Apparatus and method for secure provisioning of a communication device
First Claim
1. A method comprising:
- decrypting, by a secure processing system including a processor of a communication system, an over-the-air programming message that includes programming data, utilizing a first keyset obtained by the secure processing system to generate a first-keyset decrypted over-the-air programming message, wherein the first keyset is obtained from a remote management server via transmission by an over-the-air programming server; and
providing, by the secure processing system, the first-keyset decrypted over-the-air programming message to a secure element, wherein the providing of the first-keyset decrypted over-the-air programming message to the secure element enables the secure element to further decrypt the first-keyset decrypted over-the-air programming message utilizing a second keyset, and wherein the secure processing system does not have access to the second keyset.
1 Assignment
0 Petitions
Accused Products
Abstract
A system that incorporates the subject disclosure may perform, for example, obtaining programming data via an over-the-air programming message for use by a communication device, wherein the over-the-air programming message is obtained from, and encrypted by an over-the-air programming server. The over-the-air programming message is decrypted utilizing a first keyset obtained by a secure device processor processing the first keyset obtained from a remote management server via transmission by the over-the-air programming server, to generate a first-key decrypted over-the-air programming message. The decrypted over-the-air programming message is provided to a secure element to enable the secure element to further decrypt the first-key decrypted over-the-air programming message utilizing a second keyset, wherein the secure device processor does not have access to the second keyset. Other embodiments are disclosed.
265 Citations
20 Claims
-
1. A method comprising:
-
decrypting, by a secure processing system including a processor of a communication system, an over-the-air programming message that includes programming data, utilizing a first keyset obtained by the secure processing system to generate a first-keyset decrypted over-the-air programming message, wherein the first keyset is obtained from a remote management server via transmission by an over-the-air programming server; and providing, by the secure processing system, the first-keyset decrypted over-the-air programming message to a secure element, wherein the providing of the first-keyset decrypted over-the-air programming message to the secure element enables the secure element to further decrypt the first-keyset decrypted over-the-air programming message utilizing a second keyset, and wherein the secure processing system does not have access to the second keyset. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A non-transitory, machine-readable storage medium, comprising executable instructions that, when executed by a processing system including a processor, facilitate performance of operations, the operations comprising:
-
decrypting an encrypted over-the-air programming message that includes programming data, utilizing a first keyset at secure processing device to generate a first-keyset decrypted over-the-air programming message, wherein the first keyset is obtained from a remote management server via transmission by an over-the-air programming server; and forwarding the first-keyset decrypted over-the-air programming message to a secure element, wherein the forwarding of the first-keyset decrypted over-the-air programming message to the secure element enables the secure element to further decrypt the first-keyset decrypted over-the-air programming message utilizing a second keyset, and wherein the secure processing device does not have access to the second keyset. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A communication device comprising:
-
a secure processing system including a processor; and a memory that stores executable instructions that, when executed by the secure processing system, facilitate performance of operations, the operations comprising; decrypting an over-the-air programming message utilizing a first key to obtain a first-key decrypted over-the-air programming message, wherein the over-the-air programming message includes programming data for provisioning the communication device, and wherein the first key is obtained from a remote device via an over-the-air transmission; and providing the first-key decrypted over-the-air programming message to a secure element, wherein the providing of the first-key decrypted over-the-air programming message to the secure element enables the secure element to further decrypt the first-key decrypted over-the-air programming message utilizing a second key, and wherein the secure processing system does not have access to the second key. - View Dependent Claims (18, 19, 20)
-
Specification