Mobile Communication Security Controllers

  • Keith MayesEmail author
  • Konstantinos Markantonakis


Cellular communication via a traditional mobile handset is a ubiquitous part of modern life and as device technology and network performance continues to advance, it becomes possible for laptop computers, Personal Digital Assistants (PDAs) and even electrical meters to better exploit mobile networks for wireless communication. As the diverse demands for network access and value added services increase, so does the importance of maintaining secure and consistent access controls. A critical and well-proven component of the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunications System (UMTS) security solution is the smart card in the form of the Subscriber Identity Module (SIM) or USIM, respectively. However, with the enlarged range of communications devices, some manufacturers claim that the hardware selection, chip design, operating system implementation and security concepts are different from traditional mobile phones. This has led to a suggestion that types of “Software SIM” should be used as an alternative to the smart card-based solution. This paper investigates the suggestion.


Smart Card Universal Mobile Telecommunication System Near Field Communication Trusted Platform Module Security Element 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



Originally published in Elsevier Information Security Report 13 (2008); reproduced with kind permission of Elsevier.


  1. 1.
    Anderson R (2008). Security engineering: a guide to building dependable distributed systems. John Wiley, New York.Google Scholar
  2. 2.
  3. 3.
    EVITA project (20082011). E-Safety vehicle intrusion protected applications.
  4. 4.
    Hersteller Initiative Software (HIS), Working Group Security (2010). SHE Secure hardware extension version 1.1.Google Scholar
  5. 5.
    ISO 11898 (20032007). Road vehicles Controller area network (CAN).Google Scholar
  6. 6.
    National Institute of Standards and Technology (2001). FIPS-140-2: Security requirements for cryptographic modules.Google Scholar
  7. 7.
    Trusted Computing Group (2011). TPM Main Specification Version 1.2. [Online Available]
  8. 8.
    Russell R (2008). Virtio: Towards a de-facto standard for virtual I/O devices. ACM SIGOPS Operating Systems, Review (42).Google Scholar
  9. 9.
    Debian GNU/Linux FAQ (2011). Basics of the Debian package management system. [Online Available]
  10. 10.
    RSA Laboratories (2004). Cryptographic Token Interface Standard 2.2.Google Scholar
  11. 11.
    Universitat Politecnica de Valencia (2012). XtratuM A hypervisor specially designed for real-time embedded systems. [Online Available] Scholar
  12. 12.
    Standaert FX, Malkin T, Yung M (2009). A unified framework for the analysis of side-channel key recovery attacks. Springer-Verlag, Berlin.Google Scholar
  13. 13.
    IEEE 1609. Draft standards for wireless access in vehicular environments.Google Scholar
  14. 14.
    ISO 15408 (2007). Information technology Security techniques Evaluation criteria for IT security.Google Scholar
  15. 15.
    Scheibel M, Wolf M (2009). Security risk analysis for vehicular IT systems A business model for IT security measures. Embedded Security in Cars Workshop (escar 2009), Dsseldorf, Germany.Google Scholar
  16. 16.
    European Commission Information Society (2012). Emergency call (eCall). [Online Available]
  17. 17.
    Poulsen K (2010). Hacker Disables More Than 100 Cars Remotely. The WIRED Magazine.Google Scholar
  18. 18.
    Eisenbarth T, Kasper T, Moradi A, Paar C et al. (2010). On the power of power analysis in the real world: A complete break of the KeeLoq code hopping scheme. Springer-Verlag, Berlin.Google Scholar
  19. 19.
    Koscher K et al. (2010). Experimental security analysis of a modern automobile. IEEE Symposium on Security and Privacy (SP).Google Scholar
  20. 20.
    Checkoway S et al. (2011). Comprehensive experimental analyses of automotive attack surfaces. USENIX association.Google Scholar
  21. 21.
    Rouf I et al. (2010). Security and privacy vulnerabilities of in-car wireless networks: A tire pressure monitoring system case study. USENIX association.Google Scholar
  22. 22.
    OVERSEE project (2009–2012). Open Vehicular Secure Platform.

Copyright information

© Springer Science+Business Media New York 2014

Authors and Affiliations

  1. 1.Information Security Group, Smart Card CentreRoyal Holloway, University of LondonLondonUK

Personalised recommendations