Information Technology Reference
In-Depth Information
requests a call using the initial addressing Message (IAM) and the MSISDN, (2) the
network provider (especially, the GMSC) requests a current PMSI of user to the trust
device using the ISDN number of user, MSISDN and (3) the trust device gives it.
Then, (4) the GMSC stores the current PMSI in its table and sends a call setup
message to the user. Next, (5) the user verifies the setup message and sends an
acknowledgment message ACK as a proof to the trust device. (6) The trust device
checks the ACK. If the trust device does not receive the ACK, then the trust device
will decide that the network provider has attempted an illegal request to find out the
user location. The notations to describe the proposed methods are as follows.
[Notations]
ㆍ
PMSI_cur : the current value of PMSI periodically produced by the trust device
according to the synchronization time with the MS
ㆍ
ACK: an acknowledgment message transmitted to the trustdevice as a response that
the user has asked to receive a call from the external user through the network
provider. This value is a kind of combination message for the encrypted value of r,
PMSI_cur, and t with the secret key K
1
and PMSI_cur. Here r is an arbitrary integer t
is the time when the user is to send a message (This may become a time stamp signed
by the user, if the architecture is based on the environments of public key.).
ㆍ
PMSI_acked : the value of PMSI_cur is produced at the time when the user sends
the ACK message, and the trust device stores it in its own table some time later where
the initial value is null.
ㆍ
PMSI_provided: the most recently provided value of PMSI, and it will be stored in
the GMSC table in the network provider where the initial value is null.
ㆍ
VAL: this is a bit of vector. If the trust device receives an ACK message from the
MS, it will be the value of 1, otherwise it will be 0. At this moment, the value is
stored in the trust device table where the initial value is null.
In case of the proposed method, a place, which is differed from the previous TP
method, is needed for storing the mentioned values, such as PMSI_provided,
PMSI_acked, and so on. Our proposed scheme assumed that the network provider
(especially, the GMSC in the network provider) and trust device is maintained as a
kind of table in its own server (See [Fig. 1]).
ㆍ
MS: the mobile user, TD: the trust device, NP: the network provider.
[Step 1]
the step for the call request from the external user (caller):
The external user sends the IAM and MSISDN message to the GMSC of NP in order
to call with the MS.
[Step 2]
the step for the current PMSI request from the GMSC:
The GMSC sends the MSISDN in the case that the value of PMSI_provided is null
after the check-up on the value of PMSI_provided that is stored in it own table.
1
It is a short term secret key between the MS and the TD and is independently calculated for
each item. In addition, it is updated by the given period (In case of the real system
application, it will be adjusted by one week in the short term or one month in the long term
according to the required security level.) The secret key is defined as K=F(K
MT
,T), where
K
MT
is a long term secret key between the MS and the TD, F is a single directional function
of encryption, and T is a predefined synchronization time (periodically updated) between the
MS and the TD.
