CN109963275A - Sending method, the processing system of method of reseptance and subscription data of subscription data - Google Patents
Sending method, the processing system of method of reseptance and subscription data of subscription data Download PDFInfo
- Publication number
- CN109963275A CN109963275A CN201711408249.6A CN201711408249A CN109963275A CN 109963275 A CN109963275 A CN 109963275A CN 201711408249 A CN201711408249 A CN 201711408249A CN 109963275 A CN109963275 A CN 109963275A
- Authority
- CN
- China
- Prior art keywords
- subscription data
- euicc
- long
- sent
- cloud server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/183—Processing at user equipment or user record carrier
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
- H04W8/205—Transfer to or from user equipment or user record carrier
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Databases & Information Systems (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of sending method of subscription data, method of reseptance, long-range signing management platform, cloud server, eUICC, the processing system of subscription data, storage medium and electronic devices, wherein, the sending method of the subscription data includes: to receive the subscription data request from operator;The first subscription data is obtained from cloud server according to the request of above-mentioned subscription data;Above-mentioned first subscription data is sent to universal embedded integrated circuit card eUICC, to indicate that the eUICC configures the first subscription data in eUICC.Through the invention, it solves the problems, such as the data configuration downloading in eUICC present in the relevant technologies, replace low efficiency.
Description
Technical field
The present invention relates to the communications field, in particular to the sending method of a kind of subscription data, method of reseptance, long-range
Signing management platform, cloud server, eUICC, the processing system of subscription data, storage medium and electronic device.
Background technique
With popularizing for technology of Internet of things, more and more terminals become internet-of-things terminal, that is to say, that more and more
It is directly welded with intelligent card chip in the circuit board of terminal or directly encapsulation such as communication module, for example, automobile, intelligent meter
A kind of embedded smart card (embedded Universal Integrated Circuit is embedded into tool, monitoring device
Card, abbreviation eUICC) internet-of-things terminal can be become.Wherein, eUICC can be access carrier net as internet-of-things terminal
The authentication tool of network, and the safety of the various application programs (APP, application are hereinafter referred to as applied) of carrying, data carry
Body.
Under Internet of Things application scenarios, since smart card is typically found in internet-of-things terminal or welds in the terminal,
It is issued ground and is difficult to determine when internet-of-things terminal produces using ground.On the other hand, applied to the eUICC of internet of things service
Not only a kind of new UICC card form or subscriber terminal equipment form further include establishing to support this neomorph equipment
Total system, wherein the activation of eUICC, deactivate management, user relationship management, remotely manage, service management and bursting tube
Reason may all will be essential function in the system.Under such application scenarios, when need to consider that Internet of Things smart card uses
The business of configuration text is runed in replacement after activation, activation, wherein operation configuration file is the inside eUICC and some mobile operator
In general relevant a group of file, the set of data under environment of internet of things, can store multiple in an eUICC card
The configuration file of operator, each operator's configuration file correspond to a unique user identification number.The prior art
In, the dynamic management of configuration file can be realized by over the air (Over-the-Air, referred to as OTA), such as
Downloading is deleted, replacement.
However, the configuration file being locally stored is also limited since eUICC card space is limited, operator is downloaded, replaces
When, configuration file needs re-download, and after causing user to delete some carrier data on eUICC, want to use this again
When the data of operator, all related datas are needed according to newly being redistributed using user, so as to cause embedded smart card
Configuration downloading, replacement efficiency it is lower.
Aiming at the problem that data configuration downloading in the eUICC present in the relevant technologies, replacement low efficiency, not yet mention at present
Effective solution scheme out.
Summary of the invention
The embodiment of the invention provides a kind of sending method of subscription data, method of reseptance, long-range signing management platforms, cloud
Server, eUICC, the processing system of subscription data, storage medium and electronic device are held, at least to solve to exist in the related technology
EUICC in data configuration downloading, replacement low efficiency the problem of.
According to one embodiment of present invention, a kind of sending method of subscription data is provided, comprising: receive from operation
The subscription data of quotient is requested;The first subscription data is obtained from cloud server according to subscription data request;By described
One subscription data is sent to universal embedded integrated circuit card eUICC, to indicate that the eUICC configures institute in the eUICC
State the first subscription data.
Optionally, first subscription data is sent to embedded smart card eUICC includes: to receive from the operation
The downloading of quotient is requested;Identify the mark ID number of the eUICC carried in the downloading request;In the ID according to the eUICC
When number determining that first subscription data is matched with the eUICC, first subscription data is sent to the eUICC.
Optionally, the integrated circuit card identification code ICCID of pre-registration is also carried in the downloading request.
Optionally, first subscription data and the eUICC are determined according to the ID number of the eUICC in the following way
Matching includes: that the ID number of the eUICC is sent to the cloud server;Receive that the cloud server returns with it is described
The corresponding UICC card presupposed information of the ID number of eUICC;First subscription data is decrypted using info decoder, and root
The subscription data with the configurations match of the operator is generated according to preset coded format;According to the ID number with the eUICC
Corresponding UICC card presupposed information determines in the effective situation of matched subscription data, and the matched subscription data is sent out
Give the eUICC.
Optionally, the matched subscription data is sent to the eUICC includes: to send installation newly to the eUICC
Publisher safety information domain ISD-P request;It is and described after confirming that the eUICC completes to install the new ISD-P
New ISD-P negotiates to generate key;Added using the personal subscription data in matched subscription data described in the key pair
It is close, and other data in encrypted personal subscription data and the matched subscription data are sent to the ISD-P.
Optionally, the encrypted personal subscription data is sent to the ISD-P includes: by web service Web
Service safety or the secure transmission tunnel established by Secure Socket Layer SSL send out the encrypted personal subscription data
Give the ISD-P.
Optionally, after first subscription data is sent to universal embedded integrated circuit card eUICC, the side
Method further include: after the installation results and state for receiving first subscription data that the eUICC is sent, by the installation
As a result give the cloud server with state reporting, with indicate the cloud server using the installation results and state pair with
The corresponding UICC card presupposed information of the ID number of the eUICC is updated.
Optionally, after first subscription data is sent to universal embedded integrated circuit card eUICC, the side
Method further include: receive the activation for being used to request to activate first subscription data in the eUICC from the operator
Request;After determining first subscription data for allowing to activate in the eUICC, Xiang Suoshu eUICC sends activation instruction, with
Indicate that the eUICC activates first subscription data.
Optionally, the method also includes: receive having deposited for requesting to delete in the eUICC from the operator
The removal request of the predetermined subscription data of storage;In the case where determining that the predetermined subscription data allows to be deleted, Xiang Suoshu
EUICC, which is sent, deletes instruction, to indicate that the eUICC deletes the predetermined subscription data.
Optionally, before receiving the subscription data request from operator, the method also includes: it receives from described
The registration request of the manufacturer of eUICC, wherein the subscription data being pre-stored in the eUICC is carried in the registration request;Benefit
The pre-stored subscription data is encoded according to preset coded format with configuration information encoder;It will be pre- after coding
The subscription data of storage is sent to the cloud server.
Optionally, the pre-stored subscription data includes at least following information: subscription data classification, application identities, collection
At circuit card identification code ICCID, mobile subscriber number MSISDN, subscription data state, need storage allocation, management strategy.
Optionally, the preset coded format includes following one: ASN.1, Unicode, UTF-8.
Optionally, sending the cloud server for the pre-stored subscription data after coding includes: to the cloud
Server sends the storage request for being used to request to store the pre-stored subscription data after the coding;Receive the cloud service
The checking request that device is sent according to the storage request;Verify really according to the checking request and the cloud server
Recognize, and sends the cloud server for the pre-stored subscription data after coding after verifying is logical.
Optionally, the method includes at least one of: receiving the subscription data request from operator includes: and institute
It states operator and carries out two-way authentication, and in the case where certification passes through, receive the subscription data from the operator and ask
It asks;According to subscription data request obtain from cloud server the first subscription data include: with the cloud server into
Row two-way authentication, and in the case where certification passes through, institute is obtained from the cloud server according to subscription data request
State the first subscription data;By first subscription data be sent to universal embedded integrated circuit card eUICC include: with it is described
EUICC carries out two-way authentication, and in the case where certification passes through, first subscription data is sent to the eUICC.
Optionally, first subscription data is sent to universal embedded integrated circuit card eUICC includes: using default
The first counter first subscription data is sent to the eUICC by the first predetermined order.
Optionally, after first subscription data is sent to universal embedded integrated circuit card eUICC, the side
Method further include: after determining that the eUICC installs the first subscription data failure, indicate that the eUICC pacifies subscription data
Assembly puts back into the installation for falling back on subscription data that is installing before and storing in the eUICC.
According to another embodiment of the invention, a kind of sending method of subscription data is additionally provided, comprising: cloud service
Device receives the acquisition request from long-range signing management platform;The cloud server is contracted according to the acquisition request by first
Data are sent to the long-range signing management platform, to indicate that the long-range signing management platform sends out first subscription data
Give universal embedded integrated circuit card eUICC.
Optionally, the first subscription data is being sent to the long-range label according to the acquisition request by the cloud server
After about managing platform, the method also includes: the cloud server receives the institute from the long-range signing management platform
State the mark ID number of eUICC;The cloud server determines UICC card presupposed information corresponding with the ID number of the eUICC;Institute
It states cloud server and the UICC card presupposed information is sent to the long-range signing management platform.
Optionally, the UICC card presupposed information is being sent to the long-range signing management platform by the cloud server
Later, the method also includes: the cloud server receives installation results and shape from the long-range signing management platform
State, wherein the installation results and state are installation results and state of the eUICC to first subscription data;It is described
Cloud server carries out more according to the installation results and state pair UICC card presupposed information corresponding with the ID number of the eUICC
Newly.
Optionally, the cloud server is before receiving the acquisition request from long-range signing management platform, the side
Method further include: the cloud server receives the pre-stored signing number after the coding from the long-range signing management platform
According to, wherein the pre-stored subscription data is to be sent to the long-range signing by the manufacturer of the eUICC to manage platform
The subscription data being pre-stored in the eUICC.
Optionally, the pre-stored subscription data includes at least following information: subscription data classification, application identities, collection
At circuit card identification code ICCID, mobile subscriber number MSISDN, subscription data state, need storage allocation, management strategy.
Optionally, the cloud server receives the pre-stored label after the coding from the long-range signing management platform
About data include: that the cloud server receives the storage request from the long-range signing management platform, wherein the storage
Request is for the pre-stored subscription data after requesting the storage coding;The cloud server according to the storage request to
The long-range signing management platform sends checking request;The cloud server receives the long-range signing management platform according to institute
State the verification information of checking request transmission;The cloud server in the case where being verified to the verification information,
Pre-stored subscription data after receiving the coding from the long-range signing management platform.
Optionally, it includes: the cloud that the cloud server, which receives the acquisition request from long-range signing management platform,
Server and the long-range signing management platform carry out two-way authentication;The cloud server is the case where two-way authentication passes through
Under, receive the acquisition request from the long-range signing management platform.
Optionally, the first subscription data is sent to the long-range signing according to the acquisition request by the cloud server
Management platform, which includes: the cloud server, described first will be contracted number using preset second counter by the second predetermined order
Platform is managed according to the long-range signing is sent to.
According to another embodiment of the invention, a kind of method of reseptance of subscription data is additionally provided, comprising: reception comes from
First subscription data of long-range signing management platform, wherein first subscription data be the long-range signing manage platform from
It is obtained in cloud server.
Optionally, receiving the first subscription data from long-range signing management platform includes: to receive from the long-range label
About manage the mount request of platform;New publisher safety information domain ISD-P is installed according to the mount request;It is installed
Afterwards, it holds consultation using the new ISD-P and the long-range signing management platform and generates key;Utilize the new ISD-P
It receives in the matched subscription data that the long-range signing management platform is sent and utilizes the encrypted personal signing of the key
Other data in data and the matched subscription data, wherein the matched subscription data is the long-range signing
Management platform is decrypted first subscription data using info decoder, and generates and transport according to preset coded format
Seek the subscription data of the configurations match of quotient.
Optionally, the matched subscription data that the long-range signing management platform is sent is received using the new ISD-P
In include: to pass through web service Web using the new ISD-P using the encrypted personal subscription data of the key
Service safety receives the encrypted personal subscription data by the secure transmission tunnel that Secure Socket Layer SSL is established.
Optionally, after receiving the first subscription data from long-range signing management platform, the method also includes: peace
First subscription data is filled, and installation results and state are sent to the long-range signing and manage platform.
Optionally, after being installed first subscription data, the method also includes: it receives from described long-range
The activation instruction of signing management platform;According to first subscription data of the activation instruction activation installation.
Optionally, after first subscription data is installed, the method also includes: the first signing number is being installed
After failure, the rollback instruction of the long-range signing management platform is received;It is indicated according to the rollback by the installation of subscription data
The installation of subscription data that is that configuration was installed before returning back to and still storing.
Optionally, the method also includes: receive the deletion instruction from the long-range signing management platform;According to described
It deletes instruction and deletes stored predetermined subscription data.
Optionally, receiving the first subscription data from long-range signing management platform includes: and the long-range signing management
Platform carries out two-way authentication;In the case where two-way authentication passes through, described the from the long-range signing management platform is received
One subscription data.
Optionally, after receiving the first subscription data from long-range signing management platform, the method also includes: it will
Personal signing information in first subscription data is stored in preset individual memory space.
According to another embodiment of the invention, a kind of long-range signing management platform is additionally provided, comprising: first receives mould
Block, for receiving the subscription data request from operator;Module is obtained, for taking according to subscription data request from cloud
The first subscription data is obtained in business device;First sending module, for first subscription data to be sent to universal embedded collection
At circuit card eUICC, first subscription data is configured to indicate the eUICC in the eUICC.
Optionally, first sending module includes: the first receiving unit, for receiving the downloading from the operator
Request;Recognition unit, the mark ID number of the eUICC carried in the downloading request for identification;Transmission unit is used for
When determining that first subscription data is matched with the eUICC according to the ID number of the eUICC, first subscription data is sent out
Give the eUICC.
According to another embodiment of the invention, a kind of cloud server is additionally provided, comprising: the second receiving module is used
The acquisition request of platform is managed from long-range contract in receiving;Second sending module, for according to the acquisition request by first
Subscription data is sent to the long-range signing management platform, to indicate the long-range signing management platform by the first signing number
According to being sent to universal embedded integrated circuit card eUICC.
Optionally, the cloud server further include: third receiving module, for according to the acquisition request by first
Subscription data is sent to after the long-range signing management platform, is received from described in the long-range signing management platform
The mark ID number of eUICC;Determining module, for determining UICC card presupposed information corresponding with the ID number of the eUICC;Third hair
Module is sent, manages platform for the UICC card presupposed information to be sent to the long-range signing.
According to another embodiment of the invention, a kind of eUICC is additionally provided, comprising: the 4th receiving module, for receiving
The first subscription data from long-range signing management platform, wherein first subscription data is that the long-range signing management is flat
What platform was obtained from cloud server.
Optionally, the 4th receiving module includes: the second receiving unit, comes from the long-range signing management for receiving
The mount request of platform;Installation unit, for installing new publisher safety information domain ISD-P according to the mount request;Association
Quotient's unit, for after installation is complete, using the new ISD-P and the long-range signing manage platform hold consultation generate it is close
Key;4th receiving unit, for receiving the matched signing that the long-range signing management platform is sent using the new ISD-P
In data using other data in the encrypted personal subscription data of the key and the matched subscription data,
In, the matched subscription data be the long-range signing manage platform using info decoder to first subscription data into
Row decryption, and the subscription data with the configurations match of the operator of the eUICC is generated according to preset coded format.
According to another embodiment of the invention, a kind of terminal, including eUICC described in any of the above embodiments are additionally provided.
According to another embodiment of the invention, a kind of processing system of subscription data is additionally provided, comprising: any of the above-described
Long-range signing described in manages platform, cloud server described in any of the above embodiments and terminal described in any of the above embodiments.
According to another embodiment of the invention, a kind of storage medium is additionally provided, meter is stored in the storage medium
Calculation machine program, wherein the computer program is arranged to execute the step in any of the above-described embodiment of the method when operation.
According to another embodiment of the invention, a kind of electronic device, including memory and processor are additionally provided, it is described
Computer program is stored in memory, the processor is arranged to run the computer program to execute any of the above-described
Step in embodiment of the method.
Through the invention, due to the subscription data for being sent to eUICC be obtained from cloud server, it is therefore not necessary to
The dynamic management of subscription data is realized by OTA, even if after deleting some subscription data in eUICC, without according to new
The subscription data that the deletion is redistributed using user is effectively improved the efficiency of the configuration downloading replacement in eUICC, solves phase
Data configuration in eUICC present in the technology of pass is downloaded, replaces the problem of low efficiency.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes part of this application, this hair
Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart of the sending method of the first subscription data according to an embodiment of the present invention;
Fig. 2 is the flow chart of the sending method of second of subscription data according to an embodiment of the present invention;
Fig. 3 is the flow chart of the method for reseptance of subscription data according to an embodiment of the present invention;
Fig. 4 is the schematic diagram of internal structure of eUICC according to an embodiment of the present invention;
Fig. 5 is eUICC publisher safety information domain structural schematic diagram according to an embodiment of the present invention;
Fig. 6 is the structural block diagram of long-range signing management platform according to an embodiment of the present invention;
Fig. 7 is the structural block diagram of cloud server according to an embodiment of the present invention;
Fig. 8 is the structural block diagram of eUICC according to an embodiment of the present invention;
Fig. 9 is subscription data according to an embodiment of the present invention downloading, replacement process schematic diagram.
Specific embodiment
Hereinafter, the present invention will be described in detail with reference to the accompanying drawings and in combination with Examples.It should be noted that not conflicting
In the case of, the features in the embodiments and the embodiments of the present application can be combined with each other.
It should be noted that description and claims of this specification and term " first " in above-mentioned attached drawing, "
Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.
Current eUICC, for example, in mobile network telecom intelligent card can according to distribution ground, using ground and card purposes not
Together, distribution uses network management region (province and district city) method.But under Internet of Things application scenarios, since eUICC is typically found in
It in internet-of-things terminal or welds in the terminal, issue ground and is difficult to determine when internet-of-things terminal produces using ground.Herein
Under kind of application scenarios, the business such as replacement operation configuration after activation, activation need to be considered when the use for the first time of Internet of Things smart card.Cause
This, the new demand that internet of things service proposes smart card management, especially smart card number distributing in air, activation, deactivation and
Configuration replacement management etc. is to have to solve the problems, such as first.And the process for using of eUICC and traditional UICC card process for using are sent out
Biggish change is given birth to.Traditional UICC card needed before distribution through production, select operator, customization, distribution, activation, using,
The links such as termination.In eUICC, UICC card only needs to carry out basic personalization, such as UICC card ID before distribution
Write-in, the write-in of UICC card Basic Authentication authorization parameter, the write-in of initial subscription data or relevant parameter, then can root after distribution
According to the new registration description information that operator provides, long-range signing management platform regenerates new subscription data and downloads to
In eUICC, the selection replacement of operator is realized.It can thus be seen that the customization procedure of subscription data from card vendor intra-company more
It is changed to the production and installation by eating dishes without rice or wine, the generation and write-in of the data such as especially individualized key, certificate are constantly subjected to run
The highest attention of quotient, card vendor and user.Simultaneously as eUICC can switch subscription data, being also possible to when in use can mistake
Install or have activated an incomplete subscription data, lead to not using.
With popularizing for cloud computing technology, business label are moved to cloud environment by more and more enterprises, platform, utilize cloud environment
The advantages such as the granting speed that resource has is fast, resources costs are low, the deployment of enterprise, platform service on cloud are increasing, more next
It is more universal.In view of this, in embodiments of the present invention, providing one kind to solve the above problem present in the relevant technologies and being based on
The configuration downloading of the eUICC of cloud service, variation, the downloading and management for facilitating operator to configure, while also improving and being
The safety of system.Below with reference to examples illustrate the present invention:
Embodiment one
In embodiments of the present invention, a kind of sending method of subscription data is provided, as shown in Figure 1, this method includes such as
Lower step:
Step S102 receives the subscription data request from operator;
Step S104 obtains the first subscription data according to the request of above-mentioned subscription data from cloud server;
Above-mentioned first subscription data is sent to universal embedded integrated circuit card eUICC by step S106, should with instruction
EUICC configures the first subscription data in eUICC.
Wherein, execute aforesaid operations can be long-range signing management platform.In the present embodiment, operator can be to remote
Journey signing management platform sends subscription data request (for example, it may be subscription data pre-generatmg instructs), and will need scheduled
Subscription data quantity, subscription data require, can use international member identification code (International Mobile Subscriber
Identification Number, referred to as IMSI) range is sent to long-range signing management platform, long-range signing management platform
According to these description informations, the personal information parts such as key, the certificate in subscription data are voluntarily generated, and ask to cloud server
It asks and obtains these subscription data, the data of acquisition, which are stored in long-range signing management platform, prepares downloading.
In the above-described embodiments, since the subscription data for being sent to eUICC is obtained from cloud server,
Without realizing the dynamic management of subscription data by OTA, even if after deleting some subscription data in eUICC, without pressing
According to the new subscription data for redistributing the deletion using user, the efficiency of the configuration downloading replacement in eUICC is effectively improved, is solved
The problem of data configuration downloading in eUICC present in the relevant technologies, replacement low efficiency.
In an alternative embodiment, the first subscription data is sent to embedded smart card eUICC includes: to receive
It is requested from the downloading of operator;Identify the mark ID number of the eUICC carried in downloading request;True according to the ID number of eUICC
When fixed first subscription data is matched with eUICC, the first subscription data is sent to the eUICC.Optionally, above-mentioned downloading
Integrated circuit card identification code (Integrate circuit card identity, the abbreviation of pre-registration can also be carried in request
For ICCID).In the present embodiment, it is handled except the ID number that can carry eUICC in downloading request, the eUICC can also be carried
The ICCID of corresponding pre-registration.After long-range signing management platform completes subscription data preparation, downloading request is sent to remote by operator
Journey signing management platform, long-range signing management platform to the ID number (EID, eUICC ID) of the user equipment card in the request and
The ICCID of corresponding pre-registration is identified that (the present embodiment corresponds to the step S901-906 in Fig. 9, wherein the Fig. 9 is basis
The subscription data downloading of the embodiment of the present invention, replacement process schematic diagram, the registration information in Fig. 9 correspond in the embodiment of the present invention
Subscription data).
In an alternative embodiment, the first subscription data can be determined according to the ID number of eUICC in the following way
Match with eUICC includes: that the ID number of eUICC is sent to cloud server;Receive the cloud server return with eUICC's
The corresponding UICC card presupposed information of ID number;The first subscription data is decrypted using info decoder, and according to preset volume
Code format generates the subscription data with the configurations match of operator;Pre- according to UICC card corresponding with the ID number of above-mentioned eUICC
If information determines in the effective situation of matched subscription data, matched subscription data is sent to eUICC.In the present embodiment
In, long-range signing management platform first can carry out bi-directional authentification with cloud server before sending information to cloud server,
After the authentication is passed, cloud server is again according to the ID number (for example, ID number of above-mentioned eUICC) of user equipment card by the UICC card
Presupposed information (EIS, eUICC Information Set, eUICC card information collection (the encrypted operation with pre-arranged code format
Quotient's configuration) it extracts and is sent to long-range signing management platform, long-range signing management platform will be runed with configuration information decoder
Quotient configures decryption and generates the operator that can be installed according to preset coded format and configures;And judge whether the configuration is effective;
(in addition, cloud server also judges whether configuration mistake occurs, it can be to long-range signing management platform notice hair if mistake occurs
Raw mistake, and error identification occurs, to operator registration information downloading request identification occurs for long-range signing management platform again, and
Send error identification).If effectively, then to eUICC sending related subscription data (corresponding to the S907-9 in Fig. 9).Specifically
Transmission flow is as follows:
Optionally, matched subscription data is sent to eUICC includes: to send to install new publisher's safety to eUICC
The request of information field ISD-P;After confirmation eUICC completes to install the new ISD-P, negotiate to generate with the new ISD-P close
Key;It is encrypted using the personal subscription data in the matched subscription data of key pair, and by encrypted personal subscription data
And other data in matched subscription data are sent to ISD-P.In the present embodiment, long-range signing management platform to
ISD-R starting certification stream after eUICC sends the new ISD-P request of installation, in long-range signing management platform meeting and eUICC
Journey, if establishing an empty ISD-P by certification, eUICC can will confirm that information returns to long-range signing management platform.
Long-range signing management platform and newly-established ISD-P establish one by key agreement process and share come transmission key, and from
A preparation is selected in the new subscription data generated is sent to eUICC.Long-range signing management platform use is assisted with ISD-P
The good key pair of quotient personal subscription data therein encrypts, and encrypted personal subscription data is sent to ISD-P.
After ISD-P receives the data, the key pair data before use are decrypted and install, and installation results and state are returned
To long-range signing management platform (corresponding to the S910-S919 in Fig. 9).
In one optionally embodiment, it includes: to pass through net that above-mentioned encrypted personal subscription data, which is sent to ISD-P,
Page service Web Service safety or the secure transmission tunnel established by Secure Socket Layer SSL contract encrypted individual
Data are sent to ISD-P.In the present embodiment, long-range signing management platform will about sign the personal subscription data (packet in data
Include and be not limited to key, certificate) be handed down to eUICC before, need can with eUICC carry out a key agreement process with determine one
Encryption key later encrypts personal subscription data, and encrypted crucial personal information is then passed through Web Service
The secure transmission tunnel that safety or SSL are established is transmitted.
In one optionally embodiment, the first subscription data is being sent to universal embedded integrated circuit card eUICC
Later, the above method further include: in the installation results and state for receiving first subscription data that the eUICC is sent
Afterwards, by installation results and state reporting to cloud server, with indicate cloud server by utilizing installation results and state pair with
The corresponding UICC card presupposed information of the ID number of eUICC is updated.In the present embodiment, long-range signing manages platform for ISD-P
Installation results and after state is sent to cloud server, cloud server is updated its database, by new signing number
According to being stored in eUICC subscription data collection (EIS), and setting this new subscription data is unactivated state (corresponding in Fig. 9
S920-S921)。
In one optionally embodiment, the first subscription data is being sent to universal embedded integrated circuit card eUICC
Later, the above method further include: receive the activation for being used to request the first subscription data in activation eUICC from operator and ask
It asks;After determining the first subscription data allowed in activation eUICC, activation instruction is sent to eUICC, to indicate that the eUICC swashs
First subscription data living.In the present embodiment, operator be connected to user application open new subscription data (that is, above-mentioned
First subscription data) after, operator sends new subscription data activation request to long-range signing management platform, and long-range signing management is flat
Whether the Rule Information that platform confirms that the new subscription data is concentrated allows to switch;If allowing, signs a registration activation request and give
The ISD-R of eUICC, eUICC continue to locally execute the confirmation of rule;If there is conflict, ISD-R stops the process, and
Inform long-range signing management platform;If do not conflicted, ISD-R carries out subscription data switching, and informs switching result to long-range
Signing management platform, long-range signing management platform inform operator's switching result again.Then, operator passes through remotely signing pipe again
Platform disables former subscription data, and it is (right that this process will also redo after the confirmation of Rule Information twice above-mentioned
It should be in the S922-S924 in Fig. 9).
In an alternative embodiment, the above method further include: receive deleting for request from the operator
The removal request of stored predetermined subscription data in eUICC;In the case where determining that the predetermined subscription data allows to be deleted,
It is sent to eUICC and deletes instruction, to indicate that the eUICC deletes the predetermined subscription data.
In an alternative embodiment, before receiving the subscription data request from operator, the above method is also wrapped
It includes: receiving the registration request of the manufacturer from the eUICC, wherein carry the label being pre-stored in eUICC in the registration request
About data;Pre-stored subscription data is encoded according to preset coded format using configuration information encoder;It will coding
Pre-stored subscription data afterwards is sent to cloud server.That is, in the present embodiment, eUICC makes in eUICC blocking
After completing at quotient, the subscription data being pre-stored inside eUICC first can be sent to long-range signing management platform by card manufacturer
It is registered.
In an alternative embodiment, above-mentioned pre-stored subscription data includes at least following information: subscription data class
Not, application identities, integrated circuit card identification code ICCID, mobile subscriber number MSISDN, subscription data state, need storage allocation,
Management strategy.
In an alternative embodiment, above-mentioned preset coded format includes following one: ASN.1, Unicode,
UTF-8。
In an alternative embodiment, the cloud server packet is sent by the pre-stored subscription data after coding
Include: Xiang Suoshu cloud server sends the storage request for being used to request to store the pre-stored subscription data after the coding;It connects
Receive the checking request that the cloud server is sent according to the storage request;According to the checking request and the cloud service
Device carries out verifying confirmation, and sends the cloud server for the pre-stored subscription data after coding after verifying is logical.
It should be noted that operator, long-range signing manage the mutual communication of platform, cloud service, eUICC first
The two-way authentication of identity is carried out, can be communicated again after confirmation identity is correct.In an alternative embodiment, above method packet
Include at least one of: receiving the subscription data request from operator includes: to carry out two-way authentication with operator, and authenticating
In the case where, receives the subscription data from operator and request to enable;It is requested according to subscription data from cloud server
The first subscription data of middle acquisition includes: to carry out two-way authentication with cloud server, and in the case where certification passes through, according to signing
Request of data obtains the first subscription data from cloud server;First subscription data is sent to universal embedded integrated circuit
Card eUICC includes: to carry out two-way authentication with eUICC, and in the case where certification passes through, the first subscription data is sent to
eUICC。
In an alternative embodiment, the first subscription data is sent to universal embedded integrated circuit card eUICC packet
It includes: the first subscription data being sent to eUICC by the first predetermined order using preset first counter.In the present embodiment,
When long-range signing management platform and cloud server carry out data transmission, in long-range signing management platform and cloud server
Counter can be all arranged in portion, and long-range signing management platform and cloud server send instruction simultaneously in a certain order when sending
Do not allow to repeat to send identical message, the meter of oneself is respectively safeguarded in the long-range signing management receiving ends such as platform and cloud server
Number device, and counter can be used as parameter and participate in authentication calculations.
In an alternative embodiment, the first subscription data is being sent to universal embedded integrated circuit card eUICC
Later, the above method further include: after determining that eUICC installs the failure of the first subscription data, instruction eUICC installs subscription data
The installation of subscription data that is that configuration was installed before returning back to and being stored in eUICC.In the present embodiment, long-range signing pipe
Whether platform and eUICC are before the mounting according to certain rules to that can install and repeatedly confirmed, if installation can not be complete
At, it will be automatically retracted back into initial subscription data, the initial subscription data can be before installed and in eUICC
The subscription data still stored.
By the various embodiments described above it is found that the long-range signing management platform is mainly responsible for the demand according to operator, and card
The certificate information that book publisher provides generates signing information available for download, including personal information (including and it is not limited to key
Information, certification certificate) and non-personalized information;Later, these data are transmitted and is mounted in embedded UICC card.
The manufacturer of eUICC needs for some initial subscription data to be pre-loaded into eUICC card when making card,
These data include but is not limited to following message: the IMSI of authentication certificate, operator's offer that rights issuer provides,
ICCID.After eUICC blocking is made, manufacturer can backup to these initial informations in cloud server, and furthermore manufacturer is also
The Core Generator of subscription data can be provided to long-range signing management platform, manage platform remotely to contract and can voluntarily generate newly
Subscription data.
Embodiment two
In embodiments of the present invention, a kind of sending method of subscription data is additionally provided, as shown in Fig. 2, including following step
It is rapid:
Step S202, cloud server receive the acquisition request from long-range signing management platform;
First subscription data is sent to long-range signing management platform according to acquisition request by step S204, cloud server,
To indicate that the first subscription data is sent to universal embedded integrated circuit card eUICC by the long-range signing management platform.
Each step in above-described embodiment is executed by cloud server.In the above-described embodiments, due to being sent to
The subscription data of eUICC be obtained from cloud server, it is therefore not necessary to by OTA realize subscription data dynamic management,
Even if after deleting some subscription data in eUICC, without according to the new signing number for redistributing the deletion using user
According to the efficiency replaced is downloaded in the configuration effectively improved in eUICC, and the data solved in eUICC present in the relevant technologies are matched
The problem of setting downloading, replacement low efficiency.
In an alternative embodiment, the first subscription data is being sent to remotely by cloud server according to acquisition request
After signing management platform, the above method further include: cloud server receives the mark of the eUICC from long-range signing management platform
Know ID number;The cloud server determines UICC card presupposed information corresponding with the ID number of eUICC;Cloud server is pre- by UICC card
If information is sent to long-range signing management platform.
In an alternative embodiment, cloud server is that UICC card presupposed information is sent to long-range signing management is flat
After platform, the above method further include: cloud server receives installation results and state from long-range signing management platform,
In, the installation results and state are installation results and state of the eUICC to the first subscription data;The cloud server is according to above-mentioned
Installation results and state pair UICC card presupposed information corresponding with the ID number of eUICC are updated.
In an alternative embodiment, cloud server receive the acquisition request from long-range signing management platform it
Before, the above method further include: cloud server receives the pre-stored signing number after the coding from long-range signing management platform
According to, wherein the pre-stored subscription data be sent to by the manufacturer of eUICC long-range signing management platform in eUICC
Pre-stored subscription data.
In an alternative embodiment, above-mentioned pre-stored subscription data includes at least following information: subscription data class
Not, application identities, integrated circuit card identification code ICCID, mobile subscriber number MSISDN, subscription data state, need storage allocation,
Management strategy.
In an alternative embodiment, after above-mentioned cloud server receives the coding from long-range signing management platform
Pre-stored subscription data includes: that cloud server receives the storage request from long-range signing management platform, wherein storage is asked
It asks for the pre-stored subscription data after requesting storage to encode;Cloud server is flat to long-range signing management according to storage request
Platform sends checking request;Cloud server receives the verification information that long-range signing management platform is sent according to checking request;Cloud
Server is in the case where being verified verification information, prestoring after receiving the coding from long-range signing management platform
The subscription data of storage.
In an alternative embodiment, above-mentioned cloud server receives the acquisition request from long-range signing management platform
It include: that cloud server and long-range signing management platform carry out two-way authentication;The feelings that the cloud server passes through in two-way authentication
Under condition, the acquisition request from long-range signing management platform is received.
In an alternative embodiment, the first subscription data is sent to far by above-mentioned cloud server according to acquisition request
Journey signing management platform includes: the cloud server is contracted number by the second predetermined order by first using preset second counter
Platform is managed according to long-range signing is sent to.
As can be seen from the above embodiments, cloud server is mainly used for receiving operator or management platform of remotely contracting
After download instruction, it is responsible for operator's configuration data after storage is encrypted and encoded and long-range signing management platform establishes a peace
Full transmission channel, to complete the transmission of operator's configuration subscription data.Each embedded UICC card is required for the first time one
It is registered at a cloud service, but the cloud service of its registration can be switched later, therefore need to pass between different cloud services
Pass relevant subscription data.
Embodiment three
In embodiments of the present invention, a kind of method of reseptance of subscription data is additionally provided, as shown in figure 3, including following step
It is rapid:
Step S302 receives the first subscription data from long-range signing management platform, wherein first subscription data is
What long-range signing management platform was obtained from cloud server.
Wherein, execute aforesaid operations can be eUICC.In the above-described embodiments, due to being sent to the signing number of eUICC
According to being obtained from cloud server, it is therefore not necessary to the dynamic management of subscription data be realized by OTA, even if in eUICC
After deleting some subscription data, without according to the new subscription data for redistributing the deletion using user, effectively improve
The efficiency of configuration downloading replacement in eUICC, solves data configuration downloading, the replacement in eUICC present in the relevant technologies
The problem of low efficiency.
In an alternative embodiment, receiving the first subscription data from long-range signing management platform includes: to receive
Mount request from long-range signing management platform;New publisher safety information domain ISD-P is installed according to the mount request;Peace
After the completion of dress, holds consultation using the new ISD-P and long-range signing management platform and generate key;It is received using new ISD-P
State in the matched subscription data that long-range signing management platform is sent using the encrypted personal subscription data of key and
Other data in the subscription data matched, wherein the matched subscription data is that long-range signing management platform is decoded using information
The first subscription data is decrypted in device, and is generated and the configurations match of the operator of eUICC according to preset coded format
Subscription data.
In an alternative embodiment, it is received using new ISD-P and states the matched of long-range signing management platform transmission
In subscription data includes: to pass through web service Web using new ISD-P using the encrypted personal subscription data of key
Service safety receives encrypted personal subscription data by the secure transmission tunnel that Secure Socket Layer SSL is established.
In an alternative embodiment, after receiving the first subscription data from long-range signing management platform, on
State method further include: the first subscription data of installation, and installation results and state are sent to long-range signing management platform.
In an alternative embodiment, after being installed the first subscription data, the above method further include: receive and
From the activation instruction of long-range signing management platform;The first subscription data of activation installation is indicated according to activation.
In an alternative embodiment, after the first subscription data is installed, the above method further include: in installation first
After subscription data failure, the rollback instruction of long-range signing management platform is received;The installation of subscription data is matched according to instruction is retracted
Put back into the installation of subscription data that is installing before falling back on and still storing.
In an alternative embodiment, the above method further include: receive the deletion from long-range signing management platform and refer to
Show;Stored predetermined subscription data is deleted according to instruction is deleted.
In an alternative embodiment, receive the first subscription data from long-range signing management platform include: with far
Journey signing management platform carries out two-way authentication;In the case where two-way authentication passes through, receive from long-range signing management platform
First subscription data.
In an alternative embodiment, after receiving the first subscription data from long-range signing management platform, on
State method further include: the personal signing information in the first subscription data is stored in preset individual memory space.It is optional
Ground, the individual separate space can be hardware security module etc..
In the above-described embodiments, the M2M equipment where eUICC or eUICC can be set to lack of competence reading or modification
Crucial personal information data (that is, personal subscription data), to ensure that the safety of subscription data.
EUICC is the smart card for having operating system (COS), and inside contains Credential-Security domain, publisher's safety
Rhizosphere and multiple publisher's safety information domains, for details, reference can be made to Fig. 4, eUICC publisher security information for the internal structure of eUICC
For details, reference can be made to Fig. 5 for domain structure.Wherein store private key, related credentials, the root public key of CI and for demonstrate,proving in Credential-Security domain
The key group of book replacement, security level with higher;The safe rhizosphere of publisher is then responsible for executing long-range signing management platform hair
The platform management instruction sent, and Key Establishing Protocol is executed in long-range signing management platform switching.Publisher's safety information domain
Represent a subscription data of operator, including file system, network insertion application, control authorizing secure domain, supplement safety
Domain, policing rule and operator's security domain.
Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation
The method of example can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but it is very much
In the case of the former be more preferably embodiment.Based on this understanding, technical solution of the present invention is substantially in other words to existing
The part that technology contributes can be embodied in the form of software products, which is stored in a storage
In medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that a terminal device (can be mobile phone, calculate
Machine, server or network equipment etc.) execute method described in each embodiment of the present invention.
Example IV
A kind of remotely contract is additionally provided in the present embodiment manages platform, a kind of cloud server, a kind of eUICC, respectively
Device branch is for realizing the above embodiments one to three, and the descriptions that have already been made will not be repeated.As used below, art
The combination of the software and/or hardware of predetermined function may be implemented in language " module ".Although device described in following embodiment is preferable
Ground is realized with software, but the realization of the combination of hardware or software and hardware is also that may and be contemplated.
Fig. 6 is the structural block diagram of long-range signing management platform according to an embodiment of the present invention, as shown in fig. 6, the long-range label
About management platform includes following module:
First receiving module 62, for receiving the subscription data request from operator;
Module 64 is obtained, above-mentioned first receiving module 62 is connected to, for being taken according to the request of above-mentioned subscription data from cloud
The first subscription data is obtained in business device;
First sending module 66 is connected to above-mentioned acquisition module 64, embedded logical for the first subscription data to be sent to
With integrated circuit card eUICC, to indicate that the eUICC configures the first subscription data in eUICC.
In an alternative embodiment, above-mentioned first sending module 66 includes: the first receiving unit, is come from for receiving
The downloading of operator is requested;Recognition unit, the mark ID number of the eUICC carried in downloading request for identification;Transmission unit is used
In when the ID number according to eUICC determines that the first subscription data is matched with eUICC, the first subscription data is sent to eUICC.
Furthermore it should also be noted that, the long-range signing manages the specific effect of each module and the long-range label in platform
The other function of platform is about managed for details, reference can be made to the description in each alternative embodiment in embodiment one, details are not described herein.
Fig. 7 is the structural block diagram of cloud server according to an embodiment of the present invention, as shown in fig. 7, the cloud server packet
Include following module:
Second receiving module 72, for receiving the acquisition request from long-range signing management platform;
Second sending module 74 is connected to above-mentioned second receiving module 72, for according to acquisition request by first contract number
According to remotely signing management platform is sent to, the first subscription data is sent to universal embedded by management platform of remotely being contracted with instruction
Integrated circuit card eUICC.
In an alternative embodiment, above-mentioned cloud server further include: third receiving module, for according to acquisition
After first subscription data is sent to the long-range signing management platform by request, the institute from long-range signing management platform is received
State the mark ID number of eUICC;Determining module, for determining UICC card presupposed information corresponding with the ID number of eUICC;Third is sent
Module, for UICC card presupposed information to be sent to long-range signing management platform.
Furthermore it should also be noted that, the specific effect of each module and the cloud server in the cloud server
Other function is for details, reference can be made to the description in each alternative embodiment in embodiment two, and details are not described herein.
Fig. 8 is the structural block diagram of eUICC according to an embodiment of the present invention, as shown in figure 8, the eUICC includes following module:
4th receiving module 82, for receiving the first subscription data from long-range signing management platform, wherein this first
Subscription data is that long-range signing management platform is obtained from cloud server.
In an alternative embodiment, above-mentioned 4th receiving module 82 includes: the second receiving unit, is come from for receiving
The mount request of long-range signing management platform;Installation unit, for installing new publisher's safety information domain according to mount request
ISD-P;Negotiation element using new ISD-P and states long-range signing management platform and holds consultation generation for after installation is complete
Key;4th receiving unit, for receiving the matched subscription data stating long-range signing management platform and sending using new ISD-P
In other data utilized in the encrypted personal subscription data of key and matched subscription data, wherein matched label
About data are decrypted the first subscription data using info decoder for long-range signing management platform, and according to preset coding
Format generates the subscription data with the configurations match of the operator of eUICC.
Furthermore it should also be noted that, the other function of the specific effect of each module and the eUICC have in the eUICC
Body can be found in the description in embodiment three in each alternative embodiment, and details are not described herein.
In an alternative embodiment, a kind of terminal is additionally provided, which includes the eUICC of any of the above-described.It can
Selection of land, the eUICC or the terminal are arranged to lack of competence and read or modify crucial personal information data (that is, in subscription data
Personal subscription data).Optionally, which can be inserted into the terminal, or be directly welded in terminal.
In an alternative embodiment, a kind of processing system of subscription data is additionally provided, comprising: any of the above-described institute
The long-range signing management platform stated, cloud server described in any of the above embodiments and above-mentioned terminal.Wherein, long-range signing
The concrete function of management platform, cloud server and terminal refers to description above-mentioned, here, repeating no more.
Embodiment five
The embodiments of the present invention also provide a kind of storage medium, computer program is stored in the storage medium, wherein
The computer program is arranged to execute the step in any of the above-described embodiment of the method when operation.
Optionally, in the present embodiment, above-mentioned storage medium can be set to store by executing based on following steps
Calculation machine program:
S1 receives the subscription data request from operator;
S2 obtains the first subscription data according to the request of above-mentioned subscription data from cloud server;
Above-mentioned first subscription data is sent to universal embedded integrated circuit card eUICC by S3, to indicate that the eUICC exists
The first subscription data is configured in eUICC.
Optionally, in the present embodiment, above-mentioned storage medium can be set to store by executing based on following steps
Calculation machine program:
S1 receives the acquisition request from long-range signing management platform;
First subscription data is sent to long-range signing management platform according to acquisition request, to indicate the long-range signing by S2
It manages platform and the first subscription data is sent to universal embedded integrated circuit card eUICC.
Optionally, in the present embodiment, above-mentioned storage medium can be set to store by executing based on following steps
Calculation machine program:
S1 receives the first subscription data from long-range signing management platform, wherein first subscription data is remotely to sign
About management platform is obtained from cloud server.
Optionally, in the present embodiment, above-mentioned storage medium can include but is not limited to: USB flash disk, read-only memory (Read-
Only Memory, referred to as ROM), it is random access memory (Random Access Memory, referred to as RAM), mobile hard
The various media that can store computer program such as disk, magnetic or disk.
The embodiments of the present invention also provide a kind of electronic device, including memory and processor, stored in the memory
There is computer program, which is arranged to execute the step in any of the above-described embodiment of the method by computer program.
Optionally, in the present embodiment, above-mentioned processor can be set to execute following steps by computer program:
S1 receives the subscription data request from operator;
S2 obtains the first subscription data according to the request of above-mentioned subscription data from cloud server;
Above-mentioned first subscription data is sent to universal embedded integrated circuit card eUICC by S3, to indicate that the eUICC exists
The first subscription data is configured in eUICC.
Optionally, in the present embodiment, above-mentioned processor can be set to execute following steps by computer program:
S1 receives the acquisition request from long-range signing management platform;
First subscription data is sent to long-range signing management platform according to acquisition request, to indicate the long-range signing by S2
It manages platform and the first subscription data is sent to universal embedded integrated circuit card eUICC.
Optionally, in the present embodiment, above-mentioned processor can be set to execute following steps by computer program:
S1 receives the first subscription data from long-range signing management platform, wherein first subscription data is remotely to sign
About management platform is obtained from cloud server.
Optionally, the specific example in the present embodiment can be with reference to described in above-described embodiment and optional embodiment
Example, details are not described herein for the present embodiment.
The term that may relate to below to the present invention is explained:
Client: payer, legal liabilities people or entity.
Equipment: equipment embedded by the embedded UICC of period of assembly and communication module.Such as: intelligence instrument, automobile and photograph
Camera.
Embedded mobile device: having the equipment of embedded 3GPP network accessibility, is not mainstream conventionally
Mobile network appliance.Such as camera, automobile and laptop.
Embedded UICC (eUICC): being not easy the UICC for contacting or replacing, cannot be removed or replaced in the terminal, and
Can safety carry out signing change.
Profile: configuration configures or appears in file structure, the set of data and application program on eUICC.
Profile is enabled: the state of Profile selects its file and/or application program by UICC- terminal interface
(such as NAA).
EUICC supplier/eUICC card vendor: the supplier of eUICC module and canned software (such as firmware and operating system).
The physical size and shape of specification UICC.Follow ISO 7816-1.
Main equipment: equipment embedded by module during assembly.Such as: instrument, automobile, camera.
ICCID: it is stored in the one number of the UICC hardware on UICC, and is engraved on hardware.Follow ITU-T's
E.118 equal definition.
IMSI: the unique identifier for the SIM application program issued and possessed by mobile operator, holding equipment access network
It is serviced with using.
M2M: the service such as not no intelligence instrument of user interface of offer.The general independent operation of service that MNO is provided, clothes
The service that business supplier provides often is limited.
Mobile Network Operator MNO: the entity of communication service is provided to client by mobile network's infrastructure.
Network insertion application NAA: it is stored on UICC and the application program of network insertion authorization is provided.Such as USIM application journey
Sequence.
Network insertion credential: also known as network insertion certificate, the ITU data that E.212 [i.1] network verification needs.It may
Including data such as Ki/K and be stored in the IMSI of NAA.
It activates Profile: being applied and relevant network insertion credential comprising one or more network insertions
Profile。
Strategy: showing as the principle of one group of rule, manages eUICC and/or participates in the row for the entity that eUICC is remotely managed
For.
Policy control functions: definition, update or deletion strategy rule carry out the function of implementation strategy.
Policy enforcement function: implementation strategy rule carrys out the function of implementation strategy.
Policing rule: the atomic operation and execution condition of definition strategy.
Profile accesses credential: the Data Data being present in profile, and it is logical that such external entity can establish safety
Letter, in order to manage the structure and data of profile.
Profile manages credential: the data being present in eUICC can establish peace between such external entity and eUICC
Full communication, in order to manage the load of profile, enabling, disabling and deletion on eUICC.
It configures Profile: being applied and relevant network insertion credential comprising one or more network insertions
Profile allows to access communication network when being mounted on eUICC, only provides for eUICC management and profile management
Transmittability between eUICC and long-range signing management platform.
Configuration signing: signing and its relevant configuration profile, this allows equipment to carry out access to mobile network, it is therefore an objective to manage
Manage the activation profile on eUICC.
Role: role is the entity for representing logic groups function.
Long-range signing management platform: long-range signing management platform mainly has two parts function: preparing activation and configuration
Profile simultaneously carries out security configuration on eUICC;Safely execute directly management activation and configuration profile on eUICC.
Profile is predetermined to refer to that MNO initiates Profile predetermined request, long-range signing management to long-range signing management platform
The information (Profile type, quantity, IMSI etc.) that platform is provided according to MNO generates Profile.
Profile establishes the common segment for referring to that long-range signing management platform establishes Profile, with eUICC specific data
Come together to establish the practical Profile of specific eUICC.
The generation of credential and key refers to that MNO and long-range signing manage platform under safety, guaranteed SAS environment,
Actual credential and key value are created, the credential and key value can be comprised in the Profile of eUICC particular version.
It does not wherein include the credential of Profile management.
Profile preparation refers to that for specific eUICC, long-range signing manages platform for general eUICC Profile
Combine with specific eUICC data, including credential and key information, as a result (is likely to) to be encrypted.
Profile transmission refers to the process of that long-range signing management platform transmits Profile to eUICC physics.
EUICC verifying refers to the process of that long-range signing management platform and eUICC OS examine eUICC.
Profile load be long-range signing management platform by Profile into eUICC (volatile and nonvolatile property) memory
Configure the process of (physics/electronics).
Profile installation refers to that long-range signing management platform creates Profile and NAA (s) example in eUICC memory.
Profile management refers to that long-range signing management platform retouches the generality of all different Profile management functions
It states, which is intended to pay close attention to entirety rather than actual content.Such as: Profile activation is deleted.
Profile activation refers to that long-range signing management platform activates the Profile for being mounted on eUICC memory, therefore
M2M equipment can choose NAA (s) file.
Profile, which is deactivated, refers to that long-range signing management platform deactivates the Profile for being mounted on eUICC memory,
Therefore M2M equipment will not select NAA (s) file.
Profile deletion refers to that long-range signing management platform will be the previously loaded and be possibly mounted at specific on eUICC
Profile carries out the process that (physics/electronics) permanently removes.
Policing rule setting refers to that MNO and long-range signing management platform manage the execution condition or Profile of specific command
The relevant operation of reason is configured.Policing rule is the movement and condition that definition strategy executes.
Strategy execution refers to the execution condition of long-range signing management platform and eUICC OS assessment strategy rule and is based on
Assessment order carrys out the decision of implementation strategy rule.
Policy control refers to that effective management of long-range signing management platform strategy rule, or the policing rule of verifying MNO are
It is no to be executed correctly
Operators in co-operation is described as follows: there is following three situation,
1, SIM is locked
User is current and operator A (MNO A) contracts, and binding SIM card must not turn net, but the user in six months
Forget to contract with MNO A, and attempt to contract with operator B (MNO B) during SIM card binding, whether MNO B inquiry allows
Its Profile is installed in eUICC card, but forbids it that MNO B is installed by the PCF that MNO A Profile is defined
Profile (due to defining SIM card locking in PCF), MNO B obtain the eUICC card due to still being locked with MNO A signing
Determine information.
2, there are cooperation agreements between operator
User's SIM card is simultaneously not locked out, and terminal is in the possession of the user, the operator Profile activated on eUICC card
From operator A (MNO A), user wants to turn net to operator B (MNO B), and issues to MNO B and turn net request, due to MNO
Cooperation agreement is signed between A and MNO B, MNO B obtains authorization and activates MNO B Profile (to pass through in user's eUICC card
The exchange pertinent information in both sides' carrier server), this process is realized by PCF principle and its execution mechanism, and realization turns net
Afterwards, operator Profile is activated to belong to MNO B in user eUICC card, and MNO B network service can be used in user, together
When, PCF actuator executes the PCF principle of MNO B in user eUICC.
3, cooperation agreement is not present between operator
The currently active operator Profile belongs to MNO A in user's eUICC card, and user's SIM card and is not locked out, eventually
End is in the possession of the user, and user wants to turn net to operator C (MNO C), and is issued to MNO C and turned net request, due to MNO A and
Cooperation agreement is not signed between MNO C, MNO C does not obtain authorization and installs MNO C Profile in user's eUICC card, then
User turns Netcom and crosses PCF principle and its execution mechanism realization.
Obviously, those skilled in the art should be understood that each module of the above invention or each step can be with general
Computing device realize that they can be concentrated on a single computing device, or be distributed in multiple computing devices and formed
Network on, optionally, they can be realized with the program code that computing device can perform, it is thus possible to which they are stored
It is performed by computing device in the storage device, and in some cases, it can be to be different from shown in sequence execution herein
Out or description the step of, perhaps they are fabricated to each integrated circuit modules or by them multiple modules or
Step is fabricated to single integrated circuit module to realize.In this way, the present invention is not limited to any specific hardware and softwares to combine.
The foregoing is only a preferred embodiment of the present invention, is not intended to restrict the invention, for the skill of this field
For art personnel, the invention may be variously modified and varied.It is all within principle of the invention, it is made it is any modification, etc.
With replacement, improvement etc., should all be included in the protection scope of the present invention.
Claims (43)
1. a kind of sending method of subscription data characterized by comprising
Receive the subscription data request from operator;
The first subscription data is obtained from cloud server according to subscription data request;
First subscription data is sent to universal embedded integrated circuit card eUICC, to indicate the eUICC described
First subscription data is configured in eUICC.
2. the method according to claim 1, wherein first subscription data is sent to embedded smart card
EUICC includes:
Receive the downloading request from the operator;
Identify the mark ID number of the eUICC carried in the downloading request;
When determining that first subscription data is matched with the eUICC according to the ID number of the eUICC, described first is contracted
Data are sent to the eUICC.
3. according to the method described in claim 2, it is characterized in that, also carrying the integrated circuit of pre-registration in the downloading request
Card identification code ICCID.
4. according to the method described in claim 2, it is characterized in that, being determined in the following way according to the ID number of the eUICC
First subscription data is matched with the eUICC includes:
The ID number of the eUICC is sent to the cloud server;
Receive the UICC card presupposed information corresponding with the ID number of the eUICC that the cloud server returns;
First subscription data is decrypted using info decoder, and is generated and the fortune according to preset coded format
Seek the subscription data of the configurations match of quotient;
The effective feelings of matched subscription data are being determined according to UICC card presupposed information corresponding with the ID number of the eUICC
Under condition, the matched subscription data is sent to the eUICC.
5. according to the method described in claim 4, it is characterized in that, the matched subscription data is sent to the eUICC
Include:
The request for installing new publisher safety information domain ISD-P is sent to the eUICC;
After confirming that the eUICC completes to install the new ISD-P, negotiate to generate key with the new ISD-P;
It is encrypted using the personal subscription data in matched subscription data described in the key pair, and by encrypted individual
Other data in subscription data and the matched subscription data are sent to the ISD-P.
6. according to the method described in claim 5, it is characterized in that, the encrypted personal subscription data is sent to described
ISD-P includes:
Described it will be added by web service Web Service safety or the secure transmission tunnel established by Secure Socket Layer SSL
Personal subscription data after close is sent to the ISD-P.
7. according to the method described in claim 4, it is characterized in that, universal embedded first subscription data to be sent to
After integrated circuit card eUICC, the method also includes:
After the installation results and state for receiving first subscription data that the eUICC is sent, by the installation results
Give the cloud server with state reporting, with indicate the cloud server using the installation results and state pair with it is described
The corresponding UICC card presupposed information of the ID number of eUICC is updated.
8. the method according to claim 1, wherein universal embedded first subscription data to be sent to
After integrated circuit card eUICC, the method also includes:
Receive the activation request for being used to request to activate first subscription data in the eUICC from the operator;
After determining first subscription data for allowing to activate in the eUICC, Xiang Suoshu eUICC sends activation instruction, with
Indicate that the eUICC activates first subscription data.
9. the method according to claim 1, wherein the method also includes:
It receives and from the operator is used to that the deletion for deleting stored predetermined subscription data in the eUICC to be requested to be asked
It asks;
In the case where determining that the predetermined subscription data allows to be deleted, Xiang Suoshu eUICC, which is sent, deletes instruction, to indicate
It states eUICC and deletes the predetermined subscription data.
10. the method according to claim 1, wherein receive from operator subscription data request before,
The method also includes:
Receive the registration request of the manufacturer from the eUICC, wherein carry in the registration request pre- in the eUICC
The subscription data of storage;
The pre-stored subscription data is encoded according to preset coded format using configuration information encoder;
The cloud server is sent by the pre-stored subscription data after coding.
11. according to the method described in claim 10, it is characterized in that, the pre-stored subscription data includes at least following letter
Breath:
Subscription data classification, application identities, integrated circuit card identification code ICCID, mobile subscriber number MSISDN, subscription data shape
State needs storage allocation, management strategy.
12. the method according to claim 4 or 10, which is characterized in that the preset coded format includes following one:
ASN.1, Unicode, UTF-8.
13. according to the method described in claim 10, it is characterized in that, sending institute for the pre-stored subscription data after coding
Stating cloud server includes:
The storage request for being used to request to store the pre-stored subscription data after the coding is sent to the cloud server;
Receive the checking request that the cloud server is sent according to the storage request;
Verifying confirmation is carried out according to the checking request and the cloud server, and will be pre-stored after coding after verifying is logical
Subscription data be sent to the cloud server.
14. the method according to claim 1, wherein including at least one of:
Receiving the subscription data request from operator includes: to carry out two-way authentication with the operator, and pass through in certification
In the case of, receive the subscription data request from the operator;
According to subscription data request obtain from cloud server the first subscription data include: with the cloud server into
Row two-way authentication, and in the case where certification passes through, institute is obtained from the cloud server according to subscription data request
State the first subscription data;
It includes: two-way with eUICC progress that first subscription data, which is sent to universal embedded integrated circuit card eUICC,
Certification, and in the case where certification passes through, first subscription data is sent to the eUICC.
15. the method according to claim 1, wherein first subscription data is sent to universal embedded
Integrated circuit card eUICC includes:
First subscription data is sent to the eUICC by the first predetermined order using preset first counter.
16. the method according to claim 1, wherein embedded logical first subscription data to be sent to
After integrated circuit card eUICC, the method also includes:
After determining that the eUICC installs the first subscription data failure, indicates that the eUICC installs subscription data and configure
The installation of subscription data that is being installed before returning back to and being stored in the eUICC.
17. a kind of sending method of subscription data characterized by comprising
Cloud server receives the acquisition request from long-range signing management platform;
First subscription data is sent to the long-range signing according to the acquisition request and manages platform by the cloud server, with
Indicate that first subscription data is sent to universal embedded integrated circuit card eUICC by the long-range signing management platform.
18. according to the method for claim 17, which is characterized in that the cloud server is incited somebody to action according to the acquisition request
First subscription data is sent to after the long-range signing management platform, the method also includes:
The cloud server receives the mark ID number of the eUICC from the long-range signing management platform;
The cloud server determines UICC card presupposed information corresponding with the ID number of the eUICC;
The UICC card presupposed information is sent to the long-range signing and manages platform by the cloud server.
19. according to the method for claim 18, which is characterized in that the UICC card is being preset letter by the cloud server
Breath is sent to after the long-range signing management platform, the method also includes:
The cloud server receives installation results and state from the long-range signing management platform, wherein the installation
It as a result is installation results and state of the eUICC to first subscription data with state;
The cloud server is according to the installation results and the default letter of state pair UICC card corresponding with the ID number of the eUICC
Breath is updated.
20. according to the method for claim 17, which is characterized in that the cloud server is being received from long-range signing pipe
Before the acquisition request of platform, the method also includes:
The cloud server receives the pre-stored subscription data after the coding from the long-range signing management platform,
In, the pre-stored subscription data for by the manufacturer of the eUICC be sent to the long-range signing manage platform in institute
State the subscription data being pre-stored in eUICC.
21. according to the method for claim 20, which is characterized in that the pre-stored subscription data includes at least following letter
Breath:
Subscription data classification, application identities, integrated circuit card identification code ICCID, mobile subscriber number MSISDN, subscription data shape
State needs storage allocation, management strategy.
22. according to the method for claim 20, which is characterized in that the cloud server, which receives, comes from the long-range signing
Manage platform coding after pre-stored subscription data include:
The cloud server receives the storage request from the long-range signing management platform, wherein the storage request is used
Pre-stored subscription data after request stores the coding;
The cloud server requests to send checking request to the long-range signing management platform according to the storage;
The cloud server receives the verification information that the long-range signing management platform is sent according to the checking request;
The cloud server receives in the case where being verified to the verification information and comes from the long-range signing pipe
Pre-stored subscription data after the coding of platform.
23. according to the method for claim 17, which is characterized in that the cloud server is received from long-range signing management
The acquisition request of platform includes:
The cloud server and the long-range signing management platform carry out two-way authentication;
The cloud server is received to manage from the long-range signing and be obtained described in platform in the case where two-way authentication passes through
Take request.
24. according to the method for claim 17, which is characterized in that the cloud server is according to the acquisition request by the
One subscription data is sent to the long-range signing management platform
First subscription data is sent to using preset second counter by the second predetermined order by the cloud server
The long-range signing manages platform.
25. a kind of method of reseptance of subscription data characterized by comprising
Receive the first subscription data from long-range signing management platform, wherein first subscription data is the long-range label
About management platform is obtained from cloud server.
26. according to the method for claim 25, which is characterized in that receive the first signing from long-range signing management platform
Data include:
Receive the mount request from the long-range signing management platform;
New publisher safety information domain ISD-P is installed according to the mount request;
After being installed, holds consultation using the new ISD-P and the long-range signing management platform and generate key;
It is received using the new ISD-P described in the utilization in the matched subscription data that the long-range signing management platform is sent
Other data in the encrypted personal subscription data of key and the matched subscription data, wherein the matched label
About data are managed platform for the long-range signing and first subscription data are decrypted using info decoder, and according to pre-
If coded format generate the subscription data with the configurations match of operator.
27. according to the method for claim 26, which is characterized in that receive the long-range signing using the new ISD-P
It manages in the matched subscription data that platform is sent and includes: using the encrypted personal subscription data of the key
Safety Service safety by web service Web using the new ISD-P or established by Secure Socket Layer SSL
Transmission channel receives the encrypted personal subscription data.
28. according to the method for claim 25, which is characterized in that receiving the first label from long-range signing management platform
About after data, the method also includes:
First subscription data is installed, and installation results and state are sent to the long-range signing and manage platform.
29. according to the method for claim 28, which is characterized in that after being installed first subscription data, institute
State method further include:
Receive the activation instruction from the long-range signing management platform;
According to first subscription data of the activation instruction activation installation.
30. according to the method for claim 28, which is characterized in that after first subscription data is installed, the side
Method further include:
After the first subscription data failure is installed, the rollback instruction of the long-range signing management platform is received;
Subscription data that is being installed before being return back to the installation configuration of subscription data according to the instruction that retracts and still storing
Installation.
31. according to the method for claim 25, which is characterized in that the method also includes:
Receive the deletion instruction from the long-range signing management platform;
Stored predetermined subscription data is deleted according to deletion instruction.
32. according to the method for claim 25, which is characterized in that receive the first signing from long-range signing management platform
Data include:
Two-way authentication is carried out with the long-range signing management platform;
In the case where two-way authentication passes through, first subscription data from the long-range signing management platform is received.
33. according to the method for claim 25, which is characterized in that receiving the first label from long-range signing management platform
About after data, the method also includes:
Personal signing information in first subscription data is stored in preset individual memory space.
34. a kind of long-range signing management platform characterized by comprising
First receiving module, for receiving the subscription data request from operator;
Module is obtained, for obtaining the first subscription data from cloud server according to subscription data request;
First sending module, for first subscription data to be sent to universal embedded integrated circuit card eUICC, with instruction
The eUICC configures first subscription data in the eUICC.
35. long-range signing according to claim 34 manages platform, which is characterized in that first sending module includes:
First receiving unit, for receiving the downloading request from the operator;
Recognition unit, the mark ID number of the eUICC carried in the downloading request for identification;
Transmission unit, for when determining that first subscription data is matched with the eUICC according to the ID number of the eUICC,
First subscription data is sent to the eUICC.
36. a kind of cloud server characterized by comprising
Second receiving module, for receiving the acquisition request from long-range signing management platform;
Second sending module is put down for the first subscription data to be sent to the long-range signing management according to the acquisition request
Platform, to indicate that first subscription data is sent to universal embedded integrated circuit card by the long-range signing management platform
eUICC。
37. cloud server according to claim 36, which is characterized in that further include:
Third receiving module, for putting down the first subscription data is sent to the long-range signing management according to the acquisition request
After platform, the mark ID number of the eUICC from the long-range signing management platform is received;
Determining module, for determining UICC card presupposed information corresponding with the ID number of the eUICC;
Third sending module manages platform for the UICC card presupposed information to be sent to the long-range signing.
38. a kind of eUICC characterized by comprising
4th receiving module, for receiving the first subscription data from long-range signing management platform, wherein first signing
Data are that the long-range signing management platform is obtained from cloud server.
39. the eUICC according to claim 38, which is characterized in that the 4th receiving module includes:
Second receiving unit, for receiving the mount request from the long-range signing management platform;
Installation unit, for installing new publisher safety information domain ISD-P according to the mount request;
Negotiation element, for after installation is complete, being held consultation using the new ISD-P and the long-range signing management platform
Generate key;
4th receiving unit, for receiving the matched label that the long-range signing management platform is sent using the new ISD-P
About in data using other data in the encrypted personal subscription data of the key and the matched subscription data,
Wherein, the matched subscription data is that the long-range signing manages platform using info decoder to first subscription data
It is decrypted, and the subscription data with the configurations match of the operator of the eUICC is generated according to preset coded format.
40. a kind of terminal, which is characterized in that including eUICC described in claim 38 or 39.
41. a kind of processing system of subscription data characterized by comprising long-range signing described in claim 34 or 35
Manage platform, terminal described in cloud server described in claim 36 or 37 and claim 40.
42. a kind of storage medium, which is characterized in that be stored with computer program in the storage medium, wherein the computer
Program is arranged to execute method described in any one of claim 1 to 16 when operation, wants alternatively, executing the right
Method described in 17 to 24 any one is sought, alternatively, executing method described in any one of claim 25 to 33.
43. a kind of electronic device, including memory and processor, which is characterized in that be stored with computer journey in the memory
Sequence, the processor are arranged to run the computer program to execute described in any one of claim 1 to 16
Method, alternatively, execute method described in any one of claim 17 to 24, alternatively, execute the claim 25 to
Method described in 33 any one.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711408249.6A CN109963275B (en) | 2017-12-22 | 2017-12-22 | Sending method and receiving method of subscription data and processing system of subscription data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711408249.6A CN109963275B (en) | 2017-12-22 | 2017-12-22 | Sending method and receiving method of subscription data and processing system of subscription data |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109963275A true CN109963275A (en) | 2019-07-02 |
CN109963275B CN109963275B (en) | 2022-01-28 |
Family
ID=67019667
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711408249.6A Active CN109963275B (en) | 2017-12-22 | 2017-12-22 | Sending method and receiving method of subscription data and processing system of subscription data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109963275B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019223524A1 (en) * | 2018-05-25 | 2019-11-28 | 中兴通讯股份有限公司 | Method, apparatus and system for managing issuer security information domain |
CN110536284A (en) * | 2019-07-03 | 2019-12-03 | 深圳杰睿联科技有限公司 | ESIM management method and system based on Internet of Things |
WO2021073440A1 (en) * | 2019-10-14 | 2021-04-22 | ***通信有限公司研究院 | Access control method and device for embedded universal integrated circuit card, and storage medium |
WO2023122917A1 (en) * | 2021-12-27 | 2023-07-06 | 北京小米移动软件有限公司 | Information processing method and apparatus, communication device, and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104703170A (en) * | 2013-12-05 | 2015-06-10 | 华为终端有限公司 | Methods and equipment for downloading file of operator |
CN106412871A (en) * | 2016-10-31 | 2017-02-15 | 努比亚技术有限公司 | Method of realizing communication processing and terminal |
CN106899540A (en) * | 2015-12-17 | 2017-06-27 | 中国电信股份有限公司 | The update method of user contracting data, management system, eUICC and terminal |
CN106937274A (en) * | 2017-05-12 | 2017-07-07 | 东信和平科技股份有限公司 | A kind of Profile changing methods and device based on EUICC |
-
2017
- 2017-12-22 CN CN201711408249.6A patent/CN109963275B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104703170A (en) * | 2013-12-05 | 2015-06-10 | 华为终端有限公司 | Methods and equipment for downloading file of operator |
CN106899540A (en) * | 2015-12-17 | 2017-06-27 | 中国电信股份有限公司 | The update method of user contracting data, management system, eUICC and terminal |
CN106412871A (en) * | 2016-10-31 | 2017-02-15 | 努比亚技术有限公司 | Method of realizing communication processing and terminal |
CN106937274A (en) * | 2017-05-12 | 2017-07-07 | 东信和平科技股份有限公司 | A kind of Profile changing methods and device based on EUICC |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2019223524A1 (en) * | 2018-05-25 | 2019-11-28 | 中兴通讯股份有限公司 | Method, apparatus and system for managing issuer security information domain |
CN110536284A (en) * | 2019-07-03 | 2019-12-03 | 深圳杰睿联科技有限公司 | ESIM management method and system based on Internet of Things |
WO2021073440A1 (en) * | 2019-10-14 | 2021-04-22 | ***通信有限公司研究院 | Access control method and device for embedded universal integrated circuit card, and storage medium |
WO2023122917A1 (en) * | 2021-12-27 | 2023-07-06 | 北京小米移动软件有限公司 | Information processing method and apparatus, communication device, and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109963275B (en) | 2022-01-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10362485B2 (en) | Delegated profile and policy management | |
KR102558361B1 (en) | Techniques for managing profiles in communication systems | |
US9521547B2 (en) | Method for managing embedded UICC and embedded UICC, MNO system, provision method, and method for changing MNO using same | |
US9451459B2 (en) | Certification method using an embedded UICC certificate, provisioning and MNO changing methods using the certification method, embedded UICC therefor, MNO system, and recording medium | |
US9414233B2 (en) | Method for managing profile of Embedded UICC, and Embedded UICC, Embedded UICC-equipped terminal, provision method, and method for changing MNO using same | |
CN103250434B (en) | For the management systems accessing controlled entity more | |
EP3337219B1 (en) | Carrier configuration processing method, device and system, and computer storage medium | |
KR102093574B1 (en) | Method and apparatus for issuing assertions in a distributed database of a mobile communication network and personalizing Internet of Things devices | |
CN109963275A (en) | Sending method, the processing system of method of reseptance and subscription data of subscription data | |
US20160099923A1 (en) | Client accessible secure area in a mobile device security module | |
KR101979162B1 (en) | Method for Managing Key of Embedded SIM, Embedded SIM and recording medium for the same | |
CN113273155B (en) | Method and apparatus for managing binding of intelligent security platform | |
CN103493426A (en) | Key derivation | |
CN108966208A (en) | The method for down loading and device of eUICC subscription data | |
KR20200028786A (en) | Apparatus and methods for ssp device and server to negociate digital certificates | |
CN110381103A (en) | A kind of methods, devices and systems for downloading operator's configuration file | |
US20190182659A1 (en) | Network subscription handling | |
KR20200101257A (en) | Method and apparatus for device change in mobile communication system | |
WO2010084081A1 (en) | Method of loading data in an electronic device | |
US20140351578A1 (en) | Determination of apparatus configuration and programming data | |
JP7208080B2 (en) | Automatic activation and onboarding of connected equipment | |
CN110535814A (en) | A kind of methods, devices and systems managing publisher's safety information domain | |
US20220278985A1 (en) | Method and device for transferring bundle between devices | |
CN116097636A (en) | Apparatus and method for linking or profile transfer between devices | |
Fridh | eSIM Re-Selling on Mobile App |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |