copyright © 2003, ss8 networks, inc. proprietary. do not copy or distribute without permission....
TRANSCRIPT
![Page 1: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/1.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Emergency Services & Regulatory Compliance
Internet Telephony Conference & Expo
February 5-7, 2003, Miami, FL
Cemal T. Dikmen, Ph.D.SS8 Networks
General ManagerLawful Intercept Products
![Page 2: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/2.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 2
AgendaAgenda
1. CALEA
Introduction
Electronic Surveillance Model
Lawful intercept in VoIP network
Data Intercept
2. E.911
Basics of E.911
Routing & IN Functions
PSAP Functionality
Basic E.911 Architecture
![Page 3: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/3.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 3
Communications Assistance
for Law Enforcement Act
CALEA
![Page 4: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/4.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 4
Lawful Interception is …Lawful Interception is …
… NOT about listening to people’s private conversations.
It is about fighting organized crime and terrorism.
It is about protecting the government and the good citizens from organized crime and terrorism.
It is about providing the necessary tools to the Law Enforcement to do their job better.
![Page 5: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/5.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 5
Market Conditions for VendorsMarket Conditions for Vendors
Lawful Intercept is a regulatory mandate in US and in many other countries with complex dynamics
Market is mostly well defined and out there
Predictable (because it is a mandate with certain timelines)
Unpredictable (because of extensions for timelines)
Variety of standards and proprietary switch interfaces
Lawful Intercept is not revenue generating for the customer Nobody wants to buy anything unless they have to
Everybody waits until the last moment
Service Providers want to minimize the capital expenditure and the operational cost without sacrificing quality Cost and Quality are the keys to success
Products which can reduce the operational cost of lawful intercept shall be the winners
![Page 6: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/6.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 6
CALEA Electronic Surveillance ModelCALEA Electronic Surveillance Model
Telecommunications Service Provider Law Enforcement Agency
AccessFunction
(AF)
InterceptAccessPoint
DeliveryFunction
(DF)
CollectionFunction
(CF)
J-STD-025PacketCabl
eETSI
Proprietary
Call Data Events
Call Content
Provisioning
Call Content Channel
Call Data Channel
CourtOrder
Provisioningof Warrant
![Page 7: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/7.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 7
Lawful Intercept Technology ComponentsLawful Intercept Technology Components
Access Function (AF) Network Elements (CO Switches, Routers, Trunking Gateways, Softswitches,
CMTS) that provide access to and replication of intercepted traffic.
Sniffers and splitters that can passively monitor network traffic
Delivery Function (DF) Database of target and warrant information
Provisioning interface
Proprietary interfaces to AFs
Standards based (J-STD-025, ETSI, TIIT, PacketCable) delivery of intercepted traffic to CFs
Collection Function (CF) Collects and records lawfully authorized intercepted communications (e.g., call
content) and call-identifying information for Law Enforcement Agencies
Provides analysis tools to the Law Enforcement Agents
![Page 8: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/8.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 8
Service Provider Domain
LI Administration Function
DELIVERY FUNCTION
Law Enforcement Collection Function
Customer Premise
IAD
Target Subscriber
Customer Premise IAD
(SIP, H.323, or MGCP based Gateway)
Gatekeeper, SIP Proxy, Call Agent
Aggregation Router
Aggregation Router
Pro
visi
on
ing
of
War
ran
t Admin
Lawful Intercept in VoIP NetworkLawful Intercept in VoIP Network
CallControl
CallControl
RTP Stream
![Page 9: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/9.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 9
Service Provider Domain
DELIVERY FUNCTION
CDCAdmin
PacketCable Voice Intercept – Edge RoutersPacketCable Voice Intercept – Edge Routers
CCC
LI Administration Function
DELIVERY FUNCTION
Law Enforcement Collection Function
Customer Premise
IAD
Target Subscriber
Customer Premise IAD
(SIP, H.323, or MGCP based Gateway)
Gatekeeper, SIP Proxy, Call Agent
Aggregation Router
Aggregation Router
Pro
visi
on
ing
of
War
ran
t Admin
CallControl
RTP Stream
CDC
COPS Request
Voice Packets
CallControl
![Page 10: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/10.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 10
Service Provider Domain
LI Administration Function
Gatekeeper, SIP Proxy, Call Agent
PSTNCustomer Premise IAD
(SIP, H.323, or MGCP based Gateway)
Target Subscriber
Law Enforcement Collection Function
GatewayAggregation Router
XCIPIO SSDF
PacketCable Voice Intercept – Trunking GWPacketCable Voice Intercept – Trunking GW
CallControl
Voice Packets
Forwarded Call
Call to Target
Pro
visi
on
ing
of
War
ran
t
CCC
Admin
CallForward to
PSTN
CDC
CDC
Admin
CDC
CDC
MGCP
DELIVERY FUNCTION
![Page 11: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/11.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 11
Service Provider Domain
DELIVERY FUNCTION
CDCAdmin
Proprietary Solutions – Edge RoutersProprietary Solutions – Edge Routers
CCC
LI Administration Function
DELIVERY FUNCTION
Law Enforcement Collection Function
Customer Premise
IAD
Target Subscriber
Customer Premise IAD
(SIP, H.323, or MGCP based Gateway)
Gatekeeper, SIP Proxy, Call Agent
Aggregation Router
Aggregation Router
Pro
visi
on
ing
of
War
ran
t Admin
CallControl
RTP Stream
CDC
Voice Packets
CallControl
Proprietary Request
![Page 12: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/12.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 12
Service Provider Domain
LI Administration Function
Gatekeeper, SIP Proxy, Call Agent
PSTNCustomer Premise IAD
(SIP, H.323, or MGCP based Gateway)
Target Subscriber
Law Enforcement Collection Function
GatewayAggregation Router
XCIPIO SSDF
Proprietary Solutions – Trunking GWProprietary Solutions – Trunking GW
CallControl
Voice Packets
Forwarded Call
Call to Target
Pro
visi
on
ing
of
War
ran
t
CCC
Admin
CallForward to
PSTN
CDC
CDC
Admin
CDC
CDC
Proprietary
DELIVERY FUNCTION
![Page 13: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/13.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 13
Data Intercept via Passive MonitoringData Intercept via Passive Monitoring
Service Provider Domain
Target Subscriber
AAA Server
Aggregation Router
LI Administration Function
Law Enforcement Collection Function
CDC
CCC
ReportIntercepted
Data
Report New IP Address Assigned
Admin
Pro
vision
ing
XCIPIO IADF
Pro
visi
on
ing
of
War
ran
t
Admin
InternetData Stream
AuthenticateDHCP
DELIVERY FUNCTION
SNIFFER
SNIFFER
![Page 14: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/14.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 14
Technical ChallengesTechnical Challenges
It is extremely difficult to capture call identifying information and call content in some of the call features, specifically for the features implemented within the customer premise IAD.
Some of the “FBI Punch List” items are extremely difficult to implement since they involve call features implemented within the customer premise IAD.
Dialed Digit Extraction (another Punch List item) is also very difficult to implement.
Most of the network elements (Call Agents, Gatekeepers, Trunking Gateways, Aggregation Routers, CMTS, etc.) need to support this feature within the distributed IP environment.
![Page 15: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/15.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 15
Emergency Services
E.911
![Page 16: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/16.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 16
E.911 BasicsE.911 Basics
E.911 establishes a regulatory framework for delivering emergency services over telephony infrastructure
Design and regulations were based on (then) existing circuit-switched infrastructure
Packet-based technologies present new challenges within the E.911 framework – particularly as they relate to location
Most VoIP deployments currently classify themselves as “secondary line” and “exempt” from E.911 regulations
E.911 infrastructure varies widely from large metropolitan areas to small rural locations
Metro areas are sophisticated and highly concentrated, operating 24x7
Rural areas are often very distributed, only operative during parts of the day, and can be quickly overloaded in the case of emergencies such as flooding, tornados, etc.
![Page 17: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/17.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 17
Two Types of “E.911” RequirementsTwo Types of “E.911” Requirements
Statutory Requirements
Legal framework requiring carriers to provide Emergency Services
Includes Lifeline (power from the switch)
Includes 911 Services (routing, call camp, force line open, etc).
Applies only to Primary Line services and can be waived by consent of the customer
DeFacto Requirements
If a 911 call is dropped or lifeline not delivered, the carrier will most likely be sued
Recent court judgments average around $30 million for successful plaintiffs
Applies to secondary and primary line – if the victim can prove he/she did not know this was a secondary line (there is no label on the phone), they will most probably win the case
VoIP is subject to DeFacto Emergency services today
![Page 18: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/18.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 18
Aspects of E.911 ServiceAspects of E.911 Service
Four Elements of an E.911 Service
Lifeline: Providing power to the device in the case of power outage
Signaling: Call state signaling between the switch and the E.911 trunks to the Public Safety Answering Point (PSAP)
Routing and Name Delivery: Looking up calling party name and address and determining optimal PSAP to send the call to (with backup PSAPs in the case primaries are not available)
PSAP Processing: Automatic Call Distributor (ACD) -level call queuing and features executed at the PSAP
![Page 19: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/19.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 19
LifelineLifeline
Phone network does this over twisted pairs
Most VoIP solutions are not offering lifeline or are using battery backup
Batteries are often larger and more expensive than the IP terminals themselves
A battery backup could double as a kitchen table
Power over LAN solutions are now available but not widely deployed
Lifeline will be provided by either the end-device manufacturer (battery backup) or the IP network through an access router adjunct system
Lifeline is currently the most difficult of the emergency services to tackle for IP providers
![Page 20: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/20.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 20
SignalingSignaling
E.911 calls are processed over dedicated trunks from the switch to the PSAPs
Most 911 trunks today are still MF-based
Spec for SS7 was approved in the early 90s, but never widely deployed
In addition to call setup, E.911 trunks must provide one-way call tear down – only the receiving party can release the circuit.
Few, if any, Media Gateway manufacturers support MF signaling to the E.911 spec
![Page 21: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/21.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 21
Routing and IN FunctionsRouting and IN Functions
Intelligent Network functions are the core of E.911 services
When a call is placed to E.911, the users name and location must be retrieved
Based on location and factors like time of day, a PSAP route list is invoked
Calls are routed to the correct E.911 trunk with delivery of calling party name and address
SS8 provides the IN functions for E.911 today (but assumes static location)
Location is the big issue for call routing
If the IP device can be assumed to reside at a static location, traditional E.911 services are easy to deliver
However, this cannot be assumed – the user may take a SIP phone or end device and plug it in to any LAN, register, and make calls
Determining the location of the user is an ongoing issue – solutions such as GPS have been proposed, but….
![Page 22: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/22.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 22
PSAP FunctionalityPSAP Functionality
At each PSAP, the operator has a series of tools to answer, dispatch and resolve an E.911 call
PSAP tools are similar to those in a traditional call center, with specific functionality for emergency services
Much of this equipment is currently old and difficult to manage
ACD functions such as queuing, prioritization, session keep-alive, recording, and forwarding/pooling
Currently, PSAPs only take PSTN trunks – eventually this will evolve to complete IP connectivity between the network and the PSAP
IP technology will actually improve many PSAPs by incorporating presence, parallel forking, and PC integration
![Page 23: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/23.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 23
Elements of E.911 (where functions live)Elements of E.911 (where functions live)
Lifeline
End devices (battery) and/or network transmission
Signaling
Media Gateways supporting MF and E.911 SS7
IN/Routing
IN platform vendors such as SS8
PSAP Call Control
ACD and PBX providers, including E.911 providers like Entrado and Telcontrol
![Page 24: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/24.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 24
A Basic E.911 Network ArchitectureA Basic E.911 Network Architecture
CarrierBackbone
CarrierBackbone
MGCP/ SIP
Traditional PSAP
IP-Enabled PSAP
IPAccess Network
MF Trunks
SIP
Call Routing, Location Services, Calling Party Name/Address
(Overall Network Logic)
SIPGatekeeper, SIP Proxy, Call Agent
MGW
SERVICECONTROLER
![Page 25: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/25.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 25
SummarySummary
E.911 will become a major requirement for VoIP operators in the near future
Legal mandates are being avoided for the moment, but de facto exposure still exists
Primary line service is the 2004 goal for most operators
Call Routing and Network logic is currently resolved by vendors like SS8, but the issue of location is outstanding
Lifeline power services are still evolving
MF interfaces to legacy PSAPs
Evolution of IP-Enabled PSAPs will streamline delivery and help make PSAPs more efficient
![Page 26: Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Emergency Services & Regulatory Compliance Internet Telephony](https://reader036.vdocument.in/reader036/viewer/2022070401/56649f175503460f94c2dabc/html5/thumbnails/26.jpg)
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Cemal Dikmen
Phone: +1.203.925.6185
http://www.ss8.com
Thank You ! ! !