Apparatus and methods for controlling distribution of electronic access clients
First Claim
1. A mobile device configured to selectively enable and disable different hardware components included in the mobile device, the mobile device comprising:
- a wireless interface; and
a secure element, wherein the secure element includes;
an interface to different hardware components included in the mobile device;
a secure processor;
a first secure storage configured to store at least one access control client that enables the mobile device to access services provided by a cellular network associated with the at least one access control client; and
a second secure storage configured to store instructions that, when executed by the secure processor, cause the secure processor to carry out operations that include;
verifying activation information that specifies at least one limitation for operating the mobile device to be enforced by the secure element, wherein the activation information includes at least one record, and each record;
corresponds to a hardware component of the different hardware components,includes a shared secret associated with the hardware component, andindicates whether to enable or disable the hardware component; and
upon verifying the activation information;
downloading an access control client,storing the access control client in the first secure storage, and for each record included in the activation information;
causing an enablement or a disablement of the hardware component in accordance with the record and in response to a verification of the shared secret by the hardware component.
0 Assignments
0 Petitions
Accused Products
Abstract
Apparatus and methods for controlling the distribution of electronic access clients to a device. In one embodiment, a virtualized Universal Integrated Circuit Card (UICC) can only load an access client such as an electronic Subscriber Identity Module (eSIM) according to an activation ticket. The activation ticket ensures that the virtualized UICC can only receive eSIMs from specific carriers (“carrier locking”). Unlike prior art methods which enforce carrier locking on a software application launched from a software chain of trust (which can be compromised), the present invention advantageously enforces carrier locking with the secure UICC hardware which has, for example, a secure code base.
147 Citations
20 Claims
-
1. A mobile device configured to selectively enable and disable different hardware components included in the mobile device, the mobile device comprising:
-
a wireless interface; and a secure element, wherein the secure element includes; an interface to different hardware components included in the mobile device; a secure processor; a first secure storage configured to store at least one access control client that enables the mobile device to access services provided by a cellular network associated with the at least one access control client; and a second secure storage configured to store instructions that, when executed by the secure processor, cause the secure processor to carry out operations that include; verifying activation information that specifies at least one limitation for operating the mobile device to be enforced by the secure element, wherein the activation information includes at least one record, and each record; corresponds to a hardware component of the different hardware components, includes a shared secret associated with the hardware component, and indicates whether to enable or disable the hardware component; and upon verifying the activation information; downloading an access control client, storing the access control client in the first secure storage, and for each record included in the activation information; causing an enablement or a disablement of the hardware component in accordance with the record and in response to a verification of the shared secret by the hardware component. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A hardware secure element included in a mobile device, the hardware secure element comprising:
-
an interface to different hardware components included in the mobile device; a secure processor; a first secure storage configured to store at least one access control client that enables the mobile device to access services provided by a cellular network associated with the at least one access control client; and a second secure storage configured to store instructions that, when executed by the secure processor, cause the secure processor to carry out operations that include; verifying activation information that specifies at least one limitation for operating the mobile device to be enforced by the hardware secure element, wherein the activation information includes at least one record, and each record; corresponds to a hardware component of the different hardware components, includes a shared secret associated with the hardware component, and indicates whether to enable or disable the hardware component; and upon verifying the activation information; downloading an access control client, storing the access control client in the first secure storage, and for each record included in the activation information; causing an enablement or a disablement of the hardware component in accordance with the record and in response to a verification of the shared secret by the hardware component. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method for selectively enabling and disabling different hardware components included in a wireless device, the method comprising:
at a secure element included the wireless device; receiving activation information that specifies at least one limitation for operating the wireless device to be enforced by the secure element, wherein the activation information includes at least one record, and each record; corresponds to a hardware component of the different hardware components, includes a shared secret associated with the hardware component, and indicates whether to enable or disable the hardware component; verifying the activation information; and upon verifying the activation information; downloading an access control client that enables the wireless device to access services provided by a cellular network associated with the access control client, storing the access control client in a first secure storage included in the secure element, and for each record included in the activation information; causing an enablement or a disablement of the hardware component in accordance with the record and in response to a verification of the shared secret by the hardware component. - View Dependent Claims (17, 18, 19, 20)
Specification