LAWFUL INTERCEPTION OF VOIP - RUDOLF WINSCHUH BUSINESS DEVELOPMENT TRANSACTION SECURITY / TELECOMMUNICATIONS
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Lawful Interception of VoIP Rudolf Winschuh Business Development Transaction Security / Telecommunications
Agenda
Company Overview
Lawful Interception
Definition and Terms
Legal Framework
Functional Overview
LI for VoIP
LI solutions for VoIP
LI of peer-to-peer VoIP
Standards and Regulation
Open Issues
LI for NGN/IMS
Utimaco Safeware AG
2Company Profile
Foundation: 1983
Turnover: 34.8 million in 2004/2005
EBIT: 5.8 million
Ownership: Public Company
(Frankfurt Prime Standard)
Employees: > 250 worldwide
Headquarters: Oberursel (near Frankfurt/Main)
“Utimaco – the Data Security Company”
Utimaco Safeware AG
3Presence
Branch offices
Distributors
Development centers
US/Boston Japan
(Details: www.utimaco.com) Israel
Egypt JV Hong Kong
Saudi Arabia Taiwan
Brasil
Malaysia
Argentina Singapore
Chile
South Africa
Australia
Global partners:
IBM / Lenovo
Cisco
Siemens
T-Mobile
Utimaco Safeware AG
Vodafone
…
4Portfolio
Utimaco Product Portfolio:
Personal Device Security Transaction Security
Innovative, trustworthy SafeGuard® Focusing on innovative eBusiness and
solutions protect your data against eGovernment solutions on the basis of
misuse – on the terminals in private as Utimaco technologies
well as public organizations (e-mail security, PKI, PKI-enabled
(SafeGuard® Easy, - PrivateDisc, - applications, Hardware Security Module,
LANCrypt, - PrivateCrypto, - Advanced Lawful Interception Management
Sec., - PDA). System).
Hard disk encryption Sign - Verify
Virtual disk Encrypt - Decrypt
File security PKI - Infrastructure
Utimaco Safeware AG
Management of Time-Stamping
rights Hardware Security
PDA protection Modules
LI-Management
5Lawful Interception – Definition and Terms
Lawful Interception (LI)
Interception of telecommunications for purposes of law enforcement
based on laws and other regulations
Requirements for telecommunication service providers
Law Enforcement Agency (LEA)
Interception Related Information (IRI)
Information about intercepted communications (e.g. identifiers of
participants, times, location information)
Call Content (CC)
Content of intercepted data (e.g. speech, e-mail, data)
Utimaco Safeware AG
Handover Interfaces (HI)
6Legal Framework
LI is based on national laws and regulations
Implementation is often based on standards
National legislation International technical standards
SORM CIS
Constitution
Interception of telecommunications ATIS America (US)
Telecommunications
laws
ETSI Europe
Other laws 3GPP Worldwide
National regulations
Utimaco Safeware AG
Organization Technology Data protection
7Generic Requirements
All communication of a target and service must be intercepted
Integrity and confidentiality of Information must be ensured
Only authorized personnel must be able to use the LI equipment
All information must only be accessible to authorized personnel
Every use of LI equipment must be logged
Intercepted subject must never be able to detect the interception
Active interception measures must never influence the
telecommunication service
Provider only required to provide accessible data
Network-intrinsic encryption must be removed
Utimaco Safeware AG
8Functional Overview
Utimaco Safeware AG
9Functions of LI Solutions
Administration Function
GUI to administrate LI components and interception measures
Mediation (Delivery) Function
Communication between administration system and access functions
Delivery Function (DF) transmits IRI and CC to LEA
Access Function
Accesses data to be intercepted in telecommunication network
Active: Internal Interception Function (IIF) integrated in network node
Passive: Probe/Sniffer, filtering to be intercepted communications out
of whole network traffic
Utimaco Safeware AG
10Functions of LI Solutions for VoIP
Delivery Function
IP
PSTN
Access Function
Active/IIF:
Signaling Server (e.g. SIP Server)
Access Router
Session Border Controller
Application Server
Passive:
Utimaco Safeware AG
Probes (SIP, H.323, RTP, …)
11Valuation of LI Solutions for VoIP
Pros Cons
Active + no additional hardware - security
Signaling Server + scales good - IIF integrated in server
+ minimal effort for provider - performance
Access Router + access to all media - correlation of IRI and CC difficult
+ sometimes only alternative - LI functions at multiple points
Session Border Controller + reuse of SBCs - calls to PSTN not covered
+ easy correlation of IRI and CC - additional hardware
Application Server + centralized solution - rerouting could be necessary
+ easy correlation of IRI and CC - application dependent
Passive + very secure - additional hardware
Probes + indepent of vendor (in theory) - scaling can become an issue
- possibility of packet losses
Utimaco Safeware AG
12LI of peer-to-peer VoIP
Signaling- Provider
Administration
Signaling-
Function
Server
IRI
n aling
Sig
IR
I
Law Enforcement
Delivery Agencies (LEA)
User Co Function 2
nte Access-Provider
nt IRI
Access-
Server
Delivery CC
Function 3
CC
Utimaco Safeware AG
13LI-Standards for VoIP
ATIS T1.678
US
ETSI WI 00024
Europe
Canada, Australia, Asia?
3GPP 33 108
3rd generation mobile network operators
CableLabs PacketCable
(Broadband) Cable operators
ETSI TS 101 671
Originally for PSTN networks
Utimaco Safeware AG
Possible solution for PSTN and VoIP operators
14Status of Regulation
US
Based on CALEA
Second order of FCC from 12 May 2006
Interconnected VoIP services
Providers must be compliant by 14 May 2007
Europe
Different from country to country
Germany: Interim solution until ETSI standard is finalized
Netherlands: LI of VoIP already active
Utimaco Safeware AG
15Open Issues
IRI
Forwarding of signalling information e.g. SIP messages
vs.
Mapping of SIP messages to defined structures
CC
Some providers cannot access the content
Possible ban of business models
Application/service specific data
Encryption is a hard problem for LEAs
Utimaco Safeware AG
Blocking of encrypted traffic?
16LI for NGN/IMS
Next Generation Networks (NGNs) standardized by ETSI
TISPAN
Based on 3GPP approach
Core component: IP Multimedia Subsytem (IMS)
Goals:
Independent of underlying network architectures
Services in networks independent of access type (PSTN,
mobile, DSL, …)
Terminal and user mobility
Utimaco Safeware AG
Easy deployment of new services
17TISPAN R1NGN IMS architecture (ES 282 0001)
ASF
ASF Sh Type 2 Dh
Type 1 IWF
UPSF SLF
Lb
Cx ISC Dx
IBCF Lc
TE Core IMS
I/S-CSCF
P2 Mi
AGCF
Other Networks
Gm Mk
User equipment
BGCF
P1
P1 Mw Mr Gq’
Mg
e2 CLF
PSTN / ISDN
e2
NASS P-CSCF MRFC MGCF
a4 e4
a4
CNGCF Gq’
PDBF
a2
a2 SPDF
e3
e3 A-RACF Rq SPDF
NACF UUAF RACS RACS
a1
a1 Re
Re Ia
Ia Mp
Mp Mn
Mn Ie
Ie Ia
Ia
a3
a3
CNG e1
e1 ARF e1
e1 AMF RCEF Di
Di C-BGF MRFP SGF
IP
T-MGF
L2TF Core Network IP
A-MGF
ZZ Access Node Edge I-BGF 18
© 2002, Cisco Systems, Inc. All rights reserved. transportTISPAN R1NGN architecture with IMS
LI reference points
HI1
AF HI2 LEAF
MF HI3 LEMF
ASF
IRI-IIF
ASF Sh Type 2 Dh
IRI-IIF
Type 1 IWF
UPSF SLF
Lb
Cx ISC Dx
IBCF Lc
TE Core IMS
I/S-CSCF
IRI-IIF
P2 Mi
AGCF
IRI-IIF
Other Networks
Gm Mk
User equipment
IRI-IIF
BGCF
P1
P1 Mw Mr Gq’
Mg
e2 CLF
PSTN / ISDN
e2
NASS P-CSCF
IRI-IIF MRFC
IRI-IIF MGCF
IRI-IIF
a4 e4
a4
CNGCF Gq’
PDBF
a2
a2 SPDF
e3
e3 A-RACF Rq SPDF
IRI-IIF
NACF IRI-IIF
UUAF RACS RACS
a1
a1 Re
Re Ia
Ia Mp
Mp Mn
Mn Ie
Ie Ia
Ia
a3
a3
CNG e1
e1 ARF e1
e1 AMF CC-IIF
RCEF Di
Di CC-IIF
C-BGF MRFP
CC-IIF SGF
IP
T-MGF
CC-IIF
L2TF Core Network IP
A-MGCF
CC-IIF
ZZ Access Node Edge I-BGF
CC-IIF 19
© 2002, Cisco Systems, Inc. All rights reserved. transportQuestions?
www.utimaco.com
Rudolf Winschuh
rudolf.winschuh@aachen.utimaco.de
Tel.: + 49 (0)241 1696 248
Utimaco Safeware AG
20You can also read
