WO2022061809A1 - Gestion de sécurité de modules d'identification d'abonné multiples - Google Patents

Gestion de sécurité de modules d'identification d'abonné multiples Download PDF

Info

Publication number
WO2022061809A1
WO2022061809A1 PCT/CN2020/118090 CN2020118090W WO2022061809A1 WO 2022061809 A1 WO2022061809 A1 WO 2022061809A1 CN 2020118090 W CN2020118090 W CN 2020118090W WO 2022061809 A1 WO2022061809 A1 WO 2022061809A1
Authority
WO
WIPO (PCT)
Prior art keywords
access code
subscriber identification
invalid
access
entries
Prior art date
Application number
PCT/CN2020/118090
Other languages
English (en)
Inventor
Zhiguo Li
Nan Zhang
Wei Huang
Original Assignee
Qualcomm Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Incorporated filed Critical Qualcomm Incorporated
Priority to PCT/CN2020/118090 priority Critical patent/WO2022061809A1/fr
Publication of WO2022061809A1 publication Critical patent/WO2022061809A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/45Security arrangements using identity modules using multiple identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/126Anti-theft arrangements, e.g. protection against subscriber identity module [SIM] cloning

Definitions

  • the technology discussed herein relates generally to wireless communication systems, and more particularly, to a method and apparatus for providing security for a client device having multiple subscriber identification modules (SIMs) .
  • SIMs subscriber identification modules
  • Wireless communications systems are widely deployed to provide various types of communication content such as voice, video, packet data, messaging, broadcast, and so on. These systems may be capable of supporting communication with multiple users by sharing the available system resources (e.g., time, frequency, and power) .
  • Examples of such multiple-access systems include fourth generation (4G) systems such as Long Term Evolution (LTE) systems, LTE-Advanced (LTE-A) systems, or LTE-A Pro systems, and fifth generation (5G) systems which may be referred to as New Radio (NR) systems.
  • 4G systems such as Long Term Evolution (LTE) systems, LTE-Advanced (LTE-A) systems, or LTE-A Pro systems
  • 5G systems which may be referred to as New Radio (NR) systems.
  • a wireless multiple-access communications system may include a number of base stations or network access nodes, each simultaneously supporting communication for multiple communication devices, which may be otherwise known as user equipment (UE) .
  • UE user equipment
  • a UE may have a plurality of subscriber identification modules (SIMs) (e.g., SIM cards) including a first SIM associated with a first set of one more applications or subscriptions and a second SIM associated with a second set of one or more applications subscriptions.
  • SIMs subscriber identification modules
  • Each of the first subscription and the second subscription may be associated with a same operator.
  • Nefarious entities may attempt to access one or more SIMs of the plurality of SIMs of the client device to extract personal information when, for example, the client device is lost by a rightful owner or stolen from a rightful owner.
  • a method for managing security of a client device having a plurality of subscriber identification modules includes obtaining a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device. The method also includes comparing the number of invalid access code entries with a threshold number. The method further includes locking access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • a client device having a plurality of subscriber identification modules includes a transceiver for wirelessly communicating with a base station.
  • the client device also includes one or more processors electronically coupled to the transceiver.
  • the one or more processors are configured to obtain a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device.
  • the one or more processors are also configured to compare the number of invalid access code entries with a threshold number.
  • the one or more processors are further configured to lock access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • a non-transitory, processor-readable storage medium of a client device having a plurality of subscriber identification modules is provided.
  • the non-transitory, processor-readable storage medium also has instructions stored thereon.
  • the processing circuit When the instructions are executed by a processing circuit, the processing circuit is configured to obtain a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device.
  • the processing circuit When the instructions are executed by the processing circuit, the processing circuit is also configured to compare the number of invalid access code entries with a threshold number.
  • the processing circuit is further configured to lock access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • a client device having a plurality of subscriber identification modules includes a means for obtaining a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device.
  • the client device also includes a means for comparing the number of invalid access code entries with a threshold number.
  • the client device further includes a means for locking access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • FIG. 1 is a schematic illustration of a wireless communication system.
  • FIG. 2 is a conceptual illustration of an example of a radio access network.
  • FIG. 3 is a conceptual illustration of an example client device having multiple subscriber identification modules (SIMs) implementing a method for providing security for the multiple SIMs according to some aspects.
  • SIMs subscriber identification modules
  • FIG. 4 is a conceptual diagram illustrating an example of a hardware implementation for an example client device or user equipment according to some aspects.
  • FIG. 5 is a flow chart illustrating an example method operational at client device according to some aspects.
  • FIG. 6 is a block diagram conceptually illustrating an example of a hardware implementation for a base station according to some aspects.
  • FIG. 7 is a flow chart illustrating an example method operational at a base station according to some aspects.
  • Some client devices include a plurality of subscriber identification modules (SIMs) .
  • the plurality of SIMs may include a first SIM associated with a first set of one or more applications or subscriptions and a second SIM associated with a second set of one or more applications or subscriptions.
  • the first set of one or more applications or subscriptions may be different from the second set of one or more applications.
  • the plurality of SIMs may also include a third SIM associated with a third set of one or more applications or subscriptions.
  • the third set of one or more applications or subscriptions may be different from both the first set and the second set. In some examples, none of the first set of one or more applications, the second set of one or more applications, and the third set of one or more applications have a same application.
  • these client devices may be lost or stolen causing personal and sensitive information stored on at least one SIM of the plurality of SIMs to potentially be accessible by a nefarious entity.
  • the nefarious entity may experiment with multiple access code entries to gain access to one or more of the SIMs.
  • the nefarious entity may know a portion of an valid access code entry to gain access to one or more SIMs stored in the client device, and thus, may only be required to experiment with less than all possible access code entry combinations.
  • one SIM may be accessible by the nefarious entity, but another SIM may require a valid access code to gain access.
  • Particular aspects of the disclosed techniques enable a multi-SIM client device to provide increased security for the plurality of subscriber identification modules in the client device.
  • Implementations may range a spectrum from chip-level or modular components to non-modular, non-chip-level implementations and further to aggregate, distributed, or OEM devices or systems incorporating one or more aspects of the described innovations.
  • devices incorporating described aspects and features may also necessarily include additional components and features for implementation and practice of claimed and described embodiments.
  • transmission and reception of wireless signals necessarily includes a number of components for analog and digital purposes (e.g., hardware components including antenna, RF-chains, power amplifiers, modulators, buffer, processor (s) , interleaver, adders/summers, etc. ) .
  • innovations described herein may be practiced in a wide variety of devices, chip-level components, systems, distributed arrangements, end-user devices, etc. of varying sizes, shapes, and constitution.
  • the various concepts presented throughout this disclosure may be implemented across a broad variety of telecommunication systems, network architectures, and communication standards.
  • the wireless communication system 100 includes three interacting domains: a core network 102, a radio access network (RAN) 104, and a client device or user equipment (UE) 106.
  • the UE 106 may be enabled to carry out data communication with an external data network 110, such as (but not limited to) the Internet.
  • the RAN 104 may implement any suitable wireless communication technology or technologies to provide radio access to the UE 106.
  • the RAN 104 may operate according to 3rd Generation Partnership Project (3GPP) New Radio (NR) specifications, often referred to as 5G.
  • 3GPP 3rd Generation Partnership Project
  • NR New Radio
  • the RAN 104 may operate under a hybrid of 5G NR and Evolved Universal Terrestrial Radio Access Network (eUTRAN) standards, often referred to as Long-Term Evolution (LTE) .
  • eUTRAN Evolved Universal Terrestrial Radio Access Network
  • LTE Long-Term Evolution
  • the 3GPP refers to this hybrid RAN as a next-generation RAN, or NG-RAN.
  • NG-RAN next-generation RAN
  • a base station is a network element in a radio access network responsible for radio transmission and reception in one or more cells to or from a UE.
  • a base station may variously be referred to by those skilled in the art as a base transceiver station (BTS) , a radio base station, a radio transceiver, a transceiver function, a basic service set (BSS) , an extended service set (ESS) , an access point (AP) , a Node B (NB) , an eNode B (eNB) , a gNode B (gNB) , or some other suitable terminology.
  • BTS base transceiver station
  • BSS basic service set
  • ESS extended service set
  • AP access point
  • NB Node B
  • eNB eNode B
  • gNB gNode B
  • the radio access network 104 is further illustrated supporting wireless communication for multiple mobile apparatuses.
  • a mobile apparatus may be referred to as user equipment (UE) in 3GPP standards, but may also be referred to by those skilled in the art as a mobile station (MS) , a subscriber station, a mobile unit, a subscriber unit, a wireless unit, a remote unit, a mobile device, a wireless device, a wireless communications device, a remote device, a mobile subscriber station, an access terminal (AT) , a mobile terminal, a wireless terminal, a remote terminal, a handset, a terminal, a user agent, a mobile client, a client, or some other suitable terminology.
  • a UE may be an apparatus that provides a user with access to network services.
  • a “mobile” apparatus need not necessarily have a capability to move, and may be stationary.
  • the term mobile apparatus or mobile device broadly refers to a diverse array of devices and technologies.
  • UEs may include a number of hardware structural components sized, shaped, and arranged to help in communication; such components can include antennas, antenna arrays, RF chains, amplifiers, one or more processors, etc. electrically coupled to each other.
  • a mobile apparatus examples include a mobile, a cellular (cell) phone, a smart phone, a session initiation protocol (SIP) phone, a laptop, a personal computer (PC) , a notebook, a netbook, a smartbook, a tablet, a personal digital assistant (PDA) , and a broad array of embedded systems, e.g., corresponding to an “Internet of things” (IoT) .
  • IoT Internet of things
  • a mobile apparatus may additionally be an automotive or other transportation vehicle, a remote sensor or actuator, a robot or robotics device, a satellite radio, a global positioning system (GPS) device, an object tracking device, a drone, a multi-copter, a quad-copter, a remote control device, a consumer or wearable device, such as eyewear, a wearable camera, a virtual reality device, a smart watch, a health or fitness tracker, a digital audio player (e.g., MP3 player) , a camera, a game console, etc.
  • a mobile apparatus may additionally be a digital home or smart home device such as a home audio, video, or multimedia device, an appliance, a vending machine, intelligent lighting, a home security system, a smart meter, etc.
  • a mobile apparatus may additionally be a smart energy device, a security device, a solar panel or solar array, a municipal infrastructure device controlling electric power (e.g., a smart grid) , lighting, water, etc.; an industrial automation and enterprise device; a logistics controller; agricultural equipment; military defense equipment, vehicles, aircraft, ships, and weaponry, etc. Still further, a mobile apparatus may provide for connected medicine or telemedicine support, e.g., health care at a distance. Telehealth devices may include telehealth monitoring devices and telehealth administration devices, whose communication may be given preferential treatment or prioritized access over other types of information, e.g., in terms of prioritized access for transport of critical service data, or relevant QoS for transport of critical service data.
  • Telehealth devices may include telehealth monitoring devices and telehealth administration devices, whose communication may be given preferential treatment or prioritized access over other types of information, e.g., in terms of prioritized access for transport of critical service data, or relevant QoS for transport of critical service data.
  • Wireless communication between a RAN 104 and a UE 106 may be described as utilizing an air interface.
  • Transmissions over the air interface from a base station (e.g., base station 108) to one or more UEs (e.g., UE 106) may be referred to as downlink (DL) transmission.
  • DL downlink
  • the term downlink may refer to a point-to-multipoint transmission originating at a scheduling entity (described further below; e.g., base station 108) .
  • Another way to describe this scheme may be to use the term broadcast channel multiplexing.
  • Uplink Transmissions from a UE (e.g., UE 106) to a base station (e.g., base station 108) may be referred to as uplink (UL) transmissions.
  • UL uplink
  • the term uplink may refer to a point-to-point transmission originating at a scheduled entity (described further below; e.g., UE 106) .
  • a scheduling entity e.g., a base station 108 allocates resources for communication among some or all devices and equipment within its service area or cell.
  • the scheduling entity may be responsible for scheduling, assigning, reconfiguring, and releasing resources for one or more scheduled entities. That is, for scheduled communication, UEs 106, which may be scheduled entities, may utilize resources allocated by the scheduling entity 108.
  • Base stations 108 are not the only entities that may function as scheduling entities. That is, in some examples, a UE may function as a scheduling entity, scheduling resources for one or more scheduled entities (e.g., one or more other UEs) .
  • a scheduling entity 108 may broadcast downlink traffic 112 to one or more scheduled entities 106.
  • the scheduling entity 108 is a node or device responsible for scheduling traffic in a wireless communication network, including the downlink traffic 112 and, in some examples, uplink traffic 116 from one or more scheduled entities 106 to the scheduling entity 108.
  • the scheduled entity 106 is a node or device that receives downlink control information 114, including but not limited to scheduling information (e.g., a grant) , synchronization or timing information, or other control information from another entity in the wireless communication network such as the scheduling entity 108.
  • base stations 108 may include a backhaul interface for communication with a backhaul portion 120 of the wireless communication system.
  • the backhaul 120 may provide a link between a base station 108 and the core network 102.
  • a backhaul network may provide interconnection between the respective base stations 108.
  • Various types of backhaul interfaces may be employed, such as a direct physical connection, a virtual network, or the like using any suitable transport network.
  • the core network 102 may be a part of the wireless communication system 100, and may be independent of the radio access technology used in the RAN 104.
  • the core network 102 may be configured according to 5G standards (e.g., 5GC) .
  • the core network 102 may be configured according to a 4G evolved packet core (EPC) , or any other suitable standard or configuration.
  • 5G standards e.g., 5GC
  • EPC 4G evolved packet core
  • the UE 106 may be a dual-subscriber identity module (SIM) device.
  • SIM in various embodiments may be a Universal Integrated Circuit Card (UICC) that is configured with SIM and/or USIM applications, enabling access to Long-Term Evolution and/or Fifth Generation New Radio networks.
  • the UICC may also provide storage for a phone book and other applications.
  • a SIM may be a UICC removable user identity module (R-UIM) or a CDMA subscriber identity module (CSIM) on a card.
  • R-UIM UICC removable user identity module
  • CCM CDMA subscriber identity module
  • a SIM card may have a CPU, ROM, RAM, EEPROM and I/O circuits.
  • An Integrated Circuit Card Identity (ICCID) SIM serial number may be printed on the SIM card for identification.
  • a SIM may be implemented within a portion of memory of the multi-SIM, Multi-Active (MSMA) communication device, and thus need not be a separate or removable circuit, chip, or card.
  • MSMA
  • a SIM used in various embodiments may store user account information, an International Mobile Subscriber Identity (IMSI) , a set of SIM application toolkit (SAT) commands and other network provisioning information, as well as provide storage space for phone book database of the user's contacts.
  • IMSI International Mobile Subscriber Identity
  • SAT SIM application toolkit
  • a SIM may store home identifiers (e.g., a System Identification Number (SID) /Network Identification Number (NID) pair, a Home Public Land Mobile Network (HPLMN) code, or the like) to indicate the SIM card network operator provider.
  • SID System Identification Number
  • NID Network Identification Number
  • HPLMN Home Public Land Mobile Network
  • FIG. 2 a schematic illustration of a RAN 200 is provided.
  • the RAN 200 may be the same as the RAN 104 described above and illustrated in FIG. 1.
  • the geographic area covered by the RAN 200 may be divided into cellular regions (cells) that can be uniquely identified by a user equipment (UE) based on an identification broadcasted from one access point or base station.
  • FIG. 2 illustrates macrocells 202, 204, and 206, and a small cell 208, each of which may include one or more sectors.
  • a sector is a sub-area of a cell. All sectors within one cell are served by the same base station.
  • a radio link within a sector can be identified by a single logical identification belonging to that sector.
  • the multiple sectors within a cell can be formed by groups of antennas with each antenna responsible for communication with UEs in a portion of the cell.
  • two base stations 210 and 212 are shown in cells 202 and 204; and a third base station 214 is shown controlling a remote radio head (RRH) 216 in cell 206.
  • a base station can have an integrated antenna or can be connected to an antenna or RRH by feeder cables.
  • the cells 202, 204, and 126 may be referred to as macrocells, as the base stations 210, 212, and 214 support cells having a large size.
  • a base station 218 is shown in the small cell 208 (e.g., a microcell, picocell, femtocell, home base station, home Node B, home eNode B, etc. ) which may overlap with one or more macrocells.
  • the cell 208 may be referred to as a small cell, as the base station 218 supports a cell having a relatively small size. Cell sizing can be done according to system design as well as component constraints.
  • the radio access network 200 may include any number of wireless base stations and cells. Further, a relay node may be deployed to extend the size or coverage area of a given cell.
  • the base stations 210, 212, 214, 218 provide wireless access points to a core network for any number of mobile apparatuses. In some examples, the base stations 210, 212, 214, or 218 may be the same as the base station/scheduling entity 108 described above and illustrated in FIG. 1.
  • FIG. 2 further includes a quadcopter or drone 220, which may be configured to function as a base station. That is, in some examples, a cell may not necessarily be stationary, and the geographic area of the cell may move according to the location of a mobile base station such as the quadcopter 220.
  • a quadcopter or drone 220 may be configured to function as a base station. That is, in some examples, a cell may not necessarily be stationary, and the geographic area of the cell may move according to the location of a mobile base station such as the quadcopter 220.
  • the cells may include UEs that may be in communication with one or more sectors of each cell.
  • each base station 210, 212, 214, 218, and 220 may be configured to provide an access point to a core network 102 (see FIG. 1) for all the UEs in the respective cells.
  • UEs 222 and 224 may be in communication with base station 210; UEs 226 and 228 may be in communication with base station 212; UEs 230 and 232 may be in communication with base station 214 by way of RRH 216; UE 234 may be in communication with base station 218; and UE 236 may be in communication with mobile base station 220.
  • the UEs 222, 224, 226, 228, 230, 232, 234, or 236 may be the same as the UE/scheduled entity 106 described herein and illustrated in FIG. 1.
  • a mobile network node e.g., quadcopter 220
  • quadcopter 220 may be configured to function as a UE.
  • the quadcopter 220 may operate within cell 202 by communicating with base station 210.
  • the ability for a UE to communicate while moving, independent of its location is referred to as mobility.
  • the various physical channels between the UE and the radio access network are generally set up, maintained, and released under the control of an access and mobility management function (AMF, part of the core network 102 in FIG. 1) , which may include a security context management function (SCMF) that manages the security context for both the control plane and the user plane functionality, and a security anchor function (SEAF) that performs authentication.
  • AMF access and mobility management function
  • SCMF security context management function
  • SEAF security anchor function
  • a radio access network 200 may utilize DL-based mobility or UL-based mobility to enable mobility and handovers (i.e., the transfer of a UE’s connection from one radio channel to another) .
  • a UE may monitor various parameters of the signal from its serving cell as well as various parameters of neighboring cells. Depending on the quality of these parameters, the UE may maintain communication with one or more of the neighboring cells.
  • the UE may undertake a handoff or handover from the serving cell to the neighboring (target) cell.
  • UE 224 illustrated as a vehicle, although any suitable form of UE may be used
  • the UE 224 may transmit a reporting message to its serving base station 210 indicating this condition.
  • the UE 224 may receive a handover command, and the UE may undergo a handover to the cell 206.
  • UL reference signals from each UE may be utilized by the network to select a serving cell for each UE.
  • the base stations 210, 212, and 214/216 may broadcast unified synchronization signals (e.g., unified Primary Synchronization Signals (PSSs) , unified Secondary Synchronization Signals (SSSs) and unified Physical Broadcast Channels (PBCH) ) .
  • PSSs Primary Synchronization Signals
  • SSSs unified Secondary Synchronization Signals
  • PBCH Physical Broadcast Channels
  • the UEs 222, 224, 226, 228, 230, and 232 may receive the unified synchronization signals, derive the carrier frequency and slot timing from the synchronization signals, and in response to deriving timing, transmit an uplink pilot or reference signal.
  • the uplink pilot signal transmitted by a UE may be concurrently received by two or more cells (e.g., base stations 210 and 214/216) within the radio access network 200.
  • Each of the cells may measure a strength of the pilot signal, and the radio access network (e.g., one or more of the base stations 210 and 214/216 or a central node within the core network) may determine a serving cell for the UE 224.
  • the radio access network e.g., one or more of the base stations 210 and 214/216 or a central node within the core network
  • the network may continue to monitor the uplink pilot signal transmitted by the UE 224.
  • the network 200 may handover the UE 224 from the serving cell to the neighboring cell, with or without informing the UE 224.
  • the synchronization signal transmitted by the base stations 210, 212, and 214/216 may be unified, the synchronization signal may not identify a particular cell, but rather may identify a zone of multiple cells operating on the same frequency or with the same timing.
  • the use of zones in 5G networks or other next generation communication networks enables the uplink-based mobility framework and improves the efficiency of both the UE and the network, since the number of mobility messages that need to be exchanged between the UE and the network may be reduced.
  • the air interface in the radio access network 200 may utilize licensed spectrum, unlicensed spectrum, or shared spectrum.
  • Licensed spectrum provides for exclusive use of a portion of the spectrum, generally by virtue of a mobile network operator purchasing a license from a government regulatory body.
  • Unlicensed spectrum provides for shared use of a portion of the spectrum without need for a government-granted license. While compliance with some technical rules is generally still required to access unlicensed spectrum, generally, any operator or device may gain access.
  • Shared spectrum may fall between licensed and unlicensed spectrum, wherein technical rules or limitations may be required to access the spectrum, but the spectrum may still be shared by multiple operators or multiple RATs.
  • the holder of a license for a portion of licensed spectrum may provide licensed shared access (LSA) to share that spectrum with other parties, e.g., with suitable licensee-determined conditions to gain access.
  • LSA licensed shared access
  • the air interface in the radio access network 200 may utilize one or more duplexing algorithms.
  • Duplex refers to a point-to-point communication link where both endpoints can communicate with one another in both directions.
  • Full duplex means both endpoints can simultaneously communicate with one another.
  • Half duplex means only one endpoint can transmit information to the other at a time.
  • a full duplex channel generally relies on physical isolation of a transmitter and receiver, and suitable interference cancellation technologies.
  • Full duplex emulation is frequently implemented for wireless links by utilizing frequency division duplex (FDD) or time division duplex (TDD) .
  • FDD frequency division duplex
  • TDD time division duplex
  • transmissions in different directions operate at different carrier frequencies.
  • TDD transmissions in different directions on a given channel are separated from one another using time division multiplexing. That is, at some times the channel is dedicated for transmissions in one direction, while at other times the channel is dedicated for transmissions in the other direction, where the direction may change very rapidly, e.g., several
  • the air interface in the radio access network 200 may utilize one or more multiplexing and multiple access algorithms to enable simultaneous communication of the various devices.
  • 5G NR specifications provide multiple access for UL transmissions from UEs 222 and 224 to base station 210, and for multiplexing for DL transmissions from base station 210 to one or more UEs 222 and 224, utilizing orthogonal frequency division multiplexing (OFDM) with a cyclic prefix (CP) .
  • OFDM orthogonal frequency division multiplexing
  • CP cyclic prefix
  • 5G NR specifications provide support for discrete Fourier transform-spread-OFDM (DFT-s-OFDM) with a CP (also referred to as single-carrier FDMA (SC-FDMA) ) .
  • DFT-s-OFDM discrete Fourier transform-spread-OFDM
  • SC-FDMA single-carrier FDMA
  • multiplexing and multiple access are not limited to the above schemes, and may be provided utilizing time division multiple access (TDMA) , code division multiple access (CDMA) , frequency division multiple access (FDMA) , sparse code multiple access (SCMA) , resource spread multiple access (RSMA) , or other suitable multiple access schemes.
  • multiplexing DL transmissions from the base station 210 to UEs 222 and 224 may be provided utilizing time division multiplexing (TDM) , code division multiplexing (CDM) , frequency division multiplexing (FDM) , orthogonal frequency division multiplexing (OFDM) , sparse code multiplexing (SCM) , or other suitable multiplexing schemes.
  • channels or carriers described above and illustrated in FIGS. 1 and 2 are not necessarily all the channels or carriers that may be utilized between a scheduling entity 108 and scheduled entities 106, and those of ordinary skill in the art will recognize that other channels or carriers may be utilized in addition to those illustrated, such as other traffic, control, and feedback channels.
  • Transport channels carry blocks of information called transport blocks (TB) .
  • TBS transport block size
  • MCS modulation and coding scheme
  • Some client devices include a plurality of subscriber identification modules (SIMs) .
  • the plurality of SIMs may include a first SIM associated with a first set of one or more applications or subscriptions and a second SIM associated with a second set of one or more applications or subscriptions.
  • the first set of one or more applications or subscriptions may be different from the second set of one or more applications.
  • the plurality of SIMs may also include a third SIM associated with a third set of one or more applications or subscriptions.
  • the third set of one or more applications or subscriptions may be different from both the first set and the second set. In some examples, none of the first set of one or more applications, the second set of one or more applications, and the third set of one or more applications have a same application.
  • these client devices may be lost or stolen causing personal and sensitive information stored on at least one SIM of the plurality of SIMs to potentially be accessible by a nefarious entity.
  • the nefarious entity may experiment with multiple access code entries to gain access to one or more of the SIMs.
  • the nefarious entity may know a portion of an valid access code entry to gain access to one or more SIMs stored in the client device, and thus, is only required to experiment with less than all possible access code entry combinations.
  • one SIM may be accessible by the nefarious entity, but another SIM may require a valid access code to gain access.
  • a processing system of the client device may obtain a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device.
  • the processing system of the client device may compare the number of invalid access code entries with a threshold number.
  • the processing system of the client device may lock access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • FIG. 3 is a conceptual illustration of an example client device having multiple subscriber identification modules (SIMs) implementing a method for providing security for the multiple SIMs according to some aspects.
  • the client device 300 includes an interface 302, a processing system 304, and a plurality of SIMs 306.
  • the plurality of SIMs 306 may include a first SIM associated with a first set of one or more applications and a second SIM associated with a second set of one or more applications. The first set of one or more applications may be different from the second set of one or more applications.
  • the plurality of SIMs 306 may also include a third SIM associated with a third set of one or more applications.
  • the third set of one or more applications may be different from both the first set of one or more applications and the second set of one or more applications. In some examples, none of the first set of one or more applications, the second set of one or more applications, and the third set of one or more applications have a same application.
  • the interface 302 may receive a number of access code entries (e.g., a personal identification number (PIN) ) to access one or more SIMs of the plurality of SIMs 306.
  • the interface 302 may receive a number of access code entries to access a first SIM of the plurality of SIMs 306.
  • the interface 302 may include a first interface associated with the first SIM and a second interface associated with the second SIM.
  • the first interface may receive a first number of access code entries to access the first SIM.
  • the second interface may receive a second number of access code entries to access the second SIM.
  • the number of access code entries may include one or more invalid access code entries.
  • the number of access code entries may all be invalid access code entries.
  • An invalid access code entry may be an access code entry that does not permit access to an application associated with a particular SIM of the plurality of SIMs.
  • a valid access code entry may be an access code entry that permits access to an application associated with a particular SIM of the plurality of SIMs.
  • the processing system 304 may obtain each of the access code entries from the interface 302.
  • the processing system 304 may obtain the number of invalid access code entries comprises obtaining the number of invalid access code entries through at least one interface associated with at least one subscriber identification module of the plurality of subscriber identification modules.
  • the processing system 304 may obtain the number of invalid access code entries through at least one of a first interface associated with a first subscriber identification module of the plurality of subscriber identification modules or a second interface associated with a second subscriber identification module of the plurality of subscriber identification modules.
  • the processing system 304 may obtain the number of invalid access code entries through only the first interface associated with the first subscriber identification module.
  • the processing system 304 may obtain a number of access code entries to access at least one SIM of the plurality of SIMs 306. In some examples, the processing system 304 may obtain the first number of access code entries to access the first SIM of the plurality of SIMs. The processing system 304 may obtain the second number of access code entries to access the second SIM of the plurality of SIMs 306. As described herein, the number of invalid access code entries may be sequentially and/or consecutively obtained in time.
  • the processing system 304 may obtain a valid access code from each SIM of the plurality of SIMs. For example, the processing system 304 may obtain a valid access code from the first SIM of the plurality of SIMs 306. In some examples, the processing system 304 may obtain a first valid access code from the first SIM of the plurality of SIMs 306 and a second valid access code from the second SIM of the plurality of SIMs 306. A valid access code obtained from a SIM may be used by the processing system 304 for a comparison between one or more of the received access code entries to determine whether each of the received access code entries are valid access code entries or invalid access code entries.
  • the processing system 304 may compare each of the access code entries with the valid access codes to determine whether each individual access code entry is a valid access code entry or an invalid access code entry. For example, the processing system 304 may have obtained a number of access code entries to access at least one SIM of the plurality of SIMs 306. The processing system 304 may have also obtained a valid access code associated with the at least one SIM of the plurality of SIMs 306. The processing system 304 may compare each access code entry of the number of access code entries with the valid access code to determine whether each individual access code entry is either a valid access code entry or an invalid access code entry. When an access code entry of the number of access code entries matches the valid access code, the processing system 304 determines that the access code entry is a valid access code entry. When an access code entry of the number of access code entries does not match the valid access code, the processing system 304 determines that the access code entry is an invalid access code entry.
  • the processing system 304 may have obtained a first number of access code entries to access a first SIM of the plurality of SIMs 306.
  • the processing system 304 may have also obtained a second number of access code entries to access a second SIM of the plurality of SIMs 306.
  • the processing system 304 may have obtained a first valid access code associated with the first SIM of the plurality of SIMs 306 and a second valid access code associated with the second SIM of the plurality of SIMs 306.
  • the processing system 304 may compare each access code entry of the first number of access code entries with the first valid access code associated with the first SIM of the plurality of SIMs 306 to determine whether each individual access code entry is either a valid access code entry or an invalid access code entry.
  • the processing system 304 may also compare each access code entry of the second number of access code entries with the second valid access code associated with the second SIM of the plurality of SIMs 306.
  • the processing system 304 determines that the access code entry of the first number of access code entries is a valid access code entry. When an access code entry of the first number of access code entries does not match the first valid access code, the processing system 304 determines that the access code entry of the first number of access code entries is an invalid access code entry. When an access code entry of the second number of access code entries matches the second valid access code, the processing system 304 determines that the access code entry of the second number of access code entries is a valid access code entry. When an access code entry of the second number of access code entries does not match the second valid access code, the processing system 304 determines that the access code entry of the second number of access code entries is an invalid access code entry.
  • the processing system 304 may compare a number of invalid access code entries with a threshold number. For example, the processing system 304 may have obtained a number of invalid access code entries from the interface 302. The processing system 304 may compare the number of invalid access code entries with the threshold number to determine whether to lock access to the plurality of SIMs 306. As another example, the processing system 304 may have obtained a first number of invalid access code entries to access a first SIM of the plurality of SIMs 306 from the first interface. The processing system 304 may have also obtained a second number of invalid access code entries to access a second SIM of the plurality of SIMs 306 from the second interface.
  • the processing system 304 may compare the total of the first number of invalid access code entries and the second number of invalid access code entries with the threshold number to determine whether to lock access to the plurality of SIMs 306. In some aspects, the processing system 304 may compare the number of invalid access code entries received through at least one of the first interface or the second interface with the threshold number. In some aspects, the threshold number may be any positive integer greater than one. For example, the threshold number may be two, three, four, or five.
  • the processing system 304 may determine a received sequence of each access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306. For example, the processing system 304 may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry. The processing system 304 may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry. The processing system 304 may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may determine that a fourth received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of four invalid access code entries have been consecutively received through the interface 302.
  • the processing system 304 may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received.
  • the processing system 304 may subsequently compare the number of access code entries with the threshold number after at least one of determining the sequence that the access code entries were received or determining the validity of each of the received access code entries.
  • the processing system 304 may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of four invalid access code entries have been consecutively received for the first SIM and the second SIM. The processing system 304 may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received. The processing system 304 may subsequently compare the total number of access code entries received for the first SIM and the second SIM with the threshold number after at least one of determining the sequence that the access code entries were received or determining the validity of each of the received access code entries.
  • the processing system 304 may lock access to the plurality of SIMs 306.
  • locking access to the plurality of SIMs 306 provides that if a valid access code entry is received after locking access to the plurality of SIMs 306, the valid access code entry (which is otherwise sufficient to obtain access to at least one SIM of the plurality of SIMs 306) is insufficient to obtain access to any of the plurality of SIMs 306 of the client device 300.
  • the processing system 304 may lock access to a first subscriber identification module through a first interface and a second subscriber identification module through a second interface if the number of invalid access code entries received through at least one of the first interface or the second interface exceeds the threshold number.
  • the processing system 304 may lock access to the plurality of SIMs 306 if the number of invalid access code entries exceeds the threshold number.
  • the threshold number may be three.
  • the processing system 304 may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may determine that a fourth received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of four invalid access code entries have been consecutively received through the interface 302.
  • the processing system 304 may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received.
  • the processing system 304 may determine that a valid access code is required to access at least one SIM of the plurality of SIMs 306.
  • the processing system 304 may compare the number of access code entries with the threshold number of three and determine to lock access to the plurality of SIMs because the number of received invalid access code entries exceeds the threshold number of three.
  • the threshold number may be three.
  • the processing system 304 may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of four invalid access code entries have been consecutively received for the first SIM and the second SIM. The processing system 304 may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received. Additionally, or alternatively, the processing system 304 may determine that a valid access code is required to access at least one SIM of the plurality of SIMs 306. The processing system 304 may compare the total number of access code entries received for the first SIM and the second SIM with the threshold number of three and determine to lock access to the plurality of SIMs because the total number of received invalid access code entries exceeds the threshold number of three.
  • the processing system 304 may not lock access to the plurality of SIMs 306 if the number of invalid access code entries does not exceed the threshold number.
  • the threshold number may be three.
  • the processing system 304 may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of three invalid access code entries have been received through the interface 302.
  • the processing system 304 may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the three invalid access code entries were received. Additionally, or alternatively, the processing system 304 may determine that a valid access code is required to access at least one SIM of the plurality of SIMs 306.
  • the processing system 304 may compare the number of access code entries with the threshold number of three and determine not to lock access to the plurality of SIMs because the number of received invalid access code entries does not exceed the threshold number of three.
  • the threshold number may be three.
  • the processing system 304 may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of three invalid access code entries have been received for the first SIM and the second SIM.
  • the processing system 304 may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received. Additionally, or alternatively, the processing system 304 may determine that a valid access code is required to access at least one SIM of the plurality of SIMs 306. The processing system 304 may compare the total number of access code entries received for the first SIM and the second SIM with the threshold number of three and determine not to lock access to the plurality of SIMs because the total number of received invalid access code entries does not exceed the threshold number of three.
  • the processing system 304 may not lock access to the plurality of SIMs 306 if a valid access code entry is received before the number of invalid access code entries exceeds the threshold number.
  • the threshold number may be two.
  • the processing system 304 may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is a valid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of three invalid access code entries have been received through the interface 302. However, the processing system 304 may also determine that a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number. The processing system 304 may determine not to lock access to the plurality of SIMs because a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number of two. In some examples, the processing system 304 may determine to provide access to at least one SIM of the plurality of SIMs associated with the received valid access code entry.
  • the threshold number may be two.
  • the processing system 304 may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is a valid access code entry.
  • the processing system 304 may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 determine that a total of three invalid access code entries have been received for the first SIM and the second SIM. However, the processing system 304 may also determine that a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number. The processing system 304 may determine not to lock access to the plurality of SIMs because a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number of two.
  • the processing system 304 may lock access to the plurality of SIMs 306 after a valid access code entry is received when the number of invalid access code entries that are consecutively received after receiving the valid access code entry exceeds the threshold number.
  • the threshold number may be two.
  • the processing system 304 may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs 306 is a valid access code entry.
  • the processing system 304 may also determine that a second received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry.
  • the processing system 304 may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry. In addition, the processing system 304 may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs 306 is an invalid access code entry. The processing system 304 may determine to permit access to the first SIM after the first received valid access code entry for the first SIM is received. However, the processing system 304 may also determine that the total number of three invalid access code entries consecutively and subsequently received for the second SIM exceeds the threshold number of two. The processing system 304 may determine to lock access to the plurality of SIMs including the first SIM and the second SIM because the total number of invalid access code entries consecutively received after the valid access code entry was received exceeded the threshold number of two.
  • the processing system 304 may transmit a signal to each SIM of the plurality SIMs 306 instructing each SIM of the plurality of SIMs 306 to lock access to the plurality of SIMs 306.
  • the processing system 304 may transmit a signal to one or more services providers each associate with at least one SIM of the plurality of SIMs 306 to instruct each of the service provides to lock access to each SIM of the plurality of SIMs 306.
  • the processing system 304 may act as a gateway providing access and locking access to each SIM of the plurality of SIMs 306. For example, the processing system 304 may lock access to each SIM of the plurality of SIMs 306 by blocking access to each SIM of the plurality of SIMs 306.
  • each of the plurality of SIMs 306 may individually lock when receiving a predetermined number of invalid access code entries.
  • the processing system 304 may generate the predetermined number of randomly generated invalid access code entries and provide the predetermined number of randomly generated invalid access code entries to each of the SIMs to lock access to each SIM of the plurality of SIMs 306.
  • the processing system 304 may receive a master access code (e.g., UNBLOCK PIN) after locking access to the plurality of SIMs 306.
  • a user may contact a service provider associated with at least one SIM of the plurality of SIMs 306 that have been locked from access.
  • the service provider may transmit a request to a base station to transmit a master access code to the client device 300.
  • the base station may transmit the master access code to the client device 300 for unlocking access to the at least one SIM of the plurality of SIMs 306.
  • the processing system 304 may receive a master access code through an interface 302 for unlocking access to the at least one SIM of the plurality of SIMs 306.
  • each of the invalid access code entries may include a quantity of characters
  • the master access code may include a greater quantity of characters compared to the quantity of characters of each of the invalid access code entries.
  • the processing system 304 may unlock access to the at least one SIM of the plurality of SIMs 306 in response to receiving the master access code.
  • the processing system 304 may receive a valid access code entry associated with the at least one SIM of the plurality of SIMs 306.
  • the processing system 304 may grant or provide access to one or more applications associated with the at least one SIM of the plurality of SIMs 306.
  • the processing system 304 may provide the valid access code entry to the at least one SIM of the plurality of SIMs 306 to provide or grant access to one or more applications associated with the at least one SIM of the plurality of SIMs 306.
  • this function initiates the comparison in the universal integrated circuit card (UICC) of the PIN verification data sent form the terminal with the PIN reference data stored in the card.
  • UICC universal integrated circuit card
  • the security status set as a result of the verification is valid regardless on which logical channel the verification is performed.
  • the verification process is subject to the following conditions being fulfilled: the PIN is not disabled; and the PIN is not blocked. If the access condition for a function to be performed on the last selected file is PIN, then a successful verification of the relevant PIN is required prior to the use of the function of this file unless the PIN is disabled. If the PIN presented is correct, the number of remaining PIN attempts for that PIN shall be reset to its initial value 3.
  • the access condition can never be fulfilled until the UNBLOCK PIN function has been successfully performed on the respective PIN.
  • Input indication PIN; and Output: None.
  • the client device 300 including the interface 302, the processing system 304, and the plurality of SIMs 306 may implement any one or more procedures described herein in addition to the procedure described herein with respect to FIG. 3.
  • the client device 300 including the interface 302, the processing system 304, and the plurality of SIMs 306 may implement any one or more procedures described herein with respect to any one or more of FIGS. 1, 2, and 4-7.
  • FIG. 4 is a conceptual diagram illustrating an example of a hardware implementation for an example client device or user equipment (UE) 400 according to some aspects.
  • the user equipment 400 may perform any of the functions illustrated and described in FIGS. 1-3 and 5.
  • the UE 400 may be a client device, such as client device 300 illustrated and described in FIG. 3.
  • the user equipment 400 may be implemented with a processing system 414 that includes one or more processors 404.
  • processors 404 include microprocessors, microcontrollers, digital signal processors (DSPs) , field programmable gate arrays (FPGAs) , programmable logic devices (PLDs) , state machines, gated logic, discrete hardware circuits, and other suitable hardware configured to perform the various functionality described throughout this disclosure.
  • DSPs digital signal processors
  • FPGAs field programmable gate arrays
  • PLDs programmable logic devices
  • state machines gated logic, discrete hardware circuits, and other suitable hardware configured to perform the various functionality described throughout this disclosure.
  • the user equipment 400 may be configured to perform any one or more of the functions described herein. That is, the processor 404, as utilized in the user equipment 400, may be used to implement any one or more of the processes and procedures described in FIGS. 1-3 and 5 and further illustrated in the flow diagrams discussed herein.
  • the processing system 414 may be implemented with a bus architecture, represented generally by the bus 402.
  • the bus 402 may include any number of interconnecting buses and bridges depending on the specific application of the processing system 414 and the overall design constraints.
  • the bus 402 communicatively couples together various circuits including one or more processors (represented generally by the processor 404) , a memory 405, computer-readable media (represented generally by the computer-readable medium 406) , a plurality of subscriber identification modules (e.g., SIMs, SIM cards) including a first SIM 416, a second SIM 418, and an Nth SIM 420.
  • SIMs subscriber identification module
  • the bus 402 may also link various other circuits such as timing sources, peripherals, voltage regulators, and power management circuits, which are well known in the art, and therefore, will not be described any further.
  • a bus interface 404 provides an interface between the bus 402 and a transceiver 410.
  • the transceiver 410 provides a communication interface or means for communicating with various other apparatus over a transmission medium.
  • a user interface 412 e.g., keypad, display, speaker, microphone, joystick
  • a user interface 412 e.g., keypad, display, speaker, microphone, joystick
  • the UE 400 may be a multiple SIM client device.
  • a SIM e.g., a first SIM 416, a second SIM 418, an Nth SIM 420
  • a SIM in various embodiments may be a Universal Integrated Circuit Card (UICC) that is configured with SIM and/or USIM applications, enabling access to Long-Term Evolution and/or Fifth Generation New Radio networks.
  • the UICC may also provide storage for a phone book and other applications.
  • a SIM may be a UICC removable user identity module (R-UIM) or a CDMA subscriber identity module (CSIM) on a card.
  • R-UIM UICC removable user identity module
  • CCM CDMA subscriber identity module
  • a SIM card may have a CPU, ROM, RAM, EEPROM and I/O circuits.
  • ICCID Integrated Circuit Card Identity
  • MSMA Multi-Active
  • a SIM used in various embodiments may store user account information, an International Mobile Subscriber Identity (IMSI) , a set of SIM application toolkit (SAT) commands and other network provisioning information, as well as provide storage space for phone book database of the user's contacts.
  • IMSI International Mobile Subscriber Identity
  • SAT SIM application toolkit
  • a SIM may store home identifiers (e.g., a System Identification Number (SID) /Network Identification Number (NID) pair, a Home Public Land Mobile Network (HPLMN) code, or the like) to indicate the SIM card network operator provider.
  • SID System Identification Number
  • NID Network Identification Number
  • HPLMN Home Public Land Mobile Network
  • the processor 404 may include an obtaining circuit 440 configured for various functions, including, for example, obtaining a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device.
  • the obtaining circuit 440 may also be configured for various functions, including, for example, obtaining the number of invalid access code entries through at least one interface associated with at least one subscriber identification module of the plurality of subscriber identification modules.
  • the obtaining circuit 440 may further be configured for various functions, including, for example, obtaining the number of invalid access code entries through at least one of a first interface associated with a first subscriber identification module of the plurality of subscriber identification modules or a second interface associated with a second subscriber identification module of the plurality of subscriber identification modules.
  • the obtaining circuit 440 may further be configured for various functions, including, for example, obtaining the number of invalid access code entries through only the first interface associated with the first subscriber identification module.
  • the processor 404 may include a comparing circuit 442 configured for various functions, including, for example, comparing the number of invalid access code entries with a threshold number.
  • the comparing circuit 442 may also be configured for various functions, including, for example, comparing the number of invalid access code entries received through at least one of the first interface or the second interface with the threshold number.
  • the processor 404 may include a locking /unlocking circuit 444 configured for various functions, including, for example, locking access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • the locking /unlocking circuit 444 may also be configured for various functions, including, for example, unlocking access to at least one subscriber identification module of the plurality of subscriber identification modules in response to receiving the master access code.
  • the locking /unlocking circuit 444 may be configured for various functions, including, for example, unlocking access to the at least one subscriber identification module of the plurality of subscriber identification modules through an interface associated with the at least one subscriber identification module in response to receiving the master access code.
  • the locking /unlocking circuit 444 may be configured for various functions, including, for example, locking access to the first subscriber identification module through the first interface and the second subscriber identification module through the second interface if the number of invalid access code entries received through at least one of the first interface or the second interface exceeds the threshold number.
  • the processor 404 may include a receiving circuit 446 configured for various functions, including, for example, receiving a master access code after locking access to the plurality of subscriber identification modules.
  • the processor 404 is responsible for managing the bus 402 and general processing, including the execution of software stored on the computer-readable medium 406.
  • the software when executed by the processor 404, causes the processing system 414 to perform the various functions described below for any particular apparatus.
  • the computer-readable medium 406 and the memory 405 may also be used for storing data that is manipulated by the processor 404 when executing software.
  • One or more processors 404 in the processing system may execute software.
  • Software shall be construed broadly to mean instructions, instruction sets, code, code segments, program code, programs, subprograms, software modules, applications, software applications, software packages, routines, subroutines, objects, executables, threads of execution, procedures, functions, etc., whether referred to as software, firmware, middleware, microcode, hardware description language, or otherwise.
  • the software may reside on a computer-readable medium 406.
  • the computer-readable medium 406 may be a non-transitory computer-readable medium.
  • a non-transitory computer-readable medium includes, by way of example, a magnetic storage device (e.g., hard disk, floppy disk, magnetic strip) , an optical disk (e.g., a compact disc (CD) or a digital versatile disc (DVD) ) , a smart card, a flash memory device (e.g., a card, a stick, or a key drive) , a random access memory (RAM) , a read only memory (ROM) , a programmable ROM (PROM) , an erasable PROM (EPROM) , an electrically erasable PROM (EEPROM) , a register, a removable disk, and any other suitable medium for storing software or instructions that may be accessed and read by a computer.
  • a magnetic storage device e.g., hard disk, floppy disk, magnetic strip
  • an optical disk e.g., a compact disc (CD) or a digital versatile disc (DVD)
  • a smart card
  • the computer-readable medium 406 may reside in the processing system 414, external to the processing system 414, or distributed across multiple entities including the processing system 414.
  • the computer-readable medium 406 may be embodied in a computer program product.
  • a computer program product may include a computer-readable medium in packaging materials.
  • the computer-readable storage medium 406 may include obtaining software or instructions 450, comparing software or instructions 452, Locking /Unlocking software or instructions 454, or receiving software or instructions 456.
  • the circuitry included in the processor 404 is merely provided as an example, and other means for carrying out the described functions may be included within various aspects of the present disclosure, including but not limited to the instructions stored in the computer-readable storage medium 406, or any other suitable apparatus or means described in any one of the FIGS. 1-3 and 5 and utilizing, for example, the processes or algorithms described herein.
  • FIG. 5 is a flow chart illustrating an example method 500 operational at a client device (e.g., user equipment (UE) ) according to some aspects.
  • a client device e.g., user equipment (UE)
  • the method 500 may be carried out by any suitable apparatus or means for carrying out the functions or algorithm described herein.
  • the client device may have a plurality of SIMs.
  • the processing system of the client device may obtain a number of invalid access code entries to access one or more subscriber identification modules of the plurality of subscriber identification modules in the client device.
  • an interface of the client device may receive a number of access code entries (e.g., a personal identification number (PIN) ) to access one or more SIMs of the plurality of SIMs.
  • the interface may receive a number of access code entries to access a first SIM of the plurality of SIMs.
  • the interface may include a first interface associated with the first SIM and a second interface associated with the second SIM.
  • the first interface may receive a first number of access code entries to access the first SIM.
  • the second interface may receive a second number of access code entries to access the second SIM.
  • the number of access code entries may include one or more invalid access code entries. In some aspects, the number of access code entries may all be invalid access code entries. An invalid access code entry may be an access code entry that does not permit access to an application associated with a particular SIM of the plurality of SIMs. Conversely, a valid access code entry may be an access code entry that permits access to an application associated with a particular SIM of the plurality of SIMs.
  • the processing system may obtain each of the access code entries from the interface.
  • the processing system may obtain the number of invalid access code entries comprises obtaining the number of invalid access code entries through at least one interface associated with at least one subscriber identification module of the plurality of subscriber identification modules.
  • the processing system may obtain the number of invalid access code entries through at least one of a first interface associated with a first subscriber identification module of the plurality of subscriber identification modules or a second interface associated with a second subscriber identification module of the plurality of subscriber identification modules. For example, the processing system may obtain the number of invalid access code entries through only the first interface associated with the first subscriber identification module.
  • the processing system may obtain a number of access code entries to access at least one SIM of the plurality of SIMs. In some examples, the processing system may obtain the first number of access code entries to access the first SIM of the plurality of SIMs. The processing system may obtain the second number of access code entries to access the second SIM of the plurality of SIMs. As described herein, the number of invalid access code entries may be sequentially and/or consecutively obtained in time.
  • the processing system of the client device may compare the number of invalid access code entries with a threshold number. For example, the processing system may obtain a valid access code from the first SIM of the plurality of SIMs. In some examples, the processing system may obtain a first valid access code from the first SIM of the plurality of SIMs and a second valid access code from the second SIM of the plurality of SIMs. A valid access code obtained from a SIM may be used by the processing system for a comparison between one or more of the received access code entries to determine whether each of the received access code entries are valid access code entries or invalid access code entries.
  • the processing system may compare each of the access code entries with the valid access codes to determine whether each individual access code entry is a valid access code entry or an invalid access code entry. For example, the processing system may have obtained a number of access code entries to access at least one SIM of the plurality of SIMs. The processing system may have also obtained a valid access code associated with the at least one SIM of the plurality of SIMs. The processing system may compare each access code entry of the number of access code entries with the valid access code to determine whether each individual access code entry is either a valid access code entry or an invalid access code entry. When an access code entry of the number of access code entries matches the valid access code, the processing system determines that the access code entry is a valid access code entry. When an access code entry of the number of access code entries does not match the valid access code, the processing system determines that the access code entry is an invalid access code entry.
  • the processing system may have obtained a first number of access code entries to access a first SIM of the plurality of SIMs.
  • the processing system may have also obtained a second number of access code entries to access a second SIM of the plurality of SIMs.
  • the processing system may have obtained a first valid access code associated with the first SIM of the plurality of SIMs and a second valid access code associated with the second SIM of the plurality of SIMs.
  • the processing system may compare each access code entry of the first number of access code entries with the first valid access code associated with the first SIM of the plurality of SIMs to determine whether each individual access code entry is either a valid access code entry or an invalid access code entry.
  • the processing system may also compare each access code entry of the second number of access code entries with the second valid access code associated with the second SIM of the plurality of SIMs.
  • the processing system determines that the access code entry of the first number of access code entries is a valid access code entry. When an access code entry of the first number of access code entries does not match the first valid access code, the processing system determines that the access code entry of the first number of access code entries is an invalid access code entry. When an access code entry of the second number of access code entries matches the second valid access code, the processing system determines that the access code entry of the second number of access code entries is a valid access code entry. When an access code entry of the second number of access code entries does not match the second valid access code, the processing system determines that the access code entry of the second number of access code entries is an invalid access code entry.
  • the processing system may compare the number of invalid access code entries with the threshold number to determine whether to lock access to the plurality of SIMs.
  • the processing system may have obtained a first number of invalid access code entries to access a first SIM of the plurality of SIMs from the first interface.
  • the processing system may have also obtained a second number of invalid access code entries to access a second SIM of the plurality of SIMs from the second interface.
  • the processing system may compare the total of the first number of invalid access code entries and the second number of invalid access code entries with the threshold number to determine whether to lock access to the plurality of SIMs.
  • the processing system may compare the number of invalid access code entries received through at least one of the first interface or the second interface with the threshold number.
  • the threshold number may be any positive integer greater than one.
  • the threshold number may be two, three, four, or five.
  • the processing system may determine a received sequence of each access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs. For example, the processing system may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry. The processing system may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry. The processing system may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may determine that a fourth received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of four invalid access code entries have been consecutively received through the interface.
  • the processing system may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received.
  • the processing system may subsequently compare the number of access code entries with the threshold number after at least one of determining the sequence that the access code entries were received or determining the validity of each of the received access code entries.
  • the processing system may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of four invalid access code entries have been consecutively received for the first SIM and the second SIM.
  • the processing system may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received.
  • the processing system may subsequently compare the total number of access code entries received for the first SIM and the second SIM with the threshold number after at least one of determining the sequence that the access code entries were received or determining the validity of each of the received access code entries.
  • the processing system of the client device may lock access to the plurality of subscriber identification modules if the number of invalid access code entries exceeds the threshold number.
  • locking access to the plurality of SIMs provides that if a valid access code entry is received after locking access to the plurality of SIMs, the valid access code entry (which is otherwise sufficient to obtain access to at least one SIM of the plurality of SIMs) is insufficient to obtain access to any of the plurality of SIMs of the client device 300.
  • the processing system may lock access to a first subscriber identification module through a first interface and a second subscriber identification module through a second interface if the number of invalid access code entries received through at least one of the first interface or the second interface exceeds the threshold number.
  • the processing system may lock access to the plurality of SIMs if the number of invalid access code entries exceeds the threshold number.
  • the threshold number may be three.
  • the processing system may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may determine that a fourth received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of four invalid access code entries have been consecutively received through the interface.
  • the processing system may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received.
  • the processing system may determine that a valid access code is required to access at least one SIM of the plurality of SIMs.
  • the processing system may compare the number of access code entries with the threshold number of three and determine to lock access to the plurality of SIMs because the number of received invalid access code entries exceeds the threshold number of three.
  • the threshold number may be three.
  • the processing system may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of four invalid access code entries have been consecutively received for the first SIM and the second SIM.
  • the processing system may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received. Additionally, or alternatively, the processing system may determine that a valid access code is required to access at least one SIM of the plurality of SIMs.
  • the processing system may compare the total number of access code entries received for the first SIM and the second SIM with the threshold number of three and determine to lock access to the plurality of SIMs because the total number of received invalid access code entries exceeds the threshold number of three.
  • the processing system may not lock access to the plurality of SIMs if the number of invalid access code entries does not exceed the threshold number.
  • the threshold number may be three.
  • the processing system may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of three invalid access code entries have been received through the interface.
  • the processing system may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the three invalid access code entries were received. Additionally, or alternatively, the processing system may determine that a valid access code is required to access at least one SIM of the plurality of SIMs. The processing system may compare the number of access code entries with the threshold number of three and determine not to lock access to the plurality of SIMs because the number of received invalid access code entries does not exceed the threshold number of three.
  • the threshold number may be three.
  • the processing system may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of three invalid access code entries have been received for the first SIM and the second SIM.
  • the processing system may also determine that no valid access code entries were received before (within a period of time such as five minutes, ten minutes, twenty minutes, an hour, or the like) the four invalid access code entries were received. Additionally, or alternatively, the processing system may determine that a valid access code is required to access at least one SIM of the plurality of SIMs. The processing system may compare the total number of access code entries received for the first SIM and the second SIM with the threshold number of three and determine not to lock access to the plurality of SIMs because the total number of received invalid access code entries does not exceed the threshold number of three.
  • the processing system may not lock access to the plurality of SIMs if a valid access code entry is received before the number of invalid access code entries exceeds the threshold number.
  • the threshold number may be two.
  • the processing system may determine that a first received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is a valid access code entry.
  • the processing system may further determine that a third received access code entry of the number of access code entries for the at least one SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of three invalid access code entries have been received through the interface. However, the processing system may also determine that a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number. The processing system may determine not to lock access to the plurality of SIMs because a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number of two. In some examples, the processing system may determine to provide access to at least one SIM of the plurality of SIMs associated with the received valid access code entry.
  • the threshold number may be two.
  • the processing system may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may also determine that a second received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is a valid access code entry.
  • the processing system may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system determine that a total of three invalid access code entries have been received for the first SIM and the second SIM. However, the processing system may also determine that a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number. The processing system may determine not to lock access to the plurality of SIMs because a valid access code entry was received before the total number of invalid access code entries exceeded the threshold number of two.
  • the processing system may lock access to the plurality of SIMs after a valid access code entry is received when the number of invalid access code entries that are consecutively received after receiving the valid access code entry exceeds the threshold number.
  • the threshold number may be two.
  • the processing system may determine that a first received access code entry of the first number of access code entries for the first SIM of the plurality of SIMs is a valid access code entry.
  • the processing system may also determine that a second received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may further determine that a third received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may determine that a fourth received access code entry of the second number of access code entries for the second SIM of the plurality of SIMs is an invalid access code entry.
  • the processing system may determine to permit access to the first SIM after the first received valid access code entry for the first SIM is received.
  • the processing system may also determine that the total number of three invalid access code entries consecutively and subsequently received for the second SIM exceeds the threshold number of two.
  • the processing system may determine to lock access to the plurality of SIMs including the first SIM and the second SIM because the total number of invalid access code entries consecutively received after the valid access code entry was received exceeded the threshold number of two.
  • the processing system may transmit a signal to each SIM of the plurality of SIMs instructing each SIM of the plurality of SIMs to lock access to the plurality of SIMs.
  • the processing system may transmit a signal to one or more services providers each associate with at least one SIM of the plurality of SIMs to instruct each of the service provides to lock access to each SIM of the plurality of SIMs.
  • the processing system may act as a gateway providing access and locking access to each SIM of the plurality of SIMs.
  • the processing system may lock access to each SIM of the plurality of SIMs by blocking access to each SIM of the plurality of SIMs.
  • each of the plurality of SIMs may individually lock when receiving a predetermined number of invalid access code entries.
  • the processing system may generate the predetermined number of randomly generated invalid access code entries and provide the predetermined number of randomly generated invalid access code entries to each of the SIMs to lock access to each SIM of the plurality of SIMs.
  • the processing system of the client device may receive a master access code after locking access to the plurality of subscriber identification modules. For example, a user may contact a service provider associated with at least one SIM of the plurality of SIMs that have been locked from access. The service provider may transmit a request to a base station to transmit a master access code to the client device 300. In response to receiving the request, the base station may transmit the master access code to the client device 300 for unlocking access to the at least one SIM of the plurality of SIMs. As another example, the processing system may receive a master access code through an interface for unlocking access to the at least one SIM of the plurality of SIMs.
  • each of the invalid access code entries may include a quantity of characters
  • the master access code may include a greater quantity of characters compared to the quantity of characters of each of the invalid access code entries.
  • the processing system of the client device may unlock access to at least one subscriber identification module of the plurality of subscriber identification modules in response to receiving the master access code.
  • the processing system may receive a valid access code entry associated with the at least one SIM of the plurality of SIMs.
  • the processing system may grant or provide access to one or more applications associated with the at least one SIM of the plurality of SIMs.
  • the processing system may provide the valid access code entry to the at least one SIM of the plurality of SIMs to provide or grant access to one or more applications associated with the at least one SIM of the plurality of SIMs.
  • FIG. 6 is a block diagram conceptually illustrating an example of a hardware implementation for a base station 600 according to some aspects.
  • the base station 600 may be a base station as illustrated in any one or more of FIGS. 1-2.
  • the base station 600 may be implemented with a processing system 614 that includes one or more processors 604.
  • processors 604 include microprocessors, microcontrollers, digital signal processors (DSPs) , field programmable gate arrays (FPGAs) , programmable logic devices (PLDs) , state machines, gated logic, discrete hardware circuits, and other suitable hardware configured to perform the various functionality described throughout this disclosure.
  • DSPs digital signal processors
  • FPGAs field programmable gate arrays
  • PLDs programmable logic devices
  • state machines gated logic, discrete hardware circuits, and other suitable hardware configured to perform the various functionality described throughout this disclosure.
  • the base station 600 may be configured to perform any one or more of the functions described herein. That is, the processor 604, as utilized in the base station 600, may be used to implement any one or more of the processes and procedures described and illustrated in FIGS. 1, 2, and 7.
  • the processing system 614 may be implemented with a bus architecture, represented generally by the bus 602.
  • the bus 602 may include any number of interconnecting buses and bridges depending on the specific application of the processing system 614 and the overall design constraints.
  • the bus 602 communicatively couples together various circuits including one or more processors (represented generally by the processor 604) , a memory 605, and computer-readable media (represented generally by the computer-readable medium 607) .
  • the bus 602 may also link various other circuits such as timing sources, peripherals, voltage regulators, and power management circuits, which are well known in the art, and therefore, will not be described any further.
  • a bus interface 608 provides an interface between the bus 602 and a transceiver 610.
  • the transceiver 610 may provide a communication interface or means for wirelessly communicating with various other apparatus over a transmission medium.
  • a user interface 612 e.g., keypad, display, speaker, microphone, joystick
  • a user interface 612 may also be provided.
  • the processor 604 may include a receiving circuit 640 configured to perform various functions, including, for example, receiving a request for a master access code associated with a subscriber identification module (SIM) of a plurality of SIMs of a client device.
  • the processor 604 may include a transmitting circuit 642 configured to perform various functions, including, for example, transmit the master access code to the client device in response to receiving a request from the master access code to be transmitted to the client device.
  • the processor 604 may be responsible for managing the bus 602 and general processing, including the execution of software stored on the computer-readable medium 607.
  • the software when executed by the processor 604, causes the processing system 614 to perform the various functions described herein, including those functions describe with respect to FIGS. 1, 2, and 7.
  • the computer-readable medium 607 and the memory 605 may also be used for storing data that is manipulated by the processor 604 when executing software.
  • One or more processors 604 in the processing system may execute software.
  • Software shall be construed broadly to mean instructions, instruction sets, code, code segments, program code, programs, subprograms, software modules, applications, software applications, software packages, routines, subroutines, objects, executables, threads of execution, procedures, functions, etc., whether referred to as software, firmware, middleware, microcode, hardware description language, or otherwise.
  • the software may reside on a computer-readable medium 607.
  • the computer-readable medium 607 may be a non-transitory computer-readable medium.
  • a non-transitory computer-readable medium includes, by way of example, a magnetic storage device (e.g., hard disk, floppy disk, magnetic strip) , an optical disk (e.g., a compact disc (CD) or a digital versatile disc (DVD) ) , a smart card, a flash memory device (e.g., a card, a stick, or a key drive) , a random access memory (RAM) , a read only memory (ROM) , a programmable ROM (PROM) , an erasable PROM (EPROM) , an electrically erasable PROM (EEPROM) , a register, a removable disk, and any other suitable medium for storing software or instructions that may be accessed and read by a computer.
  • a magnetic storage device e.g., hard disk, floppy disk, magnetic strip
  • an optical disk e.g., a compact disc (CD) or a digital versatile disc (DVD)
  • a smart card
  • the computer-readable medium 607 may reside in the processing system 614, external to the processing system 614, or distributed across multiple entities including the processing system 614.
  • the computer-readable medium 607 may be embodied in a computer program product.
  • a computer program product may include a computer-readable medium in packaging materials.
  • the computer-readable storage medium 607 may include receiving software or instructions 650 and transmitting software or instructions 652.
  • the circuitry included in the processor 604 is merely provided as an example, and other means for carrying out the described functions may be included within various aspects of the present disclosure, including but not limited to the instructions stored in the computer-readable storage medium 607, or any other suitable apparatus or means described in any one of the FIGS. 1, 2, and 7 and utilizing, for example, the processes or algorithms described herein.
  • FIG. 7 is a flow chart illustrating an example method 800 operational at a base station for providing security for a multiple subscriber identification module (SIM) device according to some aspects.
  • the method 700 may be carried out by any suitable apparatus or means for carrying out the functions or algorithm described herein.
  • the base station may receive a request for a master access code associated with at least one subscriber identification module of a plurality of subscriber identification modules of a client device.
  • the base station may transmit the master access code to the client device in response to receiving the request. For example, a user may contact a service provider associated with at least one SIM of the plurality of SIMs that have been locked from access. The service provider may transmit a request to a base station to transmit a master access code to the client device 300. In response to receiving the request, the base station may transmit the master access code to the client device 300 for unlocking access to the at least one SIM of the plurality of SIMs.
  • each of the invalid access code entries may include a quantity of characters
  • the master access code may include a greater quantity of characters compared to the quantity of characters of each of the invalid access code entries.
  • the processing system of the client device may unlock access to the at least one SIM of the plurality of SIMs in response to receiving the master access code.
  • the processing system may receive a valid access code entry associated with the at least one SIM of the plurality of SIMs.
  • the processing system may grant or provide access to one or more applications associated with the at least one SIM of the plurality of SIMs.
  • the processing system may provide the valid access code entry to the at least one SIM of the plurality of SIMs to provide or grant access to one or more applications associated with the at least one SIM of the plurality of SIMs.
  • a or b may include a only, b only, or a combination of a and b.
  • a phrase referring to “at least one of” or “one or more of” a list of items refers to any combination of those items, including single members.
  • “at least one of: a, b, or c” is intended to cover the examples of: a only, b only, c only, a combination of a and b, a combination of a and c, a combination of b and c, and a combination of a and b and c.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé de communication sans fil par un équipement utilisateur ou un dispositif client ayant une pluralité de modules d'identification d'abonné (SIM). Le procédé consiste à obtenir un certain nombre d'entrées de code d'accès non valides pour accéder à un ou plusieurs modules d'identification d'abonné de la pluralité de modules d'identification d'abonné dans le dispositif client. Le procédé consiste également à comparer le nombre d'entrées de code d'accès non valides à un nombre de seuil. Le procédé consiste en outre à verrouiller l'accès à la pluralité de modules d'identification d'abonné si le nombre d'entrées de code d'accès non valides dépasse le nombre de seuil.
PCT/CN2020/118090 2020-09-27 2020-09-27 Gestion de sécurité de modules d'identification d'abonné multiples WO2022061809A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/118090 WO2022061809A1 (fr) 2020-09-27 2020-09-27 Gestion de sécurité de modules d'identification d'abonné multiples

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/118090 WO2022061809A1 (fr) 2020-09-27 2020-09-27 Gestion de sécurité de modules d'identification d'abonné multiples

Publications (1)

Publication Number Publication Date
WO2022061809A1 true WO2022061809A1 (fr) 2022-03-31

Family

ID=80844737

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/118090 WO2022061809A1 (fr) 2020-09-27 2020-09-27 Gestion de sécurité de modules d'identification d'abonné multiples

Country Status (1)

Country Link
WO (1) WO2022061809A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080083827A1 (en) * 2006-10-06 2008-04-10 Taisys Technologies Co., Ltd. Security method of dual-card assembly
US20090270072A1 (en) * 2008-04-23 2009-10-29 Mediatek Inc. Methods for performing pin verification by mobile station with subscriber identity cards and systems utilizing the same
CN102479049A (zh) * 2010-11-24 2012-05-30 Lg电子株式会社 移动终端及其操作方法
CN103428678A (zh) * 2012-05-25 2013-12-04 尤罗斯有限公司 具有至少一个sim的装置
CN103959703A (zh) * 2011-11-28 2014-07-30 诺基亚公司 用于管理用户提供接入令牌的方法和装置

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080083827A1 (en) * 2006-10-06 2008-04-10 Taisys Technologies Co., Ltd. Security method of dual-card assembly
US20090270072A1 (en) * 2008-04-23 2009-10-29 Mediatek Inc. Methods for performing pin verification by mobile station with subscriber identity cards and systems utilizing the same
CN102479049A (zh) * 2010-11-24 2012-05-30 Lg电子株式会社 移动终端及其操作方法
CN103959703A (zh) * 2011-11-28 2014-07-30 诺基亚公司 用于管理用户提供接入令牌的方法和装置
CN103428678A (zh) * 2012-05-25 2013-12-04 尤罗斯有限公司 具有至少一个sim的装置

Similar Documents

Publication Publication Date Title
US20220150684A1 (en) System and method that facilitate steering of roaming
US20210297853A1 (en) Secure communication of broadcast information related to cell access
US11671902B2 (en) Apparatus and methods for new radio broadcast and multicast access control
US11570808B2 (en) Two-step random access procedure in wireless communication
US12010508B2 (en) Peer-to-peer link security setup for relay connection to mobile network
US12089100B2 (en) Radio (NR) cell addition in non-standalone mode
US11019625B2 (en) Enhancement of MAC signaling for network-assisted V2X resource scheduling in PC5 multi-carrier operation
US20230319901A1 (en) Improved monitoring for random access
US20230328794A1 (en) Service groups for random access
WO2022056810A1 (fr) Sélection de cellule d'ancrage à double connectivité multi-rat
WO2021226934A1 (fr) Synchronisation pour gestion de la mobilité sur la base d'une couche basse
US20230083682A1 (en) Two step random access procedure in wireless communication
US11375461B1 (en) User equipment (UE) transmit power control for dual subscription dual active (DSDA) operations
WO2022061809A1 (fr) Gestion de sécurité de modules d'identification d'abonné multiples
CN114631398B (zh) 一种通信方法,通信装置及通信系统
WO2022000252A1 (fr) Appareil et procédés de transfert intercellulaire d'un réseau d'évolution à long terme à un réseau de nouvelle radio de cinquième génération pour module d'identification à double abonné
US11805477B2 (en) Method to reduce recovery time from out-of-service event in dual receive (DR) or dual sim dual access (DSDA) capable user equipment
US20240015798A1 (en) Random access channel parameter prioritization with network slice differentiation and access identity differentiation
WO2022041036A1 (fr) Mise à jour de flux de trafic à l'aide d'un message de temps de cycle de réception discontinue
WO2022036668A1 (fr) Amélioration de la mobilité de mise en tranche de réseau
WO2021237487A1 (fr) Appareil et procédé de communication sans fil utilisant des techniques à double connectivité
WO2019183944A1 (fr) Connexion de signalisation de nas basée sur internet

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20954660

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20954660

Country of ref document: EP

Kind code of ref document: A1