The Access control is the procedure used by the telecom system domain to ensure that the user accesses the telecom system domain in accordance with the restrictions specified at subscription [1]. When mobility is supported, every user will have the possibility to use any terminals at any access points. The access control procedure is also intended to limit the access capability of a user for the protection and privacy of third party. The third party can be the owner of the terminal or the access point, and must have the right to block or deblock, suspend or reset the service delivery at his terminal or access point to a user.
When the user is allowed to move and access to the telecommunication services anywhere and at any time, the risk of threats increases dramatically at the same time as the mechanisms necessary to enforce security become more difficult to realise. In systems supporting general mobility, fraudulent use of anyone's subscription can be attempted from any terminal and at any network access point. In this way the user may be exposed to various forms of fraud as, for example, fraudulent use of the user's resources by unauthorised parties who manage to take up the identity of the user, eavesdropping, unauthorised tapping or modification of information exchanged during communication, and disclosure of the user's physical location [4]. Another security problem arises because the user is allowed to use any terminal and at any network access point. Such a temporary usage may conflict with the use of the terminal by the terminal owners, also referred to as third parties [6]. In principle, third parties should not suffer in terms of loss of privacy or freedom of actions as a result of activities by the mobile user.