TELECOMMUNICATIONS DEVICE SECURITY
First Claim
1. A terminal for use with a cellular or mobile telecommunications network, the terminal including:
- a normal execution environment and a secure execution environment in which security functions trusted by a third party are performed, andmeans for enabling amendment of the software of the terminal for performing the security functions in the secure execution environment.
1 Assignment
0 Petitions
Accused Products
Abstract
A mobile terminal for use with a cellular or mobile telecommunications network includes a normal execution environment (operating system) (30) and a secure execution environment (32) comprising a Mobile Trusted Module (MTM). The mobile terminal enables the software of the terminal in the secure execution environment (32) to be updated. The terminal 1 may be provided with minimal software initially in the secure execution environment (32), and is operable to subsequently update the software by over the air transmission of software. Also disclosed is a method for managing rights in respect of broadcast, multicast and/or unicast (downloaded) data, relevant in particular to managing access to a broadcast video data stream complying with a mobile digital broadcast scheme. The method defines a service protection platform implemented on mobile terminals having both normal execution environment (i.e. the operating system) and secure execution environment. Service protection is provided by separating the operation of service protection application components into those that operate in the normal environment and those that are adapted to execute only in the secure execution environment. Making the secure execution environment application component interchangeable allows the method to be adapted to any of a number of service protection protocols or “profiles” by downloading only the secure execution environment application component.
-
Citations
50 Claims
-
1. A terminal for use with a cellular or mobile telecommunications network, the terminal including:
-
a normal execution environment and a secure execution environment in which security functions trusted by a third party are performed, and means for enabling amendment of the software of the terminal for performing the security functions in the secure execution environment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of providing security functions trusted by a third party in a mobile terminal for use with a cellular or mobile telecommunications network, the terminal including a normal execution environment and a secure execution environment in which the security functions trusted by the third party are performed, the method including:
amending the software of the terminal for performing the security functions in the secure execution environment. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
23. A method for processing encrypted data received by a terminal, comprising:
-
providing a security platform having a normal execution environment and a secure execution environment; obtaining key information necessary for facilitating decryption of the encrypted data; in the secure execution environment, processing the key information in accordance with a given secure protocol to extract temporary decryption information; and in the normal execution environment, using the temporary decryption information to decrypt the encrypted data traffic, wherein the given secure protocol is represented by at least one secure application component that is adapted to execute only in the secure execution environment. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A system for processing encrypted data received by a terminal incorporating a security platform with a normal execution environment and a secure execution environment, the system comprising:
-
means for obtaining key information necessary for facilitating decryption of the encrypted data traffic; means for processing the key information in accordance with a given secure protocol to extract temporary decryption information in the secure execution environment; and further processing means for using the temporary decryption information to decrypt the encrypted data traffic in the normal execution environment, wherein the given secure protocol is represented by at least one secure application component that is adapted to execute only in the secure execution environment. - View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
-
Specification