Callback URL is a technology that makes a user to connect specific URL in the mobile Internet by pushing a connection button. It reduces a burden for the user to input a URL which the user wishes to visit. As the mobile Internet is open, the callback URL will become more popular. In the current situation, however the user cannot guarantee that a SMS has a right callback URL. Therefore an attacker sends a SMS that the callback URL heads for malicious URL. We also had same weakness in the mobile user agreement service which we have developed. Therefore we consider several methods that add security to the callback URL in this paper. We propose a message and protocol for the traditional SMS, long SMS, and MMS. And the discussion is followed.
[1]
Hong Liu,et al.
Using E.164 numbers with the Session Initiation Protocol (SIP)
,
2004,
RFC.
[2]
Peter W. Resnick,et al.
Internet Message Format
,
2001,
RFC.
[3]
Nathaniel S. Borenstein,et al.
Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies
,
1996,
RFC.
[4]
Jung-Jin Yang.
Agent-Based System for Confirming User Appointment Through SMS Callback URL Push
,
2004,
PRIMA.
[5]
Roland Schmitz,et al.
Mobile Security for Internet Applications
,
2001
.