APPLIANCES AND METHODS FOR STORAGE OF ELECTRONIC ACCESS CLIENTS

专利摘要:
devices and methods for storing electronic access clients. The present invention relates to apparatus and methods for storing and controlling clients with access control. in one embodiment, transmit and receive devices ensure that only one copy of an esim is active at any given time. specifically, each transferred sim is encrypted to the target device; the source device's esim is deleted, disabled, or otherwise rendered unusable. various aspects of the network infrastructure are also described, including electronic universal integrated circuit card (euicc) appliances and mobile devices. various scenarios for transferring esims are also revealed.
公开号:BR102012007970B1
申请号:R102012007970-4
申请日:2012-04-05
公开日:2022-01-11
发明作者:David T. Haggerty；Jerrold Von Hauck；Kevin McLaughlin
申请人:Apple Inc；
IPC主号:

专利说明:

[0001] This application claims priority for US Patent Application No. 13/093,722, filed April 25, 2011 entitled "APPARATUS AND METHODS FOR STORING ELECTRONIC ACCESS CLIENTS", which claims priority for the Provisional Patent Application US No. 61/472,109, filed April 5, 2011 and titled "APPARATUS AND METHODS FOR STORING ELECTRONIC ACCESS CLIENTS", each of the foregoing being incorporated herein by reference in their entirety.
[0002] That application is also related to U.S. Patent Application Nos. Serial 13/080,558, filed on April 5, 2011 and entitled "APPARATUS AND METHODS FOR CONTROLLING DISTRIBUTION OF ELECTRONIC ACCESS CLIENTS"; 12/952,082, filed on November 22, 2010 and entitled "WIRELESS NETWORK AUTHENTICATION APPARATUS AND METHODS"; 12/952,089, filed on November 22, 2010 and entitled "APPARATUS AND METHODS FOR PROVISIONING SUBSCRIBER IDENTITY DATA IN A WIRELESS NETWORK"; 12/980,232, filed on December 28, 2010 and titled "VIRTUAL SUBSCRIBER IDENTITY MODULE DISTRIBUTION SYSTEM" and 12/353,227, filed on January 13, 2009 and titled "POSTPONED CARRIER CONFIGURATION" and U.S. Interim Patent Applications Nos. of Serial 61/472,115, filed on April 5, 2011 and titled "APPARATUS AND METHODS FOR DISTRIBUTING AND STORING ELECTRONIC ACCESS CLIENTS" (now US Patent Application Serial No. 13/095,716, filed on April 27, 2011, same title); 61/407,858, filed October 28, 2010 and titled "METHODS AND APPARATUS FOR ACCESS CONTROL CLIENT ASSISTED ROAMING" (now US Patent Application Serial No. 13/109,851, filed May 17, 2011, of the same title) ; 61/407,861, filed October 28, 2010 and titled "MANAGEMENT SYSTEMS FOR MULTIPLE ACCESS CONTROL ENTITIES" (now US Patent Application Serial No. 13/079,614, filed April 4, 2011, of the same title"); 61/407,862, filed October 28, 2010 and titled "METHODS E APPARATUS FOR DELIVERING ELECTRONIC IDENTIFICATION COMPONENTS OVER A WIRELESS NETWORK" (now US Patent Application Serial No. 13/111,801, filed May 19, 2011, same title); 61/407,866, filed October 28, 2010 and titled "METHODS E APPARATUS FOR STORAGE AND EXECUTION OF ACCESS CONTROL CLIENTS" (now US Patent Application Serial No. 13/080,521, filed April 5, 2011, of the same title); 61/408,504, filed October 29, 2010 and titled "ACCESS DATA PROVISIONING SERVICE" (now US Patent Application Serial No. 13/078,811, filed April 1, 2011 and titled " ACCESS DATA PROVISIONING APPARATUS AND METHODS"); 61/409,891, after issued November 3, 2010 and titled "METHODS AND APPARATUS FOR ACCESS DATA RECOVERY FROM A MALFUNCTIONING DEVICE" (now U.S. Patent Application Serial No. 13/287,874, filed November 2, 2011, of the same title); 61/410,298, filed November 4, 2010 and titled "SIMULACRUM OF PHYSICAL SECURITY DEVICE AND METHODS" (now US Patent Application Serial No. 13/080,533, filed April 5, 2011, of the same title) and 61 /413,317, filed November 12, 2010 and titled "APPARATUS AND METHODS FOR RECORDATION OF DEVICE HISTORY ACROSS MULTIPLE SOFTWARE EMULATION" (now US Patent Application Serial No. 13/294,631, filed November 11, 2011, of the same title), each of the foregoing being incorporated herein by reference in their entirety. Background of the Invention 1. Field of Invention
[0003] The present invention generally relates to the field of communications systems and more particularly in an exemplary aspect to the storage and distribution of access control clients to devices. 2. Description of Related Technology
[0004] Access control is required for secure communication in most prior art wireless radio communication systems. As an example, a simple access control scheme would comprise: (i) verifying the identity of a communication party and (ii) granting a level of access commensurate with the verified identity. Within the context of an exemplary cellular system (e.g. Universal Mobile Telecommunications System (UMTS)), access control is governed by an access control client, referred to as a Universal Subscriber Identity Module (USIM) running on a physical Universal Integrated Circuit Card (UICC). The USIM access control client authenticates the subscriber to the UMTS cellular network. After successful authentication, the subscriber gains access to the cellular network. As used before, the term "access control client" generally refers to a logical entity, embedded within hardware or software, suitable for controlling a first device's access to a network. Common examples of access control clients include USIM, CDMA Subscriber Identity Modules (CSIM), IP Multimedia Services Identity Module (ISIM), Subscriber Identity Modules (SIM), Removable User Identity Modules ( BAD), etc.
[0005] Traditionally, USIM (or, more generally, "SIM") performs the well-known authentication and key consent (AKA) procedure, which verifies and decrypts applicable data and programs to ensure secure boot. Specifically, USIM must both (i) successfully respond to a remote challenge to prove its identity to the network operator and (ii) issue a challenge to verify the identity of the network.
[0006] Although traditional SIM solutions are embedded within a removable integrated circuit (ICC) card (also called a "SIM card"), incipient research by the proxy for this is directed at virtualizing the SIM operation within a customer of software running inside the mobile device. Virtualized SIM operation can reduce device size, increase device functionality and provide greater flexibility.
[0007] Unfortunately, virtualized SIM operation also presents multiple new challenges for network operators and device manufacturers. For example, traditional SIM cards are manufactured and guaranteed by a trusted SIM provider. These traditional SIM cards run a single secure software version that has been permanently "burned" into the SIM card. Once burned, the card cannot be counterfeited (without also destroying the SIM card).
[0008] In contrast, mobile devices are manufactured by a wide range of device manufacturers, and may run software provided by multiple software vendors or even unknown third parties. Additionally, mobile devices are often "fixed" with software, which can either fix existing bugs or introduce new ones. Any software is susceptible to corruption, sabotage and/or abuse. What's more, although physical SIM cards are very difficult to copy, the software can be easily copied, multiplied, etc. Since each SIM represents a contractor for a certain amount of access to finite network resources, illicit use of a virtualized SIM can greatly impact network operation and user experience.
[0009] Thus, new solutions are needed to provide protections and properties for virtualized SIMs that are generally analogous to those of traditional "hard" SIMs. More generally, improved solutions are needed to store and distribute virtualized access control clients. Ideally, such solutions should provide the benefits of traditional access control client operation, with the added capabilities of virtualized operation. Summary of the Invention
[00010] The present invention addresses the foregoing needs by providing, among others, apparatus and methods for storing and distributing access control clients to devices.
[00011] In one aspect of the present invention, an apparatus for storing one or more access data elements is disclosed. In one embodiment, the secure apparatus includes a secure element adapted to store a plurality of user access data elements, each user access data element encrypted to the secure element. The secure apparatus further includes a processor and a storage device in data communication with the processor, the storage device including instructions executable by the computer which are configured to, when executed by the processor: receive a request for one or more data elements from access from a peer device; check the peer device; decrypt the one or more requested access data elements; re-encrypting the one or more decrypted access data elements to the peer device and transferring the one or more re-encrypting data elements to the verified peer device, the transfer causing the one or more access data elements to be removed from the secure element .
[00012] In a variation, the user access data element is an electronic Subscriber Identity Module (eSIM).
[00013] In a second variation, verification includes checking a certificate associated with the peer device, and generating a challenge response.
[00014] In a third variation, computer-executable instructions additionally include instructions that are configured to, when executed by the processor, negotiate a transfer protocol. In one example, the re-encryption of one or more decrypted access data elements is based at least in part on the transfer protocol. In another example, the transfer protocol includes one or more communication establishment signal elements. In yet another such example, the negotiated transfer protocol includes identifying a transfer protocol supported by the apparatus and the peer device.
[00015] In a fourth variation, the device includes a Hardware Security Module (HSM).
[00016] In a fifth variation, the device is personified within a mobile phone.
[00017] In yet a sixth variation, the device is personified within a physical card form factor.
[00018] In another embodiment, the apparatus includes a secure element adapted to store a plurality of user access data elements, each user access data element encrypted to the secure element. The apparatus further includes a processor and a storage device in data communication with the processor, the storage device including instructions executable by the computer which are configured to, when executed by the processor: request one or more access data elements from a device verified pair; receiving the one or more requested access data elements from the verified peer device; verify that the one or more requested access data elements are encrypted to the secure element; storing the one or more encrypted access data elements within the secure element and decrypting the one or more encrypted access data elements during the authentication protocol.
[00019] In a variation, the user access data element is an electronic Subscriber Identity Module (eSIM).
[00020] In a second variation, the device is personified within a mobile phone.
[00021] In a third variation, the handset is personified within a physical card form factor, for use within the mobile phone.
[00022] In a fourth variation, verification includes checking a digital certificate issued by a trusted certificate authority.
[00023] In a fifth variation, verification includes the completion of a cryptographic challenge and response exchange.
[00024] In a sixth variation, the peer device includes a SIM Provisioning Service (SPS).
[00025] In a seventh variation, the peer device includes an eUICC appliance.
[00026] In an eighth variation, the peer device includes a desktop computer in operative communication with a mobile application memory.
[00027] In a third aspect of the present invention, a method for transferring one or more access data elements is disclosed. In one embodiment, the one or more access data elements have a unique identifier associated therewith, and the method includes: complying with a transfer protocol between a device and a peer device; receiving the one or more elements of the access data from the secure pair device; verify the one or more elements of transferred access data, the one or more elements of access data and unique identifier being encrypted for the device and store the one or more elements of transferred access data.
[00028] In a first variation, the user access data element includes an electronic Subscriber Identity Module (eSIM).
[00029] In a second variation, the unique identifier of the one or more transferred access data elements is determined by the device.
[00030] In a third variation, the unique identifier of the one or more transferred access data elements is provided to the peer device.
[00031] In a fourth variation, the method additionally includes notifying the peer device of successful reception of the one or more access data elements.
[00032] In a fifth variation, the unique identifier of the one or more transferred access data elements is provided to the peer device.
[00033] In a fourth aspect of the invention, a computer readable apparatus is disclosed. In one embodiment, the apparatus includes a storage medium with at least one computer program disposed thereon, which is configured to, when executed: transfer one or more elements of access data by at least: complying with a transfer protocol with a peer device and receive the one or more access data elements from the peer device.
[00034] Additional features of the present invention, its nature and various advantages will become more apparent from the accompanying drawings and the following detailed description. Brief Description of Drawings
[00035] Figure 1 graphically illustrates an exemplary authentication and key consent (AKA) procedure using a prior art USIM.
[00036] Figure 2 is a block diagram of an exemplary network architecture useful for deploying access control clients.
[00037] Figure 3 is a logic flow diagram illustrating one embodiment of a generalized method for transferring access control clients to devices in accordance with the present invention.
[00038] Figure 4 is a block diagram illustrating an embodiment of an eUICC appliance adapted to store one or more access control clients, in accordance with the present invention.
[00039] Figure 5 is a block diagram illustrating an embodiment of a mobile device adapted to store and use one or more access control clients, in accordance with the present invention.
[00040] All figures © Copyright 2011 Apple Inc. All rights reserved. Detailed Description of the Invention
[00041] Reference is now made to drawings in which like numbers refer to like parts throughout. Overview
[00042] The present invention provides, among other things, methods and apparatus for storing and distributing access control clients to devices, such as, for example, mobile devices or "smartphones". In a first aspect of the invention, the devices used to transfer access control clients (eg eSIMs) enforce client impairment and retention, ensuring that the transfer is only performed with a trusted device. In one embodiment, an eUICC appliance is disclosed, which is implemented within a hardware security module (HSM). Each HSM can store a large number of eSIMs to facilitate their storage and distribution, such as for retail services. The described eUICC appliances first verify that their peer eUICC appliances are operating according to a trusted and consented protocol. If both eUICC appliances agree, then when the source eUICC appliance transfers its eSIM, it will delete the eSIM (or somehow inactivate its own eSIM). The target eUICC appliance will only keep the eSIM active.
[00043] In a second aspect of the invention, when an access control client is moved from one device to another, the receiving device issues a challenge or unique identifier. In one embodiment, the sending device encrypts the access control client using the receiving device's public key and adds a unique identifier or challenge, the combination of the encrypted access control client and unique identifier or challenge is further signed. After transmission, the sending device deletes its access control client. The receiving device verifies the encrypted access control client, and the unique identifier; if valid, then the encrypted access control client and unique identifier are stored for future use.
[00044] In the exemplary configuration, access control clients are only transferred between devices that conform to a default trust relationship. In this way, as long as both devices are operating according to a consented protocol, the access control client can remain unique and maintained throughout the transfer. Furthermore, by ensuring that the access control client is encrypted only for the target device and deleted from the current device, malicious intermediaries cannot subvert or thwart the transfer process.
[00045] Several other scenarios for transferring access control clients are also described in more detail here. Detailed description of exemplary modalities
[00046] Exemplary embodiments and aspects of the present invention are now described in detail. While these modalities and aspects are primarily discussed in the context of subscriber identity modules (SIMs) of a GSM, GPRS/EDGE or UMTS cellular network, it will be appreciated by those skilled in the art that the present invention is not, in such a way, limited. . In fact, the various aspects of the invention are useful in any network (whether wireless cellular or otherwise) that can benefit from the storage and distribution of access control clients for devices.
[00047] It will also be acknowledged that although the term "subscriber identity module" is used herein (e.g. eSIM), that term in no way necessarily connotes or requires (i) use by a subscriber itself (i.e. that is, the invention may be practiced by a subscriber or non-subscriber); (ii) the identity of a single individual (i.e., the invention may be practiced on behalf of a group of individuals, such as a family, or intangible or fictitious entity, such as a business) or (iii) any equipment of " tangible module" or hardware. Prior art Subscriber Identity Module (SIM) operation -
[00048] Within the context of the exemplary prior art UMTS cellular network, user equipment (UE) includes a mobile device and a Universal Subscriber Identity Module (USIM). The USIM is a software logical entity that is stored and executed from a physical Universal Integrated Circuit Card (UICC). A variety of information is stored in USIM, such as subscriber information, as well as the keys and algorithms used to authenticate with the network operator in order to obtain wireless network services. In one embodiment, the USIM software is based on the Java Card® programming language. Java Card is a subset of the Java® programming language that has been modified for embedded "card" type devices (such as the aforementioned UICC). Other implementations may include so-called "native" software implementations and/or implementations that are proprietary, etc.
[00049] Generally, UICCs are programmed with a USIM prior to distribution to the subscriber; pre-programming or "customization" is specific to each network operator. For example, prior to disposition, the USIM is associated with an International Mobile Subscriber Identifier (IMSI), a unique Integrated Circuit Card Identifier (ICC-ID) and a specific authentication key (K). The network operator stores the association in a record contained in the network authentication center (AuC). After customization, the UICC can be distributed to subscribers.
[00050] Referring now to Figure 1, an exemplary authentication and key consent (AKA) procedure using the aforementioned prior art USIM is illustrated in detail. During normal authentication procedures, the UE acquires the International Mobile Subscriber Identifier (IMSI) from the USIM. The UE passes the IMSI to the network operator's service network (SN) or to the visited core network. The SN sends the authentication request to the Residential Network AuC (HN). The HN compares the received IMSI with the AuC record and obtains the appropriate K. The HN generates a random number (RAND) and signs it with the K using an algorithm to create the expected response (XRES). The HN also generates an Encryption Key (CK) and an Integrity Key (IK) for use in cipher and integrity protection, as well as an authentication token (AUTN) using various algorithms. The HN sends an authentication vector, consisting of the RAND, XRES, CK and AUTN to the SN. The SN stores the authentication vector only for use in a one-time authentication process. The SN passes the RAND and AUTN to the UE.
[00051] After the UE receives the RAND and the AUTN, the USIM verifies that the AUTN received is valid. If so, the UE uses the received RAND to compute its own response (RES) using the stored K and the same algorithm that generated the XRES. The UE passes the RES back to the SN. The SN compares the XRES with the received RES and if they match, the SN authorizes the UE to use the operator's wireless network services.
[00052] The preceding procedure of figure 1 is embodied within the physical media of the SIM card. Prior art SIM cards have at least two (2) distinct and desirable properties: (i) SIM cards provide cryptographically secure storage for SIM data (e.g. account information, encryption keys, etc.) and (ii) SIM cards cannot be easily cloned.
[00053] A prior art SIM card includes a processor and memory formed a universal integrated circuit card (UICC). The SIM card can be filled with epoxy resin to prevent external probing of the data signals in the UICC. Other tamper-proof structures can be included in the UICC if desired (eg protective layers, mask layers, etc.). The SIM card has a secure interface with the processor, and the processor has an internal interface with the memory. The UICC receives power from the external device, which makes it possible for the processor to execute code from the memory component. The memory component itself is not directly accessible (ie internal file systems are hidden from the user) and must be accessed via the processor.
[00054] During normal operation, the processor accepts a limited number of commands. Each of the commands is only conditionally accessible. Access conditions are limited to executing commands to prevent unauthorized access. Access conditions may or may not be hierarchical, for example, authorization for one level may not automatically grant authorization for another level. For example, a set of access conditions might include: (i) always accessible, (ii) never accessible, (iii) accessible to a first account, (iv) accessible to a second account, etc. Conditional access is granted only after successful completion of an appropriate security protocol. Common methods to verify identity can include a password or personal identification number (PIN), challenge a shared secret, etc.
[00055] Conditional access, limited command set and protected memory space ensure that the information stored on the SIM card is safe from external access. Cloning a SIM card would entail building a physical card and building the internal file and data system. The combination of these aspects makes the physical SIM card impervious to practical counterfeiting attempts. Electronic Subscriber Identity Module (eSIM) Operation -
[00056] As a brief aside, the terms "conservation", "conserve" and "conserved", as used here, refer to an element (physical or virtual) that cannot be trivially multiplied or decreased. For example, a preserved eSIM cannot be copied or replicated during normal operation.
[00057] Additionally, as used herein, the term "impairment", when applied to an element (physical or virtual), refers to the property whereby the element is the only element having a particular property and/or characteristic. For example, a single eSIM cannot have a duplicate eSIM.
[00058] As used here, the term "security" generally refers to the protection of data and/or software. For example, access control data security ensures that data and/or software associated with an access control client are protected from theft, abuse, corruption, publication and/or falsification, by unauthorized activities and/or malicious individuals. .
[00059] Furthermore, as used here, the term "user authorization" generally refers to specifying a user's access to resources. As a brief aside, with prior art physical SIM cards, user authorization is enforced with possession of the physical SIM card; the physical card represents the user's authorization to access network resources. For example, when a physical SIM card is moved from a first phone to a second phone, it is assumed that the move was performed by the user (and implicitly authorized by the user). Within the context of eSIM operation, similar capabilities are required for user authorization of eSIM transfers. In particular, the "owner" of the eSIM (and also the network) needs guarantees that the eSIM is only transferred to legitimate devices.
[00060] In general, it is verified that the software is more flexible than the hardware; for example, the software is easy to copy, modify and distribute. Additionally, software can often be manufactured cheaper, more energy efficient, and physically smaller than hardware equivalents. Thus, although conventional SIM operation makes use of physical form factors such as cards (UICCs), current areas of research are focused on the virtualization of SIM operation within software. However, the sensitive nature of SIM data (eg, subscriber-specific information, etc.) requires special consideration. For example, various portions of SIM data are unique to subscribers and must be carefully guarded against malicious individuals. Furthermore, as previously stated, each SIM represents a contractor for the amount of access to finite network resources; thus, duplication, destruction and/or claiming of SIMs need to be controlled to prevent over and/or underutilization of network resources, as well as subrogation of the service provider's fees or income. Therefore, virtualized SIMs must satisfy the following properties: (i) security, (ii) impairment and (iii) conservation. Furthermore, such properties should ideally be provided at a cost comparable to existing network infrastructures.
[00061] Incipient solutions for SIM operation emulate a UICC as a virtual or electronic entity such as, for example, a software application, hereinafter referred to as an electronic Universal Integrated Circuit Card (eUICC). The eUICC is capable of storing and managing one or more SIM elements, referred to below as Electronic Subscriber Identity Modules (eSIM). However, solutions for operating virtualized eSIM need to provide security equivalent (if not improved) to existing security capabilities already provided by prior art UICCs. Additionally, the existing infrastructure requires adequate methods to enforce conservation of virtualized eSIMs, such that the number of virtualized eSIMs is controlled across the entire network (ie, virtualized eSIMs are not duplicated, lost, etc.).
[00062] Consider the system illustrated in Figure 2: the system 200 includes: (i) multiple SIM providers 202, (ii) multiple SIM provisioning servers (SPSs) 204 (such as those described in more detail in the Patent Application Co-possessed and co-pending US No. 12/952,082, filed on November 22, 2010 and titled "WIRELESS NETWORK AUTHENTICATION APPARATUS AND METHODS", and 12/952,089, filed on November 22, 2010 and titled "APPARATUS AND METHODS FOR PROVISIONING SUBSCRIBER IDENTITY DATA IN A WIRELESS NETWORK", previously incorporated by reference) and (iii) a user equipment population (UE) 206, where each UE contains a secure eUICC. The following discussions describe different schemes for distributing eSIMs from the SIM vendor to secure eUICC.
[00063] In a first scheme, the UE 206 requests an eSIM from any SPS 204, and the SPS retrieves an appropriate eSIM from a trusted entity, such as the SIM provider 202 (or in other cases, a mobile network operator (MNO), Trust Services Manager (TSM), etc.). In this approach, the SIM vendor can easily control the distribution of eSIMs; each newly requested eSIM is granted only by the SIM provider. However, since the SIM provider is the only party that can deliver eSIMs, the SIM provider can create "bottlenecks" if a large subscriber population has overwhelmed the SIM provider with requests within a short period of time (as is common for successful product releases). Similarly, the SIM provider is a single point of failure. Consequently, in the event of a disaster, eSIM issuance would be completely stopped.
[00064] In a second scheme, each SPS 204 retrieves an association of eSIMs from the SIM 202 provider, and stores the association of eSIMs within each SPS (the association of eSIMs is duplicated for each SPS). The SPS then distributes the eSIMs to UEs 206 on request. eSIM can only be decrypted and used by secure eUICC. This distributed SPS server model is not throttled by the SIM vendor. However, this second scheme requires substantially more infrastructure. Specifically, the SPS population needs to ensure that no duplicate eSIMs are distributed. Thus, whenever an SPS grants an eSIM, the other SPSs need to be notified to deactivate their duplicate eSIMs via communication link 208. This ensures that the eSIMs are unique (ie, no duplicate eSIMs have been distributed). Communication to keep eSIM status information synchronized between SPSs is a significant amount of traffic on the network infrastructure. Furthermore, slow network connections or network interruption can still cause "race conditions". Within the context of the computer network, race conditions generally refer to data risks resulting from propagation delay between network entity synchronization. For example, imperfect synchronization can cause two (2) SPSs to export the same eSIM at the same time (creating a race condition); this will result in the eSIM being accidentally cloned.
[00065] In yet a third scheme (not shown), the infrastructures of the SPS 204 and the SIM provider 206 are combined in some way. For example, the SIM provider and the SPS network can be housed together in a common facility and freely accessed or otherwise logistically intertwined. Successful operation of entangled facilities requires a trusting business relationship between the SIM provider and the SPS network operator, which may be undesirable (e.g. where there is a conflict of business interests, due to antitrust legal considerations, etc.). ).
[00066] Each of the preceding schemes requires significant communications resources to synchronize the various network entities during transfer. For example, when an eSIM is successfully transferred from an SPS to a mobile device, each SPS needs to be notified that the eSIM cannot be transferred again (to prevent multiple deliveries of the same eSIM, for example, as described above). Method -
[00067] Accordingly, various aspects of the present invention advantageously enable the operation and deployment of virtualized access control clients that provide equivalent and/or improved capabilities to prior art solutions (e.g., card-based access control clients). physicist). In an exemplary embodiment, an independent SIM provisioning service (SPS) entity can operate in conjunction with other peer SPS devices, enabling distributed peer models for SIM provisioning (as opposed to a centralized model that tracks eSIMs from a centralized database or distributed schemas that require synchronization between peer devices). Furthermore, as described in more detail herein, embodiments of the present invention are not specific to any particular network infrastructure, and can flexibly accommodate virtually any configuration.
[00068] In one aspect of the invention, an access control client can be stored and transferred to only one secure element at a time. In one embodiment, the secure element stores only access control clients received from other secure elements that have the same or comparable protocol (described in more detail subsequently here). Similarly, the secure element limits the transfer of access control clients to other secure elements that have the same or comparable protocols. For example, secure elements may limit transactions to other secure elements that satisfy certain security requirements. Some mobile network operators (MNO) may enforce greater security with their devices than other MNOs. In various modalities, secure elements could be certified at different levels and access control clients may require a certain level of certification. During the transfer process, the device removes (or inactivates) its own access control client. By ensuring that both clients involved in the transfer are trusted entities and honor the same protocol, access control clients are not multiplied or diminished in the transfer.
[00069] As a brief aside, a secure element can be personified as a processor or processing apparatus running software from a protected storage medium. In some variations, the protected storage medium is encrypted to prevent unauthorized access or tampering. Furthermore, the secure element may be physically hardened or secured to prevent access to the secure storage medium and/or processor. Common examples of physical hardening might include a physical case or other mechanism designed to self-destruct or render the device inaccessible in the event of unauthorized access attempts and/or circuitry embedded in a resin or other material to prevent external probing.
[00070] In some embodiments, the secure element of the present invention is configured to further limit and/or monitor/indicate anomalous access. For example, in one embodiment, transferring or storing an access control client in the secure element requires a challenge response and/or unique identifier. An improper challenge response or incorrect identifier may indicate anomalous/fraudulent activity. Similarly, transactions between secure elements are encrypted; thus, improperly encrypted transactions can also indicate suspicious behavior.
[00071] Referring now to Figure 3, an embodiment of a generalized method 300 for storing and transferring access control clients for the invention is shown. In one embodiment, at least one device is an eUICC appliance that is embodied within a Hardware Security Module (HSM) that can control the storage of one or more eSIMs. In some embodiments, the HSM stores encrypted eSIM locally, or alternatively, encrypts the eSIM for storage on remote media (in some cases, insecure file systems). In an alternate embodiment, at least one device is an eUICC appliance that is embodied within a physical SIM card form factor (eg, enabling reuse of the legacy form factor receptacle). In yet another alternative, at least one device is a hardened device, such as a mobile phone including an eUICC appliance embodied within a secure element (i.e., the secure element cannot be removed from the device without destroying or otherwise compromising the device integrity).
[00072] In step 302 of method 300, the source device and the target device agree on a protocol. In one embodiment, the protocol type is based on an identified software version, eg in plain text. In other embodiments, the protocol type is inherent in an otherwise encrypted initial communication. For example, an encrypted 256-bit challenge might inherently specify a particular protocol or protocol suite, while an unencrypted challenge might inherently specify a different protocol. In still other embodiments, the protocol may be based on a discovery process. For example, in some variations, devices may be registered with a directory service, where a registration includes information such as identifier, network address, supported protocol types, etc.
[00073] In an exemplary embodiment, the protocol type is determined by a signed certificate issued by a mutually trusted issuing authority. A digital certificate may include, but is not limited to, for example: (i) a serial number (to uniquely identify the certificate), (ii) the device being certified, (iii) the signature algorithm used to create the signature , (iv) the issuer who verified the information and signed the certificate, (v) a range of validity (e.g., valid from, valid to, etc.), (vi) an encryption key, and/or (vii) a fingerprint or proof of verification (to verify the legitimacy of the certificate). Digital certificates are well known in the related arts and will not be described further.
[00074] In such a variation, the mutually trusted issuing authority is an activation authority, for example, the authentication center (AuC) of the mobile network operator (MNO). In other variations, the mutually trusted issuing authority is a trusted third party, e.g. a SIM vendor, device manufacturer, etc. The mutually trusted issuing authority need not be the same for both devices. For example, in some embodiments, a system may have multiple trusted entities (eg, multiple accepted MNOs, multiple trusted device manufacturers, etc.). Furthermore, in certain systems, a relying entity may be a source of trust for another unknown entity (eg, the relying entity provides assurance that the unknown entity may also be trusted). Such "chains" of trust can be extended through an arbitrary number of intermediary devices; each intermediary device is subject to its predecessor's trust level, which extends to the trust originator.
[00075] In other examples, eUICC appliances can support any appliance device that is compliant with a standardized specification, etc. Similarly, to ensure backward compatibility, future embodiments of an eUICC appliance may also support legacy eUICC appliances, etc.
[00076] Available devices and/or accepted protocols for available devices can be stored, for example, within a lookup directory service. Such directory service type applications are common within network infrastructure techniques. For example, multiple configurations of appliances can be further combined with a directory service server configured to provide connection information for each of the appliances. A requesting party (source or destination) can request information from the directory service.
[00077] In some embodiments, protocols are coded according to a software version or revision. For example, devices can verify that the other device is of an acceptable software version or revision. Alternately, the source and destination devices may conform to an informal protocol; for example, it may be necessary for devices to dynamically negotiate or determine a protocol. In still other embodiments, no protocol negotiation is required (ie, systems that only support a single transfer protocol).
[00078] The transfer protocol may specify, among other things, the types of challenge response protocols, unique identifier selection, transfer encryption, access control client management (e.g. deletion procedures, acknowledgment procedures , etc.) during transfer. As previously indicated, in order to ensure that the conservation and impairment properties of an access control client are maintained during the transfer, the access control client is encrypted to the destination device, and deleted from the transfer device. For example, the transfer protocol may specify: (i) whether acknowledgment of reception is required, (ii) whether retransmission is allowed when transmission fails, (iii) an acceptable number of retries, and/or (iv) under which conditions the source device may exclude the client from encrypted access control.
[00079] It will be verified that the source device can delete and/or disable the encrypted access control client at different times and/or under different conditions, as is convenient or required under the various scenarios. In some embodiments, the deletion may occur some time after the transfer. Such modalities may be of particular use in mass transfers. Alternatively, the access control client can be disabled some time before the transfer. Similarly, in other embodiments, a "window of validity" may also be specified for the transfer, such that a particular transfer must be performed within a prescribed time window to be considered valid.
[00080] Other considerations include, among other things, device considerations and/or access control client considerations. For example, some devices may only be allowed to receive (or transmit) an access control client. In such an embodiment, a mobile device may be limited to only receiving an eSIM (once signed, it cannot be returned, etc.). Alternately, certain devices may only be used as a "one-time" transfer (eg a disposable device to provide an eSIM once). In some cases, one device may be more (or less) secure than the peer device. For example, in an exemplary embodiment, the user's equipment may have stricter security requirements than an eUICC appliance; the eUICC appliance can be protected through other measures (eg secure infrastructure, etc.). The user's secure equipment may also transfer an eSIM to a less secure eUICC appliance, as long as the less secure eUICC appliance performs a minimum level of security. Similarly, in some cases, access control clients have transfer limitations, including, but not limited to: (i) a total number of transfers allowed, (ii) target device restrictions, etc.
[00081] Furthermore, it is found that the communication method can have a significant impact on transfer protocol considerations. Network infrastructure transfers can use high-bandwidth protocols and media (e.g. T3, T1, Sonet (synchronous optical network), Gigabit Ethernet, etc.), while consumer-based transfers can be performed through connections with lower bandwidth (e.g. cellular access, WLAN (wireless local area network), Ethernet, etc.). Different usage scenarios may also have different requirements for communication set-up signals, transfer time requirements, etc. For example, a SIM provider may transfer a large number of eSIMs to an eUICC appliance (eg, such as to facilitate SIM delivery or other functions). Similarly, in another example, a large centralized repository of eSIMs can be freely transferred between various eUICC appliances. eUICC appliances can freely transfer eSIMs from appliance to appliance, to facilitate load management, etc. The communication establishment signals requirements for these bulk transfer scenarios are less important as the eSIMs are not circulating (confirmations can be grouped at the end of the transfer rather than for each individual eSIM).
[00082] Consumer applications may have much slower transfer rates, but communication establishment signals are more important as the eSIM must be robustly delivered, and immediately available for use. In some variations, failure to complete the communication establishment signals process will automatically trigger a retry. For example, an eUICC appliance, SIM provisioning server (SPS) or similar entity can directly transfer an eSIM to serve an improvised eSIM request from user equipment (UE), or an application running from a desktop computer. or portable. In another such example, consumer-based applications may run a small internal appliance capable of storing one or more eSIMs (e.g., one for work, one for personal use, several for travel access, etc.) enabling a consumer to transfer a eSIM between your various devices.
[00083] In step 304 of method 300 of figure 3, the source and destination devices establish a shared secret. In an exemplary embodiment, the devices verify the identity of the peer device by inspecting a digital signature, and if the signature is valid, exchange (or agree to exchange) a challenge, unique identifier, or other security token for encryption with the security control client. access.
[00084] For example, devices can use challenge and response communication establishment signals, where any trusted device knows a common secret (e.g., a common key, a set of keys, etc.), which can be used to generate various challenges and associated responses. Devices can trust an unknown device as long as they can generate appropriate challenges and/or appropriate responses.
[00085] In another example, devices can use a unique identifier that is generated by the target device upon request from the access control client. The source device includes the unique identifier with the access control client to identify the request rendered.
[00086] In still other embodiments, devices can verify their peer device with a trusted third party (eg, the trusted third party provides each of the devices with a session key). Such relationships can be verified directly or indirectly. For example, peer devices can directly consult a trusted third party before performing the transfer, or alternately each device can present a certificate signed by the trusted third party, etc.
[00087] Still other types of cryptographic arrangements and trust scenarios will be recognized for use with the invention by those skilled in the art given the present disclosure.
[00088] In step 306, the source device packages the access control client with the secret (eg, challenge, unique identifier, or other security token). In an exemplary embodiment, the packet is further encrypted using the public key of the target device. In a variation, the source device must first decrypt the access control client with its own private key, before re-encrypting the access control client.
[00089] Once encrypted with the target device's public key, only the target device can decrypt the access control client for use. An example of public and private key encryption for client access control transfer is described in US Provisional Patent Application No. 61/407,866, filed October 28, 2010 and entitled "METHODS AND APPARATUS FOR STORAGE AND EXECUTION OF ACCESS CONTROL CLIENTS", previously incorporated here. For example, each eUICC appliance has a unique device public/private key pair and endorsement certificate. The public/private key pair is based on a secret private key and a publishable public key. Public/private key schemes are considered "asymmetric", as the key used to encrypt and decrypt are different, and thus the encryption and decryption mechanisms do not share the same key.
[00090] It is further recognized that steps 306 and 304 (among others) may also be combined, subdivided and/or inverted. For example, in one embodiment, the source device determines a session key and encrypts the access control client with the session key, the resulting packet being further completed with the public key of the target device. In such a variation, the session key is determined by the target device upon receipt.
[00091] Additionally, in some embodiments, packages are even digitally signed to provide additional verification of the source device. The target device can check the digital signature to verify that the packet (eg, access control client and unique identifier, etc.) originated from the source device. Furthermore, it is widely verified that digital signatures are merely a subset of electronic signatures, therefore other forms of source verification can be similarly used including, but not limited to: user identification (password, biometrics, etc.), identification electronics, etc.
[00092] In step 308, the packet access control client is transferred from the source device to the destination device. The target device verifies the shared secret and if the verification is successful, stores the encrypted access control client for future use. In one embodiment, the access control client is deleted, disabled, or otherwise rendered unusable, on the source device prior to enabling the access control client for the target device (e.g., prior to transfer, prior to completion of transfer, prior to confirmation of successful transfer, etc.). Exemplary operation -
[00093] As an example of typical operation in accordance with the invention, during startup, SIM vendors provide a collection or "batch" of eSIMs for the eUICC appliances. Note that multiple SIM vendors (e) may independently provide eSIMs; there is no collaboration required from SIM providers (although such collaboration can also be used if desired). SIM vendors still encrypt each of the eSIMs with a unique challenge or identifier for the eUICC appliances.
[00094] As previously described, each eSIM includes a virtualized SIM and unique key associations and capabilities to perform the aforementioned authentication and key consent (AKA) scheme to authenticate a mobile device to the cellular network (see discussion of Operation of the above prior art subscriber identity module (SIM). Additionally, each eSIM is uniquely associated with a challenge or identifier that changes on a per transfer basis. A typical realization of a challenge or identifier may include a cryptographic material, counter, pseudorandom sequence, large state machine, etc.
[00095] Consider the following operation - a first eUICC appliance initiates a transfer of eSIM (which is currently encrypted to the first eUICC appliance) to a second eUICC appliance. The first eUICC appliance initiates secure communication with the second eUICC appliance. In one scenario, both the first and second eUICC appliances agree to transfer based on certificates signed by one or more of the mutually trusted third parties. The second eUICC appliance provides a unique identifier for the first eUICC appliance. The first eUICC appliance decrypts the eSIM with its own private key, and then re-encrypts the eSIM with the public key of the second eUICC (the public key is freely distributed by the second eUICC). The combination of the unique identifier and the re-encrypted eSIM is signed by the first eUICC appliance (the signature verifies the identity of the first eUICC appliance). The signed combination is packaged for the second eUICC. Now, only the second eUICC can decrypt the eSIM, and the signed combination proves that the encrypted eSIM packet matches the unique identifier. The first eUICC appliance passes the newly encrypted eSIM to the second eUICC appliance.
[00096] In one embodiment, the unique identifier is used to protect against replay attacks. For example, each eSIM transfer is uniquely identified, so the transaction cannot be "copied" and reproduced (eg by a malicious third party). For example, when transferring an eSIM from appliance A to appliance B, and then from appliance B to appliance C, the transfer between appliance A to appliance B cannot be reproduced while the eSIM is still on appliance C.
[00097] Similarly, consider transferring an eSIM from the first eUICC appliance to a mobile device. The mobile device issues a request for an eSIM with a challenge and its public key. The first eUICC appliance decrypts an eSIM with its own private key and generates an appropriate challenge response. The eSIM is re-encrypted with the mobile device's public key. The re-encrypted eSIM is combined with a challenge response and then signed. The mobile device verifies the challenge response (which identifies the first eUICC appliance as a legitimate source) and, if successful, decrypts the eSIM for use. Even if a malicious third party could intercept the encrypted eSIM, they would not be able to use or spoof the eSIM (as long as the eSIM is encrypted).
[00098] Finally, consider moving an eSIM from the first mobile device to the second mobile device. The first mobile device triggers a request to transfer your eSIM to the second mobile device. In one scenario, the user of either the first or second mobile device has to manually accept the transfer. If accepted, the second mobile device transmits a challenge to the first mobile device. The first mobile device decrypts its stored encrypted eSIM with its own private key, then re-encrypts the eSIM with the second mobile device's public key (the second mobile device's public key is always available), including the appropriate response. The combination is signed and transmitted. The second mobile device verifies the challenge response (which identifies the first mobile device as a legitimate source) and decrypts the eSIM for use. Device -
[00099] Various apparatus useful in conjunction with the above-described methods are now described in more detail. eUICC tool -
[000100] Figure 4 illustrates an exemplary embodiment of an eUICC 400 appliance according to the present invention. The eUICC appliance may comprise a standalone entity, or be merged with other network entities (eg a Service Provisioning Service (SPS), etc.). As shown, the eUICC appliance 400 generally includes a network interface 402 for interfacing with the communications network, a processor 404 and a storage apparatus 408. The network interface is shown connected to the infrastructure of the MNO so as to provide access to other eUICC appliances, and direct or indirect access to one or more mobile devices, although other settings and functionality may be overridden.
[000101] In one configuration, the eUICC appliance is a Hardware Security Module (HSM). An HSM includes one or more secure elements to manage multiple access control clients. In some embodiments, access control clients are stored directly on the HSM. Alternatively, access control clients are encrypted and stored on external storage. In such external (eg, remote) storage modalities, encryption ensures that access control clients are secure, even when stored on physically insecure media.
[000102] The HSM is configured to enable the transfer of access control clients to and from another HSM, while preserving the impairment and conservation of the access control clients. Furthermore, transferring access control clients to another HSM in this mode causes a deactivation and/or deletion of locally stored access control clients. An HSM can also be configured to self-destruct or disable itself if spoofed.
[000103] In the illustrated embodiment of Figure 4, the eUICC appliance 400 includes at least one SIM database 410 running on the processor 404. Although illustrated as a single application running on the eUICC appliance, it is verified that the functionality of the preceding database may comprise a distributed application operating on a plurality of devices in data communication with each other.
[000104] The SIM database application processes requests that include: (i) a request to store an eSIM, (ii) a request to transfer a currently stored eSIM. The database application is also responsible for verifying requests to ensure that communication is received from an entity authorized to make such a request (see step 304, discussed above).
[000105] In one embodiment, the SIM database application is configured to perform a challenge and response security protocol. The challenge/response security protocol is configured to verify requests made by an unknown third party, based on the appropriate generation of challenges and/or responses. Alternatively, in another embodiment, the secure element can verify a digital certificate signed by a trusted authority.
[000106] As shown, the storage apparatus 408 is adapted to store a formation of access control clients. In one embodiment, an eUICC appliance stores a formation of eSIMs. In such an embodiment, each eSIM includes a small file system that includes computer-readable instructions (the eSIM program) and associated data (eg, encryption keys, integrity keys, etc.). Furthermore, each eSIM is additionally encrypted with the public key of the eUICC appliance. In this way, each eUICC can only be decrypted by the eUICC appliance. In some embodiments, each encrypted eSIM is further encrypted with a unique identifier, challenge, or challenge response. In some embodiments, the encrypted components are still stored as a Binary Large Object (BLOB).
[000107] The SIM database application is configured to manage available eSIMs. As illustrated in Figure 4, the database can provide information related to the BLOB of the particular eSIM, the devices authorized to use the eSIM, the current state and/or current condition of the eSIM ("available", "not available", "loser", etc.). Additional information can be kept as well. The database application is configured to update or change information stored in the database.
[000108] When another device requests an eSIM from the eUICC 400 appliance, the database application retrieves the current state of the requested eSIM. This information can be used to determine whether the requested eSIM can be provided. This validity check can be performed in an activation service, in the eUICC appliance, be shared or take place in other locations; for example, comparing the state in the activation service against the last known state in the eUICC appliance. Similarly, when another device transfers an eSIM to the eUICC 400 appliance, the database application is responsible for updating the current state of the transferred eSIM. User device -
[000109] Referring now to Figure 5, an exemplary user apparatus 500 (e.g., a UE) in accordance with various aspects of the present invention is illustrated.
[000110] The exemplary UE apparatus of Figure 5 is a wireless device with a processor subsystem 502, such as a digital signal processor, microprocessor, field programmable gate formation, or plurality of processing components mounted on one or more substrates. The processing subsystem may also comprise an internal cache memory. The processing subsystem is in communication with a memory subsystem 504 including memory which may comprise, for example, SRAM, flash and/or SDRAM components. The memory subsystem may implement one or more DMA-like hardware in order to facilitate data accesses, as is well known in the art. The memory subsystem contains computer-executable instructions that are executable by the processor subsystem.
[000111] In an exemplary embodiment, the device may comprise one or more wireless interfaces 506 adapted to connect to one or more wireless networks. Multiple wireless interfaces can support different radio technologies such as GSM, CDMA, UMTS, LTE/LTE-A, WiMAX, WLAN, Bluetooth, etc. implementing the appropriate antenna and modem subsystems.
[000112] The 508 user interface subsystem includes any number of well-known I/O including, without limitation: a key pad, touch screen (e.g., multi-touch interface), LCD monitor, backlight, high speaker and/or microphone. However, it is recognized that in certain applications, one or more of these components may be eliminated. For example, PCMCIA-type client modalities may lack a user interface (since they could overlay the user interface of the host device, to which they are physically and/or electrically coupled).
[000113] In the illustrated embodiment, the device includes a secure element 510 that contains and operates the eUICC application. The eUICC is capable of storing and accessing a plurality of access control clients to be used for authentication with a network operator. The secure element includes, in this embodiment, a secure processor running software stored on secure media. Secure media is inaccessible to all other components (other than secure processor). Furthermore, the secure element can be further hardened to prevent counterfeiting (e.g. wrapped in resin) as previously described.
[000114] Secure element 510 is capable of receiving and storing one or more access control clients. In one embodiment, the secure element stores a formation or plurality of eSIMs associated with a user (e.g., one for work, one for personnel, several for travel access, etc.), and/or according to another logical or relationship (for example, one for each of multiple members of a family or business entity, one each for personal and professional use by family members, and so on). Each eSIM includes a small file system including computer-readable instructions (the eSIM program) and associated data (eg encryption keys, integrity keys, etc.).
[000115] The secure element is further adapted to enable the transfer of eSIMs to and/or from the mobile device. In an exemplary embodiment, the mobile device provides a GUI-based confirmation to initiate the transfer of an eSIM.
[000116] Furthermore, several embodiments of the exemplary embodiment include instructions that, when executed, trigger a challenge/response security protocol. The challenge response security protocol is configured to verify requests made by an unknown third party, based on the appropriate generation of challenges and/or responses. Alternatively, in an exemplary embodiment, the secure element may verify a digital certificate signed by a trusted authority.
[000117] Furthermore, in one embodiment, the secure element maintains a listing or manifest of stored access control clients. The manifest may include information as to the current condition of stored access control clients; such information may include, for example, availability, completeness, validity and/or past experienced errors. The manifest can be further linked or coupled to the user interface so that the user can select an available access control client.
[000118] In an exemplary embodiment, the secure element has associated device cryptographic keys. These device keys are used to secure access control client exchanges. In such a variation, the cryptographic keys are an asymmetric public/private key pair. The public key can be freely distributed without compromising the integrity of the private keys. For example, the device may be assigned (or internally generate) an RSA public/private key; the public key is available for post-development communication.
[000119] It will be recognized that while certain aspects of the invention are described in terms of a specific sequence of steps of a method, such descriptions are only illustrative of the broader methods of the invention, and may be modified as required by the particular application. Certain steps may be unnecessary or optional under certain circumstances. Additionally, certain steps or functionality may be added to the revealed modalities or the order of performance of two or more steps swapped. All such variations are intended to be encompassed within the invention disclosed and claimed herein.
[000120] While the above detailed description has shown, described and evidenced new features of the invention when applied in various embodiments, it will be understood that various omissions, substitutions and changes in the form and details of the device or process illustrated may be made by those skilled in the art. without departing from the invention. The foregoing description is the best currently considered mode of carrying out the invention. This description is in no way intended to be limiting, but rather should be taken as illustrative of the general principles of the invention. The scope of the invention is to be determined with reference to the claims.

权利要求:
Claims (20)
[0001]
1. Apparatus configured to provide access data elements to peer devices, the apparatus being characterized in that it comprises: a first secure element adapted to store a plurality of access data elements; and a processor configured to cause the apparatus: to receive, from a peer device, a request for at least one access data element of the plurality of access data elements, wherein the request includes: a unique public key a second secure element included in the peer device, and a unique identifier that is generated by the peer device in conjunction with the request; obtain, from the first secure element, at least one access data element; encrypt the at least one access data element using the public key; generate a package that includes at least one encrypted access data element and the unique identifier; sign the package to produce a signed package, wherein the signed package allows the peer device to authenticate the apparatus; transfer the signed package to the peer device; and in response to receiving an indication from the peer device that at least one access data element is stored in the second secure element: remove at least one access data element from the first secure element.
[0002]
2. Apparatus according to claim 1, characterized in that each access data element of the plurality of access data elements is associated with a user.
[0003]
3. Device according to claim 1, characterized in that each access data element of the plurality of access data elements is associated with a different use case for the same user.
[0004]
4. Device according to claim 1, characterized in that the processor is further configured to cause the device to negotiate a transfer protocol with the peer device before receiving the request from the peer device.
[0005]
5. Device according to claim 4, characterized in that the processor is further configured to make the device encrypt the signed packet based on the negotiated transfer protocol.
[0006]
6. Device, according to claim 5, characterized by the fact that the negotiation of the transfer protocol comprises identifying that the transfer protocol is supported by the device and the peer device.
[0007]
7. Device according to claim 1, characterized in that the processor is further configured to cause the device to identify a number of times that at least one access data element has been transferred between different devices.
[0008]
8. Apparatus according to claim 7, characterized in that the processor is further configured to cause the apparatus to transfer the signed package to the subsequent peer device to verify that the number of times satisfies a predetermined threshold.
[0009]
9. Device according to claim 1, characterized in that each access data element of the plurality of access data elements is an electronic Subscriber Identity Module (eSIM).
[0010]
10. Device according to claim 1, characterized in that the device is a Hardware Security Module (HSM).
[0011]
11. Method for transferring access data elements to peer devices, the method being characterized in that it comprises: in an apparatus including a first secure element that stores a plurality of access data elements: receiving, from a device of the same level, a request for at least one access data element of the plurality of access data elements, wherein the request includes: a unique public key of a second secure element included in the peer-to-peer device, and a unique identifier that is generated by the peer device in conjunction with the request; obtaining, from the first secure element, at least one access data element; encrypt the at least one access data element using the public key; generate a packet that includes at least one encrypted access data element and the unique identifier; signing the package to produce a signed package, wherein the signed package allows the peer device to authenticate the apparatus; transfer the signed package to the peer device; and in response to receiving an indication from the peer device that at least one access data element is stored in the second secure element: removing at least one access data element from the first secure element.
[0012]
12. Method according to claim 11, characterized in that it further comprises negotiating a transfer protocol with the peer device before receiving the request from the peer device.
[0013]
13. Method according to claim 11, characterized in that it further comprises identifying a number of times that at least one access data element has been transferred between different devices.
[0014]
14. Method according to claim 13, characterized in that the signed packet is transferred after verifying that the number of times satisfies a predetermined limit.
[0015]
15. Method, according to claim 11, characterized in that it further comprises the identification of device restrictions associated with the peer device.
[0016]
16. Method according to claim 15, characterized in that the signed package is transferred to the peer device after verification that the device restrictions do not prohibit the transfer of the signed package.
[0017]
17. Method according to claim 11, characterized in that each access data element of the plurality of access data elements is an electronic Subscriber Identity Module (eSIM).
[0018]
18. Mobile device, characterized in that it comprises: a secure element; and a processor configured to cause the mobile device to: issue, to an apparatus configured to store a plurality of access data elements, a request for at least one access data element of the plurality of access data elements, in that the request includes: a unique public key of the secure element and a unique identifier that is generated in conjunction with issuing the request; receiving a package from the device, wherein the package includes: a digital signature generated by the device; the at least one access data element, wherein the at least one access data element is encrypted based on the public key, and the unique identifier; check the packaging according to the digital signature; decrypting the at least one access data element using a private key that corresponds to the public key; and store at least one access data element in the secure element.
[0019]
19. Mobile device according to claim 18, characterized in that the package is received from the device subsequent to the device, verifying that at least one access data element has been transferred several times that satisfies a certain threshold.
[0020]
20. Mobile device according to claim 18, characterized in that each access data element of the plurality of access data elements is an electronic Subscriber Identity Module (eSIM).

类似技术:

---

公开号 | 公开日 | 专利标题

---

US9686076B2|2017-06-20|Apparatus and methods for storing electronic access clients

---

JP6430449B2|2018-11-28|Policy-based techniques for managing access control

---

JP6262278B2|2018-01-17|Method and apparatus for storage and computation of access control client

---

TWI592051B|2017-07-11|Network assisted fraud detection apparatus and methods

---

BR102012007800B1|2022-02-01|Method and Apparatus for Distributing Access Control Clients

---

AU2014203692B2|2016-04-21|Apparatus and methods for storing electronic access clients

---

BRPI1106663B1|2021-10-26|METHODS AND APPARATUS FOR THE STORAGE AND EXECUTION OF ACCESS CONTROL CLIENTS

同族专利:

---

公开号 | 公开日

---

WO2012138778A3|2014-05-01|

---

EP2509352B1|2014-10-15|

---

KR20140107168A|2014-09-04|

---

JP2014158300A|2014-08-28|

---

AU2012201945A1|2012-10-25|

---

US20120260090A1|2012-10-11|

---

EP2509352A3|2013-01-09|

---

US9009475B2|2015-04-14|

---

US20150326568A1|2015-11-12|

---

EP2509352A2|2012-10-10|

---

MX2012003952A|2012-10-24|

---

TWI475899B|2015-03-01|

---

US20160218874A1|2016-07-28|

---

US9332012B2|2016-05-03|

---

KR101730689B1|2017-04-26|

---

KR20120113690A|2012-10-15|

---

EP2827629B1|2022-01-26|

---

AU2012201945B2|2014-04-10|

---

JP2012231466A|2012-11-22|

---

EP2827629A1|2015-01-21|

---

WO2012138778A2|2012-10-11|

---

BR102012007970A2|2014-01-07|

---

US9686076B2|2017-06-20|

---

TW201251482A|2012-12-16|

---

KR101500803B1|2015-03-09|

引用文献:

---

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

---

---

JPH11164357A|1997-11-26|1999-06-18|Matsushita Electric Ind Co Ltd|Radio communication system|

---

JP2001043058A|1999-08-03|2001-02-16|Canon Inc|Image forming device capable of constituting network system, image forming system, image forming method, and storage medium|

---

AU3327300A|2000-03-24|2001-10-03|Kabushikikaisha I-Broadcast|Method for preventing unauthorized simultaneous access to network and server system used therefor|

---

US6372974B1|2001-01-16|2002-04-16|Intel Corporation|Method and apparatus for sharing music content between devices|

---

JP4512280B2|2001-02-16|2010-07-28|日立コンシューマエレクトロニクス株式会社|Stream data playback device|

---

US7725404B2|2002-02-27|2010-05-25|Imagineer Software, Inc.|Secure electronic commerce using mutating identifiers|

---

US6836670B2|2002-05-09|2004-12-28|Casabyte, Inc.|Method, apparatus and article to remotely associate wireless communications devices with subscriber identities and /or proxy wireless communications devices|

---

US8146141B1|2003-12-16|2012-03-27|Citibank Development Center, Inc.|Method and system for secure authentication of a user by a host system|

---

JP4533644B2|2004-03-01|2010-09-01|株式会社日立製作所|Recording device|

---

EP1735939A1|2004-03-29|2006-12-27|Smart Internet Technology Crc Pty Limited|Digital license sharing system and method|

---

CN101027929B|2004-09-23|2012-04-25|金雅拓股份有限公司|System and method for communication with universal integrated circuit cards in mobile devices using internet protocols|

---

US8160244B2|2004-10-01|2012-04-17|Broadcom Corporation|Stateless hardware security module|

---

US20070038576A1|2005-08-12|2007-02-15|Lg Electronics Inc.|Method for moving rights object in digital rights management|

---

JP2007149184A|2005-11-25|2007-06-14|Hitachi Ltd|Recording and reproducing device and content data transfer method|

---

AT403188T|2006-01-30|2008-08-15|Research In Motion Ltd|METHOD AND DEVICE FOR DATA DISPATCH BETWEEN USB CUSTOMERS|

---

KR100891093B1|2006-05-09|2009-03-31|삼성전자주식회사|Apparatus and method for providing safe movement of secure data|

---

EP2044765A1|2006-07-24|2009-04-08|Thomson Licensing|Method, apparatus and system for secure distribution of content|

---

KR101443612B1|2006-08-08|2014-09-23|엘지전자 주식회사|Method and terminal for authenticating between drm agents for moving ro|

---

JP2008148132A|2006-12-12|2008-06-26|Toshiba Corp|Data distribution system, apparatus and program|

---

US7769693B2|2007-03-30|2010-08-03|Cisco Technology, Inc.|Mechanism for secure rehosting of licenses|

---

US8345869B2|2007-04-11|2013-01-01|The Directv Group, Inc.|Method and apparatus for file sharing of missing content between a group of user devices in a peer-to-peer network|

---

US8712474B2|2007-04-20|2014-04-29|Telefonaktiebolaget L M Ericsson |Secure soft SIM credential transfer|

---

US8140439B2|2007-04-25|2012-03-20|General Instrument Corporation|Method and apparatus for enabling digital rights management in file transfers|

---

US20090070691A1|2007-09-12|2009-03-12|Devicefidelity, Inc.|Presenting web pages through mobile host devices|

---

DE102007044905A1|2007-09-19|2009-04-09|InterDigital Patent Holdings, Inc., Wilmington|Method and device for enabling service usage and determination of subscriber identity in communication networks by means of software-based access authorization cards |

---

US20090125996A1|2007-09-19|2009-05-14|Interdigital Patent Holdings, Inc.|Virtual subscriber identity module|

---

FI122163B|2007-11-27|2011-09-15|Teliasonera Ab|Nätaccessautentisering|

---

US8200736B2|2007-12-24|2012-06-12|Qualcomm Incorporated|Virtual SIM card for mobile handsets|

---

US8516133B2|2008-02-07|2013-08-20|Telefonaktiebolaget Lm Ericsson |Method and system for mobile device credentialing|

---

US8561130B2|2008-02-19|2013-10-15|Sandisk Technologies Inc.|Personal license server and methods for use thereof|

---

JP5098736B2|2008-03-25|2012-12-12|株式会社明電舎|Vehicle speed control device|

---

CN101286840B|2008-05-29|2014-07-30|西安西电捷通无线网络通信股份有限公司|Key distributing method and system using public key cryptographic technique|

---

US9515850B2|2009-02-18|2016-12-06|Telefonaktiebolaget Lm Ericsson |Non-validated emergency calls for all-IP 3GPP IMS networks|

---

US8214645B2|2009-04-08|2012-07-03|Research In Motion Limited|Systems, devices, and methods for securely transmitting a security parameter to a computing device|

---

TWI435584B|2009-04-20|2014-04-21|Interdigital Patent Holdings|System of multiple domains and domain ownership|

---

US9734496B2|2009-05-29|2017-08-15|Paypal, Inc.|Trusted remote attestation agent |

---

US20100310076A1|2009-06-04|2010-12-09|Ron Barzilai|Method for Performing Double Domain Encryption in a Memory Device|

---

US8811969B2|2009-06-08|2014-08-19|Qualcomm Incorporated|Virtual SIM card for mobile handsets|

---

CN102025496B|2009-09-14|2015-06-03|中兴通讯股份有限公司|System and method for providing machine communication identity module for machine to machine equipment|

---

US8364964B2|2009-12-29|2013-01-29|General Instrument Corporation|Registering client devices with a registration server|

---

US8924715B2|2010-10-28|2014-12-30|Stephan V. Schell|Methods and apparatus for storage and execution of access control clients|

---

US8560722B2|2011-03-18|2013-10-15|International Business Machines Corporation|System and method to govern sensitive data exchange with mobile devices based on threshold sensitivity values|

---

US9009475B2|2011-04-05|2015-04-14|Apple Inc.|Apparatus and methods for storing electronic access clients|

---

US8707022B2|2011-04-05|2014-04-22|Apple Inc.|Apparatus and methods for distributing and storing electronic access clients|US8555067B2|2010-10-28|2013-10-08|Apple Inc.|Methods and apparatus for delivering electronic identification components over a wireless network|

---

US9009475B2|2011-04-05|2015-04-14|Apple Inc.|Apparatus and methods for storing electronic access clients|

---

US8707022B2|2011-04-05|2014-04-22|Apple Inc.|Apparatus and methods for distributing and storing electronic access clients|

---

US9450759B2|2011-04-05|2016-09-20|Apple Inc.|Apparatus and methods for controlling distribution of electronic access clients|

---

US8887257B2|2011-04-26|2014-11-11|David T. Haggerty|Electronic access client distribution apparatus and methods|

---

US10271213B2|2011-05-06|2019-04-23|Apple Inc.|Methods and apparatus for providing management capabilities for access control clients|

---

US9357380B2|2011-05-27|2016-05-31|Telefonaktiebolaget Lm Ericsson |Subscription module assignment managing server and subscription module assignment managing method|

---

CN104205891B|2011-12-30|2019-02-26|瑞典爱立信有限公司|Virtual SIM card cloud platform|

---

KR101651808B1|2012-02-07|2016-08-26|애플 인크.|Network assisted fraud detection apparatus and methods|

---

US9235406B2|2012-04-24|2016-01-12|Apple Inc.|Methods and apparatus for user identity module update without service interruption|

---

US8843179B2|2012-05-11|2014-09-23|Li Li|Provisioning an embedded subscriber identity module|

---

US9231931B2|2012-05-23|2016-01-05|Kt Corporation|Method and apparatus of constructing secure infra-structure for using embedded universal integrated circuit card|

---

US8781454B2|2012-06-21|2014-07-15|Apple Inc.|Methods and apparatus for automated communications forwarding|

---

US8983543B2|2012-09-12|2015-03-17|Li Li|Methods and apparatus for managing data within a secure element|

---

US9503454B2|2012-10-18|2016-11-22|Electronics & Telecommunications Research Institute|Smart card service method and apparatus for performing the same|

---

DE102012020987A1|2012-10-25|2014-04-30|Giesecke & Devrient Gmbh|A method for securely managing subscriber identity data|

---

EP2923478B1|2012-11-21|2019-08-14|Apple Inc.|Policy-based techniques for managing access control|

---

KR102128278B1|2012-12-11|2020-06-30|삼성전자 주식회사|Method for factory reset of subscriber certification module and apparatus using the method|

---

US20150012863A1|2012-12-28|2015-01-08|Panasonic Intellectual Property Corporation Of America|Control method|

---

US10148430B1|2013-04-17|2018-12-04|Amazon Technologies, Inc|Revocable stream ciphers for upgrading encryption in a shared resource environment|

---

CN103455924A|2013-08-28|2013-12-18|小米科技有限责任公司|Method and device for verifying transaction requests and server|

---

US9350550B2|2013-09-10|2016-05-24|M2M And Iot Technologies, Llc|Power management and security for wireless modules in “machine-to-machine” communications|

---

US10498530B2|2013-09-27|2019-12-03|Network-1 Technologies, Inc.|Secure PKI communications for “machine-to-machine” modules, including key derivation by modules and authenticating public keys|

---

US9100175B2|2013-11-19|2015-08-04|M2M And Iot Technologies, Llc|Embedded universal integrated circuit card supporting two-factor authentication|

---

US10700856B2|2013-11-19|2020-06-30|Network-1 Technologies, Inc.|Key derivation for a module using an embedded universal integrated circuit card|

---

US10064240B2|2013-09-12|2018-08-28|The Boeing Company|Mobile communication device and method of operating thereof|

---

CN104639586B|2013-11-13|2018-06-08|阿里巴巴集团控股有限公司|A kind of data interactive method and system|

---

CN103702319B|2013-12-31|2017-02-22|北京大唐智能卡技术有限公司|SIMcard, individualized card writing system and method as well as SIM card obtained according to method|

---

EP3082353B1|2014-01-09|2020-07-01|Huawei Technologies Co., Ltd.|Method and terminal device for sending and receiving user data|

---

WO2015132632A1|2014-03-06|2015-09-11|Telefonaktiebolaget Lm Ericsson |Network node, device and methods for providing an authentication module|

---

US9665718B2|2014-03-14|2017-05-30|International Business Machines Corporation|Correlating a task with commands to perform a change ticket in an IT system|

---

US9674691B2|2014-03-21|2017-06-06|T-Mobile Usa, Inc.|Polling by universal integrated circuit card for remote subscription|

---

US9510186B2|2014-04-04|2016-11-29|Apple Inc.|Tamper prevention for electronic subscriber identity moduletype parameters|

---

KR102200209B1|2014-04-22|2021-01-08|삼성전자 주식회사|Method and apparatus for provisioning profiles|

---

KR102250685B1|2014-07-01|2021-05-12|삼성전자 주식회사|METHOD AND APPARATUS FOR PROFILE DOWNLOAD FOR eUICC|

---

KR102231948B1|2014-07-17|2021-03-25|삼성전자 주식회사|A method and apparatus for updating profile managing server|

---

KR102160597B1|2014-07-17|2020-09-28|삼성전자 주식회사|Method and apparatus for provisioning profile of embedded universal integrated circuit card|

---

KR102311027B1|2014-08-14|2021-10-08|삼성전자 주식회사|A method and apparatus for profile downloading of group devices|

---

JP2016082503A|2014-10-21|2016-05-16|富士通株式会社|Terminal device and usim card|

---

US9853977B1|2015-01-26|2017-12-26|Winklevoss Ip, Llc|System, method, and program product for processing secure transactions within a cloud computing system|

---

US9774451B2|2015-02-10|2017-09-26|Qualcomm Incorporated|Using secure elements to authenticate devices in point-to-point communication|

---

KR102358130B1|2015-03-25|2022-02-04|삼성전자 주식회사|Method and apparatus for swapping terminals in a wireless communication system|

---

KR102303504B1|2015-03-25|2021-09-17|삼성전자 주식회사|Method and apparatus for installing profile by a terminal in a wireless communication system|

---

WO2016153281A1|2015-03-25|2016-09-29|삼성전자 주식회사|Method and apparatus for downloading profile in wireless communication system|

---

KR102284954B1|2015-04-08|2021-08-03|삼성전자 주식회사|Method and apparatus for downloading a profile in a wireless communication system|

---

CN112566074A|2015-04-10|2021-03-26|苹果公司|Apparatus and method for Electronic Subscriber Identity Moduleinstallation and interoperation|

---

WO2016167536A1|2015-04-13|2016-10-20|Samsung Electronics Co., Ltd.|Method and apparatus for managing a profile of a terminal in a wireless communication system|

---

ES2743576T3|2015-04-13|2020-02-19|Samsung Electronics Co Ltd|Procedure and apparatus for managing a profile of a terminal in a wireless communication system|

---

EP3297309B1|2015-04-13|2019-06-19|Samsung Electronics Co., Ltd.|Technique for managing profile in communication system|

---

EP3082355A1|2015-04-17|2016-10-19|Gemalto Sa|A method for controlling remotely the permissions and rights of a target secure element|

---

US10666660B2|2015-05-07|2020-05-26|Samsung Electronics Co., Ltd.|Method and apparatus for providing profile|

---

US11080414B2|2015-05-22|2021-08-03|Huawei Device Co., Ltd.|Cryptographic unit for public key infrastructureoperations|

---

DE102015110190A1|2015-06-24|2016-12-29|Uniscon Universal Identity Control Gmbh|Data processing device and method for operating the same|

---

US10122398B2|2015-06-30|2018-11-06|Microsoft Technology Licensing, Llc|Selecting a subscriber identity module profile host|

---

EP3618478B1|2015-08-31|2021-08-11|Samsung Electronics Co., Ltd.|Method and device for downloading profile in communication system|

---

KR102362395B1|2015-09-22|2022-02-14|삼성전자 주식회사|Method and apparatus for download of profile in a wireless communication system|

---

KR20170041597A|2015-10-07|2017-04-17|삼성전자주식회사|Method and apparatus for providing a profile remotely in a communication system|

---

CN108293043B|2015-11-13|2021-11-05|三星电子株式会社|Method and apparatus for downloading a profile for an embedded universal integrated circuit card of a terminal|

---

US9877186B2|2015-12-22|2018-01-23|Mediatek Inc.|Phone number switching method, and associated apparatus|

---

US10346147B2|2015-12-22|2019-07-09|Samsung Electronics Co., Ltd.|Method and apparatus for providing a profile|

---

KR20170074752A|2015-12-22|2017-06-30|삼성전자주식회사|Method and apparatus for providing a profile|

---

KR20170077489A|2015-12-28|2017-07-06|삼성전자주식회사|Method and apparatus for receiving/transmitting profile in communication system|

---

US9699655B1|2016-02-23|2017-07-04|T-Mobile Usa, Inc.|Cellular device authentication|

---

KR20170109467A|2016-03-21|2017-09-29|삼성전자주식회사|Method and apparatus for controlling electronic device|

---

US10574465B2|2016-05-18|2020-02-25|Apple Inc.|Electronic subscriber identity moduleeligibility checking|

---

US10615990B2|2016-05-23|2020-04-07|Apple Inc.|Robust event handling in an electronic subscriber identity modulenotification service|

---

KR20180002412A|2016-06-29|2018-01-08|삼성전자주식회사|Method and apparatus for communicating in a wireless communication system|

---

US10548005B2|2016-07-18|2020-01-28|Lg Electronics Inc.|Method for security of user equipment connection identifier in wireless communication system and apparatus therefor|

---

KR20180009629A|2016-07-19|2018-01-29|삼성전자주식회사|Method and apparatus for communicating in a wireless communication system|

---

US9831903B1|2016-07-28|2017-11-28|Apple Inc.|Update of a trusted name list|

---

US10394674B2|2016-08-24|2019-08-27|Apple Inc.|Local recovery of electronic subscriber identity moduleinstallation flow|

---

US10395064B2|2016-09-02|2019-08-27|Frederick A. Flitsch|Customized smart devices and touchscreen devices and clean space manufacturing methods to make them|

---

US11212665B2|2016-10-04|2021-12-28|Nec Corporation|Embedded SIM management system, node device, embedded SIM management method, program, and information registrant device|

---

US10659955B2|2016-12-01|2020-05-19|Samsung Electronics Co., Ltd.|Apparatus and method for installing and managing eSIM profiles|

---

KR102293683B1|2017-02-13|2021-08-26|삼성전자 주식회사|Apparatus and Methods for Access Control on eSIM|

---

EP3402238A1|2017-05-09|2018-11-14|Giesecke+Devrient Mobile Security GmbH|Efficient user authentications|

---

KR20190004499A|2017-07-04|2019-01-14|삼성전자주식회사|Apparatus and methods for esim device and server to negociate digital certificates|

---

WO2019025603A1|2017-08-03|2019-02-07|Ipcom Gmbh & Co. Kg|Ue adapted to transmit service validation messages|

---

US10897690B2|2017-08-31|2021-01-19|T-Mobile Usa, Inc.|Device-enabled eSIM profile acquisition|

---

KR20190027488A|2017-09-07|2019-03-15|삼성전자주식회사|Method and apparatus of supporting profile transfer of devices in wireless communication system|

---

WO2019071880A1|2017-10-09|2019-04-18|华为技术有限公司|Soft sim card network access control method and device|

---

KR20190062063A|2017-11-28|2019-06-05|삼성전자주식회사|Apparatus and method for managing events in communication system|

---

US10321303B1|2017-12-28|2019-06-11|T-Mobile Usa, Inc.|Subscription management service pairing|

---

US11223942B2|2018-08-07|2022-01-11|Samsung Electronics Co., Ltd.|Method, apparatus, and system for authorizing remote profile management|

---

KR20200028786A|2018-09-07|2020-03-17|삼성전자주식회사|Apparatus and methods for ssp device and server to negociate digital certificates|

---

US11222117B2|2018-09-27|2022-01-11|International Business Machines Corporation|HSM self-destruction in a hybrid cloud KMS solution|

---

US10893406B2|2018-10-19|2021-01-12|Samsung Electronics Co., Ltd.|Method and apparatus for handling remote profile management exception|

---

KR20200048298A|2018-10-29|2020-05-08|삼성전자주식회사|Method and apparatus for managing bundles of smart secure platform|

---

US10841287B2|2018-11-04|2020-11-17|Tala Secure, Inc.|System and method for generating and managing a key package|

---

US11129014B2|2019-03-08|2021-09-21|Apple Inc.|Methods and apparatus to manage inactive electronic subscriber identity modules|

---

EP3748527A1|2019-06-06|2020-12-09|Secure Thingz Limited|Multiprocessor system being configured for communicating in a mobile communication network|

---

US11265715B2|2019-06-20|2022-03-01|Samsung Electronics Co., Ltd.|Method and apparatus for providing communication service|

---

US11039296B2|2019-07-08|2021-06-15|Motorola Mobility Llc|Method and apparatus for disabling a carrier eSIM profile|

---

US11272336B2|2019-09-12|2022-03-08|Amdocs Development Limited|System, method, and computer program for transferring subscriber identity moduleinformation for SIM card or eSIM activation|

---

US10805799B1|2019-09-18|2020-10-13|Verizon Patent And Licensing Inc.|System and method for providing authenticated identity of mobile phones|

---

DE102020003275B3|2020-05-29|2021-06-10|Giesecke+Devrient Mobile Security Gmbh|Personalization of a secure element|

法律状态:
2014-01-07| B03A| Publication of a patent application or of a certificate of addition of invention [chapter 3.1 patent gazette]|

---

2018-12-18| B06F| Objections, documents and/or translations needed after an examination request according [chapter 6.6 patent gazette]|

---

2020-04-28| B06U| Preliminary requirement: requests with searches performed by other patent offices: procedure suspended [chapter 6.21 patent gazette]|

---

2021-11-03| B09A| Decision: intention to grant [chapter 9.1 patent gazette]|

---

2022-01-11| B16A| Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]|Free format text: PRAZO DE VALIDADE: 20 (VINTE) ANOS CONTADOS A PARTIR DE 05/04/2012, OBSERVADAS AS CONDICOES LEGAIS. |

优先权:

---

申请号 | 申请日 | 专利标题

---

US201161472109P| true| 2011-04-05|2011-04-05|

---

US61/472,109|2011-04-05|

---

US13/093,722|US9009475B2|2011-04-05|2011-04-25|Apparatus and methods for storing electronic access clients|

---

US13/093,722|2011-04-25|

---