Embedded SIM Management System

Embedded SIM Management System

Key Glossary

Term Definitions Group SIM (embedded SIM) is also called eSIM, software SIM, virtual SIM card, and is a mobile communication user identification card module embedded in M2M or IoT devices. M2M (machine to machine) refers to the technology that allows machines to communicate with each other without human intervention. IoT (Internet of Things) refers to the technology that connects various devices through the Internet to achieve data exchange and communication. OTA (Over the Air) A method of remotely updating device software or data through a wireless network. Profile Contains information required to connect to a mobile network, such as IMSI, MSISDN, etc. IMSI (International Mobile Subscriber Identity) A unique identifier used to identify a user in a mobile network. MSISDN (Mobile Subscriber ISDN Number) The user's mobile phone number. Peer-to-peer network A decentralized network structure in which each node is both a client and a server and can communicate directly with other nodes. Node A device or computer in a peer-to-peer network. Blockchain A distributed database that records and verifies transactions in a secure, transparent, and tamper-proof manner. Transaction An operation or data exchange recorded on a blockchain. Registration Request Transaction A transaction that requests the registration of embedded SIM information to the blockchain. Utilization Request Transaction A transaction that requests the retrieval of embedded SIM information from the blockchain. Consensus Algorithm An algorithm used in a blockchain network to ensure that all nodes agree on a transaction. Digital Signature Encryption of information using the private key of the information registrant to verify the source and integrity of the information. Public Key Used in conjunction with a private key to verify a digital signature. A secret key (private key) is used in pair with a public key to generate a digital signature. A certificate of delegation (delegation certificate) is a certificate issued by the manufacturer of the integrated SIM card, used to delegate the management authority of the integrated SIM card to another party. A certificate of re-delegation (re-delegation certificate) is a certificate issued by a party to which management authority has been delegated, used to delegate the management authority of the integrated SIM card to another party. Remote setup program code (remote setup program code) is a program code used to remotely configure the integrated SIM card. Program setup status (profile setup status) is a status indicating whether the profile has been successfully remotely set to the integrated SIM card. Short answer question

What is an embedded SIM (eSIM)? How is it different from a traditional SIM card? An embedded SIM (eSIM) is a rewritable SIM card that is directly embedded into a device, while a traditional SIM card needs to be inserted into the device to be used. Unlike a traditional SIM card, an eSIM allows users to remotely change the operator profile without replacing the physical SIM card.

What network structure does the proposed embedded SIM management system adopt? Why is this network structure chosen? A peer-to-peer (P2P) network structure is adopted to manage embedded SIM information. The P2P network is chosen because it has the advantages of decentralization, high availability, and tamper-proof, which can solve the security and efficiency problems of the traditional centralized database management method.

What key information is included in the information registration request transaction? The information registration request transaction contains the group SIM identification information, profile, timestamp, digital signature generated using the private key of the information registrant, and the corresponding public key.

How to verify the legitimacy of the information registration request transaction? The nodes participating in the network will decrypt the digital signature using the public key disclosed by the information registrant and compare it with the hash value calculated based on the transaction content. If the two are consistent, the transaction is considered legitimate.

How to update the profile of the group SIM? First, the information registrant needs to generate an information registration request transaction containing a new profile and broadcast it to the P2P network. After the nodes in the network verify the legitimacy of the transaction, they will update the profile information on the blockchain. Then, the group SIM can obtain the latest profile from the network through OTA technology.

When the ownership of the group SIM is transferred, how to update the information on the blockchain? The original owner needs to generate an information registration request transaction containing the new owner's public key and broadcast it to the P2P network. After the nodes in the network verify the legitimacy of the transaction, they will update the new owner's public key to the blockchain.

How to prevent malicious third parties from tampering with group SIM information? Use blockchain technology to ensure the tamper-proof nature of data. Each block contains the hash value of the previous block, and any modification to the data will cause the hash value to change, which will be detected by other nodes in the network.

How to solve the problem of single point failure in traditional database management methods? The P2P network structure itself is decentralized, and each node saves a complete copy of the database. Even if a node fails, it will not affect the normal operation of the entire network, and other nodes can still provide services.

How to prevent malicious third parties from misappropriating unused SIM card IDs? SIM card manufacturers generate a unique ID for each SIM card during the production process and write it to the blockchain when the information is first registered. Due to the tamper-proof nature of the blockchain, malicious third parties cannot forge or misappropriate unused SIM card IDs.

How to prevent malicious third parties from performing DoS attacks on communication operators? Require information registration request transactions to include a certificate issued by the operator to verify the authenticity of the registration information. Malicious third parties cannot forge operator certificates, so they cannot register false information, thereby preventing DoS attacks.