1 carrier concerns and issues: voip anthony m rutkowski vice president, netdiscovery service...
TRANSCRIPT
1
Carrier concerns Carrier concerns and issues: VoIPand issues: VoIP
Anthony M RutkowskiAnthony M RutkowskiVice President, NetDiscovery ServiceVice President, NetDiscovery Service
VeriSignVeriSignmailto:[email protected]:[email protected]
President, Global LI Industry ForumPresident, Global LI Industry Forum
2
Adverse Impacts on Adverse Impacts on CarriersCarriers
Intercept solutions costlyIntercept solutions costly Hardware and software expendituresHardware and software expenditures Mediation devicesMediation devices
Large on-going operational expensesLarge on-going operational expenses Dedicated Security Office PersonnelDedicated Security Office Personnel Compliance to Legal/Regulatory Procedures for System Security & Compliance to Legal/Regulatory Procedures for System Security &
IntegrityIntegrity Network Operations Staff for supporting network connectivity for Network Operations Staff for supporting network connectivity for
each LEAeach LEA Assistance to LEAs in initial connectivity or on-going surveillance Assistance to LEAs in initial connectivity or on-going surveillance
supportsupport Legal liabilities for non-compliant Security Policies and Legal liabilities for non-compliant Security Policies and
unauthorized disclosure of legal order informationunauthorized disclosure of legal order information LI preliminary investigative support requirements can be LI preliminary investigative support requirements can be
equally significantequally significant Directories and identifier discoveryDirectories and identifier discovery Communications detail records searchesCommunications detail records searches
LEAs often reluctant to use lower cost secure VPN technology LEAs often reluctant to use lower cost secure VPN technology
3
New requirements for New requirements for carriers with a global carriers with a global
footprint and LEAsfootprint and LEAs New laws coming into force will significantly New laws coming into force will significantly
affect some carriers (and LEAs)affect some carriers (and LEAs) Convention on CybercrimeConvention on Cybercrime Mutual Assistance Multilateral and Bilateral Mutual Assistance Multilateral and Bilateral
Agreements, especially the 2000 European MLAT Agreements, especially the 2000 European MLAT 2nd Protocol2nd Protocol
Homeland Security Information Sharing ActHomeland Security Information Sharing Act Transnational interceptions and handovers likely to Transnational interceptions and handovers likely to
be commonplacebe commonplace Multiple independent Lawful Interception Multiple independent Lawful Interception
provisions and standards substantially drive up provisions and standards substantially drive up costs of compliance and implementationcosts of compliance and implementation Raises many issues, including discovery phase Raises many issues, including discovery phase
obligationsobligations VoIP will be a major focus of transnational LIVoIP will be a major focus of transnational LI
4
Multiple VoIP Lawful Multiple VoIP Lawful Interception solutions for Interception solutions for
carriers are emergingcarriers are emerging Cisco has just announced a new, highly effective, Cisco has just announced a new, highly effective,
standards-based, service independent LI architecture standards-based, service independent LI architecture for worldwide usefor worldwide use www.ietf.org/internet-drafts/draft-baker-slem-architecture-00.twww.ietf.org/internet-drafts/draft-baker-slem-architecture-00.t
xtxt www.ietf.org/internet-drafts/draft-baker-slem-mib-00.txtwww.ietf.org/internet-drafts/draft-baker-slem-mib-00.txt Initial implementation will support VoIP network elementsInitial implementation will support VoIP network elements Other vendors are following Cisco leadOther vendors are following Cisco lead All mediation and collection system vendors are implementingAll mediation and collection system vendors are implementing VeriSign NetDiscovery Service™ has already implemented and VeriSign NetDiscovery Service™ has already implemented and
tested as a cost-effective service bureau architecturetested as a cost-effective service bureau architecture What is not intercepted from built-in VoIP network What is not intercepted from built-in VoIP network
elements can be extracted from traffic streams using elements can be extracted from traffic streams using special access devices and probes offered by existing special access devices and probes offered by existing vendors (e.g., TopLayer-Verint/SS8, ECtel, Aqsacom)vendors (e.g., TopLayer-Verint/SS8, ECtel, Aqsacom)
More difficult issues involve the interception of third More difficult issues involve the interception of third party signalling information and availability of party signalling information and availability of identifier informationidentifier information
5
VoIP LI Specifications VoIP LI Specifications (by scope)(by scope) Generic HandoverGeneric Handover
Cisco TapMIB et seq.Cisco TapMIB et seq. ETSI ES 201 671v2.1.1 (2001-09)*[also known as GLIC or ULIC]; TS ETSI ES 201 671v2.1.1 (2001-09)*[also known as GLIC or ULIC]; TS
101 671 V2.4.1 (2002-10)**101 671 V2.4.1 (2002-10)** Germany REGTP TR FÜV V3.0 (2001-11)* [modified ETSI Germany REGTP TR FÜV V3.0 (2001-11)* [modified ETSI
specification]specification] TIA J-STD-025A*; PN-4465-RV1.12 (14 Jan 2003)**TIA J-STD-025A*; PN-4465-RV1.12 (14 Jan 2003)** UK HO NHIS V1.0 (2002-05)* [replaces GHIS, modified ETSI UK HO NHIS V1.0 (2002-05)* [replaces GHIS, modified ETSI
specification]specification] IP HandoverIP Handover
ETSI DES/SEC-003020 V0.3.0 (2002-10)**ETSI DES/SEC-003020 V0.3.0 (2002-10)** Netherlands EZ TIIT V1.0.0 (2002-09)*Netherlands EZ TIIT V1.0.0 (2002-09)*
Wireless IP HandoverWireless IP Handover 3G/UMTS3G/UMTS
3GPP TS 33.108v5.1.0 (2002-09)*3GPP TS 33.108v5.1.0 (2002-09)* Cable IP HandoverCable IP Handover
Cable Labs PKT-SP-ESP-I01-991229*Cable Labs PKT-SP-ESP-I01-991229* SCTE 24-13 2001**SCTE 24-13 2001**
Cable IP Handover for Voice & MultimediaCable IP Handover for Voice & Multimedia ETSI ES_101 909-20.1 V.0.0.11 (2002-11)**ETSI ES_101 909-20.1 V.0.0.11 (2002-11)**
Softswitch Based NetworksSoftswitch Based Networks ISC [unknown] (27 Nov 2002)**ISC [unknown] (27 Nov 2002)**
VoIPVoIP DTS/TIPHON-03020v1.0.1(2002-11)**DTS/TIPHON-03020v1.0.1(2002-11)**
Wireline VoP (includes VoIP, VoMPLS, and VoATM)Wireline VoP (includes VoIP, VoMPLS, and VoATM) ANSI T1.XXX-XXXX (T1S1 Doc. 3s100030)**ANSI T1.XXX-XXXX (T1S1 Doc. 3s100030)***Adopted and **most current draft versions listed
6
The VoIP meta-architecture The VoIP meta-architecture
significantly affects carrierssignificantly affects carriersApplication/Signalling ProviderPremises
SNMP
Backbone ProviderPremises
SNMP
Access Provider Premises
SNMP
LI Watcher
Provider Premises,LEMF Premises,
or Service Bureauintermediary
3rd Party Premises
Target Subject Location
Law Enforcement Monitoring Facility (LEMF)
User Client(s)/ Agent(s)
Collection and Analysis Systems
Access Servers
LogFile
AccountFile
LI Access Device
Intranet
3rd PartyClient(s)/ Agent(s)
Internet
IRI & CC FunctionsHI 2, HI 3 (typical)
Provisioner FunctionHI 1 (typical)
Application/Signalling
ServerLI Access Device
Intranet
LI Mediation Device
LI Access Device
LI Mediation Device
LI
LI Mediation Device
LI Watcher
AccountFile
LI
LogFile
From An Internet Ecosystem LI Reference Model and its elements, Figure 1, VeriSign Switzerland SA, Doc. ETSI/LI-Rap#05TD012, Sophia Antipolis, 28-29 Jan 2003
7
LI meta-architecture effects LI meta-architecture effects on carrierson carriers
Referencing diagram - at most provider premises Referencing diagram - at most provider premises sites, there are four interception options emerging - sites, there are four interception options emerging - based on different standardsbased on different standards
There are no “one option fits all” solutions; so they There are no “one option fits all” solutions; so they will co-existwill co-exist
Different standards are also emerging for each VoIP Different standards are also emerging for each VoIP mediummedium
VoIP network elements can also be spread across VoIP network elements can also be spread across multiple independent providers and premisesmultiple independent providers and premises
A 10,000+ provider by 5,000+ LEA Lawful A 10,000+ provider by 5,000+ LEA Lawful Interception matrix already existsInterception matrix already exists
Obligations of providers to support LEAs VoIP Obligations of providers to support LEAs VoIP orders concurrently among multiple providers orders concurrently among multiple providers becomes highly complex, difficult, and potentially becomes highly complex, difficult, and potentially costlycostly
Intermediary service bureaus may become crucial to Intermediary service bureaus may become crucial to effective intercept integration of all the VoIP options effective intercept integration of all the VoIP options and achieving cost reductionsand achieving cost reductions
8
LI investigative support LI investigative support costs significantly affects costs significantly affects
carrierscarriers LI investigative support costs can be very substantialLI investigative support costs can be very substantial
Explicitly raised in Canadian consultative and other national Explicitly raised in Canadian consultative and other national proceedingsproceedings
Typically the occurrence of these requests significantly exceed Typically the occurrence of these requests significantly exceed the number of for actual interceptionsthe number of for actual interceptions
Needed common VoIP LI related capabilities includeNeeded common VoIP LI related capabilities include Requests for VoIP account identifiersRequests for VoIP account identifiers Requests for VoIP communication detail recordsRequests for VoIP communication detail records Service of LI orders, subpoenas, and warrantsService of LI orders, subpoenas, and warrants Interactions between Law Enforcement Monitoring Facility Interactions between Law Enforcement Monitoring Facility
(LEMF) and access mediation equipment(LEMF) and access mediation equipment Multiple, non-interoperable ASN.1 VoIP Handover Interface Multiple, non-interoperable ASN.1 VoIP Handover Interface
information syntax specificationsinformation syntax specifications Interoperable global LI parties and objects registriesInteroperable global LI parties and objects registries Certificate-based authentication for parties, documents, and Certificate-based authentication for parties, documents, and
carrier-agent-LEA transactionscarrier-agent-LEA transactions Solutions must be based on standard global schemas that Solutions must be based on standard global schemas that
allow for national and regional variations and XML-ASN.1 allow for national and regional variations and XML-ASN.1 interoperabilityinteroperability
Significant benefits would accrue to providers, intermediate Significant benefits would accrue to providers, intermediate agents, and LEAsagents, and LEAs