Emergency Services Regulatory Compliance Internet Telephony Conference

Скачать презентацию Emergency Services Regulatory Compliance Internet Telephony Conference

255e1b81ae10ead4c6ce66477150ddd7.ppt

Количество слайдов: 26

Emergency Services & Regulatory Compliance Internet Telephony Conference & Expo February 5 -7, 2003, Miami, FL Cemal T. Dikmen, Ph. D. SS 8 Networks General Manager Lawful Intercept Products Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.

Agenda 1. CALEA v Introduction v Electronic Surveillance Model v Lawful intercept in Vo. IP network v Data Intercept 2. E. 911 v Basics of E. 911 v Routing & IN Functions v PSAP Functionality v Basic E. 911 Architecture Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 2

Lawful Interception is … … NOT about listening to people’s private conversations. It is about fighting organized crime and terrorism. It is about protecting the government and the good citizens from organized crime and terrorism. It is about providing the necessary tools to the Law Enforcement to do their job better. Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 4

Market Conditions for Vendors q Lawful Intercept is a regulatory mandate in US and in many other countries with complex dynamics Ê Market is mostly well defined and out there Ê Predictable (because it is a mandate with certain timelines) Ê Unpredictable (because of extensions for timelines) Ê Variety of standards and proprietary switch interfaces q Lawful Intercept is not revenue generating for the customer Ê Nobody wants to buy anything unless they have to Ê Everybody waits until the last moment Ê Service Providers want to minimize the capital expenditure and the operational cost without sacrificing quality Cost and Quality are the keys to success Ê Products which can reduce the operational cost of lawful intercept shall be the winners Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 5

CALEA Electronic Surveillance Model Telecommunications Service Provider Law Enforcement Agency Court Order Access Function (AF) Intercept Access Point Provisioning of Warrant Provisioning Call Data Events Call Content Proprietary Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Delivery Function (DF) Call Data Channel Collection Function (CF) Call Content Channel J-STD-025 Packet. Cable ETSI 6

Lawful Intercept Technology Components q Access Function (AF) Ê Network Elements (CO Switches, Routers, Trunking Gateways, Softswitches, CMTS) that provide access to and replication of intercepted traffic. Ê Sniffers and splitters that can passively monitor network traffic q Delivery Function (DF) Ê Database of target and warrant information Ê Provisioning interface Ê Proprietary interfaces to AFs Ê Standards based (J-STD-025, ETSI, TIIT, Packet. Cable) delivery of intercepted traffic to CFs q Collection Function (CF) Ê Collects and records lawfully authorized intercepted communications (e. g. , call content) and call-identifying information for Law Enforcement Agencies Ê Provides analysis tools to the Law Enforcement Agents Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 7

Lawful Intercept in Vo. IP Network Service Provider Domain in dm Gatekeeper, SIP Proxy, Call Agent A Provisioning of Warrant LI Administration Function Law Enforcement Collection Function DELIVERY FUNCTION Customer Premise IAD (SIP, H. 323, or MGCP based Gateway) Call Control RTP Stream Target Subscriber Aggregation Router Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Customer Premise IAD Aggregation Router 8

Packet. Cable Voice Intercept – Edge Routers Service Provider Domain in dm Gatekeeper, SIP Proxy, Call Agent A Provisioning of Warrant LI Administration Function Admin CDC Customer Premise IAD (SIP, H. 323, or MGCP based Gateway) CDC DELIVERY FUNCTION CCC Call Control COPS Request Call Control Voice Packets RTP Stream Target Subscriber Law Enforcement Collection Function Aggregation Router Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Customer Premise IAD Aggregation Router 9

Packet. Cable Voice Intercept – Trunking GW Service Provider Domain Provisioning of Warrant LI Administration Function Gatekeeper, SIP Proxy, Call Agent Admin CDC Call Forward to PSTN mi n Law Enforcement Collection Function CDC XCIPIO SSDF DELIVERY FUNCTION CCC MGCP Target Subscriber Voice Packets Call Control Customer Premise IAD (SIP, H. 323, or MGCP based Gateway) Ad Call to Target PSTN Aggregation Router Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Gateway Forwarded Call 10

Proprietary Solutions – Edge Routers Service Provider Domain in dm Gatekeeper, SIP Proxy, Call Agent A Provisioning of Warrant LI Administration Function Admin CDC Customer Premise IAD (SIP, H. 323, or MGCP based Gateway) CDC DELIVERY FUNCTION CCC Call Control Proprietary Request Voice Packets Call Control RTP Stream Target Subscriber Law Enforcement Collection Function Aggregation Router Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Customer Premise IAD Aggregation Router 11

Proprietary Solutions – Trunking GW Service Provider Domain Provisioning of Warrant LI Administration Function Gatekeeper, SIP Proxy, Call Agent Ad mi Admin CDC Call Forward to PSTN n Law Enforcement Collection Function CDC XCIPIO SSDF DELIVERY FUNCTION CCC Proprietary Target Subscriber Voice Packets Call Control Customer Premise IAD (SIP, H. 323, or MGCP based Gateway) Call to Target PSTN Aggregation Router Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. Gateway Forwarded Call 12

Data Intercept via Passive Monitoring Service Provider Domain Provisioning of Warrant LI Administration Function Ad mi AAA Server in Provisioning Report New IP Address Assigned XCIPIO IADF DELIVERY FUNCTION DHCP Authenticate Data Stream Target Subscriber Law Enforcement Collection Function CDC m Ad SNIFFER n SNIFFER CCC Report Intercepted Data Internet Aggregation Router Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 13

Technical Challenges q It is extremely difficult to capture call identifying information and call content in some of the call features, specifically for the features implemented within the customer premise IAD. q Some of the “FBI Punch List” items are extremely difficult to implement since they involve call features implemented within the customer premise IAD. q Dialed Digit Extraction (another Punch List item) is also very difficult to implement. q Most of the network elements (Call Agents, Gatekeepers, Trunking Gateways, Aggregation Routers, CMTS, etc. ) need to support this feature within the distributed IP environment. Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 14

E. 911 Basics q E. 911 establishes a regulatory framework for delivering emergency services over telephony infrastructure q Design and regulations were based on (then) existing circuit- switched infrastructure Ê Packet-based technologies present new challenges within the E. 911 framework – particularly as they relate to location Ê Most Vo. IP deployments currently classify themselves as “secondary line” and “exempt” from E. 911 regulations q E. 911 infrastructure varies widely from large metropolitan areas to small rural locations Ê Metro areas are sophisticated and highly concentrated, operating 24 x 7 Ê Rural areas are often very distributed, only operative during parts of the day, and can be quickly overloaded in the case of emergencies such as flooding, tornados, etc. Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 16

Two Types of “E. 911” Requirements q Statutory Requirements Ê Legal framework requiring carriers to provide Emergency Services Ê Includes Lifeline (power from the switch) Ê Includes 911 Services (routing, call camp, force line open, etc). Ê Applies only to Primary Line services and can be waived by consent of the customer q De. Facto Requirements Ê If a 911 call is dropped or lifeline not delivered, the carrier will most likely be sued Ê Recent court judgments average around $30 million for successful plaintiffs Ê Applies to secondary and primary line – if the victim can prove he/she did not know this was a secondary line (there is no label on the phone), they will most probably win the case Ê Vo. IP is subject to De. Facto Emergency services today Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 17

Aspects of E. 911 Service Four Elements of an E. 911 Service q Lifeline: Providing power to the device in the case of power outage q Signaling: Call state signaling between the switch and the E. 911 trunks to the Public Safety Answering Point (PSAP) q Routing and Name Delivery: Looking up calling party name and address and determining optimal PSAP to send the call to (with backup PSAPs in the case primaries are not available) q PSAP Processing: Automatic Call Distributor (ACD) -level call queuing and features executed at the PSAP Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 18

Lifeline q Phone network does this over twisted pairs q Most Vo. IP solutions are not offering lifeline or are using battery backup q Batteries are often larger and more expensive than the IP terminals themselves q A battery backup could double as a kitchen table q Power over LAN solutions are now available but not widely deployed q Lifeline will be provided by either the end-device manufacturer (battery backup) or the IP network through an access router adjunct system q Lifeline is currently the most difficult of the emergency services to tackle for IP providers Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 19

Signaling q E. 911 calls are processed over dedicated trunks from the switch to the PSAPs q Most 911 trunks today are still MF-based q Spec for SS 7 was approved in the early 90 s, but never widely deployed q In addition to call setup, E. 911 trunks must provide one-way call tear down – only the receiving party can release the circuit. q Few, if any, Media Gateway manufacturers support MF signaling to the E. 911 spec Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 20

Routing and IN Functions q Intelligent Network functions are the core of E. 911 services q When a call is placed to E. 911, the users name and location must be retrieved q Based on location and factors like time of day, a PSAP route list is invoked q Calls are routed to the correct E. 911 trunk with delivery of calling party name and address q SS 8 provides the IN functions for E. 911 today (but assumes static location) q Location is the big issue for call routing Ê If the IP device can be assumed to reside at a static location, traditional E. 911 services are easy to deliver Ê However, this cannot be assumed – the user may take a SIP phone or end device and plug it in to any LAN, register, and make calls Ê Determining the location of the user is an ongoing issue – solutions such as GPS have been proposed, but…. Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 21

PSAP Functionality q At each PSAP, the operator has a series of tools to answer, dispatch and resolve an E. 911 call q PSAP tools are similar to those in a traditional call center, with specific functionality for emergency services q Much of this equipment is currently old and difficult to manage q ACD functions such as queuing, prioritization, session keep-alive, recording, and forwarding/pooling q Currently, PSAPs only take PSTN trunks – eventually this will evolve to complete IP connectivity between the network and the PSAP q IP technology will actually improve many PSAPs by incorporating presence, parallel forking, and PC integration Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 22

Elements of E. 911 (where functions live) q Lifeline Ê End devices (battery) and/or network transmission q Signaling Ê Media Gateways supporting MF and E. 911 SS 7 q IN/Routing Ê IN platform vendors such as SS 8 q PSAP Call Control Ê ACD and PBX providers, including E. 911 providers like Entrado and Telcontrol Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 23

A Basic E. 911 Network Architecture IP-Enabled PSAP Call Routing, Location Services, Calling Party Name/Address (Overall Network Logic) SIP SERVICE CONTROLER Gatekeeper, SIP Proxy, Call Agent SIP IP Access Network Traditional PSAP Carrier Backbone MGW MF Trunks MGCP/ SIP Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 24

Summary q E. 911 will become a major requirement for Vo. IP operators in the near future Ê Legal mandates are being avoided for the moment, but de facto exposure still exists Ê Primary line service is the 2004 goal for most operators q Call Routing and Network logic is currently resolved by vendors like SS 8, but the issue of location is outstanding q Lifeline power services are still evolving q MF interfaces to legacy PSAPs q Evolution of IP-Enabled PSAPs will streamline delivery and help make PSAPs more efficient Copyright © 2003, SS 8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission. 25