没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
GSM Association Non-confidential
Official Document SGP.01 - Embedded SIM Remote Provisioning Architecture
V2.0 Page 1 of 85
Embedded SIM Remote Provisioning Architecture
Version 2.0
30 January 2014
This is a Non-binding Permanent Reference Document of the GSMA
Security Classification: Non-confidential
Access to and distribution of this document is restricted to the persons permitted by the security classification. This document is confidential to the
Association and is subject to copyright protection. This document is to be used only for the purposes for which it has been supplied and
information contained in it must not be disclosed or in any other way made available, in whole or in part, to persons other than those permitted
under the security classification without the prior written approval of the Association.
Copyright Notice
Copyright © 2014 GSM Association
Disclaimer
The GSM Association (“Association”) makes no representation, warranty or undertaking (express or implied) with respect to and does not accept
any responsibility for, and hereby disclaims liability for the accuracy or completeness or timeliness of the information contained in this document.
The information contained in this document may be subject to change without prior notice.
Antitrust Notice
The information contain herein is in full compliance with the GSM Association’s antitrust compliance policy.
Remote Provisioning Architecture for Embedded UICC
GSM Association Confidential
V1.0 Page 2 of 85
Table of Contents
1 Introduction 4
1.1 Overview 4
1.2 Scoping the Problem 4
1.3 Document Purpose 4
1.4 Intended Audience 5
1.5 Definition of Terms 5
1.6 Abbreviations 8
1.7 References 9
2 Basic Principles and Assumptions 10
2.1 Basic Principles 10
2.2 General Assumptions 11
2.2.1 Use of Existing Standards 11
2.2.2 Machine to Machine Device Impact 11
2.2.3 Security 11
2.2.4 Regulatory 12
2.3 The eUICC Ecosystem 12
2.3.1 Roles and Entities 12
2.4 The eUICC 16
2.4.1 Profiles 17
2.4.2 Policies & Policy Control 18
3 Architecture 19
3.1 Architecture Diagram 19
3.2 Card Architecture 19
3.2.1 Security Domains 19
3.2.2 Card Architecture 20
3.2.3 State Diagram for an ISD-P 22
3.3 Relevant Roles and Functions 23
3.3.1 Functions Definition 23
3.3.2 Assignment of Functions to Relevant Actors and Roles 27
3.4 Profile Description 27
3.4.1 General Content of a Profile Installed on an eUICC 27
3.4.2 Access to the Content of a Profile 27
3.5 Procedures 28
3.5.1 eUICC Registration at SM-SR 29
3.5.2 Un-personalised Profile Verification (Proprietary) 30
3.5.3 Profile Ordering (Proprietary) 30
3.5.4 Profile Download and Installation 31
3.5.5 Master Delete 34
3.5.6 Profile Enabling 36
3.5.7 Profile Enabling via SM-DP 38
3.5.8 Profile Disabling 39
3.5.9 ISD-P Deletion 41
Remote Provisioning Architecture for Embedded UICC
GSM Association Confidential
V1.0 Page 3 of 85
3.5.10 ISD-P Deletion via SM-DP 42
3.5.11 SM-SR Change 43
3.5.12 ISD-P Key Establishment Procedure 45
3.5.13 Fall-Back Mechanism 45
3.5.14 eUICC Certificate Verification 45
3.6 Policy Control 47
3.6.1 Overview Diagram of Rule Management System 47
3.6.2 Policy Rules Management 47
3.6.3 Policy Control Mechanism 48
4 Security Model: Threats Analysis & Risk Assessment Model 51
4.1 Security Challenges 51
4.2 Security Analysis Methodology 51
4.3 Aim of the Security Realm Approach 52
4.4 Security Requirements 53
4.4.1 General Security Requirements 54
4.4.2 Security Realms Requirements 55
4.4.3 eUICC Requirements 55
4.4.4 SM-SR and SM-DP Requirements 56
4.4.5 Machine to Machine Device Requirements 57
4.4.6 Policy Control Function 57
4.5 Security Architecture 58
4.5.1 Secure Download and Installation of a Profile 58
4.5.2 Mutual Authentication 60
Annex A Interfaces 61
Annex B Risk Matrix (Informative) 63
Annex C List of Sensitive Assets (Informative) 2
Annex D Additional Information Related to Section 4.5 (Informative) 4
D.5 Mutual Authentication Binding to a SOA Environment 8
Annex E Flowcharts for basic remote Provisioning events (Informative) 9
Annex F Profile Creation, Ordering and Personalisation (Informative) 20
Document Management 21
Document History 21
Other Information 21
Remote Provisioning Architecture for Embedded UICC
GSM Association Confidential
V1.0 Page 4 of 85
1 Introduction
1.1 Overview
Many machine-to-machine Devices will not be easily reachable for the purpose of
Provisioning a Subscription. This will require a new solution to accommodate this special
situation.
The requirement is to define a mechanism for ‘over the air’ remote Provisioning of machine-
to-machine Devices with the necessary credentials to gain mobile network access, under
the assumption that the same or similar authentication protocols as today will be used. The
MNO will have to be able to respond to requests to change Subscription (contract) from one
MNO A to a different MNO B, without having physical access to the Embedded UICC in the
Device in question.
This document describes an architecture which, when implemented, will enable remote
Provisioning and Subscription management, while at the same time maintaining at least the
same level of security both for network operators and Customers as present solutions. This
includes the safe keeping of MNO Network Access Credentials, such as keys for
cryptographic functions, and identifiers such as IMSI and other Customer identities used.
1.2 Scoping the Problem
This document addresses:
The Machine-to-Machine use cases as described in GSMA ‘Embedded SIM Task
Force Requirements and Use Cases’ Version 1.0 [1]. This solution is not intended to
apply to traditional consumer telecommunication devices as they are not concerned
with the problem statement above.
Architecture of the remote Provisioning system for Embedded UICCs i.e. its
components and the related interfaces. The GSMA’s Embedded UICC Ecosystem
document [2], and the principles and assumptions stated in section 2 will support its
definition.
Security of the remote Provisioning system for Embedded UICCs.
SM-SR and SM-DP integration options within network infrastructure.
The necessary aspects of the Embedded UICC architecture and its external interface
to ensure compatibility with the GSMA architecture prior to delivery of an ETSI
standard.
The standardisation of the Embedded UICC remote Provisioning architecture where
appropriate.
1.3 Document Purpose
The aim of this document is to define a common global architecture framework to enable the
remote Provisioning and management of the Embedded UICC (eUICC) in machine-to-
machine Devices which are not easily reachable. The adoption of a common architecture
framework will provide a basis for ensuring global interoperability between potentially
different MNO deployment scenarios while utilising a standardised eUICC platform.
This document identifies the individual Roles and the potential Actors as well as the
interfaces between each of the Roles in the architecture.
Remote Provisioning Architecture for Embedded UICC
GSM Association Confidential
V1.0 Page 5 of 85
1.4 Intended Audience
Technical experts working within MNOs, SIM solution providers, machine to machine
Device vendors, standards organisations, network infrastructure vendors, Service Providers
and other industry bodies.
1.5 Definition of Terms
Term
Description
Actor
An actor is a physical entity (person, company or
organisation) that can assume a role in the functional
architecture. It is possible for an actor to assume multiple
Roles in the same functional architecture.
Customer
A paying party, legally responsible juridical person or
entity.
Device
Equipment into which an Embedded UICC and a
communication module are inserted during assembly.
Examples include: Utility meter, car and camera.
Embedded UICC
A UICC which is not easily accessible or replaceable, is
not intended to be removed or replaced in the terminal,
and enables the secure changing of Subscriptions.
Enabled Profile
The state of a Profile when its files and/or applications
(e.g., NAA) are selectable over the UICC-Terminal
interface.
eUICC Certificate
A certificate issued by the EUM for a specific, individual,
eUICC.
This certificate is certified by the EUM Certificate.
eUICC Manufacturer
Supplier of the eUICC modules and resident software
(such as firmware and operating system)
EUM Certificate
A certificate issued to a GSMA accredited EUM to issue
eUICC Certificates.
This certificate is certified by the Root Certificate.
Fall-back Mechanism
eUICC based mechanism which enables the Profile with
Fall-back Attribute set.
Fall-back Attribute
This is an attribute of a Profile which, when set, identifies
the Profile to be enabled by the Fall-back Mechanism.
Only one Profile on the eUICC can have the Fall-back
attribute set at a time.
Form Factor
Manifestation of UICC. Specified in ETSI TS 102 221
[102221] and ETSI TS 102 671 [102671].
Generic Profile
Profile generated by the SM-DP following the MNO’s
specifications, but without the MNO’s credentials and any
specific data linked to the future targeted eUICC.
剩余84页未读,继续阅读
资源评论
云上的天涯
- 粉丝: 0
- 资源: 15
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功