WO2020147974A1 - Lawful interception for international communication - Google Patents

Lawful interception for international communication Download PDF

Info

Publication number
WO2020147974A1
WO2020147974A1 PCT/EP2019/051292 EP2019051292W WO2020147974A1 WO 2020147974 A1 WO2020147974 A1 WO 2020147974A1 EP 2019051292 W EP2019051292 W EP 2019051292W WO 2020147974 A1 WO2020147974 A1 WO 2020147974A1
Authority
WO
WIPO (PCT)
Prior art keywords
physical location
communication
target terminal
virtual network
interception
Prior art date
Application number
PCT/EP2019/051292
Other languages
French (fr)
Inventor
Klaus Hoffmann
Original Assignee
Nokia Solutions And Networks Gmbh & Co. Kg
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Solutions And Networks Gmbh & Co. Kg filed Critical Nokia Solutions And Networks Gmbh & Co. Kg
Priority to PCT/EP2019/051292 priority Critical patent/WO2020147974A1/en
Publication of WO2020147974A1 publication Critical patent/WO2020147974A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • H04L63/306Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/80Arrangements enabling lawful interception [LI]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/02Services making use of location information
    • H04W4/029Location-based management or tracking services

Definitions

  • the present invention relates to an apparatus, a method and a computer program product for carrying lawful interception, in particular in case of an international communication.
  • the present specification generally relates to implementation of policies in relation to lawful interception.
  • Telecommunications According to the German Ordinance concerning Technical and Organizational Implementation of Measures for the Interception of Telecommunications ("Telekommunikationsuberwachungsver inch", "TKIJV"), Section 4, it is required that, where the telecommunications system recognizes as part of normal operational procedures that the terminal equipment using the identification to be intercepted is located abroad, the telecommunication shall not be covered, unless the telecommunication to be intercepted is diverted or forwarded to a telecommunications connection or a storage facility located in Germany.
  • TKIJV German Ordinance concerning Technical and Organizational Implementation of Measures for the Interception of Telecommunications
  • Fig. 5 shows a schematic diagram of an example of a system environment in relation to a roaming 5G system architecture in a home routed scenario in reference point representation.
  • FIG. 6 shows a schematic diagram of an example of a system environment, in particular a network function virtualization management and orchestration (NFV-MANO) architectural framework, in reference point representation.
  • NFV-MANO network function virtualization management and orchestration
  • Fig. 7 shows a network topology illustrating showing LI for 5G (service-based representation) with point-to-point LI system. This figure is based ontaken from the agreed NOKIA contribution S3i180378“pCR to draft TS 33.127: Topology diagrams - non-roaming scenario“ which was submitted to 3GPP TSG-SA WG3 LI Meeting #70 and corresponds to figure A.1 -1 of 3GPP TS 33.127 V15.0.0 (2018-12).
  • an interface LI_SI is defined, and between the ADMF and POIs, which may located in NFs such as AMF, UDM, SMF and UPF, for example, an interface LI_X1 is defined.
  • Embodiments of the present invention address this situation and aim to provide measures for providing lawful interception utilizing network function virtualization.
  • an apparatus which comprises at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception, evaluating the received information, and transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
  • a method of a lawful interception management device which comprises:
  • the first and second aspects may be modified as follows:
  • the apparatus or the lawful interception management device may subscribe to the event that the physical location of the at least one virtual network entity and/or the target terminal has changed in order to receive the information.
  • the apparatus or the lawful interception management device may transmit the information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to the at least one network element involved in interception of the communication via a dedicated interface.
  • the information concerning the changed physical location and an identity of the at least one virtual network entity and/or the terminal of which the physical location has changed may be included in an information element.
  • the information concerning the changed physical location of the virtual network entity transmitted to the at least one network element involved in interception may include information whether the virtual network entity is within a predetermined area or not.
  • an apparatus which comprises at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
  • a method of a network element which comprises:
  • the apparatus or the network element may inform the lawful interception management device by transmitting information concerning the physical location of the at least one virtual network entity and/or the physical location of the target terminal via a dedicated interface to the lawful interception management device.
  • the apparatus or the network element may determine the physical location of the at least one virtual network entity and/or the at target terminal by detecting the physical location, by storing information concerning the physical location and referring thereto, and/or by receiving a notification concerning the physical location, and/or by referring to network configuration information.
  • an apparatus which comprises at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location.
  • a method of a network element involved in lawful interception of a communication which comprises:
  • the apparatus or the network element involved in lawful interception of a communication may receive an information element including an identity of a virtual network entity involved in the communication to be intercepted and/or the target terminal, the information element being generated upon creating and/or modifying the communication to be intercepted.
  • the apparatus or the network element involved in lawful interception of a communication may evaluate a headerfield of a packet of the communication to be intercepted, including identities of virtual network entities and/or the target terminal involved in the communication to be intercepted.
  • the apparatus or the network element involved in lawful interception of a communication may determine whether to start, stop or continue an interception of the communication based on a changed location of at least one of the network entities identified to be involved in the communication to be intercepted and/or the target terminal.
  • the communication to be intercepted may be a communication session or a session-less communication.
  • a computer program product which comprises code means for performing a method according to any one of the second, fourth and sixth aspects and/or their modifications when run on a processing means or module.
  • the computer program product may be embodied on a computer- readable medium, and/or the computer program product may be directly loadable into the internal memory of the computer and/or transmittable via a network by means of at least one of upload, download and push procedures.
  • an apparatus which comprises means for receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception, means for evaluating the received information, and means for transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
  • an apparatus which comprises means for determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and means for informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
  • an apparatus which comprises means for receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and means for determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location.
  • the eight to tenth aspects may be modified similar as the first, third and fifth aspects.
  • Fig. 1 shows an ADMF, SIRF/NRF and SMF according to an embodiment
  • Figs. 2A to 2C show procedures carried out by the ADMF, SIRF/NRF and SMF according an embodiment
  • Figs. 3 and 4 show some example procedures carried out in case of a movement of an AMF according to an embodiment
  • Fig. 5 shows a schematic diagram of an example of a system environment in reference point representation
  • Fig. 6 shows a schematic diagram of an example of a system environment in reference point representation
  • Fig. 7 shows a network topology illustrating showing LI for 5G.
  • Fig. 1 shows some elements involved in lawful interception according to an embodiment, in particular an ADMF 1 , an SIRF/NRF 2 and an SMF 3.
  • the ADMF 1 is an example for a first apparatus according to the present embodiment.
  • exemplary embodiments are not limited to an ADMF, and the apparatus may be any kind of network control device.
  • the apparatus 1 may be a lawful interception management device.
  • the SIRF/NRF 2 is an example for a second apparatus of the present embodiment.
  • exemplary embodiments are not limited to an SIRF/NRF, and can be any kind of network element which is able to determine (e.g., by storing corresponding information, detecting or being notified about) a physical location of a network element (VNF).
  • the SMF 3 is an example for a third apparatus.
  • Exemplary embodiments are not limited to an SMF, but may include any kind of network element which is able to carry out the interception, and may include an ICE, POI etc. Moreover, according to exemplary embodiments, between the SIRF/NRF 2 and the ADMF 1 , an Ll- S1 interface is defined, and between the ADMF 1 and the SMF 3, an LI-X1 interface is defined.
  • Fig. 2A illustrates a process carried out by the ADMF 1
  • Fig. 2B illustrates a process carried out by the SIRF/NRF 2
  • Fig. 2C illustrates a process carried out by the SMF 3.
  • the ADMF 1 comprises at least one processor 1 1 and at least one memory 12 including computer program code.
  • the at least one processor 1 1 with the at least one memory 12 and the computer program code, is configured to cause the apparatus to perform: receiving information concerning a changed physical location of at least one virtual network entity (e.g., a VNF) and/or information concerning a physical location of a target terminal for interception (as shown in ST 1 1 in Fig. 2A), evaluating the received information (as shown in ST12 in Fig.
  • a virtual network entity e.g., a VNF
  • the SIRF/NRF 2 comprises at least one processor 21 and at least one memory 22 including computer program code.
  • the at least one processor 21 with the at least one memory 22 and the computer program code, is configured to cause the apparatus to perform: determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed (as shown in ST 21 in Fig. 2B), and informing a lawful interception management device (e.g., ADMF 1 ) about the change of the physical location of the at least one virtual network entity and/or the target terminal (as shown in ST 22 in Fig. 2B).
  • a lawful interception management device e.g., ADMF 1
  • the SMF 3 comprises at least one processor 31 and at least one memory 32 including computer program code.
  • the at least one processor 31 with the at least one memory 32 and the computer program code, is configured to cause the apparatus to perform: receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device (e.g., ADMF 1 ) (as shown in ST 31 in Fig. 2C), and determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location (as shown in ST 32 in Fig. 2C).
  • a lawful interception management device e.g., ADMF 1
  • the interception can be carried out in line with regulations as prescribed by the TKLIV, for example.
  • the determination as to whether the physical location of the at least one virtual network entity and/or the at target terminal has changed can be effected by detecting the physical location, by storing information concerning the physical location and referring thereto, and/or by receiving a notification concerning the physical location, for example.
  • the second apparatus described above may be is notified about this and can thus obtain information about the physical location.
  • the second apparatus is or comprises a network repository function (NRF)
  • NRF network repository function
  • the virtual network entity and/or the target terminal will register with the NRF after a movement, so that in this way the information may be obtained.
  • the OAM/NFVO MANO function which anyhow decides on the location of the VNFs may inform the NRF about the VNFs location.
  • the information concerning the change of the physical location of the virtual network entity and/or the target terminal may be sent from the lawful interception management device (e.g., ADMF 1 ) to the network element carrying out the interception (e.g., SMF 3) may be in form such that an indication is given whether the new physical location is in or out a predetermined area (such as the jurisdiction in which the interception is allowed), or may contain more detailed information concerning the physical location, such as a country code.
  • the ADMF 1 , the SIRF/NFR 2 and the SMF 3 may further comprise input/output (I/O) units or functions 13, 23, 33 connected to the processor 1 1 , 21 , 31 in order to provide connections to other elements.
  • 3GPP LTE / 5G Core / IMS and fixed network take into account the full consequences of NFV (network functions virtualization).
  • NFV network functions virtualization
  • an international communication e.g. a terminal to be intercepted is located outside the predetermined area
  • a storage functionality within Germany as one example of said predetermined area
  • said predetermined area shall be intercepted, but shall not be intercepted if diverted/forwarded only to storage functionalities outside said predetermined area (e.g. Germany).
  • the ADMF shall subscribe at least to one or even more events like for instance physical location of a/the VNF (and/or the physical location of a/the target).
  • the ADMF evaluates this information and informs the ICE/POIs (other VNF like CSCF, AMF, MME, SGW-U and UPF) about this event to start or stop the interception.
  • the ADMF a is suggested to send an indication via the e.g. X1 Interface to other VNF to decide start/continue, or to stop the interception.
  • the intercepting network element should know the identity of a network element involved in the communication to be intercepted, so that it can decide, based on the received information from the ADMF, whether this particular network element has changed its physical location, for example such that it is out of the predetermined area (e.g., Germany).
  • this information element may include the identity of the corresponding network element or VNF (e.g. MME and SMF).
  • the HTTP header“VIA” as standardized in RFC 7230 as for instance carried in Nsmf_PDUSession_CreateSMContext Request and response, Nsmf_PDUSession_UpdateSMContext Request and response or Nsmf_PDUSession_Create Request and response and etc. shall be evaluated in order to recognize whether a particular VNF is participating in this transaction/session/connection/call.
  • this VIA header points to the list of involved http entities so far.
  • any other new HTTP header may serve the same purpose as long as the new header is populated by each entity which is part of the connection/session /call.
  • TS29500 already mandates the use of the VIA header, see ch. 5.2.3.2 TS29500. Furthermore according to RFC7230 any proxy and even a gateway as the 5G VNFs like the SMF must populate the via header in http request and may insert via header in responses.
  • 5G Core Gateways such as the SMFs, populate the via header to the list of via header also in responses.
  • VIA in the e.g. INVITE Request and the Record route header in the 200 OK response and in the provisional responses like 18x (181 , 183 and etc.) which are already collecting the names of the VNFs (P-CSCF, S-CSCF, l-CSCF and etc. See the 3GPPP TS 28229 for IMS) hosting the SIP session. Generally also all other SIP requests and responses are to be handled similarly.
  • the VIA and record route headers are defined in IETF RCF3261 (SIP Session Initiation Protocol).
  • the SIRF System Information Retrieval Function
  • the NRF Network Repository Function
  • VNF e.g. AMF , SMF, UPF , SGW , SGW-C, SGW-U, S-CSCF, l-CSCF, BGCF, MGCF etc.
  • the ADMF retrieves the name(s) of the VNF(s) which changed the location and forwards a new information element including the identity or identities of the relocated VNFs to the other ICE/POIs via the LI_X1 interface in a new or modified LI-X1 message.
  • the ICE/POI’s On receipt of this information at the corresponding ICE/POI’s, the ICE/POI’s shall evaluate the received information about the location of the new instantiated or moved VNF together with the location of the UE or type of communication (international or not international communication) and the location of the ICE/VNF which received the new location about the possibly participating VNF as reported by the ADMF to the ICE/VNF.
  • all the ICE/POI/VNF which received the new message via the X1 interface shall evaluate the content such that it recognizes whether the particular VNF has been moved outside the jurisdiction.
  • this information shall also be evaluated, in order to recognize this and to stop or start/continue the interception again.
  • the ICE/POI logic to start and stop the interception is like follows:
  • the ICE/POI after receiving the information from the ADMF, determines whether the target terminal or a VNF involved in the communication session to be intercepted has changed its location, e.g., whether it is out of the jurisdiction (the predetermined area such as Germany, for example). If this is the case, the ICE/POI starts/continues the interception, otherwise the ICE/POI stops the interception or does not start the interception.
  • Fig. 3 illustrates an example in which the AMF (as an example VNFx) has moved.
  • the movement of the AMF is indicated by using the rectangle enclosed in dashed lines.
  • the NFVO (not shown in the figure) initiates the physical move/relocation of the virtualized AMF and where the AMF in accordance with TS 23501 and TS 23502 itself registers with the NRF after the relocation to inform the NRF about the new location.
  • the AMF has moved to a new jurisdiction.
  • the SIRF/NRF is informed about the new jurisdiction (i.e., about the changed physical location of the AMF).
  • the SIRF/NRF informs the ADMF that the AMF has moved to the new jurisdiction.
  • the ADMF informs the SMF about the new jurisdiction of the AMF or that the AMF has moved inside/outside the jurisdiction of the network in which the SMF is located.
  • the SMF i.e., VNFs/POI
  • Fig. 4 illustrates an example in which the NFVO (not shown in the figure) initiates the physical move/relocation, but the OAM informs the NRF about a movement of the AMF to/from jurisdiction or explicit country, instead being notified by the AMF itself as in the Figure 3.
  • the AMF moves to the new jurisdiction.
  • the movement of the AMF is indicated by using the rectangle enclosed in dashed lines.
  • the SIRF/NRF is informed about the new jurisdiction, and informs the ADMF that the VNFx/AMF has moved to the new jurisdiction. Then, the ADMF informs the VNFs/POI about the new jurisdiction of the VNFx/AMF.
  • the SMF i.e., VNFs/POI
  • the information about the location of VNF is not publicly revealed in the control plane of the 5G core and or the IMS system. Operator may not wish to sent such information around.
  • the VNFs do not explicitly need to query the NRF on its own about the location of the VNFs, since the ADMF informed them via the X1 interface.
  • the information concerning the physical location of a VNF or a target terminal comprises an information concerning the jurisdiction.
  • the information may only indicate whetherthe VNF or the target terminal is located in the jurisdiction (e.g., Germany) in which the interception is allowed.
  • the information concerning the physical location may include the actual position of the VNF in coordinates on a map or the like, or may include an area within the jurisdiction (e.g., a town or the like).
  • the information concerning the physical location sent to the SMF 3 (or a corresponding apparatus) may contain information about the jurisdiction only, whereas the information sent by the SIRF/NRF may contain detailed information about the location of the VNF and/or the target terminal.
  • CC country code
  • ITU-T E.164 Telephone plan for signaling of the jurisdiction, for instance, some kind of country code (CC) as for instance known from the ITU-T E.164 Telephone plan may be used, for example, +49 for Germany.
  • CC country code
  • any other presentation/definition instead of the CC may be utilized as well, as long as it is specified and all the involved partners know, support and agree on the same definition for the jurisdiction.
  • Names of network elements, protocols, and methods are based on current standards. In other versions or other technologies, the names of these network elements and/or protocols and/or methods may be different, as long as they provide a corresponding functionality.
  • example embodiments may be implemented by computer software stored in the memory (memory resources, memory circuitry) 12, 22, 32 and executable by the processor (processing resources, processing circuitry) 1 1 , 21 , 31 or by hardware, or by a combination of software and/or firmware and hardware.
  • circuitry refers to all of the following: (a) hardware-only circuit implementations (such as implementations in only analog and/or digital circuitry) and
  • circuits such as a microprocessor(s) or a portion of a microprocessor(s), that require software or firmware for operation, even if the software or firmware is not physically present.
  • circuitry applies to all uses of this term in this application, including in any claims.
  • circuitry would also cover an implementation of merely a processor (or multiple processors) or portion of a processor and its (or their) accompanying software and/or firmware.
  • circuitry would also cover, for example and if applicable to the particular claim element, a baseband integrated circuit or applications processor integrated circuit for a mobile phone or a similar integrated circuit in server, a cellular network device, or other network device.
  • connection means any connection or coupling, either direct or indirect, between two or more elements, and may encompass the presence of one or more intermediate elements between two elements that are “connected” or “coupled” together.
  • the coupling or connection between the elements can be physical, logical, or a combination thereof.
  • two elements may be considered to be “connected” or “coupled” together by the use of one or more wires, cables and printed electrical connections, as well as by the use of electromagnetic energy, such as electromagnetic energy having wavelengths in the radio frequency region, the microwave region and the optical (both visible and invisible) region, as non limiting examples.
  • the memory (memory resources, memory circuitry) 12, 22, 32 may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory, and non-transitory computer-readable media.
  • the processor (processing resources, processing circuitry) 1 1 , 21 , 31 may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs) and processors based on a multi core processor architecture, as non-limiting examples.

Abstract

An apparatus and a method are described by which, for example a lawful interception management device, receives information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception, evaluates the received information, and transmits information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.

Description

LAWFUL INTERCEPTION FOR INTERNATIONAL COMMUNICATION
Field of the Invention
The present invention relates to an apparatus, a method and a computer program product for carrying lawful interception, in particular in case of an international communication.
Related background Art
The following meanings for the abbreviations used in this specification apply:
3GPP Third Generation Partnership Project
ADMF Administrative Function
AMF Access and Mobility Management Function
BGCF Border Gateway Control Function
BSS Business Support System
CSCF Call Session Control Function
EM Element Manager
IMS IP Multimedia System
IBCF Interconnection Border Control Function
ICE Intercepting Control Element (Intercepting Entity)
LTE Long Term Evolution
MANO Management and Orchestration
MGCF Media Gateway Control Function
MME Mobility Management Entity
NF Network Function
NFVO . Network Function Virtualization Orchestrator
NRF Network Repository Function
OAM Operation, Administration and Maintenance
P-CSCF Proxy-CSCF
PGW PDN Gateway
PGW-C PGW Control Plane
PGW-U PGW User Plane
POI Point of Interception S-CSCF Session-CSCF
SBA Service Based Architecture
SEPP Security Edge Protection Proxy
SGW Serving Gateway
SGW-C SGW Control Plane
SGW-U SGW User Plane
SIRF System Information Retrieval Function
SMF Session Management Function
TKUV "Telekommunikationsuberwachungsverordnung
UDM Unified Data Management
UE User Equipment
UPF User Plane Function
VNF Virtual NF
The present specification generally relates to implementation of policies in relation to lawful interception.
According to the German Ordinance concerning Technical and Organizational Implementation of Measures for the Interception of Telecommunications ("Telekommunikationsuberwachungsverordnung", "TKIJV"), Section 4, it is required that, where the telecommunications system recognizes as part of normal operational procedures that the terminal equipment using the identification to be intercepted is located abroad, the telecommunication shall not be covered, unless the telecommunication to be intercepted is diverted or forwarded to a telecommunications connection or a storage facility located in Germany.
Similar principles and policies are set out for other countries within and outside the European Union. Accordingly, the present invention as set out below is not limited to implementation pf principles according to the TKIJV.
Fig. 5 shows a schematic diagram of an example of a system environment in relation to a roaming 5G system architecture in a home routed scenario in reference point representation.
Presently, utilization of network function virtualization is increasing. Fig. 6 shows a schematic diagram of an example of a system environment, in particular a network function virtualization management and orchestration (NFV-MANO) architectural framework, in reference point representation.
Fig. 7 shows a network topology illustrating showing LI for 5G (service-based representation) with point-to-point LI system. This figure is based ontaken from the agreed NOKIA contribution S3i180378“pCR to draft TS 33.127: Topology diagrams - non-roaming scenario“ which was submitted to 3GPP TSG-SA WG3 LI Meeting #70 and corresponds to figure A.1 -1 of 3GPP TS 33.127 V15.0.0 (2018-12). In particular, between a network repository function (NRF) and an ADMF, an interface LI_SI is defined, and between the ADMF and POIs, which may located in NFs such as AMF, UDM, SMF and UPF, for example, an interface LI_X1 is defined.
An implementation of principles and policies in relation to lawful interception when utilizing network function virtualization is not known.
Hence, the problem arises that principles and policies in relation to lawful interception in particular in case of an international communication to be intercepted cannot be applied in network scenarios utilizing network function virtualization.
Hence, there is a need to provide for lawful interception also in case of an international communication in network scenarios utilizing network function virtualization.
Summary of the Invention
Embodiments of the present invention address this situation and aim to provide measures for providing lawful interception utilizing network function virtualization.
According to a first aspect, an apparatus is provided which comprises at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception, evaluating the received information, and transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
According to a second aspect, a method of a lawful interception management device is provided which comprises:
receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception,
evaluating the received information, and
transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
The first and second aspects may be modified as follows:
The apparatus or the lawful interception management device may subscribe to the event that the physical location of the at least one virtual network entity and/or the target terminal has changed in order to receive the information.
The apparatus or the lawful interception management device may transmit the information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to the at least one network element involved in interception of the communication via a dedicated interface.
The information concerning the changed physical location and an identity of the at least one virtual network entity and/or the terminal of which the physical location has changed may be included in an information element.
The information concerning the changed physical location of the virtual network entity transmitted to the at least one network element involved in interception may include information whether the virtual network entity is within a predetermined area or not.
According to a third aspect, an apparatus is provided which comprises at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
According to a fourth aspect, a method of a network element is provided which comprises:
determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and
informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
The third and fourth aspects may be modified as follows:
The apparatus or the network element may inform the lawful interception management device by transmitting information concerning the physical location of the at least one virtual network entity and/or the physical location of the target terminal via a dedicated interface to the lawful interception management device.
The apparatus or the network element may determine the physical location of the at least one virtual network entity and/or the at target terminal by detecting the physical location, by storing information concerning the physical location and referring thereto, and/or by receiving a notification concerning the physical location, and/or by referring to network configuration information.
According to a fifth aspect, an apparatus is provided which comprises at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform: receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location. According to a sixth aspect, a method of a network element involved in lawful interception of a communication is provided which comprises:
receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and
determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location.
The fifth and sixth aspects may be modified as follows:
The apparatus or the network element involved in lawful interception of a communication may receive an information element including an identity of a virtual network entity involved in the communication to be intercepted and/or the target terminal, the information element being generated upon creating and/or modifying the communication to be intercepted.
The apparatus or the network element involved in lawful interception of a communication may evaluate a headerfield of a packet of the communication to be intercepted, including identities of virtual network entities and/or the target terminal involved in the communication to be intercepted.
The apparatus or the network element involved in lawful interception of a communication may determine whether to start, stop or continue an interception of the communication based on a changed location of at least one of the network entities identified to be involved in the communication to be intercepted and/or the target terminal.
In all aspects described above, the communication to be intercepted may be a communication session or a session-less communication.
According to an seventh aspect of the present invention a computer program product is provided which comprises code means for performing a method according to any one of the second, fourth and sixth aspects and/or their modifications when run on a processing means or module. The computer program product may be embodied on a computer- readable medium, and/or the computer program product may be directly loadable into the internal memory of the computer and/or transmittable via a network by means of at least one of upload, download and push procedures.
According to an eighth aspect an apparatus is provided which comprises means for receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception, means for evaluating the received information, and means for transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
According to an ninth aspect an apparatus is provided which comprises means for determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and means for informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
According to an ninth aspect an apparatus is provided which comprises means for receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and means for determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location.
The eight to tenth aspects may be modified similar as the first, third and fifth aspects.
Brief Description of the Drawings
These and other objects, features, details and advantages will become more fully apparent from the following detailed description of embodiments of the present invention which is to be taken in conjunction with the appended drawings, in which:
Fig. 1 shows an ADMF, SIRF/NRF and SMF according to an embodiment, Figs. 2A to 2C show procedures carried out by the ADMF, SIRF/NRF and SMF according an embodiment,
Figs. 3 and 4 show some example procedures carried out in case of a movement of an AMF according to an embodiment,
Fig. 5 shows a schematic diagram of an example of a system environment in reference point representation,
Fig. 6 shows a schematic diagram of an example of a system environment in reference point representation, and
Fig. 7 shows a network topology illustrating showing LI for 5G.
Detailed Description of embodiments
In the following, description will be made to embodiments of the present invention. It is to be understood, however, that the description is given by way of example only, and that the described embodiments are by no means to be understood as limiting the present invention thereto.
In the following, a general overview of some embodiments is described by referring to Figs. 1 and 2.
Fig. 1 shows some elements involved in lawful interception according to an embodiment, in particular an ADMF 1 , an SIRF/NRF 2 and an SMF 3.
The ADMF 1 is an example for a first apparatus according to the present embodiment. However, exemplary embodiments are not limited to an ADMF, and the apparatus may be any kind of network control device. For example, the apparatus 1 may be a lawful interception management device. The SIRF/NRF 2 is an example for a second apparatus of the present embodiment. However, exemplary embodiments are not limited to an SIRF/NRF, and can be any kind of network element which is able to determine (e.g., by storing corresponding information, detecting or being notified about) a physical location of a network element (VNF). The SMF 3 is an example for a third apparatus. Exemplary embodiments are not limited to an SMF, but may include any kind of network element which is able to carry out the interception, and may include an ICE, POI etc. Moreover, according to exemplary embodiments, between the SIRF/NRF 2 and the ADMF 1 , an Ll- S1 interface is defined, and between the ADMF 1 and the SMF 3, an LI-X1 interface is defined.
Fig. 2A illustrates a process carried out by the ADMF 1 , Fig. 2B illustrates a process carried out by the SIRF/NRF 2, and Fig. 2C illustrates a process carried out by the SMF 3.
The ADMF 1 comprises at least one processor 1 1 and at least one memory 12 including computer program code. The at least one processor 1 1 , with the at least one memory 12 and the computer program code, is configured to cause the apparatus to perform: receiving information concerning a changed physical location of at least one virtual network entity (e.g., a VNF) and/or information concerning a physical location of a target terminal for interception (as shown in ST 1 1 in Fig. 2A), evaluating the received information (as shown in ST12 in Fig. 2A, and transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element (e.g., SMF 3) involved in interception of a communication based on the evaluation (as shown in ST 13 in Fig. 2A).
The SIRF/NRF 2 comprises at least one processor 21 and at least one memory 22 including computer program code. The at least one processor 21 , with the at least one memory 22 and the computer program code, is configured to cause the apparatus to perform: determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed (as shown in ST 21 in Fig. 2B), and informing a lawful interception management device (e.g., ADMF 1 ) about the change of the physical location of the at least one virtual network entity and/or the target terminal (as shown in ST 22 in Fig. 2B).
The SMF 3 comprises at least one processor 31 and at least one memory 32 including computer program code. The at least one processor 31 , with the at least one memory 32 and the computer program code, is configured to cause the apparatus to perform: receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device (e.g., ADMF 1 ) (as shown in ST 31 in Fig. 2C), and determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location (as shown in ST 32 in Fig. 2C).
Thus, in this way it is possible to perform lawful interception in a network function virtualization such that the interception may be started/continued or stopped based on the physical location of the target terminal or a virtual network function involved in the communication to be intercepted. Thus, the interception can be carried out in line with regulations as prescribed by the TKLIV, for example.
The determination as to whether the physical location of the at least one virtual network entity and/or the at target terminal has changed, as carried out, e.g., in ST 22 by the SIRF/NFR, can be effected by detecting the physical location, by storing information concerning the physical location and referring thereto, and/or by receiving a notification concerning the physical location, for example.
For example, when a virtual network entity and/or the target terminal moves and registers with a network control element, the second apparatus described above may be is notified about this and can thus obtain information about the physical location. For example, when the second apparatus is or comprises a network repository function (NRF), the virtual network entity and/or the target terminal will register with the NRF after a movement, so that in this way the information may be obtained. Alternatively, the OAM/NFVO MANO function, which anyhow decides on the location of the VNFs may inform the NRF about the VNFs location.
The information concerning the change of the physical location of the virtual network entity and/or the target terminal may be sent from the lawful interception management device (e.g., ADMF 1 ) to the network element carrying out the interception (e.g., SMF 3) may be in form such that an indication is given whether the new physical location is in or out a predetermined area (such as the jurisdiction in which the interception is allowed), or may contain more detailed information concerning the physical location, such as a country code. It is noted that the ADMF 1 , the SIRF/NFR 2 and the SMF 3 (or the corresponding apparatuses) may further comprise input/output (I/O) units or functions 13, 23, 33 connected to the processor 1 1 , 21 , 31 in order to provide connections to other elements.
In the following, some exemplary embodiments are described in more detail.
According to some embodiments, it is achieved that 3GPP LTE / 5G Core / IMS and fixed network take into account the full consequences of NFV (network functions virtualization). As it is stated in the TKLIV in section 4 it is required that for instance an international communication which is diverted/forwarded to a storage functionality within Germany shall be intercepted, but shall not be intercepted if diverted/forwarded to a storage functionality outside Germany.
In more general terms, it is required that for instance an international communication (e.g. a terminal to be intercepted is located outside the predetermined area) which is diverted/forwarded to a storage functionality within Germany (as one example of said predetermined area) shall be intercepted, but shall not be intercepted if diverted/forwarded only to storage functionalities outside said predetermined area (e.g. Germany).
According to some embodiments, the ADMF shall subscribe at least to one or even more events like for instance physical location of a/the VNF (and/or the physical location of a/the target). The ADMF evaluates this information and informs the ICE/POIs (other VNF like CSCF, AMF, MME, SGW-U and UPF) about this event to start or stop the interception. For instance, once the ADMF is notified about the new/changed location of the VNF, the ADMF a) is suggested to send an indication via the e.g. X1 Interface to other VNF to decide start/continue, or to stop the interception.
For evaluating whether to start, continue or stop the interception, the intercepting network element (POI etc.) should know the identity of a network element involved in the communication to be intercepted, so that it can decide, based on the received information from the ADMF, whether this particular network element has changed its physical location, for example such that it is out of the predetermined area (e.g., Germany). In order to solve this problem in 3G and/or 4G Core without SBA it is suggested to introduce a new information element e.g. sent from the MME to the SGW and vice versa at least in the Create Session Request and Create Session Response message and etc. and the like in the Modify request and response for handover situation and etc. This information element may include the identity of the corresponding network element or VNF (e.g. MME and SMF).
Alternatively, in order to solve this problem in 5G Core with SBA, it is suggested that on receipt of the SBA protocol method the HTTP header“VIA” as standardized in RFC 7230 as for instance carried in Nsmf_PDUSession_CreateSMContext Request and response, Nsmf_PDUSession_UpdateSMContext Request and response or Nsmf_PDUSession_Create Request and response and etc. shall be evaluated in order to recognize whether a particular VNF is participating in this transaction/session/connection/call. According to RFC7230 this VIA header points to the list of involved http entities so far. Of course, any other new HTTP header may serve the same purpose as long as the new header is populated by each entity which is part of the connection/session /call.
TS29500 already mandates the use of the VIA header, see ch. 5.2.3.2 TS29500. Furthermore according to RFC7230 any proxy and even a gateway as the 5G VNFs like the SMF must populate the via header in http request and may insert via header in responses.
Therefore, given this fact, it is reasonable to require that 5G Core Gateways, such as the SMFs, populate the via header to the list of via header also in responses.
Similarly in case of SIP as in the IMS there are the VIA in the e.g. INVITE Request and the Record route header in the 200 OK response and in the provisional responses like 18x (181 , 183 and etc.) which are already collecting the names of the VNFs (P-CSCF, S-CSCF, l-CSCF and etc. See the 3GPPP TS 28229 for IMS) hosting the SIP session. Generally also all other SIP requests and responses are to be handled similarly. The VIA and record route headers are defined in IETF RCF3261 (SIP Session Initiation Protocol).
It is suggested that the SIRF (System Information Retrieval Function) and/or the NRF (Network Repository Function) reports e.g. via the LI_SI interface to the ADMF the new location either inside or outside the jurisdiction or the explicit“name” of the country where the VNF now is residing of an ICE/POI or VNF (e.g. AMF , SMF, UPF , SGW , SGW-C, SGW-U, S-CSCF, l-CSCF, BGCF, MGCF etc.). Even in case of initial instantiation of a VNF the aforementioned location information shall be sent via the ADM to the other ICE/VNFs. The ADMF retrieves the name(s) of the VNF(s) which changed the location and forwards a new information element including the identity or identities of the relocated VNFs to the other ICE/POIs via the LI_X1 interface in a new or modified LI-X1 message.
On receipt of this information at the corresponding ICE/POI’s, the ICE/POI’s shall evaluate the received information about the location of the new instantiated or moved VNF together with the location of the UE or type of communication (international or not international communication) and the location of the ICE/VNF which received the new location about the possibly participating VNF as reported by the ADMF to the ICE/VNF.
Therefore, based on this information, all the ICE/POI/VNF which received the new message via the X1 interface shall evaluate the content such that it recognizes whether the particular VNF has been moved outside the jurisdiction. Of course, once a VNF is moved back into the jurisdiction this information shall also be evaluated, in order to recognize this and to stop or start/continue the interception again.
The ICE/POI logic to start and stop the interception is like follows:
Check if at least one UE is outside the jurisdiction, if at least one Partner UE or participating VNF is within the jurisdiction then start/continue the interception. If no partner UE and no participating VNF is within the jurisdiction then stop, don’t start the interception.
That is, in broader terms, the ICE/POI, after receiving the information from the ADMF, determines whether the target terminal or a VNF involved in the communication session to be intercepted has changed its location, e.g., whether it is out of the jurisdiction (the predetermined area such as Germany, for example). If this is the case, the ICE/POI starts/continues the interception, otherwise the ICE/POI stops the interception or does not start the interception.
In the following, two examples are shortly described by referring to Figs. 3 and 4, which are both based on the network topology shown in Fig. 7.
Fig. 3 illustrates an example in which the AMF (as an example VNFx) has moved. The movement of the AMF is indicated by using the rectangle enclosed in dashed lines. In this example/figure the NFVO (not shown in the figure) initiates the physical move/relocation of the virtualized AMF and where the AMF in accordance with TS 23501 and TS 23502 itself registers with the NRF after the relocation to inform the NRF about the new location. Here, it is assumed that the AMF has moved to a new jurisdiction. The SIRF/NRF is informed about the new jurisdiction (i.e., about the changed physical location of the AMF). The SIRF/NRF informs the ADMF that the AMF has moved to the new jurisdiction. Then, the ADMF informs the SMF about the new jurisdiction of the AMF or that the AMF has moved inside/outside the jurisdiction of the network in which the SMF is located. The SMF (i.e., VNFs/POI) compares the new jurisdiction of the ID of the AMF or evaluates the information about the ID of the AMF being inside or outside the jurisdiction of the network (e.g., of a certain network provider) with those signalled NFV IDs in the protocol information of participating nodes (e.g. VNFx/AMF) in order to start/stop interception.
Fig. 4 illustrates an example in which the NFVO (not shown in the figure) initiates the physical move/relocation, but the OAM informs the NRF about a movement of the AMF to/from jurisdiction or explicit country, instead being notified by the AMF itself as in the Figure 3. Thus, similar as in case of Fig. 3, the AMF moves to the new jurisdiction. Similar as in Fig. 3, the movement of the AMF is indicated by using the rectangle enclosed in dashed lines. The SIRF/NRF is informed about the new jurisdiction, and informs the ADMF that the VNFx/AMF has moved to the new jurisdiction. Then, the ADMF informs the VNFs/POI about the new jurisdiction of the VNFx/AMF. The SMF (i.e., VNFs/POI) compares the new jurisdiction of the VNFx/AMF with signalled ID of participating nodes (e.g. VNFx/AMF) in order to start/stop interception.
It is noted that movement shown in Figs. 3 and 4 is just an example, instantiation and de-instantiation are further examples.
Moreover, with usage of the LI_XI interface the information about the location of VNF is not publicly revealed in the control plane of the 5G core and or the IMS system. Operator may not wish to sent such information around. Furthermore, the VNFs do not explicitly need to query the NRF on its own about the location of the VNFs, since the ADMF informed them via the X1 interface.
The following modifications may be made to the embodiments described above:
According to some exemplary embodiments, the information concerning the physical location of a VNF or a target terminal comprises an information concerning the jurisdiction. E.g., the information may only indicate whetherthe VNF or the target terminal is located in the jurisdiction (e.g., Germany) in which the interception is allowed. However, alternatively the information concerning the physical location may include the actual position of the VNF in coordinates on a map or the like, or may include an area within the jurisdiction (e.g., a town or the like). Moreover, the information concerning the physical location sent to the SMF 3 (or a corresponding apparatus) may contain information about the jurisdiction only, whereas the information sent by the SIRF/NRF may contain detailed information about the location of the VNF and/or the target terminal.
According to a further exemplary embodiment, for signaling of the jurisdiction, for instance, some kind of country code (CC) as for instance known from the ITU-T E.164 Telephone plan may be used, for example, +49 for Germany. However, any other presentation/definition instead of the CC may be utilized as well, as long as it is specified and all the involved partners know, support and agree on the same definition for the jurisdiction.
Names of network elements, protocols, and methods are based on current standards. In other versions or other technologies, the names of these network elements and/or protocols and/or methods may be different, as long as they provide a corresponding functionality.
In general, the example embodiments may be implemented by computer software stored in the memory (memory resources, memory circuitry) 12, 22, 32 and executable by the processor (processing resources, processing circuitry) 1 1 , 21 , 31 or by hardware, or by a combination of software and/or firmware and hardware.
As used in this application, the term "circuitry" refers to all of the following: (a) hardware-only circuit implementations (such as implementations in only analog and/or digital circuitry) and
(b) to combinations of circuits and software (and/or firmware), such as (as applicable): (i) to a combination of processor(s) or (ii) to portions of processor(s)/software (including digital signal processor(s)), software, and memory(ies) that work together to cause an apparatus, such as a mobile phone or server, to perform various functions) and
(c) to circuits, such as a microprocessor(s) or a portion of a microprocessor(s), that require software or firmware for operation, even if the software or firmware is not physically present.
This definition of "circuitry" applies to all uses of this term in this application, including in any claims. As a further example, as used in this application, the term "circuitry" would also cover an implementation of merely a processor (or multiple processors) or portion of a processor and its (or their) accompanying software and/or firmware. The term "circuitry" would also cover, for example and if applicable to the particular claim element, a baseband integrated circuit or applications processor integrated circuit for a mobile phone or a similar integrated circuit in server, a cellular network device, or other network device.
The terms "connected," "coupled," or any variant thereof, mean any connection or coupling, either direct or indirect, between two or more elements, and may encompass the presence of one or more intermediate elements between two elements that are "connected" or "coupled" together. The coupling or connection between the elements can be physical, logical, or a combination thereof. As employed herein two elements may be considered to be "connected" or "coupled" together by the use of one or more wires, cables and printed electrical connections, as well as by the use of electromagnetic energy, such as electromagnetic energy having wavelengths in the radio frequency region, the microwave region and the optical (both visible and invisible) region, as non limiting examples.
The memory (memory resources, memory circuitry) 12, 22, 32 may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory, and non-transitory computer-readable media. The processor (processing resources, processing circuitry) 1 1 , 21 , 31 may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs) and processors based on a multi core processor architecture, as non-limiting examples.
It is to be understood that the above description is illustrative of the invention and is not to be construed as limiting the invention. Various modifications and applications may occur to those skilled in the art without departing from the true spirit and scope of the invention as defined by the appended claims.

Claims

1 . An apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform:
receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception,
evaluating the received information, and
transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
2. The apparatus according to claim 1 , wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
subscribing to the event that the physical location of the at least one virtual network entity and/or the target terminal has changed in order to receive the information.
3. The apparatus according to claim 1 or 2, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
transmitting the information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to the at least one network element involved in interception of the communication via a dedicated interface.
4. The apparatus according to claim 3, wherein the information concerning the changed physical location and an identity of the at least one virtual network entity and/or the terminal of which the physical location has changed is included in an information element.
5. The apparatus according to any one of the claims 1 to 4, wherein the information concerning the changed physical location of the virtual network entity transmitted to the at least one network element involved in interception includes information whether the virtual network entity is within a predetermined area or not.
6. The apparatus according to any one of the claims 1 to 5, wherein the communication to be intercepted is a communication session or a session-less communication.
7. An apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform:
determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and
informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
8. The apparatus according to claim 7, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
informing the lawful interception management device by transmitting information concerning the physical location of the at least one virtual network entity and/or the physical location of the target terminal via a dedicated interface to the lawful interception management device.
9. The apparatus according to claim 7 or 8, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
determining the physical location of the at least one virtual network entity and/or the at target terminal by detecting the physical location, by storing information concerning the physical location and referring thereto, and/or by receiving a notification concerning the physical location, and/or by referring to network configuration information.
10. The apparatus according to any one of the claims 7 to 9, wherein the communication to be intercepted is a communication session or a session-less communication.
1 1 . An apparatus comprising at least one processor and at least one memory including computer program code, the at least one memory and the computer program code configured to, with the at least one processor, cause the apparatus at least to perform:
receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and
determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location.
12. The apparatus according to claim 1 1 , wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
receiving an information element including an identity of a virtual network entity involved in the communication to be intercepted and/or the target terminal, the information element being generated upon creating and/or modifying the communication to be intercepted.
13. The apparatus according to claim 1 1 , wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
evaluating a header field of a packet of the communication to be intercepted, including identities of virtual network entities and/or the target terminal involved in the communication to be intercepted.
14. The apparatus according to any one of the claims 1 1 to 13, wherein the at least one memory and the computer program code are configured to, with the at least one processor, cause the apparatus to further perform:
determining whether to start, stop or continue an interception of the communication based on a changed location of at least one of the network entities identified to be involved in the communication to be intercepted and/or the target terminal.
15. The apparatus according to any one of the claims 1 1 to 14, wherein the communication to be intercepted is a communication session or a session-less communication.
16. A method of a lawful interception management device, comprising:
receiving information concerning a changed physical location of a at least one virtual network entity and/or information concerning a physical location of a target terminal for interception,
evaluating the received information, and
transmitting information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to at least one network element involved in interception of a communication based on the evaluation.
17. The method according to claim 16, further comprising:
subscribing to the event that the physical location of the at least one virtual network entity and/or the target terminal has changed in order to receive the information.
18. The method according to claim 16 or 17, further comprising:
transmitting the information concerning the changed physical location of the at least one virtual network entity and/or the target terminal to the at least one network element involved in interception of the communication via a dedicated interface.
19. The method according to claim 18, wherein the information concerning the changed physical location and an identity of the at least one virtual network entity and/or the terminal of which the physical location has changed is included in an information element.
20. The method according to any one of the claims 16 to 19, wherein the information concerning the changed physical location of the virtual network entity transmitted to the at least one network element involved in interception includes information whether the virtual network entity is within a predetermined area or not.
21 . The method according to any one of the claims 16 to 20, wherein the communication to be intercepted is a communication session or a session-less communication.
22. A method of a network element, comprising:
determining whether a physical location of a at least one virtual network entity and/or a physical location of a target terminal for interception has changed, and
informing a lawful interception management device about the change of the physical location of the at least one virtual network entity and/or the target terminal.
23. The method according to claim 22, further comprising:
informing the lawful interception management device by transmitting information concerning the physical location of the at least one virtual network entity and/or the physical location of the target terminal via a dedicated interface to the lawful interception management device.
24. The method according to claim 22 or 23, further comprising:
determining the physical location of the at least one virtual network entity and/or the at target terminal by detecting the physical location, by storing information concerning the physical location and referring thereto, and/or by receiving a notification concerning the physical location, and/or by referring to network configuration information.
25. The method according to any one of the claims 22 to 24, wherein the communication to be intercepted is a communication session or a session-less communication.
26. A method of a network element involved in lawful interception of a communication, comprising:
receiving information concerning a changed physical location of at least one virtual network entity and/or a target terminal for interception from a lawful interception management device, and
determining whether to start, stop or continue an interception of a communication of the target terminal based on the received information concerning the changed physical location.
27. The method according to claim 26, further comprising:
receiving an information element including an identity of a virtual network entity involved in the communication to be intercepted and/or the target terminal, the information element being generated upon creating and/or modifying the communication to be intercepted.
28. The method according to claim 26, further comprising:
evaluating a header field of a packet of the communication to be intercepted, including identities of virtual network entities and/or the target terminal involved in the communication to be intercepted.
29. The method according to any one of the claims 26 to 28, further comprising: determining whether to start, stop or continue an interception of the communication based on a changed location of at least one of the network entities identified to be involved in the communication to be intercepted and/or the target terminal.
30. The method according to any one of the claims 26 to 29, wherein the communication to be intercepted is a communication session or a session-less communication.
31 . A computer program product comprising code means for performing a method according to any one of the claims 16 to 30 when run on a processing means or module.
32. The computer program product according to claim 31 , wherein the computer program product is embodied on a computer-readable medium, and/or the computer program product is directly loadable into the internal memory of the computer and/or transmittable via a network by means of at least one of upload, download and push procedures.
PCT/EP2019/051292 2019-01-18 2019-01-18 Lawful interception for international communication WO2020147974A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2019/051292 WO2020147974A1 (en) 2019-01-18 2019-01-18 Lawful interception for international communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2019/051292 WO2020147974A1 (en) 2019-01-18 2019-01-18 Lawful interception for international communication

Publications (1)

Publication Number Publication Date
WO2020147974A1 true WO2020147974A1 (en) 2020-07-23

Family

ID=65041774

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/051292 WO2020147974A1 (en) 2019-01-18 2019-01-18 Lawful interception for international communication

Country Status (1)

Country Link
WO (1) WO2020147974A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016060597A1 (en) * 2014-10-16 2016-04-21 Telefonaktiebolaget L M Ericsson (Publ) Lawful intercept management modules and methods for li configuration of an internal interception function in a cloud based network

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016060597A1 (en) * 2014-10-16 2016-04-21 Telefonaktiebolaget L M Ericsson (Publ) Lawful intercept management modules and methods for li configuration of an internal interception function in a cloud based network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Security; Lawful Interception (LI) architecture and functions (Release 15)", 17 December 2018 (2018-12-17), XP051545485, Retrieved from the Internet <URL:http://www.3gpp.org/ftp/3guInternal/3GPP%5Fultimate%5Fversions%5Fto%5Fbe%5Ftransposed/sentToDpc/33127%2Df00%2Ezip> [retrieved on 20181217] *
"3rd Generation Partnership Project; Technical Specification Group Services and Systems Aspects; Study on Lawful Interception (LI) service in 5G (Release 15)", 13 April 2018 (2018-04-13), XP051438588, Retrieved from the Internet <URL:http://www.3gpp.org/ftp/tsg%5Fsa/WG3%5FSecurity/TSGS3%5FLI/2018%5F69%5FNewportBeach/Docs/> [retrieved on 20180413] *
"Network Feature Virtualisation; Security; Lawful Interception problem statement and consequences for NFV;ETSI GS abc xxx", ETSI DRAFT; ETSI GS ABC XXX, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI), 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS ; FRANCE, vol. ISG - NFV, no. V0.0.6, 14 May 2015 (2015-05-14), pages 1 - 28, XP014241999 *

Similar Documents

Publication Publication Date Title
EP1839421B1 (en) A method and apparatus for handling emergency calls in a packet switched radio access network
CN107509184B (en) Determination method, device, equipment, medium and server for access domain
US11063990B2 (en) Originating caller verification via insertion of an attestation parameter
US8340084B2 (en) System and method for indicating circuit switched access at IMS registration
US20190380028A1 (en) User equipment identity implementation in mobile edge scenarios
US20130195076A1 (en) Handover of ermergency calls from a circuit switched to a packet switched access network
EP2112799A1 (en) Service integrity handling in an IMS-based system
US11165834B2 (en) Voice service restoration after element failure
WO2019144935A1 (en) Communication method and communication device
US8335485B2 (en) Call routing
US20170093929A1 (en) Managing interaction constraints
CN103155511A (en) Connection control with b2bua located behind nat gateway
US10033549B2 (en) Inter-network connection control device, and connection control method
US9762621B2 (en) Call routing for IP multimedia subsystem users
US10841345B2 (en) Processing of signalling messages in a system comprising several core networks
US20230072838A1 (en) Virtual line registration system
WO2020147974A1 (en) Lawful interception for international communication
WO2020143917A1 (en) Interception of unsuccessful communication attempts
WO2008117165A2 (en) Methods, apparatuses and computer program product for forwarding emergency registration request to a home network
US10111038B2 (en) Inter-network connection control device, and connection control method
US20150264629A1 (en) User location based network registration
Jesske et al. Private Header (P-Header) Extensions to the Session Initiation Protocol (SIP) for the 3GPP
Tanaka Volte roaming and interconnection standard technology
WO2020048600A1 (en) Coordinated lawful interception
KR102286082B1 (en) Vioce call service swiching system, gateway apparatus and service swiching apparatus and control method each of them

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19701102

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19701102

Country of ref document: EP

Kind code of ref document: A1