The present invention relates to a system for updating electronic memory over a network. More specifically, the present invention relates to a system for updating the electronic memory of a mobile unit using a secured procedure thereby preventing tampering with sensitive information.
A remote or mobile unit may need to have its software/firmware updated because of defects in the software or the addition of new features for the software/firmware. Such remote units may be cellular telephones, PC cards, and the like. These remote units may have various computer programs that enable the remote unit to function properly. Current solutions to updating remote units force the user of the remote unit to choose between physically transporting the remote unit to a service center, or updating the system over a network without proper security features to prohibit tampering with sensitive information that may be contained in the remote unit or from the provider of the update program.
Further, due to governmental regulations to combat cellular telephone fraud, the owner or user of the remote unit may only have one choice to update the program of the remote unit, that being to physically transport the remote unit to a service center for updating of the computer program. The choice of updating the computer program over a network in an unsecured procedure would be prohibited by governmental regulations in order to prevent cellular telephone fraud.
In current network updating procedures, a remote unit will be connected to a network such as the Internet, and access a server that contains the new update program. The server will transfer the new update program to the remote unit, and the program will be implemented into the remote unit. A problem occurs when the remote unit has been cloned thereby allowing the cloned cellular telephone or other remote unit to have access to the new updated program furthering the cellular telephone fraud. Cellular telephones or other remote units are cloned by getting access to their computer programs. The perpetrators of the fraud acquire valid mobile identification numbers (MIN) and valid electronic serial numbers (ESN) through interception of these numbers over the cellular air waves. These valid MIN/ESN pairs are used to reprogram a remote unit such as a cellular telephone. It is such fraud that current government regulations seek to prevent by requiring programming and reprogramming of remote units such as cellular telephones at an authorized service center, thereby necessitating the physical transport of the remote unit to such service center.
Thus, in order to provide an owner or user of a remote unit with facilitated updating of the computer program of the remote unit, a secured system must be provided to enable an owner or user of a remote unit to update their program of the remote unit over a network such as the Internet.
The present invention provides a system for secured controlled updates of a remote unit software/firm ware over a network. The present invention is able to accomplish this by providing an authentication protocol that verifies a valid remote unit and a valid update program.
One aspect of the present invention is a system for updating software programs of remote units in a controlled secure manner over a network. The system includes a remote programmable unit, an authentication server and an update server. The remote programmable unit has multiple software programs and a memory for storing programs, and it is adapted for connection to the network. The authentication server is disposed at a fixed site and accessible over the network. The authentication server verifies the authenticity of the remote programmable unit and provides an encryption key image to the remote programmable unit over the network. The update server is disposed at a fixed site and accessible over the network. The update server provides an encrypted update file program to the remote programmable unit over the network. The remote programmable unit decrypts the encrypted update file program with the encryption key image from the authentication server to update one of its software programs.
The remote unit may be a PC card or a cellular telephone. The system may also include a flasher host to provide connection to the network for the remote programmable unit. The authentication server may be integrated with the update server. The network may be the Internet, or an intracompany network. The remote programmable unit may be able to communicate with the flasher host over a cellular network.
Another aspect of the present invention is a method for updating software programs for remote units over a network in a secure controlled manner. The first step of the method is transmitting a request for a software update for a remote unit over a network. The next step is verifying the authenticity of a communication from an authentication server to the remote unit. The communication contains an encryption key to decode the update program for the software. The next step is transmitting the software program update from an update server to the remote unit. The next step is decrypting the update program with the encryption key. The final step is updating the software of the remote unit.
The authenticity of the communication may be verified by communicating a first random number from the authentication server to the remote unit, communicating a second random number from the remote unit to the authentication server, and then communicating a challenge response, based on the first and second random numbers, from the authentication server to the remote unit.
Another aspect of the present invention is a system for updating software programs via a network. The system includes a PC card, functions for transferring communications to the PC card over the network, functions for providing an encrypted update file program to the PC card, and functions for decrypting the update file program. The PC card has multiple software programs and a memory for storing software programs. The PC card is adapted for connection to the network. The encrypted update file program allows the PC card to update a particular software program after the update file program is decrypted by the PC card. The decrypting key is provided to the PC card from a remote server via the network.