Method and apparatus for network personalization of subscriber devices

US 9,185,559 B2
Filed: 06/13/2013
Issued: 11/10/2015
Est. Priority Date: 04/23/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method operational on a subscriber device, comprising:

establishing a communication service with a service provider entity;

receiving a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and

disqualifying the specified root certificates, wherein disqualifying the specified root certificates disables the specified root certificates from operating on the subscriber device.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus are provided for a subsidizing service provider entity to personalize a subscriber device to ensure the subscriber device cannot be used in a network of a different service provider entity. As the service provider entity subsidizes the subscriber device, it desires to ensure that subscriber device is personalized such that the subscriber device may operate only in its network and not a network of a different service provider entity. The subscriber device is pre-configured with a plurality of provider-specific and/or unassociated root certificates by the manufacturer of the subscriber device. A communication service is established between the service provider entity and the subscriber device allowing for the mutual authentication of the subscriber device and the service provider entity. After mutual authentication, the service provider entity sends a command to the subscriber device to disable/delete some/all root certificates that are unassociated with the service provider entity.

9 Citations

42 Claims

1. A method operational on a subscriber device, comprising:
- establishing a communication service with a service provider entity;
  
  receiving a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and
  
  disqualifying the specified root certificates, wherein disqualifying the specified root certificates disables the specified root certificates from operating on the subscriber device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The method of claim 1, further comprising:
    - authenticating the subscriber device with the service provider entity; and
      
      authenticating the service provider entity with the subscriber device.
  - 3. The method of claim 2, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 4. The method of claim 1, further comprising:
    - receiving a second command from the service provider entity to enable the specified root certificates previously disabled.
  - 5. The method of claim 4, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 6. The method of claim 5, wherein the determination is based upon a pre-determined event.
  - 7. The method of claim 6, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 8. The method of claim 1, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 9. The method of claim 8, further comprising:
    - receiving a second command from the service provider entity to replace the specified root certificates previously deleted.
  - 10. The method of claim 9, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 11. The method of claim 10, wherein the determination is based upon a pre-determined event.
  - 12. The method of claim 11, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 13. The method of claim 1, further comprising pre-configuring the subscriber device with a plurality of root certificates.
  - 14. The method of claim 13, wherein the plurality of root certificates are installed on the subscriber device by a manufacturer of the subscriber device.
  - 15. The method of claim 1, further comprising:
    - determining if the specified root certificates have been successfully disqualified; and
      
      sending an acknowledgement to the service provider entity of success or failure of disqualifying the specified root certificates.
  - 16. The method claim 1, wherein the subscriber device is at least one of a femtocell, a home NodeB, or a wireless device.

17. A non-transitory computer-readable medium comprising instructions operational in a subscriber device, which when executed by a processor causes the processor to:
- establish a communication service with a service provider entity;
  
  receive a command from the service provider entity to disqualify specified root certificates stored in the subscriber device, the specified root certificates unassociated with the service provider entity; and
  
  disqualify the specified root certificates to disable the specified root certificates from operating on the subscriber device.

18. A method operational on a service provider entity, comprising:
- establishing a communication service with a subscriber device; and
  
  sending a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity, wherein the command to disqualify the specified root certificates serves to disable the specified root certificates from operating on the subscriber device.
- View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 19. The method of claim 18, further comprising:
    - authenticating the subscriber device with the service provider entity; and
      
      authenticating the service provider entity with the subscriber device.
  - 20. The method of claim 19, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 21. The method of claim 18, further comprising:
    - sending a second command to the subscriber device to enable the specified root certificates previously disabled.
  - 22. The method of claim 21, wherein a determination to send the second command is based upon a pre-determined event.
  - 23. The method of claim 22, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 24. The method of claim 18, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 25. The method of claim 24, further comprising:
    - sending a second command to the subscriber device to replace the specified root certificates previously deleted.
  - 26. The method of claim 25, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 27. The method of claim 26, wherein the determination is based upon a pre-determined event.
  - 28. The method of claim 27, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 29. The method of claim 18, further comprising pre-configuring the service provider entity with a plurality of root certificates for a plurality of subscriber devices.
  - 30. The method of claim 18, further comprising:
    - receiving an acknowledgement from the subscriber device of success or failure of disqualifying the specified root certificates.

31. A service provider entity, comprising:
- a memory device;
  
  a network communication interface coupled to the memory device, the network communication interface for providing connectivity to a subscriber device; and
  
  a processing circuit coupled to the memory device and the network communication interface, the processing circuit configured to;
  
  establish a communication service with the subscriber device; and
  
  send a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity, wherein the command to disqualify the specified root certificates serves to disable the specified root certificates from operating on the subscriber device.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 32. The service provider entity of claim 31, wherein the processing circuit is further configured to:
    - authenticate the subscriber device with the service provider entity; and
      
      authenticate the service provider entity with the subscriber device.
  - 33. The service provider entity of claim 32, wherein the service provider entity is authenticated using a root certificate from among a plurality of pre-configured root certificates in the subscriber device.
  - 34. The service provider entity of claim 31, wherein the processing circuit is further configured to:
    - send a second command to the subscriber device to enable the specified root certificates previously disabled.
  - 35. The service provider entity of claim 34, wherein a determination to send the second command is based upon a pre-determined event.
  - 36. The service provider entity of claim 35, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.
  - 37. The service provider entity of claim 31, wherein disqualifying the specified root certificates deletes the specified root certificates from the subscriber device.
  - 38. The service provider entity of claim 37, wherein the processing circuit is further configured to:
    - send a second command to the subscriber device to replace the specified root certificates previously deleted.
  - 39. The service provider entity of claim 38, wherein a determination to send the second command to the subscriber device is made by the service provider entity.
  - 40. The service provider entity of claim 39, wherein the determination is based upon a pre-determined event.
  - 41. The service provider entity of claim 40, wherein the pre-determined event is the termination of a service contract between the subscriber device and the service provider entity.

42. A non-transitory computer-readable medium comprising instructions operational in a service provider entity, which when executed by a processor causes the processor to:
- establish a communication service with a subscriber device; and
  
  send a command to the subscriber device to disqualify specified root certificates stored on the subscriber device, the specified root certificates unassociated with the service provider entity, wherein the command to disqualify the specified root certificates serves to disable the specified root certificates from operating on the subscriber device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Escott, Adrian, Palanigounder, Anand, Rosenberg, Brian M
Primary Examiner(s)
MIZRAHI, DIANE D

Application Number

US13/917,381
Publication Number

US 20130281060A1
Time in Patent Office

880 Days
Field of Search

455/552.1, 455/411
US Class Current

1/1
CPC Class Codes

H04L 63/0823   using certificates cryptogr...

H04L 63/0869   for achieving mutual authen...

H04W 12/069   using certificates or pre-s...

H04W 48/02   Access restriction performe...

H04W 76/10   Connection setup

H04W 88/02   Terminal devices

Method and apparatus for network personalization of subscriber devices

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

42 Claims

Specification

Use Cases

Quick Links

Others

Method and apparatus for network personalization of subscriber devices

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

42 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others