CN113557754A - Method and apparatus for changing EUICC terminal - Google Patents

Abstract

The present disclosure relates to a communication method and system for merging a fifth generation (5G) communication system for supporting higher data rates than a fourth generation (4G) system with internet of things (IoT) technology. The present disclosure may be applied to smart services based on 5G communication technologies and IoT related technologies, such as smart homes, smart buildings, smart cities, smart cars, networked cars, healthcare, digital education, smart retail, security, and security services. According to an embodiment of the present invention, there is provided a method including the steps of: receiving a first control signal transmitted from a base station; processing the received first control signal; and transmitting a second control signal generated based on the processing to the base station. Further, according to one embodiment, disclosed are a method and apparatus for reinstalling a profile when changing an eUICC terminal, and a terminal for managing a profile for network connection by using an eUICC in a wireless communication system, the terminal including: a transmission/reception unit and at least one processor for controlling the terminal so as to receive a movement request of a profile from a user, confirm profile movement information, transmit a message for requesting an activation code to the profile server, receive the activation code and a profile deletion need from the profile server, delete the profile, transmit a deletion result of the profile to the profile server, deliver the activation code to another terminal, receive the activation code from another terminal, transmit a message for requesting the profile to the profile server by using the activation code, receive a profile package from the profile server, and install the profile package.

Description

Method and apparatus for changing EUICC terminal

Technical Field

The present disclosure relates to a method and apparatus for installing and managing an eUICC profile.

Background

In order to meet the increased demand for wireless data traffic since the deployment of 4G communication systems, efforts have been made to develop improved 5G or quasi-5G communication systems. Accordingly, the 5G or quasi-5G communication system is also referred to as a "super 4G network" or a "post-LTE system". The 5G communication system is considered to be implemented in a higher frequency (mmWave) band (e.g., 60GHz band) in order to achieve a higher data rate. In order to reduce propagation loss of radio waves and increase transmission distance, beamforming, massive Multiple Input Multiple Output (MIMO), full-dimensional MIMO (FD-MIMO), array antenna, analog beamforming, massive antenna techniques are discussed in the 5G communication system. Further, in the 5G communication system, development of system network improvement is being performed based on advanced small cells, cloud Radio Access Network (RAN), ultra dense network, device-to-device (D2D) communication, wireless backhaul, mobile network, cooperative communication, coordinated multipoint (CoMP), receiving side interference cancellation, and the like. In 5G systems, hybrid FSK and QAM modulation (FQAM) and Sliding Window Superposition Coding (SWSC) have been developed as Advanced Coding Modulation (ACM), and filter bank multi-carrier (FBMC), non-orthogonal multiple access (NOMA), and Sparse Code Multiple Access (SCMA) as advanced access techniques.

The internet is now evolving as an internet of things (IoT) as a human-centric connected network of human-generated and-consumed information, in which distributed entities such as things exchange and process information without human intervention. Internet of everything (IoE) has emerged as a combination of IoT technology and big data processing technology through connection with a cloud server. Since IoT implementations have necessitated technical elements such as "sensing technology", "wired/wireless communication and network infrastructure", "service interface technology", and "security technology", sensor networks, machine-to-machine (M2M) communication, Machine Type Communication (MTC), etc. have been recently studied. Such IoT environments can provide intelligent internet technology services that create new value for human life by collecting and analyzing data generated between connected things. Through the convergence and combination between existing Information Technology (IT) and various industrial applications, IoT may be applied in various fields, including smart homes, smart buildings, smart cities, smart cars or networked cars, smart grids, healthcare, smart homes, and advanced medical services.

In line with this, various attempts have been made to apply the 5G communication system to the IoT network. For example, technologies such as sensor networks, Machine Type Communication (MTC), and machine-to-machine (M2M) communication may be implemented through beamforming, MIMO, and array antennas. The application of cloud Radio Access Networks (RANs) as the big data processing technology described above can also be considered as an example of the convergence between 5G technology and IoT technology.

As described above, since various services can be provided with the development of mobile communication systems, there is a need for a scheme capable of efficiently providing such services.

A "Universal Integrated Circuit Card (UICC)" is a smart card used by being inserted into a mobile communication terminal or the like, and is also called a UICC card. The UICC may comprise an access control module for enabling the terminal to access the network of the mobile operator. Examples of such access control modules include a Universal Subscriber Identity Module (USIM), a Subscriber Identity Module (SIM), an IP multimedia services identity module (ISIM), and the like. A UICC including a USIM is generally called a USIM card. Likewise, a UICC including a SIM is commonly referred to as a SIM card.

A UICC card fixed to a terminal and used in the UICC card is called an embedded UICC (euicc). Generally, the eUICC refers to a UICC card that is fixed to a terminal and used, and can remotely download and select a SIM module. Furthermore, the downloaded SIM module information is commonly referred to as an eUICC profile or more simply a profile.

Disclosure of Invention

[ problem ] to provide a method for producing a semiconductor device

The present disclosure is directed to efficiently providing services in a mobile communication system.

According to embodiments disclosed in the present disclosure, a method and apparatus for selecting a communication service in a communication system and connecting to a network by a terminal may be provided.

According to embodiments disclosed in the present disclosure, a method and apparatus for downloading, installing, and managing a profile for connecting to a network online by a terminal in a communication system may be provided.

According to the embodiments disclosed in the present disclosure, a method and apparatus for efficiently downloading, by a terminal, a profile installed in another terminal for reconnection to a network in a communication system may be provided.

[ problem solution ] to provide a solution for the above problems

The technical objects to be achieved in the embodiments of the present disclosure are not limited to the above technical objects, and other technical objects not described above may be clearly understood from the following description by a person having ordinary knowledge in the art to which the present disclosure pertains.

In the present disclosure, a method performed by a server in a wireless communication system, includes: receiving a request from a first terminal to deliver a first profile; identifying a likelihood of delivery of the first profile based on the received request to deliver the first profile; and sending the activation code of the second profile to the first terminal.

In some examples, the method further includes receiving a message from the service provider for setting a policy related to the request to deliver the first profile from the first terminal.

In some examples, the method further comprises: sending information to a service provider indicating that a request to deliver a first profile has been received from a first terminal; receiving a first message from a service provider, the first message including information to be noted by a user determined based on a delivery policy for a first profile; and sending the first message to the first terminal.

In some examples, the method further comprises: receiving a second message from the user, the second message including information regarding whether delivery of the first profile determined based on the first message is permitted; sending a third message to the service provider, the third message including information regarding whether delivery of the first profile is permitted based on the second message; and receiving a fourth message associated with the second profile.

In some examples, the method further comprises: receiving a request from the second terminal to download the second profile; transmitting a fifth message to the second terminal, the fifth message including information about the second profile and information to be noticed by the user; receiving a request for information on whether to permit downloading of the second profile and the profile package based on the fifth message from the second terminal; and transmitting the profile packet to the second terminal.

In another example of the present disclosure, a method of a first terminal in a wireless communication system includes: receiving a request from a user to deliver a first profile; sending a message requesting an activation code to a server based on a request to deliver a first profile; and receiving an activation code for the second profile from the server, wherein the activation code for the second profile is determined based on the server and the service provider.

In some examples, the method further includes transmitting the activation code of the second profile to the second terminal. The activation code is marked as a QR code.

In some examples, the method further includes disabling the first profile, and sending the disabling result to the server.

In yet another example of the present disclosure, a server includes: the transceiver is capable of transmitting and receiving at least one signal; and a controller coupled to the transceiver. The controller is configured to: receiving a request from a first terminal to deliver a first profile; identifying a likelihood of delivery of the first profile based on the received request to deliver the first profile; and sending the activation code of the second profile to the first terminal.

In yet another example of the present disclosure, a first terminal includes: a transceiver capable of transmitting and receiving at least one signal; and a controller coupled to the transceiver. The controller is configured to: receiving a request from a user to deliver a first profile; sending a message to a server requesting an activation code based on a request to deliver the first profile; and receiving the activation code for the second profile from the server. The activation code of the second profile is determined based on the server and the service provider.

Further, a terminal for managing a profile for connecting to a network by using an embedded universal integrated circuit card (eUICC) in a wireless communication system according to an embodiment of the present disclosure may include: a transceiver; and at least one processor controlling the terminal to receive a request for delivery of a profile from a user, confirm profile delivery information, send a message requesting an activation code to the profile server, receive the activation code from the profile server and whether it is necessary to delete the profile, send the result of deleting the profile to the profile server, deliver the activation code to another terminal, receive the activation code from the another terminal, receive a profile package from the profile server and install the profile package by sending a message requesting the profile to the profile server using the activation code.

In the wireless communication system according to the embodiment, the profile server providing the terminal with the profile for the network connection may include: a transceiver; and at least one processor controlling the profile server to receive a request message for delivering the profile from the terminal, identify whether the profile is deliverable, generate an activation code based on which the profile or a new profile is downloadable, set a state of the profile to a download impossible state when the delivery of the profile is possible, set a state of the new profile to a downloadable state when the delivery of the profile is impossible, transmit a message including the activation code and whether it is necessary to delete the profile to the terminal, receive a result of deleting the profile from the terminal, change the state of the profile to the downloadable state, receive a profile download request message from the terminal, identify whether the state of the profile is the downloadable state, transmit a profile package to the terminal when the state of the profile is the downloadable state, and transmit an error code when the state of the profile is the download impossible state.

[ advantageous effects of the invention ]

According to the embodiments of the present disclosure, a service can be efficiently provided in a mobile communication system.

According to an embodiment of the present disclosure, in a communication system, when a terminal attempts to re-install a profile installed in the terminal in another terminal, the terminal may have an activation code necessary for re-installing the profile, which is re-issued by a profile server, or extract the activation code necessary for re-installing the profile from information stored in the terminal or the profile, may first delete the profile to be delivered, if necessary, and may transfer the activation code to another terminal. The other terminal can effectively download the profile from the profile server and install the profile.

According to an embodiment of the present disclosure, in a communication system, when a profile server receives a request from a terminal to reinstall a profile installed in the terminal in another terminal, the profile server can prevent copying of the profile and securely process a profile download by: requesting the terminal to delete a profile by setting a state of the profile to a download impossible state when the profile can be reused, preparing another profile by setting a state of the another profile to a downloadable state when the profile cannot be reused, generating an activation code based on which the prepared profile can be downloaded, and changing the state of the profile to a downloadable state if the terminal has deleted the profile.

Drawings

Fig. 1 is a diagram illustrating a method of connecting to a mobile communication network by a terminal according to an embodiment of the present disclosure by using a Universal Integrated Circuit Card (UICC) on which a fixed profile has been installed.

Fig. 2 is a diagram illustrating a configuration of a system in which a terminal manages a profile installed in a first terminal and installs the profile in a second terminal in response to an input of a user according to an embodiment of the present disclosure.

Fig. 3A is a diagram illustrating a process of receiving an activation code through a profile server by a first terminal and downloading a new profile by transferring the activation code to a second terminal according to an embodiment of the present disclosure.

Fig. 3B is a diagram illustrating another process of receiving an activation code through a profile server by a first terminal and downloading a new profile by communicating the activation code to a second terminal according to an embodiment of the present disclosure.

Fig. 4A is a diagram illustrating a process of receiving an activation code through a profile server by a first terminal according to an embodiment of the present disclosure and downloading the same profile again by transferring the activation code to a second terminal.

Fig. 4B is a diagram illustrating another process of receiving an activation code through a profile server by a first terminal according to an embodiment of the present disclosure and downloading the same profile again by transferring the activation code to a second terminal.

Fig. 4C is a diagram illustrating yet another process of receiving an activation code through a profile server by a first terminal according to an embodiment of the present disclosure and downloading the same profile again by transferring the activation code to a second terminal.

Fig. 4D is a diagram illustrating yet another process of receiving an activation code through a profile server by a first terminal according to an embodiment of the present disclosure and downloading the same profile again by transferring the activation code to a second terminal.

Fig. 5 is a diagram illustrating a procedure for downloading a new profile by a first terminal according to an embodiment of the present disclosure by transmitting an activation code stored in the first terminal to a second terminal.

Fig. 6 is a diagram illustrating a procedure of downloading the same profile again by the first terminal according to an embodiment of the present disclosure by transmitting an activation code stored in the first terminal to the second terminal.

Fig. 7A is a flowchart illustrating an operation procedure of a first terminal according to an embodiment of the present disclosure.

Fig. 7B is a flowchart illustrating an operation procedure of the second terminal according to an embodiment of the present disclosure.

Fig. 8 is a flowchart illustrating an operational procedure of a profile server according to an embodiment of the present disclosure.

Fig. 9 is a block diagram illustrating elements of a terminal according to an embodiment of the present disclosure.

FIG. 10 is a block diagram illustrating elements of a profile server according to an embodiment of the present disclosure.

Detailed Description

Hereinafter, embodiments of the present disclosure are described in detail with reference to the accompanying drawings.

In describing the embodiments, descriptions of technical contents that are well known in the art to which the present disclosure pertains and that are not directly related to the present disclosure are omitted so as to clearly convey the subject matter of the present disclosure without obscuring the subject matter of the present disclosure by omitting unnecessary descriptions.

For the same reason, in the drawings, some elements are enlarged, omitted, or schematically depicted. Furthermore, the size of each element does not accurately reflect its true size. In the drawings, the same or similar elements are assigned the same reference numerals.

Advantages and features of the present disclosure and methods for achieving the same will become apparent from the detailed description of embodiments taken in conjunction with the accompanying drawings. However, the present disclosure is not limited to the disclosed embodiments, but may be embodied in various different forms. The examples are provided solely for the purpose of carrying out the disclosure and to fully inform those of ordinary skill in the art to which the disclosure pertains of the class of the disclosure. The present disclosure is defined by the category of claims. Like reference numerals refer to like elements throughout the specification.

In the present disclosure, it will be understood that each block of the flowchart illustrations, and combinations of blocks in the flowchart illustrations, can be implemented by computer program instructions. These computer program instructions may be loaded onto a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart block or blocks. These computer program instructions may also be stored in a computer-usable or computer-readable storage medium that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-usable or computer-readable storage medium produce an article of manufacture including instruction means that implement the function specified in the flowchart block or blocks. The computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart block or blocks.

Further, each block of the flowchart illustrations may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the blocks may occur out of the order. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.

The term "unit" as used in the present embodiment means a software or hardware component such as an FPGA or an ASIC, and the "unit" performs a specific task. However, the term "unit" does not mean that it is limited to software or hardware. A "unit" may advantageously be configured to reside on the addressable storage medium and configured to operate on one or more processors. Thus, a "unit" may include, for example, components (such as software components, object-oriented software components, class components, and task components), procedures, functions, attributes, procedures, subroutines, segments of program code, drivers, firmware, microcode, circuitry, data, databases, data structures, tables, arrays, and variables. The functionality provided for in the components and units may be combined into fewer components and units or may be further separated into additional components and units. Further, components and "units" may be implemented to operate on one or more CPUs within a device or secure multimedia card.

Specific terms used in the embodiments of the present disclosure are provided to aid understanding of the present disclosure. The use of such specific terms may be changed to another form without departing from the technical spirit of the present disclosure.

In the present disclosure, a "Universal Integrated Circuit Card (UICC)" is a smart card used by being inserted into a mobile communication terminal or the like, and is also referred to as a UICC card.

The UICC refers to a chip in which personal information of a mobile communication subscriber, such as network access authentication information, a phone directory or SMS, is stored, which enables secure use of mobile communication by generating a subscriber authentication and traffic security key when accessing a mobile communication network, such as GSM, WCDMA, LTE, etc.

The UICC may comprise a communication application or access control module for enabling the terminal to access the network of the mobile operator. Examples of such communication applications or access control modules include Universal Subscriber Identity Modules (USIMs), Subscriber Identity Modules (SIMs), IP multimedia services identity modules (ISIMs), and the like. In addition, the UICC may provide a security function having a higher level for installing various applications such as an electronic wallet, a ticket, or an electronic password.

A UICC including a USIM is generally called a USIM card. Likewise, a UICC comprising a SIM module is commonly referred to as a SIM card.

In the present disclosure, "SIM card", "UICC card", "USIM card", and "UICC including ISIM" may be used as the same meaning. That is, the contents of the present disclosure may be equally applied to a SIM card, USIM card, ISIM card, or public UICC card.

The SIM card stores personal information of a mobile communication subscriber and enables secure use of mobile communication by generating user authentication and traffic security keys when accessing a mobile communication network.

Generally, in response to a request from a specific mobile operator, a SIM card is manufactured as a dedicated card for the corresponding operator and is distributed with authentication information (e.g., a Universal Subscriber Identity Module (USIM) application, an International Mobile Subscriber Identity (IMSI), a K value, an OPc value, etc.) for the corresponding operator to connect to a network. Thus, the SIM card is provided to the mobile operator and to the subscriber. Thereafter, if necessary, the mobile service provider can perform management of applications within the UICC, such as installation, modification, deletion, etc., by using techniques such as over-the-air (OTA). The subscriber can use application services and a network of a mobile operator by inserting the UICC card into an owned mobile communication terminal, and can use authentication information, a mobile communication phone number, a personal phone directory, etc. stored in the UICC card in a new terminal without any change by delivering the UICC card from an existing terminal and inserting the UICC card into the new terminal when replacing the terminal.

However, the SIM card makes the mobile communication terminal user feel inconvenient when receiving a service from another mobile operator. A mobile communication terminal user feels inconvenience because he or she has to physically obtain a SIM card in order to receive services from a mobile service provider. For example, when traveling another country, the user feels inconvenient because he or she has to obtain a local SIM card in order to receive local mobile communication services. The roaming service solves such inconvenience to some extent, but has problems in that it is relatively expensive and the roaming service cannot be provided if there is no contract between carriers.

This inconvenience can be greatly solved if the SIM module is downloaded and installed in the UICC card remotely. That is, the user can download the SIM module to be used at a desired occasion to the UICC card. In such a UICC card, a method of downloading and installing a plurality of SIM modules and selecting only one of the SIM modules may be used. Such a UICC card may or may not be fixed to the terminal. In particular, a UICC used by being fixed to a terminal is called an embedded UICC (euicc). Generally, the eUICC refers to a UICC card that can be used by being fixed to a terminal, and a SIM module that can be remotely downloaded to the UICC card and can be selected for download therein. In the present disclosure, a UICC card to which a SIM module can be remotely downloaded and in which the downloaded SIM module can be selected is referred to as an eUICC. That is, a UICC card fixed or unfixed to a terminal among UICC cards to which a SIM module can be remotely downloaded and in which the downloaded SIM module can be selected is generally used as the eUICC. Furthermore, the downloaded SIM module information is often used as a term called eUICC profile or more simply profile.

In the present disclosure, an "embedded uicc" (eUICC) is a secure module in the form of a chip that is inserted into a terminal, not a detachable type in which the eUICC can be inserted into and detached from the terminal. The profile can be downloaded and installed in the eUICC by using over-the-air (OTA) techniques. The eUICC may be named a UICC where a profile can be downloaded and installed.

In the present disclosure, the method of downloading and installing a profile in an eUICC by using OTA technology can also be applied to a detachable-type UICC that can be inserted into and detached from a terminal. That is, embodiments of the present disclosure may be applied to UICCs in which profiles can be downloaded and installed using OTA technology.

In this disclosure, "UICC" may be used interchangeably with "SIM", and "eUICC" may be used interchangeably with "eSIM".

In the present disclosure, a "profile" may mean that an application, a file system, an authentication key value, etc. stored in the UICC are packaged in software.

In the present disclosure, "USIM profile" may have the same meaning as "profile" or may mean that information included in the USIM application within the profile is packaged in software.

In the present disclosure, the operation of enabling a profile by a terminal may mean an operation of enabling a terminal to set a state of a profile by changing a state of the profile to an enabled state so that the terminal can receive a communication service through a mobile operator providing the corresponding profile. A profile in an enabled state may be denoted as an "enabled profile".

In the present disclosure, the operation of disabling a profile by a terminal may mean an operation of setting a state of a profile by the terminal by changing the state of the profile to a disabled state such that the terminal cannot receive a communication service through a mobile operator providing the corresponding profile. A profile in the disabled state may be denoted as a "disabled profile".

In the present disclosure, the operation of deleting a profile by the terminal may mean an operation of setting a state of a profile by the terminal by changing the state of the profile to a deletion state such that the terminal is no longer able to enable or disable the corresponding profile. A profile in a deleted state may be denoted as a "delete profile".

In the present disclosure, the operation of enabling, disabling or deleting a profile by a terminal may mean the following operations: the state of each profile is first marked as a to-be-enabled state, a to-be-disabled state, or a to-be-deleted state without immediately changing the state of each profile to an enabled state, a disabled state, or a deleted state, a specific operation is performed by the terminal or the UICC of the terminal (e.g., a refresh or reset command is performed), and then the state of each profile is changed to an enabled state, a disabled state, or a deleted state. Marking the state of a particular profile as pending (i.e., a pending state, a pending disabled state, or a pending delete state) is basically not limited to marking one pending state for one profile. The states of one or more profiles may be labeled as the same or different pending states, the state of one profile may be labeled as one or more pending states, or the states of one or more profiles may be labeled as the same or different one or more pending states.

In addition, if the terminal marks one or more pending states (to-be states) for a given profile, the two pending states marked may be merged into one state. For example, if the state of a given profile is marked as a to-be-disabled state and a to-be-deleted state, the to-be-disabled state and the to-be-deleted state of the respective profile may be integrated and marked as a to-be-disabled or to-be-deleted state.

Furthermore, the marking of the state of one or more profiles as pending by the terminal may be performed sequentially or simultaneously. Further, the operations of marking the state of one or more profiles as pending and then changing the actual state of the profiles by the terminal may be performed sequentially or simultaneously.

In the present disclosure, the "profile provisioning server" may include a function for generating a profile, an encrypted generated profile, generating a profile remote management command, or an encrypted generated profile remote management command. The profile provisioning server may represent a subscription manager data preparation (SM-DP), a subscription manager data preparation boost (SM-DP +), a card-off entity of a profile domain, a profile encryption server, a profile generation server, a Profile Provider (PP), a profile provider, or a Profile Provisioning Credential (PPC) holder.

In the present disclosure, a "profile management server" may include a function for managing profiles. The profile management server may be represented as a subscription manager secure route (SM-SR), a subscription manager secure route strength (SM-SR +), an off-card entity of the eUICC profile manager, a Profile Management Credential (PMC) holder, an EUICC Manager (EM), a profile manager (PP), etc.

In the present disclosure, the profile provisioning server may represent a combination of functions of the profile management server. Thus, in various embodiments of the present disclosure, the operation of the profile provisioning server may be performed in the profile management server. Also, the operation of the profile management server or the SM-SR may be performed in the profile provisioning server.

In the present disclosure, the "discovery relay server" may be represented as a subscription manager discovery service (SM-DS), a Discovery Service (DS), a root discovery relay server (root SM-DS), an alternative discovery relay server (alternative SM-DS). The discovery relay server may receive an event registration request (or a registration event request) from one or more profile provisioning servers or discovery relay servers. Furthermore, one or more discovery relay servers may be used complicatedly. In this case, the first discovery relay server may receive an event registration request from the second discovery relay server in addition to the profile provisioning server.

In the present disclosure, the profile provisioning server and the discovery relay server may be used as names called "Remote SIM Provisioning (RSP) server". The RSP server may be denoted as subscription manager XX (SM-XX).

In the present disclosure, a "terminal" may be denoted as a Mobile Station (MS), a User Equipment (UE), a User Terminal (UT), a radio terminal, an Access Terminal (AT), a terminal, a subscriber unit, a Subscriber Station (SS), a wireless device, a wireless communication device, a wireless transmit/receive unit (WTRU), a mobile node, a mobile device, or other terminology. In embodiments, the terminal may include a cellular phone, a smart phone having a wireless communication function, a Portable Digital Assistant (PDA) having a wireless communication function, a wireless modem, a portable computer having a wireless communication function, a photographing device such as a digital camera having a wireless communication function, a gaming device having a wireless communication function, a music storage and playback home appliance having a wireless communication function, an internet home appliance capable of wireless internet access and browsing, and may further include a portable unit or terminal that integrates a combination of these functions. Further, the terminal may include a machine-to-machine (M2M) terminal, a Machine Type Communication (MTC) terminal/device, but the present disclosure is not limited thereto. In the present disclosure, a terminal may also be denoted as an electronic device.

In the present disclosure, a UICC in which a profile can be downloaded and installed may be embedded in an "electronic device". If the UICC is not embedded in the electronic device, the UICC may be inserted into and coupled to the electronic device physically separate from the electronic device. For example, the UICC may be inserted into the electronic device in the form of a card. The electronic device may comprise a terminal. In this case, the terminal may be a terminal including a UICC in which the profile can be downloaded and installed. If the UICC can be embedded in the terminal and UICC are separate, the UICC can be inserted into the terminal and can be inserted into and coupled to the terminal. For example, a UICC in which a profile can be downloaded and installed may be denoted as an eUICC.

In the present disclosure, a terminal or an electronic device may include software or an application installed in the terminal or the electronic device in order to control the UICC or the eUICC. For example, software or applications installed in a terminal or electronic device to control a UICC or eUICC can be denoted as Local Profile Assistant (LPA).

In the present disclosure, a "profile delimiter" may be represented as a factor that matches a profile ID, integrated circuit card ID (iccid), matching ID, event ID, activation code token, command code token, signed command code, unsigned command code, ISD-P, or profile field (PD). The profile ID may indicate a unique ID for each profile. The profile delimiter may also include the address of the profile provisioning server (SM-DP +) capable of indexing the profile. The profile delimiter may also include a signature of the profile provisioning server (SM-DP +).

In the present disclosure, the "eUICC ID" may be a unique ID of the eUICC embedded in the terminal, and may be denoted as EID. Further, if the provisioning profile was previously installed on the eUICC, the eUICC ID can be the ID of the corresponding provisioning profile. Further, in an embodiment of the present disclosure, the eUICC ID may be a terminal ID if the terminal and the eUICC chip are not separated. Further, the eUICC ID can represent a particular security domain of the eUICC chip.

In this disclosure, a "profile container" may be named a profile domain. The profile container may be a security domain.

In the present disclosure, an "Application Protocol Data Unit (APDU))" may be a message for enabling the terminal to operate in conjunction with the eUICC. Further, the APDU may be a message for enabling a Profile Provider (PP) or a Profile Manager (PM) to operate in conjunction with the eUICC.

In this disclosure, "Profile Provisioning Credentials (PPC)" may be a means for mutual authentication and profile encryption and signing between the profile provisioning server and the eUICC. The PPC may include one or more of a symmetric key, a Rivest Shamir Adleman (RSA) certificate and private key, an Elliptic Curve Cryptography (ECC) certificate and private key, a root Certificate Authority (CA), and a certificate chain. Furthermore, if there are multiple profile provisioning servers, different PPCs may be stored or used in the eUICC by the multiple profile provisioning servers.

In this disclosure, "Profile Management Credential (PMC)" may be a means for mutual authentication and transmission data encryption and signing between the profile management server and the eUICC. The PMC may include one or more of a symmetric key, an RSA certificate and private key, an ECC certificate and private key, a root CA, and a certificate chain. Furthermore, if there are multiple profile management servers, different PMCs may be stored or used in the eUICC by the multiple profile management servers.

In this disclosure, "AID" may be an application identifier. This value may be a delimiter used to distinguish different applications within the eUICC.

In this disclosure, an "event" may be a term that generally refers to a profile download, remote profile management, or other profile or eUICC management/processing command. The event may be named a remote SIM provisioning operation, an RSP operation, or an event record. Each event may be represented as data comprising at least one of: a corresponding event identifier (event ID ) or matching identifier (matching ID ), an address (FQDN, IP address or URL) of a profile provisioning server (SM-DP +) or discovery relay server (SM-DS) storing the corresponding event, a signature of the profile provisioning server (SM-DP +) or discovery relay server (SM-DS), or a digital certificate of the profile provisioning server (SM-DP +) or discovery relay server (SM-DS).

Data corresponding to an event may be represented as a "command code". Some or the entire process using the command code may be denoted as "command code processing process" or "command code process" or "Local Profile Assistant Application Programming Interface (LPAAPI)". Profile download may be used interchangeably with profile installation.

Further, "event type" may be used as a term indicating whether a particular event is a profile download or remote profile management (e.g., delete, enable, disable, replace, update, etc.) or a profile or eUICC management/processing command, and may be named as an operation type (or OperationType), an operation category (or OperationClass), an event request type, an event category, an event request category. The path for the terminal to acquire a given event identifier (EventID or MatchingID) or a usage destination (EventID source or MatchingID source) of the corresponding event identifier may be specified in the corresponding event identifier (EventID or MatchingID).

In the present disclosure, "profile package" may be used interchangeably with profile, or may be used as a term for a data object indicating a specific profile, and may be named as a profile TLV or a profile package TLV. If the profile packet has been encrypted using encryption parameters, the profile packet may be named Protected Profile Packet (PPP) or protected profile packet TLV (PPP TLV). The profile packet may be named Bound Profile Packet (BPP) or bound profile packet tlv (BPP tlv) if it has been encrypted using encryption parameters that can only be decoded using a particular eUICC. The profile packet TLV may be a data set that represents information constituting a profile in a tag, length, value (TLV) format.

In the present disclosure, "Local Profile Management (LPM)" may be named profile local management, local management command, local profile management packet (LPM packet), profile local management packet, local management command packet, or local command packet. The LPM may be used to change the state of a specific profile (enable, disable, delete) and update the contents of the specific profile (e.g., a nickname of the profile (profile nickname) or profile summary information (profile metadata) etc.) through software or the like installed in the terminal. The LPM may include one or more local management commands. In this case, the profile (i.e., the subject of each local management command) may be the same or different for each local management command.

In the present disclosure, "Remote Profile Management (RPM)" may be named profile remote management, remote management command, remote profile management packet (RPM packet), profile remote management packet, remote management command packet, or remote command packet. The RPM may be used to change the state of a particular profile (enable, disable, delete) or update the content of a particular profile (e.g., the profile's nickname (profile nickname) or profile summary information (profile metadata), etc.). The RPM may include one or more remote management commands. In this case, the profile (i.e., the subject of each remote management command) may be the same or different for each remote management command.

In the present disclosure, a "certificate" or a "digital certificate" may indicate a digital certificate for mutual authentication based on an asymmetric key composed of a pair of a Public Key (PK) and a Secret Key (SK). Each certificate may include one or more Public Keys (PKs), a public key ID (pkid) corresponding to each public key, an identifier of a Certificate Issuer (CI) issuing the corresponding certificate (certificate issuer ID), and a digital signature.

Further, a "certificate issuer" may be named a certificate issuer, a Certificate Authority (CA), a certificate authority, or the like.

In the present disclosure, "Public Key (PK)" and "public key id (pkid)" may be used interchangeably as the same meaning of representing a storage space in which a specific public key or a certificate including the corresponding public key, a part of the specific public key or a part of the certificate including the corresponding public key, a value (e.g., a hash value) of an operation result of the specific public key or a value (e.g., a hash value) of an operation result of the certificate including the corresponding public key, or a value (e.g., a hash value) of an operation result of a part of the specific public key or a value (e.g., a hash value) of an operation result of a part of the certificate including the corresponding public key, or data is stored.

In the present disclosure, if a certificate issued by one certificate issuer (a primary certificate) is used to issue another certificate (a secondary certificate), or a secondary certificate is used to connectively issue a third or more certificates, the correlation between the respective certificates may be named certificate chain or certificate hierarchy. In this case, the CI certificate used to issue the first certificate may be named root of certificate, highest certificate, root CI certificate, root CA certificate, etc.

In the present disclosure, the "mobile service provider" may indicate a company that provides communication services to a terminal, and may generally represent all of a Business Support System (BSS), an Operation Support System (OSS), a point of sale (POS) terminal, and other IT systems of the service provider. Further, in the present disclosure, a service provider is not limited to representing only a specific company providing a communication service, and may be used as a term representing a group or association (or alliance) of one or more companies and/or a representative representation of the corresponding group or association. Further, in the present disclosure, the service provider may be named an operator (or OP), a Mobile Network Operator (MNO), a Mobile Virtual Network Operator (MVNO), a Service Provider (SP), a Profile Owner (PO), and the like. At least one of a name and/or a unique ID (object identifier: OID) of the provider may be set or assigned to each service provider. If the service provider represents a group or association or representative of one or more companies, the name or unique ID of a given group or association or representative may be a name or unique ID shared by all companies belonging to the respective group or association and/or all companies cooperating with the respective representative.

In this disclosure, "AKA" may indicate authentication and key agreement, and may indicate an authentication algorithm for accessing 3GPP and 3GPP2 networks.

In this disclosure, "K" may be an encryption key value stored in the eUICC used in the AKA authentication algorithm.

In this disclosure, "OPc" is a parameter value that can be stored in the eUICC used in the AKA authentication algorithm.

In this disclosure, a "NAA" is a network access application and may be an application stored in the UICC and used to access the network, such as a USIM or ISIM. The NAA may be a network access module.

In the present disclosure, an "indicator" may be used to indicate that a given function, setting, or operation is or is not necessary, or may be used to indicate the corresponding function, setting, or operation itself. Further, in the present disclosure, the indicator may be represented in various forms, such as a character string, an alphanumeric string, an operator indicating true/false (boolean-true or false), a bitmap, an array, or a flag. Other expressions having the same meaning may be used interchangeably.

Hereinafter, a method and apparatus for installing and managing an eUICC profile according to the present disclosure are described with reference to fig. 1 to 10.

Fig. 1 is a diagram illustrating a method of connecting to a mobile communication network by a terminal according to an embodiment of the present disclosure by using a Universal Integrated Circuit Card (UICC) on which a fixed profile has been installed.

As shown in fig. 1, the UICC 120 may be inserted into the terminal 110. For example, the UICC 120 may be of a detachable type and may have been previously embedded in the terminal.

The fixed profile of the UICC on which the fixed profile has been installed means that "access information" based on which a specific carrier can be accessed has been fixed. For example, the access information may be the IMSI (i.e., subscriber delimiter) and the K or Ki value necessary to authenticate the network along with the subscriber delimiter.

The terminal 110 according to various embodiments can perform authentication by using the UICC 120 together with an authentication processing system (e.g., Home Location Register (HLR) or AuC) of a mobile operator. For example, the authentication process may be an Authentication and Key Agreement (AKA) procedure. When the authentication is successful, the terminal can use a mobile communication service, such as using a phone or mobile data, through the mobile carrier network 130 using the mobile communication system.

Fig. 2 is a diagram illustrating a configuration of a system in which a terminal manages a profile installed in a first terminal and installs the profile in a second terminal in response to an input of a user according to an embodiment of the present disclosure.

As shown in fig. 2, esims 211 and 221 have been installed on terminals 210 and 220, respectively. Profiles (not shown) may have been installed in the esims 211 and 221, respectively. In addition, LPAs 212 and 222 may already be installed in terminals 210 and 220, respectively. esims 211 and 221 can be controlled by LPAs 212 and 222, respectively. The user 200 can control profiles installed in the respective esims 211 and 221 of the terminal through the LPAs 212 and 222, respectively.

The user 200 may be provided with a communication service from a service provider (hereinafter referred to as "service provider") 250. For this purpose, a profile (not shown) of the service provider 250 may already be installed in the first terminal 210. For example, if the user 200 has newly purchased the second terminal 220, the user may attempt to install the profile installed in the first terminal 210 again in the second terminal 220.

The service provider 250 may already be coupled to the first profile server 230 and the second profile server 240. The LPA 212 of the first terminal 210 may already be coupled to the first profile server 230. The LPA 222 of the second terminal 220 may already be coupled to the second profile server 240. In this case, the first profile server 230 and the second profile server 240 may be the same or different. Further, if one or more operator servers are included in the configuration, each of the operator servers may already be coupled to each individual profile server, and at least one operator server may already be coupled to the same profile server. Further, for convenience, fig. 2 shows that each of the profile servers 230 and 240 is composed of a single server. However, according to embodiments and examples, one or more profile servers (SM-DP +) may be included in the server configuration, and one or more discovery relay servers (SM-DS) that facilitate connection and generation between a specific profile server and a terminal may be included in the server configuration. As noted above, it will be noted that in the following figures, the various configurations of the server may be indicated briefly as a single profile server.

Detailed operations and message exchange procedures of the user 200, the service provider 250, the terminals 210 and 220, the esims 211 and 221, the LPAs 212 and 222, and the profile servers 230 and 240 according to an embodiment of the present disclosure are described in detail with reference to the drawings that will be described later.

Fig. 3A is a diagram illustrating a process of receiving an activation code by a first terminal through a profile server and downloading a new profile by transferring the activation code to a second terminal according to an embodiment of the present disclosure.

Reference is made to fig. 2 for a configuration and description of the user 200, the first terminal 210, the second terminal 220, the first profile server 230, the second profile server 240, and the service provider 250 in fig. 3A. For example, the user 200, the first terminal 210, the second terminal 220, the first profile server 230, the second profile server 240, and the service provider 250 may correspond to the user 200, the first terminal 210, the second terminal 220, the first profile server 230, the second profile server 240, and the service provider 250 in fig. 2, respectively. Further, first profile server 230 and second profile server 240 may be the same server.

Referring to fig. 3A, in step 301a, a user 200 may request delivery of a first profile from a first terminal 210. The user 200 can confirm information (profile metadata) about the first profile and information that the user attempting to deliver the first profile should take care of, if necessary, through the first terminal 210. Some or all of the information about the first profile and some or all of the information that should be noted by the user attempting to deliver the first profile may have been stored in the first terminal 210 or the first profile and may then be received from the first profile server 230 in step 307a and from the second profile server 240 in step 313 a. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost the user will pay for the profile delivery, and so forth. If the number of remaining profile deliveries allowed by the service provider 250 has not been left or defined, the first terminal 210 may notify the user that the delivery of the first profile is not possible and terminate the operation, or may further receive a cost or the like to be paid by the user for delivering the profile via the service provider 250 or the profile server 230 or 240 by performing steps 303a to 307a, and may notify the user of the cost or the like. Furthermore, at least one address of a profile server that needs to be accessed by the terminal to deliver the profile may already be stored in the first terminal 210 or the first profile. For example, the profile server that needs to be accessed by the terminal to deliver the profile may be the first profile server 230.

In step 303a, the first terminal 210 may request delivery of the first profile from the first profile server 230. For example, step 303a may be performed using at least one of an Initiate Authentication message (initial Authentication message), a terminal Authentication Client message (terminal Authentication Client message), or a delivery request message and/or by further transmitting an operation type set to device change or profile delivery. The process of requesting delivery of the first profile in step 303a may comprise the step of sending at least a profile id (iccid) of the first profile.

In step 305a, first profile server 230 and service provider 250 may check delivery likelihood of the first profile. If the first profile cannot be delivered to another terminal, the first profile server 230 and the service provider 250 may prepare a new second profile. For example, step 305a may be performed using at least one of a download command message, an acknowledgement command message (Confirm Order message), a remote management command (RPM command) message, a Release command message (Release Order message), or a Handle Notification (Handle Notification). In step 305a, the profile server 230 and the service provider 250 may also generate or change, if necessary, information about the first profile (profile metadata), information about the second profile (profile metadata), and/or some or all of the information that should be noted by the user attempting to deliver the first profile. For example, the information about the first profile and the information about the second profile may include a name or logo of the operator 250 that has provided each profile, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. In addition, the first profile server 230 and the service provider 250 may also generate an activation code based on which the prepared second profile may be downloaded. The activation code may include at least an address of the second profile server 240 storing the second profile and an event identifier (MatchingID) connected to the second profile. For convenience, the first profile server 230 and the second profile server 240 have been represented as separate servers in the drawing, but the first profile server 230 may be the same server as the second profile server 240. For a more detailed description and another embodiment of step 305a, reference may be made to FIG. 3B.

In step 307a, the first profile server 230 may deliver to the first terminal 210 an activation code downloadable based on its second profile, and may also provide notification that the first profile does not need to be deleted. For example, the method of providing notification that deletion of the first Profile is Not required may be performed using a method of Not transmitting the first Delete Profile flag (Delete Profile flag), Not transmitting the first Reuse Profile flag (Reuse Profile flag), transmitting the first Profile Delete unnecessary (Do Not Delete Profile) flag, or transmitting the new Profile use flag, etc. Furthermore, in step 307a, the first profile server 230 may also notify the first terminal 210 of some or all of the information about the first profile, all of the information about the second profile (profile metadata), and/or all of the information that should be noted by the user attempting to deliver the first profile, if necessary. For example, the information about the first profile or the information about the second profile may include a name or logo of the service provider 250 that has provided each profile, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. If the first terminal 210 also receives information about the first profile, information about the second profile, and/or information that should be noted by the user attempting to deliver the first profile, the first terminal 210 may output some or all of the information to the user 200 and may receive permission from the user 200.

In step 309a, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code has been prepared. The QR code may be replaced with barcode information, other encrypted information, and the like.

In step 311a, the user 200 may input an activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on a screen in step 309 a.

In step 313a, the second terminal 220 may request the download of the second profile from the second profile server 240. For example, step 313a may be performed using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message. Step 313a may include a process of transferring an event identifier (MatchingID) included in the activation code to the second profile server 240 by the second terminal 220. In step 313a, the second terminal 200 may use WiFi or an internet tethering function provided by the first terminal 210 for internet connection.

In step 315a, the second profile server 240 may transfer information (profile metadata) about the second profile and information that the user who downloaded the second profile should take care of to the second terminal 220. For example, the information about the second profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user downloading the second profile may include the number of remaining profile deliveries allowed by the service provider 250, the fee the user will pay for the profile delivery, and the like.

In step 317a, the user 200 may confirm information about the second profile and information that the user who downloaded the second profile should take care of, and may agree with the profile installation. The operation of agreeing to the profile installation may include selecting "yes/no", inputting a set password by the user 200, inputting biometric information such as a fingerprint or iris of the user 200, and the like.

In step 319a, the second terminal 220 may notify the second profile server 240 that the user 200 has agreed to the profile download and may request a profile package from the second profile server 240.

In step 321a, the second profile server 240 may deliver the profile packet of the second profile to the second terminal 220.

In step 323a, the second terminal 220 may install the second profile by using the profile package of the second profile.

In step 325a, the first terminal 210 may disable and delete the first profile, and may notify the first profile server 230 of the disabled result and the deleted result. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 325a may be performed using a handle notification message. Step 325a may be a separate operation unrelated to the first profile server 230 not requesting deletion of the first profile in step 307a, and step 325a may be optionally performed if necessary. Further, for the convenience of the drawing, fig. 3A shows that the first terminal 210 notifies the first profile server 230 of the disable result and the delete result. However, the disabling result and the deletion result may be communicated to another profile server (e.g., the second profile server 240 or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the disabled result to the first profile server 230 by the first terminal 210 in step 325a may be omitted.

Fig. 3B is a diagram illustrating another process of receiving an activation code through a profile server by a first terminal and downloading a new profile by transferring the activation code to a second terminal according to an embodiment of the present disclosure.

For the configuration and description of the user 200, the first terminal 210, the second terminal 220, the first profile server 230, the second profile server 240, and the service provider 250 in fig. 3B, reference is made to fig. 2. For example, user 200, first terminal 210, second terminal 220, profile server 230, and service provider 250 may correspond to user 200, first terminal 210, second terminal 220, first profile server 230, and service provider 250 in fig. 2, respectively.

Referring to fig. 3B, in step 301B, upon receiving a request to deliver a first profile from a terminal 210 or 220, a service provider 250 may request a profile server 230 to notify an operator 250 of the delivery of the first profile. For example, a method of requesting the profile server 230 to notify the service provider 250 of delivery of the first profile when a Request to deliver the first profile is received may be performed using a method such as transmitting a Notification Request On Transfer (Notification Request at delivery) flag or transmitting a no-Notification delivery Available (no-Notification delivery Available) flag.

In step 303b, the user 200 may request delivery of the first profile from the first terminal 210. The user 200 can confirm information (profile metadata) about the first profile through the first terminal 210 if necessary. Some or all of the information about the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. Furthermore, at least one address of a profile server that should be accessed by the terminal to deliver the profile may already be stored in the first terminal 210 and the first profile. For example, the profile server that should be accessed by the terminal to deliver the profile may be the profile server 230.

In step 305b, the first terminal 210 may request delivery of the first profile from the profile server 230. Step 305b may be performed, for example, by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to device change or profile delivery. The process of requesting delivery of the first profile in step 305b may include the step of sending at least a profile id (iccid) of the first profile.

In step 307b, the profile server 230 may notify the service provider 250 that a request to deliver the first profile has been received from the terminal 210. Step 307b may be performed using a handle notification message, for example.

In step 309b, the service provider 250 may check the delivery policy of the first profile. For the criteria that allow delivery of the first profile, reference may be made to a communication rate system or the like subscribed by the user 200. Service provider 250 may provide user 200 with additional information for delivering the first profile and may identify a need to receive permission from user 200, if necessary.

In step 311b, service provider 250 may communicate to profile server 230 some or all of the information that should be noted by the user attempting to deliver the first profile. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. In step 311b, profile server 230 and service provider 250 may also generate or change some or all of the information about the first profile (profile metadata), all of the information about the second profile (profile metadata), and/or all of the information that should be noted by the user attempting to deliver the first profile, if necessary. For example, the information about the first profile or the information about the second profile may include a name or logo of the service provider 250 that has provided each profile, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like.

In step 313b, the profile server 230 may communicate to the first terminal 210 some or all of the information that should be noted by the user attempting to deliver the first profile. The first terminal 210 may show some or all of the received information to the user 200.

In step 315b, the user 200 may confirm the information presented by the service provider 250 to deliver the first profile and may input user permission to the first terminal 210.

In step 317b, the first terminal 210 may communicate to the profile server 230 that the user has agreed to the delivery of the first profile. For example, step 317b may be performed by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to a Device Change confirmation (Device Change Confirmed), a delivery Profile confirmation (Transfer Profile Confirmed), or an End User confirmation (End User Confirmed). The process of communicating in step 317b that the user has agreed to the delivery of the first profile may include the step of sending at least a profile id (iccid) of the first profile.

In step 319b, the profile server 230 may notify the service provider 250 that the user has agreed to the delivery of the first profile. For example, step 319b may be performed using a handle notification message.

In step 321b, the profile server 230 and the service provider 250 may prepare a new second profile. For example, step 321b may be performed using at least one of a download command message, an acknowledgement command message, a remote management command (RPM command) message, a release command message, or a handle notification. In addition, the profile server 230 and the service provider 250 may also generate an activation code, based on which the prepared second profile is downloadable. The activation code may include at least an address of the profile server 230 storing the second profile and an event identifier (MatchingID) connected to the second profile.

In step 323b, the profile server 230 may communicate to the first terminal 210 an activation code based on which the second profile is downloadable, and may also provide notification that deletion of the first profile is not required. For example, methods of providing notification that deletion of the first Profile is Not required may be performed using methods such as Not sending the first Delete Profile flag, Not sending the first reuse Profile flag, sending the first Profile Delete unnecessary (Do Not Delete Profile) flag, or sending the new Profile use flag.

In step 325b, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code has been prepared. The QR code may be replaced with barcode information, other encrypted information, and the like.

In step 327b, the user 200 may input the activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on the screen in step 327 b.

In step 329b, the second terminal 220 may download the second profile from the profile server 230. For a detailed description of step 329b, reference is made to the description of step 313A and its subsequent steps in FIG. 3A.

Fig. 4A is a diagram illustrating a process of receiving an activation code through a profile server by a first terminal according to an embodiment of the present disclosure and downloading the same profile again by transferring the activation code to a second terminal.

For configuration and description of the user 200, the first terminal 210, the second terminal 220, the profile server 230, and the service provider 250 in fig. 4A, reference is made to fig. 2. For example, user 200, first terminal 210, second terminal 220, profile server 230, and service provider 250 may correspond to user 200, first terminal 210, second terminal 220, first profile server 230, and service provider 250 in fig. 2, respectively.

Referring to fig. 4A, in step 401a, the user 200 may request delivery of a first profile from the first terminal 210. To this end, the user 200 may confirm information (profile metadata) about the first profile and information that the user attempting to deliver the first profile should take care of through the first terminal 210. Information about the first profile and information that should be noted by the user attempting to deliver the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. Furthermore, at least one address of a profile server that should be accessed by the terminal to deliver the profile may already be stored in the first terminal 210 or the first profile. For example, the profile server that should be accessed by the terminal to deliver the profile may be the profile server 230.

In step 403a, the first terminal 210 may request delivery of the first profile from the profile server 230. For example, step 403a may be performed by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to device change or profile delivery. The process of requesting delivery of the first profile in step 403a may include the step of sending at least a profile id (iccid) of the first profile.

In step 405a, profile server 230 and operator 250 may check the delivery likelihood of the first profile. If the first profile can be delivered to another terminal, the profile server 230 and the service provider 250 can prepare for reuse of the first profile. In this case, the state of the prepared first profile may be set to a state in which downloading has not been possible, so as to prevent copying of the first profile. For example, step 405a may be performed using at least one of a download command message, an acknowledgement command message, a remote management command (RPM command) message, a release command message, or a handle notification. In step 405a, the profile server 230 and the service provider 250 may also generate or change some or all of the information about the first profile (profile metadata) and/or all of the information that should be noted by the user attempting to deliver the first profile, if necessary. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. In addition, the profile server 230 and the service provider 250 may also generate an activation code, based on which the first profile may be downloaded again. The activation code may include at least an address of the profile server 240 storing the first profile and an event identifier (MatchingID) connected to the first profile. In this figure, the first profile has been represented as being stored in the profile server 230 for convenience, but the first profile may be stored in a different profile server from the profile server 230. For example, the second profile server 240 in FIG. 3A may be used.

In step 407a, the profile server 230 may communicate to the first terminal 210 an activation code based on which the first profile is downloadable again, and may also provide notification that the first profile needs to be deleted. For example, methods of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Profile Delete unnecessary (Do Not Delete Profile) flag, or Not sending a new Profile use flag. Furthermore, in step 407a, the first profile server 230 may also notify the first terminal 210 of some or all of the information (profile metadata) about the second profile and/or all of the information that the user downloading the second profile should take care of, if necessary. When further receiving information about the second profile and/or information that the user downloading the second profile should take care of, the first terminal 210 may output some or all of the information to the user 200 and may receive permission from the user 200.

In step 409a, the first terminal 210 may disable and delete the first profile in response to a request from the profile server 230, and may notify the profile server 230 of the disabled result and the deleted result. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 409a may be performed using at least one of a Disable Profile message, a Delete Profile message, or a handle notification message. Further, for the convenience of the figure, fig. 4A shows that the first terminal 210 notifies the profile server 230 of the disable result and the delete result. However, the disabling result and the deleting result may be communicated to another profile server (e.g., the second profile server 240 or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the result of the disabling to the profile server 230 by the first terminal 210 in step 409a may be omitted.

In step 411a, the profile server 230 may recognize that the first terminal 210 has deleted the first profile, and may set the state of the first profile prepared in step 405a to a downloadable state. Further, the profile server 230 may notify the first terminal 210 that the state of the first profile is a downloadable state.

In step 413a, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code has been prepared.

In step 415a, the user 200 may input an activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on the screen in step 413 a.

In step 417a, the second terminal 220 may request downloading of the first profile from the profile server 230. For example, step 417a may be performed using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message. Step 417a may include a process of communicating an event identifier (MatchingID) included in the activation code to the profile server 230 by the second terminal 220. In step 417a, the second terminal 200 may use WiFi or an internet network sharing function provided by the first terminal 210 for internet connection.

In step 419a, profile server 230 may first identify whether the state of the first profile is a downloadable state. If the status of the first profile is a download impossible status because the profile server 230 does not recognize through steps 409a to 411a that the first profile has been deleted from the first terminal, the profile server 230 may transmit an error code as a response and terminate the operation. When the state of the first profile is a downloadable state, the profile server 230 may transfer information (profile metadata) about the first profile and information that a user who downloads the first profile should take care to the second terminal 220. For example, the information about the first profile may include a name or logo of the operator 250, a profile policy, and the like. For example, the information that the user downloading the first profile should take care of may include the number of remaining profile deliveries allowed by the operator 250, the cost the user will pay for the profile delivery, and the like.

In step 421a, the user 200 may confirm information about the first profile and information that the user who downloaded the first profile should take care of, and may agree with the profile installation. The operation of agreeing to the profile installation may include an operation of selecting "yes/no", inputting a set password by the user 200, inputting biometric information such as a fingerprint or iris of the user 200, or the like.

In step 423a, second terminal 220 may notify profile server 230 that user 200 has approved the profile download and may request a profile package from profile server 230.

In step 425a, the profile server 230 may deliver the profile packet of the first profile to the second terminal 220.

In step 427a, the second terminal 220 may install the first profile by using the profile package of the first profile.

Fig. 4B is a diagram illustrating another process of receiving an activation code through a profile server by a first terminal and downloading a new profile by transferring the activation code to a second terminal according to an embodiment of the present disclosure.

For configuration and description of the user 200, the first terminal 210, the second terminal 220, the profile server 230, and the service provider 250 in fig. 4B, reference is made to fig. 2. For example, the user 200, the first terminal 210, the second terminal 220, the profile server 230, and the operator 250 may correspond to the user 200, the first terminal 210, the second terminal 220, the first profile server 230, and the operator 250 in fig. 2, respectively.

Referring to fig. 4B, in step 401B, when receiving a request for delivery of the first profile from the terminal 210 or 220, the operator 250 may request the profile server 230 to notify the service provider 250 of the delivery of the first profile. For example, a method of requesting the profile server 230 to notify the service provider 250 of delivery of the first profile when receiving a Request to deliver the first profile may be performed using a method such as transmitting a Notification Request On Transfer flag or transmitting a no Notification delivery Available (Transfer Available Without Notification) flag.

In step 403b, the user 200 may request delivery of the first profile from the first terminal 210. The user 200 can confirm information (profile metadata) about the first profile through the first terminal 210 if necessary. Some or all of the information about the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the operator 250, a profile policy, and the like. Furthermore, at least one address of a profile server that should be accessed by the terminal to deliver the profile may already be stored in the first terminal 210 or the first profile. For example, the profile server that should be accessed by the terminal to deliver the profile may be the profile server 230.

In step 405b, the first terminal 210 may request delivery of the first profile from the profile server 230. Step 405b may be performed, for example, by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to device change or profile delivery. The process of requesting delivery of the first profile in step 405b may include the step of sending at least a profile id (iccid) of the first profile.

In step 407b, the profile server 230 may notify the operator 250 that a request to deliver the first profile has been received from the terminal 210. For example, step 407b may be performed using a handle notification message.

In step 409b, the operator 250 may check the delivery policy of the first profile. For the criteria allowing delivery of the first profile, reference may be made to, for example, a communication rate system subscribed by the user 200, etc. Service provider 250 may provide user 200 with additional information for delivering the first profile and, if necessary, determine that permission needs to be received from user 200.

In step 411b, the service provider 250 may communicate to the profile server 230 some or all of the information that should be noted by the user attempting to deliver the first profile, and may also provide a notification that the first profile needs to be deleted first. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. In step 411b, the profile server 230 and the operator 250 may also generate or change some or all of the information about the first profile (profile metadata) and/or all of the information that should be noted by the user attempting to deliver the first profile, if necessary. For example, the information about the first profile may include a name or logo of the service provider 250 that has provided the first profile, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. For example, the method of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Not Delete unnecessary (No Not Delete Profile) flag, or Not sending a new Profile use flag.

In step 413b, the profile server 230 may communicate to the first terminal 210 some or all of the information that should be noted by the user attempting to deliver the first profile. The first terminal 210 may show some or all of the received information to the user 200.

In step 415b, the user 200 may confirm the information presented by the operator 250 for delivering the first profile and may input user permission to the first terminal 210.

In step 417b, the first terminal 210 may communicate to the profile server 230 that the user has agreed to the delivery of the first profile. For example, step 417b may be performed by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to a device change confirmation, a delivery profile confirmation, or an end user confirmation. The process of communicating in step 417b that the user has agreed to deliver the first profile may include the step of sending at least a profile id (iccid) of the first profile.

In step 419b, profile server 230 may notify operator 250 that the user has agreed to the delivery of the first profile. Step 419b may be performed using a handle notification message, for example.

In step 421b, profile server 230 and operator 250 may prepare for reuse of the first profile. For example, step 421b may be performed using at least one of a download command message, an acknowledgement command message, a remote management command (RPM command) message, or a handle notification, and step 421b may be performed by further providing a notification that the first profile needs to be deleted. For example, the method of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Not Delete unnecessary (No Not Delete Profile) flag, or Not sending a new Profile use flag. In addition, the profile server 230 and the operator 250 may also generate an activation code, based on which the prepared first profile is downloadable. The activation code may include at least an address of the profile server 230 storing the first profile and an event identifier (MatchingID) connected to the first profile.

In step 423b, the profile server 230 may communicate to the first terminal 210 the activation code based on which the first profile is downloadable and may also provide notification that the first profile needs to be deleted. For example, the method of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Not Delete unnecessary (No Not Delete Profile) flag, or Not sending a new Profile use flag.

In step 425b, the first terminal 210 may disable and delete the first profile in response to the request from the profile server 230, and may notify the profile server 230 of the disabled result and the deleted result. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 425b may be performed using at least one of a disable profile message, a delete profile message, or a handle notification message. Further, for the convenience of the figure, fig. 4B shows that the first terminal 210 notifies the profile server 230 of the disable result and the delete result. However, the disabling result and the deleting result may be communicated to another profile server (e.g., the second profile server 240 or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the result of the disabling to the profile server 230 by the first terminal 210 in step 425b may be omitted.

In step 427b, the profile server 230 may notify the service provider 250 that the first profile has been deleted from the first terminal 210. For example, step 427b may be performed using a handle notification message. Step 427b may include a process of transferring an id (iccid) of at least the first profile.

In step 429b, the service provider 250 may request the profile server 230 to change the status of the first profile to an available status. For example, step 429b may be performed using a release command message.

In step 431b, the profile server 230 may set the state of the first profile prepared in step 421b to a downloadable state in response to a request from the service provider 250. Further, the profile server 230 may notify the first terminal 210 that the state of the first profile is a downloadable state.

In step 433b, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code has been prepared. The QR code may be replaced with barcode information, other encrypted information, and the like.

In step 435b, the user 200 may input the activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transmit the activation code to the second terminal 220 without displaying the activation code on a screen in step 423 b.

In step 437b, the second terminal 220 may download the first profile from the profile server 230. For a detailed description of step 437b, refer to the description of step 417a and its subsequent steps in FIG. 4A.

Fig. 4C is a diagram illustrating yet another process of receiving an activation code through a profile server by a first terminal and downloading a new profile by transferring the activation code to a second terminal according to an embodiment of the present disclosure.

For configuration and description of the user 200, the first terminal 210, the second terminal 220, the profile server 230, and the service provider 250 in fig. 4C, reference is made to fig. 2. For example, user 200, first terminal 210, second terminal 220, profile server 230, and service provider 250 may correspond to user 200, first terminal 210, second terminal 220, first profile server 230, and service provider 250 in fig. 2, respectively.

Referring to fig. 4C, in step 401C, when receiving a request for delivery of the first profile from the terminal 210 or 220, the service provider 250 may request the profile server 230 to notify the service provider 250 of the delivery of the first profile. For example, a method of requesting the profile server 230 to notify the service provider 250 of delivery of the first profile when a Request to deliver the first profile is received may be performed using a method such as transmitting a Notification Request On delivery flag or transmitting a delivery Available Without Notification flag.

In step 403c, the user 200 may request delivery of the first profile from the first terminal 210. The user 200 can confirm information (profile metadata) about the first profile through the first terminal 210 if necessary. Some or all of the information about the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. Furthermore, at least one address of a profile server that should be accessed by the terminal to deliver the profile may already be stored in the first terminal 210 or the first profile. For example, the profile server that should be accessed by the terminal to deliver the profile may be the profile server 230.

In step 405c, the first terminal 210 may request delivery of the first profile from the profile server 230. For example, step 405c may be performed by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to device change or profile delivery. The process of requesting delivery of the first profile in step 405c may comprise the step of sending at least a profile id (iccid) of the first profile.

In step 407c, the profile server 230 may notify the service provider 250 that a request to deliver the first profile has been received from the terminal 210. For example, step 407c may be performed using a handle notification message.

In step 409c, the service provider 250 may check the delivery policy of the first profile. For the criteria allowing delivery of the first profile, reference may be made to, for example, a communication rate system subscribed by the user 200, etc. Service provider 250 may provide user 200 with additional information for delivering the first profile and may identify a need to receive permission from user 200, if necessary.

In step 411c, service provider 250 may communicate to profile server 230 some or all of the information that should be noted by the user attempting to deliver the first profile. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. In step 411c, the profile server 230 and the service provider 250 may further generate or change some or all of the information about the first profile (profile metadata) and/or all of the information that should be noted by the user attempting to deliver the first profile, if necessary. For example, the information about the first profile may include a name or logo of the service provider 250 that has provided the first profile, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like.

In step 413c, the profile server 230 may communicate to the first terminal 210 some or all of the information that should be noted by the user attempting to deliver the first profile. The first terminal 210 may show some or all of the received information to the user 200.

In step 415c, the user 200 may confirm the information presented by the service provider 250 for delivering the first profile and may input user permission to the first terminal 210.

In step 417c, the first terminal 210 may communicate to the profile server 230 that the user has agreed to the delivery of the first profile. For example, step 417c may be performed by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to a device change confirmation, a delivery profile confirmation, or an end user confirmation. The process of communicating in step 417c that the user has agreed to deliver the first profile may include the step of sending at least a profile id (iccid) of the first profile.

In step 419c, profile server 230 may notify service provider 250 that the user has permitted delivery of the first profile. For example, step 419c may be performed using a handle notification message.

In step 421c, profile server 230 and service provider 250 may prepare for reuse of the first profile. For example, step 421c may be performed using at least one of a download command message, an acknowledgement command message, a remote management command (RPM command) message, a release command message, or a handle notification, and step 421c may be performed by further providing a notification that the first profile needs to be deleted. For example, the method of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Not Delete unnecessary (No Not Delete Profile) flag, or Not sending a new Profile use flag. In addition, the profile server 230 and the service provider 250 may also generate an activation code, based on which the prepared first profile is downloadable. The activation code may include at least an address of the profile server 230 storing the first profile and an event identifier (MatchingID) connected to the first profile.

In step 423c, the profile server 230 may communicate to the first terminal 210 the activation code based on which the first profile is downloadable and may also provide notification that the first profile needs to be deleted. For example, the method of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Not Delete unnecessary (No Not Delete Profile) flag, or Not sending a new Profile use flag.

In step 425c, the first terminal 210 may disable and delete the first profile in response to the request from the profile server 230, and may notify the profile server 230 of the disabled result and the deleted result. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 425c may be performed using at least one of a disable profile message, a delete profile message, or a handle notification message. Further, for the convenience of the figure, fig. 4C shows that the first terminal 210 notifies the profile server 230 of the disable result and the delete result. However, the disabling result and the deleting result may be communicated to another profile server (e.g., the second profile server 240 or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the result of the disabling to the profile server 230 by the first terminal 210 in step 425c may be omitted.

In step 427c, the profile server 230 may recognize that the first terminal 210 has deleted the first profile, and may set the state of the first profile prepared in step 421c as a downloadable state. Further, the profile server 230 may notify the first terminal 210 that the state of the first profile is a downloadable state.

In step 429c, the profile server 230 may notify the service provider 250 that the first profile has been deleted from the first terminal 210 and is ready for profile delivery. For example, step 427c may be performed using a handle notification message. Step 427c may include a process of transferring at least an id (iccid) of the first profile.

In step 433c, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code is ready. The QR code may be replaced with barcode information, other encrypted information, and the like.

In step 435c, the user 200 may input the activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on the screen in step 423 c.

In step 437c, the second terminal 220 may download the first profile from the profile server 230. For a detailed description of step 437c, refer to the description of step 417a and its subsequent steps in FIG. 4A.

Fig. 4D is a diagram illustrating yet another process of receiving an activation code through a profile server by a first terminal and downloading a new profile by transferring the activation code to a second terminal according to an embodiment of the present disclosure.

For the configuration and description of the user 200, the first terminal 210, the second terminal 220, the first profile server 230, and the service provider 250 in fig. 4D, reference is made to fig. 2. For example, user 200, first terminal 210, second terminal 220, profile server 230, and service provider 250 may correspond to user 200, first terminal 210, second terminal 220, first profile server 230, and service provider 250 in fig. 2, respectively.

Referring to fig. 4D, in step 401D, when receiving a request for delivery of the first profile from the terminal 210 or 220, the service provider 250 may request the profile server 230 to notify the service provider 250 of the delivery of the first profile. For example, a method of requesting the profile server 230 to notify the service provider 250 of delivery of the first profile when receiving a Request to deliver the first profile may be performed using a method such as transmitting a Notification Request On Transfer flag or transmitting a no Notification delivery Available (Transfer Available Without Notification) flag.

In step 403d, the user 200 may request delivery of the first profile from the first terminal 210. The user 200 can confirm information (profile metadata) about the first profile through the first terminal 210 if necessary. Some or all of the information about the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. Furthermore, at least one address of a profile server that should be accessed by the terminal to deliver the profile may already be stored in the first terminal 210 or the first profile. For example, the profile server that should be accessed by the terminal to deliver the profile may be the profile server 230.

In step 405d, the first terminal 210 may request delivery of the first profile from the profile server 230. For example, step 405d may be performed by using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message and/or by further transmitting an operation type set to device change or profile delivery. The process of requesting delivery of the first profile in step 405d may comprise the step of sending at least a profile id (iccid) of the first profile.

In step 407d, the profile server 230 may notify the service provider 250 that a request to deliver the first profile has been received from the terminal 210. For example, step 407d may be performed using a handle notification message.

In step 409d, the operator 250 may check the delivery policy of the first profile. For the criteria allowing delivery of the first profile, reference may be made to, for example, a communication rate system subscribed by the user 200, etc. Service provider 250 may provide user 200 with additional information for delivering the first profile and may identify a need to receive permission from user 200, if necessary.

In step 411d, service provider 250 may communicate to profile server 230 some or all of the information that should be noted by the user attempting to deliver the first profile. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. In step 411d, the profile server 230 and the service provider 250 may also generate or change some or all of the information about the first profile (profile metadata) and/or all of the information that should be noted by the user attempting to deliver the first profile, if necessary. For example, the information about the first profile may include a name or logo of the operator 250 that has provided the first profile, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like.

In step 413d, the profile server 230 may communicate to the first terminal 210 some or all of the information that should be noted by the user attempting to deliver the first profile, and may also provide a notification that the first profile needs to be deleted. For example, the method of providing notification that deletion of the first Profile is required may be performed using methods such as sending a first Delete Profile flag, sending a first reuse Profile flag, Not sending a first Not Delete unnecessary (No Not Delete Profile) flag, or Not sending a new Profile use flag. The first terminal 210 may show some or all of the received information to the user 200.

In step 415d, the user 200 may confirm the information presented by the service provider 250 for delivering the first profile and may input user permission to the first terminal 210.

In step 417d, the first terminal 210 may disable and delete the first profile in response to the request from the profile server 230, and may notify the profile server 230 of the disabled result and the deleted result. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 417d may be performed using at least one of a disable profile message, a delete profile message, or a handle notification message. Further, for the convenience of the figure, fig. 4D shows that the first terminal 210 notifies the profile server 230 of the disable result and the delete result. However, the disabling result and the deleting result may be communicated to another profile server (e.g., the second profile server 240 or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the disabled result to the profile server 230 by the first terminal 210 in step 417d may be omitted. Step 417d may include a process of the first terminal 210 communicating that the user has agreed to deliver the first profile to the profile server 230. For example, step 417d may be performed by using at least one of an initiate authentication message, a terminal authentication client message, a delivery request message, or a handle notification message and/or by further sending an operation type set to a device change confirmation, a delivery profile confirmation, or an end user confirmation. The process of communicating in step 417d that the user has agreed to deliver the first profile may include the step of sending at least a profile id (iccid) of the first profile.

In step 419d, profile server 230 may notify service provider 250 that the user has agreed to the delivery of the first profile. For example, step 419d may be performed using the handle notification message.

In step 421d, profile server 230 and operator 250 may prepare for reuse of the first profile. For example, step 421d may be performed using at least one of a download command message, an acknowledgement command message, a remote management command (RPM command) message, a release command message, a handle notification. In addition, profile server 230 and service provider 250 may also generate an activation code based on which the first profile to be reused is downloadable. The activation code may include at least an address of the profile server 230 storing the first profile and an event identifier (MatchingID) connected to the first profile.

In step 423d, the profile server 230 may recognize that the first terminal 210 has deleted the first profile, and may set the state of the first profile prepared in step 421d as a downloadable state. Further, the profile server 230 may inform the first terminal 210 that the status of the first profile is a downloadable status by transferring an activation code, based on which the first profile is downloadable, to the first terminal 210.

In step 425d, the profile server 230 may notify the service provider 250 that the first profile has been deleted from the first terminal 210 and is ready for profile delivery. For example, step 425d may be performed using a handle notification message. Step 425d may include a process of communicating at least an id of the first profile (iccid).

In step 433d, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code has been prepared. The QR code may be replaced with barcode information, other encrypted information, and the like.

In step 435d, the user 200 may input the activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on the screen in step 423 d.

In step 437d, the second terminal 220 may download the first profile from the profile server 230. For a detailed description of step 437d, refer to the description of step 417a and its subsequent steps in FIG. 4A.

Fig. 5 is a diagram illustrating a process of downloading a new profile by a first terminal according to an embodiment of the present disclosure by transmitting an activation code stored in the first terminal to a second terminal.

Reference is made to fig. 2 for a configuration and description of the user 200, the first terminal 210, the second terminal 220, the profile server 230 and the service provider 250 in fig. 5. For example, the user 200, the first terminal 210, the second terminal 220, the profile server 230, and the service provider 250 may correspond to the user 200, the first terminal 210, the second terminal 220, the first profile server 230, and the operator 250 in fig. 2, respectively.

Referring to fig. 5, in step 501, the user 200 may request delivery of a first profile from the first terminal 210. To this end, the user 200 may confirm information (profile metadata) about the first profile and information that the user attempting to deliver the first profile should take care of through the first terminal 210. Information about the first profile and information that should be noted by the user attempting to deliver the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. Further, the activation code that the terminal needs to use to deliver the first profile and information indicating that the first profile does not need to be deleted to deliver the profile may already be stored in the first terminal 210 or the first profile. For example, the activation code that the terminal needs to use to deliver the first profile may be an activation code that was used in the past to install the first profile in the first terminal. Information indicating that the first profile does not need to be deleted to deliver the profile may be represented using methods such as: a first Delete Profile flag has Not been set, a first reuse Profile flag has Not been set, a first Profile Delete unnecessary (No Not Delete Profile) flag has been set or a new Profile use flag has been set, etc.

In step 503, the first terminal 210 may invoke an activation code that is stored in the first terminal 210 or the first profile and that the terminal needs to use to deliver the first profile. The activation code may include at least an address of the profile server 230 storing the second profile and an event identifier (MatchingID) connected to the second profile.

In step 505, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code is ready.

In step 507, the user 200 may input an activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on the screen in step 507.

In step 509, the second terminal 220 may request the download of the second profile from the profile server 230. For example, step 509 may be performed using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message. Step 509 may include a process of transferring an event identifier (MatchingID) included in the activation code to the profile server 230 by the second terminal 220. In step 509, the second terminal 200 may use WiFi for internet connection or may use an internet network sharing function provided by the first terminal 210.

In step 511, the profile server 230 may transfer information (profile metadata) about the second profile and information that the user who downloaded the second profile should take care of to the second terminal 220. For example, the information about the second profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user downloading the second profile may include the number of remaining profile deliveries allowed by the service provider 250, the fee the user will pay for the profile delivery, and the like.

In step 513, the user 200 may confirm information about the second profile and information that the user who downloaded the second profile should take care of, and may agree with the profile installation. The operation of agreeing to the profile installation may include an operation of selecting "yes/no", inputting a set password by the user 200, inputting biometric information such as a fingerprint or iris of the user 200, or the like.

In step 515, the second terminal 220 may notify the profile server 230 that the user 200 has approved the profile download and may request a profile package.

In step 517, the profile server 230 may communicate the profile package of the second profile to the second terminal 220.

In step 519, the second terminal 220 may install the second profile by using the profile package of the second profile.

In step 521, the first terminal 210 may disable and delete the first profile, and may notify the profile server 230 of the disabled result and the deleted result. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 521 may be performed using at least one of a disable profile message, a delete profile message, or a handle notification message. Step 521 may be a separate operation unrelated to the first terminal 210 having checked in step 503 that the first profile does not need to be deleted, and may optionally be performed if necessary. Further, for the convenience of the figure, fig. 5 shows that the first terminal 210 notifies the profile server 230 of the disable result and the delete result. However, the disabling result and the deletion result may be communicated to another profile server (e.g., the second profile server 240 in fig. 3A or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the result of the disabling to the profile server 230 by the first terminal 210 in step 521 may be omitted.

Fig. 6 is a diagram illustrating a procedure of downloading the same profile again by the first terminal according to an embodiment of the present disclosure by transmitting an activation code stored in the first terminal to the second terminal.

Reference is made to fig. 2 for a configuration and description of the user 200, the first terminal 210, the second terminal 220, the profile server 230 and the service provider 250 in fig. 6. For example, user 200, first terminal 210, second terminal 220, profile server 230, and service provider 250 may correspond to user 200, first terminal 210, second terminal 220, first profile server 230, and service provider 250 in fig. 2, respectively.

Referring to fig. 6, in step 601, the user 200 may request delivery of the first profile from the first terminal 210. To this end, the user 200 may confirm information (profile metadata) about the first profile and information that the user attempting to deliver the first profile should take care of through the first terminal 210. Information about the first profile and information that should be noted by the user attempting to deliver the first profile may already be stored in the first terminal 210 or the first profile. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user attempting to deliver the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like. Further, the activation code that the terminal delivery profile needs to use and information indicating that the first profile needs to be deleted to deliver the first profile may already be stored in the first terminal 210 or the first profile. For example, the activation code that the terminal delivery profile needs to use may be an activation code that was used in the past to install the first profile in the first terminal. Methods such as the first Delete Profile flag Not yet set, the first reuse Profile flag already set, the first Profile Delete unnecessary (No Not Delete Profile) flag Not yet set, or the new Profile use flag Not yet set may be used to represent information indicating that the first Profile needs to be deleted to deliver the Profile.

In step 603, the first terminal 210 may invoke an activation code that is stored in the first terminal 210 or the first profile and that the terminal needs to use to deliver the first profile. The activation code may include at least an address of the profile server 230 storing the first profile and an event identifier (MatchingID) connected to the first profile. In this case, the state of the first profile stored in the profile server 230 may have been set to a download impossible state in order to prevent the first profile from being copied.

In step 605, the first terminal 210 may disable and delete the first profile, and may notify the disabling result and the deletion result to the profile server 230. The disabling result and the deleting result of the first profile may include at least a profile id (iccid) of the first profile. For example, step 605 may be performed using at least one of a disable profile message, a delete profile message, or a handle notification message. Further, for the convenience of the figure, fig. 6 shows that the first terminal 210 notifies the profile server 230 of the disable result and the delete result. However, the disabling result and the deleting result may be communicated to another profile server (e.g., the second profile server 240 or a third profile server not shown in the figure). The disabling result and the deleting result may be delivered separately. Further, when the state of the first profile is already the disabled state, the operation of disabling the first profile by the first terminal 210 and the operation of notifying the result of the disabling to the profile server 230 by the first terminal 210 in step 605 may be omitted.

In step 607, profile server 230 and service provider 250 may check the delivery likelihood of the first profile. If the first profile is deliverable to another terminal, the profile server 230 and the service provider 250 can prepare for reuse of the first profile. For example, step 607 may be performed using at least one of a download command message, an acknowledgement command message, a remote management command (RPM command) message, a release command message, or a handle notification.

In step 609, the profile server 230 may recognize that the first terminal 210 has deleted the first profile and may set the state of the first profile to a downloadable state. Further, the profile server 230 may notify the first terminal 210 that the state of the first profile is a downloadable state.

In step 611, the first terminal 210 may display the activation code on the screen by converting the activation code in the form of an image such as a QR code or in the form of a character string, and may notify the user that the activation code has been prepared.

In step 613, the user 200 may input an activation code displayed on the screen of the first terminal 210 to the second terminal 220. The method of inputting the activation code may be performed using various methods, such as capturing an image (such as a QR code) using a camera or inputting a character string through a keyboard. Further, if the first terminal 210 and the second terminal 220 are connected through short-range communication (e.g., bluetooth, NFC, WiFi direct, etc.), the first terminal 210 may directly transfer the activation code to the second terminal 220 without displaying the activation code on the screen in step 413 a.

In step 615, the second terminal 220 may request downloading of the first profile from the profile server 230. For example, step 615 may be performed using at least one of an initiate authentication message, a terminal authentication client message, or a delivery request message. Step 615 may include a process of delivering an event identifier (MatchingID) included in the activation code to the profile server 230 by the second terminal 220. In step 615, the second terminal 200 may use WiFi for internet connection or may use an internet network sharing function provided by the first terminal 210.

In step 617, profile server 230 may first identify whether the state of the first profile is a downloadable state. When the state of the first profile is a download impossible state since it has not been recognized through steps 605 to 609 that the first profile has been deleted from the first terminal, the profile server 230 may transmit an error code as a response and may terminate the operation. When the state of the first profile is a downloadable state, the profile server 230 may deliver information (profile metadata) about the first profile and information that a user who downloads the first profile should take care to the second terminal 220. For example, the information about the first profile may include a name or logo of the service provider 250, a profile policy, and the like. For example, information that should be noted by the user downloading the first profile may include the number of remaining profile deliveries allowed by the service provider 250, the cost that the user will pay for the profile delivery, and the like.

In step 619, the user 200 may confirm information about the first profile and information that the user who downloaded the first profile should take care of, and may agree with the profile installation. The operation of agreeing to the profile installation may include an operation of selecting "yes/no", inputting a set password by the user 200, or inputting biometric information such as a fingerprint or iris of the user 200.

In step 621, the second terminal 220 may notify the profile server 230 that the user 200 has agreed to the profile download and may request a profile package.

In step 623, the profile server 230 may deliver the profile packet of the first profile to the second terminal 220.

In step 625, the second terminal 220 may install the first profile by using the profile package of the first profile.

Fig. 7A is a flowchart illustrating an operation procedure of a first terminal according to an embodiment of the present disclosure.

Fig. 7B is a flowchart illustrating an operation procedure of the second terminal according to an embodiment of the present disclosure.

Each of the terminals (the first terminal 210, the second terminal 220, and the terminal described without reference numerals assigned thereto) described in the present disclosure may correspond to the first terminal described with reference to fig. 7A or the second terminal described with reference to fig. 7B. Each of the first terminal 210 and the second terminal 220 may be an embodiment of the terminal in fig. 7A and 7B. The expressions "first" and "second" are only used to indicate that the terminals are physically different terminals.

Referring to fig. 7A, in step 701, the first terminal may start operating.

In step 703, the first terminal may receive a request for profile delivery from a user.

In step 705, the first terminal may identify information regarding profile delivery. The information on the profile delivery may be information indicating whether an activation code necessary for the profile delivery must be received from the server or whether an activation code stored in the terminal must be used. The information about the profile delivery may also comprise at least the address of the corresponding server, if an activation code necessary for the profile delivery has to be received from the server. The first terminal may proceed to step 707. The information about the delivery of the profile may also include information indicating whether the profile must be deleted first, at least before using the activation code stored in the terminal, if the activation code stored in the terminal must be used. The first terminal may proceed to step 709.

In step 707, the first terminal may receive the activation code by requesting the activation code from the server. The message sent by the server in response to the activation code may also include information indicating whether the profile must first be deleted before the activation code is used.

In step 709, the first terminal may read the activate code stored in the terminal.

In step 711, the first terminal may identify whether it is necessary to delete the first profile. For the criteria for identifying whether it is necessary to delete the first profile, reference may be made to the information on the profile delivery identified in step 705 and the indication of the server received in step 707. If it is necessary to delete the first profile, the first terminal may proceed to step 713. If it is not necessary to delete the first profile, the first terminal may proceed to step 715.

In step 713, the first terminal may delete the first profile and may notify the server of the deletion result.

In step 715, the first terminal may pass the activation code received from the server in step 707 or read in step 709 to the second terminal. The method of communicating the activation code to the second terminal may be performed using the following method: an activation code displayed in the form of an image such as a QR code on a screen of a first terminal is photographed by a user by using a camera of a second terminal, the activation code displayed in the form of a character string on the screen of the first terminal is input to a keypad of the second terminal by the user, or the first and second terminals are connected through short-distance communication such as bluetooth, NFC, WiFi, or WiFi direct connection, and the activation code is transferred in the form of data. Step 715 may correspond to step 753.

In step 717, the first terminal may terminate operation.

Referring to fig. 7B, in step 751, the second terminal may start operating.

In step 753, the second terminal may receive an activate code from the first terminal. For a method of receiving an activate code, refer to the description of step 715.

In step 755, the second terminal may request a profile download from the profile server.

In step 757, the second terminal may receive a profile from the profile server.

In step 759, the second terminal may install the profile.

In step 761, the second terminal may terminate operation.

Fig. 8 is a flowchart illustrating an operational procedure of a profile server according to an embodiment of the present disclosure.

Each of the profile servers (the first profile server 230, the second profile server 240, and the server described without reference numerals assigned thereto) described in the present disclosure may correspond to the profile server described with reference to fig. 8. Each of first profile server 230 and second profile server 240 may be an embodiment of the servers in fig. 8. The expressions "first" and "second" are only used to indicate that the profile servers are physically different profile servers.

Referring to FIG. 8, in step 801, a profile server may begin operation.

In step 803, the profile server may receive a request from the terminal to deliver the first profile. The request for delivery of the first profile may comprise at least the first profile, i.e. the profile id (iccid) of the object to be delivered.

In step 805, the profile server may identify whether the first profile that the terminal has requested delivery is a deliverable profile. For the method of identifying whether the first profile is a deliverable profile, the profile reuse policy of the operator may be referred to. When the first profile is a deliverable profile, the profile server may proceed to step 807. When the first profile is not a deliverable profile, the profile server can proceed to step 815.

In step 807, the profile server may prepare for reuse of the first profile and may prepare for download of the activation code necessary for the first profile. In step 807, the state of the prepared first profile may be set to a download impossible state in order to prevent copying of the profile. In step 807, the prepared activation code may include at least an address of the profile server and an event identifier (MatchingID) connected to the first profile.

In step 809, the profile server may send the activation code to the terminal in response, and may also notify the terminal that the first profile needs to be deleted.

In step 811, the profile server may wait for the terminal to provide a notification of the result of deleting the first profile. In step 811, when the profile server receives the result of deleting the first profile from the terminal, the profile server may proceed to step 813.

In step 813, the profile server may change the state of the first profile to a downloadable state.

In step 815, the profile server may prepare a second profile and may prepare an activation code necessary to download the second profile. In step 815, the state of the prepared second profile may be immediately set to a downloadable state. In step 815, the prepared activation code may include at least an address of the profile server and an event identifier (matching ID) connected to the second profile.

In step 817, the profile server may send the activation code to the terminal in response.

In step 819, the profile server may receive a profile download request from the terminal. The profile download request may include at least an event identifier connected to the first profile or an event identifier connected to the second profile.

In step 821, the profile server may identify whether a status of the first profile or the second profile, which the terminal has requested to download, is a downloadable status. When the state of the first profile or the second profile, which the terminal has requested to download, is a downloadable state, the profile server may proceed to step 823. When the state of the first profile or the second profile, which the terminal has requested to download, is not a downloadable state, the profile server may proceed to step 825.

In step 823, the profile server may send a profile package to the terminal in response.

In step 825, the profile server may send an error code to the terminal in response indicating that download of the profile is not possible.

In step 827, the profile server may terminate operation.

Fig. 9 is a block diagram illustrating elements of a terminal according to an embodiment of the present disclosure.

Each of the terminals (the first terminal 210, the second terminal 220, and the terminal described without reference numerals assigned thereto) described in the present disclosure may correspond to the first terminal described with reference to fig. 7A or the second terminal described with reference to fig. 7B. Each of the first terminal 210 and the second terminal 220 may be an embodiment of the terminal in fig. 7A and 7B. The expressions "first" and "second" are only used to indicate that the terminals are physically different terminals.

As shown in fig. 9, the terminal may include a transceiver 910 and a processor 920. Further, the terminal may include a UICC 930. For example, the UICC 930 may be inserted into the terminal or may be an eUICC embedded in the terminal.

The transceiver 910 can transmit and receive signals, information, data, etc. to and from the profile server.

The transceiver 910 according to an embodiment of the present disclosure may transmit a message requesting an activation code to a profile server, may receive the activation code and whether it is necessary to delete a profile from the profile server, and may transmit a result of deleting the profile to the profile server.

The transceiver 910 according to an embodiment of the present disclosure may transmit a message requesting a profile to a profile server by using an activation code, and may receive a profile packet.

The processor 920 is an element that generally controls the terminal. The processor 920 may control the overall operation of the terminal according to various embodiments of the present disclosure. The processor 920 may be named a controller. According to an embodiment of the disclosure, the processor 920 may include at least one processor.

The processor 920 according to an embodiment of the present disclosure may control the terminal to receive a profile delivery request from a user, confirm profile delivery information, transmit a message requesting an activation code to the profile server, receive the activation code and whether it is necessary to delete a profile from the profile server, delete the profile, transmit the result of deleting the profile to the profile server, and transfer the activation code to another terminal.

The processor 920 according to an embodiment of the present disclosure may control the terminal to receive an activation code from another terminal, transmit a message requesting a profile to the profile server by using the activation code, receive a profile package from the profile server, and install the profile package.

The UICC930 according to an embodiment of the present disclosure may download a profile and install the profile. Further, the UICC930 can manage the profile.

The UICC930 can operate under the control of the processor 920. Alternatively, UICC930 can include a processor or controller for installing the profile, or applications can already be installed in UICC 930. A portion of the application may already be installed in the processor 920.

The terminal may further include a storage unit (not shown) and may store data such as a basic program, an application program, or setting information for the operation of the terminal. Further, the storage unit may include at least one storage medium of a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (e.g., SD or XD memory), a magnetic memory, a magnetic disk, an optical disk, a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), or an Electrically Erasable Programmable Read Only Memory (EEPROM). Further, the processor 920 may perform various operations by using various programs, contents, data, and the like stored in the storage unit.

FIG. 10 is a block diagram illustrating elements of a profile server according to an embodiment of the present disclosure.

Each of the profile servers (the first profile server 230, the second profile server 240, and the server described without reference numerals assigned thereto) described in the present disclosure may correspond to the profile server described with reference to fig. 8. Each of first profile server 230 and second profile server 240 may be an embodiment of the servers in fig. 8. The expressions "first" and "second" are only used to indicate that the profile servers are physically different profile servers.

Referring to fig. 10, the profile server may include a transceiver 1010 and a processor 1020.

The transceiver 1010 may transmit and receive signals, information, data and the like to and from a terminal or an operator.

The transceiver 1010 according to an embodiment of the present disclosure may receive a profile delivery request message from a terminal, may transmit a message including an activation code and whether it is necessary to delete a profile to the terminal, may receive a profile deletion message from the terminal, may receive a profile download request message from the terminal, may transmit a profile package to the terminal when a state of the profile is a downloadable state, and may transmit an error code when the state of the profile is a download impossible state.

The processor 1020 is an element for generally controlling the profile server. According to various embodiments of the present disclosure, the processor 1020 may control the overall operation of the profile server. The processor 1020 may be named a controller. According to an embodiment of the disclosure, the processor 1020 may include at least one processor.

The processor 1020 according to an embodiment of the present disclosure may control the profile server to receive a profile delivery request message from the terminal, recognize whether the profile is deliverable, generate an activation code downloadable based on the profile thereof, set a state of the profile to a download impossible state when the profile is deliverable possible, set the state of the profile to a downloadable state when the profile is not deliverable possible, transmit a message including the activation code and whether it is necessary to delete the profile to the terminal, receive a result of deleting the profile from the terminal, change the state of the profile to the downloadable state, receive a profile download request message from the terminal, determine whether the state of the profile is a downloadable state, transmit a profile package to the terminal when the state of the profile is the downloadable state, and transmit an error code when the state of the profile is the download impossible state.

The profile server may further include a storage unit (not shown) and may store data such as a basic program, an application program, or setting information for the operation of the profile server. Further, the storage unit may include at least one storage medium of a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (e.g., SD or XD memory), a magnetic memory, a magnetic disk, an optical disk, a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), or an Electrically Erasable Programmable Read Only Memory (EEPROM). Further, the processor 1020 may perform various operations by using various programs, contents, data, and the like stored in the storage unit.

According to an embodiment of the present disclosure, in a wireless communication system, a terminal may receive a request from a user attempting to install a profile for network connection installed in the terminal in another terminal. Further, the terminal may request an activation code for downloading the profile from the profile server with reference to profile delivery information stored in the terminal, or may read the activation code stored in the terminal. Further, the terminal may delete the profile, i.e., the object to be delivered, in response to a request from the profile server or with reference to profile delivery information stored in the terminal. Furthermore, the terminal may receive the activation code stored in the terminal from the profile server, if necessary, or pass the activation code to another terminal through user input. Further, the terminal may download the profile from the profile server by using the activation code.

According to an embodiment of the present disclosure, in a wireless communication system, a profile server may generate a profile for enabling a terminal to access a network and an activation code necessary for profile download. Further, the profile server may identify whether delivery of the profile is possible in response to a profile delivery request received from the terminal, may transmit an activation code based on which the profile to be delivered may be downloadable and a profile deletion request to the terminal when delivery of the profile is possible, may transmit an activation code based on which a new profile may be downloadable to the terminal when delivery of the profile is not possible, may receive a deletion result of the profile to be delivered from the terminal, may change a state of the profile to a downloadable state, may receive a profile download request from the terminal, may identify whether the profile is downloadable, and may transmit the profile to the terminal when the profile is downloadable.

In the above detailed embodiments of the present disclosure, components included in the present disclosure have been expressed in singular or plural according to the detailed embodiments presented. However, for ease of description, the singular or plural expressions have been selected as appropriate for the proposed cases, and the present disclosure is not limited to the singular or plural components. Although a component has been expressed in the plural, it may be configured in the singular. Although a component has been expressed in the singular, it may be configured in the plural.

Although detailed embodiments have been described in the detailed description of the present disclosure, the present disclosure may be modified in various ways without departing from the scope of the present disclosure. Accordingly, the scope of the present disclosure should not be limited to the above-described embodiments, but should be defined not only by the claims but also by equivalents thereof.

The various embodiments and terms used in the embodiments of the present disclosure are not intended to limit the technology described in the present disclosure to the specific embodiments, but should be construed to include various changes, equivalents and/or alternatives of the respective embodiments. With respect to the description of the figures, like reference numerals may be used in like elements. Unless the context clearly dictates otherwise, expressions in the singular may include expressions in the plural. In the present disclosure, expressions such as "a or B", "at least one of a and/or B", "A, B or C" or "at least one of A, B and/or C" may include all possible combinations of the listed items together. Expressions such as "first", "second", "first" or "second" may modify the respective elements regardless of their order or importance and are only used to distinguish one element from another without limiting the respective elements. When it is described that one (e.g., a first) element is (functionally or communicatively) connected to or "coupled" with another (e.g., a second) element, one element may be directly connected to the other element or may be connected to the other element through the other element (e.g., a third element).

The term "module" as used in this disclosure includes a unit configured as hardware, software, or firmware, and may be used interchangeably with terms such as logic, logic block, component, or circuit. A module may be an integrated part, a minimal unit to perform one or more functions, or a portion thereof. For example, the module may be configured as an Application Specific Integrated Circuit (ASIC).

Various embodiments of the present disclosure may be implemented as software (e.g., a program) including instructions stored in a machine (e.g., computer) readable storage medium (e.g., internal memory or external memory). An apparatus is a device that can call stored instructions from a storage medium and can operate in response to the called instructions, and can include terminals (e.g., first terminal 210, second terminal 220) according to various embodiments of the present disclosure. When the instructions are executed by a processor (e.g., the processor 920 of fig. 9 or the processor 1020 of fig. 10), the processor may perform functions corresponding to the instructions directly or by using other elements under the control of the processor. The instructions may include code generated or executed by a compiler or interpreter.

The machine-readable storage medium may be provided in the form of a non-transitory storage medium. In this case, "non-transitory" merely means that the storage medium does not include a signal and is tangible, and does not distinguish between the case where data is stored in the storage medium semi-permanently or temporarily.

Methods according to various embodiments disclosed in the present disclosure may be included in a computer program product and provided. The computer program product may be traded as a product between a seller and a buyer. The computer program product may be in the form of a device-readable storage medium (e.g., compact disc read only memory (CD-ROM)) or through an application store (e.g., PlayStore)^TM) And (4) online distribution. In the case of online distribution, at least some of the computer program products may be at least temporarily stored or temporarily generated in a storage medium, such as a memory in a manufacturer's server, a server of an application store, or a relay server.

Each element (e.g., module or program) according to various embodiments may be composed of a single entity or multiple entities. In various embodiments, some of the above-described respective sub-elements may be omitted, or other sub-elements may be further included. Alternatively or additionally, some elements (e.g., modules or programs) may be integrated into a single entity. A single entity may perform the functions performed by each of the respective elements before the respective elements are identically or similarly integrated. Operations performed by modules, programs, or other elements according to various embodiments may be performed sequentially, in parallel, repeatedly, or heuristically, or at least some of the operations may be performed in a different order or may be omitted, or other operations may be added.

Claims (15)

1. A method performed by a server in a wireless communication system, comprising:

receiving a request from a first terminal to deliver a first profile;

identifying a likelihood of delivery of the first profile based on the received request to deliver the first profile; and

an activation code of the second profile is sent to the first terminal.

2. The method of claim 1, further comprising: a message is received from a service provider for setting a policy associated with a request to deliver a first profile from a first terminal.

3. The method of claim 1, further comprising:

sending information to a service provider indicating that a request to deliver a first profile has been received from a first terminal;

receiving a first message from a service provider, the first message including information to be noticed by a user determined based on a delivery policy of a first profile; and

a first message is sent to a first terminal.

4. The method of claim 1, further comprising:

receiving a second message from the user, the second message including information regarding whether delivery of the first profile is permitted based on the first message;

sending a third message to the service provider, the third message including information regarding whether delivery of the first profile is permitted based on the second message; and

A fourth message associated with the second profile is received.

5. The method of claim 1, further comprising:

receiving a request from the second terminal to download the second profile;

transmitting a fifth message to the second terminal, the fifth message including information about the second profile and information to be noticed by the user;

receiving a request for information on whether to permit downloading of the second profile and the profile package based on the fifth message from the second terminal; and

the profile packet is sent to the second terminal.

6. A method performed by a first terminal in a wireless communication system, comprising:

receiving a request from a user to deliver a first profile;

sending a message requesting an activation code to a server based on a request to deliver a first profile; and

receiving an activation code for the second profile from the server,

wherein the activation code of the second profile is determined based on the server and the service provider.

7. The method of claim 6, further comprising: sending an activation code for the second profile to the second terminal,

wherein the activation code is marked as a QR code.

8. The method of claim 6, further comprising:

disabling the first profile; and

the disabling result is sent to the server.

9. A server, comprising:

A transceiver capable of transmitting and receiving at least one signal; and

a controller coupled to the transceiver,

wherein the controller is configured to:

receiving a request from a first terminal to deliver a first profile,

identifying a likelihood of delivery of the first profile based on the received request to deliver the first profile, an

An activation code of the second profile is sent to the first terminal.

10. The server of claim 9, wherein the controller is further configured to receive a message from the service provider for setting a policy related to the request to deliver the first profile from the first terminal.

11. The server of claim 9, wherein the controller is further configured to:

sending information to a service provider indicating that a request to deliver a first profile has been received from a first terminal;

receiving a first message from a service provider, the first message including information identified based on a delivery policy of a first profile and requiring attention by a user; and

the first message is sent to the first terminal.

12. The server of claim 9, wherein the controller is further configured to:

receiving a second message from the user, the second message including information regarding whether delivery of the first profile is permitted based on the first message;

Sending a third message to the service provider, the third message including information regarding whether delivery of the first profile is permitted based on the second message; and

a fourth message associated with the second profile is received.

13. The server of claim 9, wherein the controller is further configured to:

receiving a request from the second terminal to download the second profile;

transmitting a fifth message to the second terminal, the fifth message including information about the second profile and information to be noticed by the user;

receiving a request for information on whether to permit downloading of the second profile and the profile package based on the fifth message from the second terminal; and

the profile packet is sent to the second terminal.

14. A first terminal, comprising:

a transceiver capable of transmitting and receiving at least one signal; and

a controller coupled to the transceiver,

wherein the controller is configured to:

a request is received from a user to deliver a first profile,

sending a message to the server requesting the activation code based on the request to deliver the first profile, an

Receiving an activation code for the second profile from the server,

wherein the activation code of the second profile is determined based on the server and the service provider.

15. The first terminal of claim 14, wherein the controller is further configured to:

Sending an activation code of the second profile to the second terminal;

disabling the first profile; and

the result of the disabling is sent to the server,

wherein the activation code is marked as a QR code.

Images