SECURE BOOTSTRAP PROVISIONING OF ELECTRONIC DEVICES IN CARRIER NETWORKS
First Claim
Patent Images
1. A method of bootstrap provisioning an electronic device in a carrier network, the method comprising:
- using an initialization-provisioning table, having source IDs and associated keys, stored in the electronic device to determine whether a received provisioning notification and a received initial set of provisioning data originated from a known and/or authorized source;
discarding the initial set of provisioning data if it is determined that the provisioning notification originated from an unknown and/or unauthorized source;
if it is determined that the provisioning notification originated from a known and/or authorized source, using an associated key from the initialization-provisioning table to receive, process and save the initial set of provisioning data to the electronic device; and
using the received, processed and saved initial set of provisioning data on the electronic device to access and retrieve complete provisioning data from the source.
4 Assignments
0 Petitions
Accused Products
Abstract
Disclosed herein is a secure initial provisioning system for communicating data between an electronic device and a management server in a carrier network. The management server may be adapted to facilitate secure initialization provisioning or bootstrap provisioning. An initialization-provisioning table may be made available in the electronic device during manufacturing, or may also be provided in a SIM card. The initialization-provisioning table provides security information, such as keys, for example, and enables secure and spoof-proof push-based initial/bootstrap provisioning or bootstrap of electronic devices.
-
Citations
16 Claims
-
1. A method of bootstrap provisioning an electronic device in a carrier network, the method comprising:
-
using an initialization-provisioning table, having source IDs and associated keys, stored in the electronic device to determine whether a received provisioning notification and a received initial set of provisioning data originated from a known and/or authorized source; discarding the initial set of provisioning data if it is determined that the provisioning notification originated from an unknown and/or unauthorized source; if it is determined that the provisioning notification originated from a known and/or authorized source, using an associated key from the initialization-provisioning table to receive, process and save the initial set of provisioning data to the electronic device; and using the received, processed and saved initial set of provisioning data on the electronic device to access and retrieve complete provisioning data from the source. - View Dependent Claims (2, 3, 4)
-
-
5. A method of bootstrap provisioning an electronic device in a carrier network, the method comprising:
-
using an initialization-provisioning table, having source IDs and associated keys, stored in the electronic device to determine whether a received provisioning notification and a received initial set of provisioning data originated from a known and/or authorized source, the received initial set of provisioning data comprising at least a server ID portion and an encrypted portion, the encrypted portion comprising an encrypted copy of the server ID portion; accessing a key from the initialization-provisioning table, using the server ID portion, and decrypting the encrypted portion using the key; determining whether the received server ID portion matches the server ID portion from the decrypted encrypted portion. - View Dependent Claims (6, 7, 8, 9, 10)
-
-
11. A system for communicating provisioning information to electronic devices, the system comprising:
a plurality of electronic devices associated with a carrier network, wherein the plurality of electronic devices have access to an initialization-provisioning table having source IDs and associated keys, wherein the plurality of electronic devices include at least one of software and firmware to; determine whether a received provisioning notification and a received initial set of provisioning data originated from a known and/or authorized source; discard the initial set of provisioning data if it is determined that the provisioning notification originated from an unknown and/or unauthorized source; if it is determined that the provisioning notification originated from a known and/or authorized source, use an associated key from the initialization-provisioning table to receive, process and save the initial set of provisioning data to the electronic device; and use the received, processed and saved initial set of provisioning data on the electronic device to access and retrieve complete provisioning data from the source. - View Dependent Claims (12, 13, 14, 15, 16)
Specification