公开(公告)号：US20210400466A1

公开(公告)日：2021-12-23

申请号：US17352201

申请日：2021-06-18

申请人： Apple Inc.

发明人： Raj S. CHAUGULE ,  Can XIONG ,  Li LI ,  Zexing SHI

IPC分类号： H04W8/20 ,  H04W60/04 ,  H04W88/02 ,  H04W88/18 ,  H04W48/12

摘要： This Application sets forth techniques for cloud-based cellular service management for a set of associated mobile wireless devices, including maintenance of information for one or more subscriber identity modules (SIMS) and/or electronic SIMs (eSIMs) used by the set of mobile wireless devices.

公开(公告)号：US20210258794A1

公开(公告)日：2021-08-19

申请号：US17176167

申请日：2021-02-15

申请人： Apple Inc.

发明人： Sherman X. JIN ,  Raj S. CHAUGULE ,  Anish Kumar GOYAL ,  Li LI ,  Rafael L. RIVERA-BARRETO ,  Samy TOUATI ,  Rohan C. MALTHANKAR

IPC分类号： H04W12/43 ,  H04W76/14 ,  H04L29/06 ,  H04W8/20 ,  H04W12/42 ,  H04W12/50 ,  H04W12/069

摘要： Embodiments described herein relate to transfer of credentials between two mobile wireless devices that are within proximity of each other, via a secure local connection, or via a network-based cloud service, where the two mobile wireless devices are not in proximity to each other. Transfer of credentials can include communication between a source device, a target device, and/or one more network-based servers, which can include mobile network operator (MNO) managed servers, such as an entitlement server, a web-sheet server, an authentication server, a provisioning server, a subscription management data preparation (SM-DP+) server, a home subscriber server (HSS), and/or an authentication server, as well as third-party managed servers, such as a cloud service server and/or an identification services server. Authentication can be based at least in part on one or more tokens and/or a trust flag obtained by the source device and provided to the target device.

公开(公告)号：US20210092603A1

公开(公告)日：2021-03-25

申请号：US17054148

申请日：2018-05-11

申请人： Apple Inc.

发明人： Xiangying YANG ,  Huarui LIANG ,  Lijia ZHANG ,  Shu GUO ,  Haijing HU ,  Fangli XU ,  Yuqin CHEN ,  Dawei ZHANG ,  Li LI

IPC分类号： H04W12/06 ,  H04L9/08 ,  H04L9/16 ,  H04L9/32 ,  H04W12/02 ,  H04W12/00 ,  H04W12/04 ,  H04W12/12

摘要： Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key KFB or trusted asymmetric fallback public key PKFB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCIFB for communication of messages with the unauthenticated network entity.

公开(公告)号：US20210076195A1

公开(公告)日：2021-03-11

申请号：US16997898

申请日：2020-08-19

申请人： Apple Inc.

发明人： Raj S. CHAUGULE ,  Anish Kumar GOYAL ,  Elliot S. BRIGGS ,  Li LI ,  Zexing SHI

IPC分类号： H04W8/20

摘要： This Application describes mechanisms to transfer cellular service plans and associated credentials efficiently between wireless devices. Information regarding transferability of cellular services for SIMs/eSIMs to a wireless device are obtained from locally stored or remotely accessible cellular service information and/or associated mobile network operator (MNO) information. Access to network-based servers to determine transferability and/or to effect transfer can use non-cellular connections when available. Transferability information can be presented to a user to narrow selection of cellular service plans to transfer.

公开(公告)号：US20200177450A1

公开(公告)日：2020-06-04

申请号：US16780621

申请日：2020-02-03

申请人： Apple Inc.

发明人： Li LI ,  Yousuf H. VAID ,  Christopher B. SHARP ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Jerrold Von HAUCK

IPC分类号： H04L12/24 ,  H04W12/06 ,  H04W8/20 ,  H04L29/06 ,  H04W8/18 ,  H04B1/3827 ,  H04B1/3816

摘要： Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.

公开(公告)号：US20180295511A1

公开(公告)日：2018-10-11

申请号：US15944738

申请日：2018-04-03

申请人： Apple Inc.

发明人： Xiangying YANG ,  Li LI ,  Jerrold Von HAUCK

IPC分类号： H04W12/06 ,  H04L9/32 ,  H04W4/60 ,  G06F21/32 ,  H04W12/08 ,  H04W4/50

CPC分类号： H04W12/06 ,  G06F21/32 ,  H04L9/3231 ,  H04L9/3271 ,  H04L2209/80 ,  H04W4/50 ,  H04W4/60 ,  H04W12/08

摘要： The embodiments set forth techniques for an embedded Universal Integrated Circuit Card (eUICC) to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication. The eUICC receives a request to perform a management operation in association with an eSIM. In response, the eUICC determines whether a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation. Next, the eUICC causes the mobile device to prompt a user of the mobile device to carry out the human-based authentication. The management operation is then performed or ignored in accordance with results of the human-based authentication.

公开(公告)号：US20180278604A1

公开(公告)日：2018-09-27

申请号：US15936331

申请日：2018-03-26

申请人： Apple Inc.

发明人： Xiangying YANG ,  Li LI ,  Jerrold Von HAUCK

IPC分类号： H04L29/06 ,  H04W12/06 ,  H04W12/04

CPC分类号： H04L63/0853 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/065 ,  H04L63/068 ,  H04L63/105 ,  H04W12/04 ,  H04W12/06 ,  H05K999/99

摘要： A method for establishing a secure communication channel between an off-card entity and an embedded Universal Integrated Circuit Card (eUICC) is provided. The method involves establishing symmetric keys that are ephemeral in scope. Specifically, an off-card entity, and each eUICC in a set of eUICCs managed by the off-card entity, possess long-term Public Key Infrastructure (PKI) information. When a secure communication channel is to be established between the off-card entity and an eUICC, the eUICC and the off-card entity can authenticate one another in accordance with the respectively-possessed PKI information (e.g., verifying public keys). After authentication, the off-card entity and the eUICC establish a shared session-based symmetric key for implementing the secure communication channel. Specifically, the shared session-based symmetric key is generated according to whether perfect or half forward security is desired. Once the shared session-based symmetric key is established, the off-card entity and the eUICC can securely communicate information.

公开(公告)号：US20170338962A1

公开(公告)日：2017-11-23

申请号：US15598232

申请日：2017-05-17

申请人： Apple Inc.

发明人： Li LI ,  Clark P. MUELLER ,  Avinash NARASIMHAN ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN ,  Jean-Marc PADOVA

IPC分类号： H04L9/32 ,  H04W36/00 ,  H04W12/04 ,  H04L9/14 ,  H04L29/08 ,  H04L9/00 ,  H04L29/06 ,  H04L9/30 ,  H04W76/02 ,  H04W8/18

摘要： Embodiments provided herein determine if an electronic subscriber identity module (eSIM) associated with a requested service can be installed in a secure element (SE) housed in a wireless device. Before requesting deployment of an eSIM suitable for the requested service from an eSIM delivery server, a carrier server asks that an original equipment manufacturer (OEM) server validate that an eSIM corresponding to a customer request should be deployed. The OEM server obtains information about the wireless device and information about the SE. When the carrier server requests validation, the OEM server evaluates the wireless device information and/or the SE information. If the OEM server indicates that deployment of the eSIM should proceed, the OEM server also indicates the eSIM type that is compatible with the wireless device and with the SE housed in the device.

公开(公告)号：US20170104750A1

公开(公告)日：2017-04-13

申请号：US15287614

申请日：2016-10-06

申请人： Apple Inc.

发明人： Li LI ,  Arun G. MATHIAS

IPC分类号： H04L29/06

CPC分类号： H04L63/0853 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/062 ,  H04W12/04 ,  H04W12/06

摘要： Methods are provided for instantiating multiple electronic subscriber identity modules (eSIMs) to an electronic universal integrated circuit card (eUICC) using a manufacturer-installed data binary large object (data blob). An eSIM package including the data blob in encrypted form is securely installed in the eUICC in a manufacturing environment. A key encryption key (KEK) associated with the eSIM package is separately provided to an original equipment manufacturer (OEM) wireless device factory. The OEM wireless device factory provides the KEK to the eUICC within a given wireless device. The eUICC uses the KEK to decrypt the eSIM package and provide the data blob. The eUICC can receive a request to instantiate a first eSIM. The eUICC can instantiate the first eSIM using data from the data blob. A user can then access network services using the wireless device. Subsequently, a second eSIM can be instantiated by the eUICC using the data blob.

公开(公告)号：US20160352377A1

公开(公告)日：2016-12-01

申请号：US15236303

申请日：2016-08-12

申请人： Apple Inc.

发明人： Li LI ,  Arun G. MATHIAS

IPC分类号： H04B1/3816 ,  H04W4/00 ,  H04W8/18

CPC分类号： H04B1/3816 ,  H04M2250/14 ,  H04W4/60 ,  H04W8/183 ,  H04W88/06

摘要： Disclosed herein is a technique for enabling Subscriber Identity Module (SIM) toolkit commands to be properly routed within a mobile device that includes an embedded Universal Integrated Circuit Card (eUICC) configured to manage two or more electronic SIMs (eSIMs). Specifically, the technique involves a baseband component of the mobile device and the eUICC initially exchanging information about their eSIM capabilities to identify whether multiple eSIMs are active within the eUICC. During this exchange of information, the eUICC can generate a list of unique identifiers of the active eSIMs that are managed by the eUICC and provide the list of unique identifiers to the baseband component. In turn, the baseband component can update a configuration to manage the list of unique identifiers and use the list of unique identifiers to properly route SIM toolkit commands to the appropriate eSIM within the eUICC.