Secure remote subscription management
First Claim
1. A method for use in wireless communication by a wireless transmit/receive unit (WTRU), the method comprising:
- the WTRU receiving a first keyset, a second keyset, and an initial connectivity operator identifier from a trustworthy physical unit manufacturer, wherein the first keyset and the second keyset are not a same keyset;
the WTRU establishing a connection with an initial connectivity operator using the first keyset and the initial connectivity operator identifier;
the WTRU receiving a first subscriber identifier from the initial connectivity operator, wherein the first subscriber identifier is associated with a first selected home operator, and wherein the first subscriber identifier is newly identified by the first selected home operator after the WTRU is registered with the first selected home operator;
the WTRU creating an association within the WTRU, after receiving the first keyset, the second keyset, the initial connectivity operator identifier, and the first subscriber identifier, between the first subscriber identifier and the second keyset; and
the WTRU establishing, after receiving the first keyset, the second keyset, and the initial connectivity operator identifier, an operational network attachment with the first selected home operator using the first subscriber identifier and the second keyset.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus are disclosed for performing secure remote subscription management. Secure remote subscription management may include providing the Wireless Transmit/Receive Unit (WTRU) with a connectivity identifier, such as a Provisional Connectivity Identifier (PCID), which may be used to establish an initial network connection to an Initial Connectivity Operator (ICO) for initial secure remote registration, provisioning, and activation. A connection to the ICO may be used to remotely provision the WTRU with credentials associated with the Selected Home Operator (SHO). A credential, such as a cryptographic keyset, which may be included in the Trusted Physical Unit (TPU), may be allocated to the SHO and may be activated. The WTRU may establish a network connection to the SHO and may receive services using the remotely managed credentials. Secure remote subscription management may be repeated to associate the WTRU with another SHO.
26 Citations
19 Claims
-
1. A method for use in wireless communication by a wireless transmit/receive unit (WTRU), the method comprising:
-
the WTRU receiving a first keyset, a second keyset, and an initial connectivity operator identifier from a trustworthy physical unit manufacturer, wherein the first keyset and the second keyset are not a same keyset; the WTRU establishing a connection with an initial connectivity operator using the first keyset and the initial connectivity operator identifier; the WTRU receiving a first subscriber identifier from the initial connectivity operator, wherein the first subscriber identifier is associated with a first selected home operator, and wherein the first subscriber identifier is newly identified by the first selected home operator after the WTRU is registered with the first selected home operator; the WTRU creating an association within the WTRU, after receiving the first keyset, the second keyset, the initial connectivity operator identifier, and the first subscriber identifier, between the first subscriber identifier and the second keyset; and the WTRU establishing, after receiving the first keyset, the second keyset, and the initial connectivity operator identifier, an operational network attachment with the first selected home operator using the first subscriber identifier and the second keyset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A wireless transmit/receive unit (WTRU) comprising:
-
a trustworthy physical unit configured to receive a first keyset, a second keyset, and an initial connectivity operator identifier from a trustworthy physical unit manufacturer; a receiver configured to receive a first subscriber identifier from an initial connectivity operator, wherein the first subscriber identifier is associated with a first selected home operator, and wherein the first subscriber identifier is newly identified by the first selected home operator after WTRU is registered with the first selected home operator; and a processor configured to; establish a connection with the initial connectivity operator using the first keyset and the initial connectivity operator identifier; associate within the WTRU, after receiving first keyset, the second keyset, the initial connectivity operator identifier, and the first subscriber identifier, the first subscriber identifier with one of the at least two keysets; and establish, after receiving the first keyset, the second keyset, and the initial connectivity operator identifier, an operational network attachment with the first selected home operator using the first subscriber identifier and the second keyset. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
Specification