A Methodology for UICC-Based Security Services in Pervasive Fixed Mobile Convergence Systems

A Methodology for UICC-Based Security Services in Pervasive Fixed Mobile Convergence Systems

Jaemin Park (Convergence WIBRO BU, KT (Korea Telecom), Republic of Korea)
DOI: 10.4018/978-1-60960-735-7.ch008
OnDemand PDF Download:
No Current Special Offers


This chapter presents the fundamental and security characteristics of UICC and current practices of UICC-based security services (e.g. banking, stock, network authentication, etc.) in pervasive FMC systems. Moreover, we propose a novel UICC-based service security framework (USF), which implements the essential security functionalities used for FMC services, to provide the integrated security infrastructure and secure FMC services. The USF can be utilized to authenticate users, preserve privacy, and protect network infrastructures and business models of telephony companies.
Chapter Preview


The UICC is the smartcard used in mobile terminals in GSM and UMTS networks. The UICC can guarantee the integrity and security of the personal data such as the phone number, messages, contact information (phonebook, e-mail, etc.) and so forth. SIM and USIM applications acting as the user authentication modules are stored in the UICC, respectively for GSM and UMTS networks. When the mobile terminals are starting to be activated, SIM and USIM applications begin to operate the authentication procedures with AuC (Authentication Center). For this, these applications and AuC should share the secret key for user authentication. These applications are the fundamental and most important among other applications in the UICC.

Several applications for UICC value added services can be stored in the memory such as EEPROM, flash, etc. of the UICC. Most of these applications can be pre- or post- loaded, installed and instantiated based on the GlobalPlatform, the UICC management platform for the issuers. These applications are usually implemented on top of the Java Card Platform, which provides the java card runtime environment, java virtual machine and APIs. The applications mostly facilitate the APIs to invoke the methods supported by Java Card Platform. The examples of these applications can be transportation, banking, stock, credit card, loyalty, etc. Most of these services are utilizing the security characteristics of UICC and further explained in the following chapters.

Complete Chapter List

Search this Book: