KR101937487B1 - User Equipment with Embedded UICC, Activating Method of User Equipment, Terminating Method of User Equipment, User Equipment Managing Server, User Equipment Ordering Method of User Equipment Managing Server, and User Equipment Activating Method of User Equipment Managing Server - Google Patents

Abstract

The present invention relates to procedures for ordering, opening, and terminating a terminal having a built-in UICC.

Description

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a method of terminating a UICC, a method of terminating a terminal, a method of terminating a terminal, a terminal management server, Method of User Equipment Managing Server, User Equipment Managing Server, and User Equipment Activating Method of User Equipment Managing Server)

The present invention relates to procedures for ordering, opening, and terminating a terminal having a built-in UICC.

A UICC (Universal Integrated Circuit Card) is a smart card inserted in a terminal and can be used as a module for user authentication. The UICC may store the user's personal information and the carrier information of the mobile communication carrier to which the user subscribes. For example, the UICC may include an International Mobile Subscriber Identity (IMSI) for identifying a user. The UICC is also called a Subscriber Identity Module (SIM) card for Global System for Mobile communications (GSM) and a Universal Subscriber Identity Module (USIM) card for a Wideband Code Division Multiple Access (WCDMA) scheme.

When the user attaches the UICC to the user terminal, the user is automatically authenticated using the information stored in the UICC, so that the user can conveniently use the terminal. In addition, when the user changes the terminal, the user can easily replace the terminal by attaching the UICC removed from the existing terminal to the new terminal.

When a terminal requiring miniaturization, for example, a machine to machine (Machine to Machine, M2M) communication, is manufactured with a structure capable of detaching and removing the UICC, miniaturization of the terminal becomes difficult. Thus, a built-in UICC (Embedded UICC) structure, which is a non-removable UICC, has been proposed. The embedded UICC shall record the user information using the corresponding UICC in the form of IMSI.

The existing UICC can be attached to / detached from the terminal, and the user can open the terminal without being concerned with the type of terminal or the mobile communication provider. However, the IMSI in the built-in UICC can be allocated only when a terminal manufactured from the manufacturing of the terminal is used only for a specific mobile communication provider. Both the mobile communication service provider and the terminal manufacturer ordering the terminal are forced to pay attention to the product inventory and the product price is raised. The user is inconvenient that the mobile communication company can not be changed with respect to the terminal. Therefore, even in the case of the built-in UICC, a method by which the user can open the terminal without being bound to the mobile communication service provider is required.

It is an object of the present invention to provide an apparatus and method for a built-in UICC that can be executed in a general manner without being dependent on a mobile communication provider for opening, canceling, and reopening of the terminal.

One embodiment of the present invention is a terminal having a built-in UICC (Universal Integrated Circuit Card), wherein the built-in UICC includes an IMSI storage unit for storing an Integrated Mobile Subscriber Identity (IMSI), a key storage unit for storing an authentication key, Wherein the IMSI stored in the IMSI storage unit is updated with the IMSI included in the decrypted message, and the IMSI stored in the IMSI storage unit is updated with the IMSI included in the decrypted message, wherein the decryption unit decrypts the encrypted message using the IMSI and the authentication key stored in the IMSI storage unit, And the terminal is connected to the terminal.

According to another embodiment of the present invention, there is provided a method for performing authentication and location registration using a virtual integrated IMSI (Integrated Mobile Subscriber Identity) set in a Universal Integrated Circuit Card (UICC) Receiving an encrypted message containing information including an actual IMSI set by the mobile communication carrier; Extracting the actual IMSI by decoding the message and updating the virtual IMSI with the actual IMSI; And requesting authentication and location registration using the actual IMSI.

Another embodiment of the present invention provides a method for transmitting a message comprising: receiving an information encrypted message including a virtual Integrated Mobile Subscriber Identity (IMSI) set in a Universal Integrated Circuit Card (UICC) when manufacturing a terminal; And extracting the virtual IMSI by decoding the message and updating the actual IMSI set by the mobile communication service provider with the virtual IMSI.

According to another embodiment of the present invention, there is provided an IMEI storing unit for storing an IMEI (International Mobile Equipment Identity) of a terminal; A virtual IMSI storage unit for storing a virtual IMSI (Integrated Mobile Subscriber Identity) set in a Universal Integrated Circuit Card (UICC) when manufacturing a terminal; A key storage unit for storing an authentication key of the terminal; And an encryption unit for generating an encrypted message using the virtual IMSI and the authentication key from the information including the actual IMSI set by the mobile communication service provider.

Another embodiment of the present invention includes: receiving first ordering information including a quantity of a terminal and model information from a server of a mobile communication provider; Transmitting second ordering information including a range of an IMEI (International Mobile Equipment Identity) and a virtual IMSI (Integrated Mobile Subscriber Identity) of the terminal to the terminal manufacturer server in addition to the first ordering information; Receiving first device information including an IMEI, a virtual IMSI, and an authentication key of each terminal manufactured by the terminal manufacturer server; And transmitting second device information that deletes the authentication key information from the first device information to the server of the mobile communication service provider.

According to another embodiment of the present invention, there is provided a mobile communication system, comprising: receiving from a server of a mobile communication provider an International Mobile Equipment Identity (IMEI) of a terminal and an Integrated Mobile Subscriber Identity (IMSI) set by a mobile communication carrier; Transmitting an authentication key of the terminal to a server of the mobile communication provider; Receiving a location registration request from the terminal; And transmitting a message, which is encrypted with information including the actual IMSI, to the terminal.

Another embodiment of the present invention is an ordering method of a built-in UICC using a joint server, wherein the common server is a built-in UICC maker system or a built-in UICC-equipped terminal maker system, (I) receiving the ordering information, and (ii) adding the first ordering information to the built-in UICC maker system or the built-in UICC-equipped terminal maker system so that the range of the International Mobile Equipment Identity (IMEI) and the virtual Integrated Mobile Subscriber Identity And receiving the first device information including the IMEI and the virtual IMSI of each terminal manufactured by the built-in UICC manufacturer system or the built-in UICC-equipped terminal manufacturer system, And provides an ordering method.

Another embodiment of the present invention is a method of terminating a terminal using a built-in UICC-equipped terminal, an MNO server and a joint server interlocked with the built-in UICC terminal, wherein the common server receives an OTA transmission request signal according to termination from the MNO server Generating an OTA message including second identification information different from virtual identification information provided at the time of issuance of the embedded UICC, and using an encryption key shared only between the embedded UICC and the common server in the issuing of the embedded UICC The method comprising: encrypting the OTA message; and transmitting the encrypted OTA message to the terminal to update the actual identification information previously stored in the built-in UICC with the second virtual identification information. .

According to the present invention described above, the opening, re-opening and re-opening of a terminal having a built-in UICC can be performed in a general manner without being dependent on a mobile communication provider.

1 is a block diagram showing a communication system to which an embodiment of the present invention is applied;
FIG. 2 is a block diagram showing a configuration of a terminal having a built-in UICC in FIG.
FIG. 3 is a block diagram showing the configuration of a common server in FIG.
FIG. 4 is a flowchart illustrating a terminal ordering method according to an embodiment of the present invention;
FIG. 5 is a flowchart illustrating a service agent method of a terminal according to an embodiment of the present invention;
6 and 7 are flow charts showing a service opening method of a terminal according to an embodiment of the present invention, and
8 is a flowchart illustrating a service termination method of a terminal according to an embodiment of the present invention.

Hereinafter, some embodiments of the present invention will be described in detail with reference to exemplary drawings. It should be noted that, in adding reference numerals to the constituent elements of the drawings, the same constituent elements are denoted by the same reference symbols as possible even if they are shown in different drawings. In the following description of the present invention, a detailed description of known functions and configurations incorporated herein will be omitted when it may make the subject matter of the present invention rather unclear.

1 shows a communication system to which an embodiment of the present invention is applied.

Referring to FIG. 1, a communication system 100 includes a terminal 110, a base station 120, a base station controller 130, a Serving GPRS Support Node (SGSN) 140, an HLR / AuC / OTA A home location register / authentication center / over-the-air server 150, a signal transfer point (STP) 160, a mobile network operator (MNO) server 170, (180) and a joint server (190).

In this embodiment, the terminal 110 is a terminal including an embedded UICC (Embedded Universal Integrated Circuit Card). The terminal 110 may be a Machine to Machine (M2M) terminal that is particularly required to be miniaturized, but in the embodiment of the present invention, the terminal 110 is not limited to the M2M terminal.

2 shows an example of the configuration of the terminal 110 including the embedded UICC.

Referring to FIG. 2, the UE 110 includes a Mobile Equipment (ME) 111 and a built-in UICC 112 embedded in the ME 111. The ME includes an IMEI storage 113 for storing an International Mobile Equipment Identity (IMEI) for identifying each ME, and a mobile subscriber ISDN number (MSISDN) And an MSISDN storage unit 114 for storing the MSISDN. The built-in UICC 112 includes an ICCID storage unit 115 for storing an ICCID (Integrated Circuit Card Identity) for identifying a UICC, an IMSI storage unit 116 for storing an International Mobile Subscriber Identity (IMSI) ), A key storage unit 117 for storing a Subscriber Key (Ki) as an authentication key, and an Operator Constant (OPc). The embedded UICC 112 may further include a decryption unit 118 capable of decrypting the encrypted message using the authentication keys Ki and OPc stored in the key storage unit 117. [

The IMEI is a unique number assigned to the ME, which is used to identify the ME. The IMEI can be composed of a 15-digit decimal number, and the 15-digit number can be classified into an 8-digit TAC (Type Approval Code), a 6-digit SNR (Serial Number), and a 1-digit spare. TAC is a value given by the terminal manufacturer from the IMEI Allocation Association, SNR is the serial number by the terminal manufacturer, and Spare is a value for determining whether the TAC and SNR are valid.

MSISDN means the number used by the actual user. MSISDN can be composed of CC (Country Code) assigned to each country, NDC (National Destination Code) for identifying a communication carrier, and SN (Serial Number), which is a serial number belonging to each communication carrier.

The IMSI is stored in the UICC and is used to represent user information. The IMSI may be composed of a 15-digit decimal number, and the 15-digit number may be classified as a 3-digit Mobile Country Code (MCC), a 2 or 3-digit Mobile Network Code (MNC), and a Mobile Subscriber Identification Number (MSIN) . MCCs are assigned to each country. The MNC is used together with the MCC to identify MNOs in that country. MSIN is a value for identifying a user. The prefix of the MSIN can be determined by the MNO's policy, such as identifying the attributes of the user (eg, prepaid subscriber, postpaid subscriber) or identifying the HLR that accepts subscriber information. Alternatively, it is also possible to use MSIN by defining it in the same system as MSISDN.

Referring again to FIG. 1, the terminal 110 may communicate with the base station 120. The base station 120 generally refers to a station that communicates with the terminal 110 and includes a Node-B, an evolved Node-B (eNB), a Base Transceiver System (BTS), an Access Point ), A relay node (relay node), and the like.

One or more base stations 120 may be controlled by base station controller 130. The base station controller 130 may be referred to by other terms such as a Base Station Controller (BSC), a Radio Network Controller (RNC), a Mobile Mobility Entity (MME), and a Serving GateWay (S-GW).

The SGSN 140 is a node responsible for data packet delivery. The SGSN 140 may have functions such as routing and transmission of packets, mobility management, logical link management, authentication, charging, and the like. The location register of the SGSN 140 may store location information of a user registered in the SGSN, a user profile (IMSI), and the like.

The SGSN 140 may communicate with the HLR / AuC / OTA server 150. The HLR can check the location of the mobile communication subscriber and grasp the information about the subscriber to control various additional services such as calling / calling prohibition. The main function of the AuC is to authenticate subscribers in the mobile communication network and to support encryption for the wireless communication interval. The AuC may also store the IMSI stored in the embedded UICC 112 of the terminal 110. The OTA allows information about system registration to be sent and received.

The STP 160 refers to a signal point dedicated to the transmission of a signaling message. 1, STP 160 is shown as being located between SGSN 140 and MNO server 170, joint server 180 for convenience, but STP 160 may be located between them Lt; RTI ID = 0.0 > signaling messages. ≪ / RTI >

The MNO server 170 is a server operated by a mobile communication network operator (MNO) to which a user of the AT 110 subscribes. The MNO server 170 may communicate with a computer (not shown) of the mobile communication network agent in contact with the user. The MNO server 170 may generate an IMSI to be stored in the built-in UICC 112 of the terminal 110 when the user purchases the terminal 110 through the mobile communication network agent.

The manufacturer server 180 is a server capable of communicating with the MNO server 170 and the joint server 190 and receiving terminal ordering information from the outside and transmitting the terminal information to the outside when the terminal is manufactured.

The joint server 190 is a server jointly used by a plurality of MNOs and / or terminal manufacturers. The joint server 190 may be operated by one or more of the MNO, the terminal manufacturer, or by a trusted third party other than the MNO, the terminal manufacturer.

3 is a block diagram showing the configuration of the common server 190. As shown in FIG.

3, the common server 190 includes an IMEI storage unit 191 for storing the IMEI of a terminal, a virtual IMSI storage unit 192 for storing a virtual IMSI of a terminal to be described later, a virtual MSISDN A virtual MSISDN storage unit 193 for storing an authentication key, and a key storage unit 194 for storing authentication keys such as Ki, OPc, and the like. The joint server 190 further includes an actual IMSI storage unit 195 for temporarily storing the actual IMSI of the terminal to be described later and an actual MSISDN storage unit 196 for temporarily storing the actual MSISDN of the terminal to be described later . The joint server 190 may further include a communication unit 197 for communicating with the SGSN 140, the STP 160, the MNO server 170, the manufacturer server 180, and the like. In addition, the common server 190 may further include an encryption unit 198 for performing encryption.

The ordering, opening, and termination procedures of the terminal in the communication system having the above-described configuration will be described in detail below.

4 is a flowchart illustrating a terminal ordering method according to an embodiment of the present invention.

Referring to FIG. 4, when the MNO wants to purchase a terminal from a terminal manufacturer, the MNO server 170 accesses the common server 190 and registers the order information INPUT FILE1 (step S401). The order information (INPUT FILE1) may include information such as the terminal model, order quantity, etc., but does not include the UICC information (for example, ICCID, IMSI, etc.) embedded in the terminal.

For example, the order information INPUT FILE1 may include the following information.

- Order quantity (for example, 100,000 pieces)

- terminal model

Then, the MNO server 170 notifies the manufacturer server 180 that the order information (INPUT FILE1) has been registered in the joint server 190 (step S402).

The joint server 190 receiving the order information INPUT FILE1 from the MNO server 170 processes the order information INPUT FILE1 to generate the order information INPUT FILE2 (step S403).

For example, the order information INPUT FILE2 may include the following information.

- Order quantity (for example, 100,000 pieces)

- Card profile information

- Card Specification Information

- 3GOp for encryption

- Transport_key for encryption

- IMEI start number

- Virtual IMSI start number

- Virtual MSISDN start number

The virtual IMSI and the virtual MSISDN are IMSI and MSISDN stored in the terminal before the terminal is opened, and they are managed by the joint server 190 and not the MNO server 170. To distinguish it from the actual IMSI actually used after opening the terminal, the virtual IMSI may have a number that is distinct from the actual IMSI. For example, the virtual IMSI may have a separately allocated MCC, MNC. Alternatively, the virtual IMSI may have a separate number (MSIN) assigned by the MNO. Thus, the SGSN 140 can distinguish the IMSI from the virtual IMSI in the process of opening the terminal, which will be described later.

The manufacturer server 180 accesses the common server 190 and confirms the ordering information INPUT FILE2 (step S404). At this time, the object other than the manufacturer server 180 can not confirm the order information (INPUT FILE2). For this purpose, the joint server 190 may use a separate public certificate and various encryption techniques.

Alternatively, it is possible for the joint server 190 to transmit the order information INPUT FILE2 to the manufacturer server 180. [

The manufacturer server 180 creates the terminal based on the order information INPUT FILE2 and generates the information of the UICC built in the manufactured terminal as the device information OUTPUT FILE1 and uploads it to the common server 190 ).

For example, the device information (OUTPUT FILE1) may include the following information.

Device 1

IMEI = 123456789012345

Virtual IMSI = 999011020012345

Virtual MSISDN = 99123456789

UICC_Ki = 32 digits Hexa (0 to F)

UICC_OPc = 32 digits Hexa (0 to F)

...

Device 100,000

IMEI = 123456789112345

Virtual IMSI = 999011020112345

Virtual MSISDN = 99123556789

UICC_Ki = 32 digits Hexa (0 to F)

UICC_OPc = 32 digits Hexa (0 to F)

The information of IMEI, virtual IMSI, virtual MSISDN and authentication keys UICC_Ki and UICC_OPc of the device information OUTPUT FILE1 is stored in the IMEI storage unit 113 of each corresponding terminal 110, The MSISDN storage unit 114, the key storage unit 117, and the like.

The joint server 190 receiving the device information OUTPUT FILE1 transmits the IMEI, the virtual IMSI, the virtual MSISDN and the authentication key to the IMEI storage unit 191, the virtual IMSI storage unit 192, the virtual MSISDN storage unit 193, And stores it in the authentication key storage unit 194 (step S406).

Then, the common server 190 generates device information (OUTPUT FILE2) to be transmitted to the MNO server 170 by processing the device information (OUTPUT FILE1) (S407). The device information (OUTPUT FILE2) is information in which the authentication-related information is removed so that the MNO server 170 does not manage authentication-related information. Then, the corresponding terminals are set to be able to be opened only by the MNO that ordered the terminal.

For example, the device information (OUPUT FILE2) may include the following information.

Device 1

IMEI = 123456789012345

Virtual IMSI = 999011020012345

Virtual MSISDN = 99123456789

...

Device 100,000

IMEI = 123456789112345

Virtual IMSI = 999011020112345

Virtual MSISDN = 99123556789

The MNO server 170 accesses the common server 190 to download the device information OUTPUT FILE2 and stores this information (step S408).

Alternatively, the device information (OUTPUT FILE2) may be information in which the virtual IMSI and the virtual MSISDN information are further deleted. In this case, the MNO server 170 stores only the IMEI information of each terminal.

When the ordering process is completed, the MNO has the terminal manufactured by the terminal manufacturer and knows the IMEI, the virtual IMSI, and the virtual MSISDN (or IMEI only) of the terminal. Then, the joint server 190 knows the IMEI, the virtual IMSI, the virtual MSISDN, and the authentication key of the terminal.

Next, the procedure of opening the terminal will be described with reference to FIG. 5 to FIG.

5 is a flow chart illustrating a process of the canister of the terminal.

Referring to FIG. 5, a customer visiting a MNO's agent purchases a terminal and determines an MSISDN (actual MSISDN) to use. The IMEI and the actual MSISDN of the terminal purchased by the customer are transmitted to the MNO server 170 through the MNO's sales network (S501).

The MNO server 170 maps the IMEI / actual MSISDN to the actual IMSI to be actually granted to the terminal (step S502). The IMEI, the actual MSISDN, and the actual IMSI are transmitted to the joint server 190.

The joint server 190 determines whether the MNO requesting the opening is an MNO that has ordered the terminal, and may fail the opening request when the MNO requests the opening of the MNO. Alternatively, it may be determined whether or not the terminal requesting the opening is in a released state. If the terminal is not canceled, the failure can be handled. The joint server 190 stores the actual MSISDN and the actual IMSI when the opening is allowed (S503).

Next, the common server 190 transmits a terminal connection request response to the MNO server 170 (step S504). The terminal activation request response includes authentication information (Ki, OPc) to be stored in the HLR / AuC / OTA server 150.

The MNO server 170 receives the authentication information (Ki, OPc) received from the joint server 190, the actual IMSI allocated by the MNO server 170, the actual MSISDN selected by the client, and the like to the HLR / AuC / OTA server 150 (Step S505). That is, the actual IMSI and the authentication information can be registered in the AuC and OTA server, and the subscriber profile can be generated in the HLR and the like.

When the above process is completed, the subscriber is managed as a baggage state and a terminal activation request response is transmitted to the agency (S506).

6 is a flowchart showing a method of performing location registration and OTA reception using a virtual IMSI.

Referring to FIG. 6, when the terminal 110 is powered on, the terminal 110 requests authentication from the joint server 190 using the virtual IMSI allocated when the terminal is manufactured (operation S601). The virtual IMSI is a value that can be distinguished from the actual IMSI, and the STP 160 can transmit an authentication request from the terminal 110 using the virtual IMSI to the common server 190. [

The joint server 190 generates an authentication vector and transmits the authentication vector to the terminal 110 (S602).

Next, the SGSN 140 requests location registration to the joint server 190 using the virtual IMSI (S603).

Since the joint server 190 reports the virtual IMSI and the virtual IMSI is used in the corresponding MNO, it is checked whether the corresponding MNO has received the location registration request (step S604) Location registration is permitted (step S605). Thus, the terminal 110 completes the location registration using the virtual IMSI. At this time, the terminal 110 sets a profile capable of receiving only a Short Message Service (SMS), and performs location registration.

Next, the encryption unit 198 of the joint server 190 encrypts the actual IMSI and the actual MSISDN stored in step S503 of FIG. 5 to generate an OTA message (step S606). The encryption of the actual IMSI and the actual MSISDN may be performed by using the authentication key stored in the key storage unit 194 or by using the virtual IMSI stored in the virtual IMSI storage unit 192 and the authentication key stored in the key storage unit 194 .

The generated OTA message is transmitted to the terminal 110 in step S607 and the decryption unit 118 of the terminal 110 transmits the OTA message to the IMSI storage unit 116 and the key storage unit 117 of the UICC 112 And stores the actual IMSI and the actual MSISDN extracted from the OTA message in the IMSI storage unit 116 and the MSISDN storage unit 114, respectively (step S608) .

The terminal 110 transmits an OTA message reception response to the common server 190 in step S609, and the common server 190 deletes the stored actual IMSI and the actual MSISDN in step S610. Thus, the actual IMSI and the actual MSISDN of the UE managed by the specific MNO are not stored in the joint server 190 jointly used by a plurality of MNOs and terminal manufacturers.

Then, the terminal 110 which has transmitted the OTA message reception response to the joint server 190 reboots (S611).

The authentication and location registration process of the terminal 110 that rebooted is shown in FIG.

When the process of FIG. 6 is completed, the terminal 110 stores the actual IMSI and the actual MSISDN, not the virtual IMSI and the virtual MSISDN. In addition, the terminal 110 stores the authentication key input during the manufacture of the terminal. The HLR / AuC / OTA server 150 stores the actual IMSI and the authentication key in step S505 of FIG.

The terminal 110 that has rebooted transmits the authentication request using the actual IMSI (step S701). The actual IMSI is a value that can be distinguished from the virtual IMSI, and the STP 160 transmits an authentication request from the terminal 110 using the actual IMSI to the HLR / AuC / OTA server 150.

The HLR / AuC / OTA server 150 performs authentication by transmitting the authentication vector to the terminal 110 using the authentication key (step S702).

Next, the SGSN 140 requests location registration to the HLR / AuC / OTA server 150 using the actual IMSI (step S703).

The HLR / AuC / OTA server 150 sees the actual IMSI and permits location registration (step S704).

Thus, the location registration of the terminal 110 is completed and normal use becomes possible.

Next, the termination procedure of the terminal will be described below.

FIG. 8 is a flowchart showing a method of terminating a terminal.

At this time, the terminal 110 stores the actual IMSI and the actual MSISDN, and performs communication with the MNO system using them. MNO server 170 may store the actual IMSI, actual MSISDN of terminal 110 and optionally also store virtual IMSI and virtual MSISDN. The joint server 190 stores the virtual IMSI and the virtual MSISDN of the terminal 110.

The customer visiting the MNO agent requests the termination of the terminal 110. The MNO agent transmits a terminal termination request including information on the IMEI and the actual MSISDN to the MNO server 170 (step S801).

The MNO server 170 transmits the unused information of the terminal including the information of the IMEI to the common server 190 (step S802).

The joint server 190 extracts the information of the terminal using the IMEI, and stores the corresponding terminal as being not used by the MNO (step S803). Alternatively, the joint server 190 stores the terminal 110 as being usable by another MNO. Then, the joint server 190 transmits a response to the MNO server 170 when the setting is completed (step S804). If the MNO server 190 does not know the virtual IMSI and the virtual MSISDN, the response message may include information of the virtual IMSI and the virtual MSISDN.

The MNO server 190 requests OTA transmission to the HLR / AuC / OTA server 150 (step S805). The OTA transfer request includes information of the virtual IMSI and the virtual MSISDN.

The HLR / AuC / OTA server 150 encrypts the information including the virtual IMSI and the virtual MSISDN using the actual IMSI and the authentication key to generate an OTA message (S806). Alternatively, it is also possible to encrypt information including the virtual IMSI and the virtual MSISDN using only the authentication key.

The generated OTA message is transmitted to the terminal 110 (step S807). The terminal 110 decrypts the received OTA using the actual IMSI and the authentication key, extracts the virtual IMSI and the virtual MSISDN from the received OMSI, and extracts the extracted virtual IMSI and virtual MSISDN instead of the actual IMSI and the actual MSISDN, And stores it in the MSISDN storage unit 114 and the MSISDN storage unit 114 (step S808).

If the HLR / AuC / OTA server 150 notifies the MNO server 170 of the OTA message transmission response (step S809), the HLR / AuC / OTA server 150 notifies the MNO server 170 of the OTA message transmission response The controller 170 requests the HLR / AuC / OTA server 150 to delete the information related to the terminal 110 including the actual IMSI and the authentication key in step S811. Meanwhile, at this time, the MNO server 170 can delete information of the stored virtual IMSI and virtual MSISDN.

When the above process is completed, the terminal 110 may store the virtual IMSI and the virtual MSISDN, and may be opened by another MNO using the virtual IMSI and the virtual MSISDN information stored in the common server 190.

9 to 13 relate to a second embodiment of the present invention.

It is possible that the subject requesting registration of the first UE ordering information to the common server in the built-in UICC environment is not the MNO but the terminal manufacturer including the built-in UICC maker or the built-in UICC. That is, the built-in UICC maker can develop the built-in UICC without being related to the MNO to be opened, and the MNO or the terminal manufacturer can supply and develop the terminal by receiving the supply.

Also, in the method according to the first embodiment, the revoked MNO, that is, the donor MNO knows the virtual IMSI and the authentication key of the built-in UICC even after termination. Thus, the MNO to be changed, i.e., the OTA message (the actual IMSI encrypted with the authentication key and the actual MSISDN update message) of the receiving MNO, can be interpreted. Accordingly, the donor MNO can know the actual IMSI, the actual MSISDN, and the authentication key given to the built-in UICC terminal by the receiving MNO, and knowing the actual IMSI and the authentication key is the same as that of the embedded UICC. If the donor MNO is able to replicate the embedded UICC, it will be able to hack the subscriber's voice calls, SMS / MMS, and data services.

In order to solve this problem, in the second embodiment of the present invention described below, processing for changing the virtual IMSI to the actual IMSI and the actual IMSI to the virtual IMSI are all performed by the common server or the terminal management server, The embodiment may use an OTA key included in the second terminal order information other than the OTA encryption using the IMSI and the authentication key for encryption shared only between the embedded UICC and the common server as an encryption key for the corresponding OTA process have.

In addition, when the MNO is revoked, the donor MNO is updated with the second virtual IMSI and the second virtual MSISDN different from the virtual IMSI and the virtual MSISDN that were initially stored in the built-in UICC, so that the changed value can not be used.

9 is a flowchart showing a terminal ordering method according to a second embodiment of the present invention.

9, a built-in UICC manufacturer or a built-in UICC-equipped terminal manufacturer system accesses a common server to register first terminal installation information (INPUT FILE 1) (S910). In this case, The built-in UICC-equipped terminal model information, the card (embedded UICC) specification information, and the like, but the present invention is not limited thereto.

The joint server generates second terminal ordering information (INPUT FILE 2) based on the first terminal ordering information (S920), and provides the second terminal ordering information to the built-in UICC manufacturer or the built-in UICC-equipped terminal manufacturer system S930) The second UE ordering information may include the following information, but is not limited thereto.

- Order quantity (for example, 100,000 pieces)

- Card profile information

- 3GOp for encryption

- Transport key for encryption (Transport_key)

- OTA key for encryption

- Virtual IMSI start number

- Virtual MSISDN start number

The built-in UICC manufacturer or the built-in UICC-equipped terminal manufacturer system that has received the second terminal ordering information (INPUT FILE 2) generates the first device information (OUTPUT FILE 1) and uploads it to the common server (S940) And stores and manages the first device information OUTPUT FILE1 (S950)

The first device information OUTPUT FILE1 may include, but is not limited to, the following information.

As information on the device 1,

- IMEI = 123456789012345

- Virtual IMSI = 999011020012345

- Virtual MSISDN = 99123456789

- UICC_Ki = 32 digits Hexa (0 to F)

- UICC_OPc = 32 digits Hexa (0 to F)

As information on the device 100,000,

- IMEI = 123456789112345

- Virtual IMSI = 999011020112345

- Virtual MSISDN = 99123556789

- UICC_Ki = 32 digits Hexa (0 to F)

- UICC_OPc = 32 digits Hexa (0 to F)

FIG. 10 is a flowchart illustrating a bookstore process of a terminal according to a second embodiment of the present invention.

The customer visiting the MNO's agent purchases the terminal and determines the MSISDN (actual MSISDN) to use. The IMEI, the virtual IMSI, the virtual MSISDN, and the actual MSISDN of the terminal purchased by the customer are transmitted to the MNO server through the sales network of the MNO (S1010).

The MNO server transmits the IMEI, the virtual IMSI, and the virtual MSISDN of the terminal to the common server to inquire about whether the terminal can be opened (S1020). After determining the availability, the MNO server transmits a terminal openable response to the MNO server S1030). The joint server or the MNO server may fail to handle the terminal if it is not possible to open the terminal (for example, if it is being requested or opened by another MNO).

Next, the MNO server generates an actual IMSI to be actually granted to the terminal and maps the IMEI, the virtual IMSI, the virtual MSISDN, the actual IMSI, and the actual MSISDN of the terminal to the terminal if the response is received that the terminal can be opened from the common server S1040).

Then, the MNO server transmits a terminal opening request signal including IMEI, virtual IMSI, virtual MSISDN, actual IMSI, and actual MSISDN of the terminal to the common server (S1050). The joint server stores the IMEI, the virtual IMSI, the virtual MSISDN, the actual IMSI, and the actual MSISDN of the UE included in the UE opening request signal.

Next, the common server transmits a terminal opening request response signal to the MNO server (S1060). The terminal activation request response includes authentication information (Ki, OPc) to be stored in the HLR / AuC / OTA server.

The MNO server creates a subscriber in the HLR / AuC / OTA server using the authentication information (Ki, OPc) received from the common server, the actual IMSI assigned by the MNO server, the actual MSISDN selected by the client, and the like in operation S1070. That is, the actual IMSI and the authentication information can be registered in the AuC and OTA server, and the subscriber profile can be generated in the HLR and the like.

When the above process is completed, the subscriber is managed as a baggage state and a terminal activation request response is transmitted to the agency (S1080).

11 is a flowchart illustrating a method of performing location registration and OTA reception using a virtual IMSI according to a second embodiment of the present invention.

Referring to FIG. 11, when the terminal is powered on, the terminal requests the common server to access the common server using the virtual IMSI allocated when the terminal is manufactured (S1105). The virtual IMSI is a value that can be distinguished from the actual IMSI, and the STP can transmit the location registration request from the terminal using the virtual IMSI to the common server.

Since the joint server confirms the virtual IMSI and the virtual IMSI is registered in the handover process as being used in the corresponding MNO, it is checked whether the corresponding MNO has received the location registration request (S1110) Generates an authentication vector using the authentication key, and transmits the authentication vector to the terminal to request authentication (S1115).

The terminal receiving the authentication request performs authentication using the stored authentication key at the time of issuance (S1120). The joint server transmits the location registration response to the terminal when the authentication is normally completed (S1125).

Thus, the terminal completes the location registration using the virtual IMSI. At this time, the terminal sets a profile capable of receiving only a Short Message Service (SMS) to perform location registration.

Next, the encryption unit of the common server encrypts the stored actual IMSI and actual MSISDN using an encryption key shared only between the common server and the embedded UICC, and generates an OTA message (S1130). The generated OTA message is transmitted to the terminal (S1135). The terminal's decoder decodes the OTA message using the encryption key shared only between the common server and the embedded UICC at the time of manufacturing the terminal, and transmits the actual IMSI extracted from the OTA message The actual MSISDN is stored in the IMSI storage unit and MSISDN storage unit, respectively (S1140).

Then, the terminal transmits an OTA message reception response to the common server (S1145) and then performs a reboot (S1150). Meanwhile, at this time, it is possible for the SGSN and the STP to delete the stored information to be processed for the virtual IMSI and the virtual MSISDN.

12 illustrates an authentication and location registration process of a terminal that has performed the reboot according to the second embodiment of the present invention.

When the process of FIG. 11 is completed, the terminal stores the actual IMSI and the actual MSISDN instead of the virtual IMSI and the virtual MSISDN. In addition, the terminal stores the authentication key inputted at the time of manufacturing the terminal. The HLR / AuC / OTA server stores the actual IMSI and authentication key.

The re-booting terminal transmits a location registration request using the actual IMSI (S1210). The actual IMSI is a value that can be distinguished from the virtual IMSI, and the STP transmits the location registration request from the terminal using the actual IMSI to the HLR / AuC / OTA server.

The HLR / AuC / OTA server generates an authentication vector using the authentication key and transmits the authentication vector to the terminal (S1220, S1230).

The HLR / AuC / OTA server completes authentication and transmits a location registration response to the terminal (S1240). When the authentication is normally completed, the location registration is allowed for the actual IMSI. Thereby, the location registration of the terminal is completed and normal use becomes possible.

13 is a flowchart showing a method of terminating a terminal according to a second embodiment of the present invention.

At this time, the terminal stores the actual IMSI and the actual MSISDN, and performs communication with the MNO system using them. The MNO server stores the actual IMSI and actual MSISDN of the UE. The joint server may store the actual IMSI of the MS and the actual MSISDN, and may optionally store the virtual IMSI and the virtual MSISDN.

The customer visiting the MNO agent requests the termination of the terminal. The MNO agent transmits a terminal release request signal including information of the IMEI and the actual MSISDN to the MNO server (S1305).

The MNO server transmits information on the unused use of the terminal including the information of the IMEI to the common server (S1310)

The joint server extracts the information of the terminal using the IMEI and stores the corresponding terminal as unused by the corresponding MNO (unused information storage; S1315). Alternatively, the joint server stores the terminal as available for use by another MNO. When the setting is completed, the joint server transmits an unused notification response to the corresponding MNO server (S1320).

Next, the MNO server requests the OTA transmission to the joint server (S1325), and the joint server generates the OTA message (S1330).

In this case, the OTA message includes the second virtual identification information, that is, the information of the second virtual IMSI and the second virtual MSISDN, and the information of the second virtual IMSI and the second virtual MSISDN is previously set It is desirable that the value is different from the virtual IMSI and virtual MSISDN values.

The common server encrypts the information including the second virtual IMSI and the second virtual MSISDN using an encryption key shared only between the common server and the embedded UICC to generate an OTA message. The generated OTA message is transmitted to the terminal (S1335). The terminal decodes the received OTA using the encryption key shared only between the common server and the embedded UICC, extracts the second virtual IMSI and the second virtual MSISDN from the decrypted OTA, extracts the second virtual IMSI and the second virtual MSISDN instead of the actual IMSI and the actual MSISDN, IMSI and the second virtual MSISDN are stored in the IMSI storage unit and the MSISDN storage unit, respectively (S1340). In this process, the encryption key shared between the common server and the built-in UICC includes a 3GOp value for encryption included in the second terminal ordering information (INPUT FILE 2) described in FIG. 9, an OTA key for encryption, Key (Transport_Key).

If the joint server successfully receives the OTA message transmission response (S1345) and the joint server notifies the MNO server thereof (S1350), the MNO server sends an HLR / AuC / OTA server to the terminal including the actual IMSI and the authentication key And requests deletion of the information (S1355). In this manner, the common server transmits an OTA transmission response to the terminal, and deletes the actual IMSI and the actual MSISDN of the MNO that has been revoked (S1360).

Thus, the actual IMSI and the actual MSISDN of a terminal managed by a specific MNO are not stored in a joint server jointly used by a plurality of MNOs and terminal manufacturers.

When the above process is completed, the terminal may store the second virtual IMSI and the second virtual MSISDN, and may be opened by another MNO using the second virtual IMSI and the second virtual MSISDN information stored in the common server. It will be understood by those of ordinary skill in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Therefore, the embodiments disclosed in the present invention are intended to illustrate rather than limit the scope of the present invention, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be construed according to the following claims, and all technical ideas within the scope of equivalents should be construed as falling within the scope of the present invention.

Claims (17)

A terminal having a built-in UICC (Universal Integrated Circuit Card)
The embedded UICC includes:
An IMSI storage unit for storing a first Integrated Mobile Subscriber Identity (IMSI);
A key storage unit for storing an authentication key; And
And a decryption unit for decrypting the encrypted message received from the mobile communication network using the first IMSI and the authentication key stored in the IMSI storage unit,
Wherein the first IMSI stored in the IMSI storage unit is updated with a second IMSI included in the decrypted message. The method according to claim 1,
The first IMSI stored in the IMSI storage unit is a virtual IMSI set when the UE is manufactured,
Wherein the second IMSI included in the decrypted message is an actual IMSI set by the mobile communication carrier. The method according to claim 1,
Wherein the first IMSI stored in the IMSI storage unit is an actual IMSI set by the mobile communication service provider,
Wherein the second IMSI included in the decoded message is a virtual IMSI established when the terminal is manufactured. The method according to claim 2 or 3,
Wherein the virtual IMSI and the actual IMSI have a format different from each other. Requesting authentication and location registration using a virtual integrated IMSI (Integrated Mobile Subscriber Identity) set in a Universal Integrated Circuit Card (UICC) when manufacturing a terminal;
Receiving an encrypted message containing information including an actual IMSI set by the mobile communication carrier;
Extracting the actual IMSI by decoding the message and updating the virtual IMSI with the actual IMSI; And
And requesting authentication and location registration using the actual IMSI. 6. The method of claim 5,
Wherein the decryption of the message is performed using the virtual IMSI and the authentication key stored in the UICC. A method for terminating a mobile communication service in a terminal using a mobile communication service using an actual Integrated Mobile Subscriber Identity (IMSI) set by a mobile communication service provider,
Comprising: receiving an encrypted message containing a virtual IMSI set in a Universal Integrated Circuit Card (UICC) when manufacturing a terminal;
Decoding the message to extract the virtual IMSI; And
And updating the actual IMSI with the virtual IMSI. 8. The method of claim 7,
Wherein the decryption of the message is performed using the real IMSI and the authentication key stored in the UICC. An IMEI storage unit for storing International Mobile Equipment Identity (IMEI) of the terminal;
A virtual IMSI storage unit for storing a virtual IMSI (Integrated Mobile Subscriber Identity) set in a Universal Integrated Circuit Card (UICC) when manufacturing a terminal;
A key storage unit for storing an authentication key of the terminal; And
And an encryption unit for generating an encrypted message using the virtual IMSI and the authentication key from information including an actual IMSI set by the mobile communication carrier,
Wherein the virtual IMSI or the real IMSI is used for opening or closing the terminal. 10. The method of claim 9,
And a temporary storage unit for temporarily storing the actual IMSI. 10. The method of claim 9,
Wherein the virtual IMSI and the actual IMSI have a format different from each other. delete Receiving an International Mobile Equipment Identity (IMEI) of a terminal and an actual Integrated Mobile Subscriber Identity (IMSI) set by a mobile communication provider from a server of the mobile communication provider;
Transmitting an authentication key of the terminal to a server of the mobile communication provider;
Receiving a location registration request from the terminal; And
And transmitting a message enciphered with information including the actual IMSI to the terminal,
Wherein the actual IMSI is used for updating the virtual IMSI stored in the terminal. 14. The method of claim 13,
Further comprising the step of deleting the actual IMSI. 14. The method of claim 13,
Wherein the encrypted message is encrypted using the virtual IMSI and the authentication key set at the time of manufacturing the terminal. delete A method of terminating a terminal using a common server interlocked with an embedded UICC-equipped terminal and an MNO server,
Receiving, by the common server, an OTA transmission request signal according to termination of the terminal from the MNO server;
Generating an OTA message including second virtual identification information different from first virtual identification information provided at the time of issuing the embedded UICC;
Encrypting the OTA message using an encryption key shared only between the embedded UICC and the common server in issuing the embedded UICC; And
And transmitting the encrypted OTA message to the terminal,
Wherein the actual identification information stored in the built-in UICC is updated with the second virtual identification information.

Images