Abstract: Systems and methods for activating a mobile device for use with a service provider are described. In one exemplary method, a mobile device having a currently inserted SIM card may be prepared for activation using a signing process in which an activation server generates a signed activation ticket that uniquely corresponds to the combination of the device and SIM card, and that is securely stored on the mobile device. In another exemplary method the mobile device may be activated in an activation process in which the device verifies an activation ticket against information specific to the device and SIM card, and initiates activation when the verification of the activation ticket is successful.

Abstract: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. A request in a first program may be received from a second program. A profile is then identified. The profile includes at least one entitlement associated with the second program. The profile is authenticated based on a first digest indicative of the profile and the second program is authenticated based on a second digest indicative of the second program. The request is then executed based on the entitlement.

Abstract: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments based on at least one carrier profile. Carrier profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The carrier profiles allow entities to add software code to a device without reauthorizing each distribution by the trusted authority, or to limited groups of devices controlled or authorized by the other entities.

Abstract: Systems and methods for managing access to restricted data and system resources in secure operating environments are disclosed. Developer access profiles are issued by trusted authorities to developers which define entitlements that provide limited access to system resources and data on specified computing devices. The developer access profiles allow software developers to write software which accesses parts of the target platform environment which are typically off limits to third party developers.

Abstract: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The profiles allow entities to add software code to the device without reauthorizing each distribution by a trusted authority such as testing, quality assurance, or to limited groups of devices controlled or authorized by the other entities.

Abstract: Systems and methods for provisioning computing devices are provided. Carrier provisioning profiles are distributed to computing devices via an activation service during the provisioning process. The carrier provisioning profiles specify access limitations to certain device resources which may otherwise be available to users of the device.

Abstract: Embodiments include systems and methods for authorizing software code to be executed on a device based on a trusted cache. When receiving a request to execute software, this software may be checked for a digital signature by at least one trusted authority. According, a digest value indicative of at least a portion of the software module may be determined. A cache stored in trusted space of the device is then accessed for a matching digest value. If an entry is found, the device may allow execution of the software module; if an entry is not found, then the device may continue with the cryptographic operations for verifying the software's digital signature, or may be configured to block execution of the software.

Abstract: In some embodiments, software developers may obtain development access to a computing device. A software developer may request development access from one or more trusted authorities, such as a manufacturer of the devices, an operating system provider, etc. The request may be approved by a single trusted authority, by at least one of a plurality of trusted authorities, or a combination of several trusted authorities. In order to enable developer access, a trusted authority may create a digital certificate that may be specific to the software developer and the devices and generate a profile that specifies the access rights of the developer on those devices. In addition, the digital certificate may enable the software developer to sign their applications or code so that it may execute on the device in accordance with their profile.

Abstract: Methods, systems, and computer-readable medium for providing telecommunications carrier configuration at activation of a mobile device. In one implementation, a method is provided. The method includes receiving a request for activation of a mobile device, and during activation of the mobile device, determining for the mobile device a telecommunications carrier from a number of telecommunications carriers, and identifying information associated with the determined telecommunications carrier for configuring the mobile device.

Abstract: Methods, systems, and computer-readable medium for securely locating a mobile device. In one implementation, a method is provided. The method includes receiving first information from a first device, where the first information is usable to identify a geographic location of the first device. The first information is verified as originating from the first device. A first request for the geographic location of the first device is received, where the first request includes second information associated with a user associated with the first device. The geographic location of the first device is provided to the user at a second device.

Abstract: The present disclosure is directed to a system and method for configuring software stacks. In some implementations, a method for configuring devices includes automatically identifying one or more applications in the software stack based, at least in part, on at least one of a plurality of identifiable device models or types. The software stack is stored in a device. The one or more applications is automatically configured for execution in the device in accordance with the identified device model. Each of the plurality of identifiable device models is associated with a different configuration of the software stack.

Abstract: Improved techniques and apparatus for managing data between a host device (e.g., host computer) and a media device are disclosed. The data being managed can, for example, pertain to media data for media assets. The managing of the media data thus can involve transfer of media assets between the host device and the media device. In one embodiment, the transfer of media assets between a host device and a media device can be referred to as data backup.

Abstract: Methods, systems and apparatus that facilitate activation of mobile devices, such as communication devices or multi-function devices, via a computer are disclosed. According to one aspect of the invention, a mobile device can be forced into a limited service mode until properly activated with a service provider for a wireless network. According to another aspect of the invention, a mobile device can defer its attempt to send a location update request to a wireless network. According to still another aspect of the invention, a mobile device can be automatically controlled to reset a portion of its internal hardware to initiate a location update request.