Method for loading an application in a device, device and smart card therefor

US 7,900,048 B2
Filed: 04/16/2003
Issued: 03/01/2011
Est. Priority Date: 05/07/2002
Status: Active Grant

First Claim

Patent Images

1. A method for loading an application into a device, comprising:

preloading an attribute certificate into the device, the attribute certificate defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the preloaded attribute certificate being disassociated with applications;

downloading the application with a signature to the device;

coupling the signature of the application to a root certificate stored in the device that links the application to the preloaded attribute certificate stored in the device;

installing the application coupled to said attribute certificate to define a profile of access rights that the application has to the at least one of the functional units of the device; and

using an application interface to restrict access of the application to only the at least one of the functional units of the device that are allowed by the defined profile of access rights for the application.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An application is loaded into a device, such as downloading an application into a portable device, such as a mobile telephone, by downloading the application with a signature to the device. The signature of the application is coupled to a predefined attribute certificate stored in the device. The application and said attribute certificate are then installed together. The signature of the application may be coupled to a root certificate that in turn links the application to a predefined attribute certificate.

158 Citations

23 Claims

1. A method for loading an application into a device, comprising:
- preloading an attribute certificate into the device, the attribute certificate defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the preloaded attribute certificate being disassociated with applications;
  
  downloading the application with a signature to the device;
  
  coupling the signature of the application to a root certificate stored in the device that links the application to the preloaded attribute certificate stored in the device;
  
  installing the application coupled to said attribute certificate to define a profile of access rights that the application has to the at least one of the functional units of the device; and
  
  using an application interface to restrict access of the application to only the at least one of the functional units of the device that are allowed by the defined profile of access rights for the application.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. A method according to claim 1, wherein coupling the signature comprises:
    - coupling the signature of the application to the preloaded attribute certificate.
  - 3. A method according to claim 2, further comprising:
    - authenticating the application against the stored root certificate.
  - 4. A method according to claim 2 wherein the preloaded attribute certificate and the root certificate are stored in files and are linked by having an equal value in their respective file properties.
  - 5. A method according to claim 4, the preloaded attribute certificate and the root certificate are stored in a PKCS#15 structure.
  - 6. A method according to claim 1, wherein the preloaded attribute certificate is stored in a flash memory.
  - 7. A method according to claim 1, wherein the preloaded attribute certificate is stored in a smart card.
  - 8. A method according to claim 7, wherein the smart card is a SIM card.
  - 9. A method according to claim 8, wherein the preloaded attribute certificate and the root certificate are changeable by means of a SIM application tool kit.

10. A device comprising:
- an application toolkit adapted for preloading an attribute certificate into the device, the attribute certificate defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the preloaded attribute certificate being disassociated with applications;
  
  a receiver adapted for downloading an application with a signature to the device;
  
  a security manager adapted for coupling the signature of the application to a root certificate stored in the device that links the application to the preloaded attribute certificate stored in the device;
  
  the security manager being further adapted for installing the application coupled to said attribute certificate to define a profile of access rights that the application has to the at least one of the functional units of the device; and
  
  an interface for using an application interface to restrict access of the application to only the at least one of the functional units of the device that are allowed by the defined profile of access rights for the application.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. A device according to claim 10, wherein the security manager is further configured to couple the signature of the application to the preloaded attribute certificate.
  - 12. A device according to claim 11, wherein the preloaded attribute certificate and the root certificate are stored in files and are linked by having an equal value in their respective file properties.
  - 13. A device according to claim 12, wherein the preloaded attribute certificate and the root certificate are stored in a PKCS#15 structure.
  - 14. A device according to claim 11, wherein the security manager is further configured to authenticate the application and to link the application to a stored root certificate.
  - 15. A device according to claim 10, further comprising:
    - a flash memory for storing the preloaded attribute certificate.
  - 16. A device according to claim 10, wherein the device is connectable to a smart card for storing the preloaded attribute certificate
  - 17. A device according to claim 16, wherein the smart card is a SIM card.
  - 18. A device according to claim 17, wherein the preloaded attribute certificate and the root certificate are changeable by means of the application tool kit.

19. A device according to claim l0, wherein the device is a mobile telephone.

20. A device comprising:
- a smart card;
  
  means for storing and executing applications in connection with functional units of the device;
  
  means for storing at least one predefined attribute certificate in the smart card defining a generic profile, applicable to one or more applications, of access rights to at least one of the functional units of the device, the at least one predefined attribute certificate being disassociated with the applications;
  
  means for downloading an application with a signature to the device;
  
  means for coupling the signature of the application to a root certificate stored in the device that links the application to the at least one predefined attribute certificate stored in the device, the at least one predefined attribute certificate defining a profile of access rights that the application is allowed to have to the at least one of the functional units of the device; and
  
  an application interface that restricts access the application to only the at least one of the functional units of the device that are allowed by the profile of access rights for the application that is defined by the at least one predefined attribute certificate stored in the smart card.
- View Dependent Claims (21, 22, 23)
- - 21. A smart card according to claim 20, wherein the predefined attribute certificate and the root certificate are stored in files and are linked by having an equal value in their respective file properties.
  - 22. A smart card according to claim 20 wherein the predefined attribute certificate and the root certificate are stored in a PKCS#15 structure.
  - 23. A smart card according to claim 20, wherein the predefined attribute certificate and the root certificate are changeable by means of a SIM application tool kit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Ericsson Mobile Communications USA Incorporated (Sony Group Corp.)
Inventors
Andersson, Stefan
Primary Examiner(s)
Lanier; Benjamin E
Assistant Examiner(s)
Armouche; Hadi

Application Number

US10/513,833
Publication Number

US 20050234825A1
Time in Patent Office

2,876 Days
Field of Search

713/156, 713/713, 713/173, 713/167, 713/175, 705/51, 726/9, 726 18- 20, 717/173
US Class Current

713/175
CPC Class Codes

G06F 21/51   at application loading time...

G06F 8/60   Software deployment

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 63/10   for controlling access to d...

H04L 9/3265   using certificate chains, t...

H04M 1/72406   by software upgrading or do...

H04W 12/10   Integrity

H04W 12/35   Protecting application or s...

Method for loading an application in a device, device and smart card therefor

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

158 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Method for loading an application in a device, device and smart card therefor

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

158 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links