Adaptive biometric and environmental authentication system
US-2015310444-A1 · Oct 29, 2015 · US
Apparatus and methods for controlled switching of electronic access clients without requiring network access
US2015222635A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2015222635-A1 |
| Application number | US-201514685547-A |
| Country | US |
| Kind code | A1 |
| Filing date | Apr 13, 2015 |
| Priority date | Sep 21, 2012 |
| Publication date | Aug 6, 2015 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Methods and apparatuses for providing controlled switching of electronic access control clients without requiring network access are set forth herein. In one embodiment, a method for swapping of subscriptions and/or profiles for electronic Subscriber Identity Modules (eSIMs) without network supervision that prevents possibly malicious high frequency switching is disclosed. The disclosed embodiments offer reasonable management capabilities for network operators, without compromising the flexibility of eSIM operation.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method for providing controlled switching of access control clients within a mobile device without requiring access to a network, the method comprising: at a security module included in the mobile device: receiving, from a secure element included in the mobile device, a request to swap a first access control client with a second access control client, wherein the first access control client is active and the second access control client is inactive; determining whether at least one module included in the mobile device is operating within pre-defined thresholds; and when the at least one module is operating within the pre-defined thresholds: determining, based on an internal time component that corresponds to the at least one module, whether the request is valid, and when the request is valid: causing the secure element to deactivate the first access control client, and causing the secure element to activate the second access control client. 2 . The method of claim 1 , wherein the at least one module is selected from: the security module and the secure element. 3 . The method of claim 1 , wherein determining whether the at least one module included in the mobile device is operating within the pre-defined thresholds comprises: referencing information provided by at least one sensor included in the mobile device. 4 . The method of claim 3 , wherein the at least one sensor is selected from: one or more temperature sensors, one or more voltage sensors, and one or more operating frequency sensors. 5 . The method of claim 1 , wherein the request is generated based on one or more of: a geographic location of the mobile device and a usage level of the mobile device. 6 . The method of claim 1 , wherein the internal time component is maintained by sampling clock ticks produced by a clock that corresponds to the at least one module. 7 . The method of claim 1 , further comprising, prior to receiving the request: establishing the pre-defined thresholds in accordance with hardware characteristics of the at least one module. 8 . The method of claim 1 , further comprising, when the at least one module is not operating within the pre-defined thresholds, or when the request is not valid: causing the secure element to ignore the request. 9 . A method for providing controlled switching of access control clients within a mobile device without requiring access to a network, the method comprising: at a secure element included in the mobile device: receiving a request to swap a first access control client with a second access control client, wherein the first access control client is active and the second access control client is inactive; determining whether the secure element is operating within pre-defined thresholds; and when the secure element is operating within the pre-defined thresholds: determining, based on an internal time component that corresponds to the secure element, whether the request is valid, and when the request is valid: deactivating the first access control client, and activating the second access control client. 10 . The method of claim 9 , wherein determining whether the secure element is operating within the pre-defined thresholds comprises: referencing information provided by at least one sensor included in the mobile device. 11 . The method of claim 10 , wherein the at least one sensor is selected from: one or more temperature sensors, one or more voltage sensors, and one or more operating frequency sensors that monitor the operation of the secure element. 12 . The method of claim 9 , wherein the request is generated based on one or more of: a geographic location of the mobile device and a usage level of the mobile device. 13 . The method of claim 9 , wherein the internal time component is maintained by sampling clock ticks produced by a clock that corresponds to the secure element. 14 . The method of claim 9 , further comprising, prior to receiving the request: establishing the pre-defined thresholds in accordance with hardware characteristics of the secure element. 15 . The method of claim 9 , further comprising, subsequent to deactivating the first access control client and activating the second access control client: receiving a second request to swap the second access control client with a third access control client, wherein the second access control client enables the mobile device to consume voice services and data services, and the third access control client enables the mobile device only to consume emergency services, and in response to the second request: deactivating the second access control client, and activating the third access control client. 16 . A mobile device configured to control switching of access control clients without requiring access to a network, the mobile device comprising: a secure element configured to manage at least a first access control client and a second access control client; and a security module configured to carry out steps that include: receiving, from the secure element, a request to swap the first access control client with the second access control client, wherein the first access control client is active and the second access control client is inactive; determining whether at least one module included in the mobile device is operating within pre-defined thresholds; and when the at least one module is operating within the pre-defined thresholds: determining, based on an internal time component that corresponds to the at least one module, whether the request is valid, and when the request is valid: causing the secure element to deactivate the first access control client, and causing the secure element to activate the second access control client. 17 . The mobile device of claim 16 , wherein the at least one module is selected from: the security module and the secure element. 18 . The mobile device of claim 16 , wherein determining whether the at least one module included in the mobile device is operating within the pre-defined thresholds comprises: referencing information provided by at least one sensor included in the mobile device. 19 . The mobile device of claim 16 , wherein the internal time component is maintained by sampling clock ticks produced by a clock that corresponds to the at least one module. 20 . The mobile device of claim 16 , wherein, when the at least one module is not operating within the pre-defined thresholds, or when the request is not valid, the steps further include: causing the secure element to ignore the request.
Assignees
Inventors
Classifications
Access security · CPC title
- H04B1/3816Primary
Mechanical arrangements for accommodating identification devices, e.g. cards or chips; with connectors for programming identification devices · CPC title
- H04L63/10Primary
for controlling access to devices or network resources · CPC title
- H04W12/30Primary
Security of mobile devices; Security of mobile applications · CPC title
Location-dependent; Proximity-dependent · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2015222635A1 cover?
- Methods and apparatuses for providing controlled switching of electronic access control clients without requiring network access are set forth herein. In one embodiment, a method for swapping of subscriptions and/or profiles for electronic Subscriber Identity Modules (eSIMs) without network supervision that prevents possibly malicious high frequency switching is disclosed. The disclosed embodim…
- Who is the assignee on this patent?
- Apple Inc
- What technology area does this patent fall under?
- Primary CPC classification H04B1/3816. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Aug 06 2015 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 1 related publication on this page (citations in our corpus or others sharing the same primary CPC).