WO2019229188A1 - Subscriber access to wireless networks - Google Patents

Subscriber access to wireless networks Download PDF

Info

Publication number
WO2019229188A1
WO2019229188A1 PCT/EP2019/064103 EP2019064103W WO2019229188A1 WO 2019229188 A1 WO2019229188 A1 WO 2019229188A1 EP 2019064103 W EP2019064103 W EP 2019064103W WO 2019229188 A1 WO2019229188 A1 WO 2019229188A1
Authority
WO
WIPO (PCT)
Prior art keywords
network
subscriber profile
mobile unit
subscription
euicc
Prior art date
Application number
PCT/EP2019/064103
Other languages
French (fr)
Inventor
Krishna SHINGALA
Original Assignee
Nordic Semiconductor Asa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nordic Semiconductor Asa filed Critical Nordic Semiconductor Asa
Publication of WO2019229188A1 publication Critical patent/WO2019229188A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/183Processing at user equipment or user record carrier

Definitions

  • the present invention relates to the establishment and/or management of connections to a wireless network such as a cellular data network.
  • Access to public cellular data networks is based on the ability for the network to recognise the identity of devices which are seeking to connect to it and to associate that identity with a profile or subscription information held on a suitable database. This information can then be used, for example, to direct PSTN voice calls to the device when its telephone number is dialled, and for billing the owner of the device for network services used.
  • SIM Subscriber Identity Module
  • UICC Universal Integrated Circuit Card
  • MNO Mobile Network Operator
  • a UICC comprises a CPU and a small amount of memory, and can run various applications. One of which is a SIM application, which performs the functions of a SIM card.
  • the system for identifying devices which is regulated by standards drawn up by the Groupe Special Mobile Association (GSMA), was originally designed for managing cellular telephones which are typically relatively high value devices, purchased individually by users and carried with them.
  • GSMA Groupe Special Mobile Association
  • the wireless data connections to the Internet that they offer have taken on greater importance. It is now common for other devices, which require only a data connection to the internet, to access cellular networks too, and thus they too must be provided with a removable UICC in order to permit this.
  • loT devices One growing application for loT devices is in distributed sensor networks. Having a large number of autonomous, connected sensor devices can offer a big
  • loT devices such as remote sensors are designed to be small so that the physical size of the UICC, albeit reduced in recent years, may still limit the achievable size of these devices.
  • LTE-M, NB-loT long term of technology
  • the existing models of pricing and subscriptions may not apply to loT use cases. For example locking a device to one operator may be detrimental for device manufacturers, users or both.
  • the need to exchange a physical card in order to change a service provider thereby negating the benefit of having remote sensors, could be a significant disadvantage.
  • the embedded UICC (eUICC) has been developed and is also the subject of a GSMA standard, Remote Provisioning Architecture for Embedded UICC Technical Specification.
  • an eUICC is not detachable from the device but rather is integrated in the device at the time of manufacture.
  • the eUICC is fixed to a single unique subscription, it can adopt new subscription
  • the eUICC When a device incorporating an eUICC is manufactured, the eUICC is provided with an initial provisioning profile. As defined in GSMA standard, this allows the device to make a first connection to the cellular network in order that it can be registered.
  • the initial provisioning profile serves only the purpose of providing initial internet connection to the Subscription Manager-Secure Routing (SM-SR). This profile is prohibited to be used for any other purpose. Thereafter, the device can be provided with a more permanent profile for accessing the network, albeit one that can be remotely managed as described above.
  • SM-SR Subscription Manager-Secure Routing
  • the Applicant has realised however that the existing system for provisioning devices with eUICCs has some drawbacks, particularly that in order to provide an initial provisioning profile at manufacture stage, it is necessary for a manufacturer to pre-select a MNO (and possibly therefore a geographic area in which it can be used) and to have an agreement in place with that MNO.
  • the present invention provides a method of connecting an unprovisioned first mobile unit to a wireless telecommunication network comprising a plurality of base stations and a plurality of further mobile units, the base stations being connected to a network infrastructure including a subscriber profile management system comprising storage having stored thereon a plurality of subscriber profiles including unique identifiers associated with each of said further mobile units, the method comprising:
  • said first mobile unit issuing a subscription access request over said further network to said subscriber profile management system;
  • said subscriber profile management system issuing a subscriber profile for said wireless telecommunication network including a unique identifier for said first mobile unit;
  • said first mobile unit using said subscriber profile to connect to one of said base stations using said wireless telecommunication network.
  • an mobile unit can connect to a subscriber profile management system without having to do so via the wireless telecommunication network (typically a cellular network).
  • the wireless telecommunication network typically a cellular network.
  • the device can communicate with the subscriber profile management system, unconventionally, via the further network, and obtain a new subscriber profile. This subsequently allows the device to communicate with the wireless telecommunication network as desired.
  • the term‘new subscriber profile’ as used herein may refer to an initial provisioning profile, or a full Issuer Security Domain Profile (ISD-P).
  • MNOs mobile network operators
  • the method comprises the subscriber profile management system choosing a subscription for the device automatically. This allows the device access to the wireless telecommunication network automatically, with no input required from the device operator.
  • the method comprises transmitting information relating to a plurality of subscriptions to the device using the further network. This may allow a user to choose which subscription is desired on initial provisioning.
  • the device may then transmit information relating to a chosen subscription to the subscriber profile management system using the further network.
  • the further network recited above could comprise any network able to provide connectivity to the subscriber profile management system. Typically the subscriber profile management system would be connected to the Internet and thus the further network need itself only provide a connection to the Internet.
  • the further network could comprise any access network, for example, Bluetooth, WiFi or even a wired networks like a Point to Point Protocol (PPP) over a Universal Asynchronous Receiver-Transmitter (UART).
  • PPP Point to Point Protocol
  • UART Universal Asynchronous Receiver-Transmitter
  • the further network comprises a Wi-Fi network. This is advantageous as many loT devices will be provided with Wi-Fi connectivity capability in addition to the cellular network connectivity described herein.
  • the first mobile unit comprises an eUICC. This could be a hardware or software eUICC.
  • said wireless telecommunication network comprises a cellular communication network, e.g. an LTE network - e.g one that supports NB- loT.
  • the method comprises the device communicating with the subscriber profile management system in order to manage subscriptions after the initial connection.
  • Fig. 1 is a schematic diagram of a known device and network configuration
  • Fig. 2 is a simplified schematic diagram of an eUICC and its security components
  • Fig. 3 is a known remote provisioning method for switching a device’s mobile network operator
  • Fig. 4 is a schematic diagram of a device and network configuration in accordance with an embodiment of the present invention.
  • a conventional Universal Integrated Circuit Card (UICC) is typically used to enable a host device to communicate with a mobile telecommunications network.
  • UICC Universal Integrated Circuit Card
  • a UICC used for such purposes will run a Subscriber Identity Module (SIM) application, which contains the relevant profile and unique identification data for establishing communication with the network. This data is present on a UICC upon purchase, and can not be changed.
  • SIM Subscriber Identity Module
  • eUICC embedded Universal Integrated Circuit Card
  • FIG. 1 shows a highly simplified schematic diagram of a prior art device and network configuration that allows a device to initialise a subscription with a mobile network operator.
  • a device 100 comprising an eUICC 102, is initially sold with the required provisioning profile for connection with a Mobile Network Operator (MNO) 108.
  • MNO Mobile Network Operator
  • This profile allows for communication between the device 100 and the subscription manager 110, in order to activate a pre-installed, or download a new ISD-P relating to a subscription for the device.
  • This ISD-P comprises unique identification information for the device’s
  • the subscription manager comprises a Subscription Manager - Secure Routing module 1 12 (SM-SR), and a Subscription Manager - Data
  • Preparation module 1 14 (SM-DP).
  • the subscription manager 110 oversees identification and management of a specific subscription for a particular device. This is done regardless of the MNO for which the subscription is intended.
  • the SM-DP 1 14 is the entity which a MNO 108 uses to securely encrypt its operator credentials to a particular profile, and the SM-SR is the entity that delivers the encrypted details to the device 100, and manages them thereafter.
  • the eUICC 102 may be seen in more detail, albeit still in simplified schematic form.
  • the eUICC 102 comprises a plurality of Issuer Security Domain Profiles (ISD-P) 202, 204, an Issuer Security Domain Root (ISD-R) 206, and an eUICC Controlling Authority Security Domain (ECASD) 208.
  • ISD-P Issuer Security Domain Profiles
  • ISD-R Issuer Security Domain Root
  • ECASD eUICC Controlling Authority Security Domain
  • An ISD-P 202, 204 encapsulates the profile of a specific subscription from a specific MNO 108 and implements the profile management interface towards the SM-DP 114.
  • at least one ISD-P 202 containing a provisioning profile for communication with an MNO 108 is factory provisioned into the eUICC 102. This enables a network connection from the factory, but also requires the manufacturer of the device (comprising the eUICC 102) to have a contractual agreement with the MNO 108.
  • the device 100 can attempt to connect to the MNO 108 using an initial provisioning profile. Providing it is in range of an appropriate cellular base station 104, the device 100 connects to the cellular base station 104, which may be, for example, a Long Term Evolution (LTE) eNodeB. Once the device 100 is connected to the base station 104, the unique provisioning profile information is passed to the subscription manager 110, via the MNO 108 and the internet 106. Once the network subscription manager 1 10 has approved the provisioning profile identification, the device may then request activation of a pre-installed ISD-P 202, 204, or request to download a new one. Once activated, the device 100 can communicate freely with the network under the terms of the subscription agreement tied to the activated ISD-P 202, 204.
  • LTE Long Term Evolution
  • the device 100 comprising the eUICC 102 may wish to switch profiles, for example by changing MNO, or changing the subscription. Therefore, the eUICC 102 may have multiple ISD-Ps 202, 204 during its lifespan, with only one enabled at any instant.
  • the ISD-P 202, 204 provides access and protection to the profile that it encapsulates, and each specific profile is uniquely identified with the Integrated Circuit Card ID (ICCID).
  • ICCID Integrated Circuit Card ID
  • the ISD-P 202, 204 remains associated with the ISD-R 206 during the lifetime of the eUICC 102.
  • the ISD-R 206 is factory provisioned into the eUICC 102, and implements the platform management interface towards the SM-SR 112. This enables the device 100 comprising the eUICC 102 to have direct communication with the network 108. Furthermore, the ISD-R 206 also provides transport for any profile managing that the eUICC 100 performs. For example, the eUICC 102 may attempt to download a further profile from a mobile network operator (MNO), and this is handled by the ISD-R 206. The ISD-R 206 manages any memory and resources that an ISD-P 202, 204 may require, as well as creating the security domain for the ISD-P 202, 204.
  • MNO mobile network operator
  • the ECASD 208 encapsulates and protects the identity and authenticity of the eUICC 102.
  • the ECASD 206 is factory provisioned into the eUICC 102 with an eUICC Identifier (EID), a public certificate and a private key to authenticate the eUICC 102.
  • EID eUICC Identifier
  • key agreement and signature algorithms are also factory provisioned into the eUICC 102.
  • the ECASD 208 remains associated with the ISD-R 206 during the lifespan of the eUICC 102, and serves as the root of all trust for all entities within the eUICC 102.
  • the ECASD 208 is involved in key establishment with the SM-SR 1 12 and SM-DP 114.
  • the ECASD 208 is only accessible via the ISD-R 206.
  • the device undertakes a process as described below with reference to Fig. 3, in order to obtain a new subscription profile, and potentially to communicate with a different MNO.
  • Fig. 3 shows a simplified schematic implementation of a prior art method from the GSMA standard, Remote Provisioning Architecture for Embedded UICC Technical Specification. This method provides a way of enabling a device to have a series of subscriptions throughout its lifetime. These subscriptions can be remotely managed. Subscription management includes the ability to download new subscriptions, delete old ones, and enable or disable existing subscriptions.
  • a device 302 is sold that comprises an eUICC 306, with an initial provisioning profile. Once initialised, this device can communicate with a first MNO 310 using a now activated ISD-P 308 as described above.
  • a subscription manager 312 comprising a SM-SR 314 and a SM-DP 316 verifies the profile, identification and subscription of the initial ISD-P 308 during communication of the device 304 with the first MNO 310.
  • a user 302 may decide to switch subscription, or MNO.
  • This request is input into the device 304, and communicated to the first MNO 310 and subscription manager 312.
  • the subscription manager 312 can then create a new, second ISD-P 320 for the device via the SM-SR 314.
  • the second ISD-P 320 is then downloaded to the device 304, and stored in the eUICC 306.
  • Fig. 4 shows a highly simplified schematic diagram of a device and network configuration in accordance with an embodiment of the present invention that allows a device to obtain an initial provisioning profile and/or ISD-P for
  • a device 400 comprising an eUICC 402 is sold with no initial provisioning profile or ISD-P. This means that there is no unique subscription for the device 400 and thus the device 400 cannot connect to a mobile network.
  • the device 400 In order to establish communication with a mobile network, the device 400 first connects to a further network, such as a Wi-Fi network 406 in this case.
  • This Wi-Fi network 406 is connected to the internet 408.
  • the device 400 can connect to a plurality of MNOs 410, 412, and a subscription manager 414, in order to issue a provisioning request.
  • the subscription manager can then issue a new provisioning profile, and/or a new ISD- P to the device, via the internet 408 and Wi-Fi network 406, which includes a unique identifier for the device.
  • the subscription manager 414 may choose an appropriate ISD-P for the device, and activate it immediately to allow the device to communicate with the network.
  • the subscription manager may provide the device with a plurality of subscription options. The device operator can then choose which MNO he/she wishes to register the device 400 with, and which specific subscription package they would like. Once selected, the device 400 can communicate the selection to the subscription manager 414, and establish a more permanent method of communication with the selected MNO 410, 412, via a cellular base station 404, as is described above with reference to Fig. 2.
  • the device 400 may communicate with the subscription manager 414 via the Wi-Fi network 406, rather than the standard mobile network, in order to manage any subscriptions after the initial subscription has been set up - e.g. to download and activate a new ISD-P.
  • An advantage of the system described herein is that no extension of the existing interfaces is required. It is required by the eUICC standard that the intrinsic security of each realm and the data exchanged between them must be protected. Quoting from the standard:“Any communication between two security realms of the eUICC ecosystem shall be origin authenticated (mutual authentication), as well as integrity- protected and, unless otherwise specified... confidentiality protected”. In order for this to take place, Public Key Infrastructure is used for mutual authentication and key establishment. Advanced Encryption Standard (AES) is used for encryption.
  • AES Advanced Encryption Standard
  • the ECASD within the eUICC 402 is provisioned to use Elliptic Curve cryptography Key Arrangement (ECKA), and Elliptic Curve cryptography Digital Signature Algorithm (ECDSA).
  • Transport Layer Security (TLS) is used for application protocols, where applicable, for communication between on-card and off-card components. Defining clear role definitions, access rights, privileges and security realms is crucial to good security.
  • the eUICC specification mentioned above clearly defines domains within the eUICC, their access and roles, as well as specifying key sizes and other interface requirements. For example, there is no access of data between ISD-Ps.

Abstract

A method of connecting an unprovisioned first mobile unit (400) to a wireless telecommunication network comprising a plurality of base stations (404) and a plurality of further mobile units. The base stations (404) are connected to a network infrastructure that includes a subscriber profile management system (414) that stores a plurality of subscriber profiles, including unique identifiers associated with each of said further mobile units. The method comprises: establishing a connection from said first mobile unit to a further network (406), separate from said wireless telecommunication network; said first mobile unit (400) issuing a subscription access request over said further network (406) to said subscriber profile management system (414); said subscriber profile management system (414) issuing a subscriber profile for said wireless telecommunication network including a unique identifier for said first mobile unit (400); communicating said new subscriber profile to said first mobile unit (400) using said further network (406); and said further mobile unit (400) using said subscriber profile to connect to one of said base stations (404) using said wireless telecommunication network.

Description

Subscriber Access to Wireless Networks
Technical Field
The present invention relates to the establishment and/or management of connections to a wireless network such as a cellular data network.
Background
Access to public cellular data networks is based on the ability for the network to recognise the identity of devices which are seeking to connect to it and to associate that identity with a profile or subscription information held on a suitable database. This information can then be used, for example, to direct PSTN voice calls to the device when its telephone number is dialled, and for billing the owner of the device for network services used.
Conventionally, the information used to identify a device is provided on what is commonly known as a Subscriber Identity Module (SIM) card, but now more accurately referred to as a Universal Integrated Circuit Card (UICC) which is a physical removable‘smart’ card provided by a Mobile Network Operator (MNO) and inserted into a slot in the device, typically when the device is first purchased or when a new contract is entered into - e.g. with a different MNO. A UICC comprises a CPU and a small amount of memory, and can run various applications. One of which is a SIM application, which performs the functions of a SIM card.
The system for identifying devices, which is regulated by standards drawn up by the Groupe Special Mobile Association (GSMA), was originally designed for managing cellular telephones which are typically relatively high value devices, purchased individually by users and carried with them. In more recent years, as network capabilities have increased, the wireless data connections to the Internet that they offer have taken on greater importance. It is now common for other devices, which require only a data connection to the internet, to access cellular networks too, and thus they too must be provided with a removable UICC in order to permit this.
Since a removable UICC uniquely identifies a single subscription, the only way to change the subscription is to remove the UICC and insert a new one. However, as the number and application of connected devices grows, as part of the development of the‘Internet of Things’ (loT), the limitations imposed by the need to have a physical card to provide identify information has become more of a hindrance to the adoption of new technologies.
One growing application for loT devices is in distributed sensor networks. Having a large number of autonomous, connected sensor devices can offer a big
improvement in efficiency by reducing the need for expensive periodic and timely manual inspections. This is particularly the case where it is desired to monitor harsh environments, such as those that are normally not considered safe for humans. Connected sensors that allow for such remote monitoring, inspection and predictive maintenance, often need to be installed at relatively inaccessible locations, typically outdoor areas, but be connected to the Internet. It may be seen that using a cellular data network will often provide the most appropriate access technology in terms of range, data rate etc. for many such use cases. However, use of a physical UICC to get access to the network may pose other challenges.
One challenge is that many loT devices such as remote sensors are designed to be small so that the physical size of the UICC, albeit reduced in recent years, may still limit the achievable size of these devices. Another is that the use of cellular networks for loT is evolving both in terms of technology (LTE-M, NB-loT), and in term of business models. The existing models of pricing and subscriptions may not apply to loT use cases. For example locking a device to one operator may be detrimental for device manufacturers, users or both. In light of this, the need to exchange a physical card in order to change a service provider, thereby negating the benefit of having remote sensors, could be a significant disadvantage.
It has also been appreciated that in contrast with a smartphone model, in which a subscriber would have a single device transferring relatively large amounts of data, in an loT remote sensor deployment there could be hundreds or thousands of devices, each of which only may send very small amounts of data sporadically. Billing a user for small amounts of data for each of a large number of devices is unmanageable and inconvenient for the user as well the network operator. Hence a newer pricing and subscription management model is needed. Moreover there is a need to be able to add new devices regularly (either for expansion or replacement) and to be able easily to change ownership or management of sensors - e.g. as part of a resale of services and/or properties.
In view of the above considerations, the embedded UICC (eUICC) has been developed and is also the subject of a GSMA standard, Remote Provisioning Architecture for Embedded UICC Technical Specification. In contrast to the physical cards discussed above, an eUICC is not detachable from the device but rather is integrated in the device at the time of manufacture. However rather than the eUICC being fixed to a single unique subscription, it can adopt new subscription
information which offers the ability to manage and change the subscription of the device remotely. This addresses many of the difficulties outlined above. It also allows, for example, the ability to switch profiles based on location, to get better services and/or more attractive pricing, in use cases such as connectivity in smart cars or tracking devices.
When a device incorporating an eUICC is manufactured, the eUICC is provided with an initial provisioning profile. As defined in GSMA standard, this allows the device to make a first connection to the cellular network in order that it can be registered. The initial provisioning profile serves only the purpose of providing initial internet connection to the Subscription Manager-Secure Routing (SM-SR). This profile is prohibited to be used for any other purpose. Thereafter, the device can be provided with a more permanent profile for accessing the network, albeit one that can be remotely managed as described above.
The Applicant has realised however that the existing system for provisioning devices with eUICCs has some drawbacks, particularly that in order to provide an initial provisioning profile at manufacture stage, it is necessary for a manufacturer to pre-select a MNO (and possibly therefore a geographic area in which it can be used) and to have an agreement in place with that MNO.
Summary
When viewed from a first aspect the present invention provides a method of connecting an unprovisioned first mobile unit to a wireless telecommunication network comprising a plurality of base stations and a plurality of further mobile units, the base stations being connected to a network infrastructure including a subscriber profile management system comprising storage having stored thereon a plurality of subscriber profiles including unique identifiers associated with each of said further mobile units, the method comprising:
establishing a connection from said first mobile unit to a further network, separate from said wireless telecommunication network;
said first mobile unit issuing a subscription access request over said further network to said subscriber profile management system;
said subscriber profile management system issuing a subscriber profile for said wireless telecommunication network including a unique identifier for said first mobile unit;
communicating said new subscriber profile to said first mobile unit using said further network; and
said first mobile unit using said subscriber profile to connect to one of said base stations using said wireless telecommunication network.
Thus it will be seen by those skilled in the art that in accordance with the invention an mobile unit can connect to a subscriber profile management system without having to do so via the wireless telecommunication network (typically a cellular network). This makes it possible to circumvent the typical requirement of cellular networks that a mobile unit cannot connect to a base station without a valid profile. Thus it provides, for example, a way for an unprovisioned mobile unit to connect to the network without requiring an initial provisioning profile. The device can communicate with the subscriber profile management system, unconventionally, via the further network, and obtain a new subscriber profile. This subsequently allows the device to communicate with the wireless telecommunication network as desired. It will be understood by those skilled in the art that the term‘new subscriber profile’ as used herein may refer to an initial provisioning profile, or a full Issuer Security Domain Profile (ISD-P).
This may provide a number of advantages, particularly in the loT context mentioned above. It allows, for example, a device manufacturer to produce devices which can be used in any jurisdiction, without any pre-existing arrangements with mobile network operators (MNOs), or can be easily moved between MNOs or jurisdictions without requiring any physical interaction with the device. This is advantageous where the device is one of a large number dispersed widely and/or remotely, and otherwise designed (e.g. with appropriate battery life or other power source) not to require physical attendance thereto.
In a set of embodiments the method comprises the subscriber profile management system choosing a subscription for the device automatically. This allows the device access to the wireless telecommunication network automatically, with no input required from the device operator.
In an alternate set of embodiments, the method comprises transmitting information relating to a plurality of subscriptions to the device using the further network. This may allow a user to choose which subscription is desired on initial provisioning.
The device may then transmit information relating to a chosen subscription to the subscriber profile management system using the further network.
The further network recited above could comprise any network able to provide connectivity to the subscriber profile management system. Typically the subscriber profile management system would be connected to the Internet and thus the further network need itself only provide a connection to the Internet. The further network could comprise any access network, for example, Bluetooth, WiFi or even a wired networks like a Point to Point Protocol (PPP) over a Universal Asynchronous Receiver-Transmitter (UART). In a set of embodiments the further network comprises a Wi-Fi network. This is advantageous as many loT devices will be provided with Wi-Fi connectivity capability in addition to the cellular network connectivity described herein.
In a set of embodiments the first mobile unit comprises an eUICC. This could be a hardware or software eUICC.
In a set of embodiments said wireless telecommunication network comprises a cellular communication network, e.g. an LTE network - e.g one that supports NB- loT.
In a set of embodiments the method comprises the device communicating with the subscriber profile management system in order to manage subscriptions after the initial connection. Brief description of the drawings
Certain embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings in which:
Fig. 1 is a schematic diagram of a known device and network configuration;
Fig. 2 is a simplified schematic diagram of an eUICC and its security components; Fig. 3 is a known remote provisioning method for switching a device’s mobile network operator; and
Fig. 4 is a schematic diagram of a device and network configuration in accordance with an embodiment of the present invention.
Detailed description of the drawings
A conventional Universal Integrated Circuit Card (UICC) is typically used to enable a host device to communicate with a mobile telecommunications network. A UICC used for such purposes will run a Subscriber Identity Module (SIM) application, which contains the relevant profile and unique identification data for establishing communication with the network. This data is present on a UICC upon purchase, and can not be changed.
Recently, a new type of UICC has been developed, known as an embedded Universal Integrated Circuit Card (eUICC). This is typically a physical chip embedded into a host device that performs the functions of a classical UICC, and is provided with an initial profile upon sale of the device. eUICCs are commonly used in cases where physical replacement of a UICC e.g. to use the device with a new subscription is not feasible.
When using a standard UICC, if a user wishes to switch subscription or mobile network operator, a new UICC is obtained, and placed in the host device. However, this is not achievable with an eUICC. Therefore, a method is employed that allows the eUICC to download and activate a new profile, potentially from a new mobile network operator, directly from the network that it is currently connected to.
However, an initial profile is still required in order to have communication with the network upon initialisation of the device. Fig. 1 shows a highly simplified schematic diagram of a prior art device and network configuration that allows a device to initialise a subscription with a mobile network operator. A device 100, comprising an eUICC 102, is initially sold with the required provisioning profile for connection with a Mobile Network Operator (MNO) 108. This profile allows for communication between the device 100 and the subscription manager 110, in order to activate a pre-installed, or download a new ISD-P relating to a subscription for the device.
This ISD-P comprises unique identification information for the device’s
subscription, together with initial subscription information for the network, which is managed by a subscription manager 110 which is a common entity connected to the network. The subscription manager comprises a Subscription Manager - Secure Routing module 1 12 (SM-SR), and a Subscription Manager - Data
Preparation module 1 14 (SM-DP). The subscription manager 110 oversees identification and management of a specific subscription for a particular device. This is done regardless of the MNO for which the subscription is intended. The SM-DP 1 14 is the entity which a MNO 108 uses to securely encrypt its operator credentials to a particular profile, and the SM-SR is the entity that delivers the encrypted details to the device 100, and manages them thereafter.
With further reference to Fig. 2 the eUICC 102 may be seen in more detail, albeit still in simplified schematic form. The eUICC 102 comprises a plurality of Issuer Security Domain Profiles (ISD-P) 202, 204, an Issuer Security Domain Root (ISD-R) 206, and an eUICC Controlling Authority Security Domain (ECASD) 208.
An ISD-P 202, 204 encapsulates the profile of a specific subscription from a specific MNO 108 and implements the profile management interface towards the SM-DP 114. Typically, at least one ISD-P 202 containing a provisioning profile for communication with an MNO 108 is factory provisioned into the eUICC 102. This enables a network connection from the factory, but also requires the manufacturer of the device (comprising the eUICC 102) to have a contractual agreement with the MNO 108.
The device 100, once initialised, can attempt to connect to the MNO 108 using an initial provisioning profile. Providing it is in range of an appropriate cellular base station 104, the device 100 connects to the cellular base station 104, which may be, for example, a Long Term Evolution (LTE) eNodeB. Once the device 100 is connected to the base station 104, the unique provisioning profile information is passed to the subscription manager 110, via the MNO 108 and the internet 106. Once the network subscription manager 1 10 has approved the provisioning profile identification, the device may then request activation of a pre-installed ISD-P 202, 204, or request to download a new one. Once activated, the device 100 can communicate freely with the network under the terms of the subscription agreement tied to the activated ISD-P 202, 204.
After this initial connection is in place, the device 100 comprising the eUICC 102 may wish to switch profiles, for example by changing MNO, or changing the subscription. Therefore, the eUICC 102 may have multiple ISD-Ps 202, 204 during its lifespan, with only one enabled at any instant. The ISD-P 202, 204 provides access and protection to the profile that it encapsulates, and each specific profile is uniquely identified with the Integrated Circuit Card ID (ICCID). The ISD-P 202, 204 remains associated with the ISD-R 206 during the lifetime of the eUICC 102.
The ISD-R 206 is factory provisioned into the eUICC 102, and implements the platform management interface towards the SM-SR 112. This enables the device 100 comprising the eUICC 102 to have direct communication with the network 108. Furthermore, the ISD-R 206 also provides transport for any profile managing that the eUICC 100 performs. For example, the eUICC 102 may attempt to download a further profile from a mobile network operator (MNO), and this is handled by the ISD-R 206. The ISD-R 206 manages any memory and resources that an ISD-P 202, 204 may require, as well as creating the security domain for the ISD-P 202, 204.
The ECASD 208 encapsulates and protects the identity and authenticity of the eUICC 102. The ECASD 206 is factory provisioned into the eUICC 102 with an eUICC Identifier (EID), a public certificate and a private key to authenticate the eUICC 102. In order for this authentication and other secure processes to occur, key agreement and signature algorithms are also factory provisioned into the eUICC 102. The ECASD 208 remains associated with the ISD-R 206 during the lifespan of the eUICC 102, and serves as the root of all trust for all entities within the eUICC 102. Of course, the ECASD 208 is involved in key establishment with the SM-SR 1 12 and SM-DP 114. The ECASD 208 is only accessible via the ISD-R 206.
If and/or when the device owner decides to change the device’s subscription, the device undertakes a process as described below with reference to Fig. 3, in order to obtain a new subscription profile, and potentially to communicate with a different MNO.
Fig. 3 shows a simplified schematic implementation of a prior art method from the GSMA standard, Remote Provisioning Architecture for Embedded UICC Technical Specification. This method provides a way of enabling a device to have a series of subscriptions throughout its lifetime. These subscriptions can be remotely managed. Subscription management includes the ability to download new subscriptions, delete old ones, and enable or disable existing subscriptions.
Initially, a device 302 is sold that comprises an eUICC 306, with an initial provisioning profile. Once initialised, this device can communicate with a first MNO 310 using a now activated ISD-P 308 as described above. A subscription manager 312 comprising a SM-SR 314 and a SM-DP 316 verifies the profile, identification and subscription of the initial ISD-P 308 during communication of the device 304 with the first MNO 310.
After some time, a user 302 may decide to switch subscription, or MNO. This request is input into the device 304, and communicated to the first MNO 310 and subscription manager 312. The subscription manager 312 can then create a new, second ISD-P 320 for the device via the SM-SR 314. The second ISD-P 320 is then downloaded to the device 304, and stored in the eUICC 306.
The eUICC 306 then disables the initial ISD-P 308, and enables the second ISD-P 320. It is thus ensured that only one profile is enabled at any one time. Confirmation of this switch in ISD-P is communicated to the subscription manager 312. The device 304 can then use the second ISD-P 320 to communicate with a second MNO 318. Fig. 4 shows a highly simplified schematic diagram of a device and network configuration in accordance with an embodiment of the present invention that allows a device to obtain an initial provisioning profile and/or ISD-P for
communication with a cellular network. A device 400, comprising an eUICC 402, is sold with no initial provisioning profile or ISD-P. This means that there is no unique subscription for the device 400 and thus the device 400 cannot connect to a mobile network.
In order to establish communication with a mobile network, the device 400 first connects to a further network, such as a Wi-Fi network 406 in this case. This Wi-Fi network 406 is connected to the internet 408. Through the Wi-Fi network 406, and the internet 408, the device 400 can connect to a plurality of MNOs 410, 412, and a subscription manager 414, in order to issue a provisioning request. The
subscription manager can then issue a new provisioning profile, and/or a new ISD- P to the device, via the internet 408 and Wi-Fi network 406, which includes a unique identifier for the device. The subscription manager 414 may choose an appropriate ISD-P for the device, and activate it immediately to allow the device to communicate with the network. Alternatively, the subscription manager may provide the device with a plurality of subscription options. The device operator can then choose which MNO he/she wishes to register the device 400 with, and which specific subscription package they would like. Once selected, the device 400 can communicate the selection to the subscription manager 414, and establish a more permanent method of communication with the selected MNO 410, 412, via a cellular base station 404, as is described above with reference to Fig. 2.
Should the user decide to switch subscription at some point during the device’s lifetime, but after the initial ISD-P download/activation, the known method of Fig. 3 can be used. Alternatively, the device 400 may communicate with the subscription manager 414 via the Wi-Fi network 406, rather than the standard mobile network, in order to manage any subscriptions after the initial subscription has been set up - e.g. to download and activate a new ISD-P.
An advantage of the system described herein is that no extension of the existing interfaces is required. It is required by the eUICC standard that the intrinsic security of each realm and the data exchanged between them must be protected. Quoting from the standard:“Any communication between two security realms of the eUICC ecosystem shall be origin authenticated (mutual authentication), as well as integrity- protected and, unless otherwise specified... confidentiality protected”. In order for this to take place, Public Key Infrastructure is used for mutual authentication and key establishment. Advanced Encryption Standard (AES) is used for encryption.
The ECASD within the eUICC 402 is provisioned to use Elliptic Curve cryptography Key Arrangement (ECKA), and Elliptic Curve cryptography Digital Signature Algorithm (ECDSA). Transport Layer Security (TLS) is used for application protocols, where applicable, for communication between on-card and off-card components. Defining clear role definitions, access rights, privileges and security realms is crucial to good security. The eUICC specification mentioned above clearly defines domains within the eUICC, their access and roles, as well as specifying key sizes and other interface requirements. For example, there is no access of data between ISD-Ps.
These secure procedures extend to the interfaces between the device 400 and the Wi-Fi network 406, as well as to the interfaces between the Wi-Fi network 406 and the subscription manager(s) 410, 412.
Current standards for communication between the device 400 and the eUICC 402 already have the necessary commands for the eUICC 402 to be able to request a Domain Name Server (DNS) resolution and TCP connection from the device.
Therefore, the eUICC credentials never leave the eUICC 402 in the described embodiments and so these embodiments of the invention which use a separate access medium available on the device for remote provisioning is as secure as using the cellular network that mandates having a provisioning profile.
The secure communication between the eUICC 402 and the device 400 are standardized in the following specifications. http://www.etsi.org/deliver/etsi_ts/l02200_l02299/l02225/l0.00.00_60/ts_l02225v
100000p.pdf http://www.etsi.org/deliver/etsi_ts/l02200_l02299/l02226/l2.00.00_60/ts_l02226v l20000p.pdf

Claims

Claims
1. A method of connecting an unprovisioned first mobile unit to a wireless telecommunication network comprising a plurality of base stations and a plurality of further mobile units, the base stations being connected to a network infrastructure including a subscriber profile management system comprising storage having stored thereon a plurality of subscriber profiles including unique identifiers associated with each of said further mobile units, the method comprising:
establishing a connection from said first mobile unit to a further network, separate from said wireless telecommunication network;
said first mobile unit issuing a subscription access request over said further network to said subscriber profile management system;
said subscriber profile management system issuing a subscriber profile for said wireless telecommunication network including a unique identifier for said first mobile unit;
communicating said new subscriber profile to said first mobile unit using said further network; and
said first mobile unit using said subscriber profile to connect to one of said base stations using said wireless telecommunication network.
2. A method according to claim 1 , further comprising the subscriber profile management system choosing a subscription for the device automatically.
3. A method according to claim 1 , further comprising transmitting information relating to a plurality of subscriptions to the device using the further network.
4. A method according to claim 1 , 2 or 3, wherein the first mobile unit comprises an eUICC.
5. A method according to any preceding claim, wherein the wireless telecommunication network comprises a cellular communication network.
6. A method according to any preceding claim, further comprising the device communicating with the subscriber profile management system in order to manage subscriptions after the initial connection
PCT/EP2019/064103 2018-05-29 2019-05-29 Subscriber access to wireless networks WO2019229188A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB1808715.5 2018-05-29
GBGB1808715.5A GB201808715D0 (en) 2018-05-29 2018-05-29 Subscriber access to wireless networks

Publications (1)

Publication Number Publication Date
WO2019229188A1 true WO2019229188A1 (en) 2019-12-05

Family

ID=62812476

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/064103 WO2019229188A1 (en) 2018-05-29 2019-05-29 Subscriber access to wireless networks

Country Status (2)

Country Link
GB (1) GB201808715D0 (en)
WO (1) WO2019229188A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021173049A1 (en) * 2020-02-26 2021-09-02 Telefonaktiebolaget Lm Ericsson (Publ) Multiple spid configuration

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2680628A1 (en) * 2012-06-27 2014-01-01 Rogers Communications Inc. System and method for remote provisioning of embedded universal integrated circuit cards.
WO2017201756A1 (en) * 2016-05-27 2017-11-30 华为技术有限公司 Method, related device, and system for downloading profile
WO2019042541A1 (en) * 2017-08-30 2019-03-07 Telefonaktiebolaget Lm Ericsson (Publ) Sim provisioning

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2680628A1 (en) * 2012-06-27 2014-01-01 Rogers Communications Inc. System and method for remote provisioning of embedded universal integrated circuit cards.
WO2017201756A1 (en) * 2016-05-27 2017-11-30 华为技术有限公司 Method, related device, and system for downloading profile
EP3445073A1 (en) * 2016-05-27 2019-02-20 Huawei Technologies Co., Ltd. Method, related device, and system for downloading profile
WO2019042541A1 (en) * 2017-08-30 2019-03-07 Telefonaktiebolaget Lm Ericsson (Publ) Sim provisioning

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
GSMA ASSOCIATION: "GSM Association Non-confidential Official Document SGP.02 -Remote Provisioning Architecture for Embedded UICC Technical Specification Remote Provisioning Architecture for Embedded UICC Technical Specification Security Classification: Non-confidential GSM Association Non-confidential Remote Provision", 27 June 2017 (2017-06-27), XP055612942, Retrieved from the Internet <URL:https://www.gsma.com/newsroom/wp-content/uploads//SGP.02_v3.2_updated.pdf> [retrieved on 20190814] *
SAMSUNG ELECTRONICS: "Triggering to make a secure connection between eUICC and PMC holder;SCPREQ(14)000088r3_CR_103_383_Triggering_to_make_a_secure_connection_between_an", ETSI DRAFT; SCPREQ(14)000088R3_CR_103_383_TRIGGERING_TO_MAKE_A_SECURE_CONNECTION_BETWEEN_AN, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI), 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS ; FRANCE, vol. SCP - SCP-WG-R, 27 August 2014 (2014-08-27), pages 1 - 5, XP014189422 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021173049A1 (en) * 2020-02-26 2021-09-02 Telefonaktiebolaget Lm Ericsson (Publ) Multiple spid configuration

Also Published As

Publication number Publication date
GB201808715D0 (en) 2018-07-11

Similar Documents

Publication Publication Date Title
US10694369B2 (en) Profile management method, embedded UICC, and device provided with the embedded UICC
KR102026612B1 (en) Method for Creating Trust Relationship and Embedded UICC
US10285050B2 (en) Method and apparatus for managing a profile of a terminal in a wireless communication system
CA2810360C (en) System and method for remote provisioning of embedded universal integrated circuit cards
US9661666B2 (en) Apparatus and methods of identity management in a multi-network system
CN107431920B (en) Method and apparatus for receiving profile by terminal in mobile communication system
EP3284274B1 (en) Method and apparatus for managing a profile of a terminal in a wireless communication system
US10141966B2 (en) Update of a trusted name list
US9414233B2 (en) Method for managing profile of Embedded UICC, and Embedded UICC, Embedded UICC-equipped terminal, provision method, and method for changing MNO using same
US9521547B2 (en) Method for managing embedded UICC and embedded UICC, MNO system, provision method, and method for changing MNO using same
KR101954450B1 (en) Method for Verification of Embedded UICC using eUICC Certificate, Method for Provisioning and MNO Switching, eUICC, MNO System and recording medium for the same
CN117651271A (en) Method and apparatus for supporting inter-device profile transfer in a wireless communication system
KR101891326B1 (en) Subscription Changing Method for Embedded UICC using Trusted Subscription Manager and Embedded UICC Architecture therefor
US11838752B2 (en) Method and apparatus for managing a profile of a terminal in a wireless communication system
KR101891330B1 (en) Subscription Method for Embedded UICC using Trusted Subscription Manager and Embedded UICC Architecture therefor
US20180124595A1 (en) Method and device for using mobile communication service by changing terminal in mobile communication system
WO2019229188A1 (en) Subscriber access to wireless networks
KR102012340B1 (en) Method and Enbedded UICC for Providing Policy Control Function
JP6640949B2 (en) Connection information transmitting device, method and program
WO2023052245A1 (en) A method of facilitating distribution of a profile to a programmable subscriber identity module, sim, embedded in a node device by a provisioner device, a provisioner device and a system for provisioning a profile to a programmable sim

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19728387

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19728387

Country of ref document: EP

Kind code of ref document: A1