DELIVERY OF SUBSCRIBER IDENTITY INFORMATION
FIELD OF THE INVENTION
The present invention relates to telecommunications, and more particularly to a method for delivery of subscriber identity information, and a cor- responding network element, user terminal, and computer program product in a telecommunication system.
BACKGROUND OF THE INVENTION
In order to access the services of the telecommunication system, a subscriber needs user terminal and a subscription. Only when the combination of the user terminal and the subscription of the user is validated by the system, services like two-way communication are possible for the user.
Depending on the applied technology, adoption of the subscription in the user terminal may be implemented in various ways. In most of the public mobile networks, the subscription data is configured into a detachable sub- scribed identity module. The combination of the user terminal and subscriber identity is delivered to the switching and management infrastructure (SwMI) via defined signalling procedure. In some other technologies, like Terrestrial Trunked Radio (TETRA), the subscriber identity information may also be stored in the user terminal itself. Typically the procedure for commissioning a user terminal is two-folded. The user terminal is generally provided with a terminal equipment identity and a secret key by the manufacturer, and the combination of the key and terminal equipment identity is delivered in a secure way to the SwMI. The operator of the network receives the terminal equipment identity, assigns to it at least one individual subscriber identity and forwards the combination of the secret key and the subscriber identity in a secure way to the SwMI. The SwMI combines these two pieces of information into full subscriber data and activates the subscription such that services can be accessed with this particular combination of user terminal and subscriber identity.
There are, however, some problems related to this arrangement. For some particular fleet configurations the range of available numbers is not adequate for the all possible users. For example, in case a large amount of vehicles are tracked with automatic vehicle location systems, the range of numbers easily becomes deficient for the purpose. There would be a need to reuse the numbers, but this is not possible because the procedures for adop- tion and release of individual subscriber identities is far too slow and laborious
to implement.
SUMMARY OF THE INVENTION
An object of the present invention is thus to provide a method and an apparatus for implementing the method so as to alleviate the above prob- lem. The objects of the invention are achieved by a method, user terminal, network element, communication system and computer program product that are characterized by what is stated in the independent claims. The preferred embodiments of the invention are disclosed in the dependent claims.
The invention is based on the idea of enabling dynamic delivery of a subscriber identity from a switching and management infrastructure to a user terminal included in a payload of a message. It is appreciated that a user terminal configured with a group subscriber identity can monitor and receive some downlink messages even if the user terminal is not registered and therefore does not have full access to the services of the system. The payload is arranged with a mechanism with which particular user terminal can independently determine that the message received via the group address is addressed individually to it. When this particular user terminal detects such message, it adopts the subscriber identity into its own use and registers into the system. Typically the registration requires successful authentication, which provides an automatic additional security measure to the procedure. The use of the received subscriber identity can be terminated correspondingly by a payload command in a short message delivered to the individual subscriber address of the user terminal.
A basic advantage of the method and arrangement of the invention is that it allows quick and efficient deployment of subscriber identities without requiring essential changes to the existing radio interface. Other advantages are discussed in more detail in connection with description of advantageous embodiments of the invention.
BRIEF DESCRIPTION OF THE DRAWINGS In the following the invention will be described in greater detail by means of preferred embodiments with reference to the attached drawings, in which
Figure 1 shows main elements of an embodied radio system; Figures 2A and 2B show reference hardware configurations of em- bodied user terminal and switching and management infrastructure element;
Figure 3 illustrates an embodied method for a user terminal;
Figure 4 illustrates another embodied method for a user terminal;
Figure 5 illustrates an advantageous embodiment for terminating the use of individual subscriber identity; Figure 6 illustrates an embodied method for a switching and management infrastructure (SwMI) element;
Figure 7 illustrates another embodied method for a switching and management infrastructure (SwMI) element;
Figure 8 illustrates a further embodiment that serves to optimize the use of main channel resource; and
Figure 9 illustrates a further embodiment for optimizing the power consumption of the user terminal.
DETAILED DESCRIPTION OF THE INVENTION
The following embodiments are exemplary implementations of the present invention. Although the specification may refer to "an", "one", or "some" embodiment(s), reference is not necessarily made to the same embodiment(s), and/or a feature does not apply to a single embodiment only. Single features of different embodiments of this specification may be combined to provide further embodiments. In the following, the invention is described using the terms and elements of the TETRA air interface as specified in the European Telecommunication Standards ETSI EN 300 392-2; European Standard (Telecommunications series); Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 2: Air Interface (Al), and ETSI EN 300 392-7; European Standard (Telecom- munications series); Terrestrial Trunked Radio (TETRA); Voice plus Data (V+D); Part 7: Security, however, without limiting the invention to this one radio system technology. The present invention can be applied to any communication system, where subjects of communication service operations are identified by individual subscriber identity. Figure 1 shows a simplified illustration of the main elements of an embodied radio system 10. The radio system 100 comprises a switching and management infrastructure (SwMI) 102 and a mobile station (MS) 104. SwMI 102 is equipment for a voice plus data (V+D) network, which enables the subscriber terminals to communicate with each other. In Figure 1 SwMI comprises one digital exchange (DXT) 106, and one base station (TBS) 108, but naturally
the number of elements and their mutual interconnections may vary according to the implementation.
Of the subscriber terminals, the mobile station (MS) 104 is arranged to access SwMI via the air interface 1 10. The other type of subscriber termi- nals, the dispatching workstation 1 12, may communicate with SwMI 102 through a dispatching interface 1 14, which can provide the connection using, for example, E1 , ISDN BA, or IP protocols. In practice the radio system can comprise a multiplicity of dispatching workstations 1 12 and corresponding interfaces 1 14 of different type. Additionally, SwMI 102 comprises an interface 1 16 for interconnection with other networks, such as PSTN, GSM, WCDMA, conventional analog networks, LAN, WAN, and similar. The protocols related to different interfaces are implementation specific arrangements familiar from the prior art.
The block diagrams in Figures 2A and 2B show reference hardware configurations of an embodied user terminal and network element according to the invention. The user terminal is embodied here with a mobile station capable of implementing TETRA air interface specifications. The mobile station 200 of Figure 2A comprises a processing unit 202 for performing systematic execution of operations upon stored and/or received data. The processing unit 202 is a central element that essentially comprises an arithmetic logic unit, a number of special registers and control circuits. For example, the functions implemented by the processing unit 202 in transmission typically comprise: encoding, reordering, interleaving, scrambling, channel multiplexing, and burst building. The mobile station comprises also a memory unit 203, data medium where computer-readable data or programs, or user data can be stored. The mobile station comprises also a transceiver unit 204 that includes at least a transmitter 205 and a receiver 206. The transmitter 205 receives a bitstream from the processing unit 202, and converts it to a radio signal for transmission by the antenna 207. Correspondingly, the radio signals received by the antenna 207 are led to the receiver 206, which converts the radio signal into a bitstream that is forwarded for further processing to the processing unit 202.
The mobile station may comprise an interface unit 201 with at least one input unit 208 for inputting data for internal processing in the mobile sta- tion, and output unit 209 for outputting data from the internal processes of the mobile station. Said interface unit may comprise interfaces to hardware and
software integrated, attached or attachable to the mobile station. Examples of such comprise automatic vehicle control systems, and positioning systems, as well as user interface elements, like a keypad, a screen, a touch screen, a microphone, a loudspeaker, and equals. The processing unit 202, memory unit 203, interface unit 201 and transceiver unit 204 are electrically interconnected to provide means for performing systematic execution of operations on the received and/or stored data according to the predefined, essentially programmed processes of the mobile station. In solutions according to the invention, the operations comprise func- tions of the user terminal in delivery of individual subscriber identities. These operations are described in more detail with Figures 3 to 5. Figure 2A shows logical components of the user terminal, and the referred means may comprise functions of one of the presented units or may be implemented as a combination of the functions of the presented units. The network element of Figure 2B is embodied with a switching and management infrastructure (SwMI) element that comprises a processing unit 251 , an element that includes at least an arithmetic logic function, a number of special registers and control circuits. Connected to the processing unit is a memory unit 252, a data medium where computer-readable data or programs or user data can be stored. The SwMI element further comprises an interface block 253 with input unit 254 for inputting data for internal processing in the element, and output unit 255 for outputting data from the internal processes of the element. Examples of said input unit comprise a plug-in unit acting as a gateway for information delivered to its external connection points. Examples of said output unit include plug-in unit feeding information to the lines connected to its external connection points.
The processing unit 251 , memory unit 252, and interface block 253 are electrically interconnected to provide means for performing systematic execution of operations on the received and/or stored data according to the predefined, essentially programmed processes of an element of the switching and management infrastructure. These operations are described in more detail with Figures 6 to 7. Figure 2B shows logical components of the network element, and the referred means may comprise functions of one of the presented units or may be implemented as a combination of the functions of the pre- sented units.
The operations described in the following may be implemented using the disclosed elements in various ways. For example, the operations of the user terminal and the switching and management infrastructure element may be implemented in hardware (one or more devices), firmware (one or more devices), software (one or more modules), or combinations thereof. For a hardware implementation, the processing units may be implemented within one or more application specific integrated circuits (ASICs), digital signal processors (DSPs), digital signal processing devices (DSPDs), programmable logic devices (PLDs), field programmable gate arrays (FPGAs), processors, control- lers, micro-controllers, microprocessors, other electronic units designed to perform the functions described herein, or a combination thereof. For a firmware or software, implementation can be through modules (e.g., procedures, functions, and so on) that perform the functions described herein. The software codes may be stored in memory unit and executed by the processing unit. The memory unit may be implemented within the processor or external to the processor, in which case it can be communicatively coupled to the processor via various means as is known in the art. Additionally, components of systems described herein may be rearranged and/or complemented by additional components in order to facilitate achieving the various aspects, goals, advantages, etc., described with regard thereto, and are not limited to the precise configurations set forth in Figure 2, as will be appreciated by one skilled in the art.
The flow chart of Figure 3 illustrates the method according to the invention, the steps corresponding to an embodiment for a user terminal. The embodiment is illustrated with a TETRA user terminal without, however, limit- ing the scope by the terms and mechanisms of in this exemplary communication technology. The method begins in a situation where the user terminal is ready to use and be commissioned for operation in TETRA network. In step 30 the user terminal is configured with a stored element which the user terminal can use to verify that a message it has received through a particular subscriber number is addressed to it and that it has the right to consume the contents of the message. In the first, basic embodiment the received element is implemented by use of an equipment identity.
In TETRA systems, TETRA equipment identity (TEI) is typically an electronic serial number that is permanently connected to a piece of TETRA equipment and which uniquely identifies the piece of equipment, either one mobile terminal or one network terminal. TEI is typically utilized in dis-
able/enable procedures that allow disabling and enabling of the user terminal. The stored element of step 30 is denoted as a terminal equipment identity TEI8 to imply that this is an identifier that identifies the particular terminal equipment and is stored in the user terminal. In step 31 , the user terminal is configured with a group subscriber identity GSSM that enables the terminal to receive defined messages via the TETRA network. In TETRA systems, subscriber identities exist in two sizes, TETRA Subscriber Identity (TSI) that is 48 bits long, and Short Subscriber Identity (SSI) that is 24 bits long. The SSI is typically a truncation of the TSI. TSI is unique across the complete TETRA domain, SSI needs to be unique only in one TETRA sub-domain. Typically, a TETRA terminal contains at least one family of TSIs. Each family contains one Individual TETRA Subscriber Identity (ITSI) and may also have one Alias TETRA Subscriber Identity (ATSI) and several Group TETRA Subscriber Identities (GTSI). In the current em- bodiment, the user terminal is configured with GTSI that truncates into GSSI. In the following, reference is made to GSSI, but for a person skilled in the art it is clear that either the GTSI or GSSI may be applied in the solution without deviating from the scope of protection.
The messages accessible via the use of group subscriber identity comprise, for example, short messages and broadcast messages. In the following, an embodiment utilizing the short data service of TETRA is disclosed in more detail. It should be noted that other messaging mechanisms capable of delivering downlink messages via group subscriber identities may be used without deviating from the scope of protection. The short data service of TETRA (SDS) is a quick service that enables users to exchange short user defined messages or a short pre-defined messages. The message can be sent or received in parallel with an ongoing speech call. In order to obtain a fast service, the SDS-message is carried or embedded in a single up link transmission, for example one transfer unit. Usu- ally the SDS delivery applies random access procedure. The SDS service comprises point-to-point and point-to-multipoint capabilities and may use Short Number Addressing (SNA), full TETRA Subscriber Identity (ITSI/GTSI) and Short Subscriber Identity (SSI) addressing or even external subscriber number. In the embodied solution, the addressing used as a destination address in connection with the SDS on the downlink is a SSI, thus here GSSI.
In order to be able to registrate to the TETRA system and perform both uplink and downlink communication, the user terminal needs to have an individual subscriber identity successfully registered with the SwMI. However, in order to receive a SDS message, the user terminal does not need to be reg- istered to the TETRA system, it only needs to be able to receive transmissions of the relevant control channels used for SDS transmissions. Accordingly, in the example of Figure 3, the user terminal configured with GSSM enters a monitoring mode where it monitors (step 32) the main control channel (MCCH) transmissions and is able to detect and receive a short message addressed to the GSSM . The short message comprises a received element that the user terminal can use to verify that a message it has received through GSSM is addressed to it and that it has the right to consume the contents of the message. In addition the short message comprises an individual subscriber identity ISSI2. In the embodied example, this received element is TEI1-, a terminal equipment identifier that the SwMI has included in the payload of the GSSM addressed short message. Accordingly, when the short message is received (step 33) the user terminal reads (step 34) it, and extracts from the short message the received element TEI1-. In this basic embodiment the mechanism to verify the right to consume the content of the message is implemented by comparing (step 35) the stored element TEI8 with the received element TEI1-. If the elements do not match (step 36), the user terminal ignores the short message and returns back to step 32 monitor further short messages via GSSM . If the elements do match (step 36), the user terminal extracts from the short message the individual subscriber identity ISSI2, and configures (step 37) ISSI2 for use as its own individual subscriber identity. By doing this, the user terminal may operate as a mobile station that includes both the equipment that provides functions necessary for the operation of the access protocols and subscription to allow the access by the SwMI. In step 38 the mobile station reg- istrates to the TETRA system in a conventional way using ISSI2, and is thereby able to access the services of the TETRA network according to the rights defined for ISSI2. Typically the registration includes authentication that provides one additional element for verifying that the individual subscriber identity is used only by a duly authorized user terminal. An additional aspect of the above embodiment is an arrangement where the user terminal is configured with a number of group addresses and
the user terminal is configured to monitor reception of short messages (steps 32, 33) with all of the stored GSSIs.
The described procedure enables quick delivery of individual subscriber identity to TETRA user terminal without essentially changing any of the existing TETRA air interface definitions. Instead of taking the user terminal manually to a commissioning centre, the necessary functionality for adopting an individual subscriber identity into the system can be implemented over-the- air and without a previously assigned individual subscriber identity, which saves time and is possible even when the range of available individual sub- scriber identities is limited. The required information is delivered in the payload of a short message so that the mechanism can be implemented transparently over the SwMI elements other than the user terminal and the subscriber management entities of SwMI. In the minimum such subscriber management entities comprise the entities that implement the operational management of TETRA, like dispatching workstations and dispatching server systems.
It should be noted that even if the embodiment describes delivery of the short message in TETRA main control channel, the invention is not limited to the use of main control channel. For a person skilled in the art it is clear that any physical or logical channel which is capable to deliver short messages with variable payload and which may be received by user terminal via a group address is applicable without deviating from the scope of protection.
Figure 4 illustrates another embodiment of the solution of Figure 3. In the method of Figure 4 the security of the individual subscriber identity delivery is improved by use of encryption. In step 40 the user terminal is config- ured with an encryption mechanism that enables exchange of encrypted messages between a subscriber management entity of the SwMI and the user terminal. In the embodied example of Figure 4 the encryption mechanism comprises an encryption algorithm and an encryption key configured to the user terminal. For a person skilled in the art it is clear that a corresponding encryp- tion algorithm needs to be applied in the respective subscriber management entity in the SwMI. Within the scope of protection, the applied encryption may be symmetric or asymmetric. In symmetric encryption parties demonstrate knowledge of secret information that is shared with the parties but not available or derivable without significant effort to a third party. In asymmetric encryption pairs of public-private keys are used to encrypt and decrypt data. In the embodiment of Figure 4, symmetric encryption is utilized. This means that the
user terminal is configured with an encryption algorithm and a secret key K. The secret key K can be, for example, the TETRA air interface authentication key of the user terminal. The delivery of TETRA air interface authentication key is, however, very strictly controlled and therefore in some applications use of another key, for example, a second key dedicated for the purpose may be used to allow more simple operations for subscriber management.
Steps 41 for configuration of GSSM , 42 for monitoring the short messages to GSSM and 43 for detecting a received short message correspond to steps 31 to 33 of Figure 3. In this embodiment the payload of the short message is encrypted such that it can only be decrypted with the combination of the encryption algorithm and the encryption key stored in the user terminal. Basically the encryption could be static such that the encryption key itself is used in all encryptions between the SwMI element and the user terminal. In the embodiment of Figure 4 the procedure is enhanced even further by enabling the user terminal to be sure that the information demonstrating the knowledge is not generated by recording and replaying a message from earlier communications. This is achieved by delivering over the air interface only a random number RN1 that is new for every communication instance.
The SwMI entity that sends the message generates a random num- ber RN1 , and feeds it into the encryption algorithm with the secret key of the user terminal. The algorithm results in a session key KS that it uses in encrypting the part of the short message that is considered necessary to be encrypted. When the user terminal in step 43 detects a received short message, it extracts (step 44) the random number that may be included in clear code within the short message, derives using the random number, the encryption algorithm and the encryption key a session key KS (step 45) and uses this to decrypt (step 46) the encrypted part of the payload of the short message. In this embodiment the mechanism to verify the right to consume the content of the message is based on success or failure of the decryptions step. The user terminal checks (step 47) whether the decryption was successful or failed. In case of failure the procedure moves to step 42 for monitoring the incoming short messages for GSSM . In case the message decrypts successfully with the session key KS that is generated from the random number with the individual secret key of the user terminal, the user terminal can be sure that the message was targeted to it and consume it according to a predefined procedure. In this embodiment the procedure comprises configuring the user terminal to use the
individual subscriber identity ISSI2 (step 48), and registrate (step 49) to the system as a mobile station capable of two-way communication. The registration includes authentication that provides one additional element for verifying that the individual subscriber identity is used only by a duly authorized user terminal.
The embodiment of Figure 4 enables the advantages of the embodiment described in Figure 3 and in addition increases the security of the procedure. For a person skilled in the art it is clear that elements of embodiments of Figure 3 and Figure 4 can be used separately or in combination. For example, the procedure for over-the-air delivery of individual subscription could comprise both recognition of the recipient with TEI and verification of the right by decrypting a defined part of the message using the individual secret key stored in the user terminal.
Figure 5 illustrates an advantageous embodiment for terminating the use of individual subscriber identity. Figure 5 begins as a continuation to procedures of Figure 3 or Figure 4 or a defined combination of them in the situation where the user terminal has been configured with ISSI2 and operates as a mobile station in the TETRA network. During its normal operation the user terminal conventionally monitors (step 51 ) the MCCH for short messages ad- dressed to ISSI2. When the user terminal according to the invention notices a received short message (step 52), it reads the payload of the message (step 53) and checks it (step 54) for a termination request for terminating the use of ISSI2. If such message is not detected (step 55) the procedure returns back to step 51 to monitor the incoming short messages. In case a message with the termination request is detected (step 55) the user terminal deactivates ISSI2 (step 56) and enters to monitoring state to monitor incoming short messages addressed to the group address GSSM dedicated to over-the-air delivery of individual subscriptions.
The flow chart of Figure 6 illustrates the method according to the in- vention, the steps corresponding to an embodiment for a switching and management infrastructure (SwMI) element. The SwMI element is exemplified with a TETRA SwMI element that comprises an application for managing the individual subscriptions, at least the individual subscriptions that may be delivered over the air. In step 60 the SwMI element is configured with at least one group address GSSM that may be used for delivery of individual subscriber identities. In step 61 the SwMI element is standby for individual subscriber identity re-
quests. The request may come, for example, through a user interface from the operator of the SwMI element, or through a network interface from an authorized remote operating point. If such request is detected (step 62) the SwMI element generates a message addressed to GSSM and carrying the individual subscriber identity ISSI2 in its payload. As in the embodiment of Figure 3, into the payload is also comprised the terminal equipment identity TEI1- that enables the user terminal to verify that the message is addressed to it individually and that it is requested to apply the individual subscriber identity included in the message. After sending (step 63) the message, the SwMI element begins to monitor (step 64) through the system whether a mobile station has registered into the system using the ISSI2 it sent in the short message. The monitoring may be implemented, for example, as a repeated query from the home subscriber database, or as a notification from the home subscriber database, sent when the location registration request has been received. Whenever the SwMI element gets a notification on the location registration, or a location registration attempt (step 65), it activates the ISSI2 and thereby enables the two-way communication using ISSI2. The registration includes authentication that provides one additional element for verifying that the individual subscriber identity is used only by a duly authorized user terminal. The flow chart of Figure 7 illustrates another embodiment of the solution of Figure 6. In the method of Figure 7 the security of the individual subscriber identity delivery is again improved by use of encryption. Steps 700 for configuration of GSSM , 710 for monitoring the individual subscriber identity requests and 720 for detecting a request correspond to steps 60 to 62 of Fig- ure 6. As in the embodiment of Figure 4, in this embodiment the payload of the short message is encrypted such that it can only be decrypted with the combination of the encryption algorithm and the encryption key stored in the user terminal. Again, the encryption is based on a random number RN1 that is new for every communication instance and can be delivered to the user terminal in TETRA in clear code.
The SwMI element has access to the secret key of the user terminal, or has access to another SwMI, for example a trusted party, to which it can send the payload with the random seed for encryption. Thus, the SwMI element generates a random number RN1 , and, either itself or subcontracted to another element, feeds RN1 into the encryption algorithm with the secret key of the destination user terminal. The algorithm results in a session key KS
(step 725). This session key is used to encrypt (step 730) the part of the short message that is considered necessary to be delivered under secrecy. SwMI entity addresses the short message to GSSM , and sends it (step 735) as a conventional group addressed short message over the radio interface. At sending the short message, the SwMI element may also initiate (step 740) a timer TIM that measures the time between sending of the short message to GSSM and a possible response by the user terminal. Accordingly, as in the embodiment of Figure 6, the SwMI element begins to monitor (step 745) through the system whether a mobile station has registered into the system, for example by making a location registration using the ISSI2. If the timer expires (step 750) before the user terminal registers using ISSI2, the delivery is considered unsuccessful and the SwMI element moves back step 710 to monitor for further requests. If a location registration request using ISSI2 is received (step 755) before the expiry of the timer, SwMI element activates (step 760) the ISSI2, which allows the user terminal to be used as a mobile station capable of two-way communication with rights assigned to ISSI2.
For a person skilled in the art it is clear that also elements of embodiments of Figure 6 and Figure 7 can be used separately or in combination. For example, the procedure of Figure 6 may be complemented with a timer. Also the over-the-air delivery of individual subscription may comprise both recognition of the recipient with TEI and verification of the right by decrypting a defined part of the message using the individual secret key stored in the user terminal. Additionally, TEI may also be used to complement the procedure in other ways, for example to provide a checksum for the encryption. Implemen- tation of termination of the use of individual subscriber identity in the payload of a short message addressed to ISSI2 in a SwMI element is clear to a person skilled in the art from the description of the corresponding functionality when embodied in a user terminal.
In the described embodiments the subscriber identity used for re- ceiving the short message is a group identity. This is an advantageous arrangement in respect of use of main control channel capacity because a pay- load with variable contents can in this way be delivered to several potential recipients with a shared radio resource. However, for a person skilled in the art it is clear that also a predefined individual subscriber identity may also be used for delivering the configurable individual subscriber identity without deviating from the scope of protection. For example, a group of user terminals can be
configured with a first individual subscriber identity and all such user terminals monitor for short messages addressed to that particular individual subscriber identity. When they have received the short message and adopted the second individual subscriber identity, they deactivate the first individual subscriber identity.
Figure 8 illustrates a further embodiment that serves to optimize the use of main control channel resource for delivery of the individual subscriber identity. The total coverage area of the system may be divided into more than one subareas (SA), each of which associated with a different GSSIx through which the new individual subscriber identities may be delivered. In the example of Figure 8 the total coverage area 80 is divided into three subareas SA1 81 , SA2 82, and SA3 83 where the group addresses for delivering individual subscriber identities are GSSM , GSS2, and GSS3, respectively. In the embodied system, the user terminals that are designed to use the individual subscriber identity delivery method disclosed herein are configured with at least two, but preferably with all of the above mentioned group addresses GSSM , GSS2, and GSS3. An operator managing the pool of allocatable individual subscriber identities typically has some knowledge about the probabilities to locate a particular user terminal in a particular subarea. For example, the operator may recognize the user terminal to belong to a metropolitan fleet and may therefore well presume that the most potential subarea for reaching the user terminal is SA2 that covers the respective city centre. According to the invention, the operator first attempts to deliver the dynamic individual subscriber identity in a short message addressed to respective GSSI2 and delivered only in the subarea SA2. As disclosed in the embodiment of Figure 7, the operator may wait for the location registration by the targeted user terminal, for example until the timer expires and then move on to attempt delivery of the dynamic individual subscriber identity in a short message addressed to another group identity and in another subarea. Advantageously, the second choice is the one with the sec- ond largest probability of reaching the targeted user terminal. The procedure may be continued by moving to less probable subareas until the user terminal responds by registering to the system or until all subareas have been attempted. This sectorized delivery optimizes the use of main control channel resource. Main control channel is a critical but very easily congested resource whose use typically has to be optimized in any possible situation.
Figure 9 illustrates a further embodiment of the invention where the power consumption of the user terminal in monitoring mode is optimized without compromising the expedient operation of the invented method of delivering the dynamic individual subscriber identity. Figure 9 illustrates consecutive downlink frames F1 , F2, F3, ...of the embodied radio interface, and the corresponding level of power consumption in the receiver of the user terminal. The illustrated power levels are 0 and P, where 0 denotes a sleep mode where the receiver is substantially switched off, and P denotes the power level of the receiver in a reception mode where the receiver in operational and able to re- ceive transmissions from the SwMI. Each of the frames comprises timeslot (denoted with X) to which a control channel through which the delivery of the dynamic individual subscriber identity is implemented is mapped. In the earlier example of TETRA systems, each TETRA air interface frame comprises a main control channel, which the user terminal listens to. Even though one of the objectives of the invented method is to achieve quick configuration of the dynamic individual subscriber identity, some delay to the delivery of the individual subscriber identity may be accepted in order to enable user terminals with longer standalone periods, i.e. periods of operation without a possibility to charge the batteries. It has been noted that the cycles of the TETRA frames are so rapid that some frames could be missed and still the time of delivery is significantly improved in comparison to the conventional methods. Figure 9 illustrates an arrangement where delivery of short messages carrying dynamic individual subscriber identity is assigned to timeslots predefined frames F1 , F4,... In Figure 9 timeslots assigned for control channel, and especially for delivery of short messages carrying dynamic individual subscriber identity are denoted with circled X and timeslots assigned to control channel but not to delivery of short messages carrying dynamic individual subscriber identity with plain X. Correspondingly, the user terminal that is in monitoring mode and operates only in downlink direction is configured to operate the receiver on power level P.
It will be obvious to a person skilled in the art that, as the technology advances, the inventive concept can be implemented in various ways. The invention and its embodiments are not limited to the examples described above but may vary within the scope of the claims.