Secure adaptive device locking

What is claimed is: 1. A method comprising: sending a first message from a user equipment (UE) to a telecommunications network device requesting a UE SIMLock configuration; receiving a first reply message at the UE from the telecommunications network device, the first reply message including at least the UE SIMLock configuration, the UE SIMLock configuration containing one or more UE parameters for the configuration of the UE; applying the one or more UE parameters to the UE; detecting, with the UE, a subscriber identity module (SIM) inserted into the UE; receiving a SIM configuration from the SIM, the SIM configuration comprising one or more SIM parameters; and comparing values for each of the one or more UE parameters to each respective SIM parameter to determine a compatibility of the SIM and the UE; wherein, if the UE is incompatible; the UE is partially, or completely, disabled; wherein, if the UE is compatible, the UE is fully enabled; and wherein a network value in the UE SIMLock configuration matches the network value of the SIM configuration. 2. The method of claim 1 , wherein sending the first message from the UE to the telecommunications network device comprises sending an encrypted message from a secure trusted execution environment (TEE) on the UE. 3. The method of claim 2 , wherein the telecommunications network device comprises a configuration server storing a plurality of UE SIMLock configurations for a plurality of UEs. 4. The method of claim 1 , further comprising: sending a second message from the UE to the telecommunications network device requesting an updated UE SIMLock configuration; receiving a second reply message at the UE from the telecommunications network device, the second reply message including at least the updated UE SIMLock configuration, the updated UE SIMLock configuration containing one or more updated UE parameters for the UE SIMLock configuration of the UE; applying the one or more updated UE parameters to the UE; and comparing values for each of the one or more updated UE parameters to each respective SIM parameter to determine a compatibility of the SIM and the UE. 5. The method of claim 4 , further comprising: receiving a trigger message from the telecommunications network device to send the second message. 6. The method of claim 4 , further comprising: determining that a periodic timer associated with sending the second message has expired. 7. The method of claim 4 , further comprising: sending a value of a periodic timer from the telecommunication network device to the UE; wherein the periodic timer causes the UE to send at least one of the first message or the second message. 8. The method of claim 1 , further comprising: verifying a validity of the first reply message; sending an acknowledgement message back to the telecommunications network device; updating a device database in a telecommunications network database that the UE has been configured; and sending an acknowledgment message from the telecommunications network device to the UE to apply the UE SIMLock configuration. 9. The method of claim 1 , further comprising: verifying at least one of an authenticity or integrity of the first reply message with a trusted application in a trusted execution environment (TEE) of the UE; and verifying an integrity and/or decrypting the UE SIMLock configuration in a modem of the UE before applying the one or more UE parameters; wherein the first reply message is at least one of integrity protected or encrypted. 10. The method of claim 1 , further comprising: verifying that an international mobile station equipment identity (IMEI) in the UE SIMLock configuration is the same as the IMEI of the UE. 11. A method comprising: receiving a message from a user equipment (UE) at a first telecommunications network device, the message comprising a request for a UE SIMLock configuration; verifying the message from the UE with the first telecommunications network device; verifying one or more device certificates from the UE by querying a second telecommunications network device that contains at least one of libraries, data, or algorithms for verifying device certificates; and sending the UE SIMLock configuration from the first telecommunications network device to the UE; sending the message from the first telecommunications network device to a second telecommunications network device after verifying the message, the second telecommunications network device storing the UE SIMLock configuration; and sending the UE SIMLock configuration from the second telecommunications network device to the first telecommunications network device. 12. The method of claim 11 , wherein receiving the message from the UE at a first telecommunications network device comprises receiving the message at a rules engine of a configuration server. 13. The method of claim 11 , wherein sending the message from the first telecommunications network device to the second telecommunications network device comprises sending the message from a rules engine to a policy engine of a configuration server. 14. The method of claim 11 , wherein the UE SIMLock configuration comprises one or more UE parameters associated with usage restrictions for the UE. 15. The method of claim 14 , wherein the UE SIMLock configuration further comprises a value for each of the one or more UE parameters; and wherein the value further modifies a usage restriction for the UE. 16. The method of claim 15 , wherein a first UE parameter of the one or more UE parameters comprises a network restriction; and a network value associated with a carrier restriction for the UE. 17. The method of claim 11 , further comprising: sending a trigger message from the first telecommunications network device to the UE to cause the UE to send a UE SIMLock configuration update request message to the first telecommunications network device; receiving the UE SIMLock configuration update request message from the UE at the first telecommunications network device; and sending an updated UE SIMLock configuration from the first telecommunications network device to the UE. 18. The method of claim 11 , further comprising: determining that the UE sending the message is not authorized; wherein the UE SIMLock configuration partially or completely disables the UE.