US20160127420A1 - Lawful Interception for Proximity Service - Google Patents
Lawful Interception for Proximity Service Download PDFInfo
- Publication number
- US20160127420A1 US20160127420A1 US14/897,800 US201314897800A US2016127420A1 US 20160127420 A1 US20160127420 A1 US 20160127420A1 US 201314897800 A US201314897800 A US 201314897800A US 2016127420 A1 US2016127420 A1 US 2016127420A1
- Authority
- US
- United States
- Prior art keywords
- connection
- proximity service
- radio access
- access network
- devices
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
- H04L63/304—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting circuit switched data communications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/30—Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/155—Ground-based stations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
- H04L41/046—Network management architectures or arrangements comprising network management agents or mobile agents therefor
- H04L41/048—Network management architectures or arrangements comprising network management agents or mobile agents therefor mobile agents
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0281—Proxies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/22—Arrangements for supervision, monitoring or testing
- H04M3/2281—Call monitoring, e.g. for law enforcement purposes; Call tracing; Detection or prevention of malicious calls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/02—Services making use of location information
- H04W4/023—Services making use of location information using mutual or relative location information between multiple location based services [LBS] targets or of distance thresholds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W40/00—Communication routing or communication path finding
- H04W40/34—Modification of an existing route
-
- H04W76/043—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/20—Manipulation of established connections
- H04W76/23—Manipulation of direct-mode connections
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/005—Discovery of network devices, e.g. terminals
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M2207/00—Type of exchange or network, i.e. telephonic medium, in which the telephonic communication takes place
- H04M2207/18—Type of exchange or network, i.e. telephonic medium, in which the telephonic communication takes place wireless networks
Definitions
- the present invention relates to an apparatus, a method and a computer program product for enabling law interception for proximity service.
- Embodiments of the present invention relate to proximity services and lawful interception (LI) for 3GPP Rel-12 and beyond.
- L lawful interception
- one of ProSe requirements is to support regional or national regulatory requirements (e.g. lawful interception, PWS).
- the LI functionality is located in the core network.
- ProSe is promoting the network controlled discovery and communication between UEs that are in proximity to be able to use a “direct mode” or “locally-routed” path, which may not involve the core network (CN).
- the direct mode path is a direct connection between the two UEs without involving further network elements such as an eNB.
- the locally-routed path is an indirect connection between the two UEs via an eNB without involving CN.
- the connection of UEs by proximity service does note involve the core network. Therefore, the intercepted information may not be available to the core network LI entities.
- Embodiments of the present invention address this situation and to enable lawful interception also for devices using a direct connection such a proximity service connection.
- an apparatus comprising a processor and a memory for storing instructions to be executed by the processor, wherein the processor is configured to provide control in a radio access network, to perform control in relation to a connection for proximity service between at least two devices, to receive configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to report interception information with respect to the at least one device to be intercepted.
- a method comprising providing control in a radio access network, performing control in relation to a connection for proximity service between at least two devices, receiving configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and reporting interception information with respect to the at least one device to be intercepted.
- an apparatus comprising a processor and a memory for storing instructions to be executed by the processor, wherein the processor is configured to provide a connection to a radio access network, to receive interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- a method comprising providing a connection to a radio access network, and receiving interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- a system comprising a device-to-device registration server function and at least one radio access network control element, wherein the device-to-device registration server function is configured to perform control in relation to a connection for proximity service between at least two devices, to perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to configure the at least one radio access network control element to perform the lawful interception in relation to the proximity service; and the at least one radio access network control element is configured to perform control in relation to a connection for proximity service between the at least two devices, to receive configuration information from the device-to-device registration server function, and to report interception information with respect to the at least one device to be intercepted.
- a computer program product for a computer comprising software code portions for performing the above defined methods, when said product is run on the computer.
- the computer program product may comprise a computer-readable medium on which said software code portions are stored.
- the computer program product may be directly loadable into the internal memory of the computer and/or transmittable via a network by means of at least one of upload, download and push procedures.
- FIG. 1 shows an example of simplified structures of network elements involved according to an embodiment of the present invention
- FIGS. 2, 3 and 4 show examples of reference configurations for a ProSe lawful interception according to embodiments of the present invention.
- UMTS universal mobile telecommunications system
- UTRAN long term evolution
- LTE long term evolution
- WLAN wireless local area network
- WiFi worldwide interoperability for microwave access
- Bluetooth® personal communications services
- PCS personal communications services
- WCDMA wideband code division multiple access
- UWB ultra-wideband
- sensor networks sensor networks
- MANETs mobile ad-hoc networks
- IMS Internet Protocol multimedia subsystems
- B4G 4 th generation
- a network element may be a computing equivalent device that gathers programmable resources based on virtualization technologies.
- FIG. 1 shows several elements involved in the procedures according to embodiments of the present invention.
- Examples are for an apparatuses in which procedures according to embodiments of the invention can be applied are a DRSF 1 and an eNB 2 .
- the DRSF 1 is responsible for registration, authentication and identifying of D2D users and management of D2D sessions including the mobility management and radio resource management, which may be a standalone element (unit, module) or may be implemented in another network element (unit, module) such as a MME or eNB, for example.
- the apparatuses may also only be parts of the corresponding network elements (e.g., DRSF and eNB).
- the DRSF may be located in a server, host or corresponding unit or element.
- the DRSF is located in the MME.
- an S-GW/PDN-GW 5 as an example for an apparatus providing a gateway function for the radio access network is connected to the eNB 2 and the DRSF 1 .
- the DRSF 1 comprises a processor 11 and a memory 12 for storing instructions to be executed by the processor, and may also comprise a connection unit 13 , which is configured to provide connection to a network.
- the eNB 2 or the corresponding apparatus, comprises a processor 21 and a memory 22 for storing instructions to be executed by the processor, and may also comprise a connection unit 23 , which is configured to provide connection to a network, for example to a radio access network (RAN), via which devices such as UEs 3 and 4 may be connected.
- the S-GW/PDN-GW 5 comprises a processor 51 and a memory 52 for storing instructions to be executed by the processor, and may also comprise a connection unit 53 , which is configured to provide connection to other network elements.
- the memories as described above may be internal or external or it may be provided as a service via network. Further, the memory may include volatile and/or non-volatile memory.
- the memory may store computer program code and/or operating systems, information, data, content or the like for the processor to perform operations according to embodiments.
- the memory may comprise one or more memory units, each of them may be a random access memory, hard drive, etc.
- the memory (units) may be at least partly removable and/or detachably operationally coupled to the apparatus.
- the memory may be of any type suitable for the current technical environment and it may be implemented using any suitable data storage technology, such as semiconductor-based technology, flash memory, magnetic and/or optical memory devices.
- connection for proximity service which may either be an indirect connection via the eNB 2 without involving the core network or a direct connection without involving the eNB 2 .
- the processor (one or more units, modules, entities, microprocessors, such as single-chip computer element(s), or chipset(s)) 11 of the DRSF 1 is configured to perform control in relation to a connection for proximity service between at least two devices (e.g., the UEs 3 and 4 ), to perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted (e.g., the UE 3 or 4 ) of the at least two devices, and to configure at least one radio access network control element (e.g., eNB 2 ) to perform the lawful interception in relation to the proximity service.
- a radio access network control element e.g., eNB 2
- the processor (one or more units, modules, entities, microprocessors, such as single-chip computer element(s), or chipset(s)) 21 of the eNB 2 is configured to provide control in a radio access network, perform control in relation to a connection for proximity service between at least two devices (e.g., the UEs 3 and 4 ), to receive configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to report interception information with respect to the at least one device to be intercepted.
- the processor (one or more units, modules, entities, microprocessors, such as single-chip computer element(s), or chipset(s)) 51 of the S-GW/PDN-GW 5 is configured to provide a connection to a radio access network, to receive interception information intercepted by lawful interception with respect to at least one device (e.g., UE 3 or UE 4 ) to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- the processor 11 of the DRSF 1 may instruct the eNB 2 to carry out lawful interception with respect to one or both of the UEs 3 and 4 , and the DRSF may report the interception information to a corresponding entity such as a LEMF.
- the DRSF may only be involved in configuring eNB for LI, so that the report from the eNB 2 goes to MME (for IRI) and S/PDN-GW 5 (for CC) directly without involving of DRSF.
- the eNB 2 may change the direct connection between the two UEs 3 and 4 to an indirect connection, so that the connection extends via the eNB 2 .
- lawful interception is enabled also in the RAN, and therefore also possible for proximity service connections.
- LI functionalities are extended from CN to RAN so that proximity services (including D2D discovery and D2D communication either directly between at least two devices or locally routed through eNB) can be kept for LI targeted UE.
- LI functional architecture is extended to cover ProSe related key EPS nodes (i.e. DRSF and eNB) in order to allow the intercept related information (IRI)/events and as well the content of communication (CC) for ProSe to be available.
- IRI intercept related information
- CC content of communication
- the DRSF Upon LI configuration (e.g. activation, deactivation and interrogation of LI) received by MME or S-/PDN-GW, the DRSF is informed for the LI configuration of the targeted UE in which the information of target identifier and LI related information (e.g. whether CC should be provided) is included.
- the target identifier may be indicated explicitly in the form e.g. S-TMSI or D2D_ID or implicitly by the signalling transport bearer identifier.
- ProSe related events may be introduced: UE requested proximity services including D2D discovery and D2D communication, D2D bearer activation/modification/deactivation, successful D2D discovery etc. They may be introduced by the new events which may be applicable to DRSF/eNB or be extended from current available events. For instance, for UEs in connected state, D2D bearer activation/modification/deactivation events may be provided by enhancing the current bearer activation/modification/deactivation events with additional D2D bearer related information. To achieve successful D2D discovery information, DRSF/eNB may be an applicable LI entity if D2D discovery procedure requires the network involvement for e.g. identifying the UE. However, if D2D discovery is fully based on pre-configured parameters without network involvement, UE may be configured to report such event in background manner so that each discovery behaviour of the targeted UE can be intercepted.
- the activation of LI CC may trigger the mode switching from direct D2D mode to the locally routed data path mode so that the eNB may be able to duplicate the data packets transmitted between D2D UEs. That is, in this case the eNB is configured to change the direct connection of the DSD UEs to an indirect connection via the eNB.
- the activation of LI CC may also trigger the change of user plane security keys which are adopted in direct D2D mode (i.e., the direct connection between the D2D UEs) and locally routed data path mode (i.e., the indirect connection between the D2D UEs via the eNB) respectively in case security keys for direct mode and locally routed optimized path mode are different.
- direct D2D mode i.e., the direct connection between the D2D UEs
- locally routed data path mode i.e., the indirect connection between the D2D UEs via the eNB
- the activation/deactivation of LI CC may also trigger the establishment/release of the user plane transport bearer from eNB to S-/PDN-GW for provision of CC, which can be regarded as a new trigger for user plane transport bearer management over S1-U interface.
- the establishment/release of the user plane transport bearer from eNB to S-/PDN-GW may be triggered when ProSe communication starts/ends.
- the established transport bearer may be used by the eNB to transmit the duplicated data packets to S-/PDN-GW for providing the intercepted CC.
- FIGS. 2 and 3 One possible reference configuration for ProSe interception is shown in FIGS. 2 and 3 , in which DRSF is assumed to be located in MME.
- a LEMF which receives intercepted information, such as IRI and CC, and which instruct network elements to perform Lawful Interception.
- a ADMF is connected, by means of a mediation function, via an interface HI 1 to the LEMF.
- a delivery function 2 is connected, by means of a mediation function, via an interface HI2 to the LEMF.
- the delivery function 2 may be connected with the ADMF via an interface X1_2.
- the MME which includes the DRSF (e.g., DRSF 1 shown in FIG. 1 ) is connected to the ADMF and the delivery function 2 via interfaces X1_1 and X2, respectively. Since the DRSF is assumed to be located in the MME, the interface between DRSF and eNB (e.g., eNB 2 shown in FIG. 1 ) is S1 control plane (S1-C) interface.
- S1-C S1 control plane
- FIG. 2 shows the case in which Lawful Interception is only performed by providing IRI, so that the eNB is involved for reporting IRI, which in this case may include the ProSe related events described above.
- reporting is performed in this case via the S1-C interface to the MME which also accommodate the DRSF functions.
- a further delivery function namely delivery function 3 is connected by means of a mediation function, via interface HI3 to the LEMF.
- the delivery function 3 may be connected to the ADMF via interface X1_3.
- the S-GW/PDN-GW (e.g., S-GW/PDN-GW 5 shown in FIG. 1 ) is connected to the ADMF, the delivery function 2 and the delivery function via interfaces X1_1, X2 and X3, respectively.
- the S-GW/PDN-GW is connected to the DRSF (which is included in the MME) via interface S11, and with an eNB (e.g. eNB 2 shown in FIG. 2 ) via interface S1-U.
- FIG. 3 shows an example of the case in which Lawful Interception is also carried out by reporting CC.
- the eNB reports IRI to the MME with DRSF co-located via the S1-C interface similar as shown in FIG. 2 , but also via the S1-U interface to the core network, i.e., to the S-GW/PDN-GW.
- the proposed enhancement according to embodiments of the present invention may be implemented by introducing new procedures or information elements over S1 and S11 interfaces.
- An advantage of the solution according to embodiments of the present invention is that LI can be supported for both discovery and communication, without switching back to infrastructure path mode which may lose the benefits of ProSe communication. Meanwhile, with such proposal, it is possible to make the user unaware of the LI happening for the ProSe.
- the DRSF is located in the MME.
- the DRSF may be a standalone network element and the proposed enhancement may be an implementation over the interface between MME and DRSF and the interface between DRSF and eNB.
- FIG. 4 is similar to FIG. 2 except that the DRSF is a standalone network element (or is located in another suitable network element other than the MME or eNB).
- the DRSF configures the eNB to report IRI, for example, and the eNB reports IRI via the interface S1-C directly to the MME, without involving the DRSF.
- a general example for the MME may be an apparatus which may have a similar structure as the DRSF 1 or the S-GW/PDN-GW 5 shown in in FIG. 1 . That is, such an apparatus comprises a processor and a memory for storing instructions to be executed by the processor.
- the processor is configured to provide a connection to a radio access network, to perform a mobility management function, to receive interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- the processor may further be configured to receive interception information (e.g., IRI) from a device-to-device registration server function (e.g., the DRSF 1 shown in FIG. 1 ), wherein the interception information may comprise events related to the connection for proximity service.
- interception information e.g., IRI
- a device-to-device registration server function e.g., the DRSF 1 shown in FIG. 1
- the interception information may comprise events related to the connection for proximity service.
- the eNB reports IRI via the DRSF, i.e., not directly to the MME.
- DRSF co-located with MME and IRI reported to MME&DRSF by eNB ii) DRSF is standalone element, IRI reported to MME via DRSF iii) DRSF is standalone element, IRI reported to MME without involving of DRSF.
- a further alternative is that the DRSF is co-located in eNB. In this case, reporting of IRI to MME via eNB or DRSF is possible.
- D2D device-to-device
- M2M machine-to-machine
- T2T terminal-to-terminal
- P2P peer-to-peer
- an apparatus which comprises
- an apparatus which comprises
- an apparatus which comprises
Abstract
Apparatuses and methods are described, which perform control in relation to a connection for proximity service between at least two devices, perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and configure at least one radio access network control element to perform the lawful interception in relation to the proximity service.
Description
- The present invention relates to an apparatus, a method and a computer program product for enabling law interception for proximity service.
- The following meanings for the abbreviations used in this specification apply:
- ADMF Administration Function
- CC Content of Communication
- CN Core Network
- D2D device-to-device
- DRSF D2D Registration Server Function
- eNB Enhanced NodeB
- EPS Evolved Packet System
- IRI Interception Related Information
- LEMF Law Enforcement Monitoring Facility
- LI Lawful Interception
- M2M machine-to-machine
- MME Mobility Management Entity
- P2P peer-to-peer
- PDN-GW Packet Data Network Gateway
- ProSe Proximity Service
- PWS Public Warning System
- RAN Radio Access Network
- S-GW Serving Gateway
- T2T terminal-to-terminal
- UE user equipment
- Embodiments of the present invention relate to proximity services and lawful interception (LI) for 3GPP Rel-12 and beyond. According to 3GPP TR 22.803, one of ProSe requirements is to support regional or national regulatory requirements (e.g. lawful interception, PWS).
- Presently, the LI functionality is located in the core network. However, ProSe is promoting the network controlled discovery and communication between UEs that are in proximity to be able to use a “direct mode” or “locally-routed” path, which may not involve the core network (CN). Namely, the direct mode path is a direct connection between the two UEs without involving further network elements such as an eNB. The locally-routed path is an indirect connection between the two UEs via an eNB without involving CN.
- Thus, the connection of UEs by proximity service does note involve the core network. Therefore, the intercepted information may not be available to the core network LI entities.
- One option was discussed in document “LS on Proximity Services and Lawful Interception from SA3-LI to SA1,2,3” (SA3LI13 _033r1, 3GPP TSG-SA3-LI Meeting #48, Dublin, Ireland, 5-7 Feb. 2013) and document “Solution for direct discovery and communication using E-UTRAN” (S2-130308, SA WG2 Meeting #95, Prague, Czech Republic, 28 Jan.-1 Feb. 2013) to disable ProSe capabilities for UEs under surveillance or move the communication for the UE under surveillance from ProSe communication mode to infrastructure mode. That is, the ProSe communication is disabled for these UEs, so that the communication is performed via the core network, so that LI in the core network is possible. However, as indicated in the document “LS on Proximity Services and Lawful Interception from SA3-LI to SA1,2,3” mentioned above, detectability issues need to be considered for this option as LI should be done in non-detectable manner. In addition, moving ProSe communication to infrastructure mode may degrade the communication performance (e.g. delay and perhaps also throughput), which may not be favorable by the end user and this also means the benefits of ProSe communication may not be achieved as EPC, e.g., P-GW or S-GW is involved in the ProSe communication user plane data transportation.
- Thus, there is a need to improve lawful interception in a case in which UEs use proximity service connections.
- Embodiments of the present invention address this situation and to enable lawful interception also for devices using a direct connection such a proximity service connection.
- According to a first aspect of the present invention.
- According to an example of an embodiment, there is provided an apparatus comprising a processor and a memory for storing instructions to be executed by the processor, wherein the processor is configured to perform control in relation to a connection for proximity service between at least two devices, to perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to configure at least one radio access network control element to perform the lawful interception in relation to the proximity service.
- Furthermore, according to an example of an embodiment, there is provided a method comprising: performing control in relation to a connection for proximity service between at least two devices, performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and configuring at least one radio access network control element to perform the lawful interception in relation to the proximity service.
- In addition, according to an example of an embodiment, there is provided an apparatus comprising a processor and a memory for storing instructions to be executed by the processor, wherein the processor is configured to provide control in a radio access network, to perform control in relation to a connection for proximity service between at least two devices, to receive configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to report interception information with respect to the at least one device to be intercepted.
- Furthermore, according to an example of an embodiment, there is provided a method comprising providing control in a radio access network, performing control in relation to a connection for proximity service between at least two devices, receiving configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and reporting interception information with respect to the at least one device to be intercepted.
- In addition, according to an example of an embodiment, there is provided an apparatus comprising a processor and a memory for storing instructions to be executed by the processor, wherein the processor is configured to provide a connection to a radio access network, to receive interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- Moreover, according to an example of an embodiment, there is provided a method comprising providing a connection to a radio access network, and receiving interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- In addition, according to an example of an embodiment, there is provided a system comprising a device-to-device registration server function and at least one radio access network control element, wherein the device-to-device registration server function is configured to perform control in relation to a connection for proximity service between at least two devices, to perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to configure the at least one radio access network control element to perform the lawful interception in relation to the proximity service; and the at least one radio access network control element is configured to perform control in relation to a connection for proximity service between the at least two devices, to receive configuration information from the device-to-device registration server function, and to report interception information with respect to the at least one device to be intercepted.
- The above described examples of embodiments may be modified as defined in the dependent claims.
- In addition, according to embodiments, there is provided, for example, a computer program product for a computer, comprising software code portions for performing the above defined methods, when said product is run on the computer. The computer program product may comprise a computer-readable medium on which said software code portions are stored. Furthermore, the computer program product may be directly loadable into the internal memory of the computer and/or transmittable via a network by means of at least one of upload, download and push procedures.
- These and other objects, features, details and advantages will become more fully apparent from the following detailed description of embodiments of the present invention which is to be taken in conjunction with the appended drawings, in which:
-
FIG. 1 shows an example of simplified structures of network elements involved according to an embodiment of the present invention, -
FIGS. 2, 3 and 4 show examples of reference configurations for a ProSe lawful interception according to embodiments of the present invention. - In the following, description will be made to embodiments of the present invention. It is to be understood, however, that the description is given by way of example only, and that the described embodiments are by no means to be understood as limiting the present invention thereto.
- Furthermore, words “comprising” and “including” should be understood as not limiting the described embodiments to consist of only those features that have been mentioned and such embodiments may also contain also features, structures, units, modules etc. that have not been specifically mentioned.
- In the following, different exemplifying embodiments will be described using, as an example of an access architecture to which the embodiments may be applied, a radio access architecture based on long term evolution advanced (LTE Advanced, LTE-A), without restricting the embodiments to such an architecture, however. It is obvious for a person skilled in the art that the embodiments may also be applied to other kinds of communications networks having suitable means by adjusting parameters and procedures appropriately. Some examples of other options for suitable systems are the universal mobile telecommunications system (UMTS) radio access network (UTRAN or E-UTRAN), long term evolution (LTE, the same as E-UTRA), wireless local area network (WLAN or WiFi), worldwide interoperability for microwave access (WiMAX), Bluetooth®, personal communications services (PCS), ZigBee®, wideband code division multiple access (WCDMA), systems using ultra-wideband (UWB) technology, sensor networks, mobile ad-hoc networks (MANETs) and Internet Protocol multimedia subsystems (IMS) and beyond 4th generation (B4G) or 5G.
- It should be appreciated that communication systems and apparatuses thereof will be integrated towards an infrastructure (more and more) based on undedicated and programmable hardware providing needed functionalities. A network element may be a computing equivalent device that gathers programmable resources based on virtualization technologies.
- In the following, a general embodiment of the present invention is described by referring to
FIG. 1 . In particular,FIG. 1 shows several elements involved in the procedures according to embodiments of the present invention. Examples are for an apparatuses in which procedures according to embodiments of the invention can be applied are aDRSF 1 and aneNB 2. TheDRSF 1 is responsible for registration, authentication and identifying of D2D users and management of D2D sessions including the mobility management and radio resource management, which may be a standalone element (unit, module) or may be implemented in another network element (unit, module) such as a MME or eNB, for example. The apparatuses may also only be parts of the corresponding network elements (e.g., DRSF and eNB). The DRSF may be located in a server, host or corresponding unit or element. - In the example of
FIG. 1 , it is assumed that the DRSF is located in the MME. Moreover, an S-GW/PDN-GW 5 as an example for an apparatus providing a gateway function for the radio access network is connected to theeNB 2 and theDRSF 1. - The
DRSF 1, or the corresponding apparatus, comprises aprocessor 11 and amemory 12 for storing instructions to be executed by the processor, and may also comprise aconnection unit 13, which is configured to provide connection to a network. Likewise, theeNB 2, or the corresponding apparatus, comprises aprocessor 21 and amemory 22 for storing instructions to be executed by the processor, and may also comprise aconnection unit 23, which is configured to provide connection to a network, for example to a radio access network (RAN), via which devices such asUEs GW 5, or the corresponding apparatus, comprises aprocessor 51 and a memory 52 for storing instructions to be executed by the processor, and may also comprise aconnection unit 53, which is configured to provide connection to other network elements. - It should be understood that the memories as described above may be internal or external or it may be provided as a service via network. Further, the memory may include volatile and/or non-volatile memory. The memory may store computer program code and/or operating systems, information, data, content or the like for the processor to perform operations according to embodiments. The memory may comprise one or more memory units, each of them may be a random access memory, hard drive, etc. The memory (units) may be at least partly removable and/or detachably operationally coupled to the apparatus. The memory may be of any type suitable for the current technical environment and it may be implemented using any suitable data storage technology, such as semiconductor-based technology, flash memory, magnetic and/or optical memory devices.
- In the example of
FIG. 1 it is assumed that theUEs eNB 2 without involving the core network or a direct connection without involving theeNB 2. - The processor (one or more units, modules, entities, microprocessors, such as single-chip computer element(s), or chipset(s)) 11 of the
DRSF 1 is configured to perform control in relation to a connection for proximity service between at least two devices (e.g., theUEs 3 and 4), to perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted (e.g., theUE 3 or 4) of the at least two devices, and to configure at least one radio access network control element (e.g., eNB 2) to perform the lawful interception in relation to the proximity service. - The processor (one or more units, modules, entities, microprocessors, such as single-chip computer element(s), or chipset(s)) 21 of the
eNB 2 is configured to provide control in a radio access network, perform control in relation to a connection for proximity service between at least two devices (e.g., theUEs 3 and 4), to receive configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and to report interception information with respect to the at least one device to be intercepted. - The processor (one or more units, modules, entities, microprocessors, such as single-chip computer element(s), or chipset(s)) 51 of the S-GW/PDN-
GW 5 is configured to provide a connection to a radio access network, to receive interception information intercepted by lawful interception with respect to at least one device (e.g.,UE 3 or UE 4) to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network. - Thus, in case of the DRSF, the
processor 11 of theDRSF 1 may instruct theeNB 2 to carry out lawful interception with respect to one or both of theUEs - Alternatively, the DRSF may only be involved in configuring eNB for LI, so that the report from the
eNB 2 goes to MME (for IRI) and S/PDN-GW 5 (for CC) directly without involving of DRSF. - In case of an indirect connection of the two
UEs eNB 2. However, in case of a direct connection, it would at least be difficult to obtain communication content information. Therefore, according to an embodiment, theeNB 2 may change the direct connection between the twoUEs eNB 2. - Hence, according to embodiments of the present invention, lawful interception is enabled also in the RAN, and therefore also possible for proximity service connections.
- In the following, a more detailed embodiment of the present invention is described as a clarifying example.
- As mentioned above, according to embodiments of the invention, LI functionalities are extended from CN to RAN so that proximity services (including D2D discovery and D2D communication either directly between at least two devices or locally routed through eNB) can be kept for LI targeted UE. In particular, LI functional architecture is extended to cover ProSe related key EPS nodes (i.e. DRSF and eNB) in order to allow the intercept related information (IRI)/events and as well the content of communication (CC) for ProSe to be available. The possible reference configuration for ProSe interception is illustrated in
FIGS. 2 and 3 as an implementation example, which are described later. To support ProSe interception, the following enhancements are proposed: - Upon LI configuration (e.g. activation, deactivation and interrogation of LI) received by MME or S-/PDN-GW, the DRSF is informed for the LI configuration of the targeted UE in which the information of target identifier and LI related information (e.g. whether CC should be provided) is included. The target identifier may be indicated explicitly in the form e.g. S-TMSI or D2D_ID or implicitly by the signalling transport bearer identifier.
- For provision of IRI for ProSe, the following ProSe related events may be introduced: UE requested proximity services including D2D discovery and D2D communication, D2D bearer activation/modification/deactivation, successful D2D discovery etc. They may be introduced by the new events which may be applicable to DRSF/eNB or be extended from current available events. For instance, for UEs in connected state, D2D bearer activation/modification/deactivation events may be provided by enhancing the current bearer activation/modification/deactivation events with additional D2D bearer related information. To achieve successful D2D discovery information, DRSF/eNB may be an applicable LI entity if D2D discovery procedure requires the network involvement for e.g. identifying the UE. However, if D2D discovery is fully based on pre-configured parameters without network involvement, UE may be configured to report such event in background manner so that each discovery behaviour of the targeted UE can be intercepted.
- For provision of CC for ProSe, the activation of LI CC may trigger the mode switching from direct D2D mode to the locally routed data path mode so that the eNB may be able to duplicate the data packets transmitted between D2D UEs. That is, in this case the eNB is configured to change the direct connection of the DSD UEs to an indirect connection via the eNB.
- The activation of LI CC may also trigger the change of user plane security keys which are adopted in direct D2D mode (i.e., the direct connection between the D2D UEs) and locally routed data path mode (i.e., the indirect connection between the D2D UEs via the eNB) respectively in case security keys for direct mode and locally routed optimized path mode are different.
- In addition, the activation/deactivation of LI CC may also trigger the establishment/release of the user plane transport bearer from eNB to S-/PDN-GW for provision of CC, which can be regarded as a new trigger for user plane transport bearer management over S1-U interface.
- Alternatively, as another option, the establishment/release of the user plane transport bearer from eNB to S-/PDN-GW may be triggered when ProSe communication starts/ends. Thus the established transport bearer may be used by the eNB to transmit the duplicated data packets to S-/PDN-GW for providing the intercepted CC.
- One possible reference configuration for ProSe interception is shown in
FIGS. 2 and 3 , in which DRSF is assumed to be located in MME. - As shown in
FIGS. 2 and 3 , a LEMF is provided which receives intercepted information, such as IRI and CC, and which instruct network elements to perform Lawful Interception. A ADMF is connected, by means of a mediation function, via an interface HI1 to the LEMF. Adelivery function 2 is connected, by means of a mediation function, via an interface HI2 to the LEMF. Thedelivery function 2 may be connected with the ADMF via an interface X1_2. - In the example according to
FIG. 2 , the MME, which includes the DRSF (e.g.,DRSF 1 shown inFIG. 1 ) is connected to the ADMF and thedelivery function 2 via interfaces X1_1 and X2, respectively. Since the DRSF is assumed to be located in the MME, the interface between DRSF and eNB (e.g.,eNB 2 shown inFIG. 1 ) is S1 control plane (S1-C) interface. - In more detail, the example of
FIG. 2 shows the case in which Lawful Interception is only performed by providing IRI, so that the eNB is involved for reporting IRI, which in this case may include the ProSe related events described above. Hence, reporting is performed in this case via the S1-C interface to the MME which also accommodate the DRSF functions. - In the example of
FIG. 3 , a further delivery function, namelydelivery function 3 is connected by means of a mediation function, via interface HI3 to the LEMF. Thedelivery function 3 may be connected to the ADMF via interface X1_3. - In the example of
FIG. 3 , the S-GW/PDN-GW (e.g., S-GW/PDN-GW 5 shown inFIG. 1 ) is connected to the ADMF, thedelivery function 2 and the delivery function via interfaces X1_1, X2 and X3, respectively. The S-GW/PDN-GW is connected to the DRSF (which is included in the MME) via interface S11, and with an eNB (e.g. eNB 2 shown inFIG. 2 ) via interface S1-U. - Thus,
FIG. 3 shows an example of the case in which Lawful Interception is also carried out by reporting CC. In this case, the eNB reports IRI to the MME with DRSF co-located via the S1-C interface similar as shown inFIG. 2 , but also via the S1-U interface to the core network, i.e., to the S-GW/PDN-GW. - Hence, the proposed enhancement according to embodiments of the present invention may be implemented by introducing new procedures or information elements over S1 and S11 interfaces.
- An advantage of the solution according to embodiments of the present invention is that LI can be supported for both discovery and communication, without switching back to infrastructure path mode which may lose the benefits of ProSe communication. Meanwhile, with such proposal, it is possible to make the user unaware of the LI happening for the ProSe.
- It is noted that the embodiments and the present invention in general is not limited to the specific examples given above.
- For example, with respect to
FIGS. 2 and 3 it was described that the DRSF is located in the MME. However, the invention is not limited to such network architecture. The DRSF may be a standalone network element and the proposed enhancement may be an implementation over the interface between MME and DRSF and the interface between DRSF and eNB. - Such an example is shown in
FIG. 4 , which is similar toFIG. 2 except that the DRSF is a standalone network element (or is located in another suitable network element other than the MME or eNB). In this case, the DRSF configures the eNB to report IRI, for example, and the eNB reports IRI via the interface S1-C directly to the MME, without involving the DRSF. - In this case, a general example for the MME may be an apparatus which may have a similar structure as the
DRSF 1 or the S-GW/PDN-GW 5 shown in inFIG. 1 . That is, such an apparatus comprises a processor and a memory for storing instructions to be executed by the processor. The processor is configured to provide a connection to a radio access network, to perform a mobility management function, to receive interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network. The processor may further be configured to receive interception information (e.g., IRI) from a device-to-device registration server function (e.g., theDRSF 1 shown inFIG. 1 ), wherein the interception information may comprise events related to the connection for proximity service. - Further alternatively, it is also possible that, when the DRSF is a standalone network element, the eNB reports IRI via the DRSF, i.e., not directly to the MME.
- Thus, there are three alternatives: i) DRSF co-located with MME and IRI reported to MME&DRSF by eNB, ii) DRSF is standalone element, IRI reported to MME via DRSF iii) DRSF is standalone element, IRI reported to MME without involving of DRSF.
- A further alternative is that the DRSF is co-located in eNB. In this case, reporting of IRI to MME via eNB or DRSF is possible.
- Moreover, the embodiments described above were described by referring to device-to-device (D2D) communications. However, the invention is not limited to this concept, and can equally be applied to machine-to-machine (M2M) communications, terminal-to-terminal (T2T) communications, peer-to-peer (P2P) communications, or the like.
- According to another example of an embodiment, an apparatus is provided which comprises
-
- means for performing control in relation to a connection for proximity service between at least two devices,
- means for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and
- means for configuring at least one radio access network control element to perform the lawful interception in relation to the proximity service.
- In addition, according to a further example of an embodiment, an apparatus is provided which comprises
-
- means for providing control in a radio access network,
- means for performing control in relation to a connection for proximity service between at least two devices,
- means for receiving configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and
- means for reporting interception information with respect to the at least one device to be intercepted.
- According to still further example of an embodiment, an apparatus is provided which comprises
-
- means for providing a connection to a radio access network, and
- means for receiving interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
- It is to be understood that any of the above modifications can be applied singly or in combination to the respective aspects and/or embodiments to which they refer, unless they are explicitly stated as excluding alternatives.
- It should be appreciated that
-
- an access technology via which signaling is transferred to and from a network element may be any suitable present or future technology, such as WLAN (Wireless Local Access Network), WiMAX (Worldwide Interoperability for Microwave Access), LTE, LTE-A, Bluetooth, Infrared, and the like may be used; Additionally, embodiments may also apply wired technologies, e.g. IP based access technologies like cable networks or fixed lines.—a user device (also called UE, user equipment, user terminal, terminal device, etc.) illustrates one type of an apparatus to which resources on the air interface may be allocated and assigned, and thus any feature described herein with a user device may be implemented with a corresponding apparatus, such as a relay node. An example of such a relay node is a
layer 3 relay (self-backhauling relay) towards the base station or eNB. The user device typically refers to a portable computing device that includes wireless mobile communication devices operating with or without a subscriber identification module (SIM), including, but not limited to, the following types of devices: a mobile station (mobile phone), smartphone, personal digital assistant (PDA), handset, device using a wireless modem (alarm or measurement device, etc.), laptop and/or touch screen computer, tablet, game console, notebook, and multimedia device. It should be appreciated that a user device may also be a nearly exclusive uplink only device, of which an example is a camera or video camera loading images or video clips to a network. It should be appreciated that a device may be regarded as an apparatus or as an assembly of more than one apparatus, whether functionally in cooperation with each other or functionally independently of each other but in a same device housing. - embodiments suitable to be implemented as software code or portions of it and being run using a processor are software code independent and can be specified using any known or future developed programming language, such as a high-level programming language, such as objective-C, C, C++, C#, Java, etc., or a low-level programming language, such as a machine language, or an assembler, -implementation of embodiments, is hardware independent and may be implemented using any known or future developed hardware technology or any hybrids of these, such as a microprocessor or CPU (Central Processing Unit), MOS (Metal Oxide Semiconductor), CMOS (Complementary MOS), BiMOS (Bipolar MOS), BiCMOS (Bipolar CMOS), ECL (Emitter Coupled Logic), and/or TTL (Transistor-Transistor Logic).
- embodiments may be implemented as individual devices, apparatuses, units or means or in a distributed fashion, for example, one or more processors may be used or shared in the processing, or one or more processing sections or processing portions may be used and shared in the processing, wherein one physical processor or more than one physical processor may be used for implementing one or more processing portions dedicated to specific processing as described,
- an apparatus may be implemented by a semiconductor chip, a chipset, or a (hardware) module comprising such chip or chipset;
- embodiments may also be implemented as any combination of hardware and software, such as ASIC (Application Specific IC (Integrated Circuit)) components, FPGA (Field-programmable Gate Arrays) or CPLD (Complex Programmable Logic Device) components or DSP (Digital Signal Processor) components.
- embodiments may also be implemented as computer program products, comprising a computer usable medium having a computer readable program code embodied therein, the computer readable program code adapted to execute a process as described in embodiments, wherein the computer usable medium may be a non-transitory medium. Computer program products, also called programs or computer programs, including software routines, applets and macros, may be stored in any apparatus-readable data storage medium and they comprise program instructions to perform one or more particular tasks. A computer program product may comprise one or more computer-executable components which, when the program is run, are configured to carry out embodiments. The one or more computer-executable components may be at least one software code or portions of it.
- an access technology via which signaling is transferred to and from a network element may be any suitable present or future technology, such as WLAN (Wireless Local Access Network), WiMAX (Worldwide Interoperability for Microwave Access), LTE, LTE-A, Bluetooth, Infrared, and the like may be used; Additionally, embodiments may also apply wired technologies, e.g. IP based access technologies like cable networks or fixed lines.—a user device (also called UE, user equipment, user terminal, terminal device, etc.) illustrates one type of an apparatus to which resources on the air interface may be allocated and assigned, and thus any feature described herein with a user device may be implemented with a corresponding apparatus, such as a relay node. An example of such a relay node is a
- It is noted that the embodiments and examples described above are provided for illustrative purposes only and are in no way intended that the present invention is restricted thereto. Rather, it is the intention that all variations and modifications be included which fall within the spirit and scope of the appended claims.
Claims (43)
1. An apparatus comprising
a processor and
a memory for storing instructions to be executed by the processor, wherein the processor is configured
to perform control in relation to a connection for proximity service between at least two devices,
to perform lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and
to configure at least one radio access network control element to perform the lawful interception in relation to the proximity service.
2.-5. (canceled)
6. The apparatus according to claim 1 , wherein
the interception information to be reported comprises communication content information, and the connection for proximity service between the at least two devices is an indirect connection via the at least one radio access network control element, and
the processor is configured to instruct the at least one radio access network control element to provide the communication content information.
7. The apparatus according to any claim 1 , wherein the interception information to be reported comprise connection content information and the connection for proximity service between the at least two devices is a direct connection between the at least two devices, and
the processor is configured to instruct the at least one radio access network control element to change the connection for proximity service to an indirect connection via the at least one radio access network control element and to provide the communication content information.
8. The apparatus according to claim 7 , wherein the processor is configured to trigger a change of user plane security keys which are adopted in the direct connection and indirect connection respectively, in case security keys for direct connection and indirect connection are different.
9. An apparatus comprising
a processor and
a memory for storing instructions to be executed by the processor, wherein the processor is configured
to provide control in a radio access network,
to perform control in relation to a connection for proximity service between at least two devices,
to receive configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and
to report interception information with respect to the at least one device to be intercepted.
10.-12. (canceled)
13. The apparatus according to claim 9 , wherein
the interception information to be reported comprises communication content information, and the connection for proximity service between the at least two devices is an indirect connection via the apparatus, and
the processor is configured to report the communication content information.
14. The apparatus according to claim 9 , wherein the interception information to be reported comprise connection content information and the connection for proximity service between the at least two devices is a direct connection between the at least two devices, and
the processor is configured to change the connection for proximity service to an indirect connection via the apparatus and to report the communication content information.
15. The apparatus according to claim 14 , wherein the processor is configured to trigger a change of user plane security keys which are adopted in the direct connection and indirect connection respectively, in case security keys for direct connection and indirect connection are different.
16. The apparatus according to claim 9 , wherein the processor is configured to
receive a trigger for establishing a user plane transport bearer from the apparatus to a core network for providing communication content information upon starting providing of the communication content information, and/or deactivating the user plane transport bearer from the apparatus to the core network upon ending providing of the communication content information.
17. The apparatus according to claim 9 , wherein the processor is configured to
receive a trigger for establishing a user plane transport bearer from the apparatus to a core network for providing communication content information when a communication via the connection for proximity service between the at least two devices starts, and/or deactivating the user plane transport bearer from the apparatus to the core network when the communication via the connection for proximity service between the at least two devices ends.
18. (canceled)
19. An apparatus comprising
a processor and
a memory for storing instructions to be executed by the processor, wherein the processor is configured
to provide a connection to a radio access network, and
to receive interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
20. (canceled)
21. (canceled)
22. The apparatus according to claim 19 , wherein the processor is configured to
trigger establishing a user plane transport bearer from a radio access network control element intercepting the at least one device for providing communication content information upon starting providing of the communication content information, and/or deactivating the user plane transport bearer from the radio access network control element upon ending providing of the communication content information.
23. The apparatus according to claim 19 , wherein the processor is configured to
trigger establishing a user plane transport bearer from a radio access network control element intercepting the at least one device for providing communication content information when a communication via the connection for proximity service between the at least two devices starts, and/or deactivating the user plane transport bearer from the radio access network control element when the communication via the connection for proximity service between the at least two devices ends.
24. (canceled)
25. (canceled)
26. A method comprising
performing control in relation to a connection for proximity service between at least two devices,
performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and
configuring at least one radio access network control element to perform the lawful interception in relation to the proximity service.
27.-30. (canceled)
31. The method according to any one of the claim 26 , wherein
the interception information to be reported comprises communication content information, and the connection for proximity service between the at least two devices is an indirect connection via the at least one radio access network control element, and the method further comprises
instructing the at least one radio access network control element to provide the communication content information.
32. The method according to claim 26 , wherein the interception information to be reported comprise connection content information and the connection for proximity service between the at least two devices is a direct connection between the at least two devices, and
the method further comprises
instructing the at least one radio access network control element to change the connection for proximity service to an indirect connection via the at least one radio access network control element and to provide the communication content information.
33. The method according to claim 32 , further comprising triggering a change of user plane security keys which are adopted in the direct connection and indirect connection respectively, in case security keys for direct connection and indirect connection are different.
34. The method according to claim 26 , wherein the method is implemented in a device-to-device registration server function or a mobility management entity or in the radio access network control element.
35. A method comprising
providing control in a radio access network,
performing control in relation to a connection for proximity service between at least two devices,
receiving configuration information for performing lawful interception in relation to the proximity service with respect to at least one device to be intercepted of the at least two devices, and
reporting interception information with respect to the at least one device to be intercepted.
36.-38. (canceled)
39. The method according to claim 35 , wherein
the interception information to be reported comprises communication content information, and the connection for proximity service between the at least two devices is an indirect connection via a radio access network control element carrying out the method, and
the method further comprises
reporting the communication content information.
40. The method according to claim 35 , wherein the interception information to be reported comprise connection content information and the connection for proximity service between the at least two devices is a direct connection between the at least two devices, and
the method further comprises
changing the connection for proximity service to an indirect connection via a radio access network control element carrying out the method and to report the communication content information.
41. The method according to claim 40 , further comprising triggering a change of user plane security keys which are adopted in the direct connection and indirect connection respectively, in case security keys for direct connection and indirect connection are different.
42. The method according to claim 35 , further comprising
receiving a trigger for establishing a user plane transport bearer from a radio access network control element carrying out the method to a core network for providing communication content information upon starting providing of the communication content information, and/or deactivating the user plane transport bearer from the radio access network control element to the core network upon ending providing of the communication content information.
43. The method according to claim 35 , further comprising
receiving a trigger for establishing a user plane transport bearer from a radio access network control element carrying out the method to a core network for providing communication content information when a communication via the connection for proximity service between the at least two devices starts, and/or deactivating the user plane transport bearer from the radio access network control element to the core network when the communication via the connection for proximity service between the at least two devices ends.
44. (canceled)
45. (canceled)
46. A method comprising
providing a connection to a radio access network, and
receiving interception information intercepted by lawful interception with respect to at least one device to be intercepted, wherein the at least one device is one of at least two devices connected by a connection for proximity service in the radio access network.
47. (canceled)
48. (canceled)
49. The method according to claim 46 , further comprising
triggering establishing a user plane transport bearer from a radio access network control element intercepting the at least one device to a gateway element performing the method for providing communication content information upon starting providing of the communication content information, and/or deactivating the user plane transport bearer from the radio access network control element to the gateway element upon ending providing of the communication content information.
50. The method according to claim 46 , further comprising
triggering establishing a user plane transport bearer from a radio access network control element intercepting the at least one device to a gateway element performing the method for providing communication content information when a communication via the connection for proximity service between the at least two devices starts, and/or deactivating the user plane transport bearer from the radio access network control element to the gateway element when the communication via the connection for proximity service between the at least two devices ends.
51. (canceled)
52. A computer program product comprising code means for performing a method according to claim 26 when run on a processing means or module.
53. (canceled)
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2013/077258 WO2014198063A1 (en) | 2013-06-14 | 2013-06-14 | Lawful interception for proximity service |
Publications (1)
Publication Number | Publication Date |
---|---|
US20160127420A1 true US20160127420A1 (en) | 2016-05-05 |
Family
ID=49111169
Family Applications (3)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/897,800 Abandoned US20160127420A1 (en) | 2013-06-14 | 2013-06-14 | Lawful Interception for Proximity Service |
US14/897,928 Active 2033-08-30 US10182079B2 (en) | 2013-06-14 | 2013-08-28 | Lawful interception and security based admission control for proximity service |
US14/907,594 Abandoned US20160182571A1 (en) | 2013-06-14 | 2013-08-28 | Lawful Interception and Security for Proximity Service |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/897,928 Active 2033-08-30 US10182079B2 (en) | 2013-06-14 | 2013-08-28 | Lawful interception and security based admission control for proximity service |
US14/907,594 Abandoned US20160182571A1 (en) | 2013-06-14 | 2013-08-28 | Lawful Interception and Security for Proximity Service |
Country Status (3)
Country | Link |
---|---|
US (3) | US20160127420A1 (en) |
EP (3) | EP3008934A4 (en) |
WO (3) | WO2014198063A1 (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140010167A1 (en) * | 2011-01-19 | 2014-01-09 | Philip Hodges | Local Data Bi-Casting Between Core Network and Radio Access |
US20150009864A1 (en) * | 2013-07-08 | 2015-01-08 | Samsung Electronics Co., Ltd. | Lawful interception method and apparatus of d2d communication-capable terminal |
US20160182571A1 (en) * | 2013-06-14 | 2016-06-23 | Nokia Solutions And Networks Oy | Lawful Interception and Security for Proximity Service |
US20170086065A1 (en) * | 2014-03-17 | 2017-03-23 | Telefonaktiebolaget Lm Ericsson (Publ) | Control of User Equipment Identity Dependent Service |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150264552A1 (en) * | 2014-03-14 | 2015-09-17 | Gang Xiong | Systems, methods, and devices for device-to-device discovery and communication |
EP3172926B1 (en) * | 2014-07-25 | 2020-04-08 | Telefonaktiebolaget LM Ericsson (publ) | Method and entity in a li system for positioning of a target connected to a wi-fi network |
CN107925662B (en) * | 2015-08-26 | 2021-09-21 | 瑞典爱立信有限公司 | Method and apparatus for lawful interception of proximity services |
EP3282671B1 (en) * | 2016-07-29 | 2021-07-21 | Rohde & Schwarz GmbH & Co. KG | A method and apparatus for testing a security of communication of a device under test |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6963739B2 (en) * | 2002-10-21 | 2005-11-08 | Motorola, Inc. | Method and apparatus for providing information intercept in an ad-hoc wireless network |
US7424738B2 (en) * | 2003-07-23 | 2008-09-09 | Combasis Technology, Inc. | RF firewall for a wireless network |
CN101102223A (en) * | 2007-06-14 | 2008-01-09 | 中兴通讯股份有限公司 | Network management system and method for legal detection |
US8502642B2 (en) * | 2007-11-20 | 2013-08-06 | Voxx International Corporation | System for controlling the use of electronic devices within an automobile |
CN101953138A (en) * | 2008-02-21 | 2011-01-19 | 爱立信电话股份有限公司 | Data retention and lawful intercept for IP services |
US8041346B2 (en) * | 2008-05-29 | 2011-10-18 | Research In Motion Limited | Method and system for establishing a service relationship between a mobile communication device and a mobile data server for connecting to a wireless network |
US7865573B2 (en) * | 2008-05-29 | 2011-01-04 | Research In Motion Limited | Method, system and devices for communicating between an internet browser and an electronic device |
US9106603B2 (en) * | 2009-12-23 | 2015-08-11 | Synchronics plc | Apparatus, method and computer-readable storage mediums for determining application protocol elements as different types of lawful interception content |
EP2403288B1 (en) * | 2010-04-28 | 2018-05-23 | Verint Systems Ltd. | System and method for determining commonly used communication terminals and for identifying noisy entities in large-scale link analysis |
US8990671B2 (en) * | 2011-10-31 | 2015-03-24 | Buckyball Mobile Inc. | Method and system of jamming specified media content by age category |
CN103152748B (en) * | 2011-12-07 | 2015-11-25 | 华为技术有限公司 | communication monitoring method, base station and terminal |
US20130183967A1 (en) * | 2012-01-13 | 2013-07-18 | Tim J. Olker | Lawful Intercept Of Mobile Units In Proximity To A Target Mobile Unit |
US20130203380A1 (en) * | 2012-02-05 | 2013-08-08 | Institute For Information Industry | Network device, core network, direct mode communication system and lawful interception method thereof |
US9226211B2 (en) * | 2013-01-17 | 2015-12-29 | Intel IP Corporation | Centralized partitioning of user devices in a heterogeneous wireless network |
US9532400B2 (en) * | 2013-02-28 | 2016-12-27 | Intel Deutschland Gmbh | Radio communication devices and cellular wide area radio base station |
US20160127420A1 (en) * | 2013-06-14 | 2016-05-05 | Nokia Solutions And Networks Oy | Lawful Interception for Proximity Service |
-
2013
- 2013-06-14 US US14/897,800 patent/US20160127420A1/en not_active Abandoned
- 2013-06-14 EP EP13886911.0A patent/EP3008934A4/en not_active Withdrawn
- 2013-06-14 WO PCT/CN2013/077258 patent/WO2014198063A1/en active Application Filing
- 2013-08-28 US US14/897,928 patent/US10182079B2/en active Active
- 2013-08-28 EP EP13756424.1A patent/EP3008883A1/en not_active Withdrawn
- 2013-08-28 EP EP13756855.6A patent/EP3008884A1/en not_active Withdrawn
- 2013-08-28 WO PCT/EP2013/067756 patent/WO2014198350A1/en active Application Filing
- 2013-08-28 US US14/907,594 patent/US20160182571A1/en not_active Abandoned
- 2013-08-28 WO PCT/EP2013/067750 patent/WO2014198349A1/en active Application Filing
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140010167A1 (en) * | 2011-01-19 | 2014-01-09 | Philip Hodges | Local Data Bi-Casting Between Core Network and Radio Access |
US9674876B2 (en) * | 2011-01-19 | 2017-06-06 | Telefonaktiebolaget Lm Ericsson (Publ) | Local data bi-casting between core network and radio access |
US20160182571A1 (en) * | 2013-06-14 | 2016-06-23 | Nokia Solutions And Networks Oy | Lawful Interception and Security for Proximity Service |
US10182079B2 (en) * | 2013-06-14 | 2019-01-15 | Nokia Solutions And Networks Oy | Lawful interception and security based admission control for proximity service |
US20150009864A1 (en) * | 2013-07-08 | 2015-01-08 | Samsung Electronics Co., Ltd. | Lawful interception method and apparatus of d2d communication-capable terminal |
US9813550B2 (en) * | 2013-07-08 | 2017-11-07 | Samsung Electronics Co., Ltd. | Lawful interception method and apparatus of D2D communication-capable terminal |
US20170086065A1 (en) * | 2014-03-17 | 2017-03-23 | Telefonaktiebolaget Lm Ericsson (Publ) | Control of User Equipment Identity Dependent Service |
US10117093B2 (en) * | 2014-03-17 | 2018-10-30 | Telefonaktiebolaget Lm Ericsson (Publ) | Control of user equipment identity dependent service |
Also Published As
Publication number | Publication date |
---|---|
US10182079B2 (en) | 2019-01-15 |
EP3008934A1 (en) | 2016-04-20 |
EP3008883A1 (en) | 2016-04-20 |
US20160134662A1 (en) | 2016-05-12 |
WO2014198350A1 (en) | 2014-12-18 |
EP3008934A4 (en) | 2017-02-22 |
WO2014198349A1 (en) | 2014-12-18 |
US20160182571A1 (en) | 2016-06-23 |
WO2014198063A1 (en) | 2014-12-18 |
EP3008884A1 (en) | 2016-04-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20160127420A1 (en) | Lawful Interception for Proximity Service | |
US11284310B2 (en) | Single radio voice call continuity handover | |
KR102162732B1 (en) | Method and apparatus for indicating that a connection enables routing of data between a PDN gateway and a local gateway | |
US9532213B2 (en) | Lawful interception for device-to-device (D2D) communication | |
JP2022071196A (en) | Connecting to virtualized mobile core networks | |
US20230135699A1 (en) | Service function chaining services in edge data network and 5g networks | |
CN105284166B (en) | Network assisted device-to-device discovery for peer-to-peer applications | |
US9344887B2 (en) | Direct communication among devices | |
US20230189380A1 (en) | Small data exchange handling by a user equipment in inactive state | |
WO2020076630A1 (en) | Device discovery and connectivity in a cellular network | |
US9414421B2 (en) | Direct communication among devices | |
EP4255092A1 (en) | Personal internet of things network element communication with 5g system and other personal internet of things network elements | |
JP2024513733A (en) | Improved preconfiguration, activation, and concurrency of wireless device measurement gaps | |
WO2022235962A1 (en) | Msg3 physical uplink shared channel (pusch) repetition requests | |
WO2014045151A2 (en) | Apparatus and method for communication | |
US9788174B2 (en) | Centralized short message service center server for messaging | |
US11128672B2 (en) | Lawful intercept in future core interworking with evolved packet system | |
WO2022069794A1 (en) | Network function service improvements | |
WO2022039835A1 (en) | Ue identification using its source ip address | |
US20240147288A1 (en) | Enhanced wireless device measurement gap pre-configuration, activation, and concurrency | |
EP4271042A1 (en) | Release-17 (rel-17) secondary node (sn)-initiated inter-sn conditional pscell change | |
US20240022616A1 (en) | Webrtc signaling and data channel in fifth generation (5g) media streaming | |
EP4236439A1 (en) | User equipment behavior when pre-configured measurement gap is changed | |
JP2024516488A (en) | Enhanced Service Feature Chaining in Next Generation Cellular Networks | |
JP2024513699A (en) | Improved prioritization within user equipment for uplink transmissions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: NOKIA SOLUTIONS AND NETWORKS OY, FINLAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:YU, LING;LEI, YIXUE;SIGNING DATES FROM 20151210 TO 20160202;REEL/FRAME:037930/0366 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |