1. Patent Search
  2. Details

MOBILE COMMUNICATION DEVICE

20210227064 · 2021-07-22

    Inventors

    Cpc classification

    International classification

    Abstract

    A method of accessing a partition on a mobile communication device comprises receiving data specifying a partition; receiving an identification code from an identification module in or associated with the device; determining, based on both the data specifying a partition and the identification code, whether access to the specified partition is to be allowed; and allowing or denying access to the specified partition accordingly.

    Claims

    1. A method of accessing a partition or switching between partitions on a mobile communication device, the method comprising: receiving data specifying a partition; receiving an identification code from a identification module associated with the device; determining, based on both the data specifying a partition and the identification code, whether access to the specified partition is to be allowed; and allowing or denying access to the specified partition accordingly.

    2. A method as claimed in claim 1, wherein the identification module is or comprises a removable identification module, a remote identification module, a SIM card, hardware, a secure element, a trusted execution environment, or a software SIM.

    3. A method as claimed in claim 1 or 2, wherein the data specifying a partition and identification code are verified in the identification module to determine whether access to the specified partition is to be allowed.

    4. A method as claimed in claim 1, 2 or 3, further comprising generating the identification code in the identification module based on the data specifying a partition.

    5. A method as claimed in any preceding claim, wherein the identification code is a certificate generated from identification data of the identification module.

    6. A method as claimed in any preceding claim, wherein the identification code is received from and corresponds to a SIM card in the device.

    7. A method as claimed in any preceding claim, wherein the data specifying a partition comprises a passcode for the specified partition.

    8. A method as claimed in claim 7, wherein the device comprises keys and/or a touch-sensitive screen, and the passcode is received when a user presses the keys and/or the touch-sensitive screen so as to enter the passcode.

    9. A method as claimed in claim 7 or 8, wherein the identification code is generated by passing the passcode through an algorithm to create a hash.

    10. A method as claimed in claim 9, wherein the algorithm comprises an encryption algorithm, preferably a PKI encryption algorithm.

    11. A method as claimed in claim 9 or 10, wherein the hash is compared with a predefined hash for the partition and access to the partition is allowed only if the two hashes match.

    12. A method as claimed in any preceding claim, wherein the data specifying a partition is received from a signal-emitting device.

    13. A method as claimed in claim 12, wherein the signal-emitting device comprises a NFC tag.

    14. A method as claimed in any preceding claim comprising decrypting any encrypted content stored in the accessed partition.

    15. A method as claimed in any preceding claim, further comprising sending the identification code from the identification module to open the specified partition when access to the specified partition is allowed.

    16. A method as claimed in any preceding claim, further comprising sending or displaying a message indicating that access to the specified partition is not allowed when access to the specified partition is not allowed.

    17. A method as claimed in any preceding claim, further comprising sending the data specifying a partition and the identification code from the identification module to a partition entry module when access to the specified partition is allowed.

    18. A method as claimed in claim 17, wherein the data specifying a partition and the identification code are sent from the identification module to a partition entry module via a secure channel therebetween.

    19. A method as claimed in claim 18, wherein the secure channel is created by a mutual authentication process between the identification module and the partition entry module.

    20. A method as claimed in claim 17, 18 or 19, further comprising encrypting the data specifying a partition and/or the identification code before sending them to the partition entry module.

    21. A method as claimed in any preceding claim, further comprising switching partition automatically at a predefined time.

    22. A method as claimed in any preceding claim, wherein different telephone numbers are associated with different partitions on a single mobile communication device.

    23. A mobile communication device comprising a partition entry module, wherein the partition entry module is arranged to: receive data specifying a partition; receive an identification code from an identification module associated with the device; determine, based on both the data specifying a partition and the identification code, whether access to the specified partition is to be allowed; and allow or deny access to the specified partition accordingly.

    24. A device as claimed in claim 23, wherein the identification module is or comprises a removable identification module, a remote identification module, a SIM card, hardware, a secure element, a trusted execution environment, or a software SIM.

    25. A device as claimed in claim 23 or 24, wherein the identification module is arranged to verify the data specifying a partition and the identification code to determine whether access to the specified partition is to be allowed.

    26. A device as claimed in any of claims 23-25, wherein the identification module is arranged to generate the identification code based on the data specifying a partition.

    27. A device as claimed in any of claims 23-26, wherein the identification code is a certificate generated from identification data of the identification module.

    28. A device as claimed in any of claims 23-27, wherein the identification code is received from and corresponds to the SIM card in the device.

    29. A device as claimed in any of claims 23-28, wherein the data specifying a partition comprises a passcode for the specified partition.

    30. A device as claimed in claim 29, wherein the device comprises keys and/or a touch-sensitive screen, and the partition entry module and/or identification module is arranged to receive the passcode when a user presses the keys and/or the touch-sensitive screen so as to enter the passcode.

    31. A device as claimed in claim 29 or 30, wherein the partition entry module and/or identification module comprises a hash creation module, the hash creation module being arranged to pass the identification code and the passcode through an algorithm to create a hash.

    32. A device as claimed in claim 31, wherein the algorithm comprises an encryption algorithm, preferably a PKI encryption algorithm.

    33. A device as claimed in claim 31 or 32, wherein the partition entry module comprises a verification module arranged to compare the hash with a predefined hash for the partition, and to allow access to the partition if the two hashes match.

    34. A device as claimed in any of claims 23 to 33, wherein the device comprises a receiver arranged to receive data specifying a partition from a signal-emitting device.

    35. A device as claimed in claim 34, wherein the signal-emitting device comprises a NFC tag.

    36. A device as claimed in any of claims 23 to 35, wherein the device comprises decryption means for decrypting any encrypted content of an accessed partition.

    37. A device as claimed in any of claims 23-36, wherein the identification module is arranged to sending the identification code to open the specified partition when access to the specified partition is allowed.

    38. A device as claimed in any of claims 23-37, wherein the device is arranged to send or display a message indicating that access to the specified partition is not allowed when access to the specified partition is not allowed.

    39. A device as claimed in any of claims 23-38, wherein the identification module is arranged to send the data specifying a partition and the identification code to a partition entry module when access to the specified partition is allowed.

    40. A device as claimed in claim 39, wherein the identification module is arranged to send the data specifying a partition and the identification code to a partition entry module via a secure channel.

    41. A device as claimed in claim 40, wherein the secure channel is created by a mutual authentication process between the identification module and the partition entry module.

    42. A device as claimed in claim 39, 40 or 41, further comprising means for encrypting the data specifying a partition and/or the identification code before sending them to the partition entry module.

    43. A method of creating a partition on a mobile communication device, the method comprising: inputting a passcode for the partition; and setting what content and/or functionality is available in the partition.

    44. A method as claimed in claim 43, further comprising inputting a name or identifier for the partition.

    45. A method as claimed in claim 43 or 44, comprising passing the passcode through an algorithm to create a hash.

    46. A method as claimed in claim 45, comprising passing an identification code or identification data from an identification module, such as a SIM card or hardware or secure element or software SIM or trusted execution environment, in or associated with the device through the algorithm with the passcode to create the hash.

    47. A method as claimed in claim 45 or 46, wherein the algorithm comprises an encryption algorithm, preferably a PKI encryption algorithm.

    48. A method as claimed in claim 45, 46 or 47, comprising storing the hash in the device.

    49. A method as claimed in any of claims 45 to 48, comprising storing the hash remotely, preferably in a cloud or an external memory device.

    50. A method as claimed in any of claims 43 to 49, comprising encrypting the content that is available in the partition.

    51. A method as claimed in claim 50, comprising using a passcode and/or an identification code or identification data from an identification module, such as a SIM card or hardware or secure element or software SIM or trusted execution environment, in or associated with the device to encrypt the content.

    52. A method as claimed in claim 50 or 51, comprising decrypting the content when the partition is accessed.

    53. A method as claimed in any of claims 43 to 52, further comprising storing the passcode for the partition in an identification module of the device.

    54. A method as claimed in any of claims 43 to 53, further comprising receiving identification data from an identification module of the device and generating an identification code for the partition based on the passcode and the identification data.

    55. A method as claimed in claim 54, further comprising storing the identification code in the device, preferably in a mapping table for the partitions in the device.

    56. A method as claimed in any of claims 43-55, further comprising storing one or more times at which the device will automatically switch between partitions.

    57. A method as claimed in any of claims 43-56, further comprising associating different telephone numbers with two or more partitions on a single mobile communication device.

    58. A mobile communication device comprising a partition creation module, the partition creation module being arranged to: receive a passcode for a partition to be created; create a partition on the device corresponding to that passcode; and set what content and/or functionality is available in that partition.

    59. A device as claimed in claim 58, wherein the partition creation module is further arranged to receive a name or identifier for the partition.

    60. A device as claimed in claim 58 or 59, wherein the partition creation module is arranged to pass the passcode through an algorithm to create a hash.

    61. A device as claimed in claim 60, wherein the partition creation module is arranged to pass an identification code or identification data from an identification module, such as a SIM card or hardware or secure element or software SIM or trusted execution environment, in or associated with the device through the algorithm with the passcode to create the hash.

    62. A device as claimed in claim 60 or 61, wherein the algorithm comprises an encryption algorithm, preferably a PKI encryption algorithm.

    63. A device as claimed in claim 60, 61 or 62, wherein the partition creation module is arranged to store the hash in the device.

    64. A device as claimed in any of claims 60 to 63, wherein the partition creation module is arranged to store the hash remotely, preferably in a cloud or an external memory device.

    65. A device as claimed in any of claims 58 to 64, wherein the device comprises an administrator partition and the partition creation module is only accessible when in the administrator partition.

    66. A device as claimed in any of claims 58 to 65, wherein the content that is accessible in the partition is encrypted.

    67. A device as claimed in claim 66, wherein the device comprises decryption means arranged to decrypt the encrypted content of a partition when a user accesses that partition.

    68. A device as claimed in any of claims 58 to 68, wherein the passcode for the partition is stored in a SIM card or hardware or secure element of the device.

    69. A device as claimed in any of claims 58 to 68, wherein the partition creation module is in the identification module of the device.

    70. A system comprising a mobile communication device and at least one signal-emitting device, wherein the devices are arranged such that when the mobile communication device receives a signal from a signal-emitting device specifying a partition, the mobile communication device accesses the partition specified by that signal.

    71. A system as claimed in claim 70, wherein the at least one signal-emitting device comprises a NFC tag.

    72. A system as claimed in claim 70 or 71, wherein the signal specifying a partition comprises a passcode for that partition.

    73. A system as claimed in claim 70, 71 or 72, wherein the signal specifying a partition comprises information specifying what functionality the mobile communication device will have in that partition and/or what content will be available.

    74. A signal-emitting device arranged to send a signal specifying a partition to a mobile communication device such that when the mobile communication device receives the signal the mobile communication device accesses the partition specified by that signal.

    75. A method of accessing a partition on a mobile communication device, the method comprising: receiving a signal from a signal-emitting device, the signal comprising information specifying a partition on a mobile communication device; and accessing that partition based on the received signal.

    76. A method as claimed in claim 75, wherein the signal specifying a partition comprises a passcode for the partition.

    77. A method as claimed in claim 76 comprising accessing a partition on the device corresponding to the received passcode.

    78. A method as claimed in claim 75, 76 or 77, wherein the signal specifying a partition comprises information specifying what functionality the mobile communication device will have and/or what content will be available when that partition is accessed.

    79. A method as claimed in any of claims 75 to 78, wherein the signal-emitting device comprises an NFC tag.

    80. A mobile communication device comprising: a receiver for receiving a signal comprising information specifying a partition on a mobile communication device; and partition access means for accessing a partition based on the received signal.

    81. A device as claimed in claim 80, wherein the receiver is arranged to receive a passcode for a partition and the partition access means is arranged to access the partition that corresponds to the received passcode.

    82. A device as claimed in claim 80 or 81, wherein the partition access means is arranged to create a partition based on partition configuration information contained in the received signal, and to then access that partition.

    83. A device as claimed in claim 80, 81 or 82, wherein the receiver is arranged to receive a signal from a NFC tag.

    84. A method of accessing a partition on a mobile communication device comprising selecting a partition from a list of available partitions displayed on the device and then accessing the selected partition.

    85. A method as claimed in claim 84, the partitions having predefined accessible content and/or functionality.

    86. A method as claimed in claim 84 or 85, wherein the list of available partitions comprises a list of partition names.

    87. A method as claimed in claim 84, 85 or 86, wherein the list of available partitions comprises a list or array of images representing the respective partitions.

    88. A method as claimed in any of claims 84 to 87, comprising a user touching keys and/or a touch screen of the device in order to select a partition.

    89. A method as claimed in any of claims 84 to 88, wherein after a partition has been selected, a user must enter a passcode for that partition before the partition can be accessed.

    90. A mobile communication device comprising at least two partitions and a partition access module, wherein the partition access module is arranged to: cause a screen on the mobile communication device to display a list of available partitions; receive data specifying a partition selected from that list; and allow access to the selected partition.

    91. A mobile communication device as claimed in claim 90, wherein the partition access module is arranged to only allow access to a selected partition if it receives a correct passcode for that partition.

    92. A computer program for accessing a partition on a mobile communication device, the program being configured to perform the following steps when executed on a mobile communication device: receive data specifying a partition; receive an identification code from an identification module, such as a SIM card or hardware or secure element or software SIM or trusted execution environment, in or associated with the device; verify, based on both the data specifying a partition and the identification code, whether access to the specified partition is to be allowed; and allow or deny access to the specified partition accordingly.

    93. A computer program for creating a partition on a mobile communication device, the program being configured to perform the following steps when executed on a mobile communication device: receive a passcode for the partition; and set what content and/or functionality is available in the partition.

    94. A computer program for accessing a partition on a mobile communication device, the program being configured to perform the following steps when executed on a mobile communication device: receive a signal from a signal-emitting device, the signal comprising information specifying a partition on a mobile communication device; and allow access to that partition based on the received signal.

    95. A computer program for accessing a partition on a mobile communication device, the program being configured to perform the following steps when executed on a mobile communication device: display a list of available partitions on a screen of the mobile communication device; receive information corresponding to a partition selected from that list; and allow access to the selected partition.

    96. A computer readable medium with a computer program as defined in any of claims 92-95 stored thereon.

    Description

    [0141] Preferred embodiments of the invention will now be described by way of example only and with reference to the accompanying drawings in which:

    [0142] FIG. 1 shows an embodiment of the basic security architecture on a mobile phone;

    [0143] FIG. 2 shows a schematic diagram of an embodiment of the basic security architecture on a mobile phone with NFC communication;

    [0144] FIG. 3 is an illustration of an embodiment using NFC tags; and

    [0145] FIG. 4 is an illustration of an embodiment where partition data is stored in a cloud.

    [0146] FIG. 1 shows a preferred embodiment of the basic architecture of a mobile phone with n partitions (domains).

    [0147] The SIM card is a JavaCard with n applets, one for each partition. Applet 0 is labelled “Master key” and is the applet for the “Administrator partition” described above, from which all the other partitions can be managed.

    [0148] The phone also has a main processor where encryption and decryption are performed and access to a partition is checked and allowed or denied.

    [0149] The data partition memory of the mobile phone is divided into n partitions. Access to each partition is controlled by an applet inside the SIM module. An applet is provided for each partition. The main function of each applet n is to control access to the partition n and to provide the appropriate key to the main processor to perform encryption/decryption of the data on the respective partition.

    [0150] Access to each partition is protected by the SIM. A user must enter the correct passcode to access a given partition and for the encrypted data inside that partition to be decrypted.

    [0151] When a user wishes to enter a particular partition then enter the passcode or PIN for that partition by typing on the keypad or touch-sensitive screen of the mobile phone. The entered passcode is then passed to the SIM where it is received by the corresponding applet and passed through a PKI encryption algorithm combining it with the SIM identifier to create a hash.

    [0152] This is illustrated in the following table:

    TABLE-US-00001 Pass code Input # × Pass code 2.sup.128(PKI) × Partition number SIM/IMEA Hash Answer Work Up to 9 digits Run Algorithm Secure Answer Home Up to 9 digits Run Algorithm Secure Answer Children Up to 9 digits Run Algorithm Secure Answer Travel Up to 9 digits Run Algorithm Secure Answer Social Up to 9 digits Run Algorithm Secure Answer

    [0153] The hash is then passed to a main processor on the mobile phone where it is decrypted to extract the PIN and identify which partition the user is seeking to access. Then, if the hash correspond to a hash already stored in the phone's memory for that partition (or stored remotely, such as in a cloud or external memory storage device), access to the requested partition is allowed and the phone enters that partition.

    [0154] The content accessible in each partition is encrypted, so when access to a particular partition is allowed, the content of that partition is decrypted using the passcode for the partition and SIM identifier. The content is stored in a database which is either stored in the device itself or remotely, such as in a cloud or internal hardware device. Separate data domains or a single database with partition flags could be used. The flags in such a database can indicate which data is accessible to which partition.

    [0155] When a partition has been entered and its content decrypted, the content can be viewed on the phone's screen and the phone has the configuration or set-up (functionality) corresponding to that partition.

    [0156] As the data are encrypted, a direct access to the memory will deliver encrypted data. So no sensitive information will be available by these means.

    [0157] The SIM module is based on a JavaCard. This offers the possibility to manage different applets with independent security features. If the SIM used for this function is also the phone operator SIM, the master key of the SIM will allow controlling the SIM and the telecom connection with a master PIN. This means that first the SIM needs to be unlocked before one of the encrypted partitions can be unlocked (as is the case in a basic mobile phone).

    [0158] On the other hand, if the SIM used for partition memory partitioning control is not the operator SIM but a second secure element in the phone, a master key is not needed.

    [0159] In order to manage the content and functionality of each partition, a user has to enter the administrator or master partition. From here, all the other partitions can be managed and the user can set what content is visible and what functionality is available as well as other phone settings such as volume, vibrate and call divert.

    [0160] When, for example, a photo or video is taken with a camera in the phone, that photo or video is automatically accessible when in the partition in which the phone was when the photo or video was taken. As a default setting, it is not available in any other partitions except the administrator partition. If a user wants to make that photo or video available in a different or other partitions, he/she can manage this in the administrator partition.

    [0161] The domains 1-n could be data keys which specify data flags held in a single database against content or functionality.

    [0162] FIG. 2 shows an embodiment of the architecture of a mobile phone with n partitions (domains) which is configured to access the partitions using NFC tags.

    [0163] This embodiment is similar to that of FIG. 1 except that the phone additionally comprises an NFC front end which can send signals to NFC tags and receive signals from NFC tags.

    [0164] This embodiment works in the same way as that of FIG. 1 except that the passcode for a particular partition is received from an NFC tag, rather than being input by a user.

    [0165] In addition, the phone can receive a signal from an NFC tag instructing it to set up and enter a new partition on the phone with a configuration defined in the signal received from the tag. Alternatively, the signal could comprise a unique and secure path to data specifying a partition stored on a server or in a cloud, which the phone accesses after it has received the path from the NFC tag. If the tag sends a signal to enter an “open” partition, then the phone enters that partition automatically. However, if the tag sends a signal to enter a “closed” partition, then the user has to enter the correct code or password for the partition before they can enter it on their phone.

    [0166] In one example, when the phone of FIG. 2 is held near an NFC tag, the following steps are performed: [0167] the phone receives a signal from the tag, the signal containing data comprising a passcode for a partition and also identification information relating to the tag [0168] the passcode is extracted from the received signal by a specific applet provided in the SIM card of the device [0169] the environment/location is determined from the received signal either from a certificate or encrypted passcode contained in the signal, or from the identification information relating to the tag [0170] additional information (such as a “post-it” containing information form previous users of the tag) can also be received from the tag [0171] the tag is updated by updating a certificate if, for security reasons, it is valid just for one session/use, and/or by erasing any additional information such as a “post-it” if it has been downloaded into the mobile device

    [0172] FIG. 3 shows a mobile phone in communication with an “Office desk” tag, where the phone has entered the “Office desk” partition with the set-up shown in the figure. In this case, the tag simply sent the phone a passcode to enter the “Office desk” partition, which already existed on the mobile phone.

    [0173] A specific application of the present invention will now be described.

    [0174] In schools, a big problem can be how to control the use of mobile phones (or other mobile communication devices) to protect children against spam or SMS/MMS messages in the classroom, which could disrupt lessons, to avoid the use of such devices during exams, and to filter/control internet access such that certain, e.g. undesirable, websites are not accessible.

    [0175] By using the present invention, pupils can configure their mobile phones to enter a commonly agreed mode (or partition) when they enter the school premises or a classroom by holding their phones next to an NFC tag sending a signal for the phone to enter a “school” partition whose configuration (i.e. accessible content and available functionality) is set by the school. For example, a pupil's phone could switch between the following partitions during a school day:

    At home—device is in “home” partition where: [0176] SMS/MMS: allowed [0177] Phone directory/contacts: fully accessible [0178] Accessible content: “home” data [0179] Internet access: freely allowed or under parental control
    At school—device is held by an NFC tag such that it enters a “school” partition where: [0180] SMS/MMS: blocked [0181] Phone directory/contacts: only parents/doctor/urgent contact accessible [0182] Accessible content: “school” data with free access such that teachers can control this content [0183] Internet access: blocked or filtered such that only certain websites can be viewed
    In an exam room—device is held by an NFC tag such that it enters an “exam” partition where: [0184] SMS/MMS: blocked [0185] Phone directory: only parents/doctor/urgency [0186] Data partition: Blocked [0187] Internet access: Blocked

    [0188] The “school” partition (or any other partition) could have time-dependent functionality. For example, SMS/MMS/call functionality could be available only at certain pre-defined times of the day, corresponding to break and lunch times, for example. At other times, SMS/MMS/call functionality could be disabled or only allowed to a specified list of “emergency” numbers (e.g. home, parents, carer).

    [0189] FIG. 4 illustrates an embodiment where partition data is stored remotely in a cloud accessed via a modem.

    [0190] Here, the same data partitions are provided on the cloud as on the mobile phone. This means that data stored in partitions on a mobile phone are replicated on a cloud and can be retrieved from the cloud in the case, for example, that the mobile phone is lost or stolen.

    [0191] As well as providing a replication of partition data, the cloud provides data banks which can store more (additional) data than is stored or storable on the mobile device with its limited memory size. The additional data that is stored in the cloud, but not on the mobile, can be downloaded to the mobile phone in each respective partition when required by a user.

    [0192] The security of the partitions in the cloud is managed the same way as on the mobile phone and is based on the same encryption and preferably also on the same passcodes to access the encrypted areas. This means that the access to the encrypted area of a given partition on the cloud is managed from the SIM of the mobile phone.

    [0193] The process is as follows: when the mobile phone is connected to the cloud, a mutual authentication process is managed between the mobile phone SIM and the SAM or virtual SAM on the Cloud server. Then, if the correct PIN N is entered into the mobile phone, access will be granted both to the partition N inside the mobile phone memory and to partition N inside the cloud. This allows, for example, synchronisation between the partition on the mobile phone and the corresponding partition on the cloud (or synchronisation of particular areas of the partitions). Data transfer can be performed securely via a secure data channel created following a successful mutual authentication process.

    [0194] A Trusted Services Manager (TSM) can be used to manage this process securely.

    [0195] A TSM is an Over The Air (OTA) trusted service which controls the management of secure elements, keys and applications for mobile phones. An NFC mobile phone based on a JavaCard SIM makes it possible to download cardlets securely and the associated security elements Over the Air.

    [0196] A TSM system could include, for example, the capability to perform the following steps:

    TABLE-US-00002 CASSIS solution Step Customer experience features Service The mobile phone user/customer Auto-provisioning enrollment triggers with a single click on their platform phone the downloading of NFC Download Manager applications onto the phone Application Installation follow- up Payment Customer uses their phone to pay: Handset feedback it is fast, convenient and it fits the (push-registry) modern lifestyle Off-line counter reset Smart MIDlet Transit Customer uses phone for transit and Mifare and Calypso top-up over the air when the value OTA provisioning runs low Top-up gateway for OTA stored value top-up Rewards Customer accesses customized Tag reading user information and personalized offers interface through interactive billboards Customised tag campaigns management Coupons download, store & redeem mechanism S.O.S When customer loses their mobile Over-The-Air phone, NFC applications are immediate blocking immediately blocked OTA. The same Routing messages applications can be easily to parties re-downloaded on a new device. Re-issuance management Life cycle management

    [0197] In the case of the present invention, TSM features can include the downloading of specific applications to manage the environments related to each partition. This means the keys and the access rights for each partition. A TSM will handle also the NFC application which allows the automatic switching from one partition to another when a mobile phone receives a signal from a NFC tag. A TSM will also manage, over the air, the life cycle of the NFC mobile to support enrolment, downloads, updates, lost devices, end of life.