Conventional telecommunications developed without making a distinction between these two types of profile , Normally, an access is associated with an identifiable customer and anonymous user at a given moment, and the data are distributed all over the network and the Information System. However, it could be considered that this type of approach already exists, either in the Information System (a single invoice containing the billing information of several users for example) or in the network (by using the intelligent network to distinguish between users in, for example, virtual private networks).
The GSM mobile networks already have a real profile base too, thanks to the use, in the terminal, of the SIM card, and in the network, of a data base holding the authorization and usage profile of a mobile number ( the HLR). The network also has access to information concerning location, which is therefore related to the temporary situation of a terminal and to its actual access. But all the service data needed by the person who uses the terminal carrying the contract-related SIM card are not present in the HLR and there remains a certain association between customer and user. In a way, the user is equated with his SIM card, and is authenticated thanks to a PIN code. The UMTS networks will build their architecture around an extension of HLR, the HSS ( ‘Home Subscriber Server’), which includes more service data, particularly related to the packet network. These are databases that are used as a model for profile aspects, but are extended by user information and preferences such as those stored in the portals of the Internet.
A lot of different types of information are needed to implement these control functions. Here are just a few examples.
- access- related information: identification of the access address, of the address linked to a service ( which may be different from the former, e.g. the ATMVC address for an ADSL access, the IP address for services arriving at the terminal). Features of the terminal used. Characteristics of the type of access;
- user-related information ( at the network or service level) : identification of the user, the associated method and means of authentication, services that can be activated by the user according to the access selected, preferences, user’s rights, location data, data related to presence and to the ability to be reached, credit remaining, etc.;
- customer-related information delegation of rights to other users, contract validity, billing information or pre-payment accounts, etc.
These data may be static, changing very slowly, and be modified by explicit acts of management; they are above all contractual data. They may also be temporary and dependent on active sessions. But their static, manageable and temporary nature does not always remain stable in the evolution of networks and services. A typical example is that of a terminal’s IP address that has been attributed in a fixed manner through contract, then attributed by an address server at the set-up time of an access session, and which may be allocated in a fixed way again, e.g. by using Ipv6.
The data will be accessible to and modifiable by a large number of people (network operators, service operators, customers, users), by network servers and by terminals during access or service sessions. Conceptually speaking, it would be easier to store all data needed for communication in a single database, indexed with a single identifier related, for example, to the user. However either for reasons of time of access to the data or for reasons of ownership and confidentiality, this is not possible, and the data will have to be distributed over bases which might need to be dedicated.
The profile of a user will, in fact, be made up of a series of profile fragments, located in the various domains, and featuring a certain degree of redundancy or replication. The bases of profile fragments will be an important part of the NGN economy. For the moment, in the definition of the profile bases, two approaches can be identified. Whose principles are, for the most part, agreed upon; one, the previously mentioned HSS within the framework of 3G mobile networks; the other having the objective of forming profile bases of identified and authenticated users on the Internet with, as the first type of application, simplification and increased security for e-commerce applications.