Page 432 - Handbook of Modern Telecommunications
P. 432
Network Management and Administration 3-223
• Educational work is needed to separate and integrate solutions for lawful interception, security,
and forensics; they are very different, but still they can and should collaborate with each other.
• Data management is key for telecommunications service providers; not only lawful interception,
but also other information requests by LEAs, SEC, HIPAA, Sarbanes-Oxley, Gramm-Leach-
Bliley, and other government agencies can be met today and also in the future may be met by
querying internal and external databases.
• Some technological challenges will remain; for example, targeting prepaid customers, location
tracking, identity management, searches, IPv4 migration toward IPv6, emerging new products
and services; telecommunications service providers and network equipment manufacturers are
advised to embed IAPs in their equipment from the very beginning.
International and domestic lawful interception standards for IRI, content, and hand-over are not
expected to change much in the near future. Thus, the support of the access, delivery, and collection
functions remains mandatory.
In terms of the access function, the expectations for the future are:
• More embedded IAPs
• Flexible provisioning of IAPs
• Easy physical and logical configuration of probes
• Collaboration between strategic and targeted surveillance techniques
• Easier target identification via IPv6-based addressing mechanisms
• Resolution of dynamic identifiers (IP addresses) with static identifiers (MSID) username
• Correlation of data flows from multiple network nodes
• Collect data on all activity at all nodes in the voice/data/video networks
• Inform network routers to stream specific flows to session/packet reconstructors
• Flag specific users on content gateways and servers
In terms of the delivery function, the expectations for the future are:
• Mediation systems play the role of a coordinator for receiving data from all kinds of IAPs
• Mediation systems are in charge of distributing data to LEAs and other ISS applications
• Flexible conversion of mediated data into intelligence
• State-of-the-art peering with monitoring centers, outsourcers, and LEAs
• Filter data in real-time based on intercept warrants
• Provide reports on all filtered usage (real time or batch)
• Dynamically provide alarms for Layer 7 (HTTP) access of targeted Web sites, bulletin boards, or
by restricted users
In terms of the collection function, the expectations for the future are:
• State-of-the-art connections among LEAs, outsourcers, and telecommunications service providers
• Flexible collaboration among LEAs, outsourcers, and telecommunications service providers
• More secure hand-over solutions
• New applications for back-office functions
• Excellent, unified, and simplified user interfaces for LEAs to easily access intelligence at multiple
telecommunications service providers and outsourcers
Also, the administration function should be improved with new features. Examples are:
• Secure local or remote access to intercept rules base and data sets
• Dynamic deployment of rules base and data sets to collectors and correlators
• Automated addition of target subjects to watch lists
• Capability of querying any external databases as required
