CN111382823A - Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module) - Google Patents

Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module) Download PDF

Info

Publication number
CN111382823A
CN111382823A CN202010209655.5A CN202010209655A CN111382823A CN 111382823 A CN111382823 A CN 111382823A CN 202010209655 A CN202010209655 A CN 202010209655A CN 111382823 A CN111382823 A CN 111382823A
Authority
CN
China
Prior art keywords
sim card
coprocessor
sim
esim
cellular communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010209655.5A
Other languages
Chinese (zh)
Inventor
安之平
吕悦川
钱炜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhilianan Technology Co ltd
Original Assignee
Beijing Zhilianan Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhilianan Technology Co ltd filed Critical Beijing Zhilianan Technology Co ltd
Priority to CN202010209655.5A priority Critical patent/CN111382823A/en
Publication of CN111382823A publication Critical patent/CN111382823A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a cellular communication chip for safely connecting an SIM (subscriber identity Module) and an eSIM (electronic subscriber identity Module), which comprises an SIM card controller and a baseband CPU (Central processing Unit), wherein the SIM card controller and the baseband CPU are physically isolated by a coprocessor, and the coprocessor proxies all legal operations of an SIM card and filters out any non-expected operation which is not allowed after the chip leaves a factory. The invention physically isolates the SIM card controller from the baseband CPU through the coprocessor, thereby greatly improving the communication safety.

Description

Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module)
Technical Field
The invention relates to a cellular communication chip for safely connecting SIM and eSIM.
Background
The SIM card is used as authentication equipment for accessing the network of a user, and is accessed to the network by the baseband communication chip and carries out random read-write access in the network communication process. Meanwhile, the SIM card is also used as a security chip in the whole communication terminal to store core identity information and other privacy data of the user.
As shown in fig. 1, in the existing scheme, a baseband communication chip generally has a built-in CPU core and a SIM card interface main controller, and the core directly passes through the SIM card interface controller, so that any read/write operation on the SIM card can be initiated at any time, and the security is low.
The baseband CPU not only runs the SIM card control program, but also simultaneously runs an operating system, communication protocol stack software and a plurality of application programs. These contents are generally considered insecure and are vulnerable to malicious attacks from the network. Once the backdoor program is implanted, the information of the SIM card is purposefully read and uploaded to an illegal server on the other side of the network, so that the user information is stolen.
Disclosure of Invention
In order to solve the above technical problems, an object of the present invention is to provide a cellular communication chip for securely connecting a SIM and an eSIM.
In order to solve the technical problems, the invention adopts the following technical scheme:
a cellular communication chip for securely connecting SIM and eSIM comprises a SIM card controller and a baseband CPU, and is characterized in that: the SIM card controller and the baseband CPU are physically isolated by the coprocessor, and the coprocessor proxies all legal operations of the SIM card and filters out any unexpected operation which is not allowed after the chip leaves the factory.
Furthermore, the program of the coprocessor is solidified through a ROM read-only memory, and the ROM only stores all normal operations of the SIM card, including operations such as inquiry, recording and the like which are specified by ISO7816 standards and supported by an external SIM card, but does not include any operations of reading and rewriting information out of the specification, and cannot be added.
Furthermore, the interface between the baseband CPU and the coprocessor can only transmit legal SIM card access operation, even if the baseband CPU is attacked and an illegal request is made to the coprocessor, the latter can return an error alarm and refuse the operation because the latter does not support the command.
Furthermore, the whole scheme deletes all command sets of the SIM card through the coprocessor, only retains normal commands, and abandons high-authority instructions which are specified in the specification but cannot be used in actual communication.
Compared with the prior art, the invention has the beneficial technical effects that:
the SIM controller and a baseband CPU are physically isolated by a coprocessor;
the program of the coprocessor is solidified through a ROM read-only memory, and the ROM only stores all normal operations of the SIM card, including operations such as inquiry, record and the like which are specified by ISO7816 standards and supported by an external SIM card, and does not include any operations of reading and rewriting information out of the specification, and cannot be increased. In the existing technical scheme, the baseband processor can read and write at any time, which is the root of insecure access.
The interface between the baseband CPU and the coprocessor can only transfer the legal SIM card access operation. Even if the baseband CPU is attacked and an illegal request is made to the coprocessor, the latter can return an error alarm and refuse operation because the command is not supported.
According to the whole scheme, all command sets of the SIM card are deleted through the coprocessor, only normal commands are reserved, high-authority instructions which are specified in the specification but cannot be used in actual communication are abandoned, and therefore unlimited access of a main CPU to global resources under the design concept of a system on chip in the existing scheme is avoided, and fundamental safety protection is achieved.
Drawings
The invention is further illustrated in the following description with reference to the drawings.
FIG. 1 is a block diagram of a chip in a prior art arrangement;
fig. 2 is a block diagram of a cellular communication chip securely connecting SIM and eSIM according to the present invention.
Detailed Description
As shown in fig. 2, a cellular communication chip for securely connecting a SIM and an eSIM includes a SIM card controller and a baseband CPU, and is characterized in that: the SIM card controller and the baseband CPU are physically isolated by the coprocessor, and the coprocessor proxies all legal operations of the SIM card and filters out any unexpected operation which is not allowed after the chip leaves the factory.
The program of the coprocessor is solidified through a ROM read-only memory, the ROM only stores all normal operations of the SIM card, including operations such as inquiry, record and the like which are specified by ISO7816 standards and supported by an external SIM card, and does not include any operations of reading and rewriting information outside the specification, and the programs cannot be increased.
The interface between the baseband CPU and the coprocessor can only transmit legal SIM card access operation, even if the baseband CPU is attacked, an illegal request is made to the coprocessor, and the latter can return an error alarm and refuse the operation because the latter does not support the command.
In the whole scheme, all command sets of the SIM card are deleted through the coprocessor, only normal commands are reserved, and high-permission instructions which are specified in specifications but cannot be used in actual communication are abandoned. Therefore, the unlimited access of the main CPU to the global resources under the design concept of the system on chip in the existing scheme is avoided, and the fundamental safety protection is realized.
The above-described embodiments are merely illustrative of the preferred embodiments of the present invention, and do not limit the scope of the present invention, and various modifications and improvements of the technical solutions of the present invention can be made by those skilled in the art without departing from the spirit of the present invention, and the technical solutions of the present invention are within the scope of the present invention defined by the claims.

Claims (4)

1. A cellular communication chip for securely connecting SIM and eSIM comprises a SIM card controller and a baseband CPU, and is characterized in that: the SIM card controller and the baseband CPU are physically isolated by the coprocessor, and the coprocessor proxies all legal operations of the SIM card and filters out any unexpected operation which is not allowed after the chip leaves the factory.
2. The secure SIM, eSIM connected cellular communication chip of claim 1, wherein: the program of the coprocessor is solidified through a ROM read-only memory, the ROM only stores all normal operations of the SIM card, including operations such as inquiry, record and the like which are specified by ISO7816 standards and supported by an external SIM card, and does not include any operations of reading and rewriting information outside the specification, and the programs cannot be increased.
3. The secure SIM, eSIM connected cellular communication chip of claim 1, wherein: the interface between the baseband CPU and the coprocessor can only transmit legal SIM card access operation, even if the baseband CPU is attacked, an illegal request is made to the coprocessor, and the latter can return an error alarm and refuse the operation because the latter does not support the command.
4. The secure SIM, eSIM connected cellular communication chip of claim 1, wherein: in the whole scheme, all command sets of the SIM card are deleted through the coprocessor, only normal commands are reserved, and high-permission instructions which are specified in specifications but cannot be used in actual communication are abandoned.
CN202010209655.5A 2020-03-23 2020-03-23 Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module) Pending CN111382823A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010209655.5A CN111382823A (en) 2020-03-23 2020-03-23 Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010209655.5A CN111382823A (en) 2020-03-23 2020-03-23 Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module)

Publications (1)

Publication Number Publication Date
CN111382823A true CN111382823A (en) 2020-07-07

Family

ID=71222760

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010209655.5A Pending CN111382823A (en) 2020-03-23 2020-03-23 Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module)

Country Status (1)

Country Link
CN (1) CN111382823A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101334913A (en) * 2008-05-08 2008-12-31 上海柯斯软件有限公司 Method for receiving and processing multi-terminal information by self-adapting SIM chip operating system
CN103268262A (en) * 2013-04-28 2013-08-28 北京创毅讯联科技股份有限公司 Method for multiple basebands to access single-user identification card, and processor
CN104484619A (en) * 2014-12-22 2015-04-01 东信和平科技股份有限公司 Method for accessing file system of smart card through application module
CN104717767A (en) * 2013-12-13 2015-06-17 ***通信集团公司 Communication chip integrated with SIM card
CN106658474A (en) * 2016-10-31 2017-05-10 上海路随通信科技有限公司 Method utilizing embedded safety element to realize safety protection for SIM card data

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101334913A (en) * 2008-05-08 2008-12-31 上海柯斯软件有限公司 Method for receiving and processing multi-terminal information by self-adapting SIM chip operating system
CN103268262A (en) * 2013-04-28 2013-08-28 北京创毅讯联科技股份有限公司 Method for multiple basebands to access single-user identification card, and processor
CN104717767A (en) * 2013-12-13 2015-06-17 ***通信集团公司 Communication chip integrated with SIM card
CN104484619A (en) * 2014-12-22 2015-04-01 东信和平科技股份有限公司 Method for accessing file system of smart card through application module
CN106658474A (en) * 2016-10-31 2017-05-10 上海路随通信科技有限公司 Method utilizing embedded safety element to realize safety protection for SIM card data

Similar Documents

Publication Publication Date Title
EP1607872B1 (en) Memory device
CN104243461B (en) A kind of method of mobile terminal network safety certification, SD blocks entirely and mobile terminal
US20100153672A1 (en) Controlled data access to non-volatile memory
US20100185874A1 (en) Method of Mass Storage Memory Management for Large Capacity Universal Integrated Circuit Cards
US20030200445A1 (en) Secure computer system using SIM card and control method thereof
EP2377291B1 (en) Portable mobile communication device and method of controlling near field communication
CN101238473A (en) A secure terminal, a routine and a method of protecting a secret key
CN102883047A (en) Method and system for realizing data security of intelligent mobile terminals
JP2007526573A (en) Secure resource sharing between applications in independent execution environments within a retrieveable token (eg smart card)
CN103313238A (en) Safety system and safety protection method for mobile terminal
CN210627203U (en) UICC device with safe storage function
CN113269909A (en) Intelligent lock data management system based on Bluetooth communication
CN101808318B (en) Data protection system and method for communication device
CN112615830B (en) Digital authentication equipment interface system
CN110349316A (en) A kind of visitor's access control system and control method
EP3157280B1 (en) Method and device for achieving remote payment
CN111382823A (en) Cellular communication chip for safely connecting SIM (subscriber identity Module) and eSIM (embedded subscriber identity Module)
JP2009129413A (en) Shared management method of portable storage device, and portable storage device
CN106919812B (en) Application process authority management method and device
WO2007107829A2 (en) A personal security token for at least two security environments and different access conditions thereupon
US6811077B2 (en) Method for making secure access to a resident application on a user card co-operating with communication system terminal, and corresponding terminal
CN110366161B (en) Card opening method and device, related equipment and storage medium
JP6642060B2 (en) Information processing device
CN201607722U (en) Security type storage device and data security system
CN112291206B (en) Method for improving operating system safety through main control chip

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20200707

RJ01 Rejection of invention patent application after publication