FIG. 1 illustrates a portion of a conventional WiMAX communications network. As shown, the conventional WiMAX network includes a mobile terminal 100 in two-way communication with a web server 106 and a device management server 108. The two-way communication may take place over one or more wireless links, using any suitable wireless communication protocol (e.g., WiMAX, EV-DO, UMTS, etc.). Each of the web server 106 and the device management server 108 communicate with a back office 110 via one or more wired links.
The mobile terminal 100 may be any electronic device having wireless communication capability. For example, the mobile terminal 100 may be a cellular phone, personal digital assistant (PDA), laptop computer, desktop computer, etc. The mobile terminal 100 may further include a web browser or web client 102 and a device management client 104. Conventionally, within the mobile terminal 100, the web browser 102 communicates with the web server 106 and the device management client 104 communicates with the device management server 108. The web browser 102 and the device management client 104 operate independently and do not share or transfer information between one another.
Before the mobile terminal 100 is capable of accessing network services (e.g., multimedia services such as VoIP, Video, Internet, etc.) provided by a particular service provider, the mobile terminal 100 must be authorized and configured appropriately to do so. This is referred to as activation and initial configuration. Such activation and initial configuration over a wireless link is referred to as over-the-air activation and initial configuration.
Conventionally, over-the-air activation and initial configuration of mobile terminal 100 are performed in three steps:
1) subscription;
2) bootstrapping; and
3) device management.
Subscription is the process by which a user subscribes to network services provided by a service provider via a mobile terminal. Bootstrapping is a process by which the service provider provides some initial user credentials to the mobile terminal after the subscription step is complete. Device management is a session in which the service provider downloads and continuously updates relevant device configurations for accessing the service provider's network services.
A conventional over-the-air provisioning process will be described with regard to the communication flow embedded in FIG. 1. In FIG. 1, the arrows and corresponding numbers refer to message or communication flows.
In FIG. 1, messages 1-4 are considered part of the subscription step, while messages 5-6 are considered part of the bootstrapping step. Message 7 begins a standard device management process, which is well-known in the art. Various existing standards protocols, such as simple network management protocol (SNMP), Open Mobile Alliance Device Management (OMA-DM), and TR-069, may be used to provide device management.
Referring to FIG. 1, (at 1) the mobile terminal 100 transmits one or more messages to the web server 106 (also referred to as a provisioning server) via the web browser 102. The message may be in accordance with the well-known hyper-text transfer protocol (HTTP). These messages may include subscription information, such as, the user's billing address, credit card information, etc.
In a more specific example, upon attempting to access the Internet, the mobile terminal 100 may be hot-lined or re-directed to the web server 106. The web server displays various options for pay-for-access to network services. The web server 106 sends a web page to the web browser 102 with this information. The web browser 102 presents the received web page to the user via a display.
Upon receiving this web page, the user enters personal and billing information at the web page (e.g., via a keyboard, mouse, mobile device keyboard, etc.) and submits the information to the web server 106. In most cases, the information is submitted by clicking a “SUBMIT” link. The submission of the user's information enters the user into a contract with the service provider. In most cases, this contract entails the user paying for access to the service provider's network services.
Still referring to FIG. 1, upon receiving the subscription information from the mobile terminal 100, the web server 106 sends the user's subscription information to the back-office 110 (at 2). A back-office is a term used to describe various elements used by a service provider to handle subscriber information. In one example, back-office 110 may comprise a collection of servers and computers at a single or multiple network entities within a service provider's core network. Operations and processes performed at the back-office 110 may be performed as computer implemented processes with or without human operator intervention.
Still referring to FIG. 1, the back-office 110 adds the user to a subscriber database, and upon completion, acknowledges that the subscription was successful by sending an acknowledgement message to the web server 106 (at 3). Upon receiving the successful subscription acknowledgement from the back-office 110, the web server 106 transmits a web page back to the web browser 102 (at 4). The web browser 102 displays the web page to the user via the display. The web page may include text indicating to the user that the subscription process was successful.
Still referring to FIG. 1, the back-office 110 then populates the device management server 108 with user credentials for the newly subscribed user (at 5). The device management server 108 then pushes the supplied user credentials to the device management client 104 (at 6) thereby bootstrapping the mobile terminal 100. In response to receiving the user credentials, the device management client 104 contacts the device management server to begin a device management session (at 7).
Conventionally, subscription and bootstrapping are two separate and independent processes handled by different systems and network elements. That is, the subscription step is handled by the web browser 102 and the web server 104, while the bootstrapping step is handled by the device management client 104 and the device management server 108. Performing these two operations separately, however, has a number of drawbacks.
First, a relatively large number of network elements and systems need to be deployed in the network by the service provider. Secondly, a relatively high degree of coordination between the subscription and bootstrapping systems is required. In addition, pushing the initial user credentials to a mobile terminal may be very difficult (even impossible) when the mobile terminal is behind a firewall. Moreover, separate bootstrapping processes require separate encryption mechanisms to guarantee security of the delivered user credentials. In most cases, these encryption mechanisms are custom-designed for each type of access technology. Conventionally, no universal mechanism to perform bootstrapping exists.