Read an Excerpt
Chapter 1: Introducing SMS and the SIM
Wireless devices have overtaken every other technology —including
the Internet —in global adoption. By 2003 more than a billion people
will be using a wireless phone or personal digital assistant (PDA)for
voice and data communications. Three factors that have helped to
drive this phenomenal growth have also inspired this book:
1. The worldwide availability and popularity of an inexpensive
Short Message Service (SMS);
2. The evolution of the Subscriber Identity Module (SIM)inside
GSM phones into a standardized and secure application platform
for GSM and next-generation networks;and
3. The demand for applications that let people use their mobile
phones for more than just talking.
Let's take a quick look at how SMS and the SIM have contributed to
the growth of wireless applications and then discuss what you can
expect to learn from this book.
The number of SMS messages sent every month has risen from
about 1 billion messages in July 1999 to more than 20 billion in July
2001, with projections that the total number of SMS messages
exchanged in 2001 will top 200 billion. These SMS exchanges range
from simple text greetings or questions sent between individual subscribers (sometimes called "texting") to news and information services
offered by the wireless carriers, to more advanced applications offered
by third parties such as retrieving data from a corporate sales database
or mobile banking. One result of all this texting and other SMS activity is that wireless carriers now view SMS as an important source of revenues. Another outcome is that hundreds of millions of subscribers are
ready and eager to try out interesting new services based on SMS. But
to move beyond the basic text message delivery and create applications
that can be customized and trusted, developers need a standardized
and secure application platform. That's where the SIM comes in.
The SIM is a smart chip that was designed as a secure, tamper-resistant environment for the cryptographic keys that GSM carriers use to
authenticate individual subscribers to the network connection and
track those subscribers'activities once they are on the air. The SIM
maintains a constant connection to the network as long as the mobile
device remains on. This location-aware, authenticated connection is
what allows subscribers to "roam" from network to network around
the world and, very importantly from the viewpoint of the carrier,
the SIM keeps track of and reports on the subscriber's network usage
and roaming activity so that the carrier can bill customers accurately.
The only way to ensure that the SIM can accomplish its handoff of
subscribers from one network to another without interrupting communication is to base all of its functions on very detailed international
standards. Every GSM equipment manufacturer and carrier adheres to
these standards, which cover everything from the physical size and
characteristics of the chip to the way it handles and stores incoming
information. Anyone developing applications that interact with the
SIM also has to become familiar with the relevant standards and keep
up with changes. This book describes the most important standards in
detail and points readers to online sources of complete standard documentation and updates.
The SIM is also an essential part of the move to higher speed and
more capable "next-generation"wireless networks, discussed later in
this chapter. Because the 2001 digital network is referred to as the second generation (analog wireless was the first generation), these
upgraded networks have been dubbed 2. 5G (a significant notch up
from the current speed and performance) and 3G. Although the
timetable and technology for rolling out next-generation networks
differs around the world, carriers everywhere recognize the importance of keeping today's SIM and SMS applications working during
and after the upgrade. Therefore, the SIM will manage the roaming
of traffic between generations of networks and between geographic
locations. In addition, applications that work with today's SIM standards will be in a good position to take advantage of the higher speed
and multimedia capabilities of the 3G networks as they emerge.
Carriers, mobile equipment makers, and other service providers
agree that applications are the most important driver for continued
growth of wireless data exchange. The providers are searching for new
killer applications to generate additional revenues from their networks and increase subscriber use and loyalty. They see that individual subscribers are looking for applications that will allow them to get
more from their mobile phones or wireless PDAs. Businesses need
applications that make mobile employees more productive and enable
them to reach their mobile customers. There are different ideas about
who should develop such applications. Some carriers prefer to do
their own development work, whereas others contract with third-party developers or look to the SIM and mobile equipment vendors to
provide the applications. One way or another, the demand for applications continues to increase.
Wireless Application Protocol (WAP), which many people thought
of as the fastest route to mobile applications, was something of a wake-up call for network operators. When wireless communications
were all about voice, the operators controlled every aspect of the
mobile phone. The emergence of WAP allowed well-known Web-based services like yahoo. com and literally hundreds of start-up WAP
sites to download programs to the mobile handset and take control of
the screen and the keypad. The wireless operators looked around and
discovered that all they still really controlled was the SIM, a tiny computer deep in the guts of the mobile phone that was designed to protect security, not support applications. We'll discuss how this computer sprouted an application programming interface called the SIM
Application Toolkit (SAT) and other development tools like the SIM
Micro-Browser in Chapter 10, but you should know that today's SIMs
are an underappreciated platform for a rich variety of mobile applications.
At the same time, application developers, especially developers who
are expert in creating SMS and SIM-based applications are in short
supply. It is hard to find all the information needed to start using
SMS and SAT, and even harder to find clear examples of how to program specific applications. This book provides a step-by-step explanation of the commands, standards, and programming techniques that
will take you from basic SMS applications to advanced SAT functionality. If you want to learn more about SMS and SIM development,
this is the place to start.
Foundations and Definitions
SMS is the abbreviation for Short Message Service. SMS is a way of sending short messages to mobile telephones and receiving short messages
from mobile telephones. "Short" means a maximum of 160 bytes.
According to the GSM Association, "Each short message is up to 160
characters in length when Latin alphabets are used, and 70 characters in
length when non-Latin alphabets such as Arabic and Chinese are used."
*
The messages can consist of text characters, in which case the messages can be read and written by human beings. SMS text messages
have become a staple of wireless communications in Europe and
Asia/Pacific and are gradually gaining popularity in North America.
The messages also can consist of sequences of arbitrary 8-bit bytes, in
which case the message probably is created by a computer on one end
and intended to be handled by a computer program on the other.
SIM is the abbreviation for Subscriber Identity Module. As its name
implies, its original purpose (and continuing role) was to identify a
particular mobile user to the network in a secure and consistent manner. To accomplish this, the SIM stores a private digital key that is
unique to each subscriber and known only to the wireless carrier. The
key is used to encrypt the traffic to and from the handset. It is essential to keep this key out of the hands of mischief makers who might
get hold of a SIM and try to steal the subscriber's identity. Because
smart cards were designed to be extremely difficult to crack under a
variety of attacks, the smart card's core electronics and design architecture were adopted as the base of the SIM. Building applications for
the SIM has a lot in common with designing smart card applications
and, as we will see later, the standards that guide the evolution of
smart cards and the SIM have started to converge in the international
standard-setting bodies.
One of the most important standards for SIM application developers is the SIM Application Toolkit (SAT). As the name implies, the SAT
standardizes the way in which applications besides the subscriber's private keys can be developed for and loaded onto the SIM. Wireless carriers are understandably sensitive about guarding the security of the
SIM and preserving its primary function of subscriber identity and
encryption. Because the carrier controls what code is loaded directly
onto the SIM, adhering to SAT standards in building your application
doesn't mean that it will run on any given network. Typically, there is
a testing and certification process required for any application that is
not developed directly by the network providers or SIM vendors.
On the one hand, such a process can make it difficult to get your
applications on the SIM because, if any Tom, Dick, or Sally can download programs to the SIM it wouldn't be a trusted computer. On the
other hand, when you do get your applications on the SIM, you will be
in good company. Or, if your applications don't require the full-blown
trust and security apparatus built into the SIM, you can work with SMS
and a tool called the USAT Interpreter to interact with Web-based
information via the SIM. As more SIMs capable of running virtual
machines such as Java come to market, you can also develop applications that can be downloaded over the air —as long as the application is
acceptable to the wireless carrier. This book explains the range of possibilities and illustrates the steps involved in developing those possibilities.
The SIM is the smaller of two computer chips inside a GSM mobile
handset. Early SIMs typically were 1 /3 million instruction per second
(MIP)with 3K memory, and most SIMs in use today are 1 /2 MIP with
16K memory. To handle virtual machines and larger applications, the
current high-end SIM provides 32K of memory, with 64K SIMs anticipated within the next year. The computer chip that runs the handset
is much larger, typically with a couple of megabytes of memory and
a couple of MIPs of computer power. The larger chip controls the
keypad and the display, encodes and decodes voice conversations, and
runs the protocols that enable the handset to connect to the telephone network. The SIM may be a small computer compared with
the handset computer and a tiny one compared with PDA and notebook processors, but its size doesn't have to be a gating factor for
innovative applications. In fact, the SIM has about the same computing power as the first IBM PC and that computer opened the eyes of
corporations and individuals to the potential of word processing,
spreadsheets, and other applications to change the way we do our
work and live our lives.
Bear in mind that there are other ways of exchanging data with a
mobile telephone that are not covered in the following chapters. General Packet Radio Services (GPRS) is one example. There are also other
ways to build mobile applications. WAP is one of the best known and
has a large following. Nevertheless, SMS and the SIM have some characteristics that make them attractive for many types of application.
SMS is cheap, always on, gets through when other messages don't, is
a store-and-forward system and is quite easy to build with. The SIM is
portable so you can move it from one mobile device to another; it is
tamper resistant, so it can be used to hold sensitive data;and it provides access to the full range of capabilities of the handset. One sweet
spot for applications using SMS and the SIM is trusted transactions.
Although this includes mobile commerce and financial transactions,
the trust inherent in the SIM can be leveraged to a much broader
group of applications where privacy and performance are important.
The case-study chapters describe how companies and carriers are using
this trust in real-world situations.
An SMS message nearly always gets through. If the mobile phone
isn't on when you send a message, the system holds it until the phone
is turned on and then delivers it. The system also can generate a
return receipt that tells you that the message has been delivered. SMS
messages are encrypted, so there is no fear that your message will be
snatched out of the air and read. You can even add your own encryption to an SMS message so that not even the phone company can read
what you are sending. There are many standards, software packages,
and service providers that make building industrial-strength SMS
applications easy, quick, and even fun (if you have a somewhat distorted sense of fun)....
*GSM Association, "Introduction to SMS"on the web at http://www.gsmworld.com/
technology/sms.html.
