MOBILE TRUSTED MODULE (MTM)-BASED SHORT MESSAGE SERVICE SECURITY SYSTEM AND METHOD THEREOF
First Claim
1. A hardware security module, comprising:
- an access control unit configured to verify the integrity of a SMS application a request from the SMS application, and verify whether the SMS application has a permission for the request;
a key management unit configured to store and manage a public key and a private key of the terminal, and an encryption key shared with a server configured for the security message between the SMS server and the terminal; and
a security message processing unit configured to convert the security message based on a preset security policy when the security message is received from the server, and return the converted message to the SMS application.
1 Assignment
0 Petitions
Accused Products
Abstract
An MTM-based short message service security system and a method thereof are provided. A hardware security module according to the present invention includes an access control unit configured to verify the integrity of a SMS application and a request from the SMS application, and verify whether the SMS application has a permission for the request; a key management unit configured to store and manage a public key and a private key of the terminal, and an encryption key shared with a server configured to transmit a security message between the server and the terminal; and a security message processing unit configured to convert the security message based on a preset security policy when the security message is received from the server, and return the converted message to the SMS application.
-
Citations
11 Claims
-
1. A hardware security module, comprising:
-
an access control unit configured to verify the integrity of a SMS application a request from the SMS application, and verify whether the SMS application has a permission for the request; a key management unit configured to store and manage a public key and a private key of the terminal, and an encryption key shared with a server configured for the security message between the SMS server and the terminal; and a security message processing unit configured to convert the security message based on a preset security policy when the security message is received from the server, and return the converted message to the SMS application. - View Dependent Claims (2, 3, 4)
-
-
5. A short message service security method that is provided by a user terminal including a hardware security module configured to encrypt or decrypt a short message in cooperation with a SMS application that is executed in an application processor, the method comprising:
-
receiving a security message encrypted with an encryption key shared with a server; converting the security message based on a preset security policy for managing the security message; and transmitting a reception checking message to the server when reception of the security message is completed. - View Dependent Claims (6, 7, 8)
-
-
9. A short message service security method that is provided by a server that manages the encryption keys shared with each target terminal, generates the security message in which a short message received from a transmitting terminal is encrypted, and transmits the security message to the target terminal, the method comprising:
-
generating a security message in which the short message is encrypted using an encryption key shared with the target terminal when the short message that is received from the transmitting terminal and not encrypted matches a security policy set in the target terminal; delivering the security message to the target terminal and requesting a security message reception checking task from the target terminal; and verifying reception of the security message. - View Dependent Claims (10, 11)
-
Specification