Method and system for mobile device credentialing

Assignee

• Telefonaktiebolaget LM Ericsson (Publ) · SE

Inventors

• Bernard Smeets · Dalby, SE
• Luis Barriga · Älta, SE
• Mattias Eld · Vilhelmina, SE
• Vesa Lehtovirta · Espoo, FI
• Krister Sallberg · Lund, SE

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/80
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Methods and systems taught herein allow communication device manufacturers to preconfigure communication devices to use preliminary access credentials to gain temporary network access for downloading subscription credentials, and particularly allow the network operator issuing the subscription credentials to verify that individual devices requesting credentials are trusted. In one or more embodiments, a credentialing server is owned or controlled by the network operator, and is used by the network operator to verify that subscription credentials are issued only to trusted communication devices, even though such devices may be referred to the credentialing server by an external registration server and may be provisioned by an external provisioning server. Particularly, the credentialing server interrogates requesting devices for their device certificates and submits these device certificates to an external authorization server, e.g., an independent OCSP server, for verification. A common Public Key Infrastructure (PKI) may be used for operator and device certificates.