Showing posts with label SIM. Show all posts
Showing posts with label SIM. Show all posts

Tuesday 1 February 2011

6th ETSI Security Workshop

6th ETSI Security workshop was held last month. There were some very interesting areas of discussion including Wireless/Mobile Security, Smart Grids Security, etc.
All presentations are available to download from here.

Wednesday 29 September 2010

Micro-SIM supporting 3FF format for LTE testing

Continuing yesterdays theme of Smart Cards.


I read Comprion's recent press release with regards to Micro-SIM.


As mobile devices get more and more complex, the components used become smaller and smaller. With the launch of the new LTE Test (U)SIM supporting the 3FF format, also known as Micro-SIM or Mini-UICC, COMPRION is responding to this trend. The LTE Test (U)SIM in the Mini-UICC format is only half the size of a regular Plug-In card and can be used in very small mobile devices.

Just like COMPRION's first released LTE Test (U)SIM, this new 128K/J LTE Test (U)SIM includes all new LTE data fields up to Release 9. The card has three applications implemented: a Test SIM; a Test USIM; and a Test ISIM. The Test (U)SIM also supports the three voltage classes 1.8V, 3V and 5V. Standardised commands such as "Resize" (for extending the size of a data field) and "Create" (for creating new data fields) are supported. The Test Card's flexibility and feature range enable the user to comprehensively examine the functionality of an LTE mobile device without having access to a live LTE network.

To ensure backwards compatibility to the Plug-In format, COMPRION also offers a Mini-UICC Adapter to turn the Mini-UICC into the Plug-In format. Hence, the Mini-UICC can also be used in today's mobile phones.

Its interesting to see that the new SIM is around half the size of the original and provides the same functionality. Sign of devices and components evolving.

The embedded presentation though old may be of intereste as it shows the difference between SIM, UICC and the 3FF

Tuesday 28 September 2010

SIMFi = SIM with WiFi

Since the beginning of this year, Sagem Orga and Telefonica have been working on next generation SIM card called SIMFi.

With SIMFi, you can convert a phone into a WiFi hotspot. The phone would use HSPA/LTE for data connectivity and at the same time it would broadcast WiFi signals for any equipment to connect to these signals and browse the web. Power consumption information have not been mentioned which I am sure would be a problem for the phone.

SIMFi Removes the need for additional accessories to facilitate transmission services (e.g. MiFi, USB modem, PCMCIA…) and can make connectivity a lot simpler, straigtforward and cheaper.




SIMFi specifications
  • SIM card compatible with the latest telecom specifications.
  • SIM card: ISO 2FF plug-in
  • The mobile phone does not need any special features.
  • Modem WiFi integrated in the SIM card, works with 802.11b.
  • The modem is guided by the SIM card's tools.
  • Energy-saving features (works with 2G and 3G).
  • The aerial is adaptable, allowing short- and long-range operations (from 2 cm to 30 m) managed by the SIM card's tools.

Thursday 3 June 2010

Quick preview of 3GPP Release-11 Features and Study items


Release 11 Features

Advanced IP Interconnection of Services

The objective is to specify the technical requirements for carrier grade inter-operator IP Interconnection of Services for the support of Multimedia services provided by IMS and for legacy voice PTSN/PLMN services transported over IP infrastructure (e.g. VoIP). These technical requirements should cover the new interconnect models developed by GSMA (i.e. the IPX interconnect model) and take into account interconnect models between national operators (including transit functionality) and peering based business trunking. Any new requirements identified should not overlap with requirements already defined by other bodies (e.g. GSMA, ETSI TISPAN). Specifically the work will cover:

• Service level aspects for direct IP inter-connection between Operators, service level aspects for national transit IP interconnect and service level aspects for next generation corporate network IP interconnect (peer-to-peer business trunking).
• Service layer aspects for interconnection of voice services (e.g. toll-free, premium rate and emergency calls).
• Service level aspects for IP Interconnection (service control and user plane aspects) between Operators and 3rd party Application Providers.

To ensure that requirements are identified for the Stage 2 & 3 work to identify relevant existing specifications, initiate enhancements and the development of the new specifications as necessary.


Release 11 Studies

Study on IMS based Peer-to-Peer Content Distribution Services

The objectives are to study IMS based content distribution services with the following aspects:

- Identifying the user cases to describe how users, operators and service providers will benefit by using/deploying IMS based content distribution services. such as with the improvement of Peer-to-Peer technology. The following shall be considered:
- Mobile access only (e.g. UTRAN, E-UTRAN, I-WLAN);
- Fixed access only (e.g. xDSL, LAN);- Fixed and mobile convergence scenarios;
- Identifying service aspects where IMS network improvements are needed to cater for content distributed services for above accesses;
- Evaluating possible impacts and improvements on network when IMS based content distribution services are deployed;
- Identifying QoS, mobility, charging and security related requirements in the case of content distribution services on IMS;
- Identifying potential copyright issues;


Study on Non Voice Emergency Services

The Non Voice Emergency Services could support the following examples of non-verbal communications to an emergency services network:

1. Text messages from citizen to emergency services
2. Session based and session-less instant messaging type sessions with emergency services
3. Multi-media (e.g., pictures, video clips) transfer to emergency services either during or after other communications with emergency services.
4. Real-time video session with emergency services

In addition to support the general public, this capability would facilitate emergency communications to emergency services by individuals with special needs (e.g., hearing impaired citizens).

The objectives of this study include the following questions for Non Voice Emergency Services with media other than or in addition to voice:

1. What are the requirements for Non Voice Emergency Services?
2. What are the security, reliability, and priority handling requirements for Non Voice Emergency Services?
3. How is the appropriate recipient emergency services system (e.g., PSAP) determined?
4. Are there any implications due to roaming?
5. Are there any implications to hand-over between access networks
6. Are there any implications due to the subscriber crossing a PSAP boundary during Non Voice Emergency Services communications (e.g., subsequent text messages should go to the same PSAP)?
7. Do multiple communication streams (e.g., voice, text, video emergency services) need to be associated together?
8. What types of “call-back” capabilities are required?9. Investigate the load impact of Non Voice Emergency Services in the case of a large scale emergency event or malicious use.

Non Voice Emergency Services will be applicable to GPRS (GERAN, UTRAN) and to EPS (GERAN, UTRAN, E-UTRAN and non-3GPP).


Study on UICC/USIM enhancements

The intent of this study item is to identify use cases and requirements enabling Mobile Network Operators to distribute new services based on the USIM, to improve the customer experience and ease the portability and customisation of operator-owned and customer-owned settings from one device to another (such as APN and other 3G Notebook settings, graphical user interface, MNO brand, Connection Manager settings,…), and help in reducing operation costs and radio resources usage.


Objectives of this study item are:

-To identify use cases and requirements for new USIM
-based services taking into account the GSMA Smart SIM deliverables;
- To identify use cases and requirements for the USIM used inside terminals with specialised functionalities (e.g. radio modems, 3G Notebook terminals) taking into account the GSMA 3GNBK deliverables;
- To identify use cases and requirements to drive the evolution from the traditional USAT to a multimedia USIM toolkit support, with a particular aim to the Smart Card Web Server;


Study on Alternatives to E.164 for Machine-Type Communications

M2M demand is forecast to grow from 50M connections to over 200M by 2013. A large number of these services are today deployed over circuit-switched GSM architectures and require E.164 MSISDNs although such services do not require "dialable" numbers, and generally do not communicate with each other by human interaction.


Without technical alternative to using public numbering resources as addresses, and considering the current forecasts and pending applications for numbers made to numbering plan administration agencies, there is a significant risk that some national numbering/dialling plans will run out of numbers in the near future, which would impact not only these M2M services but also the GSM/UMTS service providers in general.


The Objective is to determine an alternative to identify individual devices and route messages between those devices. Requirements for this alternative include:

- Effectively identify addressing method to be used for end point devices
- Effectively route messaging between those devices
- Support multiple methods for delivering messages, as defined by 22.368
- Support land-based and wireless connectivity
- Make use of IP-based network architectures
- Addressing/identifiers must support mobility and roaming- support on high speed packet
-switched networks when available and on circuit-switched networks
- Consider if there are security issues associated with any alternatives

Thursday 11 February 2010

UICC and USIM in 3GPP Release 8 and Release 9


In good old days of GSM, SIM was physical card with GSM "application" (GSM 11.11)

In the brave new world of 3G+, UICC is the physical card with basic logical functionality (based on 3GPP TS 31.101) and USIM is 3G application on a UICC (3GPP TS 31.102). The UICC can contain multiple applications like the SIM (for GSM), USIM and ISIM (for IMS). There is an interesting Telenor presentation on current and future of UICC which may be worth the read. See references below.

UICC was originally known as "UMTS IC card". The incorporation of the ETSI UMTS activities into the more global perspective of 3GPP required a change of this name. As a result this was changed to "Universal Integrated Circuit Card". Similarly USIM (UMTS Subscriber Identity Module) changed to Universal Subscriber Identity Module.

The following is from the 3G Americas Whitepaper on Mobile Broadband:

UICC (3GPP TS 31.101) remains the trusted operator anchor in the user domain for LTE/SAE, leading to evolved applications and security on the UICC. With the completion of Rel-8 features, the UICC now plays significant roles within the network.

Some of the Rel-8 achievements from standards (ETSI, 3GPP) are in the following areas:

USIM (TS 31.102)
With Rel-8, all USIM features have been updated to support LTE and new features to better support non-3GPP access systems, mobility management, and emergency situations have been adopted.

The USIM is mandatory for the authentication and secure access to EPC even for non-3GPP access systems. 3GPP has approved some important features in the USIM to enable efficient network selection mechanisms. With the addition of CDMA2000 and HRPD access technologies into the PLMN, the USIM PLMN lists now enable roaming selection among CDMA, UMTS, and LTE access systems.

Taking advantage of its high security, USIM now stores mobility management parameters for SAE/LTE. Critical information like location information or EPS security context is to be stored in USIM rather than the device.

USIM in LTE networks is not just a matter of digital security but also physical safety. The USIM now stores the ICE (In Case of Emergency) user information, which is now standardized. This feature allows first responders (police, firefighters, and emergency medical staff) to retrieve medical information such as blood type, allergies, and emergency contacts, even if the subscriber lies unconscious.

3GPP has also approved the storage of the eCall parameters in USIM. When activated, the eCall system establishes a voice connection with the emergency services and sends critical data including time, location, and vehicle identification, to speed up response times by emergency services. ECalls can be generated manually by vehicle occupants or automatically by in-vehicle sensors.

TOOLKIT FEATURES IMPROVEMENT (TS 31.111)
New toolkit features have been added in Rel-8 for the support of NFC, M2M, OMA-DS, DM and to enhance coverage information.

The contactless interface has now been completely integrated with the UICC to enable NFC use cases where UICC applications proactively trigger contactless interfaces.

Toolkit features have been updated for terminals with limited capabilities (e.g. datacard or M2M wireless modules). These features will be notably beneficial in the M2M market where terminals often lack a screen or a keyboard.

UICC applications will now be able to trigger OMA-DM and DS sessions to enable easier device support and data synchronization operations, as well as interact in DVB networks.

Toolkit features have been enriched to help operators in their network deployments, particularly with LTE. A toolkit event has been added to inform a UICC application of a network rejection, such as a registration attempt failure. This feature will provide important information to operators about network coverage. Additionally, a UICC proactive command now allows the reporting of the signal strength measurement from an LTE base station.

CONTACT MANAGER
Rel-8 defined a multimedia phone book (3GPP TS 31.220) for the USIM based on OMA-DS and its corresponding JavaCard API (3GPP TS 31.221).

REMOTE MANAGEMENT EVOLUTION (TS 31.115 AND TS 31.116)
With IP sessions becoming prominent, an additional capability to multiplex the remote application and file management over a single CAT_TP link in a BIP session has been completed. Remote sessions to update the UICC now benefit from additional flexibility and security with the latest addition of the AES algorithm rather than a simple DES algorithm.

CONFIDENTIAL APPLICATION MANAGEMENT IN UICC FOR THIRD PARTIES
The security model in the UICC has been improved to allow the hosting of confidential (e.g. third party) applications. This enhancement was necessary to support new business models arising in the marketplace, with third party MVNOs, M-Payment and Mobile TV applications. These new features notably enable UICC memory rental, remote secure management of this memory and its content by the third party vendor, and support new business models supported by the Trusted Service Manager concept.

SECURE CHANNEL BETWEEN THE UICC AND TERMINAL
A secure channel solution has been specified that enables a trusted and secure communication between the UICC and the terminal. The secure channel is also available between two applications residing respectively on the UICC and on the terminal. The secure channel is applicable to both ISO and USB interfaces.

RELEASE 9 ENHANCEMENTS: UICC: ENABLING M2M AND FEMTOCELLS
The role of femtocell USIM is increasing in provisioning information for Home eNodeB, the 3GPP name for femtocell. USIMs inside handsets provide a simple and automatic access to femtocells based on operator and user-controlled Closed Subscriber Group list.

Work is ongoing in 3GPP for the discovery of surrounding femtocells using toolkit commands. Contrarily to macro base stations deployed by network operators, a femtocell location is out of the control of the operator since a subscriber can purchase a Home eNodeB and plug it anywhere at any time. A solution based on USIM toolkit feature will allow the operator to identify the femtocells serving a given subscriber. Operators will be able to adapt their services based on the femtocells available.

The upcoming releases will develop and capitalize on the IP layer for UICC remote application management (RAM) over HTTP or HTTPS. The network can also send a push message to UICC to initiate a communication using TCP protocol.

Additional guidance is also expected from the future releases with regards to the M2M dedicated form factor for the UICC that is currently under discussion to accommodate environments with temperature or mechanical constraints surpassing those currently specified by the 3GPP standard.

Some work is also expected to complete the picture of a full IP UICC integrated in IP-enabled terminal with the migration of services over EEM/USB and the capability for the UICC to register on multicast based services (such as mobile TV).

Further Reading:

Wednesday 8 July 2009

Wireless Cellular Security

Arvind, an old colleague recently spoke in ACM, Bangalore on the topic of Security. Here is his presentation:







There are lots of interesting Questions and Answers. One interesting one is:

Does number portability mean that data within an AuC is compromised?

Not really. Number portability does not mean sensitive data from old AuC are transferred to the new AuC. The new operator will issue a new USIM which will have a new IMSI. Number portability only means that MSISDN is kept the same for others to call the mobile. The translation between MSISDN and IMSI is done at a national level register. Such a translation will identify the Home PLMN and the HLR that’s needs to be contacted for an incoming call.
That’s the theory and that’s how it should be done. It will be interesting to know how operators in India do this.

You can read all Q&A's here.

I wrote a tutorial on UMTS security many years back. Its available here.

Sunday 23 November 2008

Phones can be unlocked by GeoSim


We all have used different phones over the period of time while on contract with a certain operator. The tricky situation comes when we move onto different operator and would sometime like to use the old phone. The way to crack this is quitely simpy unlock the phone and off it goes on any network.

GeoSIM, an international SIM card supplier, now says that it has introduced the “SIM PIG”, a SIM-like chip that bypasses the network lock on mobile phones, thus enabling any SIM card from any network to be used in a locked handset.

I honestly do not know whether this is good or bad, but simply for my own personal reason it’s good. Recently I moved from one operator to another and decided to go pay as you go. Hence I wanted to use my old phone on the new service provider but couldn’t do so until I got my phone unlocked.

SIM PIG claims to be able to unlock iPhone, Windows Mobile, HTC, Nokia, Sony Ericsson, Blackberry and many more 3G handsets. It is inserted with the SIM card into the handsets SIM card slot. The PIG then dynamically bypasses the network lock on the mobile phone. The company says it does not affect any of the handset functionality and all features are maintained, nor it does not invalidate any warranty on the handset. Once SIM PIG is removed, the handset reverts back to its locked condition.

Using the SIM PIG does not require any technical knowledge and is quick and simple to insert. As the name suggests, SIM PIG SIMply PIGgy backs on to the SIM card when it is inserted to the handset.
So how does GeoSim is able to do this business of unlocking the phone or by passing the lock?
GeoSIM routes your dialling instruction away from the local operator and sends your call to the GeoSIM “Hub”. A few seconds after you make your call, your mobile phone will ring. You answer the “callback” and you will be connected to the person you wish to talk to.
In summary:
  • Dial the number you want to call.

  • A few seconds after you dial, your handset will ring. Answer the “callback” from the GeoSIM Hub.

  • You will then get connected to the number you are calling.

Hmmm very strange… I am really dying to know whether some body uses this method.
Do GeoSIM and SIM PIG work in the United States?
Are they fully “legal” here in UK or Europe? I don’t know…

Monday 29 September 2008

SIM-free option for LTE

Dean Bubley, in a post in Seeking Alpha has proposed a SIM-free option for LTE. I have heard this being discussed before in some forums but have not seen yet any concrete steps by 3G to address this issue.

Let me be clear that I fully support the SIM based option which gives you convinience to change handsets while keeping the same number and also easily move between different operators by getting Porting codes (PAC codes in UK) but sometimes when you are travelling or in between places the SIM free option allows you to use Pay as you Go services from the device of your choice. So rather than being tied down to the SIM you will be tied down to the device (Laptop or Handset).

If this option is not available it would still be possible by a service provider to provide you a service based on the device IMEI but the extra 'Access technology based' security would not be there. This means that you would be relying completely on the IP security which should generally not be an issue since this is not very different than what you would use in case of accessing web through your workplace or from a cafe. Also since this option requires extra customisation of LTE based technology which is not standardised by standards, service providers may be a bit reluctant to use this approach.

Alternatively, service providers may go for alternative technologies like WiMAX and WiFi. All laptops have WiFi inbuilt and it wont be long before WiMAX option is available. WiMAX dongles may come in handly for times like these. These technologies dont require any SIM cards so it may be simpler for people to use this.

By not providing the SIM-free option for LTE, there may not be much impact from Laptop users who dont care which technology they use as their hardware is generally capable of supporting quite a few options but it may impact the smartphone user market. These smartphone users who have time to kill on the airports or hotels may make use of their time by registering their phone to a local service provider and then making cheap international calls and browsing via their handset. They may not have to worry about hunting for cyber cafes and even if they find one worrying about the spyware, etc trying to grab passwords/pins on the PCs being used.

Over the next year we will have to wait and see if operators or device manufacturers or service providers are going to propose this option and once it is proposed it would be interesting to see how many people oppose it :)