Mobile terminals may utilize Universal Integrated Circuit Cards (UICCs) to access various types of networks. A UICC is a smart card used in mobile terminals in global system for mobile communications (GSM) and universal mobile telecommunications system (UMTS) networks. The UICC ensures the integrity and security of personal data.
Generic bootstrapping architecture (GBA) is a standard defined by the Third Generation Partnership Project (3GPP) for an authentication of a user of a mobile terminal. GBA relies on a shared secret between the mobile terminal (e.g., a client) and an application server. The client and the server are mutually authenticated through an intermediary server, referred to as a bootstrapping server function (BSF), that arranges a security relation between the client and the application server. In an enhanced form of GBA (referred to as GBA_U), the UICC on the mobile terminal is used to authenticate the user to the BSF. Once authenticated to the BSF, the mobile terminal may access the application server (also referred to as a network application function (NAF)) to obtain services. The NAF may communicate with the BSF to validate and authorize the mobile terminal's access.
The mobile terminal communicates with the UICC through interface(s) defined by standards, such as 3GPP Technical Specification (TS) 31.101. These standards ensure interoperability between the UICC and the mobile terminal independent of the respective manufacturer, card issuer, or operator.