keywords: ticket based service access, customer care, mobile computing, anonymity, accountability

abstract  We introduce a model that allows of anonymous yet accountable service usage in mobile communication systems. This model is based on the introduction of a new business role, called the customer care agency, and a ticket based mechanism for service access. We motivate the introduction of customer care agencies by analyzing their role and emphasizing their advantages. We introduce the general idea of ticket based service access, present a categorization of ticket types and ticket acquisition models, and identify some possible attacks against ticket based systems. We illustrate how agencies and tickets work together by presenting a ticket based protocol between users, customer care agencies, and service providers. The protocol achieves authentication of the service provider to the user, establishment of a shared session key between the user and the service provider, and correct and undeniable charging. In addition, it provides revokable anonymity for users, which means that the identity of misbehaving users can be revealed.