Lawful intercept trigger support within service provider networks
First Claim
1. A method comprising:
- receiving an intercept request for a subscriber with an administration device;
configuring two or more trigger rules for the subscriber on a network device via a command line interface (CLI) of the network device based on the intercept request, wherein each of the trigger rules comprises a precedence level; and
intercepting packets associated with one or more subscriber sessions on the network device when the one or more subscriber sessions match one or more of the trigger rules.
2 Assignments
0 Petitions
Accused Products
Abstract
The invention is directed to techniques for initiating lawful intercept of packets associated with subscriber sessions on a network device of a service provider network based on identification triggers. A law enforcement agency may send an intercept request for a subscriber to an administration device of the service provider network. The administration device may then configure one or more identification triggers for the subscriber based on the intercept request. The techniques described herein initiate lawful intercept when one or more subscriber sessions on a network device match the one or more identification triggers. The techniques described herein include configuring trigger rules that include identification triggers for subscribers on a network device via a command line interface (CLI) of the network device. In addition, the techniques described herein include configuring identification triggers in a subscriber profile on an authentication device connected to a network device.
-
Citations
56 Claims
-
1. A method comprising:
-
receiving an intercept request for a subscriber with an administration device; configuring two or more trigger rules for the subscriber on a network device via a command line interface (CLI) of the network device based on the intercept request, wherein each of the trigger rules comprises a precedence level; and intercepting packets associated with one or more subscriber sessions on the network device when the one or more subscriber sessions match one or more of the trigger rules. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system comprising:
-
an administration device that receives an intercept request for a subscriber; and a network device that includes a command line interface (CLI) through which the administration device configures two or more trigger rules for the subscriber on the network device based on the intercept request, wherein each of the two or more trigger rules comprises a precedence level, and an intercept module that intercepts packets associated with one or more subscriber sessions on the network device when the one or more subscriber sessions match one or more of the trigger rules. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38)
-
-
39. A method comprising:
-
receiving an intercept request for a subscriber with an administration device; configuring two or more identification triggers for the subscriber within a subscriber profile on an authentication device, wherein each of the two or more identification triggers has a precedence level; sending an intercept message for the subscriber that includes the two or more identification triggers to a network device connected to the authentication device; selecting one of the two or more identification triggers with the highest precedence level with the network device; and intercepting packets associated with one or more subscriber sessions on the network device when the one or more subscriber sessions match the selected one of the identification triggers. - View Dependent Claims (40, 41, 42, 43, 44, 45, 46, 47)
-
-
48. A system comprising:
-
an administration device that receives an intercept request for a subscriber; an authentication device that includes a subscriber profile within which the administration device configures two or more identification triggers for the subscriber, wherein each of the two or more identification triggers has a precedence level, and a network device module that sends an intercept message for the subscriber that includes the two or more identification triggers to a network device connected to the authentication device; and a network device that selects one of the two or more identification triggers with the highest precedence level, and intercepts packets associated with one or more subscriber sessions on the network device when the one or more subscriber sessions match the selected one of the identification triggers. - View Dependent Claims (49, 50, 51, 52, 53, 54, 55, 56)
-
Specification