Tuesday 1 February 2011
6th ETSI Security Workshop
Wednesday 29 September 2010
Micro-SIM supporting 3FF format for LTE testing
I read Comprion's recent press release with regards to Micro-SIM.
As mobile devices get more and more complex, the components used become smaller and smaller. With the launch of the new LTE Test (U)SIM supporting the 3FF format, also known as Micro-SIM or Mini-UICC, COMPRION is responding to this trend. The LTE Test (U)SIM in the Mini-UICC format is only half the size of a regular Plug-In card and can be used in very small mobile devices.
Just like COMPRION's first released LTE Test (U)SIM, this new 128K/J LTE Test (U)SIM includes all new LTE data fields up to Release 9. The card has three applications implemented: a Test SIM; a Test USIM; and a Test ISIM. The Test (U)SIM also supports the three voltage classes 1.8V, 3V and 5V. Standardised commands such as "Resize" (for extending the size of a data field) and "Create" (for creating new data fields) are supported. The Test Card's flexibility and feature range enable the user to comprehensively examine the functionality of an LTE mobile device without having access to a live LTE network.
To ensure backwards compatibility to the Plug-In format, COMPRION also offers a Mini-UICC Adapter to turn the Mini-UICC into the Plug-In format. Hence, the Mini-UICC can also be used in today's mobile phones.
Its interesting to see that the new SIM is around half the size of the original and provides the same functionality. Sign of devices and components evolving.
The embedded presentation though old may be of intereste as it shows the difference between SIM, UICC and the 3FF
Tuesday 28 September 2010
SIMFi = SIM with WiFi
With SIMFi, you can convert a phone into a WiFi hotspot. The phone would use HSPA/LTE for data connectivity and at the same time it would broadcast WiFi signals for any equipment to connect to these signals and browse the web. Power consumption information have not been mentioned which I am sure would be a problem for the phone.
SIMFi Removes the need for additional accessories to facilitate transmission services (e.g. MiFi, USB modem, PCMCIA…) and can make connectivity a lot simpler, straigtforward and cheaper.
- SIM card compatible with the latest telecom specifications.
- SIM card: ISO 2FF plug-in
- The mobile phone does not need any special features.
- Modem WiFi integrated in the SIM card, works with 802.11b.
- The modem is guided by the SIM card's tools.
- Energy-saving features (works with 2G and 3G).
- The aerial is adaptable, allowing short- and long-range operations (from 2 cm to 30 m) managed by the SIM card's tools.
Thursday 3 June 2010
Quick preview of 3GPP Release-11 Features and Study items
Advanced IP Interconnection of Services
Release 11 Studies
Study on IMS based Peer-to-Peer Content Distribution Services
Objectives of this study item are:
Without technical alternative to using public numbering resources as addresses, and considering the current forecasts and pending applications for numbers made to numbering plan administration agencies, there is a significant risk that some national numbering/dialling plans will run out of numbers in the near future, which would impact not only these M2M services but also the GSM/UMTS service providers in general.
The Objective is to determine an alternative to identify individual devices and route messages between those devices. Requirements for this alternative include:
Thursday 11 February 2010
UICC and USIM in 3GPP Release 8 and Release 9
In good old days of GSM, SIM was physical card with GSM "application" (GSM 11.11)
In the brave new world of 3G+, UICC is the physical card with basic logical functionality (based on 3GPP TS 31.101) and USIM is 3G application on a UICC (3GPP TS 31.102). The UICC can contain multiple applications like the SIM (for GSM), USIM and ISIM (for IMS). There is an interesting Telenor presentation on current and future of UICC which may be worth the read. See references below.
UICC was originally known as "UMTS IC card". The incorporation of the ETSI UMTS activities into the more global perspective of 3GPP required a change of this name. As a result this was changed to "Universal Integrated Circuit Card". Similarly USIM (UMTS Subscriber Identity Module) changed to Universal Subscriber Identity Module.
The following is from the 3G Americas Whitepaper on Mobile Broadband:
UICC (3GPP TS 31.101) remains the trusted operator anchor in the user domain for LTE/SAE, leading to evolved applications and security on the UICC. With the completion of Rel-8 features, the UICC now plays significant roles within the network.
Some of the Rel-8 achievements from standards (ETSI, 3GPP) are in the following areas:
USIM (TS 31.102)
With Rel-8, all USIM features have been updated to support LTE and new features to better support non-3GPP access systems, mobility management, and emergency situations have been adopted.
The USIM is mandatory for the authentication and secure access to EPC even for non-3GPP access systems. 3GPP has approved some important features in the USIM to enable efficient network selection mechanisms. With the addition of CDMA2000 and HRPD access technologies into the PLMN, the USIM PLMN lists now enable roaming selection among CDMA, UMTS, and LTE access systems.
Taking advantage of its high security, USIM now stores mobility management parameters for SAE/LTE. Critical information like location information or EPS security context is to be stored in USIM rather than the device.
USIM in LTE networks is not just a matter of digital security but also physical safety. The USIM now stores the ICE (In Case of Emergency) user information, which is now standardized. This feature allows first responders (police, firefighters, and emergency medical staff) to retrieve medical information such as blood type, allergies, and emergency contacts, even if the subscriber lies unconscious.
3GPP has also approved the storage of the eCall parameters in USIM. When activated, the eCall system establishes a voice connection with the emergency services and sends critical data including time, location, and vehicle identification, to speed up response times by emergency services. ECalls can be generated manually by vehicle occupants or automatically by in-vehicle sensors.
TOOLKIT FEATURES IMPROVEMENT (TS 31.111)
New toolkit features have been added in Rel-8 for the support of NFC, M2M, OMA-DS, DM and to enhance coverage information.
The contactless interface has now been completely integrated with the UICC to enable NFC use cases where UICC applications proactively trigger contactless interfaces.
Toolkit features have been updated for terminals with limited capabilities (e.g. datacard or M2M wireless modules). These features will be notably beneficial in the M2M market where terminals often lack a screen or a keyboard.
UICC applications will now be able to trigger OMA-DM and DS sessions to enable easier device support and data synchronization operations, as well as interact in DVB networks.
Toolkit features have been enriched to help operators in their network deployments, particularly with LTE. A toolkit event has been added to inform a UICC application of a network rejection, such as a registration attempt failure. This feature will provide important information to operators about network coverage. Additionally, a UICC proactive command now allows the reporting of the signal strength measurement from an LTE base station.
CONTACT MANAGER
Rel-8 defined a multimedia phone book (3GPP TS 31.220) for the USIM based on OMA-DS and its corresponding JavaCard API (3GPP TS 31.221).
REMOTE MANAGEMENT EVOLUTION (TS 31.115 AND TS 31.116)
With IP sessions becoming prominent, an additional capability to multiplex the remote application and file management over a single CAT_TP link in a BIP session has been completed. Remote sessions to update the UICC now benefit from additional flexibility and security with the latest addition of the AES algorithm rather than a simple DES algorithm.
CONFIDENTIAL APPLICATION MANAGEMENT IN UICC FOR THIRD PARTIES
The security model in the UICC has been improved to allow the hosting of confidential (e.g. third party) applications. This enhancement was necessary to support new business models arising in the marketplace, with third party MVNOs, M-Payment and Mobile TV applications. These new features notably enable UICC memory rental, remote secure management of this memory and its content by the third party vendor, and support new business models supported by the Trusted Service Manager concept.
SECURE CHANNEL BETWEEN THE UICC AND TERMINAL
A secure channel solution has been specified that enables a trusted and secure communication between the UICC and the terminal. The secure channel is also available between two applications residing respectively on the UICC and on the terminal. The secure channel is applicable to both ISO and USB interfaces.
RELEASE 9 ENHANCEMENTS: UICC: ENABLING M2M AND FEMTOCELLS
The role of femtocell USIM is increasing in provisioning information for Home eNodeB, the 3GPP name for femtocell. USIMs inside handsets provide a simple and automatic access to femtocells based on operator and user-controlled Closed Subscriber Group list.
Work is ongoing in 3GPP for the discovery of surrounding femtocells using toolkit commands. Contrarily to macro base stations deployed by network operators, a femtocell location is out of the control of the operator since a subscriber can purchase a Home eNodeB and plug it anywhere at any time. A solution based on USIM toolkit feature will allow the operator to identify the femtocells serving a given subscriber. Operators will be able to adapt their services based on the femtocells available.
The upcoming releases will develop and capitalize on the IP layer for UICC remote application management (RAM) over HTTP or HTTPS. The network can also send a push message to UICC to initiate a communication using TCP protocol.
Additional guidance is also expected from the future releases with regards to the M2M dedicated form factor for the UICC that is currently under discussion to accommodate environments with temperature or mechanical constraints surpassing those currently specified by the 3GPP standard.
Some work is also expected to complete the picture of a full IP UICC integrated in IP-enabled terminal with the migration of services over EEM/USB and the capability for the UICC to register on multicast based services (such as mobile TV).
Further Reading:
- Business perspective and Mobile service offer through Future SIM - Telenor (http://www.ux.uis.no/atc08/workshop/Larsen.pdf)
- The role of the UICC in Long Term Evolution all IP networks - Gemalto (http://www.gemalto.com/telecom/download/lte_gemalto_whitepaper.pdf)
- Technical White Paper: Smart Card in IMS - 3G Americas (http://www.3gamericas.org/documents/GEM_WP_IMS.pdf)
- 3GPP TS 31.101: UICC-terminal interface; Physical and logical characteristics (http://www.3gpp.org/ftp/Specs/archive/31_series/31.101/)
- 3GPP TS 31.102: Universal Subscriber Identity Module (USIM) application (http://www.3gpp.org/ftp/Specs/archive/31_series/31.102/)
- 3GPP TS 31.111: Universal Subscriber Identity Module (USIM) Application Toolkit (USAT) (http://www.3gpp.org/ftp/Specs/archive/31_series/31.111/)
- 3GPP TS 31.115: Secured packet structure for (Universal) Subscriber Identity Module (U)SIM Toolkit applications (http://www.3gpp.org/ftp/Specs/archive/31_series/31.115/)
- 3GPP TS 31.116: Remote APDU Structure for (U)SIM Toolkit applications (http://www.3gpp.org/ftp/Specs/archive/31_series/31.116/)
- 3GPP TS 31.220: Characteristics of the Contact Manager for 3GPP UICC applications (http://www.3gpp.org/ftp/Specs/archive/31_series/31.220/)
- 3GPP TS 31.221: Contact Manager Application Programming Interface (API); Contact Manager API for Java Card™ (http://www.3gpp.org/ftp/Specs/archive/31_series/31.221/)
Wednesday 8 July 2009
Wireless Cellular Security
There are lots of interesting Questions and Answers. One interesting one is:
Does number portability mean that data within an AuC is compromised?
Not really. Number portability does not mean sensitive data from old AuC are transferred to the new AuC. The new operator will issue a new USIM which will have a new IMSI. Number portability only means that MSISDN is kept the same for others to call the mobile. The translation between MSISDN and IMSI is done at a national level register. Such a translation will identify the Home PLMN and the HLR that’s needs to be contacted for an incoming call.
That’s the theory and that’s how it should be done. It will be interesting to know how operators in India do this.
You can read all Q&A's here.
I wrote a tutorial on UMTS security many years back. Its available here.
Sunday 23 November 2008
Phones can be unlocked by GeoSim
GeoSIM, an international SIM card supplier, now says that it has introduced the “SIM PIG”, a SIM-like chip that bypasses the network lock on mobile phones, thus enabling any SIM card from any network to be used in a locked handset.
I honestly do not know whether this is good or bad, but simply for my own personal reason it’s good. Recently I moved from one operator to another and decided to go pay as you go. Hence I wanted to use my old phone on the new service provider but couldn’t do so until I got my phone unlocked.
SIM PIG claims to be able to unlock iPhone, Windows Mobile, HTC, Nokia, Sony Ericsson, Blackberry and many more 3G handsets. It is inserted with the SIM card into the handsets SIM card slot. The PIG then dynamically bypasses the network lock on the mobile phone. The company says it does not affect any of the handset functionality and all features are maintained, nor it does not invalidate any warranty on the handset. Once SIM PIG is removed, the handset reverts back to its locked condition.
Using the SIM PIG does not require any technical knowledge and is quick and simple to insert. As the name suggests, SIM PIG SIMply PIGgy backs on to the SIM card when it is inserted to the handset.
So how does GeoSim is able to do this business of unlocking the phone or by passing the lock?
GeoSIM routes your dialling instruction away from the local operator and sends your call to the GeoSIM “Hub”. A few seconds after you make your call, your mobile phone will ring. You answer the “callback” and you will be connected to the person you wish to talk to.
In summary:
- Dial the number you want to call.
- A few seconds after you dial, your handset will ring. Answer the “callback” from the GeoSIM Hub.
- You will then get connected to the number you are calling.
Hmmm very strange… I am really dying to know whether some body uses this method.
Do GeoSIM and SIM PIG work in the United States?
Are they fully “legal” here in UK or Europe? I don’t know…
Monday 29 September 2008
SIM-free option for LTE
Let me be clear that I fully support the SIM based option which gives you convinience to change handsets while keeping the same number and also easily move between different operators by getting Porting codes (PAC codes in UK) but sometimes when you are travelling or in between places the SIM free option allows you to use Pay as you Go services from the device of your choice. So rather than being tied down to the SIM you will be tied down to the device (Laptop or Handset).
If this option is not available it would still be possible by a service provider to provide you a service based on the device IMEI but the extra 'Access technology based' security would not be there. This means that you would be relying completely on the IP security which should generally not be an issue since this is not very different than what you would use in case of accessing web through your workplace or from a cafe. Also since this option requires extra customisation of LTE based technology which is not standardised by standards, service providers may be a bit reluctant to use this approach.
Alternatively, service providers may go for alternative technologies like WiMAX and WiFi. All laptops have WiFi inbuilt and it wont be long before WiMAX option is available. WiMAX dongles may come in handly for times like these. These technologies dont require any SIM cards so it may be simpler for people to use this.
By not providing the SIM-free option for LTE, there may not be much impact from Laptop users who dont care which technology they use as their hardware is generally capable of supporting quite a few options but it may impact the smartphone user market. These smartphone users who have time to kill on the airports or hotels may make use of their time by registering their phone to a local service provider and then making cheap international calls and browsing via their handset. They may not have to worry about hunting for cyber cafes and even if they find one worrying about the spyware, etc trying to grab passwords/pins on the PCs being used.
Over the next year we will have to wait and see if operators or device manufacturers or service providers are going to propose this option and once it is proposed it would be interesting to see how many people oppose it :)