The present invention relates to a method for supporting an access of a terminal to a mobile communication network. The invention further relates to a security element for a terminal with a corresponding access support application, a corresponding access support server and a system with such a security element and such an access support server.
The authentication of a terminal of a subscriber vis-à-vis a mobile communication network for access to the mobile communication network is currently effected usually through a so-called challenge-response method. Therein, after the subscriber by means of a network subscriber identifier stored on a security element (SIM, UICC) of the terminal and transferred to the server of the mobile communication network, the terminal receives a random number from the server, encrypts this random number by means of a subscriber-specific and secret authentication key stored in the terminal, and transfers the result to the server. There, the authentication key of the subscriber is stored likewise, so that the server can perform the computation in turn and compare the result with the result received from the terminal. If the results match the terminal is considered authenticated.
The explicit secure storing of such authentication keys or comparable data sets required for determining authentication data in the security element of the terminal involves some disadvantages. Usually, an authentication key is firmly tied to a subscription, i.e. a contractual agreement of the subscriber with an operator of the mobile communication network. Therefore, it is difficult to support a merely temporary use of a subscription or the parallel use of different subscriptions on a security element with the described solution. Generally, the so-called “life cycle management” of the security element is made more difficult when authentication keys or the like have to be stored permanently on it.
To overcome the problems mentioned solutions are known in which an authentication key or comparable data are no longer stored locally in the security element of the terminal, but on an external server, for example a so-called SIM server (see e.g. WO 2011/158207 A1). During authentication of the terminal vis-à-vis the mobile communication network, the terminal then forwards the random number received from the server of the mobile communication network to the SIM server. There the random number is encrypted by means of the secret key allocated to the subscriber, which is now stored at the SIM server and no longer in the security element of the terminal. The result is transferred by the SIM server to the terminal and forwarded by the terminal to the server of the mobile communication network. In this manner, the explicit storing of authentication keys or the like in the security element of the terminal can be omitted. It is also made possible to use different subscriptions in parallel or individual subscriptions only temporarily.
A disadvantage of the solution described last is, however, that the terminal of the subscriber always has to establish a connection to the SIM server for authentication vis-à-vis the mobile communication network. This means that the SIM server must be available to the terminal reliably and permanently. Also, it is necessary that the communication connection between the terminal and the SIM server reliably enables a data communication with sufficient speed. Otherwise timing specifications of the authentication process between the terminal and the server of the mobile communication network possibly cannot be observed.