|
|
| (16 intermediate revisions by one user not shown) |
| Line 1: |
Line 1: |
| − | The call data (known as Intercept Related Information or IRI in Europe and Call Data or CD in the US) consists of information about the targeted communications, including destination of a voice call (e.g., called party’s telephone number), source of a call (caller’s phone number), time of the call, duration, etc. Call content is namely the stream of data carrying the call. Included in the architecture is the lawful interception management function, which covers interception session set-up and tear down, scheduling, target identification, etc. Communications between the network operator and LEA are via the Handover Interfaces (designated HI). Communications data and content are typically delivered from the network operator to the LEA in an encrypted format over an IP-based VPN. The interception of traditional voice calls still often relies on the establishment of an ISDN channel that is set up at the time of the interception.
| + | #REDIRECT [[Lawful_Interception#IRI_records|IRI]] |
| − | As stated above, the ETSI architecture is equally applicable to IP-based services where IRI (or CD) is dependent on parameters associated with the traffic from a given application to be intercepted. For example, in the case of email IRI would be similar to the header information on an email message (e.g., destination email address, source email address, time email was transmitted) as well as pertinent header information within the IP packets conveying the message (e.g., source IP address of email server originating the email message). Of course, more in-depth information would be obtained by the interception system so as to avoid the usual email address spoofing that often takes place (e.g., spoofing of source address). Voice-over-IP likewise has its own IRI, including data derived from Session Initiation Protocol (SIP) messages that are used to set up and tear down a VOIP call.
| + | |
| − | | + | |
| − | ==Functionality Overview==
| + | |
| − | | + | |
| − | [[Image:Lawful-intercept-details.png|thumb|360px|Schematic showing interception of a call already routed with a Tmedia]] | + | |
| − | | + | |
| − | Lawful interception will identify a call to intercept, and send the following information to one or multiple Law Enforcement agencies:
| + | |
| − | * information on an intercepted call (calling/called numbers, timestamps, call duration, etc.)
| + | |
| − | * audio from both directions of the call
| + | |
| − | | + | |
| − | Interception of a call is triggered by:
| + | |
| − | * A phone number to monitor
| + | |
| − | * A date/time period
| + | |
| − | A call that matches the number and the time period will be intercepted.
| + | |
| − | | + | |
| − | | + | |
| − | ==Toolpack Implementation==
| + | |
| − | With a [[Tmedia]] system running the [[Toolpack]] software (version 2.7 or above), lawful interception is triggered by a routing script. This script uses the information from a configuration file (csv format), to determine which phone number must be intercepted during which time period.
| + | |
| − | | + | |
| − | A call that matches the number (calling or called number) and the time period will be intercepted.
| + | |
| − | | + | |
| − | During the interception, two outgoing calls toward an interception [[NAP]] will be placed, each containing a copy of the audio of one direction of the intercepted call. The specified [[NAP]] must be configured to point to the Law Enforcement Agency, generally using ISDN trunks.
| + | |
| − | | + | |
| − | In addition, information records (containing general call information like calling/called number, timestamps, and call duration, etc., this information is called [[Intercept Related Information]] ([[IRI]]) records) will be sent to the Law Enforcement Agency. That information is sent as data files (format specified by ETSI 201 671 v2-1-1) to a FTP server (Toolpack also supports SFTP for more security).
| + | |
| − | | + | |
| − | Lawful Intercept configuration (NAP to use, login information of the FTP/SFTP server, target numbers to intercept, etc.) can be configured in the [[Toolpack]] Web Portal.
| + | |
| − | | + | |
| − | ==H.248 Implementation==
| + | |
| − | Lawful Interception is also supported using H.248 interface.
| + | |
| − | | + | |
| − | == Configuration ==
| + | |
| − | *[[Toolpack:Lawful_Interception_Settings_B|Toolpack v2.9: Lawful Intercept]]
| + | |
| − | *[[Toolpack:Lawful_Interception_Settings_A|Toolpack v2.8: Lawful Intercept]]
| + | |
| − | *[[Web_Portal_Tutorial_Guide_v2.7#Lawful_Interception|Toolpack v2.7: Lawful Intercept]]
| + | |
| − | | + | |
| − | == References ==
| + | |
| − | | + | |
| − | [http://en.wikipedia.org/wiki/Lawful_interception Wikipedia lawful intercept article]
| + | |
| − | | + | |
| − | [[category:Tmedia_Features]]
| + | |
| − | [[category:Needs revising]]
| + | |
