APPARATUS AND METHOD FOR SECURE PROVISIONING OF A COMMUNICATION DEVICE
First Claim
1. A method comprising:
- registering, by an administrative agent function operating in a secure device processor of a mobile communication device, an internet protocol address with an over-the-air programming server, wherein the internet protocol address is associated with the administrative agent function;
receiving, from the over-the-air programming server by the administrative agent function, an over-the-air programming message that includes programming data for use by the mobile communication device, wherein the over-the-air programming message is encrypted by the over-the-air programming server, and wherein the over-the-air programming message utilizes a hypertext transfer protocol;
decrypting, by the administrative agent function, the over-the-air programming message utilizing a first keyset to generate a decrypted over-the-air programming message;
determining, by the administrative agent function, a schedule for providing messages to a secure element of the mobile communication device, wherein the secure device processor is separate from the secure element and in communication with the secure element; and
providing, by the administrative agent function, the decrypted over-the-air programming message to the secure element according to the schedule.
1 Assignment
0 Petitions
Accused Products
Abstract
A system that incorporates the subject disclosure may perform, for example, receiving an over-the-air programming message that includes programming data for use by the mobile communication device, decrypting the over-the-air programming message utilizing a first keyset to generate a decrypted over-the-air programming message, determining a schedule for providing messages from a secure device processor to a secure element of the mobile communication device where the secure device processor is separate from the secure element and in communication with the secure element, and providing the decrypted over-the-air programming message to the secure element according to the schedule. Other embodiments are disclosed.
9 Citations
20 Claims
-
1. A method comprising:
-
registering, by an administrative agent function operating in a secure device processor of a mobile communication device, an internet protocol address with an over-the-air programming server, wherein the internet protocol address is associated with the administrative agent function; receiving, from the over-the-air programming server by the administrative agent function, an over-the-air programming message that includes programming data for use by the mobile communication device, wherein the over-the-air programming message is encrypted by the over-the-air programming server, and wherein the over-the-air programming message utilizes a hypertext transfer protocol; decrypting, by the administrative agent function, the over-the-air programming message utilizing a first keyset to generate a decrypted over-the-air programming message; determining, by the administrative agent function, a schedule for providing messages to a secure element of the mobile communication device, wherein the secure device processor is separate from the secure element and in communication with the secure element; and providing, by the administrative agent function, the decrypted over-the-air programming message to the secure element according to the schedule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method comprising:
-
receiving, by a server including a processor, a registration request including an internet protocol address, the registration request being received from a secure device processor of a mobile communication device; encrypting, by the server, an over-the-air programming message utilizing a first keyset to generate an encrypted over-the-air programming message, wherein the over-the-air programming message includes programming data for use by the mobile communication device; and providing, by the server, the encrypted over-the-air programming message to the secure device processor to enable the secure device processor to decrypt the encrypted over-the-air programming message utilizing the first keyset, wherein the providing of the encrypted over-the-air programming message further enables the secure device processor to provide the programming data to a secure element of the mobile communication device for provisioning of the mobile communication device, and wherein the secure device processor is separate from the secure element and in communication with the secure element. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. A method comprising:
-
receiving, by a secure element of a mobile communication device, a request for a first keyset, wherein the request is received from a secure device processor of the mobile communication device, wherein the secure element is separate from the secure device processor and in communication with the secure device processor; providing, by the secure element, the first keyset to the secure device processor to enable the secure device processor to decrypt an over-the-air programming message to generate a decrypted over-the-air programming message, wherein the over-the-air programming message includes programming data for provisioning the mobile communication device; receiving, by the secure element from the secure device processor, the decrypted over-the-air programming message; and performing, by the secure element, an additional decryption of the decrypted over-the-air message utilizing a second keyset, wherein the secure device processor does not have access to the second keyset. - View Dependent Claims (18, 19, 20)
-
Specification