System and method for secure USIM wireless network access
First Claim
1. A user equipment (UE), comprising:
- a radio transceiver;
a first non-transitory memory;
a first processor;
a first operating system;
a first clock component; and
a memory module that is independent of and isolated from the UE by receiving a power input through a dedicated power line and receiving clock signals as an input from a second clock component that is isolated from the first clock component and the first processor, wherein the memory module is on as long as the dedicated power line is active regardless of whether the rest of the UE is on, and wherein the memory module is one of a subscriber identity module (SIM), a universal integrated circuit card (UICC), a universal subscriber identity module (USIM), or a removable user identity module (R-UIM), the memory module comprising;
a second non-transitory memory,a second processor,a second operating system, andan application stored in a trusted security zone in the second non-transitory memory that, when executed by the second processor in the trusted security zone, wherein the application executes in the context of the second operating system, wherein the trusted security zone provides hardware assisted trust,compares a first mobile equipment identifier (MEID) stored in the first non-transitory memory with a second MEID stored in the memory module,responsive to the first MEID not matching the second MEID, blocks access of applications outside the memory module to the radio transceiver,periodically examines whether a ping message is received associated with the second MEID from a server in a network of a service provider associated with the UE, andresponsive to no such ping messages being received from the server in the network within a predefined period of time based on clock signals from the second clock component, blocks access of applications outside the memory module to the radio transceiver.
6 Assignments
0 Petitions
Accused Products
Abstract
A user equipment (UE). The UE comprises a memory module, wherein the memory module is one of a subscriber identity module (SIM), a universal integrated circuit card (UICC), a universal subscriber identity module (USIM), or a removable user identity module (R-UIM), wherein clock signals from a second clock component are input to the memory module. The memory module comprises an application stored in a trusted security zone in the second non-transitory memory, that when executed by the second processor in the trusted security zone, wherein the second operating system accesses the second processor to implement instructions for applications in the second operating system, wherein the trusted security zone provides hardware assisted trust, compares a first mobile equipment identifier (MEID) stored in the first non-transitory memory with a second MEID stored in the memory module.
546 Citations
17 Claims
-
1. A user equipment (UE), comprising:
-
a radio transceiver; a first non-transitory memory; a first processor; a first operating system; a first clock component; and a memory module that is independent of and isolated from the UE by receiving a power input through a dedicated power line and receiving clock signals as an input from a second clock component that is isolated from the first clock component and the first processor, wherein the memory module is on as long as the dedicated power line is active regardless of whether the rest of the UE is on, and wherein the memory module is one of a subscriber identity module (SIM), a universal integrated circuit card (UICC), a universal subscriber identity module (USIM), or a removable user identity module (R-UIM), the memory module comprising; a second non-transitory memory, a second processor, a second operating system, and an application stored in a trusted security zone in the second non-transitory memory that, when executed by the second processor in the trusted security zone, wherein the application executes in the context of the second operating system, wherein the trusted security zone provides hardware assisted trust, compares a first mobile equipment identifier (MEID) stored in the first non-transitory memory with a second MEID stored in the memory module, responsive to the first MEID not matching the second MEID, blocks access of applications outside the memory module to the radio transceiver, periodically examines whether a ping message is received associated with the second MEID from a server in a network of a service provider associated with the UE, and responsive to no such ping messages being received from the server in the network within a predefined period of time based on clock signals from the second clock component, blocks access of applications outside the memory module to the radio transceiver. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
Specification