System for Enforcing Security Policies on Mobile Communications Devices

A system for enforcing security policies on mobile communications devices (115) adapted to be used in a mobile communications network (105) in operative association with a subscriber identity module (120). The system having a client-server architecture comprising a server (140) operated by a mobile communications network operator (110) and a client (135) resident on a mobile communications device on which security policies are to be enforced. The server is adapted to determine security policies to be applied on said mobile communications device, and to send thereto a security policy to be applied. The client is adapted to receive the security policy to be applied from the server, and to apply the received security policy. The server includes a server authentication function (327) adapted to authenticate the security policy to be sent to the mobile communications device; the client is further adapted to asses authenticity of the security policy received from the server by exploiting a client authentication function (435) resident on the subscriber identity module.