eSIM Handbook by Achelos

**What did the increasing use of Machine to Machine (M2M) applications drive the need for?** The increasing use of Machine to Machine (M2M) applications drove the need for *embedded and inaccessible SIM cards within the device.* **What does the term eSIM refer to as defined by GSMA?** As defined by GSMA, the term eSIM refers to: > "The explicit functionality of the operating system to store multiple MNO profiles and perform remote provisioning and management of the profiles after they're issued." **What are the two things GSMA selected to ensure that eSIM technology would not compromise mobile network security standards?** The two things GSMA selected to ensure that eSIM technology would not compromise mobile network security standards are: 1. Global Platform (GP) card management standards. 2. State-of-the-art algorithms (ECC, AES). **Is every non-removable SIM an eSIM?** *No*, not every non-removable SIM is an eSIM. > **What does and doesn't define eSIM?** > *Functionality* defines eSIM. *Form factor* doesn't define eSIM. **What is the key to access a cellular network regardless of SIM type?** Regardless of SIM type, *the MNO / operator profile* is the key to access a cellular network. **What has been the core functionality of the operator profile since the inception of the first digital mobile standard?** Since the inception of the first digital mobile standard, the core functionality of the operator profile has been *the storage of subscriber credentials and the implementation of algorithms used for network access authentication.* **What are the three components an operator profile must contain at least?** The three components an operator profile must contain at least are: 1. A Mobile Network Operator Security Domain (MNO-SD). 2. A Network Access Application (NAA). 3. A file system. > **What does the Mobile Network Operator Security Domain (MNO-SD) do?** > The Mobile Network Operator Security Domain (MNO-SD) *manages the applications in the operator profile on behalf of the profile issuer (the MNO).* > > **What is the Mobile Network Operator Security Domain (MNO-SD) equivalent to on regular SIMs?** > > The Mobile Network Operator Security Domain (MNO-SD) is equivalent to *the Issuer Security Domain (ISD)* on regular SIMs. > > **What does the Network Access Application (NAA) do?** > The Network Access Application (NAA) is *an application such as SIM, USIM, and ISIM which is selected by the device in order to access the related mobile network.* > > **What does the file system of an operator profile contain?** > The File System of an operator profile contains: > 1. Data files (Elementary Files or EF) that store subscriber network information. > 2. Directory files (Dedicated Files or DF / ADF / MF) that allow functional grouping of files. > > **What can further be a part of an operator profile depending on the requirements of the operator?** > Depending on the requirements of the operator, an operator profile can further have *more applications and Supplemental Security Domains (SSDs).* **What is central to the security architecture of eSIM?** The *Security Domain (SD)* is central to the security architecture of eSIM. > **What is a Security Domain (SD)?** > A Security Domain (SD) is a special application which has: > * Key material. > * Algorithms for cryptographic operations. > * Specific privileges managing the card's applications. > > > **What are the two things a Security Domain (SD) provides?** > > The two things a Security Domain (SD) provides are: > > 1. A trusted security level for the authentication of system entities. > > 2. The protection of the integrity and confidentiality of the communication. **What are the three Security Domains (SDs) defined for eSIM?** The three Security Domains (SDs) defined for eSIM are: 1. Issuer Security Domain Root (ISD-R). 2. Issuer Security Domain Profile (ISD-P). 3. eUICC Controlling Authority Security Domain (ECASD). > **What does the Issuer Security Domain Root (ISD-R) do?** > The Issuer Security Domain Root (ISD-R) *performs eSIM management functions on ISD-Ps.* > > **What does the Issuer Security Domain Profile (ISD-P) do?** > The Issuer Security Domain Profile (ISD-P) *hosts a unique profile.* > > **What does the eUICC Controlling Authority Security Domain (ECASD) do?** [(1)](https://www.gsma.com/newsroom/wp-content/uploads/SGP_05_v1_1.pdf) > The eUICC Controlling Authority Security Domain (ECASD) *provides services to the ISD-Rs and ISD-Ps in order to perform confidential key establishments.* > > **What are the two types of Security Domains which are installed and personalized by the eUICC Manufacturer (EUM)?** > The two types of Security Domains which are installed and personalized by the eUICC Manufacturer (EUM) are: > 1. The ISD-R. > 2. The ECASD. ...