1、 ETSI TS 122 112 V8.0.0 (2009-03)Technical Specification Universal Mobile Telecommunications System (UMTS);LTE;USIM toolkit interpreter;Stage 1 (3GPP TS 22.112 version 8.0.0 Release 8)ETSI ETSI TS 122 112 V8.0.0 (2009-03) 1 3GPP TS 22.112 version 8.0.0 Release 8 Reference RTS/TSGC-0622112v800 Keywor
2、ds LTE, UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present d
3、ocument can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of di
4、spute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other
5、 ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by w
6、ritten permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2009. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Trade Marks of ETSI registered for the benefit o
7、f its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registe
8、red and owned by the GSM Association. ETSI ETSI TS 122 112 V8.0.0 (2009-03) 2 3GPP TS 22.112 version 8.0.0 Release 8 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any
9、, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on
10、 the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) wh
11、ich are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or
12、GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. ETSI ETSI TS 122 112 V8.0.0 (2009-03) 3 3GPP TS 22.112 version 8.0.0 Rel
13、ease 8 Contents Intellectual Property Rights2 Foreword.2 Foreword.4 1 Scope 5 2 References 5 3 Definitions and abbreviations.6 3.1 Definitions6 3.2 Abbreviations .6 4 General requirements .6 5 Component requirements .7 5.1 Application system.7 5.2 USAT Gateway 8 5.2.1 Blocking mechanisms .8 5.2.2 Er
14、ror handling.8 5.3 Access Node.8 5.4 Mobile Equipment8 5.5 USIM with USAT Interpreter and stored applications .8 6 Protocol requirements.10 6.1 Application to USAT Gateway protocol 10 6.2 USAT Gateway to USAT Interpreter protocol.10 6.2.1 Transport requirements .10 6.2.2 Coding requirements.10 6.2.3
15、 Functional requirements .10 6.2.3.1 USAT command functionality 10 6.2.3.2 Non USAT command functionality 10 6.3 Application System to USAT Interpreter protocol.11 6.4 Administration protocol .11 7 Functional requirements of the USAT Interpreter12 7.1 End-to-end security 12 7.2 Location services12 7
16、.3 Event driven services13 7.4 Push13 7.5 Cell Broadcast 13 Annex A (informative): Change history .14 History 15 ETSI ETSI TS 122 112 V8.0.0 (2009-03) 4 3GPP TS 22.112 version 8.0.0 Release 8 Foreword This Technical Specification has been produced by the 3GPP. The contents of the present document ar
17、e subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of this TS, it will be re-released by the TSG with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit:
18、1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater Indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editor
19、ial only changes have been incorporated in the document. ETSI ETSI TS 122 112 V8.0.0 (2009-03) 5 3GPP TS 22.112 version 8.0.0 Release 8 1 Scope The present document specifies a system to make Mobile Operator services, based on USAT functionality and USIM based security functionality, available to an
20、 internet environment. This is achieved by specifying the necessary components and protocols for a secure narrow band channel between the internet application and an USAT Interpreter on the USIM. The actual application could be developed using the application language of choice. Two types of applica
21、tions interfaces are used as examples, i.e., mark-up language based on WML and Remote Procedure Call (RPC). The interpreter and the secure narrow band channel form a core platform to enable services like: - Advanced security functionality, e.g., digital signatures in m-commerce applications - Value
22、added services based on position and roaming - Controlled activation and management of other applications, e.g. multimedia and payment type of applications. The secure narrow band channel is achieved by specifying the following: - specific application and content related functionalities of the inter
23、face between the application system and the USAT Gateway; - specific functionalities and protocols of the interface between the USAT Gateway and the USAT Interpreter associated with a USIM, achieved by defining a low level command set for interpretation by the USAT Interpreter; - defined level of fu
24、nctionality available to the application server for the implementation of USIM based services such as PKI, location services, push and broadcast services, event based services, etc The present document does not specify any elements of the protocol stack between the application server and the USAT Ga
25、teway, the mark-up language definition, and the transport protocols between the USAT Gateway and the USAT Interpreter. 2 References The following documents contain provisions, which, through reference in this text, constitute provisions of the present document. References are either specific (identi
26、fied by date of publication, edition number, version number, etc.) or non-specific. For a specific reference, subsequent revisions do not apply. For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific referenc
27、e implicitly refers to the latest version of that document in the same Release as the present document. 1 3GPP TS 23.048: “Security Mechanisms for the SIM application toolkit; Stage 2“. 2 3GPP TS 22.048: “ Security Mechanisms for the SIM application toolkit; Stage 1“. 3 3GPP TS 31.111: “USIM Applica
28、tion Toolkit (USAT); Physical and logical characteristics“. ETSI ETSI TS 122 112 V8.0.0 (2009-03) 6 3GPP TS 22.112 version 8.0.0 Release 8 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following definitions apply: application protocol: Protocol to conv
29、ey data between the application system and the USAT Gateway. end-to-end security: Secure content transfer between the Content System and the USAT Interpreter based on symmetric algorithms and/or asymmetric algorithms. low level command set: A transport bandwidth and USAT Interpreter implementation e
30、fficient coding of the content. Plug-in: Any other application or functionality resident on the USIM and accessible for the USAT Interpreter (regardless of the language used to implement the plug-in) USIM: A 3G application on an IC card. USIM session: link between the USIM and the external world sta
31、rting with the ATR and ending with a subsequent reset or a deactivation of the USIM 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: FFS For Further Study GPRS General Packet Radio Service HTTP Hypertext Transfer Protocol M Mandatory ME Mobile Equipment
32、O Optional PKI Public Key Infrastructure SMS Short Message Service SSL Secure Sockets Layer tbd. To Be Defined UCS2 Universal two byte coded Character Set UE User Equipment URL Uniform Resource Location USAT USIM Application Toolkit USIM Universal Subscriber Identity Module WML Wireless Mark-up Lang
33、uage 4 General requirements The diagram below describes a system for dynamic content delivery via USAT. The following entities and protocols are defined: Application System - This entity is a collection of systems that utilise the USAT Interpreter for services requiring the usage of USIM specific se
34、rvices, e.g., security. The application system may contain keys for secure end-to-end content delivery. Application to USAT Gateway Protocol (1) - This protocol is HTTP. A mark-up language is typically used to convey the application, e.g., a WML deck. Where required, SSL may be used to secure this p
35、rotocol. USAT Gateway ETSI ETSI TS 122 112 V8.0.0 (2009-03) 7 3GPP TS 22.112 version 8.0.0 Release 8 - This entity converts between the “Application to USAT Gateway Protocol“ and the “USAT Gateway to USAT Interpreter Protocol“. This system may contain keys for secure transport delivery using TS 23.0
36、48 1. USAT Gateway to USAT Interpreter protocol (2) - This protocol defines a transport bandwidth and USAT Interpreter implementation efficient coding of the content. TS 23.048 1 shall be used as the underlying transport protocol. Access Node / ME - These entities provide the transparent transport o
37、f the USAT Gateway to USAT Interpreter content. USIM with stored applications - This entity contains pre-stored low level commands for interpretation by the USAT Interpreter. This is secured by the USIM security mechanisms. - The pre-stored applications may be updated over the air (tbd.) or directly
38、. USIM with USAT Interpreter - This entity converts USAT Gateway to USAT Interpreter protocol to local USIM commands. The local USIM commands could be USAT commands or other commands necessary, e.g., security commands, to execute the application. The USIM with USAT Interpreter may contain keys for b
39、oth secure end-to-end content delivery and secure transport. A p p lica tio n System USAT Gateway A ccess Node SSL HTTP UE USIM with USAT Interpreter ESM S/G PRS etc 1 23Functionality Stored Application ETTFigure 1: System Components Functionality (3) - End-to-end security based on symmetric algorit
40、hms, PKI, location services, event driven services, push, broadcast. 5 Component requirements 5.1 Application system This entity is a collection of systems that utilise the USAT interpreter for services requiring the usage of USIM specific services, e.g., security. A special case is the provision of
41、 dynamic content for delivery via USAT, e.g. web server or an application. The application system may contain symmetric or asymmetric keys for secure end-to-end application delivery. The application system shall provide an HTTP interface to the USAT Gateway. ETSI ETSI TS 122 112 V8.0.0 (2009-03) 8 3
42、GPP TS 22.112 version 8.0.0 Release 8 5.2 USAT Gateway The USAT Gateway converts between the “Application to USAT Gateway Protocol“ and the “USAT Gateway to USAT Interpreter Protocol“. The USAT Gateway may contain keys for secure transport delivery using TS 23.048 1. This system shall provide interf
43、aces to the application systems and to the access nodes. 5.2.1 Blocking mechanisms The USAT Gateway shall be able to reject application containing forbidden functionality. Forbidden functionality is a set of functionality restricted on a application system basis or on an USIM basis. E.g., a restrict
44、ion of functionality available could be made based on the level of trust of the application system or on the subscription type of the user. The blocking mechanism generates an error as defined by the USAT Gateway error handling. 5.2.2 Error handling When the USAT Gateway rejects user requested conte
45、nt, the subscriber shall be informed by the USAT Gateway. Samples for possible error reasons are: - not supported mark-up language tags; - not supported attributes; - bad message structure; - security requirements not fulfilled; - internal errors; - rejection by busy USAT Interpreter; - communicatio
46、n failure; 5.3 Access Node This entity provides the transparent transport of the USAT Gateway to USAT Interpreter content. This can be SMS or GPRS or any other service available now or in the future, which is able to provide a transparent data channel to the USIM with USAT Interpreter. 5.4 Mobile Eq
47、uipment The mobile equipment provides the transparent transport of the USAT Gateway to USAT Interpreter content. For GPRS the ME decodes the IP-packets. 5.5 USIM with USAT Interpreter and stored applications This entity converts USAT Gateway to USAT Interpreter protocol to local USIM commands. The l
48、ocal USIM commands could be USAT commands or other commands necessary, e.g., security commands, to execute the application. The USAT Interpreter shall use the commands defined in TS 31.111 2 to communicate with the ME. The USIM with USAT Interpreter may contain keys for both secure end-to-end applic
49、ation delivery and secure transport. It shall provide memory space for locally stored translated applications. The USAT Interpreter shall be configurable to allow or deny the execution of specific low level commands. The USAT Interpreter can be triggered either ETSI ETSI TS 122 112 V8.0.0 (2009-03) 9 3GPP TS 22.112 version 8.0.0 Release 8 - locally from the ME, as a result from a menu selection, - locally from the ME, as a result from an event, - by an incoming page as a result from a previous URL request from the USAT Interpreter, or - by an incoming page