The Open Systems Interconnection (OSI) reference model provides a set of protocols that defines and standardises the data communications process to establish a networking framework which facilitates the exchange or transfer of information from a first application to a second application through a network medium, where the first and second applications may reside or operate in first and second nodes or stations, respectively, typically computing devices. A description of the OSI model in relation to internetworks is provided in “Designing Cisco Networks”, Teare, Diane, Indianapolis: Cisco Press, July 1999, a copy of which may be found on www.cisco.com.
The OSI model provides for implementing protocols in seven layers so that the transfer of information is broken down into smaller, more manageable tasks, with each layer being assigned a subset of these tasks. Each layer is reasonably self-contained so that the tasks assigned to each layer can be implemented independently. The seven layers are specified below:                application (layer 7)        presentation (layer 6)        session (layer 5)        transport (layer 4)        network (layer 3)        data link (layer 2)        physical (layer 1)        
The top three layers, known as the application set of layers (application, presentation and session), may be grouped together as they provide the application services required for the exchange of information in that they allow two applications to interact with each other through the services provided by their respective operating systems. The bottom four layers or data transport layers (transport, network, data link and physical) may also be grouped together, with these four layers providing the end-to-end services necessary for data exchange between two systems using protocols associated with the communications network used to link the two nodes together.
Generally, any given layer will communicate with three other layers—the layers immediately above and below, as well as the peer layer in other networked systems. The services provided by adjacent layers help a given OSI layer communicate with its peer layer, which is important because the information exchange process occurs between peer layers.
At the originating system, each OSI layer adds control information to the data or information to be exchanged, whereas the destination system analyses and removes the control information from the data. Thus, the origination system works from the application layer to the physical layer, adding control information at each layer, whereas the destination system works from the physical layer to the application layer, extracting control information at each layer so as to arrive at the original data.
The physical layer defines the electrical, mechanical, procedural and functional specifications for activating, maintaining and deactivating the physical link between communication network systems. It is responsible for any encoding scheme, defines physical aspects such as cables and cards, provides electrical and mechanical interfaces for a network and specifies how signals are to be transmitted on the network.
The data link layer provides for the reliable transit of data across a physical network link by defining network and protocol characteristics, including physical addressing which enables multiple devices to uniquely identify one another at the data link layer. The data link layer controls frame synchronisation, flow control and error checking.
The network layer defines the network address (as opposed to the physical address) and provides switching and routing technologies to create logical paths for transmitting from node to node. The layer also controls error handling, congestion control and packet sequencing.
The transport layer provides for the transparent transfer of data between end systems or hosts and is responsible for end-to-end error recovery and flow control, thereby ensuring complete data transfer.
The session layer establishes, manages and terminates communication sessions.
The presentation layer works to transform data into the form that the application layer can accept so that the information or data sent from the application layer of one system is readable by the application layer of another system. This layer formats and encrypts data to be sent across a network providing freedom from compatibility problems.
The application layer supports application and end user processes by interacting with software applications that implement a communicating component. Functions of this layer include identifying communication partners and quality of service, considering user authentication and privacy, determining resource availability and synchronising communication.
Protocol stacks are particular implementations (usually in software) of a protocol suite. Protocol stacks are often divided into media, transport and application sections or layers with interfaces, defined by software provided between the media and transport layers and the transport and application layers. The media/transport interface defines how protocol software makes use of particular media and hardware types (e.g. card drivers). For example, this interface may define how TCP/IP transport software talks to Ethernet hardware. The application/transport interface specifies how application programs make use of the transport layers. For example, this interface may define how a web browser program talks to TCP/IP transport software.
Telecommunications service providers have been requested to facilitate the lawful interception of telephone calls and other transfers of information over their networks so as to enable authorised organisations, such as law enforcement agencies, to monitor and intercept communications by individuals under investigation.
US 2004/0165709 A1 describes the interception of calls within a Voice over Internet Protocol or VoIP network. The VoIP network includes a switch that offers IP-based telephony services for subscribers over a packet network. Packet interceptors are deployed in the packet network to non-intrusively monitor the signalling and media packets, which comprise a call in a VoIP network. Following receipt of an interception request, a call monitoring engine notifies the packet interceptors to monitor for any activity on the VoIP network for a specific telephone. The packet interceptors then isolate and filter packets based on standard VoIP signalling protocols. In response to commands from the call monitoring engine, the packet interceptors forward voice packets to a voice packet receiver and assembler, which buffers and re-transmits the media stream to a law enforcement agency over a secure channel.
US 2002/0078384 A1 describes an interception method and system for a packet network, such as a GPRS (General Packet Radio Service) or UMTS (Universal Mobile Telecommunications System) network. A first network element is provided for intercepting data packets in a packet network. The first network element reads headers of data packets and uses this information to select whether or not to intercept a particular packet. Packets selected for interception are duplicated and sent to an interception gateway element (as well as the packet network), which in turn forwards the packets to an intercepting authority.
US 2005/0094651 A1 describes a lawful interception gateway which receives RTP/IP packets comprising the content of an intercepted communication between two or more users of a communication network from a media gateway. When a communication involving a target user is detected by the media gateway, the media gateway transmits interception related information and the corresponding communication content to a monitoring facility.
U.S. Pat. No. 5,913,161 describes lawful interception of cellular communications. Communications are copied at the interface to a base station subsystem. Control information is continuously monitored so as to identify target identification numbers of called and calling parties. Upon finding a target number, the copy of the relevant channel is forwarded to a monitoring station.
EP 1 484 892 A2 describes lawful interception of packet switched network services. Interception functionality is provided at a switch, which may be any node in the network where data packets, including packets that contain the user ID of a subscriber to the network, can be intercepted. On attempting to log on, the user ID is compared to a list of target user IDs and, if there is a match, a copy of the communications is forwarded to a monitoring station.
There remains a need in the art for a system and/or apparatus and/or method which enables communications of different types to be monitored concurrently, particularly in or approaching real-time.