MTC is a blanket term for a series of techniques and combination thereof for implementing data communication and exchange among machines and between a machine and a human being using radio communication techniques. There are two meanings associated with MTC: one refers to a machine known per se as a smart device in an Embedded field, and the other refers to a connection among machines that connects the machines together via a network. MTC applies widely to fields such as smart measurement, remote monitoring, tracking, medical treatment, etc., and enables a more intelligent life. Compared with traditional communication among people, MTC devices are huge in number, apply widely, and have enormous market prospect.
In MTC, techniques for long-distance connection mainly include a Global System for Mobile Communications (GSM)/a General Packet Radio Service (GPRS)/a Universal Mobile Telecommunications System (UMTS), and techniques for short-distance connection mainly include 802.11 b/g, Bluetooth, Zigbee, Radio Frequency Identification (RFID), etc. Due to its integration of wireless communication and information technology, MTC may be used for bidirectional communication, such as long-distance information-collecting, parameter-setting, and instruction-sending, and therefore may implement different application solutions such as safety monitoring, automatic vending, cargo tracking. Almost all devices involved in daily life may become potential service targets. MTC provides simple means for establishing a radio connection of real-time device data among systems, among remote devices, or to a person.
An example of architecture of an MTC system is as shown in FIG. 1, in which an MTC device communicates with an MTC server via a mobile communication network.
In a 3rd Generation Partnership Project (3GPP) system, a GBA process may be for establishing a key shared by a UICC and a terminal for establishing a safe connection and performing safe communication between the UICC and the terminal. The safe connection established between the UICC and the terminal may be used to bind the terminal to the UICC. A method for binding a UICC with a terminal in the 3GPP may also be used to bind a UICC with an MTC device in the MTC system. The GBA refers to Generic Bootstrapping Architecture, a system architecture of which defines a general key agreement mechanism between a terminal and a server. FIG. 2 illustrates a network model of the GBA system architecture and reference points among network element entities thereof, as described below.
(1) A User Equipment (UE) is a blanket term for a terminal device (such as a mobile phone) and a Subscriber Identity Module (SIM)/Universal Subscriber Identity Module (USIM) card. The terminal may be a mobile terminal (such as a mobile phone) with a plug-in card, or a fixed terminal (such as a set-top box) with a plug-in card.
(2) A Network Application Function (NAF), i.e., an application server, implements an operational logic function of an application and provides a operational service for the terminal after the terminal is authenticated;
(3) A Bootstrapping Server Function (BSF), as a core network element of the GBA, implements authentication with the UE through an Authentication and Key Agreement (AKA) protocol, and agrees with the UE on a session key which is then used for communication between the UE and the NAF. The BSF can set a life cycle of the key according to a local policy.
(4) A Home Subscriber System (HSS) stores authentication data included in the (U)SIM card of the terminal, such as Ki in the SIM card.
(5) A Subscriber Locator Function (SLF) allows the BSF to acquire the name of an HSS storing relevant subscriber data by querying the SLF. No SLF is required in a single-HSS environment or when the BSF is configured to use a pre-assigned HSS.
In the MTC system, since an MTC device is required to perform communication without human intervention, a UICC on the MTC device may be used by an invalid subscriber during use. Therefore, it is required to bind the UICC with the MTC device to prevent use of the UICC by an invalid MTC device.
At present, a 3GPP network supports establishing a safe connection between the UICC and the terminal by key pre-sharing, and binding the UICC with the terminal through the safe connection. A way of key pre-sharing defined by the 3GPP is to establish a key Ks_local pre-shared by the UICC and the terminal by way of GBA with UICC-based enhancements (GBA-U), and to establish the safe connection between the UICC and the terminal using the Ks_local. A binding relationship between the UICC and the terminal established by way of the GBA-U is restricted by factors such as the life cycle of the Ks_local, such that the binding relationship established between the UICC and the terminal is only valid within the life cycle of the Ks_local. In the MTC system, if the binding relationship between the UICC and the MTC device is established by way of the GBA-U, then after the life cycle of the Ks_local expires, the restriction relationship between the UICC and the MTC device may become ineffective, in which case the UICC may be used by another invalid MTC device.
Thus, for the 3GPP network and the MTC system, when binding of the MTC device and the UICC is implemented by way of the GBA-U, a problem required to be solved is how to avoid the restriction to the established binding relationship imposed by the life cycle of the Ks_local.