Browse Prior Art Database

Proactive security exposure identification of mobile terminals for confidential message transfers

IP.com Disclosure Number: IPCOM000250565D
Publication Date: 2017-Aug-03
Document File: 4 page(s) / 77K

Publishing Venue

The IP.com Prior Art Database

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 25% of the total text.

Proactive security exposure identification of mobile terminals for confidential message transfers

Abstract

This article proposes a solution to ensure confidential messages are securely sent and reach the intended recipient(s) and the sender is also notified of the secured delivery of the confidential message. Today users send confidential / personal information through message services (like SMS/ MMS and communicator applications like Whatsapp / messenger) and also receive many subscription based confidential information, like Salary, Balance in our mobile device. Information sender would be assuming that the confidential information reaches out to the intended recipient through the recipient's mobile device. There are scenarios where the mobile device itself is not secure always. For example, device without password, device in unlocked mode, device not with / near the user, device being used by others, the device user never logs out from Whatsapp, etc poses threat to the security of the confidential information at the receiving end. So, sending confidential information to those devices are not very secure as it could lead to exposure of the confidential data.

Shortcomings in the existing solutions

There are existing methods/solutions to ensure that the confidential information reaches out to the appropriate recipient's mobile device, there are no methods to ensure that the mobile device is secure enough to validate whether only the intended recipient reads the confidential information. All existing solutions focus on securing the messages sent by establishing a secure channel or by encrypting the message sent but none enables the service provider network to ensure the confidentiality of the information while delivering to the recipient device side while at the same time ensures the sender is notified on the secured delivery of the confidential information.

Proposed Solution

The proposed system function can be implemented in below described steps.

1. End Users of Telephone / Mobile service can subscribe to the Network provided secure messaging option if they wish to ensure the confidentiality of the information shared over the SMS / data.

2. Service provider will have the consolidated list of end users enrolled for this facility in the MSC where the customer profile would be stored.

3. Whenever the subscribed caller attempts to send a message, tagging it or a portion of a message as confidential , the service provider MSC will check with receiver end MSC to identify whether the receiver has subscribed for similar feature and have installed the security enhancer client in the mobile device.

4. If the receiver has also subscribed for this feature and have security enhancer client, then both MSC systems will connect to the proposed Security analyzer system whereas the SMS /data will be on hold in the recipient MSC itself.

5. Recipient's MSC system will trigger the security analyzer system to perform the security validation against the device to...