CN116088885A - Operating system updating method and device, universal integrated circuit card and storage medium - Google Patents

Operating system updating method and device, universal integrated circuit card and storage medium Download PDF

Info

Publication number
CN116088885A
CN116088885A CN202111308204.8A CN202111308204A CN116088885A CN 116088885 A CN116088885 A CN 116088885A CN 202111308204 A CN202111308204 A CN 202111308204A CN 116088885 A CN116088885 A CN 116088885A
Authority
CN
China
Prior art keywords
operating system
uicc
storage area
related data
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111308204.8A
Other languages
Chinese (zh)
Inventor
孙波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN202111308204.8A priority Critical patent/CN116088885A/en
Publication of CN116088885A publication Critical patent/CN116088885A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application discloses an operating system updating method, an operating system updating device, a Universal Integrated Circuit Card (UICC) and a storage medium. The method comprises the following steps: the UICC receives a first request through a first operating system which is running; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC; acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area; switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.

Description

Operating system updating method and device, universal integrated circuit card and storage medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to an operating system updating method, an operating system updating device, a universal integrated circuit card (UICC, universal Integrated Circuit Card) and a storage medium.
Background
Some electronic devices (english may be denoted as devices) may access the operator network through the UICC, thereby using various types of network services provided by the operator. For example, with the rapid development of internet of things in recent years, more and more internet of things devices are networked through a cellular network, which requires that each internet of things device needs to deploy an UICC of an operator internet of things, such as a subscriber identity module (SIM, subscriber Identity Module) card, so that the internet of things device authenticates and accesses to the network. Because of the wide use environments of the internet of things devices, many of which have a relatively harsh working environment, UICCs are typically deployed in embedded form in the internet of things devices, such as embedded SIM (eSIM) cards. The embedded UICC not only has higher physical performance, but also has smaller volume, and has better adaptability to the Internet of things equipment. At this time, how to update the operating system of the embedded UICC is a problem to be solved.
Disclosure of Invention
In order to solve the related technical problems, embodiments of the present application provide an operating system updating method, an operating system updating device, a UICC and a storage medium.
The technical scheme of the embodiment of the application is realized as follows:
The embodiment of the application provides an operating system updating method which is applied to a UICC and comprises the following steps:
receiving a first request through a running first operating system; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area;
switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
In the above solution, the switching the operating system of the UICC to the second operating system includes:
after the acquired related data of the second operating system are stored in the second storage area, carrying out integrity check and/or correctness check on the related data of the second operating system through the first operating system;
And after the integrity check and/or the correctness check are successful, switching the operating system of the UICC into the second operating system through the first operating system.
In the above solution, the switching the operating system of the UICC to the second operating system includes:
triggering the first operating system to execute a first command after the integrity check and/or the correctness check are successful; the first command is used for restarting the UICC and modifying first information into an address corresponding to the second storage area; the first information is used for the UICC to acquire related data of an operating system when the UICC is started.
In the above solution, the performing integrity check and/or correctness check on the related data of the second operating system includes:
and decrypting the related data of the second operating system through the first operating system, and carrying out integrity check and/or correctness check on the decrypted related data of the second operating system.
In the above scheme, when acquiring the related data of the second operating system, the method further includes:
acquiring second information through the first operating system; the second information comprises a message authentication code MAC;
And carrying out integrity check on the decrypted related data of the second operating system by using the second information through the first operating system.
In the above solution, the verifying the correctness of the decrypted related data of the second operating system includes:
judging whether the decrypted related data of the second operating system meets a preset format or not through the first operating system; under the condition that the decrypted related data of the second operating system meets a preset format, the correctness check is successful; and under the condition that the decrypted related data of the second operating system does not meet a preset format, the correctness check fails.
In the above scheme, the method further comprises:
receiving a second request sent by a service platform through the first operating system; the second request is used for requesting related information of an operating system which is running by the UICC;
returning third information to the service platform through the first operating system; the third information comprises version information of the first operating system and an identifier corresponding to the first storage space;
and receiving a first request sent by the service platform based on the third information through the first operating system.
In the above scheme, the method further comprises:
and after the first operating system successfully switches the operating system of the UICC into the second operating system, returning a switching result to the service platform through the second operating system.
In the above solution, the acquiring the related data of the second operating system includes:
and acquiring related data of the second operating system from a service platform by using the first operating system by using an over-the-air OTA technology.
The embodiment of the application also provides an operating system updating device, which is arranged on the UICC and comprises:
the receiving unit is used for receiving a first request after being utilized by a first operating system running by the UICC; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
the acquisition unit is used for acquiring related data of a second operating system after being utilized by the first operating system, and storing the acquired related data of the second operating system into a second storage area of the UICC; the second storage area is independent of the first storage area;
The switching unit is used for switching the operating system of the UICC into the second operating system after being utilized by the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
The embodiment of the application also provides a UICC, which comprises:
the communication interface is used for receiving a first request after being utilized by a running first operating system; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
a processor for:
acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area;
switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
The embodiment of the application also provides a UICC, which comprises: a processor and a memory for storing a computer program capable of running on the processor, wherein the processor is adapted to perform the steps of any of the methods described above when the computer program is run
The present application also provides a storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of any of the methods described above.
The method, the device, the UICC and the storage medium for updating the operating system provided by the embodiment of the application, the UICC receives a first request through a running first operating system; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC; acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area; switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area. According to the scheme of the embodiment of the application, the UICC is provided with a main firmware storage area (namely a first storage area), a backup firmware storage area (namely a second storage area) and a functional data storage area (namely a third storage area), and the storage areas are completely isolated, namely the three storage areas are mutually independent; therefore, when the operating system of the embedded UICC needs to be updated, the UICC does not need to be replaced, and the updating of the operating system can be realized under the condition that the original function related data is reserved, so that the cost of updating the UICC can be reduced; in addition, the process of acquiring the new related data of the operating system by the UICC does not affect the normal use of all functions of the UICC, in other words, the electronic equipment deployed with the UICC cannot be disconnected for a long time due to acquiring the new related data of the operating system, so that the embedded UICC can meet the requirement of only allowing the electronic equipment to be disconnected for a short time in specific scenes such as the scene of the Internet of things.
Drawings
FIG. 1 is a flowchart illustrating an operating system update method according to an embodiment of the present disclosure;
fig. 2 is a schematic diagram of an internal architecture of a SIM card according to an embodiment of the present application;
fig. 3 is a schematic flow chart of updating an operating system of a SIM card according to an embodiment of the present application;
FIG. 4 is a schematic structural diagram of an operating system update device according to an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a UICC according to an embodiment of the application.
Detailed Description
The present application is described in further detail below with reference to the accompanying drawings and examples.
In the related art, there is a certain limitation in the embedded UICC: the upgrade of the operating system is not supported, and once the embedded UICC is welded into the electronic equipment, the embedded UICC can be upgraded only by replacing the UICC, namely the original embedded UICC is welded and replaced by a new embedded UICC, or the new electronic equipment is directly replaced.
Specifically, the embedded UICC has the following problems when in use:
1) Each time the UICC has a problem or needs to be subjected to function upgrading, the original card needs to be replaced, the replacement cost is extremely high for the embedded UICC, and some special scenes can not even replace the UICC;
2) The electronic equipment deployed with the UICC needs to be disconnected from the network when the UICC is replaced, cannot be used normally for a long time, and cannot meet the requirement that the electronic equipment is only allowed to be disconnected from the network in a short time under specific scenes such as the scene of the Internet of things.
Based on the above, in various embodiments of the present application, the UICC is provided with a main firmware storage area, a backup firmware storage area and a functional data storage area, where the storage areas are completely isolated, i.e. the three storage areas are mutually independent; therefore, when the operating system of the embedded UICC needs to be updated, the UICC does not need to be replaced, and the updating of the operating system can be realized under the condition that the original function related data is reserved, so that the cost of updating the UICC can be reduced; in addition, the process of acquiring the new related data of the operating system by the UICC does not affect the normal use of all functions of the UICC, in other words, the electronic equipment deployed with the UICC cannot be disconnected for a long time due to acquiring the new related data of the operating system, so that the embedded UICC can meet the requirement of only allowing the electronic equipment to be disconnected for a short time in specific scenes such as the scene of the Internet of things.
An embodiment of the present application provides an operating system updating method, applied to a UICC, as shown in fig. 1, the method includes:
step 101: receiving a first request through a running first operating system;
here, the first request is for requesting an update of an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
Step 102: acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC;
here, the second storage area is independent from the first storage area;
step 103: switching the operating system of the UICC into the second operating system through the first operating system;
wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
Here, since the data related to the function of the UICC is stored in the third storage area, and the third storage area is independent from the first storage area and the second storage area, a process of updating the operating system by the UICC does not affect the data stored in the third storage area; in other words, the UICC is disconnected only when the operating system is switched, the process of acquiring the new related data of the operating system does not affect the normal use of all functions of the UICC, and the original related data of the functions are still reserved after the operating system of the UICC is updated.
In practical application, the type of the UICC can be set according to requirements, such as eSIM and the like.
In actual use, the first operating system and the second operating system may be referred to as on-chip operating systems (COS, chip Operating System).
In practical application, after the first operating system successfully switches the operating system of the UICC to the second operating system, the UICC may execute steps similar to steps 101 to 103 through the running second operating system, so as to implement further upgrade of the operating system. Specifically, the UICC may receive the first request through the second operating system that is running, acquire related data of a third operating system, store the acquired related data of the third operating system in the first storage area, and switch the operating system of the UICC to the third operating system. In other words, the UICC may alternately use the first storage area and the second storage area to perform steps similar to the steps 101 to 103 in a cyclic manner, and when the operating system corresponding to the first storage area (or the second storage area) is running, the UICC receives the first request through the running operating system, acquires related data of a new operating system, stores related data of the new operating system in the second storage area (or the first storage area) which is not currently used, and switches the operating system of the UICC to the new operating system; in this way, the UICC can implement continuous upgrades of the operating system.
In practical application, the operating system updating method of the embodiment of the present application may be understood as a function of the operating systems of the UICC (i.e. the first operating system, the second operating system and the third operating system), in other words, the operating systems of the UICC in the related art need to be improved in program to implement the operating system updating method of the embodiment of the present application. Meanwhile, in order to ensure data security, the first storage area and the second storage area may be respectively provided with an Issuer Security Domain (ISD), and the corresponding operating system performs steps similar to steps 101 to 103 based on the corresponding ISD during running, so that continuous upgrading of the operating system can be realized on the premise of ensuring data security.
In step 101, in actual application, since the UICC needs to be deployed in the electronic device, the receiving, by the running first operating system, the first request may include: receiving, by the first operating system, a first request for transparent transmission (i.e., forwarding) of an electronic device in which the UICC is deployed; here, the electronic device may be an internet of things device, a mobile phone, or the like, and may specifically be set according to a requirement, which is not limited in the embodiment of the present application.
In actual application, the sender of the first request can be set according to scene requirements. For example, the service platform of the operator may trigger an update procedure of the operating system of the UICC, that is, the UICC may receive, through the first operating system, a first request sent by the service platform. Here, the service platform may be implemented by a Server (english may be expressed as Server), in other words, the UICC may receive, through the first operating system, a first request sent by the Server.
In step 102, during actual application, the UICC may obtain related data of the second operating system forwarded by the electronic device associated with the UICC (i.e. the electronic device deployed with the UICC), where a specific sender of the related data of the second operating system may be set according to a requirement, for example, the service platform, which is not limited in the embodiment of the present application.
In practical application, the sender of the related data of the second operating system may be the same as or different from the sender of the first request.
In practical application, the UICC needs to update the operating system cyclically by alternately using the first storage area and the second storage area, so that when the first operating system stores the related data of the second operating system in the second storage area, a data coverage mode can be adopted, that is, all data of the second storage area is deleted first, and then the related data of the second operating system is stored in the second storage area.
In practical application, in order to ensure the integrity and/or correctness of data transmission, the UICC may perform integrity and/or correctness verification on related data of the second operating system, and after verification is successful, switch the operating system of the UICC to the second operating system.
Based on this, in an embodiment, the switching the operating system of the UICC to the second operating system may include:
after the acquired related data of the second operating system are stored in the second storage area, carrying out integrity check and/or correctness check on the related data of the second operating system through the first operating system;
and after the integrity check and/or the correctness check are successful, switching the operating system of the UICC into the second operating system through the first operating system.
In practical application, in order to further ensure secure transmission of data, the related data of the second operating system acquired by the UICC may be encrypted data.
Based on this, in an embodiment, the performing integrity check and/or correctness check on the related data of the second operating system may include:
And decrypting the related data of the second operating system through the first operating system, and carrying out integrity check and/or correctness check on the decrypted related data of the second operating system.
Here, the manner of performing the decryption process on the related data of the second operating system may be set according to the requirement, for example, performing the decryption process using a preset key.
In actual application, if the decryption processing fails, or if the integrity check fails, or if the correctness check fails, the UICC may return a prompt message to the sender of the first request and/or the sender of the related data of the second operating system, for example, return a prompt message to the service platform; the prompt information is used for prompting the sender of the first request and/or the sender of the related data of the second operating system that the related data of the second operating system fails in decryption, integrity check or correctness check; after receiving the prompt message, the sender of the first request can reinitiate the update flow of the operating system of the UICC, namely, resend the first request to the UICC; and after the sender of the related data of the second operating system receives the prompt information, the related data of the second operating system can be sent to the UICC again.
In practical application, the UICC may implement integrity checking using MAC.
Based on this, in an embodiment, when acquiring the related data of the second operating system, the method may further include:
acquiring second information through the first operating system; the second information includes a MAC;
accordingly, the performing the integrity check on the decrypted related data of the second operating system may include:
and carrying out integrity check on the decrypted related data of the second operating system by using the second information through the first operating system.
In practical application, the UICC may calculate the MAC using a preset algorithm, such as the 3DES algorithm; comparing the calculated MAC with the MAC contained in the second information, and determining that the integrity check is successful by the UICC under the condition that the calculated MAC is consistent with the MAC contained in the second information; and under the condition that the calculated MAC is inconsistent with the MAC contained in the second information, the UICC can determine that the integrity check fails.
In practical application, the UICC can realize correctness checking based on a data format.
Based on this, in an embodiment, the verifying the correctness of the decrypted related data of the second operating system may include:
Judging whether the decrypted related data of the second operating system meets a preset format or not through the first operating system; under the condition that the decrypted related data of the second operating system meets a preset format, the correctness check is successful; and under the condition that the decrypted related data of the second operating system does not meet a preset format, the correctness check fails.
Here, the specific data format corresponding to the operating system of the UICC may be set according to requirements, which is not limited in the embodiment of the present application.
In step 103, in actual application, after the integrity check and/or the correctness check are successful, the first operating system may be directly triggered to switch the operating system of the UICC to the second operating system, in other words, the first request is used to trigger the first operating system to acquire related data of the second operating system, store the related data of the second operating system in the second storage area, and switch the operating system of the UICC to the second operating system; or, the system switching request sent by the service platform may trigger the first operating system to perform integrity check and/or correctness check on the related data of the second operating system, and switch the operating system of the UICC to the second operating system after the integrity check and/or correctness check is successful.
Based on this, in an embodiment, the switching the operating system of the UICC to the second operating system may include:
triggering the first operating system to execute a first command after the integrity check and/or the correctness check are successful; the first command is used for restarting the UICC and modifying first information into an address corresponding to the second storage area; the first information is used for the UICC to acquire related data of an operating system when the UICC is started.
In practical application, the first information may be understood as a starting address index table of a working area where the UICC separately stores, that is, information not stored in the first storage area, the second storage area, and the third storage area.
In actual application, the first command may specifically be a Refresh command, and the UICC is used as an active party to actively initiate execution; the address corresponding to the second storage area may specifically be a start address of the second storage area.
In actual application, under the condition that the service platform triggers the update flow of the operating system of the UICC, the service platform needs to determine the updated information of the operating system corresponding to the first request according to the related information of the operating system currently running by the UICC.
Based on this, in an embodiment, the method may further include:
receiving a second request sent by a service platform through the first operating system; the second request is used for requesting related information of an operating system which is running by the UICC;
returning third information to the service platform through the first operating system; the third information comprises version information of the first operating system and an identifier corresponding to the first storage space;
accordingly, the receiving the first request may include:
and receiving a first request sent by the service platform based on the third information through the first operating system.
In practical application, the service platform may determine the version of the second operating system and the corresponding start address according to the version information of the first operating system and the identifier corresponding to the first storage space, that is, determine the relevant data and the corresponding storage space of the second operating system.
In practical application, after the switching of the operating system of the UICC is completed, a switching result can be returned to the service platform.
Based on this, in an embodiment, the method may further include:
and after the first operating system successfully switches the operating system of the UICC into the second operating system, returning a switching result to the service platform through the second operating system.
In practical application, the specific manner of obtaining the related data of the second operating system by the UICC may be set according to requirements, which is not limited in the embodiment of the present application. Illustratively, the UICC may obtain the related data of the second operating system using OTA technology.
Based on this, in an embodiment, the acquiring the related data of the second operating system may include:
and acquiring related data of the second operating system from a service platform by using OTA technology through the first operating system.
Correspondingly, the service platform can encrypt the related data of the second operating system by using a preset algorithm, and send the encrypted related data of the second operating system and the second information to the UICC through an OTA technology.
According to the operating system updating method provided by the embodiment of the application, the UICC receives a first request through a first operating system which is running; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC; acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area; switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area. According to the scheme of the embodiment of the application, the UICC is provided with a main firmware storage area (namely a first storage area), a backup firmware storage area (namely a second storage area) and a functional data storage area (namely a third storage area), and the storage areas are completely isolated, namely the three storage areas are mutually independent; therefore, when the operating system of the embedded UICC needs to be updated, the UICC does not need to be replaced, and the updating of the operating system can be realized under the condition that the original function related data is reserved, so that the cost of updating the UICC can be reduced; in addition, the process of acquiring the new related data of the operating system by the UICC does not affect the normal use of all functions of the UICC, in other words, the electronic equipment deployed with the UICC cannot be disconnected for a long time due to acquiring the new related data of the operating system, so that the embedded UICC can meet the requirement of only allowing the electronic equipment to be disconnected for a short time in specific scenes such as the scene of the Internet of things.
The present application is described in further detail below in connection with examples of application.
In this application embodiment, the first storage area is referred to as firmware area a; the second storage area is called a firmware area B; the third storage area is called a data area; the operating system is called COS; the UICC is a SIM card; the SIM card is arranged in an Internet of things Device (Device) and interacts with a Server (Server) of a service platform through the Internet of things Device.
In this application embodiment, as shown in fig. 2, when initializing the SIM card, the operator divides the storage area into a firmware area a, a firmware area B and a data area, where the three areas are completely isolated, i.e. are mutually independent; the firmware area A and the firmware area B are used for storing relevant data of COS; the data area is used for storing data related to the function of the SIM card, such as application data, user data, function related files and the like. When the SIM card works in an initial state, COS (i.e. the first operating system) corresponding to the firmware area A is normally used (i.e. operated); when the SIM card triggers the COS updating flow, the COS corresponding to the firmware area A is responsible for receiving new COS data (namely the related data of the second operating system) and storing the new COS data in the firmware area B; after the COS corresponding to the firmware area A completes the integrity and correctness checking on the new COS data in the firmware area B, the COS switching process can be triggered, namely the SIM card is restarted by an active command Refresh, the starting address (namely the first information) of the working COS area is modified to the starting address of the firmware area B, and the COS corresponding to the firmware area B starts to work after the SIM card is restarted. When the COS is updated again, the COS corresponding to the firmware area B is responsible for downloading new COS data, and the new COS data are stored in the firmware area A.
Specifically, as shown in fig. 3, the process of updating the COS by the SIM card may include the following steps:
step 301: the service platform sends a state query request (namely the second request) to the SIM card; step 302 is then performed;
step 302: the SIM card returns firmware state data (namely the third information) to the service platform; step 303 is then performed;
here, the firmware state data includes version information of the COS in which the SIM card is running and a corresponding firmware area identification (i.e., a or B); in addition, firmware state data may also be referred to as card field data.
Step 303: the service platform selects proper firmware (A or B) and an update version of COS according to the firmware state data; step 304 is then performed;
here, since the data of COS corresponding to different firmware is different (i.e. the starting address in the data is different), the service platform needs to determine the firmware area and the version corresponding to the new COS according to the firmware area currently being used by the SIM card and the corresponding COS version, thereby determining the new COS data.
Step 304: the service platform sends an upgrade request (namely the first request) to the SIM card; step 305 is then performed;
step 305: the SIM card returns an upgrade request response to the service platform; thereafter, step 306 is performed;
Step 306: the service platform sends a firmware data updating instruction to the SIM card; step 307 is then performed;
here, the firmware data update instruction includes new COS data (i.e., the related data of the second operating system described above) and MAC information; the service platform encrypts the new COS data, adds MAC information to obtain a firmware data updating instruction, and sends the firmware data updating instruction to the SIM card in an OTA mode.
Step 307: the SIM card verifies (i.e., decrypts) and updates the firmware data; step 308 is then performed;
here, the SIM card decrypts the data received in step 306 to obtain new COS data, and updates the data of the corresponding firmware area (i.e., covers the data stored in the firmware area that is not currently being used) with the new COS data.
Step 308: the SIM card returns a firmware data updating state to the service platform; step 309 is then performed;
here, the firmware data update status may characterize whether the SIM card successfully decrypts the data received in step 306.
Step 309: the service platform synchronously displays the update state and progress; step 310 is then performed;
here, the service platform may issue the COS data in step 306 multiple times, and the SIM card performs step 307 and step 308 on a part of the COS data issued by the service platform each time, and returns the update status of the part of the COS data to the service platform, so that the service platform presents the update status and the overall update progress of each part of the COS data (which may also be understood as the download progress of the new COS data or the loading progress of the SIM card on the new COS); in other words, steps 306-309 may be steps performed in a Loop (Loop) until the SIM card stores the new COS data completely in the corresponding firmware area.
Step 310: the SIM card sends a state switching request to the service platform; step 311 is then performed;
here, after the service platform receives the correct update state, that is, after the firmware data update state received by the service platform characterizes that new COS data has been stored in the corresponding firmware area, a state switching request may be sent to the SIM card; in addition, since the state switching request is used for triggering the SIM card to implement COS switching, that is, for performing COS maintenance on the SIM card, the state switching request may also be referred to as a maintenance instruction.
Step 311: the SIM card checks the new COS data; step 312 is then performed; meanwhile, step 313 is performed in case the verification is successful;
here, the SIM card may acquire the new COS data after the storage from the corresponding firmware area, perform integrity and correctness verification on the new COS data, and return a verification result to the service platform, i.e. execute step 312; meanwhile, under the condition that the integrity and correctness check is successful, the switching of the COS is triggered, namely, step 313 is executed; and (3) if the integrity and/or correctness check fails, other operations are not executed, and the next instruction of the service platform is waited.
Step 312: the SIM card returns a verification result to the service platform;
Step 313: the SIM card is disconnected with the service platform; step 314 is then performed;
step 314: the SIM card is restarted by actively commanding a Refresh to realize COS switching; step 315 is then performed;
step 315: updating firmware state data by the SIM card; step 316 is then performed;
step 316: the SIM card establishes connection with a service platform; step 317 is then performed;
step 317: the service platform sends a state query request to the SIM card; step 318 is then performed;
step 318: the SIM card returns firmware state data to the service platform;
here, the firmware status data returned by the SIM card can reflect the COS switching result of the SIM.
The scheme provided by the embodiment of the application has the following advantages:
1) Because the data related to the SIM card function is stored in the data area, the SIM card can carry out COS upgrade under the condition of ensuring the original application and user data;
2) In the upgrading process of the SIM card, the network is disconnected only when the SIM card is switched and restarted, and the normal use of the function of the SIM card is not affected in the downloading process (namely, the storing and checking process of new COS data) which takes a relatively long time.
In order to implement the method of the embodiment of the present application, the embodiment of the present application further provides an operating system updating device, which is disposed on the UICC, as shown in fig. 4, and the device includes:
A receiving unit 401, configured to receive a first request after being utilized by a first operating system that is running by the UICC; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
an obtaining unit 402, configured to obtain related data of a second operating system after being utilized by the first operating system, and store the obtained related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area;
a switching unit 403, configured to switch the operating system of the UICC to the second operating system after being utilized by the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
In one embodiment, the switching unit 403 is specifically configured to perform integrity check and/or correctness check on the related data of the second operating system after being utilized by the first operating system; and after the integrity check and/or the correctness check are successful, switching the operating system of the UICC into the second operating system.
In an embodiment, the switching unit 403 is further configured to execute a first command after being utilized by the first operating system; the first command is used for restarting the UICC and modifying first information into an address corresponding to the second storage area; the first information is used for the UICC to acquire related data of an operating system when the UICC is started.
In an embodiment, the switching unit 403 is further configured to decrypt the related data of the second operating system after being utilized by the first operating system, and perform integrity check and/or correctness check on the decrypted related data of the second operating system.
In an embodiment, when the acquiring unit 402 acquires the related data of the second operating system, the acquiring unit is further configured to acquire the second information after being utilized by the first operating system; the second information includes a MAC;
correspondingly, the switching unit 403 is further configured to perform integrity check on the decrypted related data of the second operating system by using the second information after being utilized by the first operating system.
In an embodiment, the switching unit 403 is further configured to determine whether the decrypted related data of the second operating system meets a preset format after being utilized by the first operating system; under the condition that the decrypted related data of the second operating system meets a preset format, the correctness check is successful; and under the condition that the decrypted related data of the second operating system does not meet a preset format, the correctness check fails.
In an embodiment, the receiving unit 401 is further configured to receive, after being utilized by the first operating system, a second request sent by a service platform; the second request is used for requesting related information of an operating system which is running by the UICC;
correspondingly, the device also comprises a sending unit, a service platform and a processing unit, wherein the sending unit is used for returning third information to the service platform after being utilized by the first operating system; the third information comprises version information of the first operating system and an identifier corresponding to the first storage space;
the receiving unit 401 is further configured to receive, after being utilized by the first operating system, a first request sent by the service platform based on the third information.
In an embodiment, the sending unit is further configured to return a handover result to the service platform after being utilized by the second operating system.
In an embodiment, the obtaining unit 402 is specifically configured to obtain, by using OTA technology, the related data of the second operating system from a service platform after being utilized by the first operating system.
In practical application, the receiving unit 401 and the sending unit may be implemented by a communication interface in the operating system updating device; the acquisition unit 402 and the switching unit 403 may be implemented by a processor in the operating system updating device in combination with a communication interface.
It should be noted that: the operating system updating device provided in the above embodiment only uses the division of each program module to illustrate when updating the operating system, and in practical application, the processing allocation may be performed by different program modules according to needs, i.e. the internal structure of the device is divided into different program modules to complete all or part of the processing described above. In addition, the operating system updating device and the operating system updating method provided in the above embodiments belong to the same concept, and specific implementation processes thereof are detailed in the method embodiments, which are not repeated here.
Based on the hardware implementation of the program modules, and in order to implement the method of the embodiments of the present application, the embodiments of the present application further provide a UICC, as shown in fig. 5, the UICC 500 includes:
a communication interface 501 capable of information interaction with other electronic devices;
a processor 502, connected to the communication interface 501, for implementing information interaction with other electronic devices, and configured to execute the methods provided by one or more of the above technical solutions when running a computer program;
memory 503 stores a computer program capable of running on the processor 502.
Specifically, the communication interface 501 is configured to receive a first request after being utilized by a running first operating system; the first request is for requesting an update of an operating system of the UICC 500; the related data of the first operating system is stored in a first storage area of the UICC 500;
the processor 502 is configured to obtain, by using the first operating system, related data of a second operating system, and store the obtained related data of the second operating system in a second storage area of the UICC 500; the second storage area is independent of the first storage area; switching the operating system of the UICC 500 to the second operating system; wherein, the data related to the function of the UICC 500 is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
In one embodiment, the processor 502 is specifically configured to store the acquired related data of the second operating system in the second storage area, and then perform, by using the first operating system, integrity check and/or correctness check on the related data of the second operating system; and after the integrity check and/or the correctness check are successful, switching the operating system of the UICC 500 to the second operating system.
In an embodiment, the processor 502 is further configured to execute a first command through the first operating system; the first command is used for restarting the UICC 500 and modifying the first information into an address corresponding to the second storage area; the first information is used for the UICC 500 to acquire related data of an operating system at the time of startup.
In an embodiment, the processor 502 is further configured to decrypt, by using the first operating system, the related data of the second operating system, and perform integrity check and/or correctness check on the decrypted related data of the second operating system.
In an embodiment, the processor 502 is further configured to:
acquiring second information through the first operating system; the second information includes a MAC;
and carrying out integrity check on the decrypted related data of the second operating system by using the second information through the first operating system.
In an embodiment, the processor 502 is further configured to determine, by the first operating system, whether the decrypted related data of the second operating system meets a preset format; under the condition that the decrypted related data of the second operating system meets a preset format, the correctness check is successful; and under the condition that the decrypted related data of the second operating system does not meet a preset format, the correctness check fails.
In an embodiment, the communication interface 501 is further configured to receive, after being utilized by the first operating system, a second request sent by a service platform; the second request is for requesting information about an operating system that the UICC 500 is running; returning third information to the service platform; the third information comprises version information of the first operating system and an identifier corresponding to the first storage space; and receiving a first request sent by the service platform based on the third information.
In an embodiment, the communication interface 501 is further configured to return a handover result to the service platform after being utilized by the second operating system.
In an embodiment, the processor 502 is further configured to obtain, by the first operating system, related data of the second operating system from a service platform using OTA technology.
It should be noted that: the details of the specific implementation of the above operations by the communication interface 501 and the processor 502 are described in the method embodiment, and are not described herein. In addition, the memory 503 includes the first storage area, the second storage area, and the third storage area.
Of course, in actual practice, the various components in the UICC 500 are coupled together by a bus system 504. It is to be appreciated that bus system 504 is employed to enable connected communications between these components. The bus system 504 includes a power bus, a control bus, and a status signal bus in addition to the data bus. But for clarity of illustration, the various buses are labeled as bus system 504 in fig. 5.
The memory 503 in the present embodiment is used to store various types of data to support the operation of the UICC 500. Examples of such data include: any computer program for operating on the UICC 500.
The methods disclosed in the embodiments of the present application may be applied to the processor 502 or implemented by the processor 502. The processor 502 may be a microprocessor. In implementation, the steps of the methods described above may be performed by integrated logic circuitry in hardware or instructions in software in the processor 502. The processor 502 may implement or perform the methods, steps, and logic blocks disclosed in embodiments of the present application. The steps of the method disclosed in the embodiments of the present application may be directly embodied in a hardware decoding processor or implemented by a combination of hardware and software modules in the decoding processor. The software modules may be located in a storage medium in a memory 503 and the processor 502 reads information in the memory 503 to perform the steps of the method described above in connection with its hardware.
It is appreciated that the memory 503 of embodiments of the present application may be either volatile memory or nonvolatile memory, and may include both volatile and nonvolatile memory. Wherein the nonvolatile Memory may be Read Only Memory (ROM), programmable Read Only Memory (PROM, programmable Read-Only Memory), erasable programmable Read Only Memory (EPROM, erasable Programmable Read-Only Memory), electrically erasable programmable Read Only Memory (EEPROM, electrically Erasable Programmable Read-Only Memory), magnetic random access Memory (FRAM, ferromagnetic random access Memory), flash Memory (Flash Memory), magnetic surface Memory, optical disk, or compact disk Read Only Memory (CD-ROM, compact Disc Read-Only Memory); the magnetic surface memory may be a disk memory or a tape memory. The volatile memory may be random access memory (RAM, random Access Memory), which acts as external cache memory. By way of example, and not limitation, many forms of RAM are available, such as static random access memory (SRAM, static Random Access Memory), synchronous static random access memory (SSRAM, synchronous Static Random Access Memory), dynamic random access memory (DRAM, dynamic Random Access Memory), synchronous dynamic random access memory (SDRAM, synchronous Dynamic Random Access Memory), double data rate synchronous dynamic random access memory (ddr SDRAM, double Data Rate Synchronous Dynamic Random Access Memory), enhanced synchronous dynamic random access memory (ESDRAM, enhanced Synchronous Dynamic Random Access Memory), synchronous link dynamic random access memory (SLDRAM, syncLink Dynamic Random Access Memory), direct memory bus random access memory (DRRAM, direct Rambus Random Access Memory). The memory described in embodiments of the present application is intended to comprise, without being limited to, these and any other suitable types of memory.
In an exemplary embodiment, the present application further provides a storage medium, i.e., a computer storage medium, in particular a computer readable storage medium, for example, including a memory 503 storing a computer program executable by the processor 502 of the UICC 500 to perform the steps of the foregoing method. The computer readable storage medium may be FRAM, ROM, PROM, EPROM, EEPROM, flash Memory, magnetic surface Memory, optical disk, or CD-ROM.
It should be noted that: "first," "second," etc. are used to distinguish similar objects and not necessarily to describe a particular order or sequence.
In addition, the embodiments described in the present application may be arbitrarily combined without any collision.
The foregoing description is only of the preferred embodiments of the present application and is not intended to limit the scope of the present application.

Claims (13)

1. An operating system updating method, which is applied to a universal integrated circuit card UICC, comprises the following steps:
receiving a first request through a running first operating system; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
Acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area;
switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
2. The method of claim 1, wherein the switching the operating system of the UICC to the second operating system comprises:
after the acquired related data of the second operating system are stored in the second storage area, carrying out integrity check and/or correctness check on the related data of the second operating system through the first operating system;
and after the integrity check and/or the correctness check are successful, switching the operating system of the UICC into the second operating system through the first operating system.
3. The method of claim 2, wherein the switching the operating system of the UICC to the second operating system comprises:
Triggering the first operating system to execute a first command after the integrity check and/or the correctness check are successful; the first command is used for restarting the UICC and modifying first information into an address corresponding to the second storage area; the first information is used for the UICC to acquire related data of an operating system when the UICC is started.
4. The method according to claim 2, wherein said performing integrity check and/or correctness check on the related data of the second operating system comprises:
and decrypting the related data of the second operating system through the first operating system, and carrying out integrity check and/or correctness check on the decrypted related data of the second operating system.
5. The method of claim 4, wherein when obtaining the related data of the second operating system, the method further comprises:
acquiring second information through the first operating system; the second information comprises a message authentication code MAC;
and carrying out integrity check on the decrypted related data of the second operating system by using the second information through the first operating system.
6. The method of claim 4, wherein the verifying the decrypted related data of the second operating system comprises:
judging whether the decrypted related data of the second operating system meets a preset format or not through the first operating system; under the condition that the decrypted related data of the second operating system meets a preset format, the correctness check is successful; and under the condition that the decrypted related data of the second operating system does not meet a preset format, the correctness check fails.
7. The method according to any one of claims 1 to 6, further comprising:
receiving a second request sent by a service platform through the first operating system; the second request is used for requesting related information of an operating system which is running by the UICC;
returning third information to the service platform through the first operating system; the third information comprises version information of the first operating system and an identifier corresponding to the first storage space;
and receiving a first request sent by the service platform based on the third information through the first operating system.
8. The method of claim 7, wherein the method further comprises:
and after the first operating system successfully switches the operating system of the UICC into the second operating system, returning a switching result to the service platform through the second operating system.
9. The method according to any one of claims 1 to 6, wherein the obtaining the related data of the second operating system includes:
and acquiring related data of the second operating system from a service platform by using the first operating system by using an over-the-air OTA technology.
10. An operating system updating apparatus, provided on a UICC, comprising:
the receiving unit is used for receiving a first request after being utilized by a first operating system running by the UICC; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
the acquisition unit is used for acquiring related data of a second operating system after being utilized by the first operating system, and storing the acquired related data of the second operating system into a second storage area of the UICC; the second storage area is independent of the first storage area;
The switching unit is used for switching the operating system of the UICC into the second operating system after being utilized by the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
11. A UICC, comprising:
the communication interface is used for receiving a first request after being utilized by a running first operating system; the first request is for requesting an update to an operating system of the UICC; the related data of the first operating system is stored in a first storage area of the UICC;
a processor for:
acquiring related data of a second operating system through the first operating system, and storing the acquired related data of the second operating system in a second storage area of the UICC; the second storage area is independent of the first storage area;
switching the operating system of the UICC into the second operating system through the first operating system; wherein, the data related to the function of the UICC is stored in a third storage area; the third storage area is independent of the first storage area and the second storage area.
12. A UICC, comprising: processor and memory for storing a computer program capable of running on the processor, wherein the processor is adapted to perform the steps of the method of any of claims 1 to 9 when the computer program is run
13. A storage medium having stored thereon a computer program, which when executed by a processor performs the steps of the method according to any of claims 1 to 9.
CN202111308204.8A 2021-11-05 2021-11-05 Operating system updating method and device, universal integrated circuit card and storage medium Pending CN116088885A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111308204.8A CN116088885A (en) 2021-11-05 2021-11-05 Operating system updating method and device, universal integrated circuit card and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111308204.8A CN116088885A (en) 2021-11-05 2021-11-05 Operating system updating method and device, universal integrated circuit card and storage medium

Publications (1)

Publication Number Publication Date
CN116088885A true CN116088885A (en) 2023-05-09

Family

ID=86203082

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111308204.8A Pending CN116088885A (en) 2021-11-05 2021-11-05 Operating system updating method and device, universal integrated circuit card and storage medium

Country Status (1)

Country Link
CN (1) CN116088885A (en)

Similar Documents

Publication Publication Date Title
US11153746B2 (en) Method and terminal for keeping subscriber identity module card in standby state
USRE49465E1 (en) Method and apparatus for setting profile
US10911939B2 (en) Embedded universal integrated circuit card profile management method and apparatus
KR102082854B1 (en) Methods, servers, and systems for downloading updated profiles
US9973583B2 (en) Method for accessing a service, corresponding device and system
JP2017509082A (en) Safe reading of data into non-volatile memory or secure elements
KR101580419B1 (en) Method for accessing at least one service and corresponding system
EP3413600B1 (en) Communication device and method of managing profiles
JP2022535181A (en) A method of providing a subscription profile, a subscriber identity module, and a subscription server
EP3486827B1 (en) "window-of-time" encryption session key transference
CN116088885A (en) Operating system updating method and device, universal integrated circuit card and storage medium
CN108990046B (en) Connection method of mobile network
CN116980878B (en) Network access communication method, terminal, storage medium and smart card
CN113747419B (en) Over-the-air downloading method and related equipment
EP4114056A1 (en) Backlog mechanism for subscriber profiles on euiccs
US11490253B1 (en) System and methods for over-the-air SIM profile transfer
CN114090039A (en) Software upgrading method, device, equipment and storage medium of mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination