The exponential growth of the Short Message Service (SMS) use has led this service to an indispensable tool for social, marketing and advertising messaging. Moreover, mobile devices such as smartphones, handsets and PDAs represent an enabling factor for distributing digital content. Mobile devices are quickly becoming Personal Trust Device (PTD); mobile devices embed personal data, which allow sending/receiving confidential information from/to the PTD. This paper aims to introduce Trusted-SMS, a novel framework to exchange secure SMS. This system is composed by three main entities: the Service Supplier, which publishes and delivers services; the End User, which choices and eventually pays for a specific service, that belongs to the service-set offered by a Service Supplier; the Certification Authority (CA) which represents the trusted entity shared by the Service Supplier and the End User. The CA plays the role of the Certification Authority. The main requirements of the overall system are strictly non-repudiability, user friendliness and platform portability. The security requirement includes customer transaction authentication, confidentiality, integrity and non repudiation, in an environment composed of heterogeneous networks and devices, with different security weaknesses. Trusted-SMS allows exchanging SMS digitally signed with Elliptic Curve Digital Signature Algorithm. SMS digitally signed are useful in many scenarios, such as commercial transaction, production of delegation from a remote site and provisioning of e-healthcare services. The signature is fully contained in a single SMS; the size of a digital signature amount to fifty bytes leaving more than one hundred bytes (110 bytes) for the SMS payload. Moreover the application of Elliptic Curve Integrated Encryption Schema cryptographic algorithm, which is based on the same credentials needed by the digital signature algorithm, allows protecting the payload from intrusions.

Grillo, A., Lentini, A., Me, G., Rulli, F. (2008). Trusted SMS - A novel framework for non-repudiable SMS-based processes. In HEALTHINF 2008: PROCEEDINGS OF THE FIRST INTERNATIONAL CONFERENCE ON HEALTH INFORMATICS, VOL 1 (pp.43-50). SETUBAL : INSTICC-INST SYST TECHNOLOGIES INFORMATION CONTROL & COMMUNICATION.

Trusted SMS - A novel framework for non-repudiable SMS-based processes

RULLI, FRANCESCO
2008-01-01

Abstract

The exponential growth of the Short Message Service (SMS) use has led this service to an indispensable tool for social, marketing and advertising messaging. Moreover, mobile devices such as smartphones, handsets and PDAs represent an enabling factor for distributing digital content. Mobile devices are quickly becoming Personal Trust Device (PTD); mobile devices embed personal data, which allow sending/receiving confidential information from/to the PTD. This paper aims to introduce Trusted-SMS, a novel framework to exchange secure SMS. This system is composed by three main entities: the Service Supplier, which publishes and delivers services; the End User, which choices and eventually pays for a specific service, that belongs to the service-set offered by a Service Supplier; the Certification Authority (CA) which represents the trusted entity shared by the Service Supplier and the End User. The CA plays the role of the Certification Authority. The main requirements of the overall system are strictly non-repudiability, user friendliness and platform portability. The security requirement includes customer transaction authentication, confidentiality, integrity and non repudiation, in an environment composed of heterogeneous networks and devices, with different security weaknesses. Trusted-SMS allows exchanging SMS digitally signed with Elliptic Curve Digital Signature Algorithm. SMS digitally signed are useful in many scenarios, such as commercial transaction, production of delegation from a remote site and provisioning of e-healthcare services. The signature is fully contained in a single SMS; the size of a digital signature amount to fifty bytes leaving more than one hundred bytes (110 bytes) for the SMS payload. Moreover the application of Elliptic Curve Integrated Encryption Schema cryptographic algorithm, which is based on the same credentials needed by the digital signature algorithm, allows protecting the payload from intrusions.
1st International Conference on Health Informatics (HEALTHINF 2008)
Funchal, PORTUGAL
JAN 28-31, 2008
Inst Syst & Technologies Informat, Control & Commun, Univ Madeira, IEEE EMB, Workflow Management Coalit, Assoc Advancement Artificial Intelligence
Rilevanza internazionale
2008
Settore MED/18 - CHIRURGIA GENERALE
English
confidentiality; data security; SMS; ECDSA; elliptic curves
8
Intervento a convegno
Grillo, A., Lentini, A., Me, G., Rulli, F. (2008). Trusted SMS - A novel framework for non-repudiable SMS-based processes. In HEALTHINF 2008: PROCEEDINGS OF THE FIRST INTERNATIONAL CONFERENCE ON HEALTH INFORMATICS, VOL 1 (pp.43-50). SETUBAL : INSTICC-INST SYST TECHNOLOGIES INFORMATION CONTROL & COMMUNICATION.
Grillo, A; Lentini, A; Me, G; Rulli, F
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2108/44108
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 3
  • ???jsp.display-item.citation.isi??? ND
social impact