1. Field of the Invention
The invention relates to a method and a system for lawful interception of packet switched network services.
According to recent legislation in many countries, providers of packet switched network services are obliged to provide facilities that permit lawful interception of the data traffic over the network. While some countries prescribe that all traffic of all users or subscribers to the network services shall be monitored, the laws of other countries provide that such general monitoring is forbidden and interception of traffic to or from users, even interception of only the connection data, is permitted only for specific users or subscribers who qualify, e.g. by court order, as lawful interception targets. Of course, the service provider has a responsibility to make sure that the identities of lawful interception targets are kept secret.
Accordingly, there is a demand for a method and a system for lawful interception of packet switched network services that can be implemented and operated at relatively low costs and can easily be adapted to differing legal provisions and requirements in various countries.
2. Description of the Related Art
A conventional approach is the so-called hardware monitoring, which means that specialized equipment necessary for interception purposes is installed at a location where the specified lawful interception target gets access to the network. This involves high costs and has the further drawback that the secrecy requirement is difficult to fulfill, because of the potential visibility of the hardware to not security-screened staff. Moreover, this approach is not practical when the network can be accessed from mobile units such as mobile telephones, laptop computers and the like, or through public access points such as WIAN hot spots or simply by dialing in over a PSTN with a modem or via ISDN from a hotel or public telephone.
Another known approach is the so-called software monitoring, wherein suitable software is implemented within the internal network of the service provider for identifying the subscribed users that connect to the network and for deciding whether or not the traffic to or from these subscribers shall be intercepted. This solution involves a certain amount of interception-related traffic within the internal network of the service provider, and this traffic may be observable by a relatively large number of employees of the service provider, so that careful security screening of the personnel is necessary in some countries. This not only constitutes a high cost factor but may also raise intricate legal problems in view of employment contracts and the like.
The European Telecommunications Standards Institute (ETSI) has published specifications for a lawful interception reference model (ETSI-document ES 201 671).
An Internet document of Baker et al.: “Cisco Support for Lawful Intercept in IP Networks”, April 2003, http://www.rfc-editor.org/internet-drafts/draft-bakerslem-architecture-00.txt, recommends that intercept traffic between an interception point and a mediation device is encrypted in order to limit unauthorized personnel from knowing lawfully authorized intercepts.