Embed Size (px)
Citation preview
Understanding Telecom SIM and USIM for LTE
By
Ikwe [email protected]
Telecom Revenue Assurance Expert
1
What is a SIM Card?
• SIM or Subscriber Identification Module is a smart card
that is included in every cell phone of the GSM family of
networks
A fully fledge microcomputer with an OS
• UICC stands for Universal Integrated Circuit Cardisa
new generation SIM
Source:3, Java Card 3: Classic Functionality Gets a Connectivity Boost
Ikwe Gideon
Revenue Assurance
More on SIM and SIM Cards
• SIM cards hold subscriber information and memory,for
example for personal directory of numbers
SIM identifies a subscriber via unique International Mobile
Subscriber Identity(IMSI)
>The first 3 digits represent the Mobile Country Code (MCC)
>The next 2 digits represent the Mobile Network Code(MNC)
>The next 10 digits represent the mobile station identification number
• SIM is the application that runs on a SIM Card
SIM is to GSM, what USIM is to UMTS & RUIM/CSIM is to
CDMA
• Today most SIM cards are based on Java Card
Ikwe Gideon
Revenue Assurance
SIM and Smartcard Standards
Source: Gemalto
•ETSI -- Specifications in blue
•3GPP -- Specifications in green and red
Standardsfor:•Toolkit
•File&Auth•APIs•OTA•Smartcards
ISO/IEC 14443 is the international standard for
contactless smart chips and cards that operate(i.e., can be read from or written to) at adistance of less than 10 centimeters (4 inches).This standard operates at 13.56 MHz andincludes specifications for the physicalcharacteristics, radio frequency power andsignal interface, initialization and anti-collisionprotocols and transmission protocol.
ISO/IEC 7816 is the international standard for
contact smart cards. ISO/IEC 7816 Parts 4 andabove are used bybothcontact and contactlesssmart card applications for security operationsand commands for interchange.
Source: Smart Card Alliance
Java Card (classic or 3.0) Applets are built using Java and run in a JCRE
Ikwe Gideon
Revenue Assurance
Next Generation SIM Cards
• Next gen SIMCards integrate with new functionality…
• Mobile Near Field Communication (NFC)
• More advanced Applications
Address book,calendar back-up, messaging, teleconferencing
And file transfers, banking and access control,Web!
• Smart Card Web Server
Web apps running right on SIM Cards! And TCP stacks
• High-capacity SIMcards
More and more memory/capacity
• Multi-Media support (in conjunction w/ browser)
Ikwe Gideon
Revenue Assurance
Overview: Programming SIM Cards
• SIMToolkit
A SIM Toolkit is a data management application(applet) for SIM
cards, part of which is resident inthe SIM card
•Icon, application, settingsandhelp management
•User(simple menus), mobile, networkandcardinteractions
Source: Gemalto
Toolkit
“conversation”
between phone
and Smartcard
Ikwe Gideon
Revenue Assurance
Command APDU Structure
SIM / Smart Card Application Communication
Application Communication Architecture
ResponseAPDU Structure
Ikwe Gideon
Revenue Assurance
Classical Java Card Development
Source: Introductionto Java Card Technology by C. Enrique Ortiz
IDEscan
simplify
thesesteps!
Ikwe Gideon
Revenue Assurance
Java Card 3.0
• Extends(and simplifies) the programming model
• Classic Applets (Java Card 2 limitations apply for theseapplications)
Communication using APDU protocol
Backward compatibility
• Extended AppletsCommunicationusing APDU protocol
Similar to Classic Applets, and can use all the new APIs, likeThreads, Strings, and GCF(Generic Connection Framework)
• Web Enabled!Based on Servlet2.4API
Communication using standard HTTP/HTTPS protocol
HTML, JavaScript, etc. (much richer Uis than prior)
Ikwe Gideon
Revenue Assurance
Java Card 3 Architecture
•All datatypes exceptfloat and double
•Multiple threads
•Directhandlingof class files, withall loading and linking oncard
•All newJava language syntaxconstructs (enums, generics, …)
•Automatic garbage collection
Source -- Java Card 3: ClassicFunctionality Gets a Connectivity Boost by PeterAllenbach
NEW! •Extensive APIsupport(java.lang, java.util, GCF, andsoon)
Ikwe Gideon
Revenue Assurance
Smartcard Web Server
• VeryexcitingandpowerfulSIMcardevolutioninmyopinion!
Ittookmore than10yearsbutwe finallyhaveit!Verypowerful.
• Leveragesthe browseralreadypresentinthe handset to runlocal
webapplicationspreloadedinto the SIM
• Localweb-basedapplicationsare securelystoredinthe SIMcard
andcanbeupdatedremotely
• ServletsframeworkonSIMCards!
Potential Apps:•RichSIMcardapps•On-DeviceSelf-Service•ApplicationManagement•MobilePayments
BestofbothworldsMobileSIM+Web
Source: Gemalto
Source: Gemalto
Ikwe Gideon
Revenue Assurance
Benefits of Smartcard Web Server
• Rich UI and Advanced CapabilitiesAccesstolocation,SMS,serversontheweb,securelocal-storage,personalizedexperience
Call-interceptstoperformactionson-device,forexample helptroubleshootissuesbefore callingthesupportrepresentative
• ManageableSecure,remoteapplicationmanagement
• SIM-card based /On-DeviceWorksConnectedandDisconnected
Secureconnectionsandenvironment
Usesnowirelessresourceswhendoingon-devicewebapps
Accesstoinformationsuchaslocationthatcanhelppersonalizetheexperience
• Easy todeployHighlycustomizableapplication;canbemodifiedasneededandpushtohandsetsinreal-time
BasedonOMAandWebstandards-xHTML,CSS,JavaScript
Ikwe Gideon
Revenue Assurance
Some Challenges
• SIMCard Applicationsstill a niche,controlled by
operators
Butif you have the relationships, it isagoodniche ($)
• Applet development isnot trivial with few experts
Thiscantranslate to opportunitiesforyou!
• Smartcard Web Server requiresnew generation SIM
cards
Thusconversionprocesswillmake adoptionslow&expensive
Expectemergingmarketsadopting first
Ikwe Gideon
Revenue Assurance
Gemalto Toolkit & UpTeq Multimedia SIM Card
Download from: http://developer.gemalto.com/
See http://www.gemalto.com/telecom/upteq/multimedia.html
Toolkit
SmartcardWebServer
Ikwe Gideon
Revenue Assurance
Types of cards
ICC UICC
SIM-- Single IMSI USIM
Dual IMSI CSIM
ISIM
RUIM-- “Single”--CDMA RUIM
“Combo”--CDMA+GSM SIM
Ikwe Gideon
Revenue Assurance
SIM
Subscriber Identity Module
SIM-- Single IMSI
Dual IMSI (Multiple Subscription, Useful for Business needs)
Polarization Mark, Chipset Mark (ID)
SIM card was made in 1991 by Giesecke & Devrien (Munich) to Finnish wireless network operator Radiolinja
Size: 32K,64K and 128K.
Ikwe Gideon
Revenue Assurance
ICCID
• Integrated circuit card identifier (ICC-ID)
• Each SIM is internationally identified by its ICC-ID.
• ICC-IDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalization.
• The ICC-ID is defined by the ITU-T recommendation E.118.
• A 19 digits long including a single check digit calculated using the Luhn algorithm.
• Eg:
• 89 91 15 100 000000011 8
• Tele CC MNC Vendor S.No Checksum
Ikwe Gideon
Revenue Assurance
IMSI
• International Mobile Subscriber Identity
• Unique Value across all the operators through out the globe
• 15- digit number
• Indicates the Home Network of the Subscriber
• All the Subscription details will be saved in the HLR against IMSI
Ikwe Gideon
Revenue Assurance
Types
• Native(old) and Java (For Changing the card Parameters via OTA)
• ID-1: 85.60 mm × 53.98 mm x 0.76 mm
• Permanently fit in End device
• Plug-in
Width: 25mm, Height: 15mm.
• Dual IMSI:
SIM having Multiple Profiles
• Proactive: SIM which can Initiate commands to the ME.
• Use: Sending IMEI or ESN to the network.
Ikwe Gideon
Revenue Assurance
SIM Profile Definition
• One of the first steps the network operator takes when procuring SIM cards is to develop a SIM profile. This is normally done with the help of the SIM supplier. There are two ways this task can be accomplished. First, the network operator can obtain a copy of the GSM 11.11 or 3GPP 51.011 standard (see Appendix C), review each SIM file to determine if it is a required or optional file and decide on the content of each file (this is called “mapping”).
• Alternatively, the network operator can use a template provided by the SIM supplier. Each of the major SIM suppliers has a template. Using the template is a simpler and more efficient method of establishing the SIM profile.
• In setting up the mapping, the network operator will also need to take into account security policy, OTA procedures and SIM Toolkit requirements
SIM Card Mapping
File Structure
• When establishing SIM mapping, the network operator must decide which files will be utilized on the SIM as well as the content of each mandatory and optional file. The content of the files can impact the decision of which size SIM card the network operator requires (8k, 16k, 32k, 64k, 128k, etc.).
List of Files
• The SIM mapping goal is to determine all of the files – Master files (MF), Dedicated Files (DF) and Elementary Files (EF) – that should be present on the SIM after personalization. A list and description of the standardized SIM files can be found in GSM 11.11 and/or 3GPP 51.011.
• The SIM card can be compared to a PC in the file structure set up. The Master Files are like the core software files. The Dedicated Files are like file directories. The Elementary Files are the actual documents or files that hold data. In most SIM reader equipment (provided by SIM manufacturers), the software displays these files much in the same manner that Windows Explorer displays the contents of a PC hard drive. The SIM file structure is illustrated in
Ikwe Gideon
Revenue Assurance
Memory Architecture
Flexible Architecture
Similar to all the types of cards
‘3F': Master File;
‘7F': 1st level Dedicated File;
'5F': 2nd level Dedicated File;
'2F': Elementary File under the Master File;
6F': Elementary File under a 1st level Dedicated File;
'4F': Elementary File under 2nd level Dedicated File.
Ikwe Gideon
Revenue Assurance
File Structure
File Structure DF: GSM
Master File
•
Telecom Directory
•
GSM Directory
•
File Characteristics
• The file characteristics that must be defined include:
• File size
• Number of bytes for transparent file
• Number of records and record size (for record type files only)
• File access conditions
• Basic access conditions (e.g. for read, update, increase commands)
• OTA access conditions (for OTA operations)
File Content
• Once created, SIM files can be empty, filled, or (in some cases) updated during the SIM’s lifetime. To complete the SIM personalization process, the network operator needs to designate the content of each SIM file by either specifying the content or electing to use default values.
Default Values
• Some files have default values or are of undefined content. GSM 11.11 and/or 3GPP 51.011 provide a detailed list of suggested values.
Operator Defined
• Some file content and file attributes are defined by the network operator. To enable the SIM manufacturer to complete the SIM personalization process, the network operator should provide information on the following:
• Security Rules
• Services
• Common PCS Handset Specification (CPHS) services and Customer Service Profile
• Over the Air (OTA) Features
• SIM Toolkit Features
EF- File (Eg: ICCID)
Permanent Vs Dynamic SIM Card Data
Permanent Dynamic
SIM card type IC card identification - serial number of card SIM service table - list of services subscribed to IMSI CHV1( PIN1) and CHV2 (PIN2) PUK - Pin unblocking key Authentication key Ki and A3, A5, and A8 algorithms ADM keys
Location Information TMSI, LAI, LA update timer (t3212), Ciphering key Kc and sequence number BCCH information (ARFCN,MCC and MNC) List of carrier frequencies for cell selection during handover and call setup List of blocked PLMNs (FPLMNs) HPLMN search timer
USIM Vs SIM
USIM SIM
UMTS-SIM Universal Subscriber Identity Module Global Phone Book & Hidden Phone Book (Bank account no's) APN settings can be written directly on to the card MMS can be stored on to the card Extended Phone book (256K) Backward compatible with 2G-GSM technology Operator Logo can be stored on the cardMore secured: Milenage and kausami Alog’s
GSM-SIM Subscriber Identity Module Global Phone Book NA NA Limited Phone book (32K or 64K)compatible with 3G also Can’t store Images A5, A3 and A8 algo’s are not very secured
UICC Universal Integrated card
A single card on which all applications can be placed (USIM,CSIM,RUIM and SIM)
3G, 3G+ card
UICC
UICC Vs ICC
UICC ICC
Universal ICC Can have multiple Applications of Similar Kind Can have 2 USIMs/SIMs A single card: USIM+ISIM+CSIM+SIM etc Used for 2G, 3G and 3G+ techs
Integrated Circuit Card Single profile of similar kind Single Application (USIM or IM SIM or RUIM or USIM Used for 2G and 3G only
CSIM Vs RUIM
CSIM RUIM
3G, 3G+ Application runs on UICC
2G and 3G runs on ICC and UICC
STK and DSTK
1) STK: SIM Tool Kit
Request can be answered through SMSC Gateway
2) DSTK: Dynamic SIM Tool KitRequest can be answered through SMSC GatewayWIB PULLWIB PushUpdating Parameters OTASending GPRS settings.
SIM Rollout – Key Considerations
•SIM Profile
•Test Cards
•Data Handling
•Graphics & Numbering
•Activation Scenarios
38
SIM Card Rollout
• Who needs to be involved?• SIM Card Product Manager
• Engineering
• IT
• Marketing and Sales
• Customer Care
• Billing
• Finance
39
Algorithm Selection*
• Most operators use one of the GSM Association algorithms called:• Comp 128-1, Comp 128-2, Comp 128-3, Milenage and kausami Alog’s
• Test/production SIMs:• Complete the GSMA GSM MoU document
• Send manufacturer the authorization documents from GSMA
• Send Manufacturer a numbered copy of the algorithm
40
SIM Card Profile
• Approximately 70 Files on a SIM
• Files require definitions• Network Requirements e.g.
• Mobile Country Code / Mobile Network Code• International Mobile Subscriber Identity (IMSI)• Integrated Circuit Card Identification (ICCID)• Short Message Service Parameters
• Marketing Requirements e.g.• Number of Abbreviated Dialing Numbers (Phonebook)• Number of Short Messages• Service Dialling Numbers (Customer Care Numbers)• Mailbox Number
• Business Requirements• Roaming Partner List• PIN Handling
41
Test Cards• Test profile before committing to commercial shipments
• Required data:• Mobile Country Code / Mobile Network Code
• IMSI (International Mobile Subscriber Identity)
• Algorithm (Comp 128, proprietary or XOR)
• SMSC Parameters
• Advanced Requirements• Telecom Files (for subscriber data)
• GSM Files (Network-specific files)
• Browser Files (WIB, SAT, etc)
42
Data Exchange
43
Header= Basic Order Info
Input Variables =
Starting Serial Number
& Starting IMSI Ranges
Output File Info
Data Handling - Encryption
• There are two types of security to be concerned with:•
Securing the Ki• Encrypting the Ki vs. clear text
Securing the Output File• Safe handling of output file
• Physical transfer - mail/courier/fax
• “Soft” transfer - floppy disk/cd-rom/email
• 3 DES (156 Bit Strong Encryption)
44
Data Handling - Encryption
• PGP Usage Example• Go to web and download PGP version
• Install onto your PC
• Create Public and Private Keys
• Send Public Key to recipient for data encryption
• Receive file and open with PGP
• Enter your pass phrase and file will deciphered
• Load data into network (billing system, switch, AUC)
45
Design Considerations - Artwork
• Designing your cards• Card Dimensions
• 85.6mm by 54mm (add 3mm trim margin to each side for bleed)
• Supported Artwork File Types
• Resolution = 300 dpi at 100% scaling
• Proof• 2-3 weeks after artwork receipt
• Card delivery 4-6 weeks after proof approval*
46
Card Design- Graphics
47
85.6 mm
54 mm
27 mm
17 mm
5.25mm
Front Side
In case of a bleed border, please
add 3mm trim margin to each side
Card Design - Graphics
48
85.6 mm
54 mm
27 mm
17 mm
5.25mm
Back Side
In case of a bleed border, please
add 3mm trim margin to each side
Packaging & Logistics
• SIM Cards: • have value
• are small in size
• are sequential
• Part of Branding campaign
• Labeling (Description, Starting & Ending ICCID, Batch #, other relevant information)
49
Over-the-AIR SIM Services• The ability to send commands to the SIM via GSM SMS or other
bearer services:
• To add or delete SIM files• To add, change or delete SIM file data• To add, change or delete SIM applications• To activate or deactivate SIM applications• To query for SIM data
50
Typical OTA Architecture
51
GUI
SMPP
or
?
API
CC/TS
OTA
HLR/AuC MSC
BSSCC Sys
Prov Sys
SMS-C
SIMSIMSIMSIM
Admin
MS
Typical OTA Platform Features
• Support for multiple SIM vendors• GSM 03.48 / 23.048 specification• SIM Libraries
• Support of GSM 03.48 / 23.048 Security Mechanisms• OTA Security keys• Counters• Checksums/signatures
• Modular Functionality• SIM File Management• Campaign Management• Application Management• Point of Sale • Internet Gateway• WAP Gateway
52
OTA Platform Provisioning
• Build SIM database• IccID, IMSI, OTA Keys, SIM Profile
• Data from the SIM Manufacturer’s Data Output File
• Typically done at the same time HLR / AuC are preloaded
• Build subscriber data base• Map or add customer data such as MSISDN and other relevant data
• Typically done when the account is established
• Activate subscriber• Following activation of network elements (HLR)
• Send OTA update of relevant files (MSISDN, VMX, SMS-C, etc.)
53
OTA Security
•OTA can be very secure (03.48 / 23.048)• Strong algorithms – DES/TDES• Replay and Sequence Counter• Redundancy Check• Cryptographic Checksum • Digital Signature• Proof of Receipt
•Requires secure transfer of OTA keys• Use secure data exchange with SIM Manufacturer
• Use encryption to further protect OTA key (as is done with Ki value)
54
Common Value Added Services
•Banking and finance• Balance, Bill Payment, Purchases
• Information on Demand• News, Stocks, Sports, Weather
•Chat or IM•Multimedia• Location
• Dating, Advertising, Shopping
•Self Provisioning• Automatic, User-Initiated
55
Key Points
• OTA is a trusted, secure method of managing SIM
• OTA services are widely deployed in GSM today
• There are implementation options to fit nearly every operator’s environment
• Basic OTA services provide flexibility for operators
• More advanced OTA services can be added as business grows
• OTA increases the effectiveness and flexibility of SIM based applications
• OTA is a key to unlocking the opportunities of SIM based value added services
56
Relevant Specifications• GSM/3GPP specifications (SIM / USIM)
• 03.40 / 23.040 Point to Point SMS
• 03.48 / 23.048 Security Mechanisms (U)SIM Application Toolkit
• 11.11 / 51.011 (U)SIM – ME Interface
• 11.14 / 31.111 (U)SIM Application Toolkit
• SCP specifications (UICC)• ETSI TS 102 124 Transport Protocol for UICC
• ETSI TS 102 224 Security Mechanisms for UICC
• ETSI TS 102 225 Secured Packet Structure for UICC
• ETSI TS 102 226 Remote APDU Structure for UICC
57
SIM-USIM
Migration
2G – 3 G Migration
• Operator Considerations• New Radio Access Network
• New Services
• New SIM Cards
• New Multi-function devices
• Changes in OTA & Provisioning
59
3G Radio Access
• CDMA : Code Division Multiple Access
• a unique code is assigned to each user
• the call is locked by this code no one else can open it
• all users are on the same frequency band :• this code allows to separate the users
60
UMTS Network
61
USIM W-CDMA
W-CDMACore Network
Circuit Switch
Packet Switch
new
newnew
62
UMTS Radio Access : Difference with GSM
BSC
BTS BTSBase Transceiver Station
BSSBase Station Sub-System
Base Station Controller
RNC
Node B
UTRANUniversal Terrestrial Radio Access Network
Radio Network Controller
Node B
GSM UMTS
3G Services
63
4 Classes of services
Conversational class (voice, video telephony, video, gaming)
Streaming class (multimedia, video on demand, webcast)
Interactive class (web browsing, network gaming, database access)
Background class (email, SMS, downloading)
Quality of services (QoS)
data rates guarantee, delay variation
Data ratesup to 144 kbits/s satellite and rural outdoor
up to 384 kbits/s urban outdoor
up to 2048 kbits/s indoor and low range outdoor
3G Cards Features I
64digital right management for downloads
Copyright
• A new card platform for 3G applications (UICC)
– UICC : Universal Integrated Circuit Card
– Designed to store several applications
Telecom
ISIM
USIM
R-UIM
Security
PKI
WIM
Banking
EMV
E-Purse
Others...
Copyright
SIM
plastic roaming
multi subscription
Telecom
digital signature
end to end secure communication
Security
project with Eurocard Master Card Visa standards
Banking
3G Cards Features II
• Logical Channels• Possible to run several applications in parallel
65
• Secure Local Link
– 3G handsets support new bearers (Bluetooth, IrDA,
RS232, USB)
– 3G application can open and secure local channel
• ex : Using the mobile as a modem for a PC using
bluetooth link
UICC vs. USIM• UICC is the Smart Card Platform
• Universal Integrated Circuit Card
• Physical & electrical characteristics
• File system
• Commands
• Access conditions, PIN system...
66
EP-SCP
• USIM is the UMTS Telecom Application
– Universal Subscriber Identity Module
– List of UMTS files
– Authentication process
– Phonebook...
USIM features• Enhanced Security
• Mutual authentication ( Network User)
• New generation of Algorithms
• Integrity check on signalling data
67
• Advanced phonebook
– E-organizer format
– Easy to customize
– Synchronization ready (SIM/USIM)
USIM Security Features
• Authentication
• user by the network
• network by the user
68
• Confidentiality
– User identity (IMSI, Location, services)
– User voice & data
• Integrity
– signalling data
69
Key Agreement
After a successful authentication process
USIM and network shares a couple of computed keys
Integrity key (IK)
Ciphering key (CK)K
RAND
f3
f4
will be used to perform an
integrity protection
of signalling data
will be used to cipher both
voice and data communications
f9data
data
Integrity stamp
f8data
data
Ciphered Data
3G/GSM Cards
3G/GSM cards
70
SIM+USIM in the same card
it’s a SIM card in a GSM mobile
it is a USIM card in a 3G mobile
fully compliant with 3G & GSM standards
SIM USIM
3G/2G Interfaces
71
UMTS
SIM
USIM
SIMUSIM
2G
2G2G
3G
SIM
USIM 3G
GSM2G
3G3G
2G/3G3G
Activation of 2G and 3G Operation Mode
72
ATR compliant with UICC standards is sent to the mobile
Selection of SIM or USIM is implicitly done by the mobile
1st APDU command received in 3G format : USIM is activated
1st APDU command received in 2G format : SIM is activated
After the selection
if SIM is activated : 3G commands are rejected
if USIM is activated : 2G commands are rejected
2G / 3G File Mapping
73
Some files are identical in GSM and 3G (EF ADN, EF SMS..)
File sharing allows :
to better use the memory resource
UMTS and SIM subscription on a same card can use the same IMSI, secret
key (optional)
The mechanism is not standardized (proprietary)
Shared files :
may have different access condition
must be of the same type and of the same length
SIM/USIM File Sharing Mechanism
74
EF X1
11111111111
11111111111
EF X2
EF X3
100111001
100001010
EF Y1
00000000000
11111111111
EF Y2
EF Y3
100111001
100001010
00000000
100001010
SIM USIM
File Header
File Body
Link file(without body) mapped to EF Y3
Data File
OTA - Over the Air
75
release 99
03.48
GLOBAL SYSTEM FOR
MOBILE COMMUNICATIONS
R
release 6
31.116
31.115USIM
& SIM
102.225
102.226
UICC
release 4 & 5
23.048
UICC File System
Titre du diagramme
DFEFEF DIR
MF
76
Titre du diagramme
EF
EF DF
DF EF
ADF USIM
Titre du diagramme
EF
EF DF
DF EF
ADF PKI
Titre du diagramme
EF
EF DF
DF EF
ADF Bank
Titre du diagramme
EF
EF DF
DF EF
ADF R-UIM
CDMA2000
dedicated to an application
contains the appli. file system
apart from the MF file system
only selected by its identifier AID
An ADF is :
EF DIR :
contains the list of the AID
• AID 1• AID2• AID3• AID4
AID1 AID2
AID3AID4
3G File Structure
• Each file has a 2 independent sets of Access Conditions :
• GSM access conditions (ex : Read :CHV1 Update: CHV2) for GSM mobile
• 3G access conditions (ex : Read :GPIN2 Update: GPIN1) for 3G mobile
77
Access Condition GSM
AC1 AC2 AC3 AC4
Access Condition 3G
EF ARR FID EF ARR Record #File Header
File Body
3G OTA Mechanisms
78
GOP INTERPRETER Remote Applet management
GSM INTERPRETERRemote File management at MF level
with 2G access conditions check
Titre du diagramme
DFEFEF DIR
MF
UICC INTERPRETERRemote File management at MF level
with 3G access conditions check
Titre du diagramme
DFEFEF DIR
MF
USIM INTERPRETER
Remote File management at MF +ADF level
with 3G access conditions check
dedicated to 1 specific ADF
1 USIM instance per ADF !
USIM INTERPRETERUSIM INTERPRETER
Titre du diagramme
DFEFEF DIR
MF
Titre du diagramme
EF
EF DF
DF EF
ADF USIM
4 applets !
23.048 formatted SMS
Titre du diagramme
EF
EF DF
DF EF
ADF USIM PR0
79
OTA
length
OTA
header
length
security keys TAR3 counter padding OTA body
RC
CC
DS
TAR3 : AID USIM ProTAR 4 : AID USIM Perso
EF RFM
AID USIM Pro
1
3
USIM
Interpreter
“PRO”
USIM
Interpreter
Perso
TAR 3
TAR 4
2
EF RFM under MF
mapping between TAR
value of the USIM
interpreter with the AID of
the associated ADF
3G Phonebook Features
80...
1st name 2sd name 3rd name...
home business mobile...
groups
E-Organizer Format
Easily customizable
Synchronization ready
SIM/USIM, PDA, PC, OTA..
Phonebook in 3G Cards (1st Solution)
81
MFMF
DFDF DFDF EFgsm Telecom
EF ADN DFPhonebook
GLOBAL SYSTEM FOR
MOBILE COMMUNICATIONS
R
23.048
Sharing of data possible
23.048ADF
USIM
EF EFEFEF
Phonebook in 3G Cards (2nd Solution)
82
MFMF
DFDF DFDF EFgsm Telecom
EF ADN
DFPhonebook
GLOBAL SYSTEM FOR
MOBILE COMMUNICATIONS
R
23.048ADF
USIM
Sharing of data impossible !
3G Phonebook Principle
83
names e-mails groups...fields
phonebook entry = set of fields
fields : spread out in specific files
Phone book reference file : EF PBR
defines the structure of the phone book
Data Exchange
Once the network operator and SIM supplier have developed a SIM profile, the next consideration is the method of Data Exchange between the network operator and the SIM supplier’s production site. Since there are several elements of sensitive information (specification documents, source code, customer profiles, etc.) that must move back and forth, it is recommended that secure e-mail or PKI smart cards be used for these data exchanges.
Data to be Exchanged
• The most common documents and data transferred between the SIM supplier’s production site and the network operator are:
• Purchase Orders
• SIM profile
• SIM Toolkit Application Specification
• SIM card artwork
• Input Files (see sample Input File in Appendix A)
• Transport Keys (see below)
• Output Files (see sample Output File in Appendix A)
84
Data Exchange Details
Purchase Order
• For production to begin, each purchase order should contain at least the following information:
• Issue Date and Expected Delivery Date
• Ship To and Bill To addresses
• Quantity of SIMs being ordered
• Type of SIM being ordered (8k, 16k, 32k, 64k, Java interoperable, etc.)
• Card Description (e.g., JAVA Interoperable, GAIT files, etc.)
• Price per SIM and Extended Price
• Graphic Profile (e.g., Graphic Profile #1234; Red Sunset; Mount Everest picture, etc.)
• Electronic Profile (e.g., Electronic Profile #5678, 8k Profile, etc.)
85
Data Exchange Details
SIM Profile
• The SIM supplier uses the SIM Profile document to set-up SIM personalization as part of the SIM production process.
SIM Card Artwork
• The SIM Card Artwork is an image file that contains the graphics to be printed on the production SIMs. The print design must provide the following information:
• Positioning reference
• Number of colors
• Presence of logos, etc.
• ICCID printing method and position
• After agreement on the specific format, the network operator should provide the SIM supplier with the SIM artwork image file. Typically this image file is transported using high memory media such as Zip Disk, CD, etc. Once the SIM artwork image file has been received from the network operator, the SIM supplier creates a “proof” which is then sent to the network operator for approval. Once approved, the image file should be assigned a unique name or number, which can be associated with future purchase orders.
86
Data Exchange Details
SIM Card Artwork
• The SIM Card Artwork is an image file that contains the graphics to be printed on the production SIMs. The print design must provide the following information:
• Positioning reference
• Number of colors
• Presence of logos, etc.
• ICCID printing method and position
• After agreement on the specific format, the network operator should provide the SIM supplier with the SIM artwork image file. Typically this image file is transported using high memory media such as Zip Disk, CD, etc. Once the SIM artwork image file has been received from the network operator, the SIM supplier creates a “proof” which is then sent to the network operator for approval. Once approved, the image file should be assigned a unique name or number, which can be associated with future purchase orders.
87
Data Exchange DetailsInput File
• To produce SIM cards, the SIM supplier needs Input Files from the network operator indicating all the data to be generated during personalization. Typically, the Input Files are broken into batches of approximately 5,000 cards. Input Files contain information that automates SIM production and minimizes the need for human involvement in the production environment. Therefore, Input File information must be sufficient to uniquely identify the different possible versions of the product to be delivered. Some network operators will have more than one Electronic Profile and more than one Graphic Profile. As a result, unique identity is critical.
• Although many network operators use a similar Input File format, some network operators have specific requirements. Thus, the SIM supplier and network operator need to agree on the format, and each Input File must strictly comply with the specification.
• Any secure medium can be used to communicate Input Files to the SIM supplier. Typically used are floppy disks, CDs, and secure e-mails to transfer Input Files from the network operator to the SIM supplier.
• The SIM supplier and network operator must also agree on the method for generating “variable data” (e.g. Ki, secret codes, etc). These data can be generated by either using a random generator or by using Root Card to diversify a master key with the card serial number of the target SIM.
• NOTE: When using the Root Card method, it is possible to avoid transmitting sensitive data. Only the diversifying value is returned in the personalization report file, and there is no need for encryption.
88
Data Exchange DetailsTransport Key
• The use of encryption algorithms is recommended when exchanging sensitive data such as the Ki and OTA keys between the SIM manufacturer and operator.
• Typically a strong public algorithm such as DES is used. The key(s) used for this protection is(are) called the Transport Key (or sometimes the K4). The algorithm and key values are used by the SIM manufacturer’s production systems to encrypt the sensitive data, and by the network operator’s Authentication Center and OTA platform to decrypt the sensitive data.
• This key is referenced in the Input File so that the personalization system knows what key to use to encrypt the sensitive data of the Output File.
• Most AuC’s support up to 256 key sets to ensure the ability to utilize unique key sets between SIM providers and between SIM order batches.
• The network operator should document procedures to define and securely retain the key values while securely disseminating the Transport Key(s) to the SIM, AuC and OTA Platform supplier(s), in a secure way before card personalization begins.
89
Data Exchange Details
Output File
• Operational parameters such as Ki, CHV1, CHV2, PUK and PUK2 are generated during the personalization process.
• The generated data must then be communicated by the SIM supplier to the network operator to enable storage of appropriate information in the AuC/HLR.
• The medium of communication is usually floppy disk or secure e-mail. The information is then associated with the corresponding ICCID and IMSI of each SIM (previously received via Input Files). These elements then become part of the Output File.
• The format of the Output File follows that of the corresponding Input File. Data contained in the Output File can be encrypted depending on customer requirements.
• If encrypted, the entire file can be encrypted (confidentiality) and signed (integrity and authentication of origin).
90
SIM Testing
• Mobile network operators are well advised to implement some sort of SIM card testing program. This should include qualification testing to validate the SIM profile and catch errors and omissions prior to full scale production, as well as some form of acceptance testing to ensure that subscribers receive fully functional cards.
Qualification Testing
• The purpose of qualification testing in general is to validate the design of a system or component prior to production. A well-known quasi-exponential relationship exists between the cost of fixing a design defect vs. the phase in the program life cycle in which it was detected. This is sometimes referred to as the 1-10-100 rule; a defect caught in the design phase of a program costs (hypothetically) $1 to fix, whereas it costs $10 to fix if caught in the production phase, and $100 after the item is deployed.
• SIM card manufacturers employ their own forms of qualification testing to ensure, for example, that their cards meet the physical, electrical, and logical requirements of the ISO standards. Network operators need not replicate these tests, but may want or need to review a summary of the data. On the other hand, operators do need to implement their own form of qualification testing (typically on a small batch of test cards supplied by the SIM vendor) to ensure that:
• The SIM profile is complete and as expected
• The data fields contain the correct values
• The card interoperates correctly with the handset(s) and network
91
SIM Testing (GSMA)Test Equipment
• Qualification testing can be performed either by the operator or by an independent third party. In either case, the test facility must have the following basic equipment:
Test Set
• The test set consists of some form of ME simulator, consisting of hardware and software that can:
• Communicate via the ISO protocols
• Generate all command APDUs and receive and process all responses
• Provide all appropriate physical connections to the SIM, including a voltages, a clock signal, and an input/output connection.
• Several commercially available SIM card test sets exist which incorporate SIM card readers, automated testing software, and a graphic interface that facilitates easy examination of file structure and contents.
Test Cards
• The SIM vendor should be asked to supply a quantity of test cards (typically less than 10) for qualification test purposes. These should have test IMSIs and Ki’s. Depending on the agreement with the SIM vendor, these may be provided with final front and back artwork for inspection and acceptance by the operator.
Handsets
• The test suite should include production model handsets for testing interoperability with the SIM card. Ideally, it would be preferable to test the SIM in all handsets that the subscriber might conceivably use, however this is impractical. The operator should therefore select a representative subset of the most likely handsets the subscriber might use.
Network Infrastructure
• It is important to test operation of the SIM and handset within the context of the operator’s actual network. The test facility should therefore be located in an area with good RF coverage and should have access to the operator’s OTA platform. 92
Contents
Abbreviations
Types of Cards
SIM Card Memory Architecture
SIM Card File Structure
RUM- Classifications
NV Vs RUIM
PRL
USIM
UICC Vs ICC
Abbreviations
SIM: Subscriber Identity Module
USIM: Universal Subscriber Identity Module
RUIM: Removable User Identity Module
ICC: Integrated Circuit Card
UICC: Universal Integrated Circuit Card
OMH: Open Mobile Handset
ISIM: IMS SIM
NV : Non Volatile
PRL: Preferred Roaming List
GSM: Global System for Mobile Communications
UMTS: Universal Mobile Telecommunications
CDMA: Code Division Multiple Access
IMS: IP Multimedia Subsystem
