MTC物联网3GPP 安全相关可行性报告Word格式.docx
《MTC物联网3GPP 安全相关可行性报告Word格式.docx》由会员分享,可在线阅读,更多相关《MTC物联网3GPP 安全相关可行性报告Word格式.docx(136页珍藏版)》请在冰点文库上搜索。
Specificationsandreportsforimplementationofthe3GPPTMsystemshouldbeobtainedviathe3GPPOrganizationalPartners'
PublicationsOffices.
Keywords
SECURITY
CopyrightNotification
Nopartmaybereproducedexceptasauthorizedbywrittenpermission.
Thecopyrightandtheforegoingrestrictionextendtoreproductioninallmedia.
©
2010,3GPPOrganizationalPartners(ARIB,ATIS,CCSA,ETSI,TTA,TTC).
Allrightsreserved.
UMTS™isaTradeMarkofETSIregisteredforthebenefitofitsmembers
3GPP™isaTradeMarkofETSIregisteredforthebenefitofitsMembersandofthe3GPPOrganizationalPartners
LTE™isaTradeMarkofETSIcurrentlybeingregisteredforthebenefitofitsMembersandofthe3GPPOrganizationalPartners
GSM®
andtheGSMlogoareregisteredandownedbytheGSMAssociation
Contents
Foreword
ThisTechnicalReporthasbeenproducedbythe3rdGenerationPartnershipProject(3GPP).
ThecontentsofthepresentdocumentaresubjecttocontinuingworkwithintheTSGandmaychangefollowingformalTSGapproval.ShouldtheTSGmodifythecontentsofthepresentdocument,itwillbere-releasedbytheTSGwithanidentifyingchangeofreleasedateandanincreaseinversionnumberasfollows:
Versionx.y.z
where:
xthefirstdigit:
1presentedtoTSGforinformation;
2presentedtoTSGforapproval;
3orgreaterindicatesTSGapproveddocumentunderchangecontrol.
Ytheseconddigitisincrementedforallchangesofsubstance,i.e.technicalenhancements,corrections,updates,etc.
zthethirddigitisincrementedwheneditorialonlychangeshavebeenincorporatedinthedocument.
Introduction
MachinetoMachine(M2M)Communicationisseenasaformofdatacommunicationbetweenentitiesthatmayhavenohumaninteraction.OneofthechallengeswithM2McommunicationisthatdeployedM2Mequipmentsaremanagedremotelywithoutanydirecthumaninteractionwiththedevice.
ThisTechnicalReportconsiderstheM2MEquipmentasadevicethatcouldbeafullyself-containeddeviceoradevicewithinterfacestoattach,forexample,sensorsandon-siteserviceequipment.Thecurrent3GPPsystemdefinestheuseofaUSIM/ISIMapplicationinaUICCasameansofprotectingusers(untilnowmostlyhumanusersofmobileterminals)andnetworkoperatorsfromfraudulentuseofthenetwork.SincesomeoftheoriginalassumptionsontheuseofaUSIM/ISIMapplicationinaUICCdidnottakeintoaccounttherequirementsofM2MEquipmentandusers,thecurrentUICCbasedsolutionneedstobereviewedagainstthenewassumptionsthatarisefromM2M.
TR22.868presentsastudyonfacilitatingmachine-to-machine(M2M)communicationin3GPPsystems.ThisTechnicalReportgoesalongwiththeTR22.868,evaluatingfromasecurityperspectivethesolutionsthatmightaddresstheM2Musecases.OneofthechallengeshighlightedinTR22.868isthepossibleneedtobeabletoprovision(i.e.initializeand/orchangethesubscriptionof)M2Mequipmentremotely,i.e.withoutrequiringapersontoattendthelocationoftheM2Mequipment.Thiswascapturedinclause6ofTR22.868,aspossiblerequirementsthatcouldfacilitateM2Mcommunicationsin3GPPsystems,andmorespecificallyinclause5.2.2ofTR22.868whenhandlinglargenumbersofM2Mequipment.TR22.868mentionsonlyUICC-basedsolutionforM2Muse-casesanddoesnotexplicitlymentiontheneedtoinvestigateUICC-less-basedsolutions.
NOTE:
ForthereasonsexplainedintheDefinitionsclause,thetermMCIMisused
asagenericterm
throughoutthisdocumentandUSIMorISIMisconsideredasatypeofthegenericMCIM.
However,wheneverUSIMandISIMarereferredtointheremainderofthisdocument,theyrefertothetraditionalUSIMorISIMthatresideontheUICC.
1Scope
ThescopeofthisTechnicalReportistostudytheremotesubscriptionmanagementforM2MEquipment(M2ME)whentheMachineCommunicationsIdentityModule(MCIM)applicationresidesintheUICCandwhentheMCIMapplicationresidesintheM2Mequipment.Theremotesubscriptionmanagementincludestaskssuchasremotesubscriptionprovisioningand/orremotechangeofsubscription.
ThescopeofthisstudyincludesthedefinitionofatrustmodelforremotesubscriptionmanagementforM2ME.Securitythreatsandsecurityrequirementsareidentified,andanevaluationofthecandidatesolutionsispresented.
Thesecurityimplicationsofthefollowingrequirementsarewithinthescopeofthestudy(basedonsection5.2.2ofTR22.868)
1.ThepossibilitytochangesubscriptionforM2MEsoutinthefield(e.g.aftercontractexpiry)withoutdirecthumanintervention.
2.ThepossibilitytoallocatetheM2MEatinitialpoweruptoanetworkoperatorwithoutdirecthumanintervention.
Furthermore,thisstudyincludesthefollowingitems:
-aninvestigationofcandidatesecuritysolutionsarchitecturesthatallowremotesubscriptionmanagementtotakeplaceinasecuremanner;
-anidentificationofcurrentUSIM/ISIMfunctionalitythatmayneedtobeincorporatedinaMCIMapplication,withorwithoutchangestoallowremotesubscriptionmanagementfortheM2ME;
-anidentificationoffunctionalityinthenetwork,intheUICCorintheM2ME,thatmayneedtobeaddedduetotheremotesubscriptionmanagementmethod;
-thestudymayidentifyprinciplerequirementsforprotectedstorageandtheexecutionenvironment(e.g.bycollaboratingwithrelevantworkinggroupssuchastheOMTPHardwaregroup)
ThisstudyisbeyondthescopeofthefirstrequirementidentifiedinSA1TR22.868sincesection5.2.2ofTR22.868containsarequirementtohave"
TamperSave/TheftproofterminalincludingaUICC"
.
2References
Thefollowingdocumentscontainprovisionswhich,throughreferenceinthistext,constituteprovisionsofthepresentdocument.
∙Referencesareeitherspecific(identifiedbydateofpublication,editionnumber,versionnumber,etc.)ornonspecific.
∙Foraspecificreference,subsequentrevisionsdonotapply.
∙Foranon-specificreference,thelatestversionapplies.Inthecaseofareferencetoa3GPPdocument(includingaGSMdocument),anon-specificreferenceimplicitlyreferstothelatestversionofthatdocumentinthesameReleaseasthepresentdocument.
[1]3GPPTR21.905:
"
Vocabularyfor3GPPSpecifications"
.
[2]3GPPTR22.868:
StudyonFacilitatingMachinetoMachine"
[3]TrustedComputingGroup,"
MobileReferenceArchitectureandMobileTrustedModulespecifications"
https:
//www.trustedcomputinggroup.org/specs/mobilephone/.
[4]GlobalPlatformDeviceApplicationSecurityManagement,http:
//www.globalplatform.org/specificationsdevice.asp.
[5]OMTPTrustedEnvironment:
OMTPTR0,
http:
//www.omtp.org/Publications/Display.aspx?
Id=03f37406-be24-424b-b177-dd0cb9dbc719
[6]OMTPAdvancedTrustedEnvironment:
OMTPTR1,
Id=24ad518b-6dba-4155-ad51-3143bd43a234
[7]GSMA/EICTAPrinciplesconcerninghandsettheft,GSMA:
SecurityPrinciplesRelatedtoHandsetTheft3.0.0
[8]ETSITS102
221:
SmartCards;
UICC-Terminalinterface;
Physicalandlogicalcharacteristics"
[9]3GPP
TS
31.102:
CharacteristicsoftheUSIMApplication"
[10]3GPP
31.103:
CharacteristicsoftheIPMultimediaServicesIdentityModule(ISIM)Application"
[11]3GPP
31.101:
UICC-TerminalInterface,PhysicalandLogicalCharacteristics"
[12]ETSI
101
220:
Smartcards;
ETSInumberingsystemfortelecommunicationapplicationproviders"
[13]OMA-TS-DM_Bootstrap-V1_2:
OMADeviceManagementBootstrap"
//member.openmobilealliance.org/ftp/Public_documents/DM/Permanent_documents/
[14]OMA-TS-DM-Security-V1_2:
OMADeviceManagementSecurity"
3Definitions,symbolsandabbreviations
3.1Definitions
Forthepurposesofthepresentdocument,thetermsanddefinitionsgiveninTR
21.905
[x]andthefollowingapply.Atermdefinedinthepresentdocumenttakesprecedenceoverthedefinitionofthesameterm,ifany,inTR
[x].
TrustedEnvironment.TheTrustedenvironment(TRE)withtheM2MEprovidessomehardwareandsoftwareprotectionandseparationfortheprovisioning,storage,executionandmanagementofMCIMs.ATREcanbevalidatedatanytimebyanexternalagencythatisauthorisedtodoso.
MCIM:
ForthepurposesofthepresentdocumenttheMachineCommunicationIdentityModule(MCIM)isatermthatindicatesthecollectionofM2MsecuritydataandfunctionsforaM2MEforaccessinga3GPPnetwork.ThismaybeanIMSnetwork.MCIMmayresideonaUICCoronaTRE.
AsUSIMandISIMarebydefinitionlocatedontheUICC,thesetermscannotbeusedinthecontextofthisTRwhenthecorrespondingsecuritydataandfunctionsareintendedtoresideoutsidetheUICC.MCIMcanbeusedsimilarlyasUSIMandISIMareusedforaccessingnetworks,thedifferencebeingthatMCIMmayresideonaUICCoronaTRE.ForthepurposesofreadabilitywhereMCIMsarehostedbyaUICC,thetermMCIMcanrefertoapplicationssuchasUS
升级会员 