[go: up one dir, main page]

WO2010000924A1 - Client provisioning - Google Patents

Client provisioning Download PDF

Info

Publication number
WO2010000924A1
WO2010000924A1 PCT/FI2009/050504 FI2009050504W WO2010000924A1 WO 2010000924 A1 WO2010000924 A1 WO 2010000924A1 FI 2009050504 W FI2009050504 W FI 2009050504W WO 2010000924 A1 WO2010000924 A1 WO 2010000924A1
Authority
WO
WIPO (PCT)
Prior art keywords
provisioning message
receiver
sender
message
provisioning
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/FI2009/050504
Other languages
French (fr)
Inventor
Jukka Tuomi
Mika Rantanen
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ERACE SECURITY SOLUTIONS Ltd Oy
Original Assignee
ERACE SECURITY SOLUTIONS Ltd Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ERACE SECURITY SOLUTIONS Ltd Oy filed Critical ERACE SECURITY SOLUTIONS Ltd Oy
Publication of WO2010000924A1 publication Critical patent/WO2010000924A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/18Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
    • H04W8/20Transfer of user or subscriber data
    • H04W8/205Transfer to or from user equipment or user record carrier
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • H04W8/245Transfer of terminal data from a network towards a terminal

Definitions

  • the invention relates to mobile device security arrangements for arranging remote device configuration over a communications network.
  • Client Provisioning protocol (OMA CP).
  • OMA CP Open Mobile Alliance Client Provisioning protocol
  • SMS short message
  • xml wbxml
  • the protocol includes certain security features it still exposes mobile device security in various ways. It is possible to have full control of settings and configurations in mobile device by sending malicious settings document using the client provisioning protocol. Currently anyone having mobile subscription is able and allowed to send client provisioning messages to someone's phone. The client provisioning message may include malicious configuration settings which may cause significant harm and problems for the end users.
  • NET- WPIN is the IMSI code of the SIM card attached to the receiving mobile device and in practice the IMSI code is only known by the end user's home mobile operator.
  • NETWPIN is the IMSI code of the SIM card attached to the receiving mobile device and in practice the IMSI code is only known by the end user's home mobile operator.
  • NETWPIN as a secret key in the message the receiving client can be sure that message has been sent by its mobile operator.
  • the drawback in this case is that no other mobile service provider would be able send configurations to end users anymore. This would be a showstopper for their mobile service businesses due to a fact that average end user don't know how to modify the mobile device settings to reach the services. Automatically discarding configuration messages other than NETWPIN protected would greatly influence current business models in telecom industry.
  • a method comprising receiving, a provisioning message including one or more configuration settings for configuration of a receiver, analysing from the provisioning message one or more characteristics of a sender of the provisioning message, analysing the security settings used in transmission of the provisioning message, assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message, and processing the provisioning message further to be used in configuring the receiver if the security level of the provisioning message fulfils a predetermined security level requirement.
  • a network element comprising means for receiving, a provisioning message including one or more configuration settings for configuration of a receiver, means for analysing one or more characteristics of a sender of the provisioning message, means for analysing the security settings used for transmission of the provisioning message, means for assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message, and means for processing the provisioning message further to be used in configuring the receiver if the security level of the provisioning message fulfils a predetermined security level requirement.
  • Figure 2 shows an embodiment of a method
  • Figure 3 shows another embodiment of a method
  • FIG. 4 shows another embodiment of the method. DETAILED DESCRIPTION
  • a network element implementing the features disclosed in the following embodiments may be either a mobile station or a relay server.
  • the mobile station, that is the receiver, is the receiver of the configuration message.
  • the relay station may be a device between the sender and the receiver of the configuration message.
  • FIG. 1 depicts devices involved in sending the Client Provisioning messages.
  • the message may be originated by a service provider's personal computer software and a normal mobile phone that is configured to act as a GSM (Global System for Mobile Communication) modem. It is also possible for the service provider (100) that the messages are sent directly to mobile operator SMSC (106) (Short Message Service Center) via TCP/IP based network using so called SMSC application protocol. SMSC queries SMS routing information from the SMS-GMSC (110) (Short Message Gateway Mobile Switching Center). SMS-GMSC replies with necessary routing information to all SMSCs in the Global PSTN network (112). The message is delivered to the corresponding Mobile Switching Center (108) and cellular radio network to the receiving mobile phone.
  • SMSC Short Message Service Center
  • Figure 1 depicts also the devices involved in sending relayed provisioning messages.
  • Service Provider server (100) has a network connection to the mobile operator provisioning relay server (102). Relayed provisioning messages are sent from the Service Provider's server (100) to the relaying server.
  • Provisioning relay server fetches service provider authentication, authorization and accounting information from the database (104). It is possible that provisioning relaying functionality is handled by SMSC (106). Provisioning relay server resolves characteristics of the receiver; in some embodiments the IMSI is being requested from the HLR/HSS (108).
  • a runtime analysis of the incoming provisioning message in the receiving mobile device In case the analysis of the message sender, used security method and the content of the message show that it may expose end user device security, the message content or part of the content is discarded accordingly. Analysis of the message is performed against pre-defined rules. Certain settings characteristics may be allowed from un-trusted senders and with less protective security methods. Settings that expose the end user device to greater risk require authorized sender. Authorization may be performed explicitly or implicitly depending on implementation of the used system.
  • step 200 the device receives a provisioning message including configuration settings.
  • step 202 the provisioning message is parsed and a possible fingerprint is saved.
  • step 206 the fingerprint validity is checked. If the fingerprint cannot be validated the whole message is discarded. If the message does not include the fingerprint of the sender or the fingerprint is analyzed to be valid the sender information is analyzed in step 212.
  • the analysis may, for instance, include analyzing if the sender MSISDN number belongs to a range of trusted MSISDN numbers.
  • the security mode used for transmission of the message is analyzed.
  • the analysis may include checking of a USERPIN or a NETWPIN of the client provisioning protocol, for instance.
  • the required security authorization level is set for the message.
  • the first configuration element is analyzed.
  • the configuration element is the whole CHARACTERISTIC > element part of the configuration message specified in Open Mobile Alliance Client Provisioning protocol.
  • the configuration element may be either ⁇ CHARACTERISTIC> or ⁇ PARM> element.
  • Each configuration element has a predefined authorization level depending on what type of configuration in receiving device the element represents. For instance, the system may have different authorization level for internet connection settings and for multimedia services.
  • step 220 the authorization information of the configuration element is compared to the security authorization level set in step 216. In case the required authorization level is stronger than the set level, the element is discarded. In case the authorization level is adequate, the element is accepted. If the accepted or discarded element is not the last element in the configuration context, the next element is processed and the steps 218-224 are repeated until the last element is reached. In some embodiments the accepted elements are saved even if one or more of the configuration elements are discarded. In case the configuration element under analysis is unknown the element is discarded. In another embodiment, there is provided a system to send configuration messages from an originating device or a server to a server for relaying the message to a receiving device.
  • the relayed message may be carried over any communications network between the originator and the relaying server. Parameters needed for relaying the configuration message may be carried us- ing any communications protocol and parameters may be included into provisioning message or may be carried in separate message to the relaying server.
  • the server receives the provisioning message for further relaying.
  • the relaying server authenticates the message sender.
  • the authorization of the sender is checked. In one aspect of the pre- sent method, the sender is charged for the relay service. Depending on the sender authorization, the relaying system may perform content analysis of the configuration message. If the message contains more sensitive settings than the sender is authorized to send, the message may be discarded.
  • the relaying server resolves OMA Client Provisioning protocol specific NETWPIN value.
  • the NETWPIN may be resolved from its own database or it may be fetched from other server or database in the mobile operator cellular network 114.
  • the used configuration message security mechanism is resolved.
  • a USERPIN mode may be used.
  • the sender or the service provider's server informs a USERPIN to the relay station, which may use it when addressing a message to the mobile station.
  • OMA CP USERPIN security mode the system combines USERPIN and NETWPIN according to OMA CP standard, calculates message authentication code using the USERNETWPIN and then changes the message security mode accordingly.
  • the system calculates MAC using NETWPIN.
  • the server sends the relayed message to the receiving device.
  • a method comprising steps of receiving, in a relay station, a provisioning message from a sender including one or more configu- ration elements for configuration of a receiver, analysing one or more characteristics of a sender of the provisioning message, resolving one or more char- acteristics of the receiver, changing a security setting of the provisioning message according the resolved one or more receiver characteristic, and preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to provide a provisioning message to the receiver.
  • the method comprises analyzing the configuration settings in the provisioning message, and preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to provide such configuration set- tings to the receiver.
  • the resolved receiver characteristic is an international mobile subscriber identity of the receiver.
  • the changed security setting of the provisioning message is parameter NETWPIN of an open mobile alliance client provisioning protocol.
  • the relayed provisioning message security mode is USERPIN
  • the sender informs the used PIN-code to the relay station.
  • the changed security setting of the provisioning message is parameter USERNETWPIN of an open mobile alliance client pro- visioning protocol.
  • the method comprises analysing one or more characteristics of a sender of the provisioning message includes authenticating the sender based on network address of the sender.
  • the method comprises analysing of one or more characteristics of a sender of the provisioning message, and authenticating the sender based on a userid and a password.
  • a network element such as a relay station, comprising means for receiving a provisioning message from a sender including one or more configuration elements for configuration of a receiver, means for analysing one or more characteristics of a sender of the provisioning message, means for resolving one or more characteristics of the receiver, means for changing a security setting of the provisioning message according the resolved one or more receiver characteristic, means for preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to provide a provisioning message to the receiver.
  • the network element comprises means for analyzing the configuration settings in the provisioning message, and means for preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to pro- vide such configuration settings to the receiver.
  • the network element comprises means for resolving an international mobile subscriber identity of the receiver.
  • the network element comprises means for changing as a security setting of the provisioning message the parameter NETWPIN of an open mobile alliance client provisioning protocol.
  • the relayed provisioning message security mode is USERPIN, which the sender or the service provider's server has informed to the relay station.
  • the changed security setting of the provisioning message is parameter USERNETWPIN of an open mobile alliance client provisioning protocol.
  • the network element further comprises means for analysing one or more characteristics of a sender of the provisioning message, and authenticating the sender based on a network address of the sender.
  • the network element further comprises means for analysing one or more characteristics of a sender of the provisioning message, and authenticating the sender based on a userid and a password.
  • a method to send configuration messages from an originating device or a server to a server for a re-signing the configuration message The sender informs (400) to the mobile operator relay server the MSISDN of the mobile station receiving the configuration message. Based on the MSISDN number, the receiving server resolves the corresponding IMSI, which is then used as OMA Client Provisioning protocol specific NETWPIN value (402).
  • the IMSI may be resolved from its own database or it may be fetched from other server or database in the mobile operator cellular network.
  • a USERPIN may be used. If the USERPIN is present, the sender or service provider's server informs a USERPIN to the re- lay station, which may use it when addressing a message back to sender. If the USERPIN is present, the sender or service provider's server informs a USERPIN to the re- lay station, which may use it when addressing a message back to sender. If the USERPIN is present, the sender or service provider's server informs a USERPIN to the re- lay station, which may use it when addressing a message back to sender. If
  • USERPIN is present in the received message, the system combines USERPIN and NETWPIN according to OMA CP standard, calculates message authentication code using the USERNETWPIN and then changes the message security mode accordingly. In case USERPIN is not used, the system calculates MAC using NETWPIN.
  • the server sends the message with calcu- lated credentials and the accordingly changed security settings to the message originating device.
  • the originating server sends the configuration message to the receiving mobile station.
  • Figures 2 and 3/4 may be used in combination. That is, a relaying station may be involved in the transmission of the provisioning messages as explained in conjunction with Figures 3 and 4, and the messages are additionally subjected to a security check in the mobile station as explained in conjunction with Figure 2.
  • the embodiments may be implemented on the network element as a computer program by software, hardware, or a combination thereof.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A method, comprising receiving, in a receiver, a provisioning message including one or more configuration settings for configuration of the receiver, analysing one or more characteristics of a sender of the provisioning message, analysing the security settings used in transmission of the provisioning message, assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message, and saving configuration settings from the provisioning message into the receiver if the security level of the provisioning message fulfils a predetermined security level requirement.

Description

CLIENT PROVISIONING
FIELD
The invention relates to mobile device security arrangements for arranging remote device configuration over a communications network.
BACKGROUND
Current mobile phones are often remotely configured by using Open Mobile Alliance Client Provisioning protocol (OMA CP). The protocol enables fast and easy settings delivery to the mobile devices over the air. Client provisioning protocol utilizes short message (SMS) technology as a carrier and the settings are described by using wbxml (xml) notation.
Even though the protocol includes certain security features it still exposes mobile device security in various ways. It is possible to have full control of settings and configurations in mobile device by sending malicious settings document using the client provisioning protocol. Currently anyone having mobile subscription is able and allowed to send client provisioning messages to someone's phone. The client provisioning message may include malicious configuration settings which may cause significant harm and problems for the end users.
OMA Client Provisioning introduces mechanism how the message sending would be able to restrict from the other than mobile operators. NET- WPIN is the IMSI code of the SIM card attached to the receiving mobile device and in practice the IMSI code is only known by the end user's home mobile operator. Using NETWPIN as a secret key in the message the receiving client can be sure that message has been sent by its mobile operator. Unfortunately the drawback in this case is that no other mobile service provider would be able send configurations to end users anymore. This would be a showstopper for their mobile service businesses due to a fact that average end user don't know how to modify the mobile device settings to reach the services. Automatically discarding configuration messages other than NETWPIN protected would greatly influence current business models in telecom industry.
Even though the OMA CP is widely adopted protocol the mobile devices receiving the message behave in various different ways. Some implementations don't even show the actual message to the end user - instead the configurations inside the message are stored to the system without end user acceptance. In the best case the system warns about the possibility that the settings might be harmful, but end user is still able to save the settings and thereby change the device settings accordingly. It is also noticeable that majority of mobile phones does not comply with Client Provisioning protocol security definitions.
BRIEF DESCRIPTION
In an aspect, there is provided a method, comprising receiving, a provisioning message including one or more configuration settings for configuration of a receiver, analysing from the provisioning message one or more characteristics of a sender of the provisioning message, analysing the security settings used in transmission of the provisioning message, assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message, and processing the provisioning message further to be used in configuring the receiver if the security level of the provisioning message fulfils a predetermined security level requirement.
In another aspect, there is provided a network element, comprising means for receiving, a provisioning message including one or more configuration settings for configuration of a receiver, means for analysing one or more characteristics of a sender of the provisioning message, means for analysing the security settings used for transmission of the provisioning message, means for assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message, and means for processing the provisioning message further to be used in configuring the receiver if the security level of the provisioning message fulfils a predetermined security level requirement.
DRAWINGS
In the following the invention will be described in greater detail by means of preferred embodiments with reference to the accompanying drawings, in which Figure 1 shows an embodiment of a communication system;
Figure 2 shows an embodiment of a method;
Figure 3 shows another embodiment of a method; and
Figure 4 shows another embodiment of the method. DETAILED DESCRIPTION
Some embodiments of the invention are explained in the following. It is to be understood that these embodiments are only examples. The present features may be applied in any mobile communications system, where settings provisioning messages may be sent to device from another device or server over one or more communications networks. A network element implementing the features disclosed in the following embodiments may be either a mobile station or a relay server. The mobile station, that is the receiver, is the receiver of the configuration message. The relay station may be a device between the sender and the receiver of the configuration message.
Figure 1 depicts devices involved in sending the Client Provisioning messages. The message may be originated by a service provider's personal computer software and a normal mobile phone that is configured to act as a GSM (Global System for Mobile Communication) modem. It is also possible for the service provider (100) that the messages are sent directly to mobile operator SMSC (106) (Short Message Service Center) via TCP/IP based network using so called SMSC application protocol. SMSC queries SMS routing information from the SMS-GMSC (110) (Short Message Gateway Mobile Switching Center). SMS-GMSC replies with necessary routing information to all SMSCs in the Global PSTN network (112). The message is delivered to the corresponding Mobile Switching Center (108) and cellular radio network to the receiving mobile phone.
Figure 1 depicts also the devices involved in sending relayed provisioning messages. Service Provider server (100) has a network connection to the mobile operator provisioning relay server (102). Relayed provisioning messages are sent from the Service Provider's server (100) to the relaying server. Provisioning relay server fetches service provider authentication, authorization and accounting information from the database (104). It is possible that provisioning relaying functionality is handled by SMSC (106). Provisioning relay server resolves characteristics of the receiver; in some embodiments the IMSI is being requested from the HLR/HSS (108).
In an embodiment, there is provided a runtime analysis of the incoming provisioning message in the receiving mobile device. In case the analysis of the message sender, used security method and the content of the message show that it may expose end user device security, the message content or part of the content is discarded accordingly. Analysis of the message is performed against pre-defined rules. Certain settings characteristics may be allowed from un-trusted senders and with less protective security methods. Settings that expose the end user device to greater risk require authorized sender. Authorization may be performed explicitly or implicitly depending on implementation of the used system.
One embodiment of such run-time analysis for settings provisioning message is illustrated in Figure 2. It is to be understood that the illustrated features are not limited to any particular protocol.
In step 200, the device receives a provisioning message including configuration settings. In step 202, the provisioning message is parsed and a possible fingerprint is saved. In step 206, the fingerprint validity is checked. If the fingerprint cannot be validated the whole message is discarded. If the message does not include the fingerprint of the sender or the fingerprint is analyzed to be valid the sender information is analyzed in step 212. The analysis may, for instance, include analyzing if the sender MSISDN number belongs to a range of trusted MSISDN numbers.
In step 214, the security mode used for transmission of the message is analyzed. The analysis may include checking of a USERPIN or a NETWPIN of the client provisioning protocol, for instance. In step 216, according to previous analysis of the sender and the security settings of the message, the required security authorization level is set for the message. In the step 218, the first configuration element is analyzed. In one embodiment, the configuration element is the whole CHARACTERISTIC > element part of the configuration message specified in Open Mobile Alliance Client Provisioning protocol. In another embodiment the configuration element may be either <CHARACTERISTIC> or <PARM> element. Each configuration element has a predefined authorization level depending on what type of configuration in receiving device the element represents. For instance, the system may have different authorization level for internet connection settings and for multimedia services.
In step 220, the authorization information of the configuration element is compared to the security authorization level set in step 216. In case the required authorization level is stronger than the set level, the element is discarded. In case the authorization level is adequate, the element is accepted. If the accepted or discarded element is not the last element in the configuration context, the next element is processed and the steps 218-224 are repeated until the last element is reached. In some embodiments the accepted elements are saved even if one or more of the configuration elements are discarded. In case the configuration element under analysis is unknown the element is discarded. In another embodiment, there is provided a system to send configuration messages from an originating device or a server to a server for relaying the message to a receiving device. The relayed message may be carried over any communications network between the originator and the relaying server. Parameters needed for relaying the configuration message may be carried us- ing any communications protocol and parameters may be included into provisioning message or may be carried in separate message to the relaying server. In step 300, the server receives the provisioning message for further relaying. In step 302, the relaying server authenticates the message sender. In step 304, the authorization of the sender is checked. In one aspect of the pre- sent method, the sender is charged for the relay service. Depending on the sender authorization, the relaying system may perform content analysis of the configuration message. If the message contains more sensitive settings than the sender is authorized to send, the message may be discarded. In step 316, the relaying server resolves OMA Client Provisioning protocol specific NETWPIN value. The NETWPIN may be resolved from its own database or it may be fetched from other server or database in the mobile operator cellular network 114. In step 318, the used configuration message security mechanism is resolved.
In an embodiment, a USERPIN mode may be used. In the USER- PIN mode, the sender or the service provider's server informs a USERPIN to the relay station, which may use it when addressing a message to the mobile station. If OMA CP USERPIN security mode is used, the system combines USERPIN and NETWPIN according to OMA CP standard, calculates message authentication code using the USERNETWPIN and then changes the message security mode accordingly. In case USERPIN is not used, the system calculates MAC using NETWPIN. In step 328, the server sends the relayed message to the receiving device.
There is provided a method, comprising steps of receiving, in a relay station, a provisioning message from a sender including one or more configu- ration elements for configuration of a receiver, analysing one or more characteristics of a sender of the provisioning message, resolving one or more char- acteristics of the receiver, changing a security setting of the provisioning message according the resolved one or more receiver characteristic, and preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to provide a provisioning message to the receiver.
In an embodiment, the method comprises analyzing the configuration settings in the provisioning message, and preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to provide such configuration set- tings to the receiver.
In an embodiment, the resolved receiver characteristic is an international mobile subscriber identity of the receiver.
In an embodiment, the changed security setting of the provisioning message is parameter NETWPIN of an open mobile alliance client provisioning protocol.
In an embodiment, the relayed provisioning message security mode is USERPIN, the sender informs the used PIN-code to the relay station.
In an embodiment, the changed security setting of the provisioning message is parameter USERNETWPIN of an open mobile alliance client pro- visioning protocol.
In an embodiment the method comprises analysing one or more characteristics of a sender of the provisioning message includes authenticating the sender based on network address of the sender.
In an embodiment, the method comprises analysing of one or more characteristics of a sender of the provisioning message, and authenticating the sender based on a userid and a password.
There is provided a network element, such as a relay station, comprising means for receiving a provisioning message from a sender including one or more configuration elements for configuration of a receiver, means for analysing one or more characteristics of a sender of the provisioning message, means for resolving one or more characteristics of the receiver, means for changing a security setting of the provisioning message according the resolved one or more receiver characteristic, means for preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to provide a provisioning message to the receiver. In an embodiment, the network element comprises means for analyzing the configuration settings in the provisioning message, and means for preparing the provisioning message for transmission to the receiver if the one or more characteristics of the sender indicate that the sender is allowed to pro- vide such configuration settings to the receiver.
In an embodiment, the network element comprises means for resolving an international mobile subscriber identity of the receiver.
In an embodiment, the network element comprises means for changing as a security setting of the provisioning message the parameter NETWPIN of an open mobile alliance client provisioning protocol.
In an embodiment, the relayed provisioning message security mode is USERPIN, which the sender or the service provider's server has informed to the relay station.
In an embodiment, the changed security setting of the provisioning message is parameter USERNETWPIN of an open mobile alliance client provisioning protocol.
In an embodiment, the network element further comprises means for analysing one or more characteristics of a sender of the provisioning message, and authenticating the sender based on a network address of the sender.
In an embodiment, the network element further comprises means for analysing one or more characteristics of a sender of the provisioning message, and authenticating the sender based on a userid and a password.
In another embodiment illustrated by Figure 4, there is provided a method to send configuration messages from an originating device or a server to a server for a re-signing the configuration message. The sender informs (400) to the mobile operator relay server the MSISDN of the mobile station receiving the configuration message. Based on the MSISDN number, the receiving server resolves the corresponding IMSI, which is then used as OMA Client Provisioning protocol specific NETWPIN value (402). The IMSI may be resolved from its own database or it may be fetched from other server or database in the mobile operator cellular network.
In an embodiment, a USERPIN may be used. If the USERPIN is present, the sender or service provider's server informs a USERPIN to the re- lay station, which may use it when addressing a message back to sender. If
USERPIN is present in the received message, the system combines USERPIN and NETWPIN according to OMA CP standard, calculates message authentication code using the USERNETWPIN and then changes the message security mode accordingly. In case USERPIN is not used, the system calculates MAC using NETWPIN. In step 406, the server sends the message with calcu- lated credentials and the accordingly changed security settings to the message originating device. In step 408 the originating server sends the configuration message to the receiving mobile station.
In order to improve the security of the provisioning messages in the network, the embodiments of Figures 2 and 3/4 may be used in combination. That is, a relaying station may be involved in the transmission of the provisioning messages as explained in conjunction with Figures 3 and 4, and the messages are additionally subjected to a security check in the mobile station as explained in conjunction with Figure 2.
The embodiments may be implemented on the network element as a computer program by software, hardware, or a combination thereof.
It will be obvious to a person skilled in the art that, as the technology advances, the inventive concept can be implemented in various ways. The invention and its embodiments are not limited to the examples described above but may vary within the scope of the claims.

Claims

1 . A method, comprising: receiving, a provisioning message including one or more configuration settings for configuration of a receiver; analysing from the provisioning message one or more characteristics of a sender of the provisioning message; analysing the security settings used in transmission of the provisioning message; assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message; and processing the provisioning message further to be used in configuring the receiver if the security level of the provisioning message fulfils a predetermined security level requirement.
2. A method according to claim 1 , wherein the processing of the provisioning message comprises saving configuration settings from the provisioning message into the receiver.
3. A method according to claim 1 , wherein the processing of the provisioning message comprises: changing the security setting level of the provisioning message; and transmitting the provisioning message to the receiver.
4. A method according to claim 1 , wherein the analysing of the one or more sender characteristics comprises: identifying a mobile station international subscriber directory number of the sender; checking, on the basis of the mobile station international subscriber directory number of the sender, if the sender is authorized to change configuration settings in the receiver.
5. A method according to claim 1 , wherein the analysing of the one or more sender characteristics comprises: analysing a digital fingerprint of the provisioning message; and checking, on the basis of the digital fingerprint, if the sender is authorized to change configuration settings in the receiver.
6. A method according to claim 1 , wherein the receiver includes a plurality of configuration settings and the method comprises: assessing, for each configuration setting of the receiver, if the security level of the provisioning message fulfils a predetermined security level requirement of the configuration setting; and saving such configuration settings where the security level of the provisioning message fulfils a predetermined security level requirement of the configuration setting.
7. A method according to claim 1 , further comprising: rejecting the whole provisioning message or one or more configuration settings in the provisioning message if the security level of the provisioning message fails to fulfil the security requirement of the configuration element.
8. A computer program product configured to perform a method according to any preceding method claim 1 to 7 when run on a computer.
9. A network element, comprising: means for receiving, a provisioning message including one or more configuration settings for configuration of a receiver; means for analysing one or more characteristics of a sender of the provisioning message; means for analysing the security settings used for transmission of the provisioning message; means for assessing a security level of the provisioning message on the basis of the one or more characteristics of the sender and the security settings of the provisioning message; and means for processing the provisioning message further to be used in configuring the receiver if the security level of the provisioning message ful- fils a predetermined security level requirement.
10. A network element according to claim 9, wherein the network element is the receiver, comprising: means for saving the configuration settings from the provisioning message into the receiver if the security level of the provisioning message ful- fils a predetermined security level requirement.
1 1 . A network element according to claim 9, wherein the network element is the receiver, comprising: means for storing a plurality of configuration settings; means for assessing, for each configuration setting of the receiver, if the security level of the provisioning message fulfils a predetermined security level requirement of the configuration setting; and means for saving such configuration settings where the security level of the provisioning message fulfils a predetermined security level requirement of the configuration setting.
12. A network element according to claim 9, wherein the network element is a relay station between the sender and the receiver, the network element comprising: means for changing the security setting level of the provisioning message; and means for transmitting the provisioning message to the receiver.
13. A network element according to claim 9, wherein the network element comprises: means for identifying a mobile station international subscriber directory number of the sender; and means for checking, on the basis of the mobile station international subscriber directory number of the sender, if the sender is authorized to change configuration settings in the receiver.
14. A network element according to claim 9, comprising: means for analysing a digital fingerprint of the provisioning message; and means for checking, on the basis of the digital fingerprint, if the sender is authorized to change configuration settings in the receiver.
15. A network element according to claim 9, further comprising: means for rejecting the whole provisioning message or one or more configuration settings in the provisioning message if the security level of the provisioning message fails to fulfil the security requirement of the configuration element.
PCT/FI2009/050504 2008-07-02 2009-06-12 Client provisioning Ceased WO2010000924A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20085688A FI121046B (en) 2008-07-02 2008-07-02 Equipping the customer
FI20085688 2008-07-02

Publications (1)

Publication Number Publication Date
WO2010000924A1 true WO2010000924A1 (en) 2010-01-07

Family

ID=39677573

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2009/050504 Ceased WO2010000924A1 (en) 2008-07-02 2009-06-12 Client provisioning

Country Status (2)

Country Link
FI (1) FI121046B (en)
WO (1) WO2010000924A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2007311624B2 (en) * 2006-10-20 2011-06-16 Johnson Matthey Plc Process for preparing catalysts

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030023849A1 (en) * 2001-07-11 2003-01-30 Martin Bruce K. Method and apparatus for distributing authorization to provision mobile devices on a wireless network
US20060039564A1 (en) * 2000-11-17 2006-02-23 Bindu Rama Rao Security for device management and firmware updates in an operator network
WO2006114482A1 (en) * 2005-04-27 2006-11-02 Nokia Corporation Limited supply access to mobile terminal features
WO2006126851A1 (en) * 2005-05-27 2006-11-30 Lg Electronics Inc. Method and device for securely sending bootstrap message in device management
EP1796340A1 (en) * 2005-12-09 2007-06-13 Abb Research Ltd. Method of securing network configuration data in automation networks

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060039564A1 (en) * 2000-11-17 2006-02-23 Bindu Rama Rao Security for device management and firmware updates in an operator network
US20030023849A1 (en) * 2001-07-11 2003-01-30 Martin Bruce K. Method and apparatus for distributing authorization to provision mobile devices on a wireless network
WO2006114482A1 (en) * 2005-04-27 2006-11-02 Nokia Corporation Limited supply access to mobile terminal features
WO2006126851A1 (en) * 2005-05-27 2006-11-30 Lg Electronics Inc. Method and device for securely sending bootstrap message in device management
EP1796340A1 (en) * 2005-12-09 2007-06-13 Abb Research Ltd. Method of securing network configuration data in automation networks

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
OPEN MOBILE ALLIANCE; OMA-WAP-PROVARCH-V1_1-20080226-C; PROVISIONING ARCHITECTURE OVERVIEW; CANDIDATE VERSION 11, 26 February 2008 (2008-02-26), Retrieved from the Internet <URL:http://www.openmobilealliance.org/Technical/release-program/docs/ClientProv/V1-1-20080226-C/OMA-WAP-ProvArch-v1-1-20080226-C.pdf> [retrieved on 20090514] *
OPEN MOBILE ALLIANCE; OMA-WAP-PROVBOOT-V1_1-20080226-C; PROVISIONING BOOTSTRAP; CANDIDATE VERSION 1.1, 26 February 2008 (2008-02-26), Retrieved from the Internet <URL:http://www.openmobilealliance.org/Technical/release-program/docs/ClientProv/V1-1-20080226-C/OMA-WAP-ProvBoot-v1-1-20080226-C.pdf> [retrieved on 20090514] *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2007311624B2 (en) * 2006-10-20 2011-06-16 Johnson Matthey Plc Process for preparing catalysts

Also Published As

Publication number Publication date
FI20085688A0 (en) 2008-07-02
FI20085688L (en) 2010-01-03
FI121046B (en) 2010-06-15

Similar Documents

Publication Publication Date Title
EP3008935B1 (en) Mobile device authentication in heterogeneous communication networks scenario
US11234128B2 (en) Managing undesired service requests in a network
Willassen Forensics and the GSM mobile telephone system
US7489918B2 (en) System and method for transferring wireless network access passwords
EP1871065A1 (en) Methods, arrangement and systems for controlling access to a network
WO2008076163A2 (en) Techniques for managing security in next generation communication networks
KR20060042027A (en) SMS message filtering system and method
US20080175178A1 (en) Method for connecting a user of a mobile telephone network to a data transmission service
US20110217997A1 (en) Security mechanisms to protect sms exchange in telecommunication networks
US20110217995A1 (en) Security mechanisms to protect sms exchange in telecommunication networks
EP3105900B1 (en) Method and system for determining that a sim and a sip client are co-located in the same mobile equipment
WO2010000924A1 (en) Client provisioning
US9225680B2 (en) Method and device for providing an identity identifier of an electronic terminal device
KR102329891B1 (en) Apparatus for authenticating controlling SMS based on SMPP
KR20150063288A (en) Appratus and method for blocking spam in a wireless terminal
FI114370B (en) Procedures and systems for transmitting information
KR20060087804A (en) Wireless Internet Service System and Method
IES20070607A2 (en) Methods and apparatus for a sim-based firewall
EP1926265A1 (en) Method preventing spam in mobile communications
IES85248Y1 (en) Methods and apparatus for a sim-based firewall
IE20070607U1 (en) Methods and apparatus for a sim-based firewall

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09772611

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09772611

Country of ref document: EP

Kind code of ref document: A1