Introduction to Lawful Interception Systems

News and Updates IT Security RSS
1

A lot of people are asking me about Lawful Interception Systems, so I had the idea to present some basic concepts about this technology here.

Introduction

Lawful interception is the legally sanctioned official access to private communications, such as telephone calls, e-mail messages, instant messages or VOIP communications. In general, LI is a security process in which a network operator or service provider gives law enforcement officials access to the communications of private individuals or organizations.

Architecture

Although the details may vary from country to country or vendor to vendor there are a general set of logical and physical requirements wich explain much of the common terminology used. The architecture requires a distinct separation of the IP network and the networks used for distribution and processing of LI information. The interfaces between the production network and the Law Enforcement System must be protected.

Basically a LI system must have a set of components (it may vary)

  • Capture System - Normally a appliance with High Speed Network Capture Cards designed to receive 100% of a link traffic (using taps), analyze it and send the desired info (monitored people conversations) to the Mediation System;
  • Mediation System - A system designed to act as a standard of input/output interfaces standardizing the data collection when several communication systems from different vendors are in place
  • Data Retention System - A secured storage system which stores all the captured data and allows only LEA (Law Enforcement Agencies) to access it (a carrier or an enterprise deploying cannot have access to captured data)
  • Administration System - Usually a GUI that allows only LEA to access it and input all the necessary information for data capture

Types of Captured data

With LI systems is possible flows from applications like:

  • emails;
  • instant messengers chats;
  • voip talks;
  • web pages "hidden content";
  • web chats,
  • IRC's

etc...

Regulations

To avoid fraud or abuse some regulations are in place to protect the right of individuals and organizations.

Summary

Several government agencies around the globe are deploying LI systems. Carriers are doing this also to be compliance with local regulations. There are several studies about privacy, criptography but these are beyond the scope of this post.

Regards


More...