mobile device and a management apparatus encryption processor for calculating a mobile device encryption identity and a management apparatus encryption identity;
-
wherein the management apparatus processor is designed to put into practice a method for securely upgrading a mobile device belonging to a plurality of mobile devices with an individual upgrade software, wherein the method comprises for each mobile device; transmitting its unique identification number to the mobile device management apparatus; the mobile device management apparatus calculating a mobile device encryption identity from the individual upgrade software and the unique identification number using a keyed hash function; and
a management apparatus encryption identity from the mobile device encryption identity using a private encryption key known only to the mobile device management apparatus;transmitting only the individual upgrade software and the calculated management apparatus encryption identity over the air; the mobile device calculating an activation encryption identity from the transmitted individual upgrade software and its internal mobile device unique identification number using a keyed hash function; calculating an activation decryption identity from the transmitted management apparatus encryption identity; comparing the calculated activation decryption identity to the activation encryption identity; and activating the individual upgrade software for use by the mobile device as a result of a positive comparison of the activation decryption identity to the activation encryption identity. - View Dependent Claims (21, 22, 23)
-
-
24. A method for securely upgrading a mobile device with an individual upgrade software, the individual upgrade software remaining unusable by a mobile device as long as the individual upgrade software has not been activated, comprising:
-
transmitting its unique identification number to a mobile device management apparatus; calculating a mobile device encryption identity and a management apparatus encryption identity; transmitting only the individual upgrade software and the calculated management apparatus encryption identity; the mobile device calculating an activation encryption identity and an activation decryption identity; comparing the calculated activation decryption identity to the activation encryption identity; and activating the individual upgrade software for use by the mobile device as a result of a positive comparison.
-
Specification