IPC분류정보
국가/구분 |
United States(US) Patent
등록
|
국제특허분류(IPC7판) |
|
출원번호 |
US-0176727
(2002-06-21)
|
등록번호 |
US-8296575
(2012-10-23)
|
우선권정보 |
FI-20011406 (2001-06-29) |
발명자
/ 주소 |
|
출원인 / 주소 |
|
대리인 / 주소 |
|
인용정보 |
피인용 횟수 :
0 인용 특허 :
31 |
초록
▼
The invention relates to an electronic device, which comprises an operational unit and a user-specific module. Data in the device, necessary for checking the user-specific module, is protected with a key of the encryption method employed by the device manufacturer. A verification key of the encrypti
The invention relates to an electronic device, which comprises an operational unit and a user-specific module. Data in the device, necessary for checking the user-specific module, is protected with a key of the encryption method employed by the device manufacturer. A verification key of the encryption method employed by the electronic device manufacturer is stored in the operational unit, by means of which verification key the data necessary for checking the user-specific module is verified.
대표청구항
▼
1. A method for protecting, an electronic communication device having an operational unit and a user-specific module, comprising storing, at a time prior to a first use of the electronic communication device by a user associated with the user-specific module, a checking program for checking the user
1. A method for protecting, an electronic communication device having an operational unit and a user-specific module, comprising storing, at a time prior to a first use of the electronic communication device by a user associated with the user-specific module, a checking program for checking the user-specific module in the operational unit, the checking program being used to check compatibility of the user-specific module with the operational unit;protecting, at the time prior to the first use of the device, the checking program with a key of an encryption method for use by a protection performer; andstoring, at the time prior to the first use of the device, in the operational unit, a verification key of the encryption method used by the protection performer for verifying the authenticity of the checking program so that the authenticity of the checking program can be verified before being used for checking the compatibility of the user-specific module with the operational unit making altering of the checking program and unauthorized use of the electronic communication device more difficult. 2. The method according to claim 1, further comprising: performing the protection of the checking program with a secret key of a public key encryption method used by the protection performer; andstoring the public key of the public key encryption method in the operational unit to serve as the verification key. 3. The method according to claim 1, further comprising performing the protection of the checking program by signing the checking program by a public key encryption method using a secret key of the protection performer; andstoring in the operational unit of the electronic device the public key of the public key encryption method employed by the protection performer for verifying the signature of the checking program to serve as the verification key. 4. The method according to claim 1, further comprising performing the protecting of the checking program by encrypting the checking program by a public key encryption method using a secret key of the protection performer; andstoring in the operational unit of the electronic device the public key of the public key encryption system employed by the protection performer for decrypting the checking data to serve as the verification key. 5. The method according to claim 1, further comprising protecting of the checking program by a MAC encryption method, and storing a key of the MAC encryption method in the operational unit for verifying the checking program to serve as the verification key. 6. The method according to claim 1, wherein the user-specific module is a SIM module, and wherein the checking program is stored in a security state of the electronic communication device in the encrypted form, andwherein the verification key of the encryption method is stored in the security state of the electronic device for verifying the checking program. 7. A method for checking an electronic communication device having an operational unit and a user-specific module wherein a checking program is stored in the operational unit for checking the user-specific module, the checking program being stored in the operational unit at a time prior to a first use of the electronic communication device by a user associated with the user-specific module, the checking program being used to check compatibility of the user-specific module with the operational unit and wherein the checking program is encrypted, at the time prior to the first use of the electronic communication device, with a key of an encryption method for use by a protection performer, and further wherein a verification key of the encryption method is stored in the operational unit for use by the protection performer for verifying the checking program, the verification key being stored in the operational unit at the time prior to the first use of the electronic communication device; the method further comprising: verifying the correctness of the checking program by using the verification key of the encryption method so that the authenticity of the checking program can be verified before being used for checking the compatibility of the user-specific module with the operational unit making altering of the checking program and unauthorized use of the electronic communication device more difficult, and if the verification fails, at least preventing the electronic communication device from being connected to a radio network;if the verification is successful, checking the user-specific module by means of the checking program; andif the user-specific module check succeeds, starting the electronic communication device or if the user-specific module check fails at least preventing the electronic communication device from being connected to the radio network. 8. The method according to claim 7, wherein the checking program is protected by a public key encryption method using a secret key of the protection performer, and further wherein the public key of the public key encryption method is stored in the operational unit of the electronic device for verifying the checking program; the method comprising verifying the checking program by using the public key of the public key encryption method. 9. The method according to claim 8, wherein the checking program, is protected with a signature that is provided by the public key encryption method using the secret key of the protection performer, and wherein the checking program is verified by checking the signature using the public key of the public key method. 10. The method according to claim 8, wherein the checking program, is encrypted by the public key encryption method using the secret key of the protection performer, and further wherein the checking program is verified by decrypting the checking program necessary for checking the user-specific module by means of the public key of the public key method. 11. The method according to claim 7, wherein the checking program, is protected by a MAC encryption method, and wherein; the program is verified with a key of the MAC encryption method. 12. The method according to claim 7, wherein the user specific module is a SIM module, and the checking program is used for checking the SIM module, wherein the checking program is stored in a security state of the electronic communication device for verifying the checking program, and further wherein the verification of the checking program is performed in the security state. 13. The method according to claim 7, wherein the user-specific module is a SIM module, and the checking program checks the checking program and checks for an operator identifier. 14. The method according to claim 9, wherein the user-specific module is checked by comparing a signature check sum with a program check sum; and if the check sums tally, the electronic device is started, or if the check sums do not tally, at least the connection of the electronic device to the radio network is blocked. 15. The method according to claim 7, wherein the user-specific module is a SIM module, and the electronic communication device includes a verification key of an encryption method of an operator, said verification key being protected with a key used by the protection performer, the method comprising: starting the terminal equipment irrespective of the SIM module check comprises the steps of:receiving a signal which comprises a SIM-module-check-OK parameter, which is protected with a key of the encryption method employed by the operator and which controls the terminal equipment to start irrespective of the SIM module check result;verifying the parameter by using a verification key; andstoring the SIM-module-check-OK parameter in the mobile equipment. 16. The method according to claim 15, wherein the parameter is protected by signing it with a secret key of the encryption method employed by the operator, the method comprising verifying the correctness of the parameter by checking the signature with a public key of the encryption method. 17. The method according to claim 15, wherein the parameter is protected by encrypting it with a secret key of the encryption method employed by the operator, the method comprising verifying the correctness of the parameter by decrypting it with a public key of the encryption method. 18. The method according to claim 15, further comprising performing the protection by a MAC encryption method, and verifying the parameter with a key of the MAC encryption method. 19. The method according to claim 15, further comprising checking the SIM-module-check-OK parameter for the terminal equipment start-up. 20. The method according to claim 1 wherein the protection performer is the electronic device manufacturer. 21. An electronic communication device, having an operational unit and a user-specific module comprising: a checking program adapted to cause the operational unit to check the user-specific module, the checking program being stored in the operational unit at a time prior to a first use of the electronic communication device by a user associated with the user-specific module, the checking program being used to check compatibility of the user-specific module with the operational unit, wherein the checking program is protected, at the time prior to the first use of the electronic communication device, with a key of an encryption method employed by a protection performer, and wherein a verification key of the encryption method is stored in the operational unit for verifying the checking program, the verification key being stored in the operational unit at the time prior to the first use of the electronic communication device, and wherein the operational unit is further caused:to verify the correctness of the checking program by using the verification key of the encryption method so that the authenticity of the checking program can be verified before being used for checking the compatibility of the user-specific module with the operational unit making altering of the checking program and unauthorized use of the electronic communication device more difficult, and if the verification fails, to restrict its operation at least by not connecting to the radio network; andif the verification is successful, to check the user-specific module by means of the checking program; and start the electronic communication device, if the user-specific module check succeeds, or to restrict its operation at least by not connecting to the radio network, if the user-specific module check fails. 22. The device according to claim 21, wherein the checking program is protected by a public key encryption method using a secret key of the protection performer, and a public key of the public key encryption method employed by the protection performer is stored in the operational unit of the electronic device for verifying the checking program; and the electronic communication device is arranged to verify the checking program by using the public key of the public key encryption method. 23. The device according to claim 22, wherein the checking program, is protected by a signature, which is provided by the public key encryption method using the secret key of the protection performer; and the electronic communication device is arranged to verify the checking program by checking the signature with the public key of the public key method. 24. The device according to claim 22, wherein the checking program, is encrypted by the public key encryption method, using the secret key of the protection performer, and the electronic communication device is arranged to verify the program necessary for checking the user-specific module by decrypting the checking program by means of the public key of the public key encryption method. 25. The device according to claim 21, wherein the program in the electronic device, necessary for checking the user-specific module is protected by a MAC encryption method, and the electronic communication device is arranged to verify the program necessary for checking the user-specific module with a key of the MAC encryption method. 26. The device according to claim 21, wherein the user-specific module is a SIM module, and the checking program and a key of the encryption method are stored in a security state of the electronic communication device; and the operational unit is arranged to verify the checking program in the security state. 27. The device according to claim 21, wherein the user-specific module is a SIM module, and the checking program checks the user-specific module and an operator identifier. 28. The device according to claim 23, wherein the operational unit is arranged to check the user-specific module by comparing a check sum of the signature with a check sum of the checking program; and if the check sums tally, the electronic communication device is arranged to continue the check, or if the check sum do not tally, the electronic device is arranged to restrict its operation at least by not connecting to the radio network. 29. The device according to claim 21, wherein the user-specific module is a SIM module, and the operating unit includes a verification key of an encryption method employed by an operator, which operator verification key is protected with a key of the encryption method employed by the protection performer, and wherein the SIM module check is ignored if the operational unit is arranged to receive a signal which comprises a SIM-module-check-OK parameter, which is protected with the key of the encryption method of the operator and which allows the operational unit to start irrespective of the SIM module check result;the operational unit is arranged to verify the parameter by using the operator verification key; andthe operational unit is arranged to store the parameter in the electronic communication device. 30. The device according to claim 29, wherein the parameter is protected by signing the parameter with a secret key of the encryption method employed by the operator, and the operational unit is arranged to verify the parameter by checking the signature using a public key of the encryption method. 31. The device according to claim 29, wherein the parameter is protected by encrypting the parameter with a secret key of the encryption method employed by the operator, and the operational unit is arranged to verify the parameter by decryption with a public key of the encryption method. 32. The device according to claim 29, wherein the protection is performed by a MAC encryption method, and the operational unit is arranged to verify the parameter with a key of the MAC encryption method. 33. The device according to claim 29, wherein the operational unit is arranged to check the SIM-module-check-OK parameter for the mobile equipment start-up. 34. The device according to claim 21, wherein the protection performer is an electronic communication device manufacturer. 35. An apparatus comprising: an operational unit and a user-specific module, configured to communicate with a radio network; and wherein data used to check compatibility of the user-specific module with the operational unit is stored in the operational unit at a time prior to the first use of the apparatus by a user associated with the user-specific module, the data being protected, at the time prior to the first use of the apparatus, with a key of an encryption method employed by a protection performer;a verification key of the encryption method employed by the protection performer is stored in the operational unit of the user equipment for verifying the correctness of the data in the operational unit necessary for checking the user-specific module, the verification key being stored in the operational unit at the time prior to the first use of the apparatus;the apparatus is configured to verify the data necessary for checking the user-specific module by using the verification key of the encryption method so that the authenticity of the checking program can be verified before being used for checking the compatibility of the user-specific module with the operational unit making altering of the checking program and unauthorized use of the apparatus more difficult;if the verification fails, to restrict operation of the apparatus, at least by not connecting to the radio network;if the verification is successful, to check the user-specific module by means of the data necessary for checking the user-specific module; andto start the apparatus, if the user-specific module check succeeds, or to restrict its operation at least by not connecting to the radio network if the user-specific module check fails. 36. The apparatus according to claim 35, wherein the user-specific module is a SIM module, and the checking program and a key of the encryption method are stored in a security state of the apparatus; and the operational unit is arranged to verify the checking program in the security state. 37. A computer program product stored in the memory of an electronic communication device comprising computer readable code that, when executed in the electronic communication device, performs the method according to claim 1.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.