US20160134990A1 - Global platform for managing subscriber identity modules - Google Patents
Global platform for managing subscriber identity modules Download PDFInfo
- Publication number
- US20160134990A1 US20160134990A1 US14/997,033 US201614997033A US2016134990A1 US 20160134990 A1 US20160134990 A1 US 20160134990A1 US 201614997033 A US201614997033 A US 201614997033A US 2016134990 A1 US2016134990 A1 US 2016134990A1
- Authority
- US
- United States
- Prior art keywords
- state
- provisioning
- network
- wireless
- sim
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/183—Processing at user equipment or user record carrier
-
- H04W4/001—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/24—Accounting or billing
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/50—Service provisioning or reconfiguring
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W48/00—Access restriction; Network selection; Access point selection
- H04W48/18—Selecting a network or a communication service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/06—Registration at serving network Location Register, VLR or user mobility server
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/02—Processing of mobility data, e.g. registration information at HLR [Home Location Register] or VLR [Visitor Location Register]; Transfer of mobility data, e.g. between HLR, VLR or external networks
- H04W8/08—Mobility data transfer
- H04W8/12—Mobility data transfer between location registers or mobility servers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
- H04W8/205—Transfer to or from user equipment or user record carrier
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M2215/00—Metering arrangements; Time controlling arrangements; Time indicating arrangements
- H04M2215/20—Technology dependant metering
- H04M2215/2026—Wireless network, e.g. GSM, PCS, TACS
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M2215/00—Metering arrangements; Time controlling arrangements; Time indicating arrangements
- H04M2215/32—Involving wireless systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/26—Network addressing or numbering for mobility support
Definitions
- the wireless terminal has a Subscriber Identity Module (SIM), which contains the identity of the subscriber.
- SIM Subscriber Identity Module
- One of the primary functions of the wireless terminal with its SIM in conjunction with the wireless network system is to authenticate the validity of the wireless terminal (for example, a cell phone) and the wireless terminal's subscription to the network.
- the SIM is typically a microchip that is located on a plastic card, a SIM card, which is approximately 1 cm square. The SIM card is then placed in a slot of the wireless terminal to establish the unique identity of the subscriber to the network.
- the wireless terminal itself contains the subscriber identification and authentication functionality so that a separate SIM and/or SIM card is not utilized.
- an authentication key and a subscriber identification pair are stored in the SIM (or within the wireless terminal) in the SIM (or within the wireless terminal).
- An example of such a pair would be the authentication key Ki as used in GSM networks and the associated subscriber identification IMSI (International Mobile Subscriber Identity).
- Another example would be the authentication key A-Key and subscriber identification MIN (Mobile Identification Number) as used in CDMA and TDMA networks.
- a corresponding identical set of an authentication key and a subscriber identification are stored in the network.
- the authentication functionality is run using the local authentication key and some authentication data which is exchanged between the SIM and the network. If the outcomes of running the authentication functionality in the SIM and in the network leads to the same result, then the SIM/wireless terminal are considered to be authenticated for the wireless network.
- a SIM (or wireless terminal) has an authentication key associated with only one subscriber identification and this subscriber identity is typically tied to a local region or network.
- a SIM or wireless terminal
- the SIM or wireless terminal
- FIG. 1 illustrates an embodiment of a self-provisioning wireless system.
- FIG. 2A illustrates an example of authentication data structures in one embodiment.
- FIG. 2B illustrates an example of authentication data structures in another embodiment.
- FIG. 3 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network.
- FIG. 4A illustrates an embodiment of a process for provisioning or authentication of a wireless terminal in a network system.
- FIG. 4B illustrates another embodiment of a process for provisioning or authentication of a wireless terminal in a network system.
- FIG. 5 illustrates an embodiment of a process for self-provisioning or authentication, of a wireless terminal in a network system.
- FIG. 6 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network.
- FIG. 7 illustrates a block diagram of an embodiment of a system for mobile data communication provisioning.
- FIG. 8 is a flow diagram illustrating an embodiment of a process for mobile data communication provisioning.
- FIG. 9 is a block diagram illustrating an embodiment of a state definition.
- FIG. 10 illustrates an embodiment of a state transition rule definition.
- FIG. 11 is a flow diagram illustrating an embodiment of states of a channel sale model for provisioning and the transitions between the states.
- FIG. 12 is a flow diagram illustrating an embodiment of states of a retail sale model for provisioning and the transitions between the states.
- FIG. 13 is a flow diagram illustrating an embodiment of a process for provisioning wireless communication.
- the invention can be implemented in numerous ways, including as a process, an apparatus, a system, a composition of matter, a computer readable medium such as a computer readable storage medium or a computer network wherein program instructions are sent over optical, electronic or wireless communication links.
- these implementations, or any other form that the invention may take, may be referred to as techniques.
- a component such as a processor or a memory described as being configured to perform a task includes both a general component that is temporarily configured to perform the task at a given time or a specific component that is manufactured to perform the task.
- the order of the steps of disclosed processes may be altered within the scope of the invention.
- a system and method for provisioning a subscriber identification to a wireless terminal in a wireless network is disclosed.
- a control center receives transmission from a wireless network. The transmission indicates that a wireless terminal is roaming.
- the control center provisions a subscriber identification to the wireless terminal, where the subscriber identification is selected based at least in part on the identification of the wireless network in which the wireless terminal is roaming.
- the wireless terminal acquires wireless service from the wireless network as a local wireless terminal.
- the wireless terminal can operate as a local wireless terminal for that network, or for a network with which the local network has a preferred relationship.
- the wireless terminal can acquire telecommunications service as a local terminal by using a stored set of authentication key-subscriber identification that is specific to the network it is operating in.
- the wireless terminal can operate as a local terminal by receiving or downloading a specific set of authentication key-subscriber identification, or by receiving or downloading a subscriber identification to pair with an existing authentication key.
- FIG. 1 illustrates an embodiment of a wireless system.
- the wireless system includes a plurality of wireless terminals, represented in FIG. 1 by wireless terminal 100 , a plurality of wireless network base stations, represented by wireless network base stations 104 , wireless network center 106 , Home Location Register/Authentication Center (HLR/AuC) 108 , and provisioning server 110 capable of provisioning the wireless terminals.
- HLR/AuC Home Location Register/Authentication Center
- provisioning server 110 capable of provisioning the wireless terminals.
- HLR/AuC Home Location Register/Authentication Center
- Each wireless network center 106 includes, or is associated with, a HLR, a Mobile Switching Center/Visitor Location Register (MSC/VLR) and a Serving GPRS Service Node (SGSN), or Packet Data Serving Node (PDSN).
- the multiple wireless centers 106 may be operated by different network carriers, while HLR/AuC 108 and provisioning server 110 are operated by a global platform provider.
- Wireless terminal 100 includes a Subscriber Identity Module (SIM) which is either an attachable hardware card with a memory and a processor or a software object embedded in the wireless terminal.
- Wireless terminal 100 communicates with wireless network base stations 104 using wireless signal 102 . As a wireless terminal moves around it communicates with different wireless base stations.
- Wireless network base stations 104 communicate with wireless network center 106 .
- SIM Subscriber Identity Module
- Wireless network center 106 communicates with its associated HLR, where sets of authentication key-subscriber identification are stored, to help in authenticating a wireless terminal that is acquiring wireless network service.
- a subscriber identification is an international mobile subscriber identifier (IMSI).
- IMSI international mobile subscriber identifier
- Wireless network center 106 and its associated HLR communicate with provisioning server 110 to enable a wireless terminal to acquire a new subscriber identification that is paired with an existing authentication key and/or a new set of authentication key-subscriber identification.
- the transmission of the authentication key or the authentication key-subscriber identification is encrypted.
- the authentication key or the authentication key-subscriber identification is/are decrypted at the wireless terminal and/or in the SIM card.
- the old authentication key-new subscriber identification pair and/or the new set of authentication key-subscriber identification are added in the appropriate manner to the HLR/AuC 108 databases or the HLR databases associated with wireless network centers 106 so that the wireless terminal can be authenticated and can acquire wireless network service using the new subscriber identification and/or authentication key set.
- the wireless network system is a cellular system, a GSM/GPRS wireless system, a CDMA or WCDMA wireless system, or a TDMA wireless system, or any other type of wireless network system.
- FIG. 2A illustrates an example of authentication data structures in one embodiment.
- the authentication data structure for a wireless terminal is located in the SIM, and for the network in the HLR/AuC such as HLR/Auc 108 of FIG. 1 or the HLR associated with wireless network centers 106 .
- An authentication data structure (ADS) for a wireless terminal includes an authentication key (AK) and one or more subscriber identifications (SI) and is used to help authenticate a wireless terminal for a wireless network.
- the ADS for wireless terminal 1 includes one authentication key and one subscriber identification.
- the ADS for wireless terminal 2 includes one authentication key and three subscriber identifications.
- the ADS for wireless terminal N includes one authentication key and two subscriber identifications.
- the ADS for network includes the authentication key-subscriber identification entries for each of the wireless terminals. Entries for wireless terminal 1 , 2 , and N are shown. In some embodiments, there are more than one authentication keys where each authentication key has multiple subscriber identifications.
- FIG. 2B illustrates an example of authentication data structures in another embodiment.
- Authentication data structure (ADS) for a wireless terminal includes a Ki and one or more IMSI's.
- the ADS for wireless terminal 1 includes one Ki and one IMSI.
- the ADS for wireless terminal 2 includes one Ki and three IMSI's.
- the ADS for wireless terminal N includes one Ki and two IMSI's.
- the ADS for HLR/AuC includes the Ki-IMSI entries for each of the wireless terminals. Entries for wireless terminal 1 , 2 , and N are shown.
- FIG. 3 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network.
- the process of FIG. 3 is implemented on a wireless terminal such as wireless terminal 100 in FIG. 1 .
- a wireless signal is received from a wireless network.
- a wireless terminal receives wireless signals from a nearby network base station.
- a network identification is decoded from the wireless signal.
- the wireless signal includes a mobile network identification.
- the wireless terminal scans for the existing wireless system signals. When it finds a network system broadcast control channel (e.g. BCCH in GSM Systems), it decodes the broadcasted information to decode the Location Area Identifier (LAI).
- LAI Location Area Identifier
- the LAI is composed of a mobile country code, a mobile network code and a location area code. From the LAI, the wireless terminal can determine the country in which it is operating. In 304 , a subscriber identification is selected based on the decoded network identification. For example, LAI information can be matched with the subscriber identification of the wireless terminal, which includes a mobile country code, a mobile network code, and a mobile subscriber identification number. In various embodiments, the LAI mobile country code and subscriber identification mobile country code are matched or the LAI mobile network code and the subscriber identification mobile network code are matched.
- the selection of a subscriber identification is based at least in part on the pricing of different wireless networks, the billed account for that connection, a billed account for the wireless service, the application that will use the connection, an application using the wireless service (for example, one subscriber identification for data communication and a different subscriber identification for voice communication) or any other appropriate criteria for selecting a subscriber identification.
- wireless service is acquired from the wireless network.
- FIG. 4A illustrates an embodiment of a process for provisioning subscriber identification to a wireless terminal in a network system.
- wireless terminal 100 receives information from and transmits information to wireless network center 106 (and its associated HLR), HLR/AuC 108 , and provisioning server 110 using wireless signals 102 .
- wireless network center 106 (and its associated HLR), HLR/AuC 108 , and provisioning server 110 are collectively identified by numeral 402 .
- wireless terminal 100 listens to wireless signals 102 transmitted from network base stations 104 and decodes the mobile network identification from the transmitted information. For example, the wireless terminal scans for the existing wireless system signals.
- the wireless terminal When it finds a network system broadcast control channel (e.g. BCCH in GSM Systems), it decodes the broadcasted information to decode the Location Area Identifier (LAI).
- the LAI is composed of a mobile country code, a mobile network code and a location area code. From the LAI, the wireless terminal can determine the country in which it is operating.
- the wireless terminal receives a set of Subscriber Identification from network center, HLR/AuC, and provisioning server 402 and stores in its ADS.
- the wireless terminal chooses a Subscriber Identification with the same country code from its ADS.
- the Subscriber Identification is composed of a mobile country code, a mobile network code, and mobile subscriber identification number.
- the codes in the Subscriber Identification can be used to match a Subscriber Identification to the local network and/or country.
- the rest of the Subscriber Identifications stored in the wireless terminal's ADS may be made inactive for the duration of the session.
- the wireless terminal performs a location update with the visited wireless network using the new Subscriber Identification.
- the network center, HLR/AuC, and provisioning server 402 searches for the Subscriber Identification in its ADS and retrieves the corresponding Authentication Key.
- a challenge is generated (RAND) and with the Authentication Key is used to calculate a Response (SRES) using an authentication algorithm (A3).
- the RAND is sent to the wireless terminal and a response is requested.
- the wireless terminal uses the RAND with the Authentication Key from its ADS to independently calculate a SRES using encryption algorithm (A3) stored in its SIM.
- the SRES is sent to the network center and/or HLR/AuC and/or provisioning server 402 .
- authentication is passed if the received SRES matches the locally computed SRES, otherwise the authentication fails.
- FIG. 4B illustrates another embodiment of a process for provisioning subscriber identification to a wireless terminal in a network system.
- the wireless terminal will not contain an IMSI that matches the country code of the local network system.
- the wireless terminal can connect to the network using an IMSI with another country code and then receiving or downloading a local IMSI (i.e. with a matching country code).
- wireless terminal 400 B receives information from and transmits information to the network center, HLR/AuC, and provisioning server 402 B using cellular signals.
- wireless terminal 400 B listens to cellular signals transmitted from network towers and decodes the country code from the transmitted information.
- wireless terminal 400 B communicates, after being authenticated, with the provisioning server transmitting information including a country code and a terminal producer.
- the provisioning server chooses a new IMSI with a local country code.
- the new IMSI is added to the ADS of the HLR/AuC (or the HLR associated with the network system) corresponding to the wireless terminal (i.e. paired with the wireless terminal's Ki).
- the provisioning server sends the new IMSI to wireless terminal 400 B.
- wireless terminal 400 B adds the new IMSI to its ADS.
- wireless terminal 400 reestablishes its connection with the network system with the new IMSI as the active IMSI.
- communication may be established between the wireless terminal and a specific application server (i.e., a global platform provider's provisioning server or another server).
- this communication with a specific application server is encrypted.
- FIG. 5 illustrates an embodiment of a process for provisioning subscriber identification to a wireless terminal in a network system.
- the wireless terminal will not contain a Subscriber Identification that matches the network code and/or country code of the local network system.
- the wireless terminal can connect to the network using a Subscriber Identification with another network/country code and then receiving downloading a local Subscriber Identification (i.e. with a matching country code).
- wireless terminal 100 receives information from and transmits information to network center 106 (and its associated HLR), HLR/AuC 108 , and provisioning server 110 using wireless signals 102 .
- wireless terminal 100 listens to wireless signals transmitted from network base stations 104 and decodes the mobile network identification from the transmitted information similar to 404 of FIG. 4A .
- wireless terminal 100 communicates, after being authenticating using a process similar to 408 - 420 of FIG. 4A , with the provisioning server 110 transmitting information including a country code and a terminal producer.
- the provisioning server 110 chooses a new Subscriber Identification with a local country code and/or network code.
- the new Subscriber Identification is added to the ADS of the HLR/AuC 108 or the HLR associated with the visited network corresponding to the wireless terminal (i.e. paired with the wireless terminal's Authentication Key).
- the provisioning server 110 sends the new Subscriber Identification to wireless terminal 500 .
- wireless terminal 100 adds the new Subscriber Identification to its ADS.
- wireless terminal 100 reestablishes its connection with the network system with the new Subscriber Identification as the active Subscriber Identification.
- a specific application server e.g., a global platform provider's provisioning server or another server. In some embodiments, this communication with a specific application server is encrypted.
- FIG. 6 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network.
- a wireless signal is received from a wireless network.
- wireless service is acquired from the wireless network using a first subscriber identification.
- information is transmitted to the wireless network.
- a second subscriber identification which is selected by an application server (or provisioning server 110 of FIG. 1 ), is received. The second subscriber identification is selected based at least in part on one or more of the following: the wireless network, the wireless network identification, the base station that the wireless terminal is communicating with, the local country associated with the network, or any other appropriate criteria for selecting a subscriber identification.
- the first subscriber identification and the second subscriber identification are both paired with a single authentication key or the first subscriber identification is paired with a first authentication key and the second subscriber identification is paired with a second authentication key. In some embodiments, a second authentication key is received. In various embodiments, the subscriber identification and/or the authentication key are received after having been encrypted and need to be decrypted after having been received. In some embodiments, the subscriber identification is encrypted and decrypted using an authentication key.
- a subscriber identification and/or a authentication key is encrypted in an application server, in a provisioning server, in a wireless network server, or in a combination of an application/provisioning server and a wireless network server, or in any other appropriate place for the encryption.
- a subscriber identification and/or an authentication key is decrypted in a wireless terminal, in a SIM card, or in a combination of the SIM card and the wireless terminal, or in any other appropriate place for the decryption.
- authentication information is received—for example, a random number that has been encrypted using an authentication key, a subscriber identification that has been encrypted using an authentication key, or other information that has been encrypted using an authentication key or other appropriate key.
- wireless service is acquired from the wireless network using the second subscriber identification.
- Wireless communication provisioning using state transition rules associated with an identifier is disclosed.
- a first state associated with one or more identifiers is defined.
- a second state associated with one or more identifiers is defined.
- a state transition rule is defined between the first and second states.
- the one or more identifiers are stored in a subscriber identity module (SIM).
- SIM subscriber identity module
- a plurality of states are defined, a plurality of state transition rules are defined, and a group of states and transition rules are selected and associated with one or more identifiers.
- wireless communications comprise mobile data, mobile cellular communications, or any other appropriate wireless communications.
- a customer organization defines a sequence of states for devices that communicate data with a global platform provider's application server via one or more wireless carrier networks.
- the provider e.g., the global platform provider
- the plurality of states enables the activity of provisioning of a customer device or provider device used in the data communication with appropriate billing, access, and/or authorization for each activity especially with regard to testing, activation, deactivation, etc.
- FIG. 7 illustrates a block diagram of an embodiment of a system for mobile data communication provisioning.
- device 700 comprises a mobile device that communicates data.
- Device 700 includes a mobile data service (MDS) 702 —for example, general packet radio service—and an identifier (ID) 704 —for example, a subscriber identifier (such as IMSI).
- MDS mobile data service
- ID identifier
- Data can be transmitted and received by device 700 using MDS 702 .
- Device 700 is identified using ID 704 and associated with a user or customer. Transmissions and receptions of data communicate with carrier network 712 , which is associated with MDS 702 .
- the carrier network associated with MDS 702 comprises a mobile carrier network, a cell phone network, a messaging network, wireless communication network, or any other appropriate network for communicating data to a mobile device.
- Carrier network 712 includes carrier switching network 710 (e.g., SGSN—serving General Packet Radio Services (GPRS) support node—used in Global System for Mobile Communications (GSM) networks), carrier data traffic handler 708 (e.g., GRX—a GPRS roaming exchange and/or SS7—signaling system 7 system), and a plurality of carrier towers—represented in FIG. 7 by tower 706 .
- carrier switching network 710 e.g., SGSN—serving General Packet Radio Services (GPRS) support node—used in Global System for Mobile Communications (GSM) networks
- GPRS General Packet Radio Services
- GSM Global System for Mobile Communications
- GRX GPRS roaming exchange and/or SS7—signaling system 7 system
- SS7 Global System for Mobile Communications
- Communications of data traffic to and from device 700 are received by carrier network 712 by a carrier tower, which communicates the data traffic with carrier data traffic handler 708 .
- Carrier switching network 710 can communicate with network 714 , and Authentication Center/Home Location Register (HLR) 728 and Authentication, Authorization, and Accounting (AAA) Server (e.g., a Radius server) 730 of provider system 724 .
- HLR Authentication Center/Home Location Register
- AAA Authentication, Authorization, and Accounting
- provider system 724 is operated by a global platform provider as a control center.
- Network 714 enables communication with customer system 716 , which includes customer application server 718 and customer administrator 720 .
- network 714 comprises the internet, a local area network, a wide area network, a wired network, a wireless network, or any other appropriate network or networks for communicating with customer system 716 .
- Customer application server 718 receives data from and transmits data to device 700 regarding the customer's services or products.
- the customer's services includes transaction related services, monitoring services, and/or location tracking services.
- a state transition rule defining transition from one provisioning state to another provisioning state associated with device 700 is implemented on customer application server 718 .
- a state transition rule defining transition from one provisioning state to another provisioning state associated with device 700 is not known to device 700 .
- Provider system 724 includes HLR 728 , AAA server 730 , application server 726 , database (DB) 732 , administrator 734 .
- application server 726 can perform the function of a provisioning server, such as provisioning server 110 of FIG. 1 , in addition to other functions.
- Provider system 724 enables customer services by enabling data communication services via the carrier network with device 700 .
- HLR 728 enables communication with the provider system by indicating if device 700 is allowed to have data communication through carrier network 712 with customer system 716 .
- AAA server 730 enables specific permissions that are available regarding data communications between device 700 and customer system 716 via carrier network 712 .
- Application server 726 enables provisioning and billing for the provider. Provisioning comprises enabling devices such as device 700 to have mobile data communication services using a mobile carrier network. DB 732 includes information related to provisioning and billing for the provider. Administrator 734 administrates provider system. Customer system administrator 720 communicates with provider application server 726 to administrate customer system usage, billing, provisioning for data communication service of carrier network 712 enable by provider 724 . In some embodiments, functionality of HLR 728 and AAA server 730 are performed by the same server, are partitioned between two servers but not exactly as described herein, or any other server configuration to achieve the same functionality.
- FIG. 8 is a flow diagram illustrating an embodiment of a process for mobile data communication provisioning.
- the process of FIG. 8 helps provision device 700 of FIG. 7 such that mobile data and/or wireless communications is available via carrier network 712 to customer system 716 .
- states associated with one or more identifiers are defined. States that are associated with one or more identifiers can include test ready, inventory, activation ready, activated, deactivated, retired, return merchandise authorization (RMA), suspend, fraud review, purged, and/or any other appropriate states.
- RMA return merchandise authorization
- the identifier can be an International Circuit Card Identifier (ICCID), an international mobile subscriber identifier (IMSI), a customer identifier, a user identifier, or a device identifier.
- ICCID International Circuit Card Identifier
- IMSI international mobile subscriber identifier
- the one or more identifiers comprises an identifier associated with a user, a customer, a company, an organization, etc. or a group of identifiers associated with a user, a customer, a company, an organization, etc.
- one or more states are based on the lifecycle of the service of a wireless communication device.
- a test ready state can be used to allow a manufacturer to test a SIM, or a device with a SIM, and its network communication infrastructure before delivering the SIM, or device with a SIM, to an end user, a retail location, or a distributor.
- a test ready state can be a default state for a SIM that allows authentication and authorization with a global platform provider's HLR and AAA server, but does not have any billing associated with it.
- a SIM in a test ready state is able to conditionally transact data, voice, and/or Short Message Service (SMS) communications—for example, some limits may be placed on the communications while in this state such as: communication may occur up to a maximum data transmitted/received amount or up to a maximum number of days since the initial data communication.
- SMS Short Message Service
- a test ready state may have no prerequisite state, have no limitation to a next state (e.g., all states allowed as next state), have no exclusivity rule, be a required state, and be allowed to have automatic and/or manual transitions.
- An inventory state can be used to allow a SIM to be placed in a device and associated with an identifier of the device (e.g., a terminal identifier or a point of sale terminal identifier).
- An inventory state cannot coexist with an activation ready state.
- An inventory state cannot connect with the network and requires a manual change in order to change state.
- An inventory state may have a test ready state as a prerequisite, have no limitation to a next state (e.g., all states allowed as next state), have an exclusivity rule in that it cannot coexist with an activation ready state, not is a required state, and be allowed only to have manual transitions.
- An activation ready state can be used to allow a SIM to be ready to be activated.
- An activation ready state will authenticate and authorize with the HLR and AAA server of the provider system, but no billing will occur.
- the SIM state will automatically change to an activated state.
- An activation ready state may have a test ready state or inventory state as a prerequisite, have no limitation to a next state (e.g., all states allowed as next state), have an exclusivity rule in that it cannot coexist with an inventory state, not be a required state, and be allowed to have an automatic transition to an activated state or a manual transition to other states.
- An activated state can be used to allow a SIM, or a device with a SIM, to be used by a user.
- the SIM will authenticate and authorize on the HLR and AAA server of the provider system.
- Billing commences immediately on changing to this state.
- the provider system may check to make sure that the proper information is contained on the provider system's HLR and AAA server databases as well as the billing databases.
- the checks will include checking the identifiers stored in the SIM (e.g., international mobile subscriber identifier (IMSI), customer identifier, device identifier, etc.).
- IMSI international mobile subscriber identifier
- An activated state may have a test ready state, inventory, or activation ready state as a prerequisite, have possible next states of deactivated, purged, or retired, have no exclusivity rule, not be a required state, and be only allowed to have a manual transition to a next state.
- a deactivated state can be used to allow a SIM, or a device with a SIM, to be deactivated by the user.
- a deactivated state the SIM will not be allowed to authenticate and will not be billed.
- the AAA server of the provider system and the gateway GPRS support node (GGSN) of carrier networks will be sent a notification (e.g., a packet) informing them that the SIM has been deactivated.
- An deactivated state may have an activated state as a prerequisite, have possible next states of activated, purged, or retired, have no exclusivity rule, not be a required state, and be only allowed to have a manual transition to a next state.
- a retired state can be used to allow a SIM, or a device with a SIM, to be retired by the provider or the user. In a retired state the SIM will not be allowed to authenticate and billing ends.
- a retired state may have any state as a prerequisite except purged, have any possible next states (i.e., all states possible), have no exclusivity rule, not be a required state, and be only allowed to have a manual transition to a next state.
- a purged state can be used to allow a SIM, or a device with a SIM, to be purged by the provider.
- the SIM will not be allowed to authenticate and the subscriber identification is removed from the system (e.g., IMSI permanently removed from the HLR of the provider system).
- a purged state may have any state as a prerequisite, have no possible next states, have no exclusivity rule, not be a required state, and be not allowed to have any transitions to a next state.
- a state is defined by a customer. In some embodiments, the state is defined using an Internet-based service.
- a state definition does not support communication sessions and a transition to that state will terminate existing open communication sessions.
- a first wireless communication provisioning state allows a communication device to pass traffic without incurring any billing charges
- an associated state transition rule allows an automated transition to a second provisioning state where the second provisioning state incurs billing charges.
- a first wireless communication provisioning state allows a communication device to pass traffic without incurring any billing charges
- an associated state transition rule allows an automated transition to the second provisioning state, where the second provisioning state does not allow the communication device to pass traffic.
- state transition rule(s) between two states is/are defined.
- a transition from one state to another may occur automatically on a predetermined condition or manually. If the transition is based on a condition is met (e.g., upon first data communication—packet data protocol context established), the state will automatically change from one to another (e.g., activation ready state to activated state).
- the transition condition is based on one or more of the following: a predetermined amount of elapsed time since a prior state transition, an amount of service usage above a predetermined amount of service usage, one or more service signalings, or any other appropriate condition.
- the condition is based on an exclusivity rule, a state rule, a communication data transfer, or any other appropriate condition.
- a manual change from one state to another requires an intervention directly from the provider system—for example, an action through a manager portal, by uploading a file to the SIM or device with the SIM, or an application programming interface (API) call.
- API application programming interface
- a state transition rule can be defined for an individual device or a group of devices, or different rules can be defined for different individual devices or different groups of devices, or any other appropriate combination as appropriate for meeting the needs of a supplier of devices.
- a group of states are defined and a group of transition rules are defined, and then a selection of states and transition rules are associated with one or more identifiers.
- a customer selects a state transition rule.
- a customer defines a state transition rule.
- the state transition rule is selected and/or defined using an Internet-based service, using a local program interface, or any other appropriate manner of selecting and defining a state transition rule.
- a state transition rule when activated terminates existing communication sessions.
- FIG. 9 is a block diagram illustrating an embodiment of a state definition.
- a state is associated with an identifier—for example, a SIM, a device identifier (e.g., an international mobile equipment identifier), a vendor identifier, or any other appropriate identifier.
- a state definition includes state name, state description, required state flag, prerequisite state, allowed next state(s), exclusivity rule, and transition mode(s) available that describe conditions allowing transitions between states.
- a test ready state has: a) a state name of test ready; b) a state description of SIM is able to tested in its operation with the network by a manufacturer in a limited manner without being billed; c) a required state flag indicating that the test ready state is required; d) there is no prerequisite state for the test ready state; e) allowed next states from test ready are inventory, activation ready, activated, retired, or purged; f) there is no exclusivity rule for the test ready state; and g) the transition modes available are automatic to either an inventory state or an activation ready state based on an exclusivity rule or manual change.
- FIG. 10 illustrates an embodiment of a state transition rule definition.
- a state transition rule definition is associated with a state associated with an identifier or an identifier.
- a state transition rule definition includes current state, transition condition, state transitioned to, and transition description.
- a SIM can be manually changed from an inventory state to an activation ready state when the device that the SIM is in is deployed by selling the unit to a retail customer, by having a service provider place the unit in the field, or by any other appropriate manner.
- a SIM can be automatically changed from an activation ready state to an active state when a PDP context is established and data is communicated to and from the SIM, or device with the SIM in it.
- FIG. 11 is a flow diagram illustrating an embodiment of states of a channel sale model for provisioning and the transitions between the states.
- the starting default state of a SIM is the test ready state.
- test ready state 1100 a device is ready for testing.
- the SIM is shipped in the test ready state to an original equipment manufacturer (OEM)—for example, a customer wanting to use the connectivity services provided by the provider which enables a user's device to have data communication to the customer via one or more carrier networks.
- OEM original equipment manufacturer
- test ready state 1100 the SIM is allowed to provision and establish a PDP session (e.g., it can connect to GGSN of a carrier network, connect to internet, and connect to the customer's application server).
- Transition 1101 from the test ready state is either a manually triggered transition or an automatically triggered based on a condition where the condition is the when the SIM has reached: 1) a maximum number of PDP sessions has occurred—for example, 10; 2) a maximum amount of data has been transmitted/received to and from the SIM/device via the carrier network—for example, 100 Kbytes; or 3) a maximum amount of time has elapsed since the first PDP context in this test ready state—for example, 90 days.
- the transition is triggered, then the SIM switches to inventory state 1102 .
- a device In inventory state 1102 , a device is waiting to be transferred to a user. In this state, no connectivity is enabled, and no billing occurs. The state is maintained until transition 1103 . Transition 1103 occurs when the OEM or the customer or its channel service providers manually triggers a state change. When the state change is triggered, the SIM is changed to activated state 1104 . In activated state 1104 , a device is being used by user. In activated state 1104 , the SIM is able to establish a PDP session and connect and transfer data to a customer application server via a carrier network. The user is billed for the service provided by the provider. Billing information is provided to the customer by gathering the relevant data from the network carriers and the provider's data bases. The SIM remains in the active state until triggered to transition.
- Transition 1105 may be triggered manually or automatically. In various embodiments, transition 1105 is triggered automatically by a maximum number of connections allowed, a maximum amount of data transferred, a maximum amount of time since the start of PDP sessions, or any other appropriate automatic trigger condition. In some embodiments, the user or the customer can also manually trigger transition 1105 to a deactivated state 1106 .
- deactivated state 1106 a device is finished being used as requested by an end user or by a customer system request by being in a deactivated state.
- the SIM is not able to connect and establish a PDP session.
- Transition 1107 can be triggered automatically (e.g., after a period of time) or manually (e.g., by the customer).
- the SIM changes state to purged state 1108 .
- purged state 1108 the SIM and the device the SIM is in, is removed from the system.
- purged state 1108 the SIM is not able to connect and establish a PDP session.
- Purged state 1108 automatically removes the IMSI and International Circuit Card Identifier (ICCID) from the HLR of the provider system.
- ICCID International Circuit Card Identifier
- FIG. 12 is a flow diagram illustrating an embodiment of states of a retail sale model for provisioning and the transitions between the states.
- the states and transitions in FIG. 12 are similar to the states and transitions in FIG. 11 except for the activation ready state.
- the starting default state of a SIM is the test ready state.
- test ready state 1200 a device is ready for testing.
- the SIM is shipped in the test ready state to an original equipment manufacturer (OEM)—for example, a customer wanting to use the connectivity services provided by the provider which enables a user's device to have data communication to the customer via one or more carrier networks.
- OEM original equipment manufacturer
- test ready state 1200 the SIM is allowed to provision and establish a PDP session (e.g., it can connect to GGSN of a carrier network, connect to internet, and connect to the customer's application server).
- a PDP session e.g., it can connect to GGSN of a carrier network, connect to internet, and connect to the customer's application server.
- no billing to the OEM occurs. This connectivity is allowed for until the transition 1201 .
- Transition 1201 from the test ready state is either a manually triggered transition or an automatically triggered based on a condition where the condition is the when the SIM has reached: 1) a maximum number of PDP sessions has occurred—for example, 5; 2) a maximum amount of data has been transmitted/received to and from the SIM/device via the carrier network—for example, 1 Mbytes; or 3) a maximum amount of time has elapsed since the first PDP context in this test ready state—for example, 1 year.
- the transition is triggered, then the SIM switches to activation ready state 1202 .
- activation ready state 1202 a device is waiting to be transferred to a user.
- the activation ready state is set after testing by the OEM when the device is being shipped from the OEM to retail locations, distribution partners, directly to end users, or when the SIM, or device with the SIM, is about to be in the end users hands but is not ready to have billing/service fully implemented.
- SIM connectivity is enabled, and a PDP session can be established.
- transition 1203 is triggered.
- the SIM is changed to activated state 1204 .
- activated state 1204 a device is being used by user.
- the SIM In activated state 1204 , the SIM is able to establish a PDP session and connect and transfer data to a customer application server via a carrier network.
- the user is billed for the service provided by the provider.
- Billing information is provided to the customer by gathering the relevant data from the network carriers and the provider's data bases.
- the SIM remains in the active state until triggered to transition.
- Transition 1205 may be triggered manually or automatically. In various embodiments, transition 1205 is triggered automatically by a maximum number of connections allowed, a maximum amount of data transferred, a maximum amount of time since the start of PDP sessions, or any other appropriate automatic trigger condition. In some embodiments, the user or the customer can also manually trigger transition 1205 to a deactivated state 1206 .
- deactivated state 1206 a device is finished being used as requested by an end user or by a customer system request by being in a deactivated state.
- the SIM is not able to connect and establish a PDP session.
- Transition 1207 can be triggered automatically (e.g., after a period of time) or manually (e.g., by the customer).
- the SIM changes state to purged state 1208 .
- purged state 1208 the SIM and the device the SIM is in, is removed from the system.
- purged state 1208 the SIM is not able to connect and establish a PDP session.
- Purged state 1208 automatically removes the IMSI and International Circuit Card Identifier (ICCID) from the HLR of the global platform provider system.
- ICCID International Circuit Card Identifier
- FIG. 13 is a flow diagram illustrating an embodiment of a process for provisioning wireless communication.
- definitions for states associated with an identifier are received.
- state definitions and/or selections are received using an internet-based application.
- state definitions are the same or different for different identifiers.
- a state for provisioning e.g., a device
- allows billing allows communication sessions, allows activation, does not allow billing, does not allow communication sessions, does not allow activation, or any other appropriate action associated with a state.
- definition(s) for state transition rule(s) between two states is/are received.
- state transition rule definitions and/or selections are received using an internet-based application.
- the transitions are automatic or manual and are triggered with a transition condition.
- the automatic and/or manual transition conditions include an elapsed time from a prior state, prior transition, or prior specific/any communication, an absolute time, an absolute date, after a predetermined amount of traffic, before a predetermined level of traffic is reached, after communication with a specific location, number, device, service center, after sending a service indication, a system message, after receipt of a service message, condition, communication from a specific location, device, server, service center, or any other appropriate transition condition.
- a transition condition associated with a transition rule for current state is met. In the event that an appropriate transition condition has not been met, control stays with 1304 . In the event that an appropriate transition condition is met, then in 1306 allow transition between the two states as appropriate for the transition rule.
- provisioning states, state transition rule enforcement, and evaluation of transition conditions takes place on a server that communicates with a wireless network and wireless device.
- the server is located in, or otherwise operated by, a global platform provider's control center.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
Description
- This application is a continuation of U.S. patent application Ser. No. 14/543,629 entitled GLOBAL PLATFORM FOR MANAGING SUBSCRIBER IDENTITY MODULES filed on Nov. 17, 2014 (Attorney Docket No. 8895P016C4) which is a continuation of U.S. patent application Ser. No. 14/146,401 (Attorney Docket No. 8895P016C3) entitled GLOBAL PLATFORM FOR MANAGING SUBSCRIBER IDENTITY MODULES filed on Jan. 2, 2014 and issued as U.S. Pat. No. 8,897,776 on Nov. 25, 2014, which is a continuation of Ser. No. 13/622,172 (Attorney Docket No. 8895P016C2) entitled GLOBAL PLATFORM FOR MANAGING SUBSCRIBER IDENTITY MODULES filed on Sep. 18, 2012, which is a continuation of U.S. patent application Ser. No. 13/340,997 (Attorney Docket No. 8895P016C) entitled GLOBAL PLATFORM FOR MANAGING SUBSCRIBER IDENTITY MODULES filed on Dec. 30, 2011, now U.S. Pat. No. 8,275,357, issued on Sep. 25, 2012, co-pending U.S. patent application Ser. No. 11/119,401 (Attorney Docket No. 8895P012) entitled SELF PROVISIONING OF WIRELESS TERMINALS IN CELLULAR NETWORKS filed Apr. 29, 2005, now issued as U.S. Pat. No. 8,346,214, issued on Jan. 1, 2013, co-pending U.S. patent application Ser. No. 11/398,493 (Attorney Docket No. 8895P014) entitled SELF PROVISIONING OF WIRELESS TERMINALS IN WIRELESS NETWORKS filed Apr. 4, 2006, now issued as U.S. Pat. No. 8,498,615, issued on Jul. 30, 2013, and co-pending U.S. patent application Ser. No. 11/804,582 (Attorney Docket No. 88995P005) entitled WIRELESS COMMUNICATION PROVISIONING USING STATE TRANSITION RULES filed May 18, 2007 and issued as U.S. Pat. No. 8,745,184 on Jun. 3, 2014.
- In a wireless system, the wireless terminal has a Subscriber Identity Module (SIM), which contains the identity of the subscriber. One of the primary functions of the wireless terminal with its SIM in conjunction with the wireless network system is to authenticate the validity of the wireless terminal (for example, a cell phone) and the wireless terminal's subscription to the network. The SIM is typically a microchip that is located on a plastic card, a SIM card, which is approximately 1 cm square. The SIM card is then placed in a slot of the wireless terminal to establish the unique identity of the subscriber to the network. In some cases, the wireless terminal itself contains the subscriber identification and authentication functionality so that a separate SIM and/or SIM card is not utilized.
- In the SIM (or within the wireless terminal) an authentication key and a subscriber identification pair are stored. An example of such a pair would be the authentication key Ki as used in GSM networks and the associated subscriber identification IMSI (International Mobile Subscriber Identity). Another example would be the authentication key A-Key and subscriber identification MIN (Mobile Identification Number) as used in CDMA and TDMA networks. In either case, a corresponding identical set of an authentication key and a subscriber identification are stored in the network. In the SIM (or in the wireless terminal) and within the network, the authentication functionality is run using the local authentication key and some authentication data which is exchanged between the SIM and the network. If the outcomes of running the authentication functionality in the SIM and in the network leads to the same result, then the SIM/wireless terminal are considered to be authenticated for the wireless network.
- In existing wireless systems, a SIM (or wireless terminal) has an authentication key associated with only one subscriber identification and this subscriber identity is typically tied to a local region or network. When a SIM (or wireless terminal) authenticates in a region that is not local or with a network that is not local, then usually the SIM (or wireless terminal) needs to pay additional roaming service charges to connect with the wireless network. It would be beneficial if the SIM (or wireless terminal) were not tied to a local region or network. For example, equipment vendors would then be able to sell the same equipment in multiple regions and for multiple networks. Additionally, end users may avoid roaming service charges or at least more favorable subscription terms may be available.
- Various embodiments of the invention are disclosed in the following detailed description and the accompanying drawings.
-
FIG. 1 illustrates an embodiment of a self-provisioning wireless system. -
FIG. 2A illustrates an example of authentication data structures in one embodiment. -
FIG. 2B illustrates an example of authentication data structures in another embodiment. -
FIG. 3 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network. -
FIG. 4A illustrates an embodiment of a process for provisioning or authentication of a wireless terminal in a network system. -
FIG. 4B illustrates another embodiment of a process for provisioning or authentication of a wireless terminal in a network system. -
FIG. 5 illustrates an embodiment of a process for self-provisioning or authentication, of a wireless terminal in a network system. -
FIG. 6 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network. -
FIG. 7 illustrates a block diagram of an embodiment of a system for mobile data communication provisioning. -
FIG. 8 is a flow diagram illustrating an embodiment of a process for mobile data communication provisioning. -
FIG. 9 is a block diagram illustrating an embodiment of a state definition. -
FIG. 10 illustrates an embodiment of a state transition rule definition. -
FIG. 11 is a flow diagram illustrating an embodiment of states of a channel sale model for provisioning and the transitions between the states. -
FIG. 12 is a flow diagram illustrating an embodiment of states of a retail sale model for provisioning and the transitions between the states. -
FIG. 13 is a flow diagram illustrating an embodiment of a process for provisioning wireless communication. - The invention can be implemented in numerous ways, including as a process, an apparatus, a system, a composition of matter, a computer readable medium such as a computer readable storage medium or a computer network wherein program instructions are sent over optical, electronic or wireless communication links. In this specification, these implementations, or any other form that the invention may take, may be referred to as techniques. A component such as a processor or a memory described as being configured to perform a task includes both a general component that is temporarily configured to perform the task at a given time or a specific component that is manufactured to perform the task. In general, the order of the steps of disclosed processes may be altered within the scope of the invention.
- A detailed description of one or more embodiments of the invention is provided below along with accompanying figures that illustrate the principles of the invention. The invention is described in connection with such embodiments, but the invention is not limited to any embodiment. The scope of the invention is limited only by the claims and the invention encompasses numerous alternatives, modifications and equivalents. Numerous specific details are set forth in the following description in order to provide a thorough understanding of the invention. These details are provided for the purpose of example and the invention may be practiced according to the claims without some or all of these specific details. For the purpose of clarity, technical material that is known in the technical fields related to the invention has not been described in detail so that the invention is not unnecessarily obscured.
- A system and method for provisioning a subscriber identification to a wireless terminal in a wireless network is disclosed. A control center receives transmission from a wireless network. The transmission indicates that a wireless terminal is roaming. The control center provisions a subscriber identification to the wireless terminal, where the subscriber identification is selected based at least in part on the identification of the wireless network in which the wireless terminal is roaming. Using the newly-provisioned subscriber identification, the wireless terminal acquires wireless service from the wireless network as a local wireless terminal. The wireless terminal can operate as a local wireless terminal for that network, or for a network with which the local network has a preferred relationship. The wireless terminal can acquire telecommunications service as a local terminal by using a stored set of authentication key-subscriber identification that is specific to the network it is operating in. In various embodiments, the wireless terminal can operate as a local terminal by receiving or downloading a specific set of authentication key-subscriber identification, or by receiving or downloading a subscriber identification to pair with an existing authentication key.
-
FIG. 1 illustrates an embodiment of a wireless system. In the example shown, the wireless system includes a plurality of wireless terminals, represented inFIG. 1 bywireless terminal 100, a plurality of wireless network base stations, represented by wirelessnetwork base stations 104,wireless network center 106, Home Location Register/Authentication Center (HLR/AuC) 108, andprovisioning server 110 capable of provisioning the wireless terminals. Although only onewireless network center 106 is shown, it is understood that the wireless system can include multiple wireless network centers 106. Eachwireless network center 106 includes, or is associated with, a HLR, a Mobile Switching Center/Visitor Location Register (MSC/VLR) and a Serving GPRS Service Node (SGSN), or Packet Data Serving Node (PDSN). In one embodiment, themultiple wireless centers 106 may be operated by different network carriers, while HLR/AuC 108 andprovisioning server 110 are operated by a global platform provider.Wireless terminal 100 includes a Subscriber Identity Module (SIM) which is either an attachable hardware card with a memory and a processor or a software object embedded in the wireless terminal.Wireless terminal 100 communicates with wirelessnetwork base stations 104 usingwireless signal 102. As a wireless terminal moves around it communicates with different wireless base stations. Wirelessnetwork base stations 104 communicate withwireless network center 106. - Communications from a wireless terminal are passed to another wireless terminal over the same wireless network using a local wireless network base station to the other wireless terminal or the communications are carried by a wired network or other wireless network to the destination terminal.
Wireless network center 106 communicates with its associated HLR, where sets of authentication key-subscriber identification are stored, to help in authenticating a wireless terminal that is acquiring wireless network service. One example of a subscriber identification is an international mobile subscriber identifier (IMSI).Wireless network center 106 and its associated HLR communicate withprovisioning server 110 to enable a wireless terminal to acquire a new subscriber identification that is paired with an existing authentication key and/or a new set of authentication key-subscriber identification. In some embodiments the transmission of the authentication key or the authentication key-subscriber identification is encrypted. In various embodiments, the authentication key or the authentication key-subscriber identification is/are decrypted at the wireless terminal and/or in the SIM card. The old authentication key-new subscriber identification pair and/or the new set of authentication key-subscriber identification are added in the appropriate manner to the HLR/AuC 108 databases or the HLR databases associated with wireless network centers 106 so that the wireless terminal can be authenticated and can acquire wireless network service using the new subscriber identification and/or authentication key set. In various embodiments, the wireless network system is a cellular system, a GSM/GPRS wireless system, a CDMA or WCDMA wireless system, or a TDMA wireless system, or any other type of wireless network system. -
FIG. 2A illustrates an example of authentication data structures in one embodiment. In some embodiments, the authentication data structure for a wireless terminal is located in the SIM, and for the network in the HLR/AuC such as HLR/Auc 108 ofFIG. 1 or the HLR associated with wireless network centers 106. An authentication data structure (ADS) for a wireless terminal includes an authentication key (AK) and one or more subscriber identifications (SI) and is used to help authenticate a wireless terminal for a wireless network. In the example shown, the ADS forwireless terminal 1 includes one authentication key and one subscriber identification. The ADS forwireless terminal 2 includes one authentication key and three subscriber identifications. The ADS for wireless terminal N includes one authentication key and two subscriber identifications. The ADS for network includes the authentication key-subscriber identification entries for each of the wireless terminals. Entries forwireless terminal -
FIG. 2B illustrates an example of authentication data structures in another embodiment. Authentication data structure (ADS) for a wireless terminal includes a Ki and one or more IMSI's. In the example shown, the ADS forwireless terminal 1 includes one Ki and one IMSI. The ADS forwireless terminal 2 includes one Ki and three IMSI's. The ADS for wireless terminal N includes one Ki and two IMSI's. The ADS for HLR/AuC includes the Ki-IMSI entries for each of the wireless terminals. Entries forwireless terminal -
FIG. 3 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network. In some embodiments, the process ofFIG. 3 is implemented on a wireless terminal such aswireless terminal 100 inFIG. 1 . In the example shown, in 300 a wireless signal is received from a wireless network. A wireless terminal receives wireless signals from a nearby network base station. In 302, a network identification is decoded from the wireless signal. The wireless signal includes a mobile network identification. For example, the wireless terminal scans for the existing wireless system signals. When it finds a network system broadcast control channel (e.g. BCCH in GSM Systems), it decodes the broadcasted information to decode the Location Area Identifier (LAI). The LAI is composed of a mobile country code, a mobile network code and a location area code. From the LAI, the wireless terminal can determine the country in which it is operating. In 304, a subscriber identification is selected based on the decoded network identification. For example, LAI information can be matched with the subscriber identification of the wireless terminal, which includes a mobile country code, a mobile network code, and a mobile subscriber identification number. In various embodiments, the LAI mobile country code and subscriber identification mobile country code are matched or the LAI mobile network code and the subscriber identification mobile network code are matched. In various embodiments, the selection of a subscriber identification is based at least in part on the pricing of different wireless networks, the billed account for that connection, a billed account for the wireless service, the application that will use the connection, an application using the wireless service (for example, one subscriber identification for data communication and a different subscriber identification for voice communication) or any other appropriate criteria for selecting a subscriber identification. In 306, wireless service is acquired from the wireless network. -
FIG. 4A illustrates an embodiment of a process for provisioning subscriber identification to a wireless terminal in a network system. Referring also toFIG. 1 , in the example shown,wireless terminal 100 receives information from and transmits information to wireless network center 106 (and its associated HLR), HLR/AuC 108, andprovisioning server 110 using wireless signals 102. As shown inFIGS. 4A and 4B , wireless network center 106 (and its associated HLR), HLR/AuC 108, andprovisioning server 110 are collectively identified bynumeral 402. In 404,wireless terminal 100 listens towireless signals 102 transmitted fromnetwork base stations 104 and decodes the mobile network identification from the transmitted information. For example, the wireless terminal scans for the existing wireless system signals. When it finds a network system broadcast control channel (e.g. BCCH in GSM Systems), it decodes the broadcasted information to decode the Location Area Identifier (LAI). The LAI is composed of a mobile country code, a mobile network code and a location area code. From the LAI, the wireless terminal can determine the country in which it is operating. The wireless terminal receives a set of Subscriber Identification from network center, HLR/AuC, andprovisioning server 402 and stores in its ADS. In 406, the wireless terminal chooses a Subscriber Identification with the same country code from its ADS. For example, the Subscriber Identification is composed of a mobile country code, a mobile network code, and mobile subscriber identification number. The codes in the Subscriber Identification can be used to match a Subscriber Identification to the local network and/or country. The rest of the Subscriber Identifications stored in the wireless terminal's ADS may be made inactive for the duration of the session. - In 408, the wireless terminal performs a location update with the visited wireless network using the new Subscriber Identification. In 410, the network center, HLR/AuC, and
provisioning server 402 searches for the Subscriber Identification in its ADS and retrieves the corresponding Authentication Key. In 412, a challenge is generated (RAND) and with the Authentication Key is used to calculate a Response (SRES) using an authentication algorithm (A3). In 414, the RAND is sent to the wireless terminal and a response is requested. In 416, the wireless terminal uses the RAND with the Authentication Key from its ADS to independently calculate a SRES using encryption algorithm (A3) stored in its SIM. In 418, the SRES is sent to the network center and/or HLR/AuC and/orprovisioning server 402. In 420, authentication is passed if the received SRES matches the locally computed SRES, otherwise the authentication fails. -
FIG. 4B illustrates another embodiment of a process for provisioning subscriber identification to a wireless terminal in a network system. In some cases, the wireless terminal will not contain an IMSI that matches the country code of the local network system. The wireless terminal can connect to the network using an IMSI with another country code and then receiving or downloading a local IMSI (i.e. with a matching country code). In the example shown, wireless terminal 400B receives information from and transmits information to the network center, HLR/AuC, and provisioning server 402B using cellular signals. In 404B, wireless terminal 400B listens to cellular signals transmitted from network towers and decodes the country code from the transmitted information. In 406B, wireless terminal 400B communicates, after being authenticated, with the provisioning server transmitting information including a country code and a terminal producer. In 408B, the provisioning server chooses a new IMSI with a local country code. In 410B, the new IMSI is added to the ADS of the HLR/AuC (or the HLR associated with the network system) corresponding to the wireless terminal (i.e. paired with the wireless terminal's Ki). In 412B, the provisioning server sends the new IMSI to wireless terminal 400B. In 414B, wireless terminal 400B adds the new IMSI to its ADS. In 416B,wireless terminal 400 reestablishes its connection with the network system with the new IMSI as the active IMSI. In some embodiments, depending on the information transmitted (i.e. IMSI range or type of wireless terminal), communication may be established between the wireless terminal and a specific application server (i.e., a global platform provider's provisioning server or another server). In some embodiments, this communication with a specific application server is encrypted. -
FIG. 5 illustrates an embodiment of a process for provisioning subscriber identification to a wireless terminal in a network system. In some embodiments, the wireless terminal will not contain a Subscriber Identification that matches the network code and/or country code of the local network system. The wireless terminal can connect to the network using a Subscriber Identification with another network/country code and then receiving downloading a local Subscriber Identification (i.e. with a matching country code). Referring also toFIGS. 1 and 4A , in the example shown,wireless terminal 100 receives information from and transmits information to network center 106 (and its associated HLR), HLR/AuC 108, andprovisioning server 110 using wireless signals 102. In 504,wireless terminal 100 listens to wireless signals transmitted fromnetwork base stations 104 and decodes the mobile network identification from the transmitted information similar to 404 ofFIG. 4A . In 506,wireless terminal 100 communicates, after being authenticating using a process similar to 408-420 ofFIG. 4A , with theprovisioning server 110 transmitting information including a country code and a terminal producer. In 508, theprovisioning server 110 chooses a new Subscriber Identification with a local country code and/or network code. In 510, the new Subscriber Identification is added to the ADS of the HLR/AuC 108 or the HLR associated with the visited network corresponding to the wireless terminal (i.e. paired with the wireless terminal's Authentication Key). In 512, theprovisioning server 110 sends the new Subscriber Identification towireless terminal 500. In 515,wireless terminal 100 adds the new Subscriber Identification to its ADS. In 516,wireless terminal 100 reestablishes its connection with the network system with the new Subscriber Identification as the active Subscriber Identification. In some embodiments, depending on the information transmitted (e.g., subscriber identification range or type of wireless terminal), communication may be established between the wireless terminal and a specific application server (e.g., a global platform provider's provisioning server or another server). In some embodiments, this communication with a specific application server is encrypted. -
FIG. 6 is a flow diagram illustrating an embodiment of a process for acquiring wireless service from a wireless network. In the example shown, in 600 a wireless signal is received from a wireless network. In 602, wireless service is acquired from the wireless network using a first subscriber identification. In 604, information is transmitted to the wireless network. In 606, a second subscriber identification, which is selected by an application server (orprovisioning server 110 ofFIG. 1 ), is received. The second subscriber identification is selected based at least in part on one or more of the following: the wireless network, the wireless network identification, the base station that the wireless terminal is communicating with, the local country associated with the network, or any other appropriate criteria for selecting a subscriber identification. In various embodiments, the first subscriber identification and the second subscriber identification are both paired with a single authentication key or the first subscriber identification is paired with a first authentication key and the second subscriber identification is paired with a second authentication key. In some embodiments, a second authentication key is received. In various embodiments, the subscriber identification and/or the authentication key are received after having been encrypted and need to be decrypted after having been received. In some embodiments, the subscriber identification is encrypted and decrypted using an authentication key. In various embodiments, a subscriber identification and/or a authentication key is encrypted in an application server, in a provisioning server, in a wireless network server, or in a combination of an application/provisioning server and a wireless network server, or in any other appropriate place for the encryption. In various embodiments, a subscriber identification and/or an authentication key is decrypted in a wireless terminal, in a SIM card, or in a combination of the SIM card and the wireless terminal, or in any other appropriate place for the decryption. In some embodiments, authentication information is received—for example, a random number that has been encrypted using an authentication key, a subscriber identification that has been encrypted using an authentication key, or other information that has been encrypted using an authentication key or other appropriate key. In 608, wireless service is acquired from the wireless network using the second subscriber identification. - Wireless communication provisioning using state transition rules associated with an identifier is disclosed. A first state associated with one or more identifiers is defined. A second state associated with one or more identifiers is defined. A state transition rule is defined between the first and second states. In some embodiments, the one or more identifiers are stored in a subscriber identity module (SIM). In some embodiments, a plurality of states are defined, a plurality of state transition rules are defined, and a group of states and transition rules are selected and associated with one or more identifiers. In some embodiments, wireless communications comprise mobile data, mobile cellular communications, or any other appropriate wireless communications.
- In some embodiments, a customer organization defines a sequence of states for devices that communicate data with a global platform provider's application server via one or more wireless carrier networks. The provider (e.g., the global platform provider) enables the communication via the wireless carrier networks. The plurality of states enables the activity of provisioning of a customer device or provider device used in the data communication with appropriate billing, access, and/or authorization for each activity especially with regard to testing, activation, deactivation, etc.
-
FIG. 7 illustrates a block diagram of an embodiment of a system for mobile data communication provisioning. In the example shown,device 700 comprises a mobile device that communicates data.Device 700 includes a mobile data service (MDS) 702—for example, general packet radio service—and an identifier (ID) 704—for example, a subscriber identifier (such as IMSI). Data can be transmitted and received bydevice 700 usingMDS 702.Device 700 is identified usingID 704 and associated with a user or customer. Transmissions and receptions of data communicate withcarrier network 712, which is associated withMDS 702. In various embodiments, the carrier network associated withMDS 702 comprises a mobile carrier network, a cell phone network, a messaging network, wireless communication network, or any other appropriate network for communicating data to a mobile device. -
Carrier network 712 includes carrier switching network 710 (e.g., SGSN—serving General Packet Radio Services (GPRS) support node—used in Global System for Mobile Communications (GSM) networks), carrier data traffic handler 708 (e.g., GRX—a GPRS roaming exchange and/or SS7—signalingsystem 7 system), and a plurality of carrier towers—represented inFIG. 7 bytower 706. Communications of data traffic to and fromdevice 700 are received bycarrier network 712 by a carrier tower, which communicates the data traffic with carrierdata traffic handler 708. Carrierdata traffic handler 708 communicates data traffic withcarrier switching network 710.Carrier switching network 710 can communicate withnetwork 714, and Authentication Center/Home Location Register (HLR) 728 and Authentication, Authorization, and Accounting (AAA) Server (e.g., a Radius server) 730 ofprovider system 724. In one embodiment,provider system 724 is operated by a global platform provider as a control center. -
Network 714 enables communication withcustomer system 716, which includescustomer application server 718 andcustomer administrator 720. In some embodiments,network 714 comprises the internet, a local area network, a wide area network, a wired network, a wireless network, or any other appropriate network or networks for communicating withcustomer system 716.Customer application server 718 receives data from and transmits data todevice 700 regarding the customer's services or products. In various embodiments, the customer's services includes transaction related services, monitoring services, and/or location tracking services. In some embodiments, a state transition rule defining transition from one provisioning state to another provisioning state associated withdevice 700 is implemented oncustomer application server 718. In some embodiments, a state transition rule defining transition from one provisioning state to another provisioning state associated withdevice 700 is not known todevice 700. -
Provider system 724 includesHLR 728,AAA server 730,application server 726, database (DB) 732,administrator 734. In an embodiment where theprovider system 724 is the control center of a global platform provider,application server 726 can perform the function of a provisioning server, such asprovisioning server 110 ofFIG. 1 , in addition to other functions.Provider system 724 enables customer services by enabling data communication services via the carrier network withdevice 700.HLR 728 enables communication with the provider system by indicating ifdevice 700 is allowed to have data communication throughcarrier network 712 withcustomer system 716.AAA server 730 enables specific permissions that are available regarding data communications betweendevice 700 andcustomer system 716 viacarrier network 712.Application server 726 enables provisioning and billing for the provider. Provisioning comprises enabling devices such asdevice 700 to have mobile data communication services using a mobile carrier network.DB 732 includes information related to provisioning and billing for the provider.Administrator 734 administrates provider system.Customer system administrator 720 communicates withprovider application server 726 to administrate customer system usage, billing, provisioning for data communication service ofcarrier network 712 enable byprovider 724. In some embodiments, functionality ofHLR 728 andAAA server 730 are performed by the same server, are partitioned between two servers but not exactly as described herein, or any other server configuration to achieve the same functionality. -
FIG. 8 is a flow diagram illustrating an embodiment of a process for mobile data communication provisioning. In some embodiments, the process ofFIG. 8 helpsprovision device 700 ofFIG. 7 such that mobile data and/or wireless communications is available viacarrier network 712 tocustomer system 716. In the example shown, in 800 states associated with one or more identifiers are defined. States that are associated with one or more identifiers can include test ready, inventory, activation ready, activated, deactivated, retired, return merchandise authorization (RMA), suspend, fraud review, purged, and/or any other appropriate states. In various embodiments, the identifier can be an International Circuit Card Identifier (ICCID), an international mobile subscriber identifier (IMSI), a customer identifier, a user identifier, or a device identifier. In various embodiments, the one or more identifiers comprises an identifier associated with a user, a customer, a company, an organization, etc. or a group of identifiers associated with a user, a customer, a company, an organization, etc. - In some embodiments, one or more states are based on the lifecycle of the service of a wireless communication device.
- A test ready state can be used to allow a manufacturer to test a SIM, or a device with a SIM, and its network communication infrastructure before delivering the SIM, or device with a SIM, to an end user, a retail location, or a distributor. A test ready state can be a default state for a SIM that allows authentication and authorization with a global platform provider's HLR and AAA server, but does not have any billing associated with it. A SIM in a test ready state is able to conditionally transact data, voice, and/or Short Message Service (SMS) communications—for example, some limits may be placed on the communications while in this state such as: communication may occur up to a maximum data transmitted/received amount or up to a maximum number of days since the initial data communication. A test ready state may have no prerequisite state, have no limitation to a next state (e.g., all states allowed as next state), have no exclusivity rule, be a required state, and be allowed to have automatic and/or manual transitions.
- An inventory state can be used to allow a SIM to be placed in a device and associated with an identifier of the device (e.g., a terminal identifier or a point of sale terminal identifier). An inventory state cannot coexist with an activation ready state. An inventory state cannot connect with the network and requires a manual change in order to change state. An inventory state may have a test ready state as a prerequisite, have no limitation to a next state (e.g., all states allowed as next state), have an exclusivity rule in that it cannot coexist with an activation ready state, not is a required state, and be allowed only to have manual transitions.
- An activation ready state can be used to allow a SIM to be ready to be activated. An activation ready state will authenticate and authorize with the HLR and AAA server of the provider system, but no billing will occur. After the first data communication (e.g., first packet data protocol (PDP) context communication), the SIM state will automatically change to an activated state. An activation ready state may have a test ready state or inventory state as a prerequisite, have no limitation to a next state (e.g., all states allowed as next state), have an exclusivity rule in that it cannot coexist with an inventory state, not be a required state, and be allowed to have an automatic transition to an activated state or a manual transition to other states.
- An activated state can be used to allow a SIM, or a device with a SIM, to be used by a user. In an activated state the SIM will authenticate and authorize on the HLR and AAA server of the provider system. Billing commences immediately on changing to this state. The provider system may check to make sure that the proper information is contained on the provider system's HLR and AAA server databases as well as the billing databases. In some cases, the checks will include checking the identifiers stored in the SIM (e.g., international mobile subscriber identifier (IMSI), customer identifier, device identifier, etc.). An activated state may have a test ready state, inventory, or activation ready state as a prerequisite, have possible next states of deactivated, purged, or retired, have no exclusivity rule, not be a required state, and be only allowed to have a manual transition to a next state.
- A deactivated state can be used to allow a SIM, or a device with a SIM, to be deactivated by the user. In a deactivated state the SIM will not be allowed to authenticate and will not be billed. The AAA server of the provider system and the gateway GPRS support node (GGSN) of carrier networks will be sent a notification (e.g., a packet) informing them that the SIM has been deactivated. An deactivated state may have an activated state as a prerequisite, have possible next states of activated, purged, or retired, have no exclusivity rule, not be a required state, and be only allowed to have a manual transition to a next state.
- A retired state can be used to allow a SIM, or a device with a SIM, to be retired by the provider or the user. In a retired state the SIM will not be allowed to authenticate and billing ends. A retired state may have any state as a prerequisite except purged, have any possible next states (i.e., all states possible), have no exclusivity rule, not be a required state, and be only allowed to have a manual transition to a next state.
- A purged state can be used to allow a SIM, or a device with a SIM, to be purged by the provider. In a purged state the SIM will not be allowed to authenticate and the subscriber identification is removed from the system (e.g., IMSI permanently removed from the HLR of the provider system). A purged state may have any state as a prerequisite, have no possible next states, have no exclusivity rule, not be a required state, and be not allowed to have any transitions to a next state.
- In some embodiments, a state is defined by a customer. In some embodiments, the state is defined using an Internet-based service.
- In some embodiments, a state definition does not support communication sessions and a transition to that state will terminate existing open communication sessions.
- In some embodiments, a first wireless communication provisioning state allows a communication device to pass traffic without incurring any billing charges, and an associated state transition rule allows an automated transition to a second provisioning state where the second provisioning state incurs billing charges. In some embodiments, a first wireless communication provisioning state allows a communication device to pass traffic without incurring any billing charges, and an associated state transition rule allows an automated transition to the second provisioning state, where the second provisioning state does not allow the communication device to pass traffic.
- In 802, state transition rule(s) between two states is/are defined. A transition from one state to another may occur automatically on a predetermined condition or manually. If the transition is based on a condition is met (e.g., upon first data communication—packet data protocol context established), the state will automatically change from one to another (e.g., activation ready state to activated state). In various embodiments, the transition condition is based on one or more of the following: a predetermined amount of elapsed time since a prior state transition, an amount of service usage above a predetermined amount of service usage, one or more service signalings, or any other appropriate condition. In various embodiments, the condition is based on an exclusivity rule, a state rule, a communication data transfer, or any other appropriate condition. A manual change from one state to another requires an intervention directly from the provider system—for example, an action through a manager portal, by uploading a file to the SIM or device with the SIM, or an application programming interface (API) call.
- In various embodiments, a state transition rule can be defined for an individual device or a group of devices, or different rules can be defined for different individual devices or different groups of devices, or any other appropriate combination as appropriate for meeting the needs of a supplier of devices.
- In some embodiments, a group of states are defined and a group of transition rules are defined, and then a selection of states and transition rules are associated with one or more identifiers.
- In some embodiments, a customer selects a state transition rule. In some embodiments, a customer defines a state transition rule. In various embodiments, the state transition rule is selected and/or defined using an Internet-based service, using a local program interface, or any other appropriate manner of selecting and defining a state transition rule.
- In some embodiments, a state transition rule when activated terminates existing communication sessions.
-
FIG. 9 is a block diagram illustrating an embodiment of a state definition. In some embodiments, a state is associated with an identifier—for example, a SIM, a device identifier (e.g., an international mobile equipment identifier), a vendor identifier, or any other appropriate identifier. In the example shown, a state definition includes state name, state description, required state flag, prerequisite state, allowed next state(s), exclusivity rule, and transition mode(s) available that describe conditions allowing transitions between states. For example, a test ready state has: a) a state name of test ready; b) a state description of SIM is able to tested in its operation with the network by a manufacturer in a limited manner without being billed; c) a required state flag indicating that the test ready state is required; d) there is no prerequisite state for the test ready state; e) allowed next states from test ready are inventory, activation ready, activated, retired, or purged; f) there is no exclusivity rule for the test ready state; and g) the transition modes available are automatic to either an inventory state or an activation ready state based on an exclusivity rule or manual change. -
FIG. 10 illustrates an embodiment of a state transition rule definition. In various embodiments, a state transition rule definition is associated with a state associated with an identifier or an identifier. In the example shown, a state transition rule definition includes current state, transition condition, state transitioned to, and transition description. For example, a SIM can be manually changed from an inventory state to an activation ready state when the device that the SIM is in is deployed by selling the unit to a retail customer, by having a service provider place the unit in the field, or by any other appropriate manner. For another example, a SIM can be automatically changed from an activation ready state to an active state when a PDP context is established and data is communicated to and from the SIM, or device with the SIM in it. -
FIG. 11 is a flow diagram illustrating an embodiment of states of a channel sale model for provisioning and the transitions between the states. In some embodiments, the starting default state of a SIM is the test ready state. In the example shown, in test ready state 1100 a device is ready for testing. The SIM is shipped in the test ready state to an original equipment manufacturer (OEM)—for example, a customer wanting to use the connectivity services provided by the provider which enables a user's device to have data communication to the customer via one or more carrier networks. In testready state 1100, the SIM is allowed to provision and establish a PDP session (e.g., it can connect to GGSN of a carrier network, connect to internet, and connect to the customer's application server). When the SIM is in the test ready state, no billing to the OEM occurs. This connectivity is allowed for until thetransition 1101.Transition 1101 from the test ready state is either a manually triggered transition or an automatically triggered based on a condition where the condition is the when the SIM has reached: 1) a maximum number of PDP sessions has occurred—for example, 10; 2) a maximum amount of data has been transmitted/received to and from the SIM/device via the carrier network—for example, 100 Kbytes; or 3) a maximum amount of time has elapsed since the first PDP context in this test ready state—for example, 90 days. When the transition is triggered, then the SIM switches toinventory state 1102. - In
inventory state 1102, a device is waiting to be transferred to a user. In this state, no connectivity is enabled, and no billing occurs. The state is maintained untiltransition 1103.Transition 1103 occurs when the OEM or the customer or its channel service providers manually triggers a state change. When the state change is triggered, the SIM is changed to activatedstate 1104. Inactivated state 1104, a device is being used by user. Inactivated state 1104, the SIM is able to establish a PDP session and connect and transfer data to a customer application server via a carrier network. The user is billed for the service provided by the provider. Billing information is provided to the customer by gathering the relevant data from the network carriers and the provider's data bases. The SIM remains in the active state until triggered to transition.Transition 1105 may be triggered manually or automatically. In various embodiments,transition 1105 is triggered automatically by a maximum number of connections allowed, a maximum amount of data transferred, a maximum amount of time since the start of PDP sessions, or any other appropriate automatic trigger condition. In some embodiments, the user or the customer can also manually triggertransition 1105 to a deactivatedstate 1106. - In
deactivated state 1106, a device is finished being used as requested by an end user or by a customer system request by being in a deactivated state. Indeactivated state 1106, the SIM is not able to connect and establish a PDP session. While in deactivatedstate 1106, there is no billing for connectivity.Transition 1107 can be triggered automatically (e.g., after a period of time) or manually (e.g., by the customer). Whentransition 1107 is triggered, the SIM changes state to purgedstate 1108. In purgedstate 1108, the SIM and the device the SIM is in, is removed from the system. In purgedstate 1108, the SIM is not able to connect and establish a PDP session. There is no billing associated with the trigger or the state. Accounting for the customer may remove the item from inventory or asset lists. Purgedstate 1108 automatically removes the IMSI and International Circuit Card Identifier (ICCID) from the HLR of the provider system. -
FIG. 12 is a flow diagram illustrating an embodiment of states of a retail sale model for provisioning and the transitions between the states. The states and transitions inFIG. 12 are similar to the states and transitions inFIG. 11 except for the activation ready state. In some embodiments, the starting default state of a SIM is the test ready state. In the example shown, in test ready state 1200 a device is ready for testing. The SIM is shipped in the test ready state to an original equipment manufacturer (OEM)—for example, a customer wanting to use the connectivity services provided by the provider which enables a user's device to have data communication to the customer via one or more carrier networks. In testready state 1200, the SIM is allowed to provision and establish a PDP session (e.g., it can connect to GGSN of a carrier network, connect to internet, and connect to the customer's application server). When the SIM is in the test ready state, no billing to the OEM occurs. This connectivity is allowed for until thetransition 1201.Transition 1201 from the test ready state is either a manually triggered transition or an automatically triggered based on a condition where the condition is the when the SIM has reached: 1) a maximum number of PDP sessions has occurred—for example, 5; 2) a maximum amount of data has been transmitted/received to and from the SIM/device via the carrier network—for example, 1 Mbytes; or 3) a maximum amount of time has elapsed since the first PDP context in this test ready state—for example, 1 year. When the transition is triggered, then the SIM switches to activationready state 1202. - In activation
ready state 1202, a device is waiting to be transferred to a user. In various embodiments, the activation ready state is set after testing by the OEM when the device is being shipped from the OEM to retail locations, distribution partners, directly to end users, or when the SIM, or device with the SIM, is about to be in the end users hands but is not ready to have billing/service fully implemented. In this state, SIM connectivity is enabled, and a PDP session can be established. Upon the first PDPsession occurring transition 1203 is triggered. When the state change is triggered, the SIM is changed to activatedstate 1204. Inactivated state 1204, a device is being used by user. Inactivated state 1204, the SIM is able to establish a PDP session and connect and transfer data to a customer application server via a carrier network. The user is billed for the service provided by the provider. Billing information is provided to the customer by gathering the relevant data from the network carriers and the provider's data bases. The SIM remains in the active state until triggered to transition.Transition 1205 may be triggered manually or automatically. In various embodiments,transition 1205 is triggered automatically by a maximum number of connections allowed, a maximum amount of data transferred, a maximum amount of time since the start of PDP sessions, or any other appropriate automatic trigger condition. In some embodiments, the user or the customer can also manually triggertransition 1205 to a deactivatedstate 1206. - In
deactivated state 1206, a device is finished being used as requested by an end user or by a customer system request by being in a deactivated state. Indeactivated state 1206, the SIM is not able to connect and establish a PDP session. While in deactivatedstate 1206, there is no billing for connectivity.Transition 1207 can be triggered automatically (e.g., after a period of time) or manually (e.g., by the customer). Whentransition 1207 is triggered, the SIM changes state to purgedstate 1208. In purgedstate 1208, the SIM and the device the SIM is in, is removed from the system. In purgedstate 1208, the SIM is not able to connect and establish a PDP session. There is no billing associated with the trigger or the state. Accounting for the customer may remove the item from inventory or asset lists. Purgedstate 1208 automatically removes the IMSI and International Circuit Card Identifier (ICCID) from the HLR of the global platform provider system. -
FIG. 13 is a flow diagram illustrating an embodiment of a process for provisioning wireless communication. In the example shown, in 1300 definitions for states associated with an identifier are received. In some embodiments, state definitions and/or selections are received using an internet-based application. In various embodiments, state definitions are the same or different for different identifiers. In various embodiments, a state for provisioning (e.g., a device) allows billing, allows communication sessions, allows activation, does not allow billing, does not allow communication sessions, does not allow activation, or any other appropriate action associated with a state. In 1302, definition(s) for state transition rule(s) between two states is/are received. In some embodiments, state transition rule definitions and/or selections are received using an internet-based application. In various embodiments, the transitions are automatic or manual and are triggered with a transition condition. In various embodiments, the automatic and/or manual transition conditions include an elapsed time from a prior state, prior transition, or prior specific/any communication, an absolute time, an absolute date, after a predetermined amount of traffic, before a predetermined level of traffic is reached, after communication with a specific location, number, device, service center, after sending a service indication, a system message, after receipt of a service message, condition, communication from a specific location, device, server, service center, or any other appropriate transition condition. In 1304, it is determined if a transition condition associated with a transition rule for current state is met. In the event that an appropriate transition condition has not been met, control stays with 1304. In the event that an appropriate transition condition is met, then in 1306 allow transition between the two states as appropriate for the transition rule. In some embodiment, the implementation of provisioning states, state transition rule enforcement, and evaluation of transition conditions takes place on a server that communicates with a wireless network and wireless device. In one embodiment, the server is located in, or otherwise operated by, a global platform provider's control center. - Although the foregoing embodiments have been described in some detail for purposes of clarity of understanding, the invention is not limited to the details provided. There are many alternative ways of implementing the invention. The disclosed embodiments are illustrative and not restrictive.
Claims (1)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/997,033 US20160134990A1 (en) | 2005-04-29 | 2016-01-15 | Global platform for managing subscriber identity modules |
Applications Claiming Priority (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/119,401 US8346214B2 (en) | 2005-04-29 | 2005-04-29 | Self provisioning of wireless terminals in wireless networks |
US11/398,493 US8498615B2 (en) | 2005-04-29 | 2006-04-04 | Self provisioning of wireless terminals in wireless networks |
US11/804,582 US8745184B1 (en) | 2007-05-18 | 2007-05-18 | Wireless communication provisioning using state transition rules |
US13/340,997 US8275357B1 (en) | 2005-04-29 | 2011-12-30 | Global platform for managing subscriber identity modules |
US13/622,172 US8626164B2 (en) | 2005-04-29 | 2012-09-18 | Global platform for managing subscriber identity modules |
US14/146,401 US8897776B2 (en) | 2005-04-29 | 2014-01-02 | Global platform for managing subscriber identity modules |
US14/543,629 US9247415B2 (en) | 2005-04-29 | 2014-11-17 | Global platform for managing subscriber identity modules |
US14/997,033 US20160134990A1 (en) | 2005-04-29 | 2016-01-15 | Global platform for managing subscriber identity modules |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/543,629 Continuation US9247415B2 (en) | 2005-04-29 | 2014-11-17 | Global platform for managing subscriber identity modules |
Publications (1)
Publication Number | Publication Date |
---|---|
US20160134990A1 true US20160134990A1 (en) | 2016-05-12 |
Family
ID=37235115
Family Applications (6)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/119,401 Active US8346214B2 (en) | 2005-04-29 | 2005-04-29 | Self provisioning of wireless terminals in wireless networks |
US13/340,997 Active US8275357B1 (en) | 2005-04-29 | 2011-12-30 | Global platform for managing subscriber identity modules |
US13/622,172 Active US8626164B2 (en) | 2005-04-29 | 2012-09-18 | Global platform for managing subscriber identity modules |
US14/146,401 Active US8897776B2 (en) | 2005-04-29 | 2014-01-02 | Global platform for managing subscriber identity modules |
US14/543,629 Expired - Fee Related US9247415B2 (en) | 2005-04-29 | 2014-11-17 | Global platform for managing subscriber identity modules |
US14/997,033 Abandoned US20160134990A1 (en) | 2005-04-29 | 2016-01-15 | Global platform for managing subscriber identity modules |
Family Applications Before (5)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/119,401 Active US8346214B2 (en) | 2005-04-29 | 2005-04-29 | Self provisioning of wireless terminals in wireless networks |
US13/340,997 Active US8275357B1 (en) | 2005-04-29 | 2011-12-30 | Global platform for managing subscriber identity modules |
US13/622,172 Active US8626164B2 (en) | 2005-04-29 | 2012-09-18 | Global platform for managing subscriber identity modules |
US14/146,401 Active US8897776B2 (en) | 2005-04-29 | 2014-01-02 | Global platform for managing subscriber identity modules |
US14/543,629 Expired - Fee Related US9247415B2 (en) | 2005-04-29 | 2014-11-17 | Global platform for managing subscriber identity modules |
Country Status (2)
Country | Link |
---|---|
US (6) | US8346214B2 (en) |
EP (2) | EP3253092B1 (en) |
Families Citing this family (41)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101534498B (en) * | 2008-03-11 | 2010-09-22 | 中国移动通信集团公司 | Method for realizing international roaming, roaming treatment equipment and communication system |
US8965338B2 (en) * | 2008-06-09 | 2015-02-24 | Apple Inc | Network access control methods and apparatus |
US8938232B2 (en) * | 2011-11-21 | 2015-01-20 | Iqsim | Method and system for allowing a user of a mobile terminal to beneficiate services of a foreign mobile network as a regular subscriber thereof |
US10455071B2 (en) | 2012-05-09 | 2019-10-22 | Sprint Communications Company L.P. | Self-identification of brand and branded firmware installation in a generic electronic device |
GB2504968B (en) | 2012-08-15 | 2016-09-14 | Eseye Ltd | Multi IMSI system and method |
EP2704466A1 (en) * | 2012-09-03 | 2014-03-05 | Alcatel Lucent | Smart card personnalization with local generation of keys |
FR2997209B1 (en) * | 2012-10-19 | 2016-01-01 | Titan Germany Ii Gp | SYSTEM AND METHOD FOR SECURING DATA EXCHANGES, USER PORTABLE OBJECT, AND REMOTE DATA DOWNLOAD DEVICE |
CN104081804B (en) * | 2013-01-17 | 2018-03-13 | 华为技术有限公司 | Method and network element, terminal of a kind of mobile network to terminal authentication |
US9451446B2 (en) * | 2013-01-18 | 2016-09-20 | Sprint Communications Company L.P. | SIM profile brokering system |
US9549009B1 (en) | 2013-02-08 | 2017-01-17 | Sprint Communications Company L.P. | Electronic fixed brand labeling |
US9958228B2 (en) | 2013-04-01 | 2018-05-01 | Yardarm Technologies, Inc. | Telematics sensors and camera activation in connection with firearm activity |
US9395132B2 (en) | 2013-04-01 | 2016-07-19 | Yardarm Technologies, Inc. | Methods and systems for enhancing firearm safety through wireless network monitoring |
US9400150B2 (en) | 2013-04-01 | 2016-07-26 | Yardarm Technologies, Inc. | Methods and systems for enhancing firearm safety through wireless network monitoring |
US9404698B2 (en) | 2013-04-01 | 2016-08-02 | Yardarm Technologies, Inc. | Methods and systems for enhancing firearm safety through wireless network monitoring |
WO2014181479A1 (en) * | 2013-05-07 | 2014-11-13 | サン電子株式会社 | Management device |
US9532211B1 (en) | 2013-08-15 | 2016-12-27 | Sprint Communications Company L.P. | Directing server connection based on location identifier |
US10506398B2 (en) | 2013-10-23 | 2019-12-10 | Sprint Communications Company Lp. | Implementation of remotely hosted branding content and customizations |
US9743271B2 (en) | 2013-10-23 | 2017-08-22 | Sprint Communications Company L.P. | Delivery of branding content and customizations to a mobile communication device |
US9603009B1 (en) | 2014-01-24 | 2017-03-21 | Sprint Communications Company L.P. | System and method of branding a device independent of device activation |
US9967735B2 (en) * | 2014-01-24 | 2018-05-08 | Deere & Company | Method and system for controlling wireless access or authorized features of a mobile transceiver |
US9681251B1 (en) | 2014-03-31 | 2017-06-13 | Sprint Communications Company L.P. | Customization for preloaded applications |
KR102184305B1 (en) * | 2014-09-12 | 2020-11-30 | 삼성전자 주식회사 | Method for processing authorization, electronic device and server for supporting the same |
US11606685B2 (en) | 2014-09-17 | 2023-03-14 | Gigsky, Inc. | Apparatuses, methods and systems for implementing a trusted subscription management platform |
US10516990B2 (en) | 2014-09-17 | 2019-12-24 | Simless, Inc. | Apparatuses, methods and systems for implementing a trusted subscription management platform |
EP3764678B1 (en) | 2014-09-17 | 2023-11-01 | Simless, Inc. | Apparatus for implementing a trusted subscription management platform |
US11172352B2 (en) | 2014-09-17 | 2021-11-09 | Gigsky, Inc. | Apparatuses, methods, and systems for configuring a trusted java card virtual machine using biometric information |
US9992326B1 (en) | 2014-10-31 | 2018-06-05 | Sprint Communications Company L.P. | Out of the box experience (OOBE) country choice using Wi-Fi layer transmission |
US9398462B1 (en) | 2015-03-04 | 2016-07-19 | Sprint Communications Company L.P. | Network access tiered based on application launcher installation |
US12108488B2 (en) | 2015-05-16 | 2024-10-01 | Gigsky, Inc. | Apparatuses, methods and systems for virtualizing a reprogrammable universal integrated circuit chip |
US9913132B1 (en) | 2016-09-14 | 2018-03-06 | Sprint Communications Company L.P. | System and method of mobile phone customization based on universal manifest |
US10021240B1 (en) | 2016-09-16 | 2018-07-10 | Sprint Communications Company L.P. | System and method of mobile phone customization based on universal manifest with feature override |
US10306433B1 (en) | 2017-05-01 | 2019-05-28 | Sprint Communications Company L.P. | Mobile phone differentiated user set-up |
US10721272B2 (en) | 2017-06-15 | 2020-07-21 | Palo Alto Networks, Inc. | Mobile equipment identity and/or IOT equipment identity and application identity based security enforcement in service provider networks |
US10708306B2 (en) | 2017-06-15 | 2020-07-07 | Palo Alto Networks, Inc. | Mobile user identity and/or SIM-based IoT identity and application identity based security enforcement in service provider networks |
US11050789B2 (en) | 2017-06-15 | 2021-06-29 | Palo Alto Networks, Inc. | Location based security in service provider networks |
US10834136B2 (en) | 2017-06-15 | 2020-11-10 | Palo Alto Networks, Inc. | Access point name and application identity based security enforcement in service provider networks |
US10812532B2 (en) | 2017-06-15 | 2020-10-20 | Palo Alto Networks, Inc. | Security for cellular internet of things in mobile networks |
CN111770463A (en) * | 2020-06-28 | 2020-10-13 | 中国联合网络通信集团有限公司 | Roaming charging method based on block chain and roaming charging node |
CN111866781B (en) * | 2020-07-28 | 2021-08-03 | 中国联合网络通信集团有限公司 | Roaming settlement method based on block chain and roaming settlement node |
CN114286284B (en) * | 2021-12-01 | 2023-08-11 | 中国联合网络通信集团有限公司 | Business circle grading method and device |
CN114418353A (en) * | 2021-12-30 | 2022-04-29 | 山东奥邦交通设施工程有限公司 | Method and system for publishing and executing online examination task |
Family Cites Families (66)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4833701A (en) * | 1988-01-27 | 1989-05-23 | Motorola, Inc. | Trunked communication system with nationwide roaming capability |
US5379423A (en) | 1988-09-28 | 1995-01-03 | Hitachi, Ltd. | Information life cycle processor and information organizing method using it |
KR100187513B1 (en) * | 1990-03-08 | 1999-05-15 | 에를링블로메 | Dynamic allocation of roamer routing numbers system and method |
US5734699A (en) * | 1995-05-04 | 1998-03-31 | Interwave Communications International, Ltd. | Cellular private branch exchanges |
US5854982A (en) * | 1995-08-21 | 1998-12-29 | Motorola, Inc. | Communication system architecture and method of routing therefor |
US5864757A (en) * | 1995-12-12 | 1999-01-26 | Bellsouth Corporation | Methods and apparatus for locking communications devices |
JPH1065801A (en) * | 1996-08-26 | 1998-03-06 | Nec Corp | System for identifying mobile equipment |
US5943619A (en) * | 1997-04-29 | 1999-08-24 | Ericsson Inc. | Shared interworking of subscriber features within mobile telecommunications networks |
AU747302B2 (en) * | 1998-04-17 | 2002-05-16 | Swisscom Mobile Ag | Roaming method and devices appropriate therefor |
US6584310B1 (en) | 1998-05-07 | 2003-06-24 | Lucent Technologies Inc. | Method and apparatus for performing authentication in communication systems |
FR2790161A1 (en) | 1999-02-18 | 2000-08-25 | Schlumberger Systems & Service | Two network mobile telephone roaming subscriber identification technique having separate subscriber network interface modules corresponding regularly verifying/updating coverage and automatically returning correct network identity. |
US6285880B1 (en) | 1999-05-14 | 2001-09-04 | Telefonaktiebolaget L M Ericsson (Publ) | Intersystem message indicator specifying MIN or IMSI usage |
US6393286B1 (en) | 1999-11-17 | 2002-05-21 | Telefonaktiebolaget Lm Ericsson (Publ) | Method for improving handovers between mobile communication systems |
US7266371B1 (en) | 2000-02-22 | 2007-09-04 | Cingular Wireless Ii, Llc | Activation and remote modification of wireless services in a packet network context |
US7254392B2 (en) | 2000-02-28 | 2007-08-07 | Nokia Corporation | Intersystem handover with modified parameters |
FR2814029B1 (en) | 2000-09-08 | 2003-07-25 | Transatel | IMPROVED METHOD AND DEVICE FOR CONNECTING A TERMINAL TO MULTIPLE TELECOMMUNICATIONS NETWORKS |
JP3639200B2 (en) | 2000-09-08 | 2005-04-20 | 株式会社東芝 | COMMUNICATION SYSTEM, MOBILE TERMINAL DEVICE, GATEWAY DEVICE, ADDRESS ALLOCATION METHOD, AND SEARCH SERVICE METHOD |
FR2814030B1 (en) | 2000-09-08 | 2003-06-20 | Transatel | METHOD AND DEVICE FOR CONNECTING A TERMINAL TO SEVERAL TELECOMMUNICATION NETWORKS |
US7487232B1 (en) | 2000-09-13 | 2009-02-03 | Fortinet, Inc. | Switch management system and method |
JP2002232573A (en) | 2001-01-31 | 2002-08-16 | Nec Corp | Mobile communication terminal, mobile communication system and service providing device |
GB0103918D0 (en) | 2001-02-16 | 2001-04-04 | Pathfinder Tech Resources Ltd | Mobile telephone operation |
US7155226B1 (en) | 2001-04-17 | 2006-12-26 | Sprint Spectrum L.P. | Method and system for serving multiple subscriber stations under a common subscriber ID |
TW508933B (en) | 2001-04-23 | 2002-11-01 | Inventec Appliances Corp | Method for automatically switching SIM card of mobile phone and device therefor |
JP4744725B2 (en) | 2001-05-25 | 2011-08-10 | 三菱電機株式会社 | Interference canceller |
US7869826B2 (en) | 2001-06-15 | 2011-01-11 | Nokia Corporation | Method and apparatus for relating communications system identifications (SIDS) |
US6603968B2 (en) * | 2001-06-22 | 2003-08-05 | Level Z, L.L.C. | Roaming in wireless networks with dynamic modification of subscriber identification |
US6856517B2 (en) | 2001-06-29 | 2005-02-15 | Intel Corporation | Emission compliant device enclosure with interchangeable bezel |
ATE358957T1 (en) * | 2001-07-18 | 2007-04-15 | Togewa Holding Ag | TELECOMMUNICATIONS METHOD, IDENTIFICATION MODULE AND COMPUTERIZED SERVICE UNIT |
US8107937B2 (en) * | 2001-07-31 | 2012-01-31 | Nokia Corporation | System and method for automatic provisioning detection and notification |
JP4024022B2 (en) | 2001-08-22 | 2007-12-19 | 本田技研工業株式会社 | Crankshaft phasing structure |
US7065740B2 (en) | 2001-08-24 | 2006-06-20 | Microsoft Corporation | System and method to automate the management of computer services and programmable devices |
US6907242B2 (en) | 2001-10-02 | 2005-06-14 | Ericsson Inc. | Local subscriber number and services for non-local wireless subscribers |
GB2388745A (en) | 2002-04-30 | 2003-11-19 | Hewlett Packard Co | Mobile communication system with service quality feedback |
JP2004007190A (en) * | 2002-05-31 | 2004-01-08 | Kyocera Corp | Radio communication terminal |
US6689011B1 (en) | 2002-08-02 | 2004-02-10 | General Motors Corporation | Planetary transmissions with three gear sets and a stationary fixed interconnection |
US6961595B2 (en) | 2002-08-08 | 2005-11-01 | Flarion Technologies, Inc. | Methods and apparatus for operating mobile nodes in multiple states |
US7330448B2 (en) | 2002-08-21 | 2008-02-12 | Thomson Licensing | Technique for managing quality of services levels when interworking a wireless local area network with a wireless telephony network |
US7027813B2 (en) * | 2002-08-23 | 2006-04-11 | Sony Ericsson Mobile Communications Ab | System and method for home network determination in a mobile phone |
WO2004040931A2 (en) | 2002-10-30 | 2004-05-13 | Research In Motion Limited | Methods and device for preferably selecting a communication network which makes data service available |
US7548746B2 (en) * | 2002-11-01 | 2009-06-16 | At&T Mobility Ii Llc | General purpose automated activation and provisioning technologies |
US6993335B2 (en) | 2002-11-15 | 2006-01-31 | Motorola, Inc. | Apparatus and method for mobile/IP handoff between a plurality of access technologies |
US6997379B2 (en) | 2003-04-09 | 2006-02-14 | Motorola, Inc. | Method for performing identity card provisioning for mobile communication device order fulfillment |
US7987449B1 (en) | 2003-05-22 | 2011-07-26 | Hewlett-Packard Development Company, L.P. | Network for lifecycle management of firmware and software in electronic devices |
EP1513358B1 (en) | 2003-09-03 | 2007-03-07 | Research In Motion Limited | Home network name displaying methods and apparatus |
SE527662C2 (en) * | 2003-10-02 | 2006-05-02 | Smarttrust Ab | Method and mobile telecommunication network for detecting device information |
US7565141B2 (en) | 2003-10-08 | 2009-07-21 | Macaluso Anthony G | Over the air provisioning of mobile device settings |
US7395083B2 (en) | 2003-10-30 | 2008-07-01 | Research In Motion Limited | Methods and apparatus for the communication of cellular network information between a wireless local area network and a mobile station |
TWI313414B (en) | 2003-11-04 | 2009-08-11 | Hon Hai Prec Ind Co Ltd | Device and system for expansion of computer bus |
US20050097595A1 (en) * | 2003-11-05 | 2005-05-05 | Matti Lipsanen | Method and system for controlling access to content |
ES2335885T3 (en) | 2003-11-13 | 2010-04-06 | Research In Motion Limited | METHODS AND APPLIANCES OF NETWORK SELECTION WITH PRIORITY OF LOCAL NETWORK IN THE BORDER REGIONS OF THE COUNTRY. |
US7676552B2 (en) | 2004-02-11 | 2010-03-09 | International Business Machines Corporation | Automatic provisioning of services based on a high level description and an infrastructure description |
GB0416227D0 (en) | 2004-07-20 | 2004-08-25 | Nokia Corp | A method for use in a communication system |
US20060030315A1 (en) | 2004-08-06 | 2006-02-09 | Christopher Smith | Method and system for provisioning wireless services using SIM information |
WO2006027772A2 (en) * | 2004-09-07 | 2006-03-16 | Starhome Gmbh | Roaming presence and context management |
US7155206B2 (en) * | 2004-09-14 | 2006-12-26 | Tekelec | Methods, systems, and computer program products for automatically provisioning intelligent network (IN) platforms, including home location registers (HLRS), and routing nodes with prepaid mobile subscriber information |
KR100762644B1 (en) | 2004-12-14 | 2007-10-01 | 삼성전자주식회사 | WLAN-UMTS Interworking System and Authentication Method Therefor |
US7673325B2 (en) | 2005-02-01 | 2010-03-02 | Microsoft Corporation | Configuration of WiFi network parameters |
WO2006081656A1 (en) | 2005-02-03 | 2006-08-10 | Blueslice Networks Inc. | Dynamic identity association within a wireless network |
US7289805B2 (en) * | 2005-03-14 | 2007-10-30 | Newstep Networks Inc. | Method and system for providing a temporary subscriber identity to a roaming mobile communications device |
US8745184B1 (en) * | 2007-05-18 | 2014-06-03 | Jasper Wireless, Inc. | Wireless communication provisioning using state transition rules |
US7788352B2 (en) | 2005-07-14 | 2010-08-31 | Yahoo! Inc. | System and method for servicing a user device |
US8112549B2 (en) | 2005-07-14 | 2012-02-07 | Yahoo! Inc. | Alert mechanism for notifying multiple user devices sharing a connected-data-set |
ATE436165T1 (en) | 2005-07-27 | 2009-07-15 | Alcatel Lucent | METHOD FOR TRIGGERING A HANDOVER |
WO2007144956A1 (en) | 2006-06-16 | 2007-12-21 | Mitsubishi Electric Corporation | Mobile communication system and mobile terminal |
SG178713A1 (en) * | 2007-01-19 | 2012-03-29 | Roamware Inc | Method and system for providing roaming services to prepaid roamers of a home network |
US8145212B2 (en) * | 2007-12-06 | 2012-03-27 | Evolving Systems, Inc. | Wireless device activation |
-
2005
- 2005-04-29 US US11/119,401 patent/US8346214B2/en active Active
-
2006
- 2006-04-04 EP EP17182381.8A patent/EP3253092B1/en active Active
- 2006-04-04 EP EP14161608.6A patent/EP2763441B1/en not_active Not-in-force
-
2011
- 2011-12-30 US US13/340,997 patent/US8275357B1/en active Active
-
2012
- 2012-09-18 US US13/622,172 patent/US8626164B2/en active Active
-
2014
- 2014-01-02 US US14/146,401 patent/US8897776B2/en active Active
- 2014-11-17 US US14/543,629 patent/US9247415B2/en not_active Expired - Fee Related
-
2016
- 2016-01-15 US US14/997,033 patent/US20160134990A1/en not_active Abandoned
Also Published As
Publication number | Publication date |
---|---|
EP2763441B1 (en) | 2017-09-06 |
US8897776B2 (en) | 2014-11-25 |
US20140120912A1 (en) | 2014-05-01 |
EP2763441A1 (en) | 2014-08-06 |
US8346214B2 (en) | 2013-01-01 |
US20150072682A1 (en) | 2015-03-12 |
US20120238265A1 (en) | 2012-09-20 |
US9247415B2 (en) | 2016-01-26 |
US20120142314A1 (en) | 2012-06-07 |
US8275357B1 (en) | 2012-09-25 |
EP3253092A1 (en) | 2017-12-06 |
US20130017830A1 (en) | 2013-01-17 |
EP3253092B1 (en) | 2019-06-12 |
US8626164B2 (en) | 2014-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9247415B2 (en) | Global platform for managing subscriber identity modules | |
US9462453B2 (en) | Global platform for managing subscriber identity modules | |
US20170026823A1 (en) | Global platform for managing subscriber identity modules | |
US8498615B2 (en) | Self provisioning of wireless terminals in wireless networks | |
US7289805B2 (en) | Method and system for providing a temporary subscriber identity to a roaming mobile communications device | |
US9338636B2 (en) | Wireless communication provisioning using state transition rules | |
CN113329403B (en) | One-number multi-terminal authentication network access method and system | |
US8583081B2 (en) | Method for calculating a first identifier of a secure element of a mobile terminal according to a second identifier of said secure element |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: JASPER TECHNOLOGIES, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BARKLEY, SCOTT;GUPTA, AMIT;COLLINS, DANIEL G.;AND OTHERS;SIGNING DATES FROM 20160203 TO 20160208;REEL/FRAME:037757/0118 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |
|
AS | Assignment |
Owner name: JASPER TECHNOLOGIES LLC, DELAWARE Free format text: CHANGE OF NAME;ASSIGNOR:JASPER TECHNOLOGIES, INC.;REEL/FRAME:041823/0259 Effective date: 20160322 Owner name: CISCO TECHNOLOGY, INC., CALIFORNIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:JASPER TECHNOLOGIES LLC;REEL/FRAME:041823/0655 Effective date: 20170222 |