1、3404583 0077981 750 Released July 1, 1993 GSM 02.17 Version: 4.2.0 Date: January 1993 Work Item No: Key words: European digital cellular telecommunication system (phase 2); Subscriber Identity Modules, Functional Characteristics ETSI European Telecommunications Standards Institute ETSi Secretariat:
2、Route des Lucioles, F-06921 Sophia Antipolis Cedex . France TP. + 33 92 94 42 00 TF. + 33 93 65 47 16 Tx. 47 00 40 F This is an unpublished work the copyright in which vests in the European Telecommunications Standards Institute. All rights reserved. The information contained herein is the property
3、of ETSI and no pari may be reproduced or used except as authorised by contract or other written permission. The copyright and the foregoing restriction on reproduction and use extend to all media in which the information may be embodied. m 3404563 0077982 697 m GSM 02.17 - version 4.2.0 - page 1 ETS
4、I/GSM Issued by: Date: Specification: Title: ETSI PT12 January 1993 GSM 02.17 SUBSCRIBER IDENTITY MODULES, FUNCTIONAL CHARACTERISTICS List of contents: 1. SCOPE 2. GENERAL 2.1. Description 2.2. Definitions 3. SIM REQUIREMENTS 3.1. Security Requirements 3.1.1. General 3.1.2. Security in GSM network o
5、peration 3.1.3. PIN and PIN2 Management 3.2. Operational Requirements 3.2.1. General 3.2.2. IC Card SIM 3.2.3. Plug-in SIM 3.3. Requirements For GSM Administrative Management 3.3.1. General 3.3.2. Distribution of SIMs 3.3.3. Prepersonalization and Personalization of 3.3.4. Blocking/unblocking of SIM
6、 3.4.1. Storage capability mandatorily provided by SIMs 3.4. Information Storage Requirements the SIM 3.4.2. Storage capability optionally provided by the SIM 4. SIM RELARED INTERFACES 4.1. Man-Machine Interface 4.2. SIM-ME Interface 5. COMBINED SIMS Oriqinal languaqe: English Number of pages: 10 To
7、 be restructured = 3404583 0077983 523 H GSM 02.17 - version 4.2.0 - page 2 1. SCOPE This document describes the functional characteristics of the Subscriber Identity Module (SIM). It is a requirement that the SIMS are electrically (regarding the connections), logically and functionally standardized
8、 for both types as mentioned below for all GSM MSs. Both types will only differ in physical respect, however the physical characteristics are standardized per type. Specification GSM 11.11 describes the (technical) SIM specifications. Mobile service may be one of the applications of a multiservice I
9、C card. All specifications of the ZC card in this specification refer to the part of the IC card which is specific for GSM mobile services. It is foreseen that SIM functions will have to be updated in course of time. Upwards compatibility shall be assured with regard to the standardization of the ne
10、twork interface functions of the SIM via the ME and with regard to the user related SIM functions on the SIM-ME interface. 2. GENERAL 2.1. Description The International Mobile Subscriber Identity (IMSI) is the information which uniquely identifies a subscriber to the GSM PLMN. Mobile stations can on
11、ly be operated if a valid IMSI is present (except for emergency calls when it is allowed according to GSM 02.03). According to GSM 02.09, the MS must contain a security function for authentication of the subscriber identity: a secret authentication key and a cryptographic algorithm. The Subscriber I
12、dentity Module is the module which contains all the processes involving the authentication key. The SIM also contains the IMSI, and mobile subscriber related information. The SIM shall have a clearly defined physical and logical interface with the outside world. In all cases a PIN may be used to pro
13、vide protection against unauthorized use of the SIM. For security reasons the PIN must be stored and checked within the SIM. The SIM is a removable module. The SIM shall provide storage of subscriber related temporary data (TMSI, LAI, Kc, Timervalue ). 2.2. Definitions The SIM is a removable module
14、which is meant to be inserted either whenever the subscriber wants to use the MS and may be removed when the MS is unattended or a SIM installed in the MS at subscription time. Two variants are introduced: 3404583 0077984 4bT M 1 GSM 02.17 - version 4.2.0 - page 3 IC card SIM and plug-in SIM 1. IC c
15、ard SIM A module, the interface of which with the outside world is in accordance with IS0 standards on IC cards (IS0 7816 series). The SIM may be a part of a multi service card, of which GSM mobile telecommunication is one of the applications. 2. Pluq-in SIM A dedicated module to be fully standardiz
16、ed within the GSM system. It is intended to be semi-permanently installed in the ME. Mobile Equipment (ME) The ME is the Mobile Station (MS) without the SIM. GSM network operation GSM network operations are operations during Set-up, active- and clearing phase of a call. When used in the ME, the SIM
17、shall provide the following functions when it is in GSM network operation: - storage of subscriber related security information (e.g. IMSI, keys) of GSM 02.09, and implementation of authentication and cipher key generation mechanisms (algorithms A3 and A8) of GSM 03.20; - User PIN operation (if a PI
18、N is required) and management; - management of mobile subscriber related information. GSM network operation is only possible when the SIM has a valid IMSI. GSM administrative manaqement operation GSM administrative management operations are all operations needed to provide GSM subscribers with a val
19、id SIM, allowing access to GSM services. GSM administrative management operations have to deal with the different phases that occur during the lifetime of a SIM. A SIM life may consists of the following phases: - production; - distribution; - (pre)personalization; - repersonalization; - blocking. Ap
20、plication data file (ADF) When the IC card SIM is part of a multiservice IC card the set of data (including programs) related to GSM is 3404583 0077985 3Tb , GSM 02.17 - version 4.2.0 - page 4 organized into one specific Application Data File called GSM ADF. Relevant parties Regarding GSM administra
21、tive management operation, the following parties are identified: 1. SIM manufacturer: responsible for serial number and transportation code and security algorithm; 2. SIM issuer: creates GSM ADF; 3. Service activator: responsible for management of Ki, IMSI, subscriber number and for enabling network
22、 access; 4. Delivery party: res.-msible for programming of subscriber data; 5. GSM Subscriber. 3. SIM REQUIREMENTS 3.1. Security Requirements 3.1.1. General The authentication key, and all mobile subscriber related secret information must be protected at all times, not only when it is conveyed from
23、the key management center to the SIM but also during GSM network operation of the SIM. Therefore the SIM functions and the data must be kept in a physically and logically secure environment (see GSM 02.09). The SIM shall have a clearly defined physical and logical interface with the outside world. S
24、ecurity also depends on the organization of the SIM memory and on the management of subscriber related data within the ME. For security reasons all reasonable steps must be taken to guarantee that algorithms A3 and A8 cannot be altered, bypassed or manipulated in such a way to reveal secret informat
25、ion. Modifications, updates and changes regarding the security functions of the SIM require a new SIM to be issued. If the GSM ADF is one of several ADFs in a multiservice IC card, all other ADFs shall have no means of unauthorized accessing of any data of the GSM ADF. 3.1.2. Security in GSM network
26、 operation No commands other than those specified shall be understood by the SIM in GSM network operations (when dealing with the GSM application in case of multi-application IC card SIM). The SIM must contain a mechanism that allows a responsible party to test (ref. GSM 11.11) the SIM for a correct
27、 implementation. All subscriber related information transferred into the ME during GSM network operations shall be deleted f-Jm the ME after removal of the SIM or deactivation of the MS. However, optionally an ME may keep some less security related data, such as Short Messages, the Last Number(s) di
28、alled and 3404583 0077986 232 GSM 02.17 - version 4.2.0 - page 5 Abbreviated Numbers, at SIM removal or MS switch-off. This data shall only be retrievable if/when the same SIM is reactivated (as determined by the IMSI). If the IMSIXstored in the ME for this purpose after SIM removal or MS switch-off
29、, the IMSI shall be stored securely and not be able to be read out. Abbreviated Dialling Numbers (ADN/SSC), including possible overflow and sub-address, may be stored in the SIM and/or the ME at user discretion (subject to the capability of the SIM and ME). ADN/SSC stored in the ME by the user are n
30、ot subject to the above security restriction. See GSM 11.11 for further information on which data is not allowed to be kept in the ME. 3.1.3. PIN and PIN2 Management The SIM must be able to handle a PIN, even if it will be never used. The PIN shall consists of 4 to 8 (numeric only) digits. An initia
31、l PIN is loaded by the service activator at subscription time. Afterwards the PIN, as well as the length of the PIN, can be changed by the user as often as he likes. The user will be able to decide whether to make use of the PIN function, or not by using an appropriate SIM-ME function called PIN dis
32、abling function. This disabling is valid until the user specifically re-enables the PIN check. This PIN disabling function can be inhibited at subscription time by a person authorized to do so by the network operator, i.e. the subscriber has no choice if the disabling function is inhibited but is fo
33、rced to use the PIN. If a correct PIN is entered, then the ME has access to the SIM functions or to SIM information elements defined in GSM 11.11 as protected by PIN during the session. If an incorrect PIN is entered, an indication is given to the user. After three consecutive incorrect entries the
34、SIM PIN (that is to say the access to functions or information elements defined in GSM 11.11 as protected by PIN ) blocked, even if between attempts the SIM has been removed or the MS has been switched off. For unblocking see section 3.3.4. At the network operator discretion, the SIM may be able to
35、handle a second personal secrete key, called PIN2, even if it will be never used. PIN2 shall consists of 4 to 8 (numeric only) digits. An initial PIN2 is loaded by the service activator at subscription time. Afterwards the PIN2, as well as the length of the PIN2, can be changed by the user as often
36、as he likes. The user is not able to decide to make no use of the PIN2 function when it is handled by the SIM. If a correct PIN2 is entered, then the ME has access to the SIM functions or information elements defined in GSM 11.11 a as protected by PIN2 during the session. W 3404583 0077987 179 GSM 0
37、2.17 - version 4.2.0 - page 6 If an incorrect PIN2 is entered, an indication is given to the user. After three consecutive incorrect entries the SIM PIN2 (that is to say the access to functions or information elements of the SIM defined in GSM 11.11 as protected by PIN2) is blocked, even if between
38、attempts the SIM has been removed or the MS has been switched off. For unblocking see section 3.3.4. On a SIM handling both PIN and PIN2, there is no hierarchical relationship between PIN and PIN2 e.g. correct presentation of PIN2 does note allow actions to be performed which require presentation of
39、 PIN and vise versa. On SIM which only handle PIN (because the network operator so decides at personalisation) access to SIM information elements requiring PIN2 presentation are possible with PIN presentation instead but functions using PIN2 are not executable. 3.2. Operational Requirements for GSM
40、network operations 3.2.1. General When using a SIM it is always pc sible to remove the SIM from the ME by an appropriate procedurt (specified in GSM 11.11). In that case calls in progress wiil be immediately terminated according to the appropriate call clearing procedure. When inserting the SIM (i.e
41、. after answer to reset) all relevant subscriber related data shall be transferred from the SIM to the ME. Subscriber related temporary data (e.g. TMSI, LAI, Kc, .) shall be stored on he SIM after each call termination and when the MS is correctly deactivated. Integrity of stored data is only guaran
42、teed when the SIM is removed after a correct (that is to say according to the ME manufacturer instructions) deactivation of the MS. Both types of SIM are, in GSM network operation, identical from the functional and logical (e.g. structure of messages, protocol) point of view. Each of the two types a
43、re fully standardized in order to guarantee unconditional interchangeability between SIMS of alike type, for each variant of MS for which they have been designed. 3.2.2. IC Card SIM 1 The IC card SIM requires an appropriate accepting device in the ME. The IS0 international standards for the physical
44、, electrical and logical characteristics apply. See GSM 11.11 for further details. 3404583 0077986 005 = GSM 02.17 - version 4.2.0 - page 7 3.2.3. Plug-in SIM One common interface for the plug-in SIM shall be standardized within GSM specify by its physical, electrical and logical characteristics. Th
45、e plug-in SIM requires an appropriate connector in the ME. 3.3. Requirements For GSM Administrative Management 3.3.1. General Administrative management of the SIM is the responsibility of the GSM PLMN operator. Only those aspects which may impact on other PLMN operators need to be standardized withi
46、n GSM. 3.3.2. Distribution of SIMs When a SIM is delivered by the SIM supplier it contains all functions necessary to operate or to be initialized to operate but it contains no authentication key and no IMSI. The SIM contains the authentication function including the algorithm. 3.3.3. Prepersonaliza
47、tion and Personalization of SIMs Prepersonalization is assigning and loading a SIM with authen- tication key and IMSI, and is done using a prepersonalization key. Prepersonalization is done in a secure environment under responsibility of the service activator. Personalization consists of associating
48、 subscriber data (e.g. directory number) to a prepersonalized SIM and performing the necessary programming and administration. This operation is performed at subscription time, either in a central management center or remotely in any location, using a personalization key. Personalization is done und
49、er the HPLMN operators responsibility. 3.304. Blocking/unblocking of SIM Blocking of a SIM PIN is to put the SIM into a status which forbids those actions of the ME upon the SIM which are defined in GSM 11.11 to be protected by PIN . Unblocking of the SIM PIN is possible under the control of a PIN unblocking key. Blocking of a SIM PIN2 is to put the SIM it into a status which forbids those actions of the ME upon the SIM which are defined in GSM 11.11 to be protected by PIN2 . Unblocking of the SIM PIN2 is possible under the control of a PIN2 unblocking key. The PIN and PIN2 unblocking keys
