4 Introduction

22.0483GPPSecurity mechanisms for the (U)SIM application toolkitStage 1TS

The USIM Application Toolkit as described in TS 31.111 [3]is a set of commands and procedures for use during the network operation phase of 3G and GSM. It allows operators to create specific applications resident on the UICC. There exists a need to secure USIM Application Toolkit related communication over the 3G and GSM network, (e.g. SMS, USSD, and future transport mechanisms) with the level of security chosen by the network operator or the application provider.

It is assumed in the present document that the Sending and Receiving Entities are in a secure environment.

The appropriate security mechanisms are described in the present document.

The security mechanisms cover the following security requirements:

– unilateral authentication from network to UICC;

– unilateral authentication from UICC to network;

– message integrity;

– replay detection;

– proof of receipt;

– message confidentiality.

Figure 1: System overview