Interception system and method

US 20020049913A1
Filed: 09/10/2001
Published: 04/25/2002
Est. Priority Date: 03/12/1999
Status: Active Grant

First Claim

Patent Images

1. An interception system for performing a lawful interception in a packet network, comprising:

a) interception activation and deactivation means (IAD) for activating and deactivation current interception targets based on a received interception-related command;

b) interception activation monitoring means (IAM) for monitoring an activation of PDP contexts and for informing said interception activation and deactivation means (IAD) of changes in said PDP contexts;

c) interception data collection means (IDC) for collecting intercepted data in response to an interception target activation by said interception activation and deactivation means (IAD); and

d) interception data destination means (IDD) for receiving said collected intercepted data and forwarding it to a final interception destination.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An interception system and method for performing a lawful interception in a packet network such as the GPRS or UMTS network is described. The interception system comprises an interception activation monitoring function, an interception activation and deactivation function, an interception data collection function and an interception data destination function. The interception data collection function can be implemented in an existing network node such as a GPRS support node, wherein an interception information is set in the corresponding PDP context, and the collection of the intercepted data is performed in response to the set interception information. Furthermore, the interception data destination function may be arranged in an interception browsing element arranged for browsing the intercepted databased on an external command received from another network element comprising the interception activation and deactivation function. Thereby, browsing and managing of the lawful interception can be separated into different network elements. In summary, a flexible interception system can be provided, which can be easily adapted to individual architectures of packet networks.

Citations

41 Claims

1. An interception system for performing a lawful interception in a packet network, comprising:
- a) interception activation and deactivation means (IAD) for activating and deactivation current interception targets based on a received interception-related command;
  
  b) interception activation monitoring means (IAM) for monitoring an activation of PDP contexts and for informing said interception activation and deactivation means (IAD) of changes in said PDP contexts;
  
  c) interception data collection means (IDC) for collecting intercepted data in response to an interception target activation by said interception activation and deactivation means (IAD); and
  
  d) interception data destination means (IDD) for receiving said collected intercepted data and forwarding it to a final interception destination.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
- - 2. A system according to claim 1, wherein said final destination is a representative of a legal authority or a network operator.
  - 3. A system according to claim 1 or 2, wherein said interception data destination means (IDD) is arranged to postprocess said intercepted data.
  - 4. A system according to claim 3, wherein said postprocessing comprises decryption, formating and/or translation of said intercepted data.
  - 5. A system according to anyone of claims 1 to 4, wherein said interception activation and deactivation means (IAD) receives said interception-related command from a user interface (UI) for lawful interception, wherein said interception-related command is a command for changing current interception criteria.
  - 6. A system according to claim 5, wherein said interception activation and deactivation means (IAD) and said interception data destination means (IDD) are arranged in a network element comprising said user interface (UI) for lawful interception.
  - 7. A system according to anyone of claims 1 to 6, wherein said interception activation monitoring means (IAM) and said interception data collection means (IDC) are arranged in a gateway GPRS support node (GGSN).
  - 8. A system according to anyone of claims 1 to 7, wherein said interception activation monitoring means (IAM) is arranged to monitor tunnel activations and deactivations by monitoring corresponding GTP protocol messages, and to inform the interception activation and deactivation means (IAD) about new possible interception targets and/or currently intercepted and now finished tunnels.
  - 9. A system according to anyone of claims 1 to 8, wherein said interception activation monitoring means (IAM) is arranged in a lawful interception node and adapted to recognize tunnel activation and deactivation requests on the basis of GTP protocol messages.
  - 10. A system according to anyone of claims 1 to 9, wherein said interception activation monitoring means (IAM) is arranged in a serving GPRS support node (SGSN).
  - 11. A system according to anyone of claims 1 to 10, wherein said interception activation monitoring means (IAM) is arranged in a boarder gateway (BG).
  - 12. A system according to anyone of claims 1 to 11, wherein said interception activation and deactivation means (IAD) comprises an interception database and is arranged to modify said interception database in response to said interception related command.
  - 13. A system according to claim 12, wherein said interception activation and deactivation means (IAD) is arranged to check a tunnel identification received from the interception activation monitoring means (IAM) and to transmit a tunnel deactivation message to the interception data destination means (IDD) if said tunnel identification matches a criterion in said interception database.
  - 14. A system according to anyone of claims 1 to 13, wherein said interception activation and deactivation means (IAD) is arranged in a lawful interception gateway (LIG) or a GPRS serving node (SGSN, GGSN).
  - 15. A system to anyone of claims 1 to 14, wherein said interception data collection means (IDC) is arranged to inform said interception data destination means (IDD) of an activated interception collection by transmitting an interception activation message to said interception data destination means (IDD), in response to which said interception data destination means (IDD) starts storing received interception data for the new intercepted tunnel.
  - 16. A system according to claim 15, wherein said interception activation message includes a tunnel identification and a destination for the intercepted data.
  - 17. A system according to anyone of claims 1 to 16, wherein said interception data collection means (IDC) is arranged in a legal interception node, a GPRS support node (GGSN, SGSN) or a boarder gateway.
  - 18. A system according to anyone of claims 1 to 17, wherein said interception data destination means (IDD) receives said collected intercepted data together with the intended destination thereof.
  - 19. A system according to anyone of claims 1 to 18, wherein said interception data destination (IDD) is arranged in a legal interception gateway (LIG), in an interception browsing element (LIB), or in a user equipment comprising a specific interception data destination processing capability.

20. A network element for a packet network, comprising:
- a) setting means (IDC) for setting an interception information in a PDP context thereof in response to an interception request received by said network element; and
  
  b) interception data collection means (IDC) for collecting intercepted data in response to said interception information and for supplying said collected intercepted data to an interception destination (LIG).
- View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 30, 31)
- - 21. A network element to claim 20, wherein said interception information is a bit mask or a linked list, wherein each bit refers to an entity that can request copies of data packets.
  - 22. A network element according to claim 21, wherein each bit of said bit mask or linked list refers to a listening context comprising an information about said interception destination (LIG).
  - 23. A network element according to claim 22, wherein said information about interception destination (LIG) comprises a destination address, authentication keys, a mastering interception gateway address and a protocol information.
  - 24. A network element according to anyone of claims 20 to 23, wherein said interception data collection means (IDC) performs collection on the basis of an IMSI number or an IP address of a data packet.
  - 25. A network element according to anyone of claims 20 to 24, wherein said interception data collection means (IDC) is arranged to create a secure tunnel by a secure authentication, and wherein said collected intercepted data is transferred via said tunnel using a secure date encryption.
  - 26. A network element according to claim 25, wherein said authentication and tunneling is performed by using VPN or SSH.
  - 27. A network element according to anyone of claims 20 to 26, wherein said network element is arranged to store entries for authenticated interception destinations (LIG) which can set and reset said interception information.
  - 28. A network element according to anyone of claims 20 to 27, wherein said network element is a gateway GPRS support node (GGSN).
  - 30. An interception browsing element according to claim 29, wherein said external command is supplied from a network element (LIG) having an interception activation and deactivation function.
  - 31. An interception browsing element according to claim 30, wherein said network element (LIG) having an interception activation and deactivation function has another authentication key different from that one of said interception browsing element (LIB).

29. An interception browsing element for a packet network, comprising:
- a) receiving means for receiving intercepted date from a network element (GGSN) having an interception data collection function;
  
  b) storing means for storing interception data received from said network element (GGSN); and
  
  c) browsing means for browsing said stored interception data based on an external command and for supplying the result of said browsing to an interception authority.
- View Dependent Claims (32, 33, 34, 35, 36, 38, 40)
- - 32. An interception browsing element according to anyone of claims 29 to 31, wherein said intercepted data is received from said network element (GGSN) having an interception data collection function via a secure tunnel.
  - 33. An interception browsing element according to anyone of claims 29 to 32, wherein said interception browsing element (LIB) is a network element (LIB3) arranged at the network operator'"'"'s site.
  - 34. An interception browsing element according to anyone of claims 29 to 32, wherein said interception browsing element is a network element (LIB1) arranged at the interception authority'"'"'s site.
  - 35. An interception browsing element according to anyone of claims 29 to 32, wherein said interception browsing element is a network element (LIB2) arranged at the public network'"'"'s site.
  - 36. An interception browsing element according to anyone of claims 29 to 32, wherein said interception browsing element is a mobile terminal (LIB4) arranged in a mobile network connected to said packet network.
  - 38. A method according to claim 37, wherein said monitoring an collection step is performed in a first network element (GGSN) and said activating and deactivating step in a second network element (LIG).
  - 40. A method according to claim 39, wherein said interception information is a bit mask in which each bit refers to an entity that can request copies of data packets.

37. A method for performing a lawful interception in a packet network, comprising steps of:
- a) monitoring an activation of PDP contexts in order to detect changes in said PDP contexts;
  
  b) activating and deactivating current interception targets based on an interception-related command and said changes in said PDP contexts;
  
  c) collection intercepted data in response to an interception target activation; and
  
  d) supplying said collected intercepted data to an interception destination.

39. A method for performing a lawful interception in a packet network, comprising the steps of:
- a) setting an interception information in a PDP context of a network element in response to an interception request;
  
  b) collecting intercepted data in said network element in response to said interception information; and
  
  c) supplying said collected intercepted data to an interception destination.

41. A method for performing a lawful interception in a packet network, comprising the steps of:
- a) providing a first network element (GGSN) having an interception data collection function;
  
  b) transmitting collected intercepted data from said first network element to an interception browsing element (LIB);
  
  c) browsing said transmitted intercepted data at said interception browsing element based on an external command from a second network element (LIG) having an interception activation and deactivation function; and
  
  d) transmitting the result of said browsing step to an interception authority.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Technologies Oy (Nokia Corporation)
Original Assignee
Nokia Networks (Nokia Corporation)
Inventors
Jokinen, Hannu, Eloranta, Jaana, Lumme, Martti

Granted Patent

US 6,711,689 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/201
CPC Class Codes

H04L 63/0272   Virtual private networks

H04L 63/30   for supporting lawful inter...

H04M 2207/18   wireless networks

H04M 3/2281   Call monitoring, e.g. for l...

H04W 12/03   Protecting confidentiality,...

H04W 24/00   Supervisory, monitoring or ...

Interception system and method

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Interception system and method

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links