Intercept Related Information

From TBwiki
(Difference between revisions)
Jump to: navigation, search
(Created page with "The call data (known as Intercept Related Information or IRI in Europe and Call Data or CD in the US) consists of information about the targeted communications, including dest...")
 
Line 1: Line 1:
The call data (known as Intercept Related Information or IRI in Europe and Call Data or CD in the US) consists of information about the targeted communications, including destination of a voice call (e.g., called party’s telephone number), source of a call (caller’s phone number), time of the call, duration, etc. Call content is namely the stream of data carrying the call. Included in the architecture is the lawful interception management function, which covers interception session set-up and tear down, scheduling, target identification, etc. Communications between the network operator and LEA are via the Handover Interfaces (designated HI). Communications data and content are typically delivered from the network operator to the LEA in an encrypted format over an IP-based VPN. The interception of traditional voice calls still often relies on the establishment of an ISDN channel that is set up at the time of the interception.
+
The call data (known as Intercept Related Information or [[IRI]] in Europe and Call Data or CD in the US) consists of information about the targeted communications, including destination of a voice call (e.g., called party’s telephone number), source of a call (caller’s phone number), time of the call, duration, etc.  
As stated above, the ETSI architecture is equally applicable to IP-based services where IRI (or CD) is dependent on parameters associated with the traffic from a given application to be intercepted. For example, in the case of email IRI would be similar to the header information on an email message (e.g., destination email address, source email address, time email was transmitted) as well as pertinent header information within the IP packets conveying the message (e.g., source IP address of email server originating the email message). Of course, more in-depth information would be obtained by the interception system so as to avoid the usual email address spoofing that often takes place (e.g., spoofing of source address). Voice-over-IP likewise has its own IRI, including data derived from Session Initiation Protocol (SIP) messages that are used to set up and tear down a VOIP call.
+
 
 +
==IRI Records==
 +
 
 +
* Lawful Interception, a feature as provided by service providers to law enforcement agencies, allows law enforcement agencies to intercept calls
 +
** By receiving a copy of the audio of both parties
 +
** By receiving call information records (or IRI records)
 +
* Intercept Related Information Record (IRI record) is�a CDR-style record that contain IRI information on an intercepted call
  
==Functionality Overview==
 
  
 
[[Image:Lawful-intercept-details.png|thumb|360px|Schematic showing interception of a call already routed with a Tmedia]]
 
[[Image:Lawful-intercept-details.png|thumb|360px|Schematic showing interception of a call already routed with a Tmedia]]

Revision as of 05:43, 21 September 2016

The call data (known as Intercept Related Information or IRI in Europe and Call Data or CD in the US) consists of information about the targeted communications, including destination of a voice call (e.g., called party’s telephone number), source of a call (caller’s phone number), time of the call, duration, etc.

Contents

IRI Records

  • Lawful Interception, a feature as provided by service providers to law enforcement agencies, allows law enforcement agencies to intercept calls
    • By receiving a copy of the audio of both parties
    • By receiving call information records (or IRI records)
  • Intercept Related Information Record (IRI record) is�a CDR-style record that contain IRI information on an intercepted call


Schematic showing interception of a call already routed with a Tmedia

Lawful interception will identify a call to intercept, and send the following information to one or multiple Law Enforcement agencies:

  • information on an intercepted call (calling/called numbers, timestamps, call duration, etc.)
  • audio from both directions of the call

Interception of a call is triggered by:

  • A phone number to monitor
  • A date/time period

A call that matches the number and the time period will be intercepted.


Toolpack Implementation

With a Tmedia system running the Toolpack software (version 2.7 or above), lawful interception is triggered by a routing script. This script uses the information from a configuration file (csv format), to determine which phone number must be intercepted during which time period.

A call that matches the number (calling or called number) and the time period will be intercepted.

During the interception, two outgoing calls toward an interception NAP will be placed, each containing a copy of the audio of one direction of the intercepted call. The specified NAP must be configured to point to the Law Enforcement Agency, generally using ISDN trunks.

In addition, information records (containing general call information like calling/called number, timestamps, and call duration, etc., this information is called Intercept Related Information (IRI) records) will be sent to the Law Enforcement Agency. That information is sent as data files (format specified by ETSI 201 671 v2-1-1) to a FTP server (Toolpack also supports SFTP for more security).

Lawful Intercept configuration (NAP to use, login information of the FTP/SFTP server, target numbers to intercept, etc.) can be configured in the Toolpack Web Portal.

H.248 Implementation

Lawful Interception is also supported using H.248 interface.

Configuration

References

Wikipedia lawful intercept article

Retrieved from "https://docs.telcobridges.com/mediawiki/index.php?title=Intercept_Related_Information&oldid=21684"
Personal tools