Patents by Inventor Ulrich WIMBOCK
Ulrich WIMBOCK has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11943837Abstract: A method for managing subscription profiles of a security element, which is provided for use in a mobile end device and on which a profile manager and at least one first subscription profile is loaded, includes: loading a second subscription profile from a subscription management server; checking whether the at least one first loaded subscription profile satisfies a predetermined condition; and putting the at least one first subscription profile out of operation when the at least one first subscription profile satisfies the predetermined condition.Type: GrantFiled: January 29, 2020Date of Patent: March 26, 2024Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBHInventors: Andreas Morawietz, Nils Nitsch, Ulrich Huber, Ulrich Wimbock
-
Patent number: 11418944Abstract: A method of adaptive generation of a profile package is constructed to install a profile in the eUICC. The method includes adaptive generation of a code package constructed to install an executable code in the device. A batch of multiple profile (or code) descriptions is provided. The target eUICC/target device or some other competent instance is arranged to provide the transfer server with configuration information of the target eUICC/target device. The transfer server retrieves, instead of a ready-made profile (code) package (eSIM), only a profile (code) description and profile (code) data. The transfer server then generates the profile package adaptively, there-in flexibly considering the configuration information on the target eUICC/target device. By this adaptive way of profile generation, profile packages matching with the real target eUICC/target device are generated. Such a matching profile package can be successfully installed in the eUICC.Type: GrantFiled: December 20, 2018Date of Patent: August 16, 2022Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBHInventor: Ulrich Wimbock
-
Publication number: 20220132297Abstract: A method for managing subscription profiles of a security element, which is provided for use in a mobile end device and on which a profile manager and at least one first subscription profile is loaded, includes: loading a second subscription profile from a subscription management server; checking whether the at least one first loaded subscription profile satisfies a predetermined condition; and putting the at least one first subscription profile out of operation when the at least one first subscription profile satisfies the predetermined condition.Type: ApplicationFiled: January 29, 2020Publication date: April 28, 2022Inventors: Andreas MORAWIETZ, Nils NITSCH, Ulrich HUBER, Ulrich WIMBOCK
-
Publication number: 20210368329Abstract: A method of adaptive generation of a profile package is constructed to install a profile in the eUICC. The method includes adaptive generation of a code package constructed to install an executable code in the device. A batch of multiple profile (or code) descriptions is provided. The target eUICC/target device or some other competent instance is arranged to provide the transfer server with configuration information of the target eUICC/target device. The transfer server retrieves, instead of a ready-made profile (code) package (eSIM), only a profile (code) description and profile (code) data. The transfer server then generates the profile package adaptively, there-in flexibly considering the configuration information on the target eUICC/target device. By this adaptive way of profile generation, profile packages matching with the real target eUICC/target device are generated. Such a matching profile package can be successfully installed in the eUICC.Type: ApplicationFiled: December 20, 2018Publication date: November 25, 2021Inventor: Ulrich WIMBOCK
-
Patent number: 10637851Abstract: A method for introducing an identity into a secure element includes an operating system loaded into the secure element, which comprises a master key which is identical for a plurality of secure elements. A secure-element key datum is generated employing the master key. The secure-element key datum is configured as a temporary secure-element key datum, which, upon an initial authentication of the secure element vis-à-vis the background system, is replaced by a final secure-element key datum which is independent of the master key by employing the temporary secure-element key datum and is itself rendered invalid for further authentications.Type: GrantFiled: December 15, 2015Date of Patent: April 28, 2020Assignee: GIESECKE & DEVRIENT GMBHInventors: Ulrich Wimböck, Jens Rudolph
-
Patent number: 10484370Abstract: A method for operating a security element of a mobile terminal with a memory unit includes using a first subscription profile with a first operating system for the security element, and a second subscription profile with a second operating system for the security element. The method involves operating the security element with the first operating system to communicate with the first subscription profile via a first mobile communication network; switching from the first operating system to the second operating system of the security element through a boot loader in the memory unit loading and executing the second operating system following a reboot of the security element; and operating the security element with the second operating system, to be able to communicate with the second subscription profile via a second mobile communication network. A corresponding security element and a corresponding mobile terminal are provided.Type: GrantFiled: February 5, 2016Date of Patent: November 19, 2019Assignee: GIESECK+DEVRIENT MOBILE SECURITY GMBHInventor: Ulrich Wimböck
-
Patent number: 10397781Abstract: Provided are a method for personalizing a security element for a mobile end device for communicating via a mobile radio network as well as a corresponding system. The method comprises the following steps: supplying initialization data of an initialization entity to the security element, wherein the initialization data comprise a personalization token; supplying the personalization token from the security element to a personalization entity; checking the validity of the personalization token through the personalization entity; and after successfully checking the validity of the personalization token, supplying personalization data from the personalization entity to the security element, wherein authorization data for authenticating the security element in encrypted form are already part of the initialization data and the personalization data comprise a key for decrypting the authorization data.Type: GrantFiled: August 7, 2015Date of Patent: August 27, 2019Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBHInventor: Ulrich Wimböck
-
Patent number: 10264451Abstract: In order to support the access of a terminal to a mobile communication network, a network subscriber identifier and a plurality of authentication data sets relating to this network user identifier are transferred to the terminal by an access support server. The plurality of authentication data sets are generated previously by a server of the mobile communication network, after the access support server has transmitted the network subscriber identifier to the server. In order to check an authentication information item of the terminal upon logging into the mobile communication network, an authentication server of the mobile communication network transmits an authentication data set from the plurality of authentication data sets, for example via the server.Type: GrantFiled: March 9, 2016Date of Patent: April 16, 2019Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBHInventor: Ulrich Wimböck
-
Publication number: 20180241744Abstract: A method for operating a security element of a mobile terminal with a memory unit includes using a first subscription profile with a first operating system for the security element, and a second subscription profile with a second operating system for the security element. The method involves operating the security element with the first operating system to communicate with the first subscription profile via a first mobile communication network; switching from the first operating system to the second operating system of the security element through a boot loader in the memory unit loading and executing the second operating system following a reboot of the security element; and operating the security element with the second operating system, to be able to communicate with the second subscription profile via a second mobile communication network. A corresponding security element and a corresponding mobile terminal are provided.Type: ApplicationFiled: February 5, 2016Publication date: August 23, 2018Inventor: Ulrich WIMBÖCK
-
Patent number: 9930069Abstract: A method for operating a security element which is part of a mobile end device, and a security element, have functionality depending on a set of operating parameters that is deposited on the security element. The method comprises the following steps: operating the security element with the set of operating parameters that is deposited on the security element; collecting data about the use of the security element and/or of the mobile end device; selecting a use profile on the basis of the collected data, with the use profile being assigned a set of operating parameters that is matched thereto; and operating the security element with the set of operating parameters that is matched to the selected use profile.Type: GrantFiled: June 11, 2014Date of Patent: March 27, 2018Assignee: GIESECKE+DEVRIENT MOBILE SECURITY GMBHInventor: Ulrich Wimbock
-
Publication number: 20180063713Abstract: In order to support the access of a terminal to a mobile communication network, a network subscriber identifier and a plurality of authentication data sets relating to this network user identifier are transferred to the terminal by an access support server. The plurality of authentication data sets are generated previously by a server of the mobile communication network, after the access support server has transmitted the network subscriber identifier to the server. In order to check an authentication information item of the terminal upon logging into the mobile communication network, an authentication server of the mobile communication network transmits an authentication data set from the plurality of authentication data sets, for example via the server.Type: ApplicationFiled: March 9, 2016Publication date: March 1, 2018Applicant: Giesecke + Devrient Mobile Sercurity GMBHInventor: Ulrich WIMBÖCK
-
Publication number: 20170374063Abstract: A method for introducing an identity into a secure element includes an operating system loaded into the secure element, which comprises a master key which is identical for a plurality of secure elements. A secure-element key datum is generated employing the master key. The secure-element key datum is configured as a temporary secure-element key datum, which, upon an initial authentication of the secure element vis-à-vis the background system, is replaced by a final secure-element key datum which is independent of the master key by employing the temporary secure-element key datum and is itself rendered invalid for further authentications.Type: ApplicationFiled: December 15, 2015Publication date: December 28, 2017Applicant: GIESECKE & DEVRIENT GMBHInventors: Ulrich WIMBÖCK, Jens RUDOLPH
-
Publication number: 20170230830Abstract: Provided are a method for personalizing a security element for a mobile end device for communicating via a mobile radio network as well as a corresponding system. The method comprises the following steps: supplying initialization data of an initialization entity to the security element, wherein the initialization data comprise a personalization token; supplying the personalization token from the security element to a personalization entity; checking the validity of the personalization token through the personalization entity; and after successfully checking the validity of the personalization token, supplying personalization data from the personalization entity to the security element, wherein authorization data for authenticating the security element in encrypted form are already part of the initialization data and the personalization data comprise a key for decrypting the authorization data.Type: ApplicationFiled: August 7, 2015Publication date: August 10, 2017Inventor: Ulrich WIMBÖCK
-
Publication number: 20160134661Abstract: A method for operating a security element which is part of a mobile end device, and a security element, have functionality depending on a set of operating parameters that is deposited on the security element. The method comprises the following steps: operating the security element with the set of operating parameters that is deposited on the security element; collecting data about the use of the security element and/or of the mobile end device; selecting a use profile on the basis of the collected data, with the use profile being assigned a set of operating parameters that is matched thereto; and operating the security element with the set of operating parameters that is matched to the selected use profile.Type: ApplicationFiled: June 11, 2014Publication date: May 12, 2016Inventor: Ulrich WIMBOCK