A communications system, particularly one connected to a publicly accessible network, generally has flaws that can be exploited to render all or portions of the system unusable. Security Measures are generally implemented as part of the network services to provide secure and private communication between peers and between the network and the end user. One example that provides such a secure connection is establishing what is known as an IPSec (Internet Protocol Security) tunnel between the end user and a network entity in the core network. The IPSec tunnel is established over the publicly available access network to provide secure communication line between the end user and the core network. The security provided by the IPSec focuses on protecting the content and the information exchanged between the end user and the network and protects against eavesdropping.
A high level view of the establishment of an IPSec tunnel 100 between an end user 102 and a trusted network entity 104 in a core network 106 in accordance with the prior art is shown in FIG. 1. The end user 102 is communicably coupled to the private core network 106 via public Internet access network 108, access router 110 and trusted network entity 104. The private core network 106 may also include other entities communicably coupled to the trusted network entity 104 and/or one another, such as IP-IP Gateway 112, SIP Server 114, Call Server 116 and Media Gateway 118. Private operation core network 120 entities may also be communicably coupled to the private core network 106, such as AAA Server 122, HSS Server 124, Application Server 126 and Billing 128. There are other security areas that are covered through means other than IPSec, but they are not relevant to the present discussion. One of many specific elements that the IPSec tunnel 100 establishment procedure requires is a Security Key that is exchanged between the trusted network entity 104 in the core network 106 and the end user 102. That security key is created by the trusted network entity 104 and given to the end user 102 to use during the current session. The Security Key is used as part of an encryption algorithm that the end user 102 applies on each IP (Internet Protocol) packet before sending it to the core network 106 over the public access network 108. Only the trusted network entity 104 and the end user 102 are aware of the Security Key value, and hence they can decode the packets exchanged over the public access network 108.
There are other network entities in the network that play an important role in providing security in different domains, such as network security, application level security, Operating System security, Internet Protocol level security and many others. In order to provide a full suite of security services, a network node needs to be able read and decode all messages exchanged between the end user 102 and the core network 106. Currently, the application level security node does not have access to the Security Key exchange between the end user 102 and the corresponding network entity 104. As a result a system, method and apparatus for monitoring one or more secure communications in a network using the Security Key is needed.