Godkända
Master switch application, an antitheft application for cellular phones
José La Verde (EXCHANGE)
Start
2008-01-22
Presentation
2008-06-12 11:45
Plats:
E3139
Avslutat:
2008-06-12
Examensrapport:
(Kontakta handledare)
Sammanfattning
<p>In our contemporary world one of the most important things for all development technologies is the security. Sony Ericsson Mobile Communications AB (SEMC) has to protect their software development platform from being tampered with; several security methods are guaranteeing a high level protection for the numerous threats that they have to face. Therefore, the development of new security solutions has to be done due to new threats that we have to face everyday.</p> <b>Problem Description</b> <p>Nowadays, SEMC phones could be classified into two categories; commercials and prototypes. Prototype phones are used for the development tasks of SEMC and have to be protected from being used after they fall into the wrong hands. Hence, a new application is needed, the Master Switch Application (MSA). The MSA has to check if a new SIM card has been introduced to the phone. If there is a new SIM card the application has to send an encrypted SMS to a server in a Sony Ericsson facility, the server will decrypt the message and check if there is a missed report for that phone and then will send back another encrypted SMS to the phone. Afterwards, the MSA has to decrypt the message and check if the phone can continue running or if it has to stop its functionality.</p> <p> The MSA will be developed from a given specification that involves<br><br> • Modification of the jumping instruction after the boot code.<br> • Development of the MSA standalone block, in the flash memory of a SEMC phone.<br> • Modification in the phone software of a SEMC phone.<br> • Implementation of the MSA functionality in a SEMC server. <br> </p> <p> Anytime that a user turns on a SEMC prototype phone, the MSA standalone block has to verify a dead message (DMSG) that will be stored in a specific area in the flash memory. The MSA standalone block has to perform the following tasks;<br><br> • Read the DMSG.<br> • Verify the security protocols in the DMSG.<br> • Destroy the jumping instruction to the phone software.<br> • Delete the Message.<br> </p> <b>Theoretical studies</b><br> <p>In all security applications it is important to determine possible weaknesses. This is the basis for the theoretical studies. First of all a security evaluation will be performed in which attacks may be focused in the Master Switch Application standalone block and the functionality within the application controlling e.g. the execution and termination of the application. The Attack Tree Model will be used to perform this part of the master thesis. Once all the attacks are determined, it will be possible to find weaknesses and also breaches in the application developed and therefore find ways to protect it. </p>
Handledare: Janne Karppinen (Sony Ericsson) och Martin Hell (EIT)
Examinator: Thomas Johansson (EIT)