In telecommunication networks today user terminal capabilities are becoming increasingly available for 3rd party service providers. Both user terminal manufacturers and network operators have thus opened up their APIs (Application Program Interface) for such other developers to use. By exposing functionalities for service providers possibilities to develop services enhanced with basic telecommunication functionalities such as telephony and messaging increases. The number and variety of various types of 3rd party applications that can be provided in relation to user terminals and communication networks have therefore increased considerably.
However, this does not only introduce new experiences to a user. By introducing new possibilities for service providers one does not only enable creation of enhanced services but the user terminal is also subjected to risks. These risks include deviating behaviour like the risk for software that acts maliciously (either intentionally or by mistake). There is no good way of controlling that new services developed behave as promised, i.e. that events occurring in the user terminal are expected, without extensive testing. Such testing is the traditional solution to the problem and includes certification of applications. In the new environment certification is difficult since services can build on each other and use components developed by separate entities. Testing should furthermore be made before an end user, like a consumer, uses the end terminal.
Another existing way to control 3rd party applications in the user terminal environment is to use “sandbox”-solutions, i.e. solutions where the 3rd party applications are only allowed to be executed within a “sandbox” with very limited access to the user terminal capabilities. These types of solutions do however create so many limitations and restrictions that they limit the creativity of the software developers. This does in fact not identify a user terminal having a deviating behaviour, but instead limits the probability of deviating behaviour through limiting the capabilities of applications.
Firewall technology is another important technology used to grant or block access for certain applications. Firewalls exist both as personal firewalls that can be installed on the user terminal or network firewalls that are deployed in the network.
Personal firewalls control access on the terminal side by analyzing all network traffic sent and received by the terminal with some additional user control. Network firewalls work in a similar fashion with the main difference that all traffic passing through the firewall is analyzed. The amount of traffic passing through will heavily depend on deployment, i.e. how close to the users the network firewall is deployed. One limitation with these firewalls is that they do not combine the terminal centric analysis with the network centric analysis. Another limitation is that firewalls do not as such identify deviating behaviour, but can only be used once deviating behaviour has been identified.
There is therefore a need for improvement in this field of technology and then especially a need for new mechanisms that can check such applications for enhancing the safety of the user terminal as it is used by an end user and for avoiding network abuse.