OTA Vulnerability on User Equipment in Cloud Services

摘要

Services from cloud servers always go along with terminal clients as a pair of data provider and consumer or vice versa. In this environment, there have been lots of concerns about security problems on the transactions between the servers and the clients. To attackers, vulnerabilities of the client software are more interesting than those of the servers to analyze and identify, due to the accessibility and easiness. This paper surveys OMA-DM (Open Mobile Alliance - Device Management) firmware update technology and modelings a related vulnerability on the wireless mobile user equipment as it has become a dominant terminal in the cloud services. It is expected to effectively and efficiently find solutions and countermeasures against the vulnerability and the practical attack based on the implementation in this paper.