This section is intended to provide a background or context to the invention that is recited in the claims. The description herein may include concepts that could be pursued, but are not necessarily ones that have been previously conceived or pursued. Therefore, unless otherwise indicated herein, what is described in this section is not prior art to the description and claims in this application and is not admitted to be prior art by inclusion in this section.
Certain abbreviations that may be found in the description and/or in the Figures are herewith defined as follows:
AuC authentication center
AUTN authentication token
CK confidential key
DM device management
DMT device management tree
EAP extensible authentication protocols
eNB evolved Node B
GPRS general packet radio service
HS 2.0 HotSpot 2.0
ICCID integrated circuit card identifier
IK integrity key
IMEI international mobile equipment identity
IMSI international mobile subscriber identity
LTE long term evolution
MILENAGE authentication algorithm for 3GPP
MNO mobile network operator
MO management object
NAND not AND
NOR not OR
NVM non-volatile memory
OMA open mobile alliance
OS operating system
OTA over-the-air
PC personal computer
PDA personal digital assistant
RAM random access memory
RAN radio access network
RSN robust security network
SIM subscriber identity module
SMS short message service
SOAP simple object access protocol
SW-SIM software-based subscriber identity module
UE user equipment
UMTS universal mobile telecommunications system
URI uniform resource identifier
URL uniform resource locator
WFA Wi-Fi Alliance
WLAN wireless local area network
WPA Wi-Fi protected access
XML extensible markup language
In many wireless communication networks, a mobile equipment user is required to have a subscription in order to access the network. The mobile equipment may be any type of machine, apparatus or device that is enabled to utilize a mobile network, provided that the machine, apparatus or device has sufficient access credentials. The subscription identifies, among other things, the mobile network, in which the mobile equipment is to be used and the individual settings relating to the subscription. These setting can include a network operator setting and a subscriber identifier corresponding to the mobile equipment user. The user might be an individual user, a corporation, an organization, or a group.
A Subscriber Identity Module (SIM) card is a physical, hardware-based integrated circuit card for securely storing subscription credentials associated with the mobile equipment user. The SIM card typically contains subscriber details, security information and memory for a personal directory of numbers. The SIM card also stores data that identifies the caller to the network service provider. As used herein, the terms “subscription credentials”, “SIM data”, and “access credentials” can be understood as referring not only to a cryptographic secret, but also to related cryptographic data such as an algorithm, as well as operator-specific settings required for network access. The subscription data may be stored in an area of computer-readable memory, or encoded on a microcontroller operating as the processor unit for a device, or both stored and encoded. These stored or encoded subscription credentials may be loaded into the mobile equipment being used. Some wireless communication standards, such as GSM and UMTS, use the SIM card to store a service subscriber key corresponding to the user of the mobile device. The SIM card may also be used to perform authentication procedures in connection with security-sensitive tasks.
Although conventional SIM cards may be used to access UMTS networks, a more advanced physical SIM card known as a Universal Subscriber Identity Module (USIM) card has been developed for use with UMTS networks. The USIM card includes a microcomputer which is configured to execute any of several mini-applications. For example, the USIM card may be programmed to implement an electronic purse for use on a public transportation system, or to provide a local service portal that provides access to a utility bill. A UMTS handset equipped with a USIM card can be used to make video calls, assuming that the calling party and the called party are both served by a third-generation (3G) network. Voice calls and data exchanges are encrypted by the USIM using one or more security keys that are computed by the USIM. The USIM security keys are stronger and more secure than those provided by conventional SIMs. The USIM card also provides for a much larger phone book than a conventional SIM card, with the USIM being configured to store contact names, email addresses, primary telephone numbers and secondary telephone numbers for thousands of contacts. The USIM stores these contacts in an encrypted manner, providing for an enhanced level of security relative to storing the contact information directly in phone memory.
SIM and USIM cards allow a user to change mobile devices by removing the SIM or USIM card from one mobile device and inserting it into another mobile device. The form factor of the SIM or USIM may be an embedded chip, a platform mounted chip, a logical unit on a larger processor, a protected memory card or a smart card. The chip may hold one or more sets of subscriptions or applications.
At present, a wireless communication network may use any one of several different over-the-air techniques or protocols to update a SIM or USIM card. For example, the communication network may include or interface with a central database that backs-up personal information for a plurality of SIM or USIM cards. The network device may transfer the stored back-up information corresponding to a particular user from the database to the user's SIM or USIM card upon request. While such over-the-air transfer techniques provide some personal information, they currently do not provide a complete or secure SIM or USIM subscription credential transfer. Thus, conventional over-the-air information transfer techniques still require a physical SIM or USIM card in the target device to ensure the security and the integrity of the transfer.
While SIM and USIM cards may be appropriate for high-end or complex mobile devices, such as smart mobile telephones and tablet devices, the costs associated with a SIM or USIM card may be prohibitively high for simple, low-cost mobile devices. Furthermore, while some wireless communication standards may require the implementation of security functions that are now performed by conventional physical SIM or USIM cards, such standards may not require an actual hardware implementation of a SIM or USIM in the form of a card. Thus, there remains a need for SIM solutions that are alternatives to conventional physical SIM and USIM cards.
The SIM and USIM cards are not movable between devices without utilizing a manual process. Indeed, a person owning multiple mobile devices has to manually move the SIM or USIM card containing subscriber identification information from one terminal to another. Typically, this long and cumbersome process includes: switching off the terminal, removing the back cover of the device, removing the battery, removing the SIM/USIM card, replacing the battery, replacing the cover, opening the cover of the second terminal, removing the battery of the second terminal, putting the SIM/USIM card into the second terminal, replacing the battery of the second terminal, replacing the cover of the second terminal, and powering up the second terminal. This manual process of transferring a SIM/USIM card from one device to another only works if both devices are available. Also, if the device or terminal is lost or stolen, the user also loses the SIM card. Heretofore, there are no solutions that address these problems.
Another shortcoming of physical SIM and USIM cards is that they are not always provided or furnished with newly-acquired mobile equipment. In this case, a user will have to separately obtain the access credentials for the acquired mobile equipment before the equipment can be used on the wireless communication network. This can cause an inconvenience to the user, at least for the reason that obtaining either the SIM/USIM card or the SIM download may require that the user bring the mobile equipment to a dealer who is associated with a given wireless communication network. In addition, for cost reasons, design reasons or to reduce the risk of theft, some mobile equipment may not be equipped with a slot for accommodating a SIM or USIM card. In this case, in order to obtain access to the wireless communications network, the required access credentials would need to be downloaded directly from the network, or the mobile equipment would need to be carried to a dealer that is associated with the network.
Yet another shortcoming of SIM and USIM cards is that cellular carriers need to provide their subscribers with a physical card. Costs are incurred in manufacturing, distributing, and programming these cards. It would be desirable to eliminate these costs. Moreover, once a SIM or USIM card is programmed, it cannot be changed, only replaced. Consequently, when a wireless network operator offers new services or makes changes to its existing offerings, the network operator needs to send a new SIM or USIM card to the subscriber.