METHOD FOR PROVIDING A SUBSCRIBER PROFILE FOR A SECURE MODULE

专利摘要:
The invention relates to a method of provisioning a subscriber profile (11B) in a secure module (11). The method includes receiving a request for provisioning a subscriber profile (11B) accompanied by parameters (14B) of a mobile terminal associated with the subscriber profile, configuring the terminal (10) when a notification of activation (217) of the profile is received, the notification being issued from the secure module (11). The invention applies to terminals comprising a secure module (11) for hosting a subscriber profile (11B) to a mobile communication network.
公开号:FR3029728A1
申请号:FR1461910
申请日:2014-12-04
公开日:2016-06-10
发明作者:Guillaume Larignon；Arnaud Danree
申请人:Oberthur Technologies SA；
IPC主号:

专利说明:

[0001] The field of the invention relates to a method of provisioning a subscriber profile to a terminal comprising a secure module, the terminal and a server for provisioning profiles of a subscriber. Currently, a mobile communication terminal includes a secure module for hosting one or more profiles of a subscriber to services. In the case of a cellular telephone, the basic service is offered by an operator (also called by the acronym MNO for "Mobile Network Operator" in English) for access to a mobile communication network for the exchange of data. 'remote information. However, it is expected that a terminal may also offer access to other third party services such as a payment service or a pay television service. For example, a virtual bank payment card. The secure module then hosts several profiles for access to various services. The subscriber profile is understood to mean at least the subscriber line identifiers, the cryptographic data necessary for its authentication with the service operator (cryptographic keys and algorithms) and the operator identifiers. When a subscriber wishes to renovate his service offer, it is necessary to update, add or replace a subscriber profile in the secure module.
[0002] In the case of a cellular phone, the secure module is a removable SIM card (from the English "Subscriber Identity Module" or more generically called UICC for "Universal Integrated Circuit Card") which is replaced to benefit from the access to a mobile communication network of another operator. In the case of a terminal type M2M (in English "Machine to Machine"), the secure module is soldered to the terminal and is therefore non-removable. It is commonly referred to as eUICC for "embedded Universal Integrated Circuit Card". The terminal may be a vehicle, a telemetry device or any remote data acquisition apparatus. It is expected that the terminal manufacturer will provide a remote software update solution for the secure module. For this, the service operator embedded on the terminal has secure wireless communication means to access the secure module and deploy new profiles of a subscriber. It is known in the state of the art solutions 20 remote update of a secure module that is removable or not. US patent application US20130012159A1 discloses a deployment solution of a new profile in a removable secure module. The module includes a first boot profile for establishing a first communication for loading a second profile of an operator. When the second profile is activated, the first profile is configured in a dormant state. U.S. Patent Application 20140134981 A1 discloses a method for updating the subscriber profile or loading multiple profiles into a secure welded module. In particular, it describes the functional blocks of the secure module and the subscriber's profile provisioning server for the preparation of a subscriber's profile and its secure sending as specified by the GSMA association (acronym). for "Global System for Mobile 5 Communication Association"). These solutions do not provide for updating the operating environment parameters of the terminal that are associated with the previous operator. For example, the terminal must be configured with parameters related to its subscriber profile to connect to operator services, for example an IP address on the Internet or an address of a network access point. mobile operator to access a 4G data network. This is problematic because the setting offset of the terminal with the secure module may prevent the first connection to the server of the new operator. For example, if the update notification is sent over the data network, the operator may miss the information that is detrimental to the continuity of service for the customer.
[0003] Another problem may be that the terminal remains configured with the visual of the initial operator charged by the manufacturer or service operator. In the latter case, the terminal parameters may be the terminal boot image, the operator logo, and the interface color codes. The setting offset between the terminal and the secure module can mislead the client. There is therefore a need to solve the aforementioned problems and to propose a global solution for updating a terminal ensuring both the update of the secure module and the update of the terminal parameters to guarantee at least continuity customer service.
[0004] More specifically, the invention relates to a method of provisioning a subscriber profile to a terminal comprising a secure module for hosting the subscriber profile to a mobile communication network and an operating environment of the terminal. According to the invention, the method comprises the following successive steps executed by the terminal: the reception of a provisioning request from a remote server comprising at least the subscriber profile and terminal parameters associated with the profile; the loading of the subscriber profile into the secure module, - the receipt of a first notification of the activation of the profile in the secure module issuing from the secure module, - the configuration of the operating environment with the parameters of the terminal triggered by the first notification. According to a variant, the method comprises, after the loading, the reception of an activation request of the profile coming from the remote server, and the first activation notification is a response of the secure module via a first secure channel to the request. activation. According to a variant, the method comprises after the configuration the execution of a procedure of a second notification of the activation of the profile in the secure module between the secure module and the remote server.
[0005] According to one variant, the method comprises receiving a request to restart the terminal between the configuration and the procedure of the second notification. More specifically, the parameters of the terminal 5 comprise at least the name of an access point for a connection to a data network of the mobile communication network. According to one variant, the provisioning request further comprises a signature of the profile and parameters for an authentication request by the secure module. In addition, the loading is performed after receiving a signature authentication notification. According to one variant, the provisioning request is received via a second secure channel between the terminal and the remote server, the second secure channel being an SMS, CATTP or HTTPS type exchange. More precisely, the parameters are specific to an identifier of the terminal. According to a variant, the method further comprises, prior to reception, determining the identifier of the terminal by the secure module and sending the identifier of the terminal to the remote server. According to a variant, it further comprises, following the loading, the reception of the notification of the loading of the profile issuing from the secure module, then the reception of an activation request of the second profile coming from the remote server. The invention provides a terminal comprising a secure module for hosting a subscriber profile to a mobile communication network and an operating environment of the terminal. According to the invention, the terminal comprises: a means for receiving a provisioning request from a remote server comprising at least the subscriber profile and terminal parameters associated with the second profile; means for loading the profile in the secure module and receiving a notification of activation of the profile in the secure module, - and means for configuring the terminal with the terminal parameters when the activation notification from the secure module is received. The invention also provides a server for provisioning a subscriber profile to a mobile communication network including a profile register, processing means for initiating the provisioning of the profile to a subscriber terminal and for creating a provisioning request. and means for sending the provisioning request to the terminal. According to the invention, the server further comprises: a register of terminal parameters associated with the subscriber profile; and the request for provisioning of the terminal comprises at least the profile of a subscriber and terminal parameters associated with the profile. . More specifically, the terminal parameters include at least the name of the access points for connection to a data network of the mobile communication network of the associated subscriber's profile. According to a variant, the server comprises means for receiving an identifier of the terminal.
[0006] With the provisioning method according to the invention, the terminal is configured following the activation of the profile loaded in the secure module. The configuration of the terminal is triggered upon receipt of the first notification of activation of the profile from the secure module to the terminal. Thus, the terminal is configured with the parameters of the operator of the telephony network before sending the activation notifications to a remote server of provisioning or a server of the communication network 15 of the operator. The method ensures that notifications to a remote server are sent correctly. It also allows the use of the data network of the new operator for sending activation notification.
[0007] Other features and advantages of the present invention will become more apparent upon reading the following detailed description of embodiments of the invention given by way of non-limiting examples and illustrated by the accompanying drawings, in which: FIG. 1 represents a diagram of the communications between a terminal hosting a secure module and the communication network of an operator. FIG. 2 more precisely represents the server for provisioning subscriber profiles for the provisioning of a secure module.
[0008] FIG. 3 represents a sequence flow of the method of provisioning the secure module and the terminal. The invention applies to the provisioning of a subscriber profile to a service and terminal parameters associated with the subscriber's profile. The aim of the invention is to prevent problems of correspondence between the profile of the subscriber at the service of the terminal and the configuration of the terminal. The purpose of the invention is to describe the method of provisioning a new subscriber profile to a mobile terminal as well as the parameters of the mobile terminal associated with said new profile. Fig. 1 is a diagram of an embodiment showing the ecosystem in which the invention is used. It applies to a mobile terminal 10 comprising a secure module 11 intended to host subscriber profiles. In this embodiment, two profiles 11A, 11B intervene, the first profile 11A being a profile activated in the secure module and the profile 11B is a profile to be provisioned in the secure module 11 to replace the profile 11A or to add a second profile. active. The secure module 11 is preferably a UICC-type integrated circuit for performing cryptographic functions, in particular enabling authentication of the secure module 11 to a service 3A, 3B. The secure module 11 25 can also be a software and hardware area of a terminal recognized as being protected and trusted, also called TEE (for "Trusted Execution Environment" in English). The secure module 11 communicates with a remote subscriber profile provisioning server 20 to receive the subscriber profiles. We will begin with a description of the terminal 10 and the secure module 11. The terminal 10 is a mobile communication device, for example of the cell phone type, embedded telemetry device or remotely managed installation. In this embodiment, the secure module hosts a first subscriber profile 11A and the terminal is configured with first parameters 14A. An operating environment 13 allows the operation of the terminal 10 and its operation with a service 3A of an operator through the profile 11A and the parameters 14A. The operating environment is configured by configuration files 10 and among these configuration files the terminal parameters 14A, 14B associated with the subscriber profiles 11A, 11B. To operate the security functions, the secure module 11 comprises security domains for the management of the communication protocols with external entities, such as for example the terminal 10, a remote subscriber profile provisioning server 20, or networks of subscribers. mobile communication, for the management of the subscriber profiles and for the hosting of the identifier of the secure module 20 and cryptographic data, such as, for example, an identifier used for the purpose of provisioning subscriber profiles, keys for personalization of the secure module , authentication keys and session keys. The secure module 11 can be removable and the format of a SIM card to be inserted in the mobile terminal 10. The terminal can be a cellular phone or a multimedia tablet. The services 3A, 3B to which the secure module 11 is authenticated are in this case cellular mobile communication networks 3A, 3B. In another embodiment of the M2M type, the secure module 11 (of the eUICC type) is soldered into the terminal 3029728 10 and is non-removable. The secure module 11 is an integrated circuit that can be authenticated to one or more mobile networks 3A, 3B, of the cellular network type. The terminal may be a cellular phone, a car vehicle or a telemetry device for example. It will be noted that the services 3A, 3B may be paid services requiring authentication of the user by means of a profile hosted in the secure module, such as for example a pay audio-visual service, a satellite telecommunication service or a service provider. telemetry using a private data network. Within the framework of the mobile communication networks 3A, 3B, these networks are operated by an operator and each of the networks offers a voice type communication server, of the message type (SMS), but also a data network 30A, 30B. A data network 30A, 30B of a mobile operator is understood to mean a 2G, 3G, 4G or LTE network. It is a communication network by transmission of data packets, of the Internet protocol type and requires access to an operator portal whose address must be known to the terminal 10. The communication protocols of the networks LTE type data 30A, 30B are defined by specifications issued by standardization bodies. These are, for example, the 25 standards issued by the ETSI (European Telecommunication Standards Institute) or 3GPP (for the third generation partnership project). The access to the operator portal is indicated by the parameters 14A, 14B in the operating environment 13 of the terminal 10. For access to a data network 30A, 30B the parameters 14A, 14B of the terminal are the names of the network access points of the operator, also called APN, for 3029728 11 "Access Point Name" in English. The parameters 14A, 14B may comprise several access point names with different privileges depending on the applications used in the mobile terminal 10.
[0009] The operating environment 13 may be, for example, an environment of the IOS, Android, Linux (registered trademarks) type or any other type of environment enabling the operation of the terminal 10. The operating environment includes files of configuration for managing the terminal parameters 10. More specifically, the terminal parameters 14A, 14B are associated with the subscriber's profile hosted in the secure module 11. As seen previously, they may be the data of access points specific to the terminal. operator's mobile communication network 3A, 3B, but also a visual of the operating environment 13 specific to the operator (Logo, color, animations, photos for example) or parameters associated with an application of access to an operator service.
[0010] It is understood that the parameters 14A, 14B of the terminal are associated with the subscriber profile 11A, 11B respectively, in particular because the parameters of the terminal 14A are generally not compatible with the subscriber profile 11B and conversely the parameters of the terminal 14B are not 25 not compatible with profile 11A. These are parameters that can not be used with another service than the operator. These parameters are defined by the operator of the subscriber's profile with which he is associated. In addition, the parameters of the terminal 14A, 14B and the 30 configuration requests of the parameters 14A, 14B in the terminal are specific to the operating environment running on the target terminal.
[0011] In addition, the operating environment 13 hosts a provisioning agent 12. The provisioning agent 12 is a communication intermediary between the remote profile provisioning server 20 and the secure module 11. receiving requests or notifications from the remote server 20 to execute the appropriate commands between the terminal 10 and the secure module 11. Conversely, upon receipt of requests or notifications from the secure module 11, it allows to execute the appropriate commands between the terminal 10 and the remote server 20. The provisioning agent 12 is an entity of the collaborative terminal with the remote server 20. It is sent and maintained by the same entity in charge of the remote server 20. This entity may be the operator of a telecommunication service, the manufacturer of the secure module, the terminal manufacturer or a third-party service operator. The provisioning agent 12 is a software application hosted by the operating environment 13 of the terminal, of java type for example, exploiting the functions and application methods for receiving requests, notifications, data and commands to be exchanged with the user. secure module 11 and the remote server 20. The provisioning agent 12 can communicate with the secure module 11 via a first secure channel C1. For this, it comprises means for receiving and sending data 122. It is is a secure communication channel comprising the use of the protocol APDU (for "Application Protocol Data Unit" in English) defined in ISO / SEC 30 7816-4. The standard defines the exchanges comprising the requests and responses between the terminal 10 and the secure module 11. It may also be called the GlobalPlatform standard v.2.2.1 which defines a framework for exchanges to access domains of security 3029728 13 secure module. In particular, the standard defines, in particular, APDU commands for transmitting data between the terminal 10 and the secure module 11, exchanges that can be initiated by an application of the terminal or a remote server for profiling provisioning. The secure module 11 via the provisioning agent 12 can communicate with the remote server 20 via a second secure channel C2. This second secure channel C2 uses SMS, the CAT_TP protocol (for "Card Application Toolkit 10 Transport Protocol") or the HTTPS protocol (for "HyperText Transfer Protocol Secure"). For example, the secure module 11 and the provisioning agent 12 can implement communication protocols as standardized in the standards ETSI TS 102 226, 3GPP TS 31.111 or 3GPP TS 31.116. The secure channel is for example established by a mutual authentication phase by means of cryptographic data provisioned in a secure domain of the secure module 11. As part of a provisioning of a subscriber profile in the secure module, the server 20 or the secure module 11 initiates a procedure for exchanging a subscriber profile. FIG. 2 more precisely describes the functions of a remote server 20 for provisioning a profile in a secure module of the eUICC type.
[0012] The server 20 for managing a subscriber profile to a mobile communication network means for preparing a subscriber profile, the provisioning request and the transmission means for the secure module 11. For this, a register 21 comprising profiles subscriber 11A, 11B to a mobile communication network. The register is updated by the operator of the mobile communication network. A profile contains the data used for the operation of a subscriber profile to access and use the server of the operator, including the subscriber's network identifier (IMSI), the 5 authentication keys, an operator security domain, also referred to as MNO-SD, a network access application, designated by NAA for "Network Access Application". For a case of provisioning in a secure module 10 welded to the terminal, the structure of a subscriber profile provisioned in the secure module 11 is designated ISD-P ("Issuer Security Domain Profile" in English) and is specified in the standard GSMA Remote Provisioning Architecture for Embedded UICC Technical Specification, version 2.0. The subscriber profile contains at least the information as specified in the GSMA standard. Moreover, according to the invention the server 20 comprises a register 22 of terminal parameters 14A, 14B associated with the profile of a subscriber. These parameters depend on the terminal model which is defined according to a manufacturer model or an IMEI (International Mobile Equipment Identity) terminal identifier, for example. The identifier is preferably unique to the terminal 10 and can be attached to a specific manufacturer model known to the remote server 20. The operators of the mobile communication network 3A, 3B establish the parameters 14A, 14B associated with their subscriber profile according to the identifier of the terminal. In addition, the server includes processing means 24 to initiate the provisioning of the profile to a subscriber terminal and to create a request for provisioning a subscriber profile to the secure module. The provisioning may be initiated by the operator or by the subscriber. The means for preparing the request for provisioning of a subscriber profile are designated by SM-DP (for "Subscription Manager Data Preparation" in English) in the GSMA standard. The server 20 comprises means 23 for establishing a secure exchange protocol with the secure module via the terminal 10. These communication means are designated in the GSMA standard by SM-SR (for "Subscription Manager Secure Routing"). As specified for the secure module, the server 20 can establish the secure channel C2 with the secure module 11 of type HTPPS, CATTP, SMS. Of course, the terminal 10 and the secure module 11 comprise the means adapted for the mutual operation of the secure channel C2 with the server 20. It will be noted that a software entity that is reciprocal with the server SM-SR entity is present in the server. secure module 11 to establish the exchange protocol. This entity is designated by ISD-R (for "Issuer Security Domain Root" in English) according to the GSMA standard.
[0013] According to the invention, the terminal provisioning request comprises at least the profile of a subscriber 11B and the parameters of the terminal 14B associated with the profile 11B. The mobile terminal parameters 14A, 14B may be prepared with the subscriber profile 11A, 11B by the operator or during the preparation of the provisioning request to the secure module 11 for provisioning by the server's SM-DP. For example, the provisioning request requires the creation of a subscriber profile in the secure module 30 and can include for its execution the APDU command "INSTALL COMMAND" to the terminal 10 for the installation of the profile 11B in the secure module The provisioning request provides for a response from the secure module and the execution status of the command. Whatever the mode of preparation of the parameters of the mobile terminal 14B for their provisioning, it is important to note that these are sent with the same request for provisioning the subscriber profile 11B with which they are associated or during the same protocol. supply of the subscriber profile 11B. This allows the terminal 10 to be provisioned early with the corresponding parameters 14B in order to activate the provisioned profile 11B. Note also that in a variant the provisioning request may be accompanied by a signature 17 of the subscriber 11B profile and the parameters of the terminal 14B 15 for authentication by the secure module 11. Figure 3 represents the flow sequence of the subscriber profile provisioning method 11B and 14B parameters of the terminal. The secure module 11 contains an active subscriber profile 11A and the mobile terminal 10 is configured with parameters 14A. Before initiating the provisioning of a second subscriber profile, it must be ensured that the remote server 20 is aware of the model of the subscriber terminal 10. The identifier of the model of the terminal may be the IMEI number 25 for example. In a first case, the remote server 20 has received the identification information of the terminal 10 by the operator. In a second case, the secure module 11 initiates a request 201 to receive an identifier of the terminal 10. The terminal 10 transmits the identifier of the terminal 10 by means of a response 202 to the secure module 11.
[0014] Subsequently, the secure module 11 sends the identifier of the terminal to the remote server 20 by a sending message 203, via the secure channel C2. The remote server 20 processes, during a step 204, the message containing the identifier of the terminal and determines the parameters of the terminal to be associated with the secure module 11. The remote server 20 has a database of a plurality of configurations of terminal parameters according to an operator.
[0015] In a variant of the method, it can be provided that the remote server 20 hosting the processing means 24 of the provisioning request (the SM-DP entity) receives the parameters of the terminal 14B via a secure communication channel of a other server of the subscriber profile operator. When the remote server 20 receives a provisioning request from a second subscriber profile 11B to be loaded into the secure module, a provisioning request is prepared by the remote server 20. The request contains the subscriber profile 11B, the parameters of the subscriber profile. terminal 14B, as well as, but not necessarily, a signature of profile 11B and parameters 14B with a certificate of the secure module 11. The remote server 20 transmits to the provisioning agent 12 the provisioning request 205 via the secure channel C2 . The provisioning agent 12 operates to receive the provisioning request 205 from the remote server 20 comprising at least the subscriber profile 11B and terminal parameters 14B associated with the profile 11B.
[0016] At a step 206, the provisioning agent 12 performs a temporary storage in a volatile memory of the mobile terminal 10 of the parameters of the terminal 14B associated with the second profile 11B provisioned.
[0017] It will be noted that at this stage the mobile terminal 10 is further configured with the parameters of the terminal 14A associated with the subscriber profile 11A which is also activated in the secure module 11. If a signature is present in the provisioning request, the Provisioning agent 12 performs a signature authentication request 207 to the secure module 11. The secure module 11 performs authentication 208 of the signature of the subscriber profile 11A and the parameters of the mobile terminal 14B. In the event of successful authentication, the secure module 11 transmits a notification 209 for validation of the signature 17 to the provisioning agent 12. In the opposite case, the provisioning method is suspended.
[0018] On receipt of the validation notification 209, the provisioning agent 12 sends a load request 210 of the second subscriber profile to the secure module 11. The parameters of the terminal 14B are kept stored in the memory of the terminal.
[0019] Then, the secure module 11 carries out the installation 211, in configuration files, information of the subscriber profile 11B. During this step 211, a secure domain of the ISD-P type specific to the subscriber profile 11B is installed in the secure module 11.
[0020] A notification 212 of the status of the load of the subscriber profile llb is forwarded to the provisioning agent 12. The notification 212 is a response to the request 210. There is also provided a response notification 213 of the request. execution of the upload to the remote server 20 from the provisioning agent 12 via the secure channel C2. The notifications 212, 213 informs the terminal and the remote server 20 of the status of the loading of the profile 14B in the secure module.
[0021] On receipt of a notification 213 of a valid load, the server 20 transmits an activation request 214 on the one hand of the subscriber profile 11B in the secure module 11 and on the other hand the parameters 14B of the terminal at destination. The provisioning request 214 may include an APDU command to be executed by the STORE DATA type terminal containing the activation instructions to the secure module 11 to activate the subscriber profile 11B. Such a request may provide a status response of the execution of the activation. Activation request 214 also contains instructions for Provisioning Agent 12 to configure terminal parameters 14B. The activation request 214 can be sent, via the secure channel C2, immediately in response to the receipt of the load notification 213 or be issued under validation of an additional condition, for example a duration or an activation command. . Then, the provisioning agent 12 transmits an activation request 215 of the subscriber profile 11B to the secure module 11. This is the execution of the APDU command contained in the request 214. The instructions for the provisioning agent 12 to perform configuration of the parameters of the terminal 14B is pending. The secure module 11 then performs the activation operation 216 of the subscription profile 11B, this operation is described for example in the aforementioned GSMA standard. At this stage, the subscriber profile 11B is activated in the secure module, in the opposite case the provisioning method is suspended. This operation can provide for the deactivation of the subscriber profile 11A. In addition, this operation provides for the response of the secure module 11 to the activation command 214 from the server 20 containing the status of the activation operation in the secure module 11. The activation notification 217 is transmitted to the server. Provisioning agent 12. This notification may also provide for a notification to be sent to the server 20. The notification 217 is received from the secure module 11 via the secure channel C1. This notification is the response to the activation command 214 issued by the server 20 including the status of the activation operation.
[0022] Upon receipt of this notification, the provisioning agent 12 operates the configuration 218 of the environment of the terminal 10 with the parameters 14B. The parameters 14B are parameters for achieving access to a service associated with the operator of the subscriber profile 11B that is activated. For example, the name of the data network access point of the operator of the subscriber profile 11B is configured in the environment 13 of the terminal 10. The parameters of the terminal 14A associated with the profile 11A which has just been deactivated are disabled. If the profile 11A has not been disabled, the parameters 14A are kept active in the terminal 10.
[0023] The configuration 218 triggered by the notification 217 makes it possible to guarantee that the terminal is configured with the configuration compatible with the activated profile in the secure module. The configuration is carried out before sending an activation notification to the remote server 20 or to a communication network 3B of the operator. Once the configuration 218 of the terminal 10 made with the parameters 14B, the secure module 11 then sends a restart request 219 of the terminal 10 to the operating environment of the terminal. This can be the REFRESH APDU Proactive Command. The command executes the execution of a network hooking procedure 3B of the activated profile in the secure module. The method then comprises an activation notification procedure 220 between the remote server 20 and the secure module 11 via the secure channel C2. The notification method 220 validates the installation of the second profile 11B in the secure module reciprocally with the remote profile provisioning server 20. This notification procedure provides for the exchange of messages and can perform erasure of the first subscriber profile 11A if it has been disabled. Note that this notification step is in accordance with the procedure of installation of a new profile in the secure module according to GSMA above.
[0024] As a variant, the notification procedure 220 is operated between the secure module 11 and a remote server of the communication network of the operator of the profile 11B. The notification procedure for example uses access to the data network configured by the parameters 14B.
[0025] It is also provided, following the configuration 218 of the terminal, an activation notification 221 of the terminal parameters 14B in the operating environment 13 of the terminal terminal 10 from the terminal to the remote server 20. The notification 221 is associated at the notification 217. The notification 221 is the status response of the activation operation of the profile 11B in the secure module 11. Thanks to the invention, this notification can for example be transmitted via the data network whose access is set by parameters 14B. On receiving the activation notifications according to the configuration 218, the remote server 20 updates its registers 21, 22 to enter the active subscriber profile in the secure module 11 and the terminal parameters configured in the terminal 10. In the invention, the provisioning method ensures that the terminal is configured with the operator's parameters before sending notifications 220 and 221 to the remote server 20 (or to a remote server of the operator's communication network). . The configurations of the remote servers and the terminal are matched. Continuity of service is also ensured. 20

权利要求:
Claims (15)
[0001]
REVENDICATIONS1. A method of provisioning a subscriber profile to a terminal (10) comprising a secure module (11) for hosting the subscriber profile (11B) to a mobile communication network (3B) and an operating environment (13). ) of the terminal (10), characterized in that it comprises the following successive steps performed by the terminal (10): - the receipt of a provisioning request (205) from a remote server (20) comprising the least the subscriber profile (11B) and the parameters (14B) of the terminal associated with the profile (11B), 15 - the loading (210) of the subscriber profile (11B) in the secure module (11), - the reception of a first notification of the activation (217) of the profile (11B) in the secure module (11) issuing from the secure module (11), - the configuration (218) of the operating environment (13) with the parameters the terminal (14B) triggered by the first notification (217).
[0002]
2. Method according to claim 1, characterized in that it comprises, after the loading (210), the reception of an activation request (215) of the profile (11B) coming from the remote server (20), and in that the first activation notification (217) is a response of the secure module (11) via a first secure channel (C1) to the activation request (215). 3029728 24
[0003]
3. Method according to any one of claims 1 to 2, characterized in that it comprises after the configuration (218) the execution of a procedure of a second notification (220) of the activation of the profile (11B ) in the secure module (10) between the secure module (11) and the remote server (20).
[0004]
4. Method according to claim 3, characterized in that it comprises receiving a request to restart the terminal (219) between the configuration (218) and the procedure of the second notification (220).
[0005]
5. Method according to any one of claims 1 to 4, characterized in that the parameters of the terminal (14B) comprise at least the name of an access point for a connection to a data network (30B) of the network mobile communication system (3B).
[0006]
6. Method according to any one of claims 1 to 5, characterized in that the provisioning request further comprises a signature (17) of the profile (11B) and parameters (14B) for an authentication request (207). by the secure module (11).
[0007]
7. Method according to claim 6, characterized in that the loading (210) is operated after receiving an authentication notification (209) of the signature (17).
[0008]
8. Method according to any one of claims 1 to 7, characterized in that the provisioning request is received via a second secure channel (C2) between the terminal (10) and the remote server (20), the second channel secure being an exchange of SMS, CATTP or HTTPS type.
[0009]
9. Method according to claim 8, characterized in that the parameters (14B) are specific to an identifier of the terminal (10). 3029728
[0010]
10. The method of claim 9, characterized in that it further comprises, prior to receipt (205), the determination (202) of the identifier of the terminal (10) by the secure module (11) and the sending (203) the identifier of the terminal (10) to the remote server (20).
[0011]
11. The method of claim 10, characterized in that it further comprises, following the loading (210), the receipt of the notification (212) of the loading (210) of the profile (11B) from the secure module ( 11), then receiving (214) an activation request of the second profile from the remote server (20).
[0012]
A terminal (10) comprising a secure module (11) for hosting a subscriber profile (11B) to a mobile communication network (3B) and an operating environment (13) of the terminal (10), characterized in that it comprises: a means (121) for receiving a provisioning request from a remote server (20) comprising at least the subscriber profile (11B) and the parameters (14B) of the terminal (10); ) associated with the second profile, - means for loading the profile (11B) in the secure module (11) and for receiving an activation notification (217) of the profile (11B) in the secure module (11), and means for configuring the terminal (10) with the parameters of the terminal (14B) when the activation notification (217) from the secure module (11) is received.
[0013]
13. Provisioning server (20) of a subscriber profile (11B) to a mobile communication network (3B) comprising a register (21) of the profile, processing means (24) for initiating the provisioning of the profile to a subscriber terminal and to create a provisioning request and means for sending (23) the provisioning request to the terminal, characterized in that it further comprises: a register (22) of terminal parameters (14A, 14B) 5 associated with the subscriber profile, - in that the terminal provisioning request comprises at least the profile of a subscriber (11B) and terminal parameters (14B) associated with the profile (11B).
[0014]
Server according to claim 13, characterized in that the parameters of the terminal (14B) comprise at least the name of the access points for a connection to a data network (30B) of the mobile communication network (3B) of the profile of the associated subscriber.
[0015]
15. Server according to claim 14, characterized in that it comprises means for receiving an identifier of the terminal (10).

类似技术:

---

公开号 | 公开日 | 专利标题

---

EP3029968B1|2019-07-31|Method for provisioning a subscriber profile inside a secure module

---

JP2016076940A|2016-05-12|Management method for contents on preservation element connected to device

---

TWI393464B|2013-04-11|Apparatus and methods for network identification of open market wireless devices

---

EP3348085A1|2018-07-18|Method for loading a virtual key in a user terminal and associated user terminal

---

US20050111463A1|2005-05-26|Method and apparatus for provisioning and activation of an embedded module in an access terminal of a wireless communication system

---

EP2871876A1|2015-05-13|Technique for configuring secure access by a guest terminal to a host network

---

EP3308564B1|2020-11-18|Procédé de chargement d'une clé virtuelle et terminal utilisateur associé

---

EP2259545A1|2010-12-08|Method for calculating a first identifier of a secured element of a mobile terminal from a second identifier of this secured element

---

EP3248326B1|2019-06-26|Method of managing signalling of presence of a terminal in a communication network

---

CA2957300C|2019-09-03|Method for establishing ota sessions between terminals and an ota server, corresponding ota server and reverse proxy server

---

EP3363178B1|2021-03-03|Electronic device comprising a secure module supporting a mode for the local management of the configuration of a subscriber profile

---

EP3278542B1|2019-01-02|System and method for executing an application on a terminal provided with a chip card

---

EP3917184A1|2021-12-01|Method and devices for management of communication profiles

---

EP2950569A1|2015-12-02|Method for triggering an OTA session between a terminal and a remote server, and corresponding terminal, SIM/UICC/eUICC card and server

---

WO2015193609A1|2015-12-23|Method for activating a subscriber card such as a sim card

---

EP3667530A1|2020-06-17|Secure access to encrypted data from a user terminal

---

WO2018115634A1|2018-06-28|Method for obtaining a profile for access to a telecommunications network

---

EP2146534A1|2010-01-20|Hybrid authentication method, system, server and terminal

---

EP3013083A1|2016-04-27|Method for downloading a subscriber profile in a security element, corresponding security element and servers

---

FR3084549A1|2020-01-31|METHOD FOR TRANSMITTING DATA TO TWO SEPARATE GATEWAYS, AND CORRESPONDING DEVICE.

---

WO2016207532A1|2016-12-29|Cellular-radio data processing method implemented by a sim card, especially for security purposes

---

FR2967327A1|2012-05-11|SYSTEM AND METHOD FOR MANAGING COMMUNICATIONS OF AT LEAST ONE TERMINAL IN A COMMUNICATION NETWORK

---

EP3222074A1|2017-09-27|Method of configuring a multimedia device intended to be connected to an interconnection device

---

EP3127374A1|2017-02-08|Device for accessing a wide area network via a mobile communication network

---

FR3042362A1|2017-04-14|MEANS FOR MANAGING ACCESS TO DATA

同族专利:

---

公开号 | 公开日

---

KR20160067776A|2016-06-14|

---

US10595193B2|2020-03-17|

---

ES2754216T3|2020-04-16|

---

BR102015030404A2|2016-06-07|

---

CN105682075A|2016-06-15|

---

EP3029968B1|2019-07-31|

---

EP3029968A1|2016-06-08|

---

FR3029728B1|2017-01-06|

---

CN105682075B|2020-08-14|

---

US20160165433A1|2016-06-09|

引用文献:

---

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

---

US20130217361A1|2006-04-04|2013-08-22|Jahangir Mohammed|System and method for enabling a wireless device with customer-specific services|

---

US20130012159A1|2011-07-04|2013-01-10|Sony Europe Limited|Mobile communications|

---

EP2615543A1|2012-01-16|2013-07-17|Samsung Electronics Co., Ltd|Apparatus and method for setting up an interface in a mobile terminal|

---

US20050250516A1|2004-04-14|2005-11-10|Lg Electronics Inc.|Location information system reflecting user preferences and service providing method thereof|

---

US20050239504A1|2004-04-23|2005-10-27|Sharp Laboratories Of America, Inc.|SIM-based automatic feature activation for mobile phones|

---

US9557889B2|2009-01-28|2017-01-31|Headwater Partners I Llc|Service plan design, user interfaces, application programming interfaces, and device management|

---

WO2012055572A1|2010-10-29|2012-05-03|Nec Europe Ltd.|Method and system for connecting a user equipment to a network device via a mobile communication network|

---

EP2461613A1|2010-12-06|2012-06-06|Gemalto SA|Methods and system for handling UICC data|

---

KR20130012243A|2011-07-08|2013-02-01|주식회사 케이티|Method for changing mno of embedded sim based on privilege, embedded sim and recording medium for the same|

---

KR101792885B1|2011-09-05|2017-11-02|주식회사 케이티|Method and Apparatus for managing key information of Embedded UICC, MNO System, Provisioning Method and MNO-Changing Method using the same|

---

US8843179B2|2012-05-11|2014-09-23|Li Li|Provisioning an embedded subscriber identity module|

---

US9585000B2|2012-05-25|2017-02-28|Kt Corporation|Method of providing subscriber profile of eUICC based on change of network|

---

US9137656B2|2012-06-27|2015-09-15|Rogers Communications Inc.|System and method for remote provisioning of embedded universal integrated circuit cards|

---

US9173085B2|2012-07-06|2015-10-27|Blackberry Limited|Methods and apparatus for use in transferring an assignment of a secure chip subscription managers|

---

DE102012020690A1|2012-10-22|2014-04-24|Giesecke & Devrient Gmbh|Method for introducing subscriber identity data into a subscriber identity module|

---

FR3011652B1|2013-10-07|2015-12-04|Oberthur Technologies|METHOD OF CUSTOMIZING A SECURE ELEMENT|

---

CN104703170B|2013-12-05|2017-04-12|华为终端有限公司|Methods and equipment for downloading file of operator|

---

US9363736B2|2013-12-16|2016-06-07|Qualcomm Incorporated|Methods and apparatus for provisioning of credentials in network deployments|

---

US9838866B2|2013-12-23|2017-12-05|Cellco Partnership|4G LTE power on activations|

---

KR102231948B1|2014-07-17|2021-03-25|삼성전자 주식회사|A method and apparatus for updating profile managing server|

---

CN112566073A|2014-11-17|2021-03-26|三星电子株式会社|Apparatus and method for profile installation in a communication system|JP6450461B2|2015-01-30|2019-01-09|テレフオンアクチーボラゲット エルエム エリクソン（パブル）|Wireless device, network node, and method thereof|

---

FR3047333B1|2016-01-29|2018-01-26|Morpho|METHOD FOR MONITORING A MOBILE TELECOMMUNICATION TERMINAL|

---

KR20170136149A|2016-05-31|2017-12-11|엘지디스플레이 주식회사|Liquid crystal display device|

---

EP3276993A1|2016-07-29|2018-01-31|Deutsche Telekom AG|Profile server for providing electronic communication profiles of electronic subscriber identity modules of mobile communication devices|

---

GB2552788B|2016-08-05|2019-11-27|Eseye Ltd|Loading security information|

---

KR102174665B1|2016-11-14|2020-11-05|인테그리티 시큐리티 서비시즈 엘엘씨|Secure provisioning and management of devices|

---

US10581620B2|2016-11-14|2020-03-03|Integrity Security Services Llc|Scalable certificate management system architectures|

---

FR3059194B1|2016-11-21|2019-06-28|Oberthur Technologies|INSTALLATION OF A PROFILE IN AN INBOX SUBSCRIBER IDENTITY MODULE|

---

CN108112011A|2016-11-24|2018-06-01|中国电信股份有限公司|The methods, devices and systems of the universal embedded integrated circuit card of remote management|

---

CN107423640A|2017-03-16|2017-12-01|努比亚技术有限公司|A kind of method, apparatus and terminal of wirelessly transmitting data storage|

---

WO2019019185A1|2017-07-28|2019-01-31|华为技术有限公司|Method for updating network access application authentication information, terminal and server|

---

US10708763B2|2017-11-30|2020-07-07|T-Mobile Usa, Inc.|On-boarding entity for remote embedded universal integrated circuit card management|

---

CN110474945B|2018-05-11|2021-08-03|华为技术有限公司|Data downloading and managing method and terminal|

---

FR3111042A1|2020-05-28|2021-12-03|Idemia France|Method and devices for managing communication profiles|

法律状态:
2015-11-23| PLFP| Fee payment|Year of fee payment: 2 |

---

2016-06-10| PLSC| Publication of the preliminary search report|Effective date: 20160610 |

---

2016-11-21| PLFP| Fee payment|Year of fee payment: 3 |

---

2017-11-21| PLFP| Fee payment|Year of fee payment: 4 |

---

2019-11-20| PLFP| Fee payment|Year of fee payment: 6 |

---

2020-11-20| PLFP| Fee payment|Year of fee payment: 7 |

---

2021-11-18| PLFP| Fee payment|Year of fee payment: 8 |

优先权:

---

申请号 | 申请日 | 专利标题

---

FR1461910A|FR3029728B1|2014-12-04|2014-12-04|METHOD FOR PROVIDING A SUBSCRIBER PROFILE FOR A SECURE MODULE|FR1461910A| FR3029728B1|2014-12-04|2014-12-04|METHOD FOR PROVIDING A SUBSCRIBER PROFILE FOR A SECURE MODULE|

---

EP15197121.5A| EP3029968B1|2014-12-04|2015-11-30|Method for provisioning a subscriber profile inside a secure module|

---

ES15197121T| ES2754216T3|2014-12-04|2015-11-30|Provisioning method of a subscriber profile for an insured module|

---

BR102015030404A| BR102015030404A2|2014-12-04|2015-12-03|method of providing a subscriber profile to a terminal, terminal comprising a secure module, and server providing a subscriber profile of a mobile communication network|

---

KR1020150171470A| KR20160067776A|2014-12-04|2015-12-03|A method of provisioning a subscriber profile for a secure module|

---

US14/957,906| US10595193B2|2014-12-04|2015-12-03|Method of provisioning a subscriber profile for a secure module|

---

CN201510884141.9A| CN105682075B|2014-12-04|2015-12-04|Method for supplying subscriber data to terminal, terminal and supply server|