With the advent of the 3G era of mobile communications technology, the three major telecom operators have successively launched new 3G services, of which value-added services will replace voice services and become the main income of telecom operators. However, how to use the advantages of 3G network to adopt different marketing methods from the 2G era, the three major telecom operators have adopted multimedia technology as the main promotion method, ensuring users to learn about and use new 3G services.
The graphical interface SIM card is different from the original SMS-only SMS technology [1], but allows users to access the data information stored on the SIM card through the browser on the mobile phone to discover and select the operator's data service; at the same time Operators can use the back-end server to update data services in a timely manner, or they can subdivide user groups to achieve personalized service promotion and experience. Graphical interface SIM card adopts SCWS (Smart Card Web Server, smart card network server) technology, combines the Internet, mobile network, mobile server platform, relying on the data transmission speed of 3G network, put all kinds of applications on the SIM card, users Simply replace the SIM card of the mobile phone to achieve the purpose of using these applications, so that the operator has the initiative to introduce new value-added services. This article introduces the system application environment, interface technology, and security protocol of the graphical interface SIM card based on SCWS technology.
2 Graphical interface card
The early mobile phone SIM card was mainly used as a carrier for personal identity authentication and identification information. With the rapid development of chip technology and the development of mobile technology, mobile phone SIM cards have increasingly become carriers of mobile services such as value-added services and e-commerce. In the existing SIM card, local services such as brand services, super-number books, maps, and directories have been installed, and they are also updated by SMS, but their visibility and speed are not satisfactory.
The graphical interface SIM card allows users to browse the music, ringtones, videos, etc. pre-stored in the graphical interface SIM card in a graphical manner using the browser on the mobile phone, try the data service of interest in the offline media library, and guide the user to choose And purchase this service; operators can subdivide user groups according to the business promotion situation at leisure, and update the offline media library in the graphical interface SIM card in time to ensure that operators quickly promote new services and increase revenue from digital services.
3 System application environment
The graphical interface SIM card system application environment [2] is shown in Figure 1.
1) Remote management server: This server is an OTA (Over-The-Air over-the-air download) server located at SCWS, which is used to realize the timely update, management, and statistics of the content on the SIM card;
2) Mobile phone terminal supporting SCWS: used for communication between the mobile phone terminal and the SIM card to realize the content access of the mobile phone terminal to the card, which complies with the SCWS Gateway (SCWS Portal) in the OMA-Smart_Card_Web_Server-V1_0-20080421-A [2] specification All the necessary functional requirements of the software; at the same time comply with the requirements of the specification, provide a 3516 (HTTP), 4116 (HTTPS) port, and proxy SCWS card as an HTTP-server service;
3) Graphical interface SIM card: The SCWS application defined by the Open Mobile Alliance (OMA) is preset. The application is located on the HTTP / 1.1 WEB server on the SIM card side and provides static (xHTML and related files to the mobile terminal HTTP client software ) And dynamic (generated by servlets) data information, which realizes the communication between the mobile terminal and the graphical interface SIM card, and realizes the logical separation without having to rely on the current telecommunications-based communication; at the same time allows the full definition of the Open Mobile Alliance (OMA) Management protocol (Full Admin Protocol) to manage the content of the graphical interface SIM card.
Figure 1 SCWS application environment
There are two types of SCWS working modes, namely server mode and client mode:
1) Server-side mode: When the terminal browser browses the graphical interface SIM card locally, SCWS is in the BIP (Bearer Independent Protocol, bearer independent protocol) server mode; through the BIP protocol, the mobile terminal allows the graphical interface SIM card and remote Transparent data transmission between servers is more conducive to the transmission of high-speed mobile data services. At this point, SCWS provides static (xHTML and related files) and dynamic (generated by Servlets) content for mobile browsers. Servlet is a standard Java Card Applet, which allows the graphical interface SIM card to provide services such as usage tracking, advertising banner management, and dynamic page generation;
2) Client mode: When the operator / service provider updates the graphical interface SIM card through the remote server, SCWS is in BIP client mode. At this time, the mobile operator can periodically update the localized content of the SIM card. The mobile terminal user can also initiate an update request to the server to obtain data from the server. At this time, SCWS also works in the client mode.
4 System communication interface
There are two kinds of communication in the application environment of this system: graphical interface SIM card and remote management server; graphical interface SIM card and mobile terminal [3].
4.1 The communication interface between the graphical interface SIM card and the remote management server
That is, the communication interface between SCWS and the remote management server is used to manage the content of SCWS or update the configuration of SCWS. Use HTTP protocol or BIP client mode, follow the full management protocol (Full Admin Protocol) defined by OMA to open the channel between SCWS and the remote management server, or use the secure channel defined by HTTPs.
4.2 Graphical interface SIM card and mobile terminal communication interface
That is, the communication interface between SCWS and the mobile terminal is used to realize the local browsing of the graphical interface SIM card by the mobile terminal browser. Use HTTP protocol or BIP server mode.
The interface between the SCWS and the mobile phone terminal runs on a logically independent communication channel, which is independent of the telecommunications channel, so that the mobile phone application can communicate with the SCWS deployed by the operator in the smart card.
SCWS communicates with the mobile terminal using HTTP protocol. The mobile terminal browser does not require any additional functions to present SCWS content. The application on the mobile terminal can connect to the SCWS through the IP address. SCWS adopts an open architecture, allowing multiple "smart card-mobile phone" protocols to be used as local bearers for transmitting HTTP requests and responses. SCWS responds to HTTP requests from HTTP applications (eg, browsers) built into mobile terminals.
The mobile terminal accesses SCWS through a built-in gateway, which converts the TCP / IP protocol into a local transmission protocol between the mobile terminal and the smart card. HTTP requests and responses are sent directly to SCWS through the local transmission protocol between the mobile terminal and the smart card. The local access URL passed to SCWS by the terminal is assigned two TCP ports: HTTP port 3516 and HTTP port 4116.
There are two protocols used by SCWS and mobile phone HTTP application communication: BIP server mode; TCP / IP transmission protocol.
1) BIP server mode If the smart card does not have its own IP address and does not directly support the TCP / IP protocol, the BIP gateway in the terminal can be used as a protocol converter. The TCP / IP protocol is used for communication between the HTTP application in the terminal and the BIP gateway; the BIP protocol is used for communication between the BIP gateway and the smart card.
HTTP applications (such as browsers) in mobile phones use the returned IP address as BIP gateway addressing. BIP gateway * SCWS, two ports must be opened: open ports for HTTP requests from mobile phone HTTP applications; open ports for HTTP over TLS (HTTPs) requests. When an HTTP application in a mobile phone is connected to SCWS via a BIP gateway and starts data exchange, SCWS can open another BIP channel (using the Open Channel command) to allow other HTTP applications in the mobile phone to connect to SCWS to achieve multiple Connect at the same time of the application.
2) TCP / IP transmission protocol If the smart card has its own IP address and directly supports TCP / IP, and the mobile terminal supports direct IP access from the smart card, TCP / IP is regarded as the communication between the HTTP application on the mobile phone and the SCWS on the card Preferred protocol.
There is a set of preset ports: port 80 for HTTP communication and port 443 for HTTPS communication are the default ports. In this case, the HTTP application in the terminal can directly communicate with SCWS without relying on the mobile phone's built-in BIP gateway. Therefore, SCWS will * default port and secure port in response to HTTP requests and HTTP over TLS requests from mobile phones.
5 Security Agreement
In order to ensure the security of transmission, Transport Layer Security (TLS) is used to provide a safe and reliable transmission mechanism for both parties to the communication to ensure the privacy and integrity of the transmission. One-way or two-way authentication can also be used as required . TLS works in client-server mode, where the end that initiates authentication is called the client, and the end that responds is called the server. In most cases, the TLS client uses the public key certificate method to authenticate the server, and the two-way authentication can use the public key certificate method or the pre-shared key PSK-TLS method.
When SCWS acts as a local HTTPS server, it must be able to implement HTTP over TLS using a public key, or HTTP over TLS using PSK-TLS.
1) HTTP over TLS with PSK-TLS
When sharing a symmetric key between SCWS and a connected host (such as a remote management server), PSK-TLS is used.
SCWS must support the following encryption algorithms:
TLS_PSK_WITH_3DES_EDE_CBC_SHA [PSK-TLS]
TLS_PSK_WITH_AES_128_CBC_SHA [PSK-TLS]
2) Public key pair and device certificate
SCWS should be able to use a public key key pair and store them in a secure area. These keys can only be used for TLS implementation or card application verification, which is determined by the card issuer's internal security policy. SCWS should also embed a device certificate for the public key, which is provided by the card issuer and signed by an authoritative issuer.
The public key pair and device certificate should be used for server authentication on TLS (such as TLS secondary authentication). If SCWS uses a public key pair and device certificate, it must support all of the following encryption algorithms:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
SCWS must support server authentication using TLS1.0, and should be able to use WAP profiled X.509 server certificate [WAPCert].
3) Support TLS extension
Due to capacity limitations or bandwidth limitations, SCWS must determine a smaller maximum fragment length. Extensions allow the use of the following fragment lengths defined (default is 2 ^ 14):
2 ^ 9 (1), 2 ^ 10 (2), 2 ^ 11 (3), 2 ^ 12 (4), (255)
The card management agent can use [RFC3546] to define the negotiated maximum fragment length. The management server needs to support [RFC3546] to define the negotiated maximum fragment length. HTTP clients connected to SCWS can use [RFC3546] to define the negotiated maximum fragment length. SCWS requires Support [RFC3546] to define the maximum fragment length negotiated, and it can also support the maximum fragment length from 512 bytes to the minimum. If the client does not negotiate a definition, SCWS needs to accept the predefined 16K as the TLS fragment length.
4) Session recovery
SCWS should support session recovery as defined by TLS and can use a longer session period (eg 12 hours). The session recovery process should follow the relevant definitions in TLS1.0.
6 Summary
The use of the graphical interface SIM card technology breaks through the limitation that the SIM card can only support SMS short message services. The graphical interface is introduced into the SIM card to support the promotion of GPRS, EDGE, UMTS data network services, so that users do not have to connect to the network , Can be used even in areas where the network cannot cover, and does not incur any cost; at the same time, operators can customize the SIM card as needed, timely update the content of the smart card network server SCWS, can track and count the user's usage behavior, and regularly send to the server statistics Analysis to adjust business promotion strategies in real time, creating a controllable platform for operators to showcase the best services and solutions, and boosting the rapid development of 3G services.
The fiberglass cloth winding tube made of alkalifree glass fabric and binded with epoxy resin, in heatrolling and tightening, baking and curing, with high mechanical property and stable electrical property in high humidity, suitable for being used as insulation structural parts of mechanical, electrical and electronic equipment.
The epoxy glass fiber sleeve is made of alkali-free glass fiber impregnated with epoxy resin solution and is wound around the axis at an angle of 50 to 60 degrees. It is formed by uninterrupted fiber wet winding and heated and cured after molding Insulation products. The product has high temperature resistance. Good insulation performance, high electrical performance and mechanical strength are easy to be processed, and can be made into B-class, F-class, H-class heat-resistant insulating products according to user requirements.
Product diameter Φ5mm-Φ5000mm, product length> 20mm or more optional, product wall thickness> 2mm or more optional, product shape cylindrical tube, square tube, hexagonal tube, special-shaped tube, oval tube.
Fiberglass Tube,Fiberglass Winding Tube,Pultrusion Fiberglass Tube,Reinforced Pultrusion Fiberglass Tube
Yingkou Dongyuan Electrical Insulation Board Co.,Ltd , https://www.dy-insulation.com