-
111.发明申请公开(公告)号:US20200304327A1
公开(公告)日:2020-09-24
申请号:US16841273
申请日:2020-04-06
Applicant: Apple Inc.
Inventor: Xiangying YANG , Li LI , Avinash NARASIMHAN , Jean-Marc PADOVA
Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.
-
公开(公告)号:US20190239075A1
公开(公告)日:2019-08-01
申请号:US16384844
申请日:2019-04-15
Applicant: Apple Inc.
Inventor: Xiangying YANG , Li LI , Jerrold Von HAUCK
CPC classification number: H04W12/06 , G06F21/32 , H04L9/3231 , H04L9/3271 , H04L2209/80 , H04W4/50 , H04W4/60 , H04W12/0023 , H04W12/08
Abstract: The embodiments set forth techniques for an embedded Universal Integrated Circuit Card (eUICC) to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication. The eUICC receives a request to perform a management operation in association with an eSIM. In response, the eUICC determines whether a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation. Next, the eUICC causes the mobile device to prompt a user of the mobile device to carry out the human-based authentication. The management operation is then performed or ignored in accordance with results of the human-based authentication.
-
113.发明申请公开(公告)号:US20190074983A1
公开(公告)日:2019-03-07
申请号:US16117642
申请日:2018-08-30
Applicant: Apple Inc.
Inventor: Xiangying YANG , Avinash NARASIMHAN , Li LI , David I. AHN , Jean-Marc PADOVA , Clark P. MUELLER , David T. HAGGERTY
Abstract: Embodiments provided herein identify a certificate issuer (CI) to be relied on as a trusted third party by an electronic subscriber identity module (eSIM) server in remote SIM provisioning (RSP) transactions with an embedded universal integrated circuit card (eUICC). In an RSP ecosystem, multiple CIs may exist. Parties rely on public key infrastructure (PKI) techniques for establishment of trust. Trust may be established based on a trusted third party such as a CI. Parties need to agree on the CI in order for some PKI techniques to be useful. Embodiments provided herein describe approaches for an eUICC and an eSIM server to arrive at an agreed-on CI. Candidate or negotiated CIs may be indicated on a public key identifier (PKID) list. A PKID list is distributed, in some embodiments, by means of a discovery server, via an activation code (AC) and/or during the establishment of a profile provisioning session.
-
公开(公告)号:US20190007835A1
公开(公告)日:2019-01-03
申请号:US16024025
申请日:2018-06-29
Applicant: Apple Inc.
Inventor: Li LI , Dennis D. CONWAY
Abstract: A secure element (SE) determines a profile type and a privilege level. The privilege level, in some embodiments, is associated with a key used successfully by the SE to verify a cryptographic signature. In some embodiments, the privilege level is indicated by a privilege value read from an extension field of a root certificate. The SE determines, in some instances, whether to accept or reject a profile installation after comparing the profile type with the determined privilege level. Thus, a test server is allowed to provision a test profile to an SE even if the test server does not have commercial certification required of an electronic subscriber identity module (eSIM) server that provisions operational profiles. Because the test profile does not include credentials useful for network access, the lower-security test server does not create a risk of improper access to the network of a mobile network operator (MNO).
-
115.发明申请公开(公告)号:US20180249333A1
公开(公告)日:2018-08-30
申请号:US15876875
申请日:2018-01-22
Applicant: Apple Inc.
Inventor: Li LI , Xiangying YANG , Jerrold Von HAUCK , Christopher B. SHARP , Yousuf H. VAID , Arun G. MATHIAS , David T. HAGGERTY , Najeeb M. ABDULRAHIMAN
CPC classification number: H04W12/06 , H04L41/28 , H04L63/083 , H04L63/0838 , H04L63/0853 , H04W12/00514
Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.
-
Patent Agency Ranking
116.发明申请公开(公告)号:US20180249332A1
公开(公告)日:2018-08-30
申请号:US15873856
申请日:2018-01-17
Applicant: Apple Inc.
Inventor: Stephan V. SCHELL , Arun G. MATHIAS , Jerrold Von HAUCK , David T. HAGGERTY , Kevin McLAUGHLIN , Ben-Heng JUANG , Li LI
IPC: H04W12/06 , H04W12/08 , H04W12/04 , H04W8/20 , H04L29/06 , H04W4/50 , G06F21/57 , G06F21/45 , H04W4/60 , H04L29/08
CPC classification number: H04W12/06 , G06F21/45 , G06F21/57 , H04L63/08 , H04L63/0853 , H04L63/123 , H04L63/20 , H04L67/34 , H04W4/50 , H04W4/60 , H04W8/205 , H04W12/04 , H04W12/08
Abstract: Methods and apparatus enabling programming of electronic identification information of a wireless apparatus. In one embodiment, a previously purchased or deployed wireless apparatus is activated by a cellular network. The wireless apparatus connects to the cellular network using an access module to download operating system components and/or access control client components. The described methods and apparatus enable updates, additions and replacement of various components including Electronic Subscriber Identity Module (eSIM) data, OS components. One exemplary implementation of the invention utilizes a trusted key exchange between the device and the cellular network to maintain security.
-
117.发明申请公开(公告)号:US20180063697A1
公开(公告)日:2018-03-01
申请号:US15253783
申请日:2016-08-31
Applicant: Apple Inc.
Inventor: Li LI , Clark P. MUELLER , Avinash NARASIMHAN , Arun G. MATHIAS , Najeeb M. ABDULRAHIMAN , David T. HAGGERTY
CPC classification number: H04W8/183 , G06F21/575 , G06F21/72 , H04L63/123 , H04W4/50 , H04W4/60 , H04W8/245 , H04W12/10
Abstract: Representative embodiments described herein set forth techniques for provisioning bootstrap electronic Subscriber Identity Modules (eSIMs) to mobile devices. According to some embodiments, a mobile device can be configured to issue, to an eSIM selection server, a bootstrap eSIM request that includes (i) metadata associated with the mobile device, and (ii) metadata associated with an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device. In turn, the eSIM selection server selects and binds a particular bootstrap eSIM to the mobile device, and provides information to the mobile device that enables the mobile device to obtain the particular bootstrap eSIM from one or more eSIM servers. When the mobile device obtains the particular bootstrap eSIM, the mobile device can interface with a mobile network operator (MNO) and obtain a complete eSIM that enables the mobile device to access services provided by the MNO.
-
118.发明申请公开(公告)号:US20180063668A1
公开(公告)日:2018-03-01
申请号:US15691660
申请日:2017-08-30
Applicant: Apple Inc.
Inventor: Li LI
CPC classification number: H04W4/50 , H04L9/0643 , H04L9/14 , H04L9/3247 , H04L2209/80 , H04W4/60 , H04W8/245 , H04W12/04 , H04W12/06 , H04W12/10
Abstract: Representative embodiments described herein set forth techniques for provisioning device configuration files and electronic Subscriber Identity Modules (eSIMs) to mobile devices. One embodiment sets forth a method for installing an eSIM at a mobile device. According to some embodiments, the method includes the steps of (1) receiving a first request to obtain the eSIM, (2) issuing, to an eSIM server, a second request for the eSIM, (3) receiving an eSIM installation package from the eSIM server, where the eSIM installation package includes (i) the eSIM, and (ii) a device configuration file that corresponds to: the mobile device, and at least one Mobile Network Operator (MNO) associated with the eSIM, and (4) upon verifying at least one digital signature associated with the eSIM installation package: installing the device configuration file on the mobile device, and installing the eSIM on an electronic Universal Integrated Circuit Card (eUICC) included in the mobile device.
-
公开(公告)号:US20160316356A1
公开(公告)日:2016-10-27
申请号:US15134289
申请日:2016-04-20
Applicant: Apple Inc.
Inventor: Li LI , Arun G. MATHIAS
Abstract: This disclosure describes procedures for maintaining multiple electronic subscriber identity modules (eSIMs) within a user equipment (UE) device, in such a manner that an inactive eSIM can be maintained/updated at the UE device while an active eSIM is being utilized by the UE device to communicate with a corresponding network. The procedures include, a UE device establishing communications with a first network using an active eSIM, initiating an eSIM manager at the UE device, selecting an inactive eSIM (e.g., associated with a second network) with the eSIM manager, applying a profile update to the inactive eSIM with the eSIM manager during communications with the first network, and deselecting the inactive eSIM with the eSIM manager when the profile update to the inactive eSIM is complete. In some configurations, the eSIM manager and the multiple eSIMs can be stored within a secure element of the UE device.
Abstract translation: 本公开描述了在用户设备(UE)设备内维护多个电子用户识别模块(eSIM)的过程,其方式是当UE正在利用活动eSIM时,可以在UE设备处维持/更新非活动eSIM 设备与对应的网络通信。 该过程包括:使用活动eSIM建立与第一网络的通信的UE设备,在UE设备发起eSIM管理器,用eSIM管理器选择不活动的eSIM(例如,与第二网络相关联的),将配置文件更新应用于 在与第一个网络通信时与eSIM管理器进行非活动的eSIM,当非活动eSIM的配置文件更新完成时,使用eSIM管理器取消选中不活动的eSIM。 在一些配置中,eSIM管理器和多个eSIM可以存储在UE设备的安全元素内。
-
120.发明申请公开(公告)号:US20160037350A1
公开(公告)日:2016-02-04
申请号:US14866969
申请日:2015-09-27
Applicant: Apple Inc.
Inventor: Li LI , Stephan V. SCHELL
CPC classification number: H04W12/12 , H04L69/40 , H04W8/20 , H04W8/265 , H04W28/0289 , H04W28/06 , H04W48/06 , H04W52/0212 , H04W74/004 , Y02D70/1224 , Y02D70/1242 , Y02D70/1262 , Y02D70/142 , Y02D70/144 , Y02D70/146 , Y02D70/166
Abstract: Methods and apparatus for correcting error events associated with identity provisioning. In one embodiment, repeated requests for access control clients are responded to with the execution of a provisioning feedback mechanism which is intended to prevent the unintentional (or even intentional) over-consumption or waste of network resources via the delivery of an excessive amount of access control clients. These provisioning feedback mechanisms include rate-limiting algorithms and/or methodologies which place a cost on the user. Apparatus for implementing the aforementioned provisioning feedback mechanisms are also disclosed and include specialized user equipment and/or network side equipment such as a subscriber identity module provisioning server (SPS).
-
-
-
-
-
-
-
-
-
Search Results
124
records
(took 0.051 seconds)
