A secure token is a tamper-resistant component able to store data and to provide services in a secure manner. In general, a secure token is a physical component which has a limited amount of memory, a processor with limited capabilities and is devoid of battery. For instance a UICC (Universal Integrated Circuit Card) is a secure token which embeds SIM/USIM applications for telecommunication purposes. A secure token can be installed, fixedly or not, in a terminal, like a mobile phone for example. In some cases, the terminals are constituted by machines that communicate with other machines for M2M (Machine to Machine) applications.
A secure token can be in the format of a smart card. A secure token may be a chip soldered to the mother-board of the host device and constitute an embedded-secure element (eSE).
A secure token can contain several emulated UICC.
A secure token can comprise an application intended to communicate with a distant applicative server. Most of the Telecom solutions rely on a communication protocol based on command/response between an applicative server and an application embedded in a secure token. This protocol is mapped into a secured Command Packet in a SM (short message) MT (mobile terminated) and a secured response packet in a SM MO (mobile originated) for the communication. Such a design can take benefit of the security layer of the communication channel of the Telecom operator for the applicative server to send a command and for the on-token application to send a response. The secure tokens concerned in this invention can utilize such a secure communication channel.
According to ETSI TS 143.019 V6.0.0, the responses are managed by a dedicated handler, called EnvelopeResponseHandler, in the UICC.
The ETSI TS 102 223 describes the principle of a proactive session which allows a UICC to send proactive commands to its hosting device. The proactive commands are managed in the UICC through a specific handler called ProactiveHandler.
Unfortunately, according to the § 6.6 of the ETSI TS 143.019 V6.0.0 the EnvelopeResponseHandler is no more available after the first invocation of the ProactiveHandler. Thus when the applicative server sends a command requesting the opening of a proactive session the token cannot send its response as usual.
There is a need for providing a solution allowing a secure token to send a response to the applicative server in a secure manner after an invocation of the ProactiveHandler.