US20130310003A1 - Systems and methods for authenticating applications for access to secure data using identity modules - Google Patents
Systems and methods for authenticating applications for access to secure data using identity modules Download PDFInfo
- Publication number
- US20130310003A1 US20130310003A1 US13/474,347 US201213474347A US2013310003A1 US 20130310003 A1 US20130310003 A1 US 20130310003A1 US 201213474347 A US201213474347 A US 201213474347A US 2013310003 A1 US2013310003 A1 US 2013310003A1
- Authority
- US
- United States
- Prior art keywords
- mobile station
- persona
- secure
- secure data
- application program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
Definitions
- a mobile station may be used for both work and personal activities, as well as other purposes.
- a mobile station stores applications and user data, including sensitive data (e.g., personal or confidential data) for use in one or more specific contexts.
- sensitive data e.g., personal or confidential data
- the mobile station may store applications used exclusively for work purposes, and store other applications used exclusively for personal purposes.
- the mobile station may further store password or other authentication credential for exclusive work-related use, and the mobile station may store payment or other personal information for exclusive personal use.
- a work-related remote-access application (e.g., a virtual private networking (VPN) application) running on the mobile station may therefore use a work-related authentication credential to access the network service, while a personal payment application running on the mobile station may use the payment or other personal information (e.g., a credit card number) to make personal purchases.
- VPN virtual private networking
- Sensitive data stored on the mobile station is readily accessible to these applications regardless of each application's context.
- personal sensitive data may be accessible by a work-related application, while work-related sensitive data may be accessible by a personal application.
- FIG. 1 is a block diagram showing exemplary components of a mobile station configured for authenticating applications for access to secure data using an identity module.
- FIG. 2 is a flow diagram of an exemplary method for authenticating an application for access to secure data using identity modules.
- FIGS. 3A and 3B are flow diagrams respectively showing exemplary methods for associating an application with a persona and for associating sensitive or secure data with a persona.
- FIG. 4 is a high-level functional block diagram of an example of a system of networks/devices that provide various communications for mobile stations and support an example of the application authentication and secure data access control services.
- FIG. 5 is a simplified functional block diagram of a personal computer or other work station or terminal device.
- the various systems and methods described by way of example in this section relate to authenticating applications running on a mobile station in order to provide access by the authenticated applications to secure data stored in a subscriber identity module of the mobile station.
- An exemplary mobile station includes a virtualization layer which provides multiple personas (e.g., user accounts, user profiles, or the like) on the mobile station.
- the virtualization layer has a secure domain controller for providing a separate secure domain for each persona.
- a user identity module (UIM) e.g., a subscriber identity module or SIM
- SIM subscriber identity module
- a user identity module of the mobile station includes a secure storage that is generally used for storing an international mobile subscriber identity (IMSI) and a network hash key used in identifying and authenticating the mobile station on a particular wireless carrier network.
- IMSI international mobile subscriber identity
- the module stores such information for two or more identities for the mobile station.
- the secure storage can be used to securely store sensitive data (e.g., user credit card numbers, passwords, or the like), and to store hash keys for applications that should be granted access to the secure/sensitive data.
- sensitive data and application hash keys can be associated with one of a number of personas on the mobile station, such that the security domain controller of the virtualization layer limits access to secure data associated with a particular persona and only grants access to the particular persona's secure data by applications associated with the particular persona.
- the application When an application is installed on the mobile station, the application is associated with a particular persona and a corresponding security domain. As part of the installation of the application, for example, an authentication key pair is created for the application, and the authentication key pair is stored by the application on the mobile station and stored by the UIM in association with the particular persona/security domain associated with the application.
- the virtualization layer sends an authentication request including the application's authentication key to the UIM.
- the UIM authenticates the application using the application's authentication key. If the authentication is successful, the UIM sends an authentication response back to the virtualization layer.
- the virtualization layer forwards the authentication response to the application, and instructs the secure domain controller to enable the application to access the secure domain.
- the secure domain controller enables the application to access the secure data stored in the UIM and associated with the secure domain/persona of the application.
- FIG. 1 illustrates a mobile station 103 that can authenticate applications to enable the applications to access secure data using a user identity module (UIM).
- UAM user identity module
- the mobile station 103 includes various hardware components 105 , including one or more processor(s) 107 , memory(ies) 109 , wireless transceiver(s) 111 , and user interface component(s) 113 .
- the hardware components 105 are the building blocks for providing basic mobile station functionality.
- the memory 109 is accessible by the processor 107 , and stores program instructions for execution by the processor 107 to provide the mobile station functionality.
- the memory 109 can also store user data for use by various application programs running on the processor 107 , such as application data, phone book data, pictures, video, music, or the like.
- the processor 107 is coupled to the wireless transceiver 111 , which is configured to provide communication for the mobile station 103 via a mobile wireless communication network.
- the processor 107 is further coupled to at least one user interface element 113 , and receives user input from and provides user output through the one or more user interface elements 113 .
- the mobile station 103 further includes a user identity module (UIM) 115 , such as a subscriber identity module (SIM), which is used to identify the mobile station 103 on the mobile wireless communication network and authenticate the mobile station 103 on the network.
- the UIM 115 generally includes identification and authentication information for two or more identities for the mobile station 103 , although in some examples, the UIM 115 may include identification and authentication information for at least one identity for the mobile station 103 .
- the UIM 115 includes a secure memory or storage used to store identification and authentication information for use by the mobile station 103 . The identification and authentication information for each identity may be stored in a separate location 117 a , 117 b of the user identity module 115 .
- Each identity of the user identity module 115 can identify and authenticate the mobile station 103 as a different mobile station on the network.
- each identity can have a different associated mobile device number (MDN) or mobile telephone number (MTN), and can cause the mobile station 103 to communicate on the network (e.g., send and receive telephone calls or other communications) under the respective identity.
- MDN mobile device number
- MTN mobile telephone number
- the UIM 115 generally is a physical/hardware device (as shown in FIG. 1 ), such as a UIM card or a SIM card, that is removably inserted into the mobile station 103 .
- the UIM 115 can alternatively be software or other virtual device that is stored in a memory of the mobile station 103 , and is used to identify and authenticate the mobile station for wireless communications.
- the UIM 115 is formed by a combination of a physical/hardware component and an associated software/virtual component, where the software component is locked and inaccessible by a mobile station 103 unless the associated physical/hardware component is inserted into the mobile station 103 .
- the physical/hardware component may store an authentication or decryption key used to unlock and communicate with the software component of the UIM 115 .
- the software component may be stored in the physical/hardware device, and/or in a memory of the mobile station 103 .
- FIG. 1 shows an example in which a single UIM 115 is used in the mobile station 103 , and the UIM 115 includes separate storage locations 117 a , 117 b for storing information for respective identities.
- a single UIM 115 may store information for one identity of the mobile station 103 , or a single UIM 115 may store information for multiple identities as shown in FIG. 1 .
- the mobile station 103 can more generally include two or more UIMs.
- each UIM is generally associated with a different identity of the mobile station 103 on the mobile wireless communication network, and each UIM may include a respective storage location 117 a or 117 b for storing information for the identity it is associated with.
- the identification and authentication information for each identity may be stored in a separate storage location 117 a , 117 b of the user identity module 115 .
- the separate storage locations 117 a , 117 b may be separate physical locations, such as storage locations in different memories or UIMs 115 , or separate logical locations, such as separate folders or partitions in a single memory or UIM 115 .
- the identification and authentication information are stored in secure storage 117 , which may be a secure storage of the UIM 115 (as shown in FIG. 1 ), a secure storage of multiple UIMs 115 , or a secure storage of the mobile station 103 such as a secure portion of memory 109 .
- the secure storage 117 may be tamper resistant storage (e.g., such as storage in a UIM 115 ), encrypted storage, combinations thereof, or the like.
- the secure storage 117 may store sensitive data or other data that should be stored securely. Sensitive data may include password data, payment information (e.g., credit card data), username and password information, authentication or credential information (e.g., for accessing network services), hash or encryption keys, or the like.
- the mobile station 103 runs a virtualization layer 121 which can enable the station 103 to operate under one or more personas 131 a , 131 b (referenced generally as personas 131 ).
- the virtualization layer 121 can be implemented as software, or as a combination of software and hardware.
- Each persona 131 a / 131 b can have an associated operating system (O/S) 135 a / 135 b , and/or one or more associated applications 133 a / 133 b .
- O/S operating system
- the mobile station runs the O/S 135 a associated with that persona and has access to the applications 133 a associated with that persona.
- the mobile station 103 can also have a common O/S and/or one or more common applications, such that the mobile station 103 runs the common O/S when operating under a persona that does not have an associated O/S, and such that the mobile station 103 has access to the common applications regardless of the persona the station is operating under.
- a persona may be referred to as an account, a user account, or a profile on the mobile station.
- the virtualization layer 121 can enable the mobile station 103 to change operating personas during operation.
- the mobile station 103 may change operating personas (e.g., start operating under a particular persona) in response to a user input to the mobile station 103 .
- the mobile station 103 may also change operating personas in response to an event on the mobile station 103 , such as in response to arrival of a scheduled time (e.g., if an operating persona is scheduled to start operating at the scheduled time), in response to receiving a call, message, or other communication associated with a persona (e.g., if a call is received from a contact associated with a particular persona, or if a call is received to a MTN or MDN associated with a particular persona), in response to an appointment (e.g., if a reminder for an appointment associated with a particular persona is presented on the mobile station), in response to activating an application associated with a particular persona, or the like.
- a scheduled time e.g., if an operating persona is scheduled to start operating at the scheduled time
- a call, message, or other communication associated with a persona e.g., if a call is received from a contact associated with a particular persona, or if a call is
- the operating persona that the mobile station 103 is currently operating in may be indicated to a user of the mobile station 103 .
- the current operating persona may be indicated to the user using an icon or other visual indicator, such as an icon or persona name located in a corner of a display screen of the mobile station 103 and indicative of a currently operating persona.
- the current operating persona may alternatively or additionally be indicated to the user by changing a background image, or by presenting a notification to a user on a display of the mobile station 103 .
- While the mobile station 103 may change operating personas automatically (e.g., in response to an event on the mobile station 103 ), an automatic change in the operating persona may be delayed or cancelled if the mobile station 103 is being used by a user at the time the automatic change is triggered.
- the mobile station may be determined to be in current use if a user application is operating, if user input is being received or has been received within a predetermined period of time (e.g., a period of 1 minute or 5 minutes); conversely, the mobile station may be determined not to be in current use if the mobile station is operating in a sleep, standby, or screen-saver mode, if the mobile station's keyboard is locked or its display screen turned off, or the like.
- an automatic persona change is triggered when the mobile station is being used by a user, the user may be presented with a pop-up window including options to change operating personas immediately, delay the change in operating personas, or cancel the change in operating personas.
- the change in operation persona may be automatically delayed if a user is determined to be currently using the mobile station 103 . A delay in changing the operating persona may cause the mobile station 103 to automatically change operating personas when the mobile station 103 is next determined not to be in current use.
- a mobile station 103 can operate in only a single operating persona at any time. However, in one example, a mobile station 103 may actively operate in one persona while one or more other persona(s) are running in the background. In the example, the inactive/non-operating persona(s) can thus have applications running in the background of the mobile station 103 , such that the applications continue to run even though the mobile station is no longer actively operating in the applications' associated persona(s). An application running in the background may retain access to the storage of its associated persona, including the secure storage and secure domain of the associated persona.
- each persona 131 may be associated with different UIMs 115 .
- each persona 131 is associated with a single identity of the mobile station 103 (i.e., there is a one-to-one correspondence between personas and mobile station identities).
- more than one persona 131 on the station may be associated with a first UIM, and may communicate on the network (i.e., send and/or receive communications on the network) using the identity and authentication credentials of the first UIM.
- the remaining persona(s) 131 on the station may be associated with a second UIM, and may communicate on the network using the credentials of the second UIM.
- each identity of the mobile station 103 has at least one distinct persona associated therewith, such that a mobile station having two identities has at least two distinct personas.
- multiple personas may be associated with a single mobile station identity, such that a mobile station having two identities can have more than two personas.
- one of the personas may be designated as a default persona for the mobile station identity and may be activated, by default, when the associated mobile station is required to switch to the identity (e.g., when the mobile station receives a communication associated with the identity, and switches to the identity to receive the communication).
- the mobile station 103 may further include a secure domain controller 123 , which may be part of the virtualization layer 121 as shown in FIG. 1 .
- the secure domain controller 123 is a program stored in a memory of mobile station 103 for execution on a processor of the mobile station 103 .
- the secure domain controller 123 controls access to or from a secure domain on the mobile station 103 .
- a secure domain may include data (and/or storage locations, memories, or the like), application(s) or operating system(s), persona(s), user identity module(s), device(s), server(s), or the like.
- the secure domain controller 123 generally limits access to a secure domain from elements outside of the secure domain (e.g., limit access to data or applications within a particular secure domain by applications, devices, personas that are not part of the particular secure domain).
- the secure domain controller 123 may additionally or alternatively limit access from the secure domain to elements outside of the secure domain (e.g., limit access from applications in the particular secure domain to data or servers outside of the particular secure domain).
- the secure domain controller 123 allows full access between elements within a single secure domain.
- the secure domain controller 123 controls two secure domains, and each secure domain includes the application(s), O/S, and data associated with a corresponding one of the personas 131 a , 131 b .
- a first secure domain (secure domain #1) includes the applications 133 a , O/S 135 a , and data associated with the first persona 131 a
- a second secure domain (secure domain #2) includes the applications 133 b , O/S 135 b , and data associated with the second persona 131 b .
- each secure domain includes secure data stored in secure storage 117 that is associated with the persona, such as secure data stored on the UIM(s) 115 of mobile station 103 .
- the first secure domain includes the data stored in a first secure storage location 117 a of the UIM 115
- the second secure domain includes the data stored in a second storage location 117 b of the UIM 115 .
- the storage locations 117 a and 117 b may both be located in a single UIM 115 , may be located in separate UIMs 115 of the mobile station 103 , or may be located in other secure storage(s) of the mobile station 103 .
- the secure domain controller 123 can associate applications with personas, so as to only permit an application to access secure data of the same persona.
- the secure domain controller 123 can further authenticate applications, so as to only permit authenticated applications to access secure data of the persona.
- the secure domain controller 123 may block access to secure data in a persona by unauthenticated applications, and block access to secure data by authenticated applications that are not associated with the persona.
- the secure domain controller 123 can be a hardware abstraction layer used to convert personal data into low level hardware data bound to the UIM 115 .
- the secure domain controller 123 is then operative to grant access to (or not grant access to) a secure domain based on a determination made by the UIM 115 .
- the secure domain controller 123 may forward an access request to a UIM 115 of the secure domain, and may permit access to the secure domain only if an access request response received from the UIM 115 indicates that access should be granted.
- the secure domain controller 123 may ensure that sensitive or confidential data is stored in one or more secure storage locations.
- the secure domain controller 123 can store sensitive data in a secure storage 117 of a UIM 115 , and store the sensitive data in a storage location 117 a / 117 b of the secure storage 117 that is associated with the correct persona.
- the secure domain controller 123 can alternatively store sensitive data in other secure storage locations accessible by the processor 107 of the mobile station 103 , such as a secure or encrypted memory (e.g., a secure or encrypted portion of memory 109 ).
- FIG. 2 is a flow diagram showing steps of an exemplary method 200 for authenticating an application for access to secure data using identity modules.
- the method 200 begins with step 201 , in which an application is associated with a persona on the mobile station.
- the application is also associated with the security domain corresponding to the persona.
- the application can be associated with a persona as part of installing the application on the mobile station, as part of configuring the application for use on the mobile station, as part of configuring a persona, security domain, operating system, or the like for use with the application, as part of configuring a secure domain controller for use on the mobile station, or the like.
- the process of associating the application with a persona may result in the generation of an application authentication key pair.
- the application authentication key pair can include a private key which is stored with the application data (e.g., in a memory storing the program instructions for executing the application), and a public key corresponding to the private key and stored in a secure storage location associated with the persona, such as a portion of secure storage 117 that is associated with the particular personal/security domain associated with the application (e.g., secure storage locations 117 a / 117 b ).
- the method proceeds to step 203 , in which secure data is associated with a persona on the mobile station.
- the secure data is also associated with a security domain corresponding to the persona.
- the secure data may, in general, be sensitive data (e.g., confidential data, personal data, or the like) that is stored securely on the mobile station.
- the secure data may be stored as encrypted data in a memory of the mobile station 103 , such as a memory used to store user data in the mobile station 103 .
- the secure data may also be stored in a secure or encrypted memory of the mobile station 103 , such as a memory dedicated to storing sensitive data, a memory that forms part of a UIM 115 (such as secure storage 117 ).
- the secure data can be associated with a persona as part of storing the secure data in memory on the mobile station, as part of configuring a persona, security domain, operating system, or the like for use with the secure data, as part of configuring a secure domain controller for use on the mobile station, or the like.
- the process of associating the secure data with a persona may result in the secure data being encrypted using an encryption key of the associated persona, being stored in a storage location associated with the persona, or the like.
- steps 201 and 203 are performed by virtualization layer 121 of mobile station 103 , and/or by secure domain controller 123 or another component of the virtualization layer 121 .
- steps 201 and 203 are performed by various other modules or devices that form part of the mobile station 103 or of a mobile network on which the mobile station operates.
- a request is received to access secure data on the mobile station 103 .
- the request may take the form of an application, running on the mobile station 103 , generating and sending a request to retrieve, write, overwrite, or otherwise access secure data (e.g., user data including sensitive user data) from memory.
- the request may be received in, routed to, or intercepted by the secure domain controller 123 (and/or another component of the virtualization layer 121 ).
- the secure domain controller 123 transmits the request to the UIM 115 .
- the request received in and transmitted from the secure domain controller 123 includes identification for the application having generated the request as well as authentication information for the application.
- the authentication information generally includes the application's authentication key (e.g., the private or other key stored with the application data), a passphrase generated using the application's authentication key, an authentication certificate for the application, or the like.
- the request may also include identification for the persona associated with the application and/or secure data, and authentication information for the persona (e.g., an authentication key associated with the persona). In some embodiments, however, the request received in the secure domain controller 123 does not include authentication information for the application. If no authentication information is included, the secure domain controller 123 may retrieve authentication information for the application from a memory of the mobile station 103 , and may include the retrieved authentication information in the request transmitted from the secure domain controller 123 .
- the persona associated with the application having generated and transmitted the request is identified.
- the persona may be identified in the received or intercepted request by the secure domain controller 123 .
- the persona may alternatively or additionally be identified based on the application identified in the request (which corresponds to the application having generated and transmitted the request).
- the virtualization layer 121 may maintain in a memory 109 of the mobile device 103 a table associating each application with a persona, and the secure domain controller 123 may thus identify the persona associated with the application based on the table.
- the virtualization layer 121 may also identify a UIM 115 associated with the persona. The secure domain controller 123 may then transmit the request to the UIM 115 associated with the identified persona.
- the application identified in the request (as above, which generally corresponds to the application having generated and transmitted the request) is authenticated.
- the authentication may be performed by the secure domain controller 123 and, at least in part, by the UIM 115 upon receiving the authentication request from the secure domain controller 123 .
- the UIM 115 may retrieve the authentication information from the received request, and proceed to authenticate the application based on the authentication information.
- the UIM 115 may verify that the application authentication key received is a valid authentication key for a particular persona or security domain (e.g., the persona or security domain associated with the UIM 115 , or the persona or security domain identified in step 207 ).
- the UIM 115 retrieves the public authentication key associated with the application identified in the request from a secure storage location associated with the persona, and uses the public authentication key to validate the request (e.g., by validating the key or passphrase included as part of the request). The authentication of the application is considered successful if the UIM 115 determines that the application is authenticated for use with the persona corresponding to the UIM. Once the application is authenticated by the UIM 115 (step 210 , “Yes” branch), the UIM sends an authentication response back to the secure domain controller 123 indicating that the application has been authenticated (step 212 a ).
- the UIM may do nothing, or the UIM may send an authentication response indicating that the application is not authenticated.
- the secure domain controller 123 blocks access by the application to secure data (step 211 b ).
- the secure domain controller 123 forwards the authentication response to the application, and enables the application to access the secure domain associated with the persona (step 212 b ). While some of the steps involved in authenticating the application are described above as being performed by the UIM 115 , all or part of the authentication steps may alternatively be performed by the secure domain controller 123 or by another component of the virtualization layer 121 .
- the secure domain controller 123 determines whether the application may access the secure data identified in the request. If the application has been successfully authenticated, the secure domain controller 123 may determine whether the secure data identified in the request is associated with the same persona as the authenticated application in step 214 . The secure domain may then allow the application access to the secure data identified in the request in step 215 . The secure domain controller 123 may alternatively, upon authentication of the application, provide access by the application to all secure data associated with the identified persona in step 215 . In general, once an application is granted access to secure data in step 215 , the application may read, write, and/or over-write the secure data. However, the secure domain controller 123 may prevent access to secure data in step 217 , for example if the application seeks access to secure data associated with a different persona or security domain.
- FIGS. 3A and 3B are flow diagrams respectively showing exemplary methods 300 and 350 for associating an application with a persona and for associating sensitive or secure data with a persona.
- the method 300 shown in FIG. 3A may be performed as part of step 201 of FIG. 2
- the method 350 shown in FIG. 3B may be performed as part of step 203 of FIG. 2 .
- the methods 300 and 350 may be performed by the virtualization layer 121 and/or the secure domain controller 123 , alone or in combination with other components of the mobile station 103 or of an associated communication network.
- the method 300 begins in step 301 when an application is newly installed on the mobile station 103 .
- the application may be configured for use in one or more personas, and/or one or more corresponding security domains, on the mobile station.
- step 301 specifically refers to the installation of an application on the mobile station
- the method 300 may also be initiated when configuring (or re-configuring) an application for use on the mobile station, when configuring (or re-configuring) a persona, security domain, operating system, or the like for use with the application, when configuring (or re-configuring) a secure domain controller for use on the mobile station, or the like.
- a persona and/or corresponding security domain is selected for association with the application.
- the persona may, by default, be selected as the persona that is active on the mobile station at the time the installation of the application is initiated in step 301 .
- the persona may be user selected among the personas available on the mobile station.
- the persona is set by a network administrator having control of applications installed on the mobile station, or installed on a particular persona (e.g., a work-related persona) of the mobile station.
- the security domain corresponding to the selected persona may automatically be selected.
- an application authentication key pair is generated for the application.
- the application generates the authentication key pair.
- the virtualization layer 121 or the secure domain controller 123 generates the authentication key pair.
- the mobile station 103 relies on an authentication server in communication with the mobile station via a mobile communication network to authenticate the application and to generate the authentication key pair, for example in response to an authentication request generated by the virtualization layer 121 and transmitted to the server.
- the authentication server may verify the identity of the application prior to generating the authentication key pair, so as to verify that the application is not a fraudulent application seeking access to sensitive or secure data (e.g., a virus or other malicious application).
- an authentication key of the generated authentication key pair is stored with the application data.
- the authentication key may be the private key of the authentication key pair, and it may be stored in the memory 109 storing the application data.
- the authentication key stored with the application data may be used by the application to authenticate the application with the UIM 115 and/or secure domain controller 123 , e.g. as done in step 209 .
- an authentication key of the generated authentication key pair is stored in the secure storage 117 .
- the authentication key may be stored in the secure storage 117 in association with (or in a storage location associated with) the personal and security domain identified in step 303 .
- the authentication key may be stored with the secure data stored in the UIM 115 , or in secure storage in memory 109 .
- the authentication key stored in step 309 may be in a memory accessible by UIM 115 , such that UIM 115 can retrieve the authentication key when authenticating an application (e.g., in step 209 ).
- the authentication key may be a public key that is used by the UIM 115 to validate the authentication information received from the application in a request to access secure data.
- the method 350 for associating sensitive or secure data with a persona begins in step 351 when sensitive data is received for storage on the mobile station 103 .
- the data may be received for storage from an application, a user interface 113 , or from the network through transceiver 111 .
- the data may be user data related to an application, and received for storage during the course of operation of the application.
- the data may be user inputted data, received as part of user profile information for storage on the mobile device.
- the data may alternatively be data received from a network server via transceiver 111 , such as authentication information for a network service, such as a security certificate received for accessing online services.
- a persona and/or security domain is selected to associate with the sensitive data.
- the persona may, by default, be selected as the persona that is active on the mobile station at the time the sensitive data is received in step 351 .
- the persona may be user selected among the personas available on the mobile station.
- the persona is selected as the persona of the application having generated or supplied the data.
- the persona is set by a network administrator having control of the mobile station, such that the data is associated with a particular persona (e.g., a work-related persona) of the mobile station.
- the security domain corresponding to the selected persona may automatically be selected.
- the sensitive data is stored securely in association with the selected persona and security domain.
- the sensitive data may be stored in a secure storage 117 of a UIM 115 , or more generally in a secure storage of the mobile station 103 such as a secure part of memory 109 .
- the data may be stored as encrypted data in a memory of the mobile station 103 , such as a memory 109 used to store user data in the mobile station 103 .
- the data may be encrypted using an encryption key of the associated persona.
- the data can be stored in a location associated with the persona, such as a dedicated storage location 117 a / 117 b of the secure storage 117 .
- FIG. 4 illustrates a system 10 offering a variety of mobile communication services, including communications for mobile stations configured to authenticate applications and control access by authenticated application to secure data.
- the example shows simply two mobile stations (MSs) 103 a and 103 b as well as a mobile communication network 15 .
- the stations 103 a and 103 b are examples of mobile stations that may be used for the authentication of application and the controlling of access to secure data.
- the network will provide similar communications for many other similar users as well as for mobile devices/users that do not participate in the authentication and secure data access control services.
- the network 15 provides mobile wireless communications services to those stations as well as to other mobile stations (not shown), for example, via a number of base stations (BSs) 17 .
- the present techniques may be implemented in any of a variety of available mobile networks 15 and/or on any type of mobile station compatible with such a network 15 , and the drawing shows only a very simplified example of a few relevant elements of the network 15 for purposes of discussion here.
- the wireless mobile communication network 15 might be implemented as a network conforming to the code division multiple access (CDMA) IS-95 standard, the 3rd Generation Partnership Project 2 (3GPP2) wireless IP network standard or the Evolution Data Optimized (EVDO) standard, the Global System for Mobile (GSM) communication standard, a time division multiple access (TDMA) standard or other standards used for public mobile wireless communications.
- CDMA code division multiple access
- 3GPP2 3rd Generation Partnership Project 2
- EVDO Evolution Data Optimized
- GSM Global System for Mobile
- TDMA time division multiple access
- the mobile stations 103 may are capable of voice telephone communications through the network 15 , and capable of data communications through the particular type of network 15 (and the users thereof typically will have subscribed to data service through the network).
- the network 15 allows users of the mobile stations such as 103 a and 103 b (and other mobile stations not shown) to initiate and receive telephone calls to each other as well as through the public switched telephone network or “PSTN” 19 and telephone stations 21 connected to the PSTN.
- the network 15 typically offers a variety of data services via the Internet 23 , such as downloads, web browsing, email, etc.
- the drawing shows a laptop PC type user terminal 27 as well as a server 25 connected to the Internet 23 ; and the data services for the mobile stations 103 via the Internet 23 may be with devices like those shown at 25 and 27 as well as with a variety of other types of devices or systems capable of data communications through various interconnected networks.
- the mobile stations 103 a and 103 b of users of the authentication and controlled data access services also can receive and execute applications written in various programming languages, as discussed more later.
- Mobile stations 103 can take the form of portable handsets, smart-phones or personal digital assistants, although they may be implemented in other form factors.
- Program applications including a secure domain controller application and/or any authenticated application programs can be configured to execute on many different types of mobile stations 103 .
- a mobile station application can be written to execute on a binary runtime environment for mobile (BREW-based) mobile station, a Windows Mobile based mobile station, Android, I-Phone, Java Mobile, or RIM based mobile station such as a BlackBerry or the like.
- Some of these types of devices can employ a multi-tasking operating system.
- the mobile communication network 10 can be implemented by a number of interconnected networks.
- the overall network 10 may include a number of radio access networks (RANs), as well as regional ground networks interconnecting a number of RANs and a wide area network (WAN) interconnecting the regional ground networks to core network elements.
- RANs radio access networks
- WAN wide area network
- a regional portion of the network 10 such as that serving mobile stations 103 , can include one or more RANs and a regional circuit and/or packet switched network and associated signaling network facilities.
- the carrier will also operate a number of systems that provide ancillary functions in support of the communications services and/or application services provided through the network 10 , and those elements communicate with other nodes or elements of the network 10 via one or more private IP type packet data networks 29 (sometimes referred to as an Intranet), i.e., a private networks.
- private IP type packet data networks 29 sometimes referred to as an Intranet
- such systems are part of or connected for communication via the private network 29 .
- Examples of such systems in this case operated by the network service provider as part of the overall network 10 , which communicate through the intranet type network 29 , include one or more application servers 31 and a related authentication server 33 .
- a mobile station 13 communicates over the air with a base station 17 and through the traffic network 15 for various voice and data communications, e.g. through the Internet 23 with a server 25 and/or with application servers 31 .
- the mobile service carrier authenticates applications installed on a mobile station 103 , and/or generates authentication key pairs for such application, the service may be hosted on a carrier operated application server 31 , for communication via the networks 15 and 29 .
- the authentication-related services may be provided by a separate entity (alone or through agreements with the carrier), in which case, the service may be hosted on an application server such as server 25 connected for communication via the networks 15 and 23 .
- Server such as 25 and 31 may provide any of a variety of common application or service functions in support of or in addition to an application program running on the mobile station 13 .
- the provider of the application service also deploys an authentication server 33 .
- the authentication server 33 could be a separate physical server as shown, or authentication server 33 could be implemented as another program module running on the same hardware platform as the server application 31 .
- the server application receives a service request from a client application on a mobile station 13
- the server application provides appropriate information to the authentication server 33 to allow server application 33 to authenticate the mobile station 13 as outlined herein.
- the server 33 Upon successful authentication (e.g., based on mobile station credentials associated with a mobile station identity and retrieve from UIM 115 ), the server 33 informs the server application 31 , which in turn provides access to the service via data communication through the various communication elements (e.g. 29 , 15 and 17 ) of the network 10 .
- the various communication elements e.g. 29 , 15 and 17
- FIG. 5 provides a functional block diagram illustration of a general mobile station platform.
- a mobile station typically comprises a central processor or other processing device, an internal communication bus, various types of memory or storage media (RAM, ROM, EEPROM, flash memory, etc.) for code and data storage, one or more user identity modules (UIMs), user interface elements (display, touchscreen, keypad, microphone, speaker) and one or more transceivers for communication to/from a mobile communication network.
- the software functionalities involve programming, including executable code as well as associated stored data, e.g. files used as the authentication key pairs.
- the software code is executable by the processor so as to perform functions including functions of the secure domain controller.
- the code is stored within the mobile station.
- the software may be stored at other locations and/or transported for loading into the mobile station. Execution of such code by a processor of the mobile station enables the station to implement the methodology for authenticating applications and controlling access to secure data, in essentially the manner performed in the implementations discussed and illustrated herein.
- aspects of the methods of authentication and secure data access control outlined above may be embodied in programming.
- Program aspects of the technology may be thought of as “products” or “articles of manufacture” typically in the form of executable code and/or associated data that is carried on or embodied in a type of machine readable medium.
- “Storage” type media include any or all of the tangible memory of mobile stations, servers, processors or the like, or associated modules thereof, such as various semiconductor memories, disk drives and the like, which may provide non-transitory storage at any time for the software programming. All or portions of the software may at times be communicated through the Internet or various other telecommunication networks.
- Such communications may enable loading of the software from one computer or processor into another, for example, from a management server or host computer into the mobile station.
- another type of media that may bear the software elements includes optical, electrical and electromagnetic waves, such as used across physical interfaces between local devices, through wired and optical landline networks and over various air-links.
- the physical elements that carry such waves, such as wired or wireless links, optical links or the like, also may be considered as media bearing the software.
- terms such as computer or machine “readable medium” refer to any medium that participates in providing instructions to a processor for execution.
- a machine readable medium may take many forms, including but not limited to, a tangible storage medium, a carrier wave medium or physical transmission medium.
- Non-volatile storage media include, for example, flash memory, EEPROM, or other memories such as any of the storage devices in any mobile station(s) or the like, such as may be used to implement the secure storage 117 and/or memory 109 , etc. shown in the drawings.
- Volatile storage media include dynamic memory, such as main memory of such a processing platform.
- Tangible transmission media include coaxial cables; copper wire and fiber optics, including the wires that comprise a bus within a computer system.
- Carrier-wave transmission media can take the form of electric or electromagnetic signals, or acoustic or light waves such as those generated during radio frequency (RF) and infrared (IR) data communications.
- RF radio frequency
- IR infrared
- Common forms of computer-readable media therefore include for example: a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD or DVD-ROM, any other optical medium, punch cards paper tape, any other physical storage medium with patterns of holes, a RAM, a PROM and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave transporting data or instructions, cables or links transporting such a carrier wave, or any other medium from which a computer can read programming code and/or data.
- Many of these forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to a processor for execution.
Abstract
A mobile station is configured to authenticate applications running thereon in order to control access by the authenticated applications to secure data stored in a subscriber identity module of the mobile station. Sensitive data securely stored in the subscriber identity module is associated with one of multiple personas implemented on the mobile station. When an application running on the mobile station requests access to the secure data, a secure domain controller processes the request and authenticates the application, for example based on an application authentication key. The secure domain controller further determines whether the application is associated with the same persona as the secure data identified in the request. If the application is authenticated, the secure domain controller then allows the application to access secure data associated with the same persona, but prevents the application from accessing secure data associated with other personas.
Description
- Users of mobile stations are increasingly using their mobile stations in multiple distinct contexts. For example, a mobile station may be used for both work and personal activities, as well as other purposes. A mobile station stores applications and user data, including sensitive data (e.g., personal or confidential data) for use in one or more specific contexts. For example, the mobile station may store applications used exclusively for work purposes, and store other applications used exclusively for personal purposes. The mobile station may further store password or other authentication credential for exclusive work-related use, and the mobile station may store payment or other personal information for exclusive personal use. A work-related remote-access application (e.g., a virtual private networking (VPN) application) running on the mobile station may therefore use a work-related authentication credential to access the network service, while a personal payment application running on the mobile station may use the payment or other personal information (e.g., a credit card number) to make personal purchases.
- Sensitive data stored on the mobile station, however, is readily accessible to these applications regardless of each application's context. As a result, personal sensitive data may be accessible by a work-related application, while work-related sensitive data may be accessible by a personal application. A need therefore exists to enable users to securely store sensitive data, and limit access to the secure data such that only those applications authenticated for the data can access the data.
- The drawing figures depict one or more implementations in accord with the present teachings, by way of example only, not by way of limitation. In the figures, like reference numerals refer to the same or similar elements.
-
FIG. 1 is a block diagram showing exemplary components of a mobile station configured for authenticating applications for access to secure data using an identity module. -
FIG. 2 is a flow diagram of an exemplary method for authenticating an application for access to secure data using identity modules. -
FIGS. 3A and 3B are flow diagrams respectively showing exemplary methods for associating an application with a persona and for associating sensitive or secure data with a persona. -
FIG. 4 is a high-level functional block diagram of an example of a system of networks/devices that provide various communications for mobile stations and support an example of the application authentication and secure data access control services. -
FIG. 5 is a simplified functional block diagram of a personal computer or other work station or terminal device. - In the following detailed description, numerous specific details are set forth by way of examples in order to provide a thorough understanding of the relevant teachings. However, the present teachings may be practiced without such details. In other instances, well known methods, procedures, components, and/or circuitry have been described at a relatively high-level, without detail, in order to avoid unnecessarily obscuring aspects of the present teachings.
- The various systems and methods described by way of example in this section relate to authenticating applications running on a mobile station in order to provide access by the authenticated applications to secure data stored in a subscriber identity module of the mobile station.
- An exemplary mobile station includes a virtualization layer which provides multiple personas (e.g., user accounts, user profiles, or the like) on the mobile station. The virtualization layer has a secure domain controller for providing a separate secure domain for each persona. A user identity module (UIM) (e.g., a subscriber identity module or SIM) of the mobile station includes a secure storage that is generally used for storing an international mobile subscriber identity (IMSI) and a network hash key used in identifying and authenticating the mobile station on a particular wireless carrier network. In several examples, the module stores such information for two or more identities for the mobile station. In addition, the secure storage can be used to securely store sensitive data (e.g., user credit card numbers, passwords, or the like), and to store hash keys for applications that should be granted access to the secure/sensitive data. The sensitive data and application hash keys can be associated with one of a number of personas on the mobile station, such that the security domain controller of the virtualization layer limits access to secure data associated with a particular persona and only grants access to the particular persona's secure data by applications associated with the particular persona.
- When an application is installed on the mobile station, the application is associated with a particular persona and a corresponding security domain. As part of the installation of the application, for example, an authentication key pair is created for the application, and the authentication key pair is stored by the application on the mobile station and stored by the UIM in association with the particular persona/security domain associated with the application. When the application requires access to secure data stored in the UIM, the virtualization layer sends an authentication request including the application's authentication key to the UIM. Upon receiving the authentication request, the UIM authenticates the application using the application's authentication key. If the authentication is successful, the UIM sends an authentication response back to the virtualization layer. In response to receiving the authentication response, the virtualization layer forwards the authentication response to the application, and instructs the secure domain controller to enable the application to access the secure domain. When the application sends a request for secure data to the virtualization layer, the secure domain controller enables the application to access the secure data stored in the UIM and associated with the secure domain/persona of the application.
- Reference now is made in detail to the examples illustrated in the accompanying drawings and discussed below.
-
FIG. 1 illustrates amobile station 103 that can authenticate applications to enable the applications to access secure data using a user identity module (UIM). - The
mobile station 103 includesvarious hardware components 105, including one or more processor(s) 107, memory(ies) 109, wireless transceiver(s) 111, and user interface component(s) 113. Thehardware components 105 are the building blocks for providing basic mobile station functionality. For example, thememory 109 is accessible by theprocessor 107, and stores program instructions for execution by theprocessor 107 to provide the mobile station functionality. Thememory 109 can also store user data for use by various application programs running on theprocessor 107, such as application data, phone book data, pictures, video, music, or the like. Theprocessor 107 is coupled to thewireless transceiver 111, which is configured to provide communication for themobile station 103 via a mobile wireless communication network. Theprocessor 107 is further coupled to at least oneuser interface element 113, and receives user input from and provides user output through the one or moreuser interface elements 113. - The
mobile station 103 further includes a user identity module (UIM) 115, such as a subscriber identity module (SIM), which is used to identify themobile station 103 on the mobile wireless communication network and authenticate themobile station 103 on the network. The UIM 115 generally includes identification and authentication information for two or more identities for themobile station 103, although in some examples, the UIM 115 may include identification and authentication information for at least one identity for themobile station 103. The UIM 115 includes a secure memory or storage used to store identification and authentication information for use by themobile station 103. The identification and authentication information for each identity may be stored in aseparate location user identity module 115. Each identity of theuser identity module 115 can identify and authenticate themobile station 103 as a different mobile station on the network. For example, each identity can have a different associated mobile device number (MDN) or mobile telephone number (MTN), and can cause themobile station 103 to communicate on the network (e.g., send and receive telephone calls or other communications) under the respective identity. - The UIM 115 generally is a physical/hardware device (as shown in
FIG. 1 ), such as a UIM card or a SIM card, that is removably inserted into themobile station 103. In a first example, however, the UIM 115 can alternatively be software or other virtual device that is stored in a memory of themobile station 103, and is used to identify and authenticate the mobile station for wireless communications. In a second example, the UIM 115 is formed by a combination of a physical/hardware component and an associated software/virtual component, where the software component is locked and inaccessible by amobile station 103 unless the associated physical/hardware component is inserted into themobile station 103. In the second example, the physical/hardware component may store an authentication or decryption key used to unlock and communicate with the software component of the UIM 115. In the second example, the software component may be stored in the physical/hardware device, and/or in a memory of themobile station 103. -
FIG. 1 shows an example in which a single UIM 115 is used in themobile station 103, and the UIM 115 includesseparate storage locations mobile station 103, or a single UIM 115 may store information for multiple identities as shown inFIG. 1 . Themobile station 103 can more generally include two or more UIMs. In examples includingmultiple UIMs 115, each UIM is generally associated with a different identity of themobile station 103 on the mobile wireless communication network, and each UIM may include arespective storage location - As shown in
FIG. 1 , the identification and authentication information for each identity may be stored in aseparate storage location user identity module 115. Theseparate storage locations UIM 115. More generally, the identification and authentication information are stored insecure storage 117, which may be a secure storage of the UIM 115 (as shown inFIG. 1 ), a secure storage ofmultiple UIMs 115, or a secure storage of themobile station 103 such as a secure portion ofmemory 109. Thesecure storage 117 may be tamper resistant storage (e.g., such as storage in a UIM 115), encrypted storage, combinations thereof, or the like. In addition to storing identification and authentication information for each identity, thesecure storage 117 may store sensitive data or other data that should be stored securely. Sensitive data may include password data, payment information (e.g., credit card data), username and password information, authentication or credential information (e.g., for accessing network services), hash or encryption keys, or the like. - The
mobile station 103 runs avirtualization layer 121 which can enable thestation 103 to operate under one ormore personas virtualization layer 121 can be implemented as software, or as a combination of software and hardware. Eachpersona 131 a/131 b can have an associated operating system (O/S) 135 a/135 b, and/or one or more associatedapplications 133 a/133 b. When themobile station 103 operates under a particular persona (e.g.,persona 131 a), the mobile station runs the O/S 135 a associated with that persona and has access to theapplications 133 a associated with that persona. Themobile station 103 can also have a common O/S and/or one or more common applications, such that themobile station 103 runs the common O/S when operating under a persona that does not have an associated O/S, and such that themobile station 103 has access to the common applications regardless of the persona the station is operating under. In some context, a persona may be referred to as an account, a user account, or a profile on the mobile station. - The
virtualization layer 121 can enable themobile station 103 to change operating personas during operation. For example, themobile station 103 may change operating personas (e.g., start operating under a particular persona) in response to a user input to themobile station 103. Themobile station 103 may also change operating personas in response to an event on themobile station 103, such as in response to arrival of a scheduled time (e.g., if an operating persona is scheduled to start operating at the scheduled time), in response to receiving a call, message, or other communication associated with a persona (e.g., if a call is received from a contact associated with a particular persona, or if a call is received to a MTN or MDN associated with a particular persona), in response to an appointment (e.g., if a reminder for an appointment associated with a particular persona is presented on the mobile station), in response to activating an application associated with a particular persona, or the like. - The operating persona that the
mobile station 103 is currently operating in may be indicated to a user of themobile station 103. For example, the current operating persona may be indicated to the user using an icon or other visual indicator, such as an icon or persona name located in a corner of a display screen of themobile station 103 and indicative of a currently operating persona. The current operating persona may alternatively or additionally be indicated to the user by changing a background image, or by presenting a notification to a user on a display of themobile station 103. While themobile station 103 may change operating personas automatically (e.g., in response to an event on the mobile station 103), an automatic change in the operating persona may be delayed or cancelled if themobile station 103 is being used by a user at the time the automatic change is triggered. The mobile station may be determined to be in current use if a user application is operating, if user input is being received or has been received within a predetermined period of time (e.g., a period of 1 minute or 5 minutes); conversely, the mobile station may be determined not to be in current use if the mobile station is operating in a sleep, standby, or screen-saver mode, if the mobile station's keyboard is locked or its display screen turned off, or the like. In one example, if an automatic persona change is triggered when the mobile station is being used by a user, the user may be presented with a pop-up window including options to change operating personas immediately, delay the change in operating personas, or cancel the change in operating personas. In another example, the change in operation persona may be automatically delayed if a user is determined to be currently using themobile station 103. A delay in changing the operating persona may cause themobile station 103 to automatically change operating personas when themobile station 103 is next determined not to be in current use. - In general, a
mobile station 103 can operate in only a single operating persona at any time. However, in one example, amobile station 103 may actively operate in one persona while one or more other persona(s) are running in the background. In the example, the inactive/non-operating persona(s) can thus have applications running in the background of themobile station 103, such that the applications continue to run even though the mobile station is no longer actively operating in the applications' associated persona(s). An application running in the background may retain access to the storage of its associated persona, including the secure storage and secure domain of the associated persona. - In
mobile stations 103 havingmultiple UIMs 115, different personas 131 may be associated withdifferent UIMs 115. In general, each persona 131 is associated with a single identity of the mobile station 103 (i.e., there is a one-to-one correspondence between personas and mobile station identities). However, in some examples, more than one persona 131 on the station may be associated with a first UIM, and may communicate on the network (i.e., send and/or receive communications on the network) using the identity and authentication credentials of the first UIM. In the example, the remaining persona(s) 131 on the station may be associated with a second UIM, and may communicate on the network using the credentials of the second UIM. In the example, each identity of themobile station 103 has at least one distinct persona associated therewith, such that a mobile station having two identities has at least two distinct personas. However, in the example, multiple personas may be associated with a single mobile station identity, such that a mobile station having two identities can have more than two personas. In situations in which multiple personas are associated with a single mobile station identity, one of the personas may be designated as a default persona for the mobile station identity and may be activated, by default, when the associated mobile station is required to switch to the identity (e.g., when the mobile station receives a communication associated with the identity, and switches to the identity to receive the communication). - The
mobile station 103 may further include asecure domain controller 123, which may be part of thevirtualization layer 121 as shown inFIG. 1 . Thesecure domain controller 123 is a program stored in a memory ofmobile station 103 for execution on a processor of themobile station 103. Thesecure domain controller 123 controls access to or from a secure domain on themobile station 103. A secure domain may include data (and/or storage locations, memories, or the like), application(s) or operating system(s), persona(s), user identity module(s), device(s), server(s), or the like. Thesecure domain controller 123 generally limits access to a secure domain from elements outside of the secure domain (e.g., limit access to data or applications within a particular secure domain by applications, devices, personas that are not part of the particular secure domain). Thesecure domain controller 123 may additionally or alternatively limit access from the secure domain to elements outside of the secure domain (e.g., limit access from applications in the particular secure domain to data or servers outside of the particular secure domain). In general, thesecure domain controller 123 allows full access between elements within a single secure domain. - In the example
mobile station 103 shown inFIG. 1 , thesecure domain controller 123 controls two secure domains, and each secure domain includes the application(s), O/S, and data associated with a corresponding one of thepersonas applications 133 a, O/S 135 a, and data associated with thefirst persona 131 a, and a second secure domain (secure domain #2) includes theapplications 133 b, O/S 135 b, and data associated with thesecond persona 131 b. In addition, each secure domain includes secure data stored insecure storage 117 that is associated with the persona, such as secure data stored on the UIM(s) 115 ofmobile station 103. In the example ofFIG. 1 , the first secure domain includes the data stored in a firstsecure storage location 117 a of theUIM 115, while the second secure domain includes the data stored in asecond storage location 117 b of theUIM 115. Thestorage locations single UIM 115, may be located inseparate UIMs 115 of themobile station 103, or may be located in other secure storage(s) of themobile station 103. - In order to protect secure data on the
mobile station 103, thesecure domain controller 123 can associate applications with personas, so as to only permit an application to access secure data of the same persona. Thesecure domain controller 123 can further authenticate applications, so as to only permit authenticated applications to access secure data of the persona. Thesecure domain controller 123 may block access to secure data in a persona by unauthenticated applications, and block access to secure data by authenticated applications that are not associated with the persona. In particular, thesecure domain controller 123 can be a hardware abstraction layer used to convert personal data into low level hardware data bound to theUIM 115. Thesecure domain controller 123 is then operative to grant access to (or not grant access to) a secure domain based on a determination made by theUIM 115. For example, in response to a request to access a secure domain, thesecure domain controller 123 may forward an access request to aUIM 115 of the secure domain, and may permit access to the secure domain only if an access request response received from theUIM 115 indicates that access should be granted. - In addition, the
secure domain controller 123 may ensure that sensitive or confidential data is stored in one or more secure storage locations. For example, thesecure domain controller 123 can store sensitive data in asecure storage 117 of aUIM 115, and store the sensitive data in astorage location 117 a/117 b of thesecure storage 117 that is associated with the correct persona. Thesecure domain controller 123 can alternatively store sensitive data in other secure storage locations accessible by theprocessor 107 of themobile station 103, such as a secure or encrypted memory (e.g., a secure or encrypted portion of memory 109). -
FIG. 2 is a flow diagram showing steps of anexemplary method 200 for authenticating an application for access to secure data using identity modules. - The
method 200 begins withstep 201, in which an application is associated with a persona on the mobile station. As part of associating an application with a persona, the application is also associated with the security domain corresponding to the persona. The application can be associated with a persona as part of installing the application on the mobile station, as part of configuring the application for use on the mobile station, as part of configuring a persona, security domain, operating system, or the like for use with the application, as part of configuring a secure domain controller for use on the mobile station, or the like. The process of associating the application with a persona may result in the generation of an application authentication key pair. For example, the application authentication key pair can include a private key which is stored with the application data (e.g., in a memory storing the program instructions for executing the application), and a public key corresponding to the private key and stored in a secure storage location associated with the persona, such as a portion ofsecure storage 117 that is associated with the particular personal/security domain associated with the application (e.g.,secure storage locations 117 a/117 b). - The method proceeds to step 203, in which secure data is associated with a persona on the mobile station. As part of associating the secure data with a persona, the secure data is also associated with a security domain corresponding to the persona. The secure data may, in general, be sensitive data (e.g., confidential data, personal data, or the like) that is stored securely on the mobile station. The secure data may be stored as encrypted data in a memory of the
mobile station 103, such as a memory used to store user data in themobile station 103. The secure data may also be stored in a secure or encrypted memory of themobile station 103, such as a memory dedicated to storing sensitive data, a memory that forms part of a UIM 115 (such as secure storage 117). The secure data can be associated with a persona as part of storing the secure data in memory on the mobile station, as part of configuring a persona, security domain, operating system, or the like for use with the secure data, as part of configuring a secure domain controller for use on the mobile station, or the like. The process of associating the secure data with a persona may result in the secure data being encrypted using an encryption key of the associated persona, being stored in a storage location associated with the persona, or the like. - While
step 203 is shown inFIG. 2 as taking place afterstep 201, the order of thesteps virtualization layer 121 ofmobile station 103, and/or bysecure domain controller 123 or another component of thevirtualization layer 121. In particular, aspects of associating an application or data with a persona that involve associating the application or data with a security domain corresponding to the persona may be performed more specifically by thesecure domain controller 123. In other examples,steps mobile station 103 or of a mobile network on which the mobile station operates. Oncesteps method 200 proceeds to step 205. - In
step 205, a request is received to access secure data on themobile station 103. The request may take the form of an application, running on themobile station 103, generating and sending a request to retrieve, write, overwrite, or otherwise access secure data (e.g., user data including sensitive user data) from memory. The request may be received in, routed to, or intercepted by the secure domain controller 123 (and/or another component of the virtualization layer 121). In response to receiving (or intercepting) the request, thesecure domain controller 123 transmits the request to theUIM 115. In general, the request received in and transmitted from thesecure domain controller 123 includes identification for the application having generated the request as well as authentication information for the application. The authentication information generally includes the application's authentication key (e.g., the private or other key stored with the application data), a passphrase generated using the application's authentication key, an authentication certificate for the application, or the like. The request may also include identification for the persona associated with the application and/or secure data, and authentication information for the persona (e.g., an authentication key associated with the persona). In some embodiments, however, the request received in thesecure domain controller 123 does not include authentication information for the application. If no authentication information is included, thesecure domain controller 123 may retrieve authentication information for the application from a memory of themobile station 103, and may include the retrieved authentication information in the request transmitted from thesecure domain controller 123. - In
step 207, the persona associated with the application having generated and transmitted the request is identified. The persona may be identified in the received or intercepted request by thesecure domain controller 123. The persona may alternatively or additionally be identified based on the application identified in the request (which corresponds to the application having generated and transmitted the request). In one example, thevirtualization layer 121 may maintain in amemory 109 of themobile device 103 a table associating each application with a persona, and thesecure domain controller 123 may thus identify the persona associated with the application based on the table. In embodiments in which themobile station 103 hasmultiple UIMs 115, thevirtualization layer 121 may also identify aUIM 115 associated with the persona. Thesecure domain controller 123 may then transmit the request to theUIM 115 associated with the identified persona. - In
step 209, the application identified in the request (as above, which generally corresponds to the application having generated and transmitted the request) is authenticated. The authentication may be performed by thesecure domain controller 123 and, at least in part, by theUIM 115 upon receiving the authentication request from thesecure domain controller 123. TheUIM 115 may retrieve the authentication information from the received request, and proceed to authenticate the application based on the authentication information. In one example, theUIM 115 may verify that the application authentication key received is a valid authentication key for a particular persona or security domain (e.g., the persona or security domain associated with theUIM 115, or the persona or security domain identified in step 207). In another example, theUIM 115 retrieves the public authentication key associated with the application identified in the request from a secure storage location associated with the persona, and uses the public authentication key to validate the request (e.g., by validating the key or passphrase included as part of the request). The authentication of the application is considered successful if theUIM 115 determines that the application is authenticated for use with the persona corresponding to the UIM. Once the application is authenticated by the UIM 115 (step 210, “Yes” branch), the UIM sends an authentication response back to thesecure domain controller 123 indicating that the application has been authenticated (step 212 a). If the application cannot be authenticated or if the application is determined not to be authenticated for use with the particular persona (step 210, “No” branch), the UIM may do nothing, or the UIM may send an authentication response indicating that the application is not authenticated. In response to not receiving an authentication response before expiration of a timeout period, or in response to receiving a “failure” authentication response indicating that the application is not authenticated (step 211 a), thesecure domain controller 123 blocks access by the application to secure data (step 211 b). In response to receiving a successful authentication response (step 212 a), thesecure domain controller 123 forwards the authentication response to the application, and enables the application to access the secure domain associated with the persona (step 212 b). While some of the steps involved in authenticating the application are described above as being performed by theUIM 115, all or part of the authentication steps may alternatively be performed by thesecure domain controller 123 or by another component of thevirtualization layer 121. - In
step 213, thesecure domain controller 123 determines whether the application may access the secure data identified in the request. If the application has been successfully authenticated, thesecure domain controller 123 may determine whether the secure data identified in the request is associated with the same persona as the authenticated application instep 214. The secure domain may then allow the application access to the secure data identified in the request instep 215. Thesecure domain controller 123 may alternatively, upon authentication of the application, provide access by the application to all secure data associated with the identified persona instep 215. In general, once an application is granted access to secure data instep 215, the application may read, write, and/or over-write the secure data. However, thesecure domain controller 123 may prevent access to secure data in step 217, for example if the application seeks access to secure data associated with a different persona or security domain. -
FIGS. 3A and 3B are flow diagrams respectively showingexemplary methods method 300 shown inFIG. 3A may be performed as part ofstep 201 ofFIG. 2 , while themethod 350 shown inFIG. 3B may be performed as part ofstep 203 ofFIG. 2 . Themethods virtualization layer 121 and/or thesecure domain controller 123, alone or in combination with other components of themobile station 103 or of an associated communication network. - The
method 300 begins instep 301 when an application is newly installed on themobile station 103. As part of the installation process, the application may be configured for use in one or more personas, and/or one or more corresponding security domains, on the mobile station. Whilestep 301 specifically refers to the installation of an application on the mobile station, themethod 300 may also be initiated when configuring (or re-configuring) an application for use on the mobile station, when configuring (or re-configuring) a persona, security domain, operating system, or the like for use with the application, when configuring (or re-configuring) a secure domain controller for use on the mobile station, or the like. - In
step 303, a persona and/or corresponding security domain is selected for association with the application. The persona may, by default, be selected as the persona that is active on the mobile station at the time the installation of the application is initiated instep 301. Alternatively, the persona may be user selected among the personas available on the mobile station. In one example, the persona is set by a network administrator having control of applications installed on the mobile station, or installed on a particular persona (e.g., a work-related persona) of the mobile station. The security domain corresponding to the selected persona may automatically be selected. - In
step 305, an application authentication key pair is generated for the application. In one example, the application generates the authentication key pair. In another example, thevirtualization layer 121 or thesecure domain controller 123 generates the authentication key pair. In another example, themobile station 103 relies on an authentication server in communication with the mobile station via a mobile communication network to authenticate the application and to generate the authentication key pair, for example in response to an authentication request generated by thevirtualization layer 121 and transmitted to the server. In embodiments in which an authentication server is used, the authentication server may verify the identity of the application prior to generating the authentication key pair, so as to verify that the application is not a fraudulent application seeking access to sensitive or secure data (e.g., a virus or other malicious application). - In
step 307, an authentication key of the generated authentication key pair is stored with the application data. For example, the authentication key may be the private key of the authentication key pair, and it may be stored in thememory 109 storing the application data. The authentication key stored with the application data may be used by the application to authenticate the application with theUIM 115 and/orsecure domain controller 123, e.g. as done instep 209. - In
step 309, an authentication key of the generated authentication key pair is stored in thesecure storage 117. In particular, the authentication key may be stored in thesecure storage 117 in association with (or in a storage location associated with) the personal and security domain identified instep 303. For example, the authentication key may be stored with the secure data stored in theUIM 115, or in secure storage inmemory 109. In general, the authentication key stored instep 309 may be in a memory accessible byUIM 115, such thatUIM 115 can retrieve the authentication key when authenticating an application (e.g., in step 209). The authentication key may be a public key that is used by theUIM 115 to validate the authentication information received from the application in a request to access secure data. - The
method 350 for associating sensitive or secure data with a persona begins instep 351 when sensitive data is received for storage on themobile station 103. The data may be received for storage from an application, auser interface 113, or from the network throughtransceiver 111. For example, the data may be user data related to an application, and received for storage during the course of operation of the application. The data may be user inputted data, received as part of user profile information for storage on the mobile device. The data may alternatively be data received from a network server viatransceiver 111, such as authentication information for a network service, such as a security certificate received for accessing online services. - In
step 353, a persona and/or security domain is selected to associate with the sensitive data. The persona may, by default, be selected as the persona that is active on the mobile station at the time the sensitive data is received instep 351. Alternatively, the persona may be user selected among the personas available on the mobile station. In one example, the persona is selected as the persona of the application having generated or supplied the data. In another example, the persona is set by a network administrator having control of the mobile station, such that the data is associated with a particular persona (e.g., a work-related persona) of the mobile station. The security domain corresponding to the selected persona may automatically be selected. - In
step 355, the sensitive data is stored securely in association with the selected persona and security domain. The sensitive data may be stored in asecure storage 117 of aUIM 115, or more generally in a secure storage of themobile station 103 such as a secure part ofmemory 109. For example, the data may be stored as encrypted data in a memory of themobile station 103, such as amemory 109 used to store user data in themobile station 103. The data may be encrypted using an encryption key of the associated persona. The data can be stored in a location associated with the persona, such as adedicated storage location 117 a/117 b of thesecure storage 117. -
FIG. 4 illustrates asystem 10 offering a variety of mobile communication services, including communications for mobile stations configured to authenticate applications and control access by authenticated application to secure data. The example shows simply two mobile stations (MSs) 103 a and 103 b as well as amobile communication network 15. Thestations network 15 provides mobile wireless communications services to those stations as well as to other mobile stations (not shown), for example, via a number of base stations (BSs) 17. The present techniques may be implemented in any of a variety of availablemobile networks 15 and/or on any type of mobile station compatible with such anetwork 15, and the drawing shows only a very simplified example of a few relevant elements of thenetwork 15 for purposes of discussion here. - The wireless
mobile communication network 15 might be implemented as a network conforming to the code division multiple access (CDMA) IS-95 standard, the 3rd Generation Partnership Project 2 (3GPP2) wireless IP network standard or the Evolution Data Optimized (EVDO) standard, the Global System for Mobile (GSM) communication standard, a time division multiple access (TDMA) standard or other standards used for public mobile wireless communications. Themobile stations 103 may are capable of voice telephone communications through thenetwork 15, and capable of data communications through the particular type of network 15 (and the users thereof typically will have subscribed to data service through the network). - The
network 15 allows users of the mobile stations such as 103 a and 103 b (and other mobile stations not shown) to initiate and receive telephone calls to each other as well as through the public switched telephone network or “PSTN” 19 and telephone stations 21 connected to the PSTN. Thenetwork 15 typically offers a variety of data services via theInternet 23, such as downloads, web browsing, email, etc. By way of example, the drawing shows a laptop PCtype user terminal 27 as well as aserver 25 connected to theInternet 23; and the data services for themobile stations 103 via theInternet 23 may be with devices like those shown at 25 and 27 as well as with a variety of other types of devices or systems capable of data communications through various interconnected networks. Themobile stations -
Mobile stations 103 can take the form of portable handsets, smart-phones or personal digital assistants, although they may be implemented in other form factors. Program applications, including a secure domain controller application and/or any authenticated application programs can be configured to execute on many different types ofmobile stations 103. For example, a mobile station application can be written to execute on a binary runtime environment for mobile (BREW-based) mobile station, a Windows Mobile based mobile station, Android, I-Phone, Java Mobile, or RIM based mobile station such as a BlackBerry or the like. Some of these types of devices can employ a multi-tasking operating system. - The
mobile communication network 10 can be implemented by a number of interconnected networks. Hence, theoverall network 10 may include a number of radio access networks (RANs), as well as regional ground networks interconnecting a number of RANs and a wide area network (WAN) interconnecting the regional ground networks to core network elements. A regional portion of thenetwork 10, such as that servingmobile stations 103, can include one or more RANs and a regional circuit and/or packet switched network and associated signaling network facilities. - The carrier will also operate a number of systems that provide ancillary functions in support of the communications services and/or application services provided through the
network 10, and those elements communicate with other nodes or elements of thenetwork 10 via one or more private IP type packet data networks 29 (sometimes referred to as an Intranet), i.e., a private networks. Generally, such systems are part of or connected for communication via theprivate network 29. Examples of such systems, in this case operated by the network service provider as part of theoverall network 10, which communicate through theintranet type network 29, include one ormore application servers 31 and arelated authentication server 33. - A mobile station 13 communicates over the air with a
base station 17 and through thetraffic network 15 for various voice and data communications, e.g. through theInternet 23 with aserver 25 and/or withapplication servers 31. If the mobile service carrier authenticates applications installed on amobile station 103, and/or generates authentication key pairs for such application, the service may be hosted on a carrier operatedapplication server 31, for communication via thenetworks server 25 connected for communication via thenetworks - To insure that the application service offered by
server 31 is available to only authorized devices/users, the provider of the application service also deploys anauthentication server 33. Theauthentication server 33 could be a separate physical server as shown, orauthentication server 33 could be implemented as another program module running on the same hardware platform as theserver application 31. Essentially, when the server application (server 31 in our example) receives a service request from a client application on a mobile station 13, the server application provides appropriate information to theauthentication server 33 to allowserver application 33 to authenticate the mobile station 13 as outlined herein. Upon successful authentication (e.g., based on mobile station credentials associated with a mobile station identity and retrieve from UIM 115), theserver 33 informs theserver application 31, which in turn provides access to the service via data communication through the various communication elements (e.g. 29, 15 and 17) of thenetwork 10. - As shown by the above discussion, functions relating to authenticating an application to control access to secure data may be implemented using one or more hardware platforms intended to represent a general class of mobile station.
FIG. 5 provides a functional block diagram illustration of a general mobile station platform. A mobile station typically comprises a central processor or other processing device, an internal communication bus, various types of memory or storage media (RAM, ROM, EEPROM, flash memory, etc.) for code and data storage, one or more user identity modules (UIMs), user interface elements (display, touchscreen, keypad, microphone, speaker) and one or more transceivers for communication to/from a mobile communication network. The software functionalities involve programming, including executable code as well as associated stored data, e.g. files used as the authentication key pairs. The software code is executable by the processor so as to perform functions including functions of the secure domain controller. In operation, the code is stored within the mobile station. At other times, however, the software may be stored at other locations and/or transported for loading into the mobile station. Execution of such code by a processor of the mobile station enables the station to implement the methodology for authenticating applications and controlling access to secure data, in essentially the manner performed in the implementations discussed and illustrated herein. - Hence, aspects of the methods of authentication and secure data access control outlined above may be embodied in programming. Program aspects of the technology may be thought of as “products” or “articles of manufacture” typically in the form of executable code and/or associated data that is carried on or embodied in a type of machine readable medium. “Storage” type media include any or all of the tangible memory of mobile stations, servers, processors or the like, or associated modules thereof, such as various semiconductor memories, disk drives and the like, which may provide non-transitory storage at any time for the software programming. All or portions of the software may at times be communicated through the Internet or various other telecommunication networks. Such communications, for example, may enable loading of the software from one computer or processor into another, for example, from a management server or host computer into the mobile station. Thus, another type of media that may bear the software elements includes optical, electrical and electromagnetic waves, such as used across physical interfaces between local devices, through wired and optical landline networks and over various air-links. The physical elements that carry such waves, such as wired or wireless links, optical links or the like, also may be considered as media bearing the software. As used herein, unless restricted to non-transitory, tangible “storage” media, terms such as computer or machine “readable medium” refer to any medium that participates in providing instructions to a processor for execution.
- Hence, a machine readable medium may take many forms, including but not limited to, a tangible storage medium, a carrier wave medium or physical transmission medium. Non-volatile storage media include, for example, flash memory, EEPROM, or other memories such as any of the storage devices in any mobile station(s) or the like, such as may be used to implement the
secure storage 117 and/ormemory 109, etc. shown in the drawings. Volatile storage media include dynamic memory, such as main memory of such a processing platform. Tangible transmission media include coaxial cables; copper wire and fiber optics, including the wires that comprise a bus within a computer system. Carrier-wave transmission media can take the form of electric or electromagnetic signals, or acoustic or light waves such as those generated during radio frequency (RF) and infrared (IR) data communications. Common forms of computer-readable media therefore include for example: a floppy disk, a flexible disk, hard disk, magnetic tape, any other magnetic medium, a CD-ROM, DVD or DVD-ROM, any other optical medium, punch cards paper tape, any other physical storage medium with patterns of holes, a RAM, a PROM and EPROM, a FLASH-EPROM, any other memory chip or cartridge, a carrier wave transporting data or instructions, cables or links transporting such a carrier wave, or any other medium from which a computer can read programming code and/or data. Many of these forms of computer readable media may be involved in carrying one or more sequences of one or more instructions to a processor for execution. - Unless otherwise stated, all measurements, values, ratings, positions, magnitudes, sizes, and other specifications that are set forth in this specification, including in the claims that follow, are approximate, not exact. They are intended to have a reasonable range that is consistent with the functions to which they relate and with what is customary in the art to which they pertain.
- The scope of protection is limited solely by the claims that now follow. That scope is intended and should be interpreted to be as broad as is consistent with the ordinary meaning of the language that is used in the claims when interpreted in light of this specification and the prosecution history that follows and to encompass all structural and functional equivalents. Notwithstanding, none of the claims are intended to embrace subject matter that fails to satisfy the requirement of
Sections 101, 102, or 103 of the Patent Act, nor should they be interpreted in such a way. Any unintended embracement of such subject matter is hereby disclaimed. - Except as stated immediately above, nothing that has been stated or illustrated is intended or should be interpreted to cause a dedication of any component, step, feature, object, benefit, advantage, or equivalent to the public, regardless of whether it is or is not recited in the claims.
- It will be understood that the terms and expressions used herein have the ordinary meaning as is accorded to such terms and expressions with respect to their corresponding respective areas of inquiry and study except where specific meanings have otherwise been set forth herein. Relational terms such as first and second and the like may be used solely to distinguish one entity or action from another without necessarily requiring or implying any actual such relationship or order between such entities or actions. The terms “comprises,” “comprising,” or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. An element proceeded by “a” or “an” does not, without further constraints, preclude the existence of additional identical elements in the process, method, article, or apparatus that comprises the element.
- The Abstract of the Disclosure is provided to allow the reader to quickly ascertain the nature of the technical disclosure. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims. In addition, in the foregoing Detailed Description, it can be seen that various features are grouped together in various embodiments for the purpose of streamlining the disclosure. This method of disclosure is not to be interpreted as reflecting an intention that the claimed embodiments require more features than are expressly recited in each claim. Rather, as the following claims reflect, inventive subject matter lies in less than all features of a single disclosed embodiment. Thus the following claims are hereby incorporated into the Detailed Description, with each claim standing on its own as a separately claimed subject matter.
Claims (20)
1. A mobile station, comprising:
a wireless transceiver configured to provide communication for the mobile station via a mobile wireless communication network;
an identity module configured to provide secure storage for information relating to different identities of the mobile station associated with mobile station communication via the mobile wireless communication network;
at least one user interface element;
a processor coupled to the wireless transceiver and the at least one user interface element;
a memory accessible by the processor configured for program and data storage;
application programs stored in the memory; and
a secure domain controller program stored in the memory, wherein execution of the secure domain controller program by the processor configures the processor to perform functions, including functions to:
associate each of the application programs with a selected one of a plurality of personas to be implemented on the mobile station, each persona corresponding to one of the identities of the mobile station and at least one persona corresponding to each identity of the mobile station;
associate different secure data with each of the plurality of personas;
when executing each respective application program, allow the respective application program to access the secure data associated with the associated persona but prevent the respective application program from accessing the secure data associated with the other persona,
wherein allowing the respective application program to access the secure data associated with the associated persona includes performing, upon receiving from the respective application program a request to access the secure data associated with the associated persona, authentication of the respective application program using a first authentication key retrieved from the secure data and a second authentication key associated with the respective application program and included in the request to access the secure data; and
while implementing each respective persona, provide communication for the mobile station via the mobile wireless communication network utilizing information relating to the corresponding identity from the identity module.
2. The mobile station of claim 1 , wherein the identity module is further configured to provide separate secure storage for the secure data associated with each of the plurality of personas.
3. The mobile station of claim 1 , wherein:
each identity of the different identities of the mobile station has a different associated mobile device number (MDN) or mobile telephone number (MTN); and
each of the selected one of the plurality of personas corresponds to a different user profile on the mobile station.
4. (canceled)
5. The mobile station of claim 1 , wherein the first authentication key is retrieved from the secure storage provided by the identity module.
6. (canceled)
7. The mobile station of claim 1 , wherein the second authentication key is retrieved from the memory configured for program and data storage for inclusion in the request from the application program.
8. The mobile station of claim 1 , wherein the identity module is a subscriber identity module (SIM) storing a network hash key used in identifying and authenticating the mobile station on a wireless carrier network.
9. A method comprising:
associating, in a mobile station having different identities associated with mobile station communication via a mobile wireless communication network, each of a plurality of application programs with a selected one of a plurality of personas to be implemented on the mobile station, each persona corresponding to one of the identities of the mobile station and at least one persona corresponding to each identity of the mobile station;
associating, in the mobile station, different secure data with each of the plurality of personas;
when a processor of the mobile station is executing each respective application program, allowing the respective application program to access the secure data associated with the associated persona in a memory of the mobile station, but preventing the respective application program from accessing the secure data associated with the other persona in the memory of the mobile station,
wherein allowing the respective application program to access the secure data associated with the associated persona includes, when executing the respective application program, performing, upon receiving from the respective application program a request to access the secure data associated with the associated persona, authentication of the respective application program using a first authentication key retrieved from the secure data and a second authentication key associated with the respective application program and included in the request to access the secure data; and
while implementing each respective persona, providing communication for the mobile station via the mobile wireless communication network utilizing information relating to the corresponding identity.
10. The method of claim 9 , further comprising:
retrieving the secure data, from an identity module configured to provide secure storage for information relating to the different identities of the mobile station and for secure data associated with each of the personas, when the respective application program is allowed to access secure data associated with the associated persona.
11. The method of claim 9 , wherein:
each identity of the different identities of the mobile station has a different associated mobile device number (MDN) or mobile telephone number (MTN); and
each of the selected one of the plurality of personas corresponds to a different user profile on the mobile station.
12. (canceled)
13. The method of claim 9 , further comprising:
retrieving the first authentication key from the secure storage provided by an identity module configured to provide secure storage for information relating to the different identities of the mobile station.
14. (canceled)
15. The method of claim 9 , further comprising:
retrieving the second authentication key from a memory of the mobile station configured for program and data storage for inclusion in the request from the application program.
16. An article of manufacture comprising:
a non-transitory storage device; and
programming in the storage device for execution by a processor of a mobile station, wherein execution of the programming by the processor configures the mobile station to perform functions, including functions to:
associate, in the mobile station having different identities associated with mobile station communication via a mobile wireless communication network, each of a plurality of application programs with a selected one of a plurality of personas to be implemented on the mobile station, each persona corresponding to one of the identities of the mobile station and at least one persona corresponding to each identity of the mobile station;
associate different secure data with each of the plurality of personas;
when executing each respective application program, allow the respective application program to access secure data associated with the associated persona in a memory of the mobile station, but prevent the respective application program from accessing secure data associated with the other persona in the memory of the mobile station,
wherein allowing the respective application program to access the secure data associated with the associated persona includes performing, upon receiving from the respective application program a request to access the secure data associated with the associated persona, authentication of the respective application program using a first authentication key retrieved from the secure data and a second authentication key associated with the respective application program and included in the request to access the secure data; and
while implementing each respective persona, provide communication for the mobile station via the mobile wireless communication network utilizing information relating to the corresponding identity.
17. The article of manufacture of claim 16 , wherein:
the storage device is configured to provide separate secure storage for the secure data associated with each of the plurality of personas.
18. The article of manufacture of claim 16 , wherein:
each identity of the different identities of the mobile station has a different associated mobile device number (MDN) or mobile telephone number (MTN); and
each of the selected one of the plurality of personas corresponds to a different user profile on the mobile station.
19. The article of manufacture of claim 16 , wherein the first authentication key is retrieved from the secure storage provided by the storage device.
20. The article of manufacture of claim 16 , wherein the second authentication key is retrieved from the memory of the mobile station.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/474,347 US8600355B1 (en) | 2012-05-17 | 2012-05-17 | Systems and methods for authenticating applications for access to secure data using identity modules |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/474,347 US8600355B1 (en) | 2012-05-17 | 2012-05-17 | Systems and methods for authenticating applications for access to secure data using identity modules |
Publications (2)
Publication Number | Publication Date |
---|---|
US20130310003A1 true US20130310003A1 (en) | 2013-11-21 |
US8600355B1 US8600355B1 (en) | 2013-12-03 |
Family
ID=49581701
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/474,347 Active US8600355B1 (en) | 2012-05-17 | 2012-05-17 | Systems and methods for authenticating applications for access to secure data using identity modules |
Country Status (1)
Country | Link |
---|---|
US (1) | US8600355B1 (en) |
Cited By (89)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150026759A1 (en) * | 2013-07-17 | 2015-01-22 | Pt Oberthur Technologies Indonesia Ltd | Method of enforcing control of access by a device to a secure element, and corresponding secure element |
US20150074834A1 (en) * | 2013-09-06 | 2015-03-12 | Getac Technology Corporation | Electronic device and protection method thereof |
US20150113627A1 (en) * | 2013-10-17 | 2015-04-23 | Arm Ip Limited | Method for assigning an agent device from a first device registry to a second device registry |
WO2015089996A1 (en) * | 2013-12-20 | 2015-06-25 | 中兴通讯股份有限公司 | Security authentication method and authorization authentication server |
US9098368B1 (en) | 2011-05-31 | 2015-08-04 | Sprint Communications Company L.P. | Loading branded media outside system partition |
US9100769B2 (en) | 2013-02-08 | 2015-08-04 | Sprint Communications Company L.P. | System and method of storing service brand packages on a mobile device |
US9100819B2 (en) | 2013-02-08 | 2015-08-04 | Sprint-Communications Company L.P. | System and method of provisioning and reprovisioning a mobile device based on self-locating |
US20150230084A1 (en) * | 2012-07-31 | 2015-08-13 | Sirran Technologies Limited | Telecommunication system |
US9118655B1 (en) | 2014-01-24 | 2015-08-25 | Sprint Communications Company L.P. | Trusted display and transmission of digital ticket documentation |
US9125037B2 (en) | 2013-08-27 | 2015-09-01 | Sprint Communications Company L.P. | System and methods for deferred and remote device branding |
US9143924B1 (en) | 2013-08-27 | 2015-09-22 | Sprint Communications Company L.P. | Segmented customization payload delivery |
US20150286839A1 (en) * | 2013-12-02 | 2015-10-08 | Omer Ben-Shalom | Methods, systems, and apparatus to protect content based on persona |
US9161227B1 (en) | 2013-02-07 | 2015-10-13 | Sprint Communications Company L.P. | Trusted signaling in long term evolution (LTE) 4G wireless communication |
US9161209B1 (en) | 2013-08-21 | 2015-10-13 | Sprint Communications Company L.P. | Multi-step mobile device initiation with intermediate partial reset |
US9161325B1 (en) * | 2013-11-20 | 2015-10-13 | Sprint Communications Company L.P. | Subscriber identity module virtualization |
US9171243B1 (en) | 2013-04-04 | 2015-10-27 | Sprint Communications Company L.P. | System for managing a digest of biographical information stored in a radio frequency identity chip coupled to a mobile communication device |
US9170870B1 (en) | 2013-08-27 | 2015-10-27 | Sprint Communications Company L.P. | Development and testing of payload receipt by a portable electronic device |
US9183606B1 (en) | 2013-07-10 | 2015-11-10 | Sprint Communications Company L.P. | Trusted processing location within a graphics processing unit |
US9183412B2 (en) | 2012-08-10 | 2015-11-10 | Sprint Communications Company L.P. | Systems and methods for provisioning and using multiple trusted security zones on an electronic device |
US9185626B1 (en) | 2013-10-29 | 2015-11-10 | Sprint Communications Company L.P. | Secure peer-to-peer call forking facilitated by trusted 3rd party voice server provisioning |
US20150327073A1 (en) * | 2013-01-29 | 2015-11-12 | Telefonaktiebolaget L M Ericson (Publ) | Controlling Access of a User Equipment to Services |
US9191388B1 (en) | 2013-03-15 | 2015-11-17 | Sprint Communications Company L.P. | Trusted security zone communication addressing on an electronic device |
US9191522B1 (en) | 2013-11-08 | 2015-11-17 | Sprint Communications Company L.P. | Billing varied service based on tier |
US9198027B2 (en) | 2012-09-18 | 2015-11-24 | Sprint Communications Company L.P. | Generic mobile devices customization framework |
US9204286B1 (en) | 2013-03-15 | 2015-12-01 | Sprint Communications Company L.P. | System and method of branding and labeling a mobile device |
US9204239B1 (en) | 2013-08-27 | 2015-12-01 | Sprint Communications Company L.P. | Segmented customization package within distributed server architecture |
US9210576B1 (en) | 2012-07-02 | 2015-12-08 | Sprint Communications Company L.P. | Extended trusted security zone radio modem |
US9208339B1 (en) | 2013-08-12 | 2015-12-08 | Sprint Communications Company L.P. | Verifying Applications in Virtual Environments Using a Trusted Security Zone |
US9208513B1 (en) | 2011-12-23 | 2015-12-08 | Sprint Communications Company L.P. | Automated branding of generic applications |
US9215180B1 (en) | 2012-08-25 | 2015-12-15 | Sprint Communications Company L.P. | File retrieval in real-time brokering of digital content |
US20150373023A1 (en) * | 2014-06-22 | 2015-12-24 | Citrix Systems, Inc. | Enabling User Entropy Encryption in Non-Compliant Mobile Applications |
US9226145B1 (en) | 2014-03-28 | 2015-12-29 | Sprint Communications Company L.P. | Verification of mobile device integrity during activation |
US9226133B1 (en) | 2013-01-18 | 2015-12-29 | Sprint Communications Company L.P. | Dynamic remotely managed SIM profile |
US9230085B1 (en) | 2014-07-29 | 2016-01-05 | Sprint Communications Company L.P. | Network based temporary trust extension to a remote or mobile device enabled via specialized cloud services |
US9268959B2 (en) | 2012-07-24 | 2016-02-23 | Sprint Communications Company L.P. | Trusted security zone access to peripheral devices |
US9280483B1 (en) | 2013-05-22 | 2016-03-08 | Sprint Communications Company L.P. | Rebranding a portable electronic device while maintaining user data |
US9282898B2 (en) | 2012-06-25 | 2016-03-15 | Sprint Communications Company L.P. | End-to-end trusted communications infrastructure |
US9301081B1 (en) | 2013-11-06 | 2016-03-29 | Sprint Communications Company L.P. | Delivery of oversized branding elements for customization |
US9307400B1 (en) | 2014-09-02 | 2016-04-05 | Sprint Communications Company L.P. | System and method of efficient mobile device network brand customization |
US9324016B1 (en) | 2013-04-04 | 2016-04-26 | Sprint Communications Company L.P. | Digest of biographical information for an electronic device with static and dynamic portions |
US9357378B1 (en) | 2015-03-04 | 2016-05-31 | Sprint Communications Company L.P. | Subscriber identity module (SIM) card initiation of custom application launcher installation on a mobile communication device |
US9363622B1 (en) | 2013-11-08 | 2016-06-07 | Sprint Communications Company L.P. | Separation of client identification composition from customization payload to original equipment manufacturer layer |
US9363836B2 (en) * | 2013-04-01 | 2016-06-07 | Silver Spring Networks, Inc. | Secure management of radio transmissions in an endpoint device of a network |
US9374363B1 (en) | 2013-03-15 | 2016-06-21 | Sprint Communications Company L.P. | Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device |
US20160191240A1 (en) * | 2014-12-31 | 2016-06-30 | Hon Hai Precision Industry Co., Ltd. | Electronic device and method for encrypting and decrypting data |
US9384498B1 (en) | 2012-08-25 | 2016-07-05 | Sprint Communications Company L.P. | Framework for real-time brokering of digital content delivery |
US9392395B1 (en) | 2014-01-16 | 2016-07-12 | Sprint Communications Company L.P. | Background delivery of device configuration and branding |
US9398462B1 (en) | 2015-03-04 | 2016-07-19 | Sprint Communications Company L.P. | Network access tiered based on application launcher installation |
US9420496B1 (en) | 2014-01-24 | 2016-08-16 | Sprint Communications Company L.P. | Activation sequence using permission based connection to network |
US9426641B1 (en) | 2014-06-05 | 2016-08-23 | Sprint Communications Company L.P. | Multiple carrier partition dynamic access on a mobile device |
US9443088B1 (en) | 2013-04-15 | 2016-09-13 | Sprint Communications Company L.P. | Protection for multimedia files pre-downloaded to a mobile device |
US9454723B1 (en) | 2013-04-04 | 2016-09-27 | Sprint Communications Company L.P. | Radio frequency identity (RFID) chip electrically and communicatively coupled to motherboard of mobile communication device |
US9473945B1 (en) | 2015-04-07 | 2016-10-18 | Sprint Communications Company L.P. | Infrastructure for secure short message transmission |
US9532211B1 (en) | 2013-08-15 | 2016-12-27 | Sprint Communications Company L.P. | Directing server connection based on location identifier |
CN106302492A (en) * | 2016-08-23 | 2017-01-04 | 唐山新质点科技有限公司 | A kind of access control method and system |
US9549009B1 (en) | 2013-02-08 | 2017-01-17 | Sprint Communications Company L.P. | Electronic fixed brand labeling |
US9560519B1 (en) | 2013-06-06 | 2017-01-31 | Sprint Communications Company L.P. | Mobile communication device profound identity brokering framework |
US9578664B1 (en) | 2013-02-07 | 2017-02-21 | Sprint Communications Company L.P. | Trusted signaling in 3GPP interfaces in a network function virtualization wireless communication system |
US9600297B1 (en) * | 2012-10-29 | 2017-03-21 | Google Inc. | Determining interaction context by providing and using personas |
US9603009B1 (en) | 2014-01-24 | 2017-03-21 | Sprint Communications Company L.P. | System and method of branding a device independent of device activation |
US9613208B1 (en) | 2013-03-13 | 2017-04-04 | Sprint Communications Company L.P. | Trusted security zone enhanced with trusted hardware drivers |
US20170164184A1 (en) * | 2015-06-11 | 2017-06-08 | Giesecke & Devrient Mobile Security America, Inc. | Managing multiple active subscriber identity module profiles |
US9681251B1 (en) | 2014-03-31 | 2017-06-13 | Sprint Communications Company L.P. | Customization for preloaded applications |
US9743271B2 (en) | 2013-10-23 | 2017-08-22 | Sprint Communications Company L.P. | Delivery of branding content and customizations to a mobile communication device |
US9779232B1 (en) | 2015-01-14 | 2017-10-03 | Sprint Communications Company L.P. | Trusted code generation and verification to prevent fraud from maleficent external devices that capture data |
US9817992B1 (en) | 2015-11-20 | 2017-11-14 | Sprint Communications Company Lp. | System and method for secure USIM wireless network access |
US9819679B1 (en) | 2015-09-14 | 2017-11-14 | Sprint Communications Company L.P. | Hardware assisted provenance proof of named data networking associated to device data, addresses, services, and servers |
US9838869B1 (en) | 2013-04-10 | 2017-12-05 | Sprint Communications Company L.P. | Delivering digital content to a mobile device via a digital rights clearing house |
US9838868B1 (en) | 2015-01-26 | 2017-12-05 | Sprint Communications Company L.P. | Mated universal serial bus (USB) wireless dongles configured with destination addresses |
US9860235B2 (en) | 2013-10-17 | 2018-01-02 | Arm Ip Limited | Method of establishing a trusted identity for an agent device |
US9906958B2 (en) | 2012-05-11 | 2018-02-27 | Sprint Communications Company L.P. | Web server bypass of backend process on near field communications and secure element chips |
US9913132B1 (en) | 2016-09-14 | 2018-03-06 | Sprint Communications Company L.P. | System and method of mobile phone customization based on universal manifest |
US9992326B1 (en) | 2014-10-31 | 2018-06-05 | Sprint Communications Company L.P. | Out of the box experience (OOBE) country choice using Wi-Fi layer transmission |
US10021240B1 (en) | 2016-09-16 | 2018-07-10 | Sprint Communications Company L.P. | System and method of mobile phone customization based on universal manifest with feature override |
US10069811B2 (en) | 2013-10-17 | 2018-09-04 | Arm Ip Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
US10129268B2 (en) | 2014-09-08 | 2018-11-13 | Arm Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
CN108933775A (en) * | 2017-05-24 | 2018-12-04 | 通用汽车环球科技运作有限责任公司 | Automated wireless communication authentication |
US10282719B1 (en) | 2015-11-12 | 2019-05-07 | Sprint Communications Company L.P. | Secure and trusted device-based billing and charging process using privilege for network proxy authentication and audit |
US10306433B1 (en) | 2017-05-01 | 2019-05-28 | Sprint Communications Company L.P. | Mobile phone differentiated user set-up |
US10341864B2 (en) * | 2017-03-03 | 2019-07-02 | Verizon Patent And Licensing Inc. | Network-based device registration for content distribution platforms |
US10455071B2 (en) | 2012-05-09 | 2019-10-22 | Sprint Communications Company L.P. | Self-identification of brand and branded firmware installation in a generic electronic device |
US10499249B1 (en) | 2017-07-11 | 2019-12-03 | Sprint Communications Company L.P. | Data link layer trust signaling in communication network |
US10506398B2 (en) | 2013-10-23 | 2019-12-10 | Sprint Communications Company Lp. | Implementation of remotely hosted branding content and customizations |
CN111753264A (en) * | 2020-07-01 | 2020-10-09 | 电子科技大学 | General authorization and authentication system for college mobile application based on Oauth2.0 |
US10885198B2 (en) | 2015-08-03 | 2021-01-05 | Arm Ltd | Bootstrapping without transferring private key |
US10951429B2 (en) | 2015-08-03 | 2021-03-16 | Arm Ltd | Server initiated remote device registration |
US11082421B2 (en) | 2014-09-03 | 2021-08-03 | Arm Limited | Bootstrap mechanism for endpoint devices |
US11303639B2 (en) * | 2020-01-20 | 2022-04-12 | Ppip, Llc | Secure execution enclave for user equipment (UE) |
US11475134B2 (en) | 2019-04-10 | 2022-10-18 | Arm Limited | Bootstrapping a device |
Families Citing this family (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2698756B1 (en) * | 2012-08-13 | 2016-01-06 | Nxp B.V. | Local Trusted Service Manager |
US9207945B2 (en) * | 2012-09-28 | 2015-12-08 | Intel Corporation | Multi-persona computing based on real time user recognition |
US10104060B2 (en) * | 2013-01-30 | 2018-10-16 | Hewlett Packard Enterprise Development Lp | Authenticating applications to a network service |
KR20150042643A (en) * | 2013-10-11 | 2015-04-21 | 삼성전자주식회사 | Terminal appartus and method for connecting to virtual server in a vritual desktop infrastructure |
US10187363B2 (en) | 2014-12-31 | 2019-01-22 | Visa International Service Association | Hybrid integration of software development kit with secure execution environment |
US9935941B2 (en) | 2015-09-16 | 2018-04-03 | International Business Machines Corporation | Mobile based multi-channel citizen account origination in digital economy |
US11647392B1 (en) | 2021-12-16 | 2023-05-09 | Bank Of America Corporation | Systems and methods for context-aware mobile application session protection |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8615272B2 (en) | 2004-05-26 | 2013-12-24 | Nokia Corporation | Method and system for associating subscriber identity module |
US20070184858A1 (en) * | 2006-02-09 | 2007-08-09 | Agere Systems Inc. | Method of attaching mobile communication tasks to a Subscriber Information Module card and mobile communication device incorporating the same |
US8200736B2 (en) | 2007-12-24 | 2012-06-12 | Qualcomm Incorporated | Virtual SIM card for mobile handsets |
US8225110B2 (en) * | 2009-01-09 | 2012-07-17 | Telefonaktiebolaget Lm Ericsson (Publ) | Cryptographic protection of usage restrictions in electronic devices |
TWI429213B (en) * | 2009-12-11 | 2014-03-01 | Toro Dev Ltd | A mobile integrated distribution and transaction system and method for nfc services, and a mobile electronic device thereof |
KR101790114B1 (en) * | 2011-07-04 | 2017-10-26 | 삼성전자 주식회사 | Wireless communication terminal equipped with plural identity modules and method for selecting identity module thereof |
-
2012
- 2012-05-17 US US13/474,347 patent/US8600355B1/en active Active
Cited By (114)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9098368B1 (en) | 2011-05-31 | 2015-08-04 | Sprint Communications Company L.P. | Loading branded media outside system partition |
US9208513B1 (en) | 2011-12-23 | 2015-12-08 | Sprint Communications Company L.P. | Automated branding of generic applications |
US10455071B2 (en) | 2012-05-09 | 2019-10-22 | Sprint Communications Company L.P. | Self-identification of brand and branded firmware installation in a generic electronic device |
US9906958B2 (en) | 2012-05-11 | 2018-02-27 | Sprint Communications Company L.P. | Web server bypass of backend process on near field communications and secure element chips |
US9282898B2 (en) | 2012-06-25 | 2016-03-15 | Sprint Communications Company L.P. | End-to-end trusted communications infrastructure |
US10154019B2 (en) | 2012-06-25 | 2018-12-11 | Sprint Communications Company L.P. | End-to-end trusted communications infrastructure |
US9210576B1 (en) | 2012-07-02 | 2015-12-08 | Sprint Communications Company L.P. | Extended trusted security zone radio modem |
US9268959B2 (en) | 2012-07-24 | 2016-02-23 | Sprint Communications Company L.P. | Trusted security zone access to peripheral devices |
US20150230084A1 (en) * | 2012-07-31 | 2015-08-13 | Sirran Technologies Limited | Telecommunication system |
US9811672B2 (en) | 2012-08-10 | 2017-11-07 | Sprint Communications Company L.P. | Systems and methods for provisioning and using multiple trusted security zones on an electronic device |
US9183412B2 (en) | 2012-08-10 | 2015-11-10 | Sprint Communications Company L.P. | Systems and methods for provisioning and using multiple trusted security zones on an electronic device |
US9215180B1 (en) | 2012-08-25 | 2015-12-15 | Sprint Communications Company L.P. | File retrieval in real-time brokering of digital content |
US9384498B1 (en) | 2012-08-25 | 2016-07-05 | Sprint Communications Company L.P. | Framework for real-time brokering of digital content delivery |
US9198027B2 (en) | 2012-09-18 | 2015-11-24 | Sprint Communications Company L.P. | Generic mobile devices customization framework |
US9420399B2 (en) | 2012-09-18 | 2016-08-16 | Sprint Communications Company L.P. | Generic mobile devices customization framework |
US9600297B1 (en) * | 2012-10-29 | 2017-03-21 | Google Inc. | Determining interaction context by providing and using personas |
US9226133B1 (en) | 2013-01-18 | 2015-12-29 | Sprint Communications Company L.P. | Dynamic remotely managed SIM profile |
US20150327073A1 (en) * | 2013-01-29 | 2015-11-12 | Telefonaktiebolaget L M Ericson (Publ) | Controlling Access of a User Equipment to Services |
US9578664B1 (en) | 2013-02-07 | 2017-02-21 | Sprint Communications Company L.P. | Trusted signaling in 3GPP interfaces in a network function virtualization wireless communication system |
US9161227B1 (en) | 2013-02-07 | 2015-10-13 | Sprint Communications Company L.P. | Trusted signaling in long term evolution (LTE) 4G wireless communication |
US9769854B1 (en) | 2013-02-07 | 2017-09-19 | Sprint Communications Company L.P. | Trusted signaling in 3GPP interfaces in a network function virtualization wireless communication system |
US9549009B1 (en) | 2013-02-08 | 2017-01-17 | Sprint Communications Company L.P. | Electronic fixed brand labeling |
US9100819B2 (en) | 2013-02-08 | 2015-08-04 | Sprint-Communications Company L.P. | System and method of provisioning and reprovisioning a mobile device based on self-locating |
US9100769B2 (en) | 2013-02-08 | 2015-08-04 | Sprint Communications Company L.P. | System and method of storing service brand packages on a mobile device |
US9613208B1 (en) | 2013-03-13 | 2017-04-04 | Sprint Communications Company L.P. | Trusted security zone enhanced with trusted hardware drivers |
US9191388B1 (en) | 2013-03-15 | 2015-11-17 | Sprint Communications Company L.P. | Trusted security zone communication addressing on an electronic device |
US9374363B1 (en) | 2013-03-15 | 2016-06-21 | Sprint Communications Company L.P. | Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device |
US9204286B1 (en) | 2013-03-15 | 2015-12-01 | Sprint Communications Company L.P. | System and method of branding and labeling a mobile device |
US20160269991A1 (en) * | 2013-04-01 | 2016-09-15 | Silver Spring Networks, Inc. | Secure management of radio transmissions in an endpoint device of a network |
US9363836B2 (en) * | 2013-04-01 | 2016-06-07 | Silver Spring Networks, Inc. | Secure management of radio transmissions in an endpoint device of a network |
US10154457B2 (en) * | 2013-04-01 | 2018-12-11 | Itron Networked Solutions, Inc. | Secure management of radio transmissions in an endpoint device of a network |
US9454723B1 (en) | 2013-04-04 | 2016-09-27 | Sprint Communications Company L.P. | Radio frequency identity (RFID) chip electrically and communicatively coupled to motherboard of mobile communication device |
US9712999B1 (en) | 2013-04-04 | 2017-07-18 | Sprint Communications Company L.P. | Digest of biographical information for an electronic device with static and dynamic portions |
US9171243B1 (en) | 2013-04-04 | 2015-10-27 | Sprint Communications Company L.P. | System for managing a digest of biographical information stored in a radio frequency identity chip coupled to a mobile communication device |
US9324016B1 (en) | 2013-04-04 | 2016-04-26 | Sprint Communications Company L.P. | Digest of biographical information for an electronic device with static and dynamic portions |
US9838869B1 (en) | 2013-04-10 | 2017-12-05 | Sprint Communications Company L.P. | Delivering digital content to a mobile device via a digital rights clearing house |
US9443088B1 (en) | 2013-04-15 | 2016-09-13 | Sprint Communications Company L.P. | Protection for multimedia files pre-downloaded to a mobile device |
US9280483B1 (en) | 2013-05-22 | 2016-03-08 | Sprint Communications Company L.P. | Rebranding a portable electronic device while maintaining user data |
US9949304B1 (en) | 2013-06-06 | 2018-04-17 | Sprint Communications Company L.P. | Mobile communication device profound identity brokering framework |
US9560519B1 (en) | 2013-06-06 | 2017-01-31 | Sprint Communications Company L.P. | Mobile communication device profound identity brokering framework |
US9183606B1 (en) | 2013-07-10 | 2015-11-10 | Sprint Communications Company L.P. | Trusted processing location within a graphics processing unit |
US20150026759A1 (en) * | 2013-07-17 | 2015-01-22 | Pt Oberthur Technologies Indonesia Ltd | Method of enforcing control of access by a device to a secure element, and corresponding secure element |
US9767275B2 (en) * | 2013-07-17 | 2017-09-19 | Pt Oberthur Technologies Indonesia Ltd. | Method of enforcing control of access by a device to a secure element, and corresponding secure element |
US9208339B1 (en) | 2013-08-12 | 2015-12-08 | Sprint Communications Company L.P. | Verifying Applications in Virtual Environments Using a Trusted Security Zone |
US9532211B1 (en) | 2013-08-15 | 2016-12-27 | Sprint Communications Company L.P. | Directing server connection based on location identifier |
US9161209B1 (en) | 2013-08-21 | 2015-10-13 | Sprint Communications Company L.P. | Multi-step mobile device initiation with intermediate partial reset |
US9439025B1 (en) | 2013-08-21 | 2016-09-06 | Sprint Communications Company L.P. | Multi-step mobile device initiation with intermediate partial reset |
US9204239B1 (en) | 2013-08-27 | 2015-12-01 | Sprint Communications Company L.P. | Segmented customization package within distributed server architecture |
US9143924B1 (en) | 2013-08-27 | 2015-09-22 | Sprint Communications Company L.P. | Segmented customization payload delivery |
US9125037B2 (en) | 2013-08-27 | 2015-09-01 | Sprint Communications Company L.P. | System and methods for deferred and remote device branding |
US9170870B1 (en) | 2013-08-27 | 2015-10-27 | Sprint Communications Company L.P. | Development and testing of payload receipt by a portable electronic device |
US20150074834A1 (en) * | 2013-09-06 | 2015-03-12 | Getac Technology Corporation | Electronic device and protection method thereof |
US9218508B2 (en) * | 2013-09-06 | 2015-12-22 | Getac Technology Corporation | Electronic device and protection method thereof |
US11076290B2 (en) | 2013-10-17 | 2021-07-27 | Arm Ip Limited | Assigning an agent device from a first device registry to a second device registry |
US10069811B2 (en) | 2013-10-17 | 2018-09-04 | Arm Ip Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
US10027646B2 (en) | 2013-10-17 | 2018-07-17 | Arm Ip Limited | Associating an agent device associated with a first application providing apparatus with a second application providing apparatus |
US20150113627A1 (en) * | 2013-10-17 | 2015-04-23 | Arm Ip Limited | Method for assigning an agent device from a first device registry to a second device registry |
US9860235B2 (en) | 2013-10-17 | 2018-01-02 | Arm Ip Limited | Method of establishing a trusted identity for an agent device |
US10911424B2 (en) | 2013-10-17 | 2021-02-02 | Arm Ip Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
US9307405B2 (en) * | 2013-10-17 | 2016-04-05 | Arm Ip Limited | Method for assigning an agent device from a first device registry to a second device registry |
US11240222B2 (en) | 2013-10-17 | 2022-02-01 | Arm Ip Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
US10506398B2 (en) | 2013-10-23 | 2019-12-10 | Sprint Communications Company Lp. | Implementation of remotely hosted branding content and customizations |
US10382920B2 (en) | 2013-10-23 | 2019-08-13 | Sprint Communications Company L.P. | Delivery of branding content and customizations to a mobile communication device |
US9743271B2 (en) | 2013-10-23 | 2017-08-22 | Sprint Communications Company L.P. | Delivery of branding content and customizations to a mobile communication device |
US9185626B1 (en) | 2013-10-29 | 2015-11-10 | Sprint Communications Company L.P. | Secure peer-to-peer call forking facilitated by trusted 3rd party voice server provisioning |
US9301081B1 (en) | 2013-11-06 | 2016-03-29 | Sprint Communications Company L.P. | Delivery of oversized branding elements for customization |
US9191522B1 (en) | 2013-11-08 | 2015-11-17 | Sprint Communications Company L.P. | Billing varied service based on tier |
US9363622B1 (en) | 2013-11-08 | 2016-06-07 | Sprint Communications Company L.P. | Separation of client identification composition from customization payload to original equipment manufacturer layer |
US9161325B1 (en) * | 2013-11-20 | 2015-10-13 | Sprint Communications Company L.P. | Subscriber identity module virtualization |
US20150286839A1 (en) * | 2013-12-02 | 2015-10-08 | Omer Ben-Shalom | Methods, systems, and apparatus to protect content based on persona |
WO2015089996A1 (en) * | 2013-12-20 | 2015-06-25 | 中兴通讯股份有限公司 | Security authentication method and authorization authentication server |
US9392395B1 (en) | 2014-01-16 | 2016-07-12 | Sprint Communications Company L.P. | Background delivery of device configuration and branding |
US9118655B1 (en) | 2014-01-24 | 2015-08-25 | Sprint Communications Company L.P. | Trusted display and transmission of digital ticket documentation |
US9420496B1 (en) | 2014-01-24 | 2016-08-16 | Sprint Communications Company L.P. | Activation sequence using permission based connection to network |
US9603009B1 (en) | 2014-01-24 | 2017-03-21 | Sprint Communications Company L.P. | System and method of branding a device independent of device activation |
US9226145B1 (en) | 2014-03-28 | 2015-12-29 | Sprint Communications Company L.P. | Verification of mobile device integrity during activation |
US9681251B1 (en) | 2014-03-31 | 2017-06-13 | Sprint Communications Company L.P. | Customization for preloaded applications |
US9426641B1 (en) | 2014-06-05 | 2016-08-23 | Sprint Communications Company L.P. | Multiple carrier partition dynamic access on a mobile device |
US20150373023A1 (en) * | 2014-06-22 | 2015-12-24 | Citrix Systems, Inc. | Enabling User Entropy Encryption in Non-Compliant Mobile Applications |
US10367814B2 (en) * | 2014-06-22 | 2019-07-30 | Citrix Systems, Inc. | Enabling user entropy encryption in non-compliant mobile applications |
US9230085B1 (en) | 2014-07-29 | 2016-01-05 | Sprint Communications Company L.P. | Network based temporary trust extension to a remote or mobile device enabled via specialized cloud services |
US9307400B1 (en) | 2014-09-02 | 2016-04-05 | Sprint Communications Company L.P. | System and method of efficient mobile device network brand customization |
US11082421B2 (en) | 2014-09-03 | 2021-08-03 | Arm Limited | Bootstrap mechanism for endpoint devices |
US10129268B2 (en) | 2014-09-08 | 2018-11-13 | Arm Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
US10951630B2 (en) | 2014-09-08 | 2021-03-16 | Arm Limited | Registry apparatus, agent device, application providing apparatus and corresponding methods |
US9992326B1 (en) | 2014-10-31 | 2018-06-05 | Sprint Communications Company L.P. | Out of the box experience (OOBE) country choice using Wi-Fi layer transmission |
US20160191240A1 (en) * | 2014-12-31 | 2016-06-30 | Hon Hai Precision Industry Co., Ltd. | Electronic device and method for encrypting and decrypting data |
US9779232B1 (en) | 2015-01-14 | 2017-10-03 | Sprint Communications Company L.P. | Trusted code generation and verification to prevent fraud from maleficent external devices that capture data |
US9838868B1 (en) | 2015-01-26 | 2017-12-05 | Sprint Communications Company L.P. | Mated universal serial bus (USB) wireless dongles configured with destination addresses |
US9357378B1 (en) | 2015-03-04 | 2016-05-31 | Sprint Communications Company L.P. | Subscriber identity module (SIM) card initiation of custom application launcher installation on a mobile communication device |
US9398462B1 (en) | 2015-03-04 | 2016-07-19 | Sprint Communications Company L.P. | Network access tiered based on application launcher installation |
US9794727B1 (en) | 2015-03-04 | 2017-10-17 | Sprint Communications Company L.P. | Network access tiered based on application launcher installation |
US9473945B1 (en) | 2015-04-07 | 2016-10-18 | Sprint Communications Company L.P. | Infrastructure for secure short message transmission |
US10237723B2 (en) * | 2015-06-11 | 2019-03-19 | Giesecke+Devrient Mobile Security America, Inc. | Managing multiple active subscriber identity module profiles |
US20170164184A1 (en) * | 2015-06-11 | 2017-06-08 | Giesecke & Devrient Mobile Security America, Inc. | Managing multiple active subscriber identity module profiles |
US10951429B2 (en) | 2015-08-03 | 2021-03-16 | Arm Ltd | Server initiated remote device registration |
US10885198B2 (en) | 2015-08-03 | 2021-01-05 | Arm Ltd | Bootstrapping without transferring private key |
US9819679B1 (en) | 2015-09-14 | 2017-11-14 | Sprint Communications Company L.P. | Hardware assisted provenance proof of named data networking associated to device data, addresses, services, and servers |
US10282719B1 (en) | 2015-11-12 | 2019-05-07 | Sprint Communications Company L.P. | Secure and trusted device-based billing and charging process using privilege for network proxy authentication and audit |
US10311246B1 (en) | 2015-11-20 | 2019-06-04 | Sprint Communications Company L.P. | System and method for secure USIM wireless network access |
US9817992B1 (en) | 2015-11-20 | 2017-11-14 | Sprint Communications Company Lp. | System and method for secure USIM wireless network access |
CN106302492A (en) * | 2016-08-23 | 2017-01-04 | 唐山新质点科技有限公司 | A kind of access control method and system |
US9913132B1 (en) | 2016-09-14 | 2018-03-06 | Sprint Communications Company L.P. | System and method of mobile phone customization based on universal manifest |
US10021240B1 (en) | 2016-09-16 | 2018-07-10 | Sprint Communications Company L.P. | System and method of mobile phone customization based on universal manifest with feature override |
US11683157B2 (en) | 2017-03-03 | 2023-06-20 | Verizon Patent And Licensing Inc. | Network-based device registration for content distribution platforms |
US10341864B2 (en) * | 2017-03-03 | 2019-07-02 | Verizon Patent And Licensing Inc. | Network-based device registration for content distribution platforms |
US10999064B2 (en) | 2017-03-03 | 2021-05-04 | Verizon Patent And Licensing Inc. | Network-based device registration for content distribution platforms |
US10805780B1 (en) | 2017-05-01 | 2020-10-13 | Sprint Communications Company L.P. | Mobile phone differentiated user set-up |
US10306433B1 (en) | 2017-05-01 | 2019-05-28 | Sprint Communications Company L.P. | Mobile phone differentiated user set-up |
CN108933775A (en) * | 2017-05-24 | 2018-12-04 | 通用汽车环球科技运作有限责任公司 | Automated wireless communication authentication |
US10499249B1 (en) | 2017-07-11 | 2019-12-03 | Sprint Communications Company L.P. | Data link layer trust signaling in communication network |
US11475134B2 (en) | 2019-04-10 | 2022-10-18 | Arm Limited | Bootstrapping a device |
US11303639B2 (en) * | 2020-01-20 | 2022-04-12 | Ppip, Llc | Secure execution enclave for user equipment (UE) |
CN111753264A (en) * | 2020-07-01 | 2020-10-09 | 电子科技大学 | General authorization and authentication system for college mobile application based on Oauth2.0 |
Also Published As
Publication number | Publication date |
---|---|
US8600355B1 (en) | 2013-12-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8600355B1 (en) | Systems and methods for authenticating applications for access to secure data using identity modules | |
KR101904338B1 (en) | Method and apparatus for user authentication and human intention verification in a mobile device | |
US9788209B2 (en) | Apparatus and methods for controlling distribution of electronic access clients | |
US8984592B1 (en) | Enablement of a trusted security zone authentication for remote mobile device management systems and methods | |
US9112905B2 (en) | Authentication of access terminal identities in roaming networks | |
US8983543B2 (en) | Methods and apparatus for managing data within a secure element | |
US9226145B1 (en) | Verification of mobile device integrity during activation | |
Lee et al. | An empirical study of wireless carrier authentication for {SIM} swaps | |
US9270758B2 (en) | System for mobile application notary service | |
TWI586185B (en) | Methods and apparatus for managing data within a secure element | |
US20120266220A1 (en) | System and Method for Controlling Access to a Third-Party Application with Passwords Stored in a Secure Element | |
US10187386B2 (en) | Native enrollment of mobile devices | |
CA2665961C (en) | Method and system for delivering a command to a mobile device | |
WO2016177342A1 (en) | Account login processing method, server and system therefor, and computer storage medium | |
CN103959857A (en) | Managing mobile device applications in a wireless network | |
US11564094B1 (en) | Secondary device authentication proxied from authenticated primary device | |
US8931045B2 (en) | Method and apparatus for management of multiple grouped resources on device | |
WO2019173620A1 (en) | Method and apparatus for facilitating frictionless two-factor authentication | |
US10530771B2 (en) | System and method of inter-account resource access management | |
JP2021501394A (en) | Controlling the operation of computing devices | |
Nobu et al. | Implementation of a User Account Provisioning System Based on NFC for Public Wi-Fi Services |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: CELLCO PARTNERSHIP D/B/A VERIZON WIRELESS, NEW JER Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:SADHVANI, RITA;ZHANG, NING;KAMAL, MOHAMMAD ASHFAQ;REEL/FRAME:028228/0685 Effective date: 20120511 |
|
STCF | Information on status: patent grant |
Free format text: PATENTED CASE |
|
FPAY | Fee payment |
Year of fee payment: 4 |
|
MAFP | Maintenance fee payment |
Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY Year of fee payment: 8 |