LOCAL TRUSTED SERVICE MANAGER

US 20140047235A1
Filed: 08/08/2013
Published: 02/13/2014
Est. Priority Date: 08/13/2012
Status: Active Grant

First Claim

Patent Images

1. A method for managing a secure element which is embedded into a host unit, the method comprising:

transmitting a request for a management script from the host unit to a program element of the secure element,at the program element, generating a management script in accordance with the request and encrypting the generated management script,transmitting the encrypted management script from the program element to the host unit,transmitting the encrypted management script from the host unit to a secure domain of the secure element, andat the secure domain, decrypting and executing the management script,wherein the request comprises a parameter value which is to be used to generate the management script, andwherein the host unit is a mobile communication unit and the parameter value is an International Mobile Equipment Identity of the mobile communication unit.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for managing a secure element which is embedded into a host unit. The described method comprises (a) transmitting a request for a management script from the host unit to a program element of the secure element, (b) at the program element, generating a management script in accordance with the request and encrypting the generated management script, (c) transmitting the encrypted management script from the program element to the host unit, (d) transmitting the encrypted management script from the host unit to a secure domain of the secure element, and (e) at the secure domain, decrypting and executing the management script.

141 Citations

13 Claims

1. A method for managing a secure element which is embedded into a host unit, the method comprising:
- transmitting a request for a management script from the host unit to a program element of the secure element,at the program element, generating a management script in accordance with the request and encrypting the generated management script,transmitting the encrypted management script from the program element to the host unit,transmitting the encrypted management script from the host unit to a secure domain of the secure element, andat the secure domain, decrypting and executing the management script,wherein the request comprises a parameter value which is to be used to generate the management script, andwherein the host unit is a mobile communication unit and the parameter value is an International Mobile Equipment Identity of the mobile communication unit.
- View Dependent Claims (2, 3, 6, 11)
- - 2. The method according to claim 1, wherein the program element and the secure domain comprise corresponding key sets for encrypting and decrypting.
  - 3. The method according to claim 1, wherein the request comprises an identification of the management script.
  - 6. The method according to claim 1, wherein the management script is configured for performing a secure element management operation selected from the group consisting of a secure element lock operation, a secure element unlock operation, a secure element reset operation, a key modification operation, a program element delete operation, and a program element modification operation.
  - 11. A computer program product comprising a computer readable data carrier which when executed by a computer causes the computer to perform the steps of the method according claim 1.

4. (canceled)

5. (canceled)

7. (canceled)

8. (canceled)

9. A secure element for a host unit, the secure element comprising a management applet for locally managing the secure element which is embedded into the host unit, the management applet comprising instructions which when executed by a secure element processor causes the secure element processor to perform the steps ofreceiving a request for a management script from the host unit, generating a management script in accordance with the received request, encrypting the generated management script, and transmitting the encrypted management script to the host unit;
- the secure element further comprising;
  
  a processing unit adapted to execute the management applet, Where the secure element further comprises;
  
  a secure domain adapted to receive the encrypted management script from the host unit and to decrypt and execute the management script,wherein the received request comprises a parameter value used to generate the management script,wherein the host unit is a mobile communication unit and the parameter value is an International Mobile Equipment Identity of the mobile communication unit.
- View Dependent Claims (10, 13)
- - 10. A mobile communications device comprising an embedded secure element according to claim 9.
  - 13. A secure element according to claim 9, wherein the step of encrypting uses a set of cryptographic keys corresponding to a set of cryptographic keys which is stored in a secure domain of the secure element.

12. (canceled)

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP B.V. (NXP Semiconductors NV)
Original Assignee
NXP B.V. (NXP Semiconductors NV)
Inventors
Warnez, Dimitri, Lessiak, Andreas

Granted Patent

US 9,473,932 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/164
CPC Class Codes

G06F 21/00   Security arrangements for p...

G06F 21/31   User authentication

G06F 9/00   Arrangements for program co...

H04W 12/00   Security arrangements; Auth...

H04W 12/04   Key management, e.g. using ...

H04W 12/086   using security domains

H04W 12/35   Protecting application or s...

H04W 88/06   adapted for operation in mu...

LOCAL TRUSTED SERVICE MANAGER

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

141 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

LOCAL TRUSTED SERVICE MANAGER

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

141 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links