[go: up one dir, main page]

WO2018167352A1 - Procédé et appareil de mise à jour de paramètres de dispositifs distribués - Google Patents

Procédé et appareil de mise à jour de paramètres de dispositifs distribués Download PDF

Info

Publication number
WO2018167352A1
WO2018167352A1 PCT/FI2017/050176 FI2017050176W WO2018167352A1 WO 2018167352 A1 WO2018167352 A1 WO 2018167352A1 FI 2017050176 W FI2017050176 W FI 2017050176W WO 2018167352 A1 WO2018167352 A1 WO 2018167352A1
Authority
WO
WIPO (PCT)
Prior art keywords
subscriber identity
seed information
information
identity module
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/FI2017/050176
Other languages
English (en)
Inventor
Raimo Vuonnala
Aaro Julius KOSKINEN
Kari AIROLA
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nokia Solutions and Networks Oy
Original Assignee
Nokia Solutions and Networks Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Solutions and Networks Oy filed Critical Nokia Solutions and Networks Oy
Priority to PCT/FI2017/050176 priority Critical patent/WO2018167352A1/fr
Priority to EP17717472.9A priority patent/EP3596956A1/fr
Priority to CN201780090805.1A priority patent/CN110622537B/zh
Publication of WO2018167352A1 publication Critical patent/WO2018167352A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0806Configuration setting for initial configuration or provisioning, e.g. plug-and-play
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/50Service provisioning or reconfiguring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/60Subscription-based services using application servers or record carriers, e.g. SIM application toolkits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]

Definitions

  • the present application generally relates to updating settings of distributed devices.
  • [001 1 ] comprising computer executable program code configured to execute any method of the fourth, fifth or sixth example aspect.
  • computer program of any one of preceding example aspects that is a computer program product comprising a computer-readable medium bearing computer program code embodied therein for use with a computer.
  • FIG. 1 shows an architectural drawing of a system of an example embodiment
  • FIG. 2 shows a simplified block diagram of an apparatus
  • FIG. 3 shows a simplified block diagram of a control server
  • FIG. 4 shows a simplified block diagram of a provisioning computer
  • FIG. 5 shows a flow chart illustrating a method of an example embodiment in the apparatus of Fig. 2;
  • Fig. 6 shows a flow chart illustrating a method of an example embodiment in the control server of Fig. 3;
  • Fig. 7 shows a flow chart illustrating a method of an example embodiment in the provisioning computer of Fig. 4.
  • Fig. 1 shows an architectural drawing of a system 100 of an example embodiment.
  • the system 100 comprises a seed provisioning computer 110; a plurality of apparatuses 120 each capable of using a subscriber identity module 220 (Fig. 2) of a mobile communication network 130; the mobile communication network 130; a control server 140; and a service server 150.
  • the seed provisioning computer 110 is configured to distribute encrypted seed information to subscriber identity modules either before or after they are taken into use by the apparatuses 120.
  • the apparatuses 120 obtain and decrypt the encrypted seed from their subscriber identity modules and obtain new settings information using the encrypted seed from the control server 140, for example.
  • the apparatuses 120 then establish settings according to the settings information e.g. to gain access to a service provided by the service server 150.
  • FIG. 2 shows a simplified block diagram of an apparatus 120, such as a customer premises equipment, navigation device, vehicular equipment such as accident notification equipment, or a surveillance system such as security camera device.
  • an apparatus 120 such as a customer premises equipment, navigation device, vehicular equipment such as accident notification equipment, or a surveillance system such as security camera device.
  • the apparatus 120 comprises:
  • At least one processor 210 configured to communicate with a subscriber identity module 220 of the mobile communication network 130;
  • decryption key 232 stored in the memory 230;
  • the at least one processor 210 being further configured to:
  • the apparatus 120 further comprises a communication circuitry 240 configured to enable communication with the mobile communication network 130 using the subscriber identity module.
  • the mobile communication network 130 may be a cellular network such as GSM, W-CDMA, CDMA- 2000, LTE-enabled network, 4G network.
  • the mobile communication network 130 may be a satellite network such Exede network or HughesNet network.
  • the apparatus 120 may further comprise a user interface 250.
  • the at least one processor 210 is configured to perform the obtaining of the new settings for the apparatus 120 using the seed information 222 by accessing a remote entity such as the control server 140 with the communication circuitry 240 according to the seed information 222.
  • the seed information 222 is stored in a phone book of the subscriber identity module 220.
  • the seed information 222 can be stored in one or more short messages of the subscriber identity module 220.
  • the seed information 222 comprises one or more of: a network address of a network based controlling entity such as the control server 140; a user name; and password.
  • the apparatus 120 comprises a radio receiver 250 configured to receive an encrypted broadcast; and the seed information 222 comprises decrypting credentials for decrypting the broadcast; the at least one processor 210 being further configured to obtain the new settings for the apparatus 120 from the encrypted broadcast by decrypting using the decrypting credentials.
  • the radio broadcast is a satellite radio broadcast or a radio data service broadcast.
  • Fig. 2 shows the subscriber identity module 220 as a separate block and indeed in some example embodiments the subscriber identity module is a chip card with which the apparatus 120 is configured to communicate with a suitable interface. Alternatively, or additionally, the apparatus 120 can be configured to use a programmable subscriber identity module.
  • a programmable subscriber identity module can be implemented e.g. using a trusted execution environment to store secret information both persistently and also during run-time.
  • a programmable subscriber identity module can be conveniently re-programmed on manufacture of the apparatus 120 or afterwards.
  • the subscriber identity 220 module is configurable by a radio transmission i.e. over the air.
  • the apparatus 120 can be configured to receive the encrypted seed information to subscriber identity module from a radio transmission.
  • the seed is encrypted in an example embodiment with an encryption key of at least 128 bits, e.g. with 256 bit AES, triple-DES, or PGP encryption.
  • the apparatus is any one or more of: customer premises equipment; a navigation device; a vehicle control apparatus; a vehicle assistance apparatus; a surveillance apparatus.
  • the apparatus may comprise a trusted execution environment.
  • the trusted execution environment may be configured to comprise the memory storing the decryption key and the seed information.
  • the decryption key is stored in another example embodiment in another memory e.g. in an obfuscated form.
  • the trusted environment is further configured in an example embodiment to indicate to a server compliance with predetermined minimum security capability.
  • the at least one processor can be configured in an example embodiment to attempt obtaining of the new settings using the encrypted seed information in response to detecting that the apparatus lacks correct settings information.
  • FIG. 3 shows a simplified block diagram of the control server 140, comprising:
  • a communication circuitry 310 configured to communicate with plural apparatuses 120;
  • At least one processor 320 configured to;
  • control server 140 further comprises a memory 330 or database 340 or the control server 140 is provided with an access to a memory or database comprising the settings information.
  • the at least one processor 320 of the control server 140 can be configured to produce the settings information.
  • the settings information may be produced, for example, based on predetermined or heuristic rules according to any of properties of the apparatus 120, network address of the apparatus 120, time, and parameters provided by the apparatus 120 to the control server 140.
  • the at least one processor 320 can be configured to cause the providing of the apparatus with the new settings information by sending to the apparatus the new settings information using the communication circuitry.
  • the at least one processor 320 can be further configured in an example embodiment to:
  • the at least one processor can be further configured in an example embodiment to instruct the apparatus 120, if the testing of the compliance was negative, to perform a firmware update and optionally thereafter reattempt obtaining the new settings information from the control server 140.
  • the at least one processor can be further configured in an example embodiment to perform the providing of the apparatus 120 with the new settings information so that the settings information is encrypted between the communication circuitry and the apparatus.
  • Secure Sockets Layer encryption is used in an example embodiment while some other example embodiments employ a shared secret stored in the trusted execution environment memory and/or public-private key encryption.
  • control server can be configured in an example embodiment to operate as a gate keeper that grants access credentials for using a service to such apparatuses 120 that can prove their worthiness or authorization by possessing valid seed information.
  • Some example embodiments will next be described to illustrate how the seen information may be deployed to a large number of apparatuses 120.
  • FIG. 4 shows a simplified block diagram of a provisioning computer 150 comprising:
  • At least one processor 420 configured to:
  • the seed information comprises credentials for an apparatus 120 to obtain settings information.
  • the at least one processor can be further configured in an example embodiment to vary the seed information stored in encrypted form to different subscriber identity modules so that the seed information selected from a selection of two or more different seed information.
  • the provisioning computer 150 is configured in an example embodiment to maintain a database of the varied seed information and the subscriber identity modules stored with each version of the seed information such that if given seed information version leaks out, the seed information can be made invalid by the control server 140 and the corresponding subscriber identity modules can be reconfigured to contain renewed encrypted seed information.
  • the subscriber identity module configuring circuitry is capable of configuring subscriber identity modules over the air, for example, to cause reconfiguring a plurality of subscriber identity modules over the air to contain renewed encrypted seed information.
  • the encrypted seed information is renewed periodically or on demand basis if earlier seed information has leaked out or may have leaked out and it is desired to reconfigure the control server 140 to no longer accept the old seed information.
  • Fig. 5 shows a flow chart illustrating a method of an example embodiment in the apparatus 120. The method comprises:
  • Fig. 6 shows a flow chart illustrating a method of an example embodiment in the control server 140, comprising:
  • Fig. 7 shows a flow chart illustrating a method of an example embodiment in the provisioning computer 150 comprising:
  • the seed information comprises credentials for an apparatus 120 to obtain settings information.
  • the processors 210, 320 and 420 can be implemented using any known processing circuitries.
  • the processor can be implemented using one or more discrete or integrated parts and the processor may also be configured to have further functionalities.
  • suitable elements for any or all of the processors comprise any one or more of: a master control unit (MCU); a microprocessor; a digital signal processor (DSP); an application specific integrated circuit (ASIC); a field programmable gate array; and a microcontroller.
  • a technical effect of one or more of the example embodiments disclosed herein is that various apparatus can be manufactured and provisioned to contain desired settings without need to entrust the settings information to the manufacturers or suppliers of the apparatuses.
  • Another technical effect of one or more of the example embodiments disclosed herein is that the settings information can be freely updated after manufacture of the apparatuses so that apparatuses may automatically gain up-to-date settings on taking into use.
  • Yet another technical effect of one or more of the example embodiments is that industry standard components such as subscriber identity module cards and their reader circuitries and firmware can be used to deploy encrypted seed information with subscriber identity modules.
  • Embodiments of the present invention may be implemented in software, hardware, application logic or a combination of software, hardware and application logic.
  • the software, application logic and/or hardware may reside on a persistent memory of an apparatus, on trusted execution environment memory or on a plug-in memory. If desired, part of the software, application logic and/or hardware may reside on a persistent memory of an apparatus, on trusted execution environment memory or on a plug-in memory.
  • the application logic, software or an instruction set is maintained on any one of various conventional computer-readable media.
  • a "computer-readable medium” may be any non- transitory media or means that can contain, store, communicate, propagate or transport the instructions for use by or in connection with an instruction execution system, apparatus, or device, such as a computer, with one example of a computer described and depicted in Fig. 2.
  • a computer-readable medium may comprise a computer-readable storage medium that may be any media or means that can contain or store the instructions for use by or in connection with an instruction execution system, apparatus, or device, such as a computer.
  • the different functions discussed herein may be performed in a different order and/or concurrently with each other. Furthermore, if desired, one or more of the before-described functions may be optional or may be combined.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un équipement de locaux de client comportant au moins un processeur configuré pour communiquer avec un module d'identité d'abonné d'un réseau de communication mobile et une mémoire stocke une clé de déchiffrement dans la mémoire. Le ou les processeurs obtiennent à partir du module d'identité d'abonné des informations de graine chiffrées, déchiffrent les informations de graine chiffrées à l'aide de la clé de déchiffrement et obtiennent de nouvelles informations de paramètres destinées à l'appareil à l'aide des informations de graine.
PCT/FI2017/050176 2017-03-16 2017-03-16 Procédé et appareil de mise à jour de paramètres de dispositifs distribués Ceased WO2018167352A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
PCT/FI2017/050176 WO2018167352A1 (fr) 2017-03-16 2017-03-16 Procédé et appareil de mise à jour de paramètres de dispositifs distribués
EP17717472.9A EP3596956A1 (fr) 2017-03-16 2017-03-16 Procédé et appareil de mise à jour de paramètres de dispositifs distribués
CN201780090805.1A CN110622537B (zh) 2017-03-16 2017-03-16 用于更新分布式设备的设置的方法和装置

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/FI2017/050176 WO2018167352A1 (fr) 2017-03-16 2017-03-16 Procédé et appareil de mise à jour de paramètres de dispositifs distribués

Publications (1)

Publication Number Publication Date
WO2018167352A1 true WO2018167352A1 (fr) 2018-09-20

Family

ID=58547549

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2017/050176 Ceased WO2018167352A1 (fr) 2017-03-16 2017-03-16 Procédé et appareil de mise à jour de paramètres de dispositifs distribués

Country Status (3)

Country Link
EP (1) EP3596956A1 (fr)
CN (1) CN110622537B (fr)
WO (1) WO2018167352A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080046583A1 (en) * 2006-08-15 2008-02-21 Bindu Rao Device Management System For Mobile Devices That Supports Multiple-Point Transport
WO2015162539A1 (fr) * 2014-04-24 2015-10-29 Pismo Labs Technology Ltd. Procédés et systèmes de configuration de système
DE102014014561A1 (de) * 2014-09-30 2016-03-31 Giesecke & Devrient Gmbh Verfahren und System zum Personalisieren eines Sicherheitselements eines mobilen Endgeräts

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101281495A (zh) * 2007-04-02 2008-10-08 北京华旗资讯数码科技有限公司 利用移动存储装置对文件加密的方法
CN101281498A (zh) * 2007-04-02 2008-10-08 北京华旗资讯数码科技有限公司 加密型移动存储装置

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080046583A1 (en) * 2006-08-15 2008-02-21 Bindu Rao Device Management System For Mobile Devices That Supports Multiple-Point Transport
WO2015162539A1 (fr) * 2014-04-24 2015-10-29 Pismo Labs Technology Ltd. Procédés et systèmes de configuration de système
DE102014014561A1 (de) * 2014-09-30 2016-03-31 Giesecke & Devrient Gmbh Verfahren und System zum Personalisieren eines Sicherheitselements eines mobilen Endgeräts

Also Published As

Publication number Publication date
CN110622537B (zh) 2023-08-22
CN110622537A (zh) 2019-12-27
EP3596956A1 (fr) 2020-01-22

Similar Documents

Publication Publication Date Title
KR102325912B1 (ko) 디바이스에 대한 총체적 모듈 인증
US11025611B2 (en) Method and apparatus of constructing secure infra-structure for using embedded universal integrated circuit card
US9264410B2 (en) Dynamic configuration of trusted executed environment resources
US20080209206A1 (en) Apparatus, method and computer program product providing enforcement of operator lock
US20140357229A1 (en) Method and apparatus for setting profile
US20140228001A1 (en) Controlling Application Access to Mobile Device Functions
CN103155613A (zh) 用于提供访问证书的方法和装置
US20170093586A1 (en) Techniques for managing certificates on a computing device
US20200045549A1 (en) Iot device connectivity provisioning
US9032186B2 (en) Utilization of a microcode interpreter built in to a processor
US11303439B2 (en) Method of and device for performing authentication using hardware security module in oneM2M environment
US11290870B2 (en) Combined migration and remigration of a network subscription
US9323911B1 (en) Verifying requests to remove applications from a device
US20170201878A1 (en) Method and apparatus for safe network access point detection
EP2490395A1 (fr) Procédé et système de contrôle d'accès pour communication en champ proche
US10484379B2 (en) System and method for providing least privilege access in a microservices architecture
CN113765950B (zh) 物联网设备、服务器及软件更新方法
WO2018167352A1 (fr) Procédé et appareil de mise à jour de paramètres de dispositifs distribués
US11777742B2 (en) Network device authentication
CN116599740B (zh) 单点登录方法、装置及可读存储介质
TWI754950B (zh) 物聯網設備、伺服器及軟體更新方法
JP2018041216A (ja) 認証システム及び認証方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17717472

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2017717472

Country of ref document: EP

Effective date: 20191016