WO2013176502A1 - Method for providing mobile communication provider information and device for performing same - Google Patents

Description

Method of providing mobile carrier information and apparatus for performing the same

The present invention relates to a method for providing mobile carrier information to a terminal having a built-in UICC and an apparatus for performing the same.

A UICC (Universal Integrated Circuit Card) is a smart card that can be inserted into a terminal and used as a module for user authentication with a mobile communication network subscribed to by a user. UICC is used for personal information of users such as Short Message Service (SMS), phone book, etc., and for mobile operators such as International Mobile Subscriber Identity (IMSI) and Home Public Land Mobile Network (HPLMN). Store business information.

The UICC may be referred to as a subscriber identity module (SIM) card in the case of the Global System for Mobile communications (GSM) scheme, and may be referred to as a universal subscriber identity module (USIM) card in the case of a wideband code division multiple access (WCDMA) scheme. .

When the user mounts the UICC on the terminal, the terminal automatically performs user authentication using the information stored in the UICC so that the user can conveniently use the terminal. In addition, when the user replaces the terminal, the user can easily replace the terminal while maintaining the mobile communication service and user information subscribed to by the user simply by mounting the UICC removed from the existing terminal to the new terminal. have. Alternatively, the user may simply change the mobile communication provider by replacing the UICC inserted in the terminal currently being used with the UICC of another mobile communication provider.

However, when it is difficult to detach the UICC from the terminal, for example, when the UICC is mounted inside the machine to machine (M2M) communication terminal and manufactured in a structure that is difficult to replace from the outside, the UICC of the existing removable plastic structure Built-in UICC (abbreviated as 'eUICC') to provide the same service as a detachable UICC even when a chip-type terminal integrated structure is provided instead of a detachable structure in order to provide more shock and heat resistance. A structure has been proposed.

Unlike the existing detachable type UICC, the eUICC is mounted on the terminal at the manufacturing stage of the terminal and released, and due to the physical structure of the terminal that cannot be detached from the terminal, the eUICC cannot be changed through the eUICC detachment.

Therefore, in order to change the mobile communication service provider of the terminal on which the eUICC is mounted, a method for remotely providing information of the mobile communication service provider to the eUICC is required.

However, until now, a function for providing information of a mobile carrier to an eUICC or an interface for the mobile communication provider has not been specifically defined, and accordingly, a method of providing mobile carrier information to a terminal having an existing UICC is provided with an eUICC. If it is applied to the terminal as it is, there is a disadvantage that the vulnerability to security.

An object of the present invention for solving the above problems is to provide a mobile carrier information to the eUICC while maintaining a high security, and to provide a mobile carrier information that can maintain a high security even after the carrier information is stored in the eUICC To provide a way.

In addition, another object of the present invention is to provide a mobile communication provider information that can provide mobile carrier information to the eUICC, while maintaining a high security, even after the mobile carrier information is stored in the eUICC providing a mobile carrier information will be.

The objects of the present invention are not limited to the above-mentioned objects, and other objects and advantages of the present invention which are not mentioned above can be understood by the following description, and will be more clearly understood by the embodiments of the present invention. Also, it will be readily appreciated that the objects and advantages of the present invention may be realized by the means and combinations thereof indicated in the claims.

According to a method for providing mobile carrier information according to an aspect of the present invention for achieving the above object of the present invention, a method for providing mobile carrier information performed by a terminal having an eUICC, the mobile carrier information is encapsulated and included Receiving the received data and storing the received data in the eUICC.

Here, in the receiving of the encapsulated data of the mobile communication provider information, the authentication key information for authentication of the terminal may be encapsulated to receive the included data. In addition, the data encapsulated with the authentication key information may be configured as data of an authentication processing module for processing authentication of the terminal.

Here, in the receiving of the data including the mobile communication provider information encapsulated, the encryption module data generating the format of the authentication key information for authentication of the terminal may be received in a different format than before.

The storing of the received data in the eUICC may include storing an authentication processing module configured to process authentication of the terminal in the eUICC, wherein the mobile communication service provider information includes an authentication key, wherein the authentication key is the authentication key. It may be stored in the eUICC in a state encapsulated in a processing module.

Here, after the authentication processing module is stored in the eUICC, and performs an authentication process corresponding to the authentication request provided from the terminal, in response to the authentication processing result, any one of an authentication success response, an authentication failure response, and a synchronization failure response. May provide a response to the terminal.

Here, the mobile communication provider information providing method may further include the step of performing a process for preventing the exposure of the authentication key when the authentication key is used after the authentication processing module is stored in the eUICC.

According to another aspect of the present invention, there is provided a method for providing mobile operator information, the method for providing mobile operator information performed by a mobile operator server, the module encapsulating mobile operator information. Generating and transmitting the encapsulated module to a specific terminal.

The generating of the module encapsulating the mobile communication provider information may include generating the encapsulated module by encapsulating the authentication key with the mobile communication provider information in the authentication processing module performing the authentication process.

In the generating of the module encapsulating the mobile communication provider information, the encapsulated module may be generated as a file having the same form as the applet file.

The transmitting of the encapsulated module to a specific terminal may include transmitting the encapsulated module to a subscription manager-data preparation (SM-DP), and transmitting the encapsulated module to the SM-SR (SM-DP). And transmitting the encapsulated module to the specific terminal through an over the air (OTA) communication scheme.

In addition, the mobile operator information providing apparatus according to an aspect of the present invention for achieving another object of the present invention, the processing for downloading the module in which the mobile carrier information is encapsulated and the module in which the mobile carrier information is encapsulated EUICC having a processing unit to perform.

Here, the module in which the mobile communication provider information is encapsulated may include an authentication key encapsulating the authentication key of the device, and may be configured as an authentication processing module for performing authentication.

Here, the processing unit may receive an authentication request message from the device and provide the authentication request message to the authentication processing module, and receive a response provided as an authentication result from the authentication processing module and provide the response to the device.

Here, the authentication processing module performs an authentication process corresponding to the authentication request provided from the processing unit, and then, among the authentication success response indicating authentication success, authentication failure response indicating authentication failure, and synchronization failure response indicating synchronization failure. Any response may be provided to the device through the processing unit.

According to the method and apparatus for providing information of a mobile carrier according to an embodiment of the present invention as described above, the information of the mobile carrier to be delivered for providing to the eUICC is encapsulated in arbitrary data such as an authentication processing module. Authentication key can be delivered by applying the highest security technique.

Accordingly, even when the information of the mobile communication service provider is transmitted through the unsecured public wireless network, the information of the mobile communication service provider can be delivered to the eUICC by applying the highest level of security.

In addition, in the present invention, the authentication key is encapsulated and stored inside the eUICC so that the interface to access the authentication key does not exist, so that the authentication key is not exposed by an external hacking attack using the interface, thereby replicating the eUICC. You can prevent it.

1 is a conceptual diagram illustrating an environment in which a method for providing mobile service provider information according to an embodiment of the present invention is executed.

2 is a conceptual diagram illustrating a method for providing mobile service provider information according to an embodiment of the present invention.

3 is a flowchart illustrating an authentication process between a terminal and a mobile service provider network.

4 is a block diagram illustrating a configuration of an eUICC to which a mobile communication service provider information providing method according to another embodiment of the present invention is applied.

5 is a conceptual diagram illustrating a method for providing mobile carrier information according to another embodiment of the present invention.

6 is a conceptual diagram illustrating a process of performing authentication processing after an authentication key is stored in an eUICC according to another embodiment of the present invention.

7 illustrates an example of an authentication interface used in a method for providing mobile carrier information according to another embodiment of the present invention.

8 illustrates an example of an authentication success response interface used in a method for providing mobile carrier information according to another embodiment of the present invention.

9 illustrates an example of a synchronization failure response interface used in a method for providing mobile carrier information according to another embodiment of the present invention.

10 is a flowchart illustrating a method for providing mobile carrier information according to another embodiment of the present invention.

As the present invention allows for various changes and numerous embodiments, particular embodiments will be illustrated in the drawings and described in detail in the written description.

However, this is not intended to limit the present invention to specific embodiments, it should be understood to include all modifications, equivalents, and substitutes included in the spirit and scope of the present invention.

The terminology used herein is for the purpose of describing particular example embodiments only and is not intended to be limiting of the present invention. Singular expressions include plural expressions unless the context clearly indicates otherwise. In this application, the terms "comprise" or "have" are intended to indicate that there is a feature, number, step, operation, component, part, or combination thereof described in the specification, and one or more other features. It is to be understood that the present disclosure does not exclude the possibility of the presence or the addition of numbers, steps, operations, components, components, or combinations thereof.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art. Terms such as those defined in the commonly used dictionaries should be construed as having meanings consistent with the meanings in the context of the related art and shall not be construed in ideal or excessively formal meanings unless expressly defined in this application. Do not.

Hereinafter, with reference to the accompanying drawings, it will be described in detail a preferred embodiment of the present invention. In the following description of the present invention, the same reference numerals are used for the same elements in the drawings and redundant descriptions of the same elements will be omitted.

1 is a conceptual diagram illustrating an environment in which a method for providing mobile service provider information according to an embodiment of the present invention is executed.

Referring to FIG. 1, a method of providing mobile carrier information according to an embodiment of the present invention is a mobile network operator (MNO) server (hereinafter referred to as an MNO server) 110, a subscriber information management server. The 130 and the eUICC 150 may be performed in an environment connected to each other through a network.

The MNO server 110 is provided by the eUICC 150 to provide a mobile communication service to a subscriber who has subscribed to a mobile communication service provided by a mobile communication system such as Wideband Code Division Multiple Access (WCDMA) and Long Term Evolution (LTE). Generate mobile operator information. Here, the mobile carrier information may be referred to by other terms such as an operator credential, an MNO credential, a profile, an eUICC profile, or a profile package.

The subscriber information management server 130 processes functions such as information management for the eUICC 150, information management for various telecommunication service providers, authentication and remote information change according to the change of the mobile communication service provider of the subscriber.

That is, the subscriber information management server 130 issues overall management of the eUICC 150 such as issuing mobile operator information to the eUICC 150 and processing a procedure for changing a subscription or changing a mobile carrier. do.

The subscriber information management server 130 may include a subscription manager (SM: abbreviated as "SM") or a profile manager (PM: profile manager, abbreviated as "PM").

SM uses the Subscription Manager-Data Preparation (SM-DP), which plays a role in generating mobile carrier information, and the Subscription Manager Secure Routing (SM-SR), which directly transfers operator information to eUICC (150). It may include.

The SM-DP performs a process such as encryption on the data to be provided to the eUICC 150 by the mobile communication service provider (MNO), configures a package to which security is applied, and delivers it to the SM-SR. Here, the package to which security is applied may be composed of mobile communication provider information generated by the MNO server 110.

The SM-SR routes to another SM-SR or delivers to the corresponding eUICC 150 so that the security-applied package received from the SM-DP can be normally delivered to the target eUICC 150. Here, in the process of delivering the security-applied package to the corresponding eUICC 150, an over-the-air (OTA) communication method with security may be used.

The eUICC 150 decodes the OTA package received through the OTA communication method from the SM-SR, extracts the package encrypted by the SM-DP, and decodes the extracted package to obtain actual mobile service provider information. Mobile carrier information is stored in the eUICC (150).

2 is a conceptual diagram illustrating a method for providing mobile service provider information according to an embodiment of the present invention. Hereinafter, the authentication key K will be described as an example of mobile communication provider information provided to the eUICC.

Referring to FIG. 2, first, the MNO server 210 includes an authentication key K of a subscriber, a UICC data file (for example, a network connection file such as IMSI, HPLMN), a user information file (for example, an SMS file, Phonebook, etc.) and applets and the like, and generate the file to the SM-DP (230).

The SM-DP 230 encrypts the file provided from the MNO server 210 and then transfers the encrypted file to the SM-SR 250. Here, the SM-DP 230 generates an OTA package including a file to be delivered to the eUICC 270 through the SM-SR 250, and the authentication key (K) of the subscriber and the UICC data file (for example, the OTA package). For example, a credential of a mobile communication service provider (MNO) such as IMSI, HPLMN, etc. may be included.

SM-SR 250 delivers the encrypted OTA package provided from SM-DP 230 to the corresponding eUICC 270. Here, the SM-SR 250 may deliver an OTA package to the eUICC 270 using an encrypted OTA communication method.

The eUICC 270 decrypts the encrypted OTA package received from the SM-SR 250 to obtain an authentication key K, a UICC data file, and the like, and stores the encrypted key.

The authentication key K encrypted by the SM-DP 230 and provided to the eUICC 270 is one of the mobile communication provider information as described above. That is, the authentication key K is a subscriber key shared between the eUICC 270 and the authentication center (AuC) of the mobile communication service provider and authenticates between the network of the mobile communication service provider and the subscriber (or eUICC 270). Used for

The authentication key is for authenticating the mobile operator network and has the highest level of importance in security. If the authentication key K value is exposed, the corresponding eUICC 270 can be duplicated, and the voice call, the multimedia message service (SMS / MMS), the data service, etc. of the subscriber can be hacked through the duplication.

In the embodiment shown in Fig. 2, K, which is important information of the highest level of security, is applied at the same level of security (for example, a simple encryption level) as other information (for example, IMSI, HPLMN, SMS, phonebook, etc.). It is illustrated as passing through a wireless network.

Since the subscriber authentication key information such as the authentication key K is provided and stored in the eUICC 270 during the opening process of the terminal, it is provided to the eUICC 270 before authentication with the eUICC 270 and the mobile communication network. In this process, an unsecured public wireless network is used.

Therefore, a higher level of security is required for the delivery of mobile operator information such as authentication key K.

On the other hand, in order to provide the authentication key K in the remote location, it is also possible to use a separate interface for providing the authentication key K to the eUICC (270). However, the existence of an interface that can send and receive the authentication key K, which has the highest level of security, in any form (encrypted or non-encrypted), means that it is very vulnerable to a security attack. This means that the probability of being hacked in the remote transmission process of K increases.

In other words, since the authentication key K can be duplicated when the eUICC 270 is exposed, the authentication key K is information having the highest level of security. Therefore, in order to deliver the authentication key K, it is necessary to apply the highest security to the authentication key K and deliver it, and the highest security level for the authentication key K must be maintained even inside the eUICC 270.

In another embodiment of the present invention to satisfy the above requirements, a method for applying the highest level of security to the authentication key K and maintaining the highest level of security even after the authentication key is downloaded into the eUICC 270 is provided. to provide.

In the method of providing mobile communication service provider information according to another embodiment of the present invention, a method of applying the highest level of security to the authentication key K, the eUICC 270 receives the authentication key K from the remote, the authentication key K is eUICC (270) In the process of being used for authentication and network of the mobile communication service provider inside the), the authentication key information K is not used alone.

In general, the authentication process of the terminal receives an input value (for example, a random number value) from the network to perform a predetermined calculation with the internally stored authentication key, and is processed by a method of delivering the calculation result to the network.

That is, the authentication key only needs to exist in the eUICC 270 in such a way that the eUICC 270 can perform authentication processing with the mobile service provider network without any problem. As shown in FIG. 2, the authentication key information K is independently transmitted. No output is required.

3 is a flowchart illustrating an authentication process between a terminal and a mobile service provider network.

3 is valid in both directions between the terminal 310 and the network by using an authentication key (K) shared between the USIM mounted on the terminal 310 and an authentication center (AuC) 350 of the mobile communication service provider. As a procedure for confirming the operation, a parameter (Ciphering Key, Integrity Key) used to ensure confidentiality and integrity of data is generated by performing the procedure illustrated in FIG. 3.

Referring to FIG. 3, first, a mobile switching center (MSC) or a serving GPRS support node (SGSN) 330 transmits an authentication data request message to the authentication center 350 to perform an authentication procedure. Subscriber authentication data is requested (S301). Here, the authentication data request message may include IMSI (International Mobile Subscriber Identity) information which is subscriber identification information of the telecommunication service.

The authentication center 350 distinguishes subscribers using IMSI information included in the authentication data request message received from the MSC or SGSN 330, and uses a random number (RAND), a K, an authentication management field (AMF), and a sequence (SQN). Based on the value of Number, an Expected Response (XRES), Authentication Token (AUTN), Ciphering Key (CK), Integrity Key (IK), and Message Authentication Code (MAK) value are generated (S303).

Here, the RAND means a random number, and is generated in a home network operated by a predetermined mobile communication provider and transmitted to the terminal 310. K means a secret key and is called an authentication key, and is stored in each of the USIMs mounted on the authentication center 350 and the terminal 310 of the home network. AMF is used to indicate the type of algorithm used for authentication and which key value was used when generating the authentication vector. SQN is a sequence number, and the rules for generating an SQN for each mobile carrier may be different, and are used to confirm that the authentication vector received from the USIM is a new value.

XRES is used to determine the validity of a USIM card. Authentication Token (AUTN) consists of SQN + AK, MAC and AMF. Anonymity Key (AK) is used to mask the regularity of the SQN value by masking the increasing SQN value each time authentication is attempted. CK is a value used for a ciphering algorithm, and is used to encrypt data transmitted between the terminal 310 and the MSC or SGSN 330. IK is a value used in the integrity algorithm, and is used to verify the integrity of a signaling message transmitted and received over a radio section. The MAC is used to determine the validity of the network in the terminal 310.

Meanwhile, the authentication center 350 configures an authentication vector (AV) including RAND, XRES, CK, IK, and ATUN, and performs n authentication vectors (AV (AV) through an authentication data response message). 1… n)) is transmitted to the MSC or SGSN 330 (S305). Here, one authentication vector consists of RAND, AUTN, CK, IK, and XRES, and the AUTN consists of SQN + AK, MAC, and AMF. In addition, n authentication vectors (AV (1 ... n)) mean an array of n authentication vectors having a basic configuration of RAND, AUTN, XRES, CK, and IK. That is, AV (i) means an authentication vector composed of RAND (i), AUTN (i), XRES (i), CK (i), and IK (i).

The MSC or SGSN 330 selects an authentication vector AV (i) to be used for authentication among n authentication vectors provided from the authentication center 350 and requests the authentication vector AV (i) to be authenticated (AUTHENTICATION REQUEST). By including the message and transmitting the message to the terminal 310, the RAND (i) and the AUTN (i) among the components of the selected authentication vector AV (i) are transmitted to the terminal 310 (S307).

The terminal 310 transmits the RAND (i) and the AUTN (i) included in the authentication request message received from the MSC or SGSN 330 to the USIM.

USIM inputs RAND (i), AUTN (i) value and K value, which is an authentication key stored in the USIM card, as input from the terminal 310, RES (Response), XMAC (Expected Message Authentication Code), and CK (Ciphering Key). ), IK (Integrity Key) and SQN (Sequence Number) values are generated (S309).

Thereafter, the USIM compares the MAC value provided from the RNC (Radio Network Controller) with the generated XMAC value (S311).

If it is determined that the MAC value and the XMAC value are different from each other, the USIM transmits an AUTHENTICATION REJECT message to the MSC or SGSN 330 (S313). Here, the authentication rejection message may include MAC failure as information indicating a cause of authentication failure.

Or, if it is determined that the MAC value and the XMAC value are the same, the USIM determines whether the SQN value extracted from the AUTN is within a predetermined SQN range (S315).

Here, if the SQN is out of a predetermined range, the USIM generates an AUTS and includes the synchronization failure information indicating the cause of the authentication failure in the AUTENTICATION REJECT message and the generated Authentication re-Synchronization token (AUTS). To the MSC or SGSN 330 (S317). Here, the AUTS is composed of MAC-S and SQNms + AK.

Alternatively, if the SQN is included in the predetermined range in step S315, the USIM transmits the generated RES value to the MSC or SGSN 330 by including it in the authentication response (AUTHENTICATION RESPONSE) message (S319).

The MSC or SGSN 330 compares the RES value received from the terminal 310 (or USIM) and the XRES value stored in the VLR (Visitor Location Register) / SGSN through an AUTHENTICATION RESPONSE message (S321).

Here, when the RES value and the XRES value are the same, the MSC or SGSN 330 selects IK and CK from the authentication vector array (S323), thereby ending the entire authentication procedure.

On the other hand, the MSC or SGSN 330 receives an authentication rejection message from the terminal 310 through step S313, or if the RES value and the XRES value are different from each other, the authentication center reports an authentication failure message (AUTHENTICATION FAILURE REPORT) message. It transmits to 350 (S325). Here, the authentication failure report message may include information such as IMSI, cause of authentication failure, access type, authentication re-attempt information, VLR / SGSN address, and RAND value.

In addition, when the MSC or SGSN 330 receives an authentication rejection message from the terminal 310 through step S317, the MSC or SGSN 330 sends an authentication data request message to retry authentication. (S327). In this case, the authentication data request message may include synchronization failure indication information, RAND or AUTS information.

Referring to the authentication procedure illustrated in FIG. 3, in order for a terminal having an eUICC to perform an authentication function with a mobile service provider network, the eUICC may include one authentication request message and three response messages, that is, an authentication response (AUTENTICATION). RESPONSE (RES)), AUTENTICATION REJECT (MAC failure), AUTENTICATION REJECT (Sync failure).

When the terminal can process the above three types of responses to the authentication request, even if the authentication key K does not exist alone in the eUICC, the terminal can perform authentication with the mobile operator network. It means that there is.

In the method of providing mobile communication service provider information according to another embodiment of the present invention, when the authentication key is transmitted to the eUICC from a device located at a remote location in consideration of the authentication process as shown in FIG. A method of encapsulating and delivering in a module (eg, an authentication processing module) is used.

4 is a block diagram illustrating a configuration of an eUICC to which a mobile communication service provider information providing method according to another embodiment of the present invention is applied.

Referring to FIG. 4, the eUICC 400 may include a processing unit 410 and an authentication processing module 430.

The processor 410 may perform a process necessary to download the authentication processing module 430. In addition, the processor may execute various applications related to the eUICC 400.

The authentication processing module 430 is a module that performs processing related to authentication, and includes an authentication key K 431 encapsulated therein.

In another embodiment of the present invention, unlike the above-described embodiment of the present invention, the authentication key K 431 downloaded by the eUICC 400 from the mobile communication service provider server is not transmitted in a single form, and a module of a predetermined type is used. Encapsulated and delivered. Herein, encapsulating and transmitting the authentication key K 431 means not transmitting the authentication key K 431 in a single form.

The module used for encapsulation of the authentication key K 431 may use various types of modules. For example, the module used for encapsulation of the authentication key K 431 processes the authentication key K 431 together with any other information to generate the format of the authentication key K 431 into a new format different from the original form. It can be any encryption module that can.

Preferably, the encapsulation module uses the above-mentioned three responses (ie, authentication response, authentication rejection (MAC failure)), and authentication rejection using a specific value that the terminal receives from the network as an input value (for example, a random number value). It may be configured as an authentication processing module 430 that can output one of (synchronization failure).

In another embodiment of the present invention, since the authentication key K 431 is delivered in a single form or does not use a specific interface for the delivery of the authentication key K 431, the eUICC 400 uses an unauthenticated network. Even when downloading the authentication key K 431, there is no possibility that the authentication key K 431 leaks by hacking.

In addition, by storing the authentication key K 431 inside the authentication processing module 430 of the eUICC (400), it is possible to obtain the effect of applying the highest security level as follows.

There is no interface with the terminal for generating or changing the authentication key K 431. As described above, the existence of an interface capable of transmitting and receiving the authentication key K 431 in its own form may cause a problem that becomes very vulnerable to a security attack, and increases the probability of being hacked. For example, if the hacking program finds the interface information between the authentication algorithm and the authentication key K, the hacking program may behave like the authentication algorithm and extract the authentication key K. However, in another embodiment of the present invention, since the interface as described above is not used, there is no possibility that the authentication key is hacked.

Also, in another embodiment of the present invention, various security techniques are applied in the authentication processing module 430 to prevent the authentication key K 431 from being exposed.

For example, the authentication processing module 430 may hide the position where the authentication key K 431 is used for the operation on the memory through a pseudo encryption operation. In addition, all the buffers used for encryption / decryption using the authentication key are initialized so that the calculated value cannot be estimated. In addition, the countermeasure function is provided during encryption / decryption operation using the authentication key to prevent illegal access. In this case, the authentication key required for encryption / decryption may be included in the authentication processing module 430, and thus, even when applying the security scheme as described above, there is no need to newly assign an encryption key.

In addition, since the authentication processing module 430 internally has the authentication key K 431, not only the security techniques described above but also a number of techniques for defending against external attacks may be applied.

FIG. 5 is a conceptual diagram illustrating a method for providing mobile carrier information according to another embodiment of the present invention, and illustrates an example of a process of downloading a module in which an eUICC encapsulates an authentication key K from an MNO server.

Referring to FIG. 5, first, the MNO server 510 generates a module encapsulating an authentication key K of a subscriber and transmits the generated module to the encapsulation module SM-DP 530. Here, the MNO server 510 may encapsulate the authentication key K using the authentication processing module 501. In addition, the MNO server 510 may generate the authentication processing module 501 in which the authentication key is encapsulated as a file (or a library) having the same form as a general applet (for example, .cap).

The SM-DP 530 transfers the authentication processing module 501 provided from the MNO server 510 to the SM-SR 550. Here, the SM-DP 530 encrypts the authentication processing module 501 to be delivered to the eUICC 570 through the SM-SR 550 to generate an OTA package, and generates the encrypted OTA package by the SM-SR 550. Can be delivered to.

The SM-SR 550 delivers the OTA package provided from the SM-DP 530 to the corresponding eUICC 570. Here, the SM-SR 550 may deliver an OTA package to the eUICC 570 using an encrypted OTA communication method, and the encrypted OTA package may include an authentication processing module 501 encapsulated with an authentication key. have.

The eUICC 570 may extract the authentication processing module 501 in which the authentication key is encapsulated by decrypting the encrypted OTA package received from the SM-SR 550, and then store the extracted authentication processing module 501 therein.

As shown in FIG. 5, in the method of providing mobile service provider information according to another embodiment of the present invention, an authentication key transmitted from the MNO server 510 to the eUICC 570 is converted into a file having a different format (for example, authentication processing). After encapsulating in module 501, the encapsulated file can be encrypted and delivered to eUICC 570, thereby enhancing the security level for delivery of the authentication key to the highest level.

Meanwhile, after the authentication processing module encapsulating the authentication key is stored inside the eUICC, the eUICC should be able to perform an authentication function with the mobile service provider network without exposing the authentication key K to the outside.

6 is a conceptual diagram illustrating a process of performing authentication processing after an authentication key is stored in an eUICC according to another embodiment of the present invention.

In FIG. 6, the terminal 610 and the eUICC 630 are shown as independent blocks, respectively, but these are merely for convenience of description, and in practice, the eUICC 630 is mounted in a chip form inside the terminal 610. Can be configured.

Referring to FIG. 6, the eUICC 630 simply transmits and receives a message with the terminal 610 through an interface for one to four authentication processes, and provides an authentication function with the mobile service provider network. Even if the authentication key K is not downloaded in a single form, the authentication process requiring the authentication key K can be performed.

That is, when the terminal 610 requests authentication to the processing unit of the eUICC through an authentication interface 601 in the process of processing authentication with the mobile service provider network, the processing unit 631 of the eUICC sends an authentication request to the authentication processing module. Provided at 633.

The authentication processing module 633 performs the above-described processing corresponding to the authentication request provided from the processing unit 631, and then provides a response to the authentication request to the processing unit 631, and the processing unit 631 receives the authentication success response. The response message provided from the authentication processing module is provided to the terminal through the corresponding interface among the interface 602, the authentication failure response interface 603, and the synchronization failure response interface 604.

In FIG. 6, the authentication interface 601, the authentication success response interface 602, the authentication failure response interface 603, and the synchronization failure response interface 604 may be configured in a message form.

Hereinafter, each of the four interfaces for authentication processing illustrated in FIG. 6 will be described in more detail with reference to FIGS. 7 to 9.

7 illustrates an example of an authentication interface used in a method for providing mobile carrier information according to another embodiment of the present invention. 8 illustrates an example of an authentication success response interface used in a method for providing mobile carrier information according to another embodiment of the present invention. 9 illustrates an example of a synchronization failure response interface used in the method for providing mobile carrier information according to another embodiment of the present invention.

First, referring to FIG. 7, an authentication interface (or an authentication message) includes a CLA field indicating a class of an instruction, an INS field indicating an instruction, a P1 field indicating a first parameter, and a second parameter. It may include a P2 field indicating a parameter, an Lc field indicating a length of command data, and a DATA field including authentication related data. Here, the DATA field may include a random number (RAND) and an authentication token (AUTN) provided from a network.

When receiving the authentication message from the terminal, the authentication processing module calculates an XMAC (Expected Message Authentication Code) using the RAND and the secret key (K). Thereafter, the authentication processing module compares the calculated MAC (Message Authentication Code) included in the AUTN with the calculated XMAC to determine whether the two values are the same. In addition, the authentication processing module checks whether the sequence number (SQN) is within a predefined valid area.

If the MAC and XMAC are the same and the SQN is in the valid area, the authentication processing module calculates RES (Response), which is an authentication response, and the authentication success response interface (or authentication success response message) as shown in FIG. Inform the terminal that the authentication is successful. Here, the authentication processing module also transmits the encryption key CK and the integrity key IK calculated together with the RES to the terminal.

The authentication success response interface (or authentication success response message) may be configured as illustrated in FIG. 8. That is, the authentication success response interface may include a 'DB' field indicating whether authentication is successful, an RES indicating an authentication value, an encryption key CK, an integrity key IK, and 2G (second generation mobile communication method) encryption key Kc information. have.

On the other hand, when the terminal receives the authentication success response message from the eUICC, and transmits to the network including the corresponding response (RES) received in the authentication response (AUTHENTICATION RESPONSE) message.

The network (MSC or SGSN) receiving the authentication response from the terminal compares the authentication response RES transmitted by including it in the authentication response message transmitted from the terminal to the XRES (Expected Response) stored in advance. Here, when RES and XRES are the same, the terminal is authenticated on the network side.

As described above, after the terminal is authenticated to the network, the terminal and the network configure a secure channel using the encryption key CK and the integrity key IK generated therebetween, and then perform communication using the secure channel. Reliability is guaranteed.

Alternatively, the authentication processing module of the eUICC transmits an authentication failure response message (or authentication failure response interface) with SW (Status Word) = 9082 when the two values are different, as a result of comparing the calculated XMAC and MAC. do. In this case, authentication and registration of the terminal to the network will fail.

The terminal transmits the information including the information indicating the cause of the failure in the authentication rejection (AUTHENTICATION REJECT) message corresponding to the authentication failure response message provided from the eUICC to the network.

On the other hand, synchronization management is performed to prevent a situation where an unauthorized user acquires an authentication vector transmitted as it is without encryption in the wireless section by using an authentication vector obtained by an unauthorized user. In other words, synchronization management means processing that an authentication vector used once cannot be reused.

The authentication processing module checks the MAC and SQN included in the AUTN delivered from the network.If the calculated XMAC and the MAC delivered from the network are the same but the SQN is not within the valid range, the authentication module determines that the synchronization has failed and fails to synchronize. Respond to the terminal using a message (or synchronization failure response interface).

In general, the network (authentication center) generates an SQN larger than the value stored in the authentication processing module, and the authentication processing module updates the stored SQN value with the SQN value generated in the network upon successful authentication.

The authentication processing module transmits a synchronization failure response message (or synchronization failure response interface) having a format as shown in FIG. 9 upon synchronization failure to the terminal.

As shown in FIG. 9, the synchronization failure response message may include 'DC' indicating a synchronization failure tag, 'OE' indicating the length of AUTS, and AUTS information.

The network (authentication center) generates a new authentication vector containing an authentication re-synchronization token (AUTS) sent from the authentication processing module and a prestored RAND.

That is, the network checks MAC-S (Message Authentication Code-Synchronization) of the AUTS. If the MAC-S value is valid, the network performs a reauthentication procedure with the terminal by generating a new authentication vector after updating the SQN. In general, authentication should succeed after resynchronization.

10 is a flowchart illustrating a method for providing mobile carrier information according to another embodiment of the present invention, illustrating a processing performed by a terminal having an eUICC.

Referring to FIG. 10, first, a terminal receives data (eg, an authentication processing module) in which mobile communication provider information such as an authentication key is encapsulated from a network (S1001).

The terminal stores the data in the eUICC (S1003). Here, the mobile carrier information encapsulated in the received data is stored in the eUICC in a state encapsulated in the data.

Thereafter, the terminal determines whether an authentication request is received from the network (S1005), and when an authentication request is received, transmits parameters included in the authentication request to the eUICC through an authentication interface (S1007).

Thereafter, the terminal receives a response corresponding to the authentication request from the eUICC (S1009). Here, the response corresponding to the authentication request may be any one of an authentication success response, an authentication failure response, and a synchronization failure response, as described with reference to FIGS. 6 to 9.

The terminal transmits a message corresponding to the response received from the eUICC to the network (S1011).

According to the method and apparatus for providing information of a mobile communication service provider according to an embodiment of the present invention as described above, the authentication key transmitted for providing to the eUICC can be delivered by applying the highest security technique. In general, since the mobile operator profile does not exist in the eUICC before the terminal is opened, authentication is not performed between the terminal and the mobile operator network, and thus, through an open wireless network that is not secured. The carrier's information should be conveyed. The information providing method of the mobile communication service provider according to the embodiment of the present invention can expect a greater security effect in such an environment.

In addition, in the present invention, the authentication key is encapsulated and stored inside the eUICC so that an interface for accessing the authentication key does not exist, so that the authentication key is not exposed by an external hacking attack using the interface, thereby replicating the eUICC. Can be prevented.

Although described with reference to the embodiments above, those skilled in the art will understand that the present invention can be variously modified and changed without departing from the spirit and scope of the invention as set forth in the claims below. Could be.

Claims (15)

In the mobile communication provider information providing method performed in a terminal having an embedded universal integrated circuit card (eUICC), Receiving data in which mobile communication provider information is encapsulated; And And storing the received data in the eUICC. The method according to claim 1, Receiving the data containing the mobile communication provider information is encapsulated, Mobile communication service provider information providing method characterized in that the authentication key information for authentication of the terminal is encapsulated to receive the included data. The method according to claim 2, And the data contained by encapsulating the authentication key information is data of an authentication processing module for processing authentication of the terminal. The method according to claim 1, Receiving the data containing the mobile communication provider information is encapsulated, And receiving encryption module data generating a format of authentication key information for authentication of the terminal in a different format than before. The method according to claim 1, The storing of the received data in the eUICC, An authentication processing module for processing the authentication of the terminal is stored in the eUICC, wherein the mobile communication provider information includes an authentication key, wherein the authentication key is stored in the eUICC encapsulated in the authentication processing module. How to provide carrier information. The method according to claim 5, After the authentication processing module is stored in the eUICC, performs an authentication process corresponding to the authentication request provided from the terminal, the response of any one of the authentication success response, authentication failure response and synchronization failure response in response to the authentication processing result Mobile communication provider information providing method comprising providing to the terminal. The method according to claim 5, The mobile communication provider information providing method, And after the authentication processing module is stored in the eUICC, if the authentication key is used, performing a process for preventing exposure of the authentication key. In the mobile carrier information providing method performed in the mobile operator server, Generating a module encapsulating mobile communication provider information; And Mobile communication provider information providing method comprising the step of transmitting the encapsulated module to a specific terminal. The method according to claim 8, Generating a module encapsulating the mobile operator information, And generating the encapsulated module by encapsulating and including the authentication key as the mobile communication provider information in the authentication processing module performing authentication processing. The method according to claim 8, Generating a module encapsulating the mobile operator information, And providing the encapsulated module as a file having the same type as the applet file. The method according to claim 8, The step of transmitting the encapsulated module to a specific terminal, Transmitting the encapsulated module to a subscription manager-data preparation (SM-DP); Transmitting, by the SM-DP, the encapsulated module to a subscription manager secure routing (SM-SR); And And transmitting, by the SM-SR, the encapsulated module to the specific terminal through an over the air (OTA) communication scheme. A module in which mobile communication provider information is encapsulated; And And an embedded universal integrated circuit card (eUICC) having a processing unit for performing a process for downloading a module in which the mobile communication provider information is encapsulated. The method according to claim 12, The module in which the mobile communication provider information is encapsulated And an authentication processing module for encapsulating an authentication key for authentication of the device and performing processing for authentication. The method according to claim 13, The processing unit, Receiving an authentication request message from the device and providing the authentication request message to the authentication processing module, and receiving a response provided as a result of the authentication from the authentication processing module and providing the response to the device. The method according to claim 13, The authentication processing module, after performing an authentication process corresponding to the authentication request provided from the processing unit, any one of an authentication success response indicating authentication success, an authentication failure response indicating authentication failure, and a synchronization failure response indicating synchronization failure. And provide a response to the device through the processing unit.

Images