ENABLING USERS TO SELECT BETWEEN SECURE SERVICE PROVIDERS USING A KEY ESCROW SERVICE

US 20130212384A1
Filed: 03/18/2013
Published: 08/15/2013
Est. Priority Date: 09/15/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing secure services to computing devices comprising secure elements, the method comprising:

maintaining, by a computer, at lest one cryptographic key for a secure element of a network computing device, the at least one cryptographic key operable to provide secure access to the secure element via a secure communication channel;

receiving, by the computer, a selection of a trusted service manager (“

TSM”

); and

transmitting, by the computer, the at least one cryptographic key to the selected TSM in response to receiving the request select TSMs.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are described herein for enabling users to select from available secure service providers (each having a Trusted Service Manager (“TSM”)) for provisioning applications and services on a secure element installed on a device of the user. The device includes a service provider selector (“SPS”) module that provides a user interface for selecting the secure service provider. In one embodiment, the SPS communicates with a key escrow service that maintains cryptographic keys for the secure element and distributes the keys to the user selected secure service provider. The key escrow service also revokes the keys from deselected secure service providers. In another embodiment, the SPS communicates with a central TSM that provisions applications and service on behalf of the user selected secure service provider. The central TSM serves as a proxy between the secure service providers and the secure element.

27 Citations

View as Search Results

37 Claims

1. A computer-implemented method for providing secure services to computing devices comprising secure elements, the method comprising:
- maintaining, by a computer, at lest one cryptographic key for a secure element of a network computing device, the at least one cryptographic key operable to provide secure access to the secure element via a secure communication channel;
  
  receiving, by the computer, a selection of a trusted service manager (“
  
  TSM”
  
  ); and
  
  transmitting, by the computer, the at least one cryptographic key to the selected TSM in response to receiving the request select TSMs.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 29)
- - 2. The computer-implemented method of claim 1, wherein if the secure element included information related to a previous TSM that is different from the selected TSM, the method further comprising revoking the at least one cryptographic key from the previous TSM in response to receiving the request to select the TSM.
  - 3. The computer-implemented method of claim 2, where the revoking the at least one cryptographic key comprises transmitting a message to the previous TSM requesting that the previous TSM discard the at least one cryptographic key.
  - 4. The computer-implemented method of claim 2, wherein the revoking the at least one cryptographic key comprises sending a message to the secure element requesting the secure element to block the previous TSM from accessing the secure element, and wherein the secure element is operable to block the previous TSM from accessing the secure element in response to receiving the message.
  - 5. The computer-implemented method of claim 1, wherein the secure element is further operable to identify TSMs attempting to access the secure element and to prevent access to blocked TSMs.
  - 6. The computer-implemented method of claim 2, wherein the secure element comprises at least one cryptographic key for each of a plurality of TSMs, and wherein the revoking the at least one cryptographic key comprises transmitting a message to the secure element requesting the secure element to deactivate the at least one cryptographic key for the previous TSM.
  - 7. The computer-implemented method of claim 1, wherein if the secure element included information related to a previous TSM that is different from the selected TSM, the method further comprising removing information related to the previous TSM from the secure element in response to receiving the request to select the TSM.
  - 8. The computer-implemented method of claim 1, further comprising sending a message to the secure element requesting the secure element to remove information related to a previous TSM from the secure element in response to the request to select the TSM.
  - 9. The computer-implemented method of claim 1, wherein the request comprises a selection of the selection TSM, and wherein the method further comprises performing an off-path confirmation of the selection of the selected TSM prior to transmitting the at least one cryptographic key to the selected TSM.
  - 10. The computer-implemented method of claim 1, wherein the network device comprises a near field communication (“
    - NFC”
      
      ) module and wherein the secure service comprises a secure contactless service via the NFC module.
  - 11. The computer-implemented method of claim 1, wherein the at least one cryptographic key enables the selected TSM to install and provision at least one software application onto the secure element.
  - 29. The computer-implemented method of claim 1, the request to select the TSM is received from the network device.

12. A computer program product, comprising:
- a non-transitory computer-readable medium having computer-readable program code embodied therein that when executed by a computer cause the computer to provide secure services to computing devices, the computer-readable program code comprising;
  
  computer-readable program code for maintaining at least one cryptographic key for a secure memory of a computing device, the at least one cryptographic key operable to provide secure access to the secure memory via a secure communication channel;
  
  computer-readable program code for receiving a selection of a secure service provider; and
  
  computer-readable program code for transmitting the at least one cryptographic key to the selected secure service provider in response to receiving the request to select the secure service provider.
- View Dependent Claims (13, 14, 15, 30, 31, 32, 33, 34, 35, 36, 37)
- - 13. The computer program product of claim 12, wherein if the memory included information related to a previous secure service provider that is different from the selected secure service provider, the computer program product further comprising computer-readable program code for revoking the at least one cryptographic key from the previous secure service provides in response to receiving the request to select the secure service provider.
  - 14. The computer program product of claim 13, wherein the computer-readable program code for revoking the at least one cryptographic key comprises computer-readable program code for sending a message to the secure memory requesting the secure memory to block the previous secure service provider from accessing the secure memory, and wherein the secure memory is operable to block the previous secure service provider from accessing the secure memory in response to receiving the message.
  - 15. The computer program product of claim 13, wherein the secure memory comprises at least one cryptographic key for each of a plurality of secure service providers, and wherein the computer-readable program code for revoking the at least one cryptographic key comprises computer-readable program code for transmitting a message to the secure memory requesting the secure memory to deactivate the at least one cryptographic key for the previous secure service provider.
  - 30. The computer program product of claim 12, wherein the secure memory is a secure element.
  - 31. The computer program product of claim 13, wherein the revoking the at least one cryptographic key comprises transmitting a message to the previous secure service provider requesting that the previous secure service provider discard the at least one cryptographic key.
  - 32. The computer program product of claim 14, wherein the secure memory is further operable to identify secure service providers attempting to access the secure memory and to prevent access to blocked secure service providers.
  - 33. The computer program product of claim 12, further comprising computer-readable program code for removing information related to the first secure service provider from the secure memory in response to receiving the request to change secure service provider.
  - 34. The computer program product of claim 12, further comprising computer-readable program code for sending a message to the secure memory requesting the secure memory to remove information related to the previous secure service provider from the secure memory in response to the request to select the secure service provider.
  - 35. The computer program product of claim 12, wherein the request comprises a selection of the selected secure service provider, and wherein the computer program product further comprises computer-readable program code for performing an off-path confirmation of the selection of the selected secure service provider prior to transmitting the at least one cryptographic key to the selected secure service provider.
  - 36. The computer program product of claim 12, wherein the network device comprises a near field communication (“
    - NFC”
      
      ) module, and wherein the secure service comprises a secure contactless service via the NFC module.
  - 37. The computer program product of claim 12, wherein the at least one cryptographic key enables the selected secure service provider to install and provision at least one software application onto the secure memory.

16. A system for providing secure services to computing devices comprising secure memories, the system comprising:
- a first network communication module that receives a selection of a trusted service manager (“
  
  TSM”
  
  );
  
  a key escrow service that maintains at least one cryptographic key for a secure memory, the at least one cryptographic key operable to provide secure access to the secure memory via a secure communication channel; and
  
  a second network communication module that transmits the at least one cryptographic key to the selected TSM in response to receiving the request to select the TSM,wherein the key escrow service is communicably coupled to the first network communication module and to the second network communication module.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 17. The system of claim 16, wherein if the secure memory included information related to a previous TSM that is different from the selected TSM, the key escrow service revokes the at least one cryptographic key from the previous TSM in response to receiving the request to select the TSM.
  - 18. The system of claim 17, wherein the key escrow service revokes the at least one cryptographic key by sending, via the second network communication module, a message to the secure memory requesting the secure memory to block the previous TSM from accessing the secure memory, and wherein the secure memory is operable to block the previous TSM from accessing the secure memory in response to receiving the message.
  - 19. The system of claim 17, wherein the secure memory comprises at least one cryptographic key for each of a plurality of TSMs, and wherein the escrow service revokes the at least one cryptographic key by transmitting, via the second network communication module, a message to the secure memory requesting the secure element to deactivate the at least one cryptographic key for the previous TSM.
  - 20. The system of claim 17, wherein the key escrow service sends, via the second network communication module, a message to the secure memory requesting the secure memory to remove information related to the previous TSM from the memory in response to the request to select the TSM.
  - 21. The system of claim 16, wherein the secure memory is a secure element.
  - 22. The system of claim 16, wherein the request to select the TSM is received from the network device.
  - 23. The system of claim 17, wherein the key escrow service revokes the at least one cryptographic key by transmitting a message to the previous TSM requesting that the previous TSM discard the at least one cryptographic key.
  - 24. The system of claim 18, wherein the secure memory is further operable to identify TSMs attempting to access the secure memory and to prevent access to blocked TSMs.
  - 25. The system of claim 16, wherein the key escrow service sends a message to the secure memory requesting the secure memory to remove information related to the previous TSM from the secure memory in response to the request to select the TSM.
  - 26. The system of claim 16, wherein the request comprises a selection of the selected TSM, and wherein the key escrow service performs an off-path confirmation of the selection of the selected TSM prior to transmitting the at least one cryptographic key to the selected TSM.
  - 27. The system of claim 16, wherein the network device comprises a near field communication (“
    - NFC”
      
      ) module, and wherein the secure service comprises a secure contactless service via the NFC module.
  - 28. The system of claim 16, wherein the at least one cryptographic key enables the selected TSM to install and provision at least one software application onto the secure memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google LLC (Alphabet Inc.)
Original Assignee
Jeffrey William Hamilton, Nicholas Julian Pelly
Inventors
PELLY, Nicholas Julian, HAMILTON, Jeffrey William

Granted Patent

US 9,450,927 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/164
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 63/062   for key distribution, e.g. ...

H04L 9/083   involving central third par...

H04L 9/0877   using additional device, e....

H04L 9/0894   Escrow, recovery or storing...

H04W 12/04   Key management, e.g. using ...

H04W 12/082   using revocation of authori...

H04W 12/35   Protecting application or s...

H04W 4/50   Service provisioning or rec...

ENABLING USERS TO SELECT BETWEEN SECURE SERVICE PROVIDERS USING A KEY ESCROW SERVICE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

37 Claims

Specification

Solutions

Use Cases

Quick Links

ENABLING USERS TO SELECT BETWEEN SECURE SERVICE PROVIDERS USING A KEY ESCROW SERVICE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

37 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links