Harnessing Electronic Signatures to Improve the Security of SMS-Based Services
Powered by the emergence of information and communication technologies, governments and public administrations are nowadays offering online services to facilitate the execution of governmental procedures. Citizens, businesses, and even governments themselves benefit from greater flexibility and cost efficiency of such e-Government services. Recently, the increased mobility of citizens and the growing popularity of mobile communication technologies has raised the need for mobile governmental services. Such services have become known under the term m-Government. Interestingly, most m-Government services still rely on SMS technology. Reasons for that are the simplicity, inexpensiveness and wide support of this technology. Despite these various advantages, a lack of supported security features usually hinders SMS to be used in transactional m-Government services, as these services have higher security requirements. To bypass this issue, we propose a method to enhance SMS-based m-Government services by means of electronic signatures. Our solution allows citizens to generate, electronically sign, and deliver electronic documents by sending well-defined SMS messages. We demonstrate the practical applicability of our approach by means of a prototypical implementation. A detailed discussion of different security aspects of our solution concludes this contribution.
KeywordsSMS m-Government Electronic signatures SMS based services Austrian Mobile-Phone signature Security analysis
Unable to display preview. Download preview PDF.
- 1.Leitold, H., Hollosi, A., Posch, R.: Security Architecture of the Austrian Citizen Card Concept. In: Proceedings of the 18th Annual Computer Security Applications Conference (ACSAC 2002). IEEE Computer Society (2002)Google Scholar
- 3.European Union: Directive 1999/93/EC of the European Parliament and of the Council of 13 December 1999 on a Community framework for electronic signatures. Official Journal of the European Communities (1999)Google Scholar
- 5.Mobi Solutions Ltd.: Mobile Government: 2010 and Beyond (2010)Google Scholar
- 6.Zefferer, T.: Mobile Government - E-Government for Mobile Societies (2011), http://www.a-sit.at/pdfs/Technologiebeobachtung/mobile_government_1.0.pdf
- 7.MBAONLINE: Planet Text - How SMS Messaging is Changing the World (2011), http://www.mbaonline.com/planet-text/
- 8.EGov-Labs: PDF-AS (2012), http://egovlabs.gv.at/projects/pdf-as/
- 10.Lisonek, D., Drahansk, M.: SMS Encryption for Mobile Communication. In: International Conference on Security Technology, pp. 198–201. IEEE Computer Society (2008)Google Scholar
- 11.Anuar, N.B., Kuen, L.N., Zakaria, O., Gani, A., Wahab, A.W.A.: GSM mobile SMS/MMS using public key infrastructure: m-PKI. W. Trans. on Comp. 7, 1219–1229 (2008)Google Scholar
- 12.Al-bakri, S., Kiah, M.: A novel peer-to-peer SMS security solution using a hybrid technique of NTRU and AES-Rijndael. Scientific Research and Essays 5(22), 3455–3466 (2010)Google Scholar
- 13.Medani, A., Gani, A., Zakaria, O., Zaidan, A.A., Zaidan, B.B.: Review of mobile short message service security issues and techniques towards the solution. Scientific Research and Essays 6(6), 1147–1165 (2011)Google Scholar