Technique for managing profile in communication system
US-2018123803-A1 · May 3, 2018 · US
Method for installing subscription profile, terminal, and server
US10667123B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-10667123-B2 |
| Application number | US-201616463206-A |
| Country | US |
| Kind code | B2 |
| Filing date | Nov 22, 2016 |
| Priority date | Nov 22, 2016 |
| Publication date | May 26, 2020 |
| Grant date | May 26, 2020 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Embodiments include a method for installing a subscription profile, a terminal, and a server. The method includes obtaining, by a local profile assistant (LPA) in the terminal, metadata of a subscription profile, determining, based on an authorization file, whether use of each policy rule included in the metadata is allowed. The method further includes obtaining, by the LPA, the subscription profile when the use of each policy rule included in the metadata is allowed. The method further includes sending the subscription profile to an embedded universal integrated circuit card (eUICC) in the terminal. The method further includes determining, by the eUICC based on the authorization file, whether use of the subscription profile is allowed. The method further includes installing, by the eUICC, the subscription profile when the use of the subscription profile is allowed.
First claim
Opening claim text (preview).
What is claimed is: 1. A method for installing a subscription profile, the method comprising: obtaining, by a local profile assistant (LPA) in a terminal, metadata of a subscription profile, wherein the metadata comprises at least one first policy rule; determining, by the LPA based on an authorization file, whether each of the first policy rules is allowed to determine whether the first policy rule includes one or more allowed policy rules, wherein the authorization file comprises: an identifier of one or more first policy rules; forbidden-region information corresponding to each of the first policy rules; a management indicator of each of the first policy rules; user authorization information of each of the first policy rules; and applicable-operator information of each of the first policy rules, wherein determining whether the first policy rule includes one or more allowed policy rules further comprises: determining for each of the first policy rules whether the authorization file comprises an identifier of the first policy rule; forbidding use of policy rules for which the authorization file does not comprise the identifier; determining whether region information of an operator corresponding to the subscription profile belongs to forbidden-region information corresponding to each first policy rule; allowing use of first policy rules whose forbidden-region information does not correspond to the region information of the operator corresponding to the subscription profile; forbidding use of first policy rules whose forbidden-region information corresponds to the region information of the operator corresponding to the subscription profile; determining whether, for each first policy rule, the applicable-operator information corresponds to an operator allowed to use a corresponding policy rule; allowing use of each first policy rule whose applicable-operator information corresponds to an operator allowed to use a corresponding policy rule; forbidding use of the first policy rules whose applicable-operator information does not correspond to an operator allowed to use a corresponding policy rule; determining whether the user authorization information corresponding to each first policy rule indicates that setting first policy rule requires user consent; allowing use of a fourth policy rule whose corresponding user authorization information indicates that the setting of the fourth policy rule does not require user consent; allowing use of a fifth policy rule, after a user consents to the setting of a fifth policy rule whose corresponding user authorization information indicates that the setting of the fifth policy rule requires user consent; obtaining, by the LPA, the subscription profile of the allowed policy rules when the first policy rule includes allowed policy rules; sending, by the LPA, the subscription profile to an embedded universal integrated circuit card (eUICC) in the terminal; determining, by the eUICC based on the authorization file, whether use of the subscription profile is allowed; and installing, by the eUICC, the subscription profile when the use of the subscription profile is allowed. 2. The method of claim 1 , wherein after obtaining the subscription profile, the method further comprises: determining, by the LPA, a policy rule requiring user authorization in the subscription profile, wherein the policy rule requiring the user authorization is set when user consent is obtained; and sending, by the LPA, the subscription profile to the eUICC when a user consents to setting of the policy rule requiring the user authorization. 3. The method of claim 1 , further comprising: obtaining, by the LPA, the authorization file; sending, by the LPA, the authorization file to the eUICC; storing, by the eUICC, the authorization file when the eUICC does not comprise a local authorization file; and updating, by the eUICC, the local authorization file based on the authorization file when the eUICC comprises the local authorization file. 4. The method of claim 3 , wherein updating the local authorization file comprises adding, by the eUICC for each second policy rule of the first policy rules whose corresponding management indicator is addition, the second policy rule, the user authorization information of the second policy rule, the applicable-operator information of the at least one second policy rule, and the forbidden-region information of the second policy rule to the local authorization file. 5. The method of claim 3 , wherein updating the local authorization file comprises, when the management indicator of at least one third policy rule of the first policy rules is removal: deleting, by the eUICC for each third policy rule, the third policy rule, the user authorization information of the third policy rule, the applicable-operator information of the third policy rule, and the forbidden-region information of the third policy rule from the local authorization file, wherein user authorization information of the third policy rule is the user authorization information of the third policy rule, and wherein applicable-operator information of the third policy rule is the applicable-operator information of the third policy rule, and forbidden-region information of the third policy rule is the forbidden-region information of the third policy rule; deleting, by the eUICC for each of the third policy rule, the applicable-operator information of the third policy rule in the local authorization file, wherein the applicable-operator information of the third policy rule comprises the applicable-operator information of the third policy rule and other operator information, and wherein the user authorization information of the third policy rule comprises the user authorization information of the third policy rule, and the forbidden-region information of the third policy rule comprises the forbidden-region information of the third policy rule; deleting, by the eUICC for each third policy rule, the user authorization information of the third policy rule in the local authorization file, wherein the user authorization information of the third policy rule comprises the user authorization information of the third policy rule and other user authorization information, wherein the applicable-operator information of the third policy rule comprises the applicable-operator information of the third policy rule, and wherein the forbidden-region information of the third policy rule comprises the forbidden-region information of the third policy rule; and deleting, by the eUICC, the forbidden-region information of the third policy rule in the local authorization file, wherein the forbidden-region information of the third policy rule comprises the forbidden-region information of the third policy rule and other forbidden-region information, wherein the applicable-operator information of the third policy rule comprises the applicable-operator information of the third policy rule, and wherein the user authorization information of the third policy rule comprises the user authorization information of the third policy rule. 6. The method of claim 3 , wherein obtaining the authorization file comprises: performing, by the eUICC, authentication with a first subscription management server to enable the first subscription management server to determine the authorization file and to deliver the authorization file to the LPA; and receiving, by the LPA, the authorization file from the first subscription management server. 7. The method of claim 6 , further comprising: receiving, by the LPA, signature information and a first identifier associated with the authorization file from the first subscription management server, wherein the signature information is based on the first identifie
Assignees
Inventors
Classifications
- H04W12/08Primary
Access security · CPC title
Processing at user equipment or user record carrier · CPC title
Transfer to or from user equipment or user record carrier · CPC title
- H04W8/20Primary
Transfer of user or subscriber data · CPC title
Managing security policies for mobile devices or for controlling mobile applications · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US10667123B2 cover?
- Embodiments include a method for installing a subscription profile, a terminal, and a server. The method includes obtaining, by a local profile assistant (LPA) in the terminal, metadata of a subscription profile, determining, based on an authorization file, whether use of each policy rule included in the metadata is allowed. The method further includes obtaining, by the LPA, the subscription pr…
- Who is the assignee on this patent?
- Huawei Tech Co Ltd
- What technology area does this patent fall under?
- Primary CPC classification H04W12/08. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 26 2020 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).