CN111479259B - SIM card configuration distribution method and system - Google Patents

SIM card configuration distribution method and system Download PDF

Info

Publication number
CN111479259B
CN111479259B CN202010378164.3A CN202010378164A CN111479259B CN 111479259 B CN111479259 B CN 111479259B CN 202010378164 A CN202010378164 A CN 202010378164A CN 111479259 B CN111479259 B CN 111479259B
Authority
CN
China
Prior art keywords
data
card
card configuration
platform
chip module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010378164.3A
Other languages
Chinese (zh)
Other versions
CN111479259A (en
Inventor
金辉
陈晓波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Jieruilian Technology Co ltd
Original Assignee
Shenzhen Jieruilian Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Jieruilian Technology Co ltd filed Critical Shenzhen Jieruilian Technology Co ltd
Priority to CN202010378164.3A priority Critical patent/CN111479259B/en
Priority to PCT/CN2020/093991 priority patent/WO2021223278A1/en
Publication of CN111479259A publication Critical patent/CN111479259A/en
Application granted granted Critical
Publication of CN111479259B publication Critical patent/CN111479259B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/42Security arrangements using identity modules using virtual identity modules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data

Abstract

The invention provides a method and a system for distributing SIM card configuration, belonging to the technical field of communication. The system comprises: the module integration platform is used for integrating a card operating system of the SIM card into the chip module; the module integration platform is used for writing the security configuration data corresponding to the SIM card into a card operating system of the chip module; a subscription management data platform for creating card configuration data of the SIM card and assignment code data corresponding to the card configuration data of the SIM card; the mobile operator platform is used for providing a downloading instruction to the subscription management data platform; the local card configuration management service platform is used for operating an upper computer and receiving distribution code data sent by the subscription management data platform; the local card configuration management service platform is used for loading and analyzing the issued distribution code data, and writing and installing card configuration data corresponding to the issued distribution code data into the card operating system of the chip module.

Description

SIM card configuration distribution method and system
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method for distributing SIM card configurations, a method for distributing SIM card configurations in batches, a system for distributing SIM card configurations, an integrated SIM chip, an electronic device, and a computer-readable storage medium.
Background
In the outbreak of the IoT era, it can be seen that various industries and different application fields continuously put new requirements on the optimization scheme of the device and the SIM card. Especially in the LPWA field, such as NB-IoT, several new and serious challenges are created, on one hand, the huge SIM card manufacturing, distribution and management costs due to the huge device base, and on the other hand, the requirements for the physical characteristics, environmental characteristics, long lifetime (at least equal to the device lifetime), low power consumption of the device are becoming more and more strict, including temperature, humidity, shock resistance, pressure resistance, etc.
The existing physical card and virtual card technologies cannot completely present a complete technical scheme with safety, high efficiency and low cost.
For the physical entity card scheme, the physical entity card scheme can be divided into a plug-in plastic card and a patch card; in the physical entity card form, a client usually interacts with an operator only, the operator places an order to appoint used Profile data and package ordering information, then the operator transmits input _ file (containing Profile information) to the card merchant in an offline encryption form, the card merchant prepares card hardware and an operating system in advance according to specific requirements of the operator and the client, writes the Profile into each card on a production line for personalization, finally packages different specifications, sends the card to the operator in an express form, and attaches output _ file to mark card making data corresponding to each card. And finally, the operator express the card to the final customer. In some cases, the card merchant can directly send the card to the customer. Besides the ordinary physical card with one card and one number, the physical card with one card and multiple numbers or the physical card with the profile dynamically issued by the support of the general proprietary protocol is possible. In this way, a physical card is used, but the physical card is safe, but has the cost of a physical card chip, packaging, a production line and the like, and the express delivery, manual management and operation cost involved in various card distribution are huge, even if the client side needs to manage the SIM card by itself, each card is inserted into the equipment or pasted on the equipment production line, and the overall distribution and management cost is high.
For Virtual SIM card solutions, otherwise known as soft SIM, SoftSIM, vSIM, Virtual SIM, etc., the third party facilitator acts as an integrator throughout the chain. The customer only connects with the service provider, shields the operator, and has certain flexibility, only needs to care about profile, flow order and the like, and can select different operators. The service provider can take the profile from the operator in advance and place the profile on a server of the service provider, so that the client can directly write in the profile locally or download the profile to the equipment of the client remotely when needing to correspond to the profile. The service provider needs to integrate vSIM software with the client device without the need for a physical card to implement SIM functionality. The scheme can reduce the cost of a physical entity card and the SIM distribution and management cost of a client, but has the biggest problems of unreliable safety, private realization of a server, over-the-air transmission and terminal security and the biggest hidden danger of safety.
For eSIM card solutions, the standard eSIM solutions proposed by GSMA initiative are divided into two, Consumer and M2M. Consumer needs to have a user interface, human participation, and support dynamic download of profiles. The M2M version needs to support SMS and BIP communication, and can actively push a profile download from a server. The SMDP + is owned by an operator, the profile is safely stored, the LPA is integrated in the eUICC or the equipment, and the eUICC card is assisted to download and manage the profile. All communication protocols in the scheme strictly adhere to the RSP protocol, safety mechanisms of a server, air transmission and a terminal are fully considered, interoperability among different components is guaranteed, and a certificate system is added. Is very safe and reliable, but has high cost. One eUICC card requires 1.5 dollars, and the operator deploys the service end system also requires 10-100w dollars. Most of the situations are not practical in the scene of the internet of things, one needs initial network connection, the other needs to support SMS and BIP, the profile is large, if the network using the equipment is LWPA, the bandwidth is insufficient, and finally the eUICC card is high in cost or needs a physical card.
For the nuSIM card solution, nuSIM is an efficient, Low-cost, secure Profile distribution solution for Low-cost devices, especially NB-IoT scenarios, based on the security protocol of the eSIM specification, proposed by german telecommunications. Two places are mainly optimized, and compared with an SMDP + server of the original eSIM, the newly-added DP server optimizes the profile size, supports batch downloading and improves the production line efficiency. LA is directly realized on the PC of the production line, and profile downloading is carried out by means of the network environment of the PC of the production line. In addition, the requirement for reducing the safety realized by the terminal can be met by using the self-owned safety environment of the equipment, such as SE, TEE and the like. The SIM function is directly integrated into the chip device without a physical entity card. But still has a disadvantage that most operators have deployed SMDP +, and are reluctant to invest cost to build a set of DP servers.
Disclosure of Invention
The invention aims to provide a method and a system for distributing SIM card configuration.
In order to achieve the above object, an embodiment of the present invention provides a method for distributing SIM card configurations, where the method for distributing SIM card configurations includes:
integrating a card operating system of the SIM card in the chip module;
writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
receiving allocation code data corresponding to the card configuration data of the SIM card;
and acquiring and writing the card configuration data into the chip module or the terminal equipment integrating the chip module through the distribution code data.
Specifically, the writing of the security configuration data corresponding to the SIM card to the card operating system of the chip module includes:
writing personalized data and safety data corresponding to the SIM card into the chip module, wherein the personalized data comprises a unique identification code, the safety data comprises a certificate and a corresponding secret key, and the corresponding secret key comprises a public key and a private key.
Specifically, the writing of the security configuration data corresponding to the SIM card to the card operating system of the chip module,
the certificate comprises a card merchant certificate and a card merchant eUICC certificate, the card merchant certificate is issued or self-issued through a mobile operator platform, and the unique identification code is consistent with an issuer of the card merchant eUICC certificate.
Specifically, the receiving of the allocation code data corresponding to the card configuration data of the SIM card includes:
importing card configuration data of the SIM card in a subscription management data platform through a mobile operator platform;
providing assignment code data through the subscription management data platform.
Specifically, the acquiring and writing the card configuration data into the chip module or the terminal device integrating the chip module by the allocation code data includes:
loading the distribution code data through a local card configuration management service platform;
connecting the upper computer with a terminal device integrating the chip module;
and according to the analysis of the local card configuration management service platform on the distribution code data, executing the writing of the card configuration data into the chip module, and installing the card configuration data in a card operating system of the chip module.
Specifically, the SIM card configuration distribution method further includes at least one of the following:
reporting the installation result of the card configuration data to a subscription management data platform;
activating the card configuration data when the terminal device is started;
and maintaining the communication between the chip module and the modulation module of the terminal equipment.
The embodiment of the invention provides a method for distributing SIM card configuration in batches, which comprises the following steps:
integrating a card operating system of the SIM cards in a chip module in batch;
writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
receiving distribution code data corresponding to the card configuration data of the SIM cards in batch;
and acquiring and writing the card configuration data into the chip module or the terminal equipment integrating the chip module in batches through the distribution code data.
The embodiment of the invention provides a SIM card configuration and distribution system, which comprises:
the module integration module is used for integrating a card operating system of the SIM card into the chip module;
the communication security module is used for writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
a local card configuration management module for receiving allocation code data corresponding to the card configuration data of the SIM card;
the local card configuration management module is further configured to acquire and write the card configuration data into the chip module or a terminal device integrating the chip module, according to the allocation code data.
The embodiment of the invention provides a system for SIM card configuration distribution, which comprises:
the module integration platform is used for integrating a card operating system of the SIM card into the chip module;
the module integration platform is used for writing the security configuration data corresponding to the SIM card into a card operating system of the chip module;
a subscription management data platform for creating card configuration data of the SIM card and assignment code data corresponding to the card configuration data of the SIM card;
the mobile operator platform is used for providing a downloading instruction to the subscription management data platform;
the local card configuration management service platform is used for operating an upper computer and receiving distribution code data sent by the subscription management data platform;
the local card configuration management service platform is used for loading and analyzing the issued distribution code data, and writing and installing card configuration data corresponding to the issued distribution code data into the card operating system of the chip module.
Optionally, the mobile operator platform is configured to provide a card merchant certificate in the security configuration data and issue the card merchant certificate to the module integration platform.
Optionally, the module integration platform is specifically configured to write personalized data and secure data corresponding to the SIM card into the chip module, where the personalized data includes a unique identification code, the secure data includes a certificate and a corresponding key, and the corresponding key includes a public key and a private key.
Optionally, the module integration platform is specifically configured to self-issue the unique identifier and the card merchant eUICC certificate.
Optionally, the local card configuration management service platform is further configured to report an installation result of the card configuration data to the subscription management data platform.
Optionally, the local card configuration management service platform is further configured to retry downloading or installation of the card configuration data, and perform queue management on a task queue for downloading or installation.
Optionally, the system further comprises:
and the terminal equipment is integrated with the chip module and used for activating the card configuration data and maintaining the communication between the chip module and the modulation module when the terminal equipment is started.
An embodiment of the present invention provides an integrated SIM chip configured by the foregoing system, where the integrated SIM chip is configured as a card operating system having an SIM card;
the integrated SIM chip comprises: a storage medium written with card configuration data encrypted by a secure key repository and a key of the derived card configuration data;
the card configuration data and the derived key for the card configuration data are obtained from a local card configuration management service platform via a first encrypted connection, wherein,
the local card configuration management service platform receives a key of the card configuration data generated and derived by a key server through a second encryption connection, and forwards a request or a response between a subscription management data platform and the integrated SIM chip through the first encryption connection.
An embodiment of the present invention provides an integrated SIM chip configured by the foregoing system, where the integrated SIM chip is configured as a card operating system having an SIM card;
the card operating system is configured to run in a trusted execution environment of the integrated SIM chip;
the integrated SIM chip comprises: a storage medium in the trusted execution environment;
the storage medium is written with card configuration data of the SIM card, and the card configuration data is acquired from a local card configuration management service platform through a third encrypted connection, wherein the local card configuration management service platform further forwards a request or a response between a subscription management data platform and the integrated SIM chip through the third encrypted connection.
In another aspect, an embodiment of the present invention provides an electronic device, including:
at least one processor;
a memory coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor, the at least one processor implements the aforementioned method by executing the instructions stored by the memory.
In yet another aspect, an embodiment of the present invention provides a computer-readable storage medium storing computer instructions, which, when executed on a computer, cause the computer to perform the foregoing method.
Additional features and advantages of embodiments of the invention will be set forth in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the embodiments of the invention without limiting the embodiments of the invention. In the drawings:
FIG. 1 is a schematic diagram of the main modules of an exemplary system according to the present invention;
FIG. 2 is a schematic diagram illustrating a main interaction flow of an exemplary system according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of the main modules of an exemplary system according to the present invention;
fig. 4 is a schematic diagram illustrating a main interaction flow of an exemplary system according to an embodiment of the present invention.
Reference to English abbreviations
SIM: the Subscriber identity module is one of universal integrated circuit cards and is used for authenticating legal users of an operator network.
Profile: card configuration data, a series of data and applications stored in the ordinary SIM card and the eUICC card.
IoT: the Internet of things.
NB-IoT: the narrowband Internet of Things is mainly suitable for application scenes with fixed positions, ultra-low power consumption and no particular sensitivity to network bandwidth and time delay, such as water meters, electric meters, well covers and other equipment.
eMTC: enhanced machine-type communication is mainly suitable for position movement, low power consumption, certain requirements on network bandwidth and delay but no high requirements on consumer level, and is suitable for scenes such as trackers, positioners, smart cities and smart logistics in scenes of the Internet of things.
LPWA: low power wide area, Low power wide area connection scenario, especially with NB-IoT and eMTC as the main.
2G: second generation communication technology.
UICC: universal Integrated Circuit Card, including communication SIM Card, financial bank Card, public transport Card, etc.
The eUICC: an embedded UICC, a pluggable or embedded universal integrated circuit card, commonly referred to as an eSIM card, supports remote and local management of profiles in a secure manner.
EID: eUICC ID, unique identification of eUICC card.
LPA: local Profile Assistant, functions of which include assisting Profile downloading, Profile management (Profile enabling, Profile closing, Profile deleting, Profile information query), and providing a Profile management interface.
PC LPA or LA or LPA: the local card configuration management service platform runs on LPA software on a PC computer, is expanded on the basis of the original LPA, newly adds a Profile parallel downloading function which supports the data transmission function and the device transmission function through the connection of a serial port, a USB and the like, supports the simultaneous connection of a plurality of devices and simultaneously triggers the devices, and is an important component in the application.
SMDP + (or DP, for short +): subscription Manager Data Preparation +, Subscription management Data Preparation server (or Subscription management Data platform), which has the main functions of preparing Profile, encrypting, storing and distributing the Profile to a specified EID. And binding an encrypted Profile, and safely issuing the Profile to the eUICC through the LPA.
TEE: the Trust Execution Environment is a safe isolation Environment designed based on an Arm Trust zone architecture, and is used for isolating a storage and Execution Environment of safe application and safe data from an open Environment of an external system. Most of the existing consumer devices such as Qualcomm, MTK and Unisoc chips and Internet of things devices support the function. Common application scenarios are fingerprint payment, face recognition, and the like.
CA: the Client Application in the Client Application and TEE scene runs on the REE side and is responsible for communication and data interaction forwarding of TA in the REE and the TEE.
TA: trusted Application in a TEE scene runs inside the TEE, is safe Application, and executes operation and operation of safe data. In this document the SIM application will run inside the TEE as a secure application.
REE: the Rich Execution Environment, which is generally an open and general-purpose operating system, is, for example, Android, iOS, Linux, etc.
Modem Chip: and the modem chip provides the communication capability of the terminal equipment and the base station.
SoC: the System on Chip is a technical concept shared by consumer equipment and part of internet of things equipment, and if the Chip is not only used as a Modem, but also used as a developer and a user to perform service application development, the Chip can be called an integrated SoC. At present, most Android and iOS devices are the same, and most 4G Internet of things devices are also the devices which are only used as Modem communication chips in single NB scenes and are not used as business application chips. The SoC referred to herein is integrated and provides both communication chip functionality and business application chip functionality.
The invention iSIM: an integrated SIM chip with complete SIM function is realized on the chip.
The invention TEEiSIM (or TEE SIM): the integrated SIM chip with the complete SIM function is realized on a chip with a trusted execution environment.
SAS-UP: the Security authorization Scheme-UICC Production strictly defines, standardizes and examines the unit, process, key and certificate management of UICC card Production so as to ensure the individuation of the key and certificate of the UICC card and the safety of Profile writing.
MNO: mobile Network Operator, a Mobile Operator (platform), such as operators in china Mobile, china unicom and overseas countries, provides Mobile Network services including voice, short messages, data, etc. to users.
The GSMA is GSM Association, International telecommunication Union, and the main participants comprise operators, card merchants, terminal equipment manufacturers and the like and are responsible for the overall technical standard specification and unified coordination in the fields of communication, Profile, core network and the like.
SMS is short message service of operator.
The BIP is an independent transmission protocol, has close relation with a new generation STK-USAT, is simpler, and aims to improve the data transmission rate and support the USIM card to communicate with a remote server through a TCP/IP protocol. Namely, the data transmission protocol is adopted when the user needs the things by directly downloading the things through the value-added application in the USAT.
BP base and processor.
SKB Secure Key Box, a third party Secure environment service.
DM, device manufacturer.
OEM equipment manufacturer.
ODM scheme quotient.
Module, Module.
Chip/Chip: and (3) a chip.
Device: a terminal device or a device.
SW: software, acronym for software.
HW: hardware, acronym, hardware.
NVM: Non-Volatile Memory, Non-Volatile Memory.
RAM: random access memory, also known as main memory, internal memory.
Secure Boot: and the safety starting mechanism protects the starting verification integrity and the authority safety of the equipment.
AES: advanced Encryption Standard, Advanced Encryption Standard Algorithm.
ECKA (electron transfer KA): an ECC Elliptic curve-based Key Agreement algorithm.
SCP03 t: the Asymmetric Secure Channel Protocol, SCP03t, is an extended version of the Secure data transmission Channel established based on the SCP03 Protocol, and is used as profile encryption/decryption and segment transmission check integrity in the eSIM standard specification.
JTAG: named through the name of the Joint Test Action Group team, the method is used as a common tool interface for debugging equipment.
AT: the AT is Attention, and the AT instruction set is sent from a Terminal Equipment (TE) or a Data Terminal Equipment (DTE) to a Terminal Adapter (TA) or a Data Circuit Terminal Equipment (DCE) AT, and sends an AT instruction through the TA or the TE to control a function of a Mobile Station (MS), interact with GSM network services, and a user can control a call, a short message, a phone book, Data services, a fax, and the like through the AT instruction.
UART: universal Asynchronous Receiver/Transmitter, a common serial communication protocol, is used as a communication protocol commonly used by devices and external devices such as PC computers.
ES2+/ES8+/ES9 +: a data interaction procedure of an eSIM standard protocol defined by GSMA.
COS: the Card Operating System is currently of the type ISO, Oracle Java Card, GlobalPlatform, 3GPP and ETSI.
CERT or Crt(s): a certificate.
And EUM: eUICC manager, card vendor.
CI: certificate issue, Certificate Issuer (or authority).
RSP: remote SIM provisioning.
The AC is an Activation Code which comprises a Profile download address and corresponding identification information and can be downloaded from the LPA to the SMDP +.
ACInfos: the (batch) distributed code data of the invention can have a Profile data packet (such as a data packet in an Excel table format), a download address and the like, and the data packet is more simplified compared with a Profile native data packet, for example, unnecessary third party subscription service application is reduced, and application for rewriting and updating the Profile is reduced.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating embodiments of the invention, are given by way of illustration and explanation only, not limitation.
The invention can provide a low-cost, high-efficiency and moderate-security integrated SIM product, supports the issue of the Profile before delivery and the safe writing into the equipment, can default the issued Profile once the equipment leaves the factory, and ensures that the life cycle safety and the use of the whole Profile are final products and technical forms. The salient body is in the field of low-cost equipment, and mainly aims at LPWA, 2G and the like, and covers industrial applications such as water meters, electric meters, locators, trackers, smart cities and intelligent logistics.
Example 1
The embodiment of the invention provides a system for SIM card configuration distribution, which comprises:
the Module integration platform (or chip Module platform or Module) is used for integrating a card operating system of the SIM card into the chip Module, the chip Module is a physical chip combined by software and hardware, the card operating system is required to be matched with the chip hardware, and the chip can be executed on the chip, so that a storage medium of the chip can be written into external input data such as card configuration data and the like;
the module integration platform is used for writing the security configuration data corresponding to the SIM card into a card operating system of the chip module;
a subscription management data platform (or SMDP +) for creating card configuration data of the SIM card and assignment code data corresponding to the card configuration data of the SIM card;
a mobile operator platform (or MNO) for providing download instructions to the subscription management data platform;
the local card configuration management service platform (or LA) is used for running on an upper computer (or an application module installation platform) and receiving distribution code data sent by the subscription management data platform;
the local card configuration management service platform is used for loading and analyzing the issued distribution code data, and writing and installing card configuration data corresponding to the issued distribution code data into the card operating system of the chip module.
The embodiment of the invention also provides a method for distributing the SIM card configuration or a method for distributing the SIM card configuration in batches.
1. COS is matched and integrated into corresponding SW on the chip, the chip general agent and the module, and then the corresponding chip and the module are produced;
2. before the DM, OEM and ODM factory devices start downloading the Profile, COS personalization may be performed first, and data such as EID, EUM CERT, eUICC SK and CI PK needs to be personalized and written into each different chip or module;
3. the EUM certificate can be issued by an MNO or self-issued according to the situation, then batch information such as eUICC certificates, EIDs and the like is issued by the EUM, and the uniqueness of the EIDs (under the same CI system) is ensured;
4. the MNO imports corresponding Profile in the DP + according to the existing service flow and provides batch AC info (whether AC and EID are bound one to one or not);
5. and C, loading the AC info into the PC LPA program, and simultaneously connecting the PC LPA program to a plurality of corresponding terminal devices to ensure that the downloading and writing can be started by network connection. The method needs to support parallel downloading and parallel writing into a plurality of devices;
6. after the installation is completed successfully, the LPA records the result and reports DP +;
7. all Profile downloading tasks corresponding to the AC need to add a queue management and retry mechanism, and record a final result;
8. after the equipment which is downloaded and installed successfully is disconnected and the PC is connected, the installed Profile can be started automatically, and the equipment is restarted each time. The equipment does not support rewriting after leaving factory and can be returned to factory for rewriting.
The embodiment of the invention can overcome the problems that the total cost price of manufacturing, distributing and managing the SIM cards is high and the cost price of a single SIM card is gradually increased due to the improvement of various characteristics of the SIM card caused by mass base number equipment;
the embodiment of the invention has reduced encapsulation, no clamping groove is provided, the space size of the equipment is obviously reduced, and high shock resistance and high pressure resistance are realized;
the embodiment of the invention has no network dependence, does not need RSP capability any more, can directly and safely issue the Profile to the equipment before leaving the factory, issues one or more profiles, and can directly and flexibly manage and start without a network after leaving the factory;
the embodiment of the invention directly uses the existing eSIM DP +, does not need additional investment, saves cost, does not change the existing flow, can be seamlessly and zero-cost butted by an operator, and is compatible with the nuSIM DP;
the embodiment of the invention supports the transformation on a production line and the batch downloading, and improves the production efficiency.
Example 2
Based on embodiment 1, as shown in fig. 1 (the SS1 may be a second encryption connection, the SS1 is a data interaction process based on an HTTPS protocol, mainly cross authentication between a security key bank and a local card configuration management service platform, and a key of card configuration data is exported from a server where the security key bank is located to the authenticated local card configuration management service platform), the SS2 may be a first encryption connection, and the SS2 is a data interaction process based on a UART or AT interface, mainly loading an EUM certificate, an eUICC certificate, a key of derived card configuration data, and a request and a response for forwarding ES8+/ES9 +), and fig. 2, the embodiment of the present invention provides a method for distributing SIM card configuration based on a modulation Chip integrated circuit Modem Chip IC of MTK2625 NB model, and specifically includes the following steps.
1. The eSIM COS is adapted on the chip, the chip general agent and the module to be integrated into the corresponding SW, the COS is realized inside the 2625 chip, and the communication is carried out with the Modem side through the SIM Driver. Then, producing corresponding chips and modules;
2. before the DM, OEM and ODM factory devices start downloading the Profile, COS personalization must be performed first, and data such as EID, EUM CERT, eUICC SK (SK is a security key), CI PK (PK is a security key) and the like need to be personalized and written into each different chip or module;
3. the EUM certificate can be issued by an MNO or self-issued according to the situation, then batch information such as eUICC certificates, EIDs and the like is issued by the EUM, and the uniqueness of the EIDs (under the same CI system) is ensured;
4. the MNO imports corresponding Profile in the DP + according to the existing service flow and provides batch AC info (whether AC and EID are bound one to one or not);
5. and C, loading the AC info into the PC LPA program, and simultaneously connecting the PC LPA program to a plurality of corresponding terminal devices to ensure that the downloading and writing can be started by network connection. The method needs to support parallel downloading and parallel writing into a plurality of devices;
6. after the installation is completed successfully, the LPA records the result and reports DP +;
7. all Profile downloading tasks corresponding to the AC need to add a queue management and retry mechanism, and record a final result;
8. after the equipment which is downloaded and installed successfully is disconnected and the PC is connected, the installed Profile can be started automatically, and the equipment is restarted each time. The equipment does not support rewriting after leaving factory and must be returned to factory.
9. The security encryption mechanism is completed by the external isolation of the Modem Chip of the 2625 Chip and the encryption protection of SKB, and the 2625 Chip is isolated on NVM, RAM and external communication, so that illegal AT, UART interfaces and JTAG interfaces can be turned off, thereby being an isolated security environment. The NVM Flash provides Secure Boot and AES OTF encryption functions to further ensure internal data security. And the SKB performs secondary encryption protection on the key data in the profile, so that the safety of the profile in storage and operation is ensured. The download flow of the whole profile conforms to an eSIM standard protocol, and the download safety of the profile is ensured by the aid of certificate bidirectional verification and ECKA and SCP03t encryption mechanisms. The whole combination ensures the life cycle safety of the profile, and the integrated SIM chip product can be obtained after the configuration and distribution are finished.
The embodiment of the invention also provides an integrated SIM chip configured by the system, wherein the integrated SIM chip is configured into a card operating system with an SIM card;
the integrated SIM chip comprises: a storage medium written with card configuration data encrypted by a secure key repository and a key of the derived card configuration data;
the card configuration data and the derived key for the card configuration data are obtained from a local card configuration management service platform through SS2, wherein,
the local card configuration management service platform receives keys of the card configuration data generated and derived by a key server through the SS1, and forwards a request or a response between a subscription management data platform and the integrated SIM chip through the SS 2.
Example 3
Based on embodiment 1, as shown in fig. 3 (where the SS1 may be a third encryption connection, and the SS1 is a data interaction process based on UART or AT interface, and mainly forwards a request and a response of ES8+/ES9 +), and fig. 4, the embodiment of the present invention provides a SIM card configuration distribution method based on a chip BG77 remote module of Qualcomm 9205 model, which specifically includes the following steps.
1. The eSIM COS is integrated into the corresponding SW after being adapted on the chip, the chip general agent and the module, and the COS is realized inside a TEE safety environment provided inside the Qualcomm 9205 chip, is communicated through external CA and REE and is communicated with the Modem side through a QMI interface. Then, producing corresponding chips and modules;
2. before the DM, OEM and ODM factory equipment starts to download the Profile, COS personalization must be carried out, and data such as EID, EUM CERT, eUICC SK, CI PK and the like need to be written into each different chip or module in a personalized mode;
3. the EUM certificate can be issued by an MNO or self-issued according to the situation, then batch information such as eUICC certificates, EIDs and the like is issued by the EUM, and the uniqueness of the EIDs (under the same CI system) is ensured;
4. the MNO imports corresponding Profile in the DP + according to the existing service flow and provides batch AC info (whether AC and EID are bound one to one or not);
5. and C, loading the AC info into the PC LPA program, and simultaneously connecting the PC LPA program to a plurality of corresponding terminal devices to ensure that the downloading and writing can be started by network connection. The method needs to support parallel downloading and parallel writing into a plurality of devices;
6. after the installation is completed successfully, the LPA records the result and reports DP +;
7. all Profile downloading tasks corresponding to the AC need to add a queue management and retry mechanism, and record a final result;
8. after the equipment which is downloaded and installed successfully is disconnected and the PC is connected, the installed Profile can be started automatically, and the equipment is restarted each time. The equipment does not support rewriting after leaving factory and must be returned to factory.
9. The security encryption mechanism is guaranteed by a TEE trusted execution environment inside the 9205 chip, the execution of the eSIM COS and the storage of the profile data are both in an NVM and an RAM inside the TEE, the external communication is isolated, and the security storage and the operation of the profile inside the equipment are guaranteed. The download flow of the whole profile conforms to an eSIM standard protocol, and the download safety of the profile is ensured by the aid of certificate bidirectional verification and ECKA and SCP03t encryption mechanisms. The whole combination ensures the life cycle safety of the profile, and the integrated SIM chip product can be obtained after the configuration and distribution are finished.
The embodiment of the invention also provides an integrated SIM chip configured by the system, wherein the integrated SIM chip is configured into a card operating system with an SIM card;
the card operating system is configured to run in a trusted execution environment of the integrated SIM chip;
the integrated SIM chip comprises: a storage medium in the trusted execution environment;
the storage medium is written with card configuration data of the SIM card, and the card configuration data is acquired from a local card configuration management service platform through SS1, wherein the local card configuration management service platform further forwards a request or a response between a subscription management data platform and the integrated SIM chip through SS 1.
The following steps may be further preferred for the present invention of example 2 or example 3.
1. Simulating similar functions and technical schemes of SMDP + and PC LPA by using a private protocol without using an eSIM protocol, and then downloading and writing profile on a production line;
2. realizing the batch downloading function of production line tools by using automatic production machines or equipment;
3. the device side does not necessarily use a comparable eSIM protocol or a specific security environment, and can be directly based on a software environment, integrated into a device or a chip to implement the SIM function, support downloading or directly write the profile with an external production line or a local interface, a local tool;
4. the interface of the PC LPA is realized by using Windows or Linux or Mac native software without using a web server and a browser architecture;
5. the PC LPA and the eSIM COS are realized in different operating system platforms, different chips, different equipment and different security environments.
The following advantages are specific to embodiment 2 or embodiment 3 of the present invention.
An eSIM COS, namely forming a system of an Integrated SIM chip (iSIM), integrating the complete functions of the SIM into a chip, a Module and a Device (equipment), such as REE, TEE, SoC and Modem BP, completely removing entity UICC, downloading and writing the Profile from a service end before the equipment leaves a factory, and returning the equipment to the factory for re-downloading and writing;
after the eSIM COS receives the profile downloaded by the SMDP +, because the profile is large, the space is small in an LPWA device and a plurality of profile components without actual effects exist, and the eSIM COS can be simplified according to the application scene condition of the device so as to meet the requirements of saving the device space and normal use;
3. the production line tool supports the personalized certificate and the production line to combine the downloading and writing processes;
4. the production line supports batch downloading and accelerates production line efficiency. The nuSIM DP supports either batch downloads or simultaneous parallel downloads by the PC LPAs. Because the eSIM DP + of the PC LPA does not support the batch advance download of the profiles, a function must be added to support the simultaneous parallel download of multiple profiles and the simultaneous connection of multiple devices, while ensuring the network connection of the PC, or the simultaneous execution of multiple PCs. The requirement for network dependence and production line real-time connection is high, and the number of the simultaneous downloads depends on the number of the PCs (the maximum number of parallel downloads supported by the LPA and the maximum number of simultaneously connected devices supported by a single PC). And the concurrent processing requirements for DP + are high. The PC LPA or LA is placed in a production line, typically a DM, OEM, ODM factory, with Windows PC (Linux, Ubuntu, Mac as well) as the standard. A network is required to be equipped to support the USB, AT and UART communication transmission data connected to the equipment.
5. The PC LPA uses Java version, the bottom layer uses a general LPA Jar packet to a Java back-end Server (deployed in a production line PC local machine), and then a JS front-end interface is used for displaying, so that the cross-platform effect can be fully achieved, and the database uses PostgreSQL;
6. the PC LPA supports the configuration of self-defined parameters, such as the number of simultaneous connections, timeout time, retry times and the like;
7. the PC LPA supports concurrent downloading, is connected with a plurality of devices simultaneously, automatically detects the connection of serial devices and continuously downloads in batches;
8. the PC LPA is adapted to different terminal equipment interfaces for transmitting data, such as USB, UART, AT and the like, abstractly and uniformly Adapter interfaces are adopted, and different implementations are adopted;
9. low cost, high efficiency and high safety. The interconnection and the interoperability of the whole system are ensured, and the safety degree approved by operators is reached. The certificate system can be public or private, and has flexibility.
10. The nuSIM DP and the existing SMDP + can be compatible, if the existing SMDP + is used, no new investment cost is needed, the existing flow of an operator is not needed to be changed, and seamless docking can be realized.
Example 4
Based on embodiments 1 to 3, an embodiment of the present invention provides a SIM card configuration and distribution system, which may be used to construct an upper computer or an automated data processing platform, and the system may include:
the module integration module is used for integrating a card operating system of the SIM card into the chip module;
the communication security module is used for writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
a local card configuration management module for receiving allocation code data corresponding to the card configuration data of the SIM card;
the local card configuration management module is further configured to acquire and write the card configuration data into the chip module or a terminal device integrating the chip module, according to the allocation code data.
The invention saves cost, particularly saves the cost of physical entity cards, saves the fussy manual physical entity card distribution and management cost, saves the cost of investing new funds of operators and manually building a new system, and can directly use the existing SMDP +; the invention realizes the improvement of the production efficiency through the PC LPA; the PC LPA can implement cross-platform applications; the system is flexible and easy to deploy; the invention reduces the network dependence of the equipment side, fully utilizes the safety of the equipment side and meets the requirement of a reasonable standard protocol.
Although the embodiments of the present invention have been described in detail with reference to the accompanying drawings, the embodiments of the present invention are not limited to the details of the above embodiments, and various simple modifications can be made to the technical solutions of the embodiments of the present invention within the technical idea of the embodiments of the present invention, and the simple modifications all belong to the protection scope of the embodiments of the present invention.
It should be noted that the various features described in the above embodiments may be combined in any suitable manner without departing from the scope of the invention. In order to avoid unnecessary repetition, the embodiments of the present invention do not describe every possible combination.
Those skilled in the art will understand that all or part of the steps in the method according to the above embodiments may be implemented by a program, which is stored in a storage medium and includes several instructions to enable a single chip, a chip, or a processor (processor) to execute all or part of the steps in the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In addition, any combination of various different implementation manners of the embodiments of the present invention is also possible, and the embodiments of the present invention should be considered as disclosed in the embodiments of the present invention as long as the combination does not depart from the spirit of the embodiments of the present invention.

Claims (17)

1. A method for distributing SIM card configuration is characterized in that the method for distributing SIM card configuration comprises the following steps:
integrating a card operating system of the SIM card in the chip module;
writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
receiving allocation code data corresponding to the card configuration data of the SIM card;
loading and analyzing the distribution code data through a local card configuration management service platform, and acquiring and writing the card configuration data into the chip module or the terminal equipment integrating the chip module through the local card configuration management service platform, wherein the local card configuration management service platform runs on an upper computer which is arranged on a production line of the chip module or the terminal equipment integrating the chip module;
wherein the writing of the security configuration data corresponding to the SIM card to the card operating system of the chip module includes:
writing personalized data and security data corresponding to the SIM card into the chip module, wherein the personalized data comprises a unique identification code, the security data comprises a certificate and a corresponding key, the corresponding key comprises a public key and a private key,
the safety data is used for encrypted connection of the local card configuration management service platform and the chip module;
wherein, the local card configuration management service platform receives the distribution code data issued by the subscription management data platform, loads and analyzes the issued distribution code data to obtain the card configuration data which is corresponding to the issued distribution code data and is created by the subscription management data platform,
sending the card configuration data to the chip module by the local card configuration management service platform through the encrypted connection,
the card configuration data is created by the subscription management data platform after the mobile operator platform sends a download instruction to the subscription management data platform.
2. The method according to claim 1, wherein the writing of the security configuration data corresponding to the SIM card to a card operating system of the chip module,
the certificate comprises a card merchant certificate and a card merchant eUICC certificate, the card merchant certificate is issued or self-issued through the mobile operator platform, and the unique identification code is consistent with an issuer of the card merchant eUICC certificate.
3. The SIM card configuration distribution method according to claim 1, wherein the receiving of the distribution code data corresponding to the card configuration data of the SIM card comprises:
importing card configuration data of the SIM card in a subscription management data platform through the mobile operator platform;
providing assignment code data through the subscription management data platform.
4. The SIM card configuration distribution method according to claim 1, wherein the loading and parsing of the distribution code data by the local card configuration management service platform, the obtaining and writing of the card configuration data by the local card configuration management service platform to the chip module or the terminal device integrating the chip module, comprises:
loading the distribution code data through a local card configuration management service platform;
connecting the upper computer with a terminal device integrating the chip module;
and according to the analysis of the local card configuration management service platform on the distribution code data, executing the writing of the card configuration data into the chip module, and installing the card configuration data in a card operating system of the chip module.
5. The SIM card configuration distribution method according to claim 4, further comprising at least one of:
reporting the installation result of the card configuration data to a subscription management data platform;
activating the card configuration data when the terminal device is started;
and maintaining the communication between the chip module and the modulation module of the terminal equipment.
6. The method for distributing the SIM card configuration in batches is characterized by comprising the following steps:
integrating a card operating system of the SIM cards in a chip module in batch;
writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
receiving distribution code data corresponding to the card configuration data of the SIM cards in batch;
loading and analyzing the distribution code data through a local card configuration management service platform, and obtaining and writing the card configuration data in batch into the chip module or the terminal equipment integrating the chip module through the local card configuration management service platform, wherein the local card configuration management service platform runs on an upper computer which is on a production line of the chip module or the terminal equipment integrating the chip module;
wherein the writing of the security configuration data corresponding to the SIM card to the card operating system of the chip module includes:
writing personalized data and security data corresponding to the SIM card into the chip module, wherein the personalized data comprises a unique identification code, the security data comprises a certificate and a corresponding key, the corresponding key comprises a public key and a private key,
the safety data is used for encrypted connection of the local card configuration management service platform and the chip module;
wherein, the local card configuration management service platform receives the distribution code data issued by the subscription management data platform, loads and analyzes the issued distribution code data to obtain the card configuration data which is corresponding to the issued distribution code data and is created by the subscription management data platform,
sending the card configuration data to the chip module by the local card configuration management service platform through the encrypted connection,
the card configuration data is created by the subscription management data platform after the mobile operator platform sends a download instruction to the subscription management data platform.
7. A SIM card configuration distribution system, comprising:
the module integration module is used for integrating a card operating system of the SIM card into the chip module;
the communication security module is used for writing security configuration data corresponding to the SIM card into a card operating system of the chip module;
a local card configuration management module for receiving allocation code data corresponding to the card configuration data of the SIM card;
the local card configuration management module is further used for loading and analyzing the distribution code data through a local card configuration management service platform, and acquiring and writing the card configuration data into the chip module or the terminal equipment integrating the chip module through the local card configuration management service platform, wherein the local card configuration management service platform runs on an upper computer on a production line of the chip module or the terminal equipment integrating the chip module;
wherein the communication security module is specifically configured to write personalization data and security data corresponding to the SIM card into the chip module, wherein the personalization data includes a unique identification code, the security data includes a certificate and a corresponding key, the corresponding key includes a public key and a private key,
the safety data is used for encrypted connection of the local card configuration management service platform and the chip module;
wherein the local card configuration management module is specifically configured to:
the local card configuration management service platform receives the distribution code data issued by the subscription management data platform, loads and analyzes the issued distribution code data to obtain the card configuration data which is corresponding to the issued distribution code data and is established by the subscription management data platform,
sending the card configuration data to the chip module by the local card configuration management service platform through the encrypted connection,
the card configuration data is created by the subscription management data platform after the mobile operator platform sends a download instruction to the subscription management data platform.
8. A system for SIM card configuration distribution, the system comprising:
the module integration platform is used for integrating a card operating system of the SIM card into the chip module;
the module integration platform is used for writing the security configuration data corresponding to the SIM card into a card operating system of the chip module;
a subscription management data platform for creating card configuration data of the SIM card and assignment code data corresponding to the card configuration data of the SIM card;
the mobile operator platform is used for providing a downloading instruction to the subscription management data platform;
the local card configuration management service platform is used for operating an upper computer and receiving distribution code data sent by the subscription management data platform;
the local card configuration management service platform is used for loading and analyzing the issued distribution code data, writing card configuration data corresponding to the issued distribution code data into and installing the card configuration data to a card operating system of the chip module, wherein the upper computer is arranged on a production line of the chip module;
the module integration platform is specifically configured to write personalized data and security data corresponding to the SIM card into the chip module, wherein the personalized data includes a unique identification code, the security data includes a certificate and a corresponding key, the corresponding key includes a public key and a private key,
the safety data is used for encrypted connection of the local card configuration management service platform and the chip module;
wherein, the local card configuration management service platform receives the distribution code data issued by the subscription management data platform, loads and analyzes the issued distribution code data to obtain the card configuration data which is corresponding to the issued distribution code data and is established by the subscription management data platform,
the local card configuration management service platform sends the card configuration data to the chip module through the encrypted connection,
the card configuration data is created by the subscription management data platform after the mobile operator platform sends the download instruction to the subscription management data platform.
9. The system for SIM card configuration distribution according to claim 8,
the mobile operator platform is used for providing a card merchant certificate in the security configuration data and issuing the card merchant certificate to the module integration platform.
10. The system for SIM card configuration distribution according to claim 8,
the module integration platform is specifically used for self-issuing the unique identification code and the card business eUICC certificate.
11. The system for SIM card configuration distribution according to claim 8,
the local card configuration management service platform is further configured to report an installation result of the card configuration data to the subscription management data platform.
12. The system for SIM card configuration distribution according to claim 8,
the local card configuration management service platform is also used for retrying the downloading or installation of the card configuration data and carrying out queue management on a task queue of the downloading or installation.
13. The system for SIM card configuration distribution of claim 8, further comprising:
and the terminal equipment is integrated with the chip module and used for activating the card configuration data and maintaining the communication between the chip module and the modulation module when the terminal equipment is started.
14. An integrated SIM chip configured by the system of any one of claims 8 to 13, wherein the integrated SIM chip is configured as a card operating system with a SIM card;
the integrated SIM chip comprises: a storage medium written with card configuration data encrypted by a secure key repository and a key of the derived card configuration data;
the card configuration data and the derived key for the card configuration data are obtained from a local card configuration management service platform via a first encrypted connection, wherein,
the local card configuration management service platform receives a key of the card configuration data generated and derived by a key server through a second encryption connection, and forwards a request or a response between a subscription management data platform and the integrated SIM chip through the first encryption connection.
15. An integrated SIM chip configured by the system of any one of claims 8 to 13, wherein the integrated SIM chip is configured as a card operating system with a SIM card;
the card operating system is configured to run in a trusted execution environment of the integrated SIM chip;
the integrated SIM chip comprises: a storage medium in the trusted execution environment;
the storage medium is written with card configuration data of the SIM card, and the card configuration data is acquired from a local card configuration management service platform through a third encrypted connection, wherein the local card configuration management service platform further forwards a request or a response between a subscription management data platform and the integrated SIM chip through the third encrypted connection.
16. An electronic device, comprising:
at least one processor;
a memory coupled to the at least one processor;
wherein the memory stores instructions executable by the at least one processor, the at least one processor implementing the method of any one of claims 1 to 6 by executing the instructions stored by the memory.
17. A computer readable storage medium storing computer instructions which, when executed on a computer, cause the computer to perform the method of any one of claims 1 to 6.
CN202010378164.3A 2020-05-07 2020-05-07 SIM card configuration distribution method and system Active CN111479259B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202010378164.3A CN111479259B (en) 2020-05-07 2020-05-07 SIM card configuration distribution method and system
PCT/CN2020/093991 WO2021223278A1 (en) 2020-05-07 2020-06-02 Sim card configuration distribution method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010378164.3A CN111479259B (en) 2020-05-07 2020-05-07 SIM card configuration distribution method and system

Publications (2)

Publication Number Publication Date
CN111479259A CN111479259A (en) 2020-07-31
CN111479259B true CN111479259B (en) 2021-08-17

Family

ID=71757469

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010378164.3A Active CN111479259B (en) 2020-05-07 2020-05-07 SIM card configuration distribution method and system

Country Status (2)

Country Link
CN (1) CN111479259B (en)
WO (1) WO2021223278A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112202931B (en) * 2020-12-04 2021-09-07 深圳杰睿联科技有限公司 Method and equipment for implanting SIM information into narrow-band Internet of things equipment
CN114501535A (en) * 2021-11-29 2022-05-13 北京握奇智能科技有限公司 Flow management method and system for high-quality network connection terminal
CN114786168B (en) * 2021-12-10 2023-10-20 国网电力科学研究院有限公司 Encryption ESIM module and 5G module suitable for power business
CN114258012A (en) * 2021-12-16 2022-03-29 武汉天喻信息产业股份有限公司 ESIM number prefabricating method, ESIM virtual system, ESIM virtual equipment and storage medium
CN114363880A (en) * 2021-12-28 2022-04-15 武汉天喻信息产业股份有限公司 eSIM card multi-number management method, device, equipment and readable storage medium

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108702386A (en) * 2017-06-14 2018-10-23 华为技术有限公司 A kind of management method and device of universal embedded integrated circuit card configuration file
CN109819434A (en) * 2019-01-11 2019-05-28 深圳市斯凯荣科技有限公司 A kind of card cell system and control method based on eSIM

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674303B (en) * 2009-07-31 2012-08-22 厦门敏讯信息技术股份有限公司 Embedded network product programming equipment and method thereof
KR102164447B1 (en) * 2012-11-19 2020-10-13 삼성전자주식회사 Method for managing profiles in subscriber identidy module embedded in user terminal and apparatus using the method
KR102160597B1 (en) * 2014-07-17 2020-09-28 삼성전자 주식회사 Method and apparatus for provisioning profile of embedded universal integrated circuit card
CN105678179B (en) * 2014-11-20 2018-11-13 广东华大互联网股份有限公司 A kind of IC card internet terminal distributing method and management system
CN108605222A (en) * 2015-06-03 2018-09-28 德国电信股份公司 Method, the system for being used for transmission supplemental characteristic, telecommunication terminal equipment, computer program and the computer program product for being used for transmission supplemental characteristic for the configured transmission data between telecommunication network and telecommunication terminal equipment and for activating and/or changing and/or deactivate the communication configuration file for limiting or indicating by supplemental characteristic on telecommunication terminal equipment
CN105530107B (en) * 2015-12-03 2018-10-16 中国联合网络通信集团有限公司 Batch account-opening method based on eUICC and platform
EP3629610B1 (en) * 2017-06-14 2021-07-14 Huawei Technologies Co., Ltd. Method and apparatus for managing embedded universal integrated circuit card configuration file
US10863494B2 (en) * 2018-01-22 2020-12-08 Apple Inc. Control signaling for uplink multiple input multiple output, channel state information reference signal configuration and sounding reference signal configuration
CN110324808A (en) * 2018-03-30 2019-10-11 中兴通讯股份有限公司 Switching method, device and the mobile terminal of configuration file
CN109089256A (en) * 2018-08-27 2018-12-25 深圳杰睿联科技有限公司 Connection management system, user terminal and the application program of electronics SIM card terminal
CN109151805B (en) * 2018-09-21 2021-07-20 中国联合网络通信集团有限公司 eSIM card configuration method and system based on Internet of things
CN109754033A (en) * 2018-12-26 2019-05-14 航天信息股份有限公司 Smart card device issuance system and method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108702386A (en) * 2017-06-14 2018-10-23 华为技术有限公司 A kind of management method and device of universal embedded integrated circuit card configuration file
CN109819434A (en) * 2019-01-11 2019-05-28 深圳市斯凯荣科技有限公司 A kind of card cell system and control method based on eSIM

Also Published As

Publication number Publication date
WO2021223278A1 (en) 2021-11-11
CN111479259A (en) 2020-07-31

Similar Documents

Publication Publication Date Title
CN111479259B (en) SIM card configuration distribution method and system
CN111935704B (en) Profile downloading method, device and equipment
US9037857B2 (en) System and method for downloading application
US8914489B2 (en) Method of personalizing an application embedded in a secured electronic token
CN110352605B (en) Method for adding authentication algorithm program, related equipment and system
US6915124B1 (en) Method and apparatus for executing secure data transfer in a wireless network
US10057759B2 (en) Method for personalising a secure element
KR101701668B1 (en) Method for accessing a service, corresponding device and system
US8521084B2 (en) Methods, systems and arrangements for wireless communication with near-field communication terminals
CN103455349A (en) Method and device for accessing intelligent card by application program
EP2712220A1 (en) Telecom smart card, air writing card system and air writing card method
CN107318098A (en) A kind of terminal control method, SIM cards, communication module and terminal
WO2014012468A1 (en) Data configuration method, apparatus and system for universal integrated circuit card, computer program and storage medium
KR20130006257A (en) Method for managing key of embedded sim, embedded sim and recording medium for the same
WO2018076922A1 (en) System and method for enabling mobile terminal of single imsi multiple msisdn to be concurrently online
US20220253830A1 (en) Method and system for managing virtual electronic card, secure chip, terminal and storage medium
CN102547661B (en) Method and device for establishing communication between Android system and telecommunications smart card
CN103841552A (en) Method and system for carrying out aerial card writing through mobile terminal and card reader
US11956638B2 (en) Method for remote provisioning of software modules in integrated circuit cards, corresponding apparatus and computer program product
CN110636491A (en) Service-oriented trusted execution module and communication method
CN103077078A (en) Method of defining state transitions in a software and application control management object
EP3486827A1 (en) "window-of-time" encryption session key transference
CN111556015B (en) Embedded user identification card development platform and embedded user identification card configuration method
CN112105020B (en) Cloud SDK system of film sticking card and operation method thereof
CN114915961B (en) Data communication method and device and Internet of things equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant