1 / 22

Lawful Intercept in VoIP Networks

Lawful Intercept in VoIP Networks. Manohar Mahavadi Vice President, Software Engineering Centillium Communications Inc. Fremont, California. Lawful Interception – Introduction. Omnibus Crime Prevention and Safe Streets Act of 1968

petunia
Download Presentation

Lawful Intercept in VoIP Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lawful Intercept in VoIP Networks Manohar Mahavadi Vice President, Software Engineering Centillium Communications Inc. Fremont, California

  2. Lawful Interception – Introduction • Omnibus Crime Prevention and Safe Streets Act of 1968 • Title III legalizes law enforcement wiretaps in criminal investigations • Foreign Intelligence Surveillance Act of 1978 (FISA) • Wiretapping in advance of a crime being perpetrated • The Electronic Communications Privacy Act of 1986 (ECPA) • Sets standards for access to cell phones, e-mail and other electronic communications and transactional records (subscriber identifying information, logs, toll records) • Communications Assistance for Law Enforcement Act of 1994 (CALEA) • Preserve law enforcement wiretapping capabilities by requiring telephone companies to design their systems to ensure a basic level of government access • H.R.3162 (The PATRIOT Act of 2001) • Post 9/11 • Expands the scope of Title III wiretaps and FISA to include computer fraud, abuse, etc.

  3. Lawful Interception – CALEA (U.S.) • What is CALEA? • Defines the obligations of telecom carriers to assist law enforcement agencies (LEAs) in electronic surveillance pursuantto lawful authorization • Requires carriers to design and modify their systems to ensure that electronic surveillance can be performed • Communications infrastructure should be made wiretap-ready – call forwarding, caller ID, conferencing, etc. • Progress • The last decade has seen a lot of evolution of regulations backed by the FBI, FCC, DOJ, DEA • Broadened to cover many new technology solutions such as push-to-talk, SMS messaging, chat sessions, etc. • www.askcalea.net for a list of standards • www.fcc.gov/calea

  4. Lawful Interception • PSTN world wiretapping • Dedicated connection – point-to-point • Dedicated resources for the call duration • Voice routed using mechanical switches or line connectivity tables • Wiretapping in local loop or at the local exchange • Packet world wiretapping • Shared transmission medium: Packets contain addresses not tied to a location • Routing is dynamic and can take multiple paths • Many applications traverse the same transmission path • Decentralized VOP (SBCs, gateways, proxies, routers, switches, etc.) makes it difficult for wiretapping • Requires cooperation from infrastructure device vendors

  5. Lawful Interception – Terminology • LAES: Lawfully authorized electronic surveillance • LEA: Law enforcement agency • A government entity authorized to conduct LAES(FBI, police, DEA, etc.) • CC: Call content (payload of multi-media packets) • CCC: Call content channel • CII: Call-identifying information or call data (CD) • Signaling or dialing information that identifies origin, direction, destination or termination generated or received by a subscriber • CDC: Call data channel

  6. Lawful Interception – Terminology • IAP: Intercept access point • A point within a telecommunications system or VOP network where some of the communications or CII of an intercept subject’s equipment, facilities or services are accessed • Intercept subject: Subscriber whose communications, CII or both have been authorized by a court to be intercepted, monitored and delivered to an LEA • Associate: The called party in the conversation • TSP: Telecommunications service provider

  7. LI – Surveillance Model TSP Access Function VoP Signaling Service Provider Administration Delivery Function Lawful Authorization CII CC LEA Collection Function Law Enforcement Administration

  8. LI – Surveillance Model • Access function (AF) • One or more IAPs • Delivery function (DF) • CCCs and CDCs • Collection function (CF) • Collecting and analyzing intercepted communications • Service provider administration function (SPAF) • Controlling the TSP access and delivery functions • Law enforcement administration function (LEAF) • Controlling the LEA collection function • Mediation function (MF) • Presentation of data (CC or CII) to DF (VoIP→TDM or VoIP → VoIP)

  9. Network’s Domain Subject’s Domain LEA’s Domain IAP VoP/Network Signaling CII AF LEA-CF CII DF VoP Signaling CII MF Terminal IAP VoP, TDM CC MF VoP VoP CC AF LEA-CF CC DF VoP LI – Functional Architecture

  10. LI – Functional Architecture OSI Stack OSI Stack DF App CC/CII CF App A-PDU A-PDU 7 7 CC/CII 1 1 Delivery Method Delivery Method Delivery Function Collection Function CCC and CDC should be separate channels CCC and CDC can share same medium

  11. LI – Intercept Access Points • Physical locations on the network from where the CC or CII is delivered to delivery function • Can be in multiple locations • CII and CC IAPs can be co-located • Call identifying information IAP • CII directly associated with the call • Management of an existing call between intercept subject and associate(s) (establishing, managing and releasing) • CII indirectly associated with the call • ServingSystem message: Register or deregister addressing info • Call content IAP

  12. - Access Router - Border Router LI – Intercept Access Points Bob’s VOIP SP Alice’s VOIP SP Transport ISP B Transport ISP A Call Setup • VoIP SPs first enable setup • VoIP calls directly take place • Preferred wiretaps – R1 and R2 • R1/R2 should be configured to tap • Single SP makes life easier VOIP Conversation Transport ISP C Transport ISP D R2 R1 VOIP Phone Bob VOIP Phone Alice Courtesy: Ref[1]

  13. LI – Intercept Access Points • Media gateways • Session border controllers • Access routers • Signaling proxies • CII and CC are typically delivered over secure channels to LEA

  14. TAP TRAFFIC COMING TO PKT LI - TDM NP Packetizer TDM_PKT _CHANNEL Legacy Phone DSP IP Phone NP NP Packetizer Enc/Dec EC B A UnPacketizer Enc/Dec LI - PKT NP Packetizer TAP TRAFFIC COMING FROM PKT LI on TDM_PKT_CHANNEL

  15. NP Packetizer Encoder A IP Phone Decoder UnPacketizer DSP NP Packetizer Encoder B IP Phone Decoder UnPacketizer DSP LI-A NP Packetizer Encoder DSP LI-B NP Packetizer Encoder DSP LI on PKT_PKT_CHNL

  16. LI Model with Conferencing LI – TDM_PKT_CONF_CHNL Courtesy: [4]

  17. LI – Surveillance Events • Information events • Call-control related events • Answer: Call accepted • Origination: Subject initiated a VoP session • Release: Session released along with resources • Termination attempt: Session termination requested • Signaling events • Dialed digit extraction: Digits dialed after a call is connected • Direct signal reporting: Signaling from and to intercept subject • Network signal: Tone or message indicating CII(busy, ringing, etc.) • Subject signal: Call waiting, forwarding, etc.

  18. LI – Surveillance Events • Information events • Feature use events • Change • Connection • Connection break • Redirection • Registration events • Address registration • Content events • CCChange: Media characteristics established or modified • CCClose: CC delivery is disabled • CCOpen: CC delivery is enabled • CCUnavailable: Network loses access for the call under interception

  19. LI Challenges • Security vs. CALEA requirements • Security ensures privacy, packet integrity, authenticityand non-repudiation • CALEA requires intercepted packets are not secured • SRTP and secured SIP with end-to-end security poses challenge • Peer-to-peer VoIP communication with security enabled prevents interception • Secured traffic needs to be decrypted and re-encryptedfor interception • Security Association termination and re-initiation • Key distribution or sharing with LEA

  20. LI Challenges • Channel capacity affected if channel duplication is required • Design should consider requirements for extra performance • Should support all call models like Forking, Handoff, etc. • Should support all codecs in use • Requires additional interface support

  21. References [1] Security Implications of Applying the Communications Assistance to Law Enforcement Act to Voice over IP, Steve Bellovin, et al, June 13, 2006 [2] Electronics Surveillance Needs for Carrier-Grade Voice Over Packet (CGVoP) Service, FBI Document for CALEA [3] Lawfully Authorized Electronic Surveillance (LAES) for voice over Packet Technologies in Wireline Telecommunications Networks ANSI T1.678.xxxx [4] 05/2000, TIA/EIA/J-STD-025 Lawfully Authorized Electronic Surveillance, revision A: updated [5] 09/200, TIA/EIA/J-STD-025 Lawfully Authorized Electronic Surveillance, updated [6] www.askcalea.net [7] www.fcc.gov/calea

More Related