Systems and methods for controlling authorized intercept

US 6,738,902 B1
Filed: 01/14/2000
Issued: 05/18/2004
Est. Priority Date: 01/14/2000
Status: Expired due to Term

First Claim

Patent Images

1. A method of controlling communications intercepts in a communications system comprising the steps of:

maintaining a list of subscriber unit IDs at a network intercept facility, each subscriber unit ID appearing in encrypted and plain form, and providing an encrypted intercept order from the network intercept facility to the communications system, the encrypted intercept order comprising the encrypted form of the subscriber unit ID assigned to a subscriber unit whose communication is desired to be intercepted and wherein the encrypted intercept order is encrypted separately from the encrypted subscriber unit ID.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authorized intercepts of communications in a communications system such as a satellite communications system (10) are controlled. Each law enforcement agency (LEA) can only intercept communications to subscriber units (SUs) within its jurisdiction. In addition, the identity of each authorized intercept target is known only to the requesting LEA. In one embodiment, a trusted entity, such as a network operations facility (NOF 22, FIG. 3), creates a list of ID'"'"'s corresponding to all SUs within each LEA'"'"'s jurisdiction. Each SU ID is provided both unencrypted and encrypted for one or more network nodes (NN 1-R, FIG. 3). A network intercept facility (IF 201, FIG. 3) selects a target SU ID, generates an intercept order encrypted for one or more NNs, and sends it to one or more NNs for execution.

Citations

25 Claims

1. A method of controlling communications intercepts in a communications system comprising the steps of:
- maintaining a list of subscriber unit IDs at a network intercept facility, each subscriber unit ID appearing in encrypted and plain form, and providing an encrypted intercept order from the network intercept facility to the communications system, the encrypted intercept order comprising the encrypted form of the subscriber unit ID assigned to a subscriber unit whose communication is desired to be intercepted and wherein the encrypted intercept order is encrypted separately from the encrypted subscriber unit ID.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method recited in claim 1, wherein a network operations facility in the communication system generates the list of subscriber unit IDs based in part upon location data for each subscriber unit whose subscriber unit ID appears on the list, and in part upon a boundary of a jurisdiction within which a communications intercept is authorized.
  - 3. The method recited in claim 2, wherein the subscriber unit ID of the encrypted intercept order is encrypted in a key that is known only to the network operations facility and the network node, and wherein the encrypted intercept order is encrypted in a key that is known only to the network intercept facility and the network node.
  - 4. The method recited in claim 3 and further comprising the step of:
5. The method recited in claim 4 and further comprising the steps of:
- the network node attempting to decrypted subscriber unit ID;
  
  if successful, the network node executing the intercept order; and
  
  if not successful, the network node not executing the intercept order.
6. The method recited in claim 2 and further comprising:
- a network intercept facility transmitting the intercept order encrypted for a network node in the communications system, the subscriber unit ID within the encrypted intercept order being encrypted by the network operations facility for the network node.
7. The method recited in claim 6 and further comprising:
- the network node decrypting the encrypted intercept order that includes the encrypted subscriber unit ID.
8. The method recited in claim 7 and further comprising:
- the network node attempting to decrypt the encrypted subscriber unit ID;
  
  if successful, the network node executing the intercept order; and
  
  if not successful, the network node not executing the intercept order.
9. The method recited in claim 8 wherein the operations are performed in the order recited.

10. A communications system comprising at least one data processing system executing at least one computer program controlling intercepts in the communications system, the at least one computer program when executed comprising the operations of:
- maintaining a list of subscriber unit IDs, each subscriber unit ID appearing in encrypted and plain form, and providing an encrypted intercept order from the data processing system to the communications system, the encrypted intercept order comprising an encrypted subscriber unit ID assigned to a subscriber unit whose communication is desired to be intercepted, and wherein the encrypted intercept order is encrypted separately from the encrypted subscriber unit ID.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The communications system recited in claim 10 and further comprising:
12. The communications system recited in claim 11 and further comprising:
- network intercept facility that receives the list of subscriber unit IDs from the network operations facility, the network intercept facility generating the encrypted intercept order.
13. The communications system recited in claim 12 and further comprising:
- a network node that receives the encrypted intercept order from the network intercept facility.
14. The communications system of claim 13 and further comprising:
- a network management facility coupled between the network intercept facility and the network node.
15. The communications system recited in claim 13 wherein the network node decrypts the encrypted intercept order that includes the encrypted subscriber unit ID.
16. The communications system recited in claim 15 wherein if the network node decrypts the encrypted subscriber unit ID in the intercept order, it executes the intercept order.

17. A communications facility adapted to be used in a communications system in which communications intercepts are executed, the communications facility comprising:
- at least one data processing system; and
  
  a computer-readable data structure, accessible by the at least one data processing system, and comprising a list of subscriber unit IDs, each subscriber unit ID appearing in encrypted and plain form; and
  
  a computer program executable by the at least one data processing system to thereby generate an intercept order to intercept a communication with a subscriber unit whose subscriber unit ID is in the computer-readable data structure, wherein the intercept order comprises the encrypted form of the subscriber unit ID of the subscriber unit, and wherein the intercept order is encrypted separately from the subscriber unit ID.
- View Dependent Claims (18, 19, 20, 21, 22)
- - 18. The communication facility recited in claim 17 and further comprising a computer program executable by the at least one data processing system for generating and maintaining the computer-readable data structure.
  - 19. The communication facility recited in claim 17 and further comprising a computer program executable by the at least one data processing system for encrypting the intercept order.
  - 20. The communications facility recited in claim 17 and further comprising a computer program executable by the at least one data processing system for transmitting an intercept order to a node in the communications system.
  - 21. The communications facility recited in claim 17 and further comprising a computer program executable by the at least one data processing system for decrypting and executing and intercept order.
  - 22. The communications facility recited in claim 17 wherein the data structure further comprises location data for subscriber units whose subscriber unit IDs appear in the data structure.

23. A computer-readable medium comprising at least one computer program adapted for use in a communications system in which communications are intercepted, the at least one computer program when executed comprising the steps of:
- attempting to decrypt an encrypted intercept order received from an entity within the communications system, the encrypted intercept order comprising an encrypted subscriber unit ID, wherein the encrypted subscriber unit ID is encrypted in part based upon location data and in part based upon a boundary of a jurisdiction within which a communications intercept is authorized;
  
  if successful, decrypting the encrypted subscriber unit ID contained within the intercept order and executing the intercept order to thereby intercept information that is communicated to and from a subscriber unit having the decrypted subscriber unit ID; and
  
  if not successful, not executing the intercept order.
- View Dependent Claims (24)
- - 24. The computer-readable medium recited in claim 23 wherein the at least one computer program when executed further comprises the operation of:

25. A method of performing a lawful intercept of a subscriber unit operating within a communications system, wherein the subscriber unit has a subscriber unit ID assigned by a network operations facility, the method comprising the steps of:
- receiving encrypted intercept order from an intercept facility;
  
  decrypting the encrypted intercept order with a key associated with the intercept facility to produce a decrypted intercept orders;
  
  extracting the subscriber unit ID in encrypted form from the decrypted intercept order;
  
  decrypting the subscriber unit ID with a key associated with the network operations facility; and
  
  performing the lawful intercept of the subscriber unit identified by the decrypted subscriber unit ID.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CDC Propriete Intellectuelle
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Scott, William Turner, Carmony, Pamela Tam, Comer, Erwin Perry, Ruppert, William Henry
Primary Examiner(s)
MOISE, EMMANUEL LIONEL

Application Number

US09/483,242
Time in Patent Office

1,586 Days
Field of Search

455/405, 455/428, 455/12.1, 455/13.1, 455/67.11, 455/410, 455/427, 455/430, 455/515, 455/560, 713/152, 713/162, 380/28, 380/30, 380/43, 380/239, 380/282, 379/35
US Class Current

713/162
CPC Class Codes

H04L 2209/80   Wireless

H04L 63/304   intercepting circuit switch...

H04L 9/00   Cryptographic mechanisms or...

H04W 12/03   Protecting confidentiality,...

H04W 12/80   Arrangements enabling lawfu...

Systems and methods for controlling authorized intercept

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods for controlling authorized intercept

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links