Security and privacy represent important issues in modern communications when network-enabled devices such as mobile phones, personal computers, routers, set-top boxes and the like communicate over fixed or wireless networks. There are a number of scenarios where a network-enabled device is to be provisioned with sensitive material from a remote update server. Such sensitive material, referred to herein as downloadable data objects, may include, by way of example, device specific digital identity data, configuration information and device entitlements.
Device specific digital identity data typically consists of a set of cryptographic keys and, if public key cryptography is used, their associated digital certificates. Configuration information generally includes a set of parameters that a network operator requires network-enabled devices to use when operating in their network. For example, a cable network operator may require parameters pertaining to timeouts, the number of retries that are allowed and the channel map that is used to be downloaded to set top boxes used in their networks. Device entitlements may be, for instance, a license which a network operator requires network-enabled devices to possess in order to perform certain functions, access resources, and provide features. For example, a mobile device can have both CDMA and GSM capabilities, but the network operator may require a license to be downloaded to the device before it is able to roam in both types of networks.
For various security, operational, and system upgrade reasons, new downloadable data objects may periodically need to be delivered to these devices. The manner in which the data objects are delivered may depend on a number of factors. For instance, the downloadable data objects may be protected by previously installed digital identity data previously. Some network-enabled devices may already have been personalized with digital identity data at the factory before being distributed to customers. However, for devices with unusable identity data or without initially installed identity data, other protection mechanisms may need to be used.
Systems for downloading data objects exist which allow new or replacement downloadable data objects to be securely delivered and installed in network-enabled devices that are deployed and managed by different network operators without having to recall the devices to service centers.