ETSI TS 123 057-2016 Digital cellular telecommunications system (Phase 2+) Universal Mobile Telecommunications System (UMTS) Mobile Execution Environment (MExE) Functional descript.pdf

1、 ETSI TS 1Digital cellular telecoUniversal Mobile TelMobile ExecFunc(3GPP TS 23.0TECHNICAL SPECIFICATION123 057 V13.0.0 (2016communications system (Phaelecommunications System (ecution Environment (MExE); n tional description; Stage 2 .057 version 13.0.0 Release 13GLOBAL SYSTEMOBILE COMMUN16-01) has

2、e 2+); (UMTS); 13) TEM FOR ICATIONSRETSI ETSI TS 123 057 V13.0.0 (2016-01)13GPP TS 23.057 version 13.0.0 Release 13Reference RTS/TSGS-0223057vd00 Keywords GSM,UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 0

3、0017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any

4、electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format

5、 (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/

6、status.asp If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including phot

7、ocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute

8、2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks re

9、gistered and owned by the GSM Association. ETSI ETSI TS 123 057 V13.0.0 (2016-01)23GPP TS 23.057 version 13.0.0 Release 13Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, i

10、f any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are availab

11、le on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are,

12、or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM ident

13、ities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. Modal verbs terminology In the present document “shall“, “shall not“, “should“, “

14、should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETS

15、I TS 123 057 V13.0.0 (2016-01)33GPP TS 23.057 version 13.0.0 Release 13Contents Intellectual Property Rights 2g3Foreword . 2g3Modal verbs terminology 2g3Foreword . 7g31 Scope 8g32 References 8g33 Definitions and abbreviations . 10g33.1 Definitions 10g33.2 Abbreviations . 12g34 MExE basic principles

16、14g34.1 Generic MExE aspects . 14g34.2 High level architecture . 14g34.3 Multiple classmark support 15g34.3.1 Classmark 1 service support in non-Classmark 1 MExE devices . 15g34.3.2 Classmark 2 service support in non-Classmark 2 MExE devices . 16g34.3.3 Classmark 3 service support in non-Classmark 3

17、 MExE devices . 16g34.3.4 Classmark 4 service support in non-Classmark 4 MExE devices . 16g35 Generic MExE functions (excluding security) . 16g35.1 User profile . 16g35.1.1 Location of, access to, and security of, the user profile 16g35.1.2 Support of the user profile 17g35.1.3 User interface person

18、alisation . 18g35.1.3.1 MExE user interface personalisation . 18g35.1.3.2 Support of MExE user interface personalisation . 18g35.1.4 Virtual home environment 19g35.2 Capability and content negotiation . 19g35.2.1 User profile and capability negotiation relationship . 20g35.2.2 Capability negotiation

19、 characteristics . 20g35.2.3 Client content capability report . 22g35.2.4 Server role in capability negotiation . 22g35.2.5 Client-driven negotiation 22g35.3 Provisioning and management of services . 22g35.3.1 Service discovery 22g35.3.2 Service transfer . 23g35.3.3 Service installation and configur

20、ation. 23g35.3.4 Service management . 23g35.3.5 Service termination . 23g35.3.6 Service deletion 23g35.4 User control of application connections . 24g35.4.1 Journaling of network events 24g35.4.2 User notification . 24g35.5 Quality of service . 24g35.5.1 Introduction. 26g35.5.2 MExE QoS support . 26

21、g35.5.3 MExE QoS manager . 27g35.5.4 Network control API . 27g35.5.5 MExE QoS API 27g35.5.6 Sources of bearer service parameters 28g35.5.7 QoS streams 28g35.5.8 QoS security 28g35.6 Charging . 28g35.6.1 Generic charging support 29g3ETSI ETSI TS 123 057 V13.0.0 (2016-01)43GPP TS 23.057 version 13.0.0

22、 Release 136 Generic MExE Security 29g36.1 Introduction 29g36.2 MExE executable integrity . 29g36.2.1 Full signature verification . 30g36.2.2 Optimised pre-launch signature verification . 30g36.3 MExE executable permissions . 30g36.3.1 MExE executable permissions for operator, manufacturer and third

23、 party security domains. 30g36.3.2 MExE executable permissions for untrusted MExE executables 33g36.4 Handling of MExE executables when their valid root public key is not available . 34g36.4.1 Launching of MExE executables when their valid RPK is not available . 35g36.4.2 Currently executing secure

24、MExE executables when their valid RPK is no longer available 35g36.5 User permission types 35g36.6 Root Public keys . 36g36.6.1 Operator root public key . 36g36.6.1.1 Caching of root public keys 37g36.6.1.2 MExE device actions on detection of valid (U)SIM application and/or power up 37g36.6.2 Manufa

25、cturer root public key 39g36.6.3 Third party root public key . 39g36.7 Certification and authorisation architecture 40g36.7.1 Certification requirements 40g36.7.1.1 MExE terminal requirements for certificate processing 40g36.7.2 Certification administration requirements 41g36.7.3 Example certificati

26、on process . 41g36.7.4 Certificate Chain Verification . 42g36.8 Usage of Signed Content 44g36.8.1 Signed packages used for installation . 44g36.8.2 Installation of root certificates in a signed data package 45g36.8.3 Installation of other signed data 45g36.9 Certificate Format. 46g36.9.1 Certificate

27、 extension for removal of network access 46g36.9.1.1 X.509 version 3 . 46g36.10 Certificate management 46g36.10.1 Certificate configuration message (CCM) 47g36.10.1.1 CCM numbering convention . 50g36.10.1.2 CCM order of transmission . 50g36.10.1.3 CCM field mapping convention 50g36.10.1.4 Authorised

28、 CCM download mechanisms 50g36.11 Separation of I/O streams . 50g36.12 Core software download . 51g36.13 Administrator Concept . 51g36.13.1 Administrator root public key . 51g36.13.2 Provisioned mechanism for designating administrative responsibilities and adding third parties in a MExE device 52g36

29、.13.3 MExE administrator determination mechanism 52g36.13.3.1 Determining the administrator of the MExE device 52g36.13.3.2 Determining the administrator of the MExE device, for MExE-(U)SIM supporting third party certificates . 53g36.13.3.2.1 Administrator of the MExE device is the user . 53g36.13.3

30、.2.2 Administrator of the MExE device is not the user . 54g36.13.4 Administrator root certificate download mechanism 55g37 MExE Classmark 1 (WAP environment) . 56g37.1 Introduction 56g37.1.1 WAP MExE devices . 56g37.1.2 High level architecture 56g37.2 Non Security . 56g37.2.1 WAP components . 56g37.

31、2.2 Services. 57g37.2.2.1 User interface 57g37.2.2.2 Access points. 57g37.2.2.3 Transferring . 58g37.2.2.3.1 WSP and HTTP/1.1 Proxy Function . 58g3ETSI ETSI TS 123 057 V13.0.0 (2016-01)53GPP TS 23.057 version 13.0.0 Release 137.2.3 WAP charging support 59g37.2.4 CC/PP over WSP (Classmark 1) . 59g37.

32、3 Security 59g37.3.1 Call control . 59g37.3.2 Local phonebook 59g38 MExE Classmark 2 (PersonalJava environment) . 59g38.1 Introduction 59g38.1.1 Classmark 2 MExE devices 60g38.1.2 High level architecture 60g38.2 Non Security . 60g38.2.1 High level functions 60g38.2.1.1 Optional Java packages . 60g38

33、.2.1.2 Required and optional PersonalJava APIs . 61g38.2.1.3 Required and optional JavaPhone APIs 61g38.2.1.3.1 Application installation . 62g38.2.1.3.2 Power . 62g38.2.1.3.3 Datagram recipient addressing 62g38.2.1.4 Required and optional MExE PersonalJava APIs 62g38.2.1.5 Mandated services and appl

34、ications 63g38.2.1.5.1 Network protocol support 63g38.2.2 CC/PP over HTTP (Classmark 2) . 63g38.2.3 Java charging support . 63g38.3 Security 63g38.3.1 PersonalJava security 63g38.3.1.1 Java applet certification in PersonalJava . 63g38.3.1.2 Java application signature verification in PersonalJava 63g

35、38.3.1.3 Java loading native libraries in PersonalJava 64g38.3.2 Installing MExE native libraries . 64g39 MExE Classmark 3 (J2ME CLDC environment) . 64g39.1 Introduction 64g39.1.1 Classmark 3 MExE devices 64g39.1.2 High level architecture 64g39.1.3 High level functionality 65g39.2 Non Security . 65g

36、39.2.1 Connected Limited Device Configuration (CLDC) 65g39.2.2 Mobile Information Device Profile (MIDP) . 65g39.2.2.1 Networking 66g39.2.2.2 MID Applications (MIDlet) 66g39.2.2.3 MIDlet Suites 66g39.2.2.4 Record Storage 66g39.2.3 Required and optional MExE APIs . 66g39.2.4 Service discovery and mana

37、gement 66g39.2.5 Transfer of capability negotiation information in Classmark 3 67g39.3 Security 67g39.3.1 CLDC security 67g310 MExE classmark 4 (CLI Compact environment) . 67g310.1 Introduction 67g310.1.1 High level architecture 68g310.2 Non security . 68g310.2.1 High level functionality 68g310.2.2

38、Network protocol support . 69g310.2.3 Power Management 69g310.2.4 CLI charging support 69g310.2.5 CC/PP over HTTP or WSP (Classmark 4) 69g310.3 Security 70g310.3.1 CLI Security 70g3Annex A (normative): MExE profile of PKCS#15 71g3A.1 PKCS#15 certificate object attributes presentation 71g3ETSI ETSI T

39、S 123 057 V13.0.0 (2016-01)63GPP TS 23.057 version 13.0.0 Release 13A.1.1 Object common attributes 71g3A.1.2 Certificate common attributes 71g3A.1.3 Certificate attributes . 71g3A.1.4 Specific X.509 certificate attributes . 71g3A.2 MExE profile of PKCS#15. 71g3A.3 Coding and storage in MExE-(U)SIM .

40、 72g3Annex B (informative): PKCS#15 certificate objects ASN1 expanded syntax extract 73g3Annex C (normative): Access restriction certificate extension 75g3Annex D (informative): MExE executable life cycle 76g3D.1 State of a MExE executable . 76g3D.2 Released state . 78g3D.3 Uninstalled Execution sta

41、te 79g3D.4 Verification . 80g3Annex E (informative): MExE conformance requirements . 81g3Annex F (informative): Change history . 85g3History 86g3ETSI ETSI TS 123 057 V13.0.0 (2016-01)73GPP TS 23.057 version 13.0.0 Release 13Foreword This Technical Specification (TS) has been produced by the 3rd Gene

42、ration Partnership Project (3GPP). The contents of the present document are subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an identifying change of release date

43、 and an increase in version number as follows: Version x.y.z where: x the first digit: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. technica

44、l enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. ETSI ETSI TS 123 057 V13.0.0 (2016-01)83GPP TS 23.057 version 13.0.0 Release 131 Scope The present document defines the stage 2 and stage 3 description of t

45、he Mobile Execution Environment (MExE). Stage 2 identifies the functional capabilities and information flows needed to support the service described in stage 1. The present document includes information applicable to network operators, service providers and terminal, switch and database manufacturer

46、s. The present document contains the core functions for a Mobile Execution Environment (MExE) which are sufficient to provide a complete service. MExE uses a number of technologies to realise the requirements of the stage 1 description (3GPP TS 22.057). The present document describes how the service

47、 requirements are realised with the selected technologies. The TS is devised into clauses each covering the aspects relating to particular MExE technologies, it is intended that this specification will evolve along with the MExE technologies. A generic clause of the specification covers areas of MEx

48、E common to all technologies. Implementation of this specification outside the UE (User Equipment) is outside the scope of this specification. 2 References - References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. - For a specific ref

49、erence, subsequent revisions do not apply. - For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 1 Void. 2 3GPP TS 22.057: “Mobile Execution Environment (MExE); Stage 1“. 3 Personal Java 1.1.1 or higher, Sun Microsystems http:/ 4 JavaPhone API version 1.0, http:/ 5 Void. 6 Wireless Appli