公开(公告)号：US11128478B2

公开(公告)日：2021-09-21

申请号：US16490418

申请日：2018-03-01

Applicant: Apple Inc.

Inventor： Florian Galdo ,  Arun G. Mathias ,  Matthias Lerch ,  Najeeb M. Abdulrahiman ,  Onur E. Tackin ,  Yannick Sierra

IPC: H04W12/50 ,  H04L9/32 ,  H04L9/08 ,  H04L29/06

Abstract: Techniques are disclosed relating to electronic security, e.g., for authenticating a mobile electronic device to allow access to system functionality (e.g., physical access to the system, starting an engine/motor, etc.). In some embodiments, a system and mobile device exchange public keys of public key pairs during a pairing process. In some embodiments, an asymmetric transaction process includes generating a shared secret using a key derivation function over a key established using a secure key exchange (e.g., elliptic curve Diffie-Hellman), and verifying a signature of the system before transmitting any information identifying the mobile device. In various embodiments, disclosed techniques may increase transaction security and privacy of identifying information.

公开(公告)号：US11088862B2

公开(公告)日：2021-08-10

申请号：US16816709

申请日：2020-03-12

Applicant: Apple Inc.

Inventor： Anush G. Nadathur ,  Srinivas Rama ,  Matthew C. Lucas ,  Nathan E. Carroll ,  Kevin P. McLaughlin ,  Thomas A. Dilligan ,  Arun G. Mathias

IPC: H04M11/10 ,  H04L12/28 ,  H04W4/80 ,  H04W84/18 ,  H04W88/04 ,  H04L12/26 ,  H04L29/08 ,  H04W84/20 ,  H04W4/50 ,  H04W84/12 ,  H04W84/22

Abstract: An automated environment can include multiple controller devices capable of communicating with multiple accessory devices. The controller devices can automatically elect one of their number as a coordinator device for the environment and can automatically perform a new election if an incumbent coordinator becomes unavailable or resigns. The election processes can be transparent to any users. An elected coordinator can perform various operations to facilitate management of the automated environment, including routing of communications between controllers and accessories.

公开(公告)号：US20200053056A1

公开(公告)日：2020-02-13

申请号：US16654683

申请日：2019-10-16

Applicant: Apple Inc.

Inventor： Arun G. Mathias ,  Thomas A. Dilligan ,  Matthew C. Lucas ,  Anush G. Nadathur ,  Kevin P. McLaughlin

IPC: H04L29/06 ,  H04L29/08 ,  H04L9/12 ,  H04L9/08 ,  H04L9/32

Abstract: A data transfer process can include multiple verification features usable by a “source” device to ensure that a “destination” device is authorized to receive a requested data object. The source device and destination device can communicate via a first communication channel (which can be on a wide-area network) to exchange public keys, then use the public keys to verify their identities and establish a secure session on a second communication channel (which can be a local channel). The data object can be transferred via the secure session. Prior to sending the data object, the source device can perform secondary verification operations (in addition to the key exchange) to confirm the identity of the second device and/or the locality of the connection on the second communication channel.

公开(公告)号：US20200052905A1

公开(公告)日：2020-02-13

申请号：US16490418

申请日：2018-03-01

Applicant: Apple Inc.

Inventor： Arun G. Mathias ,  Florian Galdo ,  Matthias Lerch ,  Najeeb M. Abdulrahiman ,  Onur E. Tackin ,  Yannick Sierra

IPC: H04L9/32 ,  H04L29/06 ,  H04L9/08

Abstract: Techniques are disclosed relating to electronic security, e.g., for authenticating a mobile electronic device to allow access to system functionality (e.g., physical access to the system, starting an engine/motor, etc.). In some embodiments, a system and mobile device exchange public keys of public key pairs during a pairing process. In some embodiments, an asymmetric transaction process includes generating a shared secret using a key derivation function over a key established using a secure key exchange (e.g., elliptic curve Diffie-Hellman), and verifying a signature of the system before transmitting any information identifying the mobile device. In various embodiments, disclosed techniques may increase transaction security and privacy of identifying information.

公开(公告)号：US10470016B2

公开(公告)日：2019-11-05

申请号：US16121679

申请日：2018-09-05

Applicant: Apple Inc.

Inventor： Vikram B. Yerrabommanahalli ,  Li Li ,  Arun G. Mathias ,  Najeeb M. Abdulrahiman ,  Chandiramohan Vasudevan ,  Rohan C. Malthankar ,  Francisco J. Gonzalez ,  Rafael L. Rivera-Barreto ,  Jean-Marc Padova

IPC: H04B1/38 ,  H04W4/60 ,  H04W8/20 ,  H04L29/12 ,  H04W68/00 ,  H04W8/18

Abstract: Some embodiments relate to methods for provisioning a secondary wireless device with an eSIM for wireless communication and activating multi-SIM functionality between the secondary wireless device and a primary wireless device having a subscribed SIM. The primary wireless device may act as a proxy in obtaining the eSIM for the secondary wireless device. The primary wireless device may then provide, to the cellular network, identifiers of the SIMs of the primary and secondary wireless devices. The primary wireless device may then request initiation of multi-SIM functionality for the two SIMs, and receive an indication that the multi-SIM functionality has been initiated. As an example, the multi-SIM functionality may be implemented by mapping the SIM of the primary wireless device and the SIM of the secondary wireless device (e.g., the provisioned eSIM) to the same Mobile Directory Number (MDN).

公开(公告)号：US20190320146A1

公开(公告)日：2019-10-17

申请号：US16455559

申请日：2019-06-27

Applicant: Apple Inc.

Inventor： Cyrus D. Irani ,  Kevin P. McLaughlin ,  Anush G. Nadathur ,  Arun G. Mathias ,  Vinay A. Ramaswamy ,  Christopher D. Soli ,  Patrick L. Coffman ,  Stephen O. Lemay

IPC: H04N7/18 ,  G06F3/048 ,  G07C9/00 ,  H04L12/28 ,  H04L29/08 ,  H04L29/06 ,  G08B21/18 ,  H04N5/232 ,  H04L12/26 ,  H04L12/841 ,  H04W76/11 ,  H04N5/77

Abstract: An integrated accessory control system can integrate functionality (services) of multiple disparate accessories and provide a unified user interface for interacting with the system via a controller device. An integrated accessory control system can include one accessory that can detect an event or action and send a notification to the controller device and at least one other accessory, such as an Internet Protocol (IP) camera, that can be operated in response to the notification. In response to the notification, a controller device can generate an integrated user interface for interacting with the accessories in the integrated accessory control system. The interface can include a live feed from the IP camera, which can provide a media stream responsive to instructions from the controller.

公开(公告)号：US10397001B2

公开(公告)日：2019-08-27

申请号：US15691399

申请日：2017-08-30

Applicant: Apple Inc.

Inventor： Li Li ,  Arun G. Mathias

IPC: H04L29/06 ,  H04L9/32 ,  H04M15/00 ,  H04L9/00 ,  H04L9/14 ,  H04L9/30 ,  H04W12/06 ,  H04W12/12 ,  H04W4/24 ,  H04W12/04

Abstract: A malicious party may attempt to avoid a mobile network operator (MNO) contract involved with subsidy-lock by inserting an interfering piece of hardware called a proxy SIM in a device. The device provided herein uses an authentication technique to guard against a proxy-SIM attack. The device includes a secure element (SE) with subscriber identity module (SIM) functionality present on the SE. The device sends the SE a nonce to be signed over. The SE signs using a public key infrastructure (PKI) private key of the SE and provides a response. The device evaluates whether the response contains a valid signature. If the validation is successful, the device relies on SIM data provided in the response to continue with activation of the device, so that the device can provide services under the MNO contract. If the validation fails, the device will not attempt to access network services with the SIM functionality.

公开(公告)号：US10394674B2

公开(公告)日：2019-08-27

申请号：US15684806

申请日：2017-08-23

Applicant: Apple Inc.

Inventor： Li Li ,  Arun G. Mathias

IPC: G06F11/00 ,  G06F11/20 ,  G06F9/4401 ,  G06F21/60 ,  G06F21/45 ,  G06F8/61

Abstract: A device hosting a universal integrated circuit card (UICC or eUICC) initiates an electronic subscriber identity module (eSIM) installation flow with an SIM server. The purpose of the eSIM installation flow is to perform a profile provisioning action. The device and, for example, the eUICC preserve state information related to the eSIM installation flow. The eSIM installation flow includes generation of a one-time public key at the eUICC. In some instances, the eSIM installation flow may be interrupted by an error event before successful installation of the eSIM in the eUICC. A subsequent renewed installation attempt is locally initiated and completed without assistance of the eSIM server. In some embodiments, the recovery and subsequent successful eSIM installation make use of the state information preserved during the earlier eSIM installation flow.

公开(公告)号：US20190260660A1

公开(公告)日：2019-08-22

申请号：US16405221

申请日：2019-05-07

Applicant: Apple Inc.

Inventor： Joe S. Abuan ,  Bob Bradley ,  Craig P. Dooley ,  Gregg J. Golembeski, JR. ,  Andrew W. Burks ,  Srinivas Rama ,  Arun G. Mathias ,  Anush G. Nadathur ,  Kevin P. McLaughlin

IPC: H04L12/26 ,  H04W12/00 ,  G06F11/30 ,  H04L29/06 ,  H04W4/70 ,  G06F21/44 ,  H04L9/32 ,  H04L9/08 ,  H04L9/00 ,  H04W12/04 ,  H04L29/08

Abstract: A uniform protocol can facilitate secure, authenticated communication between a controller device and an accessory device that is controlled by the controller. An accessory and a controller can establish a pairing, the existence of which can be verified at a later time and used to create a secure communication session. The accessory can provide an accessory definition record that defines the accessory as a collection of services, each service having one or more characteristics. Within a secure communication session, the controller can interrogate the characteristics to determine accessory state and/or modify the characteristics to instruct the accessory to change its state.

公开(公告)号：US10389987B2

公开(公告)日：2019-08-20

申请号：US15275266

申请日：2016-09-23

Applicant: Apple Inc.

Inventor： Cyrus D. Irani ,  Kevin P. McLaughlin ,  Anush G. Nadathur ,  Arun G. Mathias ,  Vinay A. Ramaswamy ,  Christopher D. Soli ,  Patrick L. Coffman ,  Stephen O. Lemay

IPC: H04N7/18 ,  G07C9/00 ,  G08B21/18 ,  H04N5/232 ,  H04N5/77 ,  H04W76/11 ,  H04L12/28 ,  G06F3/048 ,  G05B19/042 ,  H04L12/26 ,  H04L12/841 ,  H04L29/06 ,  H04L29/08

Abstract: An integrated accessory control system can integrate functionality (services) of multiple disparate accessories and provide a unified user interface for interacting with the system via a controller device. An integrated accessory control system can include one accessory that can detect an event or action and send a notification to the controller device and at least one other accessory, such as an IP camera, that can be operated in response to the notification. In response to the notification, a controller device can generate an integrated user interface for interacting with the accessories in the integrated accessory control system. The interface can include a live feed from the IP camera, which can provide a media stream responsive to instructions from the controller.