Interception method and system
First Claim
1. An interception method for performing a lawful interception in a packet network, comprising:
- providing a first network element having an interception function for intercepting data packets;
controlling said interception function by an interception control means implemented in a second network element; and
transmitting an intercepted data packet from said first network element via said packet network to an interception gateway element providing an interface to at least one intercepting authority, wherein said first network element generates fake packets to be transmitted with said intercepted data packets and the fake packets are transmitted from said first network element to said interception gateway element,wherein said fake packets are transmitted at random or triggered at any passing packet, such that the total load of intercepted and fake packets transmitted to said interception gateway element is constant.
4 Assignments
0 Petitions
Accused Products
Abstract
An interception method and system for performing a lawful interception in a packet network such as the GPRS or UMTS network is described. A first network element having an intercepting function for intercepting data packets is provided, said interception function being controlled by an interception control means implemented in a second network element, wherein an intercepted data packet is transmitted from the first network element via the packet network to an interception gateway element providing an interface to a intercepting authority. The intercepted data packet is transmitted via a secure tunnel provided by an encryption processing. The interception control means and the interception gateway element may both be integrated in the second network element. The interception system has a clear advantage in scalability, no single point of failure, and an adaptation to different authority interfaces can be implemented only in the interception gateway. The network elements can be similar to a high extent for all different authority requirements.
-
Citations
31 Claims
-
1. An interception method for performing a lawful interception in a packet network, comprising:
-
providing a first network element having an interception function for intercepting data packets; controlling said interception function by an interception control means implemented in a second network element; and transmitting an intercepted data packet from said first network element via said packet network to an interception gateway element providing an interface to at least one intercepting authority, wherein said first network element generates fake packets to be transmitted with said intercepted data packets and the fake packets are transmitted from said first network element to said interception gateway element, wherein said fake packets are transmitted at random or triggered at any passing packet, such that the total load of intercepted and fake packets transmitted to said interception gateway element is constant. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An interception system comprising:
-
a first network element having an interception function to intercept data packets and comprising a transmitting unit configured to transmit an intercepted data packet to said packet network; an interception control unit implemented in a second network element and configured to control the interception function; and an interception gateway element having a receiving unit configured to receive said intercepted data packet and an interface unit configured to provide an interface to at least one intercepting authority, wherein said first network element further comprises a generating unit configured to generate fake packets to be transmitted with said intercepted data packets, and wherein said transmitting unit is further configured to transmit said fake packets at random or triggered at any passing packet, such that the total load of intercepted and fake packets transmitted to said interception gateway element is constant, wherein the interception system is configured to perform a lawful interception in a packet network. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. An interception system comprising:
-
a first network element having an interception function for intercepting data packets and comprising a transmitting unit configured to transmit an intercepted data packet to said packet network; an interception control unit implemented in a second network element and further configured to control the interception function; and an interception gateway element having a receiving unit configured to receive said intercepted data packet and an interface unit configured to provide an interface to at least one intercepting authority, wherein said interception gateway element comprises a memory unit configured to store received intercepted data packets before supplying them to said interface unit, wherein said interception gateway element comprises a decryption unit configured to remove an encryption of the received intercepted data packets, an extraction unit configured to extract intercepted data packets from fake data packets, and an adding unit configured to add a time information to said received intercepted data packets before storing them in said memory unit, and wherein said transmitting unit is further configured to transmit said fake packets at random or triggered at any passing packet, such that the total load of intercepted and fake packets transmitted to said interception gateway element is constant, wherein the interception system is configured to perform a lawful interception in the packet network.
-
-
29. A network element for a packet network, comprising:
-
an interception unit configured to intercept a data packet received from said packet network, and a transmitting unit configured to transmit said intercepted data packet via said packet network to an interception gateway element, wherein said interception unit is controlled by an interception control unit configured in another network element, and said network element further comprises a generating unit configured to generate fake packets to be transmitted with said intercepted data packets and the fake packets are transmitted from said network element to said interception gateway element, and wherein said fake packets are transmitted at random or triggered at any passing packet, such that the total load of intercepted and fake packets transmitted to said interception gateway element is constant.
-
-
30. An interception gateway element for an interception system of a packet network, comprising:
-
a receiving unit configured to receive an intercepted data packet via said packet network from a network element having an interception function; an interface unit configured to provide an interface to an intercepting authority; a memory unit configured to store received intercepted data packets before supplying them to said interface unit wherein said interception gateway element comprises a decryption unit configured to remove an encryption of the received intercepted data packets, an extraction unit configured to extract intercepted data packets from fake data packets and an adding unit configured to add a time information to said received intercepted data packets before storing them in said memory, wherein said receiving unit is further configured to receive said fake packets transmitted at random or triggered at any passing packet, such that the total load of intercepted and fake packets received by said interception gateway element is constant. - View Dependent Claims (31)
-
Specification