In existing wireless network systems (e.g., 2G, 3G, 4G systems), certain operations require that serving PLMNs (other than the home PLMN of the UE) to have access to a particular identifier of the UE, such as an International Mobile Subscriber Identity (IMSI). Knowledge of a long-term identifier corresponding to the UE, however, allows third parties to compromise the privacy of the user, for example, by determining the location of the user based on the identifier. As a result, this UE identifier is typically kept private and treated as a secret, and as such, is often only available to the UE, the home PLMN of the UE, and any other party or device to which access to the identity has been granted by the home PLMN or UE. Though some existing networks utilize encryption methods and/or pseudonyms for UE identities to communicate an identifier of the UE between PLMNs and devices, the communicated identifier is not the secret, long-term identifier of the UE required by some serving PLMN operations.
Therefore, improved techniques for trusted communication of secret UE identifiers are needed to ensure that required UE functionality is maintained across PLMNs without exposing sensitive user information to untrusted parties.
General security-related discussions are ongoing within the 3rd Generation Partnership Project for the Next Generation system. 3GPP TR 33.899 V0.2.0 discusses threats, potential requirements and solutions related to such a system. The document states that lawful interception and other local regulations must be taken into account when designing the new system, but also that the exposure of a subscriber's identity might lead to privacy incidents. No solution is provided to the complex problem of enabling a serving PLMN to perform e.g. lawful interception without risking interception of the wrong subscriber, erroneous charging, and unauthorized access to network resources.