The invention relates to a method and system enabling interception of traffic between network elements, in particular in a case where the traffic is transported based on protocols adapted for internet-involving connections such as IP (Internet Protocol) or other type of packet-based protocols.
FIG. 12 shows a diagram of a system for lawful interception (LI) on the GPRS (General Packet Radio Service) plane. Apart from the elements 24, 25, 42, the network structure and network elements are in accordance with known standards or proposals.
In this application LIGs contain Administration Function (ADMF), Delivery Function 2 (DF2) and Delivery Function 3 (DF3), or as in FIG. 7 DF3 is integrated to network elements.
A network element 1, e.g. a terminal equipment TE and/or a mobile terminal MT of a subscriber, is connectable to the mobile network via a radio access network 2 which, according to FIG. 11, is implemented as a UMTS radio access network (UTRAN) but may also be a radio access network of other type. The system further comprises a home subscriber server (HSS) 4, one or more serving support nodes (SGSN, Serving GPRS Support Node) 8, one or more gateway nodes (GGSN, Gateway GPRS Support Node) 11, one or more call state control functions (CSCF) 16, one or more media gateway control functions (MGCF) 17, and cooperates with, or includes one or more network elements 18 for providing applications and services (APPSE). The network element 18 includes one or more service control points (SCP).
The system further comprises SGWs 28 (Transport Signaling Gateway), MGWs (Media Gateways) 29, MRF (Multimedia Resource Function) 30 and provides connections to other networks such as PSTN (Public Switched Telephone Network), legacy/external network 41, a virtual private network (VPN 42), multimedia IP networks 43 and legacy signaling network 44, etc.
As shown in FIG. 11, for performing lawful interception (LI), a Lawful Interception Gateway (LIG) 24 is provided which may be connected to or cooperate with a Law Enforcement Agency (LEA) 25 and may be connected to the support nodes 8 and/or 11 for intercepting traffic between a network element to be intercepted (e.g. network element) and another called or calling terminal. The elements involved in lawful interception are marked by hatched lines. In FIG. 11, the dual line represents “control, call related information and call content”. The continuous single line represents “signaling and data transfer”.
The system shown in FIG. 12 is able to intercept GPRS-based normal communications. However, a problem arises when interception is to be conducted with an internet-protocol-type connection such as a VoIP (Voice over IP) connection. GGSNs 11 normally do not recognise VoIP subscribers with IPT (IP telephony) identity. GPRS interception can therefore presently only be used for GPRS connections but not for VoIP connections.
In particular when the intended lawful interception (LI) does not relate to the user identity on the transport level (i.e. the ID's used by GPRS) but only to user identities used in the IM (Internet Multimedia) subsystem which are only known to the CSCF 16 (e.g. firstname.surname@sip.someoperator.com.), the support nodes 8 and/or 11 do not have information for identifying the call and call contents to be intercepted.
As an example, if the voice calls of a subscriber are to be intercepted, the GPRS support nodes may not be able to identify the calls by only relying on the PDP (Packet Data Protocol) contexts.