On December 27, 2012, the US Patent & Trademark Office published a major patent application from Apple that reveals more of their total SIM solution that may have played a role in The European Telecommunications Standards Institute (ETSI) choosing their design back in June.
Apple's Patent Background
Access control is required for secure communication in most prior art wireless radio communication systems. As an example, one simple access control scheme might comprise: (i) verifying the identity of a communicating party, and (ii) granting a level of access commensurate with the verified identity. Within the context of an exemplary cellular system (e.g., Universal Mobile Telecommunications System (UMTS)), access control is governed by an access control client, referred to as a Universal Subscriber Identity Module (USIM) executing on a physical Universal Integrated Circuit Card (MCC). The USIM access control client authenticates the subscriber to the UMTS cellular network. After successful authentication, the subscriber is allowed access to the cellular network. As used hereinafter, the term "access control client" refers generally to a logical entity, either embodied within hardware or software, suited for controlling access of a first device to a network. Common examples of access control clients include the aforementioned USIM, CDMA Subscriber Identification Modules (CSIM), IP Multimedia Services Identity Module (ISIM), Subscriber Identity Modules (SIM), Removable User Identity Modules (RUIM), etc.
Traditionally, the USIM (or more generally "SIM") performs the well-known Authentication and Key Agreement (AKA) procedure, which verifies and decrypts the applicable data and programs to ensure secure initialization. Specifically, the USIM must both (i) successfully answer a remote challenge to prove its identity to the network operator, and (ii) issue a challenge to verify the identity of the network.
While traditional SIM solutions are embodied within a removable Integrated Circuit Card (ICC) (also referred to as a "SIM card"), incipient research is directed to virtualizing SIM operation within a software client executing within the mobile device. Virtualized SIM operation could reduce device size, increase device functionality, and provide greater flexibility.
Unfortunately, virtualized SIM operations also present multiple new challenges for inter alia network operators and device manufacturers.
Apple's eSIM Solution
Apple's invention addresses the foregoing needs by providing, inter alia, apparatus and methods for efficiently distributing access control clients within a network.
In one aspect of the present invention, a network for distributing access control clients is disclosed. In one embodiment, the network includes: one or more electronic Subscriber Identity Module (eSIM) appliances, one or more secure eSIM storages configured to store the one or more eSIMs and associated eSIM metadata, the one or more secure eSIM storages coupled to the one or more eSIM appliances; one or more eSIM managers, wherein each of the eSIM managers is configured to track, verify, and authorize the one or more eSIMs; one or more eUICC appliances, wherein each of the eUICC appliances is configured to protect one or more cryptographic materials transmitted to one or more device eUICCs; one or more eUICC managers, wherein each of the eUICC managers is configured to track, verify, and authorize the one or more device eUICCs; and one or more depots, each depot comprising: an eSIM inventory manager configured to distribute network traffic among the one or more eSIM managers; a system directory service configured to distribute address information for at one or more eSIM managers; and a pending eSIM storage configured to store eSIMs for delivery to the one or more device eUICCs.
In a second aspect of Apple's invention, a method for distributing access control clients is disclosed. In one exemplary embodiment, the method includes: protecting the contents of one or more access control clients according to a first standard trusted relationship; controlling a number of copies of the access control client according to a second standard trusted relationship; and distributing the access control client to users for use according to a third trusted relationship.
Apparatus: Example Architecture
Apple provides an overview of an exemplary system in patent FIG. 3; the system 300 includes one or more: (i) eSIM appliances, (ii) secure eSIM storages, (iii) eSIM managers, (iv) eUICC appliances, (v) eUICC managers, (vi) service provider consoles, (vii) account managers, (viii) Mobile Network Operator (MNO) systems, (ix) eUICCs that are local to one or more devices, and (x) depots.
Moreover, in one embodiment, each depot further includes one or more: (xi) eSIM inventory managers, (xii) system directory services, (xiii) communications managers, and (xiv) pending eSIM storages.
What the Patent Application Covers
Apple's invention covers Electronic Subscriber Identity Module (eSIM) Operation; eUICC Appliance; eSIM Appliance; Secure eSIM Storage; eSIM Manager; eUICC Manager; Mobile Network Operator (MNO) System, Service Provider; Account Manager; Device eUICC; eSIM Inventory Manager; System Directory Service; Communications Manager; Pending eSIM Storage; Exemplary Use Cases; Use Case Scenario--Bulk Transfers; Use Case Scenario--Account Creation; Use Case Scenario, Account Termination; and Use Case Scenario--Miscellaneous Transactions.
Apple credits Kevin McLaughlin, Jerrold Von Hauck, Arun Mathias and Apple's Senior Manager, iPhone Systems David Haggerty as the inventors of this patent which was originally filed in Q2 2012. The patent was filed under the names of Apple's engineers and senior manager. Apple doesn't have to be shown as the assignee until the patent is granted. Apple does this at times in the hopes that the patent application will go unnoticed through the patent system during this initial phase. This is a deeply detailed patent. To review this invention, see patent application 20120331292.
Apple was granted another aspect of their SIM solution on December 25, 2012.
NOTICE: Patently Apple presents a detailed summary of patent applications with associated graphics for journalistic news purposes as each such patent application is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent application should be read in its entirety for full and accurate details. Revelations found in patent applications shouldn't be interpreted as rumor or fast-tracked according to rumor timetables. About Comments: Patently Apple reserves the right to post, dismiss or edit comments.