Overcoming channel bandwidth constraints in secure SIM applications

Abstract

In this paper we present an architecture based on a Java (J2SE, J2EE, J2ME and Java Card) platform supporting a secure channel from a Mobile Operator to the SIM card. This channel offers the possibility of end to end security for delivery of large data files to a GSM SIM card. Such a secure channel could be used for delivery of high value content that requires a high bandwidth channel - perhaps either rendered for user infotainment, or processed in the client Mobile Station (device and SIM card) for remote device management. Our methodology overcomes the bandwidth constraints of the SIM Toolkit Security scheme described in GSM standard 03.48. To validate our proposal we have developed code to create DRM and Web Service test scenarios utilising readily available J2ME, Java Card, J2SE and J2EE platforms, Web Services tools from Apache, the KToolBar emulator from Sun, and a Gemplus Java Card. Copyright © 2005 by International Federation for Information Processing.