METHOD AND APPARATUS FOR NETWORK PERSONALIZATION OF SUBSCRIBER DEVICES

US 20110263225A1
Filed: 04/20/2011
Published: 10/27/2011
Est. Priority Date: 04/23/2010
Status: Active Grant

First Claim

Patent Images

1. A method operational on a subscriber device, comprising:

establishing a communication service with a service provider entity;

receiving a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and

disqualifying the specified root certificates.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus are provided for a subsidizing service provider entity to personalize a subscriber device to ensure the subscriber device cannot be used in a network of a different service provider entity. As the service provider entity subsidizes the subscriber device, it desires to ensure that subscriber device is personalized such that the subscriber device may operate only in its network and not a network of a different service provider entity. The subscriber device is pre-configured with a plurality of provider-specific and/or unassociated root certificates by the manufacturer of the subscriber device. A communication service is established between the service provider entity and the subscriber device allowing for the mutual authentication of the subscriber device and the service provider entity. After mutual authentication, the service provider entity sends a command to the subscriber device to disable/delete some/all root certificates that are unassociated with the service provider entity.

14 Citations

View as Search Results

57 Claims

1. A method operational on a subscriber device, comprising:
- establishing a communication service with a service provider entity;
  
  receiving a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and
  
  disqualifying the specified root certificates.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1, further comprising:
    - authenticating the subscriber device with the service provider entity; and
      
      authenticating the service provider entity with the subscriber device.
  - 3. The method of claim 2, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 4. The method of claim 1, wherein disqualifying the specified root certificates disables the specified root certificates on the subscriber device.
  - 5. The method of claim 4, further comprising:
    - receiving a second command from the service provider entity to enable the specified root certificates previously disabled.
  - 6. The method of claim 5, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 7. The method of claim 6, wherein the determination is based upon a pre-determined event.
  - 8. The method of claim 7, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 9. The method of claim 1, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 10. The method of claim 9, further comprising:
    - receiving a second command from the service provider entity to replace the specified root certificates previously deleted.
  - 11. The method of claim 10, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 12. The method of claim 11, wherein the determination is based upon a pre-determined event.
  - 13. The method of claim 12, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 14. The method of claim 1, further comprising pre-configuring the subscriber device with a plurality of root certificates.
  - 15. The method of claim 14, wherein the plurality of root certificates are installed on the subscriber device by a manufacturer of the subscriber device.
  - 16. The method of claim 1, further comprising:
    - determining if the specified root certificates have been successfully disqualified; and
      
      sending an acknowledgement to the service provider entity of success or failure of disqualifying the specified root certificates.
  - 17. The method claim 1, wherein the subscriber device is at least one of a femtocell, a home Node B, or a wireless device.

18. A subscriber device, comprising:
- a memory device;
  
  a network communication interface coupled to the memory device, the network communication interface for providing connectivity to a service provider entity; and
  
  a processing circuit coupled to the memory device and the network communication interface, the processing circuit configured to;
  
  establish a communication service with the service provider entity;
  
  receive a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and
  
  disqualify the specified root certificates.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 19. The subscriber device of claim 18, wherein the processing circuit is further configured to:
    - authenticate the subscriber device with the service provider entity; and
      
      authenticate the service provider entity with the subscriber device.
  - 20. The subscriber device of claim 19, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 21. The subscriber device of claim 18, wherein disqualifying the specified root certificates disables the specified root certificates.
  - 22. The subscriber device of claim 21, wherein the processing circuit is further configured to:
    - receive a second command from the service provider entity to enable the specified root certificates previously disabled.
  - 23. The subscriber device of claim 22, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 24. The subscriber device of claim 23, wherein the determination is based upon a pre-determined event.
  - 25. The subscriber device of claim 24, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 26. The subscriber device of claim 18, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 27. The subscriber device of claim 26, wherein the processing circuit is further configured to:
    - receive a second command from the service provider entity to replace the specified root certificates previously deleted.

28. A subscriber device, comprising:
- means for establishing a communication service with a service provider entity;
  
  means for receiving a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and
  
  means for disqualifying the specified root certificates.

29. A computer-readable medium comprising instructions operational in a subscriber device, which when executed by a processor causes the processor to:
- establish a communication service with a service provider entity;
  
  receive a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and
  
  disqualify the specified root certificates.

30. A method operational on a service provider entity, comprising:
- establishing a communication service with a subscriber device; and
  
  sending a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity.
- View Dependent Claims (31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43)
- - 31. The method of claim 30, further comprising:
    - authenticating the subscriber device with the service provider entity; and
      
      authenticating the service provider entity with the subscriber device.
  - 32. The method of claim 31, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 33. The method of claim 30, wherein disqualifying the specified root certificates disables the specified root certificates
  - 34. The method of claim 33, further comprising:
    - sending a second command to the subscriber device to enable the specified root certificates previously disabled.
  - 35. The method of claim 34, wherein a determination to send the second command is based upon a pre-determined event.
  - 36. The method of claim 35, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 37. The method of claim 30, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 38. The method of claim 37, further comprising:
    - sending a second command to the subscriber device to replace the specified root certificates previously deleted.
  - 39. The method of claim 38, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 40. The method of claim 39, wherein the determination is based upon a pre-determined event.
  - 41. The method of claim 40, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 42. The method of claim 30, further comprising pre-configuring the service provider entity with a plurality of root certificates for a plurality of subscriber devices.
  - 43. The method of claim 30, further comprising:
    - receiving an acknowledgement from the subscriber device of success or failure of disqualifying the specified root certificates.

44. A service provider entity, comprising:
- a memory device;
  
  a network communication interface coupled to the memory device, the network communication interface for providing connectivity to a subscriber device; and
  
  a processing circuit coupled to the memory device and the network communication interface, the processing circuit configured to;
  
  establish a communication service with the subscriber device; and
  
  send a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity.
- View Dependent Claims (45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55)
- - 45. The service provider entity of claim 44, wherein the processing circuit is further configured to:
    - authenticate the subscriber device with the service provider entity; and
      
      authenticate the service provider entity with the subscriber device.
  - 46. The service provider entity of claim 45, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 47. The service provider entity of claim 44, wherein disqualifying the specified root certificates disables the specified root certificates
  - 48. The service provider entity of claim 47, wherein the processing circuit is further configured to:
    - send a second command to the subscriber device to enable the specified root certificates previously disabled.
  - 49. The service provider entity of claim 48, wherein a determination to send the second command is based upon a pre-determined event.
  - 50. The service provider entity of claim 49, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 51. The service provider entity of claim 44, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 52. The service provider entity of claim 51, wherein the processing circuit is further configured to:
    - send a second command to the subscriber device to replace the specified root certificates previously deleted.
  - 53. The service provider entity of claim 52, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 54. The service provider entity of claim 53, wherein the determination is based upon a pre-determined event.
  - 55. The service provider entity of claim 54, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.

56. A service provider entity, comprising:
- means for establishing a communication service with a subscriber device; and
  
  means for sending a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity.

57. A computer-readable medium comprising instructions operational in a service provider entity, which when executed by a processor causes the processor to:
- establish a communication service with a subscriber device; and
  
  send a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Palanigounder, Anand, ESCOTT, Adrian Edward, Rosenberg, Brian M.

Granted Patent

US 8,473,002 B2
Time in Patent Office

Days
Field of Search
US Class Current

455/411
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04W 12/069   using certificates or pre-s...

H04W 48/02   Access restriction performe...

H04W 76/10   Connection setup

H04W 88/02   Terminal devices

METHOD AND APPARATUS FOR NETWORK PERSONALIZATION OF SUBSCRIBER DEVICES

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

57 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD AND APPARATUS FOR NETWORK PERSONALIZATION OF SUBSCRIBER DEVICES

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

57 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links