Proxy certificate management for nfv environment (pcs)
US-2024275775-A1 · Aug 15, 2024 · US
Virtual subscriber identity module
US9253588B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9253588-B2 |
| Application number | US-16879108-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 7, 2008 |
| Priority date | Sep 19, 2007 |
| Publication date | Feb 2, 2016 |
| Grant date | Feb 2, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator-trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner-trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.
First claim
Opening claim text (preview).
What is claimed is: 1. In a wireless transmit/receive unit (WTRU) that comprises a first trusted subystem, a second trusted subsystem, and a third trusted subsystem, a method comprising: storing and providing, by the first trusted subsystem credentials related to a manufacturer of the WTRU; sending by the first trusted subsystem, a certificate and a request for a mobile network operator to take control of an execution environment of the WTRU, the certificate installed by the execution environment so as to establish the second trusted subsystem of the WTRU such that the second trusted subsystem of the WTRU is controlled by the mobile network operator; storing and providing, by the second trusted subsystem, credentials related to the mobile network operator; and storing and providing, by the third trusted subsystem, credentials related to a user of the WTRU, wherein the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem are separate and insulated on the WTRU from one another such that their respective credentials cannot be accessed by the other trusted subsystems, and wherein the second trusted subsystem and the third trusted subsystem are configured to communicate with each other through a trusted virtual subscriber identity module (vSIM) service link. 2. The method of claim 1 , the method further comprising: storing and providing, by a virtual subscriber identity module (vSIM) core services unit within the second trusted subsystem, credential information relating to the mobile network operator. 3. The method of claim 1 , the method further comprising: storing and providing, by a virtual subscriber identity module (vSIM) management unit within the third trusted subsystem, credential information relating to the user of the WTRU. 4. The method of claim 1 further comprising: storing and providing, by a fourth trusted subsystem being separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, credentials relating to a second user of the WTRU. 5. The method of claim 1 further comprising: storing and providing, by a fourth trusted subsystem being separate and insulated from the first, second, and third trusted subsystems, credentials related to an owner of the WTRU. 6. The method of claim 1 further comprising: storing and providing, by a fourth trusted subsystem being separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, credentials related to a remote stakeholder. 7. The method of claim 1 , wherein the first trusted subsystem comprises a device manufacturer trusted subsystem (TSS-DM), wherein the second trusted subsystem comprises a remote mobile network operator (MNO) trusted subsystem (TSS-MNO), and wherein the third trusted subsystem comprises a device user trusted subsystem (TSS-U). 8. A wireless transmit/receive unit (WTRU) comprising a first trusted subsystem, a second trusted subsystem, and a third trusted subsystem, the WTRU further comprising: a memory comprising executable instructions; and a processor in communication with the memory, the instructions, when executed by the processor, cause the processor to effectuate operations comprising: storing and providing, by the first trusted subsystem, credentials related to a manufacturer of the WTRU; sending by the first trusted subsystem, a certificate and a request for a mobile network operator to take control of an execution environment of the WTRU, the certificate installed by the execution environment so as to establish the second trusted subsystem of the WTRU such that the second trusted subsystem of the WTRU is controlled by the mobile network operator; storing and providing, by the second trusted subsystem, credentials related to the mobile network operator; and storing and providing, by the third trusted subsystem, credentials related to a user of the WTRU, wherein the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem are separate and insulated on the WTRU from one such that their respective credentials cannot be accessed by the other trusted subsystems, and wherein the second trusted subsystem and the third trusted subsystem are configured to communicate with each other through a trusted virtual subscriber identity module (vSIM) service link. 9. The WTRU of claim 8 , wherein the processor is further configured to execute the instructions to perform operations comprising: storing and providing, by a virtual subscriber identity module (vSIM) core services unit within the second trusted subsystem, credential information relating to the mobile network operator. 10. The WTRU of claim 8 , wherein the processor is further configured to execute the instructions to perform operations comprising: storing and providing, by a virtual subscriber identity module (vSIM) management unit within the third trusted subsystem, credential information relating to the user of the WTRU. 11. The WTRU of claim 8 , wherein the WTRU further comprises a fourth trusted subsytem that is separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, and wherein the processor is further configured to execute the instructions to perform operations comprising: storing and providing, by the fourth trusted subsystem, credentials relating to a second user of the WTRU. 12. The WTRU of claim 8 , wherein the WTRU further comprises a fourth trusted subsytem that is separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, and wherein the processor is further configured to execute the instructions to perform operations comprising: storing and providing, by the fourth trusted subsystem, credentials related to an owner of the WTRU. 13. The WTRU of claim 8 , wherein the WTRU further comprises a fourth trusted subsytem that is separate and insulated on the WTRU from the first trusted subsystem, the second trusted subsystem, and the third trusted subsystem, and wherein the processor is further configured to execute the instructions to perform operations comprising: storing and providing, by the fourth trusted subsystem, credentials related to a remote stakeholder. 14. The WTRU of claim 1 , wherein the first trusted subsystem comprises a device manufacturer trusted subsystem (TSS-DM), wherein the second trusted subsystem comprises a remote mobile network operator (MNO) trusted subsystem (TSS-MNO), and wherein the third trusted subsystem comprises a device user trusted subsystem (TSS-U).
Assignees
Inventors
Classifications
Access security · CPC title
Subscription-based services using application servers or record carriers, e.g. SIM application toolkits · CPC title
for initial activation of new user · CPC title
Authentication · CPC title
Key management, e.g. using generic bootstrapping architecture [GBA] · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9253588B2 cover?
- A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator-trusted subsystem (MNO-TSS) configured to store and provide credentials related to a…
- Who is the assignee on this patent?
- Schmidt Andreas U, Kuntze Nicolai, Kasper Michael, and 1 more
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0823. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Feb 02 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).