WO2018219490A1 - Procédé de préparation d'instructions à exécuter par un module d'identité d'abonné, module d'identité d'abonné et système de fourniture de service - Google Patents

Procédé de préparation d'instructions à exécuter par un module d'identité d'abonné, module d'identité d'abonné et système de fourniture de service Download PDF

Info

Publication number
WO2018219490A1
WO2018219490A1 PCT/EP2018/000250 EP2018000250W WO2018219490A1 WO 2018219490 A1 WO2018219490 A1 WO 2018219490A1 EP 2018000250 W EP2018000250 W EP 2018000250W WO 2018219490 A1 WO2018219490 A1 WO 2018219490A1
Authority
WO
WIPO (PCT)
Prior art keywords
sim
service providing
instruction
providing system
executable instruction
Prior art date
Application number
PCT/EP2018/000250
Other languages
English (en)
Inventor
Vui Huang Tea
Raghavendran RANGARAJAN
Santosh Kumar Mishra
Original Assignee
Giesecke+Devrient Mobile Security Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke+Devrient Mobile Security Gmbh filed Critical Giesecke+Devrient Mobile Security Gmbh
Publication of WO2018219490A1 publication Critical patent/WO2018219490A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/41Compilation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45504Abstract machines for programme code execution, e.g. Java virtual machine [JVM], interpreters, emulators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation

Definitions

  • Subscriber identity module Method for preparing instructions to be executed by a subscriber identity module. Subscriber identity module and service providing system
  • the invention relates to a method for preparing instructions to be directly executed by a (Universal) Subscriber Identity Module ((U)SIM), a (U)SIM and a service providing system.
  • the invention is especially useful for service providing systems that require user authentication and/or identification.
  • GSMA Global System for Mobile Communications Association
  • MNO mobile network operators
  • SP third party service provider
  • U universal subscriber identity module
  • the GSMA identified a set of propositions that includes authentication, identity, attribute validation and attribute brokerage that collectively is referred to as a SIM application called "Mobile Connect".
  • a (U)SIM is the basis solution for secure and user convenient authentication via a mobile equipment (ME).
  • ME mobile equipment
  • the secure SIM-based solution grants access to SPs via a mobile network.
  • a number of logical functional architectural components are defined and identified.
  • JC Java Card
  • OS JC Operating System
  • MNO Over The Air
  • the MNO may not have the means or infrastructure capabilities to perform OTA to the SIM.
  • An area- wide solution to provide such Meta solution for authentication of digital services provided by SPs in the field may be a complete replacement of all incompatible SIMs that do not have the required functionality.
  • such a replacement of SIMs in the field e.g. by SIM swapping at the phone shop, can take considerable time, inconvenience and highly increases costs.
  • SIM applications that provide this kind of functionality are generally referred to as SIM browsers or Micro- browsers, e.g. the Wireless Internet Browser (WIB) or its alternative, the S@T browser.
  • WIB Wireless Internet Browser
  • SIM applications that fully reside inside the SIM require additional memory space. Since silicon vendors charge more for SIM having more non-volatile memory (NVM) or random- access-memory (RAM), such a SIM increases the system overall costs. Another drawback is the huge cost of bug fixing; enhancement/updating; development for such SIM applications. Additionally, the number of programming languages available for such SIM applications is very limited and, especially for JC, royalty needs to be paid.
  • EP 2 854 433 Al provides a method, a system and a device for realizing a virtual SIM card.
  • the method includes steps of: when a mobile terminal requests to access a communication network, connecting to a cloud service terminal through a wireless network; after the mobile terminal receives an authentication request sent by the communication network, requesting the cloud service terminal to perform authentication calculation and feeding an authentication result obtained by the authentication calculation back to the mobile terminal; and the mobile terminal sending the received authentication result to the communication network.
  • SIM application residing in the SIM Another drawback when having SIM application residing in the SIM is the fact that those SIM applications normally operate on buffers that are stored in NVM of the SIM. Such a buffer based technology is time consuming due to time required by each NVM write/erase cycle and increases power consumption. This not only causes lifetime issues for the particular NVM but also causes delay in processing the SIM application, since no pre-fetch mechanism exists in the SIM and each command needs to be interpreted one by one. Especially for Internet-of-Things (IoT) - applications, power consumption reduction is an issue to increase battery life time of Machine-type communication (MTC) devices.
  • IoT Internet-of-Things
  • a method for preparing instructions to be directly executed by a (Universal) Subscriber Identity Module, (U)SIM comprising the steps of: Converting, by means of a converting unit, a SIM application function received from a service providing system into a SIM directly executable instruction, wherein the convert- ing unit being located external from the SIM; receiving the executable instruction by the SIM; and executing the executable instruction by the SIM.
  • the converting unit may for instance reside in a device carrying the SIM, such as an application on a smart phone.
  • the converting unit would then be launched via terminal application command, e.g. as per ETSI 102 223, through network via the SIM.
  • a SIM comprises a basic operating system (OS) and consists of a means for providing a basic protocol layer; a means for executing received directly executable instructions, generated from an external converting unit; a means for authentication and/or signing and a means for enabling Over The Air communication.
  • OS basic operating system
  • a triggering capability for indicating a ME application is also a part of the SIM.
  • An OS in SIM is system software configured to manage the SIM underlying hardware and software resources and provides common services for connected entities via standardized interfaces.
  • the basic OS is for instance a native OS.
  • Application software is generally written for use on a specific OS and in case of SIM also for specific hardware.
  • This basic OS is different to JC, since writing applications for such a basic OS does not require additional software abstraction layers to translate to adapt functions to specific OS, such as JC requiring their own system libraries.
  • a basic protocol layer or protocol stack is an implementation of a computer networking protocol suite. Individual protocols within a suite are designed for easier designing and evaluating. This basic protocol may be seen as one of the lowest protocols that deal with "low-level", physical interaction of the hardware.
  • the basic protocol layer is divided into media, transport, and application.
  • the basic OS has software interfaces to interconnect media, transport and applications. Means for executing instructions is referred to any software routine that is operable with externally generated instructions that should be executed by the SIM.
  • the execution of received instructions in SIM environment is highly standardized and interfaces and responses are well defined in technical standardizations, such as GSM 11.11 that defines the interface between a SIM and mobile equipment (ME) that locates the SIM or GSM 1 1.14 that defines SIM application toolkit for the ME - SIM interface.
  • GSM 11.11 that defines the interface between a SIM and mobile equipment (ME) that locates the SIM or GSM 1 1.14 that defines SIM application toolkit for the ME - SIM interface.
  • SIM is used in the aforementioned inventive method.
  • SIM is understood as an integrated circuit that is intended to securely store at least an international mobile subscriber identity number (IMSI), a unique serial number (ICCID) and its related cryptographic encryption/decryption keys, which are used to identify and authenticate a subscriber on mobile telephone equipment, such as a mobile phone, a personal computer and so on.
  • IMSI international mobile subscriber identity number
  • ICCID unique serial number
  • cryptographic encryption/decryption keys which are used to identify and authenticate a subscriber on mobile telephone equipment, such as a mobile phone, a personal computer and so on.
  • a (U)SIM may addi- tionally store security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to, and two passwords: a personal identification number (PIN) for ordinary use, and a personal unblocking code (PU ) for PIN unlocking.
  • PIN personal identification number
  • PU personal unblocking code
  • a SIM is mobile telephone standard independent and can also be used in a satellite communication technique.
  • the SIM circuit is part of the function of a Universal Integrated Circuit Card (UICC) physical smart card, which is usually made of plastic, such as P VC with contact pads that are linked to a semiconductor embedded in the card and having SIM formats as standardized according to international specifications ISO/IEC 7810 or ETSI TS 102.221.
  • UICC Universal Integrated Circuit Card
  • SIM embedded SIM
  • short e-SIM or embedded-UICC
  • eUICC embedded-UICC
  • M2M machine-to-machine
  • e-Call remote SIM provisioning capabilities, for instance used in-vehicle emergency call service "e-Call”.
  • M2M machine-to-machine
  • e-Call remote SIM provisioning capabilities, for instance used in-vehicle emergency call service "e-Call”.
  • M2M machine-to-machine
  • e-Call remote SIM provisioning capabilities, for instance used in-vehicle emergency call service "e-Call”.
  • an e-SIM embedded in a device, carrying the e-SIM does not necessarily require M2M-techolology, but for IoT applications, M2M is a standard requirement.
  • a “service providing system” is related to any kind of third party digital service that may require authentication/identification of a user, hereinafter referred to as the subscriber.
  • a service providing system is for instance a cloud-based service, a cloud-storage service, an e-mail service, a m-commerce service, a social network service, a financial service, a music service, a book service, a medical record service and/or a government service.
  • the use of the term "system” may imply that the SP interacts with other entities, such as an MNO or a trust- ed third party to enable a trustworthy environment for providing the digital service.
  • the subscriber of the SIM may be the same person as the person that requests the digital service.
  • levels of assurance as defined by ISO/IEC 291 15 Standard, describe the degree of confi- dence in the processes leading up to and including an authentication. It provides assurance that the entity claiming a particular identity is the entity to which that identity was assigned.
  • the application declares the degree of confidence that is required in the returned (asserted) identity. The greater the risk associated with an erroneous authentication, the higher the Level of Assurance recommended, wherein at least LoA 2 is required by the digital services.
  • SIM application function is related to any SIM application instruction or SIM application command that is source code which may be human readable/interpretable, such as JC source code. In computing, such human-readable data is often encoded as ASCII or Unicode text.
  • the SIM application function is transferred to the SIM and is converted by a SIM application residing the SIM into native OS language, such as executable instructions.
  • SIM application function may be a JC programmed function and is preferably an authentication function and/or a signing function.
  • Those JC SIM functions are usually used for identifying and authentication a subscriber.
  • directly executable instruction is related to any instruction, primitive or command that could directly be executed by a native SIM having a basic OS, such as a low level software platform. On receipt of that instruction, no further conversion is required and the SIM starts the interpretation of the executable instruction according to technical specifications GSM 1 1.1 1 and GSM 1 1.14.
  • the directly executable instruction is at least one of a SIM toolkit (STK) command, preferably a dynamic SIM toolkit (DST ) command; a byte code formatted instruction and/or; a proactive instruction for a ME.
  • SIM toolkit STK
  • DST dynamic SIM toolkit
  • directly executable instructions may also reside one layer above the GSM 1 1.14 specification and may normally be translated by a respective application to low level instructions, according to the present invention, they are defined as directly executable instructions. These are the most common formats for directly executable instructions without requiring SIM applications for a conversion on the SIM. Alternatively or additionally directly executable instruction may at least be a part of a wireless internet browser, WIB, website meta language, WML, execution script. The WIB commands may directly call GSM 1 1.14 specified proactive commands internally.
  • this instruction is a native instruction that is directly executable by a native SIM.
  • a native SIM as for instance used according to this invention, is a low profile SIM designed for lower-cost system implementations with no or only a low finite number of small sized applications on it. Such native SIM may be deployed whenever there is no need for evolution of the SIM by post-issuance application(s) changes and/or additions to the SIM or costs should be reduced. So, using this inventive concept, a sizeable amount, for example up to 80 percent in some cases, of NVM or RAM can be saved and so chip cost is reduced.
  • the inventive converting unit is configured to convert SIM application functions as described above into SIM executable instructions as described above before they are sent to the SIM. Consequently, no SIM application for converting the SIM application function is required on the SIM and existing, deployed Java and native SIM can be re-used immediately. SIM using real & virtual SIM applications can co-exist together on the SP system. So no delay or extraneous costs of ordering newer SIM or adapting the logistics to replace deployed SIMs is required.
  • the converting unit is also referred to as translating unit, is located external from the SIM, meaning that this converting unit is not implemented in SIM memory.
  • the conversion of the SIM ap- plication function into executable instructions is, according to an embodiment, part of the service providing system and is a network -based entity or a cloud-based entity/service.
  • “Cloud-based service” merely encompasses the myriad IT resources provided over the internet are used. The expression may also be used to describe professional services that support the selection, deployment and ongoing management of various cloud-based resources.
  • the converting unit is implemented in the mobile equipment (ME), but outside the SIM, for example as an application residing on the mobile equipment.
  • the converting unit resident in the mobile equipment may be launched from the service providing system, e.g. by using terminal application commands.
  • the converting unit is preferably config- ured to convert S@T, WML and/or WBXML source code into instruction based byte code before sending it to the SIM.
  • the receiving-step is realized as a GSM/UMTS/LTE-standardized wireless interface, preferably an OTA communication and/or an OTA-HTTP-communication.
  • the receipt is based on the use of Short Message Services, SMS, provided from a SMS Center, SMSC.
  • SMSC Short Message Services
  • the proposed method advantageously allows to develop and/or enhance and/or update a SIM application, such as micro-browsers (WIB, S@T, EAP) or other Java Card applications, such as "Mobile connect", but to keep it on a service providing system side.
  • the SIM only requires a basic OS having a basic protocol layer, minor GSM communication functionality, authentication algorithm and OTA communication functionality.
  • OTA communication may be achieved on basis of a thin client software running on the basic OS of the SIM.
  • the inventive solution will reduce production time and costs and is efficiently used in any kind of (e)SIM, (e)UICC in all environments, such as M2M-environment or traditional SIM- environment.
  • the OS development is accelerated and its complexity is lowered, since the in- ventive converting unit is configured to convert/translate the SIM application function into the basic SIM executable instruction on the SP system side, or mobile equipment side, respectively.
  • a dynamic activation/deactivation of modules on the SIM can be enabled.
  • the converting step includes the converting of the SIM application function received from the service providing system into a script of a plurality of SIM directly executable instructions.
  • scripts programs are written for a specific run-time environment that automates the execution of tasks that could alternatively be executed one-by-one.
  • Instructions, such as primitives are usually the elementary tasks or API calls and the OS language allows them to be combined into more complex applications. Such complexity may be lost when converting the SIM applications into executable instructions.
  • the instructions can be summarized into an instruction script and trans- ferred once and executed subsequently on the SIM after receipt. So, a plurality of converted instructions can be connected into one script for easier processing.
  • the converting unit also referred to as converter hereinafter, can be dynamically changed in the SP system, so there is no need to update the SIM each and every bug fix or updat- ing cycle.
  • the converting unit is logically located in the mobile network operating system in between a managing secure service provider, MSSP, and the SMSC.
  • MSSP managing secure service provider
  • the MNO that may reside the MSSP and the SMSC incorporate the converting unit and apply the inventive concept for converting the SIM application function into directly executable instructions. So, from a third parties SP, no change in the authentication procedure is detectable and the MNO completely takes care about the conversion.
  • the SP system includes an OTA, server and an authentication server to enable a secure messaging to/from the SIM. So, a SIM-based authentication can be securely established without risks of corruption or attacks.
  • OTA is a widely used infrastructure and may be available in a plurality of mobile networks.
  • the SIM further comprises a memory for storing pre-shared keys for cryptographical- ly encrypted communication and means for cryptographically encrypting/decrypting of executable SIM instructions received from a service providing system.
  • a pre-shared key PS is a shared secret which was previously shared between the SIM and the MNO using some secure channel before it needs to be used.
  • a data transmission for transmission of the directly executable instruction between the service providing system and the SIM is based on a cryptographic encryption and the method comprises the further steps of encrypting the converted directly executable instruction by the service providing system and decrypting the encrypted instruction by the SIM upon receiving the encrypted instruction for execution.
  • Pre-shared keys and/or a public key infrastructure (PKI) may be used which are widely used in MNO environments. So, no attacker or hacker can corrupt the system and the authentication procedure is securer.
  • the directly executable instruction is a proactive instruction for ME, wherein the ME incorporates the SIM.
  • the inventive method also comprises the further steps of: upon receiving the executable instruction by the SIM, directly sending the executable instruction to the ME; receiving, by the SIM, a ME response to the proactive instruction; and sending, by the SIM, the received ME response to the SP system. This may increase operation speed, since the ME may be faster in processing the instructions, such as displaying messages, getting input from the user and so on.
  • the sending, by the SIM, of the received ME's response is cryptographically encrypt- ed.
  • This response is an acknowledgement response to the service providing system rather than a proactive response as known from conventional systems.
  • This ME's response is preferably only sent upon request.
  • the directly executable instruction is a proactive instruction for ME, wherein the ME incorporates the SIM, the method comprises the further steps of: upon receiving the executable instruction by the SIM, directly sending the executable instruction to the ME; and executing the instruction by an offline application in the ME.
  • This offline ME application may be triggered by the SIM, as for instance described in technical specification ETSI 102 223.
  • a thin client may be residing on the ME.
  • This thin ME client may comprise intermediate menus in the form of the ME application.
  • This ME application remain offline and so no interactions with the SP system via the SIM is required. This reduces op- erational time drastically.
  • the attribute offline hereinafter is referred to executing instructions without reporting or requesting further parameters from external the ME, such as the SIM or the SP system.
  • the offline ME application may be used to take actions, such as requesting a user input ("Get Input") or displaying a specific text on the ME display (e.g. "Display text") or setting up a menu entry (e.g. "Setup menu / Select item”) based on instructions transmitted from the SIM to the ME until a certain stage.
  • "Setup menu” (25xx) may be done only once per reset, whereas intermediate menus may be displayed using the "Select item" (24xx) command.
  • this feature may be omitted.
  • the certain stage is for instance a final level in a SIM toolkit menu that has been reached and the subsequent action is an interaction with the SIM, such as setup a call, send a SMS or send a USSD by the SIM, based on that certain stage. So no SP system interaction is required as long as specific instructions are required.
  • the interaction between the ME and the SIM may be based on pre-shared keys, so three entities, namely the application installed in the ME, the SIM located in the ME and the SP system that requests a user authentication, are used for key pairing. This key pairing further increases the security in this inventive method.
  • Such intermediate steps of the executable instructions can be offloaded as application in the ME.
  • These applications can be pre-loaded in the ME and can be updated whenever required, since updating of the ME applications is achieved with much faster data connections, such as WiFi or so on.
  • a service providing system used in the afore-mentioned method.
  • This SP system comprises a service provider, SP, configured to provide a service to a subscriber, when the subscriber is authenticated; a converting unit config- ured to convert a SIM application function received from the service providing entity into a SIM directly executable instruction; and a sending means for sending the executable instruction to a subscriber identity module, SIM, of the subscriber to enable the authentication.
  • the SP system further comprising a managing entity, configured to verify the authen- tication of the subscriber in the service providing system.
  • the SP system further comprises an OTA platform system, configured to send and receive the directly executable instructions to a SIM of the subscriber and further configured to provide secure messaging using cryptographic encryption/decryption.
  • Fig.1 shows a system for authentication a service according to the prior art
  • Fig.2 shows an exemplary embodiment of a process flow of a method for preparing in- structions to be directly executed by a SIM according to the invention
  • Fig.3 shows an exemplary embodiment of a service providing system using a SIM based authentication according to the invention
  • Fig.4 shows another exemplary embodiment of a service providing system using a SIM based authentication according to the invention.
  • Fig.5 shows another exemplary embodiment of a service providing system using a SIM based authentication according to the invention.
  • Fig.1 shows an exemplary embodiment of a system for SIM based authentication according to the prior art, for instance used for the GSMA concept "Mobile Connect".
  • SIM subscriber identity module
  • ME mobile equipment
  • the SIM 1 may be in any of the SIM formats described above.
  • Service providing by a service providing (SP) system 2 to a subscriber may require a SIM based authentication. Therefore, the SP system 2 may establish a communication link 4 between the SP system 2 and the SIM 1.
  • the conventional system requires a SIM 1 with Java Card (JC) Operating System (OS) and a specifically designed JC SIM application that is residing in the SIM 1.
  • JC Java Card
  • OS Operating System
  • a converter in the SIM 1 is used to convert the residing SIM application function into a SIM executable instruction.
  • the following source code of the JC "Mobile Connect" SIM application may be used when interacting with the ME 3, especially displaying and inputting of text:
  • NVM non-volatile memory
  • Another drawback is the huge cost of bug fixing; enhancement/updating; development for such SIM applications. Additionally, the number of programming languages available for such SIM applications is very limited and, especially for JC, royalty needs to be paid.
  • SIM application normally operates on buffers that are stored in the NVM (not shown) of the SIM 1.
  • NVM not shown
  • Such a buffer based technology is time consuming due to the time required by each NVM write/erase cycle. This not only causes lifetime issues for NVM but also causes delay in processing the SIM application, since no pre-fetch mechanism exists in the SIM 1 and each command needs to be interpreted one by one.
  • Fig.2 shows an exemplary embodiment of a process flow of a method for preparing instructions to be directly executed by a SIM 1 according to the invention.
  • the method 100 comprises a converting step 101 for converting a SIM application instruction into a SIM directly executable in- struction by means of a converting unit.
  • a receiving step 102 is used to receive the directly executable instruction by the SIM 1.
  • an executing step 103 is performed to execute the directly executable instruction by the SIM 1.
  • Fig.3 to Fig.5 various embodiments are shown for further explaining the inventive method 100 of Fig.2.
  • Fig.3 shows an exemplary embodiment of a SP system 2 using the SIM-based authentication according to the invention.
  • the SP system 2 at least includes a converting unit 5 external from the SIM 1.
  • the converting unit 5 obtains SIM application functions from a managing secure service provider (MSSP) 24 as a part of the SP system 2.
  • MSSP managing secure service provider
  • the converting unit 5' is provided in the ME 3, therein but outside the SIM 1.
  • This SIM application function may be an authentication and/or signature request to authenticate a subscriber of at least one of the above mentioned provided digital services.
  • the converting unit 5, 5' converts the SIM application function into a directly executable instruction.
  • the SIM application is a WIB function that is converted by the converting unit 5, 5' into a byte code.
  • the byte code is directly transmitted to the SIM 1 located in the ME 3.
  • the SIM 1 comprises a basic OS that has basic functionality only. This functionality may be summarized as establishing or at least participating in a communication via communication link 4 to the converting unit 5 as a part of the SP system 2.
  • the communication link 4 is a logical communication link, meaning that a physical path of this communication link 4 is directed via the ME 3.
  • a thin client is used in the SIM 1 to establish this communication link 4. So, a directly executable instruction converted by the converting unit 5, 5' can be received by the SIM 1 and executed by the SIM 1 using its underlying hardware. Since the conversion is made external from the SIM 1, no SIM application needs to reside the SIM 1. Thus, SIM applications, such as WIB, S@T, EAP or JC "Mobile Connect" are kept at the SP system 2 side or the ME 3 side.
  • the SIM 1 only requires a basic/native OS which contains a basic protocol layer and the functionality as defined in the technical standards GSM 1 1.1 1 and GSM 1 1.14, as well as authentication algo- rithm and a thin client for OTA communication with security
  • SIGN TRANSACTION Al To generate a signature other a transaction.
  • This function can also be used to authenticate the subscriber.
  • CHANGE STATUS B4 To individually activate/deactivate the applet, the E2E transport key or an Authentication Handler
  • this SIM application function becomes a script of WIB-WML directly executable instructions represented as byte code.
  • This script includes four directly executable instructions, namely a "GET INPUT” instruction for getting input from input means of the ME 3 of the subscriber, a "VERIFY” instruction for verifying the input of the subscriber, namely a personal code required for authenticating the requested service at the SP, a "DISPLAY TEXT” instruction to display the result of the verification instruction on a display means of the ME 3 and a "SEND SHORT MESSAGE” instruction to send a SMS to the MSSP 24 with at least the corresponding transaction ID, trans- action date & time, the message authentication code and the authentication handler.
  • the "Message Authentication Code” field contains the result of the computation process implemented by the Authentication Handler. This field may be missing if the requested authentication used is a '"Click OK" with authentication based on a secure messaging layer, which is at Level of Assurance 2 (LoA2) or a "Personal Code input” with authentication based on secure messaging layer, which is at Level of Assurance 3 (LoA3). If LoA3 is required for the specific authentication, the Personal Code can be stored at the converting unit 5 or directly on the SIM 1. If LoA4 is required for the specific authentication, the storage and signing with PKI private keys is made by the converting unit 5 or the SIM 1.
  • Fig.4 shows another exemplary embodiment of the SP system 2 using a SIM-based authentication according to the invention. This embodiment is based on the embodiment according to Fig.3. Following, merely the difference between these embodiments are explained.
  • the ME 3 and personal computing equipment (PCE) 7 are both controlled by the user, as indi- cated with arrow 8.
  • the PCE 7 is any computing equipment capable of requesting for a digital service and may be a conventional personal computer, a laptop, any electronic handheld device, a tablet PC, a smart TV, a smart radio and so on.
  • the user is also the subscriber of the SIM 1 located in the ME 3.
  • the PCE 7 is further connected to a SP 21 via a communication link 9.
  • the SP 21 is any third party SP and can be part of the MNO environment or can be part of the internet environment.
  • the communication link 9 can be a wired or wireless communication and can be based on a mobile-; a metropolitan area-; or a wide area-network interface, preferably based on any TCP/IP or UDP protocol basis.
  • the SP 21 is connected to an instruction update server 23 and the MSSP 24.
  • the MSSP 24 is connected to the converting unit 5 and the converting unit 5 is connected to a SMSC 22.
  • the instruction update server 23 is shown as a principle example for simple exchange of a SIM application residing in the SP system 2 instead of residing in the SIM 1. Such an exchange may be necessary for bug fixing, enhancement/update of the application and so on.
  • an OTA server is incorporated into the service provid- ing system 2.
  • the OTA server interfaces the MSSP 24. This interface may provide the MSSP 24 the ability to send/receive secure message to/from the SIM 1. Such an interface shall be used in the case where the MSSP 24 relies on secure messaging provided by the OTA platform server that handles the transport credentials, such as GSM 03.48 authentication keys.
  • the interface between the MSSP 24 and the SMSC 22 as well as an interface between the SMSC 22 and an OTA server (not explicitly shown) mainly provide the ability to send/receive SMS to/from SIM 1.
  • the user of the PCE 7 requests for a service from the SP 21 via the link 9. However, the SP 21 requests authentication of the user/subscriber. So, it sends an authentication request to the MSSP 24 and to the PCE 7.
  • the PCE 7 displays a message on the display, such as "Authenticate".
  • the MSSP 24 now triggers a SIM-based authentication or signature request.
  • This trigger mainly activates an MNO environment to which the SP 21 is connected, e.g. the MSSP 24.
  • the user that navigates the SP 21 also provides a user input, such as a click on a "Mobile Connect" button on the display of the PCE 7 or something equivalent depending on the specific SP 21 implementa- tion in order to trigger the SIM-based authentication using the ME 3 of the user according to the invention.
  • This user input triggers the MSSP 24 to provide the SIM Application "SIGN_TRANSACTION" function to the converting unit 5 for a SIM-based authentication according to following WIB WML source code:
  • the converting unit 5 now converts this WIB WML source code into the bytecode and forwards it to the SMSC 22 to form an ENVELOPE SMS PP DOWNLOAD instruction to be directly executed by the SIM, the underlined passages from the above WIB WML source code are also underlined herein: AO C2 00 00 51 Dl 4F82 02 83 81 86 03 91 38 F0 8B 44 40 05 91 45 23 Fl 7F F6 15 07 31 02 38 23 00 34 02 70 00 00 2 F 0D 00 00 00 00 CO 02 1A 00 00 00 00 00 00 00 CO 02 1A 00 00 00 00 00 00 00 00 00 CO 02 1A 00 00 00 00 00 00 00 00 00 00 Al 01 22 IB 01 04 03 CB 24 0D 02 04 55 BB 6C 3F 8D 0D 04 41 75 74 68 65 6E 74 69 63
  • a SMS is generated by the SIM 1 and transmitted back to the SMSC 22 with following content:
  • Table 3 - response parameters for "SIGN TRANSACTION" Fig.5 shows another exemplary embodiment of a SP system 2 using a SIM 1 based authentication according to the invention.
  • the SIM 1 comprises a thin client OS to establish a secure OTA communication with the converting unit 5.
  • a hardware abstraction layer (HAL) is used to allow applications to discover and use the hardware of the SIM 1 through an abstract application programming interface (API).
  • API application programming interface
  • the converting unit 5 residing in the SP system 2, external from the SIM 1 , converts the SIM application function, such as WIB/S@T/EAP functions into the corresponding ST level directly executable instruction which is directly executed by the SIM 1.
  • the directly executable instruction is also encrypted by the SP system 2 using pre-shared keys.
  • the encrypted directly executable instruction is transmitted via OTA or OTA-HTTP to the SIM 1 using the communication link 4.
  • OTA or OTA-HTTP depends on the size of data and performance requirement of the SP system 2.
  • a proof of receipt (PoR) for acknowledgement is transmitted back from the SIM 1 to SP system 2.
  • the received encrypted OTA message is decrypted by the SIM 1 using the same pre-shared keys as used by the SP system 2. After successful decryption, the directly executable actual instruction is available. This instruction is executed by the SIM 1 using standardized GSM 1 1.1 1 and GSM 1 1.14 procedures that is performed by any native SIM 1.
  • a SIM response can be sent back from the SIM 1 to the SP system 2.
  • the directly executable instruction is ignored or a further processing can be done internally as will be explained in the following:
  • the received decrypted OTA message is a proactive instruction for the ME 3, it is directly sent to the ME 3 by means of the SIM 1 based on GSM 1 1.14 requirements.
  • a terminal response from the ME 3 is received by the SIM 1. In a first scenario, this terminal response from the ME 3 is sent back in encrypted form by the SIM 1 to the SP system 2.
  • a thin offline application resides the ME 3.
  • This thin application remains offline and is used to take actions until a final level is reached based on above pre- fetched data, such as display text or get input from the user.
  • Such a final level may be the end of an STK menu that is controlled by this thin application or until a final action from the SIM 1 is required such as SEND SMS, etc.
  • Pre- sharing of keys may be applied to this thin offline application of the ME 3 to use key pairing by splitting across ME 3 and SIM 1. So, partial keys are stored and can be processed through different channel which is a major improvement from security perspective.
  • the overall communication is much faster than that of a SIM application residing inside the SIM 1.
  • the SP system 2 may decide whether to transmit a fol- low-up instruction, whereby such a decision may be made during run time of a preceding instruction.
  • SIM Subscriber Identity Module
  • SMSC 22 SMS Center, SMSC

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé (100) de préparation d'instructions à exécuter directement par un module d'identité d'abonné, SIM (1). Le procédé (100) comprend les étapes consistant à convertir (101), au moyen d'une unité de conversion (5), une fonction d'application SIM reçue en provenance d'un système de fourniture de service (2) en une instruction exécutable directement par le SIM, l'unité de conversion (5) étant située à l'extérieur du SIM; recevoir (102) l'instruction pouvant être exécutée par le SIM; et exécuter (103) l'instruction pouvant être exécutée par le SIM (1). L'invention concerne également un SIM et un système de fourniture de service (2).
PCT/EP2018/000250 2017-06-02 2018-05-09 Procédé de préparation d'instructions à exécuter par un module d'identité d'abonné, module d'identité d'abonné et système de fourniture de service WO2018219490A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102017005330 2017-06-02
DE102017005330.8 2017-06-02

Publications (1)

Publication Number Publication Date
WO2018219490A1 true WO2018219490A1 (fr) 2018-12-06

Family

ID=62186384

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2018/000250 WO2018219490A1 (fr) 2017-06-02 2018-05-09 Procédé de préparation d'instructions à exécuter par un module d'identité d'abonné, module d'identité d'abonné et système de fourniture de service

Country Status (1)

Country Link
WO (1) WO2018219490A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114079917A (zh) * 2020-07-31 2022-02-22 中移互联网有限公司 页面加载方法及装置
US11284244B1 (en) 2020-10-16 2022-03-22 Unigroup Guoxin Microelectronics Co., Ltd. Data white box device utilized in conjunction with intelligent terminal
EP3985544A1 (fr) * 2020-10-16 2022-04-20 Unigroup Guoxin Microelectronics Co., Ltd. Dispositif de boîte blanche de système utilisé conjointement avec un terminal intelligent
EP3985542A1 (fr) * 2020-10-16 2022-04-20 Unigroup Guoxin Microelectronics Co., Ltd. Dispositif de boîte blanche d'application utilisé en conjonction avec un terminal intelligent
CN114567881A (zh) * 2022-04-24 2022-05-31 江苏益捷思信息科技有限公司 一种sim卡信息安全保护方法及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010105570A1 (fr) * 2009-03-18 2010-09-23 华为技术有限公司 Procédé permettant d'indiquer la position d'un équipement d'utilisateur, et équipement de point d'accès
US20120238244A1 (en) * 2009-12-08 2012-09-20 Gemalto Sa Proactive commands over secure channel between a mobile equipment and a uicc
DE102012022874A1 (de) * 2012-11-22 2014-05-22 Giesecke & Devrient Gmbh Applikationsinstallation
EP2854433A1 (fr) 2012-05-22 2015-04-01 ZTE Corporation Procédé, système et dispositif associé destinés à réaliser une carte sim virtuelle
WO2016108096A1 (fr) * 2014-12-30 2016-07-07 Stmicroelectronics S.R.L. Procédés permettant de fournir une réponse à une instruction scp80 demandant l'exécution d'une instruction proactive, carte universelle à circuit intégré correspondante, dispositif mobile, serveur et produit programme d'ordinateur

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010105570A1 (fr) * 2009-03-18 2010-09-23 华为技术有限公司 Procédé permettant d'indiquer la position d'un équipement d'utilisateur, et équipement de point d'accès
US20120238244A1 (en) * 2009-12-08 2012-09-20 Gemalto Sa Proactive commands over secure channel between a mobile equipment and a uicc
EP2854433A1 (fr) 2012-05-22 2015-04-01 ZTE Corporation Procédé, système et dispositif associé destinés à réaliser une carte sim virtuelle
DE102012022874A1 (de) * 2012-11-22 2014-05-22 Giesecke & Devrient Gmbh Applikationsinstallation
WO2016108096A1 (fr) * 2014-12-30 2016-07-07 Stmicroelectronics S.R.L. Procédés permettant de fournir une réponse à une instruction scp80 demandant l'exécution d'une instruction proactive, carte universelle à circuit intégré correspondante, dispositif mobile, serveur et produit programme d'ordinateur

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114079917A (zh) * 2020-07-31 2022-02-22 中移互联网有限公司 页面加载方法及装置
CN114079917B (zh) * 2020-07-31 2023-07-21 中移互联网有限公司 页面加载方法及装置
US11284244B1 (en) 2020-10-16 2022-03-22 Unigroup Guoxin Microelectronics Co., Ltd. Data white box device utilized in conjunction with intelligent terminal
EP3985543A1 (fr) * 2020-10-16 2022-04-20 Unigroup Guoxin Microelectronics Co., Ltd. Dispositif de boîte blanche de données utilisé en conjonction avec un terminal intelligent
EP3985544A1 (fr) * 2020-10-16 2022-04-20 Unigroup Guoxin Microelectronics Co., Ltd. Dispositif de boîte blanche de système utilisé conjointement avec un terminal intelligent
EP3985542A1 (fr) * 2020-10-16 2022-04-20 Unigroup Guoxin Microelectronics Co., Ltd. Dispositif de boîte blanche d'application utilisé en conjonction avec un terminal intelligent
US11589225B2 (en) 2020-10-16 2023-02-21 Unigroup Guoxin Microelectronics Co., Ltd. Application white box device utilized in conjunction with intelligent terminal
US11589231B2 (en) 2020-10-16 2023-02-21 Unigroup Guoxin Microelectronics Co., Ltd. System white box device utilized in conjunction with intelligent terminal
CN114567881A (zh) * 2022-04-24 2022-05-31 江苏益捷思信息科技有限公司 一种sim卡信息安全保护方法及系统

Similar Documents

Publication Publication Date Title
US11601809B2 (en) Method and system for updating certificate issuer public key, and related device
WO2018219490A1 (fr) Procédé de préparation d'instructions à exécuter par un module d'identité d'abonné, module d'identité d'abonné et système de fourniture de service
CN110352605B (zh) 一种鉴权算法程序的添加方法、相关设备及系统
US9843585B2 (en) Methods and apparatus for large scale distribution of electronic access clients
US9258294B2 (en) Remote authentication method with single sign on credentials
US10349272B2 (en) Virtual SIM card cloud platform
RU2518924C2 (ru) Беспроводное устройство, способ запроса пользовательского клиента управления доступом и способ выполнения клиента управления доступом
US11564094B1 (en) Secondary device authentication proxied from authenticated primary device
JP2010506464A (ja) 複数の装置間で携帯電話アカウントの加入契約情報を共有するための方法及び装置
US10757089B1 (en) Mobile phone client application authentication through media access gateway (MAG)
US11678176B1 (en) Electronic subscriber identity module (eSIM) transfer via activation code
US20170244692A1 (en) Authentication of a user using a security device
CN107332817B (zh) 支持多个访问控制客户端的移动装置和对应的方法
US10868808B1 (en) Server application access authentication based on SIM
US11570620B2 (en) Network profile anti-spoofing on wireless gateways
Ruiz-Martínez et al. A survey of electronic signature solutions in mobile devices
US20140040988A1 (en) Method and System for Data Communication to an Identification Module in a Mobile Radio Terminal
US11968531B2 (en) Token, particularly OTP, based authentication system and method
US20240333520A1 (en) System and method for secure messaging in a telecommunications network
WO2023241198A1 (fr) Procédé, appareil et système de communication
Sabt et al. Over-the-internet: efficient remote content management for secure elements in mobile devices
EP2991314A1 (fr) Méthode et premier dispositif pour charger une application
Pisko Mobile electronic signatures: progression from mobile service to mobile application unit
EP3202173B1 (fr) Procédé de transmission de données entre un appareil sécurisé et un serveur
Fernandes Reliable electronic certification on mobile devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18725103

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18725103

Country of ref document: EP

Kind code of ref document: A1