Trusted display and transmission of digital ticket documentation

US 9,118,655 B1
Filed: 01/24/2014
Issued: 08/25/2015
Est. Priority Date: 01/24/2014
Status: Active Grant

First Claim

Patent Images

1. A method for transferring ticket documentation to a mobile communication device comprising a trusted security zone, the method comprising:

receiving, on the mobile communication device from a server at a ticket provider, a dataset and a key, wherein the key is from a carrier server executing a trusted service manager that provides the server at the ticket provider with the key, wherein the key triggers access and execution of the trusted security zone of the mobile communication device;

processing, by the mobile communication device using the key for initiating execution of the trusted security zone of the mobile communication device, the dataset, wherein responsive to execution of the trusted security zone on the mobile communication device, applications configured to execute outside of the trusted security zone are prevented from executing on the mobile communication device;

based on processing the dataset within the trusted security zone, generating, while executing at least one processor in the trusted security zone of the mobile communication device, a ticket associated with the ticket provider;

storing the ticket in a secure memory portion in the trusted security zone of the mobile communication device; and

responsive to the generating, presenting, by the mobile communication device executing the at least one processor in the trusted security zone of the mobile communication device, the ticket using a user interface while the trusted security zone blocks applications external to the trusted security zone from accessing the user interface of the mobile communication device.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the disclosure relate generally to methods and systems for transmitting and displaying digital ticket documentation. A mobile communication device may comprise one or more keys that are specific for the device, wherein the keys are stored in a trusted security zone on the mobile device. In some embodiments, the keys may be associated with a specific ticket provider. The keys may be used to processes one or more datasets received from a ticket provider, wherein processing the dataset(s) may generate a digital ticket. The ticket may be generated and stored in the trusted security zone of the mobile device. The mobile device may be operable to present the ticket via the user interface of the mobile device and/or a near field communication transceiver of the mobile device.

Citations

20 Claims

1. A method for transferring ticket documentation to a mobile communication device comprising a trusted security zone, the method comprising:
- receiving, on the mobile communication device from a server at a ticket provider, a dataset and a key, wherein the key is from a carrier server executing a trusted service manager that provides the server at the ticket provider with the key, wherein the key triggers access and execution of the trusted security zone of the mobile communication device;
  
  processing, by the mobile communication device using the key for initiating execution of the trusted security zone of the mobile communication device, the dataset, wherein responsive to execution of the trusted security zone on the mobile communication device, applications configured to execute outside of the trusted security zone are prevented from executing on the mobile communication device;
  
  based on processing the dataset within the trusted security zone, generating, while executing at least one processor in the trusted security zone of the mobile communication device, a ticket associated with the ticket provider;
  
  storing the ticket in a secure memory portion in the trusted security zone of the mobile communication device; and
  
  responsive to the generating, presenting, by the mobile communication device executing the at least one processor in the trusted security zone of the mobile communication device, the ticket using a user interface while the trusted security zone blocks applications external to the trusted security zone from accessing the user interface of the mobile communication device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein processing and presenting are completed by a secure application within the trusted security zone of the mobile communication device.
  - 3. The method of claim 1, wherein the key is received via the server in communications with the carrier server over a trusted end-to-end communication link between the carrier server and the server at the ticket provider based on a request for the ticket to display on the mobile communication device.
  - 4. The method of claim 1, wherein presenting the ticket disables wireless radios that execute outside of the trusted security zone of the mobile communication device.
  - 5. The method of claim 1, further comprising accessing a near-field communication transceiver by an application executing within the trusted security zone of the mobile communication device while applications configured to execute outside of the trusted security zone are disabled from accessing the near-field communication transceiver.
  - 6. The method of claim 5, further comprising receiving, by the mobile communication device, a second key that is specific to triggering execution of the trusted security zone for the device.
  - 7. The method of claim 6, further comprising generating a second ticket within the trusted security zone based on processing the second dataset by using the second key to trigger execution of the trusted security zone.
  - 8. The method of claim 6, wherein the second key is associated with the second ticket provider and specific to execution of the trusted security zone in the mobile communication device, the second key being provided by the carrier server.
  - 9. The method of claim 1, further comprising:
    - receiving, by the mobile communication device from a server at a second ticket provider, a second dataset coupled with a second key, the second key being provided via the second ticket provider obtaining the second key from the carrier server;
      
      based on the second key triggering execution of the trusted security zone, processing, within the trusted security zone of the mobile communication device, the second dataset to generate a second ticket;
      
      storing, while executing within the trusted security zone of the mobile communication device, the second ticket within the trusted security zone; and
      
      presenting, by the mobile communication device executing the corresponding trusted security zone, the ticket using the user interface of the mobile communication device while within the corresponding trusted security zone of the mobile communication device.
  - 10. The method of claim 9, wherein the key and the second key are not given to the ticket provider or the second ticket provider by the mobile communication device.

11. A method for transferring ticket documentation to a mobile communication device comprising a trusted security zone, the method comprising:
- receiving, on the mobile communication device from a server at a ticket provider, a dataset and a key, wherein the key is specific to a trusted security zone of the mobile communication device, wherein the key is provided from a carrier server via the server at the ticket provider to associate the key with a specific ticket provider;
  
  processing, by the mobile communication device using the key for executing in the trusted security zone, the dataset associated with the ticket provider, wherein responsive to execution of the trusted security zone on the mobile communication device, applications configured to execute outside of the trusted security zone are prevented from executing on the mobile communication device;
  
  based on processing the dataset within the trusted security zone, generating a ticket while executing within the trusted security zone, wherein the ticket is associated with the ticket provider;
  
  storing the ticket in a secure memory portion in the trusted security zone of the mobile communication device; and
  
  subsequent to storing the ticket in the secure memory portion of the trusted security zone, presenting, from the secure memory portion of the trusted security zone, the ticket using the trusted security zone of the mobile communication device.
- View Dependent Claims (12, 13, 14)
- - 12. The method of claim 11, further comprising:
    - receiving, on the mobile communication device, a second dataset and a second key from a server at a second ticket provider;
      
      processing, on the mobile communication device, the second dataset in the trusted security zone of the mobile communication device by using the second key for execution of the trusted security zone;
      
      storing the second dataset in the secure memory portion of the trusted security zone of the mobile communication device;
      
      generating a second ticket within the trusted security zone of the mobile communication device based on the second dataset; and
      
      presenting, by the mobile communication device from the trusted security zone, the second ticket using the trusted security zone of the mobile communication device to prevent access to the ticket by any applications executing outside of the trusted security zone during presentation of the second ticket.
  - 13. The method of claim 11, wherein the steps of the method are completed by at least one application executing in the trusted security zone of the mobile communication device.
  - 14. The method of claim 11, wherein the key is received by the server at the ticket provider over a trusted end-to-end communication link from the carrier server associated with the mobile communication device.

15. A mobile communication device comprising:
- at least one processor comprising a secure partition providing a hardware root of trust in a trusted security zone;
  
  a non-transitory memory comprising a secure memory portion in the trusted security zone of the mobile communication device, wherein responsive to execution of the trusted security zone on the mobile communication device, applications configured to execute outside of the trusted security zone are prevented from executing on the mobile communication device; and
  
  a trust zone application stored in the secure memory portion in the trusted security zone, that upon execution within the trusted security zone of the at least one processor,receives, from a server at a ticket provider, a key and a dataset, wherein the key is from a carrier server executing a trusted service manager that provides the server at the ticket provider with the key that is specific for the mobile communication device, wherein the key triggers access and execution of the trusted security zone of the mobile communication device;
  
  processes the dataset in the secure memory portion in the trusted security zone using the key to trigger execution of the trusted security zone;
  
  generates a ticket in the trusted security zone based on the dataset;
  
  stores the ticket in the secure memory portion of the trusted security zone; and
  
  subsequent to the generation of the ticket, presents the ticket using the trusted security zone of the mobile communication device to block access to the ticket from applications configured to execute outside of the trusted security zone.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The device of claim 15, further comprising a user interface within the trusted security zone, wherein the ticket is presented using the user interface while executing within the trusted security zone of the mobile communication device.
  - 17. The device of claim 15, further comprising a near-field communication transceiver (NFC) within the trusted security zone of the mobile communication device, wherein the ticket is presented using the near-field communication transceiver by an application executing in the trusted security zone while blocking applications configured to execute outside of the trusted security zone from accessing the near-field communication transceiver on the mobile communication device.
  - 18. The device of claim 15, wherein the key is received via a server at the ticket provider in communication with a carrier based on a request for the ticket to display on the mobile communication device.
  - 19. The device of claim 15, wherein the dataset is received via a network in communication with the mobile communication device.
  - 20. The device of claim 19, wherein the dataset is communicated over an unsecure connection between the mobile communication device and the ticket provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Paczkowski, Lyle W., Parsel, William M., Persson, Carl J., Schlesener, Matthew C.
Primary Examiner(s)
Thiaw, Catherine

Application Number

US14/163,047
Time in Patent Office

578 Days
Field of Search

726 7- 20
US Class Current

1/1
CPC Class Codes

H04L 63/0807 using tickets, e.g. Kerbero...

H04W 12/06 Authentication

Trusted display and transmission of digital ticket documentation

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted display and transmission of digital ticket documentation

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links