IP traffic redirection for purposes of lawful intercept

US 8,756,339 B2
Filed: 06/18/2010
Issued: 06/17/2014
Est. Priority Date: 06/18/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method comprising:

receiving, at a network router that stores a lawful intercept routing table, an instruction to monitor data packets associated with a target entity for a purpose of lawful intercept;

adding, by the network router, the target entity to a lawful intercept list;

assigning, by the network router, a lawful intercept internet protocol (IP) address from a range of lawful intercept IP addresses to the target entity added to the lawful intercept list, the lawful intercept IP address having a corresponding routing policy for routing data packets associated with the lawful intercept IP address to a lawful intercept capture system;

upon receiving a data packet, identifying, by the network router, an origination IP address associated with the data packet and a destination IP address associated with the data packet;

determining, by the network router, if one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, wherein determining if the one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses comprises performing a look-up operation by searching the lawful intercept list for the origination IP address and the destination IP address;

if a determination is made that one of the the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, redirecting, by the network router, the data packet to the lawful intercept capture system based on the corresponding routing policy;

receiving, at the network router, a request to stop monitoring the data packets associated with the target entity for the purpose of lawful intercept; and

removing, by the network router, the target entity from the lawful intercept list.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies for redirecting traffic associated with a target entity for purposes of lawful intercept are presented herein. According to one aspect, a request to monitor data packets associated with a target entity for purposes of lawful intercept is received. Once the request is received, the target entity is added to a lawful intercept list and assigned a lawful intercept IP address from a range of lawful intercept IP addresses. Each lawful intercept IP address may have a corresponding routing policy for routing data packets associated with the corresponding lawful intercept IP address to a lawful intercept capture system. The data packet is then routed to the lawful intercept capture system based on the routing policy of the lawful intercept IP address. The lawful intercept capture system captures the data packet and forwards the data packet to a next hop network entity associated with the data packet.

27 Citations

View as Search Results

17 Claims

1. A method comprising:
- receiving, at a network router that stores a lawful intercept routing table, an instruction to monitor data packets associated with a target entity for a purpose of lawful intercept;
  
  adding, by the network router, the target entity to a lawful intercept list;
  
  assigning, by the network router, a lawful intercept internet protocol (IP) address from a range of lawful intercept IP addresses to the target entity added to the lawful intercept list, the lawful intercept IP address having a corresponding routing policy for routing data packets associated with the lawful intercept IP address to a lawful intercept capture system;
  
  upon receiving a data packet, identifying, by the network router, an origination IP address associated with the data packet and a destination IP address associated with the data packet;
  
  determining, by the network router, if one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, wherein determining if the one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses comprises performing a look-up operation by searching the lawful intercept list for the origination IP address and the destination IP address;
  
  if a determination is made that one of the the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, redirecting, by the network router, the data packet to the lawful intercept capture system based on the corresponding routing policy;
  
  receiving, at the network router, a request to stop monitoring the data packets associated with the target entity for the purpose of lawful intercept; and
  
  removing, by the network router, the target entity from the lawful intercept list.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, further comprising if a determination is made that the one of the origination IP address and the destination IP address is not in the range of lawful intercept IP addresses, routing the data packet to a next hop network entity based on a default routing policy of the destination IP address.
  - 3. The method of claim 1, further comprising in response to receiving the request to stop the monitoring, assigning the target entity a default IP address from a range of default IP addresses, each of the default IP addresses corresponding to a default routing policy for routing data packets associated with the default IP address to a next hop network entity.
  - 4. The method of claim 1, wherein the lawful intercept capture system includes a plurality of lawful intercept capture devices, and wherein redirecting the data packet comprises:
    - selecting a lawful intercept capture device from the plurality of lawful intercept capture devices to which to send the data packet; and
      
      redirecting the data packet to the selected lawful intercept capture device.
  - 5. The method of claim 4, wherein selecting a lawful intercept capture device from the plurality of lawful intercept capture devices to which to send the data packet comprises:
    - receiving utilization information associated with the plurality of lawful intercept capture devices, the utilization information indicating a current utilization of the plurality of lawful intercept capture devices and a forecasted utilization of the plurality of lawful intercept capture devices; and
      
      selecting the lawful intercept capture device from the plurality of lawful intercept capture devices based on the utilization information.
  - 6. The method of claim 1, wherein redirecting the data packet to the lawful intercept capture system based on the routing policy of the lawful intercept IP address comprises:
    - performing a look-up operation of the lawful intercept IP address in the lawful intercept routing table; and
      
      sending the data packet to the lawful intercept capture system based on the routing policy associated with the lawful intercept IP address.
  - 7. The method of claim 1, further comprisingdefining, by the network router within the lawful intercept routing table, a first routing policy for a first group of IP addresses from the range of lawful intercept IP address;
    - anddefining, by the network router within the lawful intercept routing table, a second routing policy for a second group of IP addresses from the range of lawful intercept IP address.

8. A system comprising:
- a processor; and
  
  a memory that stores instructions that, when executed by the processor, cause the processor to perform operations comprisingreceiving an instruction to monitor data packets associated with a target entity for a purpose of lawful intercept,adding the target entity to a lawful intercept list,assigning a lawful intercept internet protocol (IP) address from a range of lawful intercept IP addresses to the target entity added to the lawful intercept list, the lawful intercept IP address having a corresponding routing policy for routing data packets associated with the lawful intercept IP address to a lawful intercept capture system,upon receiving a data packet, identifying an origination IP address associated with the data packet and a destination IP address associated with the data packet,determining if one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, wherein determining if the one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses comprises performing a look-up operation by searching the lawful intercept list for the origination IP address and the destination IP address,if a determination is made that the one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, redirecting the data packet to the lawful intercept capture system based on the corresponding routing policy,receiving a request to stop monitoring the data packets associated with the target entity for the purpose of lawful intercept, andremoving the target entity from the lawful intercept list.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The system of claim 8, further comprising instructions that, when executed by the processor, cause the processor to perform operations further comprising:
    - if a determination is made that the one of the origination IP address and the destination IP address is not in the range of lawful intercept IP addresses, routing the data packet to a next hop network entity based on a default routing policy of the destination IP address.
  - 10. The system of claim 8, further comprising instructions that, when executed by the processor, cause the processor to perform operations further comprising:
    - in response to receiving the request to stop the monitoring, assigning the target entity a default IP address from a range of default IP addresses, each of the default IP addresses corresponding to a default routing policy for routing data packets associated with the default IP address to a next hop network entity.
  - 11. The system of claim 8, wherein the lawful intercept capture entity includes a plurality of lawful intercept capture devices, and wherein the instructions, when executed by the processor, cause the the processor, cause the processor to perform operations further comprising:
    - selecting a lawful intercept capture device from the plurality of lawful intercept capture devices to which to send the data packet; and
      
      redirecting the data packet to the selected lawful intercept capture device.
  - 12. The system of claim 11, wherein selecting a lawful intercept capture device from the plurality of lawful intercept capture devices to which to send the data packet comprises:
    - receiving utilization information associated with the plurality of lawful intercept capture devices, the utilization information indicating a current utilization of the plurality of lawful intercept capture devices and a forecasted utilization of the lawful intercept capture devices; and
      
      selecting the lawful intercept capture device from the plurality of lawful intercept capture devices based on the utilization information.
  - 13. The system of claim 8, wherein redirecting the data packet to the lawful intercept capture entity based on the routing policy of the lawful intercept IP address comprises:
    - performing a look-up operation of the lawful intercept IP address in a routing table; and
      
      sending the data packet to the lawful intercept capture entity based on the routing policy associated with the lawful intercept IP address.

14. A non-transitory computer-readable medium, having instructions stored thereon that, when executed by a processor, cause the processor to perform operations comprising:
- receiving an instruction to monitor data packets associated with a target entity for the purpose of lawful intercept;
  
  adding the target entity to a lawful intercept list;
  
  assigning the target entity a lawful intercept internet protocol (IP) address from a range of lawful intercept IP addresses to the target entity added to the lawful intercept list, the lawful intercept IP address having a corresponding routing policy for routing data packets associated with the lawful intercept IP address to a lawful intercept capture system;
  
  upon receiving a data packet, identifying an origination IP address associated with the data packet and a destination IP address associated with the data packet;
  
  determining if one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, wherein determining if the one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses comprises performing a look-up operation by searching the lawful intercept list for the origination IP address and the destination IP address;
  
  if a determination is made that the one of the origination IP address and the destination IP address is in the range of lawful intercept IP addresses, redirecting the data packet to the lawful intercept capture system based on the corresponding routing policy of the lawful intercept IP address;
  
  receiving a request to stop monitoring the data packets associated with the target entity for the purpose of lawful intercept; and
  
  removing the target entity from the lawful intercept list.
- View Dependent Claims (15, 16, 17)
- - 15. The non-transitory computer-readable medium of claim 14, further comprising instructions that, when executed by the processor, cause the processor to perform operations further comprising:
    - in response to a determination that the one of the origination IP address and the destination IP address is not in the range of lawful intercept IP addresses, routing the data packet to a next hop network entity based on a default routing policy of the destination IP address.
  - 16. The non-transitory computer-readable medium of claim 14, further comprising instructions that, when executed by the processor, cause the processor to perform operations further comprising:
    - in response to receiving the request to stop the monitoring, assigning the target entity a default IP address from a range of default IP addresses, each of the default IP addresses corresponding to a default routing policy for routing data packets associated with the default IP address to a next hop network entity.
  - 17. The non-transitory computer-readable medium of claim 14, wherein redirecting the data packet to the lawful intercept capture system based on the routing policy of the lawful intercept IP address comprises:
    - performing a look-up operation of the lawful intercept IP address in a routing table; and
      
      sending the data packet to the lawful intercept capture system based on the routing policy associated with the lawful intercept IP address.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Original Assignee
AT&T Intellectual Property I LP (AT&T, Inc.)
Inventors
Harp, David
Primary Examiner(s)
ALGIBHAH, HAMZA N

Application Number

US12/818,686
Publication Number

US 20110314177A1
Time in Patent Office

1,460 Days
Field of Search

709/238
US Class Current

709/238
CPC Class Codes

H04L 45/54 Organization of routing tables

H04L 63/306 intercepting packet switche...

IP traffic redirection for purposes of lawful intercept

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

IP traffic redirection for purposes of lawful intercept

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links