Advertisement

OTA and Secure SIM Lifecycle Management

  • Joos Cadonau
  • Danushka JayasingheEmail author
  • Sheila Cobourne
Chapter

Abstract

In the GSM mobile communication industry, the end-user is referred to as the subscriber and identified in the operator’s network using the Subscriber Identity Module (SIM) . In the third-generation network 3G, the equivalent application is called Universal Subscriber Identity Module (USIM ) card; although by convention we use SIM for both, unless a distinction is needed. A SIM card is a removable smart card for mobile phones. A mobile network operator is a telephone company that provides services for mobile phone subscribers. The SIM card is a managed platform, belonging to the operator’s network. It offers to store operator specific but also subscriber-related data. SIM cards are in use for a long time, compared to the handset and other entities in the network. Therefore, SIM card data—operator or subscriber dependent—changes over time and needs Over-the-Air (OTA) management. Customers cannot be asked to visit an operator shop for data management; Over-the-Air updates using the SMS as a bearer are the only possibility for mass updates. This implies certain security requirements which are specified in the 3GPP/ETSI standards. Also, the current bandwidth offered by SMS limits the range of possible adaptations and requires the mobile network operator to have a flexible Over-the-Air system, adapted to their needs. The Over-the-Air management is only one stage of the SIM life cycle. To be able to launch new services during the life cycle of a SIM card, the whole SIM life cycle has to be planned carefully. There exist systems that support the operator in knowing in real time the status of a SIM card in all phases of the SIM life cycle.

Keywords

Over-the-Air OTA SIM Application Toolkit SAT/STK SIM Lifecycle Management SIM/USIM Card OTA Performance Limitations Public Land Mobile Network PLMN 

References

  1. 1.
    3GPP TS 11.11 Specification of the Subscriber Identity Module - Mobile Equipment (SIM-ME) Interface. More information at http://www.3gpp.org/DynaReport/1111.htm, accessed August 2016.
  2. 2.
    3GPP TS 31.111 Universal Subscriber Identity Module (USIM) Application Toolkit (USAT). More information at http://www.3gpp.org/DynaReport/31111.htm, accessed August 2016.
  3. 3.
    3GPP TS 11.14 Specification of the SIM Application Toolkit (SAT) for the Subscriber Identity Module - Mobile Equipment (SIM-ME) interface. More information at http://www.3gpp.org/DynaReport/1114.htm, accessed August 2016.
  4. 4.
    3GPP TS 03.19 Subscriber Identity Module Application Programming Interface (SIM API) for Java Card. More information at http://www.3gpp.org/DynaReport/0319.htm, accessed August 2016.
  5. 5.
    3GPP TS 31.130 (U)SIM Application Programming Interface (API); (U)SIM API for Java Card (TM). More information at http://www.3gpp.org/DynaReport/31130.htm, accessed August 2016.
  6. 6.
    3GPP TS 03.48 Security mechanisms for SIM application Toolkit; Stage 2. More information at http://www.3gpp.org/DynaReport/0348.htm, accessed August 2016.
  7. 7.
    GlobalPlatform Card Specifications. More information at http://www.globalplatform.org/specificationscard.asp, accessed August 2016.
  8. 8.
    3GPP TS 31.103 Characteristics of the IP Multimedia Services Identity Module (ISIM) application. More information at http://www.3gpp.org/DynaReport/31103.htm, accessed August 2016.
  9. 9.
    3GPP TS 23.048 Security mechanisms for the (U)SIM application toolkit; Stage 2. More information at http://www.3gpp.org/DynaReport/23048.htm, accessed August 2016.
  10. 10.
    ETSI TS 102 221 Smart Cards; UICC-Terminal interface; Physical and logical characteristics. More information at http://www.etsi.org/deliver/etsi_ts/102200_102299/102221/08.02.00_60/ts_102221v080200p.pdf, accessed August 2016.
  11. 11.
    3GPP TS 31.102 Characteristics of the Universal Subscriber Identity Module (USIM) application. More information at http://www.3gpp.org/DynaReport/31102.htm, accessed August 2016.
  12. 12.
    3GPP TS 51.011 Specification of the Subscriber Identity Module - Mobile Equipment (SIM-ME) interface. More information at http://www.3gpp.org/DynaReport/51011.htm, accessed August 2016.
  13. 13.
    ETSI TS 102 241 Smart Cards; UICC Application Programming Interface (UICC API) for Java Card (TM). More information at http://www.etsi.org/deliver/etsi_ts/102200_102299/102241/09.01.00_60/ts_102241v090100p.pdf, accessed August 2016.
  14. 14.
    ETSI TS 102 124 Smart Cards; Transport Protocol for UICC based applications; Stage 1. More information at http://www.etsi.org/deliver/etsi_ts/102100_102199/102124/06.01.00_60/ts_102124v060100p.pdf, accessed August 2016.
  15. 15.
    ETSI TS 102 127 Smart Cards; Transport Protocol for CAT applications; Stage 2. More information at http://www.etsi.org/deliver/etsi_ts/102100_102199/102127/06.06.00_60/ts_102127v060600p.pdf, accessed August 2016.
  16. 16.
    Smart Card Web Server: How to bring operators applications and services to the mass market, SIMAlliance, http://simalliance.org/wp-content/uploads/2015/03/WP_SIMallianceSCWS_Feb09_Final.pdf, accessed August 2016.
  17. 17.
    Smart Card Web Server Stepping Stones, OMA, SIMAlliance, http://simalliance.org/wp-content/uploads/2015/03/SCWS_SteppingStones_2009_v1.0.01.pdf, accessed August 2016.
  18. 18.
  19. 19.
    Interoperability Stepping Stones Release 7, SIMAlliance, http://simalliance.org/wp-content/uploads/2015/06/SteppingStones_R7_v100.pdf, accessed August 2016.
  20. 20.
    Remote Provisioning Architecture for Embedded UICC Technical Specification, Version 3.1, 27 May 2016, http://www.gsma.com/connectedliving/wp-content/uploads/2016/07/SGP.02_v3.1.pdf, accessed August 2016.

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Joos Cadonau
    • 1
  • Danushka Jayasinghe
    • 2
    Email author
  • Sheila Cobourne
    • 2
  1. 1.iQuest Schweiz AGFrankfurt am MainGermany
  2. 2.Smart Card Centre, Information Security GroupRoyal Holloway, University of LondonEghamUK

Personalised recommendations