-
公开(公告)号:US20190239075A1
公开(公告)日:2019-08-01
申请号:US16384844
申请日:2019-04-15
Applicant: Apple Inc.
Inventor: Xiangying YANG , Li LI , Jerrold Von HAUCK
CPC classification number: H04W12/06 , G06F21/32 , H04L9/3231 , H04L9/3271 , H04L2209/80 , H04W4/50 , H04W4/60 , H04W12/0023 , H04W12/08
Abstract: The embodiments set forth techniques for an embedded Universal Integrated Circuit Card (eUICC) to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication. The eUICC receives a request to perform a management operation in association with an eSIM. In response, the eUICC determines whether a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation. Next, the eUICC causes the mobile device to prompt a user of the mobile device to carry out the human-based authentication. The management operation is then performed or ignored in accordance with results of the human-based authentication.
-
112.发明申请公开(公告)号:US20190074983A1
公开(公告)日:2019-03-07
申请号:US16117642
申请日:2018-08-30
Applicant: Apple Inc.
Inventor: Xiangying YANG , Avinash NARASIMHAN , Li LI , David I. AHN , Jean-Marc PADOVA , Clark P. MUELLER , David T. HAGGERTY
Abstract: Embodiments provided herein identify a certificate issuer (CI) to be relied on as a trusted third party by an electronic subscriber identity module (eSIM) server in remote SIM provisioning (RSP) transactions with an embedded universal integrated circuit card (eUICC). In an RSP ecosystem, multiple CIs may exist. Parties rely on public key infrastructure (PKI) techniques for establishment of trust. Trust may be established based on a trusted third party such as a CI. Parties need to agree on the CI in order for some PKI techniques to be useful. Embodiments provided herein describe approaches for an eUICC and an eSIM server to arrive at an agreed-on CI. Candidate or negotiated CIs may be indicated on a public key identifier (PKID) list. A PKID list is distributed, in some embodiments, by means of a discovery server, via an activation code (AC) and/or during the establishment of a profile provisioning session.
-
公开(公告)号:US20190007835A1
公开(公告)日:2019-01-03
申请号:US16024025
申请日:2018-06-29
Applicant: Apple Inc.
Inventor: Li LI , Dennis D. CONWAY
Abstract: A secure element (SE) determines a profile type and a privilege level. The privilege level, in some embodiments, is associated with a key used successfully by the SE to verify a cryptographic signature. In some embodiments, the privilege level is indicated by a privilege value read from an extension field of a root certificate. The SE determines, in some instances, whether to accept or reject a profile installation after comparing the profile type with the determined privilege level. Thus, a test server is allowed to provision a test profile to an SE even if the test server does not have commercial certification required of an electronic subscriber identity module (eSIM) server that provisions operational profiles. Because the test profile does not include credentials useful for network access, the lower-security test server does not create a risk of improper access to the network of a mobile network operator (MNO).
-
114.发明申请公开(公告)号:US20180249333A1
公开(公告)日:2018-08-30
申请号:US15876875
申请日:2018-01-22
Applicant: Apple Inc.
Inventor: Li LI , Xiangying YANG , Jerrold Von HAUCK , Christopher B. SHARP , Yousuf H. VAID , Arun G. MATHIAS , David T. HAGGERTY , Najeeb M. ABDULRAHIMAN
CPC classification number: H04W12/06 , H04L41/28 , H04L63/083 , H04L63/0838 , H04L63/0853 , H04W12/00514
Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.
-
115.发明申请公开(公告)号:US20180249332A1
公开(公告)日:2018-08-30
申请号:US15873856
申请日:2018-01-17
Applicant: Apple Inc.
Inventor: Stephan V. SCHELL , Arun G. MATHIAS , Jerrold Von HAUCK , David T. HAGGERTY , Kevin McLAUGHLIN , Ben-Heng JUANG , Li LI
IPC: H04W12/06 , H04W12/08 , H04W12/04 , H04W8/20 , H04L29/06 , H04W4/50 , G06F21/57 , G06F21/45 , H04W4/60 , H04L29/08
CPC classification number: H04W12/06 , G06F21/45 , G06F21/57 , H04L63/08 , H04L63/0853 , H04L63/123 , H04L63/20 , H04L67/34 , H04W4/50 , H04W4/60 , H04W8/205 , H04W12/04 , H04W12/08
Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.
-
Patent Agency Ranking
116.发明申请公开(公告)号:US20180063697A1
公开(公告)日:2018-03-01
申请号:US15253783
申请日:2016-08-31
Applicant: Apple Inc.
Inventor: Li LI , Clark P. MUELLER , Avinash NARASIMHAN , Arun G. MATHIAS , Najeeb M. ABDULRAHIMAN , David T. HAGGERTY
CPC classification number: H04W8/183 , G06F21/575 , G06F21/72 , H04L63/123 , H04W4/50 , H04W4/60 , H04W8/245 , H04W12/10
Abstract: Representative embodiments described herein set forth techniques for provisioning bootstrap electronic Subscriber Identity Modules (eSIMs) to mobile devices. According to some embodiments, a mobile device can be configured to issue, to an eSIM selection server, a bootstrap eSIM request that includes (i) metadata associated with the mobile device, and (ii) metadata associated with an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device. In turn, the eSIM selection server selects and binds a particular bootstrap eSIM to the mobile device, and provides information to the mobile device that enables the mobile device to obtain the particular bootstrap eSIM from one or more eSIM servers. When the mobile device obtains the particular bootstrap eSIM, the mobile device can interface with a mobile network operator (MNO) and obtain a complete eSIM that enables the mobile device to access services provided by the MNO.
-
117.发明申请公开(公告)号:US20180063668A1
公开(公告)日:2018-03-01
申请号:US15691660
申请日:2017-08-30
Applicant: Apple Inc.
Inventor: Li LI
CPC classification number: H04W4/50 , H04L9/0643 , H04L9/14 , H04L9/3247 , H04L2209/80 , H04W4/60 , H04W8/245 , H04W12/04 , H04W12/06 , H04W12/10
Abstract: Representative embodiments described herein set forth techniques for provisioning device configuration files and electronic Subscriber Identity Modules (eSIMs) to mobile devices. One embodiment sets forth a method for installing an eSIM at a mobile device. According to some embodiments, the method includes the steps of (1) receiving a first request to obtain the eSIM, (2) issuing, to an eSIM server, a second request for the eSIM, (3) receiving an eSIM installation package from the eSIM server, where the eSIM installation package includes (i) the eSIM, and (ii) a device configuration file that corresponds to: the mobile device, and at least one Mobile Network Operator (MNO) associated with the eSIM, and (4) upon verifying at least one digital signature associated with the eSIM installation package: installing the device configuration file on the mobile device, and installing the eSIM on an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device.
-
公开(公告)号:US20160316356A1
公开(公告)日:2016-10-27
申请号:US15134289
申请日:2016-04-20
Applicant: Apple Inc.
Inventor: Li LI , Arun G. MATHIAS
Abstract: This disclosure describes procedures for maintaining multiple electronic subscriber identity modules (eSIMs) within a user equipment (UE) device, in such a manner that an inactive eSIM can be maintained/updated at the UE device while an active eSIM is being utilized by the UE device to communicate with a corresponding network. The procedures include, a UE device establishing communications with a first network using an active eSIM, initiating an eSIM manager at the UE device, selecting an inactive eSIM (e.g., associated with a second network) with the eSIM manager, applying a profile update to the inactive eSIM with the eSIM manager during communications with the first network, and deselecting the inactive eSIM with the eSIM manager when the profile update to the inactive eSIM is complete. In some configurations, the eSIM manager and the multiple eSIMs can be stored within a secure element of the UE device.
Abstract translation: 本公开描述了在用户设备(UE)设备内维护多个电子用户识别模块(eSIM)的过程,其方式是当UE正在利用活动eSIM时,可以在UE设备处维持/更新非活动eSIM 设备与对应的网络通信。 该过程包括:使用活动eSIM建立与第一网络的通信的UE设备,在UE设备发起eSIM管理器,用eSIM管理器选择不活动的eSIM(例如,与第二网络相关联的),将配置文件更新应用于 在与第一个网络通信时与eSIM管理器进行非活动的eSIM,当非活动eSIM的配置文件更新完成时,使用eSIM管理器取消选中不活动的eSIM。 在一些配置中,eSIM管理器和多个eSIM可以存储在UE设备的安全元素内。
-
119.发明申请公开(公告)号:US20160037350A1
公开(公告)日:2016-02-04
申请号:US14866969
申请日:2015-09-27
Applicant: Apple Inc.
Inventor: Li LI , Stephan V. SCHELL
CPC classification number: H04W12/12 , H04L69/40 , H04W8/20 , H04W8/265 , H04W28/0289 , H04W28/06 , H04W48/06 , H04W52/0212 , H04W74/004 , Y02D70/1224 , Y02D70/1242 , Y02D70/1262 , Y02D70/142 , Y02D70/144 , Y02D70/146 , Y02D70/166
Abstract: Methods and apparatus for correcting error events associated with identity provisioning. In one embodiment, repeated requests for access control clients are responded to with the execution of a provisioning feedback mechanism which is intended to prevent the unintentional (or even intentional) over-consumption or waste of network resources via the delivery of an excessive amount of access control clients. These provisioning feedback mechanisms include rate-limiting algorithms and/or methodologies which place a cost on the user. Apparatus for implementing the aforementioned provisioning feedback mechanisms are also disclosed and include specialized user equipment and/or network side equipment such as a subscriber identity module provisioning server (SPS).
-
公开(公告)号:US20150349826A1
公开(公告)日:2015-12-03
申请号:US14720670
申请日:2015-05-22
Applicant: Apple Inc.
Inventor: Li LI , Arun G. MATHIAS
IPC: H04B1/3816
CPC classification number: H04B1/3816 , H04M2250/14 , H04W4/60 , H04W8/183 , H04W88/06
Abstract: Disclosed herein is a technique for enabling Subscriber Identity Module (SIM) toolkit commands to be properly routed within a mobile device that includes an embedded Universal Integrated Circuit Card (eUICC) configured to manage two or more electronic SIMs (eSIMs). Specifically, the technique involves a baseband component of the mobile device and the eUICC initially exchanging information about their eSIM capabilities to identify whether multiple eSIMs are active within the eUICC. During this exchange of information, the eUICC can generate a list of unique identifiers of the active eSIMs that are managed by the eUICC and provide the list of unique identifiers to the baseband component. In turn, the baseband component can update a configuration to manage the list of unique identifiers and use the list of unique identifiers to properly route SIM toolkit commands to the appropriate eSIM within the eUICC.
Abstract translation: 本文公开了一种使用户身份模块(SIM)工具包命令能够在包括被配置为管理两个或更多个电子SIM(eSIM))的嵌入式通用集成电路卡(eUICC)的移动设备内正确路由的技术。 具体来说,该技术涉及移动设备的基带组件,并且eUICC最初交换有关其eSIM能力的信息,以识别在eUICC内多个eSIM是否活动。 在这种信息交换期间,eUICC可以生成由eUICC管理的活动eSIM的唯一标识符列表,并向基带组件提供唯一标识符列表。 反过来,基带组件可以更新配置以管理唯一标识符列表,并使用唯一标识符列表将SIM工具包命令正确路由到eUICC内的适当eSIM。
-
-
-
-
-
-
-
-
-
Search Results
123
records
(took 0.025 seconds)
