The present invention relates to techniques for over-the-air personalization of network devices.
In large scale radio networks, such as Internet-of-Things (IoT) or mobile phone networks, end devices must be configured with security sensitive information (personalized) to be able to join a particular network by authenticating to the network provider. In mobile phone networks, this personalization is not performed by the end device manufacturer (phone manufacturer) or network operator, but is performed by a 3rd party, the SIM card manufacturer. Once a customer receives a SIM card, the SIM card may be inserted in any GSM handset on the market and use the service of the network operator.
Large-scale IoT networks may also require the personalization of an end device with customer and network operator specific information, but IoT end devices may not include a SIM card due to cost. Additionally, end devices may not be fully managed and operated by the network operator, but may involve the collaboration of the network operator and the customer. For example, the service provider or application provider may be responsible for managing device keys and accepting devices in the network. This provides the capability for end-to-end encryption between end device and service provider or application provider without the network operator being able to eavesdrop on end device messages.
Accordingly, a need arises for techniques by which end devices may be personalized over-the-air (OTA) without the involvement of device manufacturers.