ETSI TS 123 057-2018 Digital cellular telecommunications system (Phase 2+) (GSM) Universal Mobile Telecommunications System (UMTS) Mobile Execution Environment (MExE) Functional de_1.pdf

1、 ETSI TS 123 057 V15.0.0 (2018-06) Digital cellular telecommunications system (Phase 2+) (GSM); Universal Mobile Telecommunications System (UMTS); Mobile Execution Environment (MExE); Functional description; Stage 2 (3GPP TS 23.057 version 15.0.0 Release 15) TECHNICAL SPECIFICATION GLOBAL SYSTEM FOR

2、 MOBILE COMMUNICATIONSRETSI ETSI TS 123 057 V15.0.0 (2018-06)13GPP TS 23.057 version 15.0.0 Release 15Reference RTS/TSGS-0223057vf00 Keywords GSM,UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 74

3、2 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic an

4、d/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) versio

5、n kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStat

6、us.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photoco

7、pying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM

8、, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare trademarks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSMand the GSM logo are trade

9、marks registered and owned by the GSM Association. ETSI ETSI TS 123 057 V15.0.0 (2018-06)23GPP TS 23.057 version 15.0.0 Release 15Intellectual Property Rights Essential patents IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information pertainin

10、g to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat

11、. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the

12、ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the pr

13、operty of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks. Foreword This Technical Specification (TS)

14、has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross

15、 reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as describe

16、d in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 123 057 V15.0.0 (2018-06)33GPP TS 23.057 version 15.0.0 Release 15Contents Intellectual Property Ri

17、ghts 2g3Foreword . 2g3Modal verbs terminology 2g3Foreword . 7g31 Scope 8g32 References 8g33 Definitions and abbreviations . 10g33.1 Definitions 10g33.2 Abbreviations . 12g34 MExE basic principles 14g34.1 Generic MExE aspects . 14g34.2 High level architecture . 14g34.3 Multiple classmark support 15g3

18、4.3.1 Classmark 1 service support in non-Classmark 1 MExE devices . 15g34.3.2 Classmark 2 service support in non-Classmark 2 MExE devices . 16g34.3.3 Classmark 3 service support in non-Classmark 3 MExE devices . 16g34.3.4 Classmark 4 service support in non-Classmark 4 MExE devices . 16g35 Generic ME

19、xE functions (excluding security) . 16g35.1 User profile . 16g35.1.1 Location of, access to, and security of, the user profile 16g35.1.2 Support of the user profile 17g35.1.3 User interface personalisation . 18g35.1.3.1 MExE user interface personalisation . 18g35.1.3.2 Support of MExE user interface

20、 personalisation . 18g35.1.4 Virtual home environment 18g35.2 Capability and content negotiation . 18g35.2.1 User profile and capability negotiation relationship . 19g35.2.2 Capability negotiation characteristics . 20g35.2.3 Client content capability report . 22g35.2.4 Server role in capability nego

21、tiation . 22g35.2.5 Client-driven negotiation 22g35.3 Provisioning and management of services . 22g35.3.1 Service discovery 22g35.3.2 Service transfer . 23g35.3.3 Service installation and configuration. 23g35.3.4 Service management . 23g35.3.5 Service termination . 23g35.3.6 Service deletion 23g35.4

22、 User control of application connections . 23g35.4.1 Journaling of network events 24g35.4.2 User notification . 24g35.5 Quality of service . 24g35.5.1 Introduction. 25g35.5.2 MExE QoS support . 26g35.5.3 MExE QoS manager . 26g35.5.4 Network control API . 26g35.5.5 MExE QoS API 27g35.5.6 Sources of b

23、earer service parameters 27g35.5.7 QoS streams 27g35.5.8 QoS security 28g35.6 Charging . 28g35.6.1 Generic charging support 28g36 Generic MExE Security 28g3ETSI ETSI TS 123 057 V15.0.0 (2018-06)43GPP TS 23.057 version 15.0.0 Release 156.1 Introduction 28g36.2 MExE executable integrity . 28g36.2.1 Fu

24、ll signature verification . 29g36.2.2 Optimised pre-launch signature verification . 29g36.3 MExE executable permissions . 29g36.3.1 MExE executable permissions for operator, manufacturer and third party security domains. 30g36.3.2 MExE executable permissions for untrusted MExE executables 33g36.4 Ha

25、ndling of MExE executables when their valid root public key is not available . 34g36.4.1 Launching of MExE executables when their valid RPK is not available . 35g36.4.2 Currently executing secure MExE executables when their valid RPK is no longer available 35g36.5 User permission types 35g36.6 Root

26、Public keys . 36g36.6.1 Operator root public key . 36g36.6.1.1 Caching of root public keys 37g36.6.1.2 MExE device actions on detection of valid (U)SIM application and/or power up 37g36.6.2 Manufacturer root public key 39g36.6.3 Third party root public key . 39g36.7 Certification and authorisation a

27、rchitecture 40g36.7.1 Certification requirements 40g36.7.1.1 MExE terminal requirements for certificate processing 40g36.7.2 Certification administration requirements 41g36.7.3 Example certification process . 41g36.7.4 Certificate Chain Verification . 42g36.8 Usage of Signed Content 44g36.8.1 Signed

28、 packages used for installation . 44g36.8.2 Installation of root certificates in a signed data package 45g36.8.3 Installation of other signed data 45g36.9 Certificate Format. 46g36.9.1 Certificate extension for removal of network access 46g36.9.1.1 X.509 version 3 . 46g36.10 Certificate management 4

29、6g36.10.1 Certificate configuration message (CCM) 47g36.10.1.1 CCM numbering convention . 50g36.10.1.2 CCM order of transmission . 50g36.10.1.3 CCM field mapping convention 50g36.10.1.4 Authorised CCM download mechanisms 50g36.11 Separation of I/O streams . 50g36.12 Core software download . 51g36.13

30、 Administrator Concept . 51g36.13.1 Administrator root public key . 51g36.13.2 Provisioned mechanism for designating administrative responsibilities and adding third parties in a MExE device 52g36.13.3 MExE administrator determination mechanism 52g36.13.3.1 Determining the administrator of the MExE

31、device 52g36.13.3.2 Determining the administrator of the MExE device, for MExE-(U)SIM supporting third party certificates . 53g36.13.3.2.1 Administrator of the MExE device is the user . 53g36.13.3.2.2 Administrator of the MExE device is not the user . 54g36.13.4 Administrator root certificate downlo

32、ad mechanism 55g37 MExE Classmark 1 (WAP environment) . 56g37.1 Introduction 56g37.1.1 WAP MExE devices . 56g37.1.2 High level architecture 56g37.2 Non Security . 56g37.2.1 WAP components . 56g37.2.2 Services. 56g37.2.2.1 User interface 57g37.2.2.2 Access points. 57g37.2.2.3 Transferring . 58g37.2.2

33、.3.1 WSP and HTTP/1.1 Proxy Function . 58g37.2.3 WAP charging support 58g3ETSI ETSI TS 123 057 V15.0.0 (2018-06)53GPP TS 23.057 version 15.0.0 Release 157.2.4 CC/PP over WSP (Classmark 1) . 58g37.3 Security 59g37.3.1 Call control . 59g37.3.2 Local phonebook 59g38 MExE Classmark 2 (PersonalJava envir

34、onment) . 59g38.1 Introduction 59g38.1.1 Classmark 2 MExE devices 59g38.1.2 High level architecture 60g38.2 Non Security . 60g38.2.1 High level functions 60g38.2.1.1 Optional Java packages . 60g38.2.1.2 Required and optional PersonalJava APIs . 61g38.2.1.3 Required and optional JavaPhone APIs 61g38.

35、2.1.3.1 Application installation . 62g38.2.1.3.2 Power . 62g38.2.1.3.3 Datagram recipient addressing 62g38.2.1.4 Required and optional MExE PersonalJava APIs 62g38.2.1.5 Mandated services and applications 63g38.2.1.5.1 Network protocol support 63g38.2.2 CC/PP over HTTP (Classmark 2) . 63g38.2.3 Java

36、 charging support . 63g38.3 Security 63g38.3.1 PersonalJava security 63g38.3.1.1 Java applet certification in PersonalJava . 63g38.3.1.2 Java application signature verification in PersonalJava 63g38.3.1.3 Java loading native libraries in PersonalJava 63g38.3.2 Installing MExE native libraries . 64g3

37、9 MExE Classmark 3 (J2ME CLDC environment) . 64g39.1 Introduction 64g39.1.1 Classmark 3 MExE devices 64g39.1.2 High level architecture 64g39.1.3 High level functionality 64g39.2 Non Security . 65g39.2.1 Connected Limited Device Configuration (CLDC) 65g39.2.2 Mobile Information Device Profile (MIDP)

38、. 65g39.2.2.1 Networking 65g39.2.2.2 MID Applications (MIDlet) 66g39.2.2.3 MIDlet Suites 66g39.2.2.4 Record Storage 66g39.2.3 Required and optional MExE APIs . 66g39.2.4 Service discovery and management 66g39.2.5 Transfer of capability negotiation information in Classmark 3 67g39.3 Security 67g39.3.

39、1 CLDC security 67g310 MExE classmark 4 (CLI Compact environment) . 67g310.1 Introduction 67g310.1.1 High level architecture 67g310.2 Non security . 68g310.2.1 High level functionality 68g310.2.2 Network protocol support . 68g310.2.3 Power Management 69g310.2.4 CLI charging support 69g310.2.5 CC/PP

40、over HTTP or WSP (Classmark 4) 69g310.3 Security 69g310.3.1 CLI Security 69g3Annex A (normative): MExE profile of PKCS#15 70g3A.1 PKCS#15 certificate object attributes presentation 70g3A.1.1 Object common attributes 70g3ETSI ETSI TS 123 057 V15.0.0 (2018-06)63GPP TS 23.057 version 15.0.0 Release 15A

41、.1.2 Certificate common attributes 70g3A.1.3 Certificate attributes . 70g3A.1.4 Specific X.509 certificate attributes . 70g3A.2 MExE profile of PKCS#15. 70g3A.3 Coding and storage in MExE-(U)SIM . 71g3Annex B (informative): PKCS#15 certificate objects ASN1 expanded syntax extract 72g3Annex C (normat

42、ive): Access restriction certificate extension 74g3Annex D (informative): MExE executable life cycle 75g3D.1 State of a MExE executable . 75g3D.2 Released state . 77g3D.3 Uninstalled Execution state 78g3D.4 Verification . 79g3Annex E (informative): MExE conformance requirements . 80g3Annex F (inform

43、ative): Change history . 84g3History 85g3ETSI ETSI TS 123 057 V15.0.0 (2018-06)73GPP TS 23.057 version 15.0.0 Release 15Foreword This Technical Specification (TS) has been produced by the 3rd Generation Partnership Project (3GPP). The contents of the present document are subject to continuing work w

44、ithin the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit: 1 presented to TS

45、G for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes

46、have been incorporated in the document. ETSI ETSI TS 123 057 V15.0.0 (2018-06)83GPP TS 23.057 version 15.0.0 Release 151 Scope The present document defines the stage 2 and stage 3 description of the Mobile Execution Environment (MExE). Stage 2 identifies the functional capabilities and information f

47、lows needed to support the service described in stage 1. The present document includes information applicable to network operators, service providers and terminal, switch and database manufacturers. The present document contains the core functions for a Mobile Execution Environment (MExE) which are

48、sufficient to provide a complete service. MExE uses a number of technologies to realise the requirements of the stage 1 description (3GPP TS 22.057). The present document describes how the service requirements are realised with the selected technologies. The TS is devised into clauses each covering

49、the aspects relating to particular MExE technologies, it is intended that this specification will evolve along with the MExE technologies. A generic clause of the specification covers areas of MExE common to all technologies. Implementation of this specification outside the UE (User Equipment) is outside the scope of this specification. 2 References - References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. - For a specific reference, subsequent revisions do not apply. - For a non-specific reference, the latest v