摘要 |
The invention concerns a method for remote subscription management of an eUICC (23) cooperating with a terminal (24), the eUICC (23) comprising a private key (Prkeu) and a public certificate (Cert-eu) signed by its manufacturer, the public certificate (Cert-eu) also comprising an information allowing a subscription manager server (20), with no prior knowledge of the eUICC (23), to decide if it can agree to manage the eUICC (23), the method comprising:
a- At the occurrence of an event, establishing a secure channel between the terminal (24) and the subscription manager server (20) by using the public certificate (Cert-eu) and dedicated cryptographic services of the eUICC (23);
b- Sending from the terminal (24) to the subscription manager server (20) a subscription management request, being considered as an enrolment request by the subscription manager server (20);
c- Verifying, thanks to the information comprised in the received public certificate from the eUICC (23), in the subscription manager server (20) if the eUICC (23) is entitled to be managed by the subscription manager server (20) and, if yes:
d- Performing a key establishment procedure between the subscription manager server (20) and the eUICC (23) by using the eUICC (23) public certificate, this step being the enrolment of the eUICC by the SM-DP;
e- Establishing between the subscription manager server (20) and the eUICC (23) a secure channel with the keys generated at step -d-;
f- Executing by the subscription manager server (20) the subscription management request on the eUICC (23). |