Postponed carrier configuration
US-2016366585-A1 · Dec 15, 2016 · US
Methods and apparatus for providing management capabilities for access control clients
US10271213B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10271213-B2 |
| Application number | US-201213464677-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 4, 2012 |
| Priority date | May 6, 2011 |
| Publication date | Apr 23, 2019 |
| Grant date | Apr 23, 2019 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and apparatus for managing access control clients (e.g., electronic Subscriber Identity Modules (eSIMs)). In one embodiment, secure elements (e.g., electronic Universal Integrated Circuit Cards (eUICCs)) and management entities of secure elements are associated with credentials. Post-deployment managerial operations can be executed, by transmitting the requested operation with the appropriate credentials. For example, a device can receive secure software updates to electronic Subscriber Identity Modules (eSIMs), with properly credentialed network entities.
First claim
Opening claim text (preview).
What is claimed is: 1. A wireless apparatus, comprising: a wireless interface; and a secure element comprising: a secure processor, and a software platform comprising a plurality of credentials, wherein: i) an access control client (ACC) is present on the secure element, ii) the plurality of credentials are each associated with corresponding functional capabilities, and iii) the plurality of credentials comprises a profile policy credential for the ACC and enabling alteration of a profile policy for the ACC related to a network carrier lock for the ACC, wherein the secure processor is configured to: evaluate, based on the plurality of credentials, a first credential received by the wireless apparatus in a request, and when the evaluation indicates that an activity is authorized: perform the activity with respect to the ACC on the secure element. 2. The wireless apparatus of claim 1 , wherein the ACC is an electronic Subscriber Identity Module (eSIM). 3. The wireless apparatus of claim 1 , wherein the plurality of credentials comprises a software platform credential enabling acceptance of a software component. 4. The wireless apparatus of claim 3 , wherein the secure processor is configured to perform the activity by installing, in the ACC on the secure element, the software component. 5. The wireless apparatus of claim 4 , wherein the software component comprises executable software. 6. The wireless apparatus of claim 1 , wherein the plurality of credentials comprises a device manufacturer credential. 7. The wireless apparatus of claim 6 , wherein the secure processor is configured to perform the activity by adding or deleting secure element firmware that is non-specific to any particular ACC that is present on the secure element. 8. The wireless apparatus of claim 1 , wherein the plurality of credentials comprises an electronic subscriber identity module (eSIM) profile manager credential. 9. The wireless apparatus of claim 8 , wherein the secure processor is configured to perform the activity by deleting the ACC from the secure element. 10. The wireless apparatus of claim 1 , wherein the plurality of credentials comprises an electronic subscriber identity module (eSIM) profile manufacturer credential. 11. The wireless apparatus of claim 10 , wherein the secure processor is configured to perform the activity by modifying the ACC on the secure element. 12. A secure element, comprising: a secure processor; and a software platform comprising a plurality of credentials, wherein: i) an access control client (ACC) is present on the secure element, ii) the plurality of credentials are each associated with corresponding functional capabilities, and iii) the plurality of credentials comprises a profile policy credential for the ACC and enabling alteration of a profile policy for the ACC related to a network carrier lock for the ACC, wherein the secure processor is configured to: evaluate, based on the plurality of credentials, a first credential received by a wireless apparatus in a request, wherein the secure element is housed in the wireless apparatus, and when the evaluation indicates that an activity is authorized: perform the activity with respect to the ACC on the secure element. 13. The secure element of claim 12 , wherein the plurality of credentials comprises an electronic subscriber identity module (eSIM) profile manager credential. 14. The secure element of claim 12 , wherein the secure processor is configured to alter the network carrier lock for the ACC by locking the ACC on the secure element to a specific network carrier. 15. The secure element of claim 12 , wherein the plurality of credentials comprises a software platform credential enabling acceptance of a software component. 16. The secure element of claim 12 , wherein the secure processor is configured to alter the network carrier lock for the ACC by unlocking the ACC on the secure element from a network carrier. 17. The secure element of claim 12 , wherein the secure processor is configured to perform the activity by changing the ACC on the secure element to a different user account. 18. A method, comprising: by a secure element comprising a software platform: when evaluating a first credential indicates that an activity is authorized, wherein the evaluating is based on a plurality of credentials, and wherein: i) the first credential is received by a wireless apparatus hosting the secure element, ii) the plurality of credentials are each associated with corresponding functional capabilities, iii) the software platform comprises the plurality of credentials, and iv) the plurality of credentials comprises a profile policy credential for an access control client (ACC) that is present on the secure element and enabling alteration of the profile policy for the ACC related to a network carrier lock for the ACC: performing the activity with respect to the ACC on the secure element. 19. The method of claim 18 , wherein the plurality of credentials comprises a software platform credential enabling acceptance of a software component. 20. The method of claim 19 , wherein: i) the performing the activity comprises installing, in the ACC on the secure element, the software component, and ii) the software component comprises executable software.
Assignees
Inventors
Classifications
Access rights, e.g. capability lists, access control lists, access tables, access matrices · CPC title
using certificates (cryptographic mechanisms or cryptographic arrangements for entity authentication involving certificates H04L9/3263) · CPC title
Terminal devices · CPC title
in smart cards · CPC title
involving the use of external additional devices, e.g. dongles or smart cards · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10271213B2 cover?
- Methods and apparatus for managing access control clients (e.g., electronic Subscriber Identity Modules (eSIMs)). In one embodiment, secure elements (e.g., electronic Universal Integrated Circuit Cards (eUICCs)) and management entities of secure elements are associated with credentials. Post-deployment managerial operations can be executed, by transmitting the requested operation with the appro…
- Who is the assignee on this patent?
- Haggerty David T, Von Hauck Jerrold, Mclaughlin Kevin, and 2 more
- What technology area does this patent fall under?
- Primary CPC classification H04W12/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Apr 23 2019 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).