This application relates to telecommunications systems, and more particularly to the registration of a user""s identity or a user""s service subscription in a user-identity component of a telecommunications terminal.
Many modem telecommunications systems provide various services and features to which users may subscribe with a service provider, prior to using the services. When a user accesses a telecommunications system, the system requires some means to identify the user or the user""s subscription, in order to determine that the user is authorized to receive service from the system and to provide the specific services and features which are associated with the user or the user""s subscription. In many wireline telecommunications systems, such as those providing conventional wired telephone service, the solution to this problem is straightforward: the user""s subscription information for an ordinary telephone line is usually associated in some way with the line (or some other fixed interconnection with the telecommunications network). In such systems, calls originating on a line are billed to, and receive features and other treatment appropriate for, the associated subscription. Calls directed to a subscriber are delivered to the associated line, unless the subscriber has arranged through call forwarding or other means to have the call redirected.
Identifying a user or a user""s subscription in telecommunications systems serving wireless terminals is less straightforward. Users and their terminals may seek service at various locations within their xe2x80x9chomexe2x80x9d system, at locations in other systems of the same type or family, or in systems of a different type or family. Even within a home system, calls originated by wireless subscribers do not typically enter the system from respective identifiable xe2x80x9clinesxe2x80x9d or other fixed interconnection points, and similarly calls destined for wireless subscribers cannot be delivered consistently to respective lines or other fixed interconnection points. (A user""s home system is the telecommunications system with which the user has a subscription or other arrangement under which service is provided, and the system which maintains information sufficient to authenticate the user and determine the parameters of service to be provided to the user. The term xe2x80x9csystem familyxe2x80x9d is used herein to refer to one or more telecommunications systems that share a defined set of telecommunications technologies, protocols, functional behaviors, and/or conformance with one or more official standards, industry standards, or other conventions.) Accordingly, wireless terminals have historically been provided with information that identifies the terminal itself, a subscription associated with the terminal, or both. This information, or a derivative, is transmitted to a serving telecommunications system when access is sought and perhaps at other times. If the serving system is the subscriber""s home system, the serving system may already have information sufficient to authenticate the user and determine the parameters of service to be provided to the user. In other cases, the serving system may request this information from the subscriber""s home system.
For example, in original versions of the AMPS system, an early cellular system implemented in North America, each mobile terminal had a fixed Electronic Serial Number (ESN) and a changeable Mobile Identification Number (MIN), which included the directory number assigned by the home system to the subscription and the associated terminal. See, for example, Cellular Interim Standard 3 (CIS-3), a publication of the Telecommunications Industry Association (TIA). This arrangement has a number of disadvantages. When a terminal requests access to a system, the terminal transmits its associated ESN and MIN to the serving system in the clear, i.e., without encryption. This has allowed persons to steal service by recording the ESN and MIN of valid terminals/subscribers and reprogramming impostor terminals to mimic the terminals of valid subscribers. In addition, at least initially, although a terminal""s MIN was changeable by a service provider or other technical personnel, it was not readily changeable by a subscriber. Thus, terminals were associated with a particular subscription for service, and were not equipped to obtain access to a user-selected one of several valid subscriptions associated with the user.
Newer systems have introduced several improvements in the identification of a user or a user""s subscription to a serving system. Terminals for AMPS systems have been produced that can request access under different MINs associated with several valid (but predetermined) subscriptions responsive to a user selection. In GSM wireless systems, each terminal has a Subscriber Identity Module (SIM), which contains information identifying a subscriber, and associated security information, which are necessary to obtain access to a GSM system. The SIM is removable from GSM terminals, allowing a SIM associated with a different existing subscription, and perhaps of a different subscriber, to be inserted into the terminal to obtain service under such subscription. The SIM, as used in the GSM system, is described in ETS 300 922, Digital Cellular Telecommunications System; Subscriber Identity Modules (SIM); Functional Characteristics (GSM 02.17 version 5.0.1), April 1997, a publication of the European Telecommunications Standards Institute. However, as the size of wireless terminals has generally decreased, removable SIMs have become undesirable because the ability of a user to conveniently handle the SIM establishes a limit on the degree to which the SIM may be miniaturized.
Other systems employ xe2x80x9cShared Secret Dataxe2x80x9d possessed by both the wireless terminal and the serving system to authenticate the user or subscription associated with the wireless terminal. Cyr et al. U.S. Pat. No. 5,890,075 discloses a method for remotely updating the shared secret data stored in a mobile terminal by a wireless communications system over the air interface. In such systems, only derivatives of the shared secret data are transmitted over the air, such that an observer of the over-the-air messages cannot, without other secret information, derive the actual shared secret data required to obtain access to the system.
Some prior art systems provide for remotely updating security information associated with an existing user or an existing subscription, and other systems allow a user to select a particular subscription among several existing subscriptions to use for making and receiving calls. However, the prior art systems lack the ability to provide other desirable registration services.
For example, a first wireless terminal owner and service subscriber may desire to authorize a second person to use the wireless terminal under the second person""s own subscription. Although terminals adapted for use in a GSM system may have removable SIMs by which a terminal may be selectably associated with a respective predefined subscription corresponding to each SIM, simply exchanging SIMs is unsatisfactory. Most terminals for systems other than GSM do not have removable SIMs, and GSM terminals are adapted for use only with SIMs from GSM systems, precluding use of the terminal by subscribers of other system families. Moreover, during the period the first subscriber""s SIM has been replaced by the second subscriber""s SIM, the first subscriber loses access to the terminal under that user""s subscription. Accordingly, the first subscriber would not be able to use the terminal to make calls under that subscription, and calls intended for the first subscriber would not be delivered to the terminal during that period, unless the first subscriber had made special arrangements for such delivery (for example, by a call forwarding arrangement to the second subscriber).
The present inventors have realized that none of the prior art systems enable a user to remotely register a new user identity or new subscription identity in a wireless terminal via the system""s over-the-air interface. For the purpose of this application, xe2x80x9cregistrationxe2x80x9d means installing into a telecommunications terminal identity or security information for a user or a user""s subscription.
Accordingly, the need exists for a telecommunications system which enables a user to remotely register a new user identity or new subscription identity in a telecommunications terminal via the interface by which the terminal and the system normally communicate.
It is therefore an object of the invention to provide a telecommunications network, and methods for use therewith, which minimize the aforementioned disadvantages of prior art systems.
According to an embodiment of the present invention, a personal mobility registration system (PMRS) is provided for use in conjunction with a telecommunications network and terminals therefor. The PMRS comprises apparatus and/or associated methods for registering a new user""s identity and security information in a telecommunications terminal, based both on information supplied and input by the new user, and on information transferred to the terminal through the interface by which the terminal and the telecommunications network normally communicate. The term xe2x80x9cnew userxe2x80x9d refers to a user whose identity and security information are not currently registered in the terminal.
The term xe2x80x9ctelecommunications networkxe2x80x9d is used here to refer to either a single telecommunications system or a plurality of telecommunications systems which are suitably interconnected to cooperate for call completion and administrative functions, as is known in the art. The terminal owner""s subscription may be associated with a first xe2x80x9chomexe2x80x9d system. The new user""s subscription may be associated with a second xe2x80x9chomexe2x80x9d system. The terminal may be located in a region served by a third xe2x80x9cservingxe2x80x9d system. In some cases, all three of these systems may be distinct, and in other cases one or more of these functionally described systems may actually be the same system (e.g., the new user and the terminal owner may be associated with the same home system). Where the systems are distinct, they need not be members of the same system family.
Each PMRS-equipped terminal includes a user identity module (UIM) which contains and is responsible for maintaining user identity and security information for at least one registered user, who is assumed to be the terminal owner. The UIM may be removable or non-removable, and may be a distinct component or may be an integrated part of the terminal. In order for a new user to become registered in a PMRS-equipped terminal, the terminal owner must authorize the new registration. The terminal owner enters an appropriate terminal function code (or otherwise requests the terminal to begin the authorization process). The terminal prompts the terminal owner for the owner""s own identification and security code information, an identification of the new user, an indication of whether the new user registration is to replace any prior registration or be in addition thereto, and optionally, a validity period for the new user registration. The UIM verifies the information supplied by the terminal owner and indicates whether the attempted authorization was successful.
If the attempted authorization was successful, the terminal then prompts the new user for that user""s identification and security code information. The UIM transmits a message via the serving system""s air interface (or other interface in a non-wireless system) to the new user""s home system requesting the home system provide certain security information needed to register the new user""s identity or subscription in the UIM of the terminal. The telecommunications network forwards the message, with appropriate inter-system translations where required, to the home system of the new user. The home system then negotiates with the UIM of the terminal to exchange authentication key generation information, such that upon completion, the home system and the UIM possess a matching set of authentication keys for the new user. The home system and the UIM may employ well-known methods of exchanging key generation information, and calculating actual keys. Once the UIM possesses a suitable authentication key for the new user, registration of the new user information in the terminal is complete.