Mobile trusted module (mtm)-based short message service security system and method thereof

What is claimed is: 1 . A hardware security module, comprising: an access control unit configured to verify the integrity of a SMS application a request from the SMS application, and verify whether the SMS application has a permission for the request; a key management unit configured to store and manage a public key and a private key of the terminal, and an encryption key shared with a server configured for the security message between the SMS server and the terminal; and a security message processing unit configured to convert the security message based on a preset security policy when the security message is received from the server, and return the converted message to the SMS application. 2 . The hardware security module of claim 1 , wherein the security message processing unit uses the encryption key, decrypts the security message, and returns the decrypted security message to the SMS application. 3 . The hardware security module of claim 1 , wherein the security message processing unit uses the encryption key, decrypts the security message, re-encrypts the decrypted security message using a separate key, and returns the re-encrypted security message and a key ID of the separate key to the SMS application. 4 . The hardware security module of claim 1 , wherein, when the request for the security message is received from the SMS application, the security message processing unit generates the security message through encrypting the received short message with the encryption key, and returns the message to the SMS application. 5 . A short message service security method that is provided by a user terminal including a hardware security module configured to encrypt or decrypt a short message in cooperation with a SMS application that is executed in an application processor, the method comprising: receiving a security message encrypted with an encryption key shared with a server; converting the security message based on a preset security policy for managing the security message; and transmitting a reception checking message to the server when reception of the security message is completed. 6 . The short message service security method of claim 5 , wherein the converting includes decrypting the security message using the encryption key and displaying the decrypted security message. 7 . The short message service security method of claim 5 , wherein the converting includes decrypting the security message using the encryption key, re-encrypting the decrypted security message using a separate key, and storing the re-encrypted security message and a key ID of the separate key. 8 . The short message service security method of claim 5 , further comprising when a security message writing request is received from the SMS application, generating a security message in which the short message is encrypted using the encryption key, and returning the message to the SMS application. 9 . A short message service security method that is provided by a server that manages the encryption keys shared with each target terminal, generates the security message in which a short message received from a transmitting terminal is encrypted, and transmits the security message to the target terminal, the method comprising: generating a security message in which the short message is encrypted using an encryption key shared with the target terminal when the short message that is received from the transmitting terminal and not encrypted matches a security policy set in the target terminal; delivering the security message to the target terminal and requesting a security message reception checking task from the target terminal; and verifying reception of the security message. 10 . The short message service security method of claim 9 , wherein the verifying of the reception includes: setting a time-out for reception verification of the security message; determining whether a reception checking message generated when the target terminal performs a security message reception checking procedure is delivered within the time-out; and generating a reception checking error message when the reception checking message is not delivered within the time-out based on the determination result. 11 . The short message service security method of claim 9 , wherein the reception checking message includes a hash value of plain text of the received security message or the received security message, and includes hash values of plain texts of most recently received N security messages, and wherein the verifying of the reception further includes: checking whether a hash value of plain text of the transmitted security message or plain texts of recently transmitted N security messages matches a hash value included in the reception checking message when the reception checking message is delivered within the time-out; and generating a verification checking message when the values match, and generating an error message when the values do not match.