登录/注册
小程序
传感搜
传感圈

Operator Lock-In for IoT Devices and How To Avoid It

iotforall
2022-11-06 13:55:46
关注

Operator Lock-In for IoT Devices and How To Avoid It
Illustration: © IoT For All

If IoT is going to meet its potential and help power Industry 4.0, some aspects of IoT need to change. One major problem facing IoT solutions is SIM operator lock-in. When deploying a device with a SIM card, it’s standard to be locked into one connectivity provider.

Manually changing SIM cards is a way to avoid SIM operator lock-in. But IoT devices aren’t designed with replacing SIMs in mind. SIMs are often soldered onto devices and encased in plastic. Additionally, most IoT devices are in remote, hard-to-reach locales, making SIM swapping difficult.

To better future-proof your devices, it’s vital that you make sure SIM keys are your property when sourcing cellular IoT connectivity. When you control SIM keys for UICC SIMs, it’s possible to transfer operator credentials over the air (OTA).

Read on for information on how and why it’s important to eliminate vendor lock-in for cellular IoT devices.

What is SIM Operator Lock-In?

When you sign an agreement with an MNO or MVNO (mobile (virtual) network operator), a “vendor lock-in” clause is almost certainly included. A vendor lock-in in this case essentially means that the SIM cards you buy from the operator can only connect via their authority.

'One major problem facing IoT solutions is SIM operator lock-in.' -OnomondoClick To Tweet

If you decide to change connectivity providers for your deployed fleet of devices, you must remove all SIM cards and put in new ones. In other words, the SIM cards you purchase are not completely yours.

Such lock-ins exist primarily for two reasons: operator codes and commercial decisions.

Operator Codes

One reason operators choose not to transfer ownership of SIMs is that they don’t want to expose sensitive credentials.

To transfer ownership of a SIM, you need to change the IMSI (International Mobile Subscriber Identity) on the SIM with an OTA update and give the new operator the derived operator code (OPc) and the encryption key (Ki) for each SIM.

Most (if not all) operators use a single Operator Code (OP) across all SIMs on their network.

OPs and the encryption keys (Ki) are used to create unique derived operator codes (OPc’s) for each SIM.

If a bad actor could obtain enough Ki’s and OPc’s, they would be able to figure out the operator’s OP. This information can be used to hack into other SIMs on that operator’s network. If this occurs, the network becomes vulnerable to DDOS attacks.

This security weakness is a big part of the reason why many operators will not hand over SIM keys.

Commercial reasoning

Operators don’t want to hand over SIM keys because they want to keep their customers.

In this scenario, it’s a commercial decision to not enable freedom to leave. Operators simply want to reduce customer churn by making it harder for a company to leave their service.

Because it costs a lot to change SIM cards on IoT devices by hand, you are less likely to leave.

What is Freedom to Leave?

Freedom to Leave is a concept in IoT that means companies have full control over SIM cards and how they work with operators. This is easiest to achieve when you own all of your SIM cards, including sensitive authentication credentials.

Operators who support Freedom to Leave will transfer SIM credentials (IMSI, OPc, and Ki) to a new provider.

Some IoT connectivity operators generate random Operator Codes (OPs) for each SIM. Therefore, bad actors would not be able to calculate a network-sensitive OP from OPc’s and Ki’s as it doesn’t exist. That’s why a few modern operators can hand over SIM keys without making themselves vulnerable to attacks.

What might surprise some people is that it has been possible to OTA update SIMs since 2003. You can read the original 3GPP overview here: Over-The-Air (OTA) technology – 3GPP TSG SA WG3 Security (PDF download).

What About eSIM (eUICC)?

Some of you might be thinking that eSIM (eUICC) offers a solution to the problem of SIM operator lock-in.

eSIMs allow users to remotely provision carrier profiles on SIMs. This means that the networks/carriers available on a SIM card can be updated OTA and there’s no need to manually swap SIMs.

However, there are still lock-ins when using eSIMs.

eSIMs (eUICC SIMs) require a record (ECASD) on them that contains details like the eSIM platform’s IP address. The ECASD is hardcoded onto SIMs and cannot be altered once it has been put in place.

So, your eUICC SIM will be locked to its first eSIM management platform, and as long as you use the SIM, you are stuck with the features—or lack thereof—of that platform.

Why is Freedom to Leave important?

We think Freedom to Leave is important because it will make it easier for IoT to flourish.

The ability to change operators 2, 5, and 10+ years after deploying devices opens up new possibilities in a solution’s lifetime and doesn’t artificially constrain commercial options.

Here is a summary of the 4 benefits of Freedom to Leave:

1) Improved Business Adaptability

Future-proof your business by having the ability to switch SIMs to another network operator. If an opportunity arises that requires the features of another provider, you should be able to change.

2) Enhanced Security Benefits for Devices

Operate your fleet with increased levels of protection against bad actors due to better SIM isolation. If a bad actor accesses sensitive information from one SIM, it won’t affect the rest of your fleet.

3) Lower Total Costs from SIM Card Replacement

Save money in the long run by reusing SIM cards on multiple devices. Not only will there be no need to purchase new SIMs, but there will also be no reason to replace them manually.

4) Less Waste and A Lower Carbon Footprint

Minimize your business’s footprint by reusing perfectly-functioning technology. Rather than discarding or recycling deactivated SIM cards, use them as long as they can function.

Plan For An Uncertain Future

You want control of SIM cards because technology is rapidly changing and the best decision for your solution today may not be the same in 2, 5, or 10 years.

If you decide it makes sense to switch to a different network operator, modern operators should assist in transferring the SIM credentials to another GSMA-certified entity.

When SIM profiles are handed over, the new operator will update the credentials OTA on the SIM cards and devices so they can connect to their network.

Freedom to Leave, although simple, is a critical part of future-proofing your IoT solution.

Tweet

Share

Share

Email

  • Device Management
  • Cellular
  • Connectivity
  • Cybersecurity
  • Network and Protocols

  • Device Management
  • Cellular
  • Connectivity
  • Cybersecurity
  • Network and Protocols

参考译文
物联网设备的运营商锁定及其避免方法
插图:© IoT For All --> 如果物联网(IoT)要实现其潜力,助力推动工业4.0的发展,那么物联网的某些方面需要进行改变。目前,物联网解决方案面临的一个主要问题是SIM卡运营商锁定(lock-in)。在部署带有SIM卡的设备时,通常会被锁定在一个通信运营商上。手动更换SIM卡是一种避免运营商锁定的方法。但物联网设备并不是为更换SIM卡而设计的,SIM卡往往被焊在设备上并被塑料封装。此外,大多数物联网设备都位于偏远或难以到达的地区,使得更换SIM卡变得困难。为了更好地为未来做好准备,确保在采购蜂窝物联网连接时SIM密钥完全属于你非常重要。当你掌控UICC SIM卡的SIM密钥时,就可以通过空中下载(OTA)方式转移运营商证书。继续阅读,了解更多有关为何以及如何消除蜂窝物联网设备中的供应商锁定问题。什么是SIM卡运营商锁定?当你与移动网络运营商(MNO)或虚拟运营商(MVNO)签订协议时,协议中几乎肯定包含一项“供应商锁定”条款。在这种情况下,供应商锁定意味着你从运营商购买的SIM卡只能通过他们的权限连接。“物联网解决方案面临的重大问题之一是SIM卡运营商锁定。”——Onomondo 点击推文(Tweet)如果你决定为已部署的设备更换网络运营商,就必须取出所有SIM卡并换上新的。换句话说,你购买的SIM卡并不是完全属于你的。这种锁定现象主要出于两个原因:运营商代码和商业决策。运营商代码 运营商之所以不转移SIM卡所有权,是因为他们不希望暴露敏感凭证。要转移SIM卡的所有权,你需要通过OTA更新修改SIM卡上的国际移动用户识别码(IMSI),并为每个SIM卡提供派生运营商代码(OPc)和加密密钥(Ki)给新的运营商。大多数(如果不是全部)运营商会在其所有SIM卡上使用相同的运营商代码(OP)。OP和加密密钥(Ki)用于为每个SIM卡生成唯一的派生运营商代码(OPc)。如果恶意行为者能获取足够的Ki和OPc,他们就能推断出运营商的OP。这可以被用来攻击该运营商网络上的其他SIM卡。如果出现这种情况,整个网络就容易受到DDOS攻击。这种安全漏洞正是很多运营商不愿交出SIM密钥的原因。商业原因 运营商之所以不交出SIM密钥,是因为他们希望保留客户。在这种情况下,他们出于商业考虑,不希望客户拥有自由更换运营商的能力。运营商想通过提高客户更换服务的难度,来减少客户流失。由于手动更换物联网设备上的SIM卡成本很高,你就不大可能选择离开。什么是“自由离开权”? “自由离开权”是物联网中的一个概念,意指公司对SIM卡及其与运营商的交互拥有完全的掌控权。当你拥有所有SIM卡及其敏感认证凭证时,这一目标最容易实现。支持“自由离开权”的运营商会将SIM凭证(IMSI、OPc和Ki)转移到新的运营商。一些物联网连接运营商为每张SIM卡生成随机的运营商代码(OP),因此,恶意行为者无法通过OPc和Ki推算出网络敏感的OP,因为这种OP并不存在。这就是为什么一些现代运营商可以在不使自己容易受到攻击的情况下交出SIM密钥。可能会让一些人惊讶的是,早在2003年,通过OTA更新SIM卡就已经成为可能。你可以在这里阅读最初的3GPP概览:Over-The-Air(OTA)技术 —— 3GPP TSG SA WG3 Security(PDF下载)。关于eSIM(eUICC)的情况如何? 有些人可能认为eSIM(eUICC)是解决SIM卡运营商锁定问题的方案。eSIM允许用户远程在SIM卡上配置运营商资料。这意味着SIM卡上的可用网络/运营商信息可以通过OTA更新,无需手动更换SIM卡。然而,使用eSIM时仍然存在锁定问题。eSIM(eUICC SIM)需要在其上记录一条记录(ECASD),其中包含eSIM平台的IP地址等信息。ECASD被硬编码在SIM卡中,一旦设定就无法更改。因此,你的eUICC SIM将被锁定在其最初使用的eSIM管理平台上,只要继续使用这张SIM卡,你就只能依赖这个平台的功能(或缺乏的功能)。为什么“自由离开权”很重要? 我们认为“自由离开权”很重要,因为它将使物联网更容易蓬勃发展。在设备部署多年后(2年、5年甚至10年以上)仍能更换运营商,为解决方案在其生命周期中带来新的可能性,避免了人为地限制商业选择。以下是“自由离开权”的四个主要优势:1)提升企业适应能力 通过随时更换SIM卡到另一个运营商,为企业的未来发展做好准备。如果出现需要其他运营商功能的商业机会,你应该能够灵活地做出改变。2)增强设备安全性 由于更好的SIM隔离,你可以更有效地防范恶意行为者的攻击。如果恶意行为者从一张SIM卡中获取了敏感信息,其他设备不会受到影响。3)降低SIM卡更换的总体成本 通过在多个设备上重复使用SIM卡,长期节省成本。不仅不需要购买新的SIM卡,也没有必要手动更换它们。4)减少浪费并降低碳足迹 通过重复使用性能完好的技术设备,最小化企业的环境足迹。你可以继续使用已停用SIM卡,而不是丢弃或回收它们。为不确定的未来做好准备 你希望掌控SIM卡,因为技术发展迅速,你今天做出的决策可能在2年、5年或10年后就不再适用。如果你决定更换运营商,现代运营商应协助将SIM凭证转移到另一个GSMA认证的实体。在SIM配置文件转移时,新的运营商将通过OTA方式在SIM卡和设备上更新凭证,使它们能够连接到他们的网络。“自由离开权”虽然看似简单,却是为你的物联网解决方案未来做好准备的重要组成部分。TweetShareShareEmail 设备管理 蜂窝通信 网络与协议 网络安全 设备管理 蜂窝通信 网络与协议 网络安全
您觉得本篇内容如何
评分

声明:本文内容及配图源自互联网收集,目的在于传递更多信息,并不代表本网赞同其观点或证实其内容真实性,不承担此类作品侵权行为的直接责任及连带责任。如涉及作品内容、版权等问题,请联系本网处理,侵权内容将在一周内下架整改。

评论

您需要登录才可以回复|注册

提交评论

iotforall

这家伙很懒,什么描述也没留下

最近发布
查看更多
广告
期刊文献
查看更多
最新文章

相关阅读

加载更多

iotforall

这家伙很懒,什么描述也没留下

关注

点击进入下一篇

Airtel 在印度推出永远在线的物联网
提取码
复制提取码
点击跳转至百度网盘

取消 确认