Subscriber identity module virtualization

US 9,161,325 B1
Filed: 11/20/2013
Issued: 10/13/2015
Est. Priority Date: 11/20/2013
Status: Active Grant

First Claim

Patent Images

1. A mobile communication device, comprising:

a radio transceiver;

a non-transitory memory integral with the mobile communication device, wherein the non-transitory memory comprises a secure portion that is apportioned into a plurality of partitions, the secure portion comprising;

a first wireless communication identity stored in a first partition of the plurality of partitions in the secure portion, wherein each wireless communication identity comprises a network access identity, a list of wireless communication systems to which the mobile communication device is authorized to attach, a rule set for prioritizing among the wireless communication systems identified in the list, and a table of device rules;

a second wireless communication identity stored in a second partition of the plurality of partitions, wherein the second wireless communication identity is different from the first wireless communication identity;

a processor communicatively coupled to the non-transitory memory; and

an application stored in the memory that, upon execution by the processor, configures the processor to;

detect a triggering event,in response to the detection of the triggering event, select one of the wireless communication identities stored in at least one of the partitions of the secure portion in the non-transitory memory;

activate the wireless communication identity selected for implementation;

redetermine operational run-time parameters on the mobile communication device based on the activated wireless communication identity;

update user data associated with the activated wireless communication identity;

conduct wireless communication via the radio transceiver based on the redetermined operational run-time parameters; and

operate one or more applications on the mobile communication device using the updated user data associated with the activated wireless communication identity.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A mobile communication device. The device comprises a first wireless communication identity stored in a first partition of the memory, wherein a wireless communication identity comprises a network access identity, a list of wireless communication systems to which the device is authorized to attach, a rule set for prioritizing among the wireless communication systems identified in the list, and a table of device rules. The device further comprises an application stored in the memory that, when executed by the processor, detects a triggering event and in response to the triggering event changes the active wireless communication identity of the mobile communication device to one of the wireless communication identities stored in the partitions of the memory and applies device rules associated with the wireless communication identity, where the mobile communication device conducts wireless communication via the radio transceiver based on the active communication identity and the associated device rules.

Citations

19 Claims

1. A mobile communication device, comprising:
- a radio transceiver;
  
  a non-transitory memory integral with the mobile communication device, wherein the non-transitory memory comprises a secure portion that is apportioned into a plurality of partitions, the secure portion comprising;
  
  a first wireless communication identity stored in a first partition of the plurality of partitions in the secure portion, wherein each wireless communication identity comprises a network access identity, a list of wireless communication systems to which the mobile communication device is authorized to attach, a rule set for prioritizing among the wireless communication systems identified in the list, and a table of device rules;
  
  a second wireless communication identity stored in a second partition of the plurality of partitions, wherein the second wireless communication identity is different from the first wireless communication identity;
  
  a processor communicatively coupled to the non-transitory memory; and
  
  an application stored in the memory that, upon execution by the processor, configures the processor to;
  
  detect a triggering event,in response to the detection of the triggering event, select one of the wireless communication identities stored in at least one of the partitions of the secure portion in the non-transitory memory;
  
  activate the wireless communication identity selected for implementation;
  
  redetermine operational run-time parameters on the mobile communication device based on the activated wireless communication identity;
  
  update user data associated with the activated wireless communication identity;
  
  conduct wireless communication via the radio transceiver based on the redetermined operational run-time parameters; and
  
  operate one or more applications on the mobile communication device using the updated user data associated with the activated wireless communication identity.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 17, 18)
- - 2. The mobile communication device of claim 1, wherein different wireless communication identities are allocated by a connection, via the radio transceiver, with a secure server into different partitions in the non-transitory memory of the mobile communication device at the time of fulfillment or at the time of activation of the mobile communication device.
  - 3. The mobile communication device of claim 1, wherein the application configures the processor to install the different wireless communication identities from data stored in a carrier partition that is outside of the secure portion of memory on the mobile communication.
  - 4. The mobile communication device of claim 1, wherein the application is configured to receive at least a portion of the different wireless communication identities from a remote server.
  - 5. The mobile communication device of claim 1, wherein data associated with at least one wireless communication identity is preloaded to the mobile communication device, and installed responsive to detection of the triggering event.
  - 6. The mobile communication device of claim 1, wherein at least one of the wireless communication identities comprises at least one of a personal wireless communication identity, business wireless communication identity, production wireless communication identity, testing wireless communication identity, wireless communication identities for different wireless communication providers, wireless communication identities for different reward membership, or wireless communication identities for a mobile wallet.
  - 7. The mobile communication device of claim 1, wherein the mobile communication device comprises a secure subsystem of hardware and software resources that are not accessible to components outside of the secure subsystem, wherein the secure portion of the non-transitory memory that stores wireless communication identities is located within the secure subsystem of the mobile communication device.
  - 8. The mobile communication device of claim 7, wherein the secure portion in the non-transitory memory of the mobile communication device comprises at least one of a physical subscriber identity module card communicatively coupled with a processor of the mobile communication device, a hardware assisted security zone in the mobile communication device, or a stand-alone chipset in the mobile communication device.
  - 17. The mobile communication device of claim 1, wherein a triggering event comprises at least one of:
    - a radio signal incident from another device comprising a secure portion, a scheduled event, or a defined time period.
  - 18. The mobile communication device of claim 1, wherein an active wireless communication identity is changed based on activation of the wireless communication identity selected.

9. A computer-implemented method for virtualizing a subscriber identity module on a mobile communication device, comprising:
- allocating, by a processor configured by executing a trusted application on the mobile communication device, a plurality of wireless communication identities into a secure portion of a non-transitory memory of the mobile communication device;
  
  storing, by the trusted application, each wireless communication identity of the plurality of wireless communication identities into at least one partition of a plurality of partitions in the secure portion of the mobile communication device;
  
  detecting a triggering event on the mobile communication device;
  
  dynamically installing, by executing the trusted application, one of the wireless communication identities stored in at least one of the plurality of partitions in response to the triggering event;
  
  activating, by the trusted application executing in the secure portion, the wireless communication identity in response to the dynamic installation;
  
  redetermining, by the trusted application, operational run-time parameters on the mobile communication device based on activating the wireless communication identity; and
  
  updating, by the trusted application, user data associated with the activated wireless communication identity, wherein the mobile communication device is configured to conduct wireless communication via a radio transceiver based on an activation of the wireless communication identity and the redetermined operational run-time parameters, and wherein one or more applications are configured to operate on the mobile communication device using the updated user data associated with the activated wireless communication identity.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 19)
- - 10. The method of claim 9, wherein at least one wireless communication identity is stored across multiple secure partitions of the plurality of partitions.
  - 11. The method of claim 9, wherein each partition in the secure portion is accessed with a different access key.
  - 12. The method of claim 9, wherein at least one of the wireless communication identities is allocated by an application of the secure portion of the mobile communication device based on a request received from a secure portion executing on a secure server.
  - 13. The method of claim 12, wherein the request comprises an access key associated with the partition storing the wireless communication identity, and wherein the trusted application distributes configuration parameters associated with the wireless communication identity corresponding to the request.
  - 14. The method of claim 13, wherein the configuration parameters the trusted application distributes comprise an internal memory size allocation parameter and a file memory parameter that corresponds to the wireless communication identity corresponding to the request.
  - 15. The method of claim 9, wherein the mobile communication device is configured by one of the plurality of wireless communication identities to operate with a wireless network of communications service provider that is different than another wireless communication identity of the plurality of wireless communication identities.
  - 16. The method of claim 9, wherein the secure portion comprises an inventory tracking number data structure and a network authentication identity data structure that is separate from the inventory tracking number data structure.
  - 19. The method claim 9, wherein the triggering event comprises at least two of:
    - a change of locations of the mobile communication device, a radio signal incident, a scheduled event, or a defined time period.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Urbanek, Robert E.
Primary Examiner(s)
Pham, Tuan

Application Number

US14/085,474
Time in Patent Office

692 Days
Field of Search

455/73, 455/551, 455/552.1, 455/558, 455/514, 455/550.1
US Class Current

1/1
CPC Class Codes

G06F 21/35   communicating wirelessly

H04W 12/086   using security domains

H04W 12/10   Integrity

H04W 4/50   Service provisioning or rec...

H04W 4/70   Services for machine-to-mac...

H04W 8/183   Processing at user equipmen...

H04W 8/20   Transfer of user or subscri...

Subscriber identity module virtualization

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Subscriber identity module virtualization

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links