Mobile communication equipment in, e.g., GSM and UMTS networks may employ smart cards of the type currently referred to as Universal Integrated Circuit Card (UICC).
A UICC may use a SIM application to access the GSM network and a USIM application to access a UMTS network. A UICC may contain several applications, making it possible for a same smart card to give access to several networks by also providing facilities to the users.
An operator may specify a set of applets, security domains and files that the smart card issuer stores in the smart card. This set of information is currently referred to as “profile”.
A recent development of UICC's is represented by embedded UICC (eUICC's) which may be incorporated, e.g., in a mobile terminal, thus enabling a user to change operator (and so its profile) over the air by means of a software procedure. An eUICC is also capable of managing multiple mobile network operator subscriptions, by making it possible for a user to enable/disable a current profile on the fly.
UICC's and eUICC's may reside in a non-volatile memory (e.g., flash-based) used to store a profile.
As discussed previously, a profile may include:
a hierarchy of security domains, that is specific applications which can be regarded as authentication entities (key containers) by means of which an operator can modify a profile over the air;
a set of applets, that is applications capable of authenticating to a specific network (e.g., UMTS) or interact with the user; these applets may be written by means of a Java Card technology and may include many Java Card objects;
a hierarchy of directories and files, which contain personalization information for the applets as well as data useful for authentication purposes.
Profile entities such as security domains, applets, files may include a set of objects to be stored and handled by the operating system of the related apparatus.
Security domains and applets may include Java Card objects and code. These and other type of persistent entities (such as files and directory), are indivisible and stored in memory. They can be, without prejudice to the underlying principles, called “blocks”.
Each block stored in a non-volatile memory in an UICC may pertain to a single profile installed in the card. In a multi-profile UICC, the operating system will keep a correspondence between each block and its associated profile.