Infrastructure for secure short message transmission

US 9,473,945 B1
Filed: 04/07/2015
Issued: 10/18/2016
Est. Priority Date: 04/07/2015
Status: Active Grant

First Claim

Patent Images

1. A method of secure communication using short messages, comprising:

establishing a communication link from a user equipment (UE) to a communication terminal by the UE, the communication link comprising a plurality of nodes that include a trusted security zone and operate in trusted operation mode, wherein the trusted security zone runs a separate operating system that is not accessible to device users and the trusted security zone is implemented by partitioning hardware and software resources into a secure partition and a normal partition with sensitive resources placed in the secure partition, and wherein normal partition applications run on a first virtual processor, secure partition applications run on a second virtual processor, and the first and second virtual processors run on a single physical processor executing in a time sliced fashion;

sending a validation message to the communication terminal over the communication link by the UE, wherein a passcode is appended to the validation message sent to the communication terminal, and wherein the communication terminal determines that the UE is a trusted source based on the passcode;

receiving the validation message back from the communication terminal via the communication link by the UE, wherein the received validation message has an appended aggregate security signature on the validation message indicating that the communication terminal read and validated the validation message;

in response to receiving the validation message back from the communication terminal, sending a short message over the communication link to the communication terminal by the UE; and

tearing down the communication link by the UE.

View all claims

6 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A user equipment (UE) is disclosed. The UE comprises a radio frequency transceiver, processor, a memory, and an application stored to the memory. The application, when executed by the processor establishes a communication link from the UE to a communication terminal. The application sends a validation message to the communication terminal over the communication link, wherein a passcode is appended to the validation message send to the communication terminal. The application receives the validation message back from the communication terminal via the communication link, wherein the received validation message has an appended aggregate security signature on the message that shows that the message was read and validated by the communication terminal. The application sends a short message over the communication link to the communication terminal. The application then tears down the communication link.

467 Citations

20 Claims

1. A method of secure communication using short messages, comprising:
- establishing a communication link from a user equipment (UE) to a communication terminal by the UE, the communication link comprising a plurality of nodes that include a trusted security zone and operate in trusted operation mode, wherein the trusted security zone runs a separate operating system that is not accessible to device users and the trusted security zone is implemented by partitioning hardware and software resources into a secure partition and a normal partition with sensitive resources placed in the secure partition, and wherein normal partition applications run on a first virtual processor, secure partition applications run on a second virtual processor, and the first and second virtual processors run on a single physical processor executing in a time sliced fashion;
  
  sending a validation message to the communication terminal over the communication link by the UE, wherein a passcode is appended to the validation message sent to the communication terminal, and wherein the communication terminal determines that the UE is a trusted source based on the passcode;
  
  receiving the validation message back from the communication terminal via the communication link by the UE, wherein the received validation message has an appended aggregate security signature on the validation message indicating that the communication terminal read and validated the validation message;
  
  in response to receiving the validation message back from the communication terminal, sending a short message over the communication link to the communication terminal by the UE; and
  
  tearing down the communication link by the UE.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the passcode is one of a security token or a personal identification number (PIN).
  - 3. The method of claim 1, wherein the communication terminal reads the passcode to determine that the validation message is sent from the UE.
  - 4. The method of claim 1, wherein the information of the aggregate security signature is stored to a trust log that is stored on a processing application.
  - 5. The method of claim 4, wherein the aggregate security signature comprises information of the validation message sent, when the validation message was delivered and/or time stamps, a payload that the short message comprises, who received the payload, and all authentication information of the UE, the communication terminal, and the plurality of nodes operating in trusted operation mode.
  - 6. The method of claim 1, wherein the communication link is a temporary trusted communication pathway.
  - 7. The method of claim 1, wherein operating in trusted operation mode comprises utilizing hardware assisted trust.
  - 8. The method of claim 7, wherein each of the plurality of nodes is instructed to return to normal operation mode in response to tearing down the communication link.

9. A method of secure communication using short messages, comprising:
- establishing a communication link from a user equipment (UE) to a communication terminal by the UE, the communication link comprising a plurality of nodes that include a trusted security zone and operate in trusted operation mode, wherein the trusted security zone runs a separate operating system that is not accessible to device users and the trusted security zone is implemented by partitioning hardware and software resources into a secure partition and a normal partition with sensitive resources placed in the secure partition, and wherein normal partition applications run on a first virtual processor, secure partition applications run on a second virtual processor, and the first and second virtual processors run on a single physical processor executing in a time sliced fashion;
  
  sending a validation message to the communication terminal over the communication link by the UE, the validation message being tagged by each of the plurality of nodes that it passes through over the communication link from the UE to the communication terminal, wherein a passcode is appended to the validation message sent to the communication terminal, and wherein the communication terminal determines that the UE is a trusted source based on the passcode;
  
  receiving the validation message back from the communication terminal via the communication link by the UE, wherein the validation message comprises an appended aggregate security signature that includes the compiled tags and indicates that the communication terminal read and validated the validation message, and wherein the validation message returns to the UE along the same communication link;
  
  in response to receiving the validation message back from the communication terminal, sending an SMS message over the communication link from the UE to the communication terminal by the UE; and
  
  tearing down the communication link by the UE.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, wherein the communication link is a temporary trusted communication pathway.
  - 11. The method of claim 9, wherein the UE records the plurality of nodes operating in trusted operation mode that are used to establish the communication link from the UE to the communication terminal.
  - 12. The method of claim 9, wherein the SMS message comprises a payload that is wanted by the communication terminal.
  - 13. The method of claim 12, wherein the payload comprises one of a message, statistics, and media content.
  - 14. The method of claim 9, wherein the aggregate security signature is stored to a trust log, and wherein the aggregate security signature comprises information of the validation messages sent, when the validation message was delivered, a payload received in the SMS message, who received the payload, time stamps, and all authentications.

15. A user equipment (UE), comprising:
- a radio frequency transceiver,a processor,a memory,an application stored to the memory that, when executed by the processor,establishes a communication link from the UE to a communication terminal, the communication link comprising a plurality of nodes that include a trusted security zone and operate in trusted operation mode, wherein the trusted security zone runs a separate operating system that is not accessible to device users and the trusted security zone is implemented by partitioning hardware and software resources into a secure partition and a normal partition with sensitive resources placed in the secure partition, and wherein normal partition applications run on a first virtual processor, secure partition applications run on a second virtual processor, and the first and second virtual processors run on a single physical processor executing in a time sliced fashion,sends a validation message to the communication terminal over the communication link, wherein a passcode is appended to the validation message sent to the communication terminal, and wherein the communication terminal determines that the UE is a trusted source based on the passcode,receives the validation message back from the communication terminal via the communication link, wherein the received validation message comprises an aggregate security signature indicating that the communication terminal read and validated the validation message,in response to receipt of the validation message back from the communication terminal, sends a message over the communication link to the communication terminal, andtears down the communication link.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein the passcode is one of a security token or a personal identification number (PIN).
  - 17. The method of claim 16, wherein the communication terminal reads the passcode to determine that the validation message is sent from the UE.
  - 18. The method of claim 15, wherein the UE and the communication terminal are communicatively coupled via a network, and wherein the plurality of nodes operating in trusted operation mode are located in the network.
  - 19. The method of claim 15, wherein the message comprises one of a short message service (SMS) message, a multimedia message service (MMS) message, or an instant message (IM) message.
  - 20. The method of claim 19, wherein messages sent between the UE and the communication terminal are short messages and validation messages.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
T-Mobile Innovations LLC (Deutsche Telekom AG)
Original Assignee
Sprint Communications Company LP (Deutsche Telekom AG)
Inventors
Marquardt, Ronald R., Paczkowski, Lyle W.
Primary Examiner(s)
Mapa, Michael

Application Number

US14/681,077
Time in Patent Office

560 Days
Field of Search

455/411, 455/445, 370/241, 370/248, 370/351
US Class Current

1/1
CPC Class Codes

H04L 63/083   using passwords cryptograph...

H04L 63/12   Applying verification of th...

H04W 12/06   Authentication

H04W 12/086   using security domains

H04W 12/10   Integrity

H04W 4/14   Short messaging services, e...

Infrastructure for secure short message transmission

First Claim

6 Assignments

0 Petitions

Accused Products

Abstract

467 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Infrastructure for secure short message transmission

First Claim

6 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

467 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links