公开(公告)号：US20250088841A1

公开(公告)日：2025-03-13

申请号：US18830026

申请日：2024-09-10

Applicant: Apple Inc.

Inventor： Hyewon LEE ,  Jean-Marc PADOVA ,  Xiangying YANG

IPC: H04W8/20 ,  H04W8/24

Abstract: An apparatus configured to process, based on signaling received from a source device with which a target device is engaging in an embedded subscriber identity module (eSIM) transfer process to transfer an eSIM profile to the target device, a first message comprising a source embedded identity document (EID) of the source device, generate, for transmission to the source device, a second message comprising a target EID of the target device and process, based on signaling received from the source device, a third message comprising the eSIM profile and an identification of a first state that the eSIM profile is in on the source device, wherein the eSIM profile includes an Integrated Circuit Card Identification Number (ICCID).

公开(公告)号：US20240187257A1

公开(公告)日：2024-06-06

申请号：US18439627

申请日：2024-02-12

Applicant: Apple Inc.

Inventor： Xiangying YANG

IPC: H04L9/32 ,  G06F16/955 ,  H04L9/00 ,  H04W12/00

CPC classification number: H04L9/3263 ,  G06F16/955 ,  H04L9/006 ,  H04L9/3268 ,  H04L9/3271 ,  H04W12/00

Abstract: A digital letter of approval (DLOA) is used by a subscription manager (SM) server to determine whether a device is compliant with requirements for an application to be provisioned. If the device is compliant, the application is provisioned to the device or to an embedded universal integrated circuit card (eUICC) included in the device. To increase the security of the device DLOA, the device DLOA is linked to the eUICC, in some embodiments. The linkage may be based on one or more platform label fields in the device DLOA. A database is consulted, in some embodiments, to confirm a relationship between the device and the eUICC identified in the device DLOA. In some embodiments, the eUICC signs the device DLOA and the device DLOA with eUICC signature is sent to the SM server. In some embodiments, the device provides a device signature on the DLOA independent of the eUICC.

公开(公告)号：US20220329372A1

公开(公告)日：2022-10-13

申请号：US17658367

申请日：2022-04-07

Applicant: Apple Inc.

Inventor： Hyewon LEE ,  Jean-Marc PADOVA ,  Li LI ,  Xiangying YANG

IPC: H04L5/00 ,  H04W72/04 ,  H04W8/18 ,  H04W76/15

Abstract: Techniques for managing logical channel communication for multiple electronic subscriber identity module (eSIM) profiles installed on an embedded universal integrated circuit card (eUICC), including mapping of logical channel identifier values between different logical channel labeling schemes are described herein. In a first scheme, logical channels are identified using logical channel values alone. In a second scheme, logical channels are identified using a combination of eSIM port value and channel values. An interpreter in the eUICC and/or in processing circuitry external to the eUICC can map between the logical channel labeling schemes to allow internal state machines in the eUICC and/or the processing circuitry to use the first scheme for identifying logical channels.

公开(公告)号：US20220295276A1

公开(公告)日：2022-09-15

申请号：US17634950

申请日：2019-08-18

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Jean-Marc PADOVA ,  Li LI ,  Shu GUO

IPC: H04W12/069 ,  H04L9/32 ,  H04W12/041 ,  H04W12/0431 ,  H04W8/20

Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network. In some embodiments, a third-party managed Unified Data Management (UDM) broker authenticates the mobile device based on knowledge of the eUICC certificate and provides a session key to the cellular wireless network for subsequent communication with the mobile device, upon successful authentication of the mobile device.

公开(公告)号：US20220086642A1

公开(公告)日：2022-03-17

申请号：US17455000

申请日：2021-11-15

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Shu GUO ,  Lijia ZHANG ,  Qian SUN ,  Huarui LIANG ,  Fangli XU ,  Yuqin CHEN ,  Haijing HU ,  Dawei ZHANG ,  Hao DUO ,  Lanpeng CHEN

IPC: H04W12/106 ,  H04W72/04 ,  H04L9/32 ,  H04W74/00 ,  H04W12/069 ,  H04W12/0433

Abstract: Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

公开(公告)号：US20210058774A1

公开(公告)日：2021-02-25

申请号：US17052163

申请日：2018-05-02

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Lijia ZHANG ,  Huarui LIANG ,  Dawei ZHANG

IPC: H04W12/00 ,  H04W12/08

Abstract: A device level lock policy, which applies to all smart secure platform (SSP) applications of a mobile device, is used to determine whether a particular SSP application can be activated. A tamper resistant hardware secure element (SE) includes a primary platform with a low level operating system (OS) and one or more SSP applications within one or more secondary platform bundles that include secondary platforms with high level OSs specific to the secondary platform bundles. The low level OS enforces the device level lock policy for all secondary platform bundles by verifying whether a lock policy for the SSP application is consistent with the device level lock policy. When verification succeeds, activation is allowed, and when verification fails, activation is disallowed. Subscription identifiers are not provided in unencrypted form to processing circuitry of the mobile device external to the tamper resistant hardware SE to provide subscriber identity privacy protection.

公开(公告)号：US20170338944A1

公开(公告)日：2017-11-23

申请号：US15602036

申请日：2017-05-22

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Li LI ,  Avinash NARASIMHAN ,  Jean-Marc PADOVA

IPC: H04L9/06 ,  H04L9/08 ,  H04L9/32 ,  H04W4/00 ,  H04L29/06

CPC classification number: H04L9/3297 ,  H04L9/3239 ,  H04W4/70 ,  H04W12/0023 ,  H04W12/00514 ,  H04W12/04

Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.

公开(公告)号：US20170222991A1

公开(公告)日：2017-08-03

申请号：US15418200

申请日：2017-01-27

Applicant: Apple Inc.

Inventor： Xiangying YANG

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/00

CPC classification number: H04L9/3247 ,  G09C1/00 ,  H04L9/006 ,  H04L9/0825 ,  H04L9/14 ,  H04L9/3242 ,  H04L63/061 ,  H04L63/0823 ,  H04L63/126 ,  H04L63/20 ,  H04W12/0023 ,  H04W12/04 ,  H04W12/0806 ,  H04W12/10

Abstract: Consumer/enterprise and machine-to-machine functions in wireless devices have led to a need for end user consent, security of profile data while permitting remote profile management, and mixed profile types in a shared embedded Universal Integrated Circuit Card (eUICC). User consent is provided by the device or by the eUICC parsing an incoming profile management command and triggering a user prompt on a user interface. Security of profile data while permitting operation of remote profile management commands is obtained by authentication procedures. In some embodiments, control of command influence is also obtained by providing policy control functions at the profile level. Mixed profile types are supported by creating multiple security domains within the eUICC. Authentication is performed on a public key infrastructure (PKI) basis or on a pre-shared symmetric key basis.

公开(公告)号：US20160063260A1

公开(公告)日：2016-03-03

申请号：US14815391

申请日：2015-07-31

Applicant: Apple Inc.

Inventor： Christopher B. SHARP ,  Yousuf H. VAID ,  Li LI ,  Jerrold Von HAUCK ,  Arun G. MATHIAS ,  Xiangying YANG ,  Kevin P. McLAUGHLIN

IPC: G06F21/60 ,  H04W12/08 ,  H04L29/06

CPC classification number: G06F21/604 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20 ,  H04W12/08

Abstract: A policy-based framework is described. This policy-based framework may be used to specify the privileges for logical entities to perform operations associated with an access-control element (such as an electronic Subscriber Identity Module) located within a secure element in an electronic device. Note that different logical entities may have different privileges for different operations associated with the same or different access-control elements. Moreover, the policy-based framework may specify types of credentials that are used by the logical entities during authentication, so that different types of credentials may be used for different operations and/or by different logical entities. Furthermore, the policy-based framework may specify the security protocols and security levels that are used by the logical entities during authentication, so that different security protocols and security levels may be used for different operations and/or by different logical entities.

Abstract translation: 描述了基于策略的框架。 该基于策略的框架可以用于指定逻辑实体执行与位于电子设备中的安全元件内的访问控制元素（例如电子订户身份模块）相关联的操作的权限。 注意，对于与相同或不同的访问控制元素相关联的不同操作，不同的逻辑实体可以具有不同的权限。 此外，基于策略的框架可以指定在认证期间由逻辑实体使用的凭证的类型，使得不同类型的凭证可以用于不同的操作和/或由不同的逻辑实体使用。 此外，基于策略的框架可以指定在认证期间由逻辑实体使用的安全协议和安全级别，使得不同的安全协议和安全级别可以用于不同的操作和/或不同的逻辑实体。

公开(公告)号：US20150289137A1

公开(公告)日：2015-10-08

申请号：US14738792

申请日：2015-06-12

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Jerrold VON HAUCK

IPC: H04W12/06 ,  H04B1/3816

CPC classification number: H04W12/06 ,  H04B1/3816 ,  H04M1/66

Abstract: Methods and apparatuses for providing controlled switching of electronic access control clients (e.g., electronic Subscriber Identity Modules (eSIMs)) without requiring network access are set forth herein. In one embodiment, a method for swapping of subscriptions and/or profiles for without network supervision that prevents possibly malicious high frequency switching is disclosed. For example, a secure element included in a mobile device can be configured to issue, to a security module included in the mobile device, a request for the security module to carry out an authentication of a user of the mobile device. Upon determining, based on results received from the security module, that the authentication is successful, the secure element can generate one or more credits in accordance with the results, where each credit of the one or more credits can be used to carry out an eSIM management operation within the secure element.

Abstract translation: 本文阐述了不需要网络访问来提供电子访问控制客户机（例如，电子用户识别模块（eSIM））的受控切换的方法和装置。 在一个实施例中，公开了一种用于在没有网络监督的情况下交换订阅和/或配置文件以防止可能的恶意高频切换的方法。 例如，包括在移动设备中的安全元件可以被配置为向移动设备中包括的安全模块发出对安全模块执行移动设备的用户的认证的请求。 在基于从安全模块获得的结果确定认证成功时，安全元件可以根据结果生成一个或多个信用，其中可以使用一个或多个信用的每个信用来执行eSIM 安全元素内的管理操作。