SIM and eSIM Provisioning for Our Private CBRS Network at EOB8

At EOB8, secure and efficient device access is a cornerstone of our private Citizens Broadband Radio Service (CBRS) network. Provisioning SIM cards (physical or embedded/eSIM) ensures that only authorized devices can connect, leveraging standard LTE/5G authentication protocols for robust security. This page explains the provisioning process in an educational and operational context, highlighting how we make it straightforward for our team, partners, and compatible devices to join the network.

Why SIM/eSIM Provisioning Matters in Private CBRS Networks

In public mobile networks, SIMs are issued by carriers and tied to their PLMN (Public Land Mobile Network). For private CBRS networks like ours:

  • Devices authenticate using credentials stored on the SIM/eSIM.
  • We use our assigned IMSI Block Number (IBN 0148, part of PLMN 315-010) to generate unique International Mobile Subscriber Identities (IMSIs).
  • This enables mutual authentication (device verifies network, network verifies device), encryption of communications, and controlled access—far more secure than open Wi-Fi.
  • Provisioning ties the SIM profile to our network’s identifiers (including the upcoming CBRS-NID and our TACs: the six from IBN 0148 plus 60052 and 60053).

Provisioning can be done via physical SIM cards (inserted into devices) or eSIMs (remotely downloadable profiles, ideal for scalability and IoT fleets).

Our Provisioning Process Overview

We follow industry best practices for private LTE/5G deployments in the CBRS band, working with compatible core network elements, SIM management platforms, and standards from the OnGo Alliance and FCC guidelines. Here’s how it works step by step:

  1. Credential Generation
    Using our IBN 0148, we generate subscriber profiles with unique IMSIs from the allocated block. These include authentication keys (e.g., Ki for LTE/5G AKA or EAP-AKA methods) and network-specific parameters like the PLMN ID (315010), allowed TACs, and access policies.
  2. SIM Profile Creation
    Profiles are prepared in a secure SIM provisioning platform (often integrated with our core network or a third-party RSP—Remote SIM Provisioning—service).
  • Physical SIMs: Pre-burned with credentials and shipped or distributed for insertion.
  • eSIMs: Created as downloadable profiles compliant with GSMA standards for remote provisioning (e.g., via SM-DP+ servers).
  1. Profile Delivery and Installation
  • Physical SIMs: Insert the card into a CBRS-compatible device (supporting Band 48). The device reads the IMSI and authentic keys.
  • eSIMs: Use remote provisioning for over-the-air (OTA) activation. Devices scan a QR code, receive a download link, or use an app/portal to install the profile—no physical handling required. This is especially useful for scaling to many devices (e.g., sensors, cameras, or employee phones).
    We prioritize eSIMs where possible for flexibility, allowing quick onboarding of new devices without logistics.
  1. Network Registration and Activation
    Once provisioned:
  • The device scans for our PLMN (315010) and attaches to available cells using our TACs.
  • Authentication occurs via the core network (HSS/HLR equivalent in LTE or UDM/AUSF in 5G).
  • Successful attachment grants access to data, voice (if enabled), or specific QoS slices.
    Devices must support CBRS Band 48 and our network’s PLMN for seamless connection.
  1. Management and Lifecycle
    We use a centralized SIM management system to:
  • Monitor active subscriptions.
  • Enable/disable profiles remotely (e.g., for lost/stolen devices).
  • Update credentials or policies OTA.
  • Scale by adding new profiles as needed, without redeploying hardware.

Supported Devices and Compatibility

Any CBRS-certified device (e.g., smartphones, routers, IoT modules, or gateways supporting Band 48) can connect once provisioned. Examples include:

  • Standard Android/iOS devices with eSIM support.
  • Industrial IoT endpoints from vendors like Cradlepoint or Celona-compatible hardware.
  • Bring-your-own-device (BYOD) scenarios for employees or partners.

For best results, devices should be tested for our PLMN and TAC compatibility during provisioning.

Security and Compliance Benefits

Provisioning ensures end-to-end security:

  • SIM-based mutual authentication prevents unauthorized access.
  • Credentials never leave secure elements.
  • Compliance with FCC Part 96, OnGo Alliance standards, and GSMA eSIM specs.

This approach keeps our network private, reliable, and easy to manage—perfect for operational use cases like secure communications, asset tracking, or remote monitoring.

Getting Provisioned on Our Network

If you’re an EOB8 team member, partner, or authorized user interested in connecting a device:

  • Contact our IT/network team for provisioning requests.
  • Provide device details (IMEI, model, eSIM capability).
  • We’ll guide you through profile delivery (QR code for eSIM or physical SIM issuance).

We’re continually refining this process as our CBRS-NID is finalized and the network expands. Questions about provisioning, device compatibility, or integration? Reach out—we’re here to help make private wireless simple and secure!

Stay tuned for updates on performance examples and provisioning tools.