Enhancing Security System of Short Message Service for M-Commerce in GSM

Global System for Mobile (GSM) is a second generation cellular standard developed to cater voice services and data delivery using digital modulation. Short Message Service (SMS) is the text communication service component of mobile communication systems, using standardized communications protocols that allow the exchange of short text messages between mobile phone devices. SMS will play a very vital role in the future business areas whose are popularly known as mCommerce, mobile banking etc. For this future commerce, SMS could make a mobile device in a business tool as it has the availability and the effectiveness. The existing SMS is not free from the eavesdropping, but security is the main concern for any business company such as banks who will provide these mobile banking. Presently there is no such scheme which can give the complete SMS security. Now, a new security scheme for improving the SMS security is proposed here. At first plaintext of SMS would be made as cipher text with the help of existing GSM encryption technology, then this cipher text would be digitally signed with the help of public key signature. These will be made compatible to existing infrastructure of GSM security. The proposed scheme will give total authenticity, data integrity, confidentiality, authorization and non-repudiation which are the most essential issues in m-commerce or mobile banking and in secure messaging. KeywordsSMS, mobile banking, ciphering, digital signature, public key algorithm, public key signature, data integrity, authenticity.

[1]  Devrim Seral,et al.  SMS Security: An Asymmetric Encryption Approach , 2010, 2010 6th International Conference on Wireless and Mobile Communications.

[2]  Mohsen Toorani,et al.  Solutions to the GSM Security Weaknesses , 2008, 2008 The Second International Conference on Next Generation Mobile Applications, Services, and Technologies.

[3]  Mahmoud Reza Hashemi,et al.  A Secure m-Payment Protocol for Mobile Devices , 2006, 2006 Canadian Conference on Electrical and Computer Engineering.

[4]  Umberto Ferraro Petrillo,et al.  An Extensible Framework for Efficient Secure SMS , 2010, 2010 International Conference on Complex, Intelligent and Software Intensive Systems.

[5]  Ron Vetter,et al.  SMS: The Short Message Service , 2007, Computer.

[6]  N. Rajendran,et al.  Performance evaluation on end-to-end security architecture for mobile banking system , 2008, 2008 1st IFIP Wireless Days.

[7]  Nikhil Bansal,et al.  Transport security using mobile technology , 2008, 2008 IEEE International Conference on Intelligence and Security Informatics.

[8]  Kyung-Goo Doh,et al.  Generic Information System Using SMS Gateway , 2009, 2009 Fourth International Conference on Computer Sciences and Convergence Information Technology.

[9]  Mohsen Toorani,et al.  SSMS - A secure SMS messaging protocol for the m-payment systems , 2008, 2008 IEEE Symposium on Computers and Communications.

[10]  Jong-won Seo,et al.  SMS(Short Message Service) based Secure Authentication and Accounting Mechanism in Wireless Network , 2006, 2006 International Conference on Hybrid Information Technology.

[11]  Salman Firdaus bin Haji Sidek The development of the short messaging service (SMS) application for the school usage , 2010, 2010 International Symposium on Information Technology.

[12]  M.R. Amin,et al.  A proposal for enhancing the security system of short message service in GSM , 2008, 2008 2nd International Conference on Anti-counterfeiting, Security and Identification.

[13]  M. Drahansky,et al.  SMS Encryption for Mobile Communication , 2008, 2008 International Conference on Security Technology.

[14]  Maryam Tahajod,et al.  Security in Mobile Governmental Transactions , 2009, 2009 Second International Conference on Computer and Electrical Engineering.

[15]  Pu Liu Research of Home Network Based on Internet and SMS , 2009, 2009 International Conference on E-Business and Information System Security.

[16]  J.J. Garza-Saldaa,et al.  State of Security for SMS on Mobile Devices , 2008, 2008 Electronics, Robotics and Automotive Mechanics Conference (CERMA '08).

[17]  Paul Coulton,et al.  Mobile Terminated SMS Billing — Exploits and Security Analysis , 2006, Third International Conference on Information Technology: New Generations (ITNG'06).