公开(公告)号：US20250030514A1

公开(公告)日：2025-01-23

申请号：US18906801

申请日：2024-10-04

Applicant: Apple Inc.

Inventor： Hyewon LEE ,  Jean-Marc PADOVA ,  Li LI ,  Xiangying YANG

IPC: H04L5/00 ,  H04W8/18 ,  H04W72/0453 ,  H04W76/15

Abstract: Techniques for managing logical channel communication for multiple electronic subscriber identity module (eSIM) profiles installed on an embedded universal integrated circuit card (eUICC), including mapping of logical channel identifier values between different logical channel labeling schemes are described herein. In a first scheme, logical channels are identified using logical channel values alone. In a second scheme, logical channels are identified using a combination of eSIM port value and channel values. An interpreter in the eUICC and/or in processing circuitry external to the eUICC can map between the logical channel labeling schemes to allow internal state machines in the eUICC and/or the processing circuitry to use the first scheme for identifying logical channels.

公开(公告)号：US20220312206A1

公开(公告)日：2022-09-29

申请号：US17593499

申请日：2020-08-06

Applicant: Apple Inc.

Inventor： Shu GOU ,  Dawei ZHANG ,  Fangli XU ,  Haijing HU ,  Huarui LIANG ,  Mona AGNEL ,  Ralf ROSSBACH ,  Sudeep Manithara VAMANAN ,  Xiangying YANG ,  Yuqin CHEN

IPC: H04W12/06 ,  H04W60/00

Abstract: A network may authenticate a user equipment (UE) to access an edge data network. The network generates a first credential based on a second credential, the second credential generated for a procedure between the UE and a cellular network corresponding to the network component, receives an identifier associated with the first credential from a further network component in response to the UE transmitting an application registration request to a server associated with an edge data network and retrieves the first credential based on the identifier. The network also receives a multi-access edge computing (MEC) authorization parameter, verifies the MEC authorization parameter and transmits an authentication verification response to a second network component.

公开(公告)号：US20210021433A1

公开(公告)日：2021-01-21

申请号：US17063670

申请日：2020-10-05

Applicant: Apple Inc.

Inventor： Xiangying YANG

IPC: H04L9/32 ,  H04L9/00 ,  G06F16/955 ,  H04W12/00

Abstract: A digital letter of approval (DLOA) is used by a subscription manager (SM) server to determine whether a device is compliant with requirements for an application to be provisioned. If the device is compliant, the application is provisioned to the device or to an embedded universal integrated circuit card (eUICC) included in the device. To increase the security of the device DLOA, the device DLOA is linked to the eUICC, in some embodiments. The linkage may be based on one or more platform label fields in the device DLOA. A database is consulted, in some embodiments, to confirm a relationship between the device and the eUICC identified in the device DLOA. In some embodiments, the eUICC signs the device DLOA and the device DLOA with eUICC signature is sent to the SM server. In some embodiments, the device provides a device signature on the DLOA independent of the eUICC.

公开(公告)号：US20200178070A1

公开(公告)日：2020-06-04

申请号：US16691312

申请日：2019-11-21

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Anish Kumar GOYAL ,  Chandiramohan VASUDEVAN ,  Vikram Bhaskara YERRABOMMANAHALLI ,  Raj S. CHAUGULE ,  Li LI

IPC: H04W12/00 ,  H04W8/24

Abstract: This application sets forth techniques for provisioning electronic subscriber identity modules (eSIMs) to mobile wireless devices that do not include functional bootstrap provisioning profiles to obtain access to a cellular wireless network. Connectivity to a cellular wireless network can be allowed for provisioning one or more eSIMs to a mobile wireless device using hardware device identifiers for authentication and a limited purpose provisioning connection when the cellular wireless network supports provisioning connections without the use of a provisioning profile for access.

公开(公告)号：US20190387402A1

公开(公告)日：2019-12-19

申请号：US16557770

申请日：2019-08-30

Applicant: Apple Inc.

Inventor： Li LI ,  Xiangying YANG ,  Jerrold Von HAUCK ,  Christopher B. SHARP ,  Yousuf H. VAID ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Najeeb M. ABDULRAHIMAN

IPC: H04W12/06 ,  H04L12/24 ,  H04L29/06

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

公开(公告)号：US20190297490A1

公开(公告)日：2019-09-26

申请号：US16252119

申请日：2019-01-18

Applicant: Apple Inc.

Inventor： Xiangying YANG

IPC: H04W8/24 ,  G06F3/06 ,  H04W8/20

Abstract: Methods and apparatus for dynamic file system management of an embedded Universal Integrated Circuit Card (eUICC) in response to changes for electronic Subscriber Identity Modules (eSIMs) on the eUICC are disclosed herein. Hardware specific file information, e.g., hardware-based eUICC parameters, which may apply to multiple eSIMs and/or multiple Mobile Network Operators (MNOs), is included in a default eUICC file system. MNO specific information, e.g., MNO-specified parameters, is included in eSIMs. Customized eUICC level files are created, stored, modified and/or replaced based on a combination of default eUICC files and MNO specific information extracted from an eSIM at installation and/or in response to a change of state of the eSIM, such as when enabling, disabling, or updating the eSIM on the eUICC.

公开(公告)号：US20190090129A1

公开(公告)日：2019-03-21

申请号：US16102189

申请日：2018-08-13

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Li LI ,  Arun G. MATHIAS

IPC: H04W12/02 ,  H04W4/50

CPC classification number: H04W12/02 ,  H04W4/50 ,  H04W12/0023 ,  H04W12/00401 ,  H04W12/0806

Abstract: Methods and apparatus for managing processing of electronic Subscriber Identity Modules (eSIM) data at a mobile device are disclosed. An eSIM management entity of an embedded Universal Integrated Circuit Card (eUICC) in the mobile device obtains an encrypted eSIM package, decrypts the eSIM package to obtain eSIM contents formatted generically and not specifically tailored to requirements of the eUICC. In some embodiments, the eSIM contents are formatted based on an abstract syntax notation (ASN) distinguished encoding rules (DER) format. The eSIM management entity parses the formatted eSIM contents to retrieve individual eSIM components and installs each eSIM component for the eSIM in an eSIM security domain on the eUICC. In some embodiments, the eSIM management entity acts as a local, personalization server to provide local Trusted Service Manager (TSM) server functionality for eSIM installation that transforms “generically formatted” eSIM contents into eSIM components that match specific requirements of the eUICC.

公开(公告)号：US20170289142A1

公开(公告)日：2017-10-05

申请号：US15630710

申请日：2017-06-22

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Li LI ,  Jerrold Von HAUCK

IPC: H04L29/06

CPC classification number: H04L63/0853 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/065 ,  H04L63/068 ,  H04L63/105 ,  H04W12/04 ,  H04W12/06

Abstract: A method for establishing a secure communication channel between an off-card entity and an embedded Universal Integrated Circuit Card (eUICC) is provided. The method involves establishing symmetric keys that are ephemeral in scope. Specifically, an off-card entity, and each eUICC in a set of eUICCs managed by the off-card entity, possess long-term Public Key Infrastructure (PKI) information. When a secure communication channel is to be established between the off-card entity and an eUICC, the eUICC and the off-card entity can authenticate one another in accordance with the respectively-possessed PKI information (e.g., verifying public keys). After authentication, the off-card entity and the eUICC establish a shared session-based symmetric key for implementing the secure communication channel. Specifically, the shared session-based symmetric key is generated according to whether perfect or half forward security is desired. Once the shared session-based symmetric key is established, the off-card entity and the eUICC can securely communicate information.

公开(公告)号：US20170078870A1

公开(公告)日：2017-03-16

申请号：US15362732

申请日：2016-11-28

Applicant: Apple Inc.

Inventor： Li LI ,  Xiangying YANG

IPC: H04W8/18 ,  G06F12/02 ,  G06F3/06 ,  H04W8/20

CPC classification number: H04W8/183 ,  G06F3/0622 ,  G06F3/0637 ,  G06F3/0665 ,  G06F3/0673 ,  G06F12/0223 ,  G06F2212/1052 ,  G06F2212/177 ,  H04W8/205

Abstract: Disclosed herein are various techniques for preventing or at least partially securing parameters—e.g., Type parameters—of electronic Subscriber Identity Modules (eSIMs) stored within an embedded Universal Integrated Circuit Card (eUICC) from being inappropriately modified by mobile network operators (MNOs). One embodiment sets forth a technique that involves modifying file access properties of the Type parameters of eSIMs to make the Type parameters readable, but not updatable by the MNOs. Another embodiment sets forth a technique that involves implementing eSIM logical containers that separate the Type parameters from the eSIM data within the eUICC, such that the Type parameters are inaccessible to the MNOs. Yet another embodiment sets forth a technique that involves implementing an Operating System (OS)-based registry that is inaccessible to the MNOs and manages Type parameters for the eSIMs that are stored by the eUICC.

Abstract translation: 本文公开了用于防止或至少部分地保护存储在嵌入式通用集成电路卡（eUICC）中的电子用户识别模块（eSIM）的参数的类型参数的各种技术不被移动网络运营商（MNO）的不当修改。 一个实施例提出了一种技术，其涉及修改eSIM的Type参数的文件访问属性，以使类型参数可读，但不能由MNO更新。 另一个实施例提出了一种技术，其涉及实现将Type参数与eUICC内的eSIM数据分开的eSIM逻辑容器，使得MNO不能访问Type参数。 另一个实施例提出了一种技术，其涉及实现MNO不可访问的基于操作系统（OS）的注册表，并管理由eUICC存储的eSIM的类型参数。

公开(公告)号：US20160302070A1

公开(公告)日：2016-10-13

申请号：US15093595

申请日：2016-04-07

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Li LI ,  Arun G. MATHIAS

IPC: H04W12/08

CPC classification number: H04W12/02 ,  H04W4/50

Abstract: Methods and apparatus for managing processing of electronic Subscriber Identity Modules (eSIM) data at a mobile device are disclosed. An eSIM management entity of an embedded Universal Integrated Circuit Card (eUICC) in the mobile device obtains an encrypted eSIM package, decrypts the eSIM package to obtain eSIM contents formatted generically and not specifically tailored to requirements of the eUICC. In some embodiments, the eSIM contents are formatted based on an abstract syntax notation (ASN) distinguished encoding rules (DER) format. The eSIM management entity parses the formatted eSIM contents to retrieve individual eSIM components and installs each eSIM component for the eSIM in an eSIM security domain on the eUICC. In some embodiments, the eSIM management entity acts as a local, personalization server to provide local Trusted Service Manager (TSM) server functionality for eSIM installation that transforms “generically formatted” eSIM contents into eSIM components that match specific requirements of the eUICC.

Abstract translation: 公开了在移动设备处理电子用户识别模块（eSIM）数据处理的方法和装置。 移动设备嵌入式通用集成电路卡（eUICC）的eSIM管理实体获取加密的eSIM包，解密eSIM包，获取一般格式的eSIM内容，而不是专门针对eUICC的要求。 在一些实施例中，基于抽象语法符号（ASN）区分编码规则（DER）格式来格式化eSIM内容。 eSIM管理实体解析格式化的eSIM内容，检索单个eSIM组件，并将eSIM的每个eSIM组件安装在eUICC的eSIM安全域中。 在一些实施例中，eSIM管理实体充当本地个性化服务器，为eSIM安装提供本地可信服务管理器（TSM）服务器功能，将“一般格式化”的eSIM内容转换为符合eUICC特定要求的eSIM组件。