Monday, November 1, 2010

More on Apple software SIM and implications for R&E/community networks

[There has been a lot of traffic in the blogosphere about the recent rumours of Apple producing a software SIM. I have collected together here a number of useful pointers and commentaries on the subject. As I mentioned before software SIMs pose a significant opportunity for R&E/community networks to extend their geographical reach to students, researchers and (for community networks funded under BTOP for example) the general public. With a software SIM, R&E networks can add a variety of security features such as Eduroam/Shibboleth authentication/authorization via the SIM and build out WiFi or WhiteFi extended networks using their connected institutions as a hub. In fact they may want to make that a condition of service that any connected institution allow the operation of a mast and antenna to extend reach of the network. A great example is the WhiteFi experiment going on in East Huston in partnership with Rice University. Many companies are now building low cost, solar powered GSM, WiFi network devices for this market. The key issue is making sure that users purchase their smart phone or SIM enabled PC from the manufacturer rather than the telco as mentioned in the article below– that way the telco cannot block access to the SIM. After purchase the customer can then contract for 3G/4G access from their favourite telco. Owing and operating a fiber backbone provides the R&E networks with the ability to easily backhaul this traffic and provide much higher bandwidth capabilities then with a traditional 3G/4G network. I also agree with Rudolph van der Berg that I think R&E and community networks should be allowed to get their own IMSI numbers as the network of things (i.e. machine to machine communications) becomes a critical component of research cyber-infrastructure. Given the limited number of IMSI allocations it probably makes sense for national R&E networks to be assigned such numbers –BSA]

Berners-Lee Wants Free, Mobile Data

Cell phones have reached nearly ever corner of the globe. Sixty percent of the world’s population have phones and one in four have Internet access. But Range Networks doesn’t think that’s good enough. The startup, which is launching today at DEMO Fall 2010, believes that everybody on the planet should have access to Web-connected cell phones. And it believes it can enable cell phones that are so cheap they can be operated profitably with $2- to $3-a-month subscriptions.

Range Networks says it can do this not with bargain-basement technology, but by applying sophisticated chips and clever ideas to the problem of providing basic phone service in areas that are normally out of reach. ...

No broadband price wars? It’s the duopoly, stupid

Researchers at Northwestern University’s Kellogg School of Management did a recent study looking at why the broadband services market hasn’t seen the type of price declines over the years that have affected other technology sectors. Their answer: It’s a supplier’s market that doesn’t labor under the scrutiny of price regulation.

InformationWeek has more:
Professor Shane Greenstein found that a decision in 2003 to leave regulation up to the broadband companies themselves ‘has caused much of the stagnation in broadband service prices,’ according to an article in the September issue of Kellogg Insight, a publication of Northwestern’s Kellogg School of Management.
File this under “thing that should be painfully obvious.” Broadband is still subject to the telco-cable duopoly in most markets, and their idea of price competition is to throw out a limited-time promotion or a special price tag on a bundle that gets you to sign up for two other services.

An Apple Integrated SIM: What It Could Mean
Earlier this week, I reported on rumors that Apple and Gemalto were developing a SIM that Apple could integrate into its iPhone motherboard. In the emails, comments and phone calls that have poured in since then, I’ve received confirmation of the rumors, (although still no word from Apple or Gemalto) and gotten a lot more context about what this move might mean.
While the idea of Apple cutting out mobile operators by selling the device with a SIM already inside — and the ability to choose your carrier via an App Store download — is the most obvious option being discussed, there are plenty of other options that might also be on the table, from a mobile payment scheme to Apple launching its own bid to become a cell-phone company that uses other carrier networks. Let’s break it down.
The Payment Game
The idea here is that Apple would use the integrated SIM not only as the keys to the carrier kingdom, but also as the keys to the banking kingdom. After all, Gemalto has a big business in secure payments, and Apple has already filed some interesting patents when it comes to hardware that could offer payments on a cell phone. The mobile payments market is potentially huge, and Apple has the experience to get it right, and a significant interest in doing so. With iTunes, it already has the credit card information from 160 million consumers, which has enabled a frictionless app-buying experience from its handsets.
Apple clearly has an interest in expanding its payments efforts beyond digital goods and into the real world, where it could not only capture additional revenue from processing fees, but also change the device game by turning the iPhone into a mobile wallet. Integrating such a feature into the handset as opposed to the clunky dongles in use today would appeal to the Apple design aesthetic. I’m pretty sure Steve Jobs doesn’t have a few dongles dangling from his key chain so he can swipe and go at his local gas station.
Apple Becomes a Carrier (sort of)
For those who are focused on the carrier side of the equation, it seems I didn’t go far enough in my initial analysis. Several folks pointed out that the SIM card move could allow Apple to create a network of operators that provide service, and thus turn itself into a mobile virtual network operator or MVNO. MVNOs are popular in other parts of the world, where companies resell access on mobile broadband networks to certain populations. Several companies attempted that in the U.S. around demographics like sports or teens, but generally failed. Prepaid is one area where it has been successful, which could be an interesting option as a way of getting Apple’s iPads onto a network, for example.
There’s Room for Debate
The biggest debate in the comments of the original story centered around whether people would pay full price for a handset, since under such a model, consumers wouldn’t sign a data contract with a carrier. I think some people would, and some wouldn’t, but I do think there are still ways to offer a subsidy, even if Apple could offer folks access to a network directly. Carriers could still offer subsidies if users sign a contract, and even Apple could offer some kind of discount.

I don’t think those are very likely scenarios, but if Apple succeeds in changing the relationship between device sales and the mobile network, rest assured handset vendors and companies like Dell or Samsung that see huge opportunities in the mobile device space would hop on the bandwagon faster than you could swap out a SIM card. Those companies aren’t known for producing high-margin hardware as Apple is, so their devices may be less of a squeeze on consumers’ wallets, and those companies might also work out some kind of subsidy of their own.
I also heard about some really interesting options for this type of SIM for the machine-to-machine market, and about services that provide virtual SIMs already such as Truphoneand MaxRoam. So keep the ideas and information coming, and let’s hope that Apple can push its vision forward.

Melding Wi-Fi with digital TV 'white space'

Rice University researchers have won a $1.8 million federal grant for one of the nation's first, real-world tests of wireless communications technology that uses a broad spectral range -- including dormant broadcast television channels -- to deliver free, high-speed broadband Internet service. The five-year project calls for Rice and Houston nonprofit Technology For All (TFA) to add "white space" technology to the wide spectrum Wi-Fi network they jointly operate in Houston's working-class East End neighborhood.
The TFA Wireless network, launched in 2004 with a grant from the National Science Foundation (NSF), today uses unlicensed frequencies ranging from 900 megahertz (MHz) to 5 gigahertz. The new grant -- also from the NSF -- will allow researchers to take advantage of new federal rules that allow the use of licensed TV spectrum between 500 MHz to 700 MHz. The network will dynamically adapt its frequency usage to meet the coverage, capacity and energy-efficiency demands of both the network and clients.
The new grant will pay for the development and testing of custom-built networking gear as well as smart phones, laptops and other devices that can receive white-space signals and seamlessly switch frequencies -- in much the way that today's smart phones connect to the Internet via either Wi-Fi or a cellular network. The grant will also allow Rice social scientists to conduct extensive studies in the neighborhood to find out how people interact with and use the new technology.
"Ideally, users shouldn't have to be concerned with which part of the spectrum they're using at a given time," said Rice's Edward Knightly, the principal investigator on the project. "However, the use of white space should eliminate many of the problems related to Wi-Fi 'dead zones,' so the overall user experience should improve."
White space is a telecom industry moniker for unused frequencies that are set aside for television broadcasters. Examples include TV channels that are unused in a particular market, as well as the spaces between channels that have traditionally been set aside to avoid interference.
Dewayne-Net RSS Feed:


From Rudolph van der Berg’s Blog:
How regulator's and Telco's are holding up the Internet of Things
Where do we use M2M?
There are many ways of doing machine to machine communication. Much of it is already done in Scada systems and generally uses wired networks. One of these may be analysis systems for hundreds of thousands of sensors in chemical plants. All of this is wired communication. However unlike chemical plants most systems don't sit nicely in one place, they either move or are too distributed.
• When going outside of individual sites like chemical plants, fields with windturbines etc and going into the general society there are still a gazillion machines that could benefit from a communication module. Such machines are:
• beer ceggs in bars, to check on quality and beerlevels.
• trains to check on seat availability, roundness of the wheels, info displays etc. The average Dutch train now has 4-5 communications devices
• sewage pumps
• water pressurizers in high rises
• fire extinguishers of various kinds, sprinklers, but also gas (require specially trained personel for access)
• streetlighting: A colleague is working on LED streetlights that are more energy efficient change color and intensity based on the situation. ie presence of people or to warn people of oncoming ambulances or to guide people to and from a concert.
• smart meters: two types are available. Those for residential use are mostly in a pilot fase. Those for high use customers send values every few minutes to allow for peak shaving and real time trading.
• consumer electronics, like the 1.4 million devices TomTom now has that are equipped with real time traffic data, or the Amazon Kindle 3G or the Kindle DX, but also other devices like digital photo frames.
• Transport applications: Like eCall, OnStar, monitoring by lease and rental companies etc. Cooperative Vehicle Information Systems (CVIS) etc.


The biggest business problems have to do with the whole lifecycle of the device. What makes M2M different from consumer communications, is the lack of the consumer. The consumer can be trusted upon to change handsets every couple of years and to do all the practical work, like switching SIM-cards, choosing operators etc. Unfortunately M2M devices have to function for 30 years in the field without tender loving care. Some examples of problems identified:

1. The costs of roaming: One of the big problems, certainly for consumer electronics, but also for other devices is, that you never know where they will be used. An Italian may buy a GPRS equipped TomTom or Kindle in Amsterdam and use it Croatia. The device has to work everywhere and preferably also with the lowest roaming rate available. Working everywhere isn't a big problem with the coverage GSM offers. Getting an efficient roaming rate is however very hard. I've heard it to be compared to Sudoku multivariate analysis. No matter who you choose, if they are the cheapest in Scandinavia, they are the most expensive one in Southern Europe and if they are cheap in Eastern Europe, it's expensive in Western Europe. At the end of the analysis, all networks cost exactly the same per month The reason for this is that no network is truly global and the other networks have no reason to play nice. They just see a device that belongs to a foreign competitor, so there is no reason to drop prices. For all they know and care it's a consumer, who will be fleeced by it's home network for using data roaming abroad. The solution may be to use different devices for different countries, but then the Italian guy can't buy a TomTom in Amsterdam and use it in Croatia. Furthermore retailers don't like devices that are country specific. They want the flexibility to buy one device and distribute according to need across Europe. Producers preferably want one device for the global market. The only market that is a bit exempt of this is North America, only a few networks and continent wide coverage of some sorts.

2. Getting full coverage in a country. Unfortunately most fixed applications and some mobile applications suffer from the fact that perfect wireless coverage is almost impossible. If the telco changes antenna orientation or someone parks a truck or builds a building in the line of sight, signals can get lost. This happened for instance to a municipality who had equipped some traffic lights with GPRS to allow them to coordinate the flow of traffic, then one day the orientation of the antenna changed and service was lost to two traffic lights, gone too was a perfectly managed traffic flow and back were the traffic jams. Really bad is it that in most cases the competing networks still have perfect coverage. So how do you get a device to use the network that is available, regardless of whose it is.

3. Switching mobile operators: There are a myriad of reasons why a large scale end-user may want to switch part or all of the M2M devices from one network to another. Some of them include; switching supplier of network, merger with another company, selling of part of the M2M devices to some other company etc. Just imagine what happens if Sony would sell its eReader business to Amazon. Amazon may not want to stick with Sony's mobile network provider. Another example that got me involved in this discussion. A customer was faced with a European procurement procedure for mobile communications services and wanted to know how it could prevent future SIM-swaps as these were getting costly for their 10k devices (which most likely would grow substantially in the coming years). The costs are in the either logistical chain. First of all getting the right SIM to the right person, managing who uses what and where. Do you switch during regular maintenance or when the SIM-switch is. Regular maintenance can be once every 5 years or never in case of smart meters. All of this is problematic, difficult and often underestimated at first. So it costs serious money to fix.

4. Lack of innovation: It’s quite possible to use SIM-cards to authenticate over other networks than just the GSM network. One could think of automatic authentication on wifi-networks for instance. Unfortunately telco’s are currently blocking much of the needed innovation, because of a fear it would cannibalize their revenue in data sales.

So yes, these are some pretty big issues
Is there really no technical fix for the three issues?
People have suggested I didn't look to closely at the technical solutions, so I'll review those that have been suggested to me. Do understand that on the SIM-card there is a unique IMSI that is tied to an operator and operator specific encryption. The first six digits of an IMSI-number are used to find the network that the device belongs to and authenticate it:
1. Multi-SIM devices. Why not stick a SIM-card of every operator you want to deal with in the device and you're done. This solution has some appeal and may work for fixed locations. Most countries have only 4-5 physical networks. So if you disregard the MVNO's, then putting 4-5 SIM-cards in a device should do the trick. Of course when working on an international or global scale this fails quickly; there just isn't any space in the device for all the SIM-cards. Furthermore even mobile markets change, in NL alone in the last couple of years 2 networks stopped operating, when bought by competitors and likely 2 new one's will start in the coming years, when the spectrum is auctioned. So Multi-SIM is rather static. Furthermore, SIM's often carry a monthly charge regardless of them being used. This is because telco's often pay per 'activated' device to their suppliers, so this solution increases costs.
2. Multi-IMSI devices: Why bother with physical SIM's if you can put multiple IMSI's and associated crypto-keys on to one SIM. This might be a solution, However, telco's hate the security implications of it. There is also a question whose SIM-card it will be if all those IMSI's are present. At the moment the SIM-card is owned by one network. And it's a terrible waste of IMSI's, you need one IMSI per operator that could possibly be used. Assuming global coverage, that's more than 800 not counting MVNO's. Multi-IMSI is used sometimes, but mostly by operators with for instance a European footprint who load their IMSI's unto the SIM-card to allow for local coverage. Vodafone NL does this by loading a German IMSI unto phones of Dutch customers who want to be able to call, should the Vodafone network go down. The phone then switching to the German IMSI, which does allow for roaming anywhere in the Netherlands.
3. Over the Air provisioning: This has been extensively researched by the security working group of the 3GPP. They have some interesting solutions, which are described in my report. However, the mobile telco's hate it. The GSMA who represents them has said twice that it hates any form of over the air updating of SIM-cards. It sees it as an abomination. So unless they change their mind, it's a definite no no for this solution.
4. IP-adresses will fix this: sorry, but unfortunately being tied to a mobile operator happens at a layer below the IP-adress. So it may well be that a company can span it's corporate IP-adresses all the way to M2M devices. They may also be able to use different IP-adresses, but this doesn't fix the problem. Changing mobile operators requires that different IMSI's are used and you can't change IMSI's over IP.
So there you have it... technology doesn't save the day. Not the on the technological side and as we will see, not on the business side either.

Business problems not fixed by technology
Even if we would be able to use a technical fix, unfortunately it won’t fix all business issues. These two below are the most impartant ones.
• The price of roaming is fixed by the telco whose network you aren’t roaming on.:The biggest problem for a large scale M2M user is that he is completely dependent upon his mobile telco. The M2M user can only do what his telco allows him to do. This is true for the choice in technology, but even more so for the choice of roaming partners. The way roaming works is that telco's charge eachother a wholesale price for roaming. This wholesale price X is secret. The retail price that the large scale M2M user pays is X plus something Y. But because X is secret, Y is unkown too. So the customer only knows he's paying X+Y. It is impossible to verify if X or Y went up or both if the rates change. Also for the networks that the customer is roaming on, it's impossible to distinguish the customer based on IMSI-number. How would they know for sure that a specific IMSI belongs to that specific M2M application. All they see is that it belongs to Vodafone UK or T-Mobile NL. It might as well be a consumer. Now you might be able to bypass that with Over The Air updates, but which telco is going to allow his customer to change IMSI’s so that they can quickly hop over to another network.
• The lack of competition: Another problem, closely related, is the lack of competition for an M2M end-users business when roaming. In most countries there are 4-5 mobile operators. All of whom would love the M2M business of 50,000 foreigners roaming in their country with cars, eReaders etc. However generally all of them are contracted by the home network of the M2M user. So there are no competitive prices for the user. What the M2M user would like to do is choose 1 or 2 of those 5 networks to roam on. the cheapest ones preferably.
So why is the regulator holding up the future of the Internet of Things?
Well, as stated in the study, if large scale end-users could use their own IMSI's, then all these problems would be solved. Devices could have national and international roaming There would be competition to offer roaming. One device could be sold globally. All of this controlled by the large scale M2M user.

However regulators have created a world where it isn't easy to get access to IMSI-numbers. Only public networks can get them and public is a vague term. Changing the rules to allow private networks access to these numbers is however scary because of unfounded fears:
1. IMSI number scarcity: The current design of IMSI numbers allows for one million ranges to be issued. Well over half of that range hasn't been allocated to countries yet.
2. 3 digit MNC’s:In Europe all the regulators hand out 5 digits of an IMSI to the mobile operatos as the identification of their mobile network. The standard allows for 6. Some people worry that stuff may break if we move to 6. However some parts of the rest of the world use 3 digits too. Most notably North-America. The technical people tell me it shouldn’t be a problem.
3. Unfair competition: If private networks could connect, they could compete with public networks in an unfair way, because they don’t have to abide by the same rules. This is completely wrong. A private network implies it’s private and therefore not directly competing with a telco in the market. It just means a company decided to take matters into it’s own hand
4. ITU rules or European law isn’t up to it. In my opinion it wouldn’t break European law, just bend it a little, the same with the ITU.
5. Etc.
6. The scariest thing may be that it creates a world where the regulator is less relevant at first sight. It cannot determine anymore the right to participate in the market place up front. It may find out that private networks also will call upon the regulator for its services or to have disputes settled. All of this is scary on an institutional level. Instead of the usual 10-20 people that alway show up at the regulator’s office to represent the telecom industry and 1 or 2 to represent the users, things might change drastically.
7. Lastly it’s scary, because it’s the internet way of doing things. All the internet cares about is whether there is a network that needs interconnection. RIPE, ARIN, LACNIC, AFRINIC and APNIC have proven with AS-numbers and Provider independent AS-numbers, that they can efficiently run a numbering space that allows everyone access and creates a dynamic and highly competitive market for interconnection that hardly needs any regulation. If we use the same rules to give access to E.164 and E.212, the telephony world would be way more competitive then it now is, with less regulator involvement.
So please, if you know a regulator, ask them to consider this. Thousands of companies and consumers will thank you later on.


Hi Bill,
A few comments on this posting. I agree with you on the advantages of using a crypto device that you already carry (your mobile phone). […] For network access EAP-AKA can be used, also to authenticate to eduroam. So while I applaud NRENs leading the way, I don't think it is an either or situation but rather and and. Authentication via a smartcard that you hold is an attractive proposition for increasing security whether this "PKI" is operated by the NREN themselves or not.
Klaas W.

twitter: BillStArnaud
skype: Pocketpro