Method for loading an application in a device, device and smart card therefor
First Claim
Patent Images
1. A method for loading an application into a device, comprising:
- preloading an attribute certificate into the device, the attribute certificate defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the preloaded attribute certificate being disassociated with applications;
downloading the application with a signature to the device;
coupling the signature of the application to a root certificate stored in the device that links the application to the preloaded attribute certificate stored in the device;
installing the application coupled to said attribute certificate to define a profile of access rights that the application has to the at least one of the functional units of the device; and
using an application interface to restrict access of the application to only the at least one of the functional units of the device that are allowed by the defined profile of access rights for the application.
3 Assignments
0 Petitions
Accused Products
Abstract
An application is loaded into a device, such as downloading an application into a portable device, such as a mobile telephone, by downloading the application with a signature to the device. The signature of the application is coupled to a predefined attribute certificate stored in the device. The application and said attribute certificate are then installed together. The signature of the application may be coupled to a root certificate that in turn links the application to a predefined attribute certificate.
158 Citations
23 Claims
-
1. A method for loading an application into a device, comprising:
-
preloading an attribute certificate into the device, the attribute certificate defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the preloaded attribute certificate being disassociated with applications; downloading the application with a signature to the device; coupling the signature of the application to a root certificate stored in the device that links the application to the preloaded attribute certificate stored in the device; installing the application coupled to said attribute certificate to define a profile of access rights that the application has to the at least one of the functional units of the device; and using an application interface to restrict access of the application to only the at least one of the functional units of the device that are allowed by the defined profile of access rights for the application. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A device comprising:
-
an application toolkit adapted for preloading an attribute certificate into the device, the attribute certificate defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the preloaded attribute certificate being disassociated with applications; a receiver adapted for downloading an application with a signature to the device; a security manager adapted for coupling the signature of the application to a root certificate stored in the device that links the application to the preloaded attribute certificate stored in the device; the security manager being further adapted for installing the application coupled to said attribute certificate to define a profile of access rights that the application has to the at least one of the functional units of the device; and an interface for using an application interface to restrict access of the application to only the at least one of the functional units of the device that are allowed by the defined profile of access rights for the application. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A device according to claim l0, wherein the device is a mobile telephone.
-
20. A device comprising:
-
a smart card; means for storing and executing applications in connection with functional units of the device; means for storing at least one predefined attribute certificate in the smart card defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the at least one predefined attribute certificate being disassociated with the applications; means for downloading an application with a signature to the device; means for coupling the signature of the application to a root certificate stored in the device that links the application to the at least one predefined attribute certificate stored in the device, the at least one predefined attribute certificate defining a profile of access rights that the application is allowed to have to the at least one of the functional units of the device; and an application interface that restricts access the application to only the at least one of the functional units of the device that are allowed by the profile of access rights for the application that is defined by the at least one predefined attribute certificate stored in the smart card. - View Dependent Claims (21, 22, 23)
-
Specification