1、 ETSI TS 102 266 V7.1.0 (2006-01)Technical Specification Smart Cards;USSM: UICC Security Service Module;Stage 1ETSI ETSI TS 102 266 V7.1.0 (2006-01) 2 Reference RTS/SCP-R0002r1 Keywords smart card, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 F
2、ax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than
3、 one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network
4、drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the prese
5、nt document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. Europe
6、an Telecommunications Standards Institute 2006. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members. 3GPPTM is a Trade Mark
7、 of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 102 266 V7.1.0 (2006-01) 3 Contents Intellectual Property Rights4 Foreword.4 1 Scope 5 2 References 5 3 Definitions and abbreviations.5 3.1 Definitions5 3.2 Abbreviations .6 4 Introduction and Ov
8、erview.6 4.1 Introduction 6 4.2 Overview 7 5 Functional Requirements8 5.1 USSM Admin Functions 8 5.2 Sensitive Objects and Operations.9 5.3 Restricted Access .10 5.4 Information Attributes10 Annex A (informative): Notes11 Annex B (informative): Change history .12 History 13 ETSI ETSI TS 102 266 V7.1
9、.0 (2006-01) 4 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intell
10、ectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investi
11、gation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specific
12、ation (TS) has been produced by ETSI Technical Committee Smart Card Platform (SCP). The present document defines the stage 1 description for the USSM. The contents of the present document are subject to continuing work within EP SCP and may change following formal EP SCP approval. If EP SCP modifies
13、 the contents of the present document, it will then be republished by ETSI with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit: 0 early working draft; 1 presented to EP SCP for information; 2 presented to EP SCP for approval
14、; 3 or greater indicates EP SCP approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. ETSI ET
15、SI TS 102 266 V7.1.0 (2006-01) 5 1 Scope The present document describes the functional requirements of the USSM, a generic UICC Security Service Module, to be used by the applications on an UICC. It defines the necessary framework for supporting and managing the USSM on an UICC. The concept of the U
16、SSM is flexible enough to allow additional security objects and operations to be added easily in later versions of the specification or during the specification of a stage-2 document. 2 References The following documents contain provisions which, through reference in this text, constitute provisions
17、 of the present document. References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply. For a non-specific reference, the latest version applies. In the case of a reference to a
18、 EP SCP document, a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. 1 ISO 16609:
19、“Banking - Requirements for message authentication using symmetric techniques“. 2 ISO/IEC 9796-2: 2002: “Information technology - Security techniques - Digital signature schemes giving message recovery - Part 2: Integer factorization based mechanisms“. NOTE: See ISO/IEC 9796-2:2002 3 OMA-WAP-WIM-V1-
20、2-20050322-C, Wireless Identity Module, Version 1.2 - 22 March 2005 . 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: access attributes: access conditions associated to a sensitive object authentication object: PIN
21、or a key for a challenge response mechanism that is used for authentication purposes card issuer: entity that owns the card DES: Data Encryption Standard, standard cryptographic algorithm specified as DEA in ISO 16609 1 digital signature: message digest of the document encrypted with the secret sign
22、ing key of the signer, along with information about the signer and the algorithms used information attributes: informational data associated to a sensitive object ETSI ETSI TS 102 266 V7.1.0 (2006-01) 6 sensitive object: data object containing sensitive and/or protected information like keys, pins o
23、r certificates. Most objects on the USSM are sensitive and have to be protected against unauthorized access NOTE: The term might also include objects, which are not sensitive (e.g. some user certificates might be not sensitive), but are handled by the USSM in the same manner. USSM owner: entity that
24、 controls the USSM and has the right to administer its objects NOTE: It can be the card issuer, but also an application provider 3.2 Abbreviations For the purpose of the present document, the following abbreviations apply: AA Access Attributes API Application Program Interface DES Data Encryption St
25、andard DF Directory File DRM Digital Rights Management DSA Digital Signature Algorithm IA Information Attributes OTA Over the Air PIN Personal Identification Number PKI Public Key Infrastructure RSA Rivest / Shamir / Adleman asymmetric algorithm SO Sensitive Object USSM UICC Security Services Module
26、 WIM Wireless Identity Module 4 Introduction and Overview 4.1 Introduction The USSM is a general security module on the UICC, which offers security services to applications on the UICC through an API with standardized functions. The USSM can store sensitive data and manage access to sensitive data.
27、Different applications could use different keys, but through access mechanisms it is also possible to share keys, especially when using PKI technology. Possible areas where the USSM adds value are authentication, signatures, DRM, secure EMail, payments, banking, application download (to the card and
28、 terminal device) etc. Besides the advantage in having a generic API towards the security objects it also could be beneficial in reducing the space needed for each application using its own APIs and keys. Through a kind of proxy application it is also possible to offer services of the USSM to entiti
29、es outside the UICC, e.g. the Mobil Equipment or the network. The requirements of the interface of this proxy application (which can be used by entities outside the card) is not part of the present document. This version of the stage 1 specification focuses on the most common sensitive objects and o
30、perations. Other features like key agreement, key wrapping, DSA, and support for additional encryption and decryption schemes may be added in later versions, depending on future requirements and appropriate support. ETSI ETSI TS 102 266 V7.1.0 (2006-01) 7 4.2 Overview The following figure shows the
31、logical components of the USSM and various sample applications that may use the USSM. Secure Storage with USSM Data: SO: Sensitive Objects (e.g. privKey1, privKey2, symmKey1, rootCert1, .) - AA: access attributes- IA: information attributesOperationsAPI of the USSM(e.g. sign, encrypt,decrypt, verify
32、, . .)Application 1JavaApplication 7 Toolkit Application 2USIM.Admin Functions(e.g. change SO, set access attributes, .)Access ControlWIMAdminInterface Figure 1: Logical components of the USSM The USSM consists of the following logical components: a) Secure storage, which contains sensitive objects
33、and their access and information attributes. b) Administrative functions, which are used to administer the USSM. c) Operations, which are usable by card applications and can be accessed via an API. d) Access control, which checks that access conditions are met. The USSM contains the following type o
34、f data: a) Sensitive data: Although it is recognized that probably all objects of the USSM are sensitive, for the purpose of the present document the term “Sensitive Object (SO)“ is used for the keys and pins etc. b) Access attributes: For each SO there is some associated access information to contr
35、ol the use of the SO. These Access Attributes (AA) contain the conditions that must be fulfilled before an operation can be performed using a sensitive object. Through AAs it is possible to limit the access to a SO to specific applications, to specific operations and to define which authentication m
36、ust have been fulfilled. c) Information attributes: For each SO there may be some associated information which describe the SO. This information may be read by a card application through the API. ETSI ETSI TS 102 266 V7.1.0 (2006-01) 8 5 Functional Requirements 5.1 USSM Admin Functions USSM objects
37、need to be securely administered. This shall be possible through USSM Admin Functions. The administration shall not be limited to personalization, but shall also be possible in the field, e.g. via OTA. End-to-end security may be required between the USSM Administrator and the USSM, which is independ
38、ent of OTA transport security. This end-to-end security shall provide: confidentiality of sensitive data, integrity of the command data, authentication of the sender, protection against replay, and proof of execution. It shall be possible to configure the USSM to require none, some or all of these s
39、ecurity features. It shall be possible to have several USSMs on a card, each storing its own SOs, IAs and AAs. Each USSM is administered by its owner. Initial keys for secure administration may be loaded at point of manufacturing. It is up to the card issuer policy to decide on the number of USSMs,
40、the available memory per USSM, delegated management, etc. The following figure shows an example with several USSMs in a card and the interaction between applications and USSMs. USSM-1AdministratorUSSM-1USSM-2AdministratorUSSM-3AdministratorUSSM-2USSM-3Appl-1Appl-2Appl-3Appl-4Appl-6Appl-5Figure 2: Ex
41、ample with several USSMs ETSI ETSI TS 102 266 V7.1.0 (2006-01) 9 The following table summarizes management functions that shall be defined in the first version of the stage 2 document. Depending on the implementation some USSMs may not support all of the following management functions. Table 1: List
42、 of Admin Functions Function Comment Management of Sensitive Objects - add (create) / update / erase a SO on the USSM - retrieve / set / change attributes of a SO - read a “readable“ SO (e.g. a public key, root-certificate, certificate URL) - link SOs together, e.g. a private key on the USSM to corr
43、esponding user certificates/URLs - secure deletion of SO (e.g. overwrite with 0xFF) - switch between two states inactive and active. Inactive SOs cannot be used by USSM operations. - terminate an SO (i.e. the identifier of the SO is kept on the card, but the SO is no longer usable) - mark an SO as s
44、ecurity critical. It will automatically be terminated and its sensitive data be securely deleted if the associated authentication object (e.g. PIN) is blocked. Management functions related to authentication - set / change the value of a PIN, even when blocked (i.e. free blocked PIN) - block/unblock
45、authentication objects - set retry counters - link a SO to an authentication object Key generation - trigger generation of new RSA key pair within the USSM Management of USSM - read/update/delete information about the USSM - retrieve remaining memory of USSM Objects are administered by the USSM owne
46、r, even a private key. However a private key with a non-repudiation flag is never readable/extractable by the USSM owner (although it might be deletable). The concept of the USSM shall be flexible enough to allow the addition of new management functions in future versions of the specification. 5.2 S
47、ensitive Objects and Operations This clause defines sensitive objects and standardized operations that can be used with these objects. These operations can be used by applications on the UICC via an API. The framework of the USSM shall be flexible enough to allow the addition of other types of sensi
48、tive data and other operations. The following types of sensitive objects shall be defined in the first version of the stage 2 specification. Depending on the implementation some USSMs may not support all of the following objects. - Private RSA keys - Public RSA keys - PINs - Symmetric keys - Root ce
49、rtificates - User certificates - Certificate URLs ETSI ETSI TS 102 266 V7.1.0 (2006-01) 10The following table summarizes operations which shall be supported by the USSM if the corresponding types of sensitive data objects are supported. The exact definition of the supported operations in the first version of the USSM (e.g. RSA encryption according to RSAES PKCS v1_5 ENCRYPT 2) will be specified in the stage 2 document. These operations can be used with (shareable) SOs available in the USSM according to their type and access attributes. Table 2: Lis
