KR102658615B1 - Method for ssp device to interoperate between bundle donwload procedure and profile donwload procedure - Google Patents

Abstract

This disclosure relates to a communication technique and system that integrates a 5G communication system with IoT technology to support higher data transmission rates after the 4G system. This disclosure provides intelligent services (e.g., smart home, smart building, smart city, smart car or connected car, healthcare, digital education, retail, security and safety-related services, etc.) based on 5G communication technology and IoT-related technology. ) can be applied. According to an embodiment of the present invention, receiving a first control signal transmitted from a base station, processing the received first control signal, and transmitting a second control signal generated based on the processing to the base station. A method including the steps of:

Description

Method of linking the bundle download process of the SSP terminal and the eSIM profile download process. {METHOD FOR SSP DEVICE TO INTEROPERATE BETWEEN BUNDLE DONWLOAD PROCEDURE AND PROFILE DONWLOAD PROCEDURE}

The present invention relates to a method and device for installing an eSIM profile when the bundle download procedure of an SSP (Smart Secure Platform) terminal fails.

In order to meet the increasing demand for wireless data traffic following the commercialization of the 4G communication system, efforts are being made to develop an improved 5G communication system or pre-5G communication system. For this reason, the 5G communication system or pre-5G communication system is called a Beyond 4G Network communication system or a Post LTE system. To achieve high data rates, 5G communication systems are being considered for implementation in ultra-high frequency (mmWave) bands (such as the 60 GHz band). In order to alleviate the path loss of radio waves in the ultra-high frequency band and increase the transmission distance of radio waves, the 5G communication system uses beamforming, massive array multiple input/output (massive MIMO), and full dimensional MIMO (FD-MIMO). ), array antenna, analog beam-forming, and large scale antenna technologies are being discussed. In addition, to improve the network of the system, the 5G communication system uses evolved small cells, advanced small cells, cloud radio access networks (cloud RAN), and ultra-dense networks. , Device to Device communication (D2D), wireless backhaul, moving network, cooperative communication, Coordinated Multi-Points (CoMP), and interference cancellation. Technology development is underway. In addition, the 5G system uses advanced coding modulation (ACM) methods such as FQAM (Hybrid FSK and QAM Modulation) and SWSC (Sliding Window Superposition Coding), and advanced access technologies such as FBMC (Filter Bank Multi Carrier) and NOMA. (non-orthogonal multiple access), and SCMA (sparse code multiple access) are being developed.

Meanwhile, the Internet is evolving from a human-centered network where humans create and consume information to an IoT (Internet of Things) network that exchanges and processes information between distributed components such as objects. IoE (Internet of Everything) technology, which combines IoT technology with big data processing technology through connection to cloud servers, etc., is also emerging. In order to implement IoT, technological elements such as sensing technology, wired and wireless communication and network infrastructure, service interface technology, and security technology are required. Recently, sensor networks for connection between things and machine to machine communication have been developed. , M2M), and MTC (Machine Type Communication) are being researched. In the IoT environment, intelligent IT (Internet Technology) services can be provided that create new value in human life by collecting and analyzing data generated from connected objects. IoT is used in fields such as smart homes, smart buildings, smart cities, smart cars or connected cars, smart grids, healthcare, smart home appliances, and advanced medical services through the convergence and combination of existing IT (information technology) technologies and various industries. It can be applied to .

Accordingly, various attempts are being made to apply the 5G communication system to the IoT network. For example, technologies such as sensor network, Machine to Machine (M2M), and Machine Type Communication (MTC) are implemented through 5G communication technologies such as beam forming, MIMO, and array antennas. There is. The application of cloud radio access network (cloud RAN) as the big data processing technology described above can be said to be an example of the convergence of 5G technology and IoT technology. As various services can be provided as described above and with the development of mobile communication systems, there is a need for a method to effectively provide these services.

The purpose of the present invention is to provide a method for the SSP terminal to switch to the eSIM profile download procedure when the server cannot process the SSP bundle download procedure in the SSP terminal or when the SSP terminal fails to install the bundle through the disclosed embodiment. It is presented.

In addition, in the embodiment disclosed in the present invention, when the SSP terminal attempts to download a bundle or fails to install the bundle due to the present invention, the SSP terminal performs another operation defined in the industry of the family according to the family of the requested bundle. We present a method that can be used as a method to perform this selectively.

The present invention to solve the above problems is a control signal processing method in a wireless communication system, comprising: receiving a first control signal transmitted from a base station; processing the received first control signal; And transmitting a second control signal generated based on the processing to the base station.

Additionally, according to some embodiments of the present invention,

When the SSP terminal requests a bundle download, transmitting SSP information and terminal information to the SPB Manager server; SPB Manager determining compatibility of the bundle based on SSP information and terminal information provided by the SSP terminal requesting bundle download; If the SPB Manager cannot download the bundle to the SSP terminal due to reasons such as the absence of a compatible bundle in the SSP terminal requesting the bundle, determining whether it is possible to switch to eSIM profile download; SPB Manager determining whether the SSP terminal can switch to eSIM profile download; SPB Manager generates a family identifier-specific error code; Transmitting the generated Family identifier-specific error code along with an error message to the SSP terminal; A method can be provided that includes the step of the SSP terminal performing an eSIM profile download procedure using the information contained in the family identifier-specific error code and the LPA and eSIM Bundle.

Additionally, according to some embodiments of the present invention,

When the SSP terminal fails to install the bundle, generating a notification message and delivering it to the SPB Manager; SPB Manager determining whether it is possible to switch to eSIM profile download; SPB Manager determining whether the SSP terminal can switch to eSIM profile download; SPB Manager generates a family identifier-specific error code; Transmitting the generated Family identifier-specific error code to the SSP terminal in response to the notification message; A method can be provided that includes the step of the SSP terminal performing an eSIM profile download procedure using the information contained in the family identifier-specific error code and the LPA and eSIM Bundle.

The technical problems to be achieved by this disclosure are not limited to the technical problems mentioned above, and other technical problems not mentioned can be clearly understood by those skilled in the art from the description below. You will be able to.

According to various embodiments of the present invention, the SSP terminal can enable the service by downloading a profile to the eSIM bundle of the SSP terminal even when it is impossible to download or install the Telecom Bundle from the SPB Manager server.

In addition, according to various embodiments of the present disclosure, user convenience can be increased by minimizing user intervention through protocol linkage of the SSP Bundle download and Profile download procedures.

Figure 1 is a diagram showing internal components of an SSP terminal and interfaces between components.
FIG. 2 is a diagram illustrating examples of internal and external components for an SSP terminal to download a bundle, according to some embodiments of the present disclosure.
Figure 3 is a diagram illustrating a process in which an SSP terminal switches from a bundle download procedure to an eSIM profile download procedure, according to some embodiments of the present disclosure.
FIG. 4A is a diagram sequentially showing a procedure for an SSP terminal to receive a family-specific error code from an SPB Manager, according to some embodiments of the present disclosure.
Figure 4b shows that when the SSP terminal fails to install the encrypted bundle received from the SPB Manager, according to some embodiments of the present disclosure, the LBA delivers a notification message to the SPB Manager, and in response, the SSP terminal sends a Family identifier- This diagram shows the procedure for receiving a specific error code in order.
Figure 5a is a diagram showing subsequent operations when the LBA of the SSP terminal receives a family identifier-specific error code from the SPB Manager during the bundle download procedure, according to some embodiments of the present disclosure.
Figure 5b is a diagram showing subsequent operations when the LBA of the SSP terminal receives a family identifier-specific error code from the SPB Manager during the bundle download procedure, according to some embodiments of the present disclosure.
Figures 6a and 6b are diagrams showing a flowchart of the operation of the SPB Manager when the SPB Manager receives a bundle download request from the SSP terminal.
Figures 6c and 6d are diagrams showing a flowchart of the operation of the SPB Manager when a bundle installation failure notification message is received from the SSP terminal.
Figures 7a, 7b, and 7c are flowcharts showing operations when the LBA of the SSP terminal receives a response from a request sent to the SPB Manager during the bundle download procedure.
Figures 8a, 8b, and 8c are flowcharts showing operations when the LBA of the SSP terminal receives a response to the notification message sent to the SPB Manager during the bundle download procedure.

Hereinafter, embodiments of the present invention will be described in detail with reference to the attached drawings.

In describing the embodiments, description of technical content that is well known in the technical field to which this disclosure belongs and that is not directly related to this disclosure will be omitted. This is to convey the gist of the present disclosure more clearly without obscuring it by omitting unnecessary explanation.

For the same reason, some components are exaggerated, omitted, or schematically shown in the accompanying drawings. Additionally, the size of each component does not entirely reflect its actual size. In each drawing, identical or corresponding components are assigned the same reference numbers.

The advantages and features of the present disclosure and methods for achieving them will become clear by referring to the embodiments described in detail below along with the accompanying drawings. However, the present disclosure is not limited to the embodiments disclosed below and may be implemented in various different forms. These embodiments are merely intended to ensure that the present disclosure is complete, and are provided to those skilled in the art to which the present disclosure pertains. It is provided to fully inform the scope of the disclosure, and the disclosure is defined only by the scope of the claims. Like reference numerals refer to like elements throughout the specification.

At this time, it will be understood that each block of the processing flow diagrams and combinations of the flow diagram diagrams can be performed by computer program instructions. These computer program instructions can be mounted on a processor of a general-purpose computer, special-purpose computer, or other programmable data processing equipment, so that the instructions performed through the processor of the computer or other programmable data processing equipment are described in the flow chart block(s). Creates the means to perform functions. These computer program instructions may also be stored in computer-usable or computer-readable memory that can be directed to a computer or other programmable data processing equipment to implement a function in a particular manner, so that the computer-usable or computer-readable memory The instructions stored in may also produce manufactured items containing instruction means that perform the functions described in the flow diagram block(s). Computer program instructions can also be mounted on a computer or other programmable data processing equipment, so that a series of operational steps are performed on the computer or other programmable data processing equipment to create a process that is executed by the computer, thereby generating a process that is executed by the computer or other programmable data processing equipment. Instructions that perform processing equipment may also provide steps for executing the functions described in the flow diagram block(s).

Additionally, each block may represent a module, segment, or portion of code that includes one or more executable instructions for executing specified logical function(s). Additionally, it should be noted that in some alternative execution examples it is possible for the functions mentioned in the blocks to occur out of order. For example, it is possible for two blocks shown in succession to be performed substantially at the same time, or it is possible for the blocks to be performed in reverse order depending on the corresponding function.

At this time, the term '~unit' used in this embodiment means software or hardware components such as FPGA or ASIC, and the '~unit' performs certain roles. However, '~part' is not limited to software or hardware. The '~ part' may be configured to reside in an addressable storage medium and may be configured to reproduce on one or more processors. Therefore, as an example, '~ part' refers to components such as software components, object-oriented software components, class components, and task components, processes, functions, properties, and procedures. , subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables. The functions provided within the components and 'parts' may be combined into a smaller number of components and 'parts' or may be further separated into additional components and 'parts'. In addition, the components and 'parts' may be implemented to regenerate one or more CPUs within the device or secure multimedia card.

Specific terms used in the following description are provided to aid understanding of the present disclosure, and the use of such specific terms may be changed to other forms without departing from the technical spirit of the present disclosure.

SE (Secure Element) stores security information (e.g. mobile communication network access key, user identification information such as ID/passport, credit card information, encryption key, etc.) and a control module that uses the stored security information (e.g. USIM, etc.) It refers to a security module composed of a single chip that can be mounted and operated (network access control module, encryption module, key generation module, etc.). SE can be used in various electronic devices (e.g. smartphones, tablets, wearable devices, cars, IoT devices, etc.), and provides security services (e.g. telecommunication network access, payment, user authentication, etc.) through security information and control modules. can be provided.

SE can be divided into UICC (Universal Integrated Circuit Card), eSE (Embedded Secure Element), and SSP (Smart Secure Platform), which is an integrated form of UICC and eSE. ), Embedded, and Integrated, which are integrated into a specific device or SoC (system on chip).

UICC (Universal Integrated Circuit Card) is a smart card used by inserting into mobile communication terminals, etc., and is also called UICC card. The UICC may include an access control module for accessing the mobile carrier's network. Examples of access control modules include Universal Subscriber Identity Module (USIM), Subscriber Identity Module (SIM), and IP Multimedia Service Identity Module (ISIM). A UICC that includes USIM is usually called a USIM card. Likewise, a UICC containing a SIM module is commonly called a SIM card. Meanwhile, the SIM module can be installed at the time of UICC manufacturing, or the user can download the SIM module of the mobile communication service he or she wants to use to the UICC card at any time. The UICC card can also download and install multiple SIM modules and select at least one SIM module among them to use. These UICC cards may or may not be fixed to the terminal. A UICC that is fixed and used in a terminal is called eUICC (embedded UICC). In particular, it is a System-On-Chip that includes a single processor structure that integrates the terminal's Communication Processor, Application Processor, or these two processors. The UICC built into the (SoC) is also called iUICC (Integrated UICC). Typically, eUICC and iUICC can refer to UICC cards that are fixed to a terminal and can be selected by remotely downloading a SIM module. In this disclosure, a UICC card that can remotely download and select a SIM module is collectively referred to as eUICC or iUICC. In other words, among the UICC cards that can be selected by downloading the SIM module remotely, the UICC cards that are fixed or not fixed to the terminal are collectively referred to as eUICC or iUICC. Additionally, the downloaded SIM module information is collectively referred to as eUICC profile, iUICC profile, or more simply profile.

eSE (Embedded Secure Element) refers to a fixed SE that is fixed to an electronic device. eSE is usually manufactured exclusively for manufacturers at the request of the terminal manufacturer, and may be manufactured including an operating system and framework. eSE remotely downloads and installs an applet-type service control module and can be used for various security services such as electronic wallet, ticketing, electronic passport, and digital key. In this disclosure, an SE in the form of a single chip attached to an electronic device that can remotely download and install a service control module is collectively referred to as eSE.

A smart security device (SSP, Smart Secure Platform) is capable of supporting the functions of UICC and eSE in a single chip and can simply be called SSP. SSP can be divided into removable type (rSSP, Removable SSP), fixed type (eSSP, Embedded SSP), and integrated type built into the SoC (iSSP, Integrated SSP). SSP can be composed of one primary platform (PP, Primary Platform) and at least one secondary platform bundle (SPB, Secondary Platform Bundle) that operates on the PP, and the primary platform consists of a hardware platform and a low level operating system (LLOS). It may include at least one of, and the secondary platform bundle may include at least one of a High-level Operating System (HLOS) and an application running on HLOS. Secondary platform bundles are also called SPBs or bundles. The bundle can access resources such as the PP's central processing unit and memory through the Primary Platform Interface (PPI) provided by the PP and run on the PP. The bundle can be equipped with communication applications such as SIM (Subscriber Identification Module), USIM (Universal SIM), and ISIM (IP Multimedia SIM), and can also be equipped with various application applications such as electronic wallet, ticketing, electronic passport, digital key, etc. You can.

SSP can be used for the above-described UICC or eSE purposes depending on the bundle downloaded and installed remotely, and multiple bundles can be installed on a single SSP and operated simultaneously to mix the purposes of UICC and eSE. In other words, if the bundle containing the profile is running, the SSP can be used as a UICC to access the mobile communication service provider's network. Like the eUICC or iUICC, the corresponding UICC bundle can be operated by downloading and selecting at least one or more profiles into the bundle from a remote location. In addition, when a bundle including a service control module loaded with an application that can provide services such as electronic wallet, ticketing, electronic passport, or digital key operates on the SSP, the SSP can be used for the purpose of eSE. Multiple service control modules may be installed and operated integrated into one bundle, or may be installed and operated as independent bundles.

Hereinafter, the terms used in this disclosure will be described in more detail.

In this disclosure, the SSP is a removable type (rSSP, Removable SSP), a fixed type (eSSP, Embedded SSP), and an integrated type built into the SoC (iSSP, Integrated SSP) that can integrate and support the functions of UICC and eSE in a single chip. It is a security module in the form of a chip that can be distinguished. SSP can use OTA (Over The Air) technology to download and install bundles from an external bundle management server (Secondary Platform Bundle Manager, SPB Manager).

In this disclosure, the method of downloading and installing the bundle using OTA technology in the SSP includes a removable SSP (rSSP) that can be inserted and removed from the terminal, a fixed SSP (eSSP) installed in the terminal, and a SoC installed in the terminal. The same can be applied to integrated SSP (iSSP).

In this disclosure, the term UICC may be used interchangeably with SIM, and the term eUICC may be used interchangeably with eSIM.

In this disclosure, the Secondary Platform Bundle (SPB) is run on the Primary Platform (PP) of the SSP using the resources of the PP. For example, the UICC bundle is an application and file system stored in the existing UICC. , authentication key values, and the operating system (HLOS) on which they operate are packaged in software form. In this disclosure, a secondary platform bundle may be referred to as a bundle.

In this disclosure, USIM Profile (USIM Profile) may have the same meaning as profile or may mean packaging the information included in the USIM application within the profile in software form.

In the present disclosure, the operation of a terminal or an external server to activate a bundle is to change the status of the corresponding profile to the enabled state so that the terminal can use the services provided by the bundle (e.g., communication service through a telecommunication service provider, credit, etc.) This may refer to the operation of setting up to receive a card payment service, user authentication service, etc.). A bundle in an activated state may be expressed as an “enabled Bundle.” Bundles in the activated state may be stored in an encrypted state in storage space inside or outside the SSP.

In the present disclosure, the activated bundle is driven according to external input of the bundle (e.g., user input, push, request from an application in the terminal, authentication request from a communication service provider, PP management message, etc.) or an operation within the bundle (e.g., timer, polling). The status can be changed to Active. The bundle in the running state is loaded into the driving memory inside the SSP from storage space inside or outside the SSP, and uses the security control device (Secure CPU) inside the SSP to process security information and provide security services to the terminal. there is.

In the present disclosure, the operation of a terminal or an external server disabling a bundle may mean an operation of changing the state of the bundle to disabled so that the terminal cannot receive the service provided by the bundle. there is. A profile in a disabled state may be expressed as a “disabled Bundle.” Bundles in the activated state may be stored in an encrypted state in storage space inside or outside the SSP.

In the present disclosure, the bundle management server creates a bundle, encrypts the created bundle, generates a bundle remote management command, or encrypts the generated bundle remote management command at the request of a service provider or another bundle management server. It may include functions that: The bundle management server that provides the above functions is SPB Manager (Secondary Platform Bundle Manager), RBM (Remote Bundle Manager), IDS (Image Delivery Server), SM-DP (Subscription Manager Data Preparation), and SM-DP+ (Subscription Manager Data Preparation). plus), manager bundle server, Managing SM-DP+ (Managing Subscription Manager Data Preparation plus), bundle encryption server, bundle creation server, bundle provider (Bundle Provisioner, BP), bundle provider (Bundle Provider), BPC holder (Bundle Provisioning Credentials holder).

In the present disclosure, the bundle management server may download, install, or update the bundle from the SSP and manage the settings of keys and certificates for remotely managing the status of the bundle. The bundle management server that provides the above functions is SPB Manager (Secondary Platform Bundle Manager), RBM (Remote Bundle Manager), IDS (Image Delivery Server), SM-SR (Subscription Manager Secure Routing), and SM-SR+ (Subscription Manager Secure Routing). Plus), off-card entity of eUICC Profile Manager, or PMC holder (Profile Management Credentials holder), or EM (eUICC Manager).

In this disclosure, the opening mediation server is SPB Manager (Secondary Platform Bundle Manager), RBM (Remote Bundle Manager), SPBDS (Secondary Platform Bundle Discovery Sever), BDS (Bundle Discovery Sever), SM-DS (Subscription Manager Discovery Service), DS It can be expressed as at least one of (Discovery Service), Root SM-DS, and Alternative SM-DS. The opening mediation server may receive an event registration request (Register Event Request, Event Register Request) from one or more bundle management servers or opening mediation servers. Additionally, one or more opening mediation servers may be used in combination, and in this case, the first opening mediation server may receive an event registration request from not only the bundle management server but also the second opening mediation server. In the present disclosure, the function of the opening mediation server may be integrated into the bundle management server.

The term 'terminal' used in this disclosure refers to a mobile station (MS), user equipment (UE), user terminal (UT), wireless terminal, access terminal (AT), terminal, and subscriber unit. , a Subscriber Station (SS), a wireless device, a wireless communication device, a Wireless Transmit/Receive Unit (WTRU), a mobile node, a mobile, or other terms. Various embodiments of the terminal include a cellular phone, a smart phone with a wireless communication function, a personal digital assistant (PDA) with a wireless communication function, a wireless modem, a portable computer with a wireless communication function, and a digital camera with a wireless communication function. It may include devices, gaming devices with wireless communication functions, music storage and playback home appliances with wireless communication functions, Internet home appliances capable of wireless Internet access and browsing, as well as portable units or terminals that integrate combinations of such functions. there is. Additionally, the terminal may include, but is not limited to, an M2M (Machine to Machine) terminal and an MTC (Machine Type Communication) terminal/device. In this disclosure, a terminal may be referred to as an electronic device. In this disclosure, an electronic device may be equipped with an SSP that can be installed by downloading a bundle. If the SSP is not built into the electronic device, the SSP, which is physically separated from the electronic device, may be inserted into the electronic device and connected to the electronic device. For example, an SSP can be inserted into an electronic device in the form of a card. The electronic device may include a terminal, and in this case, the terminal may be a terminal that includes an SSP that can be installed by downloading a bundle. Not only can the SSP be built into the terminal, but if the terminal and the SSP are separated, the SSP can be inserted into the terminal, and can be inserted into the terminal and connected to the terminal.

In the present disclosure, the terminal or electronic device may include a Local Bundle Assistant (LBA) or Local Bundle Manager (LBM), which is software or application installed in the terminal or electronic device to control the SSP. The LBA application can download bundles to the SSP or send commands to activate, deactivate, or delete installed bundles to the SSP.

In the present disclosure, the terminal or electronic device may include Local Profile Assistant (LPA), which is software or application installed in the terminal or electronic device to control the eUICC. LPA can be implemented as part of the Local Bundle Assistant (LBA) or can exist in the terminal as a separate application from the LBA. The LPA may be software or an application that can control the eSIM bundle of a terminal equipped with an SSP.

In the present disclosure, the bundle identifier may be referred to as a factor that matches a bundle family identifier (SPB Family Identifier), bundle Matching ID, and event identifier (Event ID). The bundle identifier (SPB ID) may indicate a unique identifier for each bundle. The bundle family identifier (SPB Family Identifier) may represent an identifier that distinguishes the type of bundle (e.g., a telecom bundle for connecting to a mobile carrier network). The bundle delimiter can be used as a value to index the bundle in the bundle management server. In the present disclosure, the SSP identifier (SSP ID) may be a unique identifier of the SSP built into the terminal and may be referred to as sspID. Additionally, if the terminal and the SSP chip are not separated as in the embodiment of the present disclosure, it may be the terminal ID. Additionally, it may refer to a specific bundle identifier (SPB ID) within the SSP. More specifically, it may refer to the bundle identifier of a management bundle or loader (SPBL, Secondary Platform Bundle Loader) that installs other bundles in the SSP and manages activation, deactivation, and deletion. An SSP may have multiple SSP identifiers, and the multiple SSP identifiers may be values derived from a single, unique SSP identifier.

In this disclosure, the loader (SPBL, Secondary Platform Bundle Loader) may refer to a management bundle that installs other bundles in the SSP and manages activation, deactivation, and deletion. The terminal's LBA or a remote server can install, activate, deactivate, or delete a specific bundle through the loader. In this disclosure, the loader may also be referred to as SSP.

In the present disclosure, event may be a general term for bundle download, remote bundle management, or other bundle or SSP management/processing commands. An event may be named Remote Bundle Provisioning Operation, or RBP Operation, or Event Record, and each event has a corresponding event identifier. , Event ID, EventID) or matching identifier (Matching Identifier, Matching ID, MatchingID), and the address (FQDN, IP Address, or URL) of the bundle management server or opening mediation server where the event is stored, or at least one server identifier It may be referred to as data it contains. Bundle download can be used interchangeably with bundle installation. Event Type can also be used as a term to indicate whether a specific event is a bundle download, remote bundle management (e.g. delete, activation, deactivation, replacement, update, etc.), or other bundle or SSP management/processing command. It can be named as operation type (Operation Type or OperationType), operation class (Operation Class or OperationClass), event request type (Event Request Type), event class (Event Class), event request class, etc. .

In the present disclosure, Local Bundle Management (LBM) includes Bundle Local Management, Local Management, Local Management Command, Local Command, and Local Bundle Management Package. It may be named (LBM Package), Bundle Local Management Package, Local Management Package, Local Management Command Package, and Local Command Package. LBM changes the status (Enabled, Disabled, Deleted) of a specific bundle through software installed on the terminal, or changes the contents of a specific bundle (e.g., bundle nickname, bundle summary information (Bundle Metadata), etc. ) can be used to change (update). LBM may include one or more local management commands, and in this case, the bundle targeted by each local management command may be the same or different for each local management command.

In the present disclosure, target bundle may be used as a term referring to a bundle that is the target of a local management command or a remote management command.

In this disclosure, a service provider may request the creation of a bundle by issuing a request to the bundle management server and indicate a business that provides services to the terminal through the bundle. For example, it can represent a mobile operator that provides communication network access services through a bundle equipped with a communication application, and the communication operator's Business Supporting System (BSS), Operational Supporting System, OSS), POS terminal (Point of Sale Terminal), and other IT systems can all be collectively referred to. In addition, in the present disclosure, the term "service provider" is not limited to expressing only one specific business, and may also be used as a term referring to a group or association (association or consortium) of one or more businesses, or an agent (representative) representing the group or association. Additionally, in this disclosure, the service provider may be named as an operator (Operator or OP or Op.), Bundle Owner (BO), Image Owner (IO), etc., and each service provider may have a name and/or a unique name. At least one identifier (Object Identifier, OID) can be set or assigned. If the Service Provider refers to a group, coalition, or agency of more than one business, the name or unique identifier of any group, coalition, or agency is shared by all businesses that are part of that group or coalition or that work with that agency. It can be a name or a unique identifier.

In this disclosure, NAA is a network access application program, and may be an application program such as USIM or ISIM that is stored in the UICC and is used to access the network. NAA may be a network access module.

In the present disclosure, a Telecom Bundle may be a bundle that is equipped with at least one NAA or has the ability to download and install at least one NAA remotely. In the present disclosure, a telecom bundle may include a telecom bundle identifier referring to it.

In the present disclosure, the eSIM Bundle may be a bundle that has the eUICC OS running inside and functions like an eUICC to receive a profile from the terminal. In the present disclosure, an eSIM bundle may include a telecom bundle identifier designating it.

In the present disclosure, the eSIM activation code is predetermined information for downloading a profile to an eSIM terminal or SSP terminal, and may be named eSIM Activation Code. The eSIM Activation Code may include the SM-DP+ address that must be accessed to download the profile, or the address of the SM-DS server that can inform the SM-DP+ address, and can be used as a matching identifier for a specific profile on SM-DP+. Can include Activation Code Token value. If the eSIM Activation Code is entered in the form of a QR code, 'LPA:' may be added as a prefix to the data contained in the QR code.

In the present disclosure, the SSP activation code is predetermined information for downloading a bundle to an SSP terminal, and may be named SSP Activation Code. The terminal user can initiate the bundle download process by entering the SSP activation code into the LBA application of the SSP terminal. The SSP activation code may include an eSIM activation code.

In the present disclosure, the activation code may collectively refer to an SSP activation code and an eSIM activation code. In general, in the present disclosure, the activation code may be any activation code before determining that it is an SSP activation code or an eSIM activation code, and when input into the terminal, it may be interpreted by the terminal as either an SSP activation code or an eSIM activation code. If the SSP activation code includes an eSIM activation code, the terminal can selectively perform bundle download and profile download.

In this disclosure, the functions called by the LBA include functions performed on the Si2 interface, which is the interface between the LBA and the SPB Manager, and the Si3 interface, which is the interface between the LBA and the Secondary Platform Bundle Loader. can do. LBA can pass parameters to SPB Manager or Secondary Platform Bundle Loader through a specific function. Parameters passed from LBA through a specific function call may mean a function instruction, function command, or command of the corresponding function. The SPB Manager or Secondary Platform Bundle Loader that received the function command can perform a specific operation according to the function command and then respond to the function command. The response may include parameters. Function commands, operations thereon, and responses to function commands transmitted from the Si3 interface can be composed of multiple function commands, operations thereon, and responses to sub-function commands. there is.

Function command delivery through the Si2 interface can use HTTP (Hypertext Transfer Protocol). In particular, function command transmission through the Si2 interface can be performed through an HTTP POST request message of HTTP (Hypertext Transfer Protocol), and can be transmitted by including a command in the body part of the HTTP POST request message.

In the present disclosure, the management organization object identifier may represent the object identifier of the organization that manages a specific family identifier. There may be multiple management organizations for a specific family identifier, and each organization may have an object identifier. The SSP terminal, service provider, and bundle management server can know which organization is managing the bundle that wishes to manage the bundle, including downloads, through the management organization object identifier. Additionally, it is possible to check by which management entity the service to be provided through the bundle is managed through the management agency object identifier.

In the present disclosure, SSP information may include first SSP information and second SSP information. The first SSP information is information related to the SSP and may include unencrypted data. The first SSP information can be interpreted by the LBA and SPB Manager without a special encryption and decryption process. The second SSP information may include data encrypting information related to the SSP.

In the present disclosure, the first bundle information may include metadata, bundle metadata, and secondary platform bundle's metadata. The first bundle information may include unencrypted information that can be read by the LBA of the SSP terminal about the bundle to be downloaded to the SSP terminal by the service provider or bundle management server (SPB Manager). Based on the first bundle information, the LBA of the SSP terminal can confirm whether the user's consent is obtained before receiving the second bundle information of the bundle, or whether the user's consent and intention is requested for operation/management after installing the bundle. The first bundle information can be used by the LBA to show the basic information of the bundle to the user before installing the bundle. The first bundle information can be managed by the loader (Secondary Platform Bundle Loader, SPBL, Loader) after the bundle is installed, and updated by the service provider (Service Provider), bundle management server (SPB Manager), etc.

In the present disclosure, the encrypted second bundle information includes a bound Secondary Platform Bundle image, a bound Bundle, an encrypted Secondary Platform Bundle image, Can include an encrypted bundle (encrypted Bundle, encrypted Secondary Platform Bundle). The second bundle information may include the first bundle information. The second bundle information contains information necessary for bundle installation, and the SSP can install the bundle on the SSP using data extracted from the second bundle information. Part of the second bundle information may be encrypted with a session key generated by the SSP and SPB Manager.

In the present disclosure, the bundle information request function may include a function that requests first bundle information and second bundle information of the bundle that the SSP terminal wants to install. The operation of requesting first bundle information and second bundle information of a bundle can be performed by transmitting a bundle information request function command to the SPB Manager. The bundle information request function command can be transmitted from the SSP terminal to the SPB Manager through the Si2 interface. The SSP terminal may request first bundle information or second bundle information by transmitting the SSP Credential and terminal information including the SSP's certificate, SSP information, and SSP capabilities to the SPB Manager. Bundle information request functions can be distinguished using a separator or identifier included in the command. Additionally, according to another example, the bundle information request function may be distinguished by defining different commands for it.

Also, in describing the present disclosure, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the gist of the present disclosure, the detailed description will be omitted.

Below, various embodiments of how to enable the SSP terminal to perform an eSIM profile download procedure when the SPB Manager cannot process the bundle download when the SSP terminal attempts to download the bundle are described.

In particular, the present invention includes the following embodiments for the above purpose.

When an SSP terminal requests a bundle download, a method of transmitting eSIM function capabilities, including whether the SSP terminal has an eSIM Bundle or an eSIM Activation Code, to the SPB Manager.

How SPB Manager determines whether the bundle is compatible with the SSP terminal in response to a bundle download request from the SSP terminal

If the SPB Manager cannot download the bundle to the SSP terminal due to reasons such as the SSP terminal requesting the bundle download not having a compatible bundle, the SPB Manager sends an error message and a family identifier-specific error code to the SSP terminal. How to switch to this eSIM profile download process

A method for the SSP terminal to switch to another operation, such as switching to the eSIM profile procedure, by using the Family identifier-specific error code sent by the SPB Manager or the eSIM Activation code it holds during the bundle download procedure.

Below, various embodiments of how to enable the SSP terminal to perform an eSIM profile download procedure when the SPB Manager cannot process the bundle download when the SSP terminal attempts to download the bundle will be described in detail through drawings.

Figure 1 is a diagram showing internal components of an SSP terminal and interfaces between components. According to Figure 1, the SSP terminal 101 is largely composed of terminal software, Local bundle Assistant (LBA, 111) and SSP (131). Additionally, the SSP terminal 101 may include a transmitting and receiving unit for transmitting and receiving signals to other terminals, base stations, servers, etc., and a control unit controlling the overall operation of the SSP terminal 101. The control unit can control the operation of the SSP terminal according to various embodiments of the present invention. The control unit may include at least one processor. The control unit can control the SSP (131) through the LBA (111).

The LBA (111) may have the function of Local Profile Assistant (LPA, 112) built into it. SSP (131) consists of Secondary Platform Bundle (SPB, bundle), Primary Platform (135), and Primary Platform Interface (134). SPB Loader (Loader, 132) and eSIM Bundle (133) are types of bundles. The LBA 111 and the loader 132 exchange packets through the first interface 122, and through the first interface, the LBA 111 can perform the following.

- Obtain SSP information

- Send bundle data to be installed on SSP to loader

- Management of bundles installed on SSP (activation, deactivation, deletion, etc.)

The LPA (112) exchanges packets with the eSIM Bundle (133) installed in the SSP (131) through the second interface 123, and through the second interface 123, the LPA (112) communicates with the eSIM Bundle (133). It can perform functions defined in GSMA SGP.22.

FIG. 2 is a diagram illustrating examples of internal and external components for an SSP terminal to download a bundle, according to some embodiments of the present disclosure. The terminal 203 may correspond to the SSP terminal 101 in FIG. 1. LBA 204 may correspond to LBA 111 in FIG. 1. SPB Loader 206 may correspond to SPB Loader 132 in FIG. 1. Bundle 207 may be a secondary platform bundle (SPB, Secondary Platform Bundle). For descriptions of the terminal 203, LBA 204, and SPB loader 206, refer to the embodiment of FIG. 1.

According to FIG. 2, the user 200 can select and subscribe to a service (eg, a data service through a mobile communication network, etc.) provided by the user 200 in the service subscription process 210. At this time, the user 200 can selectively transmit to the service provider 201 the identifier (SSP ID) of the SSP 205 installed in the terminal 203 to install the bundle in order to use the service provided by the service provider 201. there is. According to some embodiments, in the service subscription process 210 of FIG. 2, the user 200 may receive an SSP Activation Code in the form of a QR code from the service provider 201 that can install the bundle on the user's terminal after subscribing to the service. . According to some embodiments, the SSP Activation Code provided after a user subscribes to a telecom service may include information for downloading a telecom bundle and an eSIM Activation Code for downloading an eSIM profile instead of a telecom bundle.

In the bundle production requirements delivery process 211, the service provider 201 and the SPB Manager 202 can perform the bundle download preparation procedure. In the bundle production requirements delivery process 211, the service provider 201 can selectively transmit the identifier (SSP ID) of the SSP 205 where the bundle will be installed to the SPB Manager 202, and can provide the service selected by the subscriber. At least one of a specific bundle identifier (SPB ID) and a bundle family identifier (SPB Family ID) may be transmitted to the SPB Manager 202. In the bundle production requirements delivery process 211, the SPB Manager 202 can select one of the bundles with the delivered specific bundle identifier or the bundle with the bundle family identifier, and transmits the identifier of the selected bundle to the service provider 201. can do. In the bundle production requirements delivery process 211, the service provider 201 or SPB Manager 202 can create a new bundle Matching ID that can distinguish the selected bundle. Additionally, the SPB Manager 202 can manage the selected bundle by linking the delivered SSP identifier (SSP ID). In the bundle production requirements delivery process (211), the SPB Manager (202) can deliver the bundle management server address (SPB Manager Address) where the selected bundle can be downloaded to the service provider (201). At this time, the bundle management server address may be the address of a specific or random bundle management server where the prepared bundle is stored, or it may be the address of another bundle management server that can store and obtain download information (server address, etc.) of the prepared bundle. When the service provider 201 requests the SPB Manager 202 to prepare a telecom bundle in the bundle production requirements delivery process 211, information about the eSIM profile matching the corresponding telecom bundle can be provided.

If part of the bundle production requirements delivery process 211 precedes the service subscription process 210, the service provider 201 may deliver prepared bundle download information to the user 200 in the service subscription process 210. The bundle download information can selectively transmit at least one of the bundle management server address (SPB Manager Address) where the bundle is prepared, the bundle Matching ID of the prepared bundle, and the bundle family identifier (SPB Family ID) of the prepared bundle.

Referring to FIG. 2, bundle download information may be transmitted to the LBA 204 of the terminal 203 in the bundle information input process 231 to be downloaded. The bundle download information may be at least one of the address of the bundle management server to which the LBA 204 will connect (SPB Manager Address), the bundle identifier of the bundle prepared in the bundle production requirements delivery process 211, and the bundle family identifier of the prepared bundle. . The bundle identifier may include at least one of the bundle Matching ID or bundle Event ID generated in the bundle production requirements delivery process 211. Additionally, the bundle identifier may include the bundle family identifier of the prepared bundle. The bundle Event ID may include at least one of the bundle Matching ID of the bundle prepared in the bundle production requirements delivery process 211 and the address of the bundle management server. Bundle download information can be obtained by the user 200 entering the SSP Activation Code into the LBA 204 (e.g., QR code scanning, direct text input, etc.), or by using a push input through an information providing server (not shown). 204). Additionally, the LBA 204 can receive bundle download information by connecting to an information provision server (not shown) previously set in the terminal 203.

Bundle download from SPB Manager (202) to SSP (205) is a function performed at the interface (221) between SPB Manager (202) and LBA (204) and the interface (222) between LBA (204) and SPB Loader (206). It can be implemented with the and actions. The interface 222 between the LBA 204 and the SPB Loader 206 may correspond to the first interface 122 of FIG. 1.

FIG. 3 is a diagram illustrating a process in which the SSP terminal 310 switches from a bundle download procedure to an eSIM profile download procedure, according to some embodiments of the present disclosure.

Figure 3 particularly features a case where the SSP terminal 310 requests a Telecom Bundle. According to FIG. 3, when the SSP terminal 310 cannot process the bundle download request from the SPB Manager 315, a family identifier-specific error code 320 is transmitted to the SSP terminal 310 and the SSP terminal 310 You can attempt to download the eSIM profile using the response from the SPB Manager (315).

In step 301, the LBA 312 of the SSP terminal 310 requests the SPB Manager 315 to download the bundle. In step 301, the LBA 312 obtains the information necessary to request a bundle download by having the LBA 312 input the contents of the SSP Activation Code by the user or scan the SSP Activation Code in the form of a QR code. It includes a method of transmitting related information from a service provider or through other functions of the LBA 312. In step 301, when requesting a bundle download, the LBA 312 may provide the information of the SSP 311 and the SSP terminal 310 to the SPB Manager 315.

SSP information may include at least one of the following:

- Primary platform information (manufacturer, manufacturing number, serial number, version information)

- SPB Loader information (version information)

- List of bundles installed in SSP

- List of eSIM bundles installed on SSP

- List of bundles with a specific family identifier installed in the SSP

- Metadata list of bundles installed in SSP

- Metadata list of eSIM bundle installed in SSP

- Metadata list of bundles with a specific family identifier installed in the SSP

Terminal information may include at least one of the following.

- Version of LBA

- ETSI SSP TS 103 666-2 iSSP standard document version used to implement LBA

- Version of LPA

- The standard document version of GSMA SGP.22 used to implement LPA

- Availability of eSIM profile installation

- Whether you have an eSIM Activation Code

- Modem availability

The procedure in which step 301 is performed may be before or after the SSP terminal 310 and the SPB Manager 315 mutually authenticate based on a digital certificate during the bundle download procedure.

In step 302, the SPB Manager 315 determines whether the bundle can be installed in the SSP terminal 310 based on the SSP information and terminal information transmitted from the SSP terminal 310 in step 301.

In step 302, the SPB Manager 315 may make the following determination.

- Determine whether a bundle of supportable family identifiers is requested

- Determine whether the version of the loader (SPB Loader) and LBA within the SSP are supportable based on SSP information and terminal information

- Determine whether the bundle held by the SPB Manager (315) is compatible with the SSP terminal (310) based on SSP information

Based on the above determination, the SPB Manager 315 determines that the SSP terminal 310 supports the family identifier of the bundle, that the loader and LBA versions of the SSP terminal 310 are supported, and that the requested bundle is supported by the SSP terminal. If it is determined that it is compatible with 310, it responds normally to the request from the SSP terminal 310 and continues to perform the bundle download procedure. If you determine that you cannot continue performing the bundle download procedure, you can perform the judgment below.

- Determine whether the SSP terminal 310 holds the eSIM bundle 314 based on SSP information and terminal information.

- Determine whether the profile held by the SPB Manager (315) can be installed in the eSIM bundle (314) of the SSP terminal (310) based on SSP information and terminal information.

- Determine whether a specific profile can be installed in the eSIM bundle 314 of the SSP terminal 310 based on SSP information and terminal information.

- Based on SSP information and terminal information, SPB Manager determines whether the bundle applet can be installed on the SSP terminal (310).

Based on the above determination, when the SPB Manager (315) determines that there is no bundle that the SSP terminal (310) can install, but that the SSP terminal (310) can switch to an eSIM profile or applet download, in step 303, the SPB Manager ( 315) may transmit the family identifier-specific error code 320 to the SSP terminal 310.

Family identifier-specific error code 320 may include at least one of the following information.

- Family identifier-specific error code indicator (indicator)

- Family identifier of the bundle

- 'RSP conversion indicator' indicating that conversion is possible through the eSIM profile download procedure.

- eSIM Activation Code content, which is information required to perform eSIM download (SM-DP+ address, AC_TOKEN, SM-DP+ OID, etc.)

- An indicator indicating that the bundle cannot be downloaded, but the applet of the bundle can be downloaded.

- Information required to perform bundle applet download (SKMS address, applet information)

According to some embodiments, when the SSP terminal 310 requests a telecom bundle, but the SPB Manager 315 wants to notify that the bundle cannot be downloaded and that eSIM profile conversion is possible, the Family identifier-specific error code among the above information is added to the Family identifier-specific error code. It can be transmitted including a specific error code indicator, family identifier of the bundle, and RSP conversion indicator, and the eSIM Activation Code can be transmitted selectively.

According to step 304, the LBA 312 of the SSP terminal 310 may make the following determination based on the error message and family identifier-specific error code sent by the SPB Manager 315.

- Bundle download failed for some reason.

- Family identifier-specific error code was sent from SPB Manager (315)

- You can attempt to download an eSIM profile using the family identifier-specific error code sent by SPB Manager (315).

- You can attempt to download the bundle applet using the family identifier-specific error code sent by SPB Manager (315).

- You can attempt to download an eSIM profile using the eSIM Activation Code included in the SSP Activation Code entered by LBA (312).

According to step 305, the LBA (312) can prepare to download the profile by selecting one of the eSIM Bundles (314) installed in the SSP (311) using the LPA (313) function.

If step 305 is successfully performed, in step 306, the LPA 313 can request an eSIM profile download to the SPB Manager 315 or SM-DP+ 316 using the information delivered by the LBA 312. In step 306, the eSIM profile download protocol may follow the GSMA SGP.22 standard.

According to some embodiments, even if the error message transmitted from the SPB Manager 315 in step 305 does not include eSIM Activation Code information, after the user subscribes to the telecom service as in the service subscription process 210 of FIG. 2, the eSIM Activation Code is If a bundle download is attempted using the included SSP Activation Code, the LBA 312 may attempt an eSIM profile download procedure by transmitting the eSIM Activation Code information to the LPA 313.

In step 305, if the family identifier of the bundle requested by the SSP terminal 310 in step 301 is not telecom, the following situations are included.

- SM-DP+ (316) may be another server that supports downloading of the applet within the bundle requested by the SSP terminal (310) in step 301.

- The subject requesting applet download may be another object within the LBA (312) rather than the LPA (313).

The applet download protocol at step 306 may follow other standards.

Figure 4a is a diagram sequentially showing the procedure for the SSP terminal 400 to receive a family identifier-specific error code from the SPB Manager 404, according to some embodiments of the present disclosure.

Steps 411, 412, 413, and 414 of FIG. 4A are part of the procedure in which the SSP terminal 400 requests the SPB Manager 404 to download a bundle.

In step 411, the LBA 402 of the SSP terminal 400 sends a function to request SSP information to install a bundle in the SSP to the loader (SPB Loader, 401) in the SSP. At this time, the LBA 402 may transmit the family identifier of the bundle to be installed to the loader 401. Upon receiving the SSP information request function, the loader 401 transfers the SSP information to the LBA 402 (step 412).

In step 413, the LBA (402) establishes a Transport Layer Security (TLS) connection with the SPB Manager (404) server to request bundle download.

In step 414, the LBA 402 calls the SPBM certificate request function to the SPB Manager 404. When calling the function, the LBA (402) can transmit SSP information and terminal information to the SPB Manager (404). The transmitted SSP information and terminal information may refer to step 301 of FIG. 3.

In step 415, the SPB Manager (404) determines whether the bundle can be installed on the SSP terminal (400). The decision made by the SBP Manager 404 in step 415 may refer to the decision made by the SPB Manager 315 in step 302 of FIG. 3 . Additionally, in step 415, the SPB Manager 404 may perform the following operations.

- You can select the family identifier of the bundle.

- You can also select the object identifier of the management organization that manages the family identifier of the bundle.

- You can select the SPBM key generation certificate (CERT.SPBM.KA) and the certificate chain to verify it.

- You can select the CI information of the certificate that the SSP should use.

- You can select information about the encryption algorithm that SSP should use to encrypt data.

According to step 416a, if the SPB Manager 404 determines in step 415 that bundle installation is possible on the SSP terminal 400, it may respond to the LBA 402 including the following information.

- Family identifier

- SPBM key generation certificate (CERT.SPBM.KA) and certificate chain to verify it

- Certificate CI information that SSP must use

- Information on the encryption algorithm that the SSP should use to encrypt data

Additionally, in step 416a, the SPB Manager 404 may respond to the LBA 402 by selectively including information about the encryption algorithm to be used by the SSP.

If the SPB Manager 404 determines in step 415 that the bundle cannot be installed on the SSP terminal 400, an error message and a family identifier-specific error code may be transmitted to the LBA 402 in step 416b. The contents of the family identifier-specific error code may be the same as the family identifier-specific error code 320 of FIG. 3.

The LBA 402, which receives the response from the SPB Manager 404 in step 416a, may call the SSP Credential request function to the loader 401. In the SSP Credential request function in step 416a, the LBA 402 may pass the server credential to the loader 401, and the server credential may include at least one of the following.

- Family identifier

- SPBM key generation certificate (CERT.SPBM.KA) and certificate to verify it

- Certificate CI information that SSP must use

- Information on the encryption algorithm that the SSP should use to encrypt data

- Bundle code matching information (CODE_M)

Among these, the family identifier, the SPBM key creation certificate (CERT.SPBM.KA) and the certificate to verify it, the certificate CI information that the SSP should use, and the information of the encryption algorithm that the SSP should use for data encryption are stored in the SPB Manager (404) in step 416a. ) may be information in response to the LBA (402).

Additionally, the Server Credential may optionally include bundle code matching auxiliary information (challenge_S).

The loader 401 that receives the SSP Credential request function in step 418 can create an SSP Credential based on the received server credential. SSP Credential creation operations may include the following:

- Verification of SPBM key generation certificate (CERT.SPBM.KA)

- Selection of certificate for SPBL signing according to CI information of certificate to be used by SSP

- SPBL ephemeral key pair generation

- Create ID_TRANSAC that can be used as session ID

- Generate the first session key (session key 1) using the public key (PK.SPBM,KA) included in the SPBM key generation certificate and the private key (eSK.SPBL.KA) of the SPBL ephemeral key.

- Generate sspImageSeesionToken containing the SPBL ephemeral key and generate sspImageSessionTokenSignature signed with the secret key (SK.SPBL.DS) corresponding to the SPBL signing certificate (CERT.SPBL.DS) for sspImageSessionToken.

- Creation of second SSP information. The second SSP information may include the SSP information mentioned in step 301 of FIG. 3 and a Primary Platform Identifier.

- Generation of an sspToken including at least one of bundle code matching information (CODE_M), bundle code matching auxiliary information (challenge_S), and the generated second SSP information, and corresponding to a SPBL signing certificate (CERT.SPBL.DS) for the sspToken Create sspTokenSignature signed with private key

- Encrypt the SPBL signing certificate (CERT.SPBL.DS) with the generated first session key to generate first encryption information (sspM1) and first integrity check information (sspH1). When generating the first encryption information (sspM1) and the first integrity verification information (sspH1), the generated sspToken and sspTokenSignature may be encrypted together with the SPBL signing certificate (CERT.SPBL.DS).

- The generated sspToken and sspTokenSignature may be encrypted separately from the SPBL signing certificate and generated as second encryption information (sspM2) and second integrity verification information (sspH2).

- Certificate chain of SPBL signing certificate (CERT.SPBL.DS), the generated sspImageSessionToken, the generated sspImageSessionTokenSignature, the generated sspToken, the generated sspTokenSignature, the generated first encryption information (sspM1) and first integrity verification information (sspH1), generating SSP Credential including at least one of the generated second encryption information (sspM2) and second integrity verification information (sspH2)

In step 419, the loader 401 transmits the generated SSP Credential to the LBA 402 in response to the SSP Credential request function. If an error occurs in an operation in step 418, an error message is responded and the procedure ends.

The LBA 402, which receives the SSP Credential from the loader 401 in step 419, calls the Bundle/Metadata request function to the SPB Manager 404 in step 420. When the LBA (402) calls the Bundle/Metadata request function, the following information can be delivered to the SPB Manager (404).

- SSP Credential received from the loader 401

- Version of LBA, version of LPA, whether eSIM profile can be installed, and whether eSIM Activation Code is available. Terminal information, including some of the modem availability

The SPB Manager 404, which received the SSP Credential and terminal information from the LBA 402 in step 420, can perform at least one of the following operations based on the SSP Credential and terminal information received in step 421.

- An operation including at least one of the judgments performed by the SPB Manager 315 in step 302 of FIG. 3

- eSK.SPBM, a private key paired with the public key (ePK.SPBL.KA) of the SPBL ephemeral key and ePK.SPBM.KA, the public key of the SPBM key generation certificate Generate the first session key using .KA

- Decrypt the first encryption information (sspM1) using the first session key and verify sspTokenSignature

- SPBL signing certificate (CERT.SPBL.DS) and certificate chain verification

- Validate the contents of sspImageSessionToken and sspImageSessionTokenSignature

- Validate the contents of sspToken and sspTokenSignature

- Determine whether the bundle indicated by CODE_M existing in the sspToken is held.

- Determine whether the bundle indicated by CODE_M present in the sspToken can be installed on the SSP terminal.

- Determine if it is a supportable Primary Platform Identifier

If all of the above operations performed by the SPB Manager 404 in step 421 are performed without verification failure, the SPB Manager 404 performs at least one of the following operations.

- Create TIME_STAMP and encrypt it with the first session key

- Prepare metadata of the bundle (bundle specified by CODE_M) to be delivered to the SSP terminal 400

- Generate SPBM ephemeral key pair (ePK.SPBM.KA, eSK.SPBM.KA)

- Generate a second session key using the SPBM ephemeral private key (eSK.SPBM.KA) and ePK.SPBL.KA extracted from the SSP Credential

- Select SPBM certificate for signing and prepare certificate chain to verify SPBM certificate for signing

- Generate a SpbmToken containing the generated SPBM ephemeral public key (ePK.SPBM.KA) and ID_TRANSAC included in the received SSP Credential.

- Generate SpbmTokenSignature by signing the spbmToken created above with the secret key corresponding to the SPBM certificate for signing.

- Encrypt the Image descriptor of the bundle to be delivered with the second session key

- Encrypt the ARP token with the second session key

- Encrypt the Segment Descriptor Structure of the bundle to be delivered with the second session key. Segment Descriptor Structure may include key information that can decrypt the bundle segment into an installable form.

- Create encrypted bundles. The encrypted bundle includes bundle metadata, SPBM certificate for signing and SPBM certificate chain for signing, spbmToken and spbmTokenSignature created above, ARP token and Segment Descriptor Structures encrypted with the encrypted TIME_STAMP and second session key, and bundle segments to be delivered to the terminal. It can be included. Segment Descriptor Structure and values representing the number of segments may also be included in the encrypted bundle.

According to step 422a, after creating the metadata (Bundle Metadata) and the encrypted bundle (encrypted Secondary Platform Bundle), the SPB Manager (404) sends the metadata of the created bundle and the created encrypted bundle to the LBA (402). It responds to the Bundle/Metatdata request function, including one of the following:

If verification of at least one of the operations performed by the SPB Manager 404 in step 421 fails, the SPB Manager 404 may determine the following.

- Determination of validity of eSIM Bundle installed on SSP terminal

- Determine whether it is possible to support a profile that can be installed in the eSIM Bundle installed on the SSP terminal.

- Determine whether the SSP terminal holds the eSIM Activation Code

According to step 422b, the SPB Manager 404 responds to the Bundle/Metadata request function with an error message and a Family identifier-specific error code. The family identifier-specific error code corresponds to the family identifier-specific error code 320 in FIG. 3.

In step 421, if the SSP terminal 400 does not have the capability to install an eSIM profile or the SPB Manager 404 determines that the eSIM profile cannot be supported to the SSP terminal 400, an error message is sent without a family identifier-specific error code. Just respond with

The LBA 402, which has received the family identifier-specific error code in steps 416b and 422b, can terminate the bundle download procedure and proceed with further operations according to the contents of the family identifier-specific error code. Examples of the future operation may include performing an eSIM profile download procedure or performing a bundle applet download procedure.

Figure 4b shows that when the SSP terminal 400 fails to install the encrypted bundle received from the SPB Manager 404, the LBA 403 sends a notification message to the SPB Manager 404, according to some embodiments of the present disclosure. This diagram sequentially shows the procedure for transmitting and receiving a family identifier-specific error code in response to the SSP terminal 400.

Steps 420, 421, and 422a are the same as those in FIG. 4A.

The LBA 402, which has received the encrypted bundle (bound bundle) in step 422a, may transmit the first bundle installation command parameter, which is part of the data of the encrypted bundle, to the SPBL 401 in step 423. The first bundle installation command parameters may include the following information.

- Bundle metadata included in the encrypted bundle received from SPBM Manager 404 in step 422a

- SPBM certificate for signing and SPBM certificate chain for signing included in the encrypted bundle received from SPBM Manager 404 in step 422a

- The spbmToken contained in the encrypted bundle received from the SPBM Manager 404 in step 422a and the spbmTokenSignature that signed it. spbmTokenSignature can be verified with the SPBM certificate for signing.

- Encrypted Image descriptor and integrity check value

- Encrypted TIME STAMP and integrity check values

- Encrypted ARP token and integrity check value

Encryption algorithm used to encrypt the encrypted Image descriptor, TIME STAMP, and ARP token

In step 424, the SPBL 401, which has received the first bundle installation command parameter, performs a first bundle installation command processing operation. The first bundle installation command parameter processing may include the following operations.

- Verify the SPB Manager's signing certificate (signature SPBM certificate) and certificate chain included in the first bundle installation command parameters. The certificate may be verified using the SPBM key formation certificate and the public key used to verify the certificate chain in step 418.

- Verification of spbmTokenSignature included in the first bundle installation command parameter. spbmTokenSignature can be verified with the public key of the SPBM certificate for signing.

- Verify that the IdTransac value in spbmToken included in the first bundle installation command parameter is the same as the ID_TRANSAC value generated in step 418 for the same session.

- Generate a second session key using the spbm temporary public key (ePK.SPBM.KA) in spbmToken included in the first bundle installation command parameter and the SPBL temporary private key (eSK.SPBL.KA) generated in step 418.

- Decrypt the encrypted TIME STAMP using the first session key generated in step 418 and check its integrity with the integrity check value.

- Decrypt the encrypted image descriptor and the encrypted ARP token using the second session key and confirm the integrity with each integrity check value.

- Check the bundle identifier and bundle family identifier in the decrypted Image descriptor

- Saving bundle metadata included in the first bundle installation command parameters. Check whether the values in the bundle identifier, bundle family identifier, and image descriptor in the bundle metadata match.

At step 425, SPBL 401 may convey a first bundle installation command response to LBA 403. If step 424 is successfully performed, the SPBL 401 may transmit a message indicating that the first bundle installation command parameter processing was normally performed as a first bundle installation command response to the LBA 403. If step 424 is not performed successfully, the SPBL 401 may transmit a message indicating that processing of the first bundle installation command parameter failed to the LBA 403 as a first bundle installation command response. At this time, the reason for failure in processing the first bundle installation command parameter may be included in the first bundle installation command response. Reasons for failure to process the first bundle installation command parameter may include that the SPBM certificate for signing is invalid, or the bundle identifier is incorrect, or the bundle family identifier is incorrect, or the bundle to be installed is incompatible with the SSP, etc.

In step 426, the LBA 403, which has received the first bundle installation command response indicating that the first bundle installation command processing has been successfully performed, transmits the second bundle installation command parameter, which is part of the data of the encrypted bundle, to the SPBL 401. You can. The second bundle installation command parameters may include the following information.

- Segment descriptor structure encrypted with the second session key

In step 427, the SPBL 401, which has received the second bundle installation command parameter, may perform a second bundle installation command processing operation. The second bundle installation command parameter processing may include the following operations.

- Second bundle installation command Decrypts the segment descriptor structure encrypted with the second session key with the second session key.

- Obtain key information to decrypt the bundle segment from the decrypted segment descriptor structure.

At step 428, SPBL 401 may convey a second bundle installation command response to LBA 403. If step 427 is successfully performed, the SPBL 401 may transmit a message indicating that the second bundle installation command parameter processing was normally performed as a second bundle installation command response to the LBA 403. If step 427 is not performed successfully, the SPBL 401 may transmit a message indicating that the second bundle installation command parameter processing failed to the LBA 403 as a second bundle installation command response. At this time, the reason for failure in processing the second bundle installation command parameter may be included in the second bundle installation command response. Reasons for failure in processing the second bundle installation command parameter may include failure to decrypt the encrypted segment descriptor structure, or the decrypted segment descriptor structure value is invalid.

In step 429, the LBA 403, which has received the second bundle installation command response indicating that the second bundle installation command processing has been successfully performed, transmits the third bundle installation command parameter, which is part of the data of the encrypted bundle, to the SPBL 401. You can. The third bundle installation command may include the following information.

- Bundle segment. The bundle segment may be decrypted using key information obtained by the SPBL 401 from processing the second bundle installation command parameters in step 427 and used for bundle installation.

In step 430, the SPBL 401, which has received the third bundle installation command parameter, performs a third bundle installation command processing operation. Third bundle installation command parameter processing may include the following operations:

- Decrypt the bundle segment included in the third bundle installation command parameter using the bundle segment decryption key obtained from processing the second bundle installation command parameter.

- Use the decrypted bundle segment for bundle installation

At step 431, SPBL 401 may convey a third bundle installation command response to LBA 403. If step 430 is successfully performed, the SPBL 401 may deliver a message to the LBA 403 indicating that the third bundle installation command parameter processing was performed normally. If step 430 is not performed successfully, the SPBL 401 may deliver a message to the LBA 403 indicating that the third bundle installation command parameter processing failed. At this time, the reason for failure in processing the third bundle installation command parameter may be included in the third bundle installation command response. The third reason for bundle installation command parameter processing failure is failure to decrypt the bundle segment, or failure to install the decrypted bundle segment on the SSP, or the decrypted bundle segment is not compatible with the SSP, or the installed bundle is not compatible with the SSP, or the installed bundle segment is not compatible with the SSP. This may include that the bundle does not follow a valid format, or that the installed bundle cannot run.

The LBA 402 and SPBL 401 may repeatedly perform steps 428, 429, 430, and 431 until all bundle segments included in the encrypted bundle received from the SPB Manager 404 are delivered. The number of bundle segments that must be delivered may be included in the encrypted bundle.

The LBA 402, which has received the first bundle installation command response in step 425, may deliver a notification message to the SPB Manager 404 in step 432a. The notification message may include a reason for success in processing the first bundle installation command parameters or failure in processing the first bundle installation command parameters, depending on the first bundle installation command response. Reasons for failure to process the first bundle installation command parameter may include that the SPBM certificate for signing is invalid, or the bundle identifier is incorrect, or the bundle family identifier is incorrect, or the bundle to be installed is incompatible with the SSP, etc.

The LBA 402, which has received the second bundle installation command response in step 428, may deliver a notification message to the SPB Manager 404 in step 432b. The notification message may include a reason for success in processing the second bundle installation command parameters or failure in processing the second bundle installation command parameters, depending on the second bundle installation command response. Reasons for failure in processing the second bundle installation command parameter may include failure to decrypt the encrypted segment descriptor structure, or the decrypted segment descriptor structure value is invalid.

The LBA 402, which has received the third bundle installation command response in step 431, may deliver a notification message to the SPB Manager 404 in step 432c. The notification message may include, depending on the third bundle installation command response, whether the third bundle installation command parameter processing was successful, the reason for the third bundle installation command parameter processing failure, or all segments of the bundle were installed normally. The third reason for bundle installation command parameter processing failure is failure to decrypt the bundle segment, or failure to install the decrypted bundle segment on the SSP, or the decrypted bundle segment is not compatible with the SSP, or the installed bundle is not compatible with the SSP, or the installed bundle segment is not compatible with the SSP. This may include that the bundle does not follow a valid format, or that the installed bundle cannot run.

According to step 433, the SPB Manager (404) can process the contents of the notification message delivered by the LBA (402). At this time, the notification message delivered by the LBA 402 may be one of steps 432a, 432b, and 432c. The notification message delivered by the LBA 402 in steps 432a, 432b, and 432c includes the version of the LPA, whether an eSIM profile can be installed, and whether an eSIM Activation Code is held. It may contain terminal information including some of the modem availability. The notification message delivered by the LBA 402 in steps 432a, 432b, and 432c may include SSP information and terminal information delivered in step 301 of FIG. 3.

Depending on the content of the notification message received by the SPB Manager (404), the SPB Manager (404) can determine as follows.

- The bundle was installed properly on the SSP terminal (400).

- Bundle installation failed on SSP terminal (400)

- The SPBL (401) of the SSP terminal (400) determines that the encrypted bundle is invalid.

- The SPBL (401) of the SSP terminal (400) determines that the encrypted bundle is not compatible with the SSP and the Primary Platform.

- If the bundle you want to install is a telecom bundle and the bundle installation fails on the SSP terminal 400, determine whether a profile can be installed instead of the telecom bundle.

The process of determining whether the SPB Manager 404 can install a profile may include the following.

- Determination of validity of eSIM Bundle installed on SSP terminal

- Determine whether it is possible to support a profile that can be installed in the eSIM Bundle installed on the SSP terminal.

- Determine whether the SSP terminal holds the eSIM Activation Code

In step 434, the SPB Manager 404 may respond to the notification message delivered from the LBA 402. The notification message response sent by the SPB Manager 404 in step 434 may include a family identifier-specific error code. The family identifier-specific error code may be the same as the family identifier-specific error code 320 of FIG. 3. The LBA 402 may download the profile through eSIM Remote SIM Provisioning (RSP) based on the notification message response delivered by the SPB Manager 404 in step 434. An embodiment of downloading a profile to the eSIM RSP after receiving a notification message response is described in detail in FIG. 5B.

FIG. 5A is a diagram showing subsequent operations when the LBA 502 of the SSP terminal 500 receives a family identifier-specific error code from the SPB Manager 504 during the bundle download procedure, according to some embodiments of the present disclosure. .

In particular, Figure 5a shows an example where the SSP terminal 500 requests download of a telecom bundle.

In step 511, the LBA 502 calls the bundle download request function to the SPB Manager 504. At this time, the bundle download request function may be either the SPBM certificate request function in step 414 of FIG. 4A or the Bundle/Metadata request function in step 420 of FIG. 4A.

Although the SPB Manager (504) receives a bundle download request from the LBA (502) in step 511, the bundle download procedure cannot continue, and in order to enable the SSP terminal (500) to perform the eSIM profile download procedure, step 512 is performed. Accordingly, SPB Manager 504 transmits an error message and Family identifier-specific error code to LBA 502. In particular, Figure 5a characterizes the case where the SSP terminal 500 requests a Telecom Bundle, so the Family identifier-specific error code transmitted in step 512 may be called a Telecom Family-specific error code.

The LBA 502, which has received the Telecom Family-specific error code in step 513, ends the bundle download procedure and selects an eSIM Bundle from which the eSIM profile can be downloaded. The action of selecting an eSIM Bundle may include the following:

- Select the eSIM Bundle installed on SSP

- If the selected eSIM Bundle is inactive, activate the eSIM Bundle through LBA (502) and loader (SPB Loader)

According to step 514, the LBA 502 allows the LPA 503 to start the eSIM profile download procedure, and according to step 515, it can deliver eSIM Activation code information including SM-DP+ address, AC_TOKEN, SM-DP+ OID, etc. there is. The information that the LBA (502) transmits to the LPA (503) is the eSIM Activation Code included in the SSP Activation Code input by the LBA (502) or the Telecom Family-specific error code received from the SPB Manager (504) in step 512. It may be content. The contents of the Telecom Family-specific error code may include:

- 'RSP conversion indicator' indicating that conversion is possible through the eSIM profile download procedure.

- Information on eSIM Activation Code (FQDN (Fully Qualified Domain Name) of the SM-DP+ server, which is the server that provides the eSIM profile, AC_Token (MatchingID) that can indicate the eSIM profile to be downloaded, etc.)

According to some embodiments, if the SPB Manager 504 does not directly possess eSIM Activation Code information such as the SM-DP+ and AC_Token, a Telecom Family-specific error code consisting of an RSP conversion indicator without eSIM Activation Code content can be delivered to the LBA (502).

The Telecom Family-specific error code may optionally include optional items defined in GSMA SGP.22, such as the Object Identifier of SM-DP+.

After step 512 is performed, steps 514 and 515 may be performed first, and then step 513 may be performed.

After steps 513, 514, and 515 are performed, the eSIM Bundle and the LPA 503 can download the eSIM profile to the eSIM Bundle by performing the profile download procedure defined in GSMA SGP.22 in step 516.

FIG. 5B is a diagram showing subsequent operations when the LBA 502 of the SSP terminal 500 receives a family identifier-specific error code from the SPB Manager 504 during the bundle download procedure, according to some embodiments of the present disclosure. .

In particular, Figure 5b shows an example where the SSP terminal 500 requests download of a telecom bundle.

According to step 511a, the LBA 502 may deliver a notification message to the SPB Manager 504. Step 511a may be one of step 432a, step 432b, or step 432c in FIG. 4B. SPB Manager 504, which has received the notification message, can respond to the notification message according to step 512a. In step 512a, the notification message response may include a family identifier-specific error code. Step 512a may be step 433 in FIG. 4B.

Figures 6a and 6b are diagrams showing a flowchart of the operation of the SPB Manager when the SPB Manager receives a bundle download request from the SSP terminal.

In particular, steps 602, 604, and 605 of FIG. 6A are diagrams showing specific examples of the operation in step 421 performed by the SPB Manager 404 shown in FIG. 4A.

When a Bundle/Metadata request comes in from the SSP terminal (step 601), the SPB Manager determines whether the SPB Manager holds the bundle requested by the SSP terminal (step 602). The process of determining bundle possession in step 602 can utilize CODE_M and Challenge_S values among the information provided by the SSP terminal in step 601. Additionally, in step 602, the SPB Manager determines whether the bundle requested by the SSP terminal is compatible with the SSP terminal. The information used in this determination can utilize the information in the SSP Credential provided by the SSP terminal.

If the judgment in step 602 is passed, the SPB Manager can respond to the SSP terminal in step 603 by including the encrypted Bundle and SPBM key creation information in the Bundle/Metadata request. The response may optionally include bundle metadata. Step 603 corresponds to step 422a in FIG. 4A.

If the judgment in step 602 is not satisfied, in step 604, the SPB Manager determines whether the bundle requested by the SSP terminal is a bundle that can be converted to eSIM profile download. The decision made by the SPB Manager in step 604 may consist of some of the following.

- Does the bundle requested by the SSP terminal match a specific eSIM profile?

- Does the SPB Manager have the ability to separately provide the profile (first profile) included in the bundle requested by the SSP terminal?

- Does SPB Manager have Activation code information to download the first profile?

- Does SPB Manager have the ability to separately provide a profile (second profile) that can be provided when the bundle installation fails due to a contract with the service provider that provided the bundle?

- Does SPB Manager have Activation code information to download the second profile?

When the judgment passes in step 604, it is determined in step 605 whether the SSP terminal has the ability to download the eSIM profile. The determination may include determining the validity of the eSIM Bundle installed in the SSP terminal based on the SSP Credential and terminal information provided by the SSP terminal.

When the judgment passes in step 605, the SPB Manager transmits an error message and a family identifier-specific error code to the SSP terminal in step 606. If the family identifier of the bundle requested by the SSP terminal is a Telecom family identifier, the Family identifier-specific error code may be a Telecom Family-specific error code. The contents of the Telecom Family-specific error code may include:

- RSP indicator indicating that conversion to eSIM profile download procedure is possible

- FQDN (Fully Qualified Domain Name) of the SM-DP+ server, which is the server that provides the eSIM profile

AC_Token (MatchingID) that can indicate the eSIM profile to download

The Telecom Family-specific error code may optionally include optional items defined in GSMA SGP.22, such as the Object Identifier of SM-DP+.

If the judgments of steps 604 and 605 are not passed, the SPB Manager responds to the SSP terminal with an error message in step 607.

The Bundle/Metadata request received by the SPB Manager in step 601 may correspond to the Bundle/Metadata request performed in step 420 of FIG. 4A.

Additionally, step 601 of FIG. 6A may correspond to the step of receiving the SPBM certificate request from the SSP terminal in step 414 of FIG. 4A. In this case, the operations of steps 602, 604, and 605 are performed by the SPB in step 415 of FIG. 4A. This can be a specific example of an operation performed by the Manager.

FIG. 6B is a diagram illustrating an operation in which the SPB Manager additionally includes a process of determining whether the SSP terminal holds an eSIM Activation Code, according to some embodiments.

Steps 611, 612, 613, 614, and 615 of FIG. 6B may refer to operations of steps 601, 602, 603, 604, and 605 of FIG. 6A, respectively.

When the SPB Manager determines in step 615 that the SSP terminal can download the eSIM profile, it determines whether the SSP terminal holds the eSIM Activation Code in step 616. The determination in step 616 includes a procedure to check whether there is information that the terminal holds an eSIM Activation Code among the SSP Credential and terminal information received from the SSP terminal in step 611. If it is determined that the SSP terminal has an eSIM Activation Code, the SPB Manager may respond by including an RSP switchable indicator in the family identifier-specific error code in step 617.

If it is determined in step 616 that the SSP terminal does not possess an eSIM Activation Code, the SPB Manager determines in step 618 whether it possesses an eSIM Activation Code that can be provided to the SSP terminal. The determination in step 618 may generally include the process of determining whether the SBP Manager holds the eSIM Activation Code for the eSIM profile that matches the bundle code matching information (CODE_M) of the bundle requested by the SSP terminal. If the SPB Manager does not possess the eSIM Activation Code in step 618, the SPB Manager may respond by including an RSP switchable indicator in the family identifier-specific error code in step 617. In step 618, if the SPB Manager holds the eSIM Activation Code, it can respond by additionally including the contents of the eSIM Activation Code held in the Family identifier-specific error code.

Figures 6c and 6d are diagrams showing a flowchart of the operation of the SPB Manager when a bundle installation failure notification message is received from the SSP terminal. FIGS. 6C and 6D may be some examples of the notification message processing operation performed by the SPB Manager in step 433 of FIG. 4B.

Step 601c of FIG. 6C may be one of step 432a, step 432b, or step 432c of FIG. 4B.

Steps 604c and 605c of FIG. 6C may be the same as steps 604 and 605 of FIG. 6A.

If the SPB Manager determines in step 605c that the SSP terminal can download the eSIM profile, a notification message response including a family identifier-specific error code containing information that allows the terminal to proceed with profile download can be delivered to the LBA in step 606c. there is. The family identifier-specific error code in step 606c may be the same as the family identifier-specific error code described in step 606 of FIG. 6A.

If it is not determined in step 604c that it is a bundle that can be converted to profile download, or if it is not determined in step 605c that the SSP terminal has the function to download an eSIM profile, the SPB Manager may respond with a notification message to the LBA in step 607c. The notification message response may include an acknowledge message indicating that the notification message has been successfully received.

Figure 6d is another embodiment of how the SPB Manager processes the bundle installation failure notification message when it receives the bundle installation failure notification message from the SSP terminal.

Step 601d of FIG. 6D may be one of steps 432a, 432b, or 432c of FIG. 4B.

Steps 614d, 615d, 616d, and 618d of FIG. 6D may refer to steps 614, 615, 616, and 618 of FIG. 6B, respectively.

If the SSP terminal knows information that it has an eSIM Activation Code in step 616d, or does not have eSIM Activation Code information to be provided to the SSP terminal in step 618d, a family identifier-specific containing an RSP switchable indicator according to step 617d. The error code can be included in the notification message response and delivered to the LBA. For the configuration of the family identifier-specific error code containing the RSP switchable indicator, refer to step 617 of FIG. 6B.

If the SPB Manager holds the eSIM Activation Code information to be provided to the SSP terminal in step 618d, a notification message response including a family identifier-specific error code containing the eSIM Activation Code can be delivered to the LBA in step 619d. For the configuration of the notification message response including the Family identifier-specific error code containing the eSIM Activation Code, refer to step 619 of FIG. 6B.

If it is not determined in step 614d that it is a bundle that can be converted to profile download, or if it is not determined in step 615d that the SSP terminal has the ability to download an eSIM profile, the SPB Manager can respond with a notification message to the LBA in step 620d. there is. The notification message response may include an acknowledge message indicating that the notification message has been successfully received.

Figures 7a, 7b, and 7c are flowcharts showing operations when the LBA of the SSP terminal receives a response from a request sent to the SPB Manager during the bundle download procedure.

In particular, step 702 of FIG. 7A shows an example of an operation when the LBA makes a Bundle/Metadata request performed in step 420 of FIG. 4A to the SPB Manager and receives a response.

After steps 411 to 419 of FIG. 4A are performed, the flowchart of FIG. 7A begins and the LBA calls the Bundle/Metadata request function (step 701). If a response containing at least one of the encrypted bundle and the metadata of the bundle is received from the SPB Manager that received the Bundle/Metadata request (step 702), the LBA continues to perform the bundle download procedure (step 703). Step 703 may include the following operations.

- LBA checks information in bundle metadata

- If the LBA checks the bundle metadata information and there is no problem, sends the encrypted bundle and bundle metadata to the SPB Loader and installs the bundle in the SSP.

In step 702, if the LBA does not receive a response containing at least one of the encrypted bundle and bundle metadata in response to the Bundle/Metadata request, check whether the response is a Family identifier-specific error code containing eSIM Activation Code content. (step 704). Family identifier-specific error code may refer to the description described in Family identifier-specific error code 320 of FIG. 3. If an error message without a Family identifier-specific error code is received in the response or if unknown information is received in the response, the LBA terminates the bundle download procedure (step 707).

If the response is a Family identifier-specific error code containing eSIM Activation Code content, the LBA performs the following operations (step 705). In particular, the operations below describe some embodiments when the Family identifier of the bundle is a Telecom Family identifier.

- Interpret the contents of the family identifier-specific error code and extract the contents of the eSIM Activation Code

- Deliver the information required for the eSIM profile download procedure (eSIM Activation Code contents) to the LPA

- Select the eSIM Bundle to download the eSIM profile. If there is no activated eSIM Bundle, select one of the installed eSIM Bundles to activate it.

After performing step 705, the LBA performs the eSIM profile download procedure defined in GSMA SGP.22 using the LPA and the selected eSIM Bundle (step 706).

According to some embodiments, step 701 of FIG. 7A may be step 414 of FIG. 4A. In this case, the determination in step 702 can be replaced with a process of determining whether the SPB Manager's response corresponds to the response the SPB Manager sends to the LBA in step 416a of FIG. 4A. If the SPB Manager's response to the SPBM certificate request function in step 414 of the LBA does not correspond to the response sent by the SPB Manager in step 416a, the LBA's operation may be performed according to the flowchart after step 704. When the LBA receives the response sent by the SPB Manager in step 416a in response to the SPBM certificate request, the next operation (step 417) is performed according to the bundle download procedure.

Figure 7b shows that, according to some embodiments, if the eSIM Activation Code is included in the response from the SPB Manager, the information is used to convert to eSIM profile download, and if the response from the SPB Manager does not include the eSIM Activation Code, the eSIM Activation Code held by the terminal is shown. This diagram illustrates the procedure for converting to an eSIM profile download procedure using the eSIM Activation Code.

The beginning of Figure 7b begins before the SSP terminal performs step 414 of Figure 4a. Step 711 refers to step 414 in FIG. 4A. If a response according to step 416a is received from the SPB Manager in step 712, step 713 is performed. If a response according to step 416b is received from the SPB Manager in step 712, step 716 is performed.

Steps 713, 714, and 715 refer to the descriptions of steps 701, 702, and 703 in FIG. 7A.

In step 716, the LBA determines whether the response from the SPB Manager is a family identifier-specific error code including an RSP conversion indicator.

If the response from the SPB Manager is a Family identifier-specific error code that includes an RSP conversion indicator, determine whether the response includes eSIM Activation Code content according to step 717. If the response is a Family identifier-specific error code that includes an eSIM Activation Code, the LBA operates according to step 718. Step 718 refers to 705 in FIG. 7A.

If the response in step 716 is not a Family identifier-specific error code including the RSP conversion indicator, and if the response in step 717 does not include the eSIM Activation Code, step 720 is performed.

Step 720 determines whether the eSIM Activation Code is included in the SSP Activation Code information used when the LBA first performs the bundle download procedure according to step 301 of FIG. 3. The determination in step 720 may be a process of determining whether, when downloading a bundle, the LBA includes information that can download the eSIM profile corresponding to the bundle to be downloaded.

If the LBA holds the eSIM Activation Code in step 720, the LBA transfers the eSIM Activation Code it holds to the LPA in step 721 and then selects the eSIM Bundle to receive the profile.

Steps 719 and 722 refer to steps 706 and 707 of FIG. 7A, respectively.

Figure 7c shows that according to some embodiments, when there is an eSIM Activation Code in the response from the SPB Manager, the SSP terminal additionally determines whether there is an eSIM Activation Code already in possession, and if so, selects one of the two pieces of information. This diagram illustrates the procedure for attempting to download an eSIM profile.

The operations of steps 731, 732, 733, 734, and 735 of FIG. 7C may correspond to operations of steps 711, 712, 713, 714, and 715 of FIG. 7B, respectively.

The operations of steps 736, 737, 742, and 743 of FIG. 7C may correspond to steps 716, 717, 720, and 721 of FIG. 7B, respectively.

If a Family identifier-specific error code containing the eSIM Activation Code is received in the response in step 737, the LBA determines whether the eSIM Activation Code is included in the SSP Activation Code information used when requesting the bundle download in step 738. Step 738 may refer to step 720 of FIG. 7B.

In step 738, when the LBA holds the eSIM Activation Code, in step 739, the LBA selects one of the eSIM Activation Code already held and the eSIM Activation Code included in the Family identifier-specific error code received from the SPB Manager to enter the LPA. You can select the eSIM Bundle that you delivered and received the profile from. In step 739, the eSIM Activation Code already held by the LBA and the eSIM Activation Code included in the Family identifier-specific error code received from the SPB Manager may be the same information.

If there is no eSIM Activation Code already held by the LBA in step 738, step 740 is performed. The operation of step 740 may refer to step 718 of FIG. 7B.

Steps 741 and 744 refer to steps 706 and 707 of FIG. 7A, respectively.

Figures 8a, 8b, and 8c are flowcharts showing operations when the LBA of the SSP terminal receives a response to the notification message sent to the SPB Manager during the bundle download procedure.

Step 801 of FIGS. 8A, 8B, and 8C may be one of steps 432a, 432b, and 432c of FIG. 4B.

Step 802 in FIGS. 8A, 8B, and 8C may be step 434 in FIG. 4B.

Steps 804, 805, 806, and 807 of FIG. 8A may refer to steps 704, 705, 706, and 707 of FIG. 7A, respectively.

Steps 816, 817, 818, 819, 820, 821, and 822 in FIG. 8B refer to steps 716, 717, 718, 719, 720, 721, and 722 in FIG. 7B, respectively. can do.

Step 836, step 837, step 838, step 839, step 840, step 841, step 842, step 843, and step 844 of FIG. 8C are respectively step 736, step 737, step 738, step 739, step 740, and step 844 of FIG. 7C. Reference may be made to steps 741, 742, 743, and 744.

In the specific embodiments of the present disclosure described above, elements included in the disclosure are expressed in singular or plural numbers depending on the specific embodiment presented. However, the singular or plural expressions are selected to suit the presented situation for convenience of explanation, and the present disclosure is not limited to singular or plural components, and even components expressed in plural may be composed of singular or singular. Even expressed components may be composed of plural elements.

Meanwhile, in the detailed description of the present disclosure, specific embodiments have been described, but of course, various modifications are possible without departing from the scope of the present disclosure. Therefore, the scope of the present disclosure should not be limited to the described embodiments, but should be determined not only by the scope of the patent claims described later, but also by the scope of this patent claim and equivalents.

The various embodiments of the present disclosure and the terms used herein are not intended to limit the technology described in the present disclosure to specific embodiments, and should be understood to include various modifications, equivalents, and/or replacements of the embodiments. In connection with the description of the drawings, similar reference numbers may be used for similar components. Singular expressions may include plural expressions, unless the context clearly dictates otherwise. In the present disclosure, expressions such as “A or B”, “at least one of A and/or B”, “A, B or C” or “at least one of A, B and/or C” refer to all of the items listed together. Possible combinations may be included. Expressions such as "first", "second", "first" or "second" can modify the corresponding components regardless of order or importance, and are only used to distinguish one component from another component. The components are not limited. When a component (e.g. a first) component is said to be "connected (functionally or communicatively)" or "connected" to another (e.g. a second) component, it means that the component is connected to the other component. It may be connected directly to a component or may be connected through another component (e.g., a third component).

The term “module” used in this disclosure includes a unit comprised of hardware, software, or firmware, and may be used interchangeably with terms such as logic, logic block, component, or circuit, for example. A module may be an integrated part, a minimum unit that performs one or more functions, or a part thereof. For example, a module may be comprised of an application-specific integrated circuit (ASIC).

Various embodiments of the present disclosure are software (e.g., program) including instructions stored in a machine (e.g., computer) readable storage media (e.g., internal memory or external memory). The device may be implemented as a device capable of calling instructions stored in a storage medium and operating according to the called instructions, and may include a terminal according to various embodiments of the present invention. The instruction may perform the function corresponding to the instruction directly or using other components under the control of the processor. The instruction may include code generated or executed by a compiler or interpreter.

A storage medium that can be read by a device may be provided in the form of a non-transitory storage medium. Here, 'non-transitory' only means that the storage medium does not contain signals and is tangible, and does not distinguish whether the data is stored semi-permanently or temporarily in the storage medium.

Methods according to various embodiments disclosed in the present disclosure may be included and provided in a computer program product. Computer program products are commodities and can be traded between sellers and buyers. The computer program product may be distributed on a machine-readable storage medium (e.g. compact disc read only memory (CD-ROM)) or online through an application store (e.g. Play Store™). In the case of online distribution, at least a portion of the computer program product may be at least temporarily stored or created temporarily in a storage medium such as the memory of a manufacturer's server, an application store's server, or a relay server. Each component (e.g., module or program) according to various embodiments may be composed of a single or plural entity, and some of the above-described sub-components may be omitted, or other sub-components may be variously used. Further examples may be included. Alternatively or additionally, some components (e.g., modules or programs) may be integrated into a single entity and perform the same or similar functions performed by each corresponding component prior to integration. According to various embodiments, operations performed by a module, program, or other component may be executed sequentially, in parallel, iteratively, or heuristically, or at least some operations may be executed in a different order, omitted, or other operations may be added. You can.

Claims (16)

In a method by a server in a wireless communication system,
Receiving, from a terminal, a first message requesting download of a bundle;
determining whether the bundle can be installed in a smart secure platform (SSP) included in the terminal based on the first message;
If the bundle cannot be installed, determining whether the download of the bundle can be converted to a download of an eSIM profile in an embedded subscriber identity module (eSIM) bundle included in the SSP; and
When the download of the bundle can be converted to a download of the eSIM profile in the eSIM bundle included in the SSP, transmitting a second message including a family special error code to the terminal,
The first message includes at least one of SSP information or terminal information,
the eSIM profile is downloaded to the eSIM bundle, and
A method wherein the SSP information includes primary platform information. According to paragraph 1,
Wherein the family special error code includes information about profile download. According to paragraph 1,
A method characterized in that the eSIM bundle is selected from among eSIM bundles installed in the SSP based on the family special error code. According to paragraph 1,
The SSP information further includes at least one of SPB (secondary platform bundle) Loader information, a list of eSIM bundles installed in the SSP, and
The method characterized in that the terminal information includes information about whether the eSIM profile can be installed. In a method by a terminal in a wireless communication system,
Transmitting, to a server, a first message requesting bundle download;
If the bundle cannot be installed and the download of the bundle can be converted to a download of an eSIM profile in an embedded subscriber identity module (eSIM) bundle included in a smart secure platform (SSP), a family special error code is sent from the server. Receiving a second message containing; and
downloading the eSIM profile from the server to the eSIM bundle,
Whether the bundle can be installed in the SSP included in the terminal is determined based on the first message containing at least one of SSP information and terminal information, and
A method wherein the SSP information includes primary platform information. According to clause 5,
Wherein the family special error code includes information about profile download. According to clause 5,
The method further comprising selecting the eSIM bundle among eSIM bundles installed in the SSP based on the family special error code. According to clause 5,
The SSP information further includes at least one of SPB (secondary platform bundle) Loader information, a list of eSIM bundles installed in the SSP, and
The method is characterized in that the terminal information includes information about whether the eSIM profile can be installed. On the server,
A transceiver unit capable of transmitting and receiving at least one signal; and
It includes a control unit coupled to the transceiver unit,
The control unit:
Receiving a first message requesting download of a bundle from the terminal,
Based on the first message, determine whether the bundle can be installed in a smart secure platform (SSP) included in the terminal,
If the bundle cannot be installed, determine whether the download of the bundle can be converted to a download of an eSIM profile in an embedded subscriber identity module (eSIM) bundle included in the SSP, and
configured to transmit a second message including a family special error code to the terminal when the download of the bundle can be converted to a download of the eSIM profile in the eSIM bundle included in the SSP,
The first message includes at least one of SSP information or terminal information,
the eSIM profile is downloaded to the eSIM bundle, and
A server wherein the SSP information includes primary platform information. According to clause 9,
The server wherein the family special error code includes information about profile download. According to clause 9,
A server characterized in that the eSIM bundle is selected from among eSIM bundles installed in the SSP based on the family special error code. According to clause 9,
The SSP information further includes at least one of SPB (secondary platform bundle) Loader information, a list of eSIM bundles installed in the SSP, and
The terminal information includes information on whether the eSIM profile can be installed. In the terminal,
A transceiver unit capable of transmitting and receiving at least one signal; and
It includes a control unit coupled to the transceiver unit,
The control unit:
Send a first message requesting bundle download to the server,
If the bundle cannot be installed and the download of the bundle can be converted to a download of an eSIM profile in an embedded subscriber identity module (eSIM) bundle included in a smart secure platform (SSP), a family special error code is sent from the server. Receiving a second message comprising, and
configured to download, from the server, the eSIM profile to the eSIM bundle,
Whether the bundle can be installed in the SSP included in the terminal is determined based on the first message containing at least one of SSP information and terminal information, and
A terminal characterized in that the SSP information includes primary platform information. According to clause 13,
A terminal characterized in that the family special error code includes information about profile download. The method of claim 13, wherein the control unit:
The terminal further configured to select the eSIM bundle among eSIM bundles installed in the SSP based on the family special error code. According to clause 13,
The SSP information further includes at least one of SPB (secondary platform bundle) Loader information, a list of eSIM bundles installed in the SSP, and
A terminal characterized in that the terminal information includes information about whether the eSIM profile can be installed.

Images