History has shown through phenomenons that have accompanied large scale development of the personal computer, that there is a category of people who find interest in maliciously penetrating other users' computing systems. Their motivation can include direct material benefit (e.g. use of a user's credentials stored in the computer to perform commercial or financial transactions), or benefit derived from access to confidential information (private information, trade or technology secrets). Sometimes it is just for the -arguable- fun of the performance (e.g. password cracking, virus dissemination, etc.). Whichever the motivation, this behavior is a strong indication that, when a new field of action opens up, the same energy will be spent on malicious attacks.
The wireless communications environment is one of the next likely fields of action. Mobile telephony has grown to hundreds of millions of users and is keeping a strong status image. In addition, mobile device evolution is clearly directed toward development of increasing computing power: faster processors, substantial storage, functional and applications richness. In fact, the catalogue of most major mobile device vendors includes devices that look very much like personal computers and in an increasing number of instances can replace them. Those devices, as they continue evolving, will play a significant role in business and personal activities.
Mobile communication networks may support various wireless technologies, and particularly the European Standard known as the Global System for Mobile Communications (GSM) or the enhanced General Packet Radio Services (GPRS). Text messages, particularly Short Message Services (SMS) messages may be exchanged between mobile devices through Short Message Service Centers (SMSC). A specific short message type handled by digital wireless networks enables the receiving mobile devices to be remotely managed by a remote device management application system. Such specific SMS results in parameter change commands or software elements to be applied to the device and it will be referred to as ‘Configuration SMS’ for this discussion. Configuration SMS's may be used in two ways to remotely manage GSM or GPRS-connected mobile devices from the device management application. A first approach is to use the SMS as a content vehicle carrying actual configuration parameters to be applied to the device. A second approach is to use SMS as a trigger to which the device responds by launching a connection (e.g. Over-The-Air (OTA) connection, SyncML/DM connection) to a management server to perform management-oriented synchronization activities (such as Inventory, Configuration, Software Download).
In both cases, the use of the SMS technology “as is” is exposing the device to malicious attempts. If the SMS carrying configuration instructions is of malicious origin, commands or software elements carried by the SMS can introduce malicious entities into the terminal equipment (e.g. undesired parameter changes, personal information retrieving, virus code downloading to name a few). If the SMS is used to trigger a management session to a spoof server, similar malicious actions may be performed over the management session. In fact, a mere knowledge of the mobile device's telephone number (also known as the MSISDN) and a basic skill in the SMS technology suffice to gain access.
Thus, it has been a main concern to secure the SMS against hacker attacks. Some recommendations for GSM security have been made available for example in the ETSI GSM 03.48 Technical Specification titled “Security Mechanisms for the SIM application toolkit”. While this publication addresses somehow the SMS security problem, the described mechanism only covers security for SMS's carrying executable information to be loaded onto the Subscriber Identity Module (SIM card). However, using the SIM card to remotely configure a wireless device with SMS is only one way to operate. Several other possibilities exist where the configuration parameters and the software carried in the SMS's may be applied to the device's operating system without execution in the SIM card. Therefore, there is still a potential target for hacker attacks.
Moreover, a drawback of the SIM-oriented implementation is that the SIM card is associated with the service subscription, i.e. the Wireless Network Operator. As a consequence, the existing security solution is limited to its use by the Operator.
It is therefore essential to apply a commensurate level of security against malicious tampering with the device configuration and software integrity attempted through means that bypass the SIM card.
There is a real need for a more general purpose security solution for wireless terminal user equipment remotely managed through SMS messages, which is independent of the Subscriber Identity Module.
The present invention offers such solution.