CALEA IMPLEMENTATION IN VoIP NETWORKS By Cemal Dikmen, Ph.D. General Manager Lawful Intercept Products SS8 Networks, Inc. Thursday - 02/24/05, 8:15-9:00am.

Slides:

Advertisements

Similar presentations

Lawful Intercept Briefing

Advertisements

Copyright © 2007 Telcordia Technologies Challenges in Securing Converged Networks Prepared for : Telcordia Contact: John F. Kimmins Executive Director.

1 © 2005 Cisco Systems, Inc. All rights reserved. Craig Mulholland Consulting Engineer February 8, 2006 Cisco Systems Lawful Intercept Capabilities The.

GMI 2006 Carrier-Driven Interoperability February 2006.

EduCause LI Overview February 2007

Telephony Troubleshooting in the Home

Voice over IP Fundamentals

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Total LI Compliance using Turn-key Applications and Solutions Rami Mittelman V.P. Product Marketing.

Fiducianet, inc. tm 1 Presented by H. Michael Warren, President fiducianet, inc. VoIP Technology Perspectives Law Enforcement Concerns & CALEA Compliance.

CALEA Compliance in 2006 H. Michael Warren Vice President, Fiduciary Services NeuStar, Inc February 2006.

DOCUMENT #:GSC15-PLEN-23 FOR:Presentation SOURCE:ATIS AGENDA ITEM:PLEN 6.3 CONTACT(S):Michael J. Fargano, Qwest,

1 © 2000, Cisco Systems, Inc. CALEA_NANOG_2000_0611.ppt Impact of CALEA on Network Operators What it is and what it ain’t Chip Sharp Cisco System, Inc.

SS8 Lawful Intercept Briefing

Lawful Interception in 3G IP Multimedia Subsystem

Cisco Architecture for Lawful Intercept in IP Networks October 2004,rfc3924 Author(s): F. Baker,B. Foster,C. Sharp.

CALEA Communications Assistance For Law Enforcement Act

Why Converged Networks Make Sense: VoIP a First Step July 26, 2006.

Overview Of NGN & IP TAX.

Building Applications Using SIP Scott Hoffpauir Vice President, Engineering Fall 1999 VON, Atlanta.

1 © 2002, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Lawful Intercept Case Study Harvard Law School November 12, 2003.

Data Centers and IP PBXs LAN Structures Private Clouds IP PBX Architecture IP PBX Hosting.

MNO Cloud Use Case 2 Source: Rogers Wireless Contact: Ed O’Leary George Babut 3GPP/SA3-LI#43Tdoc SA3LI11_115.

 Distributed Software Chapter 18 - Distributed Software1.

Protocols and the TCP/IP Suite Chapter 4. Multilayer communication. A series of layers, each built upon the one below it. The purpose of each layer is.

CALEA Discussion EDUCAUSE MARC Conference Wilson Dillaway, Tufts University Doug Carlson, New York University January 18th, 2007.

Saumil Shah IEOR 190G 3/19/08.  Vonage is a VoIP(voice over IP) company that provides telephone service via a broadband connection.  In order to use.

DECISION Group Inc.. Decision Group Mediation Device for Internet Access Provider.

1 Leveraging SS7 to Deliver IP Services Carl Bergstrom Director – IN & IP Services VeriSign Telecommunication Services Internet Telephony Conference, February.

ESW – May 2010 UK Architecture for VoIP 999/112s John Medland – BT 999/112 Policy Manager.

Net Optics Confidential and Proprietary Net Optics appTap Intelligent Access and Monitoring Architecture Solutions.

1 Cable Telephony & VoIP: SP-6. Cable Telephony and VoIP SP-6 2 Agenda  Technology choices and issues  CBR (Constant Bit Rate)  Hybrid VoIP  PacketCable.

© 2008 Cisco Systems, Inc. All rights reserved.CIPT1 v6.0—2-1 Administering Cisco Unified Communications Manager Understanding Cisco Unified Communications.

Copyright ©Universalinet.Com, LLC 2009 Implementing Secure Converged Wide Area Networks ( ISCW) Take-Aways Course 1: Cable (HFC) Technologies.

Common Devices Used In Computer Networks

Agenda Welcome – Don Welch Introduction to CALEA – Mary McLaughlin Non-CALEA Assistance Obligations – Beth Cate CALEA Update – Matt Brill Making the Compliance.

CALEA Market Overview Robert Golden Chief Research Officer Merit Network CALEA and Beyond January 31, 2007.

Voice Over Internet Protocol (VoIP) Issues and Challenges William McCrum Phone: Fax:

CALEA Discussion Internet2 Joint Techs July 19, 2006 Doug Carlson Executive Director, Communications & Computing Services New York University

January 23-26, 2007 Ft. Lauderdale, Florida Lawful Intercept in VoIP Networks Manohar Mahavadi Vice President, Software Engineering Centillium Communications.

MGCP Megaco H.248 by Bob Young. MGCP - Megaco - H.248 "It's all one."

Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony.

Introduction to SIP Based ENUM IP Telephony Infrastructure 資策會網路及通訊實驗室 Conference over IP Team 楊政遠博士

Introduction to Cable Telephony Larry Greenstein Director of Product Management Nuera Communications

IPCablecom - Network and Service Architecture Dipl.-Ing. Volker Leisse Institute for Communications Technology Braunschweig Technical University

CALEA Communications Assistance for Law Enforcement Act October 20, 2005.

Ronald D. (Ron) Ryan Chair T1P1.SAH Slide 1 Copyright Nortel Networks T1P1/ Overview 3G UMTS LI Capabilities T1P1.SAH April 2001.

CALEA and J-STD-025 revisions. CALEA  Communications Assistance for Law Enforcement Act (1994)  Standardized access to telecommunications systems using.

CALEA Communications Assistance for Law Enforcement Act Current Campus Perspective of Implementation Issues November 17, 2005 Doug Carlson – New York University.

Chapter 1 Communication Networks and Services Network Architecture and Services.

ﺑﺴﻢﺍﷲﺍﻠﺭﺣﻣﻥﺍﻠﺭﺣﻳﻡ. Group Members Nadia Malik01 Malik Fawad03.

Conferencing Status in 3GPP SA3-LI August Jean Trakinat Selvam Rengasami TrideaWorks Consultants to CALEA Implementation Unit Technical Program.

VoIP Regulation: State and Federal Developments LAMPERT & O’CONNOR, P.C K Street NW, Suite 700 Washington, DC (202)

Softswitch SIP Proxy Server Call Manager IP Telephony Router Tablet PC IP PBX Class 5 Switch Class 4 Switch PBX Access Gateway Broadband Router Voice Gateway.

May 1998 Page 1 SOLIANT Internet Systems SGCP - Simple Gateway Control Protocol Christian Huitema

John Morris 1 Hot Topic - IP Services Wiretapping the Internet EDUCAUSE Policy Conference May 20, 2004 John Morris, Center for Democracy and Technology.

TOPIC 3 DATA TRANSMISSION AND NETWORKING MEDIA. INTERNET SERVICE PROVIDER (ISP) also known as Internet Access Provider (IAP) It is a company that offers.

DECISION Group Inc.. Decision Group Monitoring Center Solution on Internet Access for LEA or Intelligence.

February 24, 2004 TR-45 Lawfully Authorized Electronic Surveillance (LAES) Packet Solutions Industry Meeting March 19 th, 2004 Terri L. Brooks Chair TR-45.

FCC Ex Parte March 11, 2004 ATIS 1200 G St. N.W. Suite 500 Washington, DC ATIS Lawfully Authorized Electronic Surveillance Activity.

Slide 1, hlu & faynberg Trends in Network Evolution Igor Faynberg, Ph.D. Hui-Lan Lu, Ph.D. Bell Labs, Lucent Technologies Multimedia Convergence Workshop.

Cable and the Internet Rick Cimerman NCTA June 7, 2010.

1 Session Controllers Micaela Giuhat AVP Product Management Netrake

“End to End VoIP“ The Challenges of VoIP Access to the Enterprise Charles Rutledge VP Marketing Quintum Technologies

Introduction to Cable Telephony Craig Lee VP of Marketing Nuera Communications

CALEA TAMU ITEC Walt Magnussen, Ph.D. Director TAMU ITEC Joint Techs, February 2007.

IP Telephony (VoIP).

CALEA Communications Assistance For Law Enforcement Act

معرفی سویچ چکاوک شرکت پارس‌پویش فن‌آور.

Lawful Interception Basics

Presentation transcript:

CALEA IMPLEMENTATION IN VoIP NETWORKS By Cemal Dikmen, Ph.D. General Manager Lawful Intercept Products SS8 Networks, Inc. Thursday - 02/24/05, 8:15-9:00am

Regulatory Update - VoIP  DoJ/FBI/DEA petition filed on 3/10/04 asked FCC to initiate proceeding to resolve outstanding issues delaying CALEA implementation.  FCC has initiated a process called Notice of Proposed Rule Making (NPRM) on 8/4/2004 to clarify the issues regarding interception of IP traffic. The comments from DoJ, service providers, and vendors were filed on 11/8/2004. The reply comments were filed on 12/22/2004. The decision is expected in mid  NPRM tentatively concludes that CALEA applies to:  Facilities-based providers of broadband internet access;  Providers of “managed” VoIP service.  Why both broadband and managed VoIP providers?  Communications identifying information and content may only be available by access to both broadband access and VoIP providers.  VoIP providers such as Vonage are probably going to be covered under CALEA under the FCC’s upcoming decision.  Peer-to-Peer communications such as Skype will probably not be covered under CALEA.

Regulatory Update – IP Data  Based on the NPRM on 8/4/2004, Facilities-based providers of broadband internet access are expected to be covered under the CALEA law.  Why broadband service providers?  Communications identifying information and content may only be available by access to both broadband access and VoIP providers.  The specifications for IP interception are not available yet. Old wiretap rules still apply – deliver everything to the LEA.  Likely cause concerns over privacy. Need to define call- identifying information clearly for Pen Register & Trap and Trace type court orders.

Regulatory Update - PoC  Push-To-Talk over Cellular (PoC) in many cases uses VoIP technology over wireless data networks.  Several major wireless service providers are planning PoC deployments.  FCC has already declared that Push-To-Talk over Cellular (PoC) is subject to the CALEA requirements.  TIA is working on creating new lawful intercept specifications for PoC. The new specifications are expected to be published mid  The difficulty is obtaining information and call events from all the conference participants.

Requirements for Lawful Interception  Access to the information – Define Intercept Access Points  Provision the court order and define the target’s identity at the Intercept Access Points  Receive information from the Intercept Access Points to/from the target’s communication channel  Format the intercepted information based on the standards  Filter the information based on the court order  Deliver the intercepted communications to one or more authorized law enforcement agencies  Collect, store, and analyze the intercepted communications

Common CALEA Implementation Intercept Access Points (IAP) Delivery Function (DF) Collection Function (CF) Call Data Events (d-CII) Call Content (d-CC) Provisioning (a) Call Content (e-CC) Call Data Channel (e-CII) Court Order Service Provider LEA Demarcation Point Standards Based Handover Interface Proprietary Internal Network Interface SPAF

Lawful Intercept Standards  J-STD-025 Rev. A – For interception in wireless and wireline circuit-switched networks.  J-STD-025 Rev. B – For interception of packet data telecommunications services (e.g., cdma2000 ® packet data).  PacketCable™ – For interception of Voice over IP (VoIP) type telecommunications services. The first specifications for VoIP interception.  T1S1 T1.678 – Lawfully authorized electronic surveillance for voice over packet technologies in wireline telecommunications networks.  ETSI TS – Defines the handover interface for interception of telecommunications traffic.  ETSI TS , , – Define interception in a GPRS/UMTS network.  ETSI TS – Defines the handover interface for IP delivery.  ETSI TS – Defines the handover interface for interception.

Intercept Access Points in PacketCable™ Architecture  CMS (Call Management System) The Call Management System (CMS) provides service to the subscriber. The CMS is responsible for intercepting the Call-Identifying information.  Cable Model Termination System (CMTS) The Cable Modem Termination System (CMTS) which controls the set of cable modems attached to the shared medium of the DOCSIS network. The CMTS is responsible for intercepting the Call Content, and certain call- identifying information.  Media Gateway (MG) The Media Gateway (MG) is designated as an Intercept Access Point for purposes of intercepting Call Content for redirected calls to the PSTN.

PacketCable Voice Intercept - CMTS Service Provider Domain DELIVERY FUNCTION CDC Admin CCC LI Administration Function DELIVERY FUNCTION Law Enforcement Collection Function Customer Premise IAD (MTA) Target Subscriber Customer Premise IAD (SIP, H.323, or MGCP based Gateway) Call Management Server (CMS) CMTS Warrant Admin Call Control RTP Stream CDC COPS Request Voice Packets Call Control

PacketCable Voice Intercept – Media GW Service Provider Domain LI Administration Function Call Management Server (CMS) PSTN Customer Premise IAD (SIP, H.323, or MGCP based Gateway) Target Subscriber Law Enforcement Collection Function Gateway CMTS XCIPIO SSDF Call Control Voice Packets Forwarded Call Call to Target Warrant CCC Admin Call Forward to PSTN CDC Admin CDC MGCP DELIVERY FUNCTION

Session Border Controller for VoIP  A single Intercept Access Point (IAP) for both call identifying information and call content.  Eliminates the need to provision for call content interception in real-time.  Eliminates the dependency on the lawful intercept capabilities of the softswitch, trunking gateway, CMTS and/or edge routers.  Transparent handling of call forwarding type features.

Session Border Controller as IAP Service Provider Domain LI Administration Function XCIPIO SSDF Law Enforcement Collection Function Customer Premise IAD SBC Cisco CMTS And Routers Provisioning of Warrant IRI Provisioning and Call Events over TCP/IP Based SS8 Interface Admin CC IRI Call Control Call Control CC Target Subscriber Customer Premise IAD (SIP, H.323, or MGCP based Gateway)

Technical Challenges  PacketCable is the most widely deployed implementation and it requires DQoS. Call content interception cannot be performed if CMTS does not support DQoS. This situation created new and different architectures which required Delivery Function to take an active role in call content interception.  Most of the network elements (Call Management Systems, Gatekeepers, Media Gateways, Aggregation Routers, CMTS, etc.) need to support lawful interception within the distributed IP environment.  CMS Subscriber Provisioning interface does not address lawful interception provisioning. The target provisioning requires proprietary interfaces.  It is extremely difficult (or sometimes impossible) to capture call identifying information and call content in some of the call features, specifically for the features implemented within the customer premise IAD.

Intercepting Conference Calls  Conferencing is implemented within the Customer Premise Equipment (CPE) in some of the technologies. In this case, there is no way of knowing a conference is taking place.  Calls are intercepted as individual calls.  There is no call data information to report conference events.  Each leg of the call content is delivered to the LEA separately.

Hosted Conference Service Service Provider Domain Target Subscriber Customer Premise IAD Conference Server CMTS PSTN TGW CONFERENCE IP Network

3 rd Party Conference Service Conference Service Provider Service Provider Domain Target Subscriber Customer Premise IAD CMTS PSTN TGW CONFERENCE IP Network

Real Life Problem ! ! ! Target Subscriber Customer Premise IAD Call Management Server (CMS) Call Control RTP Stream Call Control Associate Customer Premise IAD CMTS VoIP Service Provider Access Provider IP Backbone Provider Access Provider

Delivery Function As A Network Element The Delivery Function should provide the user with:  Single point for surveillance administration  Built-in test tools for remote testing  Standard MML and remote GUI support  Alarm reporting and Error logging  Automatic software fault recovery  Automatic or manual disk backup  SNMP support for alarm reporting

Cemal Dikmen Phone: Thank You ! ! !