Patent Grant
8712474
The present invention relates generally to Subscriber Identity Modules (SIMs), and more particularly to the secure transfer of soft SIMs.
Wireless communication standards, such as GSM and UMTS, typically require a mobile device to include a SIM on an integrated circuit card, referred to herein as a SIM card. The SIM card securely stores SIM subscription credentials, e.g., a service subscriber key corresponding to the user of the mobile device, and performs security sensitive tasks. A SIM card allows a user to change mobile devices by removing the SIM card from one mobile device and inserting it into another mobile device.
Currently, a communication network may use any one of several different over the air techniques or protocols to update a SIM card. For example, the communication network may include or interface with a central database that backs-up personal information for a plurality of SIM cards. The network device may transfer the stored back-up information corresponding to a particular user from the database to the user's SIM card upon request. While such over the air transfer techniques provide some personal information, they currently do not provide a complete or secure SIM subscription credential transfer. Thus, conventional over the air SIM information transfer techniques still require a SIM card in the target device to ensure the security and the integrity of the SIM.
While SIM cards may be appropriate for high end or complex mobile devices, such as mobile telephones, personal data assistants, etc., the costs associated with a SIM card may be prohibitively high for simple and/or low cost mobile devices. Further, while future standards may require the same security functions implemented by conventional SIM cards, such standards may not require an actual hardware implementation of a SIM (e.g., SIM card). Thus, there remains a need for alternative SIM solutions.
The present invention provides a process for transferring soft SIM credentials to a target mobile device to provide the target mobile device with a complete SIM subscription, including all secret parameters. The transfer process of the present invention further ensures that only one mobile device contains active SIM credentials at any one time. Broadly, a SIM unit in a transferring mobile device securely transfers the soft SIM credentials to a SIM unit in a target mobile device either directly or via a network server. Before the SIM unit in the target mobile device receives and/or activates the soft SIM credentials, the SIM unit of the transferring mobile device deactivates the soft SIM credentials to ensure that only one mobile device contains the active soft SIM credentials.
A peer-to-peer SIM transfer process according to one embodiment of the present invention securely transfers the soft SIM credentials, referred to herein as SSIM, from a SIM unit in one mobile device to a SIM unit in another mobile device while ensuring that only one of the mobile devices holds a valid and active SSIM at any given time. More particularly, a transferring mobile device retrieves its SSIM from its SIM unit, and securely sends the retrieved SSIM to the target mobile device. After the SIM unit at the target mobile device verifies the authenticity of the received SSIM, the target mobile device installs the SSIM in its SIM unit and sends an installation ready message to the transferring mobile device. In response, the transferring mobile device deactivates the SSIM in its SIM unit, and sends a deactivation complete message to the target mobile device. Subsequently, the target mobile device's SIM unit activates the installed SSIM and sends an activation complete message to the transferring mobile device. In response to the received activation complete message, the transferring mobile device deletes the SSIM stored in its SIM unit.
A network assisted SIM transfer process according to another embodiment of the present invention securely transfers the SSIM from a SIM unit in one mobile device to a SIM unit in another mobile device via a network server while guaranteeing that only one of the mobile devices holds a valid and active SSIM at any given time. More particularly, a target mobile device securely sends its identifier to the transferring mobile device. The target mobile device may also optionally securely send its security credentials to the transferring mobile device. Subsequently, the transferring mobile device retrieves its SSIM from its SIM unit, and securely sends the retrieved SSIM to the network server, along with the security credentials for the target mobile device. The network server deactivates the received SSIM, and sends a deactivation command to the transferring mobile device. In response, the SIM unit in the transferring mobile device deactivates the SSIM in its SIM unit, and sends a deactivation acknowledgement to the network server. Subsequently, the network server reactivates the SSIM and securely sends the activated SSIM to the SIM unit of the target mobile device. The target mobile device's SIM unit verifies the authenticity of the received SSIM, installs the activated SSIM received from the network, and sends an installation acknowledgement to the network server.
The present invention securely transfers soft SIM credentials (SSIM) from a SIM unit 22A in a transferring mobile device 20A to a SIM unit 22B in a target mobile device 20B via the communication channel 30 while ensuring that only one of the mobile devices 20 holds a valid and active SSIM at any given time. The SIM unit 22 comprises protected storage combined with a processor that provides a protected environment for executing software associated with SIM operations and soft SIM transfer. The SIM unit 22 may comprise, for example, a Mobile Trusted Module (MTM) associated with the Trusted Computing Group (TCG), an ARM Trust Zone execution environment, etc. As used herein, the soft SIM credentials associated with the user of a transferring mobile device 22A will be denoted by SSIMA, while the soft SIM credentials associated with the user of a target mobile device 20B will be denoted by SSIMB. It will be appreciated that the transferred SSIM may also include other SIM data, e.g., personal information about the user associated with the SSIM.
The SIM unit 22 in each mobile device 20 may further contain and protect additional sensitive information associated with the mobile device 20 and/or SIM credentials. For example, the SIM unit 22 may contain and protect a soft SIM certificate signed by a trusted authority, such as the manufacturer of the mobile device 20 or a third party certification authority. The soft SIM certificate may contain, among other parameters, a unique identifier (IDauth) of the trusted authority. The signature used to sign the soft SIM certificate may also sign encryption keys associated with the soft SIM, such as a private and public key pair associated with the soft SIM. Such a private and public key pair may, for example, be installed in the SIM unit 22 by the manufacturer at the same time as the first installation of the soft SIM into the SIM unit 22. As used herein, the soft SIM certificate associated with SSIMA will be denoted by SCA, while the soft SIM certificate associated with SSIMB will be denoted by SCB.
As shown in
Subsequently, a secure connection is established between the transferring and target mobile devices 20A, 20B (step d). The secure connection protects all messages exchanged between the devices 20 using mutual authentication, key agreement, and/or confidentiality and integrity protection. The secure connection may be established, for example, according to the Transport Layer Security (TLS) protocol or the Internet Key Exchange/IP security (IKE/IPsec) protocol. While not required, the soft SIM certificates for one or both mobile devices 20A, 20B may be used to facilitate any authentication and/or key agreement process.
The transferring SIM unit 22A sends SSIMA to the target SIM unit 22B over the secure connection (step e). In some embodiments, the transferring SIM unit 22A may further encrypt SSIMA using the target device's public key provided by the SCB. The target SIM unit 22B verifies and installs the received SSIMA (step f). For example, the target SIM unit 22B may decrypt the SSIMA and check any signatures associated with the decrypted SSIMA. If able to verify the SSIMA, the target SIM unit 22B installs SSIMA (step f), and sends an installation complete message to the transferring mobile device 20A (step g).
Responsive to the installation complete message, the transferring SIM unit 22A deactivates SSIMA (step h). The deactivation process does not delete SSIMA from the SIM unit 22. Instead, the deactivation process simply makes SSIMA inactive, and therefore, prevents the transferring mobile device 20A from using SSIMA for any network service. The transferring SIM unit 22A also stores SCB to ensure that SSIMA may only be reactivated by the target mobile device 20B. After the deactivation process is complete, the transferring mobile device 20A sends a deactivation complete message to the target mobile device 20B (step i).
Upon receipt of the deactivation complete message, the target SIM unit 22B activates the previously received SSIMA (step j), and sends an activation complete message to the target mobile device 20A (step k). Once the SSIMA is activated in the target SIM unit 22B, SSIMA becomes SSIMB, and the target mobile device 20B may use the activated soft SIM credentials to obtain network services. Upon receipt of the activation complete message, the transferring SIM unit 22A deletes the SSIMA and all associated data from the secure SIM 22 (step l).
The above describes the peer-to-peer SSIM transfer process in terms of a secure channel established between the transferring and target mobile devices 20A, 20B. However, it will be appreciated that the transferring mobile device 20A may use any means to securely transfer SSIMA to the target mobile device 20B. For example, the transferring mobile device 20A may encrypt the SSIMA, and send the encrypted SSIMA to the target mobile device 20B over a non-secure channel.
It will be appreciated that the above-described peer-to-peer transfer process is fairly robust. For example, if the connection at step e is broken, the target SIM unit 22B may request a retransfer of SSIMA. In the mean time, the transferring mobile device 20A may still use SSIMA to access network services. Further, if the connection at step g is broken, the SSIMA that is installed in both the transferring and target mobile devices 20A, 20B, may only be used by the transferring mobile device 20A because only the transferring mobile device 20A contains an active SSIMA. To continue the transfer process, the transferring mobile device 20A may prompt the target mobile device 20B for an installation complete message by, for example, requesting an update on the installation process from the target mobile device 20B.
If the connection is broken at step i, SSIMA is deactivated in both devices 20A, 20B, and therefore, cannot be used by either device. In this case, the transferring SIM unit 22A may send the target SIM unit 22B a request to cancel the transfer to cause the target SIM unit 22B to delete the installed SSIMA, and to send a reactivation message to the transferring mobile device 20A to enable the transferring SIM unit 22A to reactivate the SSIMA. Alternatively, the transferring SIM unit 22A may contact a network operator and ask for new SIM credentials. In this case, SSIMA will be deleted from both devices 20A, 20B and will be unavailable for future use.
If the connection is broken at step k, the transferring mobile device 20A will not receive the activation complete message, and therefore, the transferring SIM unit 22A will not delete SSIMA and all associated data from the SIM unit 22. Since SSIMA is deactivated in the transferring mobile device 20A, the transferring SIM unit 22A will not be able to use SSIMA for any network services. In this case, the transferring SIM unit 22A may be programmed to delete SSIMA after some predetermined period of time has elapsed.
First, a secure connection is established between the transferring mobile device 20A and the target mobile device 20B (step a). The connection may comprise any type of wired or wireless connection, including local connections, such as Bluetooth and USB, and network based connections, such as a cellular or Internet connection. Further, the connection may be secured using any known securing process. The SIM unit 22B in the target mobile device 20B sends a SSIM transfer request to the SIM unit 22A in the transferring mobile device 20A (step b). The request includes the target mobile device's network identity (IDB), e.g., its IP address, MSISDN, etc. While not required, the request may also include the target mobile device's security certificate (SCB).
The transferring SIM unit 22A may accept or reject the credential transfer request by confirming the authority of the target mobile device 20B and/or based on settings in the target mobile device 20A and/or its SIM unit 22A. If the transferring SIM unit 22A accepts the credential transfer request, the transferring mobile device 20A establishes a secure connection with the network server 32 (step c). The secure connection protects all messages exchanged between the transferring mobile devices 20A and the network server 32 using mutual authentication, key agreement, and/or confidentiality and integrity protection. The secure connection may be established, for example, according to the Transport Layer Security (TLS) protocol or the Internet Key Exchange/IP security (IKE/IPsec) protocol.
The transferring SIM unit 22A uses the secure connection to send its SSIMA and details about the target mobile device 20B, e.g., IDB, along with an SSIM transfer request (step d). The transferring mobile device 20A may optionally include SCB as part of the target device details. If the network server 32 accepts the SSIM transfer request, the network server 32 deactivates the SSIMA (step e), and sends a deactivation message to the transferring SIM unit 22A (step f). Responsive to the received deactivation message, the transferring SIM unit 22A deactivates and deletes the SSIMA and all associated data (step g), and sends a deactivation acknowledgement message to the network server 32 (step h).
Responsive to the received acknowledgement message, the network server 32 activates the SSIMA (step i), and generates a protected version of the activated SSIMA. The network server 32 may protect the activated SSIMA, and send the protected SSIMA to the target mobile device 20B identified by IDB (step j). For example, the network server 32 may protect the activated SSIMA using an encryption scheme and the public key provided by SCB. Alternatively, the network server 32 may protect the activated SSIMA using KB. The network server 32 may also or alternatively protect the activated SSIMA by sending the activated SSIMA over a secure channel established between the network server 32 and the target mobile device 20B. Upon receiving the protected SSIMA, the target SIM unit 22B decrypts and installs the activated SSIMA (step k), and sends an installation acknowledgement to the network server 32 (step l). Once the activated SSIMA is installed in the target SIM unit 22B, SSIMA becomes SSIMB, and the target mobile device 20B may use the activated soft SIM credentials to obtain network services.
The above describes the network assisted transfer process in terms of secure channels established between the transferring and target mobile devices 20A, 20B, and between the transferring mobile device 20A and the network server 32. However, it will be appreciated that any secure transfer means may be used. For example, the transferring mobile device 20A may encrypt the SSIMA, and send the encrypted SSIMA to the network server 32 over a non-secure channel.
The network-assisted SSIM transfer process is also fairly robust. For example, if the connection at step d is broken, the network server 32 may request a retransfer of SSIMA. In the mean time, the transferring mobile device 20A may still use SSIMA to access network services. Further, if the connection at step f is broken, the transferring SIM unit 22A cannot use the soft SIM credentials because SSIMA has been deactivated at the network server 32. This prevents misuse of the soft SIM credentials by the transferring mobile device 20A. To continue the transfer process, the transferring mobile device 20A, for example, may request an update on the installation process from the network server 32. In response, the network server 32 may resend the deactivate SSIMA message.
If the connection is broken at step h, SSIMA is deactivated at the transferring SIM unit 22A and at the network server 32, and therefore, cannot be used by the transferring mobile device 20A. In this case, the network server 32 may request an update on the deactivation process from the transferring SIM unit 22A. Alternatively, the transferring SIM unit 22A may send the network server 32 a request to cancel the transfer to cause the network server 32 to reactivate the SSIMA and to send a reactivation message to the transferring SIM unit 22A to enable reactivation of the SSIMA in the transferring SIM unit 22A.
If the connection is broken at step j, the target mobile device 20B will not receive the activated SSIMA. In this case, the network server 32 may attempt to resend the protected SSIMA when no acknowledgement is received from the target mobile device 20B after some predetermined amount of time. If the connection is broken at step l, the network server 32 may request an update on the installation process from the target mobile device 20B.
The above provides means for the secure transfer of soft SIM credentials while simultaneously ensuring that only one mobile device has a valid and active SSIM at a time. Thus, the present invention eliminates the need for hardware-based SIM technology, such as SIM cards. This enables simple and/or low cost mobile devices to be manufactured without the costs and space constraints associated with conventional smart cards. Further, the present invention paves the way for future communication protocols that do not require hardware SIM cards.
The present invention may, of course, be carried out in other ways than those specifically set forth herein without departing from essential characteristics of the invention. The present embodiments are to be considered in all respects as illustrative and not restrictive, and all changes coming within the meaning and equivalency range of the appended claims are intended to be embraced therein.
This application claims priority from U.S. Provisional Application No. 60/913,089, filed 20 Apr. 2007, which is incorporated herein by reference.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5604787 | Kotzin et al. | Feb 1997 | A |
| 5933773 | Barvesten | Aug 1999 | A |
| 6002929 | Bishop et al. | Dec 1999 | A |
| 6285869 | Shannon et al. | Sep 2001 | B1 |
| 6427073 | Kortesalmi et al. | Jul 2002 | B1 |
| 6516357 | Hamann et al. | Feb 2003 | B1 |
| 6587127 | Leeke et al. | Jul 2003 | B1 |
| 6714799 | Park et al. | Mar 2004 | B1 |
| 6868282 | Carlsson | Mar 2005 | B2 |
| 6928299 | Rinne et al. | Aug 2005 | B1 |
| 6934391 | Linkola et al. | Aug 2005 | B1 |
| 6957199 | Fisher | Oct 2005 | B1 |
| 6980830 | Ahonen | Dec 2005 | B2 |
| 7178724 | Tamagno et al. | Feb 2007 | B2 |
| 7222783 | Merrien | May 2007 | B2 |
| 7363056 | Faisy | Apr 2008 | B2 |
| 7558110 | Mizushima et al. | Jul 2009 | B2 |
| 7603107 | Ratert et al. | Oct 2009 | B2 |
| 7729725 | Stenmark | Jun 2010 | B2 |
| 7778227 | Gibbs | Aug 2010 | B2 |
| 7957729 | Roter et al. | Jun 2011 | B2 |
| 8095184 | Hiltunen et al. | Jan 2012 | B2 |
| 8131317 | Lee | Mar 2012 | B2 |
| 8140064 | Mardiks | Mar 2012 | B2 |
| 8180400 | Shin et al. | May 2012 | B2 |
| 8195233 | Morikuni et al. | Jun 2012 | B2 |
| 8195235 | Montes | Jun 2012 | B2 |
| 20020165008 | Sashihara et al. | Nov 2002 | A1 |
| 20030005435 | Nelger et al. | Jan 2003 | A1 |
| 20030028763 | Malinen et al. | Feb 2003 | A1 |
| 20030051041 | Kalavade et al. | Mar 2003 | A1 |
| 20040023689 | Ahonen | Feb 2004 | A1 |
| 20040042604 | Hiltunen et al. | Mar 2004 | A1 |
| 20040137890 | Kalke | Jul 2004 | A1 |
| 20040204087 | Carlsson | Oct 2004 | A1 |
| 20040229601 | Zabawskyj et al. | Nov 2004 | A1 |
| 20040256451 | Goman et al. | Dec 2004 | A1 |
| 20050009563 | Stenmark | Jan 2005 | A1 |
| 20050075137 | Reemtsma | Apr 2005 | A1 |
| 20050239504 | Ishii et al. | Oct 2005 | A1 |
| 20050266883 | Chatrath | Dec 2005 | A1 |
| 20060020783 | Fisher | Jan 2006 | A1 |
| 20060059340 | Eldenmalm et al. | Mar 2006 | A1 |
| 20060075242 | Aissi et al. | Apr 2006 | A1 |
| 20060076420 | Prevost et al. | Apr 2006 | A1 |
| 20060079254 | Hogan | Apr 2006 | A1 |
| 20060129848 | Paksoy et al. | Jun 2006 | A1 |
| 20060183500 | Choi | Aug 2006 | A1 |
| 20060224887 | Vesikivi et al. | Oct 2006 | A1 |
| 20060291455 | Katz et al. | Dec 2006 | A1 |
| 20070004457 | Han | Jan 2007 | A1 |
| 20070077966 | Huang | Apr 2007 | A1 |
| 20070124490 | Kalavade et al. | May 2007 | A1 |
| 20070167161 | Cheng et al. | Jul 2007 | A1 |
| 20070177562 | Castrogiovanni et al. | Aug 2007 | A1 |
| 20080020755 | Liu et al. | Jan 2008 | A1 |
| 20080169350 | Audebert et al. | Jul 2008 | A1 |
| 20080220743 | Mora et al. | Sep 2008 | A1 |
| 20090225736 | Patarkazishvili | Sep 2009 | A1 |
| 20100088401 | Degraeve et al. | Apr 2010 | A1 |
| Number | Date | Country |
|---|---|---|
| 1758335 | Feb 2007 | EP |
| 2294787 | May 1996 | GB |
| 2000194660 | Jul 2000 | JP |
| 20060100086 | Sep 2006 | KR |
| 9927730 | Jun 1999 | WO |
| 0079368 | Dec 2000 | WO |
| 02089449 | Nov 2002 | WO |
| 2004021296 | Mar 2004 | WO |
| Entry |
|---|
| Alves, T. et al. “TrustZone: Integrated Hardware and Software Security.” White Paper, ARM. Available at http://www.arm.com/pdfs/TZ—Whitepaper.pdf. |
| Dierks, T. et al. “The Transport Layer Security (TLS) Protocol.” (Version 1.1). Network Working Group Request for Comments: 4346; Apr. 2006. |
| Harkins, D. et al. “The Internet Key Exchange (IKE).” Network Working Group Request for Comments: 2409; Nov. 1998. |
| Kent, S. et al. “Security Architecture for the Internet Protocol.” Network Working Group Request for Comments: 2401; Nov. 1998. |
| Niemi, V. et al. UMTS Security. Wiley, Jan. 2004. pp. 63-71. ISBN: 978-0-470-84794-7. |
| TCG Mobile Trusted Module Specification. Specification version 0.9, Revision 1, Sep. 12, 2006. TCG 2006. Available at www.trustedcomputinggroup.org. |
| Arsenault, A. et al. “Securely Available Credentials—Requirements.” IETF, Network Working Group Request for Comments: 3157, Baltimore Technologies, Aug. 2001. XP015008938. |
| Number | Date | Country | |
|---|---|---|---|
| 20080261561 A1 | Oct 2008 | US |
| Number | Date | Country | |
|---|---|---|---|
| 60913089 | Apr 2007 | US |
