公开(公告)号：US09942755B2

公开(公告)日：2018-04-10

申请号：US14831819

申请日：2015-08-20

Applicant: Apple Inc.

Inventor： Xiangying Yang ,  Li Li ,  Jerrold Von Hauck

IPC: H04W12/06 ,  H04W12/08 ,  H04L9/32 ,  G06F21/32 ,  H04W4/00

CPC classification number: H04W12/06 ,  G06F21/32 ,  H04L9/3231 ,  H04L9/3271 ,  H04L2209/80 ,  H04W4/50 ,  H04W4/60 ,  H04W12/08

Abstract: The embodiments set forth techniques for an embedded Universal Integrated Circuit Card (eUICC) to conditionally require, when performing management operations in association with electronic Subscriber Identity Modules (eSIMs), human-based authentication. The eUICC receives a request to perform a management operation in association with an eSIM. In response, the eUICC determines whether a policy being enforced by the eUICC indicates that a human-based authentication is required prior to performing the management operation. Next, the eUICC causes the mobile device to prompt a user of the mobile device to carry out the human-based authentication. The management operation is then performed or ignored in accordance with results of the human-based authentication.

公开(公告)号：US09762277B2

公开(公告)日：2017-09-12

申请号：US15236303

申请日：2016-08-12

Applicant: Apple Inc.

Inventor： Li Li ,  Arun G. Mathias

IPC: H04B1/3816 ,  H04W8/18 ,  H04W4/00 ,  H04W88/06

CPC classification number: H04B1/3816 ,  H04M2250/14 ,  H04W4/60 ,  H04W8/183 ,  H04W88/06

Abstract: Disclosed herein is a technique for enabling Subscriber Identity Module (SIM) toolkit commands to be properly routed within a mobile device that includes an embedded Universal Integrated Circuit Card (eUICC) configured to manage two or more electronic SIMs (eSIMs). Specifically, the technique involves a baseband component of the mobile device and the eUICC initially exchanging information about their eSIM capabilities to identify whether multiple eSIMs are active within the eUICC. During this exchange of information, the eUICC can generate a list of unique identifiers of the active eSIMs that are managed by the eUICC and provide the list of unique identifiers to the baseband component. In turn, the baseband component can update a configuration to manage the list of unique identifiers and use the list of unique identifiers to properly route SIM toolkit commands to the appropriate eSIM within the eUICC.

公开(公告)号：US09524158B2

公开(公告)日：2016-12-20

申请号：US14629388

申请日：2015-02-23

Applicant: Apple Inc.

Inventor： Li Li ,  Jerrold Von Hauck ,  Najeeb M. Abdulrahiman ,  Arun G. Mathias

IPC: G06F9/44 ,  G06F9/445 ,  H04W8/24 ,  H04L29/06

CPC classification number: G06F8/65 ,  G06F8/61 ,  G06F8/654 ,  H04L63/0853 ,  H04W8/205 ,  H04W8/24

Abstract: Disclosed herein is a technique for updating firmware of an embedded Universal Integrated Circuit Card (eUICC) included in a mobile device. The technique includes the steps of (1) receiving, from a firmware provider, an indication that an updated firmware is available for the eUICC, (2) in response to the indication, providing, to the firmware provider, (i) a unique identifier (ID) associated with the eUICC, and (ii) a nonce value, (3) subsequent to providing, receiving, from the firmware provider, a firmware update package, wherein the firmware update package includes (i) authentication information, and (ii) the updated firmware, (4) subsequent to verifying the authentication information, persisting, to a memory included in the mobile device, a hash value that corresponds to the updated firmware, and (5) installing the updated firmware on the eUICC.

Abstract translation: 这里公开了一种用于更新包括在移动设备中的嵌入式通用集成电路卡（eUICC）的固件的技术。 该技术包括以下步骤：（1）从固件提供商接收更新的固件可用于eUICC的指示，（2）响应于该指示，向固件提供商提供（i）唯一标识符 （i）与所述eUICC相关联，以及（ii）随机值，（3）在从所述固件提供商提供固件更新包之后，其中所述固件更新包包括（i）认证信息，和（ii） ）更新的固件，（4）在验证认证信息之后，将包含在移动设备中的存储器持久化到与更新的固件相对应的散列值，以及（5）在eUICC上安装更新的固件。

公开(公告)号：US20160226877A1

公开(公告)日：2016-08-04

申请号：US14995154

申请日：2016-01-13

Applicant: Apple Inc.

Inventor： David T. HAGGERTY ,  Jerrold Von HAUCK ,  Ben-Heng JUANG ,  Li Li ,  Arun G. MATHIAS ,  Kevin McLAUGHLIN ,  Avinash NARASIMHAN ,  Christopher SHARP ,  Yousuf H. Vaid ,  Xiangying YANG

IPC: H04L29/06 ,  H04W8/18

CPC classification number: H04L63/10 ,  H04L63/06 ,  H04L63/0823 ,  H04L63/0853 ,  H04L63/205 ,  H04W8/18 ,  H04W8/183 ,  H04W8/20 ,  H04W12/06

Abstract: Methods and apparatus for large scale distribution of electronic access control clients. In one aspect, a tiered security software protocol is disclosed. In one exemplary embodiment, a server electronic Universal Integrated Circuit Card (eUICC) and client eUICC software comprise a so-called “stack” of software layers. Each software layer is responsible for a set of hierarchical functions which are negotiated with its corresponding peer software layer. The tiered security software protocol is configured for large scale distribution of electronic Subscriber Identity Modules (eSIMs).

Abstract translation: 电子门禁客户大规模分销的方法和装置。 一方面，公开了一种分层的安全软件协议。 在一个示例性实施例中，服务器电子通用集成电路卡（eUICC）和客户端eUICC软件包括软件层的所谓“堆叠”。 每个软件层负责与其相应的对等软件层协商的一组分层功能。 分层安全软件协议配置为大规模分发电子订户身份模块（eSIM）。

公开(公告)号：US20150350879A1

公开(公告)日：2015-12-03

申请号：US14503048

申请日：2014-09-30

Applicant: Apple Inc.

Inventor： Li Li ,  Xiangying Yang

IPC: H04W8/18 ,  H04W88/06

CPC classification number: H04W8/183 ,  H04W8/205 ,  H04W88/06

Abstract: Embodiments are described for identifying and accessing an electronic subscriber identity module (eSIM) and associated content of the eSIM in a multiple eSIM configuration. An embedded Universal Integrated Circuit Card (eUICC) can include multiple eSIMs, where each eSIM can include its own file structures and applications. Some embodiments include a processor of a mobile device transmitting a special command to the eUICC, including an identification that uniquely identifies an eSIM in the eUICC. After selecting the eSIM, the processor can access file structures and applications of the selected eSIM. The processor can then use existing commands to access content in the selected eSIM. The special command can direct the eUICC to activate or deactivate content associated with the selected eSIM. Other embodiments include an eUICC platform operating system interacting with eSIMs associated with logical channels to facilitate identification and access to file structures and applications of the eSIMs.

Abstract translation: 描述了用于在多个eSIM配置中识别和访问电子订户身份模块（eSIM）和eSIM的相关内容的实施例。 嵌入式通用集成电路卡（eUICC）可以包括多个eSIM，每个eSIM可以包括其自己的文件结构和应用程序。 一些实施例包括向eUICC发送特殊命令的移动设备的处理器，包括在eUICC中唯一地标识eSIM的标识。 选择eSIM后，处理器可以访问所选eSIM的文件结构和应用程序。 然后，处理器可以使用现有命令访问所选eSIM中的内容。 特殊命令可以指示eUICC激活或停用与所选eSIM相关联的内容。 其他实施例包括与与逻辑信道相关联的eSIM交互的eUICC平台操作系统，以便于识别和访问eSIM的文件结构和应用。

公开(公告)号：US20150350878A1

公开(公告)日：2015-12-03

申请号：US14502448

申请日：2014-09-30

Applicant: Apple Inc.

Inventor： Li Li ,  Ben-Heng Juang ,  Arun G. Mathias

IPC: H04W8/18

CPC classification number: H04W8/183 ,  H04W8/20

Abstract: Embodiments are described for identifying and accessing an electronic subscriber identity module (eSIM) and associated content of the eSIM in a multiple eSIM configuration. An embedded Universal Integrated Circuit Card (eUICC) can include multiple eSIMs, where each eSIM can include its own file structures and applications. Some embodiments include a processor of a mobile device transmitting a special command to the eUICC, including an identification that uniquely identifies an eSIM in the eUICC. After selecting the eSIM, the processor can access file structures and applications of the selected eSIM. The processor can then use existing commands to access content in the selected eSIM. The special command can direct the eUICC to activate or deactivate content associated with the selected eSIM. Other embodiments include an eUICC platform operating system interacting with eSIMs associated with logical channels to facilitate identification and access to file structures and applications of the eSIMs.

Abstract translation: 描述了用于在多个eSIM配置中识别和访问电子订户身份模块（eSIM）和eSIM的相关内容的实施例。 嵌入式通用集成电路卡（eUICC）可以包括多个eSIM，每个eSIM可以包括其自己的文件结构和应用程序。 一些实施例包括向eUICC发送特殊命令的移动设备的处理器，包括在eUICC中唯一地标识eSIM的标识。 选择eSIM后，处理器可以访问所选eSIM的文件结构和应用程序。 然后，处理器可以使用现有命令访问所选eSIM中的内容。 特殊命令可以指示eUICC激活或停用与所选eSIM相关联的内容。 其他实施例包括与与逻辑信道相关联的eSIM交互的eUICC平台操作系统，以便于识别和访问eSIM的文件结构和应用。

公开(公告)号：US09184801B2

公开(公告)日：2015-11-10

申请号：US13941230

申请日：2013-07-12

Applicant: Apple Inc.

Inventor： Li Li ,  Ben-Heng Juang ,  Arun G. Mathias

IPC: H04B5/00

CPC classification number: H04B5/0031 ,  H04B5/0056

Abstract: Methods and apparatus for activating a mobile device for use with a service provider. In one embodiment, a powered-off mobile device having an inserted Subscriber Identity Module (SIM) may be programmed with configuration data while “in box” (e.g., at a point of sale (POS), in a warehouse, etc.) using a near field communication (NFC) data interface. In another exemplary embodiment, information that is stored to a NFC accessible memory can be accessed when the device is non-functional e.g., to retrieve backup data.

Abstract translation: 用于激活与服务提供商一起使用的移动设备的方法和装置。 在一个实施例中，具有插入的订户身份模块（SIM）的关闭电力的移动设备可以在配置数据的同时使用配置数据进行编程（例如，在销售点（POS），仓库等）中使用 近场通信（NFC）数据接口。 在另一个示例性实施例中，当设备不起作用时，可以访问存储到NFC可访问存储器的信息，以检索备份数据。

公开(公告)号：US09098714B2

公开(公告)日：2015-08-04

申请号：US14085951

申请日：2013-11-21

Applicant: Apple Inc.

Inventor： Christopher B. Sharp ,  Yousuf H. Vaid ,  Li Li ,  Jerrold V. Hauck ,  Arun G. Mathias ,  Xiangying Yang ,  Kevin P. McLaughlin

IPC: H04L29/06 ,  G06F21/60 ,  H04W12/08

CPC classification number: G06F21/604 ,  H04L63/102 ,  H04L63/105 ,  H04L63/20 ,  H04W12/08

Abstract: A policy-based framework is described. This policy-based framework may be used to specify the privileges for logical entities to perform operations associated with an access-control element (such as an electronic Subscriber Identity Module) located within a secure element in an electronic device. Note that different logical entities may have different privileges for different operations associated with the same or different access-control elements. Moreover, the policy-based framework may specify types of credentials that are used by the logical entities during authentication, so that different types of credentials may be used for different operations and/or by different logical entities. Furthermore, the policy-based framework may specify the security protocols and security levels that are used by the logical entities during authentication, so that different security protocols and security levels may be used for different operations and/or by different logical entities.

Abstract translation: 描述了基于策略的框架。 该基于策略的框架可以用于指定逻辑实体执行与位于电子设备中的安全元件内的访问控制元素（例如电子订户身份模块）相关联的操作的特权。 注意，对于与相同或不同的访问控制元素相关联的不同操作，不同的逻辑实体可以具有不同的权限。 此外，基于策略的框架可以指定在认证期间由逻辑实体使用的凭证的类型，使得不同类型的凭证可以用于不同的操作和/或由不同的逻辑实体使用。 此外，基于策略的框架可以指定在认证期间由逻辑实体使用的安全协议和安全级别，使得不同的安全协议和安全级别可以用于不同的操作和/或不同的逻辑实体。

公开(公告)号：US12273957B2

公开(公告)日：2025-04-08

申请号：US17305858

申请日：2021-07-15

Applicant: Apple Inc.

Inventor： Li Li ,  Dennis D. Conway ,  Rajeev Verma ,  Keizo Marui

IPC: H04W8/18 ,  H04W4/50 ,  H04W4/60

Abstract: This Application sets forth techniques for profile, e.g., subscriber identity module (SIM) and electronic SIM (eSIM), and cellular wireless service subscription management for a wireless device. The wireless device can support multiple profiles, such as dual SIMS or a single SIM and one or more eSIMs. A user of the wireless device can flexibly enable and disable various eSIMs or change the use of physical SIMs with different associated cellular wireless service subscriptions, and mapping of subscription modules to logical channels and physical hardware interfaces can occur automatically, with mechanisms to reset interfaces when required.

公开(公告)号：US12219657B2

公开(公告)日：2025-02-04

申请号：US18430360

申请日：2024-02-01

Applicant: Apple Inc.

Inventor： Raj S. Chaugule ,  Alex M. Was ,  Avinash Narasimhan ,  Damien R. Holzapfel ,  He Zheng ,  Li Li ,  Timothy M. Sheridan ,  Vikram B. Yerrabommanahalli

IPC: H04W12/03 ,  H04W8/18 ,  H04W12/033 ,  H04W12/30

Abstract: A method is performed by a set of one or more servers and includes receiving, from a first user equipment (UE) to be activated with a cellular carrier for a user, and at the set of one or more servers, information identifying a second UE of the user and authentication information for authenticating the user with the cellular carrier. The method further includes authenticating the user using the authentication information; transmitting a password to the second UE at least partly in response to authenticating the user; receiving, from the first UE and at the set of one or more servers, the password; validating the password received from the first UE; and initiating a transfer of an embedded subscriber identity module (eSIM) subscription, from the second UE to the first UE, at least partly in response to validating the password.