Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • 10-Gemalto Interworking

    Enviado por

    eminuscloud
    10 visualizações15 páginas
    UICC

    Direitos autorais

    © © All Rights Reserved

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    UICC

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    10 visualizações15 páginas

    10-Gemalto Interworking

    Enviado por

    eminuscloud
    UICC

    Direitos autorais:

    © All Rights Reserved
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 15

    The UICC

    A multi-network authentication device


    An application platform

    Gemalto

    April 2008

    Operator branded services from any device


    and any access network

     Multiple authentications
     One single device for multiple wireless networks
     Inter-working authentication

     An operator-controlled application platform


     Flexible distribution models
     Secure value added services

    April 2008, CDG Technology Forum

    The UICC is a multi-network authentication


    device
     With open markets, we find competing heterogeneous networks
    with common security requirements
     Separate subscription from devices
     Hosts various network authentication applications and associated
    credentials
     OTA management
     Fully standardized

     Security, trust, and user convenience

    April 2008, CDG Technology Forum

    The UICC: single hardware authentication


    platform securing access to multiple networks

    UICC
    platform

    Kernel

    HAL

    Card
    Registry

    JTE

    CSIM

    ISIM

    USIM

    Extension
    Applications
    and
    associated
    secure data

    GSM 3G/LTE
    networks
    (AKA)

    WISIM

    Secure IMS
    applis (AKA)

    OTA
    mechanism

    Network Access
    Applications

    Toolkit
    framework

    File System
    services

    CDMA
    networks
    (CAVE/AKA)

    WiBRO/WiMAX
    networks (EAP)

    Open Platform
    Application Java Card
    Environment
    Tools
    API
    (OPEN)
    Java Card
    Java Card Runtime
    Virtual Machine
    Environment
    (JCVM)
    (JCRE)

    Memory
    blocks

    APDU
    comcom-stack

    Security
    SYS

    Crypto
    engines

    HAL

    32/1632/16-bit Hardware and libraries

    April 2008, CDG Technology Forum

    UICC Authentication in various networks


    AKA
    authentication
    with USIM in
    UICC
    EAP
    authentication
    (AKA, SIM )

    LTE

    CDMA
    2000
    WIMAX
    CAVE/CHAP
    authentication
    with USIM in
    UICC

    April 2008, CDG Technology Forum

    UICC deployments benefits


     Opex reduction & increased operating flexibility
     Reduced cost of customer care
     Better user experience with unsubsidized devices
     Better network selection for outbound roaming based on negotiated
    agreements

     Increased revenues
     Inbound international roaming revenues
     Additional prepaid purchases from foreign visitors

     Better service to the user; reduced churn


     Better user experience when changing handset
     Transparent inter-working with multiple networks worldwide

    April 2008, CDG Technology Forum

    LTE / WiMAX or HRPD inter-working


     Connection to LTE core network via WIMAX interface
     During authentication procedure UE interacts with MME to perform EAPAKA authentication
     EAP packets are channeled via the WIMAX/HRPD access
    Dual mode
    handset
    LTE/WiMAX
    or LTE/CDMA

    AKA
    authentication
    with USIM

    MME
    AAA

    WIMAX
    Or HRPD

    April 2008, CDG Technology Forum

    LTE core

    International roaming with dual mode


    LTE/CDMA handset
    In countries offering
    GSM/2G/3G access:
     Roaming possible if dual mode
    handset is compliant with radio
    frequencies used
     Otherwise plastic roaming is
    possible
     User is authenticated using USIM
    application and AKA algorithm with
    HSS of home operator

    April 2008, CDG Technology Forum

    CDMA
    Handset

    GSM/3G/LTE
    Handset

    Plastic roaming

    The UICC is also a multi application platform


     4G will bring even more unsubsidized wireless devices that
    need to be easily provisioned
     Operator branded services are inserted with the UICC
     Toolkit API enables native access to handset peripherals
     Native IP connectivity through handset with BIP
     Dynamic remote provisioning of applications with UICC OTA

     Emerging business models


    with global platform delegated management
     UICC real estate renting
     Service providers have control on applications and partitions

    April 2008, CDG Technology Forum

    The Secure Element, beyond wireless access

    Operator

    Bank

    Transport

    BankSD
    SD
    Bank

    TransportSD
    SD
    Transport
    IssuerSecurity
    SecurityDomain
    Domain
    Issuer
    Ticketing
    GSM
    (U)SIM

    MNO
    Smart
    Events
    Ticketing
    Services
    Poster

    Info

    ...

    Credit
    Card

    Debit
    Card

    Loyalty

    - Secure multi-application environment


    - Specification supported by the Financial Industry
    April 2008, CDG Technology Forum

    10

    The business of managing identities


     The UICC help MNO offer identity management services
     Different identity management initiatives:
    
    
    
    

    3GPP GAA 5generic authentication architecture)


    Liberty alliance ID-WSF (Identity web services framework)
    Open ID
    Cardspace

     UICCs: huge infrastructure of shared secrets


     Operators leverage and monetize
    this infrastructure through a panel of
    identity management solutions

    April 2008, CDG Technology Forum

    11

    NFC: merging wireless with existing contactless

    Smart poster
    Payment
    Travel

    Loyalty

    Ticketing
    Korea
    China

    Japan

    Taiwan

    Mobile Transport

    April 2008, CDG Technology Forum

    Mobile Payment

    Major payment
    schemes

    12

    An open solution based on the UICC


    (OTA)
    SIM
    - Application logic (java)
    - User credentials
    - Open Platform enabled

    Portability
    Carry m-applications, credentials
    and value-added services when
    changing handsets

    Security
    A secure device that can be
    certified by payment institutions

    Multi-application
    Each service provider has an
    exclusive control over its own
    applications and partition.

    NFC chipset
    - RF layer
    - Multi-protocol
    (type A, B, felica, 15693)

    Remote Management
    RF antenna

    April 2008, CDG Technology Forum

    Recommended by

    Applications are managed and


    personalized OTA through
    existing and standardized
    protocols

    13

    Securing Mobile TV services


     UICC holds conditional access application used for service
    protection;
     Card operating system and conditional access application are
    regularly updated to maintain security at sufficient level
     UICC collects and distributes channel viewing information for
    audience monitoring purposes

    April 2008, CDG Technology Forum

    14

    Securing access to branded services globally


     As an authentication device, the UICC
     Is a flexible platform enabling user authentication in various networks
     Enables open market distribution model beneficial to users, operators, and
    OEMs
     Presents convenience and ease of use, crucial to customer satisfaction

     As an application platform, the UICC


     Is a key enabler thanks to its high level of security and trust value
     Enables operators to push branded services to unknown devices
     Features standard over the air management of application life cycle

    April 2008, CDG Technology Forum

    15

    Você também pode gostar