Overview & Definitions for Downloadable Credentials 1 S10-20110926-013 3GPP2 TSG-S WG1 Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):

Overview & Definitions for Downloadable Credentials

1

S10-20110926-013

3GPP2 TSG-S WG1

Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):

Bonnie Chen, [email protected] Thalanany, [email protected]

Doris He, [email protected] Anand Palanigounder, [email protected]

Recommendation: For Discussion & Decision

NoticeContributors grant a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include portions of the contribution; and at the Organization Partner’s sole discretion to permit others to reproduce in whole or in part such contributions or the resulting Organizational Partner’s standards publication. Contributors are also willing to grant licenses under such contributor copyrights to third parties on reasonable, non-discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution.

This document has been prepared by the contributors to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on the contributors. Contributors specifically reserve the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of the contributors other than provided in the copyright statement above.

Background• 3GPP2 has agreed on a work item to develop systems requirements for Downloadable

Credentials (see WI-00294)

• The scope of this WI is to develop systems requirements to remotely download and manage credentials & other subscription related information required for the operation of cdma2000 devices (including support for embedded UICCs)

– i.e., download and manage data set and functions equivalent to UIM, R-UIM, CSIM, USIM and ISIM applications (also known as Network Access Applications or NAAs)

– Examples of cdma2000 Credentials include, but not limited to,• subscription identifiers (e.g., MIN/IMSI, etc)• associated security keys (e.g., A-key, K, etc)• associated authentication algorithms (e.g., CAVE, AKA “f” functions)• Also, called Network Access Credentials

• Once requirements are agreed in TSG-S, it may be used – As a basis for any further work in other TSGs as needed– Liaise 3GPP2 requirements to other organizations developing standards in this area as needed (e.g., ETSI

SCP for eUICC)

• Purpose of this contribution:– Introduce and adopt the proposed definitions & the high-level concepts

• NOTE: An attempt is made to align terminology where possible with in ETSI SCP (based on the current status in SCP) but not guaranteed to be identical

2

Definitions (1)

3

Term Definition

Device A cdma2000 end-point of a communication link that requires connectivity from a mobile network. It contains a Secure Environment (SecEnv) for storing network access credentials and other information required for accessing services provided by the Mobile Network Operator (MNO).

Subscriber An entity who has a subscription with a mobile access service provider, such as the MNO.

User A user is any person who is authorized to initiate subscription related management operations on the Device (e.g., load or delete Profiles).

Mobile Network Operator (MNO)

An entity that authorizes and provides communication services to a Device using a mobile network, such as the cdma2000 network.

Definitions (2)

4

Term Definition

Network Access Application (NAA)

An application, issued by an MNO, that runs within a SecEnv on a Device that enables access to services offered by the MNO. Examples of NAA include UIM, R-UIM, USIM, CSIM or ISIM.

Embedded UICC (eUICC)

A UICC which hosts the NAAs and supports remote management of the NAAs. Depending on the form factor, a eUICC may not be easily accessible or replaceable from the Device.

Secure Environment (SecEnv)

A logical entity within a Device that provides secure storage and execution environment that is trusted by the MNO to host the NAAs. SecEnv may be realized using any suitable platform or form factors, such as a eUICC, or eUICC functions integrated into the Device itself.

Definitions (3)

5

Term Definition

Profile A Profile is a set of data (e.g., MMSS) and applications (including NAAs), specific to an MNO, which is used by the Device to obtain services from that MNO.

Operational Profile

A Profile associated with an Operational Subscription.

Operational Subscription

Subscription, with its associated Profile, that enables a Device to access a mobile network for the purpose of accessing connectivity and other related services from an MNO and optionally for the management of Profiles.

Provisioning Profile

A Profile used to enable a Device to access a controlled cellular access network for the purpose of managing other Profile(s). A Provisioning Profile is optional and is not required if the Device can get the connectivity to the SM by other means.

Subscription Manager (SM)

A functional entity in the network that manages the Profiles in the SecEnv. An SM can be either an MNO or an entity trusted by the MNO (e.g., MVNO or M2M Service Provider) to manage the Profiles on behalf of the MNO.

Definitions (4)

6

Term Definition

Provisioning The process of loading a profile into a SecEnv.

Subscription A commercial relationship for the supply of services between the Subscriber and the Service Provider.

Provisioning Subscription

Subscription, with its associated Profile, that enables a Device to access a mobile network for the purpose of management of other Profiles in the SecEnv.

Profile Management

Operations performed on a Profile. At a minimum, these include operations such as load, modify, delete, enable, disable, activate, and deactivate.

Policy Control Function

Set of rules defined by the MNO that controls the management of the SecEnv and the Profiles. NOTE: This term is different from PCF used in the context of PCRF.

Term Definition

SecEnv Access Credentials

Data required to exist within a SecEnv so that a secured communication can be set up between an external entity and the SecEnv in order to manage the profiles on the SecEnv.

Profile Access Credentials

Data required to exist within a Profile so that secured communication can be set up between an external entity and the SecEnv in order to manage that Profile’s structure and its data.

Network Access Credentials

Data required to exist within a Profile so that it can authenticate to a Mobile Network, this may include data such as algorithms, Ki/K/A-key, and IMSI/MIN stored within a NAA.

Enable Profile The process of marking a Profile in a SecEnv so that it is available to be activated.

Disable Profile The process of marking a Profile in a SecEnv so that it is not available to be activated.

Activate Profile The process of selecting a Profile in a SecEnv for use by the Device.

Deactivate Profile

The process of de-selecting a Profile in a SecEnv from use by the Device.

Definitions (5)

7

Term Definition

Load Profile The process of adding a Profile into a SecEnv.

Delete Profile The process of purging a Profile from a SecEnv.

Definitions (6)

8

Provisioning Lifecycle

9

SecEnv Overview

10

Proprietary Implementation

Profile Management

Active Profile

Policy Control

Function

SecEnv Abstraction Layer



Sec

Env

P

latf

orm

Inactive Operational Profile



Inactive Operational Profile



Inactive Provisioning Profile



Inactive Provisioning Profile





SecEnv Properties (1)

• All SecEnvs provide a uniform SecEnv Abstraction Layer– Goal is to allow a Profile to be developed for

SecEnvs from any manufacturer– It isolates the proprietary implementations of

each SecEnv manufacturer

• A SecEnv contains Profile Management functionality, including certain Policy Control functionality and SecEnv Access Credentials

11


• A SecEnv contains one set of SecEnv Access Credentials– These should be unique per SecEnv – There should not be a need to change them

• A SecEnv may contain zero or more Operational Profiles

• A SecEnv may contain zero or more Provisioning Profiles

12


• Only one Profile is Active at any given time– Profile can be either Operational or Provisional

Profile

• If there are no active Operational or Provisioning Profiles, then the SecEnv Access Credentials can be used to load a Profile

13

Profiles States• A Profile is in one of the following states:

– Enabled, Active (only one)– Enabled, Inactive

• Device can see Profiles in this state and activate them (if allowed by policy)

– Disabled, Inactive (default state when loaded)• Device will not see Profiles in this state

14

Profile Management• A Profile should be “opaque” to the Profile

Management Protocol• Profile State Transitions may be controlled by

the Policy Control Function– Some transitions may be restricted by operator

policy

• Activating a Profile automatically inactivates the current active profile

15

Operational Profile Provisioning

• Provisioning of an Operational Profile (OP) can occur via:– A non-NAA network

• Network that does not require a device having an NAA to gain access to the network

– Does not require a Provisioning Profile (PP) for provisioning– E.g., CDMA2000 (with possible enhancements), WLAN, etc.

– An NAA network• Network that requires a device to have an NAA to gain

access the network– Requires a Provisioning Profile (PP) for provisioning

16

Provisioning via a Non-NAA Network

17

Device

Non-NAA Network

Profile Management ProtocolProfile Management Protocol

SecEnvOPOP

SubscriptionManager

Provisioning via a NAA Network

18

Device

NAA NetworkNAA Network

Profile Management ProtocolProfile Management Protocol

SecEnvPPPP

OPOPSubscription

Manager

Proposal

• Discuss and adopt the concepts and definitions into the Systems Requirements document

19

Documents

Overview & Definitions for Downloadable Credentials 1 S10-20110926-013 3GPP2 TSG-S WG1 Source: Sprint, US Cellular, Motorola Mobility, Qualcomm Contact(s):