Method and system for secure provisioning of a wireless device

US 9,621,716 B2
Filed: 06/10/2010
Issued: 04/11/2017
Est. Priority Date: 06/10/2010
Status: Active Grant

First Claim

Patent Images

1. A method of enabling one or more communication services on a wireless device, the method comprising:

sending a request for provisioning information from a carrier provisioning system to a device developer provisioning system, the request indicating a setting on the wireless device that is to be varied by the provisioning information;

receiving, from the device developer provisioning system, encrypted provisioning information corresponding to the request, wherein the encrypted provisioning information is generated using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system, wherein the encrypted provisioning information contains a network time retrieved from a wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored by the wireless device if the provisioning information is not current; and

sending the encrypted provisioning information corresponding to the request from the carrier provisioning system to the wireless device.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for enabling one or more communication services on a wireless device are provided. The method comprises: sending a request for provisioning information from a carrier provisioning system to a device developer provisioning system; receiving, from the device developer provisioning system, secure provisioning information corresponding to the request; and sending the secure provisioning information corresponding to the request from the carrier provisioning system to the wireless device.

Citations

25 Claims

1. A method of enabling one or more communication services on a wireless device, the method comprising:
- sending a request for provisioning information from a carrier provisioning system to a device developer provisioning system, the request indicating a setting on the wireless device that is to be varied by the provisioning information;
  
  receiving, from the device developer provisioning system, encrypted provisioning information corresponding to the request, wherein the encrypted provisioning information is generated using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system, wherein the encrypted provisioning information contains a network time retrieved from a wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored by the wireless device if the provisioning information is not current; and
  
  sending the encrypted provisioning information corresponding to the request from the carrier provisioning system to the wireless device.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the provisioning information specifies a network address to which the wireless device may connect to enable at least one value added service.
  - 3. The method of claim 2, further comprising:
    - connecting, by the wireless device, to the network address; and
      
      enabling at least one value added service on the wireless device.
  - 4. The method of claim 2 wherein the value added service includes any one or a combination of:
    - email, internet services, instant messaging.
  - 5. The method of claim 1, wherein the encrypted provisioning information is sent from the carrier provisioning system as a short message service (SMS) message.
  - 6. The method of claim 1, wherein the encrypted provisioning information is digitally signed.
  - 7. The method of claim 1, wherein the provisioning information specifies updated operating parameters for the wireless device.
  - 8. The method of claim 1, further comprising:
    - generating, by the carrier provisioning system, further provisioning information; and
      
      sending the further provisioning information from the carrier provisioning system to the wireless device.
  - 9. The method of claim 1, wherein the encrypted provisioning information is encrypted with a public encryption key corresponding to a private key stored on the wireless device.

10. A method of enabling one or more communication services on a wireless device, the method comprising:
- receiving, at a device developer provisioning system, a request from a carrier provisioning system for provisioning information to provision the wireless device, the request indicating a setting on the wireless device that is to be varied by the provisioning information, the carrier provisioning system being connected to the wireless device through a wireless network;
  
  generating provisioning information using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system;
  
  encrypting the provisioning information to produce encrypted provisioning information, wherein the encrypted provisioning information contains a network time retrieved from the wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored by the wireless device if the provisioning information is not current; and
  
  sending the encrypted provisioning information from the device developer provisioning system to the carrier provisioning system for transmission to the wireless device.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, wherein the provisioning information is encrypted with a public encryption key corresponding to a private key stored on the wireless device.
  - 12. The method of claim 10, wherein the provisioning information specifies a network address to which the device may connect to enable at least one value added service.
  - 13. The method of claim 10, wherein the encrypted provisioning information is digitally signed.
  - 14. The method of claim 10, wherein the provisioning information specifies updated operating parameters for the wireless device.

15. A system for enabling one or more value added services on a wireless device comprising:
- a carrier provisioning system comprising;
  
  a first communication system for communicating with at least one wireless device;
  
  a second communication system for communicating with a device developer provisioning system;
  
  at least one processor, the at least one processor being configured to;
  
  send a request for provisioning information to a device developer provisioning system, the request indicating a setting on the wireless device that is to be varied by the provisioning information;
  
  receive, from the device developer provisioning system, encrypted provisioning information corresponding to the request, wherein encrypted provisioning information is generated using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system, wherein the encrypted provisioning information contains a network time retrieved from a wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored if the provisioning information is not current; and
  
  send the encrypted provisioning information corresponding to the request from the carrier provisioning system to the wireless device.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The system of claim 15 further comprising:
    - a device developer provisioning system comprising;
      
      a communication system for communicating with the carrier provisioning system; and
      
      at least one processor, the at least one processor being configured to;
      
      receive a request from the carrier provisioning system for provisioning information to provision the wireless device;
      
      generate provisioning information using the private algorithm associated with the device developer provisioning system;
      
      encrypt the provisioning information to produce secure provisioning information; and
      
      send the secure provisioning information to the carrier provisioning system.
  - 17. The system of claim 15, wherein the provisioning information is encrypted with a public encryption key corresponding to a private key stored on the wireless device.
  - 18. The system of claim 15, wherein the provisioning information specifies a network address to which the device may connect to enable at least one value added service.
  - 19. The system of claim 15, wherein the encrypted provisioning information is digitally signed.
  - 20. The system of claim 15, wherein the encrypted provisioning information is sent from the carrier provisioning system as a short message service (SMS) message.
  - 21. The system of claim 15, wherein the provisioning information specifies updated operating parameters for the wireless device.

22. A system for enabling one or more value added services on a wireless device comprising:
- a device developer provisioning system comprising;
  
  a communication system for communicating with a carrier provisioning system; and
  
  at least one processor, the at least one processor being configured to;
  
  receive a request from a carrier provisioning system for provisioning information to provision the wireless device, the carrier provisioning system being connected to the wireless device through a wireless network;
  
  generate provisioning information using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system;
  
  encrypt the provisioning information to produce encrypted provisioning information, wherein the encrypted provisioning information contains a network time retrieved from a wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored by the wireless device if the provisioning information is not current; and
  
  send the encrypted provisioning information from the device developer provisioning system to the carrier provisioning system for transmission to the wireless device.
- View Dependent Claims (23)
- - 23. The system of claim 22 further comprising:
    - the carrier provisioning system comprising;
      
      a first communication system for communicating with at least one wireless device;
      
      a second communication system for communicating with a device developer provisioning system;
      
      at least one processor, the at least one processor being configured to;
      
      send a request for provisioning information to the device developer provisioning system;
      
      receive, from the device developer provisioning system, the encrypted provisioning information corresponding to the request; and
      
      send the encrypted provisioning information corresponding to the request from the carrier provisioning system to the wireless device.

24. A non-transitory machine readable medium having tangibly stored thereon executable instructions for execution by a processor of an electronic device, wherein the executable instructions, when executed by the processor of the electronic device, cause the processor to:
- send a request for provisioning information from a carrier provisioning system to a device developer provisioning system, the request indicating a setting on a wireless device that is to be varied by the provisioning information;
  
  receive, from the device developer provisioning system, encrypted provisioning information corresponding to the request, wherein the encrypted provisioning information is generated using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system, wherein the encrypted provisioning information contains a network time retrieved from a wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored by the wireless device if the provisioning information is not current; and
  
  send the encrypted provisioning information corresponding to the request from the carrier provisioning system to the wireless device.

25. A non-transitory machine readable medium having tangibly stored thereon executable instructions for execution by a processor of an electronic device, wherein the executable instructions, when executed by the processor of the electronic device, cause the processor to:
- receiving, at a device developer provisioning system, a request from a carrier provisioning system for provisioning information to provision a wireless device, the request indicating a setting on the wireless device that is to be varied by the provisioning information, the carrier provisioning system being connected to the wireless device through a wireless network;
  
  generating provisioning information using a private algorithm on the device developer provisioning system, wherein the private algorithm is an algorithm which is unknown to the carrier provisioning system;
  
  encrypting the provisioning information to produce encrypted provisioning information, wherein the encrypted provisioning information contains a network time retrieved from the wireless network indicating a time and/or date when the provisioning information was generated and/or sent from the device developer provisioning system, added to the provisioning information prior to encryption, indicating currency of the provisioning information, and wherein the network time is useable by the wireless device to determine whether to implement the provisioning information, the encrypted provisioning information being ignored by the wireless device if the provisioning information is not current; and
  
  sending the encrypted provisioning information from the device developer provisioning system to the carrier provisioning system for transmission to the wireless device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Malikie Innovations Limited (Key Patent Innovations Limited)
Original Assignee
Blackberry Limited
Inventors
Rogan, Michael John
Primary Examiner(s)
Hoffman, Brandon
Assistant Examiner(s)
TRUONG, THONG P

Application Number

US12/797,732
Publication Number

US 20110305338A1
Time in Patent Office

2,497 Days
Field of Search

380278, 455410
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/126   the source of the received ...

H04M 3/42144   by service provider

H04W 12/02   Protecting privacy or anony...

H04W 12/033   of the user plane, e.g. use...

H04W 12/10   Integrity

H04W 12/35   Protecting application or s...

Method and system for secure provisioning of a wireless device

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for secure provisioning of a wireless device

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links