Secure Elements
Chair:
Denis Praca
The main task of our Secure Element Technologies committee (TC SET) is to develop and maintain specifications for the Secure Element (SE) and its interface to the outside world for use in telecommunication systems, for general telecommunication purposes as well as for Machine-to-Machine (M2M)/Internet of Things (IoT) communications. As these specifications are generic and application-agnostic, they can also be used as specifications for any application designed to reside in an SE, for its interface to the outside world and the ecosystem in which it is embedded.
In 2017 we will continue to discuss the potential use cases and requirements for a next generation SE. This will include possible improvements to the existing physical/electrical interface, the logical interface and the potential definition of new interfaces for removable and non-removable SEs. For non-removable SEs, interoperability may not be required in terms of physical dimensions, pin locations or the physical/electrical interface. New data structures capable of handling large amounts of data in a secure way will be needed. In addition, configurations will be specified with special emphasis on an optimised configuration for the IoT and 5G. First specifications are planned for publication in early 2018.
Work on the embedded UICC (eUICC) specifications will continue. In general terms, an eUICC is a “UICC which is not easily accessible or replaceable, is not intended to be removed or replaced in the terminal, and enables the secure changing of subscriptions”. It may be inconvenient, if not impossible, to exchange an eUICC for another one, which imposes specific constraints on the administration of an eUICC, including the electrical personalisation of the UICC. The ability to change subscription-related data in the UICC without its physical removal and replacement in the end-device necessitates new methods for provisioning identity and access credentials both securely and remotely. We are therefore working towards the specification of a technical solution to meet the requirements identified for an eUICC. Building on the first version of our TS on the physical, logical and electrical characteristics of the eUICC which was approved in 2016, work will continue in 2017 to cover open topics such as Public Key Infrastructure and configuration policy.
Our Secure Element specifications are widely used by the industry and certification bodies, and the maintenance and technical improvement of these specifications, as well as the continuous updating of our test specifications to cover new features and functions, therefore form a significant part of our work in this area. In 2017 we will therefore upgrade our existing test specifications, as necessary, to cover new releases of the respective core specifications and we will review our test descriptions to take into account experience gained in the field.