8 Security management.

02.193GPPRelease 1999Stage 1Subscriber Identity Module Application Programming Interface (SIM API)TS

8.1 Management of Applets

Security might be required during the loading of the applet from a load server onto the SIM, and the communications between the applet and any remote server during the execution of the applet code. In both cases security may involve the authentication of the communicating entities and the encryption of the data traffic between those entities.

A hierarchy of keys may be bootstrapped by initializing a set of keys by the card issuer during card personalization. Additional keys may be generated, distributed using existing keys, and equipped with limited authority. Such keys may be passed on to trusted parties and subsequently used for authentication and encryption.

8.2 Applet Certification

The role of certification is to ensure that only the authorized entities are able to download an application on to the SIM. Based on this certificate, the card shall decide whether or not to accept the downloaded application.