1. Field of the Invention
The present invention is directed to procedures for the control of access keys and the verification and control of rights of access to and use of applications stored in a subscriber identity module in a mobile telecommunications network.
2. Description of the Related Art
With the development of mobile communication networks, especially GSM (Global System for Mobile Communications) networks, has come an accompanying and corresponding increase in and development of the services offered through such networks. Problems have however been encountered, particularly (though not exclusively) in applications making use of mobile communication networks and requiring a high level of data securityxe2x80x94e.g. in payments for services, ordering, order confirmation, payment orders, bank services, etc.xe2x80x94in connection with secure application-specific control of keys (e.g. encryption, decryption, access and security keys, and passwords) and billing of license fees for operator-independent services. These problems are accentuated by the fact that subscriber identity modules (SIMs) used in CSM terminals are manufactured by a number of different and unrelated enterprises and that there are many companies offering applications and a variety of operators delivering subscriber identity modules to customers. In addition, the applications used to provide services in a GSM network are often produced by outside software suppliers or the like, as a result of which the licenses for the applications belong to those outside software suppliers.
If a license fee is to be charged for the use of an application, it is necessary to carefully follow or monitor usage of the application and define the limits within which the application may be used. No solution has heretofore been presented to meet these requirements, particularly one that allows centralized control over subscriber identity modules and of the passwords relating to applications stored in the SIMs.
It is accordingly the desideratum of the present invention to overcome and eliminate the drawbacks and deficiencies of the prior art, as for example described hereinabove.
It is a particular object of the invention to provide a new type of procedure which is applicable to the control of keys to applications that make use of the subscriber identity module (SIM) and to the control of license agreements relating to such applications and their use, such that the procedure can be easily implemented in a centralized form independent of the fact of different suppliers of the applications.
A further object of the invention is to provide a procedure having a high level of data security that allows flexible and reliable safeguarding of the interests of the operator, module manufacturer, application developers and users of applications.
These and other objects and features of the invention are realized in accordance, by way of preferred embodiment, with the following description and disclosure of a procedure for the control of applications stored in a subscriber identity module. The inventive procedure may by way of example, and typically will, be implemented and practiced in a data communication system that includes a data communication network and a terminal device connected to the data communication network. A preferred data communication network is a GSM network and a preferred terminal device is a GSM mobile or wireless telephone. The GSM telephone includes or is provided with a connected or connectable subscriber identity module (SIM) in which an application is stored; the SIM, inter alia, utilizes the data communication network and is used via the terminal device for banking and/or other available services. The data communication system also includes an application control server that is connected to the data communication network. The application control server is preferably a computer or equivalent which is provided with means for setting up a connection to the data communication network and with software for implementing the required applications. That software is preferably managed by service providers or by data communication suppliers that provide management services.
In accordance with the invention, a key list comprising one or more application specific keys is stored in the subscriber identity module. The key list is preferably linked or connected with the subscriber identity module by using a unique identifier associated with that subscriber identity module. A corresponding list is also stored in the application control server and the application stored in the subscriber identity module is activated and/or closed using the key list.
Thus, in the inventive procedure, a list of the keys K(1), K(2), K(n) and KA(1) and KA(2) needed for activating or closing different applications on a SIM of or associated with (but in any event connected to) a mobile station are stored on that SIM. The SIMxe2x80x94which may be a fixed or replaceable component of the mobile station or a smart card or the like associated or usable with the mobile stationxe2x80x94preferably also contains or stores one or more modules operable for activating and closing (i.e. deactivating) the application. In conjunction with its manufacture, the SIM has been initialized with a security module as is currently known in the art. The activating/closing module is used to ensure that the applicationxe2x80x94such as an electronic signature utilizing the SIM or smart cardxe2x80x94can if necessary be activated and/or closed by the key control system. Thus, the procedure of the invention implements application-specific key control in addition to that functionality provided by heretofore known SIM smart card key control systems.
The inventive application-specific key control system is cognizant of the keys needed for each application or applications, and these keys need not be known to the mobile communication operator""s key control system. The application-specific key control system of the invention can therefore be separated from the operator""s key control systems, which advantageously makes it possible to provide a service that is independent of the data communication network and operator. The key control system responsible for the application need not know the teleoperator""s keys which are used in a well-known manner for user identification in basic mobile communication services. Key control for applications is instead implemented in a protected database, from which application-specific services utilizing the SIM card and requiring a high level of data security can be activated and closed.
As compared with prior art, the inventive procedure advantageously allows local identification of the user of services that require a high level of data security by all service providers in the networks of different operators, as well as centralized implementation of key control. The inventive procedure additionally permits and accommodates ready control and billing of user-specific payments and licenses for the use of different applications.
In an embodiment of the invention, the validity of the user""s right of access to the application stored in the subscriber identity module is verified periodically. If the attempted verification establishes that the access right has expired, then using an appropriate key the application in the subscriber identity module can be closed or terminated.
In conjunction with the activation of the application stored in the subscriber identity module, the subscriber identity module is sent a message concerning the opening of the application, said message containing the application key k(n) to be used in the application. At the application control server, the application key is linked or attached to the unique identifier corresponding to the subscriber identity module. Based on the stored key list, the right of access to the application is preferably verified at or in the application control server and, if a valid access right is found to exist, then the special data needed in the applicationxe2x80x94e.g. the service description and appropriate application-specific user interface codesxe2x80x94are transmitted to the SIM.
In some embodiments of the present invention, all messages between the application control server and the terminal device are encrypted without regard to the content of the message.