Apparatus and methods for activation of communication devices

US 9,736,144 B2
Filed: 07/14/2014
Issued: 08/15/2017
Est. Priority Date: 06/01/2012
Status: Expired due to Fees

First Claim

Patent Images

1. A universal integrated circuit card for a communication device, the universal integrated circuit card comprising:

a memory to store instructions; and

a processing system comprising a processor coupled to the memory, wherein the processing system, responsive to executing the instructions, performs operations comprising;

receiving a digital root certificate locking the communication device to a network provider, wherein the digital root certificate includes an expiration date;

storing the digital root certificate in the memory;

receiving, over a network from a trusted identity provider having an issuing authority from the network provider, a digitally signed security identifier for a prospective subscriber of the communication device, wherein the digitally signed security identifier includes network identifying information for the prospective subscriber that is digitally signed using the digital root certificate, wherein a first condition for enabling of the communication device is validation of the digitally signed security identifier against the digital root certificate that is stored in the memory, and wherein the digitally signed security identifier is usable by only the network provider;

receiving over the network from a trusted certificate authority a certificate revocation status associated with the digital root certificate,determining if the certificate revocation status is a revoked status indicating that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider;

if the certification revocation status is the revoked status;

disabling activation of the communication device; and

if the certification revocation status is not the revoked status;

receiving over the network an instruction;

determining whether the instruction that is received is for modifying the expiration date of the digital root certificate;

modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date;

disabling activation of the communication device according to the expiration date that is modified;

determining whether the expiration date of the digital root certificate has expired; and

disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method that incorporates teachings of the subject disclosure may include, for example, storing, by a universal integrated circuit card including at least one processor, a digital root certificate locking a communication device to a network provider, and disabling an activation of the communication device responsive to receiving an indication of a revocation of the stored digital root certificate from a certificate authority, wherein the indication of the revocation of the stored digital root certificate is associated with a revocation of permission for an identity authority to issue a security activation information to the communication device on behalf of the network provide. Other embodiments are disclosed.

39 Citations

View as Search Results

20 Claims

1. A universal integrated circuit card for a communication device, the universal integrated circuit card comprising:
- a memory to store instructions; and
  
  a processing system comprising a processor coupled to the memory, wherein the processing system, responsive to executing the instructions, performs operations comprising;
  
  receiving a digital root certificate locking the communication device to a network provider, wherein the digital root certificate includes an expiration date;
  
  storing the digital root certificate in the memory;
  
  receiving, over a network from a trusted identity provider having an issuing authority from the network provider, a digitally signed security identifier for a prospective subscriber of the communication device, wherein the digitally signed security identifier includes network identifying information for the prospective subscriber that is digitally signed using the digital root certificate, wherein a first condition for enabling of the communication device is validation of the digitally signed security identifier against the digital root certificate that is stored in the memory, and wherein the digitally signed security identifier is usable by only the network provider;
  
  receiving over the network from a trusted certificate authority a certificate revocation status associated with the digital root certificate,determining if the certificate revocation status is a revoked status indicating that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider;
  
  if the certification revocation status is the revoked status;
  
  disabling activation of the communication device; and
  
  if the certification revocation status is not the revoked status;
  
  receiving over the network an instruction;
  
  determining whether the instruction that is received is for modifying the expiration date of the digital root certificate;
  
  modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date;
  
  disabling activation of the communication device according to the expiration date that is modified;
  
  determining whether the expiration date of the digital root certificate has expired; and
  
  disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The universal integrated circuit card of claim 1, wherein the digitally signed security identifier comprises identifying information associated with the prospective subscriber.
  - 3. The universal integrated circuit card of claim 1, wherein the digital root certificate is issued from an identity authority.
  - 4. The universal integrated circuit card of claim 1, wherein the universal integrated circuit card is fixably attached to the communication device.
  - 5. The universal integrated circuit card of claim 1, wherein the universal integrated circuit card is removably attached to the communication device.
  - 6. The universal integrated circuit card of claim 1, wherein the operations further comprises receiving a request to activate the communication device.
  - 7. The universal integrated circuit card of claim 6, wherein the operations further comprise transmitting a request to a trusted certificate authority for the certificate revocation status associated with the digital root certificate responsive to a request to activate the communication device.
  - 8. The universal integrated circuit card of claim 1, wherein the operations further comprise deleting the digital root certificate from the memory responsive to the certificate revocation status comprising the revoked status.
  - 9. The universal integrated circuit card of claim 1, wherein the operations further comprise deleting the digital root certificate from the memory responsive to the receiving the instruction to modify the expiration date of the digital root certificate.

10. A communication device, comprising:
- a memory to store executable instructions; and
  
  a processing system comprising a processor coupled to the memory, wherein the executable instructions, when executed by the processing system, facilitate performance of operations comprising;
  
  receiving a digital root certificate locking the communication device to a network provider, wherein the digital root certificate comprises an expiration date;
  
  providing the digital root certificate to a universal integrated circuit card that is installed in the communication device;
  
  receiving, from a trusted identity provider having an issuing authority from the network provider, over a network a digitally signed security identifier for a prospective subscriber of the communication device, wherein a first condition for enabling of the communication device is validation of the digitally signed security identifier against the digital root certificate, and wherein the digitally signed security identifier is usable by only the network provider;
  
  receiving over the network from a trusted certificate authority a certificate revocation status associated with the digital root certificate;
  
  disabling activation of the communication device according to the certificate revocation status comprising a revoked status wherein the revoked status indicates that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider;
  
  receiving over the network an instruction;
  
  determining whether the instruction that is received is for modifying the expiration date of the digital root certificate;
  
  modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date;
  
  disabling activation of the communication device according to the expiration date that is modified;
  
  determining whether the expiration date of the digital root certificate has expired; and
  
  disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The communication device of claim 10, wherein the operations further comprise determining whether the digitally signed security identifier for the prospective subscriber is valid by way of a digital verification of the digitally signed security identifier according to the certificate revocation status comprising a non-revoked status.
  - 12. The communication device of claim 11, wherein the operations further comprise enabling activating of the communication device for the prospective subscriber to operate over a communication network of the network responsive to determining that the digitally signed security identifier for the prospective subscriber is valid.
  - 13. The communication device of claim 10, wherein the universal integrated circuit card is fixably attached to the communication device.
  - 14. The communication device of claim 10, wherein the universal integrated circuit card is removably attached to the communication device.
  - 15. The communication device of claim 10, wherein the operations further comprise transmitting a request to the trusted certificate authority for the certificate revocation status associated with the digital root certificate.
  - 16. The communication device of claim 10, wherein the operations further comprise deleting the digital root certificate responsive to the certificate revocation status comprising the revoked status.
  - 17. The communication device of claim 10, wherein the operations further comprise deleting the digital root certificate from the memory responsive to the receiving the instruction to modify the expiration date of the digital root certificate.

18. A computer-readable storage device, comprising executable instructions which, responsive to being executed by a processing system comprising a processor, facilitate performance of operations comprising:
- receiving a digital root certificate that limits a communication device to use of a network provider, wherein the digital root certificate comprises an expiration date;
  
  storing the digital root certificate in memory, wherein a first condition for enabling of the communication device is validation of a digitally signed security identifier against the digital root certificate that is stored in the memory, wherein the digitally signed security identifier is usable by only the network provider, is received from a trusted identity provider having an issuing authority granted by the network provider, and includes network identifying information for a prospective subscriber that is digitally signed using the digital root certificate;
  
  receiving, over a network from a trusted certificate authority, a certificate revocation status associated with the digital root certificate;
  
  determining if the certificate revocation status is a revoked status indicating that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider;
  
  if the certification revocation status is the revoked status;
  
  disabling activation of the communication device; and
  
  if the certification revocation status is not the revoked status;
  
  receiving over the network an instruction;
  
  determining whether the instruction that is received is for modifying the expiration date of the digital root certificate;
  
  modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date;
  
  disabling activation of the communication device according to the expiration date that is modified;
  
  determining whether the expiration date of the digital root certificate has expired; and
  
  disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier.
- View Dependent Claims (19, 20)
- - 19. The computer-readable storage device of claim 18, wherein the operations further comprise deleting the digital root certificate from the memory responsive to the certificate revocation status comprising the revoked status.
  - 20. The computer-readable storage device of claim 18, wherein the digital root certificate has been revoked due to an alteration in a trust arrangement between the trusted identity provider and the network provider.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.), AT&T Mobility II LLC (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.), AT&T Mobility II LLC (AT&T, Inc.)
Inventors
McCanna, Patrick, Crockett, John, Harber, David, Lewis, Aubryn, Rulifson, Liane F, Ahluwalia, Inderpreet Singh
Primary Examiner(s)
Zecher, Dede
Assistant Examiner(s)
MCCOY, RICHARD ANTHONY

Application Number

US14/330,534
Publication Number

US 20140325210A1
Time in Patent Office

1,128 Days
Field of Search

None
US Class Current
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/0823   using certificates cryptogr...

H04L 63/0853   using an additional device,...

H04L 9/3247   involving digital signatures

H04L 9/3268   using certificate validatio...

H04W 12/082   using revocation of authori...

H04W 12/48   using secure binding, e.g. ...

Apparatus and methods for activation of communication devices

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

39 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Apparatus and methods for activation of communication devices

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

39 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others