Conference PaperPDF Available

Implementation of web service on SMS gateway for security enhancement

  • Director, IIIT Kottayam, Kerala, India Institute of National Importance


Short message service (SMS) will play a very vital role in the future business areas whose are popularly known as mobile banking, organizational marketing system etc. For this future, SMS could make a mobile device in a business tool as it has the availability and the effectiveness. In the following text, proposed system is to provide multi level local authentication to the SMS gateway service. This service can be implementing in any multi departmental organization where Short Message Service (SMS) service is used for notification system and marketing purpose.
National Conference on “Emerging Trends in Electronics Engineering & Computing” (E3C 2010)
Implementation of web service on SMS gateway for
security enhancement
Ms. V.K.Katankar, Dr.V.M.Thakare, Dr.R.V.Dharaskar
Student, ME(WCC) IV Sem ,H.O.D.SGB University,H.O.D.G.H.Raisoni college of Engg.
Department of Computer Science & Engineering
Nagpur ,India,,
Abstract— Short message service (SMS) will play a very
vital role in the future business areas whose are popularly
known as mobile banking, organizational marketing system
etc. For this future, SMS could make a mobile device in a
business tool as it has the availability and the effectiveness. In
the following text, proposed system is to provide multi level
local authentication to the SMS gateway service. This service
can be implementing in any multi departmental organization
where Short Message Service (SMS) service is used for
notification system and marketing purpose.
Keywords— web service, SMS, SMS gateway, SMPP
(Short Message Peer-Peer) Protocol
Nowadays, mobile SMS application has become
an important and growing current technology. It is a system
that integrates mobile technology with information
management system. This system used a Short Messaging
Services (SMS) to enhance the performance of the system
conducted. Towards the rapid development in e-business,
mobile SMS application has taken an advantage to introduce
the easy, fast and cost saving tools by using SMS as a medium
for communication. By reducing the time consuming and
human intervention, all processes are converted to SMS.
However, there are several mobile SMS application has due to
face the uncertainties circumstances when an extensive
processes occurred . The performance of system became
unreliable during hectic time when users used the SMS
application at the same time. Consequently, system has
become unstable and unreachability to errors.
A Web Service (also Webservice) is defined by the W3C as
"a software system designed to support interoperable
machine-to-machine interaction over a network. It has an
interface described in a machine-processable format
(specifically WSDL). Other systems interact with the Web
service in a manner prescribed by its description using Simple
Object Access Protocol (SOAP) messages, typically conveyed
using Hypertext Transfer Protocol (HTTP) with an XML
serialization in conjunction with other Web-related standards."
Other approaches with nearly the same functionality as web
services are Object Management Group's (OMG), Common
Object Request Broker Architecture (CORBA), Microsoft's
Distributed Component Object Model (DCOM) or Sun
Microsystems's Java/Remote Method Invocation (RMI). In
common usage the term refers to clients and servers that
communicate over the HTTP protocol used on the Web. Such
services tend to fall into one of two camps: Big Web Services
and RESTful Web Services[1].
SMS gateway is a device or service offering SMS transit,
transforming messages to mobile network traffic from other
media, or vice versa, allowing transmission or receipt of SMS
messages with or without the use of a mobile phone. Typical
use of a gateway would be to forward simple e-mail to a
mobile phone recipient[2,3].
Some SMS gateway providers can be classified as
aggregators or Signaling system No.7 (SS7) providers. The
aggregator model is based on multiple agreements with
mobile carriers to exchange 2-way SMS traffic into and out of
the operator's Short Message Service Centre (SMS-C), also
known as 'local termination model. Aggregators lack direct
access into the Signaling system No.7 (SS7) protocol, which
is the protocol where the SMS messages are exchanged. These
providers have no visibility and control over the message
delivery, being unable to offer delivery guarantees. SMS
messages are delivered in the operator's Short Message
Service Centre (SMS-C), but not the subscriber's handset.
A Direct To Short Message Service Centre (SMSC)
Gateway is a device which allows SMS text messages to be
sent and/or received by email, from web pages or from other
software applications. The Gateway connects directly to a
Mobile Operator's Short Message Service Centre (SMSC) via
the Internet or direct leased line connections. It converts the
message format into a format understood by the SMSC,
typically this is the Short Message Peer-to-Peer (SMPP)
protocol. Direct To Short Message Service Centre (SMSC)
Gateways are used by SMS Aggregators to provide SMS
services to their clients. Typically Direct To Short Message
Service Centre (SMSC) Gateways are used for high volume
J D College of Engineering, Nagpur(M.S.) 974
National Conference on “Emerging Trends in Electronics Engineering & Computing” (E3C 2010)
messaging and require a contact directly with the Mobile
This SMS Gateway connects to our proposed system for
sending SMS to different mobile.In this ,SMS can be compose.
on what time and on what date messages have to be sent. .We
can see queued messages.
We can add contacts,edit contacts..We can add
templates,view templates.We can manage group.
Figure 1. Overall Structure
Figure 1 describe the overall structure of the project it has
three main level of execution. First level where user will
access web based application and assemble SMS with basic
header like receiver mobile number and message to send to
the receiver. This message has been send to second level that
is at web server level where it will modify message by
applying some security header to SMS and pass it to the SMS
gateway now SMS gateway will send this message to receiver
mobile phone. Here whenever user send message he don’t
need to give security header[4] which protect password from
user. Major advantage of this system is protection of security
header and providing service to the clients along with this
service will let the administrator track the service utilization
of every user if the service is free to client[5].
Figure 2. Software Level Execution Flow
SMS Client User Interface: This module is web page
based user interface where user need to login using user
specific authentication details. After successful login user can
manage SMS sent, saved by that specific user and can
compose new SMS using web user interface. Now this
interface ask user receivers mobile number and message to
send it won’t require SMS gateway authentication security
headers those are applied at last level of execution. Once user
press sent option system will first encrypt the user message
using some encryption algorithm[6] and then generate web
POST data and transfer it to web application. Web application
then process further[7].
J D College of Engineering, Nagpur(M.S.) 975
National Conference on “Emerging Trends in Electronics Engineering & Computing” (E3C 2010)
SMS Verification & Management: This is first level of
verification. As proposed system giving free access to SMS
gateway resource to the user then it’s systems responsibility to
manage local user with their resource usage. This level will
manage all transactions by local user[8].
Web Application: web application is mainly divided in to
different sub module from decryption to authentic SMS
POST Data Decryption: As client web interface send data
using web POST method and encrypted then web application
will first read web data from POST method using server
request object then it will decrypt SMS in to text because
SMS gateway cant understand encrypted message it need
Security Header Adder: This module will simply add
security header to the decrypted message. These headers are
provided by the SMS gateway service. To local user system is
providing it’s own password for client security[9,10,11].
Authentic SMS Generation: This module will generate
authentic message this is for SMS gateway. After message
generation it will transfer message to SMS gateway web
service this is implemented by some mobile service operator
they also provide some unique sender ID to each client[12,13].
a. SMS is a cheap payment method.
b. Efficient
c. Secure
d. Anytime/Anywhere.
e. No wastage of time
The short message service unifies Internet and mobile
network is on a rapid development stage, and every short
message business emerged one after another.In this paper,we
have proposed a system that can be useful for
multidepartmental organization where Short Message Service
(SMS) service is used for notification system and marketing
[1] S.Subramanian, P. thiran,Z.Maamar,and D.
Benslimane,”EngineeringCommunities of Web services”,In
Proceedings of International Conference on Information Integration
and Web based Applications and Services
[2] Benting Wan,2008,Business-Based SMS Mobile Search”,22nd
International Conference on Advanced Information Networking and
Applications – Workshops,pp. 692-695.
[3] M. Hassan Shirali-Shahreza, Mohammad Shirali-Shahreza ,2008,An
Anti-SMS-Spam Using CAPTCHA”, 2008 ISECS International
Colloquium on Computing, Communication, Control, and
Management,pp. 318-321.
[4] Quratulain Aziz,13-14 November 2006,Payments through Mobile
Phone”, IEEEICET 2006, 2nd International Conference on Emerging
Technologies, Peshawar, Pakistan 13-14 November 2006,,pp. 50-53.
[5] Ningning Wu, Ming guang Wu, Siguo Chen, 2008,“Real-time
Monitoring and Filtering System for Mobile SMS,”pp. 1319-1324.
[6] David Lisoněk,Martin Drahanský, 2008,SMS Encryption for Mobile
Communication” 2008 International Conference on Security
Technology,pp. 198-201.
[7] ]Peizhou He, Xiangming Wen, Wei Zheng, 2008,”A Novel Method for
Filtering Group Sending Short Message Spam”, International
Conference on Convergence and Hybrid Information Technology
2008,pp. 60-65.
[8] Siti Dianah Abdul Bujang , Ali Selamat,2008,“Verification of Mobile
SMS Application with Model Checking Agent”,Eighth International
Conference on Intelligent Systems Design and Applications,pp. 217-
[9] Juan Jos´e Garza-Salda˜na, Arturo D´ıaz-P´erez, 2008, “State of
Security for SMS on Mobile Devices”, Electronics, Robotics and
Automotive Mechanics Conference 2008,pp. 110-115.
[10] Hany Harb, Hassan Farahat, Mohamed Ezz ,2008,“SecureSMSPay:
Secure SMS Mobile Payment Model”
[11] MD. Asif Hossain1, Sarwar Jahan, M. M. Hussain, M.R. Amin, S. H.
Shah Newaz,2008,”A Proposal for Enhancing The Security System of
Short Message Service in GSM”, pp235-240.
[12] Shushan Zhao, Akshai Aggarwal, 2008, “Building Secure User-to-user
Messaging in Mobile Telecommunication Networks”,pp 151-157.
[13] Webpage:
J D College of Engineering, Nagpur(M.S.) 976
ResearchGate has not been able to resolve any citations for this publication.
Conference Paper
Full-text available
Short message service (SMS) will play a very vital role in the future business areas whose are popularly known as m-commerce, mobile banking etc. For this future commerce, SMS could make a mobile device in a business tool as it has the availability and the effectiveness. The existing SMS is not free from the eavesdropping, but security is the main concern for any business company such as banks who will provide these mobile banking. Presently there is no such scheme which can give the complete SMS security. In this paper, we have proposed a security scheme for improving the SMS security. At first plaintext of SMS would be made as cipher text with the help of existing GSM encryption technology, then this cipher text would be digitally signed with the help of public key signature. These have to be made compatible to existing infrastructure of GSM security. The proposed scheme will give total authenticity, data integrity, confidentiality, authorization and non-repudiation which are the most essential issues in m-commerce or mobile banking and in secure messaging.
Conference Paper
Full-text available
Short Message Service (SMS) and Multimedia Message Service (MMS) are popularly used and will be more popular in the future. However, the security of SMS and MMS messages is still a problem. There is no end-to-end security (including integrity, confidentiality, authentication, and non- repudiation) in these services. This hinders service providers to provide some services that require communication of high-level security. There have been some solutions proposed for this issue in literature, but these are not suitable for user-to-user communication. In this paper, we review existing solutions and analyze their weaknesses. We then propose a new solution for a secure messaging channel using identity-based cryptography. This solution provides end-to-end security from service provider to mobile users, and between mobile users. The advantage of this solution is that it does not require a large storage on mobile terminal side, which is especially essential for user-to-user communication. Also this solution can be implemented with existing technologies on both service provider side and mobile terminal side. We concentrate the discussion on SMS service in details, while the scheme also works for MMS service.
Conference Paper
Recently, concerns have been raised regarding to the trustworthiness of software systems which are used in many critical business applications. Based on the general survey and users feedbacks there are several unexpected errors arise during the processing of software system. Therefore, the systems that suppose to give business entities a sufficient service has lead to the devastating failures. In this paper, we propose a model checking agent approach for verification of text messages using formal method in the Short Message Services (SMS). The agent that we design is able to play a role of handling the verification of SMS application. The verification process is handled by model checking agent that based on automata model with the support of model checking method. The model checking method will verify the correctness of the design so that it follows the required requirements. From the experiments, this approach has been able to support the SMS application to be efficient, maintainable and verifiable for the mobile application industries.
Conference Paper
This paper deals with an SMS encryption for mobile communication. The transmission of an SMS in GSM network is not secure, therefore it is desirable to secure SMS by additional encryption. In the following text, there are compared differences in the use of symmetric and asymmetric cryptography for SMS transfer securing. In the next part, there is the description of design and implementation of the application for mobile phones, which encrypts and signs SMS using an asymmetric RSA cipher. At the end, there are described attacks on secured SMS and future extension of the application.
Conference Paper
Short message service (SMS) can prove to be a cheap, efficient and effortless cash replacer in today's world taking a giant leap towards wireless era. Such billing applications involve tools like SMS gateway and protocols like SMPP (Short message peer-peer) to provide a flexible data communications interface for the transfer of short message data between external short message entities (ESME), routing entities (RE) and message centre (MC).The customer just has to SMS the pre-paid code and amount and nature of payment in the pre-defined format and is devoid of the fatigue of standing in long queues for paying bills
Conference Paper
This paper proposed a new method of real-time information monitoring and filtering for mobile short messaging service (SMS) system. This method implements the mobile SMS real-time monitoring and filtering by combining the Pinyin fuzzed keyword matching technology with dynamical adjustment of the userspsila credit-grade. This method firstly classifies the SMS into three categories: legal SMS, doubtful SMS and junk SMS, then creates the keyword dictionary by Bayesian learning and runs parallel real-time filtering on polynuclear hardware platform. It enhances the junk message interception rate and the processing speed of short message service center (SMSC), reduces the misjudgment rate for the monitoring center, and meanwhile gives consideration to interests of both the operators and customers.
Conference Paper
In years, the evolution of mobile SMS (short message service) application is become one of the high demand technology which introduced the fast service and cost saving. So due to this, SMS become a platform for developing information services in order to enhance the way of conventional system been conducted. However, at certain limitation this increasing convergence has effected the performance of information services when the system face the uncertainties and unprecedented risk. System has become unstable and prone to errors, which consequently effect the user satisfaction. Therefore, the trusted model system is extremely important to build the dependable software system. So, this paper propose a model checking agent approach to handle the verification and validation of mobile SMS application in order to ensure that the design of the system is correct. First, we present the architecture of model checking agent in the test case study to verify the SMS message that received by the system. Then, we formalize the design into PROMELA specification for SPIN model checker. Result from the SPIN model checker is able to determine whether the model is satisfy the properties of the requirement stated or could be otherwise. This model checking agent proposed is focused on the verification towards the mobile SMS application.
Conference Paper
Comparing to WAP-based mobile search, SMS- based(short message service based) mobile search needs to obtain exact search results. In order to improve SMS- based mobile search usability, the business-based SMS mobile search is proposed. All businesses are classified into local search business and Web exact search business and web fuzzy search business to SMS mobile search, the local and web exact search business can promise the exact result for mobile users, and web search business can provide enough information of Internet for mobile users. In order to get more exact business type from short message provided by mobile users, the multi-keyword business and keyword fuzzy match strategies are used to SMS mobile search. The implementation shows that Business-based SMS mobile search has good efficiency.
Conference Paper
With the prosperity of SMS (Short Message Service), there are more and more SMS spam. This paper proposes a method for filtering group sending SMS Spam, which combines black-and-white list technology and CAPTCHA (Completely Automated Public Turing test to tell Computers and Human Apart) technique. At first, it utilizes black-and-white list technique to check out the SMS account. If the SMS account is on the blacklist or whitelist, the SMS will be disposed directly without using CAPTCHA technique. In contrast, if the SMS account is not on the black-and-white list, then it makes use of CAPTCHA to handle it. If the SMS sender can not pass the CAPTCHA, the SMS will be tagged as s SMS spam and deleted. Finally, it has been simulated with Smartphone of Microsoft Visual Studio 2005.
Conference Paper
Today sending spams has turned to be a major problem in the Internet. In last 20 years, the Internet and mobile communication growth in parallel. So the spams are also born on the mobile phones as the form of SMS (Short Message Service) spams. In this paper a new method is proposed for filtering SMS spams using CAPTCHA (Completely Automatic Public Turing Test to Tell Computer and Human Apart) systems. CAPTCHA systems are used to distinguish between human users and computer programs automatically.In this method, the picture of an object is sent as an SMS picture message. Also name of that object and name of three other objects are written in the SMS as a multiple-choose question. The user should select the name of that object from a list of four object names and send the number back in reply as an SMS text message. If the SMS sender can pass the CAPTCHA test, it will be identified that SMS is legitimate.