Content for  TR 22.856  Word version:  19.2.0

To ensure a seamless user experience across metaverse services, network operators offer digital asset management services that allow users to certify certain information, such as IDs. These services support multiple user identities, each representing different aspects of the user's life, such as their professional role and private life. As a result, each user identity may have its own set of information stored in the associated digital asset container, and this information can be managed differently based on the security requirements of the service. For example, the information associated with virtual banking requires a higher level of security in mobile communication due to the sensitive nature of the information, compared to that associated with virtual gaming.

Bank B offers virtual financial services, e.g. avatar-based calls with financial managers, and the deposit and withdrawal of digital money through its virtual banks. Mobile Operator T has established service level agreements with Bank B to provide multimedia communication services for virtual banking. Moreover, T provides digital asset management services for its subscribers, and some of this information is associated with the user's activities in Bank B. Shaun, a senior employee at Bank B, has stored work-related digital assets in his digital asset container, which is supported by Mobile Operator T. This information includes his work ID, which is used to access Bank B's confidential database, and professional-looking avatar (dressed in a suit with Bank B's watermark). Additionally, Shaun's digital asset container holds other digital assets for his private life, such as a cartoon avatar. Recognizing the importance of data security, Shaun restricts his access to work-related information in selected locations, such as when he is physically in the office.

1. Shaun registers with T by a UE that has a subscription with T. During his commute, he buys some digital clothes for his avatars in a virtual shop, which are then stored in his digital asset container.
2. Shaun arrives at his office. Having been authenticated by T and bank B, he initials a multimedia session with a customer. During the session, he uses his work ID to access the customer's digital safe deposit box managed by B.
3. B assigns Shaun a new work ID as he obtains permission to highly sensitive business information of B.
4. Shaun requests to update his work ID in the digital asset container.
5. With T confirming his presence in the office building, Shaun is able to successfully update his work ID.

Shaun is able to access highly confidential information using his updated work ID when he is in the office.

The functional requirements for user identity are captured in clause 26a of TS 22.101.

[PR 5.28.6-1] [PR 5.28.6-2]