公开(公告)号：US20140099925A1

公开(公告)日：2014-04-10

申请号：US14049185

申请日：2013-10-08

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  Arun G. MATHIAS ,  Jerrold VON HAUCK ,  David T. HAGGERTY ,  Kevin McLAUGHLIN ,  Ben-Heng JUANG ,  Li LI

IPC: H04W12/06

CPC classification number: H04W12/06 ,  G06F21/45 ,  G06F21/57 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/20 ,  H04L67/34 ,  H04W4/50 ,  H04W4/60 ,  H04W8/205 ,  H04W12/04 ,  H04W12/08

Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.

Abstract translation: 能够对无线装置的电子识别信息进行编程的方法和装置。 在一个实施例中，先前购买或部署的无线设备由蜂窝网络激活。 无线设备使用访问模块连接到蜂窝网络，以下载操作系统组件和/或访问控制客户端组件。 所描述的方法和装置能够更新，添加和替换各种组件，包括电子订户身份模块（eSIM）数据，OS组件。 本发明的一个示例性实施方式利用设备和蜂窝网络之间的可信密钥交换来维护安全性。

公开(公告)号：US20190327609A1

公开(公告)日：2019-10-24

申请号：US16443473

申请日：2019-06-17

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W8/26 ,  H04W12/00 ,  H04W4/50 ,  H04W4/60

Abstract: Methods and apparatus for activating a purchased or previously deployed device by a subscriber. In one embodiment, activation includes authenticating the device to a service provider or carrier, and providing the device with data necessary for enabling the service to the device. In one variant, a user device is activated at a retail store, with the assistance of a carrier representative. In another variant, user equipment is activated via a communications network without the assistance of a representative. In yet another variant, the user equipment is activated via the Internet without the assistance of a representative. The provision of access data includes pre-assigning eSIM from a population of unassigned eSIMs to certain devices for various carrier networks. Alternatively, the eSIM may be assigned on an as-needed basis. Unassigned and/or unused eSIMs can be released (or sold back to the vendor) and/or reused. Solutions for eSIM backup and restoration are also described.

公开(公告)号：US20190074983A1

公开(公告)日：2019-03-07

申请号：US16117642

申请日：2018-08-30

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Avinash NARASIMHAN ,  Li LI ,  David I. AHN ,  Jean-Marc PADOVA ,  Clark P. MUELLER ,  David T. HAGGERTY

IPC: H04L9/32 ,  H04L9/30

Abstract: Embodiments provided herein identify a certificate issuer (CI) to be relied on as a trusted third party by an electronic subscriber identity module (eSIM) server in remote SIM provisioning (RSP) transactions with an embedded universal integrated circuit card (eUICC). In an RSP ecosystem, multiple CIs may exist. Parties rely on public key infrastructure (PKI) techniques for establishment of trust. Trust may be established based on a trusted third party such as a CI. Parties need to agree on the CI in order for some PKI techniques to be useful. Embodiments provided herein describe approaches for an eUICC and an eSIM server to arrive at an agreed-on CI. Candidate or negotiated CIs may be indicated on a public key identifier (PKID) list. A PKID list is distributed, in some embodiments, by means of a discovery server, via an activation code (AC) and/or during the establishment of a profile provisioning session.

公开(公告)号：US20180249333A1

公开(公告)日：2018-08-30

申请号：US15876875

申请日：2018-01-22

Applicant: Apple Inc.

Inventor： Li LI ,  Xiangying YANG ,  Jerrold Von HAUCK ,  Christopher B. SHARP ,  Yousuf H. VAID ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN

IPC: H04W12/06 ,  H04L29/06 ,  H04L12/24

CPC classification number: H04W12/06 ,  H04L41/28 ,  H04L63/083 ,  H04L63/0838 ,  H04L63/0853 ,  H04W12/00514

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US20180249332A1

公开(公告)日：2018-08-30

申请号：US15873856

申请日：2018-01-17

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  Arun G. MATHIAS ,  Jerrold Von HAUCK ,  David T. HAGGERTY ,  Kevin McLAUGHLIN ,  Ben-Heng JUANG ,  Li LI

IPC: H04W12/06 ,  H04W12/08 ,  H04W12/04 ,  H04W8/20 ,  H04L29/06 ,  H04W4/50 ,  G06F21/57 ,  G06F21/45 ,  H04W4/60 ,  H04L29/08

CPC classification number: H04W12/06 ,  G06F21/45 ,  G06F21/57 ,  H04L63/08 ,  H04L63/0853 ,  H04L63/123 ,  H04L63/20 ,  H04L67/34 ,  H04W4/50 ,  H04W4/60 ,  H04W8/205 ,  H04W12/04 ,  H04W12/08

Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.

公开(公告)号：US20180063697A1

公开(公告)日：2018-03-01

申请号：US15253783

申请日：2016-08-31

Applicant: Apple Inc.

Inventor： Li LI ,  Clark P. MUELLER ,  Avinash NARASIMHAN ,  Arun G. MATHIAS ,  Najeeb M. ABDULRAHIMAN ,  David T. HAGGERTY

IPC: H04W8/18 ,  H04L29/06 ,  H04W12/10

CPC classification number: H04W8/183 ,  G06F21/575 ,  G06F21/72 ,  H04L63/123 ,  H04W4/50 ,  H04W4/60 ,  H04W8/245 ,  H04W12/10

Abstract: Representative embodiments described herein set forth techniques for provisioning bootstrap electronic Subscriber Identity Modules (eSIMs) to mobile devices. According to some embodiments, a mobile device can be configured to issue, to an eSIM selection server, a bootstrap eSIM request that includes (i) metadata associated with the mobile device, and (ii) metadata associated with an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device. In turn, the eSIM selection server selects and binds a particular bootstrap eSIM to the mobile device, and provides information to the mobile device that enables the mobile device to obtain the particular bootstrap eSIM from one or more eSIM servers. When the mobile device obtains the particular bootstrap eSIM, the mobile device can interface with a mobile network operator (MNO) and obtain a complete eSIM that enables the mobile device to access services provided by the MNO.

公开(公告)号：US20180027480A1

公开(公告)日：2018-01-25

申请号：US15649283

申请日：2017-07-13

Applicant: Apple Inc.

Inventor： Avinash NARASIMHAN ,  Devin B. COLLIER ,  Clark P. MUELLER ,  David T. HAGGERTY

IPC: H04W48/08 ,  H04W4/00 ,  H04W8/18 ,  H04W12/06

CPC classification number: H04W48/08 ,  H04B1/3816 ,  H04L41/0806 ,  H04L63/0869 ,  H04W4/60 ,  H04W8/02 ,  H04W8/183 ,  H04W12/04 ,  H04W12/06 ,  H04W74/08

Abstract: A pool of devices is initially associated under a single product type identifier, for example, a single stock keeping unit (SKU) identifier. Each device is associated with a secure element (SE), for example, an embedded universal integrated circuit card (eUICC). A wireless telecommunications carrier purchases a subset of the devices from the owner of the pool of devices. A policy management server receives a shipment record and associates the subset of devices with a product identifier and with a carrier-specific activation policy. The policy management server sends an electronic subscriber identity module (eSIM) reservation request to a policy evaluation server, which contacts an eSIM delivery server associated with the purchasing carrier. The eSIM delivery server reserves eSIMs for the purchased devices. When an end user buys one of the devices from the subset, the purchased device is provisioned by the eSIM delivery server with the eSIM reserved for that device.

公开(公告)号：US20180014184A1

公开(公告)日：2018-01-11

申请号：US15656988

申请日：2017-07-21

Applicant: Apple Inc.

Inventor： Stephan V. SCHELL ,  David T. HAGGERTY

IPC: H04W8/26 ,  H04W4/00 ,  H04W12/04

CPC classification number: H04W8/265 ,  H04W4/50 ,  H04W4/60 ,  H04W12/04

Abstract: Methods and apparatus for activating a purchased or previously deployed device by a subscriber. In one embodiment, activation includes authenticating the device to a service provider or carrier, and providing the device with data necessary for enabling the service to the device. In one variant, a user device is activated at a retail store, with the assistance of a carrier representative. In another variant, user equipment is activated via a communications network without the assistance of a representative. In yet another variant, the user equipment is activated via the Internet without the assistance of a representative. The provision of access data includes pre-assigning eSIM from a population of unassigned eSIMs to certain devices for various carrier networks. Alternatively, the eSIM may be assigned on an as-needed basis. Unassigned and/or unused eSIMs can be released (or sold back to the vendor) and/or reused. Solutions for eSIM backup and restoration are also described.

公开(公告)号：US20170278097A1

公开(公告)日：2017-09-28

申请号：US15482478

申请日：2017-04-07

Applicant: Apple Inc.

Inventor： David T. HAGGERTY ,  Ahmer A. KHAN ,  Christopher B. SHARP ,  Jerrold Von HAUCK ,  Joakim LINDE ,  Kevin P. MCLAUGHLIN ,  Mehdi ZIAT ,  Yousuf H. VAID

IPC: G06Q20/36 ,  G06Q20/38 ,  G06Q20/34 ,  G06Q20/12 ,  G06Q20/32

CPC classification number: G06Q20/36 ,  G06Q20/1235 ,  G06Q20/3227 ,  G06Q20/3552 ,  G06Q20/382

Abstract: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).

公开(公告)号：US20140298018A1

公开(公告)日：2014-10-02

申请号：US14257971

申请日：2014-04-21

Applicant: Apple Inc.

Inventor： David T. HAGGERTY ,  Jerrold Von HAUCK ,  Kevin McLAUGHLIN

IPC: H04L29/06 ,  H04L9/30

CPC classification number: H04L63/10 ,  H04L9/30 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/0853 ,  H04L2209/24 ,  H04W4/02 ,  H04W4/60 ,  H04W8/265 ,  H04W12/02 ,  H04W12/06

Abstract: Apparatus and methods for efficiently distributing and storing access control clients within a network. In one embodiment, the access clients include electronic Subscriber Identity Modules (eSIMs), and an eSIM distribution network infrastructure is described which enforces eSIM uniqueness and conservation, distributes network traffic to prevent “bottle necking” congestion, and provides reasonable disaster recovery capabilities. In one variant, eSIMs are securely stored at electronic Universal Integrated Circuit Card (eUICC) appliances which ensure eSIM uniqueness and conservation. Access to the eUICC appliances is made via multiple eSIM depots, which ensure that network load is distributed. Persistent storage is additionally described, for among other activities, archiving and backup.

Abstract translation: 用于在网络内高效地分发和存储访问控制客户端的装置和方法。 在一个实施例中，访问客户端包括电子订户身份模块（eSIM），并且描述了实施eSIM​​唯一性和保存的eSIM分发网络基础设施，分发网络流量以防止“瓶颈缩小”拥塞，并提供合理的灾难恢复能力。 在一个变体中，eSIM被安全地存储在电子通用集成电路卡（eUICC）设备中，确保eSIM的独特性和保存性。 通过多个eSIM仓库访问eUICC设备，确保网络负载分布。 另外描述了持久存储，用于其他活动中的归档和备份。