Virtual subscriber identity module

摘要

A mobile trusted platform (MTP) configured to provide virtual subscriber identify module (vSIM) services is disclosed. In one embodiment, the MTP includes: a device manufacturer-trusted subsystem (TSS-DM) configured to store and provide credentials related to a manufacturer of the MTP; a mobile network operator-trusted subsystem (MNO-TSS) configured to store and provide credentials related to a mobile network operator (MNO); and a device user/owner-trusted subsystem (TSS-DO/TSS-U) configured to store and provide credentials related to user of the MTP. The TSS-MNO includes a vSIM core services unit, configured to store, provide and process credential information relating to the MNO. The TSS-DO/TSS-U includes a vSIM management unit, configured to store, provide and process credential information relating to the user/owner of the MTP. The TSS-DO/TSS-U and the TSS-MNO communicate through a trusted vSIM service.

主权项

1. In a mobile trusted platform (MTP) residing on a wireless transmit/receive unit (WTRU), wherein the MTP comprises at least a first and a second trusted subsystem, a method comprising:
establishing, by the first trusted subsystem that is configured to store and provide credentials related to a manufacturer of the MTP or the WTRU, a second trusted subsystem controlled by a remote stakeholder, the second trusted subsystem being separate and insulated from the first trusted subsystem such that the credentials related to the manufacturer cannot be accessed by the second trusted subsystem; receiving, at the second trusted subsystem, a message from a point of sale (POS), the message having been digitally signed by the POS and the message comprising a certificate of the POS digitally signed by the remote stakeholder; and verifying, by the second trusted subsystem, the digital signature of the POS on the message and verifying the digital signature of the remote stakeholder on the certificate, whereby a trustworthiness of the POS is certified by the remote stakeholder.