| 发明名称 |
SECURITY AND PRIVACY ENHANCEMENTS FOR SECURITY DEVICES |
| 摘要 |
A tamper-resistant security device, such as a subscriber identity module or equivalent, has an AKA (Authentication and Key Agreement) module for performing an AKA process with a security key stored in the device, as well as means for external communication. The tamper-resistant security device includes an application that cooperates with the AKA module and an internal interface for communications between the AKA module and the application. The application cooperating with the AKA module is preferably a security and/or privacy enhancing application. For increased security, the security device may also detect whether it is operated in its normal secure environment or a foreign less secure environment and set access rights to resident files or commands that could expose the AKA process or corresponding parameters accordingly. |
| 申请公布号 |
US2014304768(A1) |
申请公布日期 |
2014.10.09 |
| 申请号 |
US201414309221 |
申请日期 |
2014.06.19 |
| 申请人 |
Telefonaktiebolaget LM Ericsson (publ) |
发明人 |
NÄSLUND Mats;Norrman Karl;Goldbeck-Löwe Tomas |
| 分类号 |
H04L29/06 |
主分类号 |
H04L29/06 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A Subscriber Identity Module (SIM) device for use in a mobile terminal, comprising:
memory configured to store user credentials including at least a security key; a hardware or computer-implemented Authentication and Key Agreement (AKA) module configured to perform AKA processing with the security key; an external hardware communications interface configured to receive AKA processing commands from the mobile terminal and to return processing results performed in the SIM device in response to the AKA processing commands; a hardware or computer-implemented security and/or privacy enhancing application configured to cooperate with the AKA module and to perform (i) enhanced security pre-processing of an AKA input parameter associated with an AKA processing command received via the external hardware communications interface and/or (ii) enhanced security post-processing of an AKA output parameter associated with the AKA processing received from the AKA module to generate a further AKA input and/or output parameter which has an enhanced security as compared to the received AKA input and/or output parameter; and an application interface internal to the SIM device between the AKA module and the security and/or privacy enhancing application, wherein the SIM device is configured to perform all the AKA processing and steps related to security enhancing in the SIM device. |
| 地址 |
Stockholm SE |
