DE19508461A1 - Communications connection detection system for mobile communications network - Google Patents

Abstract

The connection detection system uses a detection device (M,...), provided by a standard peripheral and/or a recording device (STR) for the transmitted information, inserted in the connection path when a call is placed from a specific subscriber (a), or placed to a specific subscriber (B). The detection device detects the signalisation information characterising the connection and allows the decoded signalisation information and/or the decoded useful information, transmitted along the established connection, to be recorded. Pref. the device is connected to each of the subscribers via a multi-point connection.

Description

The invention relates to a method and a circuit arrangement according to the preamble of claim 1.

From Bergmann, Textbook of Telecommunications, Volume 1, 5th edition, Berlin 1986, pages 749 ff. Are already communication systems with Emergency call facilities known. An emergency call shown there System has a query switching matrix coupled to connecting elements on the output side via an interrogation device with a tape Connection device is connected. The well-known emergency call system is, if it does not have a switching facility, with a connected to another switching network, via which each workstation of the system call every other workplace via a special speech path and can talk to him. If the well-known emergency call system with a hand-operated switching device, it contains a switching matrix. The known system thus has more than a switching matrix. An encryption or decryption of transmitted User information is not provided.

It is already a communication system, especially an ISDN-capable one Telecommunication private branch exchange known, in which all within the first Connections between two user data exchanged in a storage device can be recorded. This is parallel to each of the first connection established a second connection. The  Storage device is connected to a subscriber line circuit. It is not intended that those produced within the scope of Telecommunication connections transmitted user data are encrypted.

To maintain the confidentiality of radio connections in GSM networks encryption methods are used that are so perfect that reading / listening are excluded in the prior art can (see Biala, Jacek: Mobile Communications and Intelligent Networks, Friedr. Vieweg & Sohn Verlagsgesellschaft mbH, 1994, pp. 66-69, 146-149, 160, 180-194, 244-248, 305).

CH 6811 401 A5 is a circuit arrangement for voice monitoring Telephone calls between two or more microphone units known that can be connected to one another via a switching unit. For this there are special devices, namely an adder ADD or a conference facility KB provided to the exchange device can be connected. Encryption problems User data or listening to encrypted user data is not intended.

This per se positive performance of the GSM standards, i. H. the absolute However, maintaining privacy in GSM networks has the problem As a result, the criminal environment is beyond surveillance can.

Based on this prior art, the invention is techni problem, a method and a circuit arrangement of the Specify the type mentioned above, which makes it particularly authorized Make a detection of communication connections in such a way secured networks is made possible.  

This problem is solved with the features of the claims 1 or 3.

The invention is characterized by a number of advantages.

The communication connection can initially be recorded any criteria. For example, Verbin can already Record attempts to build up a call from a calling device or also to a called terminal. In communication connection A detection device is already used when establishing a connection looped in. This is done without having to grind in the calling or called terminal is recognizable. By grinding in already Establishing a connection ensures that the detection device with regard to the encryption and decryption procedures like a normal, calling or called end device is treated in accordance with the system.

The detection device can be according to an advantageous embodiment identical to a conventional terminal, in particular a mobile radio terminal ("Handy") be designed. This has the advantage that a Acquisition of selected communication connections regardless of location and without further ado, that means without manual switching measures of the User of the detection device is enabled. It continues just listening in or listening in and recording the transmitted information possible on a record carrier.

According to a further advantageous embodiment of the invention Detection device fixed to a switching center via a connection port connected. Several such exchanges are centralized Coupling network connectable, which is a central arrangement of a variety of detection devices.  

Existing devices are only in their circuitry structure to change to a comparatively small extent; existing Software programs that control the circuitry com components can also be compared accordingly wise change to a small extent.

Further features and advantages result from the following Description of the invention.

It shows

Fig. 1 is a switching center of a mobile communication network with several detection devices according to the invention, the

Fig. 2 shows a structure of terminal-identifying data, the Inventive be formed according to, and

Fig. 3 shows the arrangement of the mobile radio networks (D1 / D2 / E1), their linkage with the telephone network (PSTN / ISDN) and different connection options for the detection devices (M₁-M _n ).

The switching center MSC1 shown in FIG. 1 of a mobile communication network operating, for example, according to the GSM standard consists of a switching network SN with its control SGC, a central control device CCU with a central processor CP, line connection groups LTG with its control processors GP. With the central control device is a database HLR / VLR ( Fig. 2), in which, among other things, terminal-identifying data are managed by terminals which are operated in the catchment area of this switching center MSC1.

These terminal-identifying data include, as is also taken into account in the prior art and in FIG. 2, the subscriber presence number SNR, the subscriber identification (personal number PR). According to the invention, these data are supplemented by further data which are described in connection with FIG. 2. The additional data make it possible to switch on a device for recording communication connections.

To the line connection groups LTG1-4, LTG5-8, LTGn-z are ver Connection lines connected to other exchanges. these are on the one hand mobile switching centers MSC2, MSC3, MSC4 the same Network and on the other stationary switching centers of the network PSTN / ISDN.

Furthermore, the radio access network BTS for access to the terminals z. B. A, B can be connected. The method according to the invention can also be used, for example, if the terminal A is assigned to the mobile switching center MSC1, as indicated in FIG. 1, while the terminal B is assigned to another mobile switching center MSC2, MSC3, MSC4 or the stationary network PSTN / ISDN.

In the embodiment of the invention shown in FIG. 1, detection devices M1; M2, Mn connected to a line connection group LTGm, so that their operation is controlled directly by the central control unit CCU. However, it is also possible for detection devices to be formed by conventional subscriber terminals (such as A, B). In any case, the recording devices behave like conventional subscriber terminals A, B with regard to the decryption. The recording devices therefore have the necessary circuitry components which, in cooperation with the assigned switching center, carry out the decryption procedures.

In the embodiment shown in FIG. 1, each recording device comprises a device STR (streamer) for recording useful information and / or signaling information. For example, voice signals and fax signals can be recorded. The actual detection of the communication connections is possible both in one direction, but also in both directions, both duplex and half-duplex.

Fig. 2 shows the usual in mobile communication networks and known register VLR (Visitor Location Register / Guest Participant Register), HLR (Home Location Register / Home Participant Register) and AC (Authentication Center / authorization center).

During each mobile switching center a register VLR and HLR the authorization register AC is provided centrally in the network and protected against unauthorized access. Terminal identifiers Data from new devices to be included in the system are stored in the Authorization register AC entered. This triggers the automatic generation of the HLR register. The generated data are transferred to the associated (home) exchange and entered there in the HLR register.

The data fields listed in the registers of FIG. 2 contain either permanent or non-permanent data. All data fields except for the data field M are standard in mobile communication networks, e.g. B. used according to the GSM standard and correspond essentially to the terminal-identifying data. These data are used, among other things, to establish a connection (SRN, PR, LM, BSC) and for encryption and decryption (RAND, SRES, KC, SECURITY BOXES). The data field "TELESERVICES" denotes special services of a subscriber.

The M data field provided according to the invention can consist of two bits have the following meaning:

00 = no detection
11 = Acquisition in both communication directions
01 = Detection of the direction of reception
10 = Detection of the send direction.

According to the M data field in the registers VLR, HLR and AC provided. However, it can also only be used in two or one of the cases mentioned registers are generated.

However, an entry in the M field should only be made via the authorization register AC, which ensures that only authorized Institutions / people capture communication connections can initiate.

The HLR and VLR registers are accessed each time a connection is established ( FIG. 1). If there is an entry 01, 10 or 11 in the M data field provided according to the invention, the control CCU of the switching center assigned to the respective terminal device causes a detection device M1,. . . is looped into the connection.

In mobile communication networks, the useful information (e.g. Voice signals) between the terminals involved in a connection A, B transmitted in encrypted form in a manner known per se. The encryption of the user data and their decryption is carried out by  Switching centers that are involved in the respective connection in Dialogue controlled with the respectively assigned end devices.

As described, according to the invention, a detection device (e.g. M1, FIG. 1) is looped into the connection when attempting to establish a connection from a predeterminable calling terminal (A) or when attempting to establish a connection to a predeterminable called terminal (B).

If the recording device has a recording device STR, signaling that characterizes the attempt to establish a connection information and / or in the context of an established connection between between the calling and the called terminal (A, B) User information decrypted and on the recording device STR recorded.

As shown in FIG. 3, the detection device can be connected to the network as a mobile communication subscriber terminal or as a subscriber line to the stationary network PSTN / ISDN, such as a conventional subscriber terminal (such as A (“cell phone”) or B). In this case, the switching center MSC1 ( FIG. 1) establishes a connection to the recording device that is comparable to a conference connection. Such a connection can be set up within the same network or also via more than one network (mobile communication network; PSTN / ISDN), on the basis of an address / dialing information stored in the relevant switching center causing the eavesdropping.

The terminal-identifying data, e.g. B. are stored in a switching center ( Fig. 1), according to the invention are supplemented by a further terminal-identifying date that can be entered in the data field "M".

Each exchange (MSC1) or the network is connected to one, the maximum expected acquisition volume corresponding number of acquisitions equipment including the STR equipment. These may for reasons of confidentiality under lock or key one / more place (s) are arranged.

Connection ports of a switching center, to each of which an acquisition device (M) can be connected to one or more exchanges connectable central switching network to be connected to this Coupling network one or more detection devices M1,. . . to turn on.

In a further advantageous embodiment of the invention, the described procedures also for participants of the stationary ISDN / PSTN expand. For this it is necessary to use the switching centers (V₁-V₂) Identify registers (AC, HLR, VLR) for storing the subscriber retrofit the data field (M data field) and the switching pro gram to add accordingly.

Claims (8)

1. A method for detecting communication connections, in particular in mobile communication networks, the user information to be transmitted being encrypted during the establishment of communication connections between terminals, the terminals being assigned to the same switching center or different switching centers, the different switching centers being different communication networks, in particular a mobile communication network and a fixed communications network can be assigned, wherein, in mobile communication networks, the encryption of the user data and the decryption vermitt is switching centers each controlled and wherein administered in mobile communication networks endgeräteidentifizierende data and exchanged switching centers between Vermitt depending on the respective local access of the terminals, characterized ,
that a recording device (M1,...) is provided, which is designed as a conventional terminal and / or has a device (STR) for recording useful information and / or signaling information,
that the detection device (M1,...) is looped into the connection when attempting to establish a connection from a predeterminable calling terminal (A) or when attempting to establish a connection to a predeterminable called terminal (B), and
that, insofar as the recording device (M1,...) has the device (STR), signaling information characterizing the connection establishment attempt and / or user information transmitted within the framework of a connection then established between the calling and the called terminal (A, B) is decrypted on the the recording device (M1,...) associated device (STR) are recorded. 2. The method according to claim 1, characterized in that the endge device identifying data by another device identifying device Date that can be added when connecting from or looping in of the acquisition to the corresponding terminal devices (M1,...) with the recording device (STR) activated. 3. The method according to claim 1 or 2, characterized in that the between the terminals (A, B) and the detection device (M1,...) Connection to be set up is designed as a multipoint connection. 4. The method according to claim 3, characterized in that the multi point connection within a network or over more than one network is built up. 5. Circuit arrangement for performing the method according to a of claims 1 to 4. 6. Circuit arrangement according to claim 5, characterized in that a control of an involved in the connection establishment direction is assigned a control program that the method defined according to claim 1 or 2. 7. Circuit arrangement according to one of claims 5 or 6, characterized characterized in that the detection device (M1,...) to a connection port of a switching center (MSC1,...; PSTN / ISDN) can be connected.   8. Circuit arrangement according to claim 7, characterized in that Connection ports, to each of which a detection device (M1,...) Connects cash, with one, several switching centers connectable zen central coupling network can be connected to which the detection devices (M1,...) are switched on.