Machine to Machine (M2M) Communication is seen as a form of data communication between entities that may have
no human interaction. One of the challenges with M2M communication is that deployed M2M equipments are managed
remotely without any direct human interaction with the device.
This Technical Report considers the M2M Equipment as a device that could be a fully self-contained device or a device with interfaces to attach, for example, sensors and on-site service equipment. The current 3GPP system defines the use of a USIM/ISIM application in a UICC as a means of protecting users (until now mostly human users of mobile terminals) and network operators from fraudulent use of the network. Since some of the original assumptions on the use of a USIM/ISIM application in a UICC did not take into account the requirements of M2M Equipment and users, the current UICC based solution needs to be reviewed against the new assumptions that arise from M2M.
The scope of this Technical Report is to study the remote subscription management for M2M Equipment (M2ME) when
the Machine Communications Identity Module (MCIM) application resides in the UICC and when the MCIM
application resides in the M2M equipment. The remote subscription management includes tasks such as remote
subscription provisioning and/or remote change of subscription.
The scope of this study includes the definition of a trust model for remote subscription management for M2ME. Security threats and security requirements are identified, and an evaluation of the candidate solutions is presented.