WO2008035183A2 - Method, server and mobile station for transfering data from the server to the mobile station. - Google Patents

Method, server and mobile station for transfering data from the server to the mobile station. Download PDF

Info

Publication number
WO2008035183A2
WO2008035183A2 PCT/IB2007/002721 IB2007002721W WO2008035183A2 WO 2008035183 A2 WO2008035183 A2 WO 2008035183A2 IB 2007002721 W IB2007002721 W IB 2007002721W WO 2008035183 A2 WO2008035183 A2 WO 2008035183A2
Authority
WO
WIPO (PCT)
Prior art keywords
mobile station
server
data
sim
sending
Prior art date
Application number
PCT/IB2007/002721
Other languages
French (fr)
Other versions
WO2008035183A3 (en
Inventor
Krishna Sjarif
Original Assignee
Gemalto S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Gemalto S.A. filed Critical Gemalto S.A.
Publication of WO2008035183A2 publication Critical patent/WO2008035183A2/en
Publication of WO2008035183A3 publication Critical patent/WO2008035183A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/062Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying encryption of the keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/12Messaging; Mailboxes; Announcements
    • H04W4/14Short messaging services, e.g. short message services [SMS] or unstructured supplementary service data [USSD]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier

Definitions

  • This invention relates to a method of data transfer from a server to a mobile station. More specifically, the invention relates to a method for the server to personalize a subscriber identity module (SIM) of the mobile station that has been deployed in the field.
  • SIM subscriber identity module
  • SIM subscriber identity module
  • IMSI international mobile subscriber identity
  • Such personalization of an issued SIM is necessary, for example to fix an existing software bug in the SIM, to update the contents of the SIM, to load new applications on the SIM, etc.
  • There are several ways to carry out personalization of an issued SIM One way is for the subscriber to bring the SIM to the premises of a service provider where the SIM is removed from the mobile equipment and inserted into a card reader/writer of a programming system for programming by a trained service person to effect the personalization. Such a method is very inconvenient to the user, and is both labour and resource intensive for the service provider.
  • Another way for personalizing the SIM is via over-the-air (OTA) transfer of data from the server to the SIM using SMS.
  • OTA over-the-air
  • This method of "pushing.” data to the SIM is advantageous to the subscriber in that personalization can now be performed remotely without any inconvenience to the subscriber.
  • this method of personalization is nevertheless still “expensive" to the service provider since several short messages are required to personalize a single SIM.
  • To update a batch of SIMs a correspondingly large number of SMSs would be necessary. It is also possible that not all SMSs are safely delivered to the subscribers; some SMSs might be lost.
  • Another disadvantage associated with such a remote personalization method is the need for the short messages to be encrypted using transport keys. To do so, the service provider needs to provide a server that is able to store the transport keys of all the SIMs that it issues.
  • An improvement over the "push" mode of personalization is a "pull" mode.
  • the server does not initiate the transfer of data to the mobile station. Instead, the mobile station initiates the transfer of data. At the occurrence of a designated event, the mobile station sends a request for update to the server. If the server determines that there is an update for the mobile station, the server will send the updated data to the mobile station.
  • This mode of personalization requires that the mobile station check regularly with the server if there is an update for the mobile station. When there is no update, bandwidth needed for the sending of the requests is wasted.
  • a method for transferring data from a server to at least one mobile station includes the server first sending a notification to the mobile station for informing the mobile station that there is data to be transferred to the mobile station.
  • the mobile station receives the notification, the mobile station sends a request to the server for requesting the server to transfer data to the mobile station.
  • the server sends a response to the mobile station for transferring data to the mobile station.
  • the mobile station includes a mobile terminal or equipment, and a subscriber identity module (SIM) that is connectable to the mobile equipment. The data may thus be transferred to either the mobile equipment or the SIM.
  • SIM subscriber identity module
  • Transferring of data includes, but is not limited to, downloading of a new file and updating an existing file or configuration data. Downloading of a file may include the downloading of a script file to the SIM for personalization of the SIM.
  • the request and the response are sent by the mobile station and the server respectively using one of the protocols in the Internet Protocol suite. Some examples of the protocols of the IP suite include the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), etc.
  • HTTP Hypertext Transfer Protocol
  • FTP File Transfer Protocol
  • each of the mobile station and the server includes a master key that is common to both the mobile station and the server.
  • the server when sending the notification generates a session key, encrypts the generated session key using the master key, and sends the notification that includes the encrypted session key to the mobile station.
  • the mobile station receives the notification, it decrypts the encrypted session key in the notification using the master key.
  • the mobile station next generates a transport key and encrypts the generated transport key using the session key from the server.
  • the mobile station sends the request that includes the encrypted transport key to the server.
  • the server decrypts the encrypted transport key using the session key it generated earlier.
  • the server next encrypts the data for transfer to the mobile station using the transport key; and sends a response that includes the encrypted data to the mobile station. In this manner, the transfer of data from the server to the particular mobile station is secured.
  • it is the SIM of the mobile station that receives the notification, sends the request and receives the response.
  • the master key is stored in the SIM. This master key may be common to two or more SIMs in a batch of SIMs. These two or more SIMs can thus be targeted for personalization by using the master key.
  • the notification may be a short message service - cell broadcast (SMS-CB) message.
  • SMS-CB short message service - cell broadcast
  • SMS-PP short message service - point to point
  • a mobile station having means for carrying out the steps performed by the mobile station in any of the embodiments of the method described above.
  • the mobile station includes means for receiving a notification from the server for informing the mobile station that there is data to be transferred to the mobile station; means for sending a request to a server for requesting the server to transfer data to the mobile station; and means for receiving a response, which includes the data, from the server.
  • the mobile station includes a mobile equipment and a subscriber identity module (SIM).
  • SIM subscriber identity module
  • a software program having instructions executable by a processor of one of the mobile equipment and a subscriber identity module for implementing the steps performed by the mobile station in any of the embodiments of the method described above.
  • a server having means for carrying out the steps performed by the server in any of the embodiments of the method described above.
  • the server includes means for sending a notification to the mobile station for informing the mobile station that there is data to be transferred to the mobile station; means for receiving a request from a mobile station for requesting the server to transfer data to the mobile station; and means for sending a response, which includes the data, to the mobile station.
  • Figure 1 is a schematic drawing of a system including a mobile station and a server for transferring data to the mobile station, according to one embodiment of the invention
  • FIG 2 is a schematic drawing of the mobile station in Figure 1 , the mobile station including a mobile equipment and a subscriber identity module (SIM); and
  • SIM subscriber identity module
  • Figure 3 is a flowchart showing a sequence of steps, according to one embodiment, for implementing a method in the system in Figure 1 for the server to transfer data to the mobile station.
  • FIG. 1 shows a system 2 that includes a server 4 and a mobile station 6 of a Global System for Mobile communications (GSM) network 8. Additionally, the server 4 and the mobile station 6 communicate with each other over the Internet 10, using an Internet Protocol (IP) suite protocol.
  • IP Internet Protocol
  • the mobile station 6 includes a mobile terminal or equipment (ME) 12, and an authentication token in the form of an electronic "smart card” or chip card (equipped with a microprocessor) supported in the mobile equipment 12. This authentication token is known as a subscriber identity module (SIM) 14 when used in the GSM network 8.
  • SIM subscriber identity module
  • the mobile terminal 12 includes a processor 16 and its associated memory 18.
  • the mobile equipment 12 is connected to the removable SIM 14 via electrical contacts 20.
  • the SIM 14 includes a SIM processor 22 and a SIM memory 24.
  • the SIM 14 is used for the storage and retrieval of data items by the processor 16 of trie mobile equipment 12.
  • the command set, data file structure and data coding used for data communicated via the interface between the mobile equipment processor 16 and the SIM processor 22 are specified in 3GPP technical specification 11.11 or ETSI Technical Specification 100.977.
  • Applications are stored on the SIM 14 card, more specifically in the SIM memory 24. These applications allow interactions between the SIM 14 and the mobile terminal 12. These applications may be supported by the SIM application toolkit or a similar platform.
  • the applications may be developed using , a number of computer programming languages, such as C, JavaTM or any other proprietary programming language. Typical applications include downloading data and "events" to the SIM 14. Data records are stored in what is known as elementary files in the SIM memory 24.
  • the SIM 14 Before the SIM 14 is issued to a subscriber (not shown), the SIM 14 is programmed with a unique International Mobile Subscriber Identity (IMSI) by the manufacturer of the SIM 14. Additionally, the SIM 14 is programmed with a secret master key, CardMsKey, either by the manufacturer of the SIM .14 or the service provider that issues the SIM 14.
  • the master key, CardMsKey is a key that is common to a batch of SIMs to which the SIM 14 belongs. In this case, the master key, CardMsKey, is a symmetric key. However, it should be noted asymmetric keys could also be used.
  • the SIM 14 After the SIM 14 is issued to the subscriber, the SIM 14 might need to be further personalized from time to time, either individually or as a batch, for example to send a software patch to the SIM to fix a software bug.
  • the server 4 sends a notification 26 to the mobile station 6 for informing the mobile station 6 that there is data to be transferred to the mobile station 6.
  • the mobile station 6 sends a request 27 to the server 4 for requesting the server 4 to transfer data to the mobile station 6.
  • the server 4 then sends a response 28 to the mobile station for transferring data to the mobile station for personalizing the SIM 14.
  • a new SIM toolkit application is stored in the SIM memory 24 for allowing such transfer of data from the server to the SIM 14 of the mobile station 6.
  • Such an application is also known as an applet, or more specifically a cardlet, when implemented on a JavaTM card type of SIM.
  • the SIM processor 22 executes this new application to perform steps performed by the SIM 14 in the method for allowing the server 4 to transfer data thereto.
  • Figure 3 is a flowchart showing a sequence 30 of steps, according to an embodiment, that implements the method.
  • the sequence 30 starts in a START step 32 at the server 4 when it is determined that there is a need to personalize the batch of SIMs to which the SIM 14 belongs.
  • the sequence 30 next proceeds to a SEND NOTIFICATION step 34, wherein the server 4 generates a secret
  • the secret session key may be a random value generated by the server 4.
  • the verification parameter may be an identifier, signature or certificate of the server 4 that is known to the mobile station 6.
  • the secret session key may be the same or different for different personalization sessions.
  • the server 4 sends this notification to the mobile station 6 by broadcasting it via a short message service message, preferably a short message service - cell broadcast (SMS-CB) message.
  • SMS-CB short message service - cell broadcast
  • the SMS-CB message includes an identifier, which indicates the type or purpose of the message.
  • the server 4 may include a certificate in the notification to further increase the security of the sending of the notification to the mobile station 6.
  • the sequence 30 next proceeds to a RECEIVE NOTIFICATION step 36 at the mobile station 6, more specifically at the SIM 14.
  • the SIM 14 upon identifying the SMS-CB message as a remote notification from the server 4 decrypts the encrypted information in the notification using the master key, CardMsKey, stored in the SIM 14 to obtain the URL address, the verification parameter and the session key of the server 4.
  • the transport key, CardTpKey may be the key identified by either the ciphering key identifier (KIc) or key identifier(Kid) (specified in the GSM 03.48 standards) that is used in over-the-air (OTA) personalization using the short message service (SMS).
  • the transport key, CardTpKey, generated by a particular SIM may be different for different sessions involving the SIM 14 to enhance security.
  • the SIM 14 encrypts the transport key, CardTpKey, with the session key, SvrSnKey.
  • the SIM 14 then codes the encrypted transport key, CardTpKey, into 7-bit ASCII data blocks for passing as parameters in a HTTP request message.
  • the SIM 14 sends the modified URL via APDU, e.g. a Bearer Independent Protocol (BIP) APDU specified in the GSM 11.14 standards, to an agent (not shown) in the mobile equipment 12.
  • BIP Bearer Independent Protocol
  • the agent translates the APDU to a HTTP request.
  • the agent sends the HTTP request including the modified URL to the server 4, via the Internet 10, to open a HTTP connection therewith.
  • the sequence 30 next proceeds to a RECEIVE REQUEST step 42 at the server 4, wherein the server 4 decodes and decrypts the coded encrypted transport key, CardTpKey, using the session key, SvrSnKey, to obtain the transport key generated by the SIM 14.
  • the sequence 30 next proceeds to a SEND RESPONSE step 44, wherein the server 4 obtains the APDU script file from the address specified in the URL and encrypts the APDU script file using the transport key, CardTpKey.
  • the server 4 sends the encrypted APDU script file to the SIM 14 in a HTTP response.
  • the APDU may be in the same format as that used in an over-the-air customisation (OTAC) SMS short message.
  • OTAC over-the-air customisation
  • the sequence 30 next proceeds to a RECEIVE RESPONSE step 46 at the mobile station 6, wherein the mobile equipment 12 receives the encrypted APDU script file, converts it to APDU and sends it to the SIM 14.
  • the SIM 14 decrypts the encrypted APDU script file using the transport key, CardTpKey, to obtain the original APDU script file.
  • the SIM 14 then executes commands in the APDU script file to personalize the SIM 14.
  • the sequence 30 then ends in a END step 48.
  • the mobile station 6 does not check with the server 4 if personalization is required. Whenever personalization needs to be carried out, the server 4 will send a notification to the mobile station 6. Thus a more bandwidth efficient solution is attained.
  • a simpler, and thus less expensive, server is required for implementing the solution.
  • the server does not need to maintain a database of keys of the mobile stations. The server just needs to be able to generate the notification SMS-CB, and to use a common gateway interface (CGI) method to perform encryption of the APDU script file using the transport key, CardTpKey.
  • CGI common gateway interface
  • the present invention is described as implemented in the above-described embodiment, it is not to be construed to be limited as such.
  • the data may be transferred to the mobile equipment instead of the SIM.
  • the mobile equipment may communicate with the server using other protocols, for example the file transfer protocol (FTP) instead of HTTP.
  • FTP file transfer protocol
  • the method may be used to personalize a single SIM or a small number of SIMs.
  • the notification may be a SMS-PP message.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method for transferring data from a server to at least one mobile station is disclosed. The method includes the server sending a notification to the mobile station for informing the mobile station that there is data to be transferred to the mobile station, the mobile station sending a request to the server for requesting the server to transfer data to the mobile station and the server sending a response to the mobile station for transferring data to the mobile station. A mobile station and a server for implementing the method are also disclosed.

Description

METHOD5 SERVER AND MOBILE STATION FOR TRANSFERING DATA FROM THE SERVER TO THE MOBILE STATION
TECHNICAL FIELD
[0001] This invention relates to a method of data transfer from a server to a mobile station. More specifically, the invention relates to a method for the server to personalize a subscriber identity module (SIM) of the mobile station that has been deployed in the field.
BACKGROUND
[0002] Currently, data transfer between a server and a mobile station is via the short message system (SMS) and the general packet data radio service (GPRS). The data transfer speed of such protocols is at best only moderate. The mobile station includes a mobile equipment and a subscriber identity module (SIM). The blank SIM is first personalized in the factory, for example, to program therein an international mobile subscriber identity (IMSI), a default set of applications offered by a service provider, etc. However, there remains a need to personalize the SIM after it has been deployed in the field, i.e. after it has been issued to a subscriber and put in use in a mobile equipment. Such personalization of an issued SIM is necessary, for example to fix an existing software bug in the SIM, to update the contents of the SIM, to load new applications on the SIM, etc. There are several ways to carry out personalization of an issued SIM. One way is for the subscriber to bring the SIM to the premises of a service provider where the SIM is removed from the mobile equipment and inserted into a card reader/writer of a programming system for programming by a trained service person to effect the personalization. Such a method is very inconvenient to the user, and is both labour and resource intensive for the service provider. [0003] Another way for personalizing the SIM is via over-the-air (OTA) transfer of data from the server to the SIM using SMS. This method of "pushing." data to the SIM is advantageous to the subscriber in that personalization can now be performed remotely without any inconvenience to the subscriber. Although less labour intensive than on-premises personalization, this method of personalization is nevertheless still "expensive" to the service provider since several short messages are required to personalize a single SIM. To update a batch of SIMs, a correspondingly large number of SMSs would be necessary. It is also possible that not all SMSs are safely delivered to the subscribers; some SMSs might be lost. Another disadvantage associated with such a remote personalization method is the need for the short messages to be encrypted using transport keys. To do so, the service provider needs to provide a server that is able to store the transport keys of all the SIMs that it issues. [0004] An improvement over the "push" mode of personalization is a "pull" mode. In this "pull" mode, the server does not initiate the transfer of data to the mobile station. Instead, the mobile station initiates the transfer of data. At the occurrence of a designated event, the mobile station sends a request for update to the server. If the server determines that there is an update for the mobile station, the server will send the updated data to the mobile station. This mode of personalization requires that the mobile station check regularly with the server if there is an update for the mobile station. When there is no update, bandwidth needed for the sending of the requests is wasted.
[0005] It is thus desirable to have a more bandwidth efficient method for a server to transfer data to at least one mobile station, for example to allow a service provider to remotely personalize its issued SIMs when necessary.
DESCRIPTION OF THE INVENTION
[0006] According to an aspect of the invention, there is provided a method for transferring data from a server to at least one mobile station. The method includes the server first sending a notification to the mobile station for informing the mobile station that there is data to be transferred to the mobile station. When the mobile station receives the notification, the mobile station sends a request to the server for requesting the server to transfer data to the mobile station. In response to the request, the server sends a response to the mobile station for transferring data to the mobile station. The mobile station includes a mobile terminal or equipment, and a subscriber identity module (SIM) that is connectable to the mobile equipment. The data may thus be transferred to either the mobile equipment or the SIM. Transferring of data includes, but is not limited to, downloading of a new file and updating an existing file or configuration data. Downloading of a file may include the downloading of a script file to the SIM for personalization of the SIM. [0007] According to some embodiments, the request and the response are sent by the mobile station and the server respectively using one of the protocols in the Internet Protocol suite. Some examples of the protocols of the IP suite include the Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), etc. [0008] According to some embodiments, each of the mobile station and the server includes a master key that is common to both the mobile station and the server. In these embodiments, the server , when sending the notification generates a session key, encrypts the generated session key using the master key, and sends the notification that includes the encrypted session key to the mobile station. When the mobile station receives the notification, it decrypts the encrypted session key in the notification using the master key. Thus, only mobile stations with the master key is able to obtain the session key. The mobile station next generates a transport key and encrypts the generated transport key using the session key from the server. The mobile station sends the request that includes the encrypted transport key to the server. When the server receives the request, the server decrypts the encrypted transport key using the session key it generated earlier. The server next encrypts the data for transfer to the mobile station using the transport key; and sends a response that includes the encrypted data to the mobile station. In this manner, the transfer of data from the server to the particular mobile station is secured. [0009] In one embodiment, it is the SIM of the mobile station that receives the notification, sends the request and receives the response. In this embodiment, the master key is stored in the SIM. This master key may be common to two or more SIMs in a batch of SIMs. These two or more SIMs can thus be targeted for personalization by using the master key. When the SIM interacts with the mobile equipment using ISO-7816 application protocol data unit (APDU) commands/responses, and the request and the response involve an IP suite protocol, an agent application that resides on the mobile equipment is required as a proxy between the SIM and the server. This agent application translates between the IP suite protocol and APDU commands/responses. [0010] In any of the abovementioned embodiments involving more than one mobile stations, the notification may be a short message service - cell broadcast (SMS-CB) message. When only one mobile station is involved, the notification may be preferably a short message service message (SMS) and more preferably a short message service - point to point (SMS-PP) message. However, it should be noted that any transport protocol that allows data to be sent from network to the mobile station, such as WAP push, etc. can be used to send the notification. [0011] According to another aspect of the invention, there is provided a mobile station having means for carrying out the steps performed by the mobile station in any of the embodiments of the method described above. Generally, the mobile station includes means for receiving a notification from the server for informing the mobile station that there is data to be transferred to the mobile station; means for sending a request to a server for requesting the server to transfer data to the mobile station; and means for receiving a response, which includes the data, from the server. As mentioned previously, the mobile station includes a mobile equipment and a subscriber identity module (SIM). The abovementioned means may thus reside on the SIM or the mobile equipment. [0012] According to yet another aspect of the invention, there is provided a software program having instructions executable by a processor of one of the mobile equipment and a subscriber identity module for implementing the steps performed by the mobile station in any of the embodiments of the method described above. [0013] According to yet a further aspect of the invention, there is provided a server having means for carrying out the steps performed by the server in any of the embodiments of the method described above. Generally, the server includes means for sending a notification to the mobile station for informing the mobile station that there is data to be transferred to the mobile station; means for receiving a request from a mobile station for requesting the server to transfer data to the mobile station; and means for sending a response, which includes the data, to the mobile station.
[0014] Other aspects and advantages of the invention will become apparent from the following detailed description, taken in conjunction with the accompanying drawings, illustrating by way of example the principles of the invention.
BRIEF DESCRIPTION OF DRAWINGS
[0015] The invention will be better understood with reference to the drawings, in which: Figure 1 is a schematic drawing of a system including a mobile station and a server for transferring data to the mobile station, according to one embodiment of the invention;
Figure 2 is a schematic drawing of the mobile station in Figure 1 , the mobile station including a mobile equipment and a subscriber identity module (SIM); and
Figure 3 is a flowchart showing a sequence of steps, according to one embodiment, for implementing a method in the system in Figure 1 for the server to transfer data to the mobile station.
DETAILED DESCRIPTION OF THE EMBODIMENTS
[0016] As shown in the drawings for purposes of illustration, the invention is embodied in a novel method for a server to transfer data to a mobile station for personalizing a subscriber identity module (SIM) of the mobile station. Figure 1 shows a system 2 that includes a server 4 and a mobile station 6 of a Global System for Mobile communications (GSM) network 8. Additionally, the server 4 and the mobile station 6 communicate with each other over the Internet 10, using an Internet Protocol (IP) suite protocol. Referring to Figure 2, the mobile station 6 includes a mobile terminal or equipment (ME) 12, and an authentication token in the form of an electronic "smart card" or chip card (equipped with a microprocessor) supported in the mobile equipment 12. This authentication token is known as a subscriber identity module (SIM) 14 when used in the GSM network 8.
[0017] The mobile terminal 12 includes a processor 16 and its associated memory 18. The mobile equipment 12 is connected to the removable SIM 14 via electrical contacts 20. The SIM 14 includes a SIM processor 22 and a SIM memory 24. The SIM 14 is used for the storage and retrieval of data items by the processor 16 of trie mobile equipment 12. The command set, data file structure and data coding used for data communicated via the interface between the mobile equipment processor 16 and the SIM processor 22 are specified in 3GPP technical specification 11.11 or ETSI Technical Specification 100.977. [0018] Applications are stored on the SIM 14 card, more specifically in the SIM memory 24. These applications allow interactions between the SIM 14 and the mobile terminal 12. These applications may be supported by the SIM application toolkit or a similar platform. The applications may be developed using , a number of computer programming languages, such as C, Java™ or any other proprietary programming language. Typical applications include downloading data and "events" to the SIM 14. Data records are stored in what is known as elementary files in the SIM memory 24.
[0019] Before the SIM 14 is issued to a subscriber (not shown), the SIM 14 is programmed with a unique International Mobile Subscriber Identity (IMSI) by the manufacturer of the SIM 14. Additionally, the SIM 14 is programmed with a secret master key, CardMsKey, either by the manufacturer of the SIM .14 or the service provider that issues the SIM 14. The master key, CardMsKey, is a key that is common to a batch of SIMs to which the SIM 14 belongs. In this case, the master key, CardMsKey, is a symmetric key. However, it should be noted asymmetric keys could also be used. [0020] After the SIM 14 is issued to the subscriber, the SIM 14 might need to be further personalized from time to time, either individually or as a batch, for example to send a software patch to the SIM to fix a software bug. To carry out such personalization, the server 4 sends a notification 26 to the mobile station 6 for informing the mobile station 6 that there is data to be transferred to the mobile station 6. When the mobile station 6 receives this notification, the mobile station 6 sends a request 27 to the server 4 for requesting the server 4 to transfer data to the mobile station 6. The server 4 then sends a response 28 to the mobile station for transferring data to the mobile station for personalizing the SIM 14. [0021] According to one embodiment of the invention, a new SIM toolkit application is stored in the SIM memory 24 for allowing such transfer of data from the server to the SIM 14 of the mobile station 6. Such an application is also known as an applet, or more specifically a cardlet, when implemented on a Java™ card type of SIM. [0022] The SIM processor 22 executes this new application to perform steps performed by the SIM 14 in the method for allowing the server 4 to transfer data thereto. Figure 3 is a flowchart showing a sequence 30 of steps, according to an embodiment, that implements the method. The sequence 30 starts in a START step 32 at the server 4 when it is determined that there is a need to personalize the batch of SIMs to which the SIM 14 belongs. The sequence 30 next proceeds to a SEND NOTIFICATION step 34, wherein the server 4 generates a secret
, session key, SvrSnKey, and encrypts this session key, SvrSnKey, a URL address where an APDU script file may be obtained, and a verification parameter, using the master key, CardMsKey, before sending a notification including the encrypted information to the mobile station 6. The secret session key may be a random value generated by the server 4. The verification parameter may be an identifier, signature or certificate of the server 4 that is known to the mobile station 6. The secret session key may be the same or different for different personalization sessions. The server 4 sends this notification to the mobile station 6 by broadcasting it via a short message service message, preferably a short message service - cell broadcast (SMS-CB) message. The SMS-CB message includes an identifier, which indicates the type or purpose of the message. Optionally, the server 4 may include a certificate in the notification to further increase the security of the sending of the notification to the mobile station 6. [0023] The sequence 30 next proceeds to a RECEIVE NOTIFICATION step 36 at the mobile station 6, more specifically at the SIM 14. In this step 36, the SIM 14 upon identifying the SMS-CB message as a remote notification from the server 4 decrypts the encrypted information in the notification using the master key, CardMsKey, stored in the SIM 14 to obtain the URL address, the verification parameter and the session key of the server 4. Since only a particular batch of SIMs have this master key, CardMsKey, only these batch of SIMs will find the verification parameter to be valid and thus know that they are targeted by the server 4 for personalization. When the SIM 14 finds the verification parameter to be invalid, it will ignore the notification 26. However, when the SIM 14 finds the verification parameter to be valid, the SIM 14 will use the URL address and the session key, SvrSnKey, for proceeding with the personalization. The sequence 30 next proceeds to a SEND REQUEST step 40, wherein the SIM 14 generates a transport key, CardTpKey. Other SIMs in the batch will similarly generate respective transport keys. As an example, the transport key, CardTpKey, may be the key identified by either the ciphering key identifier (KIc) or key identifier(Kid) (specified in the GSM 03.48 standards) that is used in over-the-air (OTA) personalization using the short message service (SMS). The transport key, CardTpKey, generated by a particular SIM may be different for different sessions involving the SIM 14 to enhance security. [0024] In this SEND REQUEST step 40, the SIM 14 encrypts the transport key, CardTpKey, with the session key, SvrSnKey. The SIM 14 then codes the encrypted transport key, CardTpKey, into 7-bit ASCII data blocks for passing as parameters in a HTTP request message. The SIM 14 appends the coded encrypted transport key, CardTpKey, to the URL address from the server 4 to obtain, for example, a modified URL such as http://www.operatorserver.com/getPatch.cqi?CardTpKey=Hsivnlsfhkiskse1iudi. The SIM 14 sends the modified URL via APDU, e.g. a Bearer Independent Protocol (BIP) APDU specified in the GSM 11.14 standards, to an agent (not shown) in the mobile equipment 12. The agent translates the APDU to a HTTP request. The agent sends the HTTP request including the modified URL to the server 4, via the Internet 10, to open a HTTP connection therewith.
[0025] The sequence 30 next proceeds to a RECEIVE REQUEST step 42 at the server 4, wherein the server 4 decodes and decrypts the coded encrypted transport key, CardTpKey, using the session key, SvrSnKey, to obtain the transport key generated by the SIM 14. The sequence 30 next proceeds to a SEND RESPONSE step 44, wherein the server 4 obtains the APDU script file from the address specified in the URL and encrypts the APDU script file using the transport key, CardTpKey. The server 4 sends the encrypted APDU script file to the SIM 14 in a HTTP response. The APDU may be in the same format as that used in an over-the-air customisation (OTAC) SMS short message. [0026] The sequence 30 next proceeds to a RECEIVE RESPONSE step 46 at the mobile station 6, wherein the mobile equipment 12 receives the encrypted APDU script file, converts it to APDU and sends it to the SIM 14. The SIM 14 decrypts the encrypted APDU script file using the transport key, CardTpKey, to obtain the original APDU script file. The SIM 14 then executes commands in the APDU script file to personalize the SIM 14. The sequence 30 then ends in a END step 48.
[0027] Advantageously, there is no wastage of bandwidth with the above described solution. Unlike the prior art, the mobile station 6 does not check with the server 4 if personalization is required. Whenever personalization needs to be carried out, the server 4 will send a notification to the mobile station 6. Thus a more bandwidth efficient solution is attained. Furthermore, unlike in the prior art, a simpler, and thus less expensive, server is required for implementing the solution. The server does not need to maintain a database of keys of the mobile stations. The server just needs to be able to generate the notification SMS-CB, and to use a common gateway interface (CGI) method to perform encryption of the APDU script file using the transport key, CardTpKey. [0028] Although the present invention is described as implemented in the above-described embodiment, it is not to be construed to be limited as such. As an example, the data may be transferred to the mobile equipment instead of the SIM. [0029] As another example, the mobile equipment may communicate with the server using other protocols, for example the file transfer protocol (FTP) instead of HTTP.
[0030] As yet another example, the method may be used to personalize a single SIM or a small number of SIMs. In this case, the notification may be a SMS-PP message.

Claims

1. A method (30) for transferring data from a server (4) to at least one mobile station (6), the method (30) comprising: the mobile station (6) sending (40) a request (27) to the server (4) for requesting the server (4) to transfer data to the mobile station (6); the server (4) sending (44) a response (28) to the mobile station (6), in response to the request, for transferring data to the mobile station (6); characterized in that the method (30) further comprises: the server (6) sending (34) a notification (26) to the mobile station (6) for informing the mobile station (6) that there is data to be transferred to the mobile station (6) prior to the mobile station (6) sending the request to the server (4).
2. A method (30) according to Claim 1 , characterized in that the request (27) and the response (28) are sent using one of the protocols in the Internet Protocol suite.
3. A method (30) according to Claim 1 or 2, characterized in that each of the mobile station (6) and the server (4) includes a common master key, and in that the server (4) sending (34) a notification comprises: the server (4) generating a session key; the server (4) encrypting the generated session key using the master key; and the server (4) sending (34) the notification (26) that includes the encrypted session key to the mobile station (6).
4. A method (30) according to Claim 3, characterized in that the mobile station (6) sending (40) a request (27) comprises: the mobile station (6) decrypting the encrypted session key in the notification (26) using the master key; the mobile station (6) generating a transport key; the mobile station (6) encrypting the generated transport key using the session key from the server (4); and the mobile station (6) sending (40) the request (27) that includes the encrypted transport key to the server (4); and in that the server (4) sending (44) a response (28) comprises: the server (4) decrypting the encrypted transport key using the session key; the server (4) encrypting the data for transfer to the mobile station (6) using the transport key; and the server (4) sending (44) the response (28) that includes the encrypted data to the mobile station (6).
5. A method (30) according to Claim 3, characterized in that the mobile station (6) comprises a mobile equipment (12) and a subscriber identity module (SIM) (14) connectable to the mobile equipment (12), and in that the SIM 14 receives the notification (26), sends (40) the request (27) and receives the response (28).
6. A method (30) according to Claim 5, characterized in that the master key is stored in the SIM 14 and is common to two or more SIMs.
7. A method (30) according to any one of the preceding claims, characterized in that the notification (26) comprises a short message service - cell broadcast message.
8. A mobile station (6) comprising: means for sending (40) a request (27) to a server (4) for requesting the server (4) to transfer data to the mobile station (6); means for receiving (46) a response (28), which includes the data, from the server (4); characterized in that the mobile station (6) further comprises: means for receiving (36) a notification (26) from the server (4) for informing the mobile station (6) that there is data to be transferred to the mobile station (6).
9. A subscriber identity module (SlM) (14) that is connectable to a mobile equipment (12) for communicating with a server (4) via the mobile equipment (12), the SIM (14) comprising: means for sending (40) a request (27) to the server (4) for requesting the server (4) to transfer data to the SIM (14); means for receiving (46) a response (28) which includes the data, from the server (4); characterized in that the SIM (14) further comprises: means for receiving (36) a notification (26) from the server (4) for informing the SIM (14) that there is data to be transferred to the SIM (14).
10. A software program having instructions executable by a processor (16, 22) of one of a mobile equipment (12) and a subscriber identity module (14) of a mobile station (6) for implementing a method (30) for transferring data from a server (4) to the mobile station (6), the method (30) comprising: the mobile station (6) sending (40) a request to the server (4) for requesting the server (4) to transfer data to the mobile station (6); the mobile station (6) receiving (46) a response (28) from the server
(4), the response (28) including the data; characterized in that the method (30) further comprises: the mobile station (6) receiving (36) a notification (26) from the server (4) for informing the mobile station (6) that there is data to be transferred to the mobile station (6) prior to the mobile station (6) sending (40) the request
(27) to the server (4).
11. A server (4) comprising: means for receiving (42) a request (27) from a mobile station (6) for requesting the server (4) to transfer data to the mobile station (6); means for sending (44) a response (28), which includes the data, to the mobile station (6); characterized in that the server (4) further comprises: means for sending (34) a notification (26) to the mobile station (6) for informing the mobile station (6) that there is data to be transferred to the mobile station (6).
PCT/IB2007/002721 2006-09-20 2007-09-20 Method, server and mobile station for transfering data from the server to the mobile station. WO2008035183A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CNA2006101689337A CN101150851A (en) 2006-09-20 2006-09-20 Method, server and mobile station for transmitting data from server to mobile station
CN200610168933.7 2006-09-20

Publications (2)

Publication Number Publication Date
WO2008035183A2 true WO2008035183A2 (en) 2008-03-27
WO2008035183A3 WO2008035183A3 (en) 2008-05-29

Family

ID=39144372

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2007/002721 WO2008035183A2 (en) 2006-09-20 2007-09-20 Method, server and mobile station for transfering data from the server to the mobile station.

Country Status (2)

Country Link
CN (1) CN101150851A (en)
WO (1) WO2008035183A2 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2106191A1 (en) 2008-03-28 2009-09-30 Vodafone Holding GmbH A method for updating a smartcard and a smartcard having update capability
DE102008027043A1 (en) * 2008-06-06 2009-12-10 Giesecke & Devrient Gmbh A method for personalizing a security element of a mobile terminal
WO2010072243A1 (en) * 2008-12-24 2010-07-01 Telecom Italia S.P.A. Method for automatically transferring an application in a mobile communication terminal of telecommunication networks
WO2012140101A1 (en) * 2011-04-15 2012-10-18 Vodafone Holding Gmbh Method and system for data communication to an identification module in a mobile radio terminal
EP2566207A1 (en) * 2011-09-05 2013-03-06 Morpho Cards GmbH Computer network, mobile telephone device, and computer program for writing encrypted files to a telecommunications access card
EP2991314A1 (en) * 2014-08-25 2016-03-02 Gemalto SA Method and first device for loading an application

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101309271B (en) * 2008-07-09 2012-09-26 大唐微电子技术有限公司 User recognition modular service publishing method and system based on wireless communication
CN102025711B (en) * 2009-09-11 2014-09-17 中国银联股份有限公司 Method of smart card for performing external application communication
CN104144405B (en) * 2013-05-10 2018-01-09 中国电信股份有限公司 User's card file method for remote management and system
CN105101153A (en) * 2015-07-28 2015-11-25 集怡嘉数码科技(深圳)有限公司 Data roaming method, device and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1276339A1 (en) * 2001-02-28 2003-01-15 Dai Nippon Printing Co., Ltd. System for downloading program to general-purpose subscriber identification module
US20040098715A1 (en) * 2002-08-30 2004-05-20 Parixit Aghera Over the air mobile device software management

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1276339A1 (en) * 2001-02-28 2003-01-15 Dai Nippon Printing Co., Ltd. System for downloading program to general-purpose subscriber identification module
US20040098715A1 (en) * 2002-08-30 2004-05-20 Parixit Aghera Over the air mobile device software management

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2106191A1 (en) 2008-03-28 2009-09-30 Vodafone Holding GmbH A method for updating a smartcard and a smartcard having update capability
DE102008027043A1 (en) * 2008-06-06 2009-12-10 Giesecke & Devrient Gmbh A method for personalizing a security element of a mobile terminal
DE102008027043B4 (en) * 2008-06-06 2012-03-08 Giesecke & Devrient Gmbh A method for personalizing a security element of a mobile terminal
WO2010072243A1 (en) * 2008-12-24 2010-07-01 Telecom Italia S.P.A. Method for automatically transferring an application in a mobile communication terminal of telecommunication networks
US8996065B2 (en) 2008-12-24 2015-03-31 Telecom Italia S.P.A. Method for automatically transferring an application in a mobile communication terminal of telecommunication networks
WO2012140101A1 (en) * 2011-04-15 2012-10-18 Vodafone Holding Gmbh Method and system for data communication to an identification module in a mobile radio terminal
EP2566207A1 (en) * 2011-09-05 2013-03-06 Morpho Cards GmbH Computer network, mobile telephone device, and computer program for writing encrypted files to a telecommunications access card
EP2991314A1 (en) * 2014-08-25 2016-03-02 Gemalto SA Method and first device for loading an application

Also Published As

Publication number Publication date
CN101150851A (en) 2008-03-26
WO2008035183A3 (en) 2008-05-29

Similar Documents

Publication Publication Date Title
KR102597224B1 (en) Method and apparatus for installing profile
WO2008035183A2 (en) Method, server and mobile station for transfering data from the server to the mobile station.
EP2747466B1 (en) Methods and devices for ota subscription management
CN107534856B (en) Method and apparatus for managing profile of terminal in wireless communication system
EP2248322B1 (en) Methods and apparatus for wireless device registration
US10242210B2 (en) Method for managing content on a secure element connected to an equipment
JP6185152B2 (en) Method of accessing services, device and system for accessing
CN111052777A (en) Method and apparatus for supporting inter-device profile transfer in a wireless communication system
WO2021118610A1 (en) Secure privacy provisioning in 5g networks
US20090217038A1 (en) Methods and Apparatus for Locating a Device Registration Server in a Wireless Network
KR20190004499A (en) Apparatus and methods for esim device and server to negociate digital certificates
JP2012034381A (en) Generic key-decision mechanism for gaa
US11937088B2 (en) Updating a subscriber identity module
WO2010045823A1 (en) Cryptographic-key updating method and system
CN113678484A (en) Method for providing subscription configuration file, user identity module and subscription server
CN108616861B (en) Over-the-air card writing method and device
EP3955607B1 (en) Method for transmitting and/or for using a profile information or at least parts thereof, system, client communication device, server entity, program and computer program product
KR20190050949A (en) Method and apparatus of constructing secure infra-structure for using embedded universal integrated circuit card
EP2731370B1 (en) Secured authentication between a communication device and a server
KR20090121520A (en) A method for transmitting provisioning data between provisioning server and mobile terminal, and a mobile terminal and a provisioning server for the same method
JP2008523757A (en) Message communication system, terminal, method and software

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07825144

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07825144

Country of ref document: EP

Kind code of ref document: A2