Professional Documents
Culture Documents
Technologies
Bantry
25 Ballsbridge Terrace, Ballsbridge, Dublin 4, Ireland Tel: +353 (0)1 6642930 / Fax: +353 (0)1 6642933 www.bantry-technologies.com
Slide 1
Presentation Overview
SIM Cards & GSM Networks
SIM Technology
Bantry
25 Ballsbridge Terrace, Ballsbridge, Dublin 4, Ireland Tel: +353 (0)1 6642930 / Fax: +353 (0)1 6642933 www.bantry-technologies.com
Slide 3
Overview
Introduction to GSM Introduction to the SIM card
Functional role in the GSM Network Physical characteristics
16 dc. 2007
Slide
Introduction to GSM
History of GSM Services Provided by GSM Architecture of GSM Networks
16 dc. 2007
Slide
16 dc. 2007
Slide
16 dc. 2007
Slide
1990: Publication of the GSM specs phase I 1991: Starting of commercial service 1993: 36 GSM networks in 22 countries 1995: 114 GSM networks in 66 countries 1998: 304 GSM networks in 120 countries 2001: 445 GSM networks in 170 countries 2006: 700 GSM networks in 218 countries Over 2 billions GSM subscribers (June 2006)
Bantry Technologies Ltd. 16 dc. 2007 Mobile Applications based on (U)SIM Java Card Applets Slide
Supplementary Services
Call Forward Call Barring (roaming) Others like caller identification, call waiting, multiparty conversations
Bantry Technologies Ltd. 16 dc. 2007 Mobile Applications based on (U)SIM Java Card Applets Slide
MSC = Mobile services Switching Center SIM = BTS Subscriber = Base Identity Transceiver PSTN Module = Station Public Switched Telephone Network HLR = Home Location Register EIR = Equipment Identity Register ME BSC = Mobile = BaseEquipment Station ISDN Controller = Integrated Services Digital Network VLR = Visitor Location Register AuC =Authentication Center
16 dc. 2007
Slide
10
Mobile Station
The Mobile Station is composed of
The Mobile Equipment (ME) The Subscriber Identity Module (SIM)
The SIM card allows the user to get access to the subscribed services irrespective of a specific terminal Both components are uniquely identified
ME through the IMEI (International Mobile Equipment Identity) SIM through the IMSI (International Mobile Subscriber Identity)
16 dc. 2007
Slide
11
16 dc. 2007
Slide
12
16 dc. 2007
Slide
13
16 dc. 2007
Slide
14
16 dc. 2007
Slide
15
Physical characteristics
16 dc. 2007
Slide
16
Security services
Hold the secrets necessary to prove that the user is the one he/she claims to be (and optionally to cipher the communications)
16 dc. 2007
Slide
17
Personal Mobility
Subscription details are stored in the card
IMSI: unique identifier of the subscriber Ki: secret key for authentication
16 dc. 2007
Slide
18
Security Services
Secret codes (PIN)
User authentication Operator authentication (for administrative operations)
7 4 1 C 8 5 2 0 9 6 3 V
Secret keys
Authentication of the SIM card by the network Communication ciphering
16 dc. 2007
Slide
19
Authentication Services
(IMSI, Ki) IMSI Ki
SIM ME BTS BSC MSC HLR AuC
A3
A3
SIM Result
Network Result
16 dc. 2007
Slide
20
Ciphering Services
(IMSI, Ki) IMSI Ki
SIM ME BTS BSC MSC HLR AuC
A8
A8
Session Key
Session Key
16 dc. 2007
Slide
21
Download of Services
Secure execution environment for trusted applications
Able to interact with the mobile phone
Display information on the screen Get inputs from the user Place phone calls
16 dc. 2007
Slide
22
Physical Characteristics
Two different formats
ID-1 SIM (standard credit card format) Plug-in SIM (specific SIM format)
54 mm
15 mm
25 mm
Plug-in SIM
85.6 mm
ID-1 SIM
Bantry Technologies Ltd. 16 dc. 2007 Mobile Applications based on (U)SIM Java Card Applets Slide
23
Security
Data protection Authentication/Ciphering
Content data
Overall file structure Details of the file contents
16 dc. 2007
Slide
24
File Management
Logical file model File identifiers File selection
SELECT command STATUS command
25
Transparent
Bantry Technologies Ltd. 16 dc. 2007
Linear Fixed
Cyclic
Slide
26
EF
EF
EF EF
16 dc. 2007
Slide
27
Data Protection
File access conditions CHV management commands
VERIFY CHV command CHANGE CHV command DISABLE CHV command ENABLE CHV command UNBLOCK CHV command
16 dc. 2007
Slide
28
29
PIN Codes
The SIM card uses two different types of PIN codes
CHV codes (subscribers responsibility) ADM codes (telcos responsibility)
CHV
2 CHVs are defined (only one used today) No hierarchy between the 2 codes Unblock code available for each CHV
ADM
Up to 14 ADM codes can be defined Generally 2/4 are defined and only 1 really used ADM code verification is not defined in the standard
Bantry Technologies Ltd. 16 dc. 2007 Mobile Applications based on (U)SIM Java Card Applets Slide
30
Authentication/Ciphering
A3/A8 GSM algorithm used for
Authentication (A3) Ciphering (A8)
16 dc. 2007
Slide
31
DF Telecom EF ADN EF FDN EF SMS EF CCP EF MSISDN EF SMSP EF SMSS DF Graphics EF IMG etc
EF ICCID
EF ELP
MF
ID = 3F00 General information
DF GSM
ID = 7F20 Network-related information
DF Telecom
ID = 7F10 Service-related information
Slide
32
Bantry
25 Ballsbridge Terrace, Ballsbridge, Dublin 4, Ireland Tel: +353 (0)1 6642930 / Fax: +353 (0)1 6642933 www.bantry-technologies.com
Slide 33
Overview
Introduction to SIM Toolkit SIM Toolkit Processing Proactive SIM commands Profile download mechanism Event management
16 dc. 2007
Slide
34
35
16 dc. 2007
36
FETCH
TERMINAL RESPONSE
SIM
Status & Response (if any)
ME
16 dc. 2007
Slide
37
Processing Events
Status
SIM
ME
16 dc. 2007
Slide
38
TERMINAL PROFILE
SIM
ME
16 dc. 2007
Slide
39
Proactive Polling
STATUS Response with SW=90 00
Poll Intervall
SIM
ME
FETCH
16 dc. 2007
Slide
40
Proactive Commands
Man-Machine Interface
Display Text Get Inkey Get Input Select Item More Time Play Tone Set Up Menu Set Up Idle Mode Text
Dual-Slot
Perform Card APDU Power Off Card Power On Card Get Reader Status
Miscellaneous
Provide Local Information Timer Management Set Up Event List Refresh Poll Interval Polling Off Run AT Command Language Notification Launch Browser
Communication
Send Short Message Send SS Send USSD Set Up Call Send DTMF Open Channel Close Channel Receive Data Send Data Get Channel Status
Bantry Technologies Ltd. 16 dc. 2007
Slide
41
Setup Menu
Display Text
SMS in progress. Please Wait...
Get Input
CALLING 01 4746 6667 Please Wait...
Select Item
Send SMS
Setup Call
16 dc. 2007
Slide
42
Display Text
This command instructs the ME to display a text message and/or an icon. It allows the SIM to define the priority of that message and the text string format.
Description
Proactive SIM command tag Length (A+B+C+D+E) Command details TLV Device identities TLV Text string TLV Icon identifier TLV Immediate response TLV
M/O
M M M M M O O
Len
1 1 or 2 A B C D E
Command Qualifier
Bit Description
0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 Normal priority High priority RFU RFU RFU RFU RFU RFU RFU RFU RFU RFU RFU RFU Clear after delay Wait for user to clear
1 2 3 4 5 6 7 8
Immediate Command Device Icon Text Identifier Identities String Response Details TLV TLV TLV TLV TLV
Byte(s) 1 1 2 2 to (Y-1)+2 2 3 (Y-1)+3 3 4 to (Y-1)+4 4 5 (Y-1)+X+2 Description Command details tagtag Text string tagtagtag Device Icon Immediate identifier identities response Length Length (=03) (=X) Length (=00) (=02) Command number Data coding scheme Source Icon qualifier device identities Type of command Text string qualifier Destination Icon identifier device identities Command
16 dc. 2007
Len 1 1 1 Y 1 1 1 1 1 X-1 1
Device Identities
Source Dest. SIM Display
Slide
43
Value
D0 0F 81 03 01 21 00 82 02 81 02 8D 04 04 53 41 54 Length
Description
Proactive SIM command tag Command details tag Length Command number Type of command (display text) Command qualifier (normal priority, clear after delay) Device identities tag Length Source = SIM Destination = Display Text string tag Length Data coding scheme (8-bit default SMS) Text string (SAT) T L V V T L V V T L T L
16 dc. 2007
Slide
44
16 dc. 2007
Slide
Event Management
Menu selection Data download to SIM
SMS-PP Download Cell Broadcast Download
Event download
MT call Call connected Call disconnected Location status User activity Idle screen available Card reader status Language selection Browser termination Data available Channel status
Slide
Control by SIM
Call control MO SMS control
Timer expiration
Bantry Technologies Ltd. 16 dc. 2007
46
Bantry
25 Ballsbridge Terrace, Ballsbridge, Dublin 4, Ireland Tel: +353 (0)1 6642930 / Fax: +353 (0)1 6642933 www.bantry-technologies.com
Slide 47
Overview
SIM Toolkit Framework SIM Toolkit Management
sim.toolkit package
16 dc. 2007
Slide
48
Toolkit Applet 3
Applet n
SIM-API
Install Uninstall
Activation
File access
SIM API Framework Applet triggering Proactive command manager Applet security manager Applet install/uninstall
Security
File access
Files
16 dc. 2007
Slide
49
sim.access
16 dc. 2007
Slide
50
sim.toolkit Interfaces
Interface Summary
ToolkitConstants ToolkitConstants encapsulates constants related to the Toolkit applets. ToolkitInterface must be implemented by a Toolkit applet so that it can be triggered by the Toolkit Handler according to the registration information.
ToolkitInterface
16 dc. 2007
Slide
51
ProactiveHandler
ProactiveResponseHandler The ProactiveResponseHandler class contains basic methods to handle the Terminal Response data field. ViewHandler The ViewHandler class offers basic services and contains basic methods to handle TLV list.
16 dc. 2007
Slide
52
MEProfile
16 dc. 2007
Slide
53
sim.toolkit Exceptions
Exception Summary
ToolkitException This exception extends the Throwable class and allows the classes of this package to throw specific exceptions in case of problems.
16 dc. 2007
Slide
54
Toolkit Registry
public class MyToolkitApplet extends Applet implements ToolkitInterface, ToolkitConstants { private ToolkitRegistry reg; private byte[] menuEntry = { ... }; private byte menuId; public MyToolkitApplet() { reg = ToolkitRegistry.getEntry(); menuId = reg.initMenuEntry(menuEntry, (short)0, (short)menuEntry.length, PRO_CMD_SET_UP_CALL, false, 0, 0); reg.disableMenuEntry(menuId); reg.setEvent(EVENT_FORMATTED_SMS_PP_ENV); reg.setEvent(EVENT_CALL_CONTROL_BY_SIM); } public static void install(byte bArray[], short bOffset, byte bLength) throws ISOException { MyToolkitApplet applet = new MyToolkitApplet(); applet.register(); } public void processToolkit(byte event) throws ToolkitException { if (event == EVENT_FORMATTED_SMS_PP_ENV) { reg.enableMenuEntry(menuId); } else if (event == EVENT_MENU_SELECTION) { Bantry Technologies Ltd. 16 dc. 2007 Mobile Applications based on (U)SIM Java Card Applets //...
Slide
55
Proactive Handler
private static final byte MY_COMMAND = (byte)0x33; private static final byte MY_TAG = (byte)0x45; ProactiveHandler proHdlr; proHdlr = ProactiveHandler.getTheHandler(); proHdlr.init(MY_COMMAND, (byte)0, DEV_ID_ME); proHdlr.appendTLV((byte)(MY_TAG | TAG_SET_CR), (byte)0); short len = proHdlr.getLength(); byte result = proHdlr.send(); private text[0] text[1] text[2] byte[] text = new byte[12]; = (byte)'S'; = (byte)'A'; = (byte)'T';
16 dc. 2007
Slide
56
16 dc. 2007
Slide
57
Envelope Handler
private static final byte MY_TAG = (byte)0x54; private byte[] data; data = new byte[32]; void processToolkit(byte event) throws ToolkitException { // get the EnvelopeHandler system instance EnvelopeHandler theEnv = EnvelopeHandler.getTheHandler(); // look for MY_TAG TLV if (theEnv.findTLV(MY_TAG, (byte)1) != TLV_NOT_FOUND) { // check first element byte if (theEnv.getValueByte((short)0) == (byte)1) { // copy element part into data buffer theEnv.copyValue((short)1, data, (short)0, (short)(theEnv.getValueLength() - 1)); } } }
16 dc. 2007
Slide
58
16 dc. 2007
Slide
59
16 dc. 2007
Slide
60
sim.access Interfaces
Interface Summary
SIMView SIMView is the interface between the GSM application and any SIM Toolkit applet.
16 dc. 2007
Slide
61
sim.access Classes
Class Summary
SIMSystem The Class SIMSystem provides a way to get access to the GSM file system. In any case, the SIM Toolkit applet will only access to methods of the SIMView interface. No instance of this class is needed.
16 dc. 2007
Slide
62
sim.access Exceptions
Exception Summary
SIMView Exception SIMViewException encapsulates specific exceptions which can be generated by the methods of the SIMView interface in case of error.
16 dc. 2007
Slide
63
Example
import javacard.framework.*; import sim.toolkit.*; public class MyApplet extends Applet implements ToolkitInterface { private SIMView simView; private byte[] buffer; private ToolkitRegistry registry; public MyApplet () { registry = ToolkitRegistry.getEntry(); simView = SIMSystem.getTheSIMView(); buffer = new byte[32]; } public static void install(APDU apdu) throws ISOException { MyApplet applet = new MyApplet(); applet.register(); } public void getADN(short adnNumber) { simView.select(SIMView.FID_EF_TELECOM); simView.select(SIMView.FID_EF_ADN); simView.readRecord((short)adnNumber, SIMView.MODE_ABSOLUTE,(short)0, buffer, (short)0, (short)32); } }
Bantry Technologies Ltd. 16 dc. 2007 Mobile Applications based on (U)SIM Java Card Applets Slide
64
Demonstrations
Technologies
Bantry
25 Ballsbridge Terrace, Ballsbridge, Dublin 4, Ireland Tel: +353 (0)1 6642930 / Fax: +353 (0)1 6642933 www.bantry-technologies.com
Slide 65
Bantry
patrick.biget@bantry-technologies.com
25 Ballsbridge Terrace, Ballsbridge, Dublin 4, Ireland Tel: +353 (0)1 6642930 / Fax: +353 (0)1 6642933 www.bantry-technologies.com
Slide 66