DE4419040C1 - Communication connection detection system for global satellite mobile communications network - Google Patents

Abstract

The connection detection system uses a detection device (M,...), provided by a standard peripheral and/or a recording device (STR) for the transmitted information, inserted in the connection path when a call is placed from a specific subscriber (a), or placed to a specific subscriber (B). The encoded information transmitted along the established connection is decoded at the detection device and recorded when the subscriber identification data corresponds to subscriber identification data provided by an authentification centre register. Pref., the detection device is connected to the exchange handling the calls for the monitored subscriber.

Description

The invention relates to a method and a circuit arrangement according to the preamble of claim 1 or 2.

From Bergmann, Textbook of Telecommunications, Volume 1, 5th edition, Berlin 1986, pages 749 ff. Are already communication systems with Emergency call facilities known. An emergency call shown there System has a query switching matrix coupled to connecting elements on the output side via an interrogation device with a tape Connection device is connected. The well-known emergency call system is, if it does not have a switching facility, with a connected to another switching network, via which each workstation of the system call every other workplace via a special speech path and can talk to him. If the well-known emergency call system with a hand-operated switching device, it contains a switching matrix. The known system thus has more than a switching matrix. An encryption or decryption of transmitted User information is not provided.

It is already a communication system, especially an ISDN-capable one Telecommunication private branch exchange known, in which all within the first Connections between two user data exchanged in a storage device can be recorded. This is parallel to each of the first connection established a second connection. The  Storage device is connected to a subscriber line circuit. It is not intended that those produced within the scope of Telecommunication connections transmitted user data are encrypted.

To maintain the confidentiality of radio connections in GSM networks encryption methods are used that are so perfect that reading / listening are excluded in the prior art can (see Biala, Jacek: Cellular and Intelligent Networks, Friedr. Vieweg & Sohn, Verlagsgesellschaft mbH 1994, pp. 66-69, 146-149; 160, 188-194, 244-248, 305 and 305).

This per se positive performance of the GSM standards, i. H. the absolute However, maintaining privacy in GSM networks has the problem As a result, the criminal environment is beyond surveillance can.

CH 681 409 A5 is a circuit arrangement for voice monitoring Telephone calls between two or more microphone units known that can be connected to one another via a switching unit. For this there are special devices, namely an adder ADD or a conference facility KB provided to the exchange device can be connected. Encryption problems User data are not addressed here.

Based on this prior art, the invention is techni problem, a method and a circuit arrangement of the Specify the type mentioned above, which makes it particularly authorized Make a detection of communication connections in such a way secured networks is made possible.

This problem is solved with the features of the claims 1 or 2.

The invention is characterized by a number of advantages. The communication connection can initially be recorded any criteria. For example, Verbin can already Record attempts to build up a call from a calling device or also to a called terminal. In communication connection A detection device is already used when establishing a connection looped in. This is done without having to grind in the calling  or called terminal is recognizable. By grinding in already Establishing a connection ensures that the detection device with regard to the encryption and decryption procedures like a normal, calling or called end device is treated in accordance with the system.

The detection device can be according to an advantageous embodiment identical to a conventional terminal, in particular a mobile radio terminal ("Handy") be designed. This has the advantage that a Acquisition of selected communication connections regardless of location and without further ado, that means without manual switching measures of the User of the detection device is enabled. It continues just listening in or listening in and recording the transmitted information possible on a record carrier.

According to a further advantageous embodiment of the invention Detection device fixed to a switching center via a connection port connected. Several such exchanges are centralized Coupling network connectable, which is a central arrangement of a variety of detection devices.

Existing devices are only in their circuitry structure to change to a comparatively small extent; existing Software programs that control the circuitry com components can also be compared accordingly wise change to a small extent.

Further features and advantages result from the following Description of the invention.

It shows  

Fig. 1 is a switching center of a mobile communication network with several detection devices according to the invention, and

Fig. 2 shows a structure of terminal-identifying data that are formed according to the Invention.

The switching center MSC1 shown in FIG. 1 of a mobile communication network operating, for example, according to the GSM standard consists of a switching network SN with its control SGC, a central control device CCU with a central processor CP, line connection groups LTG with its control processors GP. A database HLR / VLR ( FIG. 2) is connected to the central control device, in which, among other things, terminal-identifying data are managed by terminals which are operated in the area of this switching center MSC1.

As in the prior art and also taken into account in FIG. 2, these terminal-identifying data include, among other things, the subscriber presence number SNR and the subscriber identification (personal number FR). According to the invention, these data are supplemented by further data which are described in connection with FIG. 2. The additional data make it possible to switch on a device for recording communication connections.

To the line connection groups LTG1-4, LTG5-8, LTGn-z are ver Connection lines connected to other exchanges. these are on the one hand mobile switching centers MSC2, MSC3, MSC4 the same Network and on the other stationary switching centers of the network PSTN / ISDN.  

Furthermore, the radio access network BTS for access to the terminals z. B. A, B can be connected. The method according to the invention can also be used, for example, if the terminal A is assigned to the mobile switching center MSC1, as indicated in FIG. 1, while the terminal B is assigned to another mobile switching center MSC2, MSC3, MSC4 or the stationary network PSTN / ISDN.

In the embodiment of the invention shown in FIG. 1, detection devices M1, M2, Mn are connected to a line connection group LTGm, so that their operation is controlled directly by the central control unit CCU. However, it is also possible for detection devices to be formed by conventional subscriber terminals (such as A, B). In any case, the recording devices behave like conventional subscriber terminals A, B with regard to the decryption. The recording devices therefore have the necessary circuitry components which, in cooperation with the assigned switching center, carry out the decryption procedures.

In the embodiment shown in FIG. 1, each recording device comprises a device STR (streamer) for recording useful information and / or signaling information. For example, voice signals and fax signals can be recorded. The actual detection of the communication connections is possible both in one direction, but also in both directions, both duplex and half-duplex.

Fig. 2 shows the usual in mobile communication networks and known register VLR (Visitor Location Register / Guest Participant Register), HLR (Home Location Register / Home Participant Register) and AC (Authentication Center / authorization center).

During each mobile switching center a register VLR and HLR the authorization register AC is provided centrally in the network and protected against unauthorized access. Terminal identifiers Data from new devices to be included in the system are stored in the Authorization register AC entered. This triggers the automatic generation of the HLR register. The generated data are transferred to the associated (home) exchange and entered there in the HLR register.

The data fields listed in the registers of FIG. 2 contain either permanent or non-permanent data. All data fields except for the data field M are standard in mobile communication networks, e.g. B. used according to the GSM standard and correspond essentially to the terminal-identifying data. These data are used, among other things, to establish a connection (SRN, PR, LM, BSC) and for encryption and decryption (RAND, SRES, KC, SECURITY BOXES). The data field "TELESERVICES" denotes special services of a subscriber.

The M data field provided according to the invention can consist of two bits have the following meaning:

00 = no detection
11 = Acquisition in both communication directions
01 = Detection of the direction of reception
10 = Detection of the send direction.

According to the M data field in the registers VLR, HLR and AC provided.  

An entry in the M field can only be made using the authorization supply register AC, which ensures that only authorized institutions / persons to record communication connections can cause.

The HLR and VLR registers are accessed each time a connection is established ( FIG. 1). If there is an entry 01 , 10 or 11 in the M data field provided according to the invention, the control CCU of the switching center assigned to the respective terminal device causes a detection device M1,. . . is looped into the connection.

In mobile communication networks, the useful information (e.g. Voice signals) - between the terminals involved in a connection A, B transmitted in encrypted form in a manner known per se. The encryption of the user data and their decryption is carried out by Switching centers that are involved in the respective connection in the Dialogue controlled with the respectively assigned end devices.

As described, according to the invention, a detection device (e.g. M1, FIG. 1) is looped into the connection when attempting to establish a connection from a predeterminable calling terminal (A) or when attempting to establish a connection to a predeterminable called terminal (B).

If the recording device has a recording device STR, signaling that characterizes the attempt to establish a connection information and / or in the context of an established connection between between the calling and the called terminal (A, B) User information decrypted and on the recording device STR recorded.  

The detection device can like a conventional subscriber terminal (such as A ("cell phone") or B) advises the network as a mobile communication subscriber or can also be connected as a subscriber line of the stationary network PSTN / ISDN. In this case, the switching center MSC1 ( FIG. 1) sets up a connection to the recording device that is comparable to a conference connection. Such a conference connection can be established within the same network or over more than one network (mobile communication network; PSTN / ISDN).

The terminal-identifying data, e.g. B. are stored in a switching center ( Fig. 1), according to the invention are supplemented by a further terminal-identifying date that can be entered in the data field "M".

Each switching center (MSC1) is assigned one, the maximum expected Acquisition volume corresponding number of acquisition devices finally equipped the facilities STR. These can be green that of secrecy under lock and key or on one or more Place (s) are arranged.

Connection ports of a switching center, to each of which an acquisition device (M) can be connected to one or more exchanges connectable central switching network to be connected to this Coupling network one or more detection devices M1,. . . to turn on.

Claims (5)

1. A method for detecting communication connections in a mobile communication network according to the GSM standard, the user information to be transmitted being encrypted during the establishment of communication connections between terminals, the terminals being assigned to the same switching center or different switching centers, the different switching centers being different Communication networks, in particular a mobile communication network and a stationary communication network, can be assigned, in a mobile communication network the encryption of the user data and their decryption is controlled by the switching center, and in a mobile communication network terminal-identifying data is managed and depending on the respective local access of the terminals between switching centers be exchanged, characterized,
that a recording device (M1,...) is provided, which is designed as a conventional terminal and / or has a device (STR) for recording useful information and / or signaling information,
that the detection device (M1,...) is looped into the connection when attempting to establish a connection from a predeterminable calling terminal (A) or when attempting to establish a connection to a predeterminable called terminal (B), and
that, insofar as the recording device (M1,...) has the device (STR), signaling information characterizing the connection establishment attempt and / or useful information transmitted within the framework of a connection then established between the calling and the called terminal (A, B) on the the recording device (M1,...) associated device (STR) are recorded, and
that the terminal-identifying data is supplemented by a further terminal-identifying date and the further date is entered in a register (AC) Authentication Center, the date when the connection from or to the corresponding terminal is looped in by the registration device (M1,...) activated. 2. Circuit arrangement for performing the method according to Claim 1. 3. Circuit arrangement according to claim 2, characterized in that a control of an involved in the connection establishment direction is assigned a control program that the method defined according to claim 1. 4. Circuit arrangement according to one of claims 2 or 3, characterized characterized in that the detection device (M1,...) to a connection port of a switching center (MSC1,...; PSTN / ISDN) can be connected.   5. Circuit arrangement according to claim 4, characterized in that Connection ports, to each of which a detection device (M1,...) Connects cash, with one, several switching centers connectable zen central coupling network can be connected to which the detection device (M1,...) is switched on.