CN101583129A - Legal interception system and method in IP multi-media subsystem network - Google Patents

Legal interception system and method in IP multi-media subsystem network Download PDF

Info

Publication number
CN101583129A
CN101583129A CN 200910203774 CN200910203774A CN101583129A CN 101583129 A CN101583129 A CN 101583129A CN 200910203774 CN200910203774 CN 200910203774 CN 200910203774 A CN200910203774 A CN 200910203774A CN 101583129 A CN101583129 A CN 101583129A
Authority
CN
China
Prior art keywords
network
user
information
lawful interception
target user
Prior art date
Application number
CN 200910203774
Other languages
Chinese (zh)
Inventor
刘小军
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Priority to CN 200910203774 priority Critical patent/CN101583129A/en
Publication of CN101583129A publication Critical patent/CN101583129A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements or protocols for real-time communications
    • H04L65/10Signalling, control or architecture
    • H04L65/1013Network architectures, gateways, control or user entities
    • H04L65/1016IMS
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/22Supervisory, monitoring, management, i.e. operation, administration, maintenance or testing arrangements
    • H04M3/2281Call monitoring, e.g. for law enforcement purposes; Call tracing; Detection or prevention of malicious calls

Abstract

The invention discloses a legal interception system and a method in an IP multi-media subsystem network to decrease the processing complexity of the legal interception process, wherein the method comprises: the monitoring information of a target user is deployed to a network boundary network element of the IP multi-media subsystem network by a legal interception equipment; when the target user is switched into the IP multi-media subsystem network, a network boundary unit identifies the target user according to the deployed information, and copies the user plane media stream of the target user to the legal interception equipment. The legal interception system and the method in the IP multi-media subsystem network meet the specification of 3GPP/ETSI, and lead an IMS network to more easily realize the functions of the legal interception.

Description

一种IP多媒体子系统网络中的合法监听系统及方法 Lawful interception system and method for an IP multimedia subsystem network

技术领域 FIELD

本发明涉及通信领域,尤其涉及一种IP多媒体子系统(IMS)网络中的合法监听系统及方法。 The present invention relates to communication field, and particularly relates to a system and method for lawful interception of an IP network of Multimedia Subsystem (IMS).

背景技术 Background technique

IP多媒体子系统(IP Multimedia Core Network Subsystem,简称IMS ) 是第三代合作伙伴组织(3rd Generation Partnership Project,简称3GPP)定义的下一代网络标准,它的显著特点是采用了会话初始协议(Session Initial Protocol,简称SIP)体系,通讯与接入无关,具备业务控制功能与承载能力分离、呼叫与业务分离、应用与服务分离、业务与网络分离,以及移动网与因特网业务融合等多种能力。 IP multimedia subsystem (IP Multimedia Core Network Subsystem, referred to as IMS) is the third Generation Partnership Organization (3rd Generation Partnership Project, referred to as 3GPP) standard definition of next-generation network, its distinctive feature is the use of the Session Initiation Protocol (Session Initial Protocol, referred to as SIP) systems, access-independent communication, comprising the service control function and the ability to separate bearer, call the operational separation, separation of applications and services, network traffic separated, and the mobile network and the Internet and other business integration capability.

IMS中主要的功能实体包括用户注册、会话控制等呼叫控制实体(Call Session Control Function,简称CSCF),集中管理用户签约数据的归属用户服务器(Home Subscriber Server,筒称HSS ),提供各种业务逻辑控制功能的应用服务器(Application Server,简称AS)。 The main functional entities in IMS include user registration, call control, session control entity (Call Session Control Function, CSCF for short), centralized management of the user subscription data, the home subscriber server (Home Subscriber Server, the HSS said cylinder), to provide various service logic control of the application server (application server, referred to as AS). 另外在会话过程中还涉及互连边界控制功能(Interconnection Border Control Function,简称IBCF )、签约定位器功能(Subscription Locator Function,简称SLF)等功能实体。 Also during the session further relates Interconnection Border Control Function (Interconnection Border Control Function, referred to as IBCF), Subscription Locator Function (Subscription Locator Function, referred to as SLF) and other functional entities. 其中CSCF又根据角色分为代理CSCF (Proxy-CSCF,简称P-CSCF )、查询CSCF (Interrogating-CSCF,简称I-CSCF )以及服务CSCF ( Serving-CSCF,简称S-CSCF)等类型,在逻辑上完成会话路由等不同的功能,在物理上分离也可以合一。 Wherein the Proxy CSCF further divided according to the role CSCF (Proxy-CSCF, referred to as P-CSCF), inquiry CSCF (Interrogating-CSCF, referred to as I-CSCF), and serving CSCF (Serving-CSCF, referred to as S-CSCF) and other types of logic perform different functions on the session routing, unity may be separated physically. 用户通过当前所在地P-CSCF接入IMS,经I-CSCF路由查询, 到用户归属地S-CSCF完成会话和业务触发等功能。 The current location of user access to the IMS P-CSCF, I-CSCF via the route inquiry, the user home S-CSCF to complete the session and service triggering functions.

IMS是与接入无关的网络,无论用户通过固网或者移动网络,都能够接入IMS网络体验相同的业务。 IMS is access independent network, either fixed or mobile network users are able to access the same IMS network service experience. SIP是IMS网络的基本信令控制协议,是互联网工程任务组(Internet Engineering Task Force,简称IETF )制定的多媒体通信系统框架协议之一。 SIP is the basic IMS signaling network control protocol, multimedia communication system is one of the framework agreement Internet Engineering Task Force (Internet Engineering Task Force, referred to as IETF) developed. SIP是用于发起、修改和终止多媒体会话的控制层协议,和多媒体流协议配合,共同完成IMS网络中的会话控制和媒体协商。 SIP is used for initiating, modifying, and terminating multimedia session control protocol, and multimedia streaming protocols fit together to complete the session control in the IMS network and media negotiation.

合法监听作为各个国家的管制需求,是IMS系统必备功能之一。 Lawful interception as regulatory requirements of each country, is one of the essential functions of the IMS system. 目前第三代合作伙伴组织和欧洲电信标准化协会(Europe Telecommunications Standards Institute,简称ETSI)都对IMS域的合法监听制定了相应的规范, 但只要求CSCF将监听对象的SIP消息作为信令面信息输出,用户面媒体信息的监听还没有标准化。 At present the Third Generation Partnership Organization and the European Telecommunications Standards Institute (Europe Telecommunications Standards Institute, referred ETSI) are on the lawful interception IMS domain to develop the appropriate specifications, but only requires the CSCF signaling plane object information output monitor SIP message as monitoring, user plane media information has not yet been standardized.

传统网络的监听都能够同时监听信令面和用户面媒体信息,监听的信息更加完整,实现用户面媒体的监听更满足运营商监听的需求。 Traditional network monitor can simultaneously monitor signaling plane and user plane media information, listening more complete information, to achieve user plane media listening more to meet the needs of operators monitor. 图l是现有技术中基于P誦CSCF和接入边界网关功能(Access Border Gateway Function, 筒称A-BGF)实现用户面媒体监听的方案示意图。 Figure l is a schematic view of the prior art solutions implement user plane media monitor chanting CSCF and P-based Access Border Gateway Function (Access Border Gateway Function, said cylinder A-BGF).

如图l所示,基于CSCF控制A-BGF实现的用户面媒体监听,根据运营商的配置策略,由CSCF判断是否需要对目标用户进行监听。 As shown in FIG. L, based on the user plane media monitor control CSCF A-BGF achieved, according to the operator's policy configuration, the CSCF judges whether to listen to the target user. 如果需要监听,再通过私有扩展接口通知A-BGF进行媒体复制,或者通过私有扩展接口通知GPRS网关支撑节点(Gateway GRRS Support Node,简称GGSN ), 实现用户面媒体的监听。 If you need to listen, and then notify the expansion interface through the private A-BGF performs media copy, or to notify the gateway GPRS support node via a private extension interface (Gateway GRRS Support Node, referred to as the GGSN), to achieve the user plane media listening.

图1所示的监听方案中,包括合法监听设备(Law Enforcement Monitoring Facility,简称LEMF),用于设置、维护及控制所有监听事件。 Monitor program shown in Figure 1, the lawful interception device comprising (Law Enforcement Monitoring Facility, referred to the LEMF), for setting, maintenance and control of all monitor events. 监听包含三个监听接口(HandoverInterface,简称HI)的交互,其中接口1 (Handover Interface Port 1,简称HIl)主要负责管理和维护信息,接口2 (Handover Interface Prot 2,简称HI2 )主要负责向监听中心即LEMF上报信令消息和事件消息,接口3 (Handover Interface Prot 3,简称HB )主要负责向监听中心上报用户面媒体信息。 Monitor contains three interactive listening interfaces (HandoverInterface, referred to as HI), in which the interface 1 (Handover Interface Port 1, referred to HIl) is mainly responsible for the management and maintenance information, Interface 2 (Handover Interface Prot 2, referred to HI2) is mainly responsible for the interception center That report LEMF signaling messages and event messages, Interface 3 (Handover Interface Prot 3, referred to as HB) is responsible for reporting information to the user plane media listening center.

在网络侧,监听功能需要向这三个接口分别交互或上报监听信息。 On the network side, the monitoring function need to interact or to report information to monitor each of these three interfaces. 图中AS等包括内部监听功能(Internal Interception Function,简称IIF )及传输功能(Delivery Function,简称DF ),其中DF3复制用户面媒体到HI3接口, DF2向HI2上报监听信令,而管理功能(Administration Function,简称ADMF ) 则负责通过HIl于LEMF交互,完成监听管理配置。 FIG AS et includes an internal monitoring function (Internal Interception Function, referred IIF) and the transmission function (Delivery Function, referred to as DF), wherein the user plane media copy to DF3 HI3 interfaces, DF2 listener report signaling to HI2, and management functions (the Administration Function, referred ADMF) is responsible by HIl to LEMF that interacts monitor configuration management. 在实际应用中,上述方案存在以下问题: In practical applications, the above scheme has the following problems:

首先,3GPP和ETSI没有标准化P-CSCF到A-BGF或者GGSN的接口, 私有的扩展接口影响互联互通; First of all, 3GPP and ETSI standardized no P-CSCF or the A-BGF GGSN interface proprietary extension interface interoperability impact;

其次,增加了P-CSCF的处理复杂度,P-CSCF本身不需要进行复杂的用户面媒体处理,而使用现有技术的上述方案,P-CSCF需要识别用户面媒体的具体参数,如果媒体面有媒体的增加、删除或者修改等等,P-CSCF就需要通知A-BGF做相应的修改,增加了P-CSCF和A-BGF功能的耦合。 Secondly, increased processing complexity of the P-CSCF, P-CSCF itself does not require complicated handling user plane media, and said prior art solutions, the P-CSCF needs to identify the specific parameters of the user plane media, if the media surface media increase, delete or modify the like, P-CSCF required to notify the a-BGF modified accordingly increased coupling P-CSCF function and the a-BGF.

发明内容 SUMMARY

本发明所要解决的技术问题,在于需要提供一种IMS网络中的合法监听系统及方法,以降低合法监听过程的处理复杂度。 The present invention solves the technical problem, is the need to provide lawful interception system and method for an IMS network in order to reduce the processing complexity lawful interception process.

为了解决上述技术问题,本发明提供了一种IP多媒体子系统网络中的合法监听方法,包括: To solve the above technical problem, the present invention provides a method for lawful interception of an IP Multimedia Subsystem network, comprising:

合法监听设备将目标用户的监控信息布控到所述IP多媒体子系统网络的网络边界网元; Lawful interception target user device monitoring information dispatched to the network boundary IP Multimedia Subsystem network NE;

所述目标用户接入所述IP多媒体子系统网络时,所述网络边界单元根据所述布控信息识别所述目标用户,将所述目标用户的用户面媒体流复制到所述合法监听设备。 When the target user access to the IP Multimedia Subsystem network, the network boundary surveillance unit according to the information identifying the target user, the user plane of the target user to copy the media stream lawful interception device.

优选地,所述目标用户,包括主叫用户、被叫用户、发送补充业务关联的用户或者呼叫前传业务的用户。 Preferably, the target user, including the calling user, the called user, transmitting user traffic or call related supplementary service the user before transmission.

优选地,所述网络边界网元,为接入边界网关功能。 Preferably, the network boundary network element, the access border gateway function.

优选地,所述网络边界单元,进一步将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 Preferably, the network boundary unit further the target user event information and signaling information reported to the lawful interception device.

优选地,所述合法监听设备将所述监控信息进一步布控到所述IP多媒体子系统网络的网络功能网元; Preferably, the lawful interception device to monitor the network information further to the surveillance function the network element of the IP Multimedia Subsystem network;

所述目标用户接入所述IP多媒体子系统网络时,所述网络功能单元识别所述目标用户,将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 When the target user access to the IP Multimedia Subsystem network, the network function unit identifies the target user, the target user event information and signaling information reported to the lawful interception device. 优选地,所述网络功能网元,包括代理呼叫控制实体、服务呼叫控制实体以及应用J良务器。 Preferably, the network function network element comprises a proxy call control entity, the serving call control entity and the application of J traffic is benign.

为了解决上述技术问题,本发明还提供了一种IP多媒体子系统网络中 To solve the above technical problem, the present invention also provides an IP Multimedia Subsystem network

的合法监听方法,包括: The lawful interception method, comprising:

合法监听设备将目标用户的监控信息布控到所述IP多媒体子系统网络的网管; Lawful interception target user device monitoring information dispatched to said network IP Multimedia Subsystem network;

所述网管将所述布控信息映射为跟踪命令发送给所述IP多媒体子系统网络的网络功能网元和网络边界网元; The surveillance network to the tracking information into a command to the IP Multimedia Subsystem network network functions NE NE and network boundaries;

所述目标用户接入所述IP多媒体子系统网络时,所述网络功能网元和网络边界网元将所述目标用户的跟踪数据上报到所述网管; When the target user access to the IP Multimedia Subsystem network, the network element and network boundary function NE reports the user of the target tracking data to the network;

所述网管将跟踪数据中的信令转换为事件信息和信令信息上报到所述合法监听设备,将跟踪数据中的媒体转换为用户面媒体信息复制到所述合法监听设备。 The network signaling the trace data is converted to event information and signaling information reported to the lawful interception device, the media conversion tracking data to the user plane media information is copied to the lawful interception device.

优选地,所述目标用户,包括主叫用户、被叫用户、发送补充业务关联的用户或者呼叫前传业务的用户。 Preferably, the target user, including the calling user, the called user, transmitting user traffic or call related supplementary service the user before transmission.

优选地,所述网络边界网元,为接入边界网关功能。 Preferably, the network boundary network element, the access border gateway function.

优选地,所述网络功能网元,包括代理呼叫控制实体、服务呼叫控制实体以及应用服务器。 Preferably, the network function network element comprises a proxy call control entity, the serving call control entity and an application server.

为了解决上述技术问题,本发明还提供了一种IP多媒体子系统网络中的合法监听系统,包括合法监听设备及网络边界单元,其中: To solve the above technical problem, the present invention also provides a system for legal interception of an IP Multimedia Subsystem network, the network comprising a lawful interception device and the boundary element, wherein:

所述合法监听设备,用于将目标用户的监控信息布控到所述IP多媒体子系统网络的网络边界网元; The lawful interception device for monitoring the target user information dispatched to the IP Multimedia Subsystem network, the network edge network element;

所述网络边界单元,用于在所述目标用户接入所述IP多媒体子系统网络时,根据所述布控信息识别所述目标用户,将所述目标用户的用户面媒体流复制到所述合法监听设备。 The network boundary cell, when the target user for access to the IP Multimedia Subsystem network, according to the surveillance information identifying the target user, the target user to the user plane media stream to the legitimate copy monitoring equipment.

优选地,所述网络边界单元,进一步将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 Preferably, the network boundary unit further the target user event information and signaling information reported to the lawful interception device. 优选地,该系统进一步包括网络功能单元,所述合法监听设备将所述监控信息进一步布控到所述网络功能网元,所述目标用户接入所述IP多媒体子系统网络时,所述网络功能单元识别所述目标用户,将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 Preferably, the system further comprises a network functional element, the lawful interception device to monitor the network information further to the surveillance function network element, the target user access to the IP Multimedia Subsystem network, the network function unit identifies the target user, the target user event information and signaling information reported to the lawful interception device.

为了解决上述技术问题,本发明还提供了一种IP多媒体子系统网络中的合法监听系统,包括合法监听设备、网管、网络功能网元以及网络边界网元,其中: To solve the above technical problem, the present invention also provides a system for legal interception of an IP Multimedia Subsystem network, comprising a lawful interception device, network management, network and network functions of the network element NE boundary, wherein:

所述合法监听设备,用于将目标用户的监控信息布控到所述网管; The lawful interception device for surveillance monitoring target information to the user network;

所述网管,用于将所述布控信息映射为跟踪命令发送给所述网络功能网元及网络边界网元,并将所述网络功能网元及网络边界网元上报的所述目标用户的跟踪数据中的信令转换为事件信息和信令信息上报到所述合法监听设备,将跟踪数据中的媒体转换为用户面媒体信息复制到所述合法监听设备; The network, configured to send the tracking information into a command dispatched to the network and the network boundary NEs NE, the target user and the network and network element functions the network boundary tracking NEs converting the signaling data into signaling information and event information reported to the lawful interception device, the media conversion tracking data to copy information to the user plane media lawful interception device;

所述网络功能网元及网络边界网元,用于所述目标用户接入所述IP多々某体子系统网络时,将所述跟踪数据上^^到所述网管。 When the network function and network boundaries NE NE, the target user for access to the IP network subsystems of a plurality 々, ^^ to the NMS to the trace data.

与现有技术相比,本发明采用IMS网络功能网元和边界网元上报目标用户的事件信息和信令信息,网络边界网元独立上报用户面媒体信息,或者采用网管上报事件信息和信令信息,满足3GPP/ETSI的规范,克服了现有技术的缺陷。 Compared with the prior art, the present invention uses the event information and the signaling information and the IMS network boundary functions NE NE reported by the target user, the network boundary NE reports the user plane media independent information, or the use of network signaling information and reporting events information to meet specifications 3GPP ETSI /, overcomes the drawbacks of the prior art. 本发明技术方案不需要进行信令的私有扩展,不需要改变用户面媒体路径,使得IMS网络能更加简单地实现合法监听的功能。 Technical Solution The present invention does not require signaling of proprietary extensions, without changing the user plane media path, so that the IMS network can be more easily realized lawful interception functionality. 本发明技术方案还有效降低了IMS网络边界网元与功能网元的耦合,降低了监听方案的实现难度,网络改造简单,更容易实现多厂商设备的互联互通,更好地满足运营商和执法机构的需求。 Aspect of the present invention also effectively reduces the coupling IMS network boundary network elements and functions of network elements, reduces the implementation difficulty listening program, simple network transformation, is easier to achieve interoperability of multi-vendor equipment to better meet operators and law enforcement needs of the organization.

附图说明 BRIEF DESCRIPTION

图l是现有技术中用户面媒体监听实现方案示意图; Figure l is a prior art schematic view of a user plane media monitor program implemented;

图2是本发明IMS网络中合法监听系统第一实施例的组成示意图; FIG 2 is a schematic diagram illustrating a lawful interception system of the first embodiment of the present invention in the IMS network;

图3是本发明IMS网络中合法监听方法第一实施例的流程示意图;图4是本发明IMS网络中合法监听方法第二实施例的流程示意图; 图5是本发明IMS网络中合法监听系统第二实施例的组成示意图; 图6是本发明IMS网络中合法监听方法第三实施例的流程示意图。 FIG 3 is a flow chart for lawful interception method of the first embodiment of the present invention in the IMS network; FIG. 4 is a schematic flow diagram of an IMS network according to the present invention, a method for lawful interception of the second embodiment; FIG. 5 is a lawful interception system of the present invention in the IMS network composition schematic diagram of two embodiments; FIG. 6 is a flow diagram illustrating a third embodiment of the present invention in the IMS network for lawful interception method.

具体实施方式 Detailed ways

以下将结合附图及实施例来详细说明本发明的实施方式,借此对本发明如何应用技术手段来解决技术问题,并达成技术效果的实现过程能充分理解并据以实施。 The following embodiments of the present invention in conjunction with the accompanying drawings and described in detail to embodiments of the present invention is applied whereby how technical means to solve the technical problem, and achieve the technical effect of the process can be fully understood and implemented according to embodiments.

图2是本发明IMS网络中合法监听系统第一实施例的组成示意图。 FIG 2 is a schematic view of a first embodiment of the composition of the present invention in the IMS network for lawful interception system. 如图2所示,该系统第一实施例主要包括合法监听设备LEMF210,网络边界网元A-BGF220,网络功能网元P-CSCF230、 S-CSCF 240以及AS 250,其中: 2, the system of the first embodiment mainly comprises a lawful interception device LEMF210, the network boundary NE A-BGF220, network NEs P-CSCF230, S-CSCF 240 and AS 250, wherein:

LEMF 210,用于将目标用户的布控信息下发到A-BGF 220、 P-CSCF 230、 S-CSCF 240以及AS 250; LEMF 210, configured to send the target information in the user's dispatched to A-BGF 220, P-CSCF 230, S-CSCF 240 and AS 250;

A-BGF 220,用于在目标用户接入到IMS网络时,根据该布控信息识别该目标用户,并将该目标用户的信令面数据上报到该LEMF 210,将用户面媒体流复制到该LEMF 210; A-BGF 220, when the target user for the access to the IMS network, information identifying the user based on the surveillance target, and reports the signaling plane data of the target user to the LEMF 210, the user plane media stream to the copied LEMF 210;

P陽CSCF 230、 S-CSCF 240以及AS 250;用于在目标用户接入到IMS网络时,根据该布控信息识别该目标用户,并将该目标用户的信令面数据上报到该LEMF 210。 Yang P CSCF 230, S-CSCF 240 and AS 250; when the target user for the access to the IMS network, information identifying the user based on the surveillance target, and reports the signaling plane data of the target user to the LEMF 210.

其中的目标用户,包括主叫用户、被叫用户、发送补充业务关联的用户或者呼叫前传业务的用户。 Wherein the target users, including the caller, callee, transmitting user traffic or call related supplementary service the user before transmission.

以下结合图3~图4所示的本发明IMS网络中合法监听方法实施例对图2所示的监听系统第一实施例进行详细的说明。 Below in connection with the IMS network according to the present invention shown in FIG. 3 to FIG. 4 lawful interception method according to FIG. 2 the first embodiment of the monitoring system of the embodiment will be described in detail. 其中图3是本发明IMS网络中合法监听方法第一实施例的流程示意图,图4是本发明IMS网络中合法监听方法第二实施例的流程示意图。 Wherein FIG. 3 is a flow chart for lawful interception method of the first embodiment of the present invention in the IMS network, FIG. 4 is a flow diagram of a second embodiment of the present invention in the IMS network for lawful interception method.

图3所示的本发明合法监听方法第一实施例,特点是P-CSCF、 S-CSCF 以及AS支持3GPP/ETSI技术规范,出HI2接口的信令信息和事件信息,再通过A-BGF出信令信息和用户面媒体信息,丰富和完善合法监听的内容。 FIG lawful interception method of the present invention shown in Example 3 of the first embodiment, is characterized by P-CSCF, S-CSCF and the AS supports 3GPP / ETSI Technical Specification, the signaling information and event information HI2 interface, and then through the A-BGF signaling information and user plane media information, enrich and improve the content of lawful interception.

监听中心LEMF通过HI1接口,下发监听目标信息到A-BGF、 P-CSCF、 S-CSCF和AS。 LEA LEMF via HI1 interface delivers information to the intercepted target A-BGF, P-CSCF, S-CSCF and AS. 监听用户(UE)接入IMS网络,A-BGF匹配本地的监听条件,判断该用户被监听,通过HI2接口上报该用户的信令信息和事件信息, 同时通过HI3接口将用户面媒体信息上报给LEMF。 Monitor the user (UE) to access IMS network, A-BGF matching local monitoring condition, determining that the user is listening, signaling information and reports the event information to the user via the interface HI2, HI3 simultaneously by plane media user interface information to a LEMF. P-CSCF、 S-CSCF、 AS 也同样匹配本地的监听条件,判断该用户被监听,通过HI2接口上报该用户的信令信息和事件信息。 P-CSCF, S-CSCF, AS also monitor local conditions match, it determines that the user is listening, signaling information and reports the event information to the user via the HI2 interface.

如图3所示,本发明合法监听方法第一实施例主要包括如下步骤: 3, the lawful interception method of the first embodiment of the present invention mainly comprises the following steps:

步骤S302, A-BGF收到主叫侧UE发送的呼叫请求; Step S302, A-BGF calling side receives the call request sent by a UE;

步骤S304, A-BGF匹配本地的监听条件,判断出该用户被监听,则通过HI2接口向LEMF上报该用户的信令信息和事件信息(见步骤S304a), 并将UE的呼叫请求转发给P-CSCF (见步骤S304b); Step S304, A-BGF matching local monitoring condition, it is determined that the user is listening, through the interface HI2 signaling information and reports the event information to the user (see step S304a) to the LEMF, the UE and forward the call request to the P -CSCF (see step S304b);

运营商也可以通过静态配置,要求A-BGF不监听信令信息和事件信息, 只监听用户面媒体流,以简化A-BGF的实现;本实施例中是根据静态配置, 同时监听用户面媒体流,以及信令信息和事件信息; Operators through static configuration, it requires not listen A-BGF signaling information and event information, listening only user plane media stream, in order to simplify the implementation of the A-BGF; according to the present embodiment is a static configuration, while monitoring the user plane media stream, and signaling information and event information;

如果A-BGF不上报目标用户的事件信息和信令信息时,监听中心可以关联功能网元上报的HI2接口信息和网络边界网元上报的HI3接口信息; If the A-BGF is not reported by the target user event information and signaling information center can monitor the associated function NEs Interface HI2 and HI3 interfaces information network boundaries NEs;

步骤S306, P-CSCF收到A-BGF转发的呼叫请求后,匹配本地的监听条件,判断出该用户被监听,则通过HI2接口向LEMF上报该用户的信令信息和事件信息(见步骤S306a),并将A-BGF转发的呼叫请求转发给S誦CSCF (见步骤S306b ); Step S306, the P-CSCF after receiving the call request is forwarded to A-BGF, the matching local monitoring condition, it is determined that the user is listening, through the signaling information and event information reported to the user interface to the LEMF HI2 (see step S306a ), and the a-BGF forwarding forwards the call request to the S chant CSCF (see step S306b);

步骤S308, S-CSCF收到P-CSCF转发的呼叫请求后,匹配本地的监听条件,判断出该用户被监听,则通过HI2接口向LEMF上报该用户的信令信息和事件信息(见步骤S308a),并将P-CSCF转发的呼叫请求转发给AS (见步骤S308b); After step S308, S-CSCF P-CSCF receives a call request is forwarded, the matching local monitoring condition, it is determined that the user is listening, through the interface HI2 signaling information and reports the event information to the LEMF of the user (see step S308a ), P-CSCF forwards the call request is forwarded to the AS (see step S308b);

步骤S310, AS收到S-CSCF转发的呼叫请求后,匹配本地的监听条件, 判断出该用户被监听,则通过HI2接口向LEMF上报该用户的信令信息和事件信息(见步骤S310a),并将S-CSCF转发的呼叫请求转发给被叫側网元(见步骤S310b); After step S310, AS receives the call request is forwarded by S-CSCF, the local monitoring condition match, it determines that the user is listening, through the interface HI2 signaling information and reports the event information to the user (see step S310a) to the LEMF, and forward S-CSCF forwards the call request to the called side network element (see step S310B);

步骤S312,被叫側回响应,携带SDP,经过AS、 S-CSCF、 P-CSCF以及A-BGF发送到UE (见步骤S312a) , AS、 S-CSCF、 P-CSCF以及A-BGF 分别向LEMF上报信令信息和事件信息(见步骤S312b); Step S312, the response back to the called side, carries the SDP, sent to the UE (see step S312A) after AS, S-CSCF, P-CSCF and the A-BGF, AS, S-CSCF, P-CSCF, respectively, and the A-BGF LEMF report signaling information and event information (see step S312b);

步骤S314,主叫侧UE发送最终SDP,经过A-BGF、 P-CSCF、 S-CSCF 以及AS发送到被叫侧(见步骤S314a) , A-BGF、 P-CSCF、 S-CSCF以及AS分别向LEMF上报最终SDP的信令信息和事件信息(见步骤S314b ); Step S314, the UE transmits the calling-side final SDP, through the A-BGF, P-CSCF, S-CSCF and the AS to the called side (see step S314a), A-BGF, P-CSCF, S-CSCF and AS, respectively report signaling information and event information final SDP's (see step S314b) to the LEMF;

步骤S316,被叫侧回振铃消息,经过AS、 S-CSCF、 P-CSCF以及A-BGF 发送到主叫侧UE (见步骤S316a) , AS、 S隱CSCF、 P-CSCF以及A-BGF分别向LEMF上报振铃信令信息和事件信息(见步骤S316b); Step S316, the ringing message back to the called side, the calling side transmits to the UE (see step S316a) through the AS, S-CSCF, P-CSCF and the A-BGF, AS, S hidden CSCF, P-CSCF and the A-BGF They were reported ringing signaling information and event information (see step S316b) to the LEMF;

步骤S318,被叫侧回200 OK最终应答消息,经过AS、 S-CSCF、 P-CSCF 以及A-BGF发送到主叫侧UE (见步骤S318a) , AS、 S-CSCF、 P-CSCF以及A-BGF分别向LEMF上报最终应答信令信息和事件信息(见步骤S318b )。 Step S318, the receiving-side return 200 OK final response message, the calling side transmits to the UE (see step S318a) through the AS, S-CSCF, P-CSCF and the A-BGF, AS, S-CSCF, P-CSCF and A -BGF were reported to the LEMF final response signaling information and event information (see step S318b).

步骤S320, A-BGF启动媒体流的复制流程(见步骤S320a),根据本地保存的监听对象信息,将用户面媒体流复制到指定的IP地址和端口,包括通过HI3接口向LEMF上报用户面媒体流(见步骤S320b ) , A-BGF根据监听要求,可以只上报主叫侧发送的用户面媒体流,也可以同时上报主叫侧发送和接收的用户面媒体流; Step S320, A-BGF start replication processes the media stream (see step S320a), according to the stored local monitor object information, the user plane media stream copied to the specified IP address and port, including reports the user plane media to the LEMF via HI3 interfaces flow (see step S320b), a-BGF according to requirement monitor may only report the calling side transmitted from the user plane media stream, it may be reported to the calling side while the user plane media streams transmitted and received;

步骤S322,主叫侧UE生成ACK确认消息后,将该ACK确认消息经过A-BGF、P-CSCF、S-CSCF以及AS发送到被叫侧(见步骤S322a), A-BGF、 P-CSCF、 S-CSCF以及AS分别向LEMF上报ACK的信令信息和事件信息。 Step S322, the UE generates the calling side ACK acknowledgment message, the acknowledgment message ACK through the A-BGF, P-CSCF, S-CSCF and the AS to the called side (see step S322a), A-BGF, P-CSCF , S-CSCF and the AS are reporting ACK signaling information and event information to the LEMF.

上述步骤S304a、步骤S306a、步骤S308a以及步骤S310,还可以向LEMF 通知Call-ID等关联标识。 The above step S304a, step S306a, step S308a and step S310, the association identifier may also notify the Call-ID and the like to the LEMF.

图3所示的本发明方法第一实施例,是按照主叫被监听来描述的,对于被叫被监听的流程也是类似的。 The method of the present invention shown in FIG. 3 of the first embodiment is described in accordance with the caller is listening, listening for the called process is similar.

本发明的技术方案同样适用于发生呼叫前传等业务的用户。 Aspect of the present invention is equally applicable to other user occurs prior call transfer service. A-BGF、 P-CSCF 、 S-CSCF以及AS通过信令中的呼叫历史(History-Info 、 P-Served—User)等信息判断是否需要跟踪,来实现补充业务的监听。 A-BGF, P-CSCF, S-CSCF and the AS via signaling call history (History-Info, P-Served-User), etc. determines whether to trace the information, listening to achieve supplementary service. 此处的呼叫历史信息指一次呼叫内的历史信息,比如用户A呼叫用户B,到了AS 时,AS前转到用户C,则呼叫历史信息中会记录:用户B前转用户C。 Call history information here refers to the history information in a call, such as user A calls user B, and to the AS, AS prior to user C, the call history may record information: User B before forwarding user C. 如果LEMF监听用户B,则相关网元可以通过呼叫历史信息得到此呼叫与用户B相关,也可以发起此呼叫的监听流程。 If LEMF monitor user B, the network elements related to this call can be associated with user B through the call history information, you can also initiate the process monitor this call.

本发明技术方案同样适用于目标用户是其他用户发送补充业务关联的用户,网络边界网元A-BGF可以从信令中的呼叫历史信息识别目标用户, 并将目标用户相关的事件信息和信令信息上报到监听中心,同时将目标用户的用户面媒体流复制到监听中心。 Aspect of the present invention is equally applicable to other target users are those users sending supplementary service associated with the event information and the signaling network A-BGF boundary NE signaling from the call history information to identify the target user and the target user related information reported to the interception center, while the target user's user plane media stream is copied to the interception center.

如果A-BGF不上报目标用户的事件信息和信令信息,而只上报用户面媒体流,那么监听中心可以通过关联功能网元上报的HI2接口信息和网络边界网元上报的HI3接口信息,来呈现完整的呼叫内容。 If the A-BGF is not reported by the target user event information and signaling information, and only reports the user plane media stream, then through the associated function LEA NEs HI2 interface information, and network boundaries NEs HI3 interface information to showing complete call content. 比如监听用户A的上线(注册)、呼叫、下线(注销)的等事件由HI2来完成,呼叫时的语音等内容由HI3来完成,则可以通过呼叫等事件来获得对应的语音记录。 A user, such as on-line monitor (registration), call, offline (cancellation) of the HI2 done by other events, such as voice call contents done by HI3, may be obtained by calling the corresponding events such as voice recording.

关联可以在监听网关实现,也可以在监听中心实现。 LIG association can achieve, can also be implemented in the interception center. 目前关联技术并没有标准化,CS、 PS域有不同的实现方式。 Currently associated technology is not standardized, CS, PS domain there are different implementations. IMS域一般实现方式是,HI2接口增加CALL-ID信息上才艮,HI3接口也增加CALL-ID上报。 IMS domain implementation is generally, HI2 interface adds Burgundy only information on the CALL-ID, HI3 interface is also reported to increase the CALL-ID. 因为CALL-ID 能唯一识别一次业务,因此监听中心可以根据HI2、 HI3接口的CALL-ID来完成关联。 Because the CALL-ID can uniquely identify a service, and therefore the interception center may be accomplished according to associate HI2, HI3 interface CALL-ID.

图4所示的本发明合法监听方法第二实施例,通过A-BGF上才艮完整的信令面和用户面媒体数据,实现合法监听功能。 4 of the present invention shown in FIG lawful interception method of the second embodiment, by only the A-BGF Gen complete signaling plane and user plane media data to achieve lawful interception.

该第二实施例特别适用于P-CSCF、 S-CSCF以及AS不支持监听功能的组网环境,优点是网络改造简单,成本低,但同样能够完全满足监听功能。 This second embodiment is particularly applicable to P-CSCF, S-CSCF and the AS does not support networking ambience listening function, the advantage of the transformation of the network is simple, low cost, but likewise able to fully meet the monitoring function. 和图3所示第一实施例的不同主要在于,监听中心LEMF只需将监听目标信息下发到A-BGF。 And FIG. 3 differs from the first embodiment mainly in that the interception center LEMF simply monitor the A-BGF to send the target information.

如图4所示,本发明合法监听方法第二实施例主要包括如下步骤: As shown in FIG 4, lawful interception method of the second embodiment of the present invention mainly comprises the following steps:

步骤S402, A-BGF收到主叫側UE的呼叫请求(见步骤S402a)后,匹配本地的监听条件,判断出该用户被监听,则通过HI2接口向LEMF上报该用户的信令信息和事件信息(见步骤S402b ),同时经过P-CSCF、 S-CSCF以及AS,将主叫侧UE发送的呼叫请求转发给被叫侧(见步骤S402c); After step S402, A-BGF receives a call request (see step S402a) the calling UE side, the matching local monitoring condition, it is determined that the user is listening, through the interface HI2 reports the signaling information and user events to the LEMF information (see step S402b), while passing through the P-CSCF, S-CSCF and AS, to forward the call request from the calling side to the called side transmits UE (see step S402c);

步骤S404,被叫侧回响应,携带SDP,经过AS、 S-CSCF、 P-CSCF以及A-BGF发送到UE; Step S404, the response back to the called side, carries the SDP, sent to the UE through the AS, S-CSCF, P-CSCF and the A-BGF;

步骤S406, A-BGF通过HI2接口向LEMF上报信令信息和事件信息; Step S406, A-BGF via the interface HI2 signaling information and reports the event information to the LEMF;

步骤S408,主叫侧UE发送最终SDP,经过A-BGF、 P-CSCF、 S-CSCF 以及AS发送到被叫侧; Step S408, the UE transmits the calling-side final SDP, to the called side through the A-BGF, P-CSCF, S-CSCF and the AS;

步骤S410, A-BGF通过HI2接口向LEMF上净艮最终SDP的信令信息和事件信息; Step S410, A-BGF via HI2 interface information on the event to the signaling information and the SDP LEMF final net Gen;

步骤S412,被叫側回振铃消息,经过AS、 S-CSCF、 P-CSCF以及A-BGF 发送到主叫侧UE; Step S412, the ringing message back to the called side, the calling side transmits to the UE through the AS, S-CSCF, P-CSCF and the A-BGF;

步骤S414, A-BGF通过HI2接口向LEMF上报振铃信令信息和事件信 Step S414, A-BGF ringing signaling information and reports the event to the LEMF via channel Interface HI2

from

步骤S416,被叫侧回200 OK最终应答消息,经过AS、 S-CSCF、 P-CSCF 以及A-BGF发送到主叫侧UE; Step S416, the receiving-side back to the final 200 OK response message sent to the calling UE through the side AS, S-CSCF, P-CSCF and the A-BGF;

步骤S418, A-BGF通过HI2接口向LEMF上报最终应答信令信息和事件信息; Step S418, A-BGF via the interface HI2 the final response to the LEMF signaling information and reports the event information;

步骤S420, A-BGF启动媒体流的复制流程(见步骤S420a),根据本地保存的监听对象信息,将用户面媒体流复制到指定的IP地址和端口,包括通过HI3接口向LEMF上报用户面媒体流(见步骤S420b) , A-BGF根据监听要求,可以只上报主叫侧发送的用户面媒体流,也可以同时上报主叫側发送和接收的用户面媒体流。 Step S420, A-BGF start replication processes the media stream (see step S420a), according to the stored local monitor object information, the user plane media stream copied to the specified IP address and port, including reports the user plane media to the LEMF via HI3 interfaces flow (see step S420b), a-BGF according to requirement monitor may only report the calling side transmitted from the user plane media stream, it may be reported to the calling side for transmitting and receiving the user plane media streams.

步骤S422,主叫侧UE生成ACK确认消息后,将该ACK确认消息经过A-BGF、 P-CSCF、 S-CSCF以及AS发送到被叫侧; Step S422, the calling side after UE generates ACK acknowledgment message, the acknowledgment message ACK through A-BGF, P-CSCF, S-CSCF and the AS to the called side;

步骤S424, A-BGF通过HI2接口向LEMF上报ACK的信令信息和事件信息。 Step S424, A-BGF via the interface HI2 signaling information and reports the event information to the ACK LEMF.

上述步骤S402a中,还可以向LEMF通知Call-ID等关联标识。 The above step S402a, the association identifier may also inform the Call-ID and the like to LEMF.

图5是本发明IMS网络中的合法监听系统第二实施例的组成示意图。 FIG 5 is a schematic view of a second embodiment of the composition of the lawful interception system of the IMS network according to the present invention. 如图5所示,该系统第二实施例主要包括合法监听设备LEMF 510、网管(Element Manager, EM) 520、网络边界网元A-BGF 530以及网络功能网元P-CSCF 540、 S-CSCF 550以及AS 560,其中: 5, the system of the second embodiment mainly includes a lawful interception device LEMF 510, NMS (Element Manager, EM) 520, a network boundary A-BGF 530 NE and NEs network P-CSCF 540, S-CSCF 550 and AS 560, wherein:

LEMF 510,用于将目标用户的监控信息布控到该EM 520; LEMF 510, dispatched for the target information to the user's monitor EM 520;

EM 520,用于将该布控信息映射为跟踪命令发送给该A-BGF 530及网络功能网元P-CSCF 540、 S-CSCF 550以及AS 560,并将该A-BGF 530和网络功能网元P-CSCF 540、 S-CSCF 550及AS 560上报的该目标用户的跟踪数据中的信令转换为事件信息和信令信息上报到该LEMF 510,将跟踪数据中的々某体转换为用户面力某体信息复制到该LEMF 510; EM 520, for transmitting the tracking information into a command dispatched to the A-BGF 530 and NEs network P-CSCF 540, S-CSCF 550 and AS 560, and the A-BGF 530 and network functions NE P-CSCF 540, S-CSCF 550 and aS 560 reported by the target user data signaling conversion tracking reports to event information and signaling information to the LEMF 510, the conversion tracking data in a body of the user plane 々 a force-information copy to the LEMF 510;

A-BGF 530和网络功能网元P-CSCF 540、 S-CSCF 550及AS 560,用于该目标用户接入该IMS网络时,将该跟踪数据上报到该EM 520。 When the A-BGF 530 and NEs network P-CSCF 540, S-CSCF 550 and AS 560, for the destination user to access the IMS network, the trace data is reported to the EM 520.

以下结合图6所示的本发明IMS网络中合法监听方法第三实施例对图5 所示的监听系统第二实施例进行详细的说明。 Embodiment shown in Figure 5 of a second embodiment of the monitoring system is described in detail below in connection with the third embodiment shown in FIG. 6 in the IMS network according to the present invention, a method for lawful interception.

图6是本发明IMS网络中合法监听方法第三实施例的流程示意图。 FIG 6 is a flow diagram illustrating a third embodiment of the present invention in the IMS network for lawful interception method. 本第三实施例中监听中心将目标用户的布控信息发送到网管(Element Manager),网管映射为跟踪命令(Trace)发送给网络边界网元A-BGF,以及网络功能单元P-CSCF、S-CSCF和AS。 In a third embodiment according to the present embodiment LEA sends the target information to the user network surveillance (Element Manager), tracking network mapping command (the Trace) to the network boundary NE A-BGF, and a network function unit P-CSCF, S- CSCF and AS. 目标用户接入IMS网络时,A-BGF、 P-CSCF、 S-CSCF和AS判断用户是否被网管跟踪,如果被跟踪则上报信令信息和媒体数据给网管,网管再转换为监听数据上报到监听中心。 When the target user accesses the IMS network, A-BGF, P-CSCF, S-CSCF and AS network determines whether a user is tracked, the tracking if the signaling information and media data reported to the NMS, the NMS then converted to data reported to the monitor LEAs.

如图6所示,本发明合法监听方法第三实施例主要包括如下步骤: 6, the lawful interception method of the third embodiment of the present invention mainly comprises the following steps:

步骤S602,监听中心将目标用户的布控信息下到网管; Step S602, the surveillance center will monitor information of the target user to the network;

步骤S604,网管将布控信息映射为跟踪命令,并将跟踪命令分别发送给A-BGF、 P-CSCF、 S-CSCF以及AS (分别见步骤S604a、步骤S604b、步骤S604c以及步骤S604d); Step S604, the surveillance network to the tracking information into a command, and commands are transmitted to the tracking A-BGF, P-CSCF, S-CSCF and AS (see step S604a, respectively, the step S604b, S604c step and step S604d);

步骤S606 , A-BGF收到主叫侧UE的呼叫请求; Step S606, A-BGF calling side receives the call request of the UE;

步骤S608, A-BGF匹配本地的跟踪条件,判断出该用户被网管跟踪, 则向网管上报跟踪数据; Step S608, the tracking condition of the A-BGF match the local, network determines that the user is tracked, the tracking data reported to the NMS;

步骤S610,网管转换跟踪数据为该用户的信令信息和事件信息,并通过HI2接口将用户的信令信息和事件信息上报到监听中心; Step S610, the data conversion tracking network signaling information and user information for that event, and will be reported to the user via the interface HI2 the signaling information and the event information to a central monitor;

步骤S612,被叫側回响应,携带SDP,经过AS、 S-CSCF、 P-CSCF以及A-BGF发送到UE; Step S612, the response back to the called side, carries the SDP, sent to the UE through the AS, S-CSCF, P-CSCF and the A-BGF;

步骤514, AS、 S-CSCF、 P-CSCF以及A-BGF向网管上报跟踪数据; Step 514, AS, S-CSCF, P-CSCF and the A-BGF tracking data reported to the NMS;

步骤S616,网管转换跟踪数据为该用户的信令信息和事件信息,通过HI2接口上报到监听中心; Step S616, conversion tracking network for the user data signaling information and event information, reports to the central monitor via the interface HI2;

步骤S618,主叫侧UE发送最终SDP,经过A-BGF、 P-CSCF、 S-CSCF 以及AS发送到被叫侧; Step S618, the calling UE sends the final side SDP, to the called side through the A-BGF, P-CSCF, S-CSCF and the AS;

步骤S620, AS、 S-CSCF、 P-CSCF以及A-BGF向网管上报跟踪数据; Step S620, AS, S-CSCF, P-CSCF and the A-BGF tracking data reported to the NMS;

步骤S622,网管转换跟踪数据为该用户的信令信息和事件信息,通过HI2接口上才艮到监听中心; Step S622, conversion tracking network for the user data signaling information and event information via the interface HI2 the Gen only to the interception center;

步骤S624,被叫侧回振铃消息,经过AS、 S-CSCF、 P-CSCF以及A-BGF 发送到主叫侧UE; Step S624, the ringing message back to the called side, the calling side transmits to the UE through the AS, S-CSCF, P-CSCF and the A-BGF;

步骤S626, AS、 S-CSCF、 P-CSCF以及A-BGF向网管上报跟踪数据; Step S626, AS, S-CSCF, P-CSCF and the A-BGF tracking data reported to the NMS;

步骤S628,网管转换跟踪数据为该用户的信令信息和事件信息,通过HI2接口上报到监听中心; Step S628, conversion tracking network for the user data signaling information and event information, reports to the central monitor via the interface HI2;

步骤S630,被叫侧回200 OK最终应答消息,该200 OK最终应答消息经过AS、 S-CSCF、 P-CSCF以及A-BGF发送到主叫侧UE; Step S630, the receiving-side return 200 OK final response message, the 200 OK final response message to the calling UE through the side AS, S-CSCF, P-CSCF and the A-BGF;

步骤S632,如果A-BGF支持媒体数据上报,则网管转换跟踪数据为该用户的用户面媒体流,通过HI3接口将该用户面媒体流上报到监听中心(见步骤S632b);如果A-BGF不支持媒体数据上报,则不上报用户面媒体信息;本实施例中A-BGF支持媒体数据上报(见步骤S632a); Step S632, if the A-BGF support media data reporting, the data for the conversion tracking user network user plane media stream, stream reported to the interception center (see step S632b) via the user plane media HI3 interfaces; A-BGF if not support media data reporting, the user plane media information is not reported; the present embodiment supports the A-BGF media data reporting (see step S632a);

步骤S634,主叫侧UE产生ACK确认消息,并经过A-BGF、 P-CSCF、 S-CSCF以及AS将该ACK确认消息发送到被叫侧; Step S634, the calling-side UE generates ACK acknowledgment message, and after A-BGF, P-CSCF, S-CSCF and the AS ACK acknowledgment message to the called side;

步骤S636, AS、 S-CSCF、 P-CSCF以及A-BGF向网管上报跟踪数据; Step S636, AS, S-CSCF, P-CSCF and the A-BGF tracking data reported to the NMS;

步骤S638,网管转换跟踪数据为该用户的信令信息和事件信息,通过HI2接口上报到监听中心。 Step S638, conversion tracking network for the user data signaling information and event information, reports to the central monitor via HI2 interface. 在网管参与监听的情况下,只需要A-BGF, P-CSCF, S-CSCF以及AS 支持3GPP定义的跟踪功能,并不需要支持监听功能。 In the case where the participation of the NMS listening, only A-BGF, P-CSCF, S-CSCF and the AS supports 3GPP defined tracking feature, it does not need to support the monitoring function. 比如网管发起某用户的信令跟踪或者业务跟踪,则A-BGF、 P-CSCF, S-CSCF以及AS就会将该用户的所有呼叫信令和业务数据上报给网管。 For example a user initiated network signaling tracking or tracking service, the A-BGF, P-CSCF, S-CSCF and the AS will all call signaling and user service data reported to the NMS.

需要说明的是,在网管参与的监听过程中,目标用户可以是主叫用户, 可以是被叫用户,可以是发送补充业务关联的用户,还可以是呼叫前传业务的用户。 It should be noted that, in the listening process involved in network management, the target user may be the calling user, may be called user, the user can send the association of supplementary services, users can also transfer business before the call.

传统的组网中,网管一般为集中设置, 一个网管管理上百个甚至更多的网元。 Traditional networking, network management generally focus setting, a network management even more hundreds of network elements. 本发明利用网管实现监听功能,对现网网元的要求低,只需用支持跟踪功能即可,网络改造简单。 The invention utilizes network management to achieve the monitoring function, low current requirements for network elements, simply by tracking function can support, network transformation is simple.

与现有技术相比,本发明采用IMS网络功能网元和边界网元上l艮目标用户的事件信息和信令信息,网络边界网元独立上报用户面媒体信息,或者采用网管上报事件信息和信令信息,满足3GPP/ETSI的规范,克服了现有技术的缺陷。 Compared with the prior art, the present invention uses the IMS network element and the network boundary functions NE l Gen target user event information and signaling information, network boundaries NE reports the user plane media independent information, or using the network management information and reporting events signaling information to meet specifications 3GPP ETSI /, overcomes the drawbacks of the prior art.

本发明技术方案的实现,不需要进行信令的私有扩展,不需要改变用户面媒体路径,使得IMS网络能更加简单地实现合法监听的功能,特别是用户面々某体的监听,丰富了IMS网络监听信息内容,能上报更丰富、更完整的用户面媒体信息。 The technical solution of the present invention does not require signaling of proprietary extensions, without changing the user plane media path, so that the IMS network can be more easily realized lawful interception function, in particular a monitor user plane 々 body, the IMS network enriched monitor content, we can report a richer, more complete user plane media information.

本发明技术方案还有效降低了IMS网络边界网元与功能网元的耦合, 降低了监听方案的实现难度,更容易实现多厂商设备的互联互通,更好地满足运营商和执法机构的需求。 Aspect of the present invention also effectively reduces the coupling IMS network boundary network elements and functions of network elements, reduces the implementation difficulty listening program, it is easier to achieve interoperability of multi-vendor equipment to better meet the needs of operators and law enforcement agencies.

以上所述,仅为本发明较佳的具体实施方式,但本发明的保护范围并不局限于此,任何熟悉该技术的人员在本发明所揭露的技术范围内,可轻易想到的变化或替换,都应涵盖在本发明的保护范围之内。 The above are only preferred specific embodiment of the present invention embodiment, but the scope of the present invention is not limited thereto, and any person skilled in the art within the technical scope disclosed by the present invention can be easily thought of the changes or substitutions It shall fall within the protection scope of the present invention. 因此,本发明的保护范围应该以权利要求的保护范围为准。 Accordingly, the scope of the present invention should be defined by the scope of the claims.

Claims (14)

1、一种IP多媒体子系统网络中的合法监听方法,其特征在于,包括: 合法监听设备将目标用户的监控信息布控到所述IP多媒体子系统网络的网络边界网元; 所述目标用户接入所述IP多媒体子系统网络时,所述网络边界单元根据所述布控信息识别所述目标用户,将所述目标用户的用户面媒体流复制到所述合法监听设备。 1, a method for lawful interception of an IP Multimedia Subsystem network, characterized by comprising: a lawful interception device to monitor the surveillance target user information to the network boundary network element of the IP Multimedia Subsystem network; the target user access when into the IP multimedia subsystem network, the network boundary surveillance unit according to the information identifying the target user, the user plane of the target user to copy the media stream lawful interception device.
2、 如权利要求1所述的方法,其特征在于:所述目标用户,包括主叫用户、被叫用户、发送补充业务关联的用户或者呼叫前传业务的用户。 2. The method as claimed in claim 1, wherein: the target user, including the calling user, the called user, transmitting user traffic or call related supplementary service the user before transmission.
3、 如权利要求l所述的方法,其特征在于: 所述网络边界网元,为接入边界网关功能。 3. The method of claim l, wherein: the network boundary network element, the access border gateway function.
4、 如权利要求1所述的方法,其特征在于:所述网络边界单元,进一步将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 4. The method of claim 1, wherein: the network boundary unit further reporting the event information of the target user and signaling information to the lawful interception device.
5、 如权利要求1或4所述的方法,其特征在于:所述合法监听设备将所述监控信息进一步布控到所述IP多媒体子系统网络的网络功能网元;所述目标用户接入所述IP多媒体子系统网络时,所述网络功能单元识别所述目标用户,将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 5. The method as claimed in claim 1 or claim 4, wherein: the lawful interception device to monitor the network information further to the surveillance function the network element of the IP Multimedia Subsystem network; by the target user access when said IP multimedia subsystem network, the network function unit identifies the target user, the target user event information and signaling information reported to the lawful interception device.
6、 如权利要求5所述的方法,其特征在于:所述网络功能网元,包括代理呼叫控制实体、服务呼叫控制实体以及应用服务器。 6. The method as claimed in claim 5, wherein: the network function network element comprises a proxy call control entity, the serving call control entity and an application server.
7、 一种IP多媒体子系统网络中的合法监听方法,其特征在于,包括:合法监听设备将目标用户的监控信息布控到所述IP多媒体子系统网络的网管;所述网管将所述布控信息映射为跟踪命令发送给所述IP多媒体子系统网络的网络功能网元和网络边界网元;所述目标用户接入所述IP多i某体子系统网络时,所述网络功能网元和网络边界网元将所述目标用户的跟踪数据上报到所述网管;所述网管将跟踪数据中的信令转换为事件信息和信令信息上报到所述合法监听设备,将跟踪数据中的媒体转换为用户面媒体信息复制到所述合法监听设备。 7, a method for lawful interception of an IP Multimedia Subsystem network, characterized by comprising: a lawful interception device to monitor the surveillance target user information to the network management of the IP Multimedia Subsystem network; said dispatched information to said network mapping command to the transmission network to track the IP multimedia subsystem network function of the network element and the network edge network element; when the target user to access the IP network subsystems of a plurality i, the network element and network function boundary NE reports the user of the target tracking data to the network management; the NMS trace data is converted into signaling information and signaling information reporting event to the lawful interception device, the media conversion tracking data copy media information for the user plane to the lawful interception device.
8、 如权利要求7所述的方法,其特征在于:所述目标用户,包括主叫用户、被叫用户、发送补充业务关联的用户或者呼叫前传业务的用户。 8. A method as claimed in claim 7, wherein: the target user, including the calling user, the called user, transmitting user traffic or call related supplementary service the user before transmission.
9、 如权利要求7所述的方法,其特征在于: 所述网络边界网元,为接入边界网关功能。 9. A method as claimed in claim 7, wherein: the network boundary network element, the access border gateway function.
10、 如权利要求7所述的方法,其特征在于:所述网络功能网元,包括代理呼叫控制实体、服务呼叫控制实体以及应用服务器。 10. A method as claimed in claim 7, wherein: the network function network element comprises a proxy call control entity, the serving call control entity and an application server.
11、 一种IP多媒体子系统网络中的合法监听系统,其特征在于,包括合法监听设备及网络边界单元,其中:所述合法监听设备,用于将目标用户的监控信息布控到所述IP多4某体子系统网络的网络边界网元;所述网络边界单元,用于在所述目标用户接入所述IP多媒体子系统网络时,根据所述布控信息识别所述目标用户,将所述目标用户的用户面媒体流复制到所述合法监听设备。 11, of an IP Multimedia Subsystem network in the lawful interception system, characterized in that a lawful interception device and the network comprises boundary elements, wherein: the lawful interception device for surveillance monitoring target information to the user of the IP Multicast 4 NE network subsystem network boundary of a body; the network boundary cell, when the target user for access to the IP multimedia subsystem network, information identifying the user according to the surveillance target, the target user plane media user to copy the stream lawful interception device.
12、 如权利要求11所述的系统,其特征在于:所述网络边界单元,进一步将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 12. The system as claimed in claim 11, wherein: the network boundary unit further reporting the event information of the target user and signaling information to the lawful interception device.
13、 如权利要求11所述的系统,其特征在于,该系统进一步包括网络功能单元,所述合法监听设备将所述监控信息进一步布控到所述网络功能网元,所述目标用户接入所述IP多々某体子系统网络时,所述网络功能单元识别所述目标用户,将所述目标用户的事件信息及信令信息上报到所述合法监听设备。 13. The system as claimed in claim 11, characterized in that the system further comprises a network functional element, the lawful interception device to monitor the network information further to the surveillance function network element, by the target user access 々 a plurality of said subsystems IP network, the network function unit identifies the target user, the target user event information and signaling information reported to the lawful interception device.
14、 一种IP多媒体子系统网络中的合法监听系统,其特征在于,包括合法监听设备、网管、网络功能网元以及网络边界网元,其中:所述合法监听设备,用于将目标用户的监控信息布控到所述网管;所述网管,用于将所述布控信息映射为跟踪命令发送给所述网络功能网元及网络边界网元,并将所述网络功能网元及网络边界网元上报的所述目标用户的跟踪数据中的信令转换为事件信息和信令信息上报到所述合法监听设备,将跟踪数据中的媒体转换为用户面媒体信息复制到所述合法监听设备;所述网络功能网元及网络边界网元,用于所述目标用户接入所述IP多媒体子系统网络时,将所述跟踪数据上报到所述网管。 14, of an IP Multimedia Subsystem network in the lawful interception system, characterized in that the lawful interception device comprises, network management, network and network functions of the network element NE boundary, wherein: the lawful interception device for the target user monitoring information dispatched to said network; the network management, mapping information for the surveillance tracking command to the network and network element functions the network border network element and the network and network element functions the network edge NE reported by the target user signaling conversion tracking data to the lawful interception device and the event information reported to signaling information, the trace data is converted to a media information of the user plane media copy to the lawful interception device; the when said network NEs and NEs network boundaries, the target user for access to the IP multimedia subsystem network, the tracking data will be reported to the NMS.
CN 200910203774 2009-06-12 2009-06-12 Legal interception system and method in IP multi-media subsystem network CN101583129A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 200910203774 CN101583129A (en) 2009-06-12 2009-06-12 Legal interception system and method in IP multi-media subsystem network

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN 200910203774 CN101583129A (en) 2009-06-12 2009-06-12 Legal interception system and method in IP multi-media subsystem network
PCT/CN2010/072384 WO2010142172A1 (en) 2009-06-12 2010-04-30 System and method for lawful interception in ip multimedia subsystem network
PCT/CN2010/072414 WO2010142175A1 (en) 2009-06-12 2010-05-04 Method, system and network element manager for law enforcement monitoring in internet protocol multimedia subsystem

Publications (1)

Publication Number Publication Date
CN101583129A true CN101583129A (en) 2009-11-18

Family

ID=41365031

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 200910203774 CN101583129A (en) 2009-06-12 2009-06-12 Legal interception system and method in IP multi-media subsystem network

Country Status (2)

Country Link
CN (1) CN101583129A (en)
WO (2) WO2010142172A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010142172A1 (en) * 2009-06-12 2010-12-16 中兴通讯股份有限公司 System and method for lawful interception in ip multimedia subsystem network
CN102487521A (en) * 2010-12-03 2012-06-06 中兴通讯股份有限公司 Method and device for monitoring media content in IMS (IP (Internet Protocol) Multimedia Subsystem)
WO2012174945A1 (en) * 2011-06-20 2012-12-27 中兴通讯股份有限公司 Media content interception method and device in ip multimedia subsystem
US10353488B2 (en) 2014-05-30 2019-07-16 Hewlett-Packard Development Company, L.P. Positional input on displays

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100450024C (en) * 2005-12-13 2009-01-07 华为技术有限公司 Method for monitoring multi-medium sub-system domain
DE102006014921A1 (en) * 2006-03-30 2007-10-18 Siemens Ag Lawful interception method for call forwarding in a packet-oriented telecommunications network
CN101212356B (en) * 2006-12-31 2011-05-18 华为技术有限公司 Session border controller, communication system and listening method
CN101035036B (en) * 2007-04-19 2011-03-02 中兴通讯股份有限公司 Legal monitoring system and method
TWI385969B (en) * 2007-10-15 2013-02-11 Ind Tech Res Inst Method and system for lawful interception of the value-added service in ip multimedia subsystem
CN101247431B (en) * 2008-03-14 2010-12-08 中兴通讯股份有限公司 Method and system for implementing IP multimedia subsystem monitoring
CN101420432B (en) * 2008-12-01 2012-10-17 华为技术有限公司 Implementing method, system and apparatus for IMS listening
CN101583129A (en) * 2009-06-12 2009-11-18 中兴通讯股份有限公司 Legal interception system and method in IP multi-media subsystem network

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2010142172A1 (en) * 2009-06-12 2010-12-16 中兴通讯股份有限公司 System and method for lawful interception in ip multimedia subsystem network
WO2010142175A1 (en) * 2009-06-12 2010-12-16 中兴通讯股份有限公司 Method, system and network element manager for law enforcement monitoring in internet protocol multimedia subsystem
CN102487521A (en) * 2010-12-03 2012-06-06 中兴通讯股份有限公司 Method and device for monitoring media content in IMS (IP (Internet Protocol) Multimedia Subsystem)
WO2012071875A1 (en) * 2010-12-03 2012-06-07 中兴通讯股份有限公司 Media content monitoring method and device in ip multimedia subsystem
CN102487521B (en) * 2010-12-03 2016-06-08 中兴通讯股份有限公司 Ip multimedia subsystem media content listener method and apparatus
WO2012174945A1 (en) * 2011-06-20 2012-12-27 中兴通讯股份有限公司 Media content interception method and device in ip multimedia subsystem
US10353488B2 (en) 2014-05-30 2019-07-16 Hewlett-Packard Development Company, L.P. Positional input on displays

Also Published As

Publication number Publication date
WO2010142175A1 (en) 2010-12-16
WO2010142172A1 (en) 2010-12-16

Similar Documents

Publication Publication Date Title
CN101176327B (en) Circuit-switched and multimedia subsystem voice continuity
KR101501399B1 (en) Policy routing-based lawful interception in communication system with end-to-end encryption
ES2431322T3 (en) System and method for transferring calls between wireless networks of switched circuits and switched data packets
US8625582B2 (en) Method and apparatus for routing a bearer path in an internet protocol multimedia subsystem based communication system
EP1920572B1 (en) Multimedia subsystem service control for circuit-switched subsystem calls
CN101142833B (en) Device for controlling a cs domain subscriber terminal access to an IMS communication network services
US7843902B2 (en) Interception of multimedia services
US7006508B2 (en) Communication network with a collection gateway and method for providing surveillance services
US8499082B2 (en) Methods, systems, and computer readable media for providing services in a telecommunications network using interoperability specification/session initiation protocol (IOS/SIP) adapter
US8374171B2 (en) Method for reducing the risk of call connection failure and system to perform the method
US8155084B2 (en) User equipment, call continuity application server, and network handover method
US20100086119A1 (en) Lawful interception in wireline broadband networks
US20010052081A1 (en) Communication network with a service agent element and method for providing surveillance services
US7894410B2 (en) Method and system for implementing backup based on session border controllers
ES2360616T3 (en) Method and appliance to selectly reduce session control for a multimedia internet protocol subsystem.
CN101035068B (en) Method of providing session mobility
CN100372338C (en) Method for realizing local business in IP multimedia sub-system
CN101160808B (en) Method for triggering user registration in IP multimedia subsystem
CN100379316C (en) Realization method and system for traditional terminal user accessing IMS domain
US20070086581A1 (en) Method and communication system for circuit switch users accessing IP multimedia subsystem
CN100397831C (en) System and method for realizing IP multimedia business monitoring
CN100579278C (en) Emergent calling method and system and calling conversation control function entity
CN101132405A (en) Communication network system and method for providing business proxy function and business proxy device thereof
US20020009973A1 (en) Communication network and method for providing surveillance services
CN1756242A (en) System and method for carrying service using circuit switching in IP multimedia subsystem

Legal Events

Date Code Title Description
C06 Publication
C10 Request of examination as to substance
C12 Rejection of an application for a patent