公开(公告)号：WO2012061561A2

公开(公告)日：2012-05-10

申请号：PCT/US2011/059079

申请日：2011-11-03

Applicant: APPLE INC. ,  SCHELL, Stephan, V.

Inventor： SCHELL, Stephan, V.

IPC: H04W12/06

CPC classification number: H04W88/06 ,  H04L63/0853 ,  H04L63/18 ,  H04W12/06

Abstract: Methods and apparatus for recovering access data from a malfunctioning device. In one embodiment, trained service personnel are provided a specialized apparatus for retrieving access data from a malfunctioning device. For example, in the instance the device comprises a cellular device having an unrecoverable hardware failure, trained service personnel can connect to the secure element and retrieve the one or more electronic Subscriber identity Modules (eSIMs) stored thereon. The eSIMs are then "reclaimed" and reprogrammed/distributed to a new device. In one implementation, security and integrity measures are taken to protect and control distribution of sensitive access data.

Abstract translation: 用于从故障设备恢复访问数据的方法和设备。 在一个实施例中，训练有素的服务人员被提供用于从故障设备检索访问数据的专用设备。 例如，在设备包括具有不可恢复的硬件故障的蜂窝设备的情况下，经过训练的服务人员可以连接到安全元件并检索其上存储的一个或多个电子订户身份模块（eSIM）。 eSIM然后被“回收” 并重新编程/分发到新设备。 在一个实施中，采取安全和完整性措施来保护和控制敏感访问数据的分发。

公开(公告)号：WO2013119993A2

公开(公告)日：2013-08-15

申请号：PCT/US2013/025397

申请日：2013-02-08

Applicant: APPLE INC.

Inventor： LI, Li ,  SCHELL, Stephan, V.

IPC: H04W48/06

CPC classification number: H04W12/12 ,  H04L69/40 ,  H04W8/20 ,  H04W8/265 ,  H04W28/0289 ,  H04W28/06 ,  H04W48/06 ,  H04W52/0212 ,  H04W74/004 ,  Y02D70/1224 ,  Y02D70/1242 ,  Y02D70/1262 ,  Y02D70/142 ,  Y02D70/144 ,  Y02D70/146 ,  Y02D70/166

Abstract: Methods and apparatus for correcting error events associated with identity provisioning, in one embodiment, repeated requests for access control clients are responded to with the execution of a provisioning feedback mechanism which is intended to prevent the unintentional (or even intentional) over-consumption or waste of network resources via the delivery of an excessive amount of access control clients. These provisioning feedback mechanisms include rate-limiting algorithms and/or methodologies which place a cost on the user. Apparatus for implementing the aforementioned provisioning feedback mechanisms are also disclosed and include specialized user equipment and/or network side equipment such as a subscriber identity module provisioning server (SPS).

Abstract translation: 用于校正与身份提供相关联的错误事件的方法和装置，在一个实施例中，对访问控制客户端的重复请求响应于预设反馈机制的执行，其旨在防止无意（或甚至有意的）过度消费或浪费 的网络资源通过传递过多的访问控制客户端。 这些供应反馈机制包括对用户造成成本的费率限制算法和/或方法。 还公开了用于实现上述提供反馈机制的装置，并且包括专用用户设备和/或诸如订户身份模块提供服务器（SPS）的网络侧设备。

公开(公告)号：WO2011159549A9

公开(公告)日：2011-12-22

申请号：PCT/US2011/039854

申请日：2011-06-09

Applicant: APPLE INC. ,  RODGERS, Clive, Edward ,  SCHELL, Stephan, V. ,  PANTFOERDER, Achim ,  NARANG, Mohit

Inventor： RODGERS, Clive, Edward ,  SCHELL, Stephan, V. ,  PANTFOERDER, Achim ,  NARANG, Mohit

IPC: H04W8/18 ,  H04L29/08

Abstract: Apparatus and methods for provisioning wireless devices for operation in one or more networks. In one embodiment, a provisioning service may provide access client (e.g., Subscriber Identity Module) data to a secure element in the wireless user device. The device may be preloaded with a provisioning SIM profile. The device may use the provisioning profile to roam onto a carrier, and communicate with a provisioning service, which may present the user with a list of available wireless carriers, such as carriers that service the user's current geographic location. In response to a user selection, the provisioning service may load a SIM profile associated with the selected carrier onto the secure element. The loaded SIM profile can be used to obtain wireless service from the selected carrier. The user may add multiple SIM profiles, and/or may delete SIM profiles.

公开(公告)号：WO2012012526A1

公开(公告)日：2012-01-26

申请号：PCT/US2011/044673

申请日：2011-07-20

Applicant: APPLE INC. ,  HAGGERTY, David, T. ,  VON HAUCK, Jerrold ,  SCHELL, Stephan, V. ,  MATHIA, Arun, G.

Inventor： HAGGERTY, David, T. ,  VON HAUCK, Jerrold ,  SCHELL, Stephan, V. ,  MATHIA, Arun, G.

IPC: H04M1/66

CPC classification number: H04W8/265

Abstract: Apparatus and methods for distributing electronic access client modules for use with electronic devices. In one embodiment, the access client modules are virtual subscriber identity modules (VSIMs) that can be downloaded from online services for use with cellular- equipped devices such as smartphones. The online services may include a point of sale (POS) system that sells electronic devices to users. A broker may be used to facilitate the selection of a virtual subscriber identity module. A provisioning service may also be used to provision the selected VSIM.

Abstract translation: 用于分发用于电子设备的电子访问客户端模块的装置和方法。 在一个实施例中，访问客户端模块是虚拟订户身份模块（VSIM），其可以从在线服务下载以与诸如智能电话的蜂窝配备的设备一起使用。 在线服务可以包括向用户销售电子设备的销售点（POS）系统。 可以使用代理来促进对虚拟订户身份模块的选择。 还可以使用供应服务来配置所选择的VSIM。

公开(公告)号：EP2633711A1

公开(公告)日：2013-09-04

申请号：EP11793892.8

申请日：2011-10-20

Applicant: Apple Inc.

Inventor： SCHELL, Stephan, V. ,  HAGGERTY, David, T.

IPC: H04W8/20

CPC classification number: H04W8/205

Abstract: Methods and apparatus for managing multiple user access control entities or clients. For example, in one embodiment, a “wallet” of electronic subscriber identity modules (eSIMs) may be stored and used at a user device and/or distributed to other devices for use thereon. In another embodiment, a networked server may store and distribute eSIM to a plurality of user devices in communication therewith. A database of available eSIM is maintained at the wallet entity and/or at the network which enables request for a particular eSIM to be processed and various rules for the distribution thereof to be implemented. Security precautions are implemented to protect both user and network carrier specific data as the data is transmitted between networked entities. Solutions for eSIM backup and restoration are also described.

公开(公告)号：WO2012058446A1

公开(公告)日：2012-05-03

申请号：PCT/US2011/058117

申请日：2011-10-27

Applicant: APPLE INC. ,  SCHELL, Stephan, V. ,  HAGGERTY, David, T.

Inventor： SCHELL, Stephan, V. ,  HAGGERTY, David, T.

IPC: H04W8/26

CPC classification number: H04W8/265 ,  H04W4/50 ,  H04W4/60 ,  H04W12/04

Abstract: Methods and apparatus for activating a purchased or previously deployed device by a subscriber. In one embodiment, activation includes authenticating the device to a service provider or carrier, and providing the device with data necessary for enabling the service to the device. In one variant, a user device is activated at a retail store, with the assistance of a carrier representative. In another variant, user equipment is activated via a communications network without the assistance of a representative. In yet another variant, the user equipment is activated via the Internet without the assistance of a representative. The provision of access data includes pre-assigning eSIM from a population of unassigned eSIMs to certain devices for various carrier networks. Alternatively, the eSIM may be assigned on an as-needed basis. Unassigned and/or unused eSIMs can be released (or sold back to the vendor) and/or reused. Solutions for eSIM backup and restoration are also described.

Abstract translation: 用户激活购买或预先部署的设备的方法和装置。 在一个实施例中，激活包括将设备认证给服务提供商或运营商，以及向设备提供启用服务到设备所需的数据。 在一个变型中，在运营商代表的协助下，在零售商店激活用户设备。 在另一个变型中，用户设备通过通信网络被激活，而无需代表的帮助。 在又一变型中，用户设备在没有代表的帮助的情况下通过因特网被激活。 提供访问数据包括从未分配的eSIM群体向各种运营商网络的某些设备预先分配eSIM。 或者，可以根据需要分配eSIM。 未分配的和/或未使用的eSIM可以被释放（或销售给供应商）和/或重复使用。 还描述了eSIM备份和恢复的解决方案。

公开(公告)号：WO2012058099A1

公开(公告)日：2012-05-03

申请号：PCT/US2011/057156

申请日：2011-10-20

Applicant: APPLE INC. ,  SCHELL, Stephan, V. ,  HAGGERTY, David, T.

Inventor： SCHELL, Stephan, V. ,  HAGGERTY, David, T.

IPC: H04W8/20

CPC classification number: H04W8/205

Abstract: Methods and apparatus for managing multiple user access control entities or clients. For example, in one embodiment, a "wallet" of electronic subscriber identity modules (eSIMs) may be stored and used at a user device and/or distributed to other devices for use thereon. In another embodiment, a networked server may store and distribute eSIM to a plurality of user devices in communication therewith. A database of available eSIM is maintained at the wallet entity and/or at the network which enables request for a particular eSIM to be processed and various rules for the distribution thereof to be implemented. Security precautions are implemented to protect both user and network carrier specific data as the data is transmitted between networked entities. Solutions for eSIM backup and restoration are also described.

Abstract translation: 用于管理多个用户访问控制实体或客户端的方法和装置。 例如，在一个实施例中，可以在用户设备处存储和使用电子用户识别模块（eSIM）的“钱包”和/或分发给其他设备以在其上使用。 在另一个实施例中，网络服务器可以将eSIM存储和分发到与其通信的多个用户设备。 可以在电子钱包实体和/或网络上维护可用eSIM的数据库，以使得能够处理特定eSIM的请求并实现其分发的各种规则。 实施安全预防措施以在网络实体之间传输数据时保护用户和网络运营商的特定数据。 还描述了eSIM备份和恢复的解决方案。

公开(公告)号：WO2012058092A1

公开(公告)日：2012-05-03

申请号：PCT/US2011/057081

申请日：2011-10-20

Applicant: APPLE INC. ,  SCHELL, Stephan, V. ,  HAGGERTY, David, T.

Inventor： SCHELL, Stephan, V. ,  HAGGERTY, David, T.

IPC: H04L12/28

CPC classification number: H04W12/06 ,  H04L63/0853 ,  H04L63/0876 ,  H04M15/77 ,  H04M15/771 ,  H04W8/183 ,  H04W8/20 ,  H04W36/14

Abstract: Methods and apparatus that allow a device to migrate wireless service across multiple wireless networks. In one exemplary embodiment, the present invention enables storing and switching between multiple Electronic Subscriber Identity Modules (eSIM), where each eSIM is specific to a different carrier network. By loading the appropriate eSIM, the user device can authenticate itself with the selected carrier, rather than roaming. During roaming operation, the user equipment can load one or more of the previously stored eSIMs. Selection of the eSIM can be done manually by the user or can be driven by the user equipment based on desired context; for example, based on carrier signal strength, cost-effectiveness, etc. Support for multiple radio technologies also allows universal connectivity for wireless devices, even spanning previously incompatible technologies such as GSM (Global Standard for Mobile Communications), CDMA (Code Division Multiple Access), etc.

Abstract translation: 允许设备跨多个无线网络迁移无线服务的方法和装置。 在一个示例性实施例中，本发明能够在多个电子订户身份模块（eSIM）之间存储和切换，其中每个eSIM特定于不同的运营商网络。 通过加载适当的eSIM，用户设备可以使用选定的运营商进行身份验证，而不是漫游。 在漫游操作期间，用户设备可以加载一个或多个先前存储的eSIM。 eSIM的选择可以由用户手动完成，也可以由用户设备根据需要进行驱动; 例如，基于载波信号强度，成本效益等。对于多个无线电技术的支持也允许无线设备的通用连接，甚至跨越以前不兼容的技术，例如GSM（全球移动通信标准），CDMA（码分多址 ）等

公开(公告)号：WO2011139795A1

公开(公告)日：2011-11-10

申请号：PCT/US2011/034199

申请日：2011-04-27

Applicant: APPLE INC. ,  SCHELL, Stephan, V. ,  NARANG, Mohit ,  CABALLERO, Ruben

Inventor： SCHELL, Stephan, V. ,  NARANG, Mohit ,  CABALLERO, Ruben

IPC: H04L29/06 ,  H04W12/04 ,  H04W8/20

CPC classification number: H04W12/06 ,  H04B1/406 ,  H04L63/062 ,  H04L63/0853 ,  H04W4/00 ,  H04W12/04 ,  H04W48/08 ,  H04W48/18 ,  H04W88/06

Abstract: Apparatus and methods for authenticating and granting a client device (e.g., cellular telephone) access to a network. In one embodiment, a network service provider such as a cellular telephone company may distribute user access (e.g., Universal Subscriber Identity Module or "USIM") credentials to a services manager via a USIM vendor. The services manager may maintain a list of authorized users. A user at a client may authenticate to the services manager. Once authenticated, the services manager may provide the user with a set of USIM credentials. When the user desires to use wireless network services, the user equipment may establish a wireless link between the user equipment and the network service provider. During authentication operations, the user equipment may use the USIM credentials to authenticate to the network service provider. Following successful authentication, the network service provider may provide the user equipment with wireless services.

Abstract translation: 用于认证和授予客户端设备（例如，蜂窝电话）接入网络的设备和方法。 在一个实施例中，诸如蜂窝电话公司的网络服务提供商可以经由USIM供应商将用户访问（例如，通用订户身份模块或“USIM”）凭证分发给服务管理器。 服务经理可以维护授权用户的列表。 客户端的用户可以向服务管理器进行身份验证。 一旦经过身份验证，服务管理器可以向用户提供一组USIM凭证。 当用户期望使用无线网络服务时，用户设备可以在用户设备和网络服务提供商之间建立无线链路。 在认证操作期间，用户设备可以使用USIM凭证来向网络服务提供商进行认证。 在成功认证之后，网络服务提供商可以向用户设备提供无线服务。

公开(公告)号：WO2013126217A2

公开(公告)日：2013-08-29

申请号：PCT/US2013/025193

申请日：2013-02-07

Applicant: APPLE INC.

Inventor： HAUCK, Jerrold, Von ,  LI, Li ,  SCHELL, Stephan, V.

IPC: H04L29/06

CPC classification number: H04L63/1408 ,  H04W8/205 ,  H04W12/12

Abstract: Methods and apparatus for detecting fraudulent device operation. In one exemplary embodiment of the present disclosure, a device is issued a user access control client that is uniquely associated with a shared secret that is securely stored within the network and the access control client. Subsequent efforts to activate or deactivate the access control client require verification of the shared secret. Each change in state includes a change to the shared secret. Consequently, requests for a change to state which do not have the proper shared secret will be disregarded, and/or flagged as fraudulent.

Abstract translation: 用于检测欺骗性设备操作的方法和设备。 在本公开的一个示例性实施例中，向设备发布用户访问控制客户端，该用户访问控制客户端唯一地与安全地存储在网络和访问控制客户端内的共享秘密相关联。 随后激活或取消激活访问控制客户端的工作需要验证共享密钥。 状态的每次变化都包括对共享密钥的更改。 因此，对没有适当共享密钥的状态进行更改的请求将被忽略，和/或被标记为欺诈。