Apparatus and method for managing security domains for a universal integrated circuit card
First Claim
Patent Images
1. A device comprising:
- a universal integrated circuit card;
a processor; and
a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising;
generating a third-party security domain root structure for the universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, and wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a mobile network operator trusted service manager;
adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the mobile network operator trusted security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions subject to authorization from the equipment of the mobile network operator trusted service manager; and
adjusting the third-party security domain root structure to include another service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the another service provider trusted security domain enables equipment of another third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the mobile network operator trusted service manager.
1 Assignment
0 Petitions
Accused Products
Abstract
A device that incorporates the subject disclosure may perform, for example, generating a security domain root structure for a universal integrated circuit card of an end user device, where the security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, where the link provider operator security domain enables transport management by a link provider operator, and where the mobile network operator trusted security domain enables card content management and subscription eligibility verification by a mobile network operator trusted service manager. Other embodiments are disclosed.
-
Citations
20 Claims
-
1. A device comprising:
-
a universal integrated circuit card; a processor; and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations, comprising; generating a third-party security domain root structure for the universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, and wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a mobile network operator trusted service manager; adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the mobile network operator trusted security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions subject to authorization from the equipment of the mobile network operator trusted service manager; and adjusting the third-party security domain root structure to include another service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the another service provider trusted security domain enables equipment of another third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the mobile network operator trusted service manager. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A universal integrated circuit card comprising:
-
a memory that stores executable instructions that, when executed by a processor, facilitate performance of operations, comprising; generating a third-party security domain root structure for the universal integrated circuit card, wherein the third-party security domain root structure includes a hierarchy of a link provider operator security domain above a mobile network operator trusted security domain, and wherein the mobile network operator trusted security domain enables card content management and subscription eligibility verification by equipment of a mobile network operator trusted service manager; responsive to an instruction received from the equipment of the mobile network operator trusted service manager, adjusting the third-party security domain root structure to include a service provider trusted security domain in the hierarchy below the mobile network operator trusted security domain, wherein the service provider trusted security domain enables equipment of a third-party trusted service manager to perform card content management actions subject to authorization from the equipment of the mobile network operator trusted service manager; and adjusting the third-party security domain root structure to include a second service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the second service provider trusted security domain enables equipment of another third-party trusted service manager to perform card content management actions without obtaining authorization from the equipment of the mobile network operator trusted service manager. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A method, comprising:
-
determining, by a server including a processing system, to operate a universal integrated circuit card of an end user device in a delegated mode, wherein the universal integrated circuit card has a third-party security domain root structure with a hierarchy including a link provider operator security domain in the hierarchy above a mobile network operator trusted security domain; responsive to the determining to operate in the delegated mode, causing, by the server, the third-party security domain root structure of the universal integrated circuit card to add a service provider trusted security domain in the hierarchy below the mobile network operator trusted security domain; and receiving, by the server, a request from a third-party trusted service manager to perform a card content management action, wherein the service provider trusted security domain enables the third-party trusted service manager to perform the card content management action via the service provider trusted security domain, wherein the third-party security domain root structure is selectively adjustable to include the service provider trusted security domain in the hierarchy below the link provider operator security domain, wherein the service provider trusted security domain enables a third-party trusted service manager to perform card content management actions without obtaining authorization from the mobile network operator trusted service manager. - View Dependent Claims (17, 18, 19, 20)
-
Specification