1. Field of Technology and Background
The mobile phone (equivalently called user equipment, UE, mobile station, MS, phone or terminal) uses general packet radio service (GPRS) network to access an IP network that provides services (e.g. Internet). The only configuration needed to get GPRS access to this IP network is an access point node (APN).
APN used by the client to request a GPRS network access point is a logical handle. It is mapped to a physical access point by a home location register (HLR)/visitor location register (VLR) and a serving GPRS support node (SGSN).
The GPRS phone connects to a gateway GPRS support node (GGSN) of GPSN (i.e. APN) and during creation of a packet data protocol (PDP) context the GGSN provides the client with both an IP address as well as a domain name system (DNS) server. This allows the phone to start browsing immediately.
A wildcard APN is supported by both 2G and 3G SGSN. If no information is provided by a terminal, the SGSN uses the default received from the HLR for a specific PDP address type. The APN may be a wildcard, but it is unclear if all networks support this mechanism. According to specifications the client may request the wildcard (unspecified) APN, but in real world deployments the wildcard APN is often not supported.
However, after the completion of this basic process the phone has a very limited configuration and limited capabilities. It does not know anything about any e-mail servers, or a multimedia messaging service (MMS), or usage preferences, or preferred APN, or different services, etc. Thus it needs to somehow load more information to the phone when it connects for the first time, so it does not need to load said information again for the subsequent connections.
It is possible to configure the initial GGSN so that it only gives access to a very limited set of IP addresses (an Administration and Configuration domain), i.e. those that are relevant to the initialization service it desires to set up.
The GGSN provides the DNS server address in the parameter “protocol configuration options” (within the GPRS tunneling protocol, GTP). However, the GGSN currently is not able to provide any other parameters than the IP address and DNS server.
2. Problem Formulation and Prior Art
The problem is to adapt by means of configuration a generic device (a GPRS or a 3G phone) to a service provider (network operator) specific environment in a secure way without pre-defined service provider specific settings. Currently the methods used are service provider specific factory pre-configuration, settings loading by means of a memory card, and Over-The-Air (OTA) provisioning messages (for example, by means of an Open Mobile Alliance (OMA) client provisioning). The problems associated with existing methods are weak personalization, lack of interactive functionality, heavy logistics and inflexibility, lacking reliability, etc.
It is possible to perform provisioning using short message service (SMS) messages. It is possible to enhance the security of these provisioning messages by means of PIN codes, or secrets in the phone. It is also possible to utilize a public key infrastructure (PKI) and signing to enhance security. However, using the default characteristics of a GPRS network, and the chain of trust that can be derived from this environment is not addressed by the prior art.