CN103546886B - The data configuration method of Universal Integrated Circuit Card, Apparatus and system - Google Patents

The data configuration method of Universal Integrated Circuit Card, Apparatus and system Download PDF

Info

Publication number
CN103546886B
CN103546886B CN201210247048.3A CN201210247048A CN103546886B CN 103546886 B CN103546886 B CN 103546886B CN 201210247048 A CN201210247048 A CN 201210247048A CN 103546886 B CN103546886 B CN 103546886B
Authority
CN
China
Prior art keywords
uicc
mark
business
cipher key
provider equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210247048.3A
Other languages
Chinese (zh)
Other versions
CN103546886A (en
Inventor
罗红
乐祖晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201210247048.3A priority Critical patent/CN103546886B/en
Priority to PCT/CN2013/079364 priority patent/WO2014012468A1/en
Publication of CN103546886A publication Critical patent/CN103546886A/en
Application granted granted Critical
Publication of CN103546886B publication Critical patent/CN103546886B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)
  • Telephone Function (AREA)

Abstract

The invention discloses the data configuration method of a kind of Universal Integrated Circuit Card, Apparatus and system, including: receive service fulfillment request, the request of described service fulfillment carries UICC mark and the first Provider Equipment mark;Send the UICC certificate corresponding with UICC mark pre-saved to the first Provider Equipment corresponding with the first Provider Equipment mark, described UICC certificate carries UICC mark and UICC PKI;Receive the first business cipher key after the encryption corresponding with UICC mark that the first Provider Equipment sends, and the first business cipher key after encryption is sent to the UICC corresponding with UICC mark.Compared to the prior art, the data configuration method of Universal Integrated Circuit Card of present invention proposition, Apparatus and system, it is possible to the carrier data in the Universal Integrated Circuit Card in M2M terminal is dynamically configured, expands the range of M2M terminal.

Description

The data configuration method of Universal Integrated Circuit Card, Apparatus and system
Technical field
The present invention relates to data communication technology, particularly to the data configuration side of a kind of Universal Integrated Circuit Card Method, Apparatus and system.
Background technology
Along with developing rapidly of internet of things service, M2M(Machine To Machine) application of terminal is throughout electricity Multiple industries such as power, traffic, Industry Control, medical treatment and Administration of Public Affairs.M2M typically refers to Machinery equipment is by mobile communications network and other equipment or the communication of system.In order to be linked into movement Communication network, M2M terminal needs install the smart card that operator provides, due to M2M terminal Applied environment has bigger different from regular handset terminal, it is therefore desirable to use M2M in M2M terminal Special intelligent card.
M2M special intelligent card refers generally on the basis of existing smart card, soft by existing smart card Hardware and associated support platform upgrade after smart card, to meet the demand of M2M industry.M2M Special intelligent card carries the coding resource that operator provides, i.e. M2M terminal accessing mobile communication network Identity, simultaneously M2M special intelligent card can also carry and process operator provide various increasings Value service.
The difference realized according to application scenarios and technology, current M2M special intelligent card is divided into following two Kind: MP card and MS card.
MP card is the abbreviation of M2M Plug-In card, i.e. plug type SIM, uses and can adapt to spy The special chip of different environmental requirement and special card matrix material, physical property is higher, can meet longer making With life-span and the requirement of more adverse circumstances.
MS card is M2M SMD(Surface Mount Device, surface-mounted devices) abbreviation that blocks, I.e. welded type SIM, it possesses the repertoire of traditional SIM card completely, uses SMD paster simultaneously Packaging technology makes SIM chip can be directly welded on M2M terminal module, to realize closely jail Solid physical connection and reliable interface communication.
During realizing the present invention, inventor finds that in prior art, at least there are the following problems:
Carrier data in existing MP card and MS card is pre-configured with by operator, And MP card and MS card cannot change carrier data after usage, cause the M2M terminal can only Communicate with predetermined operator, limit the range of M2M terminal.
Summary of the invention
In view of this, the data configuration of three kinds of Universal Integrated Circuit Cards of offer is provided Method, it is possible to realize the carrier data of the Universal Integrated Circuit Card in M2M terminal is dynamically joined Put, expand the range of M2M terminal.
Another object of the present invention is to provide the data configuration device of four kinds of Universal Integrated Circuit Cards, it is possible to Realize the carrier data of the universal integrated circuit in M2M terminal is dynamically configured, expand The range of M2M terminal.
A further object of the present invention is to provide the data collocation system of a kind of Universal Integrated Circuit Card, it is possible to Realize the carrier data of the Universal Integrated Circuit Card in M2M terminal is dynamically configured, expand The range of M2M terminal.
For reaching above-mentioned purpose, the technical scheme is that and be achieved in that:
A kind of data configuration method of Universal Integrated Circuit Card, described method includes:
Reception service fulfillment is asked, and carries Universal Integrated Circuit Card UICC mark in the request of described service fulfillment With the first Provider Equipment mark;
Pre-save to the first Provider Equipment transmission corresponding with described first Provider Equipment mark with institute State the UICC certificate that UICC mark is corresponding, described UICC certificate carries described UICC mark and UICC PKI;
Receive the first industry after the encryption corresponding with described UICC mark that described first Provider Equipment sends Business key, and the first business cipher key after described encryption is sent to the UICC corresponding with described UICC mark.
A kind of Universal Integrated Circuit Card management platform, including: first receives unit and the first transmitting element;
Described first receives unit, is used for receiving service fulfillment request, carries logical in the request of described service fulfillment By integrated circuit card UICC mark and the first Provider Equipment mark, the request of described service fulfillment is sent to institute State the first transmitting element;
Described first transmitting element, for setting to the first operator corresponding with described first Provider Equipment mark Preparation send the UICC certificate corresponding with described UICC mark pre-saved, and carries in described UICC certificate There are described UICC mark and UICC PKI;
Described first receives unit, is additionally operable to receive marking with described UICC of described first Provider Equipment transmission Know the first business cipher key after corresponding encryption, the first business cipher key after described encryption is sent to described the One transmitting element;
Described first transmitting element, the first business cipher key after being additionally operable to described encryption is sent to described The UICC that UICC mark is corresponding.
A kind of first Provider Equipment, including: second receives unit, business cipher key signal generating unit, the second transmission Unit and the first service interaction unit;
Described second receives unit, for receiving the UICC that Universal Integrated Circuit Card UICC management platform sends Certificate, carries UICC mark and UICC PKI, is sent out by described UICC certificate in described UICC certificate Give described business cipher key signal generating unit;
Described business cipher key signal generating unit, for when passing through described UICC certification authentication, according to default side Method generates first business cipher key corresponding with described UICC mark, uses described UICC PKI to described first Business cipher key is encrypted, and described first business cipher key is sent to the first service interaction unit, after encrypting The first business cipher key be sent to described second transmitting element;
Described second transmitting element, for being sent to identify with described UICC by the first business cipher key after encryption Corresponding UICC;
Described second receives unit, is additionally operable to obtain described UICC after getting described first business cipher key The service fulfillment sent performs response, and described service fulfillment performs to carry described UICC in response and pre-saves Described UICC mark;
Described first service interaction unit, is used for using described first business cipher key and described UICC to carry out business Alternately.
A kind of Universal Integrated Circuit Card, including: the 3rd receives unit, decryption unit, the 3rd transmitting element and the Two service interaction unit;
Described 3rd receives unit, after receiving the encryption that Universal Integrated Circuit Card UICC management platform sends The first business cipher key, the first business cipher key after described encryption is sent to described decryption unit;
Described decryption unit, for using the UICC private key corresponding with UICC PKI pre-saved to described The first business cipher key after encryption is decrypted, and obtains the first business cipher key, is sent out by described first business cipher key Give the second service interaction unit, and send one first transmission instruction to described 3rd transmitting element;
Described 3rd transmitting element, for, after receiving described first and sending instruction, setting to the first operator Preparation send service fulfillment to perform response, and described service fulfillment performs to carry, in response, the UICC pre-saved Mark;
Described second service interaction unit, is used for using described first business cipher key and described first Provider Equipment Carry out service interaction.
A kind of user terminal, including: the 3rd memory cell and Universal Integrated Circuit Card UICC;
Described 3rd memory cell, is used for storing described UICC;
Described UICC, the first business cipher key after receiving the encryption that UICC management platform sends;Use The first business cipher key after described encryption is solved by the UICC private key corresponding with UICC PKI pre-saved Close, obtain the first business cipher key;Send service fulfillment to the first Provider Equipment and perform response, described business Open and perform response carries the UICC mark pre-saved;Use described first business cipher key and described One Provider Equipment carries out service interaction.
A kind of data collocation system of Universal Integrated Circuit Card, including: Universal Integrated Circuit Card UICC management is flat Platform, the first Provider Equipment and UICC;
Described UICC manages platform, is used for receiving service fulfillment request, carries in the request of described service fulfillment UICC mark and the first Provider Equipment mark, to first fortune corresponding with described first Provider Equipment mark Battalion's business's equipment sends the UICC certificate corresponding with described UICC mark pre-saved, described UICC certificate In carry described UICC mark and with described UICC UICC PKI corresponding to mark;Receive described first The first business cipher key after the encryption corresponding with described UICC mark that Provider Equipment sends, and add described The first business cipher key after close is sent to the UICC corresponding with described UICC mark;
Described first Provider Equipment, for receiving the UICC certificate that described UICC management platform sends, institute State and UICC certificate carries described UICC mark and described UICC PKI;When to described UICC certificate When being verified, generate first business cipher key corresponding with described UICC mark according to presetting method, use institute State UICC PKI described first business cipher key is encrypted, and will encryption by described UICC management platform After the first business cipher key be sent to and described UICC UICC corresponding to mark;Obtain described UICC obtaining The service fulfillment sent after getting described first business cipher key performs response, and described service fulfillment performs response In carry the described UICC mark that described UICC pre-saves;Use described first business cipher key and described UICC carries out service interaction;
Described UICC, the first business after receiving the described encryption that described UICC management platform sends is close Key;Use the UICC private key corresponding with described UICC PKI pre-saved to the first industry after described encryption Business key is decrypted, and obtains described first business cipher key;Send business to described first Provider Equipment to open Leading to and perform response, described service fulfillment performs to carry the described UICC mark pre-saved in response;Use Described first business cipher key and described first Provider Equipment carry out service interaction.
Visible, use technical scheme, UICC management platform to take in asking according to service fulfillment The UICC mark of band and the first Provider Equipment mark, obtain the first Provider Equipment generates and UICC The first business cipher key after the encryption that mark is corresponding, the UICC the first business after getting described encryption Use the first business cipher key after the UICC private key pair encryption pre-saved to be decrypted after key, make The first business cipher key and the first Provider Equipment with obtaining after deciphering carry out service interaction.Owing to user sends out Carrying the first Provider Equipment mark in the service fulfillment request sent, UICC management platform is according to described First Provider Equipment is designated Universal Integrated Circuit Card and opens corresponding with the first Provider Equipment mark the Service interaction between one Provider Equipment, therefore operator can be neatly in Universal Integrated Circuit Card Carrier data dynamically configure, it is not necessary to M2M terminal needs in process of production according to operator Be customized exploitation, therefore the present invention propose the data configuration method of Universal Integrated Circuit Card, device and System, solving M2M terminal in prior art can only ask with the technology that predetermined operator communicates Topic, expands the range of M2M terminal;It addition, the method for the invention implements simple side Just, it is simple to universal.
Accompanying drawing explanation
Fig. 1 is the first flowchart that the present invention opens Universal Integrated Circuit Card.
Fig. 2 is the flowchart of the generation method of Universal Integrated Circuit Card certificate of the present invention.
Fig. 3 is the flowchart that the present invention opens the first embodiment of Universal Integrated Circuit Card.
Fig. 4 is the generation method schematic diagram that the present invention transmits sub-key.
Fig. 5 is the flowchart that the present invention opens the second embodiment of Universal Integrated Circuit Card.
Fig. 6 is the second flowchart that the present invention opens Universal Integrated Circuit Card.
Fig. 7 is the 3rd flowchart that the present invention opens Universal Integrated Circuit Card.
Fig. 8 is the 4th flowchart that the present invention opens Universal Integrated Circuit Card.
Fig. 9 is the first flowchart that the present invention terminates Universal Integrated Circuit Card.
Figure 10 is the flowchart that the present invention terminates the first embodiment of Universal Integrated Circuit Card.
Figure 11 is the flowchart that the present invention terminates the second embodiment of Universal Integrated Circuit Card.
Figure 12 is the second flowchart that the present invention terminates Universal Integrated Circuit Card.
Figure 13 is the 3rd flowchart that the present invention terminates Universal Integrated Circuit Card.
Figure 14 is the 4th flowchart that the present invention terminates Universal Integrated Circuit Card.
Figure 15 is the first flowchart of Universal Integrated Circuit Card switch operators of the present invention.
Figure 16 is the flowchart of the first embodiment of Universal Integrated Circuit Card switch operators of the present invention.
Figure 17 is the flowchart of the second embodiment of Universal Integrated Circuit Card switch operators of the present invention.
Figure 18 is the second flowchart of Universal Integrated Circuit Card switch operators of the present invention.
Figure 19 is the 3rd flowchart of Universal Integrated Circuit Card switch operators of the present invention.
Figure 20 is the 4th flowchart of Universal Integrated Circuit Card switch operators of the present invention.
Figure 21 is the structural representation of Universal Integrated Circuit Card of the present invention management platform.
Figure 22 is the structural representation of the present invention the first Provider Equipment.
Figure 23 is the structural representation of Universal Integrated Circuit Card of the present invention.
Figure 24 is the structural representation of user terminal of the present invention.
Figure 25 is the data collocation system structural representation of Universal Integrated Circuit Card of the present invention.
Detailed description of the invention
For problems of the prior art, the present invention proposes the universal integrated circuit after a kind of improvement The data configuration scheme of card, it is possible to realize the Universal Integrated Circuit Card in M2M terminal is carried out dynamic number According to configuration, expand the range of M2M terminal.
For making technical scheme clearer, clear, develop simultaneously embodiment referring to the drawings, right Scheme of the present invention is described in further detail.
Fig. 1 is the first flowchart that the present invention opens Universal Integrated Circuit Card.As it is shown in figure 1, bag Include step as described below:
Step 101: Universal Integrated Circuit Card UICC management platform receives service fulfillment request message, described industry Business is opened and is carried UICC mark and the first Provider Equipment mark in request message.
Universal Integrated Circuit Card (Universal Integrated Circuit Card, UICC) is that one can be moved Dynamic smart card, it is used for storing the information such as user profile, KI, telephone directory and short message.
In a particular embodiment of the present invention, described UICC mark can be UICC ID, it is also possible to be Other identification informations of UICC.In this step, UICC management platform can be to use the following two kinds mode Reception service fulfillment is asked:
First kind of way, user applies for that the first Provider Equipment MNO1 of ownership receives user and submits business Shen to Please ask, described business application request carries UICC mark;First Provider Equipment manages to UICC Platform sends service fulfillment request, carries UICC mark and the first operator sets in the request of described service fulfillment Standby the first Provider Equipment mark pre-saved.
Such as, user, when buying UICC, can obtain the UICC mark corresponding with described UICC, when User, when UICC is opened in the first Provider Equipment application, submits to business application to ask to the first Provider Equipment Ask, described business application request carries described UICC mark.
The second way, UICC management platform directly receives the service fulfillment request that user submits to, described business Open and request message carries UICC mark and the first Provider Equipment mark.
Step 102:UICC management platform is to first Provider Equipment corresponding with the first Provider Equipment mark Send the UICC certificate corresponding with UICC mark pre-saved, described UICC certificate carries UICC Mark and UICC PKI.
It is preferred that in a particular embodiment of the present invention, send out to the first Provider Equipment at UICC management platform Before sending the UICC certificate corresponding with UICC mark pre-saved, UICC management platform inquiry and UICC Whether the UICC of mark correspondence is activated, if not being activated, then sends to the first Provider Equipment and pre-saves With UICC UICC certificate corresponding to mark;If being activated, then send mistake to the first Provider Equipment Information.Specifically, described UICC is activated and refers to that described UICC has opened and Provider Equipment Between service interaction;Described UICC be not activated refer to described UICC do not open with Provider Equipment it Between service interaction, or described UICC terminated the service interaction between Provider Equipment.
Before this step, UICC management platform needs to pre-save the UICC card corresponding with UICC mark Book.Fig. 2 is the flowchart of the generation method of Universal Integrated Circuit Card certificate of the present invention.As in figure 2 it is shown, Step including as described below:
Step 201:UICC receive UICC vendor equipment send key request after, stochastic generation UICC public private key pair, is sent to UICC vendor equipment by UICC PKI, preserves UICC private key.
Step 202:UICC management platform receives the UICC card sheet information that UICC vendor equipment sends, institute State and UICC card sheet information carries UICC mark and UICC PKI.
In a particular embodiment of the present invention, UICC management platform uniform management UICC mark, specifically, UICC management platform can identify with stochastic generation two or more UICC, is identified by above for said two UICC Distribute to UICC vendor equipment, UICC vendor equipment receive UICC management platform send two with After upper UICC mark, each UICC mark in identifying according to the above UICC of said two generates UICC。
UICC card sheet information is sent to authentication center by step 203:UICC management platform.
In this step, UICC management platform receive UICC manufacturer send UICC card sheet information it After, UICC card sheet information is sent to authentication center.
Step 204: when UICC card sheet authentification of message is passed through by authentication center, returns to UICC management platform Return UICC certificate, described UICC certificate carries UICC mark and UICC PKI.
In this step, authentication center receive UICC management platform send UICC card sheet information after, According to authentication method of the prior art, described UICC card sheet information is authenticated, when authentication center pair When UICC card sheet authentification of message passes through, returning UICC certificate to UICC management platform, described UICC demonstrate,proves Book carries UICC mark and UICC PKI.
Step 205:UICC management platform preserves the UICC certificate corresponding with UICC mark.
In this step, UICC management platform, after receiving the UICC certificate that authentication center returns, is protected Deposit the UICC certificate corresponding with UICC mark.
Step 103: when UICC certification authentication is passed through by the first Provider Equipment, generates according to presetting method First business cipher key corresponding with UICC mark, uses UICC PKI to be encrypted the first business cipher key, And the first business cipher key after encryption is sent to corresponding with UICC mark by UICC management platform UICC。
In this step, the first Provider Equipment is receiving identifying with UICC of UICC management platform transmission After corresponding UICC certificate, the UICC certificate received is verified, when the first Provider Equipment pair When UICC certification authentication is passed through, generate corresponding with UICC mark according to key generation method of the prior art The first business cipher key, use UICC PKI the first business cipher key is encrypted, first Provider Equipment will The first business cipher key after encryption is sent to UICC and manages platform, the encryption that UICC management platform will receive After the first business cipher key be transmitted to and UICC UICC corresponding to mark.
After step 104:UICC uses the UICC private key pair encryption corresponding with UICC PKI pre-saved The first business cipher key be decrypted, obtain the first business cipher key.
In this step, the UICC the first business cipher key after receiving the encryption that UICC management platform sends Afterwards, use the first business cipher key after the UICC private key pair encryption pre-saved to be decrypted, obtain first Business cipher key.
Step 105: the first Provider Equipment obtains UICC and sends after getting described first business cipher key Service fulfillment perform response, described service fulfillment performs to carry, in response, the UICC that UICC pre-saves Mark.
Before this step, UICC, after getting the first business cipher key, returns to UICC management platform Service fulfillment performs response, and described service fulfillment performs to carry the UICC mark that UICC pre-saves in response Knowing, UICC management platform, will be with UICC after receiving the service fulfillment execution response that UICC sends UICC corresponding to mark is labeled as being activated, and service fulfillment performs response is sent to the first operator and sets Standby.
Step 106: the first Provider Equipment and UICC use the first business cipher key to carry out service interaction.
By above-mentioned to step 101~the description of 106, take due in the service fulfillment request that user sends With the first Provider Equipment mark, UICC management platform is designated generic set according to this first Provider Equipment Circuit card is become to open the service interaction between the first Provider Equipment corresponding with the first Provider Equipment mark, Therefore the carrier data in Universal Integrated Circuit Card can dynamically be configured by operator neatly, it is not necessary to M2M terminal needs to be customized exploitation according to operator in process of production.Concrete below in conjunction with going out two Universal Integrated Circuit Card is opened flow process and is described in detail by embodiment:
Fig. 3 is the flowchart that the present invention opens the first embodiment of Universal Integrated Circuit Card.As it is shown on figure 3, Step including as described below:
Step 301: the first Provider Equipment MNO1 receives the business application request that user submits to, described industry Business application request carries UICC ID.
Step 302:MNO1 sends service fulfillment request to UICC management platform, and described service fulfillment is asked In carry UICC ID and the first Provider Equipment mark.
Step 303:UICC management platform inquires about whether the UICC corresponding with UICC ID is activated, if not It is activated, performs step 304, otherwise, perform step 305.
Step 304:UICC management platform sends the UICC corresponding with UICC ID pre-saved to MNO1 Certificate, performs step 306.
Step 305:UICC management platform sends miscue information to MNO1, terminates universal integrated circuit That blocks opens flow process.
Step 306: when UICC certification authentication is passed through by MNO1, generates and UICC according to presetting method The first corresponding for ID business cipher key AUICCkey1, use UICC PKI PubUICCkeyTo AUICCkey1Add Close, it is thus achieved that the first business cipher key [A after encryptionUICCkey1]PubUICCkey
Step 307:MNO1 is by the first business cipher key [A after encryptionUICCkey1]PubUICCkeyIt is sent to UICC Management platform.
Step 308:UICC management platform is by the first business cipher key [A after encryptionUICCkey1]PubUICCkeyForward Give the UICC corresponding with UICC ID.
In this step, UICC management platform can use cable network or wireless network by first after encryption Business cipher key [AUICCkey1]PubUICCkeyIt is sent to the UICC corresponding with UICC mark.
It is preferred that in a particular embodiment of the present invention, the data between UICC management platform and UICC are handed over Mutually can be by transmission sub-key TUICCkeyIt is encrypted and authenticates.Such as, UICC management platform will add The first business cipher key [A after closeUICCkey1]PubUICCkeyWhen being transmitted to the UICC corresponding with UICC mark, UICC management platform can use transmission sub-key TUICCkeyTo [AUICCkey1]PubUICCkeyIt is encrypted, UICC is receiving UICC management platform use TUICCkey[A after encryptionUICCkey1]PubUICCkeyAfter, make Use TUICCkeyTo [the A after encryptionUICCkey1]PubUICCkeyIt is decrypted, it is thus achieved that [AUICCkey1]PubUICCkey
Fig. 4 is the generation method schematic diagram that the present invention transmits sub-key.As shown in Figure 4, UICC manages platform It is connected with encryption equipment 1 and encryption equipment 2 respectively with UICC vendor equipment, at encryption equipment 1 and encryption equipment 2 Middle pre-saving respectively transmits root key TRootkey, UICC management platform and UICC vendor equipment all can roots Transmission sub-key T is obtained according to UICC IDUICCkey.Specifically, UICC ID is sent by UICC management platform To encryption equipment 1, encryption equipment 1 uses the transmission root key T pre-savedRootkeyUICC ID is encrypted, Obtain the transmission sub-key T corresponding with UICC IDUICCkey, and by TUICCkeyReturn to UICC and manage platform. Similarly, UICC ID is sent to encryption equipment 2 by UICC vendor equipment, and encryption equipment 2 use pre-saves Transmission root key TRootkeyUICC ID is encrypted, it is thus achieved that the transmission sub-key corresponding with UICC ID TUICCkey, and by TUICCkeyReturn to UICC vendor equipment.
Step 309:UICC use pre-save with UICC PKI PubUICCkeyCorresponding UICC private key PriUICCkeyTo the first business cipher key [A after encryptionUICCkey1]PubUICCkeyIt is decrypted, obtains the first business Key AUICCkey1
In this step, UICC can be close to the first business after encryption according to decryption method of the prior art Key [AUICCkey1]PubUICCkeyIt is decrypted, it is thus achieved that the first business cipher key AUICCkey1
Step 310:UICC is getting AUICCkey1Backward UICC management platform return service fulfillment hold Row response, described service fulfillment performs to carry, in response, the UICC ID that UICC pre-saves.
The UICC corresponding with UICC ID is labeled as being activated by step 311:UICC management platform.
Service fulfillment is performed response and is sent to MNO1 by step 312:UICC management platform.
Step 313:MNO1 and UICC use the first business cipher key AUICCkey1Carry out service interaction.
Fig. 5 is the flowchart that the present invention opens the second embodiment of Universal Integrated Circuit Card.As it is shown in figure 5, Step including as described below:
Step 501:UICC management platform receives the service fulfillment request that user submits to, and described service fulfillment please UICC ID and the first Provider Equipment mark is carried in asking.
Step 502:UICC management platform inquires about whether the UICC corresponding with UICC ID is activated, if not It is activated, performs step 503, otherwise, perform step 504.
Step 503:UICC management platform sends in advance to the MNO1 corresponding with the first Provider Equipment mark The UICC certificate corresponding with UICC ID preserved, carries UICC ID and UICC in described UICC certificate PKI, performs step 505.
Step 504:UICC management platform sends miscue information to user, terminates Universal Integrated Circuit Card Open flow process.
Step 505: when UICC certification authentication is passed through by MNO1, generates and UICC according to presetting method The first corresponding for ID business cipher key AUICCkey1, use UICC PKI PubUICCkeyTo AUICCkey1Add Close, it is thus achieved that the first business cipher key [A after encryptionUICCkey1]PubUICCkey
Step 506:MNO1 is by the first business cipher key [A after encryptionUICCkey1]PubUICCkeyIt is sent to UICC Management platform.
Step 507:UICC management platform is by the first business cipher key [A after encryptionUICCkey1]PubUICCkeyForward Give the UICC corresponding with UICC ID.
Step 508:UICC use pre-save with UICC PKI PubUICCkeyCorresponding UICC private key PriUICCkeyTo the first business cipher key [A after encryptionUICCkey1]PubUICCkeyIt is decrypted, obtains the first business Key AUICCkey1
Step 509:UICC is getting AUICCkey1Backward UICC management platform return service fulfillment hold Row response, described service fulfillment performs to carry, in response, the UICC ID that UICC pre-saves.
The UICC corresponding with UICC ID is labeled as being activated by step 510:UICC management platform.
Service fulfillment is performed response and is sent to MNO1 by step 511:UICC management platform.
Step 512:MNO1 and UICC use the first business cipher key AUICCkey1Carry out service interaction.
By the above-mentioned description to the embodiment that two are opened Universal Integrated Circuit Card, UICC manages platform The UICC mark carried in asking according to service fulfillment and the first Provider Equipment mark, obtain the first operator The first business cipher key after the encryption corresponding with UICC mark that equipment generates, UICC adds described in getting The first business cipher key after the UICC private key pair encryption pre-saved is used after the first business cipher key after close Being decrypted, the first business cipher key and the first Provider Equipment that obtain after using deciphering carry out service interaction. Carrying the first Provider Equipment mark due in the service fulfillment request that user sends, UICC manages platform root It is designated Universal Integrated Circuit Card according to described first Provider Equipment and opens corresponding with the first Provider Equipment mark The first Provider Equipment between service interaction, therefore operator can be neatly to Universal Integrated Circuit Card In carrier data dynamically configure, it is not necessary to M2M terminal needs to enter according to operator in process of production Row customized development, the data configuration method of Universal Integrated Circuit Card, equipment and the system that therefore present invention proposes, Solve the technical problem that in prior art, M2M terminal can only communicate with predetermined operator, expand The range of M2M terminal.
Fig. 6 is the second flowchart that the present invention opens Universal Integrated Circuit Card.As shown in Figure 6, bag Include step as described below:
Step 601: receive service fulfillment request, carry general integrated electricity in the request of described service fulfillment An outpost of the tax office UICC mark and the first Provider Equipment mark.
In this step, UICC management platform receives service fulfillment request message, and described service fulfillment please Ask and message carries UICC mark and the first Provider Equipment mark.
Further, UICC management platform can be asked to use the following two kinds mode to receive service fulfillment:
First kind of way, user applies for that the first Provider Equipment MNO1 of ownership receives user and submits business Shen to Please ask, described business application request carries UICC mark;First Provider Equipment manages to UICC Platform sends service fulfillment request, carries UICC mark and the first operator sets in the request of described service fulfillment Standby the first Provider Equipment mark pre-saved.
Such as, user, when buying UICC, can obtain the UICC mark corresponding with described UICC, when User, when UICC is opened in the first Provider Equipment application, submits to business application to ask to the first Provider Equipment Ask, described business application request carries described UICC mark.
The second way, UICC management platform directly receives the service fulfillment request that user submits to, described Service fulfillment request message carries UICC mark and the first Provider Equipment mark.
Step 602: send to the first Provider Equipment corresponding with the first Provider Equipment mark and protect in advance Deposit with UICC UICC certificate corresponding to mark, described UICC certificate carries UICC mark with UICC PKI.
In this step, UICC management platform is to first operation corresponding with the first Provider Equipment mark Business's equipment sends the UICC certificate corresponding with UICC mark pre-saved, in described UICC certificate Carry UICC mark and UICC PKI.
It is preferred that in a particular embodiment of the present invention, set to the first operator at UICC management platform Before preparation send the UICC certificate corresponding with UICC mark pre-saved, UICC management platform is permissible Inquire about whether the UICC corresponding with UICC mark is activated, if not being activated, then to the first operator Equipment sends the UICC certificate corresponding with UICC mark pre-saved;If being activated, then to One Provider Equipment sends miscue information.
Step 603: that receive that the first Provider Equipment sends with after UICC encryption corresponding to mark the One business cipher key, and the first business cipher key after encryption is sent to the UICC corresponding with UICC mark.
In this step, UICC management platform receives identifying with UICC of the first Provider Equipment transmission Corresponding the first business cipher key after encryption, and the first business cipher key after encryption is sent to and UICC The UICC that mark is corresponding.
Fig. 7 is the 3rd flowchart that the present invention opens Universal Integrated Circuit Card.As it is shown in fig. 7, bag Include step as described below:
Step 701: receive the UICC certificate that UICC management platform sends, take in described UICC certificate With UICC mark and UICC PKI.
In this step, the first Provider Equipment receives the UICC certificate that UICC management platform sends, Described UICC certificate carries UICC mark and UICC PKI.
It is also preferred that the left in a particular embodiment of the present invention, the first Provider Equipment can receive user and submit to Business application is asked, and carries UICC mark in described business application request;First Provider Equipment to UICC management platform send service fulfillment request, described service fulfillment request in carry UICC mark and The first Provider Equipment mark that first Provider Equipment pre-saves.
Step 702: when passing through UICC certification authentication, generates according to presetting method and marks with UICC Know the first corresponding business cipher key, use UICC PKI that the first business cipher key is encrypted, and pass through The first business cipher key after encryption is sent to the UICC corresponding with UICC mark by UICC management platform.
In this step, the first Provider Equipment is receiving UICC management platform sends and UICC After the UICC certificate that mark is corresponding, the UICC certificate received is verified, when the first operation When UICC certification authentication is passed through by business's equipment, according to key generation method of the prior art generate with The first business cipher key that UICC mark is corresponding, uses UICC PKI to be encrypted the first business cipher key, The first business cipher key after encryption is sent to UICC and manages platform by the first Provider Equipment, and UICC manages The first business cipher key after the encryption that platform will receive is transmitted to the UICC corresponding with UICC mark.
Step 703: obtain the service fulfillment that UICC sends after getting described first business cipher key Performing response, described service fulfillment performs to carry the UICC mark that UICC pre-saves in response.
In this step, first Provider Equipment obtain UICC get described first business cipher key it The service fulfillment of rear transmission performs response, and described service fulfillment performs to carry UICC in response and protects in advance The UICC mark deposited.
Step 704: use the first business cipher key and UICC to carry out service interaction.
In this step, the first Provider Equipment uses the first business cipher key and UICC to carry out service interaction.
Fig. 8 is the 4th flowchart that the present invention opens Universal Integrated Circuit Card.As shown in Figure 8, bag Include step as described below:
Step 801: receive the first business cipher key after the encryption that UICC management platform sends.
In this step, the first business cipher key after UICC receives the encryption that UICC management platform sends.
Step 802: after using the UICC private key pair encryption corresponding with UICC PKI pre-saved First business cipher key is decrypted, and obtains the first business cipher key.
In this step, the UICC the first business after receiving the encryption that UICC management platform sends After key, the first business cipher key after the UICC private key pair encryption pre-saved is used to be decrypted, Obtain the first business cipher key.
Step 803: the service fulfillment sent to the first Provider Equipment performs response, described service fulfillment Perform response carries the UICC mark pre-saved.
In this step, UICC, after getting the first business cipher key, returns to UICC management platform Returning service fulfillment and perform response, described service fulfillment performs to carry what UICC pre-saved in response UICC identify, UICC management platform receive UICC send service fulfillment perform response after, It is labeled as being activated by the UICC corresponding with UICC mark, and service fulfillment is performed response transmission To the first Provider Equipment.
Step 804: use the first business cipher key and the first Provider Equipment to carry out service interaction.
In this step, UICC uses the first business cipher key and the first Provider Equipment to carry out service interaction.
Further, in a particular embodiment of the present invention, use described at the first Provider Equipment and UICC After first business cipher key carries out service interaction, it is also possible to include termination Universal Integrated Circuit Card realizes flow process, Fig. 9 is the first flowchart that the present invention terminates Universal Integrated Circuit Card.As it is shown in figure 9, include as follows Described step:
Step 901:UICC management platform receives the business termination request that the first Provider Equipment sends, described Business terminates carrying UICC mark in request and the first Provider Equipment generates according to the first business cipher key First message authentication code.
It is preferred that UICC management platform terminates request in the business receiving the first Provider Equipment transmission After, inquire about whether the UICC corresponding with UICC mark is activated, if being activated, then business being terminated please Ask and be sent to the UICC corresponding with described UICC mark, otherwise, send mistake to the first Provider Equipment and carry Show information.
Additionally, UICC management platform can also receive the business termination request that the first Provider Equipment sends Before, receive the business cancellation request that user submits to, the cancellation request of described business carry UICC mark, With UICC, UICC management platform inquiry identifies whether corresponding UICC is activated, if being activated, then to First Provider Equipment forwarding service cancels request, otherwise, sends miscue information to user.
Business is terminated request and is sent to the UICC corresponding with UICC mark by step 902:UICC management platform.
In this step, when the UICC corresponding with UICC mark is activated, UICC management platform will Business terminates request and is sent to the UICC corresponding with UICC mark.
Step 903: when the first Package authentication code check is passed through by UICC, terminates and the first Provider Equipment Carry out service interaction.
In this step, UICC can be according to the method for calibration of message authentication code of the prior art to receiving The first message authentication code verify, when the first Package authentication code check is passed through by UICC, terminate and the One Provider Equipment carries out service interaction.
Step 904: the first Provider Equipment obtains UICC and carries out business friendship at termination and the first Provider Equipment The business sent after mutually terminates performing response, and described business terminates performing to carry UICC mark in response.
It is preferred that in this step, after UICC terminates carrying out service interaction with the first Provider Equipment, Sending business to UICC management platform and terminate performing response, described business terminates performing to carry in response UICC identifies.UICC management platform, will after receiving the business termination execution response that UICC sends The UICC corresponding with UICC mark is labeled as not being activated, and business termination execution response is sent to first Provider Equipment.
By above-mentioned to step 901~the description of 904, it is possible to realize terminating Universal Integrated Circuit Card and the Service interaction between one Provider Equipment.Below in conjunction with going out two specific embodiments to universal integrated circuit The termination process of card is described in detail:
Figure 10 is the flowchart that the present invention terminates the first embodiment of Universal Integrated Circuit Card.Such as Figure 10 Shown in, the step including as described below:
Step 1001:MNO1 receives the business cancellation request that user submits to, takes in the cancellation request of described business With UICC ID.
Step 1002:MNO1 generates first Package authentication corresponding with UICC ID according to the first business cipher key Code, sends business to UICC management platform and terminates request, and described business terminates carrying UICC ID in request With the first message authentication code.
In this step, MNO1 can according to the generation method of message authentication code of the prior art, according to First message authentication code corresponding with UICC ID that first business cipher key generates.
Step 1003:UICC management platform inquires about whether the UICC corresponding with UICC ID is activated, if not It is activated, performs step 1004, otherwise, perform step 1005.
Step 1004:UICC management platform returns miscue information to MNO1, terminates to terminate generic set Become the flow process of circuit card.
Business is terminated request and is sent to the UICC corresponding with UICC ID by step 1005:UICC management platform.
Step 1006: when the first Package authentication code check is passed through by UICC, terminates carrying out industry with MNO1 Business is mutual.
Step 1007:UICC carries out the rear of service interaction in termination with MNO1 and sends out to UICC management platform Sending business to terminate performing response, described business terminates performing to carry UICC ID in response.
The UICC corresponding with UICC ID is labeled as not being activated by step 1008:UICC management platform.
Business is terminated performing response and is sent to MNO1 by step 1009:UICC management platform.
Figure 11 is the flowchart that the present invention terminates the second embodiment of Universal Integrated Circuit Card.Such as Figure 11 Shown in, the step including as described below:
Step 1101:UICC management platform receives the business cancellation request that user submits to, and described business is cancelled please UICC ID is carried in asking.
Step 1102:UICC management platform inquires about whether the UICC corresponding with UICC ID is activated, if not It is activated, performs step 1103, otherwise, perform step 1104.
Step 1103:UICC management platform returns miscue information to user, terminates to terminate general integrated electricity The flow process of an outpost of the tax office.
Business is cancelled request and is transmitted to MNO1 by step 1104:UICC management platform.
The first message mirror corresponding with UICC ID that step 1105:MNO1 generates according to the first business cipher key Other code, sends business to UICC management platform and terminates request, and described business terminates carrying UICC in request ID and the first message authentication code.
Business is terminated request and is sent to the UICC corresponding with UICC ID by step 1106:UICC management platform.
Step 1107: when the first Package authentication code check is passed through by UICC, terminates carrying out industry with MNO1 Business is mutual.
Step 1108:UICC carries out the rear of service interaction in termination with MNIO1 and sends out to UICC management platform Sending business to terminate performing response, described business terminates performing to carry UICC ID in response.
The UICC corresponding with UICC ID is labeled as not being activated by step 1109:UICC management platform.
Business is terminated performing response and is sent to MNO1 by step 1110:UICC management platform.
By the above-mentioned description to the embodiment that two terminate Universal Integrated Circuit Card, UICC manages platform Terminate UICC mark and the first Provider Equipment mark carried in request according to business, terminate general integrated electricity Service interaction between the first Provider Equipment that an outpost of the tax office is corresponding with the first Provider Equipment mark.
Figure 12 is the second flowchart that the present invention terminates Universal Integrated Circuit Card.As shown in figure 12, including Step as described below:
Step 1201: receiving the business termination request that the first Provider Equipment sends, described business terminates request In carry UICC mark and the first Package authentication of generating according to the first business cipher key of the first Provider Equipment Code.
In this step, UICC management platform receives the business termination request that the first Provider Equipment sends, institute Business of stating terminates carrying UICC mark in request and the first Provider Equipment generates according to the first business cipher key The first message authentication code.
It is preferred that UICC management platform terminates request in the business receiving the first Provider Equipment transmission After, inquire about whether the UICC corresponding with UICC mark is activated, if being activated, then business being terminated please Ask and be sent to the UICC corresponding with described UICC mark, otherwise, send mistake to the first Provider Equipment and carry Show information.
Additionally, UICC management platform can also receive the business termination request that the first Provider Equipment sends Before, receive the business cancellation request that user submits to, the cancellation request of described business carry UICC mark, With UICC, UICC management platform inquiry identifies whether corresponding UICC is activated, if being activated, then to First Provider Equipment forwarding service cancels request, otherwise, sends miscue information to user.
Step 1202: business is terminated request and is sent to the UICC corresponding with UICC mark.
In this step, business is terminated asking to be sent to identify corresponding with UICC by UICC management platform UICC。
Further, UICC management platform reception UICC carries out business friendship at termination and the first Provider Equipment The business sent after mutually terminates performing response, and described business terminates performing to carry UICC mark in response, UICC management platform, after receiving the business termination execution response that UICC sends, will identify with UICC Corresponding UICC is labeled as not being activated, and business termination execution response is sent to the first Provider Equipment.
Figure 13 is the 3rd flowchart that the present invention terminates Universal Integrated Circuit Card.As shown in figure 13, including Step as described below:
Step 1301: send business to UICC management platform and terminate request, described business terminates taking in request The first message authentication code identified with UICC and generate according to the first business cipher key.
In this step, the first Provider Equipment sends business to UICC management platform and terminates asking, described industry Business terminates carrying in request UICC mark and the first Provider Equipment generates according to the first business cipher key the One message authentication code.
Step 1302: the business obtaining UICC transmission terminates performing response, described business terminates performing response In carry UICC mark.
In this step, the first Provider Equipment acquisition UICC carries out business at termination and the first Provider Equipment The business sent after mutual terminates performing response, and described business terminates performing to carry UICC mark in response Know.
Figure 14 is the 4th flowchart that the present invention terminates Universal Integrated Circuit Card.As shown in figure 14, including Step as described below:
Step 1401: receiving the business termination request that UICC management platform sends, described business terminates request In carry UICC mark and the first Package authentication of generating according to the first business cipher key of the first Provider Equipment Code.
In this step, UICC receives the business termination request that UICC management platform sends, and described business is eventually Request only carries the first report that UICC mark and the first Provider Equipment generate according to the first business cipher key Literary composition authentication code.
Step 1402: when passing through the first Package authentication code check, terminates carrying out with the first Provider Equipment Service interaction.
In this step, UICC can be according to the method for calibration of message authentication code of the prior art to receiving The first message authentication code verify, when the first Package authentication code check is passed through by UICC, terminate and the One Provider Equipment carries out service interaction.
Step 1403: send business to the first Provider Equipment and terminate performing response, described business terminates performing Response carries UICC mark.
In this step, after UICC terminates carrying out service interaction with the first Provider Equipment, to UICC Management platform sends business and terminates performing response, and described business terminates performing to carry UICC mark in response. UICC management platform, after receiving the business termination execution response that UICC sends, will identify with UICC Corresponding UICC is labeled as not being activated, and business termination execution response is sent to the first Provider Equipment.
Further, in a particular embodiment of the present invention, use described at the first Provider Equipment and UICC After first business cipher key carries out service interaction, it is also possible to include the reality of Universal Integrated Circuit Card switch operators Existing flow process, Figure 15 is the first flowchart of Universal Integrated Circuit Card switch operators of the present invention.Such as Figure 15 Shown in, the step including as described below:
Step 1501:UICC management platform receives operator's handover request, in described operator handover request Carry UICC mark and the second Provider Equipment mark.
In this step, UICC management platform can receive operator's handover request to use the following two kinds mode:
First kind of way, the second Provider Equipment MNO2 that user's application switches to receives the fortune that user submits to Battalion's business's handover request, carries UICC mark in the handover request of described operator;Second Provider Equipment to UICC management platform sends business handover request, carries UICC mark and the in described business handover request The second Provider Equipment mark that two Provider Equipment pre-save.
The second way, UICC management platform directly receives operator's handover request that user submits to, described fortune Battalion's business's handover request carries UICC mark and the second Provider Equipment mark.
Step 1502: when the first Provider Equipment allows the UICC switch operators corresponding with UICC mark During equipment, UICC management platform sends to the second Provider Equipment corresponding with the second Provider Equipment mark UICC certificate, carries UICC mark and UICC PKI in described UICC certificate.
In this step, UICC management platform identifies according to UICC, inquires about the UICC corresponding with UICC mark The Provider Equipment mark of current home, UICC management platform is current to the UICC corresponding with UICC mark First Provider Equipment of ownership forwards operator's handover request, and the first Provider Equipment manages platform to UICC Return operator handoff response, UICC management platform receive permission that the first Provider Equipment sends with After operator's handoff response of the UICC switch operators that UICC mark is corresponding, set to the second operator The second Provider Equipment transmission UICC certificate that standby mark is corresponding, carries UICC in described UICC certificate Mark and UICC PKI.
Step 1503: when UICC certification authentication is passed through by the second Provider Equipment, raw according to presetting method Become second business cipher key corresponding with UICC mark, use UICC PKI that the second business cipher key is encrypted, The second business cipher key after the encryption corresponding with UICC mark is sent to UICC and manages platform.
In this step, the second Provider Equipment is receiving identifying with UICC of UICC management platform transmission After corresponding UICC certificate, the UICC certificate received is verified, when the second Provider Equipment pair When UICC certification authentication is passed through, generate corresponding with UICC mark according to key generation method of the prior art The second business cipher key, use UICC PKI the second business cipher key is encrypted, second Provider Equipment will Second business cipher key encryption after corresponding with UICC mark is sent to UICC and manages platform.
The second business cipher key after the encryption corresponding with UICC mark is sent out by step 1504:UICC management platform Give the first Provider Equipment, receive what the first Provider Equipment generated according to the second business cipher key after encryption Second message authentication code corresponding with UICC mark.
In this step, UICC management platform is receiving identifying with UICC of the second Provider Equipment transmission After corresponding the second business cipher key after encryption, the second business cipher key after described encryption is sent to first Provider Equipment, the first Provider Equipment generates according to the second business cipher key after described encryption and identifies with UICC The second corresponding message authentication code, is sent to the second message authentication code UICC and manages platform.
The second business cipher key after encryption and the second message authentication code are sent by step 1505:UICC management platform Give the UICC corresponding with UICC mark.
Step 1506: when UICC to second message authentication code verification by time, use UICC private key to adding The second business cipher key after close is decrypted, and obtains the second business cipher key.
Step 1507: the second Provider Equipment obtains what UICC sent after getting the second business cipher key Operator's switching performs response, and the switching of described operator performs to carry UICC mark in response.
Step 1508: the second Provider Equipment and UICC use the second business cipher key to carry out service interaction.
By above-mentioned to step 1501~the description of 1508, it is possible to realize Universal Integrated Circuit Card from first Provider Equipment is switched to the second Provider Equipment.Below in conjunction with going out two specific embodiments to general integrated The flow process of circuit card switch operators is described in detail:
Figure 16 is the flowchart of the first embodiment of Universal Integrated Circuit Card switch operators of the present invention.As Shown in Figure 16, the step including as described below:
Step 1601: the second Provider Equipment MNO2 receives operator's handover request that user submits to, described Operator's handover request carries UICC ID.
Step 1602:MNO2 forwards operator's handover request to UICC management platform, and described operator cuts Change and application carries UICC ID and the second operator identifier.
The operator of the UICC current home that the management platform inquiry of step 1603:UICC is corresponding with UICC ID Device identification.
Step 1604:UICC management platform sets to the operator of the UICC current home corresponding with UICC ID Standby MNO1 forwards operator's handover request.
Step 1605:MNO1 returns operator's handoff response to UICC management platform.
In this step, described operator handoff response can be carried MNO1 permission right with UICC mark The information of the UICC switch operators equipment answered, it is also possible to carry MNO1 do not allow with UICC mark right The information of the UICC switch operators equipment answered.
Step 1606: when MNO1 allows the UICC switch operators equipment corresponding with UICC ID, UICC Management platform sends the UICC certificate corresponding with UICC ID pre-saved, described UICC to MNO2 Certificate carries UICC ID and UICC PKI PubUICCkey
Step 1607: when UICC certification authentication is passed through by MNO2, generates and UICC according to presetting method The second corresponding for ID business cipher key AUICCkey2, and use PubUICCkeyTo AUICCkey2It is encrypted.
Step 1608:MNO2 after UICC management platform sends the encryption corresponding with UICC ID second Business cipher key [AUICCkey2]PubUICCkey
Step 1609:UICC management platform is by [AUICCkey2]PubUICCkeyIt is sent to MNO1.
Step 1610:MNO1 is according to [AUICCkey2]PubUICCkeyGenerate the second message authentication code.
Second message authentication code is sent to UICC and manages platform by step 1611:MNO1.
Step 1612:UICC management platform sends to the UICC corresponding with UICC ID [AUICCkey2]PubUICCkeyWith the second message authentication code.
Step 1613: when UICC to second message authentication code verification by time, use UICC private key PriUICCkey To [AUICCkey2]PubUICCkeyIt is decrypted, it is thus achieved that the second business cipher key AUICCkey2
Step 1614:UICC is getting AUICCkey2Backward UICC management platform return operator switching Performing response, the switching of described operator performs to carry UICC ID in response.
The Provider Equipment of this UICC current home is revised as MNO2 by step 1615:UICC management platform.
Step 1616:UICC management platform returns operator's switching to MNO1 and performs response;
Step 1617:UICC management platform returns operator's switching to MNO2 and performs response.
Step 1618:MNO2 and UICC use the second business cipher key AUICCkey2 to carry out service interaction.
Figure 17 is the flowchart of the second embodiment of Universal Integrated Circuit Card switch operators of the present invention.As Shown in Figure 17, the step including as described below:
Step 1701:UICC management platform receives operator's handover request that user submits to, and described operator cuts Change and request carries UICC ID and the second Provider Equipment mark.
The operator of the UICC current home that the management platform inquiry of step 1702:UICC is corresponding with UICC ID Device identification.
Step 1703:UICC management platform sets to the operator of the UICC current home corresponding with UICC ID Standby MNO1 forwards the handover request of described operator.
Step 1704:MNO1 returns operator's handoff response to UICC management platform.
Step 1705: when MNO1 allows the UICC switch operators equipment corresponding with UICC mark, UICC management platform sends the UICC certificate corresponding with UICC ID pre-saved to MNO2, described UICC certificate carries UICC ID and UICC PKI PubUICCkey
Step 1706: when UICC certification authentication is passed through by MNO2, generates and UICC according to presetting method The second corresponding for ID business cipher key AUICCkey2, and use PubUICCkeyTo AUICCkey2It is encrypted.
Step 1707:MNO2 after UICC management platform sends the encryption corresponding with UICC ID second Business cipher key [AUICCkey2]PubUICCkey
Step 1708:UICC management platform is by [AUICCkey2]PubUICCkeyIt is sent to MNO1.
Step 1709:MNO1 is according to [AUICCkey2]PubUICCkeyGenerate the second message authentication code.
Second message authentication code is sent to UICC and manages platform by step 1710:MNO1.
Step 1711:UICC management platform sends to the UICC corresponding with UICC ID [AUICCkey2]PubUICCkeyWith the second message authentication code.
Step 1712: when UICC to second message authentication code verification by time, use UICC private key PriUICCkey To [AUICCkey2]PubUICCkeyIt is decrypted, it is thus achieved that the second business cipher key AUICCkey2
Step 1713:UICC is getting AUICCkey2Backward UICC management platform return operator switching Performing response, the switching of described operator performs to carry UICC ID in response.
The Provider Equipment of this UICC current home is revised as MNO2 by step 1714:UICC management platform.
Step 1715:UICC management platform returns operator's switching to MNO1 and performs response;
Step 1716:UICC management platform returns operator's switching to MNO2 and performs response.
Step 1717:MNO2 and UICC use the second business cipher key AUICCkey2 to carry out service interaction.
Figure 18 is the second flowchart of Universal Integrated Circuit Card switch operators of the present invention.As shown in figure 18, Step including as described below:
Step 1801: receive operator's handover request, carries UICC mark in described operator handover request Know and the second Provider Equipment mark.
In this step, UICC management platform receives operator's handover request, in described operator handover request Carry UICC mark and the second Provider Equipment mark.
Further, UICC management platform can receive operator's handover request to use the following two kinds mode:
First kind of way, the second Provider Equipment MNO2 that user's application switches to receives the fortune that user submits to Battalion's business's handover request, carries UICC mark in the handover request of described operator;Second Provider Equipment to UICC management platform sends business handover request, carries UICC mark and the in described business handover request The second Provider Equipment mark that two Provider Equipment pre-save.
The second way, UICC management platform directly receives operator's handover request that user submits to, described fortune Battalion's business's handover request carries UICC mark and the second Provider Equipment mark.
Step 1802: when the first Provider Equipment allows the UICC switch operators corresponding with UICC mark During equipment, send UICC certificate to the second Provider Equipment corresponding with the second Provider Equipment mark, described UICC certificate carries UICC mark and UICC PKI.
In this step, the UICC switch operators corresponding with UICC mark is allowed when the first Provider Equipment During equipment, UICC management platform sends to the second Provider Equipment corresponding with the second Provider Equipment mark UICC certificate, carries UICC mark and UICC PKI in described UICC certificate.
Step 1803: receive second after the encryption corresponding with UICC mark that the second Provider Equipment sends Business cipher key, and the second business cipher key after the encryption corresponding with described UICC mark is sent to described first Provider Equipment.
In this step, UICC management platform receives the corresponding with UICC mark of the second Provider Equipment transmission Encryption after the second business cipher key, and will encryption after the second business cipher key be sent to the first Provider Equipment. First Provider Equipment generates second message corresponding with UICC mark according to the second business cipher key after encryption Authentication code, is sent to the second message authentication code UICC and manages platform.
Step 1804: receive the first Provider Equipment generates and UICC according to the second business cipher key after encryption The second message authentication code that mark is corresponding.
In this step, UICC management platform receive the first Provider Equipment according to encryption after the second business close Second message authentication code corresponding with UICC mark that key generates.
Step 1805: be sent to the second business cipher key after encryption and the second message authentication code mark with UICC Know corresponding UICC.
In this step, the second business cipher key after encryption and the second message authentication code are sent out by UICC management platform Give the UICC corresponding with UICC mark.
Figure 19 is the 3rd flowchart of Universal Integrated Circuit Card switch operators of the present invention.As shown in figure 19, Step including as described below:
Step 1901: receive second after the encryption corresponding with UICC mark that UICC management platform sends Business cipher key.
In this step, the first Provider Equipment receives the corresponding with UICC mark of UICC management platform transmission Encryption after the second business cipher key.
Step 1902: to UICC management platform send according to encryption after second business cipher key generate with The second message authentication code that UICC mark is corresponding.
In this step, first Provider Equipment the second business after UICC management platform sends according to encryption Second message authentication code corresponding with UICC mark that key generates.
Figure 20 is the 4th flowchart of Universal Integrated Circuit Card switch operators of the present invention.As shown in figure 20, Step including as described below:
Step 2001: receive the second business cipher key after the encryption that UICC management platform sends and the second message Authentication code.
In this step, the second business cipher key and the after UICC receives the encryption that UICC management platform sends Two message authentication codes.
Step 2002: when to the second message authentication code verification by time, use after UICC private key pair encryption Second business cipher key is decrypted, and obtains the second business cipher key.
In this step, when UICC when to second message authentication code verification by time, use UICC private key pair The second business cipher key after encryption is decrypted, and obtains the second business cipher key.
Step 2003: sending operator's switching to the second Provider Equipment and perform response, described operator switches Perform response carries UICC mark.
In this step, UICC, after getting the second business cipher key, sends fortune to the second Provider Equipment Battalion business switches and performs response, and the switching of described operator carries UICC in performing to respond and identifies.
Step 2004: use the second business cipher key and the second Provider Equipment to carry out service interaction.
In this step, UICC uses the second business cipher key and the second Provider Equipment to carry out service interaction.
The data configuration method of the Universal Integrated Circuit Card that the present invention proposes, UICC management platform is opened according to business The UICC mark carried in logical request and the first Provider Equipment mark, obtain what the first Provider Equipment generated With the first business cipher key after UICC encryption corresponding to mark, UICC after getting described encryption first Use the first business cipher key after the UICC private key pair encryption pre-saved to be decrypted after business cipher key, make The first business cipher key and the first Provider Equipment with obtaining after deciphering carry out service interaction.Owing to user sends Service fulfillment request in carry first Provider Equipment mark, UICC management platform according to described first fortune Battalion's business's device identification is that Universal Integrated Circuit Card opens first operator corresponding with the first Provider Equipment mark Service interaction between equipment, therefore operator can be neatly to the operation quotient in Universal Integrated Circuit Card According to dynamically configuring, it is not necessary to M2M terminal needs to be customized exploitation according to operator in process of production, Therefore the data configuration method of the Universal Integrated Circuit Card that the present invention proposes, solves M2M in prior art whole The technical problem that end can only communicate with predetermined operator, expands the range of M2M terminal;Separately Outward, the method for the invention implements simple and convenient, it is simple to universal.
Figure 21 is the structural representation of Universal Integrated Circuit Card of the present invention management platform.As shown in figure 21, including: First receives unit 2101 and the first transmitting element 2102;
Described first receives unit 2101, is used for receiving service fulfillment request, takes in the request of described service fulfillment With Universal Integrated Circuit Card UICC mark and the first Provider Equipment mark, the request of described service fulfillment is sent out Give described first transmitting element 2102;
Described first transmitting element 2102, for first fortune corresponding with described first Provider Equipment mark Battalion's business's equipment sends the UICC certificate corresponding with described UICC mark pre-saved, described UICC certificate In carry described UICC mark and UICC PKI;
Described first receives unit 2101, is additionally operable to receive that described first Provider Equipment sends with described The first business cipher key after the encryption that UICC mark is corresponding, is sent to the first business cipher key after described encryption Described first transmitting element 2102.
Described first transmitting element 2102, the first business cipher key after being additionally operable to described encryption is sent to and institute State the UICC that UICC mark is corresponding.
Further, described first receives unit 2101, sends out specifically for receiving described first Provider Equipment The described service fulfillment request sent, carries described UICC mark and described first in the request of described service fulfillment The described first Provider Equipment mark that Provider Equipment pre-saves;
Or, receive the service fulfillment request that user sends, the request of described service fulfillment carry described UICC mark and described first Provider Equipment mark.
Further, described Universal Integrated Circuit Card management platform also includes: query unit 2103;
Described query unit 2103, whether the UICC corresponding with described UICC mark for inquiry is activated, If not being activated, then send described UICC certificate, otherwise, to described first to described first Provider Equipment Provider Equipment sends miscue information.
Further, described Universal Integrated Circuit Card management platform also includes: indexing unit 2104;
Described first receives unit 2101, is additionally operable to receive described UICC to get described first business close The service fulfillment sent after key performs response, carries described UICC mark in the response of described service fulfillment, The execution response of described service fulfillment is sent to described indexing unit 2104 and described first transmitting element 2102;
Described indexing unit 2104, for being labeled as being swashed by the UICC corresponding with described UICC mark Live;
Described first transmitting element 2102, is additionally operable to the execution response of described service fulfillment is sent to described first Provider Equipment.
Further, described Universal Integrated Circuit Card management platform also includes: the first memory cell 2105;
Described first receives unit 2101, is additionally operable to receive the UICC card sheet letter that UICC vendor equipment sends Breath, carries described UICC mark and described UICC PKI, by described in described UICC card sheet information UICC card sheet information is sent to described first transmitting element 2102;
Described first transmitting element 2102, is additionally operable to described UICC card sheet information is sent to authentication center;
Described first receives unit 2101, is additionally operable to when described UICC card sheet information is recognized by described authentication center Demonstrate,prove by time, receive described authentication center return described UICC certificate, described UICC certificate carries Described UICC mark and described UICC PKI, be sent to described first memory cell by described UICC certificate 2105;
Described first memory cell 2105, for preserving the described UICC card corresponding with described UICC mark Book.
Further, described first receives unit 2101, is additionally operable to receive described first Provider Equipment and sends Business terminate request, described business terminate request in carry described UICC mark and with described first operation The first message authentication code that business's equipment generates according to described first business cipher key, terminates request by described business and sends out Give described first transmitting element 2102;
Described first transmitting element 2102, is additionally operable to be sent to and described UICC the termination request of described business The UICC that mark is corresponding.
Further, described query unit 2103, it is additionally operable to inquire about the UICC corresponding with described UICC mark Whether being activated, if being activated, then the termination request of described business being sent to corresponding with described UICC mark UICC, otherwise, to described first Provider Equipment send miscue information.
Further, described first receives unit 2101, is additionally operable to receive the business cancellation request that user submits to, Described business cancel request in carry described UICC mark, by described business cancellation request be sent to described in look into Ask unit 2103;
Described query unit 2103, is additionally operable to inquire about whether the UICC corresponding with described UICC mark is swashed Live, if being activated, then forward described business to cancel to described first Provider Equipment and ask, otherwise, to Described user sends miscue information.
Further, described first receives unit 2101, is additionally operable to receive described UICC and is terminating with described The described business that first Provider Equipment sends after carrying out service interaction terminates performing response, and described business is eventually Only perform response carries described UICC mark, described business is terminated performs response and is sent to described mark Unit 2104 and described first transmitting element 2102;
Described indexing unit 2104, be additionally operable to by be labeled as with described UICC UICC corresponding to mark not by Activate;
Described first transmitting element 2102, is additionally operable to that described business terminates perform response and is sent to described first Provider Equipment.
Further, described first receives unit 2101, is additionally operable to receive operator's handover request, described fortune Battalion's business's handover request carries described UICC mark and the second Provider Equipment mark, described operator is cut The request of changing is sent to described first transmitting element 2102;
Described first transmitting element 2102, is additionally operable to when described first Provider Equipment allows and described UICC When identifying corresponding UICC switch operators equipment, to corresponding with described second Provider Equipment mark second Provider Equipment sends described UICC certificate, carries described UICC mark and institute in described UICC certificate State UICC PKI;
Described first receives unit 2101, is additionally operable to receive that described second Provider Equipment sends with described The second business cipher key after the encryption that UICC mark is corresponding, is sent to the second business cipher key after described encryption Described first transmitting element 2102;
Described first transmitting element 2102, the second business cipher key after being additionally operable to described encryption is sent to described First Provider Equipment;
Described first receives unit 2101, be additionally operable to receive described first Provider Equipment according to described encryption after The second business cipher key generate with described UICC the second message authentication code corresponding to mark, by described Secondary Report Literary composition authentication code is sent to described first transmitting element 2102;
Described first transmitting element 2102, the second business cipher key after being additionally operable to described encryption and described second Message authentication code is sent to the UICC corresponding with described UICC mark.
Further, described first receives unit 2101, sends out specifically for receiving described second Provider Equipment The described operator handover request sent, carries described UICC mark with described in described operator handover request Second Provider Equipment mark;
Or, receive the described operator handover request that user submits to, described operator handover request carry Described UICC mark and described second Provider Equipment mark.
Figure 22 is the structural representation of the present invention the first Provider Equipment.As shown in figure 22, including: second connects Receive unit 2201, business cipher key signal generating unit the 2202, second transmitting element 2203 and the first service interaction list Unit 2204;
Described second receives unit 2201, for receiving what Universal Integrated Circuit Card UICC management platform sent UICC certificate, carries UICC mark and UICC PKI, by described UICC in described UICC certificate Certificate is sent to described business cipher key signal generating unit 2202;
Described business cipher key signal generating unit 2202, for testing described UICC certificate when the first Provider Equipment Demonstrate,prove by time, generate and described UICC the first business cipher key corresponding to mark according to presetting method, use described in Described first business cipher key is encrypted by UICC PKI, and described first business cipher key is sent to the first business Interactive unit 2204, is sent to described second transmitting element 2203 by the first business cipher key after encryption;
Described second transmitting element 2203, for being sent to the first business cipher key after encryption and described UICC The UICC that mark is corresponding;
Described second receives unit 2201, is additionally operable to obtain described UICC to get described first business close The service fulfillment sent after key performs response, and described service fulfillment performs to carry described UICC in response The described UICC mark pre-saved;
Described first service interaction unit 2204, is used for using described first business cipher key and described UICC to enter Row service interaction.
Further, described second receives unit 2201, is additionally operable to receive the business application request that user submits to, Described business application request carries described UICC mark, described business application request is sent to described the Two transmitting elements 2203;
Described second transmitting element 2203, is additionally operable to send described service fulfillment to described UICC management platform Request, carries described UICC mark in the request of described service fulfillment and described first Provider Equipment is protected in advance The described first Provider Equipment mark deposited.
Further, described second transmitting element 2203, it is additionally operable to send industry to described UICC management platform Business terminates request, and described business terminates carrying described UICC mark and described first Provider Equipment in request The first message authentication code generated according to described first business cipher key;
Described second receives unit 2201, is additionally operable to obtain described UICC and is terminating and described first operator The business that equipment sends after carrying out service interaction terminates performing response, and described business terminates performing to take in response Identify with described UICC.
Further, described second receives unit 2201, is additionally operable to receive described UICC management platform and sends With the second business cipher key after described UICC encryption corresponding to mark;
Described second transmitting element 2203, is additionally operable to send according to described encryption to described UICC management platform After the second business cipher key generate with described UICC the second message authentication code corresponding to mark.
Figure 23 is the structural representation of Universal Integrated Circuit Card of the present invention.As shown in figure 23, including: the 3rd connects Receive unit 2301, decryption unit the 2302, the 3rd transmitting element 2303 and the second service interaction unit 2304;
Described 3rd receives unit 2301, for receiving what Universal Integrated Circuit Card UICC management platform sent The first business cipher key after encryption, is sent to described decryption unit by the first business cipher key after described encryption 2302;
Described decryption unit 2302, for using the UICC private key corresponding with UICC PKI pre-saved The first business cipher key after described encryption is decrypted, obtains the first business cipher key, by described first business Key is sent to the second service interaction unit 2304, and sends one first to described 3rd transmitting element 2303 Send instruction;
Described 3rd transmitting element 2303, for after receiving described first and sending instruction, to the first fortune Battalion's business's equipment sends service fulfillment and performs response, and the execution of described service fulfillment carries in responding and to pre-save UICC identifies;
Described second service interaction unit 2304, is used for using described first business cipher key and described first operation Business's equipment carries out service interaction.
Further, described Universal Integrated Circuit Card also includes: public private key pair signal generating unit 2305 and second is deposited Storage unit 2306;
Described 3rd receives unit 2301, is additionally operable to receive the key request that UICC vendor equipment sends, will Described key request is sent to described public private key pair signal generating unit 2305;
Described public private key pair signal generating unit 2305, for stochastic generation UICC public private key pair, by described UICC PKI is sent to the 3rd transmitting element 2303, and described UICC private key is sent to described second memory cell 2306;
Described 3rd transmitting element 2303, is additionally operable to described UICC PKI is sent to described UICC manufacturer Equipment;
Described second memory cell 2306, is used for preserving described UICC private key.
Further, Universal Integrated Circuit Card also includes: business terminates unit 2307;
Described 3rd receives unit 2301, is additionally operable to receive the business termination that described UICC management platform sends Request, described business terminates carrying described UICC mark and described first Provider Equipment in request according to institute State the first message authentication code that the first business cipher key generates, the termination request of described business is sent to described business Terminate unit 2307 and described 3rd transmitting element 2303;
Described business terminates unit 2307, for when passing through described first Package authentication code check, terminates Carry out service interaction with described first Provider Equipment, send one second to described 3rd transmitting element 2303 Send instruction;
Described 3rd transmitting element 2303, is additionally operable to after receiving described second and sending instruction, to first Provider Equipment sends business and terminates performing response, and described business terminates performing to carry described UICC in response Mark.
Further, the described 3rd receives unit 2301, is additionally operable to receive described UICC management platform and sends With the second business cipher key after described UICC encryption corresponding to mark and the second message authentication code, add described The second business cipher key after close is sent to described decryption unit 2302;
Described decryption unit 2302, be additionally operable to when to described second message authentication code verification by time, use institute State UICC private key the second business cipher key after described encryption is decrypted, obtain described second business cipher key, Described second business cipher key is sent to described second service interaction unit 2304, and sends to the described 3rd single Unit 2303 sends one the 3rd and sends instruction;
Described 3rd transmitting element 2303, is additionally operable to after receiving the described 3rd and sending instruction, to described Second Provider Equipment sends operator's switching and performs response, and the switching of described operator performs to carry in response Described UICC identifies;
Described second service interaction unit 2304, is used for using described second business cipher key and described second operation Business's equipment carries out service interaction.
Figure 24 is the structural representation of user terminal of the present invention.As shown in figure 24, including the 3rd memory cell 2401 and Universal Integrated Circuit Card UICC2402;
Described 3rd memory cell 2401, is used for storing described UICC2402;
Described UICC2402, the first business cipher key after receiving the encryption that UICC management platform sends; Use the UICC private key corresponding with UICC PKI pre-saved that the first business cipher key after described encryption is entered Row deciphering, obtains the first business cipher key;Send service fulfillment to the first Provider Equipment and perform response, described Service fulfillment performs to carry the UICC mark pre-saved in response;Use described first business cipher key and institute State the first Provider Equipment and carry out service interaction.
The data configuration device of the Universal Integrated Circuit Card that the present invention proposes, UICC management platform is opened according to business The UICC mark carried in logical request and the first Provider Equipment mark, obtain what the first Provider Equipment generated With the first business cipher key after UICC encryption corresponding to mark, UICC after getting described encryption first Use the first business cipher key after the UICC private key pair encryption pre-saved to be decrypted after business cipher key, make The first business cipher key and the first Provider Equipment with obtaining after deciphering carry out service interaction.Owing to user sends Service fulfillment request in carry first Provider Equipment mark, UICC management platform according to described first fortune Battalion's business's device identification is that Universal Integrated Circuit Card opens first operator corresponding with the first Provider Equipment mark Service interaction between equipment, therefore operator can be neatly to the operation quotient in Universal Integrated Circuit Card According to dynamically configuring, it is not necessary to M2M terminal needs to be customized exploitation according to operator in process of production, Therefore the data configuration device of the Universal Integrated Circuit Card that the present invention proposes, solves M2M in prior art whole The technical problem that end can only communicate with predetermined operator, expands the range of M2M terminal;Separately Outward, the method for the invention implements simple and convenient, it is simple to universal.
Figure 25 is the data collocation system structural representation of Universal Integrated Circuit Card of the present invention.As shown in figure 25, Including: Universal Integrated Circuit Card UICC manages platform the 2501, first Provider Equipment 2502 and UICC2503;
Described UICC manages platform 2501, is used for receiving service fulfillment request, in the request of described service fulfillment Carry UICC mark and the first Provider Equipment mark, to corresponding with described first Provider Equipment mark First Provider Equipment 2502 sends the UICC certificate corresponding with described UICC mark pre-saved, institute State and UICC certificate carries described UICC mark and the UICC PKI corresponding with described UICC mark; Receive the first industry after the encryption corresponding with described UICC mark that described first Provider Equipment 2502 sends Business key, and the first business cipher key after described encryption is sent to corresponding with described UICC mark UICC2503;
Described first Provider Equipment 2502, for receiving the UICC card that UICC management platform 2501 sends Book, carries described UICC mark and described UICC PKI in described UICC certificate;When to described UICC When certification authentication is passed through, generate first business cipher key corresponding with described UICC mark according to presetting method, make With described UICC PKI, described first business cipher key is encrypted, and manages platform by described UICC The first business cipher key after encryption is sent to the UICC2503 corresponding with described UICC mark by 2501;Obtain The service fulfillment that described UICC2503 sends after getting described first business cipher key performs response, described Service fulfillment performs to carry the described UICC mark that described UICC pre-saves in response;Use described One business cipher key and described UICC2503 carry out service interaction;
Described UICC2503, first after receiving the described encryption that UICC management platform 2501 sends Business cipher key;After using the UICC private key corresponding with described UICC PKI pre-saved to described encryption First business cipher key is decrypted, and obtains described first business cipher key;To described first Provider Equipment 2502 Sending service fulfillment and perform response, described service fulfillment performs to carry the UICC mark pre-saved in response Know;Described first business cipher key and described first Provider Equipment 2502 is used to carry out service interaction.
The data collocation system of the Universal Integrated Circuit Card that the present invention proposes, UICC management platform is opened according to business The UICC mark carried in logical request and the first Provider Equipment mark, obtain what the first Provider Equipment generated With the first business cipher key after UICC encryption corresponding to mark, UICC after getting described encryption first Use the first business cipher key after the UICC private key pair encryption pre-saved to be decrypted after business cipher key, make The first business cipher key and the first Provider Equipment with obtaining after deciphering carry out service interaction.Owing to user sends Service fulfillment request in carry first Provider Equipment mark, UICC management platform according to described first fortune Battalion's business's device identification is that Universal Integrated Circuit Card opens first operator corresponding with the first Provider Equipment mark Service interaction between equipment, therefore operator can be neatly to the operation quotient in Universal Integrated Circuit Card According to dynamically configuring, it is not necessary to M2M terminal needs to be customized exploitation according to operator in process of production, Therefore the data collocation system of the Universal Integrated Circuit Card that the present invention proposes, solves M2M in prior art whole The technical problem that end can only communicate with predetermined operator, expands the range of M2M terminal;Separately Outward, the method for the invention implements simple and convenient, it is simple to universal.
The specific works flow process of Figure 12 and 13 shown device embodiments refer in embodiment of the method shown in Fig. 1 Respective description, repeats no more.
The foregoing is only presently preferred embodiments of the present invention, not in order to limit the present invention, all in the present invention Spirit and principle within, any modification, equivalent substitution and improvement etc. done, should be included in the present invention Within the scope of protection.

Claims (32)

1. the data configuration method of a Universal Integrated Circuit Card, it is characterised in that including:
Reception service fulfillment is asked, and carries Universal Integrated Circuit Card UICC mark in the request of described service fulfillment With the first Provider Equipment mark;
Pre-save to the first Provider Equipment transmission corresponding with described first Provider Equipment mark with institute State the UICC certificate that UICC mark is corresponding, described UICC certificate carries described UICC mark and UICC PKI;
Receive the first industry after the encryption corresponding with described UICC mark that described first Provider Equipment sends Business key, and the first business cipher key after described encryption is sent to the UICC corresponding with described UICC mark; Wherein, the first business cipher key after described encryption is that the first business cipher key uses described UICC public key encryption to generate 's.
Method the most according to claim 1, it is characterised in that described reception service fulfillment is asked, bag Include:
Receive the described service fulfillment request that described first Provider Equipment sends, the request of described service fulfillment is taken The described first Provider Equipment mark pre-saved with described UICC mark and described first Provider Equipment Know;
Or, receive the described service fulfillment request that user sends, the request of described service fulfillment carry described UICC mark and described first Provider Equipment mark.
Method the most according to claim 1, it is characterised in that described to described first operator First Provider Equipment corresponding to device identification send pre-save with described UICC UICC corresponding to mark Before certificate, also include:
With described UICC, inquiry identifies whether corresponding UICC is activated, if not being activated, then to described the One Provider Equipment sends described UICC certificate, otherwise, sends miscue to described first Provider Equipment Information.
Method the most according to claim 1, it is characterised in that described by first after described encryption After business cipher key is sent to the UICC corresponding with described UICC mark, also include:
Receive the service fulfillment that described UICC sends after getting the first business cipher key and perform response, described Service fulfillment performs to carry described UICC mark in response;
It is labeled as being activated by the UICC corresponding with described UICC mark;
The execution response of described service fulfillment is sent to described first Provider Equipment.
Method the most according to claim 1, it is characterised in that ask it at described reception service fulfillment Before, also include:
Receive the UICC card sheet information that UICC vendor equipment sends, described UICC card sheet information carries Described UICC mark and UICC PKI;
Described UICC card sheet information is sent to authentication center;
When described UICC card sheet authentification of message is passed through by described authentication center, receive described authentication center and return Described UICC certificate, described UICC certificate carries described UICC mark and described UICC PKI;
Preserve the described UICC certificate corresponding with described UICC mark.
Method the most according to claim 1, it is characterised in that described by first after described encryption After business cipher key is sent to the UICC corresponding with described UICC mark, also include:
Receiving the business termination request that described first Provider Equipment sends, described business terminates carrying in request The first message that described UICC mark and described first Provider Equipment generate according to described first business cipher key Authentication code;
Described business is terminated request and is sent to the UICC corresponding with described UICC mark.
Method the most according to claim 6, it is characterised in that described business is terminated request described Before being sent to the UICC corresponding with described UICC mark, also include:
Inquire about whether the UICC corresponding with described UICC mark is activated, if being activated, then by described industry Business terminates request and is sent to the UICC corresponding with described UICC mark, otherwise, sets to described first operator Preparation send miscue information.
Method the most according to claim 6, it is characterised in that in described first operator of described reception Before the business that equipment sends terminates request, also include:
Receive the business cancellation request that user submits to, the cancellation request of described business carries described UICC mark Know;
With described UICC, inquiry identifies whether corresponding UICC is activated, if being activated, then to described the One Provider Equipment forwards described business to cancel request, otherwise, sends miscue information to described user.
Method the most according to claim 6, it is characterised in that described business is terminated request described After being sent to the UICC corresponding with described UICC mark, also include:
Receive the institute that described UICC sends after termination and described first Provider Equipment carry out service interaction Business of stating terminates performing response, and described business terminates performing to carry described UICC mark in response;
It is labeled as not being activated by the UICC corresponding with described UICC mark;
Described business is terminated performs response and is sent to described first Provider Equipment.
Method the most according to claim 1, it is characterised in that described by first after described encryption After business cipher key is sent to the UICC corresponding with described UICC mark, also include:
Receive operator's handover request, described operator handover request carries described UICC mark and second Provider Equipment identifies;
When described first Provider Equipment allows the UICC switch operators equipment corresponding with described UICC mark Time, send described UICC certificate to the second Provider Equipment corresponding with described second Provider Equipment mark, Described UICC certificate carries described UICC mark and described UICC PKI;
Receive the second industry after the encryption corresponding with described UICC mark that described second Provider Equipment sends Business key, and the second business cipher key after the encryption corresponding with described UICC mark is sent to described first fortune Battalion's business's equipment;
Receive described first Provider Equipment according to after described encryption second business cipher key generate with described The second message authentication code that UICC mark is corresponding;
The second business cipher key after described encryption and described second message authentication code are sent to and described UICC The UICC that mark is corresponding.
11. methods according to claim 10, it is characterised in that described reception operator handover request, Including:
Receive the described operator handover request that described second Provider Equipment sends, described operator handover request In carry described UICC mark and described second Provider Equipment mark;
Or, receive the described operator handover request that user submits to, described operator handover request carry Described UICC mark and described second Provider Equipment mark.
12. 1 kinds of Universal Integrated Circuit Cards management platforms, it is characterised in that including: first receives unit and the One transmitting element;
Described first receives unit, is used for receiving service fulfillment request, carries logical in the request of described service fulfillment By integrated circuit card UICC mark and the first Provider Equipment mark, the request of described service fulfillment is sent to institute State the first transmitting element;
Described first transmitting element, for setting to the first operator corresponding with described first Provider Equipment mark Preparation send the UICC certificate corresponding with described UICC mark pre-saved, and carries in described UICC certificate There are described UICC mark and UICC PKI;
Described first receives unit, is additionally operable to receive marking with described UICC of described first Provider Equipment transmission Know the first business cipher key after corresponding encryption, the first business cipher key after described encryption is sent to described the One transmitting element;Wherein, the first business cipher key after described encryption is that the first business cipher key uses described UICC Public key encryption generates;
Described first transmitting element, the first business cipher key after being additionally operable to described encryption is sent to described The UICC that UICC mark is corresponding.
13. Universal Integrated Circuit Card according to claim 12 management platforms, it is characterised in that described First receives unit, specifically for receiving the described service fulfillment request that described first Provider Equipment sends, The request of described service fulfillment carries described UICC mark and described first Provider Equipment pre-saves Described first Provider Equipment mark;
Or, receive the described service fulfillment request that user sends, the request of described service fulfillment carry described UICC mark and described first Provider Equipment mark.
14. Universal Integrated Circuit Card according to claim 12 management platforms, it is characterised in that also wrap Include: query unit;
Described query unit, whether the UICC corresponding with described UICC mark for inquiry is activated, if not It is activated, then sends described UICC certificate to described first Provider Equipment, otherwise, to described first operation Business's equipment sends miscue information.
15. Universal Integrated Circuit Card according to claim 14 management platforms, it is characterised in that also wrap Include: indexing unit;
Described first receives unit, is additionally operable to receive described UICC and sends after getting the first business cipher key Service fulfillment perform response, the response of described service fulfillment carries described UICC mark, by described business Open execution response and be sent to described indexing unit and described first transmitting element;
Described indexing unit, for being labeled as being activated by the UICC corresponding with described UICC mark;
Described first transmitting element, is additionally operable to the execution response of described service fulfillment is sent to described first operator Equipment.
16. Universal Integrated Circuit Card according to claim 12 management platforms, it is characterised in that also wrap Include: the first memory cell;
Described first receives unit, is additionally operable to receive the UICC card sheet information that UICC vendor equipment sends, institute State and UICC card sheet information carries described UICC mark and described UICC PKI, by described UICC card Sheet information is sent to described first transmitting element;
Described first transmitting element, is additionally operable to described UICC card sheet information is sent to authentication center;
Described first receives unit, is additionally operable to when described UICC card sheet authentification of message is passed through by described authentication center Time, receive the described UICC certificate that described authentication center returns, described UICC certificate carries described UICC mark and described UICC PKI, be sent to described first memory cell by described UICC certificate;
Described first memory cell, for preserving the described UICC certificate corresponding with described UICC mark.
17. Universal Integrated Circuit Card according to claim 15 management platforms, it is characterised in that described First receives unit, is additionally operable to receive the business termination request that described first Provider Equipment sends, described industry Business terminates carrying described UICC mark in request and with described first Provider Equipment according to described first industry The first message authentication code that business key generates, is sent to described first transmitting element by the termination request of described business;
Described first transmitting element, be additionally operable to by described business termination request be sent to described UICC mark right The UICC answered.
18. Universal Integrated Circuit Card according to claim 17 management platforms, it is characterised in that described Query unit, is additionally operable to inquire about whether the UICC corresponding with described UICC mark is activated, if being activated, Described business then terminates request be sent to and described UICC UICC corresponding to mark, otherwise, to described the One Provider Equipment sends miscue information.
19. Universal Integrated Circuit Card according to claim 17 management platforms, it is characterised in that described First reception unit, is additionally operable to receive the business cancellation request that user submits to, takes in the cancellation request of described business Identify with described UICC, the cancellation request of described business is sent to described query unit;
Described query unit, is additionally operable to inquire about whether the UICC corresponding with described UICC mark is activated, if It is activated, then forwards described business to cancel request, otherwise, to described use to described first Provider Equipment Family sends miscue information.
20. Universal Integrated Circuit Card according to claim 17 management platforms, it is characterised in that described First receives unit, is additionally operable to receive described UICC and carries out business friendship at termination and described first Provider Equipment The business sent after mutually terminates performing response, and described business terminates performing to carry described UICC in response Mark, terminates described business performing response and is sent to described indexing unit and described first transmitting element;
Described indexing unit, is additionally operable to be labeled as not being activated by the UICC corresponding with described UICC mark;
Described first transmitting element, is additionally operable to that described business terminates perform response and is sent to described first operator Equipment.
21. Universal Integrated Circuit Card according to claim 12 management platforms, it is characterised in that described First receives unit, is additionally operable to receive operator's handover request, carries in described operator handover request State UICC mark and the second Provider Equipment mark, described operator handover request is sent to described first Send unit;
Described first transmitting element, is additionally operable to when described first Provider Equipment permission is right with described UICC mark During the UICC switch operators equipment answered, to second operator corresponding with described second Provider Equipment mark Equipment sends described UICC certificate, carries described UICC mark and described UICC in described UICC certificate PKI;
Described first receives unit, is additionally operable to receive marking with described UICC of described second Provider Equipment transmission Know the second business cipher key after corresponding encryption, the second business cipher key after described encryption is sent to described the One transmitting element;
Described first transmitting element, the second business cipher key after being additionally operable to described encryption is sent to described first fortune Battalion's business's equipment;
Described first receives unit, is additionally operable to receive described first Provider Equipment according to second after described encryption Second message authentication code corresponding with described UICC mark that business cipher key generates, by described second Package authentication Code is sent to described first transmitting element;
Described first transmitting element, the second business cipher key after being additionally operable to described encryption and described second message mirror Other code is sent to the UICC corresponding with described UICC mark.
22. Universal Integrated Circuit Card according to claim 21 management platforms, it is characterised in that described First receives unit, specifically for receiving the described operator handover request that described second Provider Equipment sends, Described operator handover request carries described UICC mark and described second Provider Equipment mark;
Or, receive the described operator handover request that user submits to, described operator handover request carry Described UICC mark and described second Provider Equipment mark.
23. a kind of first Provider Equipment, it is characterised in that including: second receives unit, business cipher key life Become unit, the second transmitting element and the first service interaction unit;
Described second receives unit, for receiving the UICC that Universal Integrated Circuit Card UICC management platform sends Certificate, carries UICC mark and UICC PKI, is sent out by described UICC certificate in described UICC certificate Give described business cipher key signal generating unit;
Described business cipher key signal generating unit, for when passing through described UICC certification authentication, according to default side Method generates first business cipher key corresponding with described UICC mark, uses described UICC PKI to described first Business cipher key is encrypted, and described first business cipher key is sent to the first service interaction unit, after encrypting The first business cipher key be sent to described second transmitting element;
Described second transmitting element, for being sent to the first business cipher key after described encryption and described UICC The UICC that mark is corresponding;
Described second receives unit, is additionally operable to obtain described UICC after getting described first business cipher key The service fulfillment sent performs response, and described service fulfillment performs to carry described UICC in response and pre-saves Described UICC mark;
Described first service interaction unit, is used for using described first business cipher key and described UICC to carry out business Alternately.
24. first Provider Equipment according to claim 23, it is characterised in that described second receives Unit, is additionally operable to receive the business application request that user submits to, carries described in described business application request UICC identifies, and described business application request is sent to described second transmitting element;
Described second transmitting element, is additionally operable to send the request of described service fulfillment to described UICC management platform, The request of described service fulfillment carries described UICC mark and described first Provider Equipment pre-saves Described first Provider Equipment mark.
25. first Provider Equipment according to claim 23, it is characterised in that described second sends Unit, is additionally operable to send business to described UICC management platform and terminates request, and described business terminates taking in request The first message authentication code identified with described UICC and generate according to described first business cipher key;
Described second receives unit, and the business being additionally operable to obtain described UICC transmission terminates performing response, described Business terminates performing to carry described UICC mark in response.
26. first Provider Equipment according to claim 23, it is characterised in that described second receives Unit, after being additionally operable to receive the encryption corresponding with described UICC mark that described UICC management platform sends Second business cipher key;
Described second transmitting element, is additionally operable to send according to the after described encryption to described UICC management platform Second message authentication code corresponding with described UICC mark that two business cipher keys generate.
27. 1 kinds of Universal Integrated Circuit Cards, it is characterised in that including: the 3rd receive unit, decryption unit, 3rd transmitting element and the second service interaction unit;
Described 3rd receives unit, after receiving the encryption that Universal Integrated Circuit Card UICC management platform sends The first business cipher key, the first business cipher key after described encryption is sent to described decryption unit;Wherein, The first business cipher key after described encryption is that the first business cipher key uses UICC public key encryption to generate;
Described decryption unit, for using the UICC private key corresponding with UICC PKI pre-saved to described The first business cipher key after encryption is decrypted, and obtains the first business cipher key, is sent out by described first business cipher key Give described second service interaction unit, and send one first transmission instruction to described 3rd transmitting element;
Described 3rd transmitting element, for, after receiving described first and sending instruction, setting to the first operator Preparation send service fulfillment to perform response, and described service fulfillment performs to carry, in response, the UICC pre-saved Mark;
Described second service interaction unit, is used for using described first business cipher key and described first Provider Equipment Carry out service interaction.
28. Universal Integrated Circuit Cards according to claim 27, it is characterised in that also include: public and private Key is to signal generating unit and the second memory cell;
Described 3rd receives unit, is additionally operable to receive the key request that UICC vendor equipment sends, by described close Key request is sent to described public private key pair signal generating unit;
Described public private key pair signal generating unit, stochastic generation UICC public private key pair, described UICC PKI is sent To the 3rd transmitting element, described UICC private key is sent to described second memory cell;
Described 3rd transmitting element, is additionally operable to described UICC PKI is sent to described UICC vendor equipment;
Described second memory cell, is used for preserving described UICC private key.
29. Universal Integrated Circuit Cards according to claim 27, it is characterised in that also include: business Terminate unit;
Described 3rd receives unit, is additionally operable to receive the business termination request that described UICC management platform sends, Described business terminates carrying described UICC mark and described first Provider Equipment in request according to described the The first message authentication code that one business cipher key generates, is sent to described business by the termination request of described business and terminates Unit and described 3rd transmitting element;
Described business terminates unit, for when passing through described first Package authentication code check, terminates with described First Provider Equipment carries out service interaction, sends one second to described 3rd transmitting element and sends instruction;
Described 3rd transmitting element, is additionally operable to after receiving described second and sending instruction, to described first fortune Battalion's business's equipment sends business and terminates performing response, and described business terminates performing to carry described UICC in response Mark.
30. Universal Integrated Circuit Cards according to claim 27, it is characterised in that the described 3rd receives Unit, is additionally operable to the second business cipher key after receiving the encryption that described UICC management platform sends and the second message Authentication code, is sent to described decryption unit by the second business cipher key after described encryption;
Described decryption unit, be additionally operable to when to described second message authentication code verification by time, use described The second business cipher key after described encryption is decrypted by UICC private key, obtains described second business cipher key, will Described second business cipher key is sent to described second service interaction unit, and sends to described 3rd transmitting element One the 3rd sends instruction;
Described 3rd transmitting element, is additionally operable to after receiving the described 3rd and sending instruction, to the second operator Equipment sends operator's switching and performs response, and the switching of described operator performs to carry described UICC in response Mark;
Described second service interaction unit, is used for using described second business cipher key and described second Provider Equipment Carry out service interaction.
31. a user terminal, it is characterised in that including: the 3rd memory cell and Universal Integrated Circuit Card UICC;
Described 3rd memory cell, is used for storing described UICC;
Described UICC, the first business cipher key after receiving the encryption that UICC management platform sends;Use The first business cipher key after described encryption is solved by the UICC private key corresponding with UICC PKI pre-saved Close, obtain the first business cipher key;Send service fulfillment to the first Provider Equipment and perform response, described business Open and perform response carries the UICC mark pre-saved;Use described first business cipher key and described One Provider Equipment carries out service interaction;Wherein, the first business cipher key after described encryption is that the first business is close Key uses described UICC public key encryption to generate.
The data collocation system of 32. 1 kinds of Universal Integrated Circuit Cards, it is characterised in that including: general integrated electricity An outpost of the tax office UICC management platform, the first Provider Equipment and UICC;
Described UICC manages platform, is used for receiving service fulfillment request, carries in the request of described service fulfillment UICC mark and the first Provider Equipment mark, to first fortune corresponding with described first Provider Equipment mark Battalion's business's equipment sends the UICC certificate corresponding with described UICC mark pre-saved, described UICC certificate In carry described UICC mark and with described UICC UICC PKI corresponding to mark;Receive described first The first business cipher key after the encryption corresponding with described UICC mark that Provider Equipment sends, and add described The first business cipher key after close is sent to the UICC corresponding with described UICC mark;
Described first Provider Equipment, for receiving the UICC certificate that described UICC management platform sends, institute State and UICC certificate carries described UICC mark and described UICC PKI;When to described UICC certificate When being verified, generate first business cipher key corresponding with described UICC mark according to presetting method, use institute State UICC PKI described first business cipher key is encrypted, and will encryption by described UICC management platform After the first business cipher key be sent to and described UICC UICC corresponding to mark;Obtain described UICC obtaining The service fulfillment sent after getting described first business cipher key performs response, and described service fulfillment performs response In carry the described UICC mark that described UICC pre-saves;Use described first business cipher key and described UICC carries out service interaction;
Described UICC, the first business after receiving the described encryption that described UICC management platform sends is close Key;Use the UICC private key corresponding with described UICC PKI pre-saved to the first industry after described encryption Business key is decrypted, and obtains described first business cipher key;Send business to described first Provider Equipment to open Leading to and perform response, described service fulfillment performs to carry the described UICC mark pre-saved in response;Use Described first business cipher key and described first Provider Equipment carry out service interaction.
CN201210247048.3A 2012-07-17 2012-07-17 The data configuration method of Universal Integrated Circuit Card, Apparatus and system Active CN103546886B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210247048.3A CN103546886B (en) 2012-07-17 2012-07-17 The data configuration method of Universal Integrated Circuit Card, Apparatus and system
PCT/CN2013/079364 WO2014012468A1 (en) 2012-07-17 2013-07-15 Data configuration method, apparatus and system for universal integrated circuit card, computer program and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210247048.3A CN103546886B (en) 2012-07-17 2012-07-17 The data configuration method of Universal Integrated Circuit Card, Apparatus and system

Publications (2)

Publication Number Publication Date
CN103546886A CN103546886A (en) 2014-01-29
CN103546886B true CN103546886B (en) 2016-09-07

Family

ID=49948277

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210247048.3A Active CN103546886B (en) 2012-07-17 2012-07-17 The data configuration method of Universal Integrated Circuit Card, Apparatus and system

Country Status (2)

Country Link
CN (1) CN103546886B (en)
WO (1) WO2014012468A1 (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102250685B1 (en) 2014-07-01 2021-05-12 삼성전자 주식회사 METHOD AND APPARATUS FOR PROFILE DOWNLOAD FOR eUICC
KR102160597B1 (en) * 2014-07-17 2020-09-28 삼성전자 주식회사 Method and apparatus for provisioning profile of embedded universal integrated circuit card
KR20160124648A (en) * 2015-04-20 2016-10-28 삼성전자주식회사 Method and apparatus for downloading and installing a profile
ES2743576T3 (en) 2015-04-13 2020-02-19 Samsung Electronics Co Ltd Procedure and apparatus for managing a profile of a terminal in a wireless communication system
US10003974B2 (en) * 2015-06-19 2018-06-19 Apple Inc. Electronic subscriber identity module management under multiple certificate authorities
CN108112011A (en) * 2016-11-24 2018-06-01 中国电信股份有限公司 The methods, devices and systems of the universal embedded integrated circuit card of remote management
WO2019041086A1 (en) * 2017-08-28 2019-03-07 华为技术有限公司 Information verification method and related equipment
CN113795039B (en) * 2021-09-23 2023-11-24 中交信通网络科技有限公司 Operator network switching method, device, equipment and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101005359A (en) * 2006-01-18 2007-07-25 华为技术有限公司 Method and device for realizing safety communication between terminal devices
CN101765105A (en) * 2009-12-17 2010-06-30 北京握奇数据系统有限公司 Method for realizing communication encryption as well as system and mobile terminal therefor
CN102056149A (en) * 2009-11-09 2011-05-11 中兴通讯股份有限公司 Machine to machine device and processing method thereof
CN102209317A (en) * 2010-03-29 2011-10-05 中兴通讯股份有限公司 Signing data provision method and system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101084938B1 (en) * 2007-10-05 2011-11-18 인터디지탈 테크날러지 코포레이션 Techniques for secure channelization between uicc and a terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101005359A (en) * 2006-01-18 2007-07-25 华为技术有限公司 Method and device for realizing safety communication between terminal devices
CN102056149A (en) * 2009-11-09 2011-05-11 中兴通讯股份有限公司 Machine to machine device and processing method thereof
CN101765105A (en) * 2009-12-17 2010-06-30 北京握奇数据系统有限公司 Method for realizing communication encryption as well as system and mobile terminal therefor
CN102209317A (en) * 2010-03-29 2011-10-05 中兴通讯股份有限公司 Signing data provision method and system

Also Published As

Publication number Publication date
CN103546886A (en) 2014-01-29
WO2014012468A1 (en) 2014-01-23

Similar Documents

Publication Publication Date Title
CN103546886B (en) The data configuration method of Universal Integrated Circuit Card, Apparatus and system
CN104519480B (en) Communication control unit, authentication device, central controller and communication system
US10242210B2 (en) Method for managing content on a secure element connected to an equipment
CN102934470B (en) For in a communications system by the method and apparatus of subscriber identification with device authentication binding
CN103595718B (en) A kind of POS terminal Activiation method, system, service platform and POS terminal
CN109756447A (en) A kind of safety certifying method and relevant device
CN106059869A (en) Internet of things smart home equipment safety control method and system
CN104604275B (en) Smart card personalization is carried out using the local key that generates
WO2015029945A1 (en) Member profile transfer method, member profile transfer system, and user device
US9288310B2 (en) Smart card initial personnalization with local generation of keys
US9203615B2 (en) Confidential provisioning of secret keys over the air
CN101656960A (en) Point-to-point communication method based on near field communication and near field communication device
CN103237305B (en) Password protection method for smart card on facing moving terminal
CN106851632A (en) A kind of smart machine accesses the method and device of WLAN
CN104486759A (en) Method accessing wireless network without obstacle
CN109218263A (en) A kind of control method and device
CN101841814B (en) Terminal authentication method and system
KR20230038418A (en) Personalization of security elements
CN105376059A (en) Method and system for performing application signature based on electronic key
CN103312677B (en) Terminal, server and the method for building up of communication connection
CN106302698B (en) The method and system of order business
CN102098391B (en) Communication terminal and communication information processing method thereof
CN106301529A (en) A kind of short message transmission method, server, terminal and communication system
CN104038935B (en) User authen method and equipment based on mobile terminal intelligent card
CN105228130B (en) Personal data method for down loading, terminal and Operator remote manage platform

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant