Methods and apparatus for managing data within a secure element
First Claim
Patent Images
1. A mobile device, comprising:
- wireless circuitry adapted to communicate with at least one wireless network; and
a secure element, comprising;
a plurality of access control clients,a logical entity configured to manage the plurality of access control clients, wherein each access control client of the plurality of access control clients comprises a user data component and a non-user data component, and the logical entity provides access only to the user data components, anda processor configured to;
receive a request to access the user data component contained in an inactive access control client of the plurality of access control clients,when the logical entity verifies that the request is valid, retrieve the user data component from the inactive access control client without activating the inactive access control client, wherein activating the inactive access control client includes carrying out an authentication procedure with a network entity, andtransfer at least a portion of the user data component from the inactive access control client to at least one other access control client of the plurality of access control clients.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods for managing and sharing data across multiple access control clients in devices. In one embodiment, the access control clients comprise electronic Subscriber Identity Modules (eSIMs) disposed on a embedded Universal Integrated Circuit Card (eUICC). Each eSIM contains its own data. An Advanced Subscriber Identity Toolkit application maintained within the eUICC facilitates managing and sharing multiple eSIMs'"'"' data for various purposes such as sharing phonebook contacts or facilitating automatic switch-over between the multiple eSIMs (such as based on user context).
11 Citations
16 Claims
-
1. A mobile device, comprising:
-
wireless circuitry adapted to communicate with at least one wireless network; and a secure element, comprising; a plurality of access control clients, a logical entity configured to manage the plurality of access control clients, wherein each access control client of the plurality of access control clients comprises a user data component and a non-user data component, and the logical entity provides access only to the user data components, and a processor configured to; receive a request to access the user data component contained in an inactive access control client of the plurality of access control clients, when the logical entity verifies that the request is valid, retrieve the user data component from the inactive access control client without activating the inactive access control client, wherein activating the inactive access control client includes carrying out an authentication procedure with a network entity, and transfer at least a portion of the user data component from the inactive access control client to at least one other access control client of the plurality of access control clients. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method for managing a plurality of access control clients stored in a secure element, the method comprising:
-
receiving, from a requestor, a request to access data that is contained in a particular access control client of the plurality of access control clients, wherein the data comprises a user data component and a non-user data component, and the secure element comprises the plurality of access control clients and a logical entity that is configured to manage the plurality of access control clients; determining whether the request is directed to the logical entity or the particular access control client; when the request is directed to the particular access control client, providing access to the data that is contained in the particular access control client via a first interface, wherein the first interface allows access to both the user data component and the non-user data component of the particular access control client; and when the request is directed to the logical entity; verifying the request, wherein verifying the request comprises authenticating the requestor, searching the plurality of access control clients to locate the particular access control client that contains the data, obtaining the user data component from the particular access control client via a second interface, wherein the second interface allows access to only the user data component of the particular access control client, and returning the user data component to the requestor. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A secure element included in a mobile device, comprising:
-
a processor configured to; receive, from a requestor, a request to access data contained in a particular access control client of the plurality of access control clients, wherein the data comprises a user data component and a non-user data component, and the secure element comprises the plurality of access control clients and a logical entity that is configured to manage the plurality of access control clients; determine whether the request is directed to the logical entity or the particular access control Client; when the request is directed to the particular access control client; provide access to the data that is contained in the particular access control client via a first interface, wherein the first interface allows access to both the user data component and the non-user data component of the particular access control client; and when the request is directed to the logical entity; verify the request, search the plurality of access control clients to locate the particular access control client that contains the data, obtain the user data component from the particular access control client via a second interface, wherein the second interface allows access to only the user data component of the particular access control client, and return the user data component to the requestor. - View Dependent Claims (14, 15, 16)
-
Specification