Telecommunications device security

US 8,600,060 B2
Filed: 07/13/2007
Issued: 12/03/2013
Est. Priority Date: 07/14/2006
Status: Active Grant

First Claim

Patent Images

1. A terminal for use with a cellular or mobile telecommunications network, the terminal including:

a security platform including;

a normal execution environment; and

a secure execution environment in which security functions trusted by a third party are performed;

wherein the security platform is configured to amend software of the terminal for performing the security functions entirely in the secure execution environment,wherein the amendment of the software is performed entirely within the secure execution environment such that a required security property of the amended software is consistent with a protection profile associated with the software before and after the amendment,wherein new keys associated with the software for performing the security functions are encrypted within the amended software and decrypted and used solely within the secure execution environment.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile terminal for use with a cellular or mobile telecommunications network includes a normal execution environment (operating system) (30) and a secure execution environment (32) comprising a Mobile Trusted Module (MTM). The mobile terminal enables the software of the terminal in the secure execution environment (32) to be updated. The terminal 1 may be provided with minimal software initially in the secure execution environment (32), and is operable to subsequently update the software by over the air transmission of software. Also disclosed is a method for managing rights in respect of broadcast, multicast and/or unicast (downloaded) data, relevant in particular to managing access to a broadcast video data stream complying with a mobile digital broadcast scheme. The method defines a service protection platform implemented on mobile terminals having both normal execution environment (i.e. the operating system) and secure execution environment. Service protection is provided by separating the operation of service protection application components into those that operate in the normal environment and those that are adapted to execute only in the secure execution environment. Making the secure execution environment application component interchangeable allows the method to be adapted to any of a number of service protection protocols or “profiles” by downloading only the secure execution environment application component.

30 Citations

View as Search Results

50 Claims

1. A terminal for use with a cellular or mobile telecommunications network, the terminal including:
- a security platform including;
  
  a normal execution environment; and
  
  a secure execution environment in which security functions trusted by a third party are performed;
  
  wherein the security platform is configured to amend software of the terminal for performing the security functions entirely in the secure execution environment,wherein the amendment of the software is performed entirely within the secure execution environment such that a required security property of the amended software is consistent with a protection profile associated with the software before and after the amendment,wherein new keys associated with the software for performing the security functions are encrypted within the amended software and decrypted and used solely within the secure execution environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The terminal of claim 1, provided with minimal software initially, the terminal being operable to update the software by subsequent over the air transmission of software.
  - 3. The terminal of claim 1, wherein the terminal is configured to determine when a required software component is absent from the terminal, andto obtain the software component from a predetermined application server.
  - 4. The terminal of claim 3, wherein the software component is loaded into the secure execution environment.
  - 5. The terminal of claim 1, wherein the amendment of the software of the terminal in the secure execution environment is performed in the background without requiring intervention of a user of the terminal.
  - 6. The mobile terminal of claim 1, wherein the terminal is configure to receive authorization data, including the new keys, for use in the secure execution environment.
  - 7. The terminal of claim 1, wherein the terminal is configured to delete or disable the software of the terminal in the secure execution environment.
  - 8. The terminal of claim 1, wherein the security functions relate to a storage of sensitive data together with a record of a state of the terminal.
  - 9. The terminal of claim 1, wherein the security functions implement a Mobile Trusted Module, MTM, or a Trusted Platform Module, TPM.
  - 10. The terminal of claim 9, wherein the security functions implement a subset of MTM or TPM functions initially, and perform a greater subset of MTM or TPM functions, or full MTM or TPM functions, after said amendment of the software.
  - 11. The terminal of claim 1, wherein the terminal is configured to transfer software or authorization data, including the keys, to another terminal without requiring intervention of the user of at least one of the terminals.

12. A method of providing security functions trusted by a third party in a mobile terminal for use with a cellular or mobile telecommunications network,the terminal including a normal execution environment and a secure execution environment in which the security functions trusted by the third party are performed, the method including:
- amending software of the terminal for performing the security functions entirely in the secure execution environment, wherein the amendment of the software is performed entirely within the secure execution environment such that a required security property of the amended software is consistent with a protection profile associated with the software before and after the amendment;
  
  encrypting new keys associated with the amended software wherein the new keys are decrypted and used solely within the secure execution environment.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12, wherein the software of the terminal for performing the security functions has only minimal functionality initially, the method including subsequently updating the software by over the air transmission of software.
  - 14. The method of claim 12, further including:
    - determining when a required software component is absent from the terminal, andobtaining the required software component from a predetermined application server.
  - 15. The method of claim 14, including loading the required software component into the secure execution environment.
  - 16. The method of claim 12, further including amending the software of the terminal in the secure execution environment in the background without requiring the intervention of the user of the terminal.
  - 17. The method of claim 12, further including receiving authorization data, including the new keys, for use in the secure execution environment.
  - 18. The method of claim 12, further including deleting or disabling the software of the terminal in the secure execution environment.
  - 19. The method of claim 12, wherein the security functions relate to storage of sensitive data together with a record of a state of the terminal.
  - 20. The method of claim 12, wherein the security functions implement a Mobile Trusted Module, MTM, or a Trusted Platform Module, TPM.
  - 21. The method of claim 20, wherein the security functions implement a subset of MTM or TPM functions initially, and perform a greater subset of MTM or TPM functions, or full MTM or TPM functions, after said amendment of the software.
  - 22. The method of claim 12, further including transferring software or authorization data, including the keys, to another terminal without requiring intervention of the user of at least one of the terminals.

23. A method for processing encrypted data received by a terminal, comprising:
- providing a security platform having a normal execution environment and a secure execution environment, the secure execution environment being loaded with at least one secure application component adapted to execute only in the secure execution environment, the at least one secure application component representing a secure protocol;
  
  obtaining a key management profile necessary for facilitating decryption of the encrypted data;
  
  in the secure execution environment, using the at least one secure application component to process the key management profile with the given secure protocol in order to extract temporary decryption information, wherein amendment of the at least one secure application component is performed entirely within the secure execution environment such that a required security property of the amended at least one secure application component is consistent with a protection profile associated with the at least one secure application component before and after the amendment; and
  
  in the normal execution environment, using the temporary decryption information to decrypt the encrypted data traffic.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 24. A method for processing encrypted data received by a terminal as claimed in claim 23, wherein the terminal is portable.
  - 25. A method as claimed in claim 23, wherein the encrypted data traffic is encrypted in accordance with one of a plurality of secure protocols, each having a corresponding secure application component, the method further comprising determining which of the plurality of secure protocols has been used in encrypting the data traffic;
    - and loading the or each corresponding secure application component.
  - 26. A method as claimed in claim 25, further comprising:
    - whenever a corresponding secure application component is not available within the terminal, requesting a copy of the corresponding secure application component from a pre-determined application server downloading the component, installing the component on the terminal; and
      
      loading the component into the secure execution area.
  - 27. A method as claimed in claim 23 further comprising:
    - determining whether the at least one secure application component requires replacement;
      
      requesting a replacement secure application component from a predetermined application server;
      
      downloading the replacement component;
      
      installing the replacement component on the terminal; and
      
      loading the replacement component into the secure execution area in place of the at least one secure application component.
  - 28. A method as claimed in claim 23, wherein the key information necessary for facilitating decryption is securely stored in the terminal.
  - 29. A method as claimed in claim 23, wherein the key management profile necessary for facilitating decryption is obtained from a broadcast key information message.
  - 30. A method as claimed in claim 23, wherein access to the key management profile is provided by a smartcard inserted in the terminal.
  - 31. A method as claimed in claim 30, wherein the key management profile is securely stored on the smartcard.
  - 32. A method as claimed in claim 23, wherein the key management profile includes rights objects and/or key stream messages that incorporate service keys.
  - 33. A method as claimed in claim 32, wherein the service keys are securely stored in the secure area.
  - 34. A method as claimed in claim 23, wherein the encrypted data received by the terminal is downloaded encrypted content, the key management profile being a rights object corresponding to the content and the temporary decryption information being a decryption key for decrypting the downloaded encrypted content.
  - 35. A method as claimed in claim 23, wherein the encrypted data received by the terminal is broadcast data traffic, so that the method decrypts the encrypted data traffic in real time.

36. A system for processing encrypted data received by a terminal incorporating a security platform with a normal execution environment and a secure execution environment, the secure execution environment being loaded with at least one secure application component adapted to execute only in the secure execution environment, the at least one secure application component representing a secure protocol, the system comprising:
- the security platform configured to;
  
  obtain a key management profile necessary for facilitating decryption of the encrypted data traffic;
  
  use, in the secure execution environment, the at least one secure application component to process the key management profile in accordance with the given secure protocol to extract temporary decryption information in the secure execution environment, wherein amendment of the at least one secure application component is performed entirely within the secure execution environment such that a required security property of the amended at least one secure application component is consistent with a protection profile associated with the at least one secure application component before and after the amendment; and
  
  decrypt the encrypted data traffic in the normal execution environment using the temporary decryption information.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50)
- - 37. A system as claimed in claim 36, wherein the secure execution environment is adapted to host a plurality of secure protocol instruction files, each corresponding to a distinct secure protocol.
  - 38. A system as claimed in claim 36, wherein the terminal is portable.
  - 39. A system as claimed in claim 36, wherein the encrypted data traffic is encrypted in accordance with one of a plurality of secure protocols, each having a corresponding secure application component, the system further:
    - the security platform determining which of the plurality of secure protocols has been used in encrypting the data traffic; and
      
      an application loader for loading the or each corresponding secure application component.
  - 40. A system as claimed in claim 39, further comprising:
    - the security platform determining whether a corresponding secure application component is available within the terminal;
      
      a server interface, which requests a copy of the corresponding secure application component from an application server when the security platform the corresponding secure application component is not available; and
      
      a downloader for downloading the component and installing the component on the terminal;
      
      wherein the application loader further operates to load the newly installed component into the secure execution area.
  - 41. A system as claimed in claim 39, further comprising:
    - the security platform determining whether the at least one secure application component requires replacement;
      
      the security platform requesting a replacement secure application component from a replacement application server when the update checking means determines that the corresponding secure application component requires replacement; and
      
      a replacement downloader for downloading the replacement component and installing the replacement component on the terminal;
      
      wherein the application loader further operates to load the replacement component into the secure execution area in place of the at least one secure application component.
  - 42. A system as claimed in claim 36, wherein the key management profile necessary for facilitating decryption is securely stored in the terminal.
  - 43. A system as claimed in claim 36, wherein the key management profile necessary for facilitating decryption is obtained from a broadcast key information message.
  - 44. A system as claimed in claim 36, wherein access to the key management profile is provided by a smartcard inserted in the terminal.
  - 45. A system as claimed in claim 44, wherein the key management profile is securely stored on the smartcard.
  - 46. A system as claimed in claim 36, wherein the key management profile includes rights objects and/or key stream messages that incorporate service keys.
  - 47. A system as claimed in claim 46, wherein the service keys are securely stored in the secure area.
  - 48. A system as claimed in claim 36, wherein the encrypted data received by the terminal is downloaded encrypted content, the key management profile being a rights object corresponding to the content and the temporary decryption information being a decryption key for decrypting the downloaded encrypted content.
  - 49. A system as claimed in claim 36, wherein the encrypted data received by the terminal is broadcast data traffic, and the encrypted data traffic is decrypted in real time.
  - 50. A user terminal incorporating the system as claimed in claim 36.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Vodafone Group PLC
Original Assignee
Vodafone Group PLC
Inventors
Priestley, Mark, WRIGHT, Timothy James, BELROSE, Caroline Jessica, BONE, Nicholas, Irwin, James
Primary Examiner(s)
Zand, Kambiz
Assistant Examiner(s)
BAYOU, YONAS A

Application Number

US12/373,874
Publication Number

US 20100195833A1
Time in Patent Office

2,335 Days
Field of Search

380/273
US Class Current

380/273
CPC Class Codes

G06F 21/10   Protecting distributed prog...

H04L 2463/101   applying security measures ...

H04L 63/20   for managing network securi...

H04L 67/125   involving control of end-de...

H04L 67/34   involving the movement of s...

H04W 12/00   Security arrangements; Auth...

H04W 12/02   Protecting privacy or anony...

H04W 12/04   Key management, e.g. using ...

H04W 12/35   Protecting application or s...

Telecommunications device security

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

30 Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

Telecommunications device security

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

30 Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links