-
公开(公告)号:US20160063260A1
公开(公告)日:2016-03-03
申请号:US14815391
申请日:2015-07-31
申请人: Apple Inc.
发明人: Christopher B. SHARP , Yousuf H. VAID , Li LI , Jerrold Von HAUCK , Arun G. MATHIAS , Xiangying YANG , Kevin P. McLAUGHLIN
CPC分类号: G06F21/604 , H04L63/102 , H04L63/105 , H04L63/20 , H04W12/08
摘要: A policy-based framework is described. This policy-based framework may be used to specify the privileges for logical entities to perform operations associated with an access-control element (such as an electronic Subscriber Identity Module) located within a secure element in an electronic device. Note that different logical entities may have different privileges for different operations associated with the same or different access-control elements. Moreover, the policy-based framework may specify types of credentials that are used by the logical entities during authentication, so that different types of credentials may be used for different operations and/or by different logical entities. Furthermore, the policy-based framework may specify the security protocols and security levels that are used by the logical entities during authentication, so that different security protocols and security levels may be used for different operations and/or by different logical entities.
摘要翻译: 描述了基于策略的框架。 该基于策略的框架可以用于指定逻辑实体执行与位于电子设备中的安全元件内的访问控制元素(例如电子订户身份模块)相关联的操作的权限。 注意,对于与相同或不同的访问控制元素相关联的不同操作,不同的逻辑实体可以具有不同的权限。 此外,基于策略的框架可以指定在认证期间由逻辑实体使用的凭证的类型,使得不同类型的凭证可以用于不同的操作和/或由不同的逻辑实体使用。 此外,基于策略的框架可以指定在认证期间由逻辑实体使用的安全协议和安全级别,使得不同的安全协议和安全级别可以用于不同的操作和/或不同的逻辑实体。
-
公开(公告)号:US20230008793A1
公开(公告)日:2023-01-12
申请号:US17876507
申请日:2022-07-28
申请人: Apple Inc.
摘要: Systems, methods, and computer-readable media for managing secure transactions between electronic devices and service providers. In one embodiment, an administration entity system may receive device order data from an electronic device, wherein the received device order data is indicative of an order for an item of value of a service provider system to be stored on the electronic device, transmit administration order data to the service provider system based on the received device order data, wherein the administration order data is indicative of the order for the item of value, receive service provider fulfillment data from the service provider system based on the transmitted administration order data, wherein the service provider fulfillment data includes the item of value, and transmit administration fulfillment data to the electronic device based on the received service provider fulfillment data, wherein the administration fulfillment data includes the item of value.
-
公开(公告)号:US20220222636A1
公开(公告)日:2022-07-14
申请号:US17707924
申请日:2022-03-29
申请人: Apple Inc.
发明人: Matthew C. BYINGTON , Yousuf H. VAID , Jenna YI , Christopher SHARP , Richard William Thomas HEARD
摘要: A device implementing a user configurable direct transfer system may include at least one processor configured to receive, from an electronic device associated with a user account, a request to establish a type of transfer between a first account associated with an entity and a second account associated with the user account, the request including an entity identifier and a transfer type identifier. The at least one processor may be further configured to generate a transfer alias that is stored in association with the entity identifier, a second account identifier, and the transfer type identifier, and provide the transfer alias to the electronic device and a server associated with the entity to facilitate the type of transfer between the first account associated with the entity and the second account associated with the user account.
-
公开(公告)号:US20200177450A1
公开(公告)日:2020-06-04
申请号:US16780621
申请日:2020-02-03
申请人: Apple Inc.
发明人: Li LI , Yousuf H. VAID , Christopher B. SHARP , Arun G. MATHIAS , David T. HAGGERTY , Jerrold Von HAUCK
IPC分类号: H04L12/24 , H04W12/06 , H04W8/20 , H04L29/06 , H04W8/18 , H04B1/3827 , H04B1/3816
摘要: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.
-
5.发明申请公开(公告)号:US20160345162A1
公开(公告)日:2016-11-24
申请号:US15157332
申请日:2016-05-17
申请人: Apple Inc.
发明人: Li LI , Yousuf H. VAID , Christopher B. SHARP , Arun G. MATHIAS , David T. HAGGERTY , Jerrold Von HAUCK
IPC分类号: H04W8/18 , H04W12/06 , H04L12/24 , H04B1/3816 , H04B1/3827
摘要: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.
摘要翻译: 本文描述的代表性实施例阐述了用于优化向移动设备大规模地递送电子订户身份模块(eSIM)的技术。 具体而言,代替在移动设备被激活时生成和分配eSIM,这可能需要很大的处理开销 - eSIM是用一组基本信息预先生成的,并且在激活时被分配给移动设备。 这可以提供相当于在移动设备激活期间生成和分配eSIM的传统方法的显着优点,特别是当新的移动设备(例如,智能电话,平板电脑等)正在启动并且大量的eSIM分配请求将被满足时 有效的方式。
-
6.发明申请公开(公告)号:US20180249333A1
公开(公告)日:2018-08-30
申请号:US15876875
申请日:2018-01-22
申请人: Apple Inc.
发明人: Li LI , Xiangying YANG , Jerrold Von HAUCK , Christopher B. SHARP , Yousuf H. VAID , Arun G. MATHIAS , David T. HAGGERTY , Najeeb M. ABDULRAHIMAN
CPC分类号: H04W12/06 , H04L41/28 , H04L63/083 , H04L63/0838 , H04L63/0853 , H04W12/00514
摘要: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.
-
公开(公告)号:US20170278097A1
公开(公告)日:2017-09-28
申请号:US15482478
申请日:2017-04-07
申请人: Apple Inc.
发明人: David T. HAGGERTY , Ahmer A. KHAN , Christopher B. SHARP , Jerrold Von HAUCK , Joakim LINDE , Kevin P. MCLAUGHLIN , Mehdi ZIAT , Yousuf H. VAID
CPC分类号: G06Q20/36 , G06Q20/1235 , G06Q20/3227 , G06Q20/3552 , G06Q20/382
摘要: Methods and apparatus for the deployment of financial instruments and other assets are disclosed. In one embodiment, a security software protocol is disclosed that guarantees that the asset is always securely encrypted, that one and only one copy of an asset exists, and the asset is delivered to an authenticated and/or authorized customer. Additionally, exemplary embodiments of provisioning systems are disclosed that are capable of, among other things, handling large bursts of traffic (such as can occur on a so-called “launch day” of a device).
-
公开(公告)号:US20150256345A1
公开(公告)日:2015-09-10
申请号:US14279109
申请日:2014-05-15
申请人: Apple Inc.
发明人: Yousuf H. VAID , Christopher B. SHARP , Medhi ZIAT , Li LI , Jerrold Von HAUCK , Ramiro SARMIENTO , Jean-Marc PADOVA
IPC分类号: H04L9/32
CPC分类号: H04L9/3268
摘要: Disclosed herein is a technique for revoking a root certificate from at least one client device. In particular, the technique involves causing a secure element—which is included in the at least one client device and is configured to store the root certificate as well as at least one backup root certificate—to permanently disregard the root certificate and prevent the at least one client device from utilizing the specific root certificate. According to one embodiment, this revocation occurs in response to a receiving a revocation message that directly targets the root certificate, where the message includes at least two levels of authentication that are verified by the secure element prior to carrying out the revocation. Once the root certificate is revoked, the secure element can continue to utilize the at least one backup root certificate, while permanently disregarding the revoked root certificate.
摘要翻译: 本文公开了一种用于从至少一个客户端设备撤销根证书的技术。 特别地,该技术涉及引起安全元件,其包括在至少一个客户端设备中并且被配置为存储根证书以及至少一个备份根证书,以永久地忽略根证书,并且至少防止 一个客户端设备利用特定的根证书。 根据一个实施例,该撤销响应于接收直接针对根证书的撤销消息而发生,其中该消息包括在执行撤销之前由安全元件验证的至少两个认证级别。 根证书被撤销后,安全元素可以继续使用至少一个备份根证书,同时永久忽略已撤销的根证书。
-
公开(公告)号:US20210295282A1
公开(公告)日:2021-09-23
申请号:US17341711
申请日:2021-06-08
申请人: Apple Inc.
发明人: George R. DICKER , Christopher B. SHARP , Ahmer A. KHAN , Yousuf H. VAID , Glen W. STEELE , Christopher D. ADAMS , David T. HAGGERTY
摘要: To facilitate conducting a financial transaction via wireless communication between an electronic device and another electronic device, the electronic device determines a unique transaction identifier for the financial transaction based on financial-account information communicated to the other electronic device. The financial-account information specifies a financial account that is used to pay for the financial transaction. Moreover, the unique transaction identifier may be capable of being independently computed by one or more other entities associated with the financial transaction (such as a counterparty in the financial transaction or a payment network that processes payment for the financial transaction) based on the financial-account information communicated by the portable electronic device. The electronic device may also associate receipt information, which is subsequently received from a third party (such as the payment network), with the financial transaction by comparing the determined unique transaction identifier to the computed unique transaction identifier.
-
公开(公告)号:US20200154270A1
公开(公告)日:2020-05-14
申请号:US16680273
申请日:2019-11-11
申请人: Apple Inc.
发明人: Matthew C. BYINGTON , Christopher SHARP , Jeff W. LIN , Rahul Narayan SINGH , Sourabh DUGAR , Yousuf H. VAID
摘要: A secure trusted service manager provider may include at least one processor configured to provide, to an electronic device, a first script to provision an applet instance corresponding to a third party server, the script including a public key corresponding to the third party server. The at least one processor may be configured to receive, from the electronic device, an encrypted symmetric key and provide the encrypted symmetric key to the third party server, the symmetric key being encrypted with the public key. The at least one processor may be configured to receive, from the third party server, an encrypted data element corresponding to a transaction to be performed by the applet instance, the encrypted data element being encrypted with the symmetric key, generate a second script that includes the encrypted data element and provide, to the electronic device, the second script that includes the encrypted data element.
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.019 秒)
