KR20240110301A - Method of Subscriber Identify Module Configuration for User Equipment in Wireless communication system and Apparatus therefor - Google Patents

Abstract

A method for a terminal to configure an eSIM (embedded subscriber identifier module) in a wireless communication system according to an embodiment of the present invention involves downloading an eSIM profile while the terminal is not connected to a data network. Based on what the terminal is instructed to do, detect whether valid SIM information exists in the terminal; As the valid SIM information is detected within the terminal, accessing a specific data network selected from at least one data network of a mobile communication operator corresponding to the valid SIM information; And it may include downloading the eSIM profile through the specific data network.

Description

Method of configuring subscriber identification module of user equipment in wireless communication system and device therefor {Method of Subscriber Identify Module Configuration for User Equipment in Wireless communication system and Apparatus therefor}

The present invention relates to a method and a device for setting a subscriber identification module (SIM) of a user equipment (UE) in a wireless communication system, and more specifically, to an eSIM (embedded) device embedded in the user equipment. It relates to a method of setting up a Subscriber Identify Module and a device for doing so.

Subscriber Identity Module (SIM) has been used to authenticate subscribers in various wireless communication systems, including 3G, 4G, and 5G. The conventional SIM method was to use a SIM card in the form of a physical IC chip. When the SIM card is physically inserted into the terminal through the SIM card insertion tray, subscriber authentication can be performed by exchanging information about the SIM card with the mobile network through wireless communication. Recently, the term SIM is understood to refer to USIM (Universal Subscriber Identity Module). More specifically, USIM is a type of SIM and is an improved version of (Legacy) SIM. The narrow SIM term refers to a (legacy) SIM card used in early wireless communications such as 2G, for example, GSM, but the broad SIM term encompasses USIM. The main difference between USIM and SIM in the narrow sense is that it supports 3G and later generations of wireless communication systems, and USIM provides improved features compared to the SIM in the narrow sense in terms of enhanced security, such as encrypted calls and data exchange. . However, because USIM provides backward compatibility, USIM can be used in 2G wireless communication systems.

SIM is basically a UICC (Universal Integrated Circuit Card) that contains both account information and memory. USIM cards store subscriber information and authentication information. USIM cards can also provide storage space for contacts, such as text messages and phone numbers. USIM's improved security provides more reliable services, and examples of such applications include mobile banking, video conferencing, improved phone books, and mobile bookmarks. APN (Access Point Name) settings can also be written directly to the USIM card. Hereinafter, (e)SIM used in this specification is not limited to the SIM in the narrow sense described above, but refers to SIM in a broad sense encompassing USIM.

Meanwhile, SIM is not limited to physical SIM cards in the form of IC chips, and SIM in the form of eSIM (embedded SIM) also exists. In the case of eSIM, it is based on standards approved by member operators of GSMA, a global wireless carrier association, and was initially referred to as remote SIM provisioning (RSP), and the chip for this was called eUICC (Embedded Universal Integrated Circuit Card). ). Recently, the term eSIM has been used more widely than RSP or eUICC. There are two types of eSIM, one for M2M (Machine to Machine) such as connected cars and the other for user devices such as smartphones.

Previously, physical SIM cards have been used in Korea, but recently, eSIM has begun to be introduced. For user authentication using the eSIM method, the eSIM profile, which is the essential digital signature content of the SIM card, must be downloadable to the terminal through Over-The-Air (OTA).

Republic of Korea Patent Publication No. 10-2021-0157410 (2021.12.28), "Technology for Remote SIM Provisioning" is configured for remote subscriber identity module (SIM) provisioning (RSP) and the MNO node of the mobile network operator (MNO). Disclosed is a technology for operating an RSP node that includes or is connectable to an interface for communicating with.

The technical problem to be achieved by the present invention includes providing a method and a device for performing eSIM setup more efficiently in a wireless communication system.

The present invention is not limited to the technical problems described above, and other technical problems can be inferred from the embodiments disclosed herein.

In a wireless communication system according to an aspect of the present invention, a method for a terminal to configure an embedded subscriber identifier module (eSIM) includes downloading an eSIM profile while the terminal is not connected to a data network. Based on what is instructed to the terminal, detect whether valid SIM information exists in the terminal; As the valid SIM information is detected in the terminal, accessing a specific data network selected from at least one data network of a mobile communication operator corresponding to the valid SIM information; And it may include downloading the eSIM profile through the specific data network. The specific data network may be a wireless local area network (WLAN) operated by the mobile communication service provider. The terminal may perform a user authentication procedure for accessing the WLAN based on the detected valid SIM information.

According to another aspect of the present invention, a computer-readable recording medium recording program code for performing the above-described method of setting up an eSIM may be provided.

A terminal for wireless communication according to another aspect of the present invention includes an embedded subscriber identifier module (eSIM); A transceiver that transmits or receives wireless signals; And based on the terminal being instructed to download an eSIM profile while the terminal is not connected to a data network, detect whether valid SIM information exists within the terminal, and As the valid SIM information is detected, a processor accesses through the transceiver a specific data network selected from at least one data network of a mobile communication operator corresponding to the valid SIM information, and downloads the eSIM profile through the specific data network. may include. The specific data network may be a wireless local area network (WLAN) operated by the mobile communication service provider. The processor may perform a user authentication procedure for accessing the WLAN based on the detected valid SIM information.

As an example, at least one data network of the mobile communication service provider may include a 3rd generation partnership protocol (3GPP) access network and a non-3GPP access network. The Non-3GPP access network may include a WLAN operated by the mobile communication service provider. The terminal may download the eSIM profile by selecting a WLAN operated by the mobile communication operator among the Non-3GPP access network and the 3GPP access network including the WLAN operated by the mobile communication operator.

As an example, at least one data network of the mobile communication service provider may include a 3rd generation partnership protocol (3GPP) access network, a Trusted Non-3GPP access network, and an Untrusted Non-3GPP access network. Based on the fact that the WLAN operated by the mobile communication service provider is the Trusted Non-3GPP access network, the terminal can download the eSIM profile through the Trusted Non-3GPP access network rather than the Untrusted Non-3GPP access network. .

Downloading the eSIM profile through the specific data network includes requesting the eSIM profile to an SM-DP+ (Subscription Manager-Data Preparation+) server through the specific data network; And it may include receiving the eSIM profile created by the SM-DP+ server through the specific data network.

For example, until setup for the eSIM is completed, the terminal's access rights to the specific data network may be restricted to access for downloading the eSIM profile.

(i) Preferably, until the setting for the eSIM is completed, the terminal's access rights to the specific data network include access to the SM-DP+ (Subscription Manager-Data Preparation+) server that creates and transmits the eSIM profile. It can be limited by . Until the setup for the eSIM is completed, the terminal's access to a network address different from the network address of the SM-DP+ server may be blocked on the specific data network.

(ii) Preferably, transmission or reception of packets other than packets related to downloading of the eSIM profile may be blocked on the specific data network until the setting for the eSIM is completed. The packet related to downloading the eSIM profile may include at least one of a first packet for requesting the eSIM profile and a second packet including the eSIM profile.

(iii) Preferably, as the timer set for downloading the eSIM profile expires, the terminal's access authority to the specific data network may expire. As the terminal begins downloading the eSIM profile, the timer may be reset or stopped. Based on the fact that the terminal has not downloaded the eSIM profile until the timer expires, the terminal's access to the specific data network may be blocked.

(iv) Preferably, as the counter value counting the number of attempts to download the eSIM profile by the terminal reaches a threshold, the terminal's access authority to the specific data network may expire.

As an example, the method may further include detecting a command instructing to download the eSIM profile based on the user's operation of the terminal. The user's operation of the terminal is to scan a QR (quick response) code containing information about the SM-DP+ (Subscription Manager- Data Preparation+) server that creates and transmits the eSIM profile, or to the SM-DP+ server. It may include at least one of the user's manual input of information. The terminal can determine whether the terminal is connected to any data network based on detection of the command.

Based on the fact that the terminal is not connected to a data network, the terminal can automatically search for the valid SIM information, access the specific data network, and download the eSIM profile without additional manipulation by the user of the terminal.

If the valid SIM information is not detected within the terminal, the terminal may display a screen for manual input of the user's WLAN settings of the terminal.

In a wireless communication system according to another aspect of the present invention, a method in which a network node supports settings for an eSIM (embedded subscriber identifier module) of a terminal is provided when eSIM opening for a mobile communication operator operating the network node is not completed. Receiving an access request for a data network from a non-user terminal; Approving access of the terminal to a specific data network among at least one data network of the mobile communication service provider based on the fact that the access request is for downloading an eSIM profile required for opening the eSIM; Obtaining the eSIM profile of the terminal from SM-DP+ (Subscription Manager- Data Preparation+) server; And it may include transmitting the obtained eSIM profile to the terminal through the specific data network. The specific data network may be a wireless local area network (WLAN) operated by the mobile communication service provider. The network node may approve the terminal's access to the WLAN based on whether the terminal's SIM information included in the terminal's access request is valid.

According to another aspect of the present invention, a computer-readable recording medium recording program code for performing the method for supporting the setting of the eSIM of the terminal described above may be provided.

In a wireless communication system according to another aspect of the present invention, a network node that supports configuration of an embedded subscriber identifier module (eSIM) of a terminal includes a communication interface; and receiving an access request for a data network from a user terminal for which eSIM opening has not been completed for a mobile communication service provider operating the network node through the communication interface, wherein the access request is an eSIM profile required for opening the eSIM. Based on the download of (profile), the terminal's access to a specific data network among at least one data network of the mobile communication service provider is approved, and the terminal's It may include a processor that acquires an eSIM profile and transmits the obtained eSIM profile to the terminal through the specific data network. The specific data network may be a wireless local area network (WLAN) operated by the mobile communication service provider. The processor may approve the terminal's access to the WLAN based on whether the terminal's SIM information included in the terminal's access request is valid.

As an example, the network node may perform a user authentication procedure for access to the WLAN based on whether the SIM information of the terminal is valid.

As an example, the network node may approve the terminal's access to the specific data network based on the terminal attempting to download the eSIM profile while the terminal is not connected to any data network.

As an example, at least one data network of the mobile communication service provider may include a 3rd generation partnership protocol (3GPP) access network and a non-3GPP access network. The Non-3GPP access network may include a WLAN operated by the mobile communication service provider. The network node may allow the terminal to access a WLAN operated by the mobile communication operator among the 3GPP access network and the Non-3GPP access network including the WLAN operated by the mobile communication operator.

For example, until setup for the eSIM is completed, the terminal's access rights to the specific data network may be restricted to access for downloading the eSIM profile.

(i) Preferably, until the setting for the eSIM is completed, the terminal's access rights to the specific data network include access to the SM-DP+ (Subscription Manager-Data Preparation+) server that creates and transmits the eSIM profile. It can be limited by . Until the setup for the eSIM is completed, the terminal's access to a network address different from the network address of the SM-DP+ server may be blocked on the specific data network.

(ii) Preferably, transmission or reception of packets other than packets related to downloading of the eSIM profile may be blocked on the specific data network until the setting for the eSIM is completed. The packet related to downloading the eSIM profile may include at least one of a first packet for requesting the eSIM profile and a second packet including the eSIM profile.

(iii) Preferably, as the timer set for downloading the eSIM profile expires, the terminal's access authority to the specific data network may expire. As the terminal begins downloading the eSIM profile, the timer may be reset or stopped. Based on the fact that the terminal has not downloaded the eSIM profile until the timer expires, the terminal's access to the specific data network may be blocked.

(iv) Preferably, as the counter value counting the number of attempts to download the eSIM profile by the terminal reaches a threshold, the terminal's access authority to the specific data network may expire.

According to one embodiment of the present invention, over-the-air (OTA) access dedicated to eSIM setup is provided to the terminal by the mobile communication service provider, so that eSIM setup can be performed more efficiently and smoothly.

The technical effects of the present invention are not limited to the effects described above, and other technical effects can be inferred from the embodiments disclosed in this specification.

1 illustrates physical channels and typical signal transmission used in a 3GPP system.
Figure 2 shows the schematic structure of the 3GPP NR system.
Figure 3 is a diagram to explain connectivity between a 3GPP-based mobile communication system and a wireless local area network (WLAN) coupled thereto.
Figure 4 shows the eSIM profile provisioning environment of a terminal through WLAN.
Figure 5 shows the eSIM profile setting procedure between the network and the terminal.
Figures 6 and 7 show a user interface of a terminal for setting an eSIM profile.
Figures 8 and 9 illustrate a procedure for setting an eSIM profile of a terminal according to an embodiment of the present invention.
Figure 10 shows the flow of a method in which a network node supports setting an eSIM profile of a terminal according to an embodiment of the present invention.
Figure 11 shows a terminal according to an embodiment of the present invention.
Figure 12 shows a network node according to one embodiment of the present invention.

Exemplary implementations of the present specification are described in detail with reference to the attached drawings. The detailed description set forth below along with the accompanying drawings is intended to describe exemplary implementations of the present specification and is not intended to represent the only implementation forms that may be implemented in accordance with the present specification. The detailed description below includes specific details to provide a thorough understanding of the disclosure. However, it will be apparent to those skilled in the art that the present disclosure may be practiced without these specific details.

In various examples of this disclosure, “/” and “,” should be interpreted as indicating “and/or.” For example, “A/B” can mean “A and/or B.” Furthermore, “A, B” may mean “A and/or B.” Furthermore, “A/B/C” may mean “at least one of A, B and/or C.” Furthermore, “A, B, C” may mean “at least one of A, B and/or C.”

For convenience of explanation, implementations of this specification are mainly described with respect to a 3GPP-based wireless communication system. however. The technical features of this specification are not limited thereto. For example, the following detailed description is described based on a mobile communication system corresponding to a 3GPP-based wireless communication system, but aspects of the present specification that are not limited to a 3GPP-based wireless communication system can be applied to other mobile communication systems. For terms and technologies not specifically mentioned among the terms and technologies used in this specification, reference may be made to wireless communication standard documents (3GPP TS 36 series, 37 series, and/or 38 series) before this specification was published.

In this specification, the UE may be fixed or mobile, and includes various devices that communicate with a base station (BS) to transmit and receive user data and/or various control information. UE includes (Terminal Equipment), MS (Mobile Station), MT (Mobile Terminal), UT (User Terminal), SS (Subscribe Station), wireless device, PDA (Personal Digital Assistant), and wireless modem. ), can be called a handheld device, etc. Additionally, in this specification, BS generally refers to a fixed station that communicates with the UE and/or other BSs, and exchanges various data and control information by communicating with the UE and other BSs. BS may be called by different terms, such as Advanced Base Station (ABS), Node-B (NB), evolved-NodeB (eNB), Base Transceiver System (BTS), Access Point, and Processing Server (PS). In particular, the BS of UMTS is called NB, the BS of EPC/LTE is called eNB, and the BS of new radio (NR) system is called gNB.

In this specification, a node refers to a fixed point that can transmit/receive wireless signals by communicating with the UE. Various types of eNBs can be used as nodes regardless of their names. For example, a BS, NB, eNB, pico-cell eNB (PeNB), home eNB (HeNB), relay, repeater, etc. may be nodes. Additionally, the node may not be an eNB. For example, it may be a radio remote head (RRH) or a radio remote unit (RRU). RRH, RRU, etc. generally have a power level lower than the power level of the eNB. Since RRH or RRU (hereinafter referred to as RRH/RRU) is generally connected to eNB through a dedicated line such as an optical cable, compared to cooperative communication by eNBs generally connected through wireless lines, RRH/RRU and eNB Collaborative communication can be performed smoothly. At least one antenna is installed in one node. The antenna may refer to a physical antenna, an antenna port, a virtual antenna, or an antenna group.

Figure 1 illustrates physical channels and typical signal transmission used in a 3GPP system.

Referring to FIG. 1, a terminal that is turned on again from a power-off state or newly entered a cell performs an initial cell search task, such as synchronizing with the base station (S101). For this purpose, the terminal receives SSB (Synchronization Signal Block) from the base station. SSB includes PSS/SSS and PBCH. The terminal synchronizes with the base station based on PSS/SSS and obtains information such as cell ID (cell identity). Additionally, the terminal can acquire broadcast information (eg, Master Information Block, MIB) within the cell based on the PBCH. Meanwhile, the terminal can check the DL channel status by receiving the DL RS. The terminal that has completed the initial cell search can obtain more specific system information by receiving the PDCCH and the corresponding PDSCH (S102). Afterwards, the terminal can perform a random access procedure to complete access to the base station (S103 to S106) (4-step process). Specifically, the terminal may transmit a preamble through PRACH (S103) and receive a Random Access Response (RAR) through the PDCCH and the corresponding PDSCH (S104). Afterwards, the terminal can transmit PUSCH using the scheduling information in the RAR (S105) and perform a contention resolution procedure through the PDCCH and the corresponding PDSCH (S106). When the random access process is performed in two steps, S103/S105 is performed as one step (the terminal performs transmission) (message A), and S104/S106 is performed as one step (the base station performs transmission). This can be done (Message B). The terminal that has performed the above-described procedure can then perform PDCCH/PDSCH reception (S107) and PUSCH/PUCCH transmission (S108) as a general downlink/uplink signal transmission procedure. The control information transmitted from the terminal to the base station is called UCI (Uplink Control Information). UCI includes HARQ-ACK (Hybrid Automatic Repeat and reQuest Acknowledgment), SR (Scheduling Request), and CSI (Channel State Information). CSI includes Channel Quality Indicator (CQI), Precoding Matrix Indicator (PMI), Rank Indication (RI), etc. UCI is generally transmitted through PUCCH, but when control information and data must be transmitted simultaneously, it can be transmitted through PUSCH. Additionally, according to the network's request/instruction, the terminal may transmit UCI (e.g., CSI) aperiodically through PUSCH.

Figure 2 shows the structure of an NR system to which the present invention can be applied.

Referring to FIG. 2, the 5G system (5GS) includes a 5G core network (CN), a 5G access network (AN), and a terminal (not shown). The 5G core network provides connectivity to the Internet and application servers.

3GPP Next Generation Radio Access Network (NG RAN) can be based on one of the following options:

- Stand Alone NR base station

- Upgraded Stand Alone LTE (Long Term Evolution) base station to connect to 5G core network

- Non-Stand Alone base station using NR as anchor and LTE as extension

- Non-Stand Alone base station using LTE as anchor and NR as extension

The NR base station is referred to as gNode B (gNB), and the LTE base station (connected to the 5G core network in Figure 2) is referred to as eNB.

NG-RAN (New Generation-Radio Access Network) may include a gNB and/or eNB that provide user plane and control plane protocol termination to the terminal. gNB and eNB are connected to each other through the Xn interface. gNB/NB is connected to the 5th generation core network (5G Core Network: 5GC) and the NG interface. gNB/eNB is connected to AMF (access and mobility management function) through the NG-C interface. The gNB is connected to the Access and Mobility Management Function (AMF) through the N2 interface and to the User Plane Function (UPF) through the N3 interface. gNB /eNB includes inter-cell radio resource management (Inter Cell RRM), radio bearer management (RB control), Connection Mobility Control, Radio Admission Control, measurement configuration and provision (Measurement configuration & provision) Functions such as provision and dynamic resource allocation can be provided. AMF can provide functions such as NAS security and idle state mobility handling.

Figure 3 is a diagram to explain connectivity between a 3GPP-based mobile communication system and a wireless local area network (WLAN) coupled thereto.

Previously, only NG RAN was shown as a 5G access network in FIG. 2, but the 5G access network in FIG. 3 includes a non-3GPP access network. An example of a Non-3GPP access network is a Wireless Local Area Network (WLAN) based on WiFi. Non-3GPP access networks use the Non-3GPP Interworking Function (N3IWF) to allow connectivity with the 5G core network. N3IWF supports 3GPP interfaces for the 5G core network and non-3GPP interfaces for the non-3GPP access network. The non-3GPP access network may include either an Untrusted non-3GPP access network and/or a Trusted non-3GPP access network.

Referring to FIG. 3, a gNB/eNB in a 3GPP access network is connected to a user plane function (UPF) through an NG-U interface. An access point (AP) in a non-3GPP access network is connected to the UPF through N3IWF. UPF can provide functions such as mobility anchoring and PDU processing. UPF can be connected to another data network.

Meanwhile, SMF (Session Management Function) connected to UPF and AMF can provide functions such as terminal IP address allocation and PDU session control.

A UE connected to an AP in a non-3GPP access network may be referred to as a STA (station) (see Std. of IEEE 802.11 a/b/g/n/ac/ax, etc.).

A terminal with a built-in eSIM may use a Non-3GPP access network to download an eSIM profile. A terminal with a built-in eSIM can store/operate at least one eSIM profile. The eSIM profile may include mobile carrier information or contract information, such as the number assigned to the eSIM. In the case of a physical SIM card, the information is recorded on the SIM itself, whereas in the case of an eSIM, the profile information is downloaded from the network in an OTA manner. In this way, the series of processes for downloading a profile is sometimes referred to as provisioning.

Figure 4 shows an eSIM profile download environment using a Non-3GPP access network.

First, when a user of an eSIM terminal applies for subscription to a mobile communication service provider, the mobile communication service provider provides the information/eSIM information of the user who applied for subscription to the SM-DP+ server.

The SM-DP+ server is responsible for profile creation, download, remote management (activation, deactivation, update, deletion), protection of operator credentials, and security when the profile is downloaded to the terminal. Specifically, the SM (Subscription Manager) function (server) is required to remotely set up/download (provision) an eSIM, and the SM function for eSIM includes SM-DP (Data Preparation) and SM-SR (Secure Routing). It can be included. The combination of SM-DP (Data Preparation) and SM-SR (Secure Routing) is defined as SM-DP+.

CI (Certificate Issuer) is connected to the SM-DP+ server and issues digital certificates for secure authentication/communication between entities.

Meanwhile, a server (not shown) that can search what mobile communication services (profiles) a user can use may be provided, and this is referred to as SM-DS (Discovery Server). For example, SM-DS can mediate the SM-DP+ server to find the terminal equipped with eSIM without having to check which network it is connected to. SM-DS can be operated by GSMA and connected to SM-DP+ server.

In this way, the terminal can access the SM-DP+ (Subscription Manager-Data Preparation+) server through the WiFi network and download the eSIM profile from the SM-DP+ server. The terminal can download the final eSIM profile created by the mobile communication service provider for a specific line and device from the SM-DP+ server.

Meanwhile, the terminal can use the address of the SM-DP+ server to access the SM-DP+ server. In particular, if the terminal is not capable of automatically downloading the eSIM profile wirelessly, for example, if the terminal cannot find the necessary settings and must download the profile manually, the SM-DP+ server must be accessed by user operation. For this purpose, an SM-DP+ address may be provided to the user or terminal.

In order for the terminal to automatically download the eSIM profile, the terminal must be properly configured for the network through prior coordination between the mobile communication service provider and the terminal manufacturer. In addition, a basic network connection (e.g., WiFi, etc.) is required for the terminal to access the SM-DP+ server on the network.

Figure 5 shows the eSIM profile setting procedure between the network and the terminal.

Referring to Figure 5, the user applies for subscription to a mobile communication service provider (501).

The mobile communication service provider requests the SM-DP+ server to create an eSIM profile for the user (505).

Additionally, the mobile communication service provider delivers access information to the SM-DP+ server to the user (510). Connection information for the SM-DP+ server may include address information for the SM-DP+ server. Address information for the SM-DP+ server may also be provided as a QR code.

The user enters access information for the SM-DP+ server into a terminal equipped with an eSIM (515). Entering connection information for the SM-DP+ server may be performed, for example, through scanning a QR code or through manual entry of a string for an activation code. More specifically, with reference to Figures 6 and 7, we will look at examples of entering connection information for the SM-DP+ server.

Figure 6 corresponds to inputting access information to the SM-DP+ server performed through scanning a QR code. Users can scan the QR code by running the device's camera application or by selecting the device's Settings > Cellular Settings > Add Rate Plan item to scan the QR code. Since the address information for the SM-DP+ server is encoded in the QR code, the terminal can access the SM-DP+ server by scanning the QR code. The terminal may display a user interface screen asking for user approval before connecting to the SM-DP+ server obtained through QR code scanning.

Figure 7 assumes the case where the activation code is provided to the user in string form. Figure 7 is based on the manual input of the activation code and corresponds to a QR code in an environment where the QR code cannot be scanned (e.g., when the terminal's camera is malfunctioning or QR information must be searched on the terminal to be activated, etc.) This can be understood as an example of manually inputting information by the user. For the manual input shown in FIG. 7, the user can sequentially select the terminal's Settings > Cellular > Add Rate Plan item and then manually enter the activation code.

Returning to Figure 5, as connection information for the SM-DP+ server is input, the terminal can connect to the SM-DP+ server and request an eSIM profile (520). The SM-DP+ server may provide download of the eSIM profile to the terminal in response to the terminal's request (525). As described above, eSIM profile requests and downloads can be performed through access to a data network (e.g., the Internet), and (if the terminal does not have access to any mobile communication network) the data network is WiFi-based. It could be WLAN.

The terminal installs the downloaded eSIM profile (530).

The terminal notifies the mobile communication service provider that the eSIM profile installation has been successfully completed, and completes mobile communication subscription and line opening (535).

As described above, in order to download and open an eSIM profile, the user wishing to join must connect to the SM-DP+ server in an environment where network access is available. To support access to the SM-DP+ server, mobile communication providers can provide a QR code containing the SM-DP+ address or provide the SM-DP+ address through various means such as text or email.

In order for the terminal to download an eSIM profile, the terminal must be in an environment in which access to a data network is possible, but the user of the terminal may not be aware of whether data network access is available or may not be aware that access to the data network is necessary. In this case, users frequently attempt to download an eSIM profile through the terminal (e.g., scan a QR code, etc.) even though the terminal cannot connect to the data network. In other words, the user must scan the QR code provided by the mobile communication service provider (or manually enter the address) while the terminal can access the SM-DP+ server to download the eSIM profile. However, there are frequent cases where eSIM profile download fails due to scanning the QR code (or manually entering the address) without knowing this.

Some manufacturers' terminals provide a pop-up message to users who attempt to set up an eSIM profile while not connected to a data network: “You need to connect to WiFi or a physical SIM card capable of connecting to the network.” In other words, users must manually connect to WiFi or insert a physical SIM card to create an environment in which they can connect to the data network. Meanwhile, some manufacturers' terminals do not even provide pop-up messages like this, so the user of the terminal must do so. There is a problem that makes it difficult to determine the cause and solution for eSIM profile download failure.

In order to solve this problem, according to an embodiment of the present invention, when attempting to download an eSIM profile, the terminal determines whether data is available, and if access to the data network is not possible, automatically connects to WiFi and then connects to SM-DP+. proposes. For example, a method to download an eSIM profile more conveniently and efficiently is proposed.

Meanwhile, when using a WiFi network without a separate authentication process (e.g., Untrusted non-3GPP Access Network), security problems may occur during automatic connection, so according to an embodiment of the present invention, when attempting to download an eSIM profile, the mobile communication service provider A method is proposed to connect (e.g., automatically or preferentially) to a WiFi network (e.g., Trusted non-3GPP Access Network) provided/operated by .

Meanwhile, in order to access a WiFi network provided by a mobile communication service provider, a prior authentication process is required, and the authentication process is generally performed through the terminal's SIM. Accordingly, the embodiments of the present invention described later may be limited to cases in which the terminal for which an eSIM is to be opened is equipped with a USIM card or is equipped with an eSIM, so that authentication required for access to a WiFi network can be performed.

Figure 8 shows an example of eSIM settings of a terminal according to an embodiment of the present invention.

Referring to FIG. 8, the terminal receives a command (e.g., scanning a QR code containing an SM-DP+ address or manually entering an activation code, etc.) to attempt to download an eSIM profile (801).

Based on the occurrence of a command to attempt to download an eSIM profile in the terminal, the terminal determines whether it can connect to the data network (805).

If the terminal can connect to the data network, the terminal downloads the eSIM profile (810).

If the terminal is not able to connect to the data network, the terminal determines whether there is a SIM (i.e., (e)UICC) available to the terminal, e.g., a USIM card mounted or a downloaded eSIM (e.g., a valid eSIM profile). ) Check whether there is (815).

If there is an available SIM in the terminal, the terminal automatically attempts to connect to the data network (e.g., WiFi AP) of the mobile carrier corresponding to the SIM (825), and as access to the data network is completed, the eSIM profile is created. You can download it (810). As described above, in order to access a WiFi AP operated by a mobile communication service provider, an authentication process based on information stored in the terminal's SIM (e.g. confirmation of the service provider configuration) is required, so the mobile communication service provider can only be used if the SIM is installed in the terminal. Automatic connection to the WiFi AP operated by can be performed. Meanwhile, WiFi Zones operated by mobile communication service providers are expanding.

If there is no SIM available in the device, the device may pop up a guidance message (eg, " WiFi connection is required to download an eSIM profile ") and display a user interface for WiFi settings so that the user can manually connect to WiFi. (820).

In this way, when a user attempts to download an eSIM profile while access to the data network is not secured, the terminal determines whether an available SIM is installed and, if a SIM is installed, connects to the WiFi AP of the mobile communication service provider corresponding to the SIM. Automatic connection may be attempted. As a result of the automatic connection attempt, if the data network is accessible, the terminal can connect to the SM-DP+ server (without any additional user operation) and download/install the eSIM profile.

Figure 9 shows the flow of a method in which a terminal performs configuration for an embedded subscriber identifier module (eSIM) in a wireless communication system according to an embodiment of the present invention.

As described above, the terminal can detect a command instructing to download an eSIM profile based on the operation of the terminal user. The user's operation of the terminal is to scan a QR (quick response) code containing information about the SM-DP+ (Subscription Manager- Data Preparation+) server that creates and transmits the eSIM profile, or to scan the information about the SM-DP+ server. It may include at least one of the user's manual input. The terminal can determine whether the terminal is connected to any one data network based on detection of the command.

The terminal may discover whether valid SIM information exists within the terminal based on the terminal being instructed to download an eSIM profile while the terminal is not connected to any data network (A01 ).

As valid SIM information is detected within the terminal, the terminal can access a specific data network selected from at least one data network of the mobile communication service provider corresponding to the valid SIM information (A05). The specific data network may be a wireless local area network (WLAN) operated by a mobile communication service provider. The terminal may perform a user authentication procedure for accessing the WLAN based on the detected valid SIM information.

The terminal can download the eSIM profile through a specific data network (A15).

Based on the fact that the terminal is not connected to the data network, the terminal performs a series of setup processes for the eSIM, including searching for valid SIM information (A01), accessing a specific data network (A05), and downloading the eSIM profile (A15). It can be performed automatically without any additional manipulation by the terminal user.

As an example, at least one data network of a mobile communication service provider may include a 3rd generation partnership protocol (3GPP) access network and a non-3GPP access network. Non-3GPP access networks may include WLANs operated by mobile carriers. The terminal can download the eSIM profile by selecting the WLAN operated by the mobile communication operator among the Non-3GPP access network and 3GPP access network including the WLAN operated by the mobile communication operator.

As an example, at least one data network of a mobile communication service provider may include a 3rd generation partnership protocol (3GPP) access network, a Trusted Non-3GPP access network, and an Untrusted Non-3GPP access network. Based on the fact that the WLAN operated by the mobile communication service provider is a Trusted Non-3GPP access network, the terminal can download the eSIM profile through the Trusted Non-3GPP access network rather than the Untrusted Non-3GPP access network.

Downloading an eSIM profile through a specific data network involves requesting an eSIM profile from the SM-DP+ (Subscription Manager- Data Preparation+) server through a specific data network; And it may include receiving the eSIM profile created by the SM-DP+ server through a specific data network.

For example, until the eSIM setup is completed, the terminal's access rights to a specific data network may be limited to access to download the eSIM profile. As an exemplary method of restricting access, at least one of the rules (i) to (iv) below may be defined/set in the terminal and/or network node, but is not limited thereto.

(i) Until the eSIM setup is completed, the terminal's access rights to a specific data network may be restricted to access to the SM-DP+ (Subscription Manager-Data Preparation+) server that creates and transmits the eSIM profile. Until the eSIM setup is completed, the terminal's access to a network address that is different from the network address of the SM-DP+ server may be blocked on a specific data network.

(ii) Until the setup for eSIM is completed, transmission or reception of packets other than those related to downloading the eSIM profile may be blocked on a specific data network. The packet related to downloading the eSIM profile may include at least one of a first packet for requesting the eSIM profile and a second packet including the eSIM profile.

(iii) As the timer set for downloading the eSIM profile expires, the terminal's access rights to a specific data network may expire. As the terminal begins downloading the eSIM profile, the timer may be reset or stopped. Based on the fact that the terminal has not downloaded the eSIM profile until the timer expires, the terminal's access to a specific data network may be blocked.

(iv) As the counter value counting the number of attempts to download the eSIM profile by the terminal reaches the threshold, the terminal's access rights to a specific data network may expire.

Meanwhile, when valid SIM information is not detected within the terminal, the terminal may display a screen for manual input of the terminal user's WLAN settings.

FIG. 10 illustrates a method in which a network node supports configuration of an embedded subscriber identifier module (eSIM) of a terminal in a wireless communication system according to an embodiment of the present invention.

Referring to FIG. 10, a network node may receive a request for access to a data network from a terminal of a user who has not completed eSIM activation for the mobile communication service provider operating the network node (B01).

The network node may approve the terminal's access to a specific data network among at least one data network of the mobile communication service provider based on the terminal's access request for downloading an eSIM profile required for eSIM opening ( B05). The specific data network may be a wireless local area network (WLAN) operated by a mobile communication service provider. The network node may approve the terminal's access to the WLAN based on whether the terminal's SIM information included in the terminal's access request is valid.

The network node can obtain the eSIM profile of the terminal from the SM-DP+ (Subscription Manager- Data Preparation+) server (B15).

The network node can transmit the acquired eSIM profile to the terminal through a specific data network (B20).

As an example, the network node may perform a user authentication procedure for access to the WLAN based on the fact that the terminal's SIM information is valid.

As an example, a network node may approve a terminal's access to a specific data network based on the terminal attempting to download an eSIM profile while the terminal is not connected to any data network.

As an example, at least one data network of a mobile communication service provider may include a 3rd generation partnership protocol (3GPP) access network and a non-3GPP access network. Non-3GPP access networks may include WLANs operated by mobile carriers. The network node may allow the terminal to access the WLAN operated by the mobile communication operator among the Non-3GPP access network and 3GPP access network including the WLAN operated by the mobile communication operator.

For example, until the eSIM setup is completed, the terminal's access rights to a specific data network may be limited to access to download the eSIM profile. As an exemplary method of restricting access, at least one of the rules (i) to (iv) below may be defined/set in the terminal and/or network node, but is not limited thereto.

(i) Until the eSIM setup is completed, the terminal's access rights to a specific data network may be restricted to access to the SM-DP+ (Subscription Manager-Data Preparation+) server that creates and transmits the eSIM profile. Until the eSIM setup is completed, the terminal's access to a network address that is different from the network address of the SM-DP+ server may be blocked on a specific data network.

(ii) Until the setup for eSIM is completed, transmission or reception of packets other than those related to downloading the eSIM profile may be blocked on a specific data network. The packet related to downloading the eSIM profile may include at least one of a first packet for requesting the eSIM profile and a second packet including the eSIM profile.

(iii) As the timer set for downloading the eSIM profile expires, the terminal's access rights to a specific data network may expire. As the terminal begins downloading the eSIM profile, the timer may be reset or stopped. Based on the fact that the terminal has not downloaded the eSIM profile until the timer expires, the terminal's access to a specific data network may be blocked.

(iv) As the counter value counting the number of attempts to download the eSIM profile by the terminal reaches the threshold, the terminal's access rights to a specific data network may expire.

Figure 11 shows a terminal according to an embodiment of the present invention.

Referring to FIG. 11, a terminal may include a smartphone, smart pad, wearable device (e.g., smart watch, smart glasses), or portable computer (e.g., laptop, etc.). A terminal may be referred to as User Equipment (UE), Mobile Station (MS), user terminal (UT), Mobile Subscriber Station (MSS), Subscriber Station (SS), Advanced Mobile Station (AMS), or Wireless terminal (WT). . The terminal 100 may include a transceiver 110, a processor 120, a memory 130, an eSIM 140, and an input/output interface 150. The transceiver 110 can transmit and receive signals (eg, data, control signals, etc.) with other wireless devices and base stations. The processor 120 can control the components of the terminal 100 to perform various operations. The processor 120 may include an application processor (AP). The memory 130 may store data/parameters/programs/codes/commands necessary for driving the terminal 100. Additionally, the memory 130 can store input/output data/information, etc. The input/output interface 150 may input or output video information/signals, audio information/signals, data, and/or information input from a user. The input/output interface 150 may include a camera, microphone, touch screen, display, speaker, and/or haptic module. For example, in the case of data communication, the input/output interface 150 acquires information/signals (e.g., touch, text, voice, image, video) input from the user, and the obtained information/signals are stored in the memory 130. It can be saved in . The transceiver 110 can convert the information/signal stored in the memory into a wireless signal and transmit the converted wireless signal directly to another wireless device or to a base station. Additionally, the transceiver 110 may receive a wireless signal from another wireless device or a base station and then restore the received wireless signal to the original information/signal. The restored information/signal may be stored in the memory 130 and then output in various forms (eg, text, voice, image, video, heptic) through the input/output interface 150.

According to one embodiment of the present invention, the processor 120 of the terminal 100 is instructed to download an eSIM profile while the terminal 100 is not connected to a data network. Based on this, it is possible to discover whether valid SIM information exists in the terminal 100. As valid SIM information is detected in the terminal 100, the processor 120 may access a specific data network selected from at least one data network of a mobile communication service provider corresponding to the valid SIM information through the transceiver 11. Processor 120 may download the eSIM profile through a specific data network. The specific data network may be a wireless local area network (WLAN) operated by a mobile communication service provider. The processor 120 may perform a user authentication procedure for accessing the WLAN based on the detected valid SIM information.

Figure 12 shows a network node according to an embodiment of the present invention.

Referring to FIG. 12, the network node 200 may be configured to include a communication interface 210, a processor 220, and a memory 230. The communication interface 210 may include a transceiver for wired/wireless communication. The communication interface 210 can transmit and receive signals (eg, data, control signals, etc.) with the terminal and other base stations. The processor 220 may perform various operations by controlling the components of the network node 200. Processor 220 may include at least one processor. The memory 230 may store data/parameters/programs/codes/commands necessary for driving the network node 200. Additionally, the memory 230 can store input/output data/information, etc. An exemplary storage medium is coupled to a processor, the processor capable of reading information from and writing information to the storage medium. Alternatively, the storage medium may be integral with the processor. The processor and storage medium may reside within an application specific integrated circuit (ASIC). The ASIC may reside within the user terminal. Alternatively, the processor and storage medium may reside as separate components within the user terminal.

According to one embodiment of the present invention, the processor 220 of the network node 200 receives the terminal of a user whose eSIM activation has not been completed for the mobile communication service provider operating the network node 200 through the communication interface 210, A request for access to a data network may be received. The processor 220 may approve the terminal's access to a specific data network among at least one data network of a mobile communication service provider based on the fact that the terminal's access request is for downloading an eSIM profile required for eSIM opening. . The processor 220 may obtain the eSIM profile of the terminal from the SM-DP+ (Subscription Manager-Data Preparation+) server. The processor 220 may transmit the acquired eSIM profile to the terminal through a specific data network. The specific data network may be a wireless local area network (WLAN) operated by a mobile communication service provider. The processor 220 may approve the terminal's access to the WLAN based on whether the terminal's SIM information included in the terminal's access request is valid.

The above description is merely an illustrative explanation of the technical idea of the present invention, and various modifications and variations will be possible to those skilled in the art without departing from the essential characteristics of the present invention. Accordingly, the embodiments disclosed in the present invention are not intended to limit the technical idea of the present invention, but rather to explain it, and the scope of the technical idea of the present invention is not limited by these embodiments. The scope of protection of the present invention should be interpreted in accordance with the claims below, and all technical ideas within the equivalent scope should be construed as being included in the scope of rights of the present invention.

The present invention can be used in various mobile communication systems including 3G, 4G and 5G.

Claims (35)

In a method for a terminal to configure an embedded subscriber identifier module (eSIM) in a wireless communication system,
In a state where the terminal is not connected to a data network, searching for whether valid SIM information exists in the terminal based on an instruction to the terminal to download an eSIM profile;
As the valid SIM information is detected in the terminal, accessing a specific data network selected from at least one data network of a mobile communication operator corresponding to the valid SIM information; and
Including downloading the eSIM profile through the specific data network,
The specific data network is a WLAN (wireless local area network) operated by the mobile communication service provider, and the terminal performs a user authentication procedure for accessing the WLAN based on the detected valid SIM information. According to claim 1,
At least one data network of the mobile communication service provider includes a 3rd generation partnership protocol (3GPP) access network and a Non-3GPP access network,
The Non-3GPP access network includes a WLAN operated by the mobile communication service provider,
A method of downloading the eSIM profile by selecting a WLAN operated by the mobile communication operator among the Non-3GPP access network and the 3GPP access network including the WLAN operated by the mobile communication operator. According to claim 1,
At least one data network of the mobile communication operator includes a 3rd generation partnership protocol (3GPP) access network, a Trusted Non-3GPP access network, and an Untrusted Non-3GPP access network,
The terminal downloads the eSIM profile through the Trusted Non-3GPP access network rather than the Untrusted Non-3GPP access network, based on the fact that the WLAN operated by the mobile communication service provider is the Trusted Non-3GPP access network. . The method of claim 1, wherein downloading the eSIM profile through the specific data network comprises:
requesting the eSIM profile from a Subscription Manager-Data Preparation+ (SM-DP+) server through the specific data network; and
A method comprising receiving the eSIM profile created by the SM-DP+ server through the specific data network. According to claim 1,
The method wherein until the setting for the eSIM is completed, the terminal's access rights to the specific data network are restricted to access for downloading the eSIM profile. According to claim 5,
Until the setting for the eSIM is completed, the terminal's access rights to the specific data network are limited to access to the SM-DP+ (Subscription Manager-Data Preparation+) server that creates and transmits the eSIM profile. According to claim 6,
A method in which the terminal's access to a network address different from the network address of the SM-DP+ server is blocked on the specific data network until the setting for the eSIM is completed. According to claim 5,
A method in which transmission or reception of packets other than those related to downloading the eSIM profile is blocked on the specific data network until the setting for the eSIM is completed. According to claim 8,
The packet related to downloading the eSIM profile includes at least one of a first packet for requesting the eSIM profile and a second packet including the eSIM profile. According to claim 5,
As the timer set for downloading the eSIM profile expires, the terminal's access authority to the specific data network expires. According to claim 10,
As the terminal begins downloading the eSIM profile, the timer is reset or stopped. According to claim 10,
A method in which access of the terminal to the specific data network is blocked based on the fact that the terminal has not downloaded the eSIM profile until the timer expires. According to claim 5,
As a counter value counting the number of attempts to download the eSIM profile by the terminal reaches a threshold, the terminal's access authority to the specific data network is extinguished. According to claim 1,
The method further includes detecting a command instructing to download the eSIM profile based on a user's operation of the terminal. According to claim 14,
The user's operation of the terminal is to scan a QR (quick response) code containing information about the SM-DP+ (Subscription Manager- Data Preparation+) server that creates and transmits the eSIM profile, or to the SM-DP+ server. A method comprising at least one of the user's manual input of information about. According to claim 14,
The method further includes determining whether the terminal is connected to any one data network based on detection of the command. According to claim 1,
The method wherein the terminal automatically performs searching for the valid SIM information, accessing the specific data network, and downloading the eSIM profile without additional manipulation by the user of the terminal, based on the fact that the terminal is not connected to a data network. According to claim 1,
If the valid SIM information is not detected in the terminal, the method further includes displaying a screen for manual input of the user's WLAN settings of the terminal. A computer-readable recording medium recording program code for performing the method according to claim 1. In a terminal for wireless communication,
eSIM (embedded subscriber identifier module);
A transceiver that transmits or receives wireless signals; and
Based on the terminal being instructed to download an eSIM profile while the terminal is not connected to a data network, it is searched whether valid SIM information exists within the terminal, and the terminal is not connected to a data network. As valid SIM information is detected, a processor accesses through the transceiver a specific data network selected from at least one data network of a mobile communication operator corresponding to the valid SIM information, and downloads the eSIM profile through the specific data network. Contains,
The specific data network is a wireless local area network (WLAN) operated by the mobile communication service provider, and the processor performs a user authentication procedure for accessing the WLAN based on the detected valid SIM information. In a method for a network node to support configuration of an embedded subscriber identifier module (eSIM) of a terminal in a wireless communication system,
Receiving a request for access to a data network from a terminal of a user whose eSIM activation has not been completed for the mobile communication service provider operating the network node;
Approving access of the terminal to a specific data network among at least one data network of the mobile communication service provider based on the fact that the access request is for downloading an eSIM profile required for opening the eSIM;
Obtaining the eSIM profile of the terminal from SM-DP+ (Subscription Manager- Data Preparation+) server; and
Including transmitting the obtained eSIM profile to the terminal through the specific data network,
The specific data network is a WLAN (wireless local area network) operated by the mobile communication service provider, and the network node accesses the WLAN based on whether the SIM information of the terminal included in the access request of the terminal is valid. Method for approving access to a terminal. According to claim 21,
The network node performs a user authentication procedure for access to the WLAN based on the SIM information of the terminal being valid. According to claim 21,
The network node grants access to the terminal to the specific data network based on the terminal attempting to download the eSIM profile while the terminal is not connected to any data network. According to claim 21,
At least one data network of the mobile communication service provider includes a 3rd generation partnership protocol (3GPP) access network and a Non-3GPP access network,
The Non-3GPP access network includes a WLAN operated by the mobile communication service provider,
The network node allows the terminal to access a WLAN operated by the mobile communication operator among the Non-3GPP access network and the 3GPP access network including the WLAN operated by the mobile communication operator. According to claim 21,
The method wherein until the setting for the eSIM is completed, the terminal's access rights to the specific data network are restricted to access for downloading the eSIM profile. According to claim 25,
Until the setting for the eSIM is completed, the terminal's access rights to the specific data network are limited to access to the SM-DP+ (Subscription Manager-Data Preparation+) server that creates and transmits the eSIM profile. According to claim 26,
A method in which the terminal's access to a network address different from the network address of the SM-DP+ server is blocked on the specific data network until the setting for the eSIM is completed. According to claim 25,
A method in which transmission or reception of packets other than those related to downloading the eSIM profile is blocked on the specific data network until the setting for the eSIM is completed. According to clause 28,
The packet related to downloading the eSIM profile includes at least one of a first packet for requesting the eSIM profile and a second packet including the eSIM profile. According to claim 25,
As the timer set for downloading the eSIM profile expires, the terminal's access authority to the specific data network expires. According to claim 30,
As the terminal begins downloading the eSIM profile, the timer is reset or stopped. According to claim 30,
A method in which access of the terminal to the specific data network is blocked based on the fact that the terminal has not downloaded the eSIM profile until the timer expires. According to claim 25,
A method in which the terminal's access authority to the specific data network expires as a counter value counting the number of attempts to download the eSIM profile by the terminal reaches a threshold. A computer-readable recording medium recording program code for performing the method described in claim 21. In a network node that supports configuration of an embedded subscriber identifier module (eSIM) of a terminal in a wireless communication system,
communication interface; and
An access request for a data network is received from a user's terminal for which eSIM opening has not been completed for a mobile communication service provider operating the network node through the communication interface, and the access request is sent to an eSIM profile (eSIM profile) required for eSIM opening. profile), approves the terminal's access to a specific data network among at least one data network of the mobile communication service provider, and receives the eSIM of the terminal from the SM-DP+ (Subscription Manager-Data Preparation+) server. Comprising a processor that acquires a profile and transmits the obtained eSIM profile to the terminal through the specific data network,
The specific data network is a WLAN (wireless local area network) operated by the mobile communication service provider, and the processor configures the terminal for the WLAN based on whether the SIM information of the terminal included in the access request of the terminal is valid. A network node that grants access.

Images