US2016226860A1PendingUtilityA1

Virtual subscriber identity module

44
Assignee: INTERDIGITIAL PATENT HOLDINGS INCPriority: Sep 19, 2007Filed: Feb 1, 2016Published: Aug 4, 2016
Est. expirySep 19, 2027(~1.2 yrs left)· nominal 20-yr term from priority
H04W 8/265H04W 12/08H04W 12/06H04W 4/60H04W 12/04H04L 63/0823H04W 4/003G06Q 20/40H04L 9/32H04W 8/18H04W 12/35G06Q 20/308
44
PatentIndex Score
0
Cited by
0
References
0
Claims

Abstract

A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator-trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner-trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.

Claims

exact text as granted — not AI-modified
1 - 7 . (canceled) 
     
     
         8 . In a wireless transmit/receive unit (WTRU) that comprises a first trusted subsystem and a second trusted subsystem, a method comprising:
 the second trusted subsystem sending, to the first trusted subsystem, a request to establish a third trusted subsystem;   based on the request, the first trusted subsystem installing an original execution environment within the WTRU;   the first trusted subsystem sending a setup sequence to the original execution environment so as to establish a pristine execution environment; and   sending by the first trusted subsystem, a certificate and a request for a mobile network operator to take control of the pristine execution environment, the certificate installed by the pristine execution environment so as to establish the third trusted subsystem of the WTRU, such that the third trusted subsystem of the WTRU is controlled by the mobile network operator.   
     
     
         9 . The method as recited in  claim 8 , the method further comprising:
 storing and providing, by the first trusted subsystem, credentials related to a manufacturer of the WTRU.   
     
     
         10 . The method as recited in  claim 8 , the method further comprising:
 storing and providing, by the third trusted subsystem, credentials related to the mobile network operator.   
     
     
         11 . The method as recited in  claim 8 , the method further comprising:
 storing and providing by the second trusted subsystem, credentials related to a user of the WTRU.   
     
     
         12 . The method as recited in  claim 8 , wherein the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem are separate and insulated on the WTRU from one another such that their respective credentials cannot be accessed by the other trusted subsystems. 
     
     
         13 . The method as recited in  claim 11 , the method further comprising: storing and providing, by a virtual subscriber identity module (vSIM) management unit within the second trusted subsystem, credential information relating to the user of the WTRU. 
     
     
         14 . The method as recited in  claim 11 , the method further comprising:
 storing and providing, by a fourth trusted subsystem being separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, credentials relating to a second user of the WTRU.   
     
     
         15 . The method as recited in  claim 8 , the method further comprising:
 storing and providing, by a fourth trusted subsystem being separate and insulated from the first, and second, and third trusted subsystems, credentials related to an owner of the WTRU.   
     
     
         16 . The method as recited in  claim 8 , the method further comprising:
 storing and providing, by a fourth trusted subsystem being separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, credentials related to a remote stakeholder.   
     
     
         17 . The method as recited in  claim 8 , wherein the first trusted subsystem comprises a device manufacturer trusted subsystem (TSS-DM), the second trusted subsystem comprises a remote mobile network operator (MNO) trusted subsystem (TSS-MNO), and the third trusted sub system comprises a device user trusted subsystem (TSS-U). 
     
     
         18 . A wireless transmit/receive unit (WTRU) comprising a first trusted subsystem and a second trusted subsystem, the WTRU further comprising:
 a memory comprising executable instructions; and   a processor in communication with the memory, the instructions, when executed by the processor, cause the processor to effectuate operations comprising:
 the second trusted subsystem sending, to the first trusted subsystem, a request to establish a third trusted subsystem; 
 based on the request, the first trusted subsystem installing an original execution environment within the WTRU; 
 the first trusted subsystem sending a setup sequence to the original execution environment so as to establish a pristine execution environment; and 
 sending by the first trusted subsystem, a certificate and a request for a mobile network operator to take control of the pristine execution environment, the certificate installed by the pristine execution environment so as to establish the third trusted subsystem of the WTRU, such that the third trusted subsystem of the WTRU is controlled by the mobile network operator. 
   
     
     
         19 . The WTRU as recited in  claim 18 , the operations further comprising:
 storing and providing, by the first trusted subsystem, credentials related to a manufacturer of the WTRU.   
     
     
         20 . The WTRU as recited in  claim 18 , the operations further comprising:
 storing and providing, by the third trusted subsystem, credentials related to the mobile network operator.   
     
     
         21 . The WTRU as recited in  claim 18 , the operations further comprising:
 storing and providing by the second trusted subsystem, credentials related to a user of the WTRU.   
     
     
         22 . The WTRU as recited in  claim 18 , wherein the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem are separate and insulated on the WTRU from one another such that their respective credentials cannot be accessed by the other trusted subsystems. 
     
     
         23 . The WTRU as recited in  claim 21 , the operations further comprising:
 storing and providing, by a virtual subscriber identity module (vSIM) management unit within the second trusted subsystem, credential information relating to the user of the WTRU.   
     
     
         24 . The WTRU as recited in  claim 21 , the method further comprising:
 storing and providing, by a fourth trusted subsystem being separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, credentials relating to a second user of the WTRU.   
     
     
         25 . The WTRU as recited in  claim 18 , the operations further comprising:
 storing and providing, by a fourth trusted subsystem being separate and insulated from the first, and second, and third trusted subsystems, credentials related to an owner of the WTRU.   
     
     
         26 . The WTRU as recited in  claim 18 , the operations further comprising:
 storing and providing, by a fourth trusted subsystem being separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, credentials related to a remote stakeholder.   
     
     
         27 . The WTRU as recited in  claim 18 , wherein the first trusted subsystem comprises a device manufacturer trusted subsystem (TSS-DM), the second trusted subsystem comprises a remote mobile network operator (MNO) trusted subsystem (TSS-MNO), and the third trusted sub system comprises a device user trusted subsystem (TSS-U).

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.