SCP Activity Report 2005
Chairman: Klaus Vedder (Giesecke & Devrient GmbH)
Responsible for the development and maintenance of a common Integrated Circuit (IC) Card platform for all mobile telecommunication systems, for the application independent specifications for the interface with terminal equipment and for IC Card standards for general telecommunications, m-commerce and high security applications.
The main task for ETSI Technical Committee Smart Card Platform is to maintain and expand the smart card platform specifications for 2G and 3G mobile communication systems on which other organisations can base their system-specific applications. In particular, this allows users access to global roaming by means of their smart card, irrespective of the radio access technology used. TC SCP also has an important part to play in the growth of mobile commerce, by developing and maintaining the specifications for IC cards to secure financial transactions over mobile communications systems. The specifications of TC SCP are generic in the sense that they provide a true multi-application platform (called UICC), not just for mobile communication systems but for all applications using a smart card.
Work continued throughout the year on Release 7 of the Smart Card specifications which is scheduled for completion in 2006. The general functional requirements of the UICC for this Release, together with use cases, are contained in a new ETSI Technical Specification. New work was initiated in 2005 on the requirements for the connectivity to a Smart Card Web Server located in the UICC, including potential backward compatibility issues. This work will be based on an Open Mobile Alliance (OMA) specification. In addition, the requirements for a High Speed Protocol to run between the UICC and the terminal have been specified. Such a high speed protocol is of great importance because it will allow the exploitation of new chips with large memory – for example, (Universal) Subscriber Identity Modules ((U)SIMs) for 2G and 3G telecommunication systems which could transform current (U)SIMs into a very powerful platform for secure value added services such as multimedia file management and the storage of the Man-Machine Interface of the terminal. Throughout the year there was considerable discussion about the relative merits of the various candidates for a High Speed Protocol, which included USB for smart cards and the Multi Media Card protocol (MMC) protocol, as well as a potential fall-back solution specifying a high speed synchronous protocol.
Two major Technical Specifications, which form core elements of Release 7, were finalised and published in 2005. One of these addresses identity files and procedures on a UICC, and collates the functional requirements from the Liberty Alliance and other ‘identity’ fora that may have similar requirements; the second TS concerns USSM (the UICC Security Services Module). The USSM offers security services to applications on the UICC through an Application Programming Interface (API) with standardised functions, and can store and manage access to sensitive data. Different applications could use different keys but, through access mechanisms, it is also possible to share keys, especially when using Public Key Infrastructure (PKI) technology. Possible areas where the USSM could add significant value are Digital Rights Management (DRM), secure e-mail, payments, banking and application download (to both the card and the terminal device). Work in this area will continue in 2006 with the development of Stage 2 of the USSM.
Other ongoing work in TC SCP includes the specification of extreme UICC environmental conditions such as temperature range, humidity, vibration, acceleration and shock; Internet connectivity to the UICC over the new high speed interface; specification of a secure channel between a UICC and an endpoint terminal; and requirements for UICC-external peripherals data exchange, in particular to provide an interface for the UICC to access contactless technology in the terminal. This would allow the terminal to be used as a contactless device, for instance, for accessing underground lines and offices as well as for making micro-payments using an electronic purse on the UICC.
TC SCP responds to requests from both within the committee and outside ETSI and the TC therefore continues to liaise with major outside contributors such as the GlobalPlatform, the GSM Association, the Third Generation Partnership Projects (3GPP™ and 3GPP2) and the OMA.