Enabling users to select between secure service providers using a central trusted service manager
First Claim
1. A computer-implemented method for providing secure services to a computing devices comprising secure elements, comprising:
- maintaining, by a computer, at least one cryptographic key for a secure element of a network computing device, the at least one cryptographic key operable to provide secure access to the secure element via a secure communication channel;
receiving, by the computer, a selection of a trusted service manager (“
TSM”
) for facilitating a secure service;
obtaining, by the computer and from the selected TSM, information regarding the secure service and an application for the secure service; and
provisioning, by the computer, the secure service in the secure element using the information regarding the secure service obtained from the selected TSM, the application for the secure service obtained from the selected TSM, and the at least one cryptographic key.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described herein for enabling users to select from available secure service providers (each having a Trusted Service Manager (“TSM”)) for provisioning applications and services on a secure element installed on a device of the user. The device includes a service provider selector (“SPS”) module that provides a user interface for selecting the secure service provider. In one embodiment, the SPS communicates with a key escrow service that maintains cryptographic keys for the secure element and distributes the keys to the user selected secure service provider. The key escrow service also revokes the keys from deselected secure service providers. In another embodiment, the SPS communicates with a central TSM that provisions applications and service on behalf of the user selected secure service provider. The central TSM serves as a proxy between the secure service providers and the secure element.
-
Citations
30 Claims
-
1. A computer-implemented method for providing secure services to a computing devices comprising secure elements, comprising:
-
maintaining, by a computer, at least one cryptographic key for a secure element of a network computing device, the at least one cryptographic key operable to provide secure access to the secure element via a secure communication channel; receiving, by the computer, a selection of a trusted service manager (“
TSM”
) for facilitating a secure service;obtaining, by the computer and from the selected TSM, information regarding the secure service and an application for the secure service; and provisioning, by the computer, the secure service in the secure element using the information regarding the secure service obtained from the selected TSM, the application for the secure service obtained from the selected TSM, and the at least one cryptographic key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 22, 23, 24, 25, 26, 27)
-
-
8. A computer program product, comprising:
a non-transitory computer-readable medium having computer-readable program code embodied therein that when executed by a computer cause the computer to provide secure services to computing device comprising secure memories, the computer-readable program code comprising; computer-readable program code to maintain to at least one cryptographic key for a secure memory of a computing device the at least one cryptographic key operable to provide secure access to the secure memory via a secure communication channel; computer-readable program code to receive a selection of a secure service provider for facilitating a secure service; computer-readable program code to obtain, from the selected secure service provider, information regarding the secure service and an application for the secure service; and computer-readable program code to provision the secure service in the secure memory using the obtained information, the obtained application, and the at least one cryptographic key. - View Dependent Claims (9, 10, 11, 12, 13, 28, 29, 30)
-
14. A system for providing secure services to computing devices comprising secure memories, the system comprising:
-
a communication module executing on a computer that receives, a selection of a trusted service manager (“
TSM”
) for facilitating a secure service;a managed TSM executing on a computer and communicably coupled to the communication module that; maintains at least one cryptographic key for a secure memory of a computing device, the at least one cryptographic key operable to provide secure access to the secure memory via a secure communication channel; receives, from the selected TSM, information regarding the secure service and an application for the secure service; and provisions the secure service in the secure memory using the received information, the received application, and the at least one cryptographic key. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
Specification