Patent Application
20150359026
The present application relates to provisioning of an embedded UICC (Universal Integrated Circuit Card).
A GSM (Global System for Mobile Communications) system, a UMTS (Universal Mobile Telecommunications System), and an LTE (Long Term Evolution) system, etc., use an IC (Integrated Circuit) module that is called a UIM (User Identity Module), an SIM (Subscriber Identity Module), a USIM (Universal Subscriber Identity Module), or a UICC (Universal Integrated Circuit Card), etc., and can be easily removed from a communication device (e.g., a cellular phone terminal, a smartphone, a tablet computer). These IC modules store credentials necessary to access a mobile operator network. The credentials generally include a user identity code (e.g., an IMSI (International Mobile Subscriber Identity)) and a telephone number (e.g., an MSISDN). The credentials may be called identity information or an SIM profile, etc.
The UICC can store various applications including an application (e.g., an SAT (SIM application toolkit) application) that communicates with a communication device in order to update the credentials through OTA (Over the Air), in addition to an SIM application or a USIM application for network authentication. That is, strictly speaking, the UICC is different from the UIM, the SIM, and the USIM. These terms are however often used interchangeably. Accordingly, although the term “UICC” is mainly used in the specification, the term “UICC” in the specification may denote the UIM, the SIM, or the USIM, etc.
Mainly for the purpose of mounting on an M2M (Machine-to-Machine) device and CCE (connected consumer electronics), a new type of SIM called an eUICC (embedded UICC) or an eSIM (embedded SIM) has been discussed by the 3GPP (Third Generation Partnership Project), the ETSI (European Telecommunications Standards Institute), and the GSMA (GSM Association), etc. The eUICC is embedded in a radio communication module or a device equipped with a radio communication module during a manufacturing process of the radio communication module or the device. Specifically, the eUICC is directly soldered to a circuit board. The M2M device may be called an MTC (Machine Type Communication) device. In addition, in regard to the M2M device and the CCE, the term “MCIM (Machine Communication Identity Module)” may be used as the term “SIM” and “USIM”.
It is extremely difficult to replace the eUICC mounted in the device (M2M device or CCE). Accordingly, when a connectable MNO (Mobile Network Operator) is fixed as in a usual SIM/UICC, selection of an MNO by a user of the device is limited. In order to solve such a problem, it is desired to allow credentials of the MNO selected by the user to be downloaded through OTA (Over the Air) at the time of using the device. As a result of this, flexible MNO (Mobile Network Operator) selection according to a utilization situation of the device (e.g., a country or a region where the device is used) or a user's preference, etc., can be achieved. A process of downloading MNO credentials to the eUICC in an initial state is called provisioning or personalization.
One use case regarding the eUICC will be explained hereinafter. An M2M device manufacturer provides an M2M device equipped with the eUICC in the initial state. The eUICC in the initial state stores initial credentials necessary to connect to a provisioning network. The initial credentials include, for example, an IMSI and an MSISDN for connecting to the provisioning network. The provisioning network is connected to a subscription management server. The subscription management server is provided by an organization (Subscription Manager) trusted from a plurality of MNOs. The Subscription Manager is, for example, an organization approved by a standardizing body of the eUICC. The M2M device equipped with the eUICC in the initial state downloads, from the subscription management server to the eUICC by OTA (Over the Air) credentials and other data (e.g., a preferred PLMN (Public Land Mobile Network) list) regarding a particular MNO selected by a user of the M2M device. The provisioned eUICC uses newly written credentials to access a network of the particular MNO. Provisioning of the eUICC and update of the credentials including the above-mentioned use case are, for example, described in Non-Patent Literatures 1 and 2.
In the above-mentioned use case of the eUICC, the eUICC in the initial state stores minimum initial credentials necessary to connect to the provisioning network. Here, an operator of the provisioning network is considered. As a realistic solution, it is assumed that the operator of the provisioning network is any of MNOs consigned from the other MNOs. For example, it is considered that one of MNOs that provide services in a certain country or region provides the provisioning network on consignment from the other MNOs. Hereinafter, the MNO that provides the provisioning network is called an initial MNO. The initial MNO may be approved as a Subscription Manager and operate a subscription management server.
Inventors in the present case have examined a method for safely connecting a device equipped with an eUICC in an initial state to a network of an initial MNO. The initial MNO must permit attach of the M2M device equipped with the eUICC in the initial state for provisioning/personalization of the eUICC. However, the initial MNO also accommodates usual devices (e.g., a cellular phone terminal and a smartphone) each equipped with a usual SIM/UICC. Accommodating the M2M device equipped with the eUICC in the initial state and the usual devices in the common network causes concern about security deterioration.
Non-Patent Literatures 1 and 2 describe only summaries regarding provisioning of the eUICC and update of credentials, and do not describe specific methods and configurations for safely connecting the device equipped with the eUICC in the initial state to the network operated by the initial MNO. Accordingly, one of objects of the present invention is to provide a radio communication system, a radio access network node, a communication device, a core network node, a method and a program that contribute to allowing a device equipped with an eUICC in an initial state to be safely connected to a network operated by an initial MNO.
In a first aspect, a radio communication system includes: a device; a radio access network node; a provisioning network; a core network; and a server. The device is equipped with an embedded UICC in an initial state. The radio access network node is configured to communicate with the device. The provisioning network is a network arranged for provisioning of the embedded UICC. The core network is a network different from the provisioning network. The server is configured to communicate with the device through the provisioning network for provisioning of the embedded UICC. Furthermore, the radio access network node is configured to transmit an attach request message received from the device to the provisioning network instead of the core network.
In a second aspect, a radio access network node includes first and second communication units. The first communication unit is configured to communicate with a device equipped with an embedded UICC in an initial state. The second communication unit is configured to communicate with a provisioning network arranged for provisioning of the embedded UICC and a core network different from the provisioning network. Furthermore, the second communication unit is configured to transmit an attach request message received from the device to the provisioning network instead of the core network.
In a third aspect, a communication device includes: a radio communication unit that communicates with a radio access network node; and an embedded UICC. Furthermore, when the embedded UICC is in an initial state, the radio communication unit is configured to transmit, to the radio access network node, selected network information indicating a provisioning network arranged for provisioning of the embedded UICC.
In a fourth aspect, a communication method in a radio access network node includes: (a) receiving an attach request message from a device equipped with an embedded UICC in an initial state; and (b) transmitting the attach request to a provisioning network instead of a core network.
In a fifth aspect, a communication method in a device equipped with an embedded UICC includes, when the embedded UICC is in an initial state, transmitting to, the radio access network node, selected network information indicating a provisioning network arranged for provisioning of the embedded UICC.
In a sixth aspect, a program includes instructions for causing a computer to perform the method according to the above-mentioned fourth aspect.
In a seventh aspect, a program includes instructions for causing a computer to perform the method in accordance with the above-mentioned fifth aspect.
In an eighth aspect, a subscriber information server includes: a database storing subscriber information; and a communication unit configured to communicate with a mobility management node. Furthermore, the communication unit is configured to, in response to receiving a location update request including initial credentials corresponding to an embedded UICC in an initial state, transmit an answer message indicating an access point name corresponding to a provisioning network arranged for provisioning of the embedded UICC.
In a ninth aspect, a mobility management node includes: a first communication unit configured to communicate with a radio access network node; and a control unit. The control unit is configured to receive an attach request message from the device through the radio access network node. Furthermore, the control unit is configured to, when the attach request message indicates access by an embedded UICC in an initial state or access for provisioning of the embedded UICC, configure a communication path between the radio access network node and a transfer node corresponding to a provisioning network arranged for provisioning of the embedded UICC.
According to the above-mentioned aspects, there can be provided a radio communication system, a radio access network node, a communication device, a core network node, a method and a program that contribute to allowing a device equipped with an eUICC in an initial state to be safely connected to a network operated by an initial MNO.
Hereinafter, specific exemplary embodiments shall be explained in detail with reference to the drawings. The same or corresponding components are denoted by the same reference symbols throughout the drawings, and repetitive explanations will be omitted as necessary for the sake of clarity.
As already mentioned above, the initial MNO in the specification is a MNO that provides the provisioning network 6. The core network 3 of the initial MNO is a mobile core network (e.g., an EPC (Evolved Packet Core) of LTE or a GPRS (general packet radio service) core of a UMTS) to which a terminal having a UICC that stores regular credentials of the initial MNO is allowed to be connected. The terminal having the UICC that stores the regular credentials is, for example, a cellular phone terminal, a smartphone, and a tablet PC. In addition, the terminal having the UICC that stores the regular credentials may be an M2M device or CCE having a eUICC that has already been provisioned. The core network 3 is connected for example to an external packet network 4 and an M2M application server 5. The M2M application server 5 is operated for example by a third party different from the initial MNO, and provides an M2M application service through an API (Application Programming Interface) provided by the core network 3.
Meanwhile, the provisioning network 6 is a network operated by the initial MNO for provisioning/personalization of an eUICC in an initial state. The provisioning network 6 is connected to a subscription management server 7. The subscription management server 7 communicates with the device 1 (specifically, an eUICC 10) through the provisioning network 6. Additionally, the subscription management server 7 downloads credentials regarding a particular MNO and other data (e.g., a preferred PLMN list) to the eUICC 10 through OTA via the provisioning network 6. The particular MNO is, for example, an MNO selected according to an area where the device 1 is used, or an MNO selected by a user of the device 1. After the eUICC 10 has been provisioned, the device 1 is allowed to access a network of the particular MNO. As one example, the subscription management server 7 may provide the device 1 (eUICC 10) with credentials for accessing a network of an MNO different from the initial MNO. In another example, the initial MNO may be selected as the particular MNO. In this case, the device 1 having the provisioned eUICC 10 is allowed to be connected to the core network 3 of the initial MNO as the particular MNO.
Provisioning of the eUICC can be performed using an existing OTA platform used for updating data stored in a usual UICC, for example, an SMS (Short Message Service)-based OTA platform, a CBS (Cell Broadcast Service)-based OTA platform, or an IP (Internet Protocol)-based OTA platform. Accordingly, functions required to be installed in the provisioning network 6 may be determined according to an OTA platform employed for provisioning of the eUICC. For example, when the SMS-based OTA is employed, the provisioning network 6 has an SMS-SC (Short Message Service-Service Center), and controls short message transmission in response to a request from the subscription management server 7. Alternatively, when the CBS-based OTA is employed, the provisioning network 6 has a CBC (Cell Broadcast Centre), and controls cell broadcast in response to a request from the subscription management server 7. Further, alternatively, when the IP-based OTA is employed, the provisioning network 6 provides IP connectivity between the subscription management server 7 and the device 1.
Hereinafter, details of configurations and operations for provisioning of the eUICC 10 will be further explained. The RAN node 2 is configured to, in response to receiving an attach request message from the device 1 equipped with the eUICC 10 in the initial state, transmit the attach request message to the provisioning network 6 of the initial MNO instead of the core network 3 of the initial MNO. The RAN node 2 is further configured to transmit, to the core network 3, an attach request message from a terminal (e.g., a cellular phone terminal, a smartphone, a provisioned M2M device/CCE) having a UICC that stores regular credentials of the initial MNO. That is, the RAN node 2 transmits an attach request message to either the core network 3 or the provisioning network 6 according to whether or not the access is made by the eUICC in the initial state. In other words, the RAN node 2 switches the destination of the attach request message between the core network 3 and the provisioning network 6 according to whether or not the access is made by the eUICC in the initial state.
As mentioned above, in the embodiment, when the eUICC 10 is in the initial state, the RAN node 2 transmits an attach request message from the eUICC 10 (device 1) to the provisioning network 6. As a result of this, connectivity between the subscription management server 7 necessary for provisioning of the eUICC 10 and the eUICC 10 is established. In the embodiment, a network to which the eUICC 10 (device 1) in the initial state attaches can be separated from the core network 3. Accordingly, the embodiment enables the device equipped with the eUICC in the initial state to be safely connected to the network operated by the initial MNO.
In the following, specific examples of configurations and operations of the radio communication system of the embodiment will be explained.
The MME 31 is a control plane node, and performs, for example, mobility management (e.g., location registration) and bearer management (e.g., bearer establishment, bearer modification, bearer release) for terminals. That is, the MME 31 is a mobility management node. The MME 31 transmits and receives control messages (i.e., an S1AP message) to and from the RAN node (eNB) 2, and transmits and receives NAS (Non-Access Stratum) messages to and from terminals. The NAS messages are control messages transparently transmitted between terminals and the MME 31 without being terminated in an RAN and without being dependent on a radio access technology of the RAN. Specific examples of the NAS messages sent from terminals to the MME 31 include: an Attach Request; a Service Request; a PDN connectivity request; a Bearer Resource Allocation Request; a Bearer Resource Modification Request; a TAU (Tracking Area Update) Request; and a RAU (Routing Area Update) Request, etc.
The HSS 32 manages a database storing subscriber information. The HSS 32 transmits the subscriber information to the MME 31 in response to a request from the MME 31.
The S-GW 33 and the P-GW 34 transfer user packets between the RAN (specifically, the eNB 2) and the external packet network 4. For user packet transfer, the S-GW 33 establishes an S1-U bearer with the eNB 2, and establishes an S5/S8 bearer with the P-GW. The P-GW 34 transfers user packets between the S-GW 33 and the external packet network 4. The P-GW 34 allocates addresses (e.g., IP addresses) to terminals.
The MTC-IWF 35 provides the SCS 36 with a control plane interface for interworking with a core network of the 3GPP. The MTC-IWF 35 provides, for example, a function of triggering an M2M device, and a function of transferring small data on a downlink or an uplink or both of them. The SCS 36 may be called an M2M server. The SCS 36 provides the M2M application server 5 with an API.
In the example of
Functions of the MME 61 and the S/P-GW 63 shown in
In addition, also in cases of UMTS or GSM, a network may be configured by an idea similar to the example of LTE shown in
Hereinafter, several specific examples of switching destination of an attach request message according to whether or not the access is made by the eUICC in the initial state will be explained.
In the specific example 1, an attach request message when the eUICC 10 is in the initial state indicates a provisioning network. Not the attach request message itself, but a message transmitted from the device 1 in relation to the attach request message may indicate the provisioning network. An information element transmitted from the device 1 together with the attach request message may indicate the provisioning network. For example, an information element “Selected PLMN Identity” in an RRC Connection Setup Complete message transmitted by a terminal of LTE during an RRC connection establishment procedure may indicate the provisioning network. Note that anther information element “Dedicated NAS Information” in the RRC Connection Setup Complete message indicates an Attach Request Message.
That is, in the specific example 1, the device 1 selects a network to attach, and transmits selected network information to the RAN node 2. The selected network information indicates the network selected by the device 1. When the eUICC 10 is in the initial state, the device 1 selects the provisioning network 6 as an attach destination, and transmits the selected network information indicating the provisioning network 6.
In order to enable the device 1 to select a network, the RAN node 2 may broadcast system information indicating that both the core network 3 and the provisioning network 6 can be utilized. In this case, the device 1 may receive the broadcasted system information, and may transmit the selected network information indicating the provisioning network 6 together with the attach request message when the eUICC 10 is in the initial state.
In the specific example 2, an attach request message when the eUICC 10 is in the initial state, or a message transmitted from the device 1 in relation to the attach request message indicates initial credentials stored in the eUICC. Alternatively, the attach request message or the message transmitted in relation thereto may indicate access by the eUICC in the initial state. Further, alternatively, the attach request message or the message transmitted in relation thereto may indicate access for provisioning of the eUICC. The access by the eUICC in the initial state or the access for provisioning of the eUICC may be indicated, for example, by attach type information in the attach request message. In response to receiving from the device 1 initial credentials, information indicating access by the eUICC in the initial state, or information indicating access for provisioning of the eUICC, the RAN node 2 transmits the attach request message from the device 1 to the provisioning network 6.
In the specific example 3, during an RRC (Radio Resource Control) connection establishment procedure initiated prior to transmission of an attach request message, the device 1 notifies the RAN node 2 of access by the eUICC in the initial state. The device 1 may notify the RAN node 2 of access for provisioning of the eUICC. In LTE, UMTS, GSM, etc., a terminal must establish RRC connection before transmission of the attach request message. For example, in a case of LTE, the device 1 transmits an RRC Connection Request message in a random access procedure. The RRC Connection Request message corresponds to an initial Layer 3 message. The RRC Connection Request message contains an establishment cause as one of the information elements. For example, the device 1 may indicate access by the eUICC in the initial state (or access for provisioning of the eUICC) using the establishment cause in the RRC Connection Request message.
Hereinafter, configuration examples of the device 1 and the RAN node 2 will be explained.
In a configuration example of
In a configuration example of
In a configuration example of
A configuration example of
Steps S505 to S509 are similar to a usual bearer setup procedure in LTE. The MME 31 derives the P-GW and the S-GW (i.e., the S/P-GW 63) corresponding to the APN received from the HSS 32, and transmits a bearer setup request message (a Create Session Request message) to the S/P-GW 63 (step S506). The S/P-GW 63 performs bearer setup according to the bearer setup request, and transmits a response message (a Create Session Response message) to the MME 31 (step S507). In step S508, the MME 31 transmits an attach acceptance message (an Attach Accept message) to the device 1 through the RAN node 2. The RAN node 2 and the device 1 reconfigure the RRC connection based on the attach acceptance message. The device 1 then transmits an attach completion message (an Attach Complete message) to the MME 31 through the RAN node 2 (step S509).
In step S510, the subscription management server 7 executes provisioning/personalization of the eUICC 10 through the provisioning network 6.
In the second embodiment, the configuration has been shown that the subscriber information server (e.g., the HSS 32) detects access by the eUICC in the initial state. In the embodiment, an example is shown where a mobility management node (e.g., the MME 31) detects access by the eUICC in the initial state. As a result of this, for example, signaling between the mobility management node (e.g., the MME 31) and the subscriber information server (e.g., the HSS 32) is not needed, when the eUICC in the initial state is connected to the provisioning network.
In order to skip signaling between the HSS 32 and the MME 31, an operator may previously set, in the MME 31, an APN (Access Point Name) and a P-GW (S/P-GW 63 in
Note that in a network configuration in accordance with the embodiment, various variations in arrangement of a transfer node can be considered similarly to the second embodiment. Accordingly, the configuration example shown in
The processing performed by the eUICC 10, the device 1, the RAN node 2, the MME 31, the MME 61, and the HSS 32 described in the first to third embodiments may be implemented by causing a computer system including at least one processor (e.g., a microprocessor, a micro processing unit (MPU) or a digital signal processor (DSP)) to execute a program. More specifically, one or more programs including instructions for causing a computer system to perform the algorithms explained with reference to the flowcharts and sequence diagrams may be created and supplied to a computer system.
These programs can be stored and provided to a computer using any type of non-transitory computer readable media. Non-transitory computer readable media include any type of tangible storage media. Examples of non-transitory computer readable media include magnetic storage media (such as flexible disks, magnetic tapes, hard disk drives, etc.), optical magnetic storage media (e.g., magneto-optical disks), CD-ROM (Read Only Memory), CD-R, CD-R/W, and semiconductor memories (such as mask ROM, PROM (Programmable ROM), EPROM (Erasable PROM), flash ROM, RAM (random access memory), etc.). These programs may be provided to a computer using any type of transitory computer readable media. Examples of transitory computer readable media include electric signals, optical signals, and electromagnetic waves. Transitory computer readable media can provide the program to a computer via a wired communication line (e.g., electric wires, and optical fibers) or a wireless communication line.
Furthermore, the above-mentioned first to third embodiments have been mainly explained using the specific examples regarding LTE. However, the radio communication systems in accordance with the first to third embodiments may be other mobile communication systems including UMTS and GSM.
Furthermore, the embodiments stated above are merely examples of application of the technical ideas obtained by the present inventor. Needless to say, these technical ideas are not limited to those described in the above embodiments and may be changed in various ways.
This application is based upon and claims the benefit of priority from Japanese Patent Application No. 2012-280030 filed on Dec. 21, 2012, and the disclosure of which is incorporated herein in its entirety by reference.
| Number | Date | Country | Kind |
|---|---|---|---|
| 2012-280030 | Dec 2012 | JP | national |
| Filing Document | Filing Date | Country | Kind |
|---|---|---|---|
| PCT/JP2013/005584 | 9/20/2013 | WO | 00 |
