FIELD OF THE INVENTION The present invention relates to a method and system of authenticating access to a domain using a user identity card, wherein said user identity card comprises an authentication data pair stored on the identity card. The authentication data pair consists of first and second authentication data, wherein the first authentication data uniquely identify a user or a group of users and the second authentication data uniquely identify the identity card. In order to access the domain the authentication data pair must match with authorized authentication data pairs within the domain.

BACKGROUND OF THE INVENTION Identity cards such as smart cards have become more and more common over the past years. What characterizes these cards is that they are provided with an embedded computer chip that can be either a microprocessor with internal memory or a memory chip alone. Therefore, one can say that smart card is an active device or a small computer which enables giving only the information that is required for the specific service at the time the smart card is presented. Also, with smart card-based systems there is no technical requirement to have a central database system that observes all requests for services. An example of applications where smart cards are used is within the financial sector, telecommunications, transit, healthcare and secure identification. There are numerous government identification systems (ID) implemented worldwide which use smart card combined with a biometric technology such as photo and fingerprint. Obviously, it is essential that high security level of such cards is maintained. When the smart cards are used to enter a domain they are identified through a unique identification number stored on the card. This identification number may e.g. define the domain, which could comprise license or certificate to access devices or content data within the domain. The problem with prior art identity cards is that only one identification number is used to authenticate the identity card. Therefore, if the identity card is e.g. lost, the manufacturer of the card must, in order to prevent an illegal user of the card to access the domain by using this card, revoke the card and thereby the license to access devices or content data within the domain. Also, the situation may occur that the owner of the card notifies that he/she has lost the card. The manufacturer of the card could then make an identical copy of the user-identity card, i.e. create a clone of the card. The problem may then occur that the user can misuse this situation by e.g. giving someone outside his family a copy of the card.

OBJECT AND SUMMARY OF THE INVENTION It is the object of the present invention to solve the above-mentioned problems. According to a first one aspect the present invention relates to a method of authenticating access to a domain using a user identity card, wherein said user identity card comprises an authentication data pair stored on said identity card, said authentication data pair consisting of first and second authentication data, said first authentication data uniquely identifying a user or a group of users and said second authentication data uniquely identifying said identity card, and wherein said domain comprises an identification of authorized authentication data pairs which can be used for obtaining authorized access to said domain, the method comprising the steps of: - reading said authentication data pair stored on said identity card, - comparing said authentication data pair on said identity card with said authorized authentication data pairs in said domain, - authorizing access to said domain if said comparison results in a match between said authentication data pair on said identity card and at least one of said authorized authentication data pairs in said domain. Thereby, due to the combination of said first and second authentication data each card has its own identity. It is therefore prevented that more than one card can be used at the same time. The domain may comprise e.g. one or more device, or one or more apparatus, or one or more user, or content data or a combination thereof. In an embodiment, said second authentication data comprises a serial number of said user identity card. Thereby, the identity card can be uniquely identified in a very easy way. Also, it can be very easy to distinguish which of e.g. two identity cards is illegal and legal, having the same first authentication data but a different serial numbers. As an example, the serial number may comprise the number of produced cards. Assuming the serial number comprises the number of produced cards, it is obvious that the identity card having the higher serial number is newer, and therefore the valid one. In an embodiment, the authentication data pair stored on said identity card may be updated by updating said second authentication data. Thereby, the authenticating access of the identity card to said domain may easily be updated since the update requires only the update of said second authentication data, e.g. said serial number. Therefore, the license of the card to e.g. content, devices or apparatuses in a domain does not have to be defined again, or regenerated by the license provider when e.g. the user of the card has lost the card and has purchased a new one. According to a second aspect the present invention relates to a computer readable medium having stored therein instructions for causing a processing unit to execute said method. According to a third aspect the present invention relates to a system for authenticating access to a domain using a user identity card, wherein said user identity card comprises an authentication data pair stored on said identity card, said authentication data pair consisting of first and second authentication data, said first authentication data uniquely identifying a user or a group of users and said second authentication data uniquely identifying said identity card, and wherein said domain comprises an identification of authorized authentication data pairs which can be used for obtaining authorized access to said domain, comprising - an identity card reader for reading said authentication data pair stored on said identity card, a processor for comparing said authentication data pair on said identity card with said authorized authentication data pairs in said domain, - means for authorizing access to said domain if said comparison results in a match between said authentication data pair on said identity card and at least one of said authorized authentication data pairs in said domain. According to a fourth aspect the present invention relates to an identity card to be used for authenticating access to a domain using a user identity card, wherein said user identity card comprises an authentication data pair stored on said identity card, said authentication data pair consisting of first and second authentication data, said first authentication data uniquely identifying a user or a group of users and said second authentication data uniquely identifying said identity card, and wherein said domain comprises an identification of authorized authentication data pairs which can be used for obtaining authorized access to said domain, wherein authenticating said access to said domain comprises: - reading said authentication data pair stored on said identity card, - comparing said authentication data pair on said identity card with said authorized authentication data pairs in said domain, - authorizing access to said domain if said comparison results in a match between said authentication data pair on said identity card and at least one of said authorized authentication data pairs in said domain. Thereby, an identity card, which can as an example be a smart card, is provided comprising an authentication data pair which uniquely identifies the identity card. Therefore, if the identify card is lost or stolen, the authentication data pair may be updated by updating only the said second authentication data. The identity card may, besides said memory, further comprise a processor and may further be adapted to communicate in a wireless way, e.g. via near field communication.

BRIEF DESCRIPTION OF THE DRAWINGS In the following preferred embodiments of the invention will be described referring to the figures, where figure 1 illustrates a flow chart of an embodiment of authenticating access to a domain using a user identity card, figure 2 shows a flow diagram of an embodiment of updating an authentication data stored on the identity card, and figure 3 shows a system for authenticating access to a domain using a user identity card.

DESCRIPTION OF PREFERRED EMBODIMENTS Figure 1 illustrates a flow chart of an embodiment of authenticating access to a domain using a user identity card (ID-card), wherein the ID-card comprises an authentication data pair stored on said identity card. The authentication data pair consists of first and second authentication data, the first authentication data uniquely identifying a user or a group of users and said second authentication data uniquely identifying the identity card. The domain comprises an identification of authorized authentication data pairs which can be used for obtaining authorized access to the domain. The domain may comprise on or more devices, or one or more apparatus, or one or more user, or content data or a combination thereof. In one preferred embodiment the first authentication data comprises user identification number (User-ID) and the second authentication data comprises a serial number of the identity card. In order to access the domain using the ID-card, the authentication data pair stored on the ID-card must be read (R) 101, e.g. by a ID-card reader, and compared to authorized authentication data pairs stored in the domain (C) 103. If there is a match (M?) 105 between the authentication data pair on the identity card and the authorized authentication data pairs in the domain the user card the access to the domain is authorized (A_D) 107. Otherwise, an access to the domain is rejected (R_D) 109. Therefore, in order to access the domain, both the authentication data, i.e. the user-ID and the serial number, must match with a corresponding authentication data within the domain. A rejection to access the domain may therefore be based on that the serial number stored on the ID-card does not matching with the pre-stored serial numbers within the domain, although the User-ID matches. This could be the case where an illegal user makes an attempt to illegally use the ID-card, but wherein the legal user has revoked the old ID-card by changing the serial number. This will be discussed in more details in Fig. 2. Figure 2 shows a flow diagram of an embodiment of updating an authentication data pair stored on an ID-card. This can be necessary if the ID-card has e.g. been stolen or the user has lost the ID-card. To avoid that another user can use the ID-card illegally, it is necessary to revoke the old authentication data (R_ID_C) 201. This could be done e.g. by the user itself or by him requesting the manufacturer or the seller of the card to revoke the old authentication data. The user is subsequently provided with a new ID-card (N_ID_C) 203. In order to update the authentication data on the new ID-card a new serial number is used (N_S_Nr) 205, and stored along with the old User-ID on the new ID-card. In one embodiment the new ID-card is already provided with a serial number, e.g. one indicating the number of the produced ID-cards of this type. Now, the authentication data pair is updated (U_ID) 207 having the same User-ID but a different serial number. When the user wants to access the domain using the new ID-card with the new authentication data pair, the identification of authorized authentication data pairs in the domain must be updated in accordance with the updated authentication data pair on the ID-card. This could be done by the user itself when accessing for the first time the domain after obtaining the new ID-card along with the updated authentication data. As an example, when the user wants to access the domain using the ID-card, then the larger serial number (assuming that the serial number comprises the number of produced cards which accordingly increases) could be used as an indicator that the new ID-card is the valid one. As an example, the first User-ID comprises "Jonssonl2345" and the serial number "123". If the authentication data on the new ID-card has been updated with a new serial number "598" (still using User-ID "Jonssonl2345"), the higher serial number would suggest that the new ID-card is valid because it is newer. Now, when the new authentication data have been authenticated (A_ID) 209 by e.g. a domain compliant first device (see Fig. 3), the first device could be adapted to inform e.g. other devices within the same domain about the new authentication data. The device within the domain (or apparatus, data base etc. comprised in the domain) could also be informed about the new authentication data for the new ID-card via a central server, e.g. where the new ID- card was purchased. If the user is interested in purchasing a new ID-card for a first time, the ID- card is provided with a new authentication data as described previously, comprising said User-ID and said serial number, which are stored on the ID-card. These authentication data are then defined in the authentication data within the domain. This could be done when the user enters the domain for the first time or by a central server. Figure 3 shows a system for authenticating access to a domain using a user identity card (ID-card) 305, wherein the identity card comprises a memory 307 for storing authentication data pair consisting of said first and second authentication data 306, 308. If the owner of the card wants e.g. to access the domain-compliant device 317, which is within the domain 302, a secure authentication channel (SAC) 315 is setup between the ID-card 305 and the domain-compliant device 317. This may be done e.g. by sending the public key and the certificate for the ID-card 305 to the domain-compliant device 317. This is to enable the authentication data pair 306, 308 to be passed to the domain-compliant device 317 in a secure way. Subsequently, a processor 310 in the domain-compliant device 317 compares the User- ID 306 and the serial number 308 on the ID-card 305 to authorized authentication data pairs 311, 313, which are stored in the domain-compliant device 317. If there is a match between the authentication data pair 306, 308 stored on the ID-card 305 and those within the domain- compliant device 317, the user can, using said ID-card, access the domain-compliant device 317. An example of such compliant devices is a portable MP3 player, an internet radio device, a storage container, DVD player, hard disc recorder and TV. It may be possible that the domain-compliant device 317 may request another domain-compliant device 319 to access content on said device 319, also through SAC. During the request, the domain-compliant device 317 sends its own identity and the user identity 306, 308 to the other compliant device 319. This domain-compliant device 319 will use this information (certificate of the user identity card and of the device 317) for the authentication process, i.e. to compare the User-ID 306 and the serial number 308 with the authorized authentication data pairs 311, 313, which are stored in the domain-compliant device 319. It should be noted that the above-mentioned embodiments illustrate rather than limit the invention, and that those skilled in the art will be able to design many alternative embodiments without departing from the scope of the appended claims. In the claims, any reference signs placed between parentheses shall not be construed as limiting the claim. The word 'comprising' does not exclude the presence of other elements or steps than those listed in a claim. The invention can be implemented by means of hardware comprising several distinct elements, and by means of a suitably programmed computer. In a device claim enumerating several means, several of these means can be embodied by one and the same item of hardware. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.