(12) United States Patent
`Nehushtan
`
`(10) Patent No.:
`(45) Date of Patent:
`
`US 9,635,544 B2
`*Apr. 25, 2017
`
`USOO963.5544B2
`
`(54)
`
`(71)
`
`(72)
`(73)
`
`(*)
`
`(21)
`(22)
`(65)
`
`(63)
`
`(51)
`
`(52)
`
`(58)
`
`CELLULAR DEVICE SECURITY
`APPARATUS AND METHOD
`
`Applicants: Rafi Nehushtan, Yahud (IL); Refael
`Nehushtan, Ramat-Gan (IL)
`Inventor: Rafi Nehushtan, Yahud (IL)
`Assignees: Rafi Nehushtan, Yahud (IL); Refael
`Nehushtan, Ramat-Gan (IL)
`Subject to any disclaimer, the term of this
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 90 days.
`This patent is Subject to a terminal dis
`claimer.
`
`Notice:
`
`Appl. No.: 14/591,108
`
`Filed:
`
`Jan. 7, 2015
`
`Prior Publication Data
`US 2015/O126159 A1
`May 7, 2015
`Related U.S. Application Data
`Continuation of application No. 14/287,098, filed on
`May 26, 2014, now Pat. No. 8,934,864, which is a
`(Continued)
`
`Int. C.
`H04M I/66
`H0478/22
`
`(2006.01)
`(2009.01)
`(Continued)
`
`U.S. C.
`CPC ............. H04W 8/22 (2013.01); H04L 63/083
`(2013.01); H04 W 12/06 (2013.01); H04W
`12/08 (2013.01);
`
`(Continued)
`Field of Classification Search
`CPC ....... H04W 12/08: H04W 8/22; H04W 12/12:
`H04W 12/06; H04L 63/083; H04L 67/34;
`(Continued)
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`3,891.974. A * 6/1975 Coulter ................. G06F94843
`TO3, 13
`
`5,060,295 A 10, 1991 Borras et al.
`(Continued)
`
`FOREIGN PATENT DOCUMENTS
`
`GB
`JP
`
`11 2001
`2362543
`10, 2003
`2003-304322
`(Continued)
`
`OTHER PUBLICATIONS
`
`International Preliminary Report on Patentability Dated Jul. 5, 2006
`From the International Preliminary Examining Authority Re. Appli
`cation No. PCTIL2005.000264.
`(Continued)
`Primary Examiner — Mahendra Patel
`
`ABSTRACT
`(57)
`A cellular communication device has one or more access
`modes which allow reading and writing of data, for example
`to change its settings, for example passwords and even the
`entire operating system and also permitting access to per
`Sonal information Such as the user's telephone book. To
`prevent cloning and like illegal access activity, the device is
`configured by restricting access to such data access modes
`using a device unique security setting. The setting may be a
`password, preferably a one-time password, or it may be a
`unique or dynamic or one time configuration of the codes for
`the read and write instructions of the data mode. There is
`also disclosed a server, which manages the security settings
`Such that data mode operates during an active connection
`between the device and the server, and a secure communi
`cation protocol for communicating between the server and
`the cellular device.
`
`20 Claims, 8 Drawing Sheets
`
`protection
`
`
`
`/
`
`Reprogramming
`computer
`
`APPLE 1001
`
`1
`
`

`

`US 9,635,544 B2
`Page 2
`
`Related U.S. Application Data
`continuation of application No. 14/040,756, filed on
`Sep. 30, 2013, now Pat. No. 8,737.963, which is a
`continuation of application No. 10/839,148, filed on
`May 6, 2004, now Pat. No. 8,548,429.
`Provisional application No. 60/550,305, filed on Mar.
`8, 2004.
`
`(2006.01)
`(2009.01)
`(2009.01)
`(2009.01)
`(2009.01)
`(2006.01)
`
`Int. C.
`H04L 29/06
`HO47 (2/06
`HO47 (2/08
`HO47 (2/12
`HO4W 88/02
`HO4M I/70
`U.S. C.
`CPC ......... H04 W 12/12 (2013.01); H04L 63/0838
`(2013.01); H04M 1/70 (2013.01); H04W 88/02
`(2013.01)
`
`Field of Classification Search
`CPC. H04L 63/0838; G06F 11/1402; H04M 1/70
`USPC ....................... 455/410, 422.1, 411; 380/240
`See application file for complete search history.
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`(60)
`
`(51)
`
`(52)
`
`(58)
`
`(56)
`
`2/2010 Husak et al.
`7,667,572 B2
`4/2010 Perry et al.
`7,693,976 B2
`8,295,808 B2 10/2012 Gehrmann et al.
`8,347,104 B2
`1/2013 Pathiyal
`8,544,084 B2
`9/2013 Owen et al.
`8,548,429 B2 * 10/2013 Nehushtan ............ HO4L 63,083
`324f715
`5/2014 Nehushtan ............ HO4L 63,083
`379,161
`1/2015 Nehushtan ............ HO4L 63,083
`379,161
`
`8.737,963 B2 *
`
`8,934,864 B2 *
`
`6/2002 Brothers
`2002, 0083178 A1
`2002fO144151 A1 10, 2002. Shell et al.
`2002/0186846 Al 12/2002 Nyberg et al.
`2003/0027563 A1* 2, 2003 Herle ........................ GO6F 8.65
`455,419
`2003/0063071 A1* 4/2003 Wyatt .............. G06F 13,102
`345,172
`
`5/2003 Letsinger
`2003/0101347 A1
`2003/0204726 A1 10, 2003 Kefford et al.
`2003/0226040 A1 12/2003 Challener et al.
`2003/0229791 A1* 12/2003 De Jong ................. G06F 21/31
`T13, 182
`
`9, 2004 Little et al.
`2004/017727O A1
`9, 2004 Puthenkulam
`2004/0192303 A1
`2004/0203601 A1 10, 2004 Morriss et al.
`2004/0235455 A1 * 1 1/2004 Jiang ...................... GO1V3,087
`455,411
`2005/0086.328 A1* 4/2005 Landram ................. HO4L 67.34
`TO9.220
`
`2005/O197099 A1
`2014/0031013 A1
`2014/0256289 A1
`2015, 0126160 A1
`
`9, 2005 Nehushtan
`1/2014 Nehushtan
`9/2014 Nehushtan et al.
`5, 2015 Nehushtan
`
`5, 1995 Ehara
`5,414,753. A
`9/1997 Cooper
`5,673,317 A
`5,828,956 A 10, 1998 Shirai
`5,842,124 A 11/1998 Kenagy et al.
`5,887,250 A
`3, 1999 Shah
`6,014,651 A *
`1/2000 Crawford .............. GO6F9,5061
`TOS/34
`
`2/2000 Osborn
`6,026,293 A
`4/2000 Fette et al.
`6,052,600 A
`6,148,197 A 11/2000 Bridges et al.
`6,223,290 B1
`4/2001 Larsen et al.
`6,259,908 B1* 7/2001 Austin .................. HO4W 12/08
`455,411
`
`7, 2001 Sato
`6,268,879 B1
`6,301,666 B1 10, 2001 Rive
`6,385,730 B2
`5, 2002 Garrison
`6,463,298 B1
`10/2002 Sorenson et al.
`6,502,193 B1 12/2002 Barber
`6,510,350 B1
`1/2003 Steen, III et al.
`6,550,010 B1
`4/2003 Link, II et al.
`6,611,913 B1
`8, 2003 Carroll et al.
`6,628,934 B2
`9/2003 Rosenberg et al.
`6,633,981 B1 10/2003 Davis
`6,671.687 B1
`12/2003 Pederson et al.
`6,738,636 B2 * 5/2004 Lielbried is .......... HO4L 12,5895
`455,412.1
`6,745,325 B1* 6/2004 Gavlik ...................... GO6F 8.65
`TO9,221
`
`6, 2004 Bartel et al.
`6,754,895 B1
`6,826,762 B2 11/2004 Shell et al.
`6,829,492 B2 12/2004 Aerrabotu
`6,856,818 B1
`2, 2005 Ford
`6,880,079 B2
`4/2005 Kefford et al.
`7.054,306 B2 * 5/2006 Kuo .................... HO4L 63,0428
`370,352
`
`6, 2006 Hind et al.
`7,069,452 B1
`7,134,047 B2 * 1 1/2006 Quach ................. G06F 11,1641
`71.2/229
`
`2/2007 Kopchick et al.
`7, 177,915 B2
`3/2007 Myles et al.
`7,197,297 B2
`7/2009 Bligt et al.
`7,561,691 B2
`8, 2009 Rebello
`7,574,197 B1
`7.587,463 B2 * 9/2009 Sugita ....................... GO6F 8.65
`359/455
`
`FOREIGN PATENT DOCUMENTS
`
`2001.0056947 A * 7, 2001
`KR
`2378796
`1, 2010
`RU
`WO O2, 12985
`2, 2002
`WO
`WO WO 2005/086513
`9, 2005
`
`OTHER PUBLICATIONS
`
`Official Action Dated Mar. 17, 2008 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`Official Action Dated Jul 26, 2007 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`Written Opinion Dated Apr. 26, 2006 From the International Pre
`liminary Examining Authority Re. Application No. PCT/IL2005/
`000264.
`Advisory Action Before the Filing of an Appeal Brief Dated Mar.
`26, 2010 From the US Patent and Trademark Office Re. U.S. Appl.
`No. 10/839,148.
`Communication Pursuant to Article 96(2) EPC Dated Nov. 7, 2007
`From the European Patent Office Re. Application No. 05709152.2.
`Examination Report Dated Nov. 11, 2008 From the Government of
`India, Patent Office, Intellectual Property Building Re. Application
`No. 2580, KOLNP2006.
`International Search Report and the Written Opinion Dated Jul. 1,
`2005 From the International Searching Authority Re. Application
`No. PCTIL2005.000264.
`Interview Summary Dated Jun. 16, 2011 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`Notice of Allowance Dated Jun. 6, 2013 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`Notice of Allowance Dated Jan. 17, 2014 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 14/040,756.
`Notice of Allowance Dated Aug. 28, 2014 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 14/287,098.
`Notice of Non-Compliant Amendment (37 CFR 1.121) Dated Jun.
`2, 2009 From the US Patent and Trademark Office Re. U.S. Appl.
`No. 10/839,148.
`Official Action Dated Sep. 1, 2011 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`
`2
`
`

`

`US 9,635,544 B2
`Page 3
`
`(56)
`
`References Cited
`
`OTHER PUBLICATIONS
`
`Official Action Dated Dec. 13, 2010 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`Official Action Dated Sep. 18, 2009 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 10/839,148.
`Request Dated Feb. 26, 2009 From the ROSPATENT, Federal
`Government Institution, Federal Institute of Industrial Property of
`the Federal Service for Intellectual Property, Patents and Trade
`marks of the Russion Federation Re. Application No. 2006133638
`and Its Summary in English.
`Official Action Dated Jun. 13, 2016 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 14/591.947.
`Boncella “Wireless Security: An Overview”. Communications of
`the Association for Information Systems, 9: 269-282, 2002.
`Notice of Allowance Dated Dec. 23, 2016 From the US Patent and
`Trademark Office Re. U.S. Appl. No. 14/591.947. (25 pages).
`* cited by examiner
`
`3
`
`

`

`U.S. Patent
`U.S. Patent
`
`Apr. 25, 2017
`
`Sheet 1 of 8
`
`US 9,635,544 B2
`US 9,635,544 B2
`
`SUTUUeISOIddy
`
`Joynduros
`
`JOprAol
`
`vl
`
`Jo\soduwy]
`
`
`
`SUIISOIdSyy
`
`Joyndutos
`
`
`
`0
`0
`I
`
`[‘Sty
`
`I ’31, I
`
`ZI
`cl
`
`4
`
`
`
`

`

`U.S. Patent
`U.S. Patent
`
`Apr. 25, 2017
`Apr. 25, 2017
`
`Sheet 2 of 8
`Sheet 2 of 8
`
`US 9,635,544 B2
`US 9,635,544 B2
`
`
`
`Joynduro0o
`
`9Ind9¢
`
`JOAIOS
`
`SUIUIUIeISOIdOY
`
`5
`
`

`

`U.S. Patent
`
`Apr. 25, 2017
`
`Sheet 3 of 8
`
`US 9,635,544 B2
`
`
`
`
`
`
`
`
`
`quòIIO
`
`UueJºão Id
`
`g ?! I
`
`99
`
`6
`
`

`

`U.S. Patent
`U.S. Patent
`
`Apr.25, 2017
`Apr. 25, 2017
`
`Sheet 4 of8
`Sheet 4 of 8
`
`US 9,635,544 B2
`US 9,635,544 B2
`
`&=OO
`
`Soe
`
`is q)
`S.9 S D
`G) CD
`O O
`
`S
`32
`
`30
`
`Fig.4
`
`S.
`34
`
`
`
`7
`
`

`

`U.S. Patent
`U.S. Patent
`
`Apr. 25, 2017
`
`Sheet 5 of 8
`
`US 9,635,544 B2
`US 9,635,544 B2
`
`cS
`
`penuenPeuuesmen
`
`soAy
`
`~ZPeAlsoeu
`
`
`
`
`
`JOeHNDOS
`
`vsTt
`
`
`PBS}JAYIOMMoU2}]B21D
`
`
`
`¢“Sty
`
`
`
`
`
`Bulusjysi]3}e91DMOU
`
`
`
`
`
`8
`
`
`

`

`U.S. Patent
`U.S. Patent
`
`Apr. 25, 2017
`
`Sheet 6 of 8
`
`US 9,635,544 B2
`US 9,635,544 B2
`
`
`
`UOCHOSUUCDMEN
`
`
`
`»—,
`—co
` PeBsIY}]IDSIOMMoU29}]eS921ID'&ZPSAISsoeI
`
`
`
`
`Q‘BIJ
`9 (31+
`
` —o
`
`
`
`
`
`edidpouieuMseu9}]e2ID
`
`
`
`9
`
`
`
`

`

`U.S. Patent
`
`Apr. 25, 2017
`
`Sheet 7 of 8
`
`US 9,635,544 B2
`
`(peeul?eleuuel)
`
`
`
`
`
`
`
`
`
`10
`
`

`

`U.S. Patent
`U.S. Patent
`
`Apr. 25, 2017
`Apr. 25, 2017
`
`Sheet 8 of 8
`Sheet 8 of 8
`
`US 9,635,544 B2
`US 9,635,544 B2
`
`
`
`
`
`
`
`
`
`
`
`
`edidpeweu
`
`
`
`ON
`oN
`
`
`
`a~zwayoed
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`yualjo
`
`
`
`
`
`
`
`
`
`JS8A
`
`(peaiy)ayBuluwa)ajpueH
`
`
`
`pouuoosippueedid.°1$$
`peweuBIA,peeley,,0N
`e#eyoedpuesNTN
`
`
`
`_-”payoauuooyayoedoSONwspeajeoey
`
`
`
`
`e#eyoedpues,PEYEIUSyINy,,
`y@00sBIA,payoalay,,
`
`pueadidpadeupue
`_opayeoqueyyneaON“
`
` saa[Wel)JoaUUOASIp
`sa),|
`
`ae_4<<peyeanueyyny>>ONee88KfsaA
`
`8y}0}FOUL
`
`ONe#Jex0edpues
`
`
`
`
`
`
`
`
`
`
`eyep/ysonba
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`g‘SIy
`8 (31)
`
`11
`
`11
`
`
`
`
`
`
`
`
`

`

`US 9,635,544 B2
`
`1.
`CELLULAR DEVICE SECURITY
`APPARATUS AND METHOD
`
`RELATED APPLICATIONS
`
`This application is a continuation of U.S. patent applica
`tion Ser. No. 14/287,098 filed on May 26, 2014, which is a
`continuation of U.S. patent application Ser. No. 14/040,756
`filed on Sep. 30, 2013, now U.S. Pat. No. 8,737.963, which
`is a continuation of U.S. patent application Ser. No. 10/839,
`148 filed on May 6, 2004, now U.S. Pat. No. 8,548,429,
`which claims the benefit of priority of U.S. Provisional
`Patent Application No. 60/550,305 filed on Mar. 8, 2004.
`The contents of the above applications are all incorporated
`by reference as if fully set forth herein in their entirety.
`
`10
`
`15
`
`FIELD AND BACKGROUND OF THE
`INVENTION
`
`The present invention relates to cellular device security
`apparatus and methods and, more particularly, but not exclu
`sively to a security system for protection of data and access
`thereto, including read and write access to configuration
`data, in a cellular telephony device.
`A security vulnerability exists in cellular devices. In even
`the most secure of current devices it is currently possible to
`read sensitive information from a cellular device (source)
`and write it into a new cellular device (destination) thus
`making the destination device identical to the source device
`with regards to the cellular network. This enables the
`destination device to make calls, which are then billed to the
`source device. Such sensitive information may include
`device information such as the network identity of the
`device. It may also include personal information Such as the
`user's personal telephone book.
`Exploiting the same vulnerability it is also possible to
`copy sensitive information from a source device to a desti
`nation device, thus enabling an end-user device upgrade
`without the knowledge of the cellular provider. Likewise it
`is possible to steal a device in one country and sell it in
`another country after a new operating system has been
`written into the stolen device.
`A cellular device contains the following unique informa
`tion items that allow any particular device to be identified
`uniquely:
`1. ESN: Electronic Serial Number. A unique number
`supplied by the manufacturer of the cellular device.
`2. NUM: The cellular device's phone number. Supplied by
`the cellular provider.
`3. A-KEY: Authentication key. Generated, by Synacom
`Technologies Inc. of San Jose, Calif., USA, for each cellular
`device and cellular provider separately, supplied by the
`manufacturer and used for authenticating the identity of a
`cellular device by the cellular provider.
`4. SSD: An identifier created by the cellular network in
`combination with additional information from the cellular
`provider's database and used to identify the cellular device
`when a call is being made.
`These four information items are rightly regarded as being
`extremely sensitive. They are generally located in the cel
`lular device along with the operating system located on the
`chipset.
`DM (Data Mode)
`The DM is a mode in which the device allows any access
`to the device to change settings and/or accepts commands,
`via its serial interface, which can be used to read and write
`information. Setting the device to DM enables reading and
`
`25
`
`30
`
`35
`
`40
`
`45
`
`50
`
`55
`
`60
`
`65
`
`2
`writing of data via COM, USB, IR, RF, Bluetooth and any
`other available interface on the cellular device. There exists
`a data mode entry command for causing the device to enter
`data mode, and a code, for example a keypad code, which is
`required in order to enter DM. The DM code and/or com
`mand, is typically unique for each manufacturer.
`Cloning a Cellular Device:
`Using data mode it is possible to clone a cellular device.
`The devices may be cloned using one of the following three
`procedures:
`Reading the A-KEY, SSD, ESN and NUM information
`fields from a source device and writing them into a
`destination device.
`Reading the A-KEY, ESN and NUM information fields
`from a source device and writing them into a destina
`tion device, and then requesting a “SSD update opera
`tion from the cellular provider to receive a valid SSD
`field.
`Reading the SSD, ESN and NUM information fields from
`a source device and writing them into a destination
`device.
`The A-KEY, SSD, ESN and NUM information fields are
`all readable from the cellular devices in one way or another.
`A single cellular device can be cloned to multiple desti
`nation devices, all of which will consequently generate calls
`billed to the original device.
`There are several techniques to read the A-KEY. SSD and
`the ESN information fields and to write them on a new
`device. One possibility comprises using a serial RS-232 or
`USB cable to connect the source cellular device to a personal
`computer and via a program to read and write these fields
`from the device's operating system.
`The cellular devices may be divided into two basic types,
`devices without protection, in which the information is
`readable via the operating system, and devices with pass
`word protection. The password is a sixteen (16) hexadecimal
`digit string (which amounts to eight binary octets). Cracking
`this password is presumably very difficult. When the pass
`word is known, the ESN, A-KEY, SSD and NUM fields are
`accessible and can be read or written. The password is
`currently manufacturer specific, and therefore if broken
`once, all devices made by the same manufacturer become
`Vulnerable.
`The above-described methods for reading and writing
`information fields from the devices likewise enable reading
`and writing the device's operating system. Some devices
`have a protection password but it is still possible to read the
`operating system without knowing the protection password,
`and thus it is possible to obtain the password.
`Hacking a Cellular Device:
`Cellular devices may be categorized into two general
`kinds:
`1. Devices without passwords: In devices where the data
`read and data write functions are not protected by a pass
`word, the operating system contains two separate read and
`write command sets: one set for upgrading the operating
`system and one set for reading and writing from the oper
`ating system's memory. These commands can be used
`directly by a hacker to read the information if the device is
`the source device, or to write the information if the device
`is the destination device.
`2. Devices with passwords: A protection password is
`encoded into the device's operating system and thus can be
`obtained from the binary operating system file obtainable on
`the internet, by theft from the cellular providers or by
`reading the data from the device.
`
`12
`
`

`

`US 9,635,544 B2
`
`2O
`
`3
`It is possible to alter the password or to use additional
`constantly based, countermeasures to protect the cellular
`device. The term “constantly based refers typically to
`passwords which are different for different manufacturers,
`different device models, different cellular providers, differ- 5
`ent operating systems and versions etc. However a single
`password applies to numerous individual devices.
`It is noted that the passwords themselves, as well as any
`additional countermeasures, can be decoded from the oper
`ating systems binary file, and the binary file has to be 10
`distributed to all the cellular providers who use cellular
`telephones from the given manufacturer. The passwords are
`thus as secure as the weakest provider.
`Another method is to obtain the mobile telephone man
`agement or PST program which is used to program the 15
`cellular devices. PST is a generic term for programs pro
`duced by the manufacturers that are given to the network
`operators to maintain the cellular device base. The PST
`program may then be analyzed, thus obtaining the pass
`words.
`Such an analysis is possible due to the fact that the PST
`program is a standalone program.
`The DIRECTORY field of the mobile telephone, which is
`a location in which sensitive information is stored, is acces
`sible for reading and writing via the operating system or 25
`keypad codes. Therefore a device's identification in the data
`network can be obtained and altered to identify itself as a
`different device.
`In addition, the operating system can be replaced without
`a hacker being required to have any knowledge of the 30
`protection password. Such a replacement can be used to
`remove any new safeguards inserted into the new version of
`the operating system, thus leaving the device Vulnerable
`with an old version of the operating system.
`The replacement of the operating system can also be used 35
`to change the language of the operating system when a
`cellular device is stolen in one country and sold in another
`country.
`As mentioned above, typically, cellular devices have at
`least two sets of read and write instructions: One set is for 40
`upgrading the operating system and one set is for commu
`nicating with information fields within the operating system.
`A further point that is mentioned is that when sending an
`SMS message, the sender's phone number is a data field
`which may be filled manually by the user and thus a sender 45
`can appear to be someone else in the eyes of the receiver.
`Cloning software is available from the following exem
`plary sources:
`The UniCDMA cloning program is available from
`cdmasoftware(aukr.net;
`The NV tool cloning program is available from certain
`forums;
`The GTRAN CDMA 1x DATA CARD (800M) PRL-Ver
`3.1 program is available from certain forums;
`The DM cloning program, by Qualcom, is also available 55
`from certain forums.
`There is thus a widely recognized need for, and it would
`be highly advantageous to have, a cellular device security
`system in which access to the data mode is devoid of the
`above limitations.
`
`4
`being configured with an access restrictor to restrict use of
`said access mode in accordance with a device unique
`security setting.
`Preferably, the device unique security setting is comprised
`physically on said device.
`Additionally or alternatively, the device unique security
`setting is a Software setting.
`In an embodiment, said device unique security setting is
`a coding configuration for data read or data write instruc
`tions.
`Additionally or alternatively, said device unique security
`setting is a dynamic password.
`Preferably, the dynamic password is a one-time password.
`Preferably, the device unique security setting is con
`structed using at least one device specific data item and at
`least one random data item.
`In a particular embodiment of the above, said device
`unique security setting is constructed using two device
`specific data items and two random data items.
`Preferably, said device unique security setting is dynami
`cally changed over a series of data access mode operations.
`Preferably, said device unique security setting is acces
`sible only via a predetermined communication protocol.
`Preferably, said predetermined communication protocol
`comprises a specified sequence of communication packets.
`Preferably, said predetermined communication protocol
`comprises a specified structure of communication packets.
`The device may be in physical association with a client
`program for managing said predetermined communication
`protocol.
`Preferably, said client program is configured to set said
`cellular communication device into said data access mode
`for accessing of data when it is satisfied that said device
`unique security setting is correct.
`According to a second aspect of the present invention
`there is provided a cellular communication device having a
`data access mode for allowing reading and writing of data to
`change settings on said cellular communication device, said
`device being configured to restrict entry into said data access
`mode to an active connection involving a predetermined
`SCU SWC.
`Preferably, said active connection is identifiable via a
`device unique security setting.
`Preferably, said device unique security setting is a coding
`configuration for data read or data write instructions.
`Preferably, said device unique security setting is a
`dynamic password.
`In an embodiment, said dynamic password is a one-time
`password.
`In an embodiment, said device unique security setting is
`constructed using at least one device specific data item and
`at least one random data item.
`Preferably, said device unique security setting is con
`structed using two device specific data items and two
`random data items.
`Preferably, said device unique security setting is dynami
`cally changed over a series of data access mode operations.
`Preferably, said device unique security setting is acces
`sible only via a predetermined communication protocol.
`Preferably, said predetermined communication protocol
`comprises a specified sequence of communication packets.
`The device may be provided in association with a client
`program for managing said predetermined communication
`protocol.
`
`50
`
`60
`
`SUMMARY OF THE INVENTION
`
`According to one aspect of the present invention there is
`provided a cellular communication device having an access 65
`mode for allowing reading and writing of data to change
`settings on said cellular communication device, said device
`
`13
`
`

`

`5
`Preferably, said client program is configured to set said
`cellular communication device into said data access mode
`when it is satisfied that said device unique security setting is
`COrrect.
`The client program may be configured to check regularly
`using said protocol that said connection is active, and to
`disable said data access mode when said connection is not
`active.
`According to a third aspect of the present invention there
`is provided a server for Supporting data configuration opera
`tions at cellular communication devices connecting
`remotely via a network, the server comprising a database of
`unique secure data regarding said cellular communication
`devices and mode access functionality for using said unique
`secure data to generate device specific data mode entry
`commands required at said cellular communication devices,
`to permit entry into data mode at said cellular communica
`tion devices.
`Preferably, the unique secure data seeds a device unique
`security setting.
`The device unique security setting may be a coding
`configuration for data mode entry, data read or data write
`instructions.
`The device unique security setting may be a dynamic
`password.
`The dynamic password may be a one-time password.
`The device unique security setting may be constructed
`using at least one device specific data item and at least one
`random data item.
`Preferably, the device unique security setting is con
`structed using two device specific data items and two
`random data items.
`The device unique security setting may be dynamically
`changed over a series of data mode operations.
`The device specific data mode entry command may be
`accessible only via a predetermined communication proto
`col.
`The predetermined communication protocol may com
`prise a specified sequence of communication packets.
`The predetermined communication protocol may com
`40
`prise a specified structure of communication packets.
`The server may be located in association with a client
`program for managing said predetermined communication
`protocol.
`Preferably, the client program is configured to set said
`cellular communication device into said data mode when it
`is satisfied that said device specific data mode entry setting
`is correct.
`The client program may be configured to set said cellular
`communication device to disable said data mode when it
`appears that a connection with said server is not active.
`According to a fourth aspect of the present invention there
`is provided a method of restricting access to a reconfigura
`tion mode of each one of a plurality of cellular communi
`cation devices, the method comprising:
`holding device dependent information of each of said
`plurality of cellular communication devices,
`using said device dependent information to create device
`unique security settings for said plurality of devices, and
`configuring said plurality of devices such that a respective
`device unique security setting is required to Support said
`reconfiguration mode.
`Preferably, the device dependent information seeds said
`device unique security setting.
`Preferably, the unique security setting is a coding con
`figuration for data read or data write instructions of said
`configuration mode.
`
`6
`The unique security setting may be a dynamic password.
`The dynamic password may be a one-time password.
`Preferably, said device unique security setting is con
`structed using at least one device specific data item and at
`least one random data item.
`Preferably, said device unique security setting is con
`structed using two device specific data items and two
`random data items.
`Preferably, said device unique security setting is dynami
`cally changed over a series of data mode operations.
`According to a fifth aspect of the present invention there
`is provided a cellular communication device capable of
`communication with an external Source for configuration of
`said cellular communication device, said cellular commu
`nication device comprising a configuration enabler for
`enabling or disabling said communication in accordance
`with a device unique security setting.
`Preferably, said device unique security setting is com
`prised physically on said device.
`Alternatively, said device unique security setting is a
`Software setting.
`Unless otherwise defined, all technical and scientific
`terms used herein have the same meaning as commonly
`understood by one of ordinary skill in the art to which this
`invention belongs. The materials, methods, and examples
`provided herein are illustrative only and not intended to be
`limiting.
`Implementation of the method and system of the present
`invention involves performing or completing certain
`selected tasks or steps manually, automatically, or a combi
`nation thereof. Moreover, according to actual instrumenta
`tion and equipment of preferred embodiments of the method
`and system of the present invention, several selected steps
`could be implemented by hardware or by software on any
`operating system of any firmware or a combination thereof.
`For example, as hardware, selected Steps of the invention
`could be implemented as a chip or a circuit. AS Software,
`selected steps of the invention could be implemented as a
`plurality of Software instructions being executed by a com
`puter using any Suitable operating system. In any case,
`selected steps of the method and system of the invention
`could be described as being performed by a data processor,
`Such as a computing platform for executing a plurality of
`instructions.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`The invention is herein described, by way of example
`only, with reference to the accompanying drawings. With
`specific reference now to the drawings in detail, it is stressed
`that the particulars shown are by way of example and for
`purposes of illustrative discussion of the preferred embodi
`ments of the present invention only, and are presented in the
`cause of providing what is believed to be the most useful and
`readily understood description of the principles and concep
`tual aspects of the invention. In this regard, no attempt is
`made to show structural details of the invention in more
`detail than is necessary for a fundamental understanding of
`the invention, the description taken with the drawings mak
`ing apparent to those skilled in the art how the several forms
`of the invention may be embodied in practice.
`In the drawings:
`FIG. 1 is a simplified diagram showing a cellular tele
`phone having a freely accessible data port for data mode
`access to anyone who knows the data mode access code;
`FIG. 2 is a simplified diagram showing a first preferred
`embodiment of the present invention, in which a cellular
`
`US 9,635,544 B2
`
`10
`
`15
`
`25
`
`30
`
`35
`
`45
`
`50
`
`55
`
`60
`
`65
`
`14
`
`

`

`7
`telephone is connected through a data connection to a
`reprogramming device and to a secure server;
`FIG. 3 is a simplified diagram showing the client server
`aspects of the embodiment of FIG. 2;
`FIG. 4 is a simplified diagram showing another configu
`ration of the client server aspect of the embodiment of FIG.
`2, in which the server is provided in standalone format;
`FIG. 5 is a simplified flow diagram illustrating a proce
`dure for communicating between a client and a server for
`entering and using data mode at a particular cellular device
`according to a preferred embodiment of the present inven
`tion, when the GUI is an integral part of the client;
`FIG. 6 is a simplified flow diagram illustrating a variation
`of the procedure of FIG. 5, wherein the GUI is associated
`with the server;
`FIG. 7 is a simplified flow chart illustrating a thread
`procedure for secure tracking of a client connection for use
`with the embodiment of FIG. 5; and
`FIG. 8 is a simplified flow chart showing a thread pro
`cedure for secure tracking of a client connection for use with
`the embodiment of FIG. 6.
`
`DESCRIPTION OF THE PREFERRED
`EMBODIMENTS
`
`The present embodiments comprise a method and appa
`ratus for protection of the data mode of the cellular tele
`phony device. Preferably the data mode is protected by a
`password, and preferably the password is device specific. In
`a further preferred embodiment the password is dynamic and
`ideally is a one-time password. An advantage of a one-time
`password is that even if it is picked up by a sniffer program
`it is already too late as the cellular device now expects a
`different password. In an alternative e