1NCE Developer Hub

The 1NCE technical Developer Hub

Welcome to the 1NCE technical developer hub. You'll find comprehensive guides and documentation to help you start working with 1NCE technical as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

UBIRCH - SIM Blockchain

Using Blockchain with 1NCE SIMs.

Together with UBIRCH, we have boosted our 1NCE IoTIoT - Internet of Things, a network of embedded devices exchanging data with other services over the Internet Flat Rate by adding a blockchain security component to our IoTIoT - Internet of Things, a network of embedded devices exchanging data with other services over the Internet FlexSIM card to combine high quality IoTIoT - Internet of Things, a network of embedded devices exchanging data with other services over the Internet connectivity with blockchain-based IoTIoT - Internet of Things, a network of embedded devices exchanging data with other services over the Internet security. The outcome is the Blockchain on a SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. solution. The following sections of the guide will provide an overview of the features and implementation offered by the UBIRCH Blockchain solution.

Functional Description

The SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. application client provides signature and chaining services to seal original data, generated on embedded devices through the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. card. It takes care of packaging the hashed data and signing the package into the UBIRCH PROTOCOL PACKET (UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package.) . Sending the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. to the UBIRCH backend must be handled by the customer application. At the backend the anchoring in the blockchain is performed. The backend can also be used to verify already anchored UPPs.
The original data must be stored in a customer database to be able to execute verification requests at a later stage. UBIRCH does not store any original sensitive data!

If the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. Card is used together with the UBIRCH test kit, the sensor data is sent to the UBIRCH Simple Data Service, which stores the data. It is an example for a data service to be implemented by the customer.

UPP data is sent to the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. application via SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. APDU commands. The data encoding and handling of AT commands is done by the library code. Each SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. card comes pre-provisioned with a UUIDUUID - Universally Unique Identifier, a 128-bit number used to identify information in computer systems. Universally Unique Identifier) and a cryptographic key pair that is registered with the UBIRCH backend system and just needs to be claimed using the IMSIIMSI - International Mobile Subscriber Identity, a subscriber number in a mobile network used to identify the SIM. of the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. at the UBIRCH console.

To claim the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. and start working with the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. Application, simply follow the steps in Setup SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. card and device . If you still cannot manage to setup your device, please also check the UBIRCH FAQs and if this does not help, Contact UBIRCH.

UBIRCH TRUST SERVICE

The UBIRCH Trust Service is a fast cloud-based backend responsible for identity management, blockchain anchoring, device and account management. It offers simple to use RESTREST - Representational state transfer, a software architectural style that uses a subset of HTTP. APIAPI - Application Programming Interface, defines interactions between software applications. endpoints to anchor incoming UPPs and to verify received data.

To improve performance, scalability and to keep transaction cost manageable, the UBIRCH Trust Service creates its own merkle-tree structure, aggregating incoming UPPs into larger root-hashes, which get anchored into a blockchain every minute.

The Trust Service is built as a Kubernetes cluster being hosted on Microsoft AZURE. All performance-critical components can equally be deployed on-premise, should the necessity arise. It is optimized for very high throughput.

Sealing & Verifying Process

The following two sections will shortly describe the two most important processes of sealing and verifying data.

In general the process always consists of:

  1. Seal data at the point of its 'birth' with the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package..
  2. Anchor the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. into the blockchain.
  3. Verify received data against its UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. in the blockchain.

Seal and Anchor Data

The following simplified sequence diagram uses pseudo code to show the process of sealing and anchoring data. This example shows the usage of an application which is sharing data /measurements, test results) with any kind of data receiver. This is just an example to show the process and not necessarily the exact final architecture to use UBIRCH.

  1. The customer device creates data.
  2. The customer device hashes the data, as a unique digital fingerprint.
  3. The customer device sends the hash to the UBIRCH NANO client on a SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network., where a signed UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. is created.
  4. The customer device sends the data to the customer application for storage and further processing.
  5. The customer device sends the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. to the UBIRCH TRUST SERVICE.
  6. The UBIRCH TRUST SERVICE verifies the origin of the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. by checking the signature.
  7. The UBIRCH TRUST SERVICE aggregates the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package..
  8. The UBIRCH TRUST SERVICE anchors the UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package. in the public blockchain.

Verify Data

Each received data packet which has been sealed with the UBIRCH CLIENT (has been ubirched) at the place of its 'birth', can easily be verified by the receiver, regarding its authenticity, integrity and chain validity. Since the seal is not directly attached to the data and anchored to the blockchain, the verification can be done by anyone, who has (access to) the data. This process is completely independent from the channel of transmission, which has been used to share the data and is also beyond any system boundaries.
The following simplified sequence diagram uses pseudo code to show the process of verifying UBIRCHed data (HASH-method).

  1. The customer application acquires the data to verify.
  2. The customer application recreates the hash of the data, like it was created on the device (before creating the original UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package.).
  3. The customer application sends this hash to the verification endpoint of the UBIRCH TRUST SERVICE.
  4. The UBIRCH TRUST SERVICE looks up the original UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package., based on the incoming hash.
  5. The UBIRCH TRUST SERVICE checks the signature of the found UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package..
  6. The UBIRCH TRUST SERVICE looks up the blockchain transaction, which contained the according UPPUPP - UBIRCH Protocol Packet, takes care of packaging the hashed data and signing the package..
  7. The UBIRCH TRUST SERVICE returns OK (or NOK) and all the proofs needed to cryptographically reproduce the validation result.

Libraries & Implementation

The UBIRCH client is provided as a SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. application (SIGNiT) and additional library code that handles the communication between customer code and the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. card application. The library code is provided as open source. A hardware test kit based on Pycom modules is available.
Library Source Repository: https://github.com/ubirch/ubirch-protocol-sim
TestKit Source Repository: https://github.com/ubirch/ubirch-testkit

Requirements

  • A system with access to a modem that supports AT+CSIM commands.
  • Alternatively a ubirch test kit.

Security Considerations

The SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. application is protected by a unique PINPIN - Personal Identification Number, a numeric passcode used in the process of authenticating a user accessing a system.. The example test kit code handles retrieving the PINPIN - Personal Identification Number, a numeric passcode used in the process of authenticating a user accessing a system. from the UBIRCH backend. Developers should consider storing this PINPIN - Personal Identification Number, a numeric passcode used in the process of authenticating a user accessing a system. securely on the device, as it is the key to cryptographic functionality provided by the SIMSIM - Subscriber Identity Module, stores sensitive customer information to authenticate a subscriber on a mobile network. application.

Support & Contact

Need help with the UBIRCH Blockchain? Feel free to reach out to the Ubirch Helpdesk

Updated 2 months ago


UBIRCH - SIM Blockchain


Using Blockchain with 1NCE SIMs.

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.


© 2021 1NCE GmbH

Imprint
Terms and Conditions
Data Protection
Disclaimer