Beruflich Dokumente
Kultur Dokumente
Overview
GSM facts GSM components Subscriber SIM anatomy SIM Information Storage Threats to SIM data Equipment :Generic Properties Equipment identification phase
The Subscriber
In 1987, GSM decided that all information elements contained in MS that are related to mobile subscriber must be stored and operated within a specific module, called SIM. The remaining part of the MS , called ME, is intended to contain all the mechanism and devices that are needed to access the GSM services but are not specific to a given subscriber.
12
SIM Anatomy
Subscriber Identification Module (SIM) Smart Card a single chip computer containing OS, File System, Applications Protected by PIN SIM applications can be written with SIM Toolkit SIM Application Toolkit (commonly referred to as STK) is a standard of the GSM system which enables the Subscriber Identity Module (SIM) to initiate actions which can be used for various value-added services.
13
Serial Number
File ICCID Purpose Serial Number Size 10 bytes
Integrated Circuit Card Identifier:Each SIM is internationally identified by its integrated circuit card identifier (ICCID). ICCIDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalization
Processor is used for providing access to the data and security To access the data we need;
SIM Storage
A SIM card contains its unique serial number (ICCID), internationally unique number of the mobile user (IMSI), security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to and two passwords (PIN for usual use and PUK for PIN unlocking). In order to allow the mobile subscriber to operate his SIM in different places with possibly different MEs, the SIM must also contain the certain values of the temporary data namely TMSI, LAI, and Kc. The technology adapted by SIM manufacturers is such that frequent updating of data are made possible. The SIM storage capabilities may provide facilities to memorize and manage additional elements related to the mobile subscriber in association with GSM services or MS features.
6. 7.
SIM Storage
SIM is also used to control or to ease the access of the MS to the network by having the following capabilities. 1. Storage of a list of BCCH frequencies 2. Storage of a network access control parameters 3. The SIM stores network state information, which is received from the Location Area Identity (LAI). Operator networks are divided into Location Areas, each having a unique LAI number. When the device changes locations, it stores the new LAI to the SIM and sends it back to the operator network with its new location
MCC: Mobile country code MNC: Mobile network code MSIN: Mobile Station Identification Number NMSI = MNC + MSIN (National mobile station identity)
Set at point of manufacture Can be changed by the Subscriber Four digit code Usually 3 attempts before phone is blocked
8 digit code Set by manufacturer Maximum 10 attempts before phone is permanently blocked
Short Message Service is a popular communication method Most SIMs have 12 slots for storing messages
00000101 00000111
Therefore, providing the message has not been overwritten any message in a slot can be recovered and translated using software
SIM Life
It covers the whole period from the very beginning when it is manufactured, passing by personalization phase when it is allocated to a mobile subscriber ,and until the moment it is put out of service. GSM distinguishes two phases during SIM life: 1.GSM network operation phase : When SIM is allocated to a given subscriber and operated in association with ME in order to access the GSM services. 2.GSM administrative management phase: It covers all the operations needed for the establishment and the continuity of the SIM capability to access the GSM system. Manufacturing, service provider operations, and personalization(for ex .when SIM is loaded with IMSI or Ki)
The Equipment
In GSM the customer subscription and authentication capabilities is contained within SIM. Any mobile will take on the identity of subscriber by insertion of SIM, thats why mobiles now become attractive item to steal. To prevent this , GSM has specified an International Mobile Equipment Identifier (IMEI)
Generic Properties
All MSs have GSM standards on how they access and communicate with the network and SIM card Every MS has a unique ID called the International Mobile Equipment Identity (IMEI) Everything else is manufacturer dependent
Have to request the SIM PIN if activated May have optional MS PIN
MS Data
Very much dependent on the model, may include;
IMEI Short Dial Numbers Text/Multimedia Messages Settings (languge, date/time, tone/volume etc) Stored Audio Recordings Stored images/multimedia Stored Computer Files Logged incoming calls and dialled numbers Stored Executable Progams (eg J2ME) Stored Calendar Events GPRS, WAP and Internet settings
Threats to MS Data
Tools such as Flashers and Data Suites can be used to directly manipulate MS data Common threat is removing the Service Provider Lock (SP-Lock) limiting the MS to a single networked. Changing the IMEI on stolen phones
Networks blacklist stolen IMEIs in the EIR. Can also be used to avoid tracing an MS.
Thank You