Lawful Interception in 3G IP Multimedia Subsystem - PowerPoint PPT Presentation

Loading...

PPT – Lawful Interception in 3G IP Multimedia Subsystem PowerPoint presentation | free to download - id: 3bbd42-N2I5N



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Lawful Interception in 3G IP Multimedia Subsystem

Description:

Lawful Interception in 3G IP Multimedia Subsystem Author: Toni M ki, Nokia Networks, toni.maki_at_nokia.com Supervisor: Prof. Raimo Kantola Agenda Network Architectures ... – PowerPoint PPT presentation

Number of Views:247
Avg rating:3.0/5.0
Slides: 25
Provided by: netlabTkk
Learn more at: http://www.netlab.tkk.fi
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Lawful Interception in 3G IP Multimedia Subsystem


1
Lawful Interception in 3G IP Multimedia Subsystem
  • Author Toni Mäki, Nokia Networks,
    toni.maki_at_nokia.com
  • Supervisor Prof. Raimo Kantola

2
Agenda
  • Network Architectures
  • Lawful interception
  • Goals of the thesis
  • Capturing the signalling
  • Capturing the user data
  • Correlating the signalling and user data

3
3G Architecture
PSTN
CS Domain
IMS
Internet
Access Network
PS Domain
4
IP Multimedia Subsystem (IMS)
  • Offers mechanisms for multimedia services like
    VoIP, gaming, Push-over-Cellular
  • Based on Session Initiation Protocol (SIP)
  • IMS handles only signalling, GPRS used as a
    bearer technology.
  • Users identified by their SIP URI (e.g.
    sip//john.doe_at_company.com) or TEL URI (e.g.
    tel358-555-1234567 )

5
IP Multimedia Subsystem
IMS Signalling Layer
to other 3G
CSCF
MGCF
to PSTN/GSM
MRCF
to Internet / other GGSN
Signalling Path
to PSTN/GSM
Data Path
GGSN
MGW
MRFP
SGSN
GPRS Core
IMS Transport Layer
RAN
6
Lawful Interception
  • Authorities capture the communications of certain
    users in order to tackle criminal activity
  • Ability to perform lawful interception may be a
    precondition for a licence to operate
    telecommunications network
  • Lawful interception is a very delicate issue.
  • IRI (Interception Related Information) contains
    signalling, interception activation statuses,
    etc
  • CC (Content of Communications) contains the
    actual communications transmitted or received

7
Lawful Interception in GPRS
  • The packet traffic of a user is tunnelled over
    the GPRS network to the Internet.
  • These tunnels are recognised and captured in
    lawful interception for GPRS. All the tunnels of
    targeted user are delivered to authorities.
  • All the GPRS signalling related to monitored user
    is captured (e.g. network attach, tunnel creation
    etc)
  • Lawful interception in GPRS is based on
    traditional GSM user identifiers (IMSI, MSISDN,
    IMEI)

8
Lawful Interception in GPRS
GGSN
LIE
SGSN
LIC
LIE
LIB
USER ATTACHED
RAN
  • Lawful Interception Controller (LIC) controls the
    interceptions and provides management interface
  • Lawful Interception Browser (LIB) buffers,
    refines and delivers the captured data and
    signalling

GPRS Core
9
Goals of Thesis
  • Design/refine the interception of IMS related IRI
  • Design the interception of IMS related CC
  • Very wide problem definition
  • One task was to find out the problems

10
Methodology
  • The messaging was analysed using signalling flows
  • Standards were thoroughly studied

11
LI in IMS (IRI)
  • All the SIP messages transmitted, received or
    executed on behalf of the user must be delivered
    to the authorities
  • Interception is activated based on SIP URI or TEL
    URI
  • CSCF recognises the SIP messages to be captured
    by looking into the To and From fields in the
    SIP message header.
  • CSCF also checks for the implicit registrations

12
LI in IMS (IRI)
IMS
CSCF
LIE
Signalling Path
Data Path
LIC
LIP Path
GGSN
LIE
SIP messages
SGSN
LIB
LIE
GPRS Core
13
Problems of CC LI in IMS
  • IMS handles only signalling traffic
  • CC interception has to be executed in GPRS
  • User identifiers used in IMS and GPRS differ
  • SIP URI cannot be used in GPRS interception
    activation
  • A mapping functionality must be provided
  • SIP URI GPRS user identity mapping is not one
    to one
  • Current lawful interception mechanism uses user
    level of precision, which causes an illegal
    scenario

14
Problems of CC LI in IMS
IMS
Gi
SGSN
Gi
GPRS Core
15
LI in IMS (CC)
  • CPS notifies the LIC about the created sessions
  • LIC creates GPRS interceptions for CC collection
  • CPS notifies the LIC about released sessions
  • LIC releases the GPRS interception resources

16
LI in IMS (CC) Solution 1
  • GPRS interception is activated using IMSI
  • Existing network elements may co-exist
  • The out-of-call packets need to be filtered out,
    before the data is forwarded to the authority

17
LI in IMS (CC) Solution 1
CPS
LIC
SGSN
GGSN
LIB
UE
INVITE
200 OK
SessionStarted
Get IMSI
IMSI
Activate Interception
Activate Interception
Activation Response
Activation Response
data
CC data
FILTERING
To LEA
18
LI in IMS (CC) Solution 2
  • GPRS interception is activate using the IP flow
    identifiers as target identifier
  • Quicker activation and less burden to the network
  • The CC interception is done only at the IMS entry
    point, GGSN

19
LI in IMS (CC) Solution 2
CPS
LIC
SGSN
GGSN
LIB
UE
INVITE
200 OK
SessionStarted
Activate Interception
Activation Response
Activate Interception
Activation Response
data
data
CC data
To LEA
20
Correlation numbering
  • The authority needs to correlate different kinds
    of IRI and CC. (e.g. the GPRS resources used by
    an IMS session
  • The authority needs to be able to easily group
    the IRI belonging to the same session together

21
Correlation Numbering
  • IMS IRI carries Session Correlation Number, List
    of GPRS Correlation Numbers
  • GPRS IRI carries only GPRS Correlation Number
  • IMS CC carries GPRS Correlation Number, Session
    Correlation Number, and Media component identifier

22
Correlation numbering
GPRS IRI Event 1
CC Data 1
SIP IRI Event 1
GPRS CN 1
GPRS CN 1
GPRS CN 1
Session CN
Session CN
MC CN 1
SIP IRI Event 2
GPRS IRI Event 2
CC Data 2
GPRS CN 1
GPRS CN 2
GPRS CN 2
GPRS CN 2
Session CN
Session CN
MC CN 2
23
Conclusions
  • IRI monitoring including the implicit
    registration
  • Capturing of content of communications in GPRS
  • Correlation numbering scheme

24
  • QUESTIONS?

Thank you for listening!
About PowerShow.com