Wolfgang Rankl»Wolfgang Effing
`
`Smart
`11
`
`
`
`Tenant
`
`Ex.1008
`APPLEINC./ Page 1 of 13
`
`Ex.1008
`APPLE INC. / Page 1 of 13
`
`

`

`First published under the title Handbuch der Chipkarten by Carl Hanser Verlag
`© Carl Hanser Verlag, Munich/FRO, 2002
`AU rights reserved.
`Authorized translation from the 4th edition in the miginal German language
`published by Carl Hanser Verlag, Munich/FRO.
`
`Copyright© 2003
`
`John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester
`West Sussex, PO I 9 8SQ, England
`
`National 01243 779777
`International
`(+44) 1243 779777
`
`Email (for orders and customer service enquiries): cs-books@wiley.co.uk
`Visit our Home Page on www.wileyeurope.com or www.wi!ey.com
`
`Reprinted March 2006
`
`All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any fonn or by any
`means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright, Designs
`and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road,
`London WIT 4LP. UK, without the permission in writing of the Publisher. Requests to the Publisher should be addressed to the
`Permissions Department,
`John Wiley & Sons Ltd, The Atrium, Southern Gate, Chichester, West Sussex PO 19 8SQ, England, or emailed to
`permreq@wiley.co.uk, or faxed to ( +44) 1243 77057 l.
`
`This publication is designed to provide accurate and authoritative information in regard to the subject matter covered. It is sold on the
`understanding that the Publisher is not engaged in rendering professional services. If professional advice or other expert assistance is
`required, the services of a competent professional should be sought.
`
`Other Wiley Editorial Offices
`
`John Wiley & Sons Inc., l l l River Street, Hoboken, NJ 07030, USA
`
`Jossey-Bass, 989 Market Street, San Francisco, CA 94103-!741, USA
`
`Wiley-VCH Verlag GrnbH, Boschstr. 12, D-69469 Weinheim, Germany
`
`John Wiley & Sons Australia Ltd, 33 Park Road, Milton, Queensland 4064, Australia
`
`John Wiley & Sons (Asia) Pte Ltd, 2 Clementi Loop #02-01 , Jin Xing Distripark, Singapore 129809
`
`John Wiley & Sons Canada Ltd, 22 Worcester Road, Etobicoke, Ontario, Canada M9W l Ll
`
`Wiley also publishes its books in a variety of electronic fonnats. Some content that appears ih print may not be available in electronic
`books.
`
`Library of Congress Cataloging-in-Publication Data
`Rank!, W. (Wolfgang)
`[Handbuch der Chipkarten. English]
`Smart card handbook / Wolfgang Rank! and Wolfgang Effing. - 3rd ed.
`p.
`cm.
`Includes bibliographical references and index.
`ISBN 0-470-85668-8 (alk. paper)
`I. Smart cards-Handbooks, manuals, etc.
`TK7895.S62R36 l 3 2003
`006-dc22
`
`I. Effing, W. (Wolfgang)
`
`II. Title.
`
`2003062750
`
`British Library Cataloguing in Publication Data
`
`A catalogue record for this book is available from the British Library
`
`ISBN-IO: 0-470-85668-8 (H/B)
`ISBN-13: 978-0-470-85668-0 (H/B)
`
`Typeset in !O/ l 2pt Times by TechBooks. New Delhi, India
`Printed and bound in Great Britain by Antony Rowe Ltd, Chippenham Wiltshire
`This book is printed on acid-free paper responsibly manufactured from sustainable forestry
`in which at least two trees are planted for each one used for paper production.
`
`Ex.1008
`APPLE INC. / Page 2 of 13
`
`

`

`Preface to the Third Edition
`
`The English version of the Smart Card Handbook has now reached its third edition. In com(cid:173)
`parison with the previous edition, it has been considerably expanded and thoroughly updated
`to represent the current state of the technology. In this book, we attempt to cover all aspects
`of smart card technology, with the term 'technology' intentionally being understood in a very
`broad sense.
`As in previous editions, we have remained true to our motto, 'better one sentence too many
`than one word too few'. We have described this ever-expanding subject in as much detail as
`possible. Even more examples, drawings and photographs have been added to make it easier
`to understand complicated relationships. The glossary has been enlarged to include many new
`terms covering all essential co9cepts related to smart cards, and it has been enhanced with
`cross-references. In many cases, it can provide a quick introduction to a particular subject.
`Altogether, these additions, extensions and improvements have resulted in a book that is more
`than three times as large as the first edition.
`Here we can make a small comparison. Modern smart card operating systems cuJTently
`comprise 120,000 lines of source code, which roughly corresponds to two books the size of
`the present edition. Even if you are not familiar with programming, you can readily appreciate
`how sophisticated these operating systems have become.
`These small, colorful plastic cards with their semiconductor chips continue to spread from
`their original countries, Germany and France, throughout the world. In the coming years, this
`technology can be expected to outstrip all others, especially since it is still in its infancy and
`there is no end or consolidation in sight.
`Smart card technology progresses in leaps and bounds, and we attempt to keep pace by
`publishing a new edition of the Smart Card Handbook every two to three years. The Smart
`Card Handbook represents the present state of technical knowledge, and in areas that are
`presently undergoing rapid change, we indicate possible paths of evolution. If certain things
`come to be seen differently at a later date, we can only remark that no one knows what the
`future will bring. Despite this, or perhaps just because of this, we welcome all comments,
`suggestions and proposed improvements, so that this book can continue to cover the subject of
`smart cards as completely as possible. Here we would like to explicitly thank the many attentive
`and interested readers who have pointed out unclear or ambiguous passages and errors. Once
`again, an errata list for this edition will be made available atwww.wiley.co.uk/commstech/.
`We would also like to thank our many friends and colleagues who have repeatedly offered
`valuable (and occasionally somewhat uncomfortable) suggestions for making this book better
`
`Ex.1008
`APPLE INC. / Page 3 of 13
`
`

`

`xiv
`
`Preface
`
`and more complete. We would particularly like to thank Hermann Altschafl, Peter van Elst,
`Klaus Finkenzeller, Thomas GraBl, Michael Schnellinger, Harald Yater and Dieter WeiB, as
`well as Kathryn Sharples at Wiley for her helpful support and Kenneth Cox for the translation.
`
`Munich, June 2002
`
`Wolfgang Rankl
`[Rankl@gmx.net], [www.wiley.co.uk/commstech/]
`
`Wolfgang Effing
`[WEffing@gmx.net]
`
`Ex.1008
`APPLE INC. / Page 4 of 13
`
`

`

`1
`Introduction
`
`This book has been written for students, engineers and technically minded persons who want
`to learn more about smart cards. It attempts to cover this broad topic as completely as possible,
`in order to provide the reader with a general understanding of the fundamentals and the current
`state of the technology.
`We have put great emphasis on a practical approach. The wealth of pictures, tables and refer(cid:173)
`ences to real applications is intended to help the reader become familiar with the subject rather
`more quickly than would be possible with a strictly technical presentation. This book is thus
`intended to be useful in practice, rather than technically complete. For this reason, descriptions
`have been kept as concrete as possible. In places where we were faced with a choice between
`technical accuracy and ease of understanding, we have tried to strike a happy medium. When(cid:173)
`ever this proved to be impossible, we have always given preference to ease of understanding.
`The book has been written so that it can be read in the usual way, from front to back.
`We have tried to avoid forward references as much as possible. The designs of the individual
`chapters, in terms of structure and content, allow them to be read individually without any loss
`of understanding. The comprehensive index and the glossary allow this book to be used as a
`reference work. If you want to know more about a specific topic, the references in the text and
`the annotated directory of standards will help you find the relevant documents.
`Unfortunately, a large number of abbreviations have become established in smart card
`technology, as in so many other areas of technology and everyday life. This makes it particularly
`difficult for newcomers to become familiar with the. subject. We have tried to minimize the
`use of these cryptic and frequently illogical abbreviations. Nevertheless, we have often had
`to choose a middle way between internationally accepted smart card terminology used by
`specialists and common terms more easily understood by laypersons. If we have not always
`succeeded, the extensive list of abbreviations at the front of the book should at least help
`overcome any barriers to understanding, which we hope will be short-lived. An extensive
`glossary in the final chapter of the book explains the most important technical concepts and
`supplements the list of abbreviations.
`An important feature of smart cards is that their properties are strongly based on interna(cid:173)
`tional standards. This is fundamentally important with regard to the usually compulsory need
`for interoperability. Unfortunately, these standards are often difficult to understand, and in
`
`Smart Card Handbook, Third Edition. W. Rank! and W. Effing
`© 2004 John Wiley & Sons, Ltd ISBN: 0-470-85668-8
`
`Ex.1008
`APPLE INC. / Page 5 of 13
`
`

`

`486
`
`Smart Card Commands
`
`7.14 COMMANDS FOR ELECTRONIC PURSES
`
`Part 3 of the European standard for universal electronic purses, EN 1546, defines six commands
`for electronic purses and 12 commands for the security module in the terminal, which itself
`may be a smart card. The basic structures of the four most important commands used with
`smart card electronic purses8 are described here. These commands can be utilized to run an
`application in a smart card for making 'cashless' payments from a prepaid purse and refilling
`the purse. The commands for error recovery, currency conversion, parameter modification and
`canceling a payment are not described here, nor are those for the security module. The Common
`European Purse System (CEPS) specification for electronic purses defines commands that are
`very similar to those defined by EN 1546.
`The commands described here would fit just as well under 'Application-Specific Commands'
`· (Section 7.16), since they are defined specifically for this one application. They can never be
`used for any other purpose than electronic purses, since they have been optimized for this
`application. However, we dedicate a section to them because electronic purses are one of the
`main future applications for smart cards, besides telecommunications.
`All electronic purse transactions are divided into three steps according to EN 1546. In the
`first step, the card is initialized using the command INITIALIZE IEP for Load / for Purchase.
`In the second step, a command is executed to perform the actual transaction, such as filling
`the purse or paying with the purse. In the optional third step, the transaction just performed
`is confirmed. All purse commands directly access files in the purse application of the smart
`card for both writing and reading. These files hold the purse balance, log entries and various
`parameters.
`The individual steps of a purse transaction are executed using the commands described
`below. The EN 1546 standard precisely defines the internal processes of each command with
`regard to functionality and the sequence of the individual steps. All implementations thus have
`at least the same general processes.
`The INITIALIZE IEP command can be used for several purposes. A parameter is used to
`select initialization of a purse loading transaction, a purchase transaction or another type of
`transaction.
`Loading ( crediting) the purse in the smart card is initiated by the command INITIALIZE
`IEP for Load. The transferred data, such as a currency code and amount to be loaded, are
`checked in the card to see whether they match prescribed values in the parameter files. Freely
`definable data (user-determined data) can also be stored in a log file . Next, a transaction counter
`is incremented and a signature S1 is generated for various data (such as the current balance
`and expiry date), so that this information can be transferred to the terminal without risk of
`manipulation.
`-
`In the second step of the load transaction, the card essentially receives information about
`the keys to be used and a signature S2 via the CREDIT IEP command. This information
`comes from the security module in the terminal, and besides protecting the data, it allows
`the card to authenticate the security module. The smart card has already been authenticated
`with respect to the security module in the terminal by the previous INITIALIZE IEP for Load
`
`8 Command sequences and general system structures of electronic purse systems are described in detail in Section
`12.3.1, 'The CEN EN 1546 standard'
`
`Ex.1008
`APPLE INC. / Page 6 of 13
`
`

`

`576
`
`Quality Assurance and Testing
`
`a limited degree, since the provider usually does not have all the necessary technical expertise
`and capabilities. The second option, which is assigning the tests to another party, is currently
`regarded by all concerned as an acceptable solution.
`This same problem has existed for many years with software and systems developed for
`military use. It is thus not something that is new in the smart card world. In order to establish
`metrics for the trustworthiness of software products, which means to make it objectively
`measurable, the US National Computer Security Center (NCSC) issued a catalog of criteria
`for evaluating the trustworthiness of information technology systems in 1983. NCSC was
`founded in 1981 by the American Department of Defense (DoD). The publication of 'Trusted
`Computer System Evaluation Criteria' (TCSEC) followed in 1985. This book had an orange
`binding, so it has come to be generally known as the 'Orange Book'. These criteria serve as
`guidelines to the NCSC for the certification of information technology systems.
`The TCSEC has become an international model for practically all criteria catalogs in the
`information technology field. In Europe, specifically European criteria have been defined,
`although they are based on the TCSEC. They were first published in 1990 as the 'Informa(cid:173)
`tion Technique System Evaluation Criteria' (ITSEC), and a revised version was issued in
`1991.
`The Common Criteria (CC) were created in order to provide a uniform standard for testing
`the correctness of software. They can be regarded as representing the essential elements of the
`TCSEC and the ITSEC. The Common Criteria are also better organized for the evaluation of
`software than the TCSEC or the ITSEC. Although the first version of the Common Criteria was
`published as early as 1996, it has not yet supplanted the TCSEC or the ITSEC.2 The Common
`Criteria have also been published as an international standard (ISO 15408). In contrast to the
`ITSEC, which has six levels, the Common Criteria have seven levels of trustworthiness. It is
`relatively easy to make the transition from an evaluation based on the TCSEC or the ITSEC to
`one based on the Common Criteria, since all of these catalogs have many features in common.
`However, since in the smart card field in particular the ITSEC is still used as the essential basis
`for software evaluation, we refer only to this catalog in the following description.
`Occasionally, the requirements of the PIPS 140-2 standard are taken into account in per(cid:173)
`forming evaluations, in addition to the ITSEC and the CC. This standard specifies four possible
`security levels for security modules, which can be considered to include smart cards, and pro(cid:173)
`vides detailed descriptions of seven requirement areas related to security. The contents of this
`standard are very practically oriented.and also deal with details of technical implementation,
`such as criteria for the quality of random-number generators.
`Regardless of the method used, an evaluation process has four characteristics. First, it must
`be unbiased, which means that the evaluator must not have any preconceived ideas regarding
`the item to be evaluated or its producer. The second characteristic is that the evaluation process
`must be objective and structured to minimize the significance of personal opinions. The third
`characteristic is that the same result must be obtained if the evaluation process is repeated.
`The final characteristic is that the evaluation process must be reproducible, which means that
`a different tester or testing agency must reach the same conclusions.
`One of the most important considerations in any evaluation is defining the security targets
`for the target of evaluation (TOE). The target of the evaluation is the object to be tested,
`
`2 The TCSEC, ITSEC and CC are available at no charge from many Interne; sites (e.g., the CC at [NIST] )
`
`Ex.1008
`APPLE INC. / Page 7 of 13
`
`

`

`682
`
`Smart Cards in Payment Syst,
`
`The background system has complete control of the electronic payment system, regard
`of the system architecture. Even with systems that work completely offline, the backgro
`system establishes the global system parameters and monitors the security and operatio1
`the system.
`
`Network
`
`The network links the background system to the terminals. The connections may
`circuit-switched (e.g. ISDN) or packet-switched (e.g. X.25). As a rule, the network is
`tally transparent to the data traffic, which is passed unmodified from the sender to
`receiver.
`
`Terminals
`
`The various types of terminals can be classified as either loading terminals or payment
`minals, according to their functions with respect to payments. They can also be classifie<
`automated terminals or attended terminals. The classic example of an automated termim
`a cash dispenser (ATM). In electronic purse systems, automated terminals are primarily u
`only to load cards. It would naturally also be conceivable to allow an electronic purse tc
`emptied using such a terminal, with the balance being paid out in cash. Attended terminals
`typically located at supermarket checkouts and in retail shops. They are always used to pay
`goods. In some systems, terminals in banks can also be used to load smart cards in excha
`for cash payments.
`
`Smart cards
`
`Smart cards are the most widely distributed component of the system. They can be usec
`electronic purses, but they can also be used as security modules in various types of termin
`Another use is transporting data between various system components. Cards for this purp<
`which are called transfer cards, are used to manually transfer transaction data from a term
`that works completely offline to one that works online (such as a cash dispenser).
`The example system shown in Figure 12.4 illustrates the system components and their log
`connections. The background system, which may be the background system of a diffe1
`operator or a component of the system itself, is connected to the other components vi
`transparent network.
`Electronic purses are must commonly loaded using cash dispensers, most of which ope:
`online, although they can also operate offline for a limited time in the event of a network fail1
`For this reason, they have their own security modules, which hold all of the keys necessary
`normal operation and key derivation.
`There are also electronic purse payment systems that operate fully offline. Two exam1
`are parking meters and terminals in taxis. In such cases, transfer cards can be used to trans]
`the transaction data from the security modules to a ca~.!1 dispenser, from which they reach
`
`Ex.1008
`APPLE INC. / Page 8 of 13
`
`

`

`13.2 The GSM System
`
`General packet radio system (GPRS)
`
`735
`
`GPRS is a packet-switched bearer service defined in GSM 01.60 and GSM 02.60. It supports
`a theoretical maximum data transmission rate of up to 115.2 kbit/s for uplink and downlink.
`
`13.2 THE GSM SYSTEM
`
`The smart card used in GSM mobile telephones, which is called the 'subscriber identity module'
`(SIM), was and still is the pioneer in terms of functionality and memory capacity. This is in part
`due to the fact that smart cards used in mobile telephones: whose manufacturing costs are several
`hundred euros, are significantly less price sensitive than other types of smart cards, such as those
`used for electronic payments or medical applications. Another decisive factor with regard to
`smart card technology is the generally high rate of evolution of the entire telecommunications
`sector. The pioneering position with regard to technology and standardization that is presently
`held by the SIM, in comparison with all other smart card applications, is the reason why this
`topic is described here in such great detail.
`GSM,whichwascommercially inaugurated in 1992, became the international standard for
`mobile.tekcoIW!).µnications systems within only a few years. This includes transmitting not
`only/voice butalso data, which are presently still primarily transmitted in .the form of 'short
`messages' using SMS. In mid-2001, there were a total of 400 mobile telecommunications
`networks in 171 countries based on the GSM standard, with more than 565 million subscribers.
`Moretllan 20 billion short.messages are transmitted every month.4 Mobile telecommunications
`networks based on the GSM standard often have country-specific designations. In Germany,
`forinstance, the four operational GSM networks are called the D~Netz (900-MHz and 1800-
`MHzGSM variants) and the E-Netz (1800-MHz variant), and in Austria the GSM network is
`in part also referred to as the A-Netz.
`Specification of the GSM system started in 1982 under the auspices of the Conference
`Europeenne des Pastes et Telecommunications (CEPT). The objective was to generate a speci(cid:173)
`fication for a transnational, interoperable mobile telecommunications network. In the course of
`time, these efforts led to the conclusion that it was possible to draft specifications for a transna(cid:173)
`tional, interoperable andISDN-compatible digital cellular mobile telecommunication system
`operating in the 900-MHz band. The Groupe Special Mobile was founded for this purpose,
`which.gave rise to the original abbreviation 'GSM'. In 1986, the GSM Permanent Nucleus
`was ~stablished, with headquarters irrParis, to coordinate the generation of the specification. It
`was later also responsible for specifying a wide variety oftests for system components. From
`atec~nical p¢rspective, it is interesting to note that a number of the technologies that were
`cllos<:;n for GSM at that time were fully new and untested in practice. For instance, the air
`in.t~tface using a combination oftime-division multiple access with frequency-division multi(cid:173)
`pl~access and digital data transmission was totally unexplored territory for large-scale mobile
`telecommunication applications. These decisions led to many technical problems, particularly
`in the system development stage, but from the present perspective they can be regarded as a
`fortunate choice, since GSM proved to be an innovative system that was not burdened with the
`technical ballast of the early days of mobile telecommunications.
`
`4 A good overview of current statistical figures and network operators can be found at GSM World [GSM]
`
`Ex.1008
`APPLE INC. / Page 9 of 13
`
`

`

`13.2 The GSM System
`
`Location area information (LAI)
`
`745
`
`The LAI is the unique position information of the mobile station. It is used in combination with
`the TMSI to generate a unique subscriber identity. The LAI consists of a three-digit country
`code (CC), a two-digit mobile network code (MNC) and a location area code (LAC), which
`has a maximum length of five digits.
`
`Mobile station ISDN number (MSISDN)
`
`The MSISDN is the dialing number of the mobile station. It is independent of the subscriber
`identity (IMSI).
`
`Temporary mobile subscriber identity (TMSI)
`
`The TMSI is a temporally and spatially limited subscriber identity with a length of four bytes.
`It is used to protect the true subsc1iber identity. The TMSI is only unique in combination with
`the location area information (LAI). The TMSI is assigned by the VLR, where it is also stored.
`
`13.2.4 The subscriber identity module (SIM)
`
`The Slfy:'[ is a mandatory -Security module located in the mobile telephone of a GSM system
`as an !-(Xc;;hapgeable component. It is defined as follows in the GSM 02.17 specification: 'The
`SIM is anentity that contains the identity of the subscriber. The primary function of the SIM
`is to secure the authenticity of the mobile station with respect to the network ' .
`Be~iQyS .its primary. functions of holding the identity of the subscriber, which is realized
`using aPIN, and authenticating the mobile station with respect to the network, the SIM also
`perlorms a number of other functions. It allows program execution to be protected against
`manipulation, and it makes it possible to store data such as dialing numbers, short messages
`and p~r~onal configuration settings for the mobile telephone. In addition, it is the bearer for
`secure supplementary services used with mobile telecommunications.
`Two different SIM formats are used in the GSM system. In mobile telephones designed to
`allow the SIM to be exchanged relatively often, the ID-1 format is used. This is based on the
`idea of a company or family telephone with a separate card for each user. Mobile telephones
`with small dimensions, whose SIMs are intended to be ~xchanged only rarely, use plug-in
`SIMs in the ID-000 format. However, the only difference between the two types of SIMs is the
`physical size of the card. Their logical and physical characteristics are otherwise fully identical.
`Since the mid- l 990s, mobile telephones have become more or less personal accessories. This
`has had an effect of the size of card used, since it is no longer necessary to exchange the card
`depending on who is using the telephone. Already in 1995, half of all ID-1 cards sold were
`punched to allow a card in ID-000 format to be broken loose, and since 1998 practically all
`cards have this feature .
`Communications between the mobile equipment and the SIM use the T = 0 protocol with
`the standard parameters, as specified in ISO/IEC 7816-3. The data transmission convention can
`
`Ex.1008
`APPLE INC. / Page 10 of 13
`
`

`

`774
`
`Smart Cards in Telecommunicati,
`
`Table 13.7 The proactive SIM smart card commands specified for the SIM Application Toolkit in
`GSM 11.14. Note that the commands listed here are sent to the terminal by the smart card, rather th,
`from the terminal to the smart card as usual. Certain commands can only be used if they are support1
`by the hardware configuration of the mobile equipment
`
`Command
`
`User interface
`DISPLAY TEXT
`
`GETINKEY
`
`GETINPUT
`
`LANGUAGE NOTIFICATION
`
`PLAY TONE
`SELECT ITEM
`
`SET UP IDLE MODE TEXT
`
`SETUP MENU
`
`Second card terminal
`GET READER STATUS
`
`PERFORM CARD APDU
`
`POWER OFF CARD
`
`POWER ON CARD
`
`Network interface
`CLOSE CHANNEL
`GET CHANNEL STATUS
`
`OPEN CHANNEL
`RECEIVE DATA
`
`RUN AT COMMAND
`
`SEND DATA
`
`SENDDTMF
`SEND SHORT MESSAGE
`
`Brief description
`
`Show a text or icon passed with the command on the display c
`the mobile station.
`Show a text or icon passed with the command on the display c
`the mobile station, followed by requesting a character from th
`keypad.
`Show a text or icon passed with the command on the display c
`the mobile station, followed by requesting one or more
`characters from the keypad.
`Advise the mobile equipment of the language used by the Silv
`Application Toolkit in the text fields.
`Instruct the mobile equipment to issue a tone.
`Transfer a selection list to the mobile equipment with the
`instruction that the user is to select an item.
`Show a text or icon passed with the command on the display c
`the mobile station while the mobile station is switched on but
`not in use.
`Transfer a menu list to the mobile equipment with the
`instruction to integrate it into the menu structure of the mobile
`equipment.
`
`Request the status of a supplementary card terminal in the
`mobile station.
`Send an APDU to the smart card located in a supplementary
`card terminal in the mobile station.
`Deactivate the smart card located in a supplementary card
`terminal in the mobile station.
`Activate the smart card located in a supplementary card
`terminal in the mobile station.
`
`Instruct the mobile equipment to close a_data channel.
`Instruct the mobile equipment to return the status of a data
`channel.
`Instruct the mobile equipment to open a data channel.
`Instruct the mobile equipment to receive data via an open data
`channel.
`Transfer an AT command to the mobile equipment and execut
`the command in the mobile equipment, followed by passing th
`result back to the SIM.
`Instruct the mobile equipment to transmit data via an open <lat
`channel.
`Transmit a DTMF during a current voice connection.
`Transmit a short message.
`
`Ex.1008
`APPLE INC. / Page 11 of 13
`
`

`

`16.1 Glossary
`
`965
`
`the various stages of the -'>- life cycle of a smart card. In the simplest case different security
`environments would be defined for the personalization and subsequent use of the card, so that
`different file -'>- access conditions would be specified for the different stages of the smart card
`life cycle. Write access would be allowed to all files for personalization, but for normal use
`the access conditions would be specified according to the actual -'>- application.
`
`Security module
`
`A component that is secured both mechanically and computationally and is used to store secret
`data and execute cryptographic algorithms. It is also known as a secure application module
`(SAM), hardware security module (RSM) or host security module (HSM).
`
`Security target
`
`In the context of an-'>- evaluation, security targets describe the mechanisms to be tested for the
`-'>- target of evaluation. They thus represent a sort of requirement~ catalog for the evaluation.
`The security targets for specific types of targets of evaluation and specific application areas
`for targets ofevaluation can be described using -'>- protection profiles.
`
`Seed number (seed)
`
`A random number used as the initial value for a pseudorandom number generator.
`
`Sequence control
`
`A method for specifying a compulsory sequence of activities. For example, the correct sequence
`of -'>- commands for mutual authentication of a -'>- smart card and a background system can
`be enforced using sequence control in the smart card. This is done by specifying the states
`and state transitions of a state machine in the -'>- smart card operating system that defines the
`command sequence that must be followed. 47
`
`Serial data transmission
`
`A type of data transmission in which individual data bits are sent sequentially along a data
`line. (-'>- parallel data transmission)
`
`Service provider
`
`In a smart card system, an entity offering services that are used and paid for by a user. In the
`case of an electronic purse system, a service provider is an entity that receives money from the
`electronic purse of a purse holder in exchange for goods or services.
`
`47 See also Section 5.8, 'Sequence Control'
`
`Ex.1008
`APPLE INC. / Page 12 of 13
`
`

`

`968
`
`Appendix
`
`SIM (subscriber identity module)
`
`The usual designation for a GSM-specific smart card.51 It is a mandatory security module that
`is present in mobile telephones in an exchangeable form. It may be the same size as a standard
`credit card (ID-1 format), or it may be a small plug-in card in the ID-000 format. The SIM
`bears the identity of the subscriber, and its primarily function is to secure the authenticity
`of the mobile station with respect to the network. Additional functions include executing
`programs with protection against manipulation (authentication), user identification (using a
`PIN) and storing data, such as telephone numbers. The equivalent of the SIM in the UMTS is
`the - USIM. 52
`
`SIM Alliance [SIM Alliance]
`
`A consortium founded in 1999 by Gemplus, G + D, ORGA and Schlumberger in order to ailti\V
`services developed for WAP to also be used with non-WAP-capable mobile telephones.Fqr ~j§
`purpose, the SIM must have a SIM-Alliance-capable browser and the mobile. telyp~~nf ~)§t
`support GSM Phase 2+. This allows the - SIM to control the mobile telephone via th~.~•~JM
`Application Toolkit to the extent that the majority of WA