公开(公告)号：US20170104750A1

公开(公告)日：2017-04-13

申请号：US15287614

申请日：2016-10-06

Applicant: Apple Inc.

Inventor： Li LI ,  Arun G. MATHIAS

IPC: H04L29/06

CPC classification number: H04L63/0853 ,  H04L63/0435 ,  H04L63/061 ,  H04L63/062 ,  H04W12/04 ,  H04W12/06

Abstract: Methods are provided for instantiating multiple electronic subscriber identity modules (eSIMs) to an electronic universal integrated circuit card (eUICC) using a manufacturer-installed data binary large object (data blob). An eSIM package including the data blob in encrypted form is securely installed in the eUICC in a manufacturing environment. A key encryption key (KEK) associated with the eSIM package is separately provided to an original equipment manufacturer (OEM) wireless device factory. The OEM wireless device factory provides the KEK to the eUICC within a given wireless device. The eUICC uses the KEK to decrypt the eSIM package and provide the data blob. The eUICC can receive a request to instantiate a first eSIM. The eUICC can instantiate the first eSIM using data from the data blob. A user can then access network services using the wireless device. Subsequently, a second eSIM can be instantiated by the eUICC using the data blob.

公开(公告)号：US20160352377A1

公开(公告)日：2016-12-01

申请号：US15236303

申请日：2016-08-12

Applicant: Apple Inc.

Inventor： Li LI ,  Arun G. MATHIAS

IPC: H04B1/3816 ,  H04W4/00 ,  H04W8/18

CPC classification number: H04B1/3816 ,  H04M2250/14 ,  H04W4/60 ,  H04W8/183 ,  H04W88/06

Abstract: Disclosed herein is a technique for enabling Subscriber Identity Module (SIM) toolkit commands to be properly routed within a mobile device that includes an embedded Universal Integrated Circuit Card (eUICC) configured to manage two or more electronic SIMs (eSIMs). Specifically, the technique involves a baseband component of the mobile device and the eUICC initially exchanging information about their eSIM capabilities to identify whether multiple eSIMs are active within the eUICC. During this exchange of information, the eUICC can generate a list of unique identifiers of the active eSIMs that are managed by the eUICC and provide the list of unique identifiers to the baseband component. In turn, the baseband component can update a configuration to manage the list of unique identifiers and use the list of unique identifiers to properly route SIM toolkit commands to the appropriate eSIM within the eUICC.

公开(公告)号：US20160345162A1

公开(公告)日：2016-11-24

申请号：US15157332

申请日：2016-05-17

Applicant: Apple Inc.

Inventor： Li LI ,  Yousuf H. VAID ,  Christopher B. SHARP ,  Arun G. MATHIAS ,  David T. HAGGERTY ,  Jerrold Von HAUCK

IPC: H04W8/18 ,  H04W12/06 ,  H04L12/24 ,  H04B1/3816 ,  H04B1/3827

Abstract: Representative embodiments described herein set forth techniques for optimizing large-scale deliveries of electronic Subscriber Identity Modules (eSIMs) to mobile devices. Specifically, instead of generating and assigning eSIMs when mobile devices are being activated—which can require significant processing overhead—eSIMs are pre-generated with a basic set of information, and are later-assigned to the mobile devices when they are activated. This can provide considerable benefits over conventional approaches that involve generating and assigning eSIMs during mobile device activation, especially when new mobile devices (e.g., smartphones, tablets, etc.) are being launched and a large number of eSIM assignment requests are to be fulfilled in an efficient manner.

Abstract translation: 本文描述的代表性实施例阐述了用于优化向移动设备大规模地递送电子订户身份模块（eSIM）的技术。 具体而言，代替在移动设备被激活时生成和分配eSIM，这可能需要很大的处理开销 - eSIM是用一组基本信息预先生成的，并且在激活时被分配给移动设备。 这可以提供相当于在移动设备激活期间生成和分配eSIM的传统方法的显着优点，特别是当新的移动设备（例如，智能电话，平板电脑等）正在启动并且大量的eSIM分配请求将被满足时 有效的方式。

公开(公告)号：US20160249214A1

公开(公告)日：2016-08-25

申请号：US14868257

申请日：2015-09-28

Applicant: Apple Inc.

Inventor： Li LI ,  Jerrold Von HAUCK ,  Arun G. MATHIAS

IPC: H04W12/06

Abstract: Disclosed herein are different techniques for enabling a mobile device to dynamically support different authentication algorithms. A first technique involves configuring an eUICC included in the mobile device to implement various authentication algorithms that are utilized by MNOs (e.g., MNOs with which the mobile device can interact). Specifically, this technique involves the eUICC storing executable code for each of the various authentication algorithms. According to this technique, the eUICC is configured to manage at least one eSIM, where the eSIM includes (i) an identifier that corresponds to one of the various authentication algorithms implemented by the eUICC, and (ii) authentication parameters that are compatible with the authentication algorithm. A second technique involves configuring the eUICC to interface with an eSIM to extract (i) executable code for an authentication algorithm used by an MNO that corresponds to the eSIM, and (ii) authentication parameters that are compatible with the authentication algorithm.

Abstract translation: 这里公开了使移动设备能够动态地支持不同认证算法的不同技术。 第一种技术涉及配置包括在移动设备中的eUICC来实现由MNO（例如，移动设备可以与之交互的MNO）利用的各种认证算法。 具体地说，这种技术涉及用于各种认证算法中的每一种的可执行代码的eUICC。 根据该技术，eUICC被配置为管理至少一个eSIM，其中eSIM包括（i）对应于由eUICC实现的各种认证算法之一的标识符，以及（ii）与 认证算法。 第二种技术是将eUICC配置为与eSIM进行接口，以提取（i）与eSIM对应的MNO使用的认证算法的可执行代码，以及（ii）与认证算法兼容的认证参数。

公开(公告)号：US20160246585A1

公开(公告)日：2016-08-25

申请号：US14629388

申请日：2015-02-23

Applicant: Apple Inc.

Inventor： Li LI ,  Jerrold Von HAUCK ,  Najeeb M. ABDULRAHIMAN ,  Arun G. MATHIAS

IPC: G06F9/445 ,  H04W8/24

CPC classification number: G06F8/65 ,  G06F8/61 ,  G06F8/654 ,  H04L63/0853 ,  H04W8/205 ,  H04W8/24

Abstract: Disclosed herein is a technique for updating firmware of an embedded Universal Integrated Circuit Card (eUICC) included in a mobile device. The technique includes the steps of (1) receiving, from a firmware provider, an indication that an updated firmware is available for the eUICC, (2) in response to the indication, providing, to the firmware provider, (i) a unique identifier (ID) associated with the eUICC, and (ii) a nonce value, (3) subsequent to providing, receiving, from the firmware provider, a firmware update package, wherein the firmware update package includes (i) authentication information, and (ii) the updated firmware, (4) subsequent to verifying the authentication information, persisting, to a memory included in the mobile device, a hash value that corresponds to the updated firmware, and (5) installing the updated firmware on the eUICC.

Abstract translation: 这里公开了一种用于更新包括在移动设备中的嵌入式通用集成电路卡（eUICC）的固件的技术。 该技术包括以下步骤：（1）从固件提供商接收更新的固件可用于eUICC的指示，（2）响应于该指示，向固件提供商提供（i）唯一标识符 （i）与所述eUICC相关联，以及（ii）随机值，（3）在从所述固件提供商提供固件更新包之后，其中所述固件更新包包括（i）认证信息，和（ii） ）更新的固件，（4）在验证认证信息之后，将包含在移动设备中的存储器持久化到与更新的固件相对应的散列值，以及（5）在eUICC上安装更新的固件。

公开(公告)号：US20160006729A1

公开(公告)日：2016-01-07

申请号：US14789905

申请日：2015-07-01

Applicant: Apple Inc.

Inventor： Xiangying YANG ,  Li LI ,  Jerrold Von HAUCK

IPC: H04L29/06

CPC classification number: H04L63/0853 ,  H04L63/0428 ,  H04L63/062 ,  H04L63/065 ,  H04L63/068 ,  H04L63/105 ,  H04W12/04 ,  H04W12/06

Abstract: A method for establishing a secure communication channel between an off-card entity and an embedded Universal Integrated Circuit Card (eUICC) is provided. The method involves establishing symmetric keys that are ephemeral in scope. Specifically, an off-card entity, and each eUICC in a set of eUICCs managed by the off-card entity, possess long-term Public Key Infrastructure (PKI) information. When a secure communication channel is to be established between the off-card entity and an eUICC, the eUICC and the off-card entity can authenticate one another in accordance with the respectively-possessed PKI information (e.g., verifying public keys). After authentication, the off-card entity and the eUICC establish a shared session-based symmetric key for implementing the secure communication channel. Specifically, the shared session-based symmetric key is generated according to whether perfect or half forward security is desired. Once the shared session-based symmetric key is established, the off-card entity and the eUICC can securely communicate information.

Abstract translation: 提供了一种用于在卡外实体和嵌入式通用集成电路卡（eUICC）之间建立安全通信信道的方法。 该方法涉及建立在范围上短暂的对称密钥。 具体来说，脱卡实体和由脱机实体管理的一组eUICC中的每个eUICC都具有长期公钥基础设施（PKI）信息。 当在离线卡实体和eUICC之间建立一个安全通信信道时，eUICC和离开卡实体可以根据分别拥有的PKI信息（例如，验证公开密钥）来彼此认证。 认证后，离线卡实体和eUICC建立共享的基于会话的对称密钥，用于实现安全通信信道。 具体地，基于会话的对称密钥是根据是否需要完美的或半正向的安全来生成的。 一旦建立了共享的基于会话的对称密钥，离卡实体和eUICC就可以安全地传递信息。

公开(公告)号：US20150181433A1

公开(公告)日：2015-06-25

申请号：US14639861

申请日：2015-03-05

Applicant: Apple Inc.

Inventor： Li LI ,  Ben-Heng JUANG ,  Arun G. MATHIAS

IPC: H04W12/08 ,  H04L29/06

CPC classification number: H04W12/08 ,  H04L63/083 ,  H04W4/50 ,  H04W8/183 ,  H04W8/22 ,  H04W12/06

Abstract: Apparatus and methods for managing and sharing data across multiple access control clients in devices. In one embodiment, the access control clients comprise electronic Subscriber Identity Modules (eSIMs) disposed on an embedded Universal Integrated Circuit Card (eUICC). Each eSIM contains its own data. An Advanced Subscriber Identity Toolkit application maintained within the eUICC facilitates managing and sharing multiple eSIMs' data for various purposes such as sharing phonebook contacts or facilitating automatic switch-over between the multiple eSIMs (such as based on user context).

Abstract translation: 用于在设备中的多个访问控制客户端上管理和共享数据的装置和方法。 在一个实施例中，访问控制客户端包括设置在嵌入式通用集成电路卡（eUICC）上的电子订户身份模块（eSIM）。 每个eSIM都包含自己的数据。 在eUICC内部维护的高级用户身份工具包应用程序便于管理和共享多个eSIM的数据，用于各种目的，例如共享电话簿联系人或促进多个eSIM之间的自动切换（例如基于用户上下文）。

公开(公告)号：US20150004955A1

公开(公告)日：2015-01-01

申请号：US14323974

申请日：2014-07-03

Applicant: Apple Inc.

Inventor： Li LI ,  Ben JUANG ,  Arun MATHIAS

IPC: H04M3/54 ,  H04W8/22 ,  H04W88/06 ,  H04W4/16

CPC classification number: H04M3/543 ,  H04W4/16 ,  H04W4/50 ,  H04W8/22 ,  H04W88/06

Abstract: Methods and apparatus for the automated updating of forwarding preferences for communications in a telecommunications network. In one embodiment, the network includes a wireless (e.g., cellular) network with user mobile user devices configured to detect a change to their configuration (such as a user changing out SIM cards or virtual access clients). In response, the device causes an update to its associated communication forwarding preferences to reflect the change. If the configuration alteration meets certain criteria (e.g., changes the phone number at which the device may be reached), the device sends a forwarding message instructing a network entity (e.g., routing server) to direct communications addressed to the old phone number to the new phone number. Thus, a user with two or more user profiles (such as two different carrier accounts) may be reached at any number associated with any of the profiles, even if only one profile is currently active.

Abstract translation: 用于自动更新电信网络中的通信的转发偏好的方法和装置。 在一个实施例中，网络包括无线（例如，蜂窝）网络，其中用户移动用户设备被配置为检测对其配置的改变（诸如用户改变SIM卡或虚拟接入客户端）。 作为响应，设备导致其相关联的通信转发偏好的更新以反映该变化。 如果配置更改满足某些标准（例如，更改可能到达设备的电话号码），则设备发送指示网络实体（例如，路由服务器）的转发消息，以将寻址到旧电话号码的通信指向 新电话号码 因此，即使只有一个配置文件当前是活动的，具有两个或多个用户配置文件（例如两个不同的运营商帐户）的用户可以以与任何配置文件相关联的任何号码达到。

公开(公告)号：US20250150808A1

公开(公告)日：2025-05-08

申请号：US18810144

申请日：2024-08-20

Applicant: Apple Inc.

Inventor： Jean-Marc PADOVA ,  Aurelien P. RABOISSON ,  Li LI ,  Ngabin S. NG

IPC: H04W8/20 ,  H04W8/18

Abstract: The described embodiments set forth techniques for managing subscription service files, e.g., Customized Applications for Mobile network Enhanced Logic (CAMEL) Application Part (CAP) files, for export and/or transfer of an electronic SIM (eSIM) from a source wireless device. As part of an eSIM procedure to transfer an eSIM, e.g., a processor of the source wireless device obtains, from one or more applet asset servers, one or more subscription service files usable to generate a version of applets associated with the eSIM. The wireless device generates an eSIM export package that includes the eSIM and at least one of the one or more of the subscription service files. The processor of the source wireless device provides the eSIM export package to the target wireless device to use to install the transferred eSIM and one or more applets based on the subscription service files on the eUICC of the target wireless device.

公开(公告)号：US20250106618A1

公开(公告)日：2025-03-27

申请号：US18974662

申请日：2024-12-09

Applicant: Apple Inc.

Inventor： Can XIONG ,  Sherman X. JIN ,  Eric ZELENKA ,  Graham S. McLUHAN ,  Li LI ,  Rafael L. RIVERA-BARRETO ,  Raj S. CHAUGULE ,  Rohan C. MALTHANKAR

IPC: H04W8/20 ,  H04W4/50 ,  H04W8/18 ,  H04W12/30

Abstract: This Application describes mechanisms for enterprise remote management of cellular services provided via access credentials, e.g., subscriber identity modules (SIMs) and/or electronic SIMs (eSIMs), for wireless devices. To minimize requirements for user interaction, installation and management of business-supplied cellular service profiles on the wireless device can intercept alert notifications to reduce interruptions and allow for background management of the business-supplied cellular service profiles. Additionally, a business enterprise can use multiple, distinct services to initiate installation of an eSIM to a wireless device. When two different services attempt to install eSIMs on the wireless device in parallel, management software on the wireless device can control an order of installation and disallow duplicate installations of an identical eSIM to the wireless device. The management software can also monitor eSIM installations and manage alert notifications that occur during the eSIM installation process.