The use of downloadable USIM to establish the credentials of users and terminals is well known, and described in the 3GPP TR 33.812 V9.2.0. TR 33.812 V9.2.0 discusses remote provisioning of subscriptions for Machine-to-Machine Equipment (M2ME). According to TR 33.812, M2ME, which is a kind of a communication device, is provided with a temporary private identifier called a Provisional Connectivity ID (PCID). The PCID follows the same format as an International Mobile Subscriber Identity (IMSI), and a network operator identified by the PCID is called a Registration Operator (RO). The M2ME accesses the RO using the PCID, and requests subscription information called a Machine Communication Identity Module (MCIM). Upon request, the RO accesses another network operator called a Selected Home Operator (SHO), receives the MCIM issued by the SHO, and forwards the MCIM to the M2ME.
In TR 33.812 V9.2.0, it is also described how a terminal can initially attach to a network using 3GPP radio technologies, receive an initial authentication and authorization for a limited set of operations from the provider of the network to which the terminal is connected, and use this limited authorization to trigger the authentication and authorization of a connection to a provider of shared secrets, authorization certificates, and services which are attached to the subscription of the user of the terminal, and download these into a secure area of the terminal, so that the shared secret and authentication certificates can be used to authenticate and authorize the terminals as being used under the subscription in question towards the network to which it is attached.
TR 33.812 describes several variations of the technology, which serve to enhance security, operability, and other factors. These include methods which leverage the presence of a UICC, as well as those which do not assume that such an entity is present.
TR 33.812 describes in general terms a mechanism by which a previously established credential can be used to authorize the establishment of a connection through a visited operator with the home operator of the subscriber, and there is an implicit assumption that there would only be one of each actor. However, this is not reflected in realistic scenarios, wherein a terminal will discover multiple radio networks, and attempt to authenticate itself with one of them. Since the network also broadcasts its identification, this network can be pre-selected, i.e. the terminal, by preference, addresses the authentication request to one network, for instance one which the home operator of the subscriber has a commercial relation with.
When there is no preference for the visited network, however, the terminal will attempt to establish a connection with the network whose radio signals have the highest signal strength. While this situation may be highly applicable in rural settings, it is increasingly such that in cities, there are a number of mobile networks of equal signal strength. Hence, this criterion does not function well.
In such situations, a terminal acting in the scenario described in TR 33.812 will select a network connection at random. This can be leveraged to address another concern, that of the network operator of the network being flooded by connection requests from a very large number of terminals at the same time enacting the scenarios in TR 33.812. This could be the case, for example, when a service provider has decided to change the SHO for a fleet of power meters. All M2MEs would be receiving Bootstrap requests simultaneously and thus all would try to connect to the RO in the same instant.