Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lawful Interception in 3G IP Multimedia Subsystem

Published byJuniper Hoover Modified over 9 years ago

Similar presentations

Presentation on theme: "Lawful Interception in 3G IP Multimedia Subsystem"— Presentation transcript:

1 Lawful Interception in 3G IP Multimedia Subsystem
Author: Toni Mäki, Nokia Networks, Supervisor: Prof. Raimo Kantola

2 Agenda Network Architectures Lawful interception Goals of the thesis
Capturing the signalling Capturing the user data Correlating the signalling and user data

3 3G Architecture PSTN CS Domain IMS Internet Access Network PS Domain
Terminal Access network provides radio connectivity and most of the mobility handling CS domain provides traditional mobile voice service plus some new 3G services like video call PS domain provides packet based connectivity to existing packet based networks, that is the Internet IMS provides introduces the IP multimedia services, like VoIP. It provides SIP based signalling. Access Network PS Domain

4 IP Multimedia Subsystem (IMS)
Offers mechanisms for multimedia services like VoIP, gaming, Push-over-Cellular Based on Session Initiation Protocol (SIP) IMS handles only signalling, GPRS used as a bearer technology. Users identified by their SIP URI (e.g. or TEL URI (e.g. tel: )

5 IP Multimedia Subsystem
IMS Signalling Layer to other 3G CSCF MGCF to PSTN/GSM MRCF to Internet / other GGSN Signalling Path to PSTN/GSM Data Path GGSN MGW MRFP SGSN GPRS Core IMS Transport Layer RAN

6 Lawful Interception Authorities capture the communications of certain users in order to tackle criminal activity Ability to perform lawful interception may be a precondition for a licence to operate telecommunications network Lawful interception is a very delicate issue. IRI (Interception Related Information) contains signalling, interception activation statuses, etc… CC (Content of Communications) contains the actual communications transmitted or received

7 Lawful Interception in GPRS
The packet traffic of a user is tunnelled over the GPRS network to the Internet. These tunnels are recognised and captured in lawful interception for GPRS. All the tunnels of targeted user are delivered to authorities. All the GPRS signalling related to monitored user is captured (e.g. network attach, tunnel creation etc…) Lawful interception in GPRS is based on traditional GSM user identifiers (IMSI, MSISDN, IMEI)

8 Lawful Interception in GPRS
GGSN LIE SGSN LIC LIE LIB USER ATTACHED Lawful Interception Controller (LIC) controls the interceptions and provides management interface Lawful Interception Browser (LIB) buffers, refines and delivers the captured data and signalling RAN GPRS Core

9 Goals of Thesis Design/refine the interception of IMS related IRI
Design the interception of IMS related CC Very wide problem definition One task was to find out the problems

10 Methodology The messaging was analysed using signalling flows
Standards were thoroughly studied

11 LI in IMS (IRI) All the SIP messages transmitted, received or executed on behalf of the user must be delivered to the authorities Interception is activated based on SIP URI or TEL URI CSCF recognises the SIP messages to be captured by looking into the ’To’ and ’From’ fields in the SIP message header. CSCF also checks for the implicit registrations

12 LI in IMS (IRI) IMS LIC GGSN LIB GPRS Core SIP messages LIE LIE LIE
CSCF LIE Signalling Path Data Path LIC LIP Path GGSN LIE SIP messages SGSN LIB LIE GPRS Core

13 Problems of CC LI in IMS IMS handles only signalling traffic
CC interception has to be executed in GPRS User identifiers used in IMS and GPRS differ SIP URI cannot be used in GPRS interception activation A mapping functionality must be provided SIP URI – GPRS user identity mapping is not one to one Current lawful interception mechanism uses user level of precision, which causes an illegal scenario

14 Problems of CC LI in IMS IMS Gi SGSN Gi GPRS Core

15 LI in IMS (CC) CPS notifies the LIC about the created sessions
LIC creates GPRS interceptions for CC collection CPS notifies the LIC about released sessions LIC releases the GPRS interception resources

16 LI in IMS (CC) Solution 1 GPRS interception is activated using IMSI
Existing network elements may co-exist The out-of-call packets need to be filtered out, before the data is forwarded to the authority

17 LI in IMS (CC) Solution 1 UE SGSN GGSN CPS LIC LIB INVITE 200 OK
SessionStarted Get IMSI IMSI Activate Interception Activate Interception Activation Response Activation Response data CC data FILTERING To LEA

18 LI in IMS (CC) Solution 2 GPRS interception is activate using the IP flow identifiers as target identifier Quicker activation and less burden to the network The CC interception is done only at the IMS entry point, GGSN

19 LI in IMS (CC) Solution 2 UE SGSN GGSN CPS LIC LIB INVITE 200 OK
SessionStarted Activate Interception Activation Response Activate Interception Activation Response data data CC data To LEA

20 Correlation numbering
The authority needs to correlate different kinds of IRI and CC. (e.g. the GPRS resources used by an IMS session The authority needs to be able to easily group the IRI belonging to the same session together

21 Correlation Numbering
IMS IRI carries Session Correlation Number, List of GPRS Correlation Numbers GPRS IRI carries only GPRS Correlation Number IMS CC carries GPRS Correlation Number, Session Correlation Number, and Media component identifier

22 Correlation numbering
SIP IRI Event 1 CC Data 1 GPRS IRI Event 1 GPRS CN 1 GPRS CN 1 GPRS CN 1 Session CN Session CN MC CN 1 SIP IRI Event 2 CC Data 2 GPRS IRI Event 2 GPRS CN 1 GPRS CN 2 GPRS CN 2 GPRS CN 2 Session CN Session CN MC CN 2

23 Conclusions IRI monitoring including the implicit registration
Capturing of content of communications in GPRS Correlation numbering scheme

24 Thank you for listening!
QUESTIONS? Thank you for listening!

Download ppt "Lawful Interception in 3G IP Multimedia Subsystem"

Similar presentations

SIPPING 3GPP Requirements Ad Hoc Meeting Georg Mayer IETF#53, Minneapolis.

SIPPING 3GPP Requirements Ad Hoc Meeting Georg Mayer IETF#53, Minneapolis.
Network Evolution Scenarios Dr. Klaus-D. Kohrt Product Portfolio Management Siemens I&C Mobile Networks.

Network Evolution Scenarios Dr. Klaus-D. Kohrt Product Portfolio Management Siemens I&C Mobile Networks.
Push-to-Talk over Cellular

Push-to-Talk over Cellular
University of California at Berkeley

University of California at Berkeley
3GPP SA3 Lawful Intercept

3GPP SA3 Lawful Intercept
0 0 0 BBWF Madrid October 2005 Access-independent Core Networks: Converging towards all-IP Andy Jones Head of Transmission & Interconnectivity Vodafone.

0 0 0 BBWF Madrid October 2005 Access-independent Core Networks: Converging towards all-IP Andy Jones Head of Transmission & Interconnectivity Vodafone.
NGN -The Fixed and Mobile Convergence Story Eric Sun Director of Product Marketing ZTE Europe Padova, 30th, June 2005.

NGN -The Fixed and Mobile Convergence Story Eric Sun Director of Product Marketing ZTE Europe Padova, 30th, June 2005.
22-23 June 2004TISPAN-3GPP Workshop - Sophia-Antipolis 1 TISPAN NGN Architecture Overview Richard Brennan pulver.com, WG2 Chair

22-23 June 2004TISPAN-3GPP Workshop - Sophia-Antipolis 1 TISPAN NGN Architecture Overview Richard Brennan pulver.com, WG2 Chair
DUE 402356 Vincente D’Ingianni Director of Professional Services Binary Systems, Inc. IMS.

DUE Vincente D’Ingianni Director of Professional Services Binary Systems, Inc. IMS.
Cellular COMMUNICATIONS

Cellular COMMUNICATIONS
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Rev A Antti Miettinen 07.12.20041 H.248 Gateway Control Protocol Signaling Traffic Related Protocol Analysis Antti Miettinen S-38.310 Thesis Seminar on.

Rev A Antti Miettinen H.248 Gateway Control Protocol Signaling Traffic Related Protocol Analysis Antti Miettinen S Thesis Seminar on.
Signaling Measurements on the Packet Domain of 3G-UMTS Core Network G. Stephanopoulos (National Technical University of Athens, Greece) G. Tselikis (4Plus.

Signaling Measurements on the Packet Domain of 3G-UMTS Core Network G. Stephanopoulos (National Technical University of Athens, Greece) G. Tselikis (4Plus.
Signalling Flows for the IP Multimedia Call Control in 3G Wireless Network Master’s Project By Sanjeev Kayath.

Signalling Flows for the IP Multimedia Call Control in 3G Wireless Network Master’s Project By Sanjeev Kayath.
IP Multimedia Subsystem (IMS) 江培文. Agenda Background IMS Definition IMS Architecture IMS Entities IMS-CS Interworking.

IP Multimedia Subsystem (IMS) 江培文. Agenda Background IMS Definition IMS Architecture IMS Entities IMS-CS Interworking.
World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.

World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.
Presents H.323 Forum 2002. ETSI TIPHON Presented by: Richard Brennan - Telxxis LLC Vice-Chair ETSI-TIPHON.

Presents H.323 Forum ETSI TIPHON Presented by: Richard Brennan - Telxxis LLC Vice-Chair ETSI-TIPHON.
Cisco Architecture for Lawful Intercept in IP Networks October 2004,rfc3924 Author(s): F. Baker,B. Foster,C. Sharp.

Cisco Architecture for Lawful Intercept in IP Networks October 2004,rfc3924 Author(s): F. Baker,B. Foster,C. Sharp.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
SIP and the application of SIP as used in 3GPP Keith Drage - Lucent Technologies.

SIP and the application of SIP as used in 3GPP Keith Drage - Lucent Technologies.

Similar presentations

Ads by Google