Storing and accessing data in a mobile device and a user module

US 7,962,762 B2
Filed: 12/02/2002
Issued: 06/14/2011
Est. Priority Date: 12/04/2001
Status: Active Grant

First Claim

Patent Images

1. Method for storing and accessing user data in a mobile device, the mobile device comprising a device memory and being connected to a user module via an interface, said method comprising steps of:

storing the user data in the device memory of the mobile device at least partially in encrypted form; and

performing at least the decryption of the user data in access operations using a decrypting function provided by the user module and which is executed, at least in part, by a processor unit of the user module;

wherein the decrypting function uses a user data decryption key for decrypting the user data, wherein the user data decryption key is stored in the user module and does not leave the user module during the procedure of decrypting the user data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to methods for storing and accessing user data (48) and configuration data (62) in a mobile device (10) that is connected to a user module (12). According to a first aspect of the invention, the user data (48) is stored in the mobile device (10) at least partially in encrypted form, and is decrypted, in access operations, using a decrypting function (66) of the user module (12). According to a second aspect of the invention, the configuration data (62) is stored in the user module (12). The configuration data (62) indicates whether, or to what extent, an application program (46) is allowed to be executed by the mobile device (10). Security and protection against unauthorised access to user data (48) and application programs (46) in the mobile device (10) are increased by the invention.

20 Citations

View as Search Results

17 Claims

1. Method for storing and accessing user data in a mobile device, the mobile device comprising a device memory and being connected to a user module via an interface, said method comprising steps of:
- storing the user data in the device memory of the mobile device at least partially in encrypted form; and
  
  performing at least the decryption of the user data in access operations using a decrypting function provided by the user module and which is executed, at least in part, by a processor unit of the user module;
  
  wherein the decrypting function uses a user data decryption key for decrypting the user data, wherein the user data decryption key is stored in the user module and does not leave the user module during the procedure of decrypting the user data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. Method according to claim 1, wherein the encryption of the user data in storage operations is performed using an encrypting function, which is provided by the user module.
  - 3. Method according to claim 1, whereinthe encryption of the user data in storage operations is performed using an encrypting function, which is provided by the user module,the user module comprises a module memory, in which the encrypting and decrypting functions provided by the user module, as well as key data used by these functions, are contained, andthe encrypting and decrypting functions are executed, at least in part, by a processor unit of the user module.
  - 4. Method according to claim 3, wherein at least one function for generating the key data and for writing the key data into the module memory is provided by the user module.
  - 5. Method according to claim 1, wherein at least the execution of the decrypting function is protected by at least one of a password and a biometric test.
  - 6. Method according to claim 1, wherein the mobile device is a device that is also set up for telecommunications functions.
  - 7. Method according to claim 1, wherein the mobile device is one of a mobile telephone and a personal digital assistant.
  - 8. Method according to claim 1, wherein the user module is a subscriber identity module that is also provided for logging into a telecommunications network.
  - 9. Method according to claim 1, wherein the mobile device executes at least an application program that is one of an appointment scheduler, an address book management program, a text editor, a spreadsheet program, a database management program, a dictation recording program, a browser, a document viewer, a playback program for multimedia content, and a program that provides an user interface for any one of an appointment scheduler, an address book, a text editor, a spreadsheet program, a database and a dictation recording program.
  - 10. Method according to claim 9, wherein the application program processes the user data.

11. A mobile device comprising:
- a device memory comprising at least one region for storing user data in at least partially encrypted form; and
  
  an interface for connecting to a user module;
  
  wherein the mobile device is set up to use a decrypting function at least for decrypting the user data in access operations, the decrypting function being provided by the user module and being executed, at least in part, by a processor unit of the user module, and the decrypting function uses a user data decryption key for decrypting the user data, wherein the user data decryption key is stored in the user module and does not leave the user module during the procedure of decrypting the user data.
- View Dependent Claims (12, 13, 14, 15)
- - 12. Mobile device according to claim 11, wherein the mobile device is one of a mobile telephone and a personal digital assistant.
  - 13. Mobile device according to claim 11, wherein the mobile device is set up to execute at least an application program that is one of an appointment scheduler, an address book management program, a text editor, a spreadsheet program, a database management program, a dictation recording program, a browser, a document viewer, a playback program for multimedia content, and a program that provides an user interface for any one of an appointment scheduler, an address book, a text editor, a spreadsheet program, a database and a dictation recording program.
  - 14. Mobile device according to claim 13, wherein the application program is set up to process the user data.
  - 15. Mobile device according to claim 11, wherein the user module is a subscriber identity module for a telecommunications network.

16. User module comprising a processor unit and being set up to be connected to a mobile device via an interface, the mobile device comprising a device memory having at least one region for storing user data in at least partially encrypted form, wherein the user module is set up to provide the mobile device via the interface with a decrypting function at least for decrypting the user data in access operations, the decrypting function being executed, at least in part, by the processor unit of the user module, andthe decrypting function uses a user data decryption key for decrypting the user data, wherein the user data decryption key is stored in the user module and does not leave the user module during the procedure of decrypting the user data.
- View Dependent Claims (17)
- - 17. User module according to claim 16, wherein the user module is a subscriber identity module for a telecommunications network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Giesecke + Devrient Mobile Security GmBH (Giesecke & Devrient GmbH)
Original Assignee
Giesecke & Devrient GmbH
Inventors
Eckardt, Stefan, Klaassen, Ralf, Kirsch, Jochen
Primary Examiner(s)
Hoffman; Brandon S

Application Number

US10/497,200
Publication Number

US 20050120225A1
Time in Patent Office

3,116 Days
Field of Search

None
US Class Current

713/193
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 21/34   involving the use of extern...

G06F 21/602   Providing cryptographic fac...

G06F 21/6245   Protecting personal data, e...

H04L 63/0853   using an additional device,...

H04L 63/102   Entity profiles

H04M 2215/2026   Wireless network, e.g. GSM,...

H04M 2215/32   Involving wireless systems

H04W 12/033   of the user plane, e.g. use...

H04W 12/08   Access security

H04W 4/24   Accounting or billing

H04W 8/183   Processing at user equipmen...

H04W 8/22   Processing or transfer of t...

H04W 8/245   from a network towards a te...

H04W 92/18   between terminal devices

Storing and accessing data in a mobile device and a user module

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

20 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Storing and accessing data in a mobile device and a user module

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

20 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links