Java Card Forum

Secure Network Access and Communication

secure_network_access

Flexible connectivity has become a critical success factor in a world full of connected devices. This is even more critical as more and more devices are joining the IoT, and massive-IoT is an expected outcome of 5G. IoT device manufacturers deploy embedded SIM (eSIM) modules for consumer and M2M use cases to provide a reliable, robust and trusted access to the IoT ecosystem.

Embedded during the device production, blank SIMs are deployed in a variety of different formats and can be updated with the eSIM profiles of local MNOs (Mobile Network Operators) over the air, in the field. This flexibility reduces the need for IoT device makers and their suppliers to stock many different versions of SIMs for use in multiple countries, eliminating a lot of headaches from the manufacturer’s logistics chain.

Furthermore, the GSMA specifications(1) for remote subscription provisioning allows IoT service providers to select and download a subscription inside an embedded SIM for their devices, once they are actually deployed in the field. The remote subscription provisioning system also allows the switch from one subscription to another, which could for instance be triggered based on the device required quality of service or locally available access networks.

The latter aspect is part of a larger scope of power saving strategies required for IoT devices that need to be functioning autonomously for ten or twenty years, in low reachability locations. 3GPP has in this area enhanced the USIM and 3GPP devices specifications with features that allow IoT devices to deactivate or suspend the USIM for a long period of time, with the USIM being able to keep its internal status and thus optimize its wake-up time. These power saving mode features allow IoT devices to reduce battery consumption to a minimum level.

Java Card has traditionally been used in GSM, 3G, 4G and soon 5G networks to secure access to the cellular network. It is referenced in the 3GPP USIM and ISIM specifications(2), and follows the 3GPP authentication and key agreement protocols(3. As a result, Java Card is being used in billions of SIM cards deployed each year worldwide. MNOs develop and deploy Java Card applications to host and manage customer subscription, or implement operator network and power optimisation strategies. The dedicated security features of Java Card provide the perfect environment to securely store credentials, govern the authentication to the communication network and manage MNO customer-specific profiles and applications.

(1) http://www.gsma.com/esim/
(2) 3GPP TS 31.102 for USIM, and 3GPP TS 31.103 for ISIM
(3) 3GPP TS 33.102, TS 33.401 and TS 33.501 specifications for 3G, 4G and 5G security architecture respectively

> Back to IoT Use Case Overview

Find out more about Secure Gateway Authentication & Communication

> Download our FREE Whitepaper to find out more about how Java Card can secure the IoT sector