CN104335619A - Remote unlocking of telecommunication device functionality - Google Patents
Remote unlocking of telecommunication device functionality Download PDFInfo
- Publication number
- CN104335619A CN104335619A CN201380020694.9A CN201380020694A CN104335619A CN 104335619 A CN104335619 A CN 104335619A CN 201380020694 A CN201380020694 A CN 201380020694A CN 104335619 A CN104335619 A CN 104335619A
- Authority
- CN
- China
- Prior art keywords
- telecommunication apparatus
- function
- unlock
- request
- instruction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/183—Processing at user equipment or user record carrier
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
Abstract
Techniques are described herein for deciding whether to unlock functionality of a telecommunication device based on one or more policies. A policy engine remote from the telecommunication device may receive, via a user interface associated with the policy engine, a request to unlock the functionality. The policy engine may then decide whether to unlock the functionality and, in response to deciding to unlock the functionality, may cause transmission of instructions to the telecommunication device to unlock the functionality.
Description
The cross reference of related application
Patent application claims enjoys in the U.S. patent Nos application serial No.13/840 that the title submitted on March 15th, 2013 is " Remote Unlocking of Telecommunication Device Functionality ", 045, and in its female case U.S. Provisional Patent Application No.61/636 of submission on April 20th, 2012, 499, in the U.S. Provisional Patent Application No.61/645 that on May 10th, 2012 submits to, 546 and on August 17th, 2012 submit to U.S. Provisional Patent Application No.61/684, the priority of 683, these patent applications are incorporated into this by way of reference and completely.Present patent application is still in the U.S. Patent application No.13/660 that on October 25th, 2012 submits to, the part continuation application of 350, the U.S. Provisional Patent Application No.61/552 that this patent application hereby claims was submitted on October 27th, 2011, the priority of 353, these two patent applications are all incorporated into this by way of reference and completely.
Background technology
Modern telecommunication services provider produces their many incomes by selling suitable radio communication service and equipment to their client, their good long-cherished wish is that these services and equipment will be used according to its desired use.Such as, specific telco service provider is by selling prepayment or rear pay (that is, based on the Rate Plan subscribed to) and allow to access its radio communication service to client, it is associated with the service level agreements of each client usually.Telco service provider also can require that its client buys the specific communication equipment of corresponding provider to access its proprietary communication service, comprising mobile phone, personal digital assistant, panel computer etc.
In addition, telco service provider and mobile device manufacturers reach prefitable commercial agreement, and the product of the manufacturer of selection is tied to specific service provider in the mode of contract by it.In fact, these agreements are considered, comprising other factors many such as customer basis, existing market occupation rate, predict device sales volume of service provider based on many important real worlds.But, when user deviates from desired service use and retail units buys, negative impact can be produced on the commercial relations of these reciprocal mutual benefits.Thus consider client's abnormal phenomena of these types, for service provider and affiliated equipment manufacturers, it is very important for cooperating with one another in order to ensure contract parties can both realize the common business goal of their independent sum.
Except unexpected client deviates from this problem, the client of many versed in technical knowledge also plans by using software and hardware workaround or cracking (hack) method (it makes them can obtain unauthorized access to telecommunications service and equipment) business and market target that new mode hinders telco service provider and equipment manufacturers.The client of this subset can walk around the security measures used in the proprietary communication equipment of attached telco service provider, and obtains unafilliated, general/non-locking equipment, to avoid buying service and product from they respective telco service providers.
Such as, some telecommunication apparatus user performs non-authorised software, to destroy the specific security characteristic of their respective equipment, thus obtains and accesses the root rank (root-level) of the operating system (OS) of their equipment.Realizing the access of this OS rank allows user to download not by the additional application of the Authorized Service Provider of equipment and/or Media Content Provider approval, expansion and theme.This abuse of carrier lock communication equipment is industrially carried out " escaping from prison " sometimes referred to as to equipment, and its can allow non-locking, obtained the access to the unauthorized services of multiple telco service provider by the equipment of escaping from prison.
Buy After-market (after-market) product being called as " SIM partition (SIM-shim) " by another example of cracking of usual hardware that some telecommunication apparatus user adopts, it is one piece of thin laminate circuit, is designed to be applicable to putting between subscriber identity module (SIM) card of service provider and the SIM slot of telecommunication apparatus.SIM-shim equipment can be used to allow user to unlock its carrier lock equipment, only simply this annex need be inserted its equipment, the device security feature realized thus being used for keeping described equipment to be limited to the service of specific telco service provider covers.
It will be understood by those skilled in the art that, aloft to be obtained by corresponding service provider by stored energy and and then unique International Mobile Subscriber mark (IMSI) of certification, SIM card makes telecommunication service subscriber can be identified on the network of correspondingly service provider when each subscriber equipment communicates with its telco service provider.SIM IMSI generally comprises following information: turnover zone code (MCC), Mobile Network Code (MNC) and mobile subscriber identification number (MSIN).This information allows the SIM card of being issued by provider of user to carry out identifying, registering and certification with distribution telco service provider.
Modern SIM card is that " present situation (as is) " sells, and to be meant to them be static and Rate Plan is specific, and this is because their IMSI data can not be modified after distribution.Based on this reason, client buys new telecommunication apparatus or new service program for seasonable from its service provider at every turn, and client can be sold the different SIM card that must be added to the existing user account that client locates service provider.In addition, most of SIM card generally to only include on enough equipment memory to store static IMSI data and minimum user contact infonnation, such as a small amount of important subscriber contact telephone number.
Accompanying drawing explanation
Be described in detail hereinafter with reference to accompanying drawing.
Fig. 1 shows the example context according to disclosed execution mode, wherein provider's service entities based on strategy and in response to user request and remotely unlock telecommunication apparatus.
Fig. 2 is the component level view of the computing equipment be associated with provider service entities according to disclosed execution mode.
Fig. 3 is based on strategy and the flow chart determining whether to unlock the instantiation procedure of the function of telecommunication apparatus in response to user's request according to provider's service entities of disclosed execution mode.
Embodiment
Although it should be understood that and present disclosure describes some examples and relevant execution mode, content of the present disclosure is not intended to all comprise in it illustrates or detailedly to comprise.Therefore, it should be understood that relevant theme of the present disclosure reasonably can be revised, rearranges or otherwise changed, to realize similar result when not departing from required spirit and scope of the presently claimed invention.
Present disclosure describes the technology that long-range provider service entities determines whether to unlock the function of telecommunication apparatus.The function of telecommunication apparatus can be locked for any one reason.Such as, the Rate Plan associated with SIM card and the Rate Plan be associated with telecommunication apparatus may not mate, and once thisly not mating of detecting, telecommunication apparatus can carry out lock function.This speed be locked in that on October 25th, 2012 submits to, name is called " Mobile Device-Type Locking ", application number is No.13/660, have a detailed description in the U.S. Patent application of 350.The function of telecommunication apparatus can be locked for other some other reason.Such as, telco service provider can have been lost by report in response to telecommunication apparatus or stolen, in response to account debt associate with telecommunication apparatus or expire in response to the service program associated with telecommunication apparatus, carry out the function of locking telecommunication apparatus.
The user associated with locked equipment can in several ways in any one mode contact telco service provider and carry out unlocker device.Such as, provider's service entities of telco service provider can be associated with website, and this website enables user select equipment to unlock option.Alternately, provider's service entities can be connected with customer service (customer care) or interactive voice response system, and user can send a telegraph customer service or interactive voice response system to ask to unlock.
The unblock that user asks can be permanent unblock or temporary unlock.If temporary unlock, user can select or specify the time cycle of unblock.Such as, when user will go to another country, and when will need to use the SIM card of different service provider to go the telecommunications service accessing this state, temporary unlock can be sought.
When initiating request, user may be required to provide device identification, such as international mobile station equipment identification code (IMEI), provider's service entities can verify this identification code according to equipment identity register (such as, equipment identity register (EIR)).If described request is by checking, then this request is provided to the policy engine of provider's service entities.
In various embodiments, policy engine can apply the one or more strategies received from strategy and the subscription manager (hereinafter referred to as " policy manager ") of supplier's service entities.Policy manager can the interpolation of enable one or more strategy, deletion and editor.In addition, policy manager can be responsible for arranging with representing telco service provider or the policy manager instrument of enterprise customer of input policing communicates.These strategies can reflect the service priority of telco service provider, plan and decision-making.Service-user can also with the mode input policing covered one by one, and these strategies are provided to policy manager by policy manager instrument and are provided to policy engine from policy manager.
Described policy engine at least determines whether based on one or more strategy the function unlocking telecommunication apparatus.Described policy engine also can consider the Rate Plan relevant to telecommunication apparatus or account status.If permanent unblock is sought in request, and if described policy engine based on strategy decision not unlocking function, then described policy engine can be in two pieces event below.First, described policy engine can impel message (such as, Short Message Service (SMS) message) to be sent to telecommunication apparatus, to notify that user's described request of telecommunication apparatus is rejected.The second, described policy engine can determine whether provide the temporary unlock of function (even if seeking permanent unblock).
In some embodiments, if temporary unlock is sought in request, if or described policy engine determine not provide permanent unblock, then described policy engine is at least partly based on one or more strategy, determines whether temporary unlock function.If described policy engine determines to refuse temporary unlock function, then described policy engine can impel message (such as, SMS message) to be sent to telecommunication apparatus, to notify that user's described request of telecommunication apparatus is rejected.
If described policy engine is at least partly based on one or more strategy, determine permanent or temporary unlock telecommunication apparatus, then described policy engine can impel message (such as, SMS message) to be sent to telecommunication apparatus, is allowed to unlock described in the user notifying telecommunication apparatus.If this unblock is temporary unlock, such message can comprise the time cycle of unblock.Described policy engine also notifies the solution lock manager of provider's service entities: the function of described telecommunication apparatus by permanent or temporary unlock, and if temporary unlock, also will will notify the time cycle of temporary unlock.
In some embodiments, described solution lock manager and described telecommunication apparatus securely communicate session.This secure communication even can extend to the identification module of telecommunication apparatus by the TSM Security Agent in the trusted execution environments of telecommunication apparatus and on identification module, such as SIM card.On March 15th, 2013 submits to, sequence number is 13/nnn, mmm, name is called that the U.S. Patent application of " SIM Lock II " provides the more detailed description about this safety.Once the unlock notification from described policy engine received, described solution lock manager transmits unlock command by described secure communication session to telecommunication apparatus, and when unlocking as temporary unlock, this instruction includes the time cycle.Then, described telecommunication apparatus can complete unblock based on instruction.
Fig. 1 depicts the telecommunication system/network 100 according to various execution mode of the present disclosure.Described telecommunication system 100 includes but not limited to provider's service entities 108 of communicating with 106 with multiple Affiliate Network server 104 and one or more network base station 118, this one or more network base stations 118 part by network backhaul 116 and/or other distributed portions (Fig. 1 is not shown) by network and the connection that has respectively to wide area network 102.In addition, system 100 comprises aerial transmission (OTA) interface be beneficial to by the radio communication of network base station 118 between provider's service entities 108 and one or more user's telecommunication apparatus 122a-c (such as, wireless network protocol (IP) data communicate with SMS 120a-c etc.).
It should be understood that the telecommunication system 100 of Fig. 1 is intended to illustrate the reduced representation of communication network, this communication network can be usually used in any mixing of 2G, 3G and 4G access technology in real world variation communication network is disposed.For brevity, these different communication technologys and alternative network topology do not describe or describe in the context of the telecommunication system 100 of Fig. 1.
Described telecommunication apparatus 122 can be the representative of any amount of conventional Wireless Telecom Equipment, comprising mobile phone, panel computer, electronic book equipment, portable game unit, personal media player etc., they can utilize one or more wireless base station 118 or other conventional wireless or cable network access technology any and be connected to communication network 100.In addition, user communication device 122 can be configured to run any known operating system, comprising but be not limited to Microsoft Windows
google
apple
linux
or other conventional mobile device operation system any.
In various embodiments, each telecommunication apparatus 122 can have the operating system 124 and trusted execution environments (TEE) 126 that are connected by trust layer connector (TLC) 128.Described operating system 124 comprises and unlocks application 130, and it can receive notice from provider's service entities 108 and instruction/triggering 120.Described unblock application 130 can allow (trustlet) 132 to provide instruction/triggering 120 to trust by TLC 128, and trusts the unblock that permission 132 can affect telecommunication apparatus 122.Another assembly of described trust permission 132 or TEE 126 also can provide secure connection to the identification module of telecommunication apparatus 122 (such as, SIM card).Described unblock application 130 can impel presenting of the display of described notice or some other types.These assemblies 124-132 of telecommunication apparatus 122 on March 15th, 2013 submit to, sequence number 13/nnn, mmm, name be called in the U.S. Patent application of " SIM Lock II " and be described in more detail.
It is also to be understood that, telecommunication system 100 can be configured to any combination adopting conventional wireless broadband communication technology, and wherein conventional wireless broadband communication technology includes but not limited to Long Term Evolution (LTE), senior LTE, high-speed data packets access (HSDPA), the access of evolution high-speed packet (HSPA+), Universal Mobile Telecommunication system (UMTS), code division multiple access (CDMA), global system for mobile communications (GSM), WiMax and WiFi.In addition, the Backhaul 116 of communication network 100 can be configured to adopt any conventional cable communicating technology, wherein conventional cable communicating technology includes but not limited to optical fiber, coaxial cable, twisted-pair cable, Ethernet cable and power line cables, and any conventional wireless communication technology (all described above those).
In some embodiments, provider's service entities 108 can include but not limited to following element: policy engine 110, user interface (UI) assembly 112, solution lock manager 114 (such as, mobile device management/trusted service manager (MDM/TSM) assembly) and policy manager 134.In the scene locking specific telecommunication apparatus 122, by contacting its telco service provider and carrying out alternately via the UI instrument of its UI assembly 112 and its provider's service entities 108, user can be initiatively remedying in this problem.One of these UI instruments of UI assembly 112 can be traditional Customer Service Centers, and it allows the user of locked telecommunication apparatus 122 to throw phone into and Customer Service Representative that is direct and its telco service provider converses.
Another UI instrument of UI assembly 112 can be customer network interface, and it allows the user of locked telecommunication apparatus 122 to utilize the special customer account webpage (not shown) of respective service provider website to drive account management function to perform various user.In one embodiment, the user of the account webpage of client drive account management function to promote user is unlocked by the telecommunication apparatus 122 of internet/network 102 to them.For example, this special scenes can betide subscriber when determining to use expire the monthly service fee of safe on-line payment system to a past of service provider web sites to carry out on-line payment (such as passing through credit card) to initiate the unlocking motion 120 for their telecommunication apparatus 122.Described telecommunication apparatus 122 may be locked based on following content: described provider service entities 108 seeks advice from local or networked devices mark payment (EIP) server 104 in advance, with the telecommunication apparatus 122 identified be in arrears with customer account and be associated, locking device 122c again.
Another UI instrument of UI assembly 112 can be Interaction Voice Response (IVR) system, its telephone number allowing user to call out and be associated with IVR system also follows the communication equipment that pre-recorded phonetic order/prompting attempts unlocking them, its mode adopted and other UI instrument similar process above-described subsequently.
No matter which UI instrument of UI assembly 112 is used, and user can provide permanent unlocking request or the temporary unlock request of telecommunication apparatus 122.If temporary unlock, user can select or specify the time cycle of unblock.Such as, when user will go to another country, and when will need to use the SIM card of different service provider to go the telecommunications service accessing this state, temporary unlock can be sought.
When initiating described request, user may be required to provide device identification, and as IMEI, provider's service entities can be verified this device identification according to equipment identity register (such as, EIR 106).If this requests verification is passed through, this request is provided to the policy engine 110 of provider's service entities 108.
The policy engine of provider's service entities 108 can be conducive to maintenance customer's accounts information and service provider policy in resident or distribution service provider data store, to guarantee that customer account and attached telecommunication apparatus 122 use provider's service entities 108 to manage by corresponding telco service provider.In various scene, preferred service strategy also can be selected by its policy engine 110 by special services provider, adopts in this way, to promote the unblock scheme of above-mentioned its UI assembly 112 of any use.
In various embodiments, policy engine 110 can receive one or more strategy from the strategy of supplier's service entities 108 and subscription manager 134 (hereinafter referred to as " policy manager 134 ").Policy manager 134 can the interpolation of enable one or more strategy, deletion and editor.In addition, policy manager 134 can be responsible for arranging with representing telco service provider or the policy management tool of business user of input policing communicates.These strategies can affect the service priority of telco service provider, plan and decision-making.Service-user can with the mode input policing covered one by one, and these strategies are provided to policy manager 134 and are provided to policy engine 110 from policy manager 134 by policy management tool.
In various embodiments, whether described policy engine 110 unlocks the function of telecommunication apparatus 122 at least partly based on one or more strategy decision.Described policy engine 110 also can consider the Rate Plan relevant to telecommunication apparatus 122 or account status, such as from the account status that EIP 104 retrieves.If request seek permanent unblock, and if described policy engine 110 based on strategy decision not unlocking function, then described policy engine 110 can be in following two pieces event.First, described policy engine 110 can impel message (such as, SMS message) to be sent to telecommunication apparatus 122, to notify that user's described request of telecommunication apparatus 122 is rejected.The second, described policy engine 110 can determine whether provide the temporary unlock of function (even if seek be permanent unblock).
In some embodiments, if described request seeks temporary unlock, if or described policy engine 110 determine not provide permanent unblock, then described policy engine 110 is at least partly based on one or more strategy, determines whether temporary unlock function.If described policy engine 110 determines to refuse temporary unlock function, then described policy engine 110 can impel message (such as, SMS message) to be sent to telecommunication apparatus 122, to notify that user's described request of telecommunication apparatus 122 is rejected.
If described policy engine 110 is at least partly based on one or more strategy, determine permanent or temporary unlock telecommunication apparatus 122, then described policy engine 110 can impel message (such as SMS message) to be sent to telecommunication apparatus, is allowed to unlock described in the user notifying telecommunication apparatus 122.If described unblock is temporary unlock, such notice can comprise the time cycle of unblock.Described policy engine 110 also can notify the solution lock manager 114 of provider's service entities 108: the function of telecommunication apparatus 122 by permanent or temporary unlock, and if temporary unlock, also will will notify the time cycle of this temporary unlock.
In some embodiments, (namely the solution lock manager 114 of provider's service entities 108 can use SMS message, via SMS service center (SMSC)), IP message (that is, via gateway GPRS and/or Serving GPRS Support Node (GGSN or SGSN)) or send agreement by other conventional message any and to unlock to telecommunication apparatus 122a-c transmission equipment and trigger 120a-b (being also referred to as unlock command) or service block triggers 120c.Described solution lock manager 114 in response to receiving the notice will be unlocked from the described telecommunication apparatus 122a-b of described policy engine 110, can be transmitted unblock triggering 120a-b and replying described telecommunication apparatus 122a-b.Separate lock manager 114 to use as mentioned above to transmit to unlock with the secure communication session of telecommunication apparatus and trigger 120a-b.
Fig. 2 is the component level view of the computing equipment be associated with provider service entities according to embodiment of the present disclosure.As shown in the figure, computing equipment 200 comprises the system storage 202 for storing one or more providers serviced component 204 and other modules and data 206.Described computing equipment 200 also comprises processor 208 (one or more), removable memory 210, irremovable storage device 212, transceiver 214, output equipment 216 (one or more) and input equipment 218 (one or more).
In some embodiments, system storage 202 is volatibility (such as RAM), non-volatile (such as ROM, flash memory etc.) or some combinations of both.Provider's serviced component 204 can be above-mentioned reference diagram 1 describe in detail policy engine 110, user interface 112, to separate in lock manager 114 or policy manager 134 any one or more.Be stored in other modules in system storage 202 or data 206 can comprise the application of any type of computing equipment 202 or platform assembly and with the data that these are applied or platform assembly is associated.
In some embodiments, processor 208 is both CPU (CPU), Graphics Processing Unit (GPU) or CPU and GPU, or the processing unit of other type any.
Described computing equipment 200 also comprises additional data storage device (movable equipment and/or irremovable equipment), such as, and such as disk, CD or tape.These annex memories are shown as removable memory 210 and irremovable storage device 212 in fig. 2.Tangible computer-readable medium can be included in volatile and non-volatile, the removable and irremovable medium implemented in any method or technology stored for information (such as, computer-readable instruction, data structure, program module or other data).System storage 202, removable memory 210 and irremovable storage device 212 are all examples of computer-readable recording medium.Computer-readable recording medium includes but not limited to that RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical memory, cassette, tape, magnetic disc store or other magnetic storage apparatus or any other can be used for storing information needed and the medium that can be conducted interviews by computing equipment 200.Any one in these tangible computer-readable mediums can be the part of computing equipment 200.
In some embodiments, transceiver 214 comprises the transceiver of any type well known in the art.Such as, transceiver 214 can comprise wireless transceiver, and it performs the function sending and receive radio frequency communication by antenna.Transceiver 214 can comprise wired communications component, such as ethernet port, and it connects described computing equipment 200 to backhaul 116 or other equipment one or more to provider's service entities 108 in wired mode.In addition, transceiver 214 can promote the wireless connections between other equipment one or more of computing equipment 200 and backhaul 116 or provider's service entities 108.
In some embodiments, described output equipment 216 comprises the output equipment of any type well known in the art, such as display (such as, liquid crystal display), loud speaker, vibrating mechanism or haptic feedback mechanism.Output equipment 216 also comprises the port for one or more ancillary equipment, such as earphone, peripheral loud speaker or peripheral display device.
In various embodiments, input equipment 218 comprises the input equipment of any type well known in the art.Such as, input equipment 218 can comprise camera, microphone, keyboard or touching-type monitor.Keyboard can be button numeric dial (such as, on the typical telecommunication apparatus), multi-key keypad (such as, conventional qwerty keyboard) or the key of one or more other types or button, and the analog such as the controller that can comprise rod-like and/or the navigation button of specifying.
Fig. 3 shows instantiation procedure 300.This process 300 is illustrated with logic flow diagram form, and its each operation represents the sequence of operations that can realize with hardware, software or software and hardware combining mode.When software, operation represents the computer executable instructions be stored in one or more computer-readable recording medium, when being implemented by one or more processor, and the operation described in execution.Usually, computer executable instructions comprises the routine, program, object, assembly, data structure etc. that perform specific function or implement specific abstract data type.The order of the operation described is not intended to be interpreted as restriction, and any amount of the operation described and/or can perform to implement described process with any sequential combination concurrently.
Fig. 3 determines whether unlock the flow chart of the instantiation procedure of the function of telecommunication apparatus by provider's service entities based on strategy and in response to user asks according to embodiment of the present disclosure.Process 300 is included in 302 places, receives the request unlocking telecommunication apparatus function.This request can be received by least one in website, customer service system or IVR system.Telecommunication apparatus may be locked, because described telecommunication apparatus comprises the identification module be associated with the service program being different from this telecommunication apparatus, because the account be associated with this telecommunication apparatus indicates subscriber's default in the payment or the subscription that is associated with this account is expired, or because described telecommunication apparatus has been lost by report or stolen.
At 304 places, with the device identification of asking the user be associated to be required to input telecommunication apparatus.At 304a place, described device identification can be verified according to equipment entity register.
At 306 places, the policy engine of provider's service entities seeks temporary unlock or permanent unblock based on described request instruction, determines that this request is permanent unlocking request or temporary unlock request.When described request is temporary unlock request, this request can specify the time cycle be associated with sought temporary unlock.
At 308 places, when request is determined to be permanent unlocking request, described policy engine can determine whether unlocking function based on one or more strategy at least partly.In some embodiments, this decision can further based on the Rate Plan be associated with telecommunication apparatus and account status.
At 310 places, if described policy engine determines for good and all unlocking function, then instruction can be transmitted to telecommunication apparatus with unlocking function.This transmission can receive this policy engine in response to this solution lock manager from policy engine by solution lock manager and determine to unlock the notice of described function and be performed.At 312 places, described policy engine can also impel the user to associating with telecommunication apparatus to transmit notice, and this notice deixis will not be unlocked.
At 314 places, if described policy engine determines not for good and all unlocking function, this policy engine can based on one or more strategy decision whether temporary unlock function.In some embodiments, this decision can further based on the Rate Plan be associated with telecommunication apparatus and account status.Alternately, at 316 places, if policy engine determines not for good and all unlocking function, this policy engine can user's described request of being associated with telecommunication apparatus of simple notification be rejected.
Decision at 314 places also can be performed as to determining described request to seek the response of the temporary unlock of function at 306 places.If policy engine is at least partly based on one or more strategy, determine the temporary unlock not carrying out function, then at 306 places, this policy engine can notify that the user's described request associated with telecommunication apparatus is rejected.
At 318 places, if policy engine is at least partly based on one or more strategy, determine temporary unlock function, then instruction will be transmitted to telecommunication apparatus with temporary unlock function.Such instruction can comprise the time cycle of unblock.This transmission can receive this policy engine in response to this solution lock manager from policy engine by solution lock manager and determine the notice of function described in temporary unlock and be performed.At 312 places, described policy engine can also impel the user to associating with telecommunication apparatus to send notice, and this notice deixis will by temporary unlock.
Although be described theme for architectural feature and/or methodology behavior language, be understandable that, the theme limited in the following claims need not be restricted to described special characteristic or behavior.On the contrary, described special characteristic or behavior are published as the exemplary form implemented the claims.
Claims (20)
1. a computer-implemented method, comprising:
Receive the request that the function of telecommunication apparatus is unlocked;
At least partly based on one or more strategy, determine whether described function is unlocked; And
In response to decision, described function is unlocked, transmit unlock command to described telecommunication apparatus.
2. method according to claim 1, wherein, receives described request by least one in website, customer service system or interactive voice response system.
3. method according to claim 1, also comprises: in response to reception described request, requires that the user be associated with this request inputs the device identification of described telecommunication apparatus.
4. method according to claim 3, also comprises: utilize equipment identity register to verify described device identification.
5. method according to claim 1, wherein, described request comprises the instruction seeking permanent unblock or temporary unlock.
6. method according to claim 5, wherein said request is for permanent unblock, described decision comprises at least partly based on described one or more strategy, determine forever not unlock described function, but function described in temporary unlock, and described transmission comprises the instruction transmitting function described in temporary unlock, and this instruction specifies the time cycle.
7. method according to claim 5, wherein temporary unlock is sought, and described transmission comprises the instruction transmitting function described in temporary unlock, and this instruction specifies the time cycle.
8. method according to claim 5, the time cycle be associated with by the temporary unlock sought is specified in wherein said instruction.
9. method according to claim 1, also comprises: do not unlock described function in response to decision, and transmit notification message to described telecommunication apparatus, this notification message indicates described function not to be unlocked.
10. method according to claim 1, also comprises: the decision unlocking described function to the user notification be associated with described telecommunication apparatus.
11. methods according to claim 1, wherein said transmission comprises: the decision unlocking described function is informed to solution lock manager, and this solution lock manager unlocks the instruction of described function to described telecommunication apparatus transmission.
12. methods according to claim 11, also comprise: protect the communication session between described solution lock manager and described telecommunication apparatus.
13. methods according to claim 1, wherein said decision is further based on the Rate Plan be associated with described telecommunication apparatus and account status.
14. methods according to claim 1, wherein, described telecommunication apparatus is locked, because described telecommunication apparatus comprises the identification module be associated with the service program being different from this telecommunication apparatus, because the account be associated with this telecommunication apparatus indicates subscriber's default in the payment or the subscription that is associated with this account is expired, or because described telecommunication apparatus has been lost by report or stolen.
15. 1 kinds of systems, comprising:
Processor;
User interface, is configured to be operated by described processor, with the unblock enabling user ask the function of telecommunication apparatus;
Policy engine, is configured to be operated by described processor, to receive the request from described user interface, and at least partly based on one or more strategy, determines whether unlock described function; And
Separate lock manager, be configured to be operated by described processor, to receive the notice unlocking described function from the decision of described policy engine, and transmit unlock command to described telecommunication apparatus, to unlock described function in response to decision, response is made to described telecommunication apparatus.
16. systems according to claim 15, also comprise: policy manager, for the interpolation of enable described one or more strategy, deletion and editor.
17. systems according to claim 16, wherein said policy manager is also for the enable function unlocking the telecommunication apparatus of at least one strategy violating described policy engine one by one.
18. systems according to claim 15, wherein said solution lock manager has the secure connection of the identification module to described telecommunication apparatus.
19. one or more computer memory devices, it store multiple executable instruction, and described executable instruction is configured to programme to perform to computing equipment the operation comprising the following:
Receive the request unlocked the function of telecommunication apparatus, this request comprises seeks permanent unblock or the instruction of temporary unlock;
At least partly based on one or more strategy, determine permanent unblock or temporary unlock that whether described function is provided; And
The described permanent unblock of described function or temporary unlock is provided to transmit unlock command, to respond described telecommunication apparatus in response to determining.
20. one or more computer memory devices according to claim 19, wherein temporary unlock is provided, and described transmission comprises the instruction transmitting function described in temporary unlock, and this instruction specifies the time cycle.
Applications Claiming Priority (11)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US201261636499P | 2012-04-20 | 2012-04-20 | |
| US61/636,499 | 2012-04-20 | ||
| US201261645546P | 2012-05-10 | 2012-05-10 | |
| US61/645,546 | 2012-05-10 | ||
| US201261684683P | 2012-08-17 | 2012-08-17 | |
| US61/684,683 | 2012-08-17 | ||
| US13/660,350 | 2012-10-25 | ||
| US13/660,350 US9055443B2 (en) | 2011-10-27 | 2012-10-25 | Mobile device-type locking |
| US13/840,045 US9319884B2 (en) | 2011-10-27 | 2013-03-15 | Remote unlocking of telecommunication device functionality |
| US13/840,045 | 2013-03-15 | ||
| PCT/US2013/037332 WO2013158971A1 (en) | 2012-04-20 | 2013-04-19 | Remote unlocking of telecommunication device functionality |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104335619A true CN104335619A (en) | 2015-02-04 |
| CN104335619B CN104335619B (en) | 2018-03-23 |
Family
ID=52408649
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201380020694.9A Active CN104335619B (en) | 2012-04-20 | 2013-04-19 | The remote de-locking of telecommunication apparatus function |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104335619B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9807607B2 (en) | 2014-10-03 | 2017-10-31 | T-Mobile Usa, Inc. | Secure remote user device unlock |
| US9813399B2 (en) | 2015-09-17 | 2017-11-07 | T-Mobile Usa, Inc. | Secure remote user device unlock for carrier locked user devices |
| CN108401251A (en) * | 2018-02-09 | 2018-08-14 | 深圳市易路网科技有限公司 | A kind of method MIFI terminal remotes locking and unlocked |
| US10769315B2 (en) | 2014-12-01 | 2020-09-08 | T-Mobile Usa, Inc. | Anti-theft recovery tool |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080090614A1 (en) * | 2006-10-12 | 2008-04-17 | Sicher Alan E | Subscriber identity module unlocking service portal |
| US20110081889A1 (en) * | 2009-10-02 | 2011-04-07 | Research In Motion Limited | Method of interacting with electronic devices in a locked state and handheld electronic device configured to permit interaction when in a locked state |
| US20110130117A1 (en) * | 2009-12-01 | 2011-06-02 | James Fan | Service Models for Roaming Mobile Device |
| US20120058743A1 (en) * | 2010-09-02 | 2012-03-08 | Chen Kuo-Yi | Method for legitimately unlocking a sim card lock, unlocking server, and unlocking system for a sim card lock |
-
2013
- 2013-04-19 CN CN201380020694.9A patent/CN104335619B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20080090614A1 (en) * | 2006-10-12 | 2008-04-17 | Sicher Alan E | Subscriber identity module unlocking service portal |
| US20110081889A1 (en) * | 2009-10-02 | 2011-04-07 | Research In Motion Limited | Method of interacting with electronic devices in a locked state and handheld electronic device configured to permit interaction when in a locked state |
| US20110130117A1 (en) * | 2009-12-01 | 2011-06-02 | James Fan | Service Models for Roaming Mobile Device |
| US20120058743A1 (en) * | 2010-09-02 | 2012-03-08 | Chen Kuo-Yi | Method for legitimately unlocking a sim card lock, unlocking server, and unlocking system for a sim card lock |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9807607B2 (en) | 2014-10-03 | 2017-10-31 | T-Mobile Usa, Inc. | Secure remote user device unlock |
| US10769315B2 (en) | 2014-12-01 | 2020-09-08 | T-Mobile Usa, Inc. | Anti-theft recovery tool |
| US10936761B2 (en) | 2014-12-01 | 2021-03-02 | T-Mobile Usa, Inc. | Anti-theft recovery tool |
| US11593532B2 (en) | 2014-12-01 | 2023-02-28 | T-Mobile Usa, Inc. | Anti-theft recovery tool |
| US9813399B2 (en) | 2015-09-17 | 2017-11-07 | T-Mobile Usa, Inc. | Secure remote user device unlock for carrier locked user devices |
| CN108401251A (en) * | 2018-02-09 | 2018-08-14 | 深圳市易路网科技有限公司 | A kind of method MIFI terminal remotes locking and unlocked |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104335619B (en) | 2018-03-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20230026223A1 (en) | Application platform with flexible permissioning | |
| US9319884B2 (en) | Remote unlocking of telecommunication device functionality | |
| US10911944B2 (en) | Access data provisioning apparatus and methods | |
| EP2839690B1 (en) | Secure environment for subscriber device | |
| CN104081403B (en) | Mobile device type locks | |
| EP2854433A1 (en) | Method, system and related device for realizing virtual sim card | |
| CN103944737A (en) | User identity authentication method, third-party authentication platform and operator authentication platform | |
| CA2884775C (en) | Method for phone authentication in e-business transactions and computer-readable recording medium having program for phone authentication in e-business transactions recorded thereon | |
| CN106797371A (en) | For the method and system of user authentication | |
| CN106878250B (en) | Cross-application single-state login method and device | |
| CN109670968A (en) | Processing method, device, equipment and the computer storage medium of insurance data | |
| CN108462710A (en) | Authentication authority method, device, certificate server and machine readable storage medium | |
| CN107026815A (en) | A kind of payment transaction processing method, paying server, relevant device and system | |
| CA2856233A1 (en) | Methods and devices for fraud detection during mobile payment | |
| CN104335619A (en) | Remote unlocking of telecommunication device functionality | |
| US20150229633A1 (en) | Method for implementing login confirmation and authorization service using mobile user terminal | |
| WO2014059941A1 (en) | Terminal subscription termination method and device | |
| CN104584479A (en) | Method and system using a Cyber ID to provide secure transactions | |
| US7496349B1 (en) | Device driven system for activating a wireless device | |
| CN107305608A (en) | The management method and device of terminal device | |
| WO2013158971A1 (en) | Remote unlocking of telecommunication device functionality | |
| US20230300621A1 (en) | Subscriber Identification Module (SIM) Authentication Protections | |
| CN105392112B (en) | Guard method, equipment and the system of MTC device information | |
| KR101103634B1 (en) | Method for attestating credit card company server and that server | |
| CN111404965B (en) | Method for realizing mobile terminal application safety verification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |