WO2017120745A1 - Procédé, dispositif et système de traitement de profil - Google Patents

Procédé, dispositif et système de traitement de profil Download PDF

Info

Publication number
WO2017120745A1
WO2017120745A1 PCT/CN2016/070617 CN2016070617W WO2017120745A1 WO 2017120745 A1 WO2017120745 A1 WO 2017120745A1 CN 2016070617 W CN2016070617 W CN 2016070617W WO 2017120745 A1 WO2017120745 A1 WO 2017120745A1
Authority
WO
WIPO (PCT)
Prior art keywords
profile
information
euicc
tag
tag data
Prior art date
Application number
PCT/CN2016/070617
Other languages
English (en)
Chinese (zh)
Inventor
高林毅
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2016/070617 priority Critical patent/WO2017120745A1/fr
Priority to CN201680075522.5A priority patent/CN108476400B/zh
Publication of WO2017120745A1 publication Critical patent/WO2017120745A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup

Definitions

  • the embodiments of the present invention relate to communication technologies, and in particular, to a method, an apparatus, and a system for processing a profile.
  • the existing Subscriber Identity Module (SIM) card or the Universal Integrated Circuit Card (UICC) card is generally centralized by the Mobile Network Operator (MNO).
  • MNO Mobile Network Operator
  • the card merchant subscribes, so the subscription information required to access the mobile operator's network, including the International Mobile Subscriber Identification Number (IMSI) necessary for accessing the mobile operator's network, is already available before leaving the factory.
  • Ki the encryption algorithm parameters, etc. are downloaded to the card, and the user can access the network by inserting the SIM card or the UICC card and inserting it into the terminal.
  • IMSI International Mobile Subscriber Identification Number
  • Ki the encryption algorithm parameters, etc.
  • EDUICC embedded universal integrated circuit it is not necessarily purchased by the operator, or it may be purchased by the terminal manufacturer and integrated into the terminal for sale. Therefore, before the eUICC leaves the factory, it is not known who will be used.
  • the eUICC may not contain data that can be accessed to the mobile network.
  • the remote management technology can be used, through the contract management-data.
  • the Subscription Manager (Data Preparation+, SM-DP+ for short) downloads the profile to the eUICC, and then the eUICC can use the profile to access the network.
  • the local profile assistant (LPA) and the eUICC are included in the terminal.
  • the local profile download (LPD) and the local user interface (LUI) are included in the LPA.
  • the LPD is responsible for downloading.
  • the profile that is, the LPD downloads the profile from the SM-DP+ to the LPD through a Hypertext Transfer Protocol Server (HTTPS) secure connection, and then sends the downloaded profile to the eUICC.
  • HTTPS Hypertext Transfer Protocol Server
  • the LUI provides interaction logic and interface with the user.
  • the user can manage the profile through the LUI, such as downloading a new profile, activating a profile, activating a profile, and deleting a profile.
  • the current method for downloading profiles from SM-DP+ comes from the Global System for Mobile Communications Assembly (GSMA).
  • GSMA Global System for Mobile Communications Assembly
  • the eUICC specification for consumer electronics, including the profile download process uses an activation code to download the profile. However, each time you download a profile, you need to use an activation code. Once the profile is bound, it cannot be reused, and the terminal manufacturer must apply for a large amount of activation code for testing, maintenance, and maintenance. The cost is high, and it is inconvenient to use and manage. .
  • the embodiment of the invention provides a method, a device and a system for processing a profile, so as to realize the reuse of the profile and the tag data, reduce the cost, and prevent the replay attack and improve the security.
  • an embodiment of the present invention provides a method for processing a profile, including:
  • tag information including tag data and/or tag identifiers
  • the processing method of the profile described above not only realizes the reuse of profile and tag data, but also reduces the cost by associating one tag data with multiple profiles.
  • the method before the sending the profile download request to the subscription management device, the method further includes:
  • the method of encrypting or public-private key encryption is applicable to any encryption method that can protect the marked data.
  • Sending a profile download request to the subscription management device including:
  • the subscription management device Sending a profile download request to the subscription management device, where the profile download request includes security-protected tag data, the tag identifier, and the signature information.
  • the processing method of the above profile can prevent the attacking of the tag data and improve the security.
  • the method further includes:
  • any one of the first to the second possible implementation manners of the first aspect in a third possible implementation manner of the first aspect, the using the challenge information of the subscription management device Secure the tag data, including:
  • the challenge information of the subscription management device and the tag data are hashed.
  • the profile download request further includes specific indication information
  • the specific indication information is used to indicate that the profile that the subscription management device needs to download is a specific type profile.
  • the specific type profile in the present invention may be applied to any profile that needs to be reused, including a test applied to a scenario such as testing and maintenance. Profile.
  • the processing method of the above profile may be used to indicate that the profile that the SM-DP+ needs to download is a specific type profile by using specific indication information. For example, if the specific indication information indicates that the profile to be downloaded is the test profile, the download process of the test profile is executed according to the specific indication information SM-DP+.
  • any one of the first to fourth possible implementations of the first aspect in a fifth possible implementation manner of the first aspect, the receiving, by the subscription management device, After a profile, it also includes:
  • the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier, so that the subscription management device obtains the first deletion notification according to the profile.
  • the profile identifies a first profile corresponding to at least one of the eUICC identifiers, and restores the first profile to a second profile.
  • the method before the sending the profile first deletion notification to the subscription management device, the method further includes:
  • the processing of the profile can be performed only by receiving and displaying the profile information corresponding to the profile type, so that the subsequent step only processes the profile corresponding to the profile information, and protects other types of profiles to improve security.
  • a seventh possible implementation manner of the first aspect after the receiving and displaying the profile information that is sent by the eUICC and corresponding to the profile type, :
  • the method before the sending the profile first deletion notification to the subscription management device, the method further includes:
  • the mobile network operator MNO is notified that the profile download is completed.
  • an embodiment of the present invention provides a method for processing a profile, including:
  • the processing method of the profile described above not only realizes the reuse of profile and tag data, but also reduces the cost by associating one tag data with multiple profiles.
  • the method before the receiving the profile download request sent by the terminal device, the method further includes:
  • first information sent by the terminal device where the first information includes at least challenge information of the embedded universal integrated circuit card eUICC;
  • the profile download request sent by the receiving terminal device includes:
  • the selecting one of the at least one second profile associated with the tag data to generate the first profile comprises:
  • the acquiring, according to the marking identifier, acquiring corresponding marking data, and performing the security protection according to the marking data After the tag data is verified including:
  • the encryption method is applicable to any encryption method that can protect the tag data.
  • the processed tag data is compared with the tag data after the security protection, and if they are the same, the verification is passed.
  • the processing method of the above profile can prevent the attacking of the tag data and improve the security.
  • the at least one second profile associated with the tag data after the verification is passed Select one to generate the first profile, including:
  • any one of the first to the third possible implementation manners of the second aspect, in a fourth possible implementation manner of the second aspect, before the acquiring the first information sent by the terminal device ,Also includes:
  • the tag information including the tag data and the tag identifier
  • a subscription response is returned to the MNO, the subscription response including the tag information.
  • the possible implementation of the first to the third aspect of the second aspect, in a fifth possible implementation manner of the second aspect, before the acquiring the first information sent by the terminal device ,Also includes:
  • the tag information including the tag data and the tag identifier, and generating at least one second profile
  • An order response is returned to the MNO.
  • any one of the first to fifth possible implementation manners of the second aspect in a sixth possible implementation manner of the second aspect, it also includes:
  • the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier;
  • the method further includes:
  • An encryption key is generated, and the second profile is decrypted and then re-encrypted using the encryption key.
  • the recovering the first profile to the second profile includes:
  • an embodiment of the present invention provides a terminal device, including:
  • An obtaining module configured to obtain tag information, where the tag information includes tag data and/or tag identifiers;
  • a sending module configured to send a profile download request to the subscription management device, where the profile download request includes at least the tag data
  • a receiving module configured to receive a first profile sent by the subscription management device, where the first profile is generated by the subscription management device according to one selected from the at least one second profile associated with the tag data.
  • the method further includes: a security protection module
  • the receiving module is further configured to receive first information of the embedded universal integrated circuit card eUICC;
  • the sending module is further configured to send the first information to the subscription management device, where the first information includes at least the challenge information of the eUICC;
  • the receiving module is further configured to receive second information returned by the subscription management device, where the second information includes at least challenge information of the subscription management device;
  • the security protection module is configured to perform security protection on the tag data by using challenge information of the subscription management device;
  • the sending module is further configured to send the third information to the eUICC, so that the eUICC generates signature information by using the third information, where the third information includes at least the security-protected tag data and the tag Identification
  • the receiving module is further configured to receive fourth information of the eUICC, where the fourth information includes at least the signature information;
  • the sending module is specifically configured to send a profile download request to the subscription management device, where the profile download request includes security-protected tag data, the tag identifier, and the signature information.
  • the sending module is further configured to send a profile information acquisition message to the eUICC, where The profile information acquisition message includes a profile type.
  • the receiving module is further configured to receive and display profile information corresponding to the profile type sent by the eUICC.
  • the security protection module is specifically used for The challenge information of the contract management device and the tag data are hashed.
  • the profile download request further includes specific indication information,
  • the specific indication information is used to indicate that the profile that the subscription management device needs to download is a specific type profile.
  • the sending module is further configured to The subscription management device sends a profile first deletion notification, where the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier, so that the subscription management device acquires the profile identifier according to the profile first deletion notification. Or the first profile corresponding to the at least one information in the eUICC identifier, and restore the first profile to the second profile.
  • the sending module is further configured to send a profile information acquisition message to the eUICC, where the profile information is obtained.
  • the message includes a profile type
  • the receiving module is further configured to receive and display profile information corresponding to the profile type sent by the eUICC.
  • the method further includes: deleting a module
  • the obtaining module is further configured to acquire a profile deletion instruction input by the user;
  • the deleting module is configured to delete the corresponding one in the eUICC according to the profile deletion instruction A specific type of profile.
  • the receiving module is further configured to receive a second deletion notification of the profile sent by the eUICC, the profile The second deletion notification is sent after the eUICC detects that a specific type profile is stored and deletes the specific type profile after receiving the eUICC challenge instruction or the profile activation instruction.
  • the sending module is further configured to use the mobile network
  • the operator MNO informs that the profile download is complete.
  • an embodiment of the present invention provides a subscription management device, including:
  • a receiving module configured to receive a profile download request sent by the terminal device, where the profile download request includes at least the tag data acquired by the terminal device;
  • a selection module configured to select one of the at least one second profile associated with the tag data to generate a first profile
  • a sending module configured to send the first profile to the terminal device.
  • the method further includes: acquiring a module
  • the selection module includes: a verification unit and a profile generation unit;
  • the acquiring module is configured to acquire first information sent by the terminal device, where the first information includes at least challenge information of the embedded universal integrated circuit card eUICC;
  • the sending module is further configured to send second information to the terminal device, where the second information includes at least challenge information of the subscription management device;
  • the receiving module is specifically configured to receive a profile download request sent by the terminal device, where the profile download request includes a mark that the terminal device uses the challenge information of the subscription management device to perform security protection on the acquired tag data.
  • the verification unit is configured to obtain corresponding tag data according to the tag identifier, and verify the security-protected tag data according to the tag data;
  • the profile generating unit is configured to select one of the at least one second profile associated with the tag data to generate a first profile after the verification is passed.
  • the verification unit is configured to acquire the tag data corresponding to the tag identifier, and use the challenge information pair.
  • the tag data is subjected to security protection processing; the processed tag data is compared with the security-protected tag data, and if they are the same, the verification is passed.
  • the profile generating unit is configured to obtain, corresponding to the tag identifier, Marking at least one second profile associated with the data, and selecting one of the second profiles; adding the fifth information to the selected second profile to generate the first profile, the fifth information including at least initializing secure channel information and a configuration profile Security domain command.
  • the possible implementation manner of any one of the first to the third aspect, the fourth possible implementation manner of the fourth aspect, further includes: the first generating module and the first association Module
  • the first generating module is configured to generate at least one second profile and one tag information according to a subscription request of the mobile network operator MNO, where the tag information includes the tag data and the tag identifier;
  • the first association module is configured to associate the at least one second profile with the tag data
  • the sending module is further configured to return an order response to the MNO, where the order response includes the tag information.
  • the method further includes: the second generating module and the second association Module
  • a second generating module configured to acquire, according to a subscription request of the mobile network operator MNO, a tag information, where the tag information includes the tag data and the tag identifier, and generate at least one second profile;
  • a second association module configured to associate the at least one second profile with the tag data
  • the sending module is further configured to return an order response to the MNO.
  • any one of the first to the fifth possible implementation manners of the fourth aspect, the sixth possible implementation manner of the fourth aspect further includes: a recovery module;
  • the receiving module is further configured to receive a first deletion notification of the profile sent by the terminal device,
  • the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier; and acquiring, according to the profile first deletion notification, a first profile corresponding to at least one of the profile identifier or the eUICC identifier;
  • the recovery module is configured to restore the first profile to a second profile.
  • the method further includes:
  • an encryption module configured to generate an encryption key, and decrypt the second profile and use the encryption key to re-encrypt.
  • the recovery module is specifically configured to: use the fifth information in the first profile The generating the second profile is removed, and the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • an embodiment of the present invention provides a terminal device, including:
  • a processor configured to acquire tag information, where the tag information includes tag data and/or tag identifiers;
  • a sender configured to send a profile download request to the subscription management device, where the profile download request includes at least the tag data
  • a receiver configured to receive a first profile sent by the subscription management device, where the first profile is generated by the subscription management device according to one selected from the at least one second profile associated with the tag data.
  • the processor is further configured to obtain first information of an embedded universal integrated circuit card eUICC;
  • the transmitter is further configured to send the first information to a subscription management device, where the first information includes at least challenge information of the eUICC;
  • the receiver is further configured to receive second information returned by the subscription management device, where the second information includes at least challenge information of the subscription management device;
  • the processor is further configured to perform security protection on the tag data by using challenge information of the subscription management device;
  • the processor is further configured to control to transmit third information to the eUICC, so that the eUICC generates signature information by using the third information, where the third information includes at least security protection Marking data and the mark identifier; acquiring fourth information of the eUICC, the fourth information including at least the signature information;
  • the transmitter is specifically configured to send a profile download request to the subscription management device, where the profile download request includes security-protected tag data, the tag identifier, and the signature information.
  • the processor is further configured to control to send a profile information acquisition message to the eUICC,
  • the profile information acquisition message includes a profile type, and acquires and controls display of profile information corresponding to the profile type sent by the eUICC.
  • any one of the first to the second possible implementation manners of the fifth aspect in a third possible implementation manner of the fifth aspect, the processor is specifically configured to The challenge information of the contract management device and the tag data are hashed.
  • the profile download request further includes specific indication information,
  • the specific indication information is used to indicate that the profile that the subscription management device needs to download is a specific type profile.
  • the transmitter is further configured to The subscription management device sends a profile first deletion notification, where the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier, so that the subscription management device acquires the profile identifier according to the profile first deletion notification. Or the first profile corresponding to the at least one information in the eUICC identifier, and restore the first profile to the second profile.
  • the processor is further configured to control to send a profile information acquisition message to the eUICC, where the profile information is Obtaining a message includes a profile type; acquiring and controlling to display profile information corresponding to the profile type sent by the eUICC.
  • the processor is further configured to acquire a profile deletion instruction input by a user; and delete according to the profile deletion instruction A specific type profile corresponding to the eUICC.
  • the processor is further configured to acquire a profile second deletion notification sent by the eUICC, where the profile second deletion notification is that the eUICC detects the storage after receiving the eUICC challenge command or the profile activation command.
  • the profile second deletion notification is that the eUICC detects the storage after receiving the eUICC challenge command or the profile activation command.
  • the transmitter is further used for the mobile network
  • the operator MNO informs that the profile download is complete.
  • an embodiment of the present invention provides a subscription management device, including:
  • a receiver configured to receive a profile download request sent by the terminal device, where the profile download request includes at least the tag data acquired by the terminal device;
  • a processor configured to select one of the at least one second profile associated with the tag data to generate a first profile
  • a transmitter configured to send the first profile to the terminal device.
  • the receiver is further configured to acquire first information that is sent by the terminal device, where the first information includes at least an embedded universal integrated circuit card eUICC Challenge information;
  • the transmitter is further configured to send second information to the terminal device, where the second information includes at least challenge information of the subscription management device;
  • the receiver is specifically configured to receive a profile download request sent by the terminal device, where the profile download request includes a mark that the terminal device uses the challenge information of the subscription management device to perform security protection on the acquired tag data.
  • the processor is further configured to obtain corresponding tag data according to the tag identifier, verify the security-protected tag data according to the tag data, and at least one associated with the tag data after the verification is passed Select one of the second profiles to generate the first profile.
  • the processor is configured to obtain the tag data corresponding to the tag identifier, and use the challenge information pair.
  • the tag data is subjected to security protection processing; the processed tag data is compared with the security-protected tag data, and if they are the same, the verification is passed.
  • the processor is specifically configured to acquire at least one second profile associated with the tag data corresponding to the tag identifier, and select one of the second profiles; add the selected second profile
  • the fifth information generates the first profile, and the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • the processor is further used according to the mobile network operator MNO
  • the order request generates at least one second profile and a tag information, the tag information including the tag data and the tag identifier; associating the at least one second profile with the tag data;
  • the transmitter is further configured to return an order response to the MNO, where the order response includes the tag information.
  • the processor is further used according to the mobile network operator MNO
  • the order request acquires a tag information, the tag information including the tag data and the tag identifier, and generates at least one second profile; associating the at least one second profile with the tag data;
  • the transmitter is further configured to return an order response to the MNO.
  • the receiver is further configured to receive the sending by the terminal device a first deletion notification, the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier; and the first deletion notification according to the profile acquires at least one of the profile identifier or the eUICC identifier.
  • the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier; and the first deletion notification according to the profile acquires at least one of the profile identifier or the eUICC identifier.
  • the processor is further configured to restore the first profile to a second profile.
  • the processor is further configured to generate an encryption key, and use the second profile after decrypting The encryption key is re-encrypted.
  • the processor is configured to use the fifth information in the first profile
  • the generating the second profile is removed, and the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • the seventh aspect of the present invention provides a communication device, including: a terminal device, a subscription management device, and an embedded universal integrated circuit card eUICC; wherein the terminal device adopts the third aspect, the first aspect of the third aspect to The device of any one of the first to eighth aspects of the fourth aspect, the device of any one of the first to the eighth aspects of the fourth aspect.
  • the eighth aspect of the present invention provides a communication device, including: a terminal device, a subscription management device, and an embedded universal integrated circuit card eUICC; wherein the terminal device adopts the fifth aspect, the first aspect of the fifth aspect to The device according to any one of the possible implementations of the ninth aspect, wherein the subscription management device is the device according to any one of the first to eighth aspects of the sixth aspect.
  • the processing method, device and system of the profile of the embodiment of the present invention through the association of a tag data with multiple profiles, and the security protection of the tag data, not only realize the reuse of the tag data, reduce the cost, but also prevent the replay attack. Increased security.
  • FIG. 1 is a flow chart of an embodiment of a processing method of a profile of the present invention
  • FIG. 2 is a schematic structural diagram of a communication system
  • FIG. 3 is a flow chart of another embodiment of a processing method of a profile of the present invention.
  • FIG. 4 is a flow chart of still another embodiment of a processing method of a profile of the present invention.
  • FIG. 5 is a flowchart of a fourth embodiment of a processing method of a profile according to the present invention.
  • FIG. 6 is a flowchart of a fifth embodiment of a processing method of a profile according to the present invention.
  • FIG. 7 is a schematic structural diagram of an embodiment of a terminal device according to the present invention.
  • FIG. 8 is a schematic structural diagram of another embodiment of a terminal device according to the present invention.
  • FIG. 9 is a schematic structural diagram of still another embodiment of a terminal device according to the present invention.
  • FIG. 10 is a schematic structural diagram of an embodiment of a subscription management device according to the present invention.
  • FIG. 11 is a schematic structural diagram of another embodiment of a subscription management device according to the present invention.
  • FIG. 12 is a schematic structural diagram of still another embodiment of a subscription management device according to the present invention.
  • FIG. 13 is a schematic structural diagram of a fourth embodiment of a subscription management device according to the present invention.
  • FIG. 14 is a schematic structural diagram of a fifth embodiment of a subscription management device according to the present invention.
  • FIG. 15 is a schematic structural diagram of a fourth embodiment of a terminal device according to the present invention.
  • FIG. 16 is a schematic structural diagram of a sixth embodiment of a subscription management device according to the present invention.
  • Figure 17 is a block diagram showing the structure of an embodiment of a communication system of the present invention.
  • a method for processing a profile of the present invention includes a method for downloading and deleting a profile, and the method is applicable to a communication system including a subscription management device.
  • the terminal device and the eUICC, the profile in the present invention may be user subscription management information, which may be a set of file structure, data, a combination of applications, etc., when the carrier data is included, the profile may be used to access the operator's network for use.
  • Services provided by the operator; the functions of the contract management device may include generating a profile, securing a profile, binding a profile to a specific eUICC, storing a profile, and downloading a profile.
  • 2 is a schematic structural diagram of a communication system.
  • the terminal device has an LPA.
  • the eUICC can also be used as a component independent of the terminal device.
  • the eUICC can also be used as a component of the terminal device.
  • the LPA includes LPD and LUI, and the LPD is responsible for downloading the profile, that is, the LPD downloads the profile from the SM-DP+ to the LPD through the HTTPS secure connection, and then sends the downloaded profile to the eUICC.
  • the LUI provides the interaction logic and interface with the user.
  • the interaction interface can also be provided by other terminals associated with the terminal device.
  • the user can manage the profile through the LUI, such as downloading a new profile, activating the profile, deactivating the profile, and deleting. Profile, etc.
  • the subscription management device may be the SM-DP+ described above.
  • S101, SM-DP+ receive the subscription request sent by the MNO;
  • the terminal manufacturer usually orders the profile from the MNO. For example, if the terminal manufacturer's employee repairs the terminal device, Management, update, etc., need to use the test profile dedicated to testing, then these test profiles will be ordered from MNO.
  • the MNO makes a profile order to the SM-DP+ according to the ordering request of the terminal manufacturer.
  • the SM-DP+ generates at least one profile and one tag information according to the ordering request of the MNO, where the tag information includes tag data and a tag identifier, and associates at least one profile with the tag data;
  • the SM-DP+ generates at least one profile and one tag information according to the subscription request of the MNO, and the tag data in the tag information is used to match the profile download request sent by the terminal device and at least one profile, and the tag identifier is an index of the tag data.
  • the tag data and the tag identifier in the tag information may be, for example, a token and a token id.
  • the token and the token id may be two strings respectively, or may be in a string, some fields identify a token id, and the remaining fields identify a token.
  • a tag information is associated with at least one profile.
  • the SM-DP+ can generate the tag information by itself as well as the tag information, and the tag information can be sent by the MNO in the order request.
  • S103, SM-DP+ return an order response to the MNO, and the order response includes the tag information.
  • the SM-DP+ sends a subscription response to the MNO. If the tag information is generated by the SM-DP+, the tag response needs to be included in the order response; if the tag information is generated by the MNO, the tag response may not include the tag information.
  • the MNO sends the tag information to the terminal manufacturer requesting the profile order, and the process by which the terminal manufacturer requests the eUICC to apply for the profile ends.
  • the terminal manufacturer's employees can then use the above-mentioned tag information to download the profile and use the profile to operate the terminal device, including testing, repairing, managing, and using.
  • the terminal manufacturer subscribes at least one profile from the SM-DP+ through the MNO, and the at least one profile is associated with one tag data, so that the terminal manufacturer can focus on the profile. Use, reduce costs.
  • the user can input the information into the terminal device by using a keyboard, a touch, a scanning QR code, etc., and the terminal device recognizes the operation corresponding to the information, and starts a corresponding function, for example, the user inputs a personal identification password (Personal Identification) Number, abbreviation: PIN), the terminal device recognizes that the PIN is a preset instruction to enable the LPA, so the terminal device starts the LPA function, so that the terminal device enters a state of testing, maintenance, and the like.
  • the information input by the user in the foregoing manner may include two types, one type of information used to trigger the terminal device to start the LPA, such as the PIN, and the other information is other information such as the tag information after the LPA is activated.
  • the terminal device enters a state of testing, maintenance, etc., and can be considered as an engineering mode or a test mode of the terminal device.
  • the LPA can be used as an application (application, abbreviation: APP) or a setting function of the terminal device.
  • APP application, abbreviation: APP
  • the terminal device prompts the user to input the verification information, and the user inputs the PIN code, and the LPA verifies the user.
  • the entered PIN code is a preset PIN code entering a specific mode instead of the PIN code set by the user, the specific mode can be entered, and the next action is performed in the specific mode.
  • the user inputs a specific character string on the dialing interface of the terminal device, and then triggers the terminal device to automatically enter the specific mode of the LPA, and the like.
  • FIG. 3 is a flowchart of another embodiment of a processing method of a profile of the present invention. As shown in FIG. 3, the method of this embodiment is also applicable to the communication system shown in FIG. 2. After the process of ordering the profile, the method in this embodiment may include:
  • the terminal device sends a profile information acquisition message to the eUICC, where the profile information acquisition message includes a profile type.
  • the terminal device can obtain the profile information by sending the profile information to the eUICC, and carry the profile type in the message, so as to know whether the profile corresponding to the profile type already exists in the eUICC. For example, the terminal device sends GetProfileInfo information to the eUICC, wherein the criteria for setting the search include an indication that the profile type is a specific type.
  • the terminal device receives and displays the profile information corresponding to the profile type sent by the eUICC.
  • the profile information may include a number of profile elements and a status.
  • the terminal device may display the profile information to the user. If the eUICC does not match the profile matching the profile type, the terminal device displays empty. This allows users to view the eUICC Whether the profile is the profile you need, if not, you can operate the terminal device to download or delete the profile.
  • the terminal device can learn whether the eUICC has a qualified profile by using the information exchange with the eUICC, so that the following steps can be performed according to the storage situation of the profile, for example, if the profile in the eUICC is not the profile required by the user, The profile can be downloaded or deleted according to the user's operation.
  • FIG. 4 is a flow chart of still another embodiment of a processing method of a profile of the present invention. As shown in FIG. 4, the method of this embodiment is also applicable to the communication system shown in FIG. 2. After the step s202 of the method embodiment shown in FIG. 3, the method of this embodiment may include:
  • the terminal device acquires the tag information.
  • the terminal device may obtain the tag information previously obtained by the user by using a keyboard input, a touch input, a scan QR code, and the like, and the tag information may include tag data such as a token, and may further include a tag identifier, such as a token id. .
  • the terminal device receives the first information of the eUICC, where the first information includes at least the challenge information of the eUICC.
  • the terminal device sends the first information to the SM-DP+.
  • the terminal device receives the second information returned by the SM-DP+, where the second information includes at least the challenge information of the SM-DP+.
  • the terminal device uses the challenge information of the SM-DP+ to secure the tag data.
  • the terminal device can hash the SM-DP+ challenge information and the tag data for security protection.
  • the terminal device may further encrypt the challenge information and the tag data of the SM-DP+ by using a symmetric key pre-agreed with the SM-DP+. In this way, even if the profile is downloaded, the token needs to be provided to the SM-DP+, and the token is protected to prevent the replay attack, thereby improving the security.
  • the terminal device sends the third information to the eUICC, so that the eUICC generates the signature information by using the third information, where the third information includes at least the security-protected tag data and the tag identifier.
  • the tag data and the tag identifier after the security protection can be sent to the eUICC, and the third information may further include information such as a confirmation code.
  • the eUICC signs the received third information.
  • the terminal device receives fourth information of the eUICC, where the fourth information includes at least signature information.
  • the fourth information may also include some information related to the eUICC itself, such as a certificate of the eUICC, an eUICC capacity, and the like, where the eUICC certificate includes an eUICC identifier.
  • the terminal device sends a profile download request to the SM-DP+, where the profile download request includes the tag data, the tag identifier, and the signature information after the security protection.
  • the terminal device After the terminal device has the information such as the tag data, the tag identifier, and the signature information of the eUICC after the security protection, the terminal device can request the profile download from the SM-DP+.
  • the profile download request further includes specific indication information, where the specific indication information is used to indicate that the profile that the SM-DP+ needs to download is a specific type profile. For example, if the specific indication information indicates that the profile to be downloaded is the test profile, the download process of the test profile is executed according to the specific indication information SM-DP+.
  • S309 and SM-DP+ obtain the corresponding tag data according to the tag identifier, and verify the tag data after the security protection according to the tag data;
  • the SM-DP+ After receiving the profile download request, the SM-DP+ needs to ensure that the security-protected tag data in the profile download request corresponds to the locally-queried tag data, and the SM-DP+ locally obtains the tag corresponding to the tag identifier in the profile download request. Data, using its own challenge information to securely protect the tag data, that is, performing the same hash operation on its own challenge information and the tag data, and then hashing the tag data with the same hash operation. The tag data after security protection is compared. If they are the same, the verification is confirmed.
  • the SM-DP+ may search for a corresponding symmetric key according to the tag identifier, and then decrypt the received encrypted tag data to obtain decryption.
  • the subsequent token data (token) compares the decrypted token with the token corresponding to the token identifier, or SM-DP+ can also encrypt the token and challenge information corresponding to the token identifier using the symmetric key, and compare the encrypted result. Whether it is the same as the received encrypted tag data.
  • S310, SM-DP+ select one of the at least one second profile associated with the tag data to generate the first profile after the verification is passed;
  • the profile generated by the SM-DP+ according to the MNO subscription request is plaintext data that has not been secured, that is, an unprotected profile package (UPP), and then SM- DP+ generates an encryption key, encrypts and integrity protects the UPP, and forms a protected profile package (PPP).
  • UPP unprotected profile package
  • PPP protected profile package
  • SM-DP+ associates at least one PPP with one tag data, and PPP is the second. Profile.
  • the tag data is obtained according to the tag identifier, and the corresponding at least one second profile is found according to the tag data, and the SM-DP+ selects a profile corresponding to the tag data, that is, the second profile. PPP).
  • the SM-DP+ can also directly obtain the tag data, and then find the corresponding at least one second profile according to the tag data, and the SM-DP+ selects a profile corresponding to the tag data, that is, the second profile (PPP).
  • the SM-DP+ adds the fifth information to the first profile to generate the first profile.
  • the fifth information includes at least the initialization security channel information and the configuration profile security domain command, where the profile security domain is a secure container for storing a profile, such as issuing security.
  • the domain profile issuer security domain-profile, ISD-P
  • the Profile Domain command is a secure container for storing a profile, such as issuing security.
  • the SM-DP+ generates an ISD-P command to obtain the metadata of the profile, and uses the SM-DP+ and eUICC to perform session key encryption to generate the ISD-P command and profile metadata, and then initialize the security channel information.
  • InitialiseSecureChannel is added to the selected profile to form a first profile (bound profile package (BPP)).
  • BPP bound profile package
  • the SM-DP+ stores the record as the record that the first profile has been downloaded, and updates the association relationship with the token, that is, the first profile and the token. Associated with the token being originally associated with the token by the second profile prior to generating the first profile. Therefore, among the multiple profiles corresponding to the token, some may be PPP, and some are already BPP. However, when the SM-DP+ receives the profile download request, only one of the second profiles (PPPs) corresponding to the token is selected. Generate a first profile (BPP).
  • SM-DP+ can also store the first profile as a flag that the profile has been downloaded.
  • the terminal device receives the first profile sent by the SM-DP+.
  • the terminal device sends the first profile to the eUICC
  • the terminal device notifies the MNO that the profile download is completed.
  • the terminal device can notify the SM-DP+ first, and then the SM-DP+ notifies the MNO that the download is completed, so that the MNO performs related configuration.
  • the association between the tag data and the plurality of profiles is performed, and the tag data is entered.
  • Line security protection not only realizes the reuse of profile and tag data, reduces costs, but also prevents replay attacks and improves security.
  • FIG. 5 is a flowchart of a fourth embodiment of a processing method of a profile according to the present invention. As shown in FIG. 5, the method of this embodiment is also applicable to the communication system shown in FIG. 2. After the step s202 of the method embodiment shown in FIG. 3, the method of this embodiment may include:
  • the terminal device acquires a profile deletion instruction input by the user.
  • the method in this embodiment is a process of deleting a profile after the terminal device downloads the profile.
  • the user can also input information into the terminal device by using a keyboard, a touch, a scanning QR code, etc., the terminal device recognizes the operation corresponding to the information, and activates the corresponding function, so that the terminal device enters the test, Maintenance and other conditions.
  • the terminal device can display the profile information to the user, so that the user can view whether the profile in the eUICC is a profile to be deleted, and if so, the terminal device can be operated to delete the profile.
  • the user can enter the profile delete command by clicking the delete option.
  • the terminal device deletes a specific type profile corresponding to the eUICC according to the profile deletion command.
  • the terminal device deletes the profile corresponding to the profile identifier in the eUICC. For example, the user's test work on the terminal device is completed. The previously downloaded test profile for testing is no longer used, so to delete it, the terminal device learns that the type of the profile to be deleted is the test profile according to the foregoing steps. It is deleted. Specifically, in the foregoing step, the terminal device obtains the profile that needs to be deleted from the eUICC, so that the profile identifier of the profile to be deleted is carried in the deletion instruction sent to the eUICC, and the corresponding profile is deleted by the eUICC.
  • the terminal device sends a profile first deletion notification to the SM-DP+, where the first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier.
  • the first profile corresponding to at least one of the profile identifier or the eUICC identifier is notified that the SM-DP+ has been deleted on the eUICC.
  • the SM-DP+ obtains the first profile corresponding to at least one of the profile identifier or the eUICC identifier according to the first deletion notification of the profile;
  • the SM-DP+ acquires a first profile corresponding to at least one of the profile identifier or the eUICC identifier.
  • the SM-DP+ removes the fifth information in the first profile to generate a second profile, and the fifth information includes at least initializing the secure channel information and configuring the ISD-P command.
  • the SM-DP+ removes the initial security channel information (InitialiseSecureChannel) in front of the first profile, the session key encryption generated by the SM-DP+ and the eUICC, and the information such as CI, SM, PPK, etc., and the first profile (BPP) ) Revert to the second profile (PPP).
  • the second profile thus restored can be re-added with the new fifth information to form a new first profile, thereby being reused.
  • S406 and SM-DP+ generate an encryption key, and decrypt the second profile and then re-encrypt the encryption key.
  • SM-DP+ can randomly generate a new encryption key for security, decrypt the second profile with the original key, and then re-encrypt it with a new encryption key.
  • the profile can be reused, the cost is reduced, and the security is improved by re-encrypting the second profile.
  • FIG. 6 is a flowchart of a fifth embodiment of a processing method of a profile according to the present invention. As shown in FIG. 6, the method of this embodiment is also applicable to the communication system shown in FIG. 2. The method of this embodiment may include:
  • S501 The terminal device receives a profile second deletion notification sent by the eUICC, where the second deletion notification is sent by the eUICC after detecting that the eUICC challenge command or the profile activation command is received, and the specific type profile is stored, and the specific type profile is deleted.
  • the user does not actively delete the profile that is no longer used, and if other users need to replace the profile with their own profile after obtaining the terminal device, or the user needs to activate the profile, the eUICC is triggered to detect whether there is another.
  • a profile of type exists. For example, the maintenance personnel use the test profile to maintain the terminal device. After the user of the terminal device retrieves the terminal device, download or use its own profile. At this time, the eUICC is triggered to detect whether the test profile of the previous test is not deleted.
  • the eUICC detects that a specific type profile is stored after receiving the eUICC challenge command or the profile activation command sent by the terminal device, it is deleted. The eUICC notifies the terminal device after deleting the specific type of profile.
  • the terminal device sends a profile first deletion notification to the SM-DP+, where the first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier.
  • the SM-DP+ obtains the first profile corresponding to at least one of the profile identifier or the eUICC identifier according to the first deletion notification of the profile;
  • S505 and SM-DP+ generate an encryption key, and decrypt the second profile and then re-encrypt the encryption key.
  • Steps s502 to s505 are similar to the implementation principles of steps s403 to s406 of the foregoing method embodiments, and are not described herein again.
  • the profile can be reused, the cost is reduced, and the security is improved by re-encrypting the second profile.
  • FIG. 7 is a schematic structural diagram of an embodiment of a terminal device according to the present invention.
  • the device in this embodiment may include: an obtaining module 11, a sending module 12, and a receiving module 13, wherein the obtaining module 11 is configured to obtain Marking information, the tag information includes tag data and/or tag identifier; the sending module 12 is configured to send a profile download request to the subscription management device, the profile download request includes at least the tag data, and the receiving module 13 is configured to receive And the first profile sent by the subscription management device, where the first profile is generated by the subscription management device according to one selected from the at least one second profile associated with the tag data.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • FIG. 8 is a schematic structural diagram of another embodiment of a terminal device according to the present invention.
  • the device in this embodiment may further include: a security protection module 14 on the basis of the device structure shown in FIG.
  • the receiving module 13 is further configured to receive the first information of the embedded universal integrated circuit card eUICC;
  • the sending module 12 is further configured to send the first information to the subscription management device, where the first information includes at least The information about the challenge of the eUICC;
  • the receiving module 13 is further configured to receive the second information returned by the subscription management device, where the second information includes at least the challenge information of the subscription management device;
  • the security protection module 14 The method for securely protecting the tag data by using the challenge information of the subscription management device;
  • the sending module 12 is further configured to send the third information to the eUICC, so that the eUICC uses the third
  • the information generates signature information, the third information includes at least the security-protected tag data and the tag identifier, and the receiving module 13 is further configured to receive the fourth information of
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • the sending module 12 is further configured to send a profile information acquisition message to the eUICC, where the profile information acquisition message includes a profile type
  • the receiving module 13 is further configured to receive and display the Profile information corresponding to the profile type.
  • the security protection module 14 is specifically configured to perform hash operation on the challenge information of the subscription management device and the tag data.
  • the profile download request further includes specific indication information, where the specific indication information is used to indicate that the profile that the subscription management device needs to download is a specific type profile.
  • the sending module 12 is further configured to send a profile first deletion notification to the subscription management device, where the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier, so that the subscription management The device acquires a first profile corresponding to at least one of the profile identifier or the eUICC identifier according to the profile first deletion notification, and restores the first profile to a second profile.
  • the sending module 12 is further configured to send a profile information acquisition message to the eUICC, where the profile information acquisition message includes a profile type
  • the receiving module 13 is further configured to receive and display the Profile information corresponding to the profile type.
  • FIG. 9 is a schematic structural diagram of still another embodiment of a terminal device according to the present invention.
  • the device in this embodiment may further include: a deletion module 15 on the basis of the device structure shown in FIG.
  • the obtaining module 11 is further configured to acquire a profile deletion command input by the user
  • the deleting module 15 is configured to delete a specific type profile corresponding to the eUICC according to the profile deletion instruction.
  • the receiving module 13 is further configured to receive a second deletion notification sent by the eUICC, where the second deletion notification is that the eUICC detects the storage after receiving the eUICC challenge command or the profile activation command.
  • the second deletion notification is that the eUICC detects the storage after receiving the eUICC challenge command or the profile activation command.
  • the sending module 12 is further configured to notify the mobile network operator MNO that the profile download is completed.
  • the apparatus of this embodiment may include: a receiving module 21, a selecting module 22, and a sending module 23, where the receiving module 21 is configured to Receiving a profile download request sent by the terminal device, where the profile download request includes at least the tag data acquired by the terminal device, and the selecting module 22 is configured to select one of the at least one second profile associated with the tag data.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • FIG. 11 is a schematic structural diagram of another embodiment of a subscription management device according to the present invention.
  • the device of the present embodiment further includes: an acquisition module 24, based on the device structure shown in FIG.
  • the selection module 22 includes a verification unit 221 and a profile generation unit 222.
  • the obtaining module 24 is configured to acquire first information that is sent by the terminal device, where the first information includes at least challenge information of the embedded universal integrated circuit card eUICC, and the sending module 23 is further configured to send to the terminal device
  • the receiving module 21 is configured to receive a profile download request sent by the terminal device, where the profile download request includes the terminal device usage
  • the verification unit 221 is configured to obtain corresponding tag data according to the tag identifier. And verifying the security-protected tag data according to the tag data; the profile generating unit 222, configured to: after the verification succeeds, select one of the at least one second profile associated with the tag data to generate a first Profile.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • the verification unit 221 is specifically configured to acquire the tag data corresponding to the tag identifier, and perform security protection processing on the tag data by using the challenge information; and the processed tag data and the security-protected tag. The data is compared, and if they are the same, the verification is passed.
  • the selecting module 22 is configured to acquire at least one second profile associated with the tag data, and select one of the second profiles, and add the fifth information to the selected second profile to generate the first profile.
  • the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • FIG. 12 is a schematic structural diagram of still another embodiment of the subscription management device of the present invention.
  • the device of this embodiment is further configured to include: a first generation module, based on the device structure shown in FIG. 25 and a first association module 26.
  • the first generating module 25 is configured to generate at least one second profile and one tag information according to a subscription request of the mobile network operator MNO, where the tag information includes the tag data, and the first association module 26 is configured to: Associate the at least one second profile with the tag data;
  • the sending module 23 is further configured to return an order response to the MNO, the order response including the tag information.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • FIG. 13 is a schematic structural diagram of a fourth embodiment of the subscription management device of the present invention.
  • the device of the embodiment is further configured to include: second generation. Module 27 and second association module 28.
  • a second generating module 27 configured to acquire, according to a subscription request of the mobile network operator MNO, a tag information, where the tag information includes the tag data, and generate at least one second profile; and a second association module 28, configured to The at least one second profile is associated with the tag data;
  • the sending module 23 is further configured to return an order response to the MNO.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • FIG. 14 is a schematic structural diagram of a fifth embodiment of the subscription management device of the present invention.
  • the device of the embodiment is based on the device structure shown in FIG. 10, and further includes: a recovery module 29 And encryption module 30.
  • the receiving module 21 is further configured to receive a profile first deletion notification that is sent by the terminal device, where the profile first deletion notification includes a profile identifier or an eUICC identifier, and obtains the profile identifier according to the profile first deletion notification. Or the first profile corresponding to the eUICC identifier; the recovery module 28 is configured to restore the first profile to the second profile.
  • the encryption module 30 is configured to generate an encryption key, and decrypt the second profile and use the encryption key to re-encrypt.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • the recovery module 29 is specifically configured to: use the fifth information in the first profile The generating the second profile is removed, and the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • FIG. 15 is a schematic structural diagram of a fourth embodiment of a terminal device according to the present invention.
  • the device in this embodiment may include: a processor 41, a transmitter 42, a receiver 43, an input unit, and an output unit, where The processor 41 typically controls the overall operation of the terminal device, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations.
  • the processor 41 can execute instructions to perform all or part of the steps of the above method.
  • processor 41 may include one or more modules to facilitate interaction between processor 41 and other components.
  • processor 41 may include a multimedia module to facilitate interaction between the multimedia component and processor 41.
  • Transmitter 42 and receiver 43 are configured to facilitate wired or wireless communication between the terminal device and other devices.
  • the terminal device can access a wireless network based on a communication standard, such as Wireless-Fidelity (WiFi), 2G or 3G, or a combination thereof.
  • a communication standard such as Wireless-Fidelity (WiFi), 2G or 3G, or a combination thereof.
  • the transmitter 42 and the receiver 43 receive broadcast signals or broadcast associated information from an external broadcast management system via a broadcast channel.
  • the transmitter 42 and the receiver 43 further include a Near Field Communication (NFC) module to facilitate short range communication.
  • the NFC module can be based on Radio Frequency Identification (RFID) technology, Infrared Data Association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (Bluetooth, Abbreviation: BT) technology and other technologies to achieve.
  • RFID Radio Frequency Identification
  • IrDA Infrared Data Association
  • UWB Ultra Wideband
  • Bluetooth Bluetooth, Abbreviation: BT
  • the input unit and the output unit receive digital or various character information, and may include input keys and function keys for setting various functions and controlling functions of the terminal device. More specifically, the input unit and the output unit may include a key for requesting movement. For example, a user can operate an input unit and an output unit to move a focus on a menu page or menu page.
  • the keys for requesting movement may include a keyboard (arrow key or volume key), a spherical rocker, an optical joystick, a scroll wheel key, and the like.
  • the input unit and the output unit may include a determination key for executing the selected (focused) menu item.
  • the input unit and the output unit may be constituted by one of a button type keyboard, a spherical rocker, an optical joystick, a scroll key, or the like, or a combination thereof.
  • the memory of the terminal device is configured to store various types of data to support operation at the terminal device. Examples of such data include instructions for any application or method operating on the terminal device, contact data, phone book data, messages, pictures, videos, and the like.
  • the memory can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as static random access Memory Random Access Memory (SRAM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Erasable Programmable Read Only Memory (Erasable Programmable Read Only Memory) , abbreviated as: EPROM), Programmable Red-Only Memory (PROM), Read-Only Memory (ROM), magnetic memory, flash memory, disk or optical disk.
  • SRAM static random access Memory Random Access Memory
  • EEPROM Electrically Erasable Programmable Read-Only Memory
  • EPROM Programmable Red-Only Memory
  • PROM Programmable Red-Only Memory
  • ROM Read-Only Memory
  • the processor 41 is configured to acquire the tag information, where the tag information includes the tag data and/or the tag identifier, and the sender 42 is configured to send a profile download request to the subscription management device, where the profile download request includes at least the tag data;
  • the receiver 43 is configured to receive a first profile sent by the subscription management device, where the first profile is generated by the subscription management device according to one selected from the at least one second profile associated with the tag data.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • the tag information further includes a tag identifier; the processor 41 is further configured to acquire first information of the embedded universal integrated circuit card eUICC; the transmitter 42 is further configured to send the first information
  • the first information includes at least the challenge information of the eUICC;
  • the receiver 43 is further configured to receive the second information returned by the subscription management device, where the second information includes at least the subscription Managing the challenge information of the device;
  • the processor 41 is further configured to: use the challenge information of the subscription management device to secure the tag data; the processor 41 is further configured to control to transmit the third information to the
  • the eUICC is configured to enable the eUICC to generate signature information by using the third information, where the third information includes at least the security-protected tag data and the tag identifier; and acquiring the fourth information of the eUICC, the fourth The information includes at least the signature information.
  • the sender 42 is specifically configured to send a profile download request to the subscription management device, where the profile download request includes a security-protected target. Data, the identification
  • the processor 41 is further configured to control to transmit a profile information acquisition message to the eUICC, where the profile information acquisition message includes a profile type, and obtain and control to display a profile corresponding to the profile type sent by the eUICC. information.
  • the processor 41 is specifically configured to perform hash operation on the challenge information of the subscription management device and the tag data.
  • the profile download request further includes specific indication information, where the specific indication information is used to indicate that the profile that the subscription management device needs to download is a specific type profile.
  • the sender 42 is further configured to send a profile first deletion notification to the subscription management device, where the profile first deletion notification includes at least one of the following information: a profile identifier or an eUICC identifier, so that the subscription management The device acquires a first profile corresponding to at least one of the profile identifier or the eUICC identifier according to the profile first deletion notification, and restores the first profile to a second profile.
  • the processor 41 is further configured to control to transmit a profile information acquisition message to the eUICC, where the profile information acquisition message includes a profile type, and obtain and control to display a profile corresponding to the profile type sent by the eUICC. information.
  • the processor 41 is further configured to acquire a profile deletion instruction input by the user, and delete a specific type profile corresponding to the eUICC according to the profile deletion instruction.
  • the processor 41 is further configured to acquire a profile second deletion notification sent by the eUICC, where the profile second deletion notification is that the eUICC detects the storage after receiving the eUICC challenge instruction or the profile activation instruction.
  • the profile second deletion notification is that the eUICC detects the storage after receiving the eUICC challenge instruction or the profile activation instruction.
  • the sender 42 is further configured to notify the mobile network operator MNO that the profile download is completed.
  • FIG. 16 is a schematic structural diagram of a sixth embodiment of a subscription management device according to the present invention.
  • the device in this embodiment may include: a receiver 51, a processor 52, and a transmitter 53, wherein the processor 52 is usually Controls the overall operation of the subscription management device, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations.
  • Processor 52 can execute instructions to perform all or part of the steps of the above method.
  • processor 52 may include one or more modules to facilitate interaction between processor 52 and other components.
  • processor 52 may include a multimedia module to facilitate interaction between the multimedia component and processor 52.
  • Transmitter 53 and receiver 51 are configured to facilitate wired or wireless communication between the subscription management device and other devices.
  • the subscription management device can access a wireless network based on a communication standard, such as Wireless-Fidelity (WiFi), 2G or 3G, or a combination thereof.
  • a communication standard such as Wireless-Fidelity (WiFi), 2G or 3G, or a combination thereof.
  • the transmitter 53 and the receiver 51 receive broadcast signals or broadcast associated information from an external broadcast management system via a broadcast channel.
  • the transmitter 53 and the receiver The device 51 also includes a Near Field Communication (NFC) module to facilitate short-range communication.
  • the NFC module can be based on Radio Frequency Identification (RFID) technology, Infrared Data Association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (Bluetooth, Abbreviation: BT) technology and other technologies to achieve.
  • RFID Radio Frequency Identification
  • IrDA Infrared Data Association
  • UWB Ultra Wideband
  • Bluetooth Bluetooth, Abbreviation: BT
  • the memory of the subscription management device is configured to store various types of data to support operation at the subscription management device. Examples of such data include instructions for any application or method operating on a subscription management device, contact data, phone book data, messages, pictures, videos, and the like.
  • the memory can be implemented by any type of volatile or non-volatile storage device or a combination thereof, such as Static Random Access Memory (SRAM), electrically erasable programmable read only memory (Electrically Erasable Programmable Read-Only Memory (EEPROM), Erasable Programmable Read Only Memory (EPROM), Programmable Red-Only Memory (PROM), only Read-Only Memory (ROM), magnetic memory, flash memory, disk or optical disk.
  • SRAM Static Random Access Memory
  • EEPROM Electrically erasable programmable read only memory
  • EPROM Erasable Programmable Read Only Memory
  • PROM Programmable Red-Only Memory
  • ROM Read-Only Memory
  • the receiver 51 is configured to receive a profile download request sent by the terminal device, where the profile download request includes at least the tag data acquired by the terminal device, and the processor 52 is configured to use at least one second associated with the tag data.
  • One of the profiles is selected to generate a first profile; a transmitter 53 is configured to send the first profile to the terminal device.
  • the device in this embodiment may be used to implement the technical solution of the foregoing method embodiment, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • the receiver 51 is further configured to acquire first information sent by the terminal device, where the first information includes at least challenge information of the embedded universal integrated circuit card eUICC; the transmitter 53 is further used for The terminal device sends the second information, where the second information includes at least the challenge information of the subscription management device, and the receiver 51 is configured to receive a profile download request sent by the terminal device, where the profile download request includes the And the tag information, the tag identifier, and the signature information generated by the eUICC, where the terminal device uses the challenge information of the subscription management device, and the processor 52 is further configured to identify the identifier according to the identifier. Obtaining corresponding tag data, verifying the security-protected tag data according to the tag data; selecting one of the at least one second profile associated with the tag data after the verification is passed First profile.
  • the processor 52 is specifically configured to acquire tag data corresponding to the tag identifier, perform security protection processing on the tag data by using challenge information, and process the tagged data and the security-protected tag. The data is compared, and if they are the same, the verification is passed.
  • the processor 52 is specifically configured to acquire and select one at least one second profile associated with the tag data, and add a fifth information to the selected second profile to generate the The first profile, the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • the processor 52 is further configured to generate, according to the subscription request of the mobile network operator MNO, at least one second profile and one tag information, where the tag information includes the tag data; and the at least one second profile Associated with the tag data; the transmitter 53 is further configured to return an order response to the MNO, the order response including the tag information.
  • the processor 52 is further configured to acquire, according to a subscription request of the mobile network operator MNO, a tag information, where the tag information includes the tag data, and generate at least one second profile; The second profile is associated with the tag data; the transmitter 53 is further configured to return an order response to the MNO.
  • the receiver 51 is further configured to receive a profile first deletion notification sent by the terminal device, where the profile first deletion notification includes a profile identifier or an eUICC identifier, and the first deletion notification is obtained according to the profile.
  • the profile identifier or the first profile corresponding to the eUICC identifier; the processor 52 is further configured to restore the first profile to the second profile.
  • the processor 52 is further configured to generate an encryption key, and decrypt the second profile and use the encryption key to re-encrypt.
  • the processor 52 is specifically configured to remove the fifth information in the first profile to generate the second profile, where the fifth information includes at least an initialization security channel information and a configuration profile security domain command.
  • FIG. 17 is a schematic structural diagram of an embodiment of a communication system according to the present invention.
  • the system of the present embodiment includes: a terminal device 61, a subscription management device 62, and an eUICC 63.
  • the structure of any device embodiment of FIG. 9 is correspondingly configured to perform the technical solution of any one of the method embodiments of FIG. 1 to FIG. 6.
  • the implementation principle and technical effects are similar, and details are not described herein again;
  • the subscription management device 62 may Using the structure of any of the apparatus embodiments of FIGS. 10 to 14, Correspondingly, the technical solution of any one of the method embodiments of FIG. 1 to FIG. 6 can be performed, and the implementation principle and the technical effect are similar, and details are not described herein again.
  • the terminal device 61 in the communication system of FIG. 17 may adopt the structure of the device embodiment shown in FIG. 15 , and correspondingly, the technical solution of any of the method embodiments in FIG. 1 to FIG. 6 may be performed, and the implementation principle thereof is implemented.
  • the technical solution is similar to the technical effect, and is not described here.
  • the contract management device 62 can adopt the structure of the device embodiment shown in FIG. 16 , and correspondingly, the technical solution of any one of the method embodiments of FIG. 1 to FIG. 6 can be implemented. The principle and technical effect are similar and will not be described here.
  • the disclosed apparatus and method may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division.
  • there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.
  • the units described as separate components may or may not be physically separated, and the components displayed as the unit may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. . Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present invention may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of hardware plus software functional units.
  • the above-described integrated unit implemented in the form of a software functional unit can be stored in a computer readable storage medium.
  • the above software functional unit is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) or a processor to perform the methods of the various embodiments of the present invention. Part of the steps.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like, which can store program codes. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Les modes de réalisation de la présente invention concernent un procédé, un dispositif et un système pour traiter un profil. Le procédé de traitement d'un profil selon la présente invention comprend : acquisition d'informations d'étiquette, les informations d'étiquette comprenant des données d'étiquette ; envoi d'une demande de téléchargement de profil à un dispositif de gestion signé, la demande de téléchargement de profil comprenant au moins les données d'étiquette ; et réception d'un premier profil envoyé par le dispositif de gestion signé, le premier profil étant généré par le dispositif de gestion signé conformément à un profil sélectionné parmi au moins un deuxième profil associé aux données d'étiquette. En associant les données d'étiquette avec une pluralité de profils et en appliquant une protection de sécurité sur les données d'étiquette, les modes de réalisation de la présente invention permettent non seulement d'obtenir la réutilisation des données d'étiquette et de réduire le coût, mais peuvent également empêcher des attaques par réexécution et améliorer le degré de sécurité.
PCT/CN2016/070617 2016-01-11 2016-01-11 Procédé, dispositif et système de traitement de profil WO2017120745A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2016/070617 WO2017120745A1 (fr) 2016-01-11 2016-01-11 Procédé, dispositif et système de traitement de profil
CN201680075522.5A CN108476400B (zh) 2016-01-11 2016-01-11 profile的处理方法、装置及系统

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/070617 WO2017120745A1 (fr) 2016-01-11 2016-01-11 Procédé, dispositif et système de traitement de profil

Publications (1)

Publication Number Publication Date
WO2017120745A1 true WO2017120745A1 (fr) 2017-07-20

Family

ID=59310514

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/070617 WO2017120745A1 (fr) 2016-01-11 2016-01-11 Procédé, dispositif et système de traitement de profil

Country Status (2)

Country Link
CN (1) CN108476400B (fr)
WO (1) WO2017120745A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111434087A (zh) * 2017-11-30 2020-07-17 三星电子株式会社 用于提供通信服务的方法和电子设备
CN111970680A (zh) * 2020-08-17 2020-11-20 东信和平科技股份有限公司 基于eUICC订阅平台的Profile下载方法和装置
CN112956224A (zh) * 2019-10-10 2021-06-11 尤温洛克公司 用于生成与uwb无线标签发送的消息相关的数字证明的方法和相关系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111328068B (zh) * 2020-01-19 2022-09-06 深圳市广和通无线股份有限公司 写卡方法、装置、计算机设备和存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130339305A1 (en) * 2012-06-15 2013-12-19 Kt Corporation Methods of backing up and restoring profile, and devices therefor
CN103747104A (zh) * 2014-01-24 2014-04-23 中国联合网络通信集团有限公司 一种在物联网设备间迁移用户信息的方法及系统
WO2015076709A1 (fr) * 2013-11-19 2015-05-28 Telefonaktiebolaget L M Ericsson (Publ) Gestion d'intégration de profil
CN104883674A (zh) * 2014-02-28 2015-09-02 华为终端有限公司 一种Profile关联管理的方法及装置
CN105050073A (zh) * 2014-04-22 2015-11-11 三星电子株式会社 配置文件的方法和装置

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9100810B2 (en) * 2010-10-28 2015-08-04 Apple Inc. Management systems for multiple access control entities
ES2647088T3 (es) * 2012-12-21 2017-12-19 Giesecke+Devrient Mobile Security Gmbh Procedimientos y dispositivos para la gestión de suscripciones OTA
CN104703170B (zh) * 2013-12-05 2017-04-12 华为终端有限公司 下载运营商的文件的方法及设备
KR102331692B1 (ko) * 2014-06-30 2021-11-30 삼성전자 주식회사 단말의 프로파일 선택 방법 및 장치
CN105101165A (zh) * 2015-07-28 2015-11-25 中国联合网络通信集团有限公司 eUICC签约数据管理方法、管理平台

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130339305A1 (en) * 2012-06-15 2013-12-19 Kt Corporation Methods of backing up and restoring profile, and devices therefor
WO2015076709A1 (fr) * 2013-11-19 2015-05-28 Telefonaktiebolaget L M Ericsson (Publ) Gestion d'intégration de profil
CN103747104A (zh) * 2014-01-24 2014-04-23 中国联合网络通信集团有限公司 一种在物联网设备间迁移用户信息的方法及系统
CN104883674A (zh) * 2014-02-28 2015-09-02 华为终端有限公司 一种Profile关联管理的方法及装置
CN105050073A (zh) * 2014-04-22 2015-11-11 三星电子株式会社 配置文件的方法和装置

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111434087A (zh) * 2017-11-30 2020-07-17 三星电子株式会社 用于提供通信服务的方法和电子设备
CN111434087B (zh) * 2017-11-30 2022-12-02 三星电子株式会社 用于提供通信服务的方法和电子设备
CN112956224A (zh) * 2019-10-10 2021-06-11 尤温洛克公司 用于生成与uwb无线标签发送的消息相关的数字证明的方法和相关系统
CN111970680A (zh) * 2020-08-17 2020-11-20 东信和平科技股份有限公司 基于eUICC订阅平台的Profile下载方法和装置
CN111970680B (zh) * 2020-08-17 2023-11-03 东信和平科技股份有限公司 基于eUICC订阅平台的Profile下载方法和装置

Also Published As

Publication number Publication date
CN108476400B (zh) 2021-03-02
CN108476400A (zh) 2018-08-31

Similar Documents

Publication Publication Date Title
JP5688458B2 (ja) セキュリティ部品及び携帯通信装置において複数の加入者プロファイルを安全に使用するシステムと方法
CN106664545B (zh) 用于为eUICC安装配置文件的方法和装置
CN104662870B (zh) 数据安全管理系统
CN105308560B (zh) 用于设置简档的方法和装置
US20080189550A1 (en) Secure Software Execution Such as for Use with a Cell Phone or Mobile Device
AU2015261578B2 (en) Communication control apparatus, authentication device, central control apparatus and communication system
CN102761870B (zh) 一种终端身份验证和服务鉴权的方法、系统和终端
WO2013100905A1 (fr) Procédé et système pour entrée en communication distribuée hors ligne au moyen de mots de passe à usage unique
CN102739643A (zh) 许可访问网络
JP2019530265A (ja) グラフィックコード情報を提供及び取得する方法及び装置並びに端末
US11394543B2 (en) System and method for secure sensitive data storage and recovery
CN107241339A (zh) 身份验证方法、装置和存储介质
WO2017120745A1 (fr) Procédé, dispositif et système de traitement de profil
CN105101183A (zh) 对移动终端上隐私内容进行保护的方法和系统
CN110795737A (zh) 对电子身份证的业务适用范围进行升级的方法和终端设备
CN113553572A (zh) 资源信息获取方法、装置、计算机设备和存储介质
US11405782B2 (en) Methods and systems for securing and utilizing a personal data store on a mobile device
KR20170124953A (ko) 암호화된 otp를 모바일폰에서 지문 등을 이용하여 복호화하여 사용자 인증을 자동화하는 방법과 그 시스템
CN103973646A (zh) 使用公共云存储服务的方法、客户端装置及系统
JP5678150B2 (ja) ユーザ端末、鍵管理システム、及びプログラム
JP2015138336A (ja) 電子データの管理方法、そのためのプログラム及び、プログラムの記録媒体
Bala WhatsApp forensics and its challenges for android smartphone
CN110839234A (zh) 一种码号转移系统、方法、装置、电子设备及存储介质
JP2014026383A (ja) 携帯端末、携帯端末の認証システム、携帯端末の認証方法及びプログラム
EP3267651A1 (fr) Procédé, dispositif et système de mémorisation sécurisée de données

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16884308

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16884308

Country of ref document: EP

Kind code of ref document: A1