Communication system is a combination of system elements, configured to process and transfer information according to agreed conventions. Operations of the system involve one or more system elements and/or one or more users of the system, and are clustered to services that may be utilized by users of the system. Involved parties are identified by an address, a data structure or logical convention that may be used to identify a unique entity, such as a particular process, network device or user.
Depending on the role of the element in the information transfer and the protocol followed in the communication, entities are addressed differently. The term subscriber refers here to a user of at least one communication service of the communication system. A subscriber thus refers to an entity that has access to a group of one or more communication services, and in implementations of the services the subscriber may be addressed by a unique subscriber identity allocated at provisioning the service. A subscriber identity is thus a digital subject that provides the individual characteristics by which an application or a person may be recognized or known in order to be involved with the operations of the communication system.
In communication, the ability to prevent fraud as well as protect availability, integrity, and confidentiality of information is of utmost importance. One of the essential criteria for communication services is that only the intended parties should be able to get involved with the operations, for example, access the exchanged information, or initiate/terminate operations of the systems. In the wealth of digital information users, advanced systems need to provide a variety of functions confirming the claimed identity of a user.
Authentication provides a codified assurance of the identity of one entity to another. Authentication is typically achieved by the parties proving to each other knowledge of a shared secret. In digital communication systems, demonstration of this knowledge requires that a codified set of algorithms and encryption keys are stored in elements representing the parties. Such elements include especially the elements that are accessible to public, typically the integrity of network elements is secured in more conventional ways.
The algorithms and keys are stored in a system element in such a way that the secret may not be compromised. Typically any subscriber-related information applicable for authentication is stored in the element, for example, in a mobile station of the communication system the information resides in an integrated memory module or in a removably insertable subscriber identity module. The secret information is very well protected and made completely inaccessible by tear-down of the apparatus. As a matter of fact, any malicious attempt to retrieve the information fails and often permanently damages the tampered module or terminal equipment.
Recent development of communication systems and advanced communication needs has, however, led to situations, where the subscriber identity information of a mobile station for the communication system needs to be stored in more than one subscriber modules. For example, in highly developed communication systems for safety and security organizations, the subscriber identity information is stored in an integrated subscriber module of the mobile station, and the mobile station is further provided with removable subscriber identity modules that carry the keys and algorithms for end-to-end encryption. Since the management of the end-to-end encryption is typically not trusted with the terminal suppliers, it has been possible to manage the subscriber identity information of the end-to-end encryption service and the subscriber identity information for the services of the communication system separately.
However, in an organization there may be a shared pool of communication terminals, each of which is assigned a subscriber identity for the services of the communication system. In addition, some users of these terminals may carry an individual subscriber identity module, and share the terminal with one or more users. One terminal could thereby be shared between different users at separate times, for example working shifts, which makes it possible to have more communication users than there are terminals.
In these circumstances, subscriber identity information needs to be managed in such a way that parallel use of at least two subscriber identities in the mobile station is enabled but compromising the subscriber related information in the system or transmitted in the system by an abusing party is eliminated.