Apparatus and methods for activation of communication devices
First Claim
1. A universal integrated circuit card for a communication device, the universal integrated circuit card comprising:
- a memory to store instructions; and
a processing system comprising a processor coupled to the memory, wherein the processing system, responsive to executing the instructions, performs operations comprising;
receiving a digital root certificate locking the communication device to a network provider, wherein the digital root certificate includes an expiration date;
storing the digital root certificate in the memory;
receiving, over a network from a trusted identity provider having an issuing authority from the network provider, a digitally signed security identifier for a prospective subscriber of the communication device, wherein the digitally signed security identifier includes network identifying information for the prospective subscriber that is digitally signed using the digital root certificate, wherein a first condition for enabling of the communication device is validation of the digitally signed security identifier against the digital root certificate that is stored in the memory, and wherein the digitally signed security identifier is usable by only the network provider;
receiving over the network from a trusted certificate authority a certificate revocation status associated with the digital root certificate,determining if the certificate revocation status is a revoked status indicating that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider;
if the certification revocation status is the revoked status;
disabling activation of the communication device; and
if the certification revocation status is not the revoked status;
receiving over the network an instruction;
determining whether the instruction that is received is for modifying the expiration date of the digital root certificate;
modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date;
disabling activation of the communication device according to the expiration date that is modified;
determining whether the expiration date of the digital root certificate has expired; and
disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier.
2 Assignments
0 Petitions
Accused Products
Abstract
A method that incorporates teachings of the subject disclosure may include, for example, storing, by a universal integrated circuit card including at least one processor, a digital root certificate locking a communication device to a network provider, and disabling an activation of the communication device responsive to receiving an indication of a revocation of the stored digital root certificate from a certificate authority, wherein the indication of the revocation of the stored digital root certificate is associated with a revocation of permission for an identity authority to issue a security activation information to the communication device on behalf of the network provide. Other embodiments are disclosed.
39 Citations
20 Claims
-
1. A universal integrated circuit card for a communication device, the universal integrated circuit card comprising:
-
a memory to store instructions; and a processing system comprising a processor coupled to the memory, wherein the processing system, responsive to executing the instructions, performs operations comprising; receiving a digital root certificate locking the communication device to a network provider, wherein the digital root certificate includes an expiration date; storing the digital root certificate in the memory; receiving, over a network from a trusted identity provider having an issuing authority from the network provider, a digitally signed security identifier for a prospective subscriber of the communication device, wherein the digitally signed security identifier includes network identifying information for the prospective subscriber that is digitally signed using the digital root certificate, wherein a first condition for enabling of the communication device is validation of the digitally signed security identifier against the digital root certificate that is stored in the memory, and wherein the digitally signed security identifier is usable by only the network provider; receiving over the network from a trusted certificate authority a certificate revocation status associated with the digital root certificate, determining if the certificate revocation status is a revoked status indicating that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider; if the certification revocation status is the revoked status; disabling activation of the communication device; and if the certification revocation status is not the revoked status; receiving over the network an instruction; determining whether the instruction that is received is for modifying the expiration date of the digital root certificate; modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date; disabling activation of the communication device according to the expiration date that is modified; determining whether the expiration date of the digital root certificate has expired; and disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A communication device, comprising:
-
a memory to store executable instructions; and a processing system comprising a processor coupled to the memory, wherein the executable instructions, when executed by the processing system, facilitate performance of operations comprising; receiving a digital root certificate locking the communication device to a network provider, wherein the digital root certificate comprises an expiration date; providing the digital root certificate to a universal integrated circuit card that is installed in the communication device; receiving, from a trusted identity provider having an issuing authority from the network provider, over a network a digitally signed security identifier for a prospective subscriber of the communication device, wherein a first condition for enabling of the communication device is validation of the digitally signed security identifier against the digital root certificate, and wherein the digitally signed security identifier is usable by only the network provider; receiving over the network from a trusted certificate authority a certificate revocation status associated with the digital root certificate; disabling activation of the communication device according to the certificate revocation status comprising a revoked status wherein the revoked status indicates that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider; receiving over the network an instruction; determining whether the instruction that is received is for modifying the expiration date of the digital root certificate; modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date; disabling activation of the communication device according to the expiration date that is modified; determining whether the expiration date of the digital root certificate has expired; and disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
-
18. A computer-readable storage device, comprising executable instructions which, responsive to being executed by a processing system comprising a processor, facilitate performance of operations comprising:
-
receiving a digital root certificate that limits a communication device to use of a network provider, wherein the digital root certificate comprises an expiration date; storing the digital root certificate in memory, wherein a first condition for enabling of the communication device is validation of a digitally signed security identifier against the digital root certificate that is stored in the memory, wherein the digitally signed security identifier is usable by only the network provider, is received from a trusted identity provider having an issuing authority granted by the network provider, and includes network identifying information for a prospective subscriber that is digitally signed using the digital root certificate; receiving, over a network from a trusted certificate authority, a certificate revocation status associated with the digital root certificate; determining if the certificate revocation status is a revoked status indicating that the digital root certificate has been revoked due to a termination of the issuing authority of the trusted identity provider; if the certification revocation status is the revoked status; disabling activation of the communication device; and if the certification revocation status is not the revoked status; receiving over the network an instruction; determining whether the instruction that is received is for modifying the expiration date of the digital root certificate; modifying the expiration date of the digital root certificate responsive to determining that the instruction is for modifying the expiration date; disabling activation of the communication device according to the expiration date that is modified; determining whether the expiration date of the digital root certificate has expired; and disabling the first condition for enabling the communication device such that the communication device is unlocked from the network provider, wherein the disabling of the first condition does not alter the digitally signed security identifier. - View Dependent Claims (19, 20)
-
Specification