Method for exporting on a secure server data comprised on a UICC comprised in a terminal

摘要

A method for exporting on a UICC in a terminal. An export request signed by the UICC, is transmitted by the terminal to a secure server. The server verifies the signed export request by comparing the signature and the identity of the UICC. The server sends a signed export certificate to the UICC via the terminal. An export package containing the data is prepared, signed and encrypted by the UICC, and sent to the terminal. The terminal transmits the export package to the server. The server signs an acknowledgment message and transmits it to the UICC via the terminal. In the UICC, the data that have been exported is destroyed, and a signed acknowledge message is sent to the server via the terminal. The server makes the data available for a further transfer to a new terminal or UICC.

主权项

1. A method for exporting on a secure server data comprised on a UICC in a terminal, said method comprising:
on export request, signing an export request by said UICC, said signed export request being transmitted by said terminal to said server; verifying, at the level of said server, said signed export request by comparing the signature and the identity of said UICC; if said verification is positive, sending by said server a signed export certificate to said UICC via said terminal; verifying said export certificate in said UICC and, if said verification is positive, preparing an export package containing said data, said export package being signed and encrypted by said UICC; sending said export package to said terminal and setting the exported data as “unusable” in the UICC; transmitting from said terminal to said server said export package; receiving said package and verifying said signature at the level of said server; signing an acknowledgment message and transmitting it to said UICC via said terminal; in said UICC, verifying said acknowledgment message and, if the signature of said server is recognized, destroying the data that have been exported and sending a signed acknowledge message to said server via said terminal; and verifying the signature of said acknowledge message in said server and, if said signature is recognized, making said data available for a transfer.