Apparatuses, methods, and computer program products for data retention and lawful intercept for law enforcement agencies

US 9,204,293 B2
Filed: 02/21/2008
Issued: 12/01/2015
Est. Priority Date: 02/21/2008
Status: Active Grant

First Claim

Patent Images

1. A method performed in a network node for providing a Law Enforcement Agency LEA with retention or interception data related to a target user over a telecommunications network, the method comprising steps of:

the network node inspecting traffic packets transmitted over the telecommunications network involving the target user;

the network node generating a plurality of usage data records based on the inspected traffic packets, each record comprising information relating to a certain service class and to a respective communications stack layer;

for each communications session involving a plurality of different communications stack layers, the network node providing said plurality of usage data records with a same correlation identity number for correlating the data at said different communications stack layers;

the network node sending, over the telecommunications network to the LEA, a usage data record for each communication stack layer included in the plurality of different communications stack layers, each usage data record comprising the correlation identity number,wherein the correlation identity number is a unique Communications Identity Number (CIN) identifying the lowest communications stack layer of said plurality of different communications stack layers,wherein each usage data record comprises a session CIN identifying a respective session in a respective communications stack layer, andwherein the usage data records sent from the network node to the LEA include;

at least one usage data record comprising application layer information, the unique CIN and the session CIN used to correlate the data for the application layer,at least one usage data record comprising transport layer information, the unique CIN and the session CIN used to correlate the data for the transport layer,at least one usage data record comprising network layer information for IP services, the unique CIN and the session CIN used to correlate the data for the network layer, andat least one usage data record comprising data link layer information, the unique CIN and the session CIN used to correlate the data for the data link layer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The method provides a Law Enforcement Agency LEA with retention or interception data related to a target user. At a data retention source node or at an interception control element of a telecommunications network, traffic packets involving the target user are inspected and a plurality of usage data records based on the inspected traffic packets are generated. Each record comprises information relating to a certain service class and to a respective communications stack layer. For each communications session involving a plurality of different communications stack layers, at the data retention source node or, respectively, the interception control element, the plurality of usage data records are provided with a same correlation identity number for correlating the data at the different communications stack layers. Then, the usage data records comprising the correlation identity number to the LEA are sent, for instance to the LI system or the data Retention System, respectively.

94 Citations

View as Search Results

16 Claims

1. A method performed in a network node for providing a Law Enforcement Agency LEA with retention or interception data related to a target user over a telecommunications network, the method comprising steps of:
- the network node inspecting traffic packets transmitted over the telecommunications network involving the target user;
  
  the network node generating a plurality of usage data records based on the inspected traffic packets, each record comprising information relating to a certain service class and to a respective communications stack layer;
  
  for each communications session involving a plurality of different communications stack layers, the network node providing said plurality of usage data records with a same correlation identity number for correlating the data at said different communications stack layers;
  
  the network node sending, over the telecommunications network to the LEA, a usage data record for each communication stack layer included in the plurality of different communications stack layers, each usage data record comprising the correlation identity number,wherein the correlation identity number is a unique Communications Identity Number (CIN) identifying the lowest communications stack layer of said plurality of different communications stack layers,wherein each usage data record comprises a session CIN identifying a respective session in a respective communications stack layer, andwherein the usage data records sent from the network node to the LEA include;
  
  at least one usage data record comprising application layer information, the unique CIN and the session CIN used to correlate the data for the application layer,at least one usage data record comprising transport layer information, the unique CIN and the session CIN used to correlate the data for the transport layer,at least one usage data record comprising network layer information for IP services, the unique CIN and the session CIN used to correlate the data for the network layer, andat least one usage data record comprising data link layer information, the unique CIN and the session CIN used to correlate the data for the data link layer.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the session CIN is assigned to the respective communications session in the lowest communications stack layer.
  - 3. The method of claim 2, wherein the network node is a data retention source node, wherein said telecommunications network comprises a Data Retention system connected to said LEA and to said data retention source node and comprising a Mediation Function, a Delivery Function and a storage, and wherein said sending step further includes transferring the usage data records from the data retention source node to the Mediation and Delivery Functions, wherein each of the layer information included in the usage data records is for IP services, andsaid usage data records being mediated by said Mediation Function after having been received from the data retention source node and being transferred from the Mediation and Delivery Functions to the storage.
  - 4. The method of claim 3, further comprising the step of sending, by the LEA to the Data Retention system, a request for IP services retained data related to the target user, retrieving the said mediated usage data records from said storage and correlating said usage data records by means of said unique CIN.
  - 5. The method of claim 2, wherein said network node is an interception node, wherein said telecommunications network comprises a Lawful Interception system connected to said LEA and to said interception node and comprising a Mediation Function and a Delivery Function, wherein said usage data records are Intercept Related Information IRI and wherein said sending step further includes transferring the IRI from the interception node to the Mediation and Delivery Functions, wherein the information in the IRI for the data link layer is for IP services, andeach one of said IRIs being mediated by said Mediation Function after having been received from the interception node and being transferred from the Mediation and Delivery Function to the LEA.
  - 6. The method of claim 1, wherein said network node is a Service Aware Support Node SASN.

7. A data retention source node in communication with a Data Retention system comprising:
- a memory; and
  
  a processor, wherein said processor is configured to;
  
  generate a plurality of usage data records based on inspected traffic packets transmitted over a telecommunications network, each record comprising information relating to a certain service class and to a respective communications stack layer,for each communications session involving a plurality of different communications stack layers, provide said plurality of usage data records with a same correlation identity number for correlating the data at said different communications stack layers, andsend, over the telecommunications network to the Data Retention system, a usage data record for each communication stack layer included in the plurality of different communications stack layers, each usage data record comprising the correlation identity number,wherein the correlation identity number is a unique Communications Identity Number (CIN) identifying the lowest communications stack layer of said plurality of different communications stack layers,wherein each usage data record comprises a session CIN identifying a respective session in a respective communications stack layer, andwherein the usage data records sent from the data retention source node to the Data Retention System include;
  
  at least one usage data record comprising application layer information, the unique CIN and the session CIN used to correlate the data for the application layer,at least one usage data record comprising transport layer information, the unique CIN and the session CIN used to correlate the data for the transport layer,at least one usage data record comprising network layer information for IP services, the unique CIN and the session CIN used to correlate the data for the network layer, andat least one usage data record comprising data link layer information, the unique CIN and the session CIN used to correlate the data for the data link layer.
- View Dependent Claims (8, 9, 10, 11)
- - 8. The data retention source node of claim 7, wherein the session CIN is assigned to the communications session in the lowest communications stack layer.
  - 9. A telecommunications network having data retention functionalities, the telecommunications network comprising a data retention source node according to claim 8, a Law Enforcement Agency LEA and a Data Retention system connected to said LEA and to said data retention source node, said Data Retention system comprising a Mediation Function, a Delivery Function and a storage, wherein said processor configured to send said usage data records is further configured to transfer the usage records from the data retention source node to the Mediation and Delivery Functions, wherein each of the layer information included in the usage data records is for IP services, andsaid Mediation Function being configured to receive from the data retention source node said usage data records and to mediate said received usage data records, and said Delivery Function being configured to transfer said mediated usage data records to the storage, said Delivery Function being further configured to transfer said mediated usage data records from said storage to said LEA via a Handover Interface HI-B.
  - 10. The telecommunications network of claim 9, wherein the Data Retention system is configured to receive from the LEA via a Handover Interface HI-A a request for IP services retained data related to the target user, to retrieve said mediated usage data records from said storage and to correlate said usage data records by means of said unique CIN.
  - 11. The data retention source node of claim 7, wherein said data retention source node is a Service Aware Support Node SASN.

12. An Intercepting Control Element ICE in communication with a Data Retention System comprising:
- a memory; and
  
  a processor, wherein said processor is configured to;
  
  provide Intercept Related Information IRI and Content of Communication CC to a Lawful Interception LI system,generate a plurality of IRIs based on inspected traffic packets transmitted over a telecommunication network, each IRI comprising information relating to a certain service class and to a respective communications stack layer,for each communications session involving a plurality of different communications stack layers, provide said plurality of IRIs with a same correlation identity number for correlating the data at said different communications stack layers, andsend said IRIs, over the telecommunications network to the LI system, an IRI for each communication stack layer included in the plurality of different communications stack layers, each IRI comprising the correlation identity number,wherein the correlation identity number is a unique Communications Identity Number (CIN) identifying the lowest communications stack layer of said plurality of different communications stack layers,wherein each IRI comprises a session CIN identifying a respective session in a respective communications stack layer, andwherein each IRI'"'"'s sent from the ICE to the LI system includeat least one IRI comprising application layer information, the unique CIN and the CIN used to correlate the data for the application layer,at least one IRI comprising transport layer information, the unique CIN and the CIN used to correlate the data for the transport layer,at least one IRI comprising network layer information, the unique CIN and the CIN used to correlate the data for the network layer, andat least one IRI comprising Layer 2 information for IP services, the unique CIN and the CIN used to correlate the data for the Layer 2 layer.
- View Dependent Claims (13, 14, 16)
- - 13. The ICE of claim 12, wherein the session CIN is assigned to the communications session in the lowest communications stack layer.
  - 14. The ICE of claim 12, wherein said ICE is a Service Aware Support Node SASN.
  - 16. A telecommunications network having lawful interception functionalities, the telecommunications network comprising an Intercepting Control Element according to claim 12, a Law Enforcement Agency LEA and a Lawful Interception LI system connected to said LEA and to said ICE, said LI system comprising at least one Mediation Function 2 and a Delivery Function 2, wherein said processor configured to send said transfer said IRIs is further configured to transfer from the ICE to the Mediation and Delivery Functions 2, andsaid Mediation Function 2 being configured to mediate each one of said IRIs after they have been received from the ICE and to transfer said IRIs to the LEA via a Handover Interface HI2.

15. A non-transitory computer readable medium having instructions stored therein, which when executed by a processor of a network node, causes the processor to execute a computer program that includes code adapted toa) inspect traffic packets transmitted over the telecommunication network involving the target user;
- b) generate a plurality of usage data records based on the inspected traffic packets, each record comprising information relating to a certain service class and to a respective communications stack layer;
  
  c) for each communications session involving a plurality of different Communications stack layers, provide said plurality of usage data records with a same correlation identity number for correlating the data at said different communications stack layers;
  
  d) send, over the telecommunications network to a Law Enforcement Agency LEA, a usage data record for each communication stack layer included in the plurality of different communications stack layers, each usage data record comprising the correlation identity number,wherein the correlation identity number is a unique Communications Identity Number (CIN) identifying the lowest communications stack layer of said plurality of different communications stack layers,wherein each usage data record comprises a Communications Identity Number CIN identifying a respective session in a respective communications stack layer, andwherein the usage data records sent from the network node to the LEA include;
  
  at least one usage data record comprising application layer information, the unique CIN and the session CIN used to correlate the data for the application layer,at least one usage data record comprising transport layer information, the unique CIN and the session CIN used to correlate the data for the transport layer,at least one usage data record comprising network layer information for IP services, the unique CIN and the session CIN used to correlate the data for the network layer, andat least one usage data record comprising data link layer information, the unique CIN and the session CIN used to correlate the data for the data link layer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Telefonaktiebolaget LM Ericsson
Original Assignee
Telefonaktiebolaget LM Ericsson
Inventors
Imbimbo, Amedeo, Attanasio, Francesco
Primary Examiner(s)
Murray, Daniel C

Application Number

US12/918,611
Publication Number

US 20110029667A1
Time in Patent Office

2,840 Days
Field of Search

709/224, 709/238, 370/390, 370/469, 379/70
US Class Current

1/1
CPC Class Codes

H04L 43/026   using flow identification

H04L 47/2441   relying on flow classificat...

H04L 63/00   Network architectures or ne...

H04L 63/30   for supporting lawful inter...

H04L 63/306   intercepting packet switche...

H04L 63/308   retaining data, e.g. retain...

H04M 3/2281   Call monitoring, e.g. for l...

H04M 7/006   Networks other than PSTN/IS...

H04W 12/02   Protecting privacy or anony...

H04W 12/80   Arrangements enabling lawfu...

Apparatuses, methods, and computer program products for data retention and lawful intercept for law enforcement agencies

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

94 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Apparatuses, methods, and computer program products for data retention and lawful intercept for law enforcement agencies

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

94 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links