Platform Validation and Management of Wireless Devices
First Claim
Patent Images
1. A method of performing validation of a wireless transmit/receive unit (WTRU) coupled to a platform validation entity (PVE), the method being done at the PVE, the method comprising:
- receiving a validation message from the WTRU based on an integrity check, the validation message indicating any software module of the WTRU that failed the integrity check along with a security policy attribute associated with the any software module that failed the integrity check; and
based on the validation message, determining whether to allow network access to the WTRU.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, components and apparatus for implementing platform validation and management (PVM) are disclosed. PVM provides the functionality and operations of a platform validation entity with remote management of devices by device management components and systems such as a home node-B management system or component. Example PVM operations bring devices into a secure target state before allowing connectivity and access to a core network.
-
Citations
20 Claims
-
1. A method of performing validation of a wireless transmit/receive unit (WTRU) coupled to a platform validation entity (PVE), the method being done at the PVE, the method comprising:
-
receiving a validation message from the WTRU based on an integrity check, the validation message indicating any software module of the WTRU that failed the integrity check along with a security policy attribute associated with the any software module that failed the integrity check; and based on the validation message, determining whether to allow network access to the WTRU. - View Dependent Claims (2, 3)
-
-
4. A method of performing validation of a wireless transmit/receive unit (WTRU) coupled to a platform validation entity (PVE), the method being done at the WTRU, the method comprising:
-
performing an integrity check on modules of the WTRU; obtaining security policy attributes for any modules that fail the integrity check; and sending a validation message to the PVE based on the integrity check, the validation message indicating the any modules of the WTRU that failed an integrity check along with the associated security policy attributes for the any modules that failed the integrity check. - View Dependent Claims (5)
-
-
6. A method of performing validation of a wireless transmit/receive unit (WTRU) coupled to a platform validation entity (PVE), comprising:
-
measuring at least one pre-designated component of the WTRU to produce an integrity measurement of the at least one pre-designated component of the WTRU; retrieving a trusted reference value for the at least one pre-designated component of the WTRU; performing, using a trusted environment (TrE) located in a wireless transmit/receive unit (WTRU), an integrity check of the at least one pre-designated component of the WTRU and storing integrity check results, the integrity check including the TrE comparing the measured integrity measurement of the at least one pre-designated component against the trusted reference value for the at least one pre-designated component of the WTRU; performing, using the TrE, a secure start-up check on the WTRU and storing secure start-up check results, the start-up check determining whether the at least one pre-designated component achieved a state of secure start-up, wherein if secure startup is not achieved, fallback code is loaded onto the WTRU; forming, using the TrE, a validation message based on the integrity check results, the validation message indicating results of the comparison of the measured integrity measurement against the trusted reference value; forwarding, using the TrE, the validation message from the WTRU to the PVE, the PVE being external from the WTRU; and after forwarding the validation message, receiving a message denying or allowing device authentication. - View Dependent Claims (7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification