Resource management system and corresponding method
First Claim
1. A resource management system for managing configurable resources of a secure element, the resource management system comprising a licensor, a licensee and the secure element, wherein:
- the licensor stores a license and first key in the secure element and transmits the license to the licensee;
the licensor generates a second key by applying a derivation function to the license using the first key;
the licensor transmits the second key to the licensee;
the licensee generates a configuration request comprising the license and license usage instructions;
the licensee applies a protection function to at least part of the configuration request using the second key;
the licensee transmits the configuration request to the secure element after applying the protection function to the at least part of the configuration;
the secure element is configured to generate a validation key by applying said derivation function to the license using the first key; and
the secure element is further configured to validate the received configuration request by applying said protection function to the at least part of the configuration request using the validation key and by comparing the result thereof with the result of the protection function applied by the licensee and the secure element configures its resources in accordance with the license usage instructions if the compared results are the same.
10 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a secure and efficient resource management system and a corresponding method for managing resources of a product that is put on the market by a licensor via a distribution chain. In particular, the number of keys needed for managing said resources can be reduced. At the time that the product is released to the market the exact licensing conditions of the product need not be known yet. The licensing conditions and the associated configuration of resources of the product are managed via a second key which is provided to a licensee. The licensee, however, has no knowledge of the first key and the derivation function which generates said second key based on the first key. Therefore, it is ensured that the licensee cannot claim more resources of the product than the licensor allows.
133 Citations
9 Claims
-
1. A resource management system for managing configurable resources of a secure element, the resource management system comprising a licensor, a licensee and the secure element, wherein:
-
the licensor stores a license and first key in the secure element and transmits the license to the licensee; the licensor generates a second key by applying a derivation function to the license using the first key; the licensor transmits the second key to the licensee; the licensee generates a configuration request comprising the license and license usage instructions; the licensee applies a protection function to at least part of the configuration request using the second key; the licensee transmits the configuration request to the secure element after applying the protection function to the at least part of the configuration; the secure element is configured to generate a validation key by applying said derivation function to the license using the first key; and the secure element is further configured to validate the received configuration request by applying said protection function to the at least part of the configuration request using the validation key and by comparing the result thereof with the result of the protection function applied by the licensee and the secure element configures its resources in accordance with the license usage instructions if the compared results are the same. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for managing configurable resources of a secure element in a resource management system, the resource management system comprising a licensor, a licensee and the secure element, wherein
the licensor stores a license and a first key in the secure element and transmits the license to the licensee; -
the licensor further generates a second key by applying a derivation function to the license using the first key; the licensor further transmits the second key to the licensee; the licensee generates a configuration request comprising the license and license usage instructions; the licensee applies a protection function to at least part of the configuration request using the second key; the licensee further transmits the configuration request to the secure element after applying the protection function to the at least part of the configuration request; the secure element generates a validation key by applying said derivation function to the license using the first key; and the secure element validates the received configuration request by applying the protection function to the at least part of the configuration request using the validation key and by comparing the result thereof with the result of the protection function applied by the licensee and the secure element configures its resources in accordance with the license usage instructions if the compared results are the same.
-
Specification