WO2011131070A1 - Lawful interception system for ims media security based on key management server - Google Patents

Lawful interception system for ims media security based on key management server Download PDF

Info

Publication number
WO2011131070A1
WO2011131070A1 PCT/CN2011/072020 CN2011072020W WO2011131070A1 WO 2011131070 A1 WO2011131070 A1 WO 2011131070A1 CN 2011072020 W CN2011072020 W CN 2011072020W WO 2011131070 A1 WO2011131070 A1 WO 2011131070A1
Authority
WO
WIPO (PCT)
Prior art keywords
kms
signaling
network element
ims network
data
Prior art date
Application number
PCT/CN2011/072020
Other languages
French (fr)
Chinese (zh)
Inventor
田甜
朱允文
韦银星
高峰
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2011131070A1 publication Critical patent/WO2011131070A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L65/00Network arrangements, protocols or services for supporting real-time applications in data packet communication
    • H04L65/10Architectures or entities
    • H04L65/1016IP multimedia subsystem [IMS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • H04L63/306Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/22Arrangements for supervision, monitoring or testing
    • H04M3/2281Call monitoring, e.g. for law enforcement purposes; Call tracing; Detection or prevention of malicious calls

Definitions

  • the present invention relates to network communication security technologies, and in particular, to a lawful interception system for IP Multimedia Subsystem (IMS) media security based on Key Management Servicer (KMS).
  • IMS IP Multimedia Subsystem
  • KMS Key Management Servicer
  • the KMS-based secure communication technology solution is an end-to-end technical solution for protecting media streams, which is proposed for more demanding security requirements independent of signaling and transmission networks.
  • KMS-based secure communication technology solution is implemented based on the concept of using KMS and a ticket, wherein KMS is responsible for providing functions such as security, user authentication, and key generation.
  • KMS acts as a third-party server, mainly for issuing tickets and parsing tickets.
  • KMS can also be called a key management system.
  • the KMS-based secure communication technology solution is mainly for users with higher security requirements, and the KMS-based secure communication technology solution can be completely independent of the security of the signaling plane, that is, even if the data of the signaling plane is Stealing, the attacker can not obtain the media key of both parties of the call, thereby providing users with higher security.
  • this KMS-based secure communication technology solution requires the addition of a new network element, that is, the addition of a KMS.
  • the KMS-based secure communication technology solution can be referred to the system architecture shown in FIG. Among them, the Proxy-Call Session Control Function (P-CSCF) and the Service-Call Session Control Function (S-CSCF) belong to the IMS network element.
  • P-CSCF Proxy-Call Session Control Function
  • S-CSCF Service-Call Session Control Function
  • the implementation process of the KMS-based secure communication technology solution includes the following steps: Step 1.
  • User A ie, UE A
  • KMS establish a secure channel by using a universal authentication mechanism (GBA) mechanism.
  • GBA is a mobile communication network and a lightweight security infrastructure defined by 3GPP, which can provide unified security authentication services for application layer services.
  • KMS can implement key management and distribution functions.
  • KMS can also use the Network Application Function (NAF).
  • NAF Network Application Function
  • Step 2 User A applies to the KMS for a media key for communicating with User B (ie UE B) and an encrypted Ticket (including media key and User B information).
  • Step 3 The KMS generates a media key and an encrypted ticket is sent to the user A.
  • Step 4 User A sends a communication request and an encrypted ticket to the user through the IMS core network.
  • Step 5 User B receives the communication request sent by User A and the encrypted ticket.
  • Step 6 User B and KMS establish a secure channel with the GBA mechanism.
  • Step 7 User B sends the received encrypted ticket to the KMS, requesting the media key in the ticket.
  • Step 8 The KMS decrypts the ticket sent by the user B, and verifies whether the information of the called user in the user B and the ticket are consistent. If they are consistent, the media key in the ticket is sent to the user B.
  • Step 9 After obtaining the media key, user B accepts the communication request of user A, so that user A and user B can communicate with the media key.
  • the MIKEY-Ticket key agreement mechanism is a new mode used to extend the MIKEY (RFC3830) protocol. This new mode uses the concepts of KMS and Ticket.
  • the MIKEY-Ticket extension to the MIKEY protocol comes from Ericsson's Ticket-based System (TBS) scheme, which uses the concept of Ticket.
  • TBS Ericsson's Ticket-based System
  • the Ticket entity does not have a specific protocol to carry. It can be transmitted in signaling.
  • SDP Session Description Protocol
  • the MIKEY-Ticket mechanism contains three interactions, as shown in Figure 2, namely: Ticket Requets; Ticket Transfer and Ticket Resolve.
  • user I indicates the originating session user
  • user R indicates the answering session user
  • KMS indicates the key management server.
  • the interactive parameters can be divided into three types of representations, that is, [ ] indicates that the parameter is optional, () indicates that one or more of the parameters can be included, and ⁇ ⁇ indicates no. Contains or contains more than zero such parameters.
  • the session initiator that is, the user I sends a REQUEST_INIT message to the KMS for requesting a ticket to the KMS
  • the REQUESTJNIT message contains the session information (for example, the identity of the callee), and this
  • the REQUEST_INIT message is protected by a message authentication code (MAC) based on the shared key of User I and KMS.
  • MAC message authentication code
  • Ticket Request is divided into two modes: 1. Shared key; 2. Public and private key mechanism. Since the public and private key mechanisms require PKI support and are not used, only the shared key mode is introduced here.
  • the parameters included in the REQUESTJNIT message are shown in Figure 3, including: HDR, T, RAND, [IDi], [IDkms], (IDre), ⁇ SP ⁇ , IDtp, [KEMAC], [IDpsk], V , where: HDR indicates a message header, T indicates a timestamp, and RAND indicates a random number;
  • the IDi contains the identity of the sender. This identifier is generally present in the "send to" field in the ticket. Since the sender's identity can be read from the sender field of the message, this parameter can sometimes be omitted in the REQUESTJNIT message.
  • IDkms should be included in the message, but can be saved if the KMS has only one unique identifier; IDre is the identifier of the recipient and can be a single user or a group of users. If more than one recipient is present, each recipient's identity must be placed in a separate ID payload;
  • IDt is the identifier of the ticket policy that you want to use
  • SP is the security policy payload
  • KEMAC is the key data transmission payload, which is simply used to store the key for transmitting each key.
  • Fang, here KEMAC E(encr_key, [MPK] II ⁇ TGKITEK ⁇ ), where MPK (MIKEY Protection Key) is the MIKEY message protection key, ie encrypt the MPK, TGK or TEK with encr_key, TGK can have more than one, encr_key Generated by PSK, this parameter is optional;
  • IDpsk is not a required parameter. Only when there is more than one PSK, you need to specify which PSK to use. V is the verification payload and stores the corresponding MAC value.
  • the KMS If the initiator is authenticated and legally initiates the request, the KMS generates the required keys, and encodes the keys in the ticket, and returns a ticket to the initiator user I in the REQUEST_RESP message. See the specific parameters in the message. As shown in Figure 4 below, it includes: HDR, T, [IDkms], [IDtp], [TICKET], [KEMAC], V, where the parameters of [ ] are optional, and the Ticket contains the ticket type and the ticket data. The ticket type and data are both dependent on IDtp.
  • the above ticket request interaction process is optional.
  • the Ticket Request step can be omitted.
  • step 14 For Ticket Transfer, after receiving the REQUEST_RESP message sent by KMS, User I sends the Ticket to the called party R in the TRANSFER_INIT message, as shown in step 13 in Figure 2. If the user R check policy is acceptable, it forwards the ticket to the KMS in the RESOLVEJNIT message, and causes the KMS to return the key information contained in the ticket, as shown in step 14 in Figure 2, where the RESOLVE_INIT message is also based on the user. MAC protection for shared keys of R and KMS. Based on the type of ticket, step 14 is also optional and is only used when user R leaves the assistance of KMS or the information contained in the ticket.
  • the specific parameters in the TRANSFER_INIT and RESOLVE_INIT messages are shown in Figures 5 and 6, respectively:
  • the IDi and IDr parameters in the TRANSFER_INIT message may not be included in the message when there are other ways to obtain the identity of the sender and the receiver.
  • the verification key auth_key is generated by the MPK. Since the sender and the receiver do not have a shared key at this time, the receiver cannot verify the message that the ticket receives from the receiver before processing, so the receiver First, you need to check the policy you accept. If the IDtp in the received message is not acceptable by yourself, the message is rejected and no longer interacts with the KMS. This is also a way to prevent DoS attacks on KMS in advance.
  • the Ticket payload carries the ticket that needs to be decrypted by KMS.
  • the IDt and IDi payloads must match the corresponding parameters in TRANSFER_INIT.
  • V is the verification payload, and the verification key auth_key is generated by PSK.
  • KMS After receiving the RESOLVE_INIT message, KMS verifies that user R is a legal recipient. If so, KMS retrieves the key and other information in the ticket and sends a RESOLVE_RESP message to user R. If KMS cannot correctly parse the received message. Or if the user R who sent RESOLVEJNIT fails the verification, the KMS should return the corresponding error message. The KMS sends the relevant key along with other additional information to the user R in the RESOLVE_RESP message, see step 15 in Figure 2.
  • RESOLVE_RESP The specific parameters in the RESOLVE_RESP message are shown in Figure 7: In addition to the message type, the next payload and the V-tag, the other header payloads must be consistent with the headers in the RESOLVE_INIT message. The timestamp type and value must be consistent with the RESOLVE_INIT message.
  • KEMAC E(encr_key, MPK II [MPK] II ⁇ TGK I TEK ⁇ ). In the case of Forking, KMS requires two forked MPKs and multiple TGKs. In this case, the first MPK is used to protect the TRANSFER_INIT message, and the second MPK is used to protect the TRANSFER_RESP message. The modification factor used to generate the different forked keys is included in the IDmod payload.
  • TRANSFER_RESP message After receiving the RESOLVE_RESP message, user R sends a TRANSFER_RESP message to user I as an acknowledgment. See step 16 in Figure 2.
  • the TRANSFER_RESP message may contain some information for key generation.
  • the specific parameters are shown in Figure 8. The actual signaling process needs to depend on the specific ticket type and the policy of the KMS domain. The type of the ticket is determined by the ticket's policy.
  • the TPK is the key for protecting the ticket.
  • the key is only known to the KMS.
  • the random number RAND is generated by the KMS.
  • the KMS Based on the random numbers RAND and TPK, the KMS generates the corresponding MPK, TGK and SALT using the key generation function KDF, and Ke is the encryption key of the key material in the encrypted ticket generated according to the Pre-shared key.
  • Ke encryption MPK, TGK and SALT to put in the KEMAC payload.
  • the key Ka for verification is regenerated by the pre-shared key, and the MAC value is calculated to be placed in the MAC payload.
  • the sender When the sender sends the TRANSFER_INIT message to the receiver, it uses the RAND generated by itself and the MPK obtained from the KMS to generate the verification key Ka based on the KDF, which is used to calculate the MAC value. According to the information in the HDR, the random number RAND and the TGK are used. The KDF generates a TEK, and the SALT contained in the KEMAC is used as a key input for the SRTP protocol.
  • KMS will generate a correction factor MOD for each terminal to generate new MPK and TGK.
  • the forked MPK is generated based on MOD and MPK, and the parameters in the forked MPK and HDR and the random number RAND generate a verification key Ka, which is used to calculate the MAC.
  • Ka the verification key
  • the random numbers RAND and TGK generate a forked TEK
  • the SALT in the TEK and KEMAC is used as the key input of the SRTP protocol.
  • KMS-based end-to-end media security solutions must also meet legitimate interception needs.
  • Figure 9 The legal monitoring solution that is currently open as a standard IMS control surface is shown in Figure 9, which includes:
  • LMF Listening Center
  • DF2 Transfer Unit
  • ADMF Management Entity
  • Intercepted Subscriber Other Party
  • P-CSCF Transfer Unit
  • S-CSCF S-CSCF
  • LEMF through P-CSCF And S-CSCF to Intercepted Subscriber Monitor.
  • the scheme does not include the KMS network element and only intercepts data from the IMS core network element, it does not have the ability to monitor the KMS-based media security mechanism, thereby failing to implement lawful interception of the KMS-based IMS media security.
  • the main object of the present invention is to provide a lawful interception system based on KMS for IMS media security, which can implement lawful interception of KMS-based IMS media security.
  • a lawful interception system for IMS media security based on a key management server KMS comprising: an administrative entity (ADMF), an IP Multimedia Subsystem (IMS) network element and a Listening Center (LEMF); the system further comprising: KMS and Signaling interception unit:
  • the ADMF is configured to send a listening command to the KMS
  • the KMS is connected to the ADMF, and is configured to send the interception data to the signaling intercepting unit after receiving the intercepting command from the ADMF;
  • the signaling intercepting unit is connected to the KMS, and configured to send the intercepting data to the LEMF;
  • the LEMF associates the interception data obtained from the signaling intercepting unit with the intercepted data obtained from the IMS network element; and performs monitoring according to the associated intercepted data.
  • the signaling intercepting unit is separately set or combined with the signaling intercepting unit DF2 in the IMS network element.
  • a set of interception units for intercepting the intercepted data intercepted by the IMS network element and the KMS, and then sending the data to the LEMF; or, the IMS network element and the IMS network element
  • the interception data intercepted by the KMS is directly sent to the LEMF, and the LEMF is Line information association.
  • the information used by the information association includes one or any combination of the following: a timestamp, a user address of the calling party, and a user address of the recipient.
  • the signaling intercepting unit DF2 of the IMS network element is configured to send the interception data intercepted by the IMS network element to the LEMF;
  • the signaling intercepting unit is configured to send interception data intercepted from the KMS to the LEMF;
  • the LEMF performs information association based on data received from DF2 and the signaling intercepting unit.
  • the information used by the information association includes one or any combination of the following: a timestamp, a user address of the calling party, and a user address of the recipient.
  • a lawful interception system for IMS media security based on a key management server comprising: ADMF, IMS network element and LEMF; wherein the system further comprises: a KMS and a signaling interception unit,
  • the signaling intercepting unit is configured to obtain monitoring data from the IMS network element, and send the monitoring data to the KMS;
  • the KMS is connected to the signaling intercepting unit, configured to parse the interception data, and return the parsing result to the signaling intercepting unit.
  • the signaling intercepting unit is the signaling intercepting unit DF2 in the IMS network element
  • the DF2 is configured to include the MIKEY-Ticket in the intercepting data when the intercepting data is sent to the KMS. information.
  • the DF2 sends the MIKEY-Ticket information included in the interception data to the KMS;
  • the KMS is further configured to parse according to the MIKEY-Ticket information, and parse the The result is returned to the DF2.
  • the DF2 In the case that the signaling intercepting unit is the signaling intercepting unit DF2 in the IMS network element, the DF2, according to the local policy, identifies that after obtaining the untrusted message from the IMS network element, the IMS network will be obtained from the IMS network.
  • the information obtained by the element and the signaling plane is sent to the KMS, and the information obtained from the IMS network element includes: at least one of a KMS-ID used by the monitored user and a timestamp of the event;
  • the information includes: at least one of a caller's user identifier and a recipient's user identifier;
  • the KMS is further configured to find the corresponding MIKEY-Ticket information according to the information obtained from the IMS network element and the signaling plane provided by the DF2, parse the information, and send the parsing result to the DF2.
  • the present invention includes two system implementation schemes, namely: the introduction of the corresponding network element after the introduction of the KMS (PUSH) ) Scheme and pull (PULL) scheme.
  • the PUSH solution includes: a new KMS and a signaling intercepting unit; the newly added KMS is connected to the ADMF, and is configured to receive a listening command from the ADMF, and actively send the monitoring data to the signaling intercepting unit; An intercepting unit is configured to intercept the intercepting data from the KMS and the IMS network element.
  • the invention can realize the lawful interception of the KMS-based IMS media security, and provides an effective and effective monitoring solution corresponding to the KMS-based secure communication technology solution.
  • Figure 1 is a system architecture diagram of an existing MIKEY-Ticket
  • FIG. 2 is a schematic diagram of three key negotiation interaction processes defined in the existing MIKEY-Ticket
  • FIG. 3 is a schematic diagram of an existing REQUEST_INIT message
  • Figure 4 is a schematic diagram of an existing REQUEST_RESP message
  • FIG. 5 is a schematic diagram of an existing TRANSFER_INIT message
  • 6 is a schematic diagram of an existing RESOLVE_INIT message
  • 7 is a schematic diagram of an existing RESOLVE_RESP message
  • Figure 8 is a schematic diagram of an existing TRANSFER_RESP message
  • Figure 9 is a structural diagram of an IMS lawful interception system of a conventional standardized control plane
  • FIG. 10 is a system architecture diagram of a KMS-PUSH scheme of the system of the present invention.
  • FIG. 11 is a schematic diagram of an interface between a KMS and other listening network elements in a KMS-PUSH architecture to which the system of the present invention is applied;
  • FIG. 12 is a schematic diagram of a monitoring process when a called party is controlled by a KMS-PUSH architecture using the system of the present invention
  • FIG. 13 is a schematic diagram of a monitoring process when a calling party is controlled by a KMS-PUSH architecture using the system of the present invention
  • FIG. 14 is a system architecture diagram of a KMS-PULL scheme of the system of the present invention.
  • FIG. 15 is a schematic diagram of a message flow when a monitoring object is a called party under the KMS-PULL architecture of the system of the present invention.
  • 16 is a schematic diagram of a message flow when a monitoring object is a calling party in a KMS-PULL architecture to which the system of the present invention is applied. detailed description
  • the basic idea of the present invention is: To implement the lawful interception of the KMS-based IMS media security after the introduction of the newly added network element of the KMS, including two system implementation schemes, namely: introducing the newly added network element of the KMS Corresponding PUSH scheme and PULL scheme.
  • a KMS-based IMS media security lawful interception system in order to implement the legal monitoring of KMS-based IMS media security after the introduction of the newly added network element of KMS, includes two system implementation schemes, namely: introducing KMS
  • the PUSH scheme and the PULL scheme corresponding to the newly added NEs may also be referred to as a KMS-PUSH system architecture scheme and a KMS-PULL system architecture scheme.
  • the KMS-PUSH system architecture the system is based on the KMS-based PUSH mode. System;
  • the KMS-PULL system architecture the system is a KMS-based PULL mode system.
  • the present invention is an effective monitoring solution provided under the KMS-based secure communication technology solution. Since the KMS-based secure communication technology solution does not depend on the security of the signaling plane, the monitoring of the present invention The solution also does not depend on the security of the signaling plane.
  • the present invention mainly includes the following contents:
  • ADMF is used as an entity for sending a listening instruction to a network element
  • IMS network element is used.
  • the monitoring command is issued separately from the KMS, and the IMS network element and the KMS independently send monitoring data to DF2 and DF2'.
  • DF2 and DF2 are the specific implementations of the signaling interception unit.
  • Delivery Function 2 can be called the transmission unit.
  • DF2 also called the transmission unit, represents the transmission unit that is functionally different from DF2.
  • the transmitting unit is used to intercept the signaling plane data in the lawful interception, and converts the intercepted information into a standard format and sends it to the Listening Center (LEMF, Law Enforcement Monitoring Facility).
  • LEMF Law Enforcement Monitoring Facility
  • the processing of the signaling intercepting unit includes two modes: one way, DF2 and DF2 can be used as different network entities, that is, two functional units are separately configured in the signaling intercepting unit, That is, DF2 and DF2, to achieve different functions, respectively, so that the functional division can improve the overall operating speed and efficiency of the system;
  • Another way: DF2 and DF2 can be integrated into the same network entity, that is, in Only one functional unit is configured in the signaling interception unit.
  • the functional unit integrates all functions of DF2 and DF2, and does not perform functional division.
  • the specific implementation of the signaling interception unit may be only DF2, but the meaning of the DF2 refers to an upgrade.
  • the DF2, which includes both the functions of the existing DF2 and the functions of the DF2, is distinguished from the DF2 in the prior art.
  • DF2 and DF2 send the interception data to LEMF for information association.
  • DF2 can send the number of listeners sent by IMS network element and KMS. It is first sent to LEMF, or directly to LEMF, and is associated with LEMF.
  • KMS and ADMF have an Xl_l interface for receiving listener commands from ADMF;
  • KMS and DF2 have X2 interfaces for transmitting a ticket resolution request (Resolve Init) related to the listener object to DF2, and the ticket parsing result (Resolve Resp), Request Init, Request Resp, time of event occurrence, etc.
  • the association of messages can be related by information that cannot be tampered with by the signaling plane, such as time stamp of the time, the user address of the calling party and the recipient, and so on.
  • the system architecture of the KMS PULL scheme is adopted.
  • DF2 intercepts the session message of the target user from the IMS network element. If the session information includes the MIKEY-Ticket message, the DF2 is based on the local policy. For example, for different trusted and untrusted policies, the content of the interception command is sent to the KMS. If the DF2 intercepts the message from the signaling plane, the DF2 can directly send the intercepted ticket to the KMS to obtain the analysis result of the ticket.
  • the DF2 obtains the KMS-ID used by the monitored user from the IMS network element, obtains the timestamp of the event from the IMS network element, and obtains the timestamp from the signaling plane.
  • Information that is not easily falsified, such as the user identifier of both parties to the call, is sent to the designated KMS.
  • KMS provides information based on DF2, finds the relevant ticket, and sends the ticket resolution to DF2.
  • DF2 can send the result of the analysis of the ticket to LEMF, and the association between the ticket information and the call information is performed by LEMF. It is also possible to implement the association processing of the ticket information and the call information by itself, and send the processed information to the LEMF.
  • DF2 sends a listen command to KMS, it decides the data to be sent to KMS according to the local policy.
  • the invention is illustrated by way of example below.
  • the signaling intercepting unit includes DF2 and DF2, and DF2 and DF2 are independently set.
  • DF2 is used as a signaling intercepting unit of the IMS network element
  • DF2 is used as a signaling intercepting unit of the KMS.
  • the system includes: ADMF, P-CSCF, S-CSCF, KMS, DF2. DF2, and LEMF; wherein, both the P-CSCF and the S-CSCF belong to the IMS network element.
  • ADMF used to issue a listen command to KMS.
  • KMS connected to ADMF, is also connected to DF2, and is used to send monitoring data to DF2' after receiving a listening command from ADMF.
  • the P-CSCF and the S-CSCF are used to receive the listening command from the ADMF and actively send the monitoring data to the DF2.
  • DF2 used to send the interception data intercepted from the P-CSCF and the S-CSCF to the LEMF, and the LEMF performs information association.
  • DF2' is used to send the interception data intercepted from the KMS to the LEMF, and the LEMF performs the information association.
  • LEMF is used to associate the intercepted data obtained from DF2 and DF2 with the intercepted data obtained from the IMS network element; and listen according to the associated intercepted data.
  • DF2 and DF2 included in the signaling intercepting unit in the embodiment of the system are separately set. That is to say, at this time, DF2 and DF2 are different network entities, respectively.
  • the DF2 and DF2 included in the signaling interception unit can be integrated into an upgraded network entity, and the signaling interception unit is an upgraded network entity.
  • an upgraded network entity formed by integrating DF2 and DF2 is used as a signaling intercepting unit. That is to say, at this time, DF2 and DF2 are the same network entity.
  • KMS and ADMF have Xl_l interface for receiving listening commands from ADMF; KMS and DF2 have X2 interfaces for DF2
  • the Resolve Init, Resolve Resp, Request Init, Request Resp, and the time when the event occurred are transmitted.
  • System Embodiment 2 Embodiment of the KMS-PULL architecture of the system of the present invention, and the signaling intercepting unit is a signaling intercepting unit of the IMS network element, and the signaling intercepting unit of the IMS network element still uses DF2 said.
  • the system includes: ADMF, P-CSCF, S-CSCF, KMS, DF2, and LEMF; wherein, both the P-CSCF and the S-CSCF belong to the IMS network element.
  • the interception data can also be referred to as the session message of the target user.
  • KMS connected to DF2
  • DF2 is configured to parse according to the content of the listening command, and return the parsing result to DF2.
  • the listening command involved here has different meanings from the listening command involved in the first embodiment of the system, that is: both of them belong to the listening command, but the specific content and format may be different, the above system implementation
  • the interception command involved in the first example is between ADMF and KMS; the listener command involved here is between DF2 and KMS, and the interfaces and parameters of the two may be different, and will not be described again.
  • the content that DF2 sends to the KMS for the listening command includes the following two specific implementations:
  • DF2 is used to send the ticket intercepted to the message to the KMS when the local policy for trusted messages is used.
  • KMS is used to parse directly according to the ticket, and returns the parsing result for the ticket to DF2.
  • DF2 is used to transmit the information acquired from the P-CSCF and the S-CSCF and the signaling plane to the KMS when the local policy for the untrusted message is used; wherein, the information obtained from the P-CSCF and the S-CSCF
  • the information includes: at least one of a KMS-ID used by the monitored user, and a timestamp of the event; the information acquired from the signaling plane includes: at least one of a caller's user identifier and a recipient's user identifier.
  • the KMS is used to find the relevant ticket according to the information obtained from the P-CSCF and the S-CSCF and the signaling plane provided by the DF2, and send the result of the ticket analysis to the DF2.
  • Application Example 1 When applying the KMS-PUSH architecture of the system of the present invention, as shown in FIG. 12, the message flow when the receiver (User B) is the monitoring object includes the following steps:
  • Step 101 User A sends a Ticket Request message to KMS_A.
  • Step 102 After receiving the request of the user A, the KMS_A sends the key and the ticket to the user A through the Request Res message.
  • Step 103 User A sends a Transfer Init message to the IMS network.
  • Step 104 The IMS network forwards the received Transfer Init message to the DF2.
  • Step 105 The IMS network forwards the Transfer Init message to User B.
  • Step 106 User B sends a ticket resolution request Resolve Init to KMS_B.
  • Step 107 KMS_B forwards the ticket resolution request Resolve Init to DF2,.
  • Step 108 KMS_B sends a ticket resolution request Resolve Init to KMS_A.
  • Step 109 KMS_A sends the ticket resolution result Resolve Res to KMS_B.
  • Step Ill KMS_B sends the ticket resolution result Resolve Res is sent to user B.
  • Step 112 User B will send a Transfer Res message to the IMS network.
  • Step 113 The IMS network forwards the Transfer Res message to the DF2.
  • Step 114 The IMS network sends a Transfer Res message to User A.
  • Application Example 2 When applying the KMS-PUSH architecture of the system of the present invention, as shown in FIG. 13, the message flow when the initiator (user A) is the monitoring object includes the following steps: Step 201: User A to KMS_A Send a ticket request message.
  • Step 202 KMS_A forwards the Ticket Request message to DF2.
  • Step 203 After receiving the request of the user A, the KMS_A sends the key and the ticket to the user A through the Request Res message.
  • Step 204 KMS_A forwards the Request Res message to DF2'.
  • Step 205 User A sends a Transfer Init message to the IMS network.
  • Step 206 The IMS network forwards the received Transfer Init message to the DF2.
  • Step 207 The IMS network forwards the Transfer Init message to User B.
  • Step 208 User B sends a ticket resolution request Resolve Init to KMS-B.
  • Step 209 KMS_B sends a ticket resolution request Resolve Init to KMS_A.
  • Step 210 KMS_A forwards Resolve Init to DF2'.
  • Step 211 KMS_A sends the ticket resolution result Resolve Res to KMS_B.
  • Step 212 KMS_A sends the ticket resolution result Resolve Res to DF2,.
  • Step 213 KMS_B sends the ticket resolution result Resolve Resp to user B.
  • Step 214 User B will send a Transfer Res message to the IMS network.
  • Step 215 The IMS network forwards the Transfer Res message to the DF2.
  • Step 216 The IMS network sends a Transfer Res message to User A.
  • Step 301 User A sends a Ticket Request message to KMS_A.
  • Step 302 After receiving the request of user A, KMS_A passes the key and the ticket through the Request.
  • the Res message is sent to user A.
  • Step 303 User A sends a Transfer Init message to the IMS network.
  • Step 304 The IMS network forwards the received Transfer Init message to the DF2, and the KMS-ID (and KMS_B) of the user B, the timestamp of the event, and the like.
  • Step 305 The DF2 sends the timestamp of the event and the information that is not easily falsified on the signaling plane, such as the identity above the call, from the Transfer Init message to KMS_B.
  • Step 306 The IMS network forwards the Transfer Init message to User B.
  • Step 307 User B sends a ticket resolution request Resolve Init to KMS_B.
  • Step 308 KMS_B sends a ticket resolution request Resolve Init to KMS_A.
  • Step 310 KMS_B sends the ticket resolution result Resolve Resp to DF2.
  • Step 311 KMS_B sends the ticket resolution result Resolve Resp to user B.
  • Step 312 User B will send a Transfer Resp message to the IMS network.
  • Step 313 The IMS network forwards the Transfer Res message to the DF2.
  • Step 314 The IMS network sends a Transfer Res message to User A.
  • Step 401 User A sends a Ticket Request message to KMS_A.
  • Step 402 After receiving the request of the user A, the KMS_A sends the key and the ticket to the user A through the Request Res message.
  • Step 403 User A sends a Transfer Init message to the IMS network.
  • Step 404 The IMS network forwards the received Transfer Init message to the DF2, and the KMS-ID (and KMS_A) of the user A, the timestamp of the event, and the like.
  • Step 405 The DF2 sends the timestamp of the event and the information that is not easily falsified on the signaling plane, such as the identity above the call, from the Transfer Init message to the KMS_A.
  • Step 406 The IMS network forwards the Transfer Init message to User B.
  • Step 407 User B sends a ticket resolution request Resolve Init to KMS_B.
  • Step 408 KMS_B sends a ticket resolution request Resolve Init to KMS_A.
  • Step 409 KMS_A sends the ticket resolution result Resolve Resp to DF2.
  • Step 410 KMS_A sends the ticket resolution result Resolve Resp to KMS_B.
  • Step 412 User B will send a Transfer Res message to the IMS network.
  • Step 413 The IMS network forwards the Transfer Res message to the DF2.
  • Step 414 The IMS network sends a Transfer Res message to User A.
  • BSF refers to the service function
  • Media Key refers to the media key
  • KMS refers to the key management server
  • NAF refers to the application server
  • P-CSCF proxy call session control unit
  • S-CSCF service call session control unit
  • Request Init refers to ticket request
  • Request Res refers to ticket request result
  • Transfer Resp refers to the ticket transfer request response
  • Resolve Init refers to the ticket resolution request
  • Resolve Resp refers to the ticket resolution result information

Abstract

The invention provides a lawful interception system for IP Multimedia Subsystem (IMS) media security based on the Key Management Server (KMS), which includes two system implementation schemes of PUSH and PULL. Wherein, the system of PULL mode includes: a signaling interception unit, for obtaining the interception data from the IMS network element, and sending it to the KMS; KMS is connected with the signaling interception unit, for resolving the interception data and returning the resolution result to the signaling interception unit. By using the invention, the lawful interception for IMS media security based on KMS can be implemented.

Description

基于密钥管理服务器的 IMS媒体安全的合法监听系统 技术领域  Legal listening system for IMS media security based on key management server
本发明涉及网络通信安全技术, 尤其涉及一种基于密钥管理服务器 ( KMS, Key Management Servicer ) 的 IP多媒体子系统 ( IMS )媒体安全 的合法监听系统。 背景技术  The present invention relates to network communication security technologies, and in particular, to a lawful interception system for IP Multimedia Subsystem (IMS) media security based on Key Management Servicer (KMS). Background technique
基于 KMS的安全通信技术方案是一种保护媒体流端到端的技术方案, 其是针对与信令和传输网络无关的具有更高要求的安全需求而提出的。  The KMS-based secure communication technology solution is an end-to-end technical solution for protecting media streams, which is proposed for more demanding security requirements independent of signaling and transmission networks.
该基于 KMS的安全通信技术方案是基于使用 KMS和一个票据( Ticket ) 的概念来实现的, 其中, KMS用于负责提供安全、 用户鉴权以及密钥生成 等功能。 KMS在 IMS媒体面安全中, 作为第三方服务器, 主要起到发放 Ticket , 解析 Ticket的作用, KMS也可以称为密钥管理系统。  The KMS-based secure communication technology solution is implemented based on the concept of using KMS and a ticket, wherein KMS is responsible for providing functions such as security, user authentication, and key generation. In IMS media plane security, KMS acts as a third-party server, mainly for issuing tickets and parsing tickets. KMS can also be called a key management system.
所述基于 KMS 的安全通信技术方案主要是针对具有较高安全需求的 用户, 该基于 KMS的安全通信技术方案可以完全不依赖于信令面的安全, 也就是说, 即便信令面的数据被窃取, 攻击者也无法获取通话双方的媒体 密钥, 从而为用户提供较高的安全保障。 然而, 该基于 KMS的安全通信技 术方案需要增加新的网元, 即增加一个 KMS。  The KMS-based secure communication technology solution is mainly for users with higher security requirements, and the KMS-based secure communication technology solution can be completely independent of the security of the signaling plane, that is, even if the data of the signaling plane is Stealing, the attacker can not obtain the media key of both parties of the call, thereby providing users with higher security. However, this KMS-based secure communication technology solution requires the addition of a new network element, that is, the addition of a KMS.
考虑到用户设备 ( UE )和 IMS中各个网元的参与, 基于 KMS的安全 通信技术方案可参见图 1所示的系统架构。 其中, 代理 -呼叫会话控制功能 ( P-CSCF )和服务 -呼叫会话控制功能 (S-CSCF )都属于 IMS网元。  Considering the participation of user equipment (UE) and each network element in the IMS, the KMS-based secure communication technology solution can be referred to the system architecture shown in FIG. Among them, the Proxy-Call Session Control Function (P-CSCF) and the Service-Call Session Control Function (S-CSCF) belong to the IMS network element.
该基于 KMS的安全通信技术方案的实现流程, 包括如下步骤: 步骤 1、 用户 A (即 UE A )与 KMS用通用认证机制 (GBA )机制建 立安全通道。 这里, GBA是 3GPP定义的一种基于移动通信网络、 轻量级的安全基 础设施, 可以为应用层业务提供统一的安全认证服务。 KMS作为一个可信 任的第三方, 能实现密钥的管理和分发功能, KMS所在的位置还可以釆用 网络应用功能(NAF ) 。 The implementation process of the KMS-based secure communication technology solution includes the following steps: Step 1. User A (ie, UE A) and KMS establish a secure channel by using a universal authentication mechanism (GBA) mechanism. Here, GBA is a mobile communication network and a lightweight security infrastructure defined by 3GPP, which can provide unified security authentication services for application layer services. As a trusted third party, KMS can implement key management and distribution functions. KMS can also use the Network Application Function (NAF).
步骤 2、 用户 A向 KMS申请一个用于与用户 B (即 UE B )通讯的媒 体密钥和一张加密的 Ticket (包括媒体密钥和用户 B的信息 ) 。  Step 2. User A applies to the KMS for a media key for communicating with User B (ie UE B) and an encrypted Ticket (including media key and User B information).
步骤 3、 KMS生成媒体密钥和加密的 Ticket发送给用户 A。  Step 3. The KMS generates a media key and an encrypted ticket is sent to the user A.
步骤 4、 用户 A通过 IMS核心网发送通讯请求和加密的 Ticket给用户 Step 4. User A sends a communication request and an encrypted ticket to the user through the IMS core network.
B。 B.
步骤 5、 用户 B接收到用户 A发送的通讯请求和加密的 Ticket。  Step 5. User B receives the communication request sent by User A and the encrypted ticket.
步骤 6、 用户 B与 KMS用 GBA机制建立安全通道。  Step 6. User B and KMS establish a secure channel with the GBA mechanism.
步骤 7、 用户 B发送接收到的加密的 Ticket给 KMS , 请求得到 Ticket 中的媒体密钥。  Step 7. User B sends the received encrypted ticket to the KMS, requesting the media key in the ticket.
步骤 8、 KMS解密用户 B发来的 Ticket, 验证用户 B和 Ticket中的被 叫用户信息是否一致, 如果一致, 发送 Ticket中的媒体密钥给用户 B。  Step 8: The KMS decrypts the ticket sent by the user B, and verifies whether the information of the called user in the user B and the ticket are consistent. If they are consistent, the media key in the ticket is sent to the user B.
步骤 9、 用户 B获得媒体密钥后, 接受用户 A的通讯请求, 这样用户 A, 用户 B就可用这个媒体密钥进行通讯了。  Step 9. After obtaining the media key, user B accepts the communication request of user A, so that user A and user B can communicate with the media key.
以上所述的安全通信技术的解决方案是釆用 MIKEY-Ticket 密钥协商 机制来实现。  The solution for the secure communication technology described above is implemented using the MIKEY-Ticket key agreement mechanism.
MIKEY-Ticket密钥协商机制是用来扩充 MIKEY ( RFC3830 )协议的一 种新的模式, 这个新的模式使用了 KMS和 Ticket的概念。 MIKEY-Ticket 对 MIKEY协议的扩展的需求来源于爱立信公司的基于 Ticket的系统( TBS ) 方案, 该方案中使用了 Ticket这一概念, 而实际中, 该 Ticket实体没有一 个具体的协议来承载, 使之能在信令中传输。 在 RFC4568的会话描述协议 ( SDP )的密钥协商协议扩展中, SDP已经能支持传输 MIKEY, 让 MIKEY 支持 Ticket , 则问题迎刃而解。 The MIKEY-Ticket key agreement mechanism is a new mode used to extend the MIKEY (RFC3830) protocol. This new mode uses the concepts of KMS and Ticket. The MIKEY-Ticket extension to the MIKEY protocol comes from Ericsson's Ticket-based System (TBS) scheme, which uses the concept of Ticket. In practice, the Ticket entity does not have a specific protocol to carry. It can be transmitted in signaling. In the key agreement protocol extension of Session Description Protocol (SDP) of RFC4568, SDP can support the transmission of MIKEY, let MIKEY Support for Tickets, the problem is solved.
MIKEY-Ticket机制中包含三次交互, 如图 2所示, 分别为: 票据请求 ( Ticket Requets );票据传输( Ticket Transfer )和票据解决( Ticket Resolve )。  The MIKEY-Ticket mechanism contains three interactions, as shown in Figure 2, namely: Ticket Requets; Ticket Transfer and Ticket Resolve.
在图 2中,用户 I表示发起会话用户,用户 R表示应答会话用户, KMS 表示密钥管理服务器。 下面针对上述三种交互过程分别进行详细说明, 其 中交互参数中可分为三类表示方式, 即[ ]表示该参数可选,()表示可含一个 或超过一个该类参数, { }表示不含或含超过零个该类参数。  In Figure 2, user I indicates the originating session user, user R indicates the answering session user, and KMS indicates the key management server. The following three interactive processes are respectively described in detail. Among them, the interactive parameters can be divided into three types of representations, that is, [ ] indicates that the parameter is optional, () indicates that one or more of the parameters can be included, and { } indicates no. Contains or contains more than zero such parameters.
一、 针对 Ticket Request而言, 首先会话发起方即用户 I向 KMS发送 一个 REQUEST_INIT 消息, 用于向 KMS 请求一个 Ticket , 该 REQUESTJNIT消息中包含了会话信息 (例如, 被呼叫者的标识) , 并且 这个 REQUEST_INIT消息由基于用户 I和 KMS的共享密钥的消息认证码 ( MAC )来保护。  First, for the Ticket Request, first, the session initiator, that is, the user I sends a REQUEST_INIT message to the KMS for requesting a ticket to the KMS, the REQUESTJNIT message contains the session information (for example, the identity of the callee), and this The REQUEST_INIT message is protected by a message authentication code (MAC) based on the shared key of User I and KMS.
Ticket Request分为两种模式: 1、 共享密钥; 2、 公私钥机制。 由于公 私钥机制需要 PKI 的支持而不被釆用, 这里只介绍共享密钥模式。 该 REQUESTJNIT消息中所带的参数具体见图 3所示,包括: HDR, T, RAND, [IDi] , [IDkms] , (IDre), {SP} , IDtp, [KEMAC] , [IDpsk] , V, 其中: HDR表示消息头, T表示时间戳, RAND表示随机数;  Ticket Request is divided into two modes: 1. Shared key; 2. Public and private key mechanism. Since the public and private key mechanisms require PKI support and are not used, only the shared key mode is introduced here. The parameters included in the REQUESTJNIT message are shown in Figure 3, including: HDR, T, RAND, [IDi], [IDkms], (IDre), {SP}, IDtp, [KEMAC], [IDpsk], V , where: HDR indicates a message header, T indicates a timestamp, and RAND indicates a random number;
IDi包含发送方的标识,这个标识一般存在 Ticket中的 "发送到"字段, 由于发送方的标识可以从消息的发送方字段读取到, 所以在 REQUESTJNIT消息中该参数有时可以省去;  The IDi contains the identity of the sender. This identifier is generally present in the "send to" field in the ticket. Since the sender's identity can be read from the sender field of the message, this parameter can sometimes be omitted in the REQUESTJNIT message.
IDkms应包含在该消息中,但如果 KMS只有一个惟一标识的时候可省; IDre 为接收方的标识, 可为单个用户或者一组用户。 如果超过一个接 受方时, 每个接收方的标识都必需放在一个单独的 ID载荷中;  IDkms should be included in the message, but can be saved if the KMS has only one unique identifier; IDre is the identifier of the recipient and can be a single user or a group of users. If more than one recipient is present, each recipient's identity must be placed in a separate ID payload;
IDt 是所希望釆用的 Ticket策略的标识; SP为安全策略载荷;  IDt is the identifier of the ticket policy that you want to use; SP is the security policy payload;
KEMAC为密钥数据传输载荷,简单说就是用来存放传输各个密钥的地 方,这里 KEMAC = E(encr_key, [MPK] II {TGKITEK}), 其中 MPK(MIKEY Protection Key)为 MIKEY消息保护密钥, 即用 encr_key将 MPK, TGK或 者 TEK加密, TGK可以不止一个, encr_key即由 PSK生成, 该参数可选;KEMAC is the key data transmission payload, which is simply used to store the key for transmitting each key. Fang, here KEMAC = E(encr_key, [MPK] II {TGKITEK}), where MPK (MIKEY Protection Key) is the MIKEY message protection key, ie encrypt the MPK, TGK or TEK with encr_key, TGK can have more than one, encr_key Generated by PSK, this parameter is optional;
IDpsk不是必需参数,只有当 PSK超过一个,需要指定是使用哪个 PSK 时使用; V是验证载荷, 存放相应 MAC值。 IDpsk is not a required parameter. Only when there is more than one PSK, you need to specify which PSK to use. V is the verification payload and stores the corresponding MAC value.
如果发起方被认证合法发起这个请求, 那么 KMS产生所需要的密钥, 并将这些密钥进行编码放在 Ticket 中, 在 REQUEST_RESP 消息中返回 Ticket给发起方用户 I, 该消息中的具体参数见下图 4所示, 包括: HDR, T, [IDkms] , [IDtp] , [TICKET] , [KEMAC] , V, 其中有 [ ]的参数均为可选, 其中 Ticket包含 Ticket类型以及 Ticket数据, Ticket类型和数据均取决于 IDtp。  If the initiator is authenticated and legally initiates the request, the KMS generates the required keys, and encodes the keys in the ticket, and returns a ticket to the initiator user I in the REQUEST_RESP message. See the specific parameters in the message. As shown in Figure 4 below, it includes: HDR, T, [IDkms], [IDtp], [TICKET], [KEMAC], V, where the parameters of [ ] are optional, and the Ticket contains the ticket type and the ticket data. The ticket type and data are both dependent on IDtp.
上述 Ticket Request这一交互流程是可选的, 当用户自身有能力产生 Ticket而无需和 KMS进行交互时, Ticket Request步骤可省略。  The above ticket request interaction process is optional. When the user has the ability to generate a ticket without interacting with the KMS, the Ticket Request step can be omitted.
二、 针对 Ticket Transfer而言, 收到 KMS发回的 REQUEST_RESP消 息后, 用户 I将 Ticket放在 TRANSFER_INIT消息中发给被叫方用户 R, 即图 2中步骤 13所示。 如果用户 R检查策略为可接受, 它就把 Ticket放在 RESOLVEJNIT消息中转发给 KMS , 让 KMS返回包含在 ticket中的密钥 信息, 见图 2中的步骤 14, 其中 RESOLVE_INIT消息也釆用基于用户 R 和 KMS的共享密钥的 MAC保护。 基于 Ticket的类型, 步骤 14也是可选 的, 仅在用户 R离开 KMS的协助无法或者 Ticket中所包含信息时使用。 TRANSFER_INIT和 RESOLVE_INIT消息中具体参数分别如图 5 , 6所示: 2. For Ticket Transfer, after receiving the REQUEST_RESP message sent by KMS, User I sends the Ticket to the called party R in the TRANSFER_INIT message, as shown in step 13 in Figure 2. If the user R check policy is acceptable, it forwards the ticket to the KMS in the RESOLVEJNIT message, and causes the KMS to return the key information contained in the ticket, as shown in step 14 in Figure 2, where the RESOLVE_INIT message is also based on the user. MAC protection for shared keys of R and KMS. Based on the type of ticket, step 14 is also optional and is only used when user R leaves the assistance of KMS or the information contained in the ticket. The specific parameters in the TRANSFER_INIT and RESOLVE_INIT messages are shown in Figures 5 and 6, respectively:
TRANSFER_INIT消息中的 IDi与 IDr参数在有其他途径可以获取发送 方和接收方的标识时, 在该消息中可不包含。 在最后面的验证载荷中, 验 证密钥 auth_key由 MPK生成。 由于发送方和接收方此时并没有共享密钥, 接收方不能在 Ticket在处理前验证自己从接收方收到的消息, 所以接收方 首先需要检查自己接受的策略,如果所收到的消息中的 IDtp自己不能接受, 则拒绝该消息, 不再与 KMS进行交互。 这也是提前预防对 KMS的 DoS攻 击的一个方法。 The IDi and IDr parameters in the TRANSFER_INIT message may not be included in the message when there are other ways to obtain the identity of the sender and the receiver. In the final verification payload, the verification key auth_key is generated by the MPK. Since the sender and the receiver do not have a shared key at this time, the receiver cannot verify the message that the ticket receives from the receiver before processing, so the receiver First, you need to check the policy you accept. If the IDtp in the received message is not acceptable by yourself, the message is rejected and no longer interacts with the KMS. This is also a way to prevent DoS attacks on KMS in advance.
三、针对 Ticket Resolve而言, 在 RESOLVE_INIT消息中, Ticket载荷 携带需要被 KMS解密的 Ticket, IDt 和 IDi载荷必需和 TRANSFER_INIT 中相应参数一致。 V是验证载荷, 验证密钥 auth_key由 PSK生成。  3. For Ticket Resolve, in the RESOLVE_INIT message, the Ticket payload carries the ticket that needs to be decrypted by KMS. The IDt and IDi payloads must match the corresponding parameters in TRANSFER_INIT. V is the verification payload, and the verification key auth_key is generated by PSK.
KMS收到 RESOLVE_INIT消息后, 验证用户 R是否是合法接受者, 如果是, 则 KMS 取回在 Ticket 中的密钥和其他信息, 并给用户 R发送 RESOLVE_RESP 消息, 如果 KMS 不能正确解析收到的消息或者发送 RESOLVEJNIT的用户 R未通过验证, 则 KMS应该返回相应的错误消息。 KMS在 RESOLVE_RESP消息中将相关密钥和其他附加信息一起发给用户 R, 参见图 2中的步骤 15。  After receiving the RESOLVE_INIT message, KMS verifies that user R is a legal recipient. If so, KMS retrieves the key and other information in the ticket and sends a RESOLVE_RESP message to user R. If KMS cannot correctly parse the received message. Or if the user R who sent RESOLVEJNIT fails the verification, the KMS should return the corresponding error message. The KMS sends the relevant key along with other additional information to the user R in the RESOLVE_RESP message, see step 15 in Figure 2.
该 RESOLVE_RESP消息中的具体参数见图 7: 其中 HDR除了消息类 型 , 下一个载荷以及 V标签外 , 其他头部载荷需和 RESOLVE_INIT消息中 的头一致, 时间戳类型和值需和 RESOLVE_INIT消息中一致, KEMAC = E(encr_key, MPK II [MPK] II {TGK I TEK} )。 如果是 Forking情况, KMS 则需要两个分叉 MPK和多个 TGK。 这种情况下, 第一个 MPK用来保护 TRANSFER_INIT消息, 而第二个 MPK用来保护 TRANSFER_RESP消息。 用来生成不同分叉密钥的修改因子包含在 IDmod载荷中。  The specific parameters in the RESOLVE_RESP message are shown in Figure 7: In addition to the message type, the next payload and the V-tag, the other header payloads must be consistent with the headers in the RESOLVE_INIT message. The timestamp type and value must be consistent with the RESOLVE_INIT message. KEMAC = E(encr_key, MPK II [MPK] II {TGK I TEK} ). In the case of Forking, KMS requires two forked MPKs and multiple TGKs. In this case, the first MPK is used to protect the TRANSFER_INIT message, and the second MPK is used to protect the TRANSFER_RESP message. The modification factor used to generate the different forked keys is included in the IDmod payload.
用户 R收到该 RESOLVE_RESP消息后, 发送 TRANSFER_RESP消息 给用户 I作为确认, 见图 2中的步骤 16, 在 TRANSFER_RESP消息中可能 包含用于密钥生成的一些信息, 具体参数见图 8。 实际中的信令流程需要依 赖具体的 Ticket类型和 KMS域的策略而定, 其中, Ticket的类型由 Ticket 的策略决定。  After receiving the RESOLVE_RESP message, user R sends a TRANSFER_RESP message to user I as an acknowledgment. See step 16 in Figure 2. The TRANSFER_RESP message may contain some information for key generation. The specific parameters are shown in Figure 8. The actual signaling process needs to depend on the specific ticket type and the policy of the KMS domain. The type of the ticket is determined by the ticket's policy.
以下对 MIKEY-Ticket各密钥的派生方法进行说明: 针对非 Forking场景下 MIKEY-Ticket中使用的各层密钥以及它们之间 互相生成的关系而言, TPK为保护 Ticket的密钥,一般釆用仅为 KMS自己 所知的密钥, Ticket中的随机数 RAND由 KMS生成,基于该随机数 RAND 和 TPK, KMS使用密钥生成函数 KDF生成相应的 MPK、 TGK及 SALT, Ke为根据 Pre-shared key生成的加密 ticket中密钥材料的加密密钥, 用 Ke 加密 MPK、 TGK和 SALT放入 KEMAC载荷中。 由 pre-shared key再生成 用于验证的密钥 Ka, 计算出 MAC值放在 MAC载荷中。 The following describes the derivation method of each key of MIKEY-Ticket: For the layers of the keys used in the MIKEY-Ticket in the non-Forking scenario and the relationship between them, the TPK is the key for protecting the ticket. Generally, the key is only known to the KMS. The random number RAND is generated by the KMS. Based on the random numbers RAND and TPK, the KMS generates the corresponding MPK, TGK and SALT using the key generation function KDF, and Ke is the encryption key of the key material in the encrypted ticket generated according to the Pre-shared key. , use Ke encryption MPK, TGK and SALT to put in the KEMAC payload. The key Ka for verification is regenerated by the pre-shared key, and the MAC value is calculated to be placed in the MAC payload.
在发送方发送 TRANSFER_INIT消息给接收方时, 它使用自己生成的 RAND和从 KMS获得的 MPK基于 KDF生成验证密钥 Ka, 用来计算出 MAC值,根据 HDR中的信息,随机数 RAND以及 TGK使用 KDF生成 TEK, 和 KEMAC中包含的 SALT—起作为 SRTP协议的密钥输入。  When the sender sends the TRANSFER_INIT message to the receiver, it uses the RAND generated by itself and the MPK obtained from the KMS to generate the verification key Ka based on the KDF, which is used to calculate the MAC value. According to the information in the HDR, the random number RAND and the TGK are used. The KDF generates a TEK, and the SALT contained in the KEMAC is used as a key input for the SRTP protocol.
针对 Forking场景下 MIKEY-Ticket中密钥的生成而言, Forking情况下 与非 Forking情况的惟一的区别在于 KMS中会为每一个终端生成一个修正 因子 MOD,用来生成新的 MPK和 TGK。基于 MOD和 MPK生成分叉 MPK, 该分叉 MPK和 HDR中的参数以及随机数 RAND生成验证密钥 Ka, 用来 计算 MAC。 基于 MOD, HDR中的参数, 随机数 RAND和 TGK生成分叉 TEK, 该 TEK和 KEMAC中的 SALT作为 SRTP协议的密钥输入。  For the generation of keys in MIKEY-Ticket in Forking scenario, the only difference between Forking and non-Forking is that KMS will generate a correction factor MOD for each terminal to generate new MPK and TGK. The forked MPK is generated based on MOD and MPK, and the parameters in the forked MPK and HDR and the random number RAND generate a verification key Ka, which is used to calculate the MAC. Based on the parameters in MOD, HDR, the random numbers RAND and TGK generate a forked TEK, and the SALT in the TEK and KEMAC is used as the key input of the SRTP protocol.
由于各国法律都有规定, 执法部门必须要能力对任何通话进行合法监 听, 所以基于 KMS 的端到端媒体安全解决方案也必须满足合法监听的需 求。  Because national laws and regulations require law enforcement to have the ability to properly listen to any call, KMS-based end-to-end media security solutions must also meet legitimate interception needs.
目前公开成为标准的 IMS控制面的合法监听解决方案如图 9所示, 包 括:  The legal monitoring solution that is currently open as a standard IMS control surface is shown in Figure 9, which includes:
监听中心 (LEMF ) 、 传送单元(DF2 ) 、 管理实体( ADMF ) 、 被监 听对象( Intercepted Subscriber ) 、 与被监听对象通话一方 (Other party ) 、 P-CSCF、 S-CSCF; LEMF通过 P-CSCF和 S-CSCF对 Intercepted Subscriber 进行监听。 Listening Center (LEMF), Transfer Unit (DF2), Management Entity (ADMF), Intercepted Subscriber, Other Party, P-CSCF, S-CSCF; LEMF through P-CSCF And S-CSCF to Intercepted Subscriber Monitor.
由于该方案没有包含 KMS网元, 而仅仅从 IMS核心网元截取数据, 所以不具备对基于 KMS的媒体安全机制的监听能力,从而无法实现对基于 KMS的 IMS媒体安全的合法监听。 发明内容  Since the scheme does not include the KMS network element and only intercepts data from the IMS core network element, it does not have the ability to monitor the KMS-based media security mechanism, thereby failing to implement lawful interception of the KMS-based IMS media security. Summary of the invention
有鉴于此, 本发明的主要目的在于提供一种基于 KMS的 IMS媒体安 全的合法监听系统, 能实现对基于 KMS的 IMS媒体安全的合法监听。  In view of this, the main object of the present invention is to provide a lawful interception system based on KMS for IMS media security, which can implement lawful interception of KMS-based IMS media security.
为达到上述目的, 本发明的技术方案是这样实现的:  In order to achieve the above object, the technical solution of the present invention is achieved as follows:
一种基于密钥管理服务器 KMS的 IMS媒体安全的合法监听系统, 该 系统包括: 管理实体(ADMF )、 IP多媒体子系统(IMS ) 网元和监听中心 ( LEMF ); 该系统还包括: KMS和信令截取单元:  A lawful interception system for IMS media security based on a key management server KMS, the system comprising: an administrative entity (ADMF), an IP Multimedia Subsystem (IMS) network element and a Listening Center (LEMF); the system further comprising: KMS and Signaling interception unit:
所述 ADMF, 用于向所述 KMS发出监听命令;  The ADMF is configured to send a listening command to the KMS;
所述 KMS, 与所述 ADMF相连, 用于从所述 ADMF接收所述监听命 令后, 向所述信令截取单元发送监听数据;  The KMS is connected to the ADMF, and is configured to send the interception data to the signaling intercepting unit after receiving the intercepting command from the ADMF;
所述信令截取单元, 与所述 KMS 相连, 用于将所述监听数据发送给 LEMF;  The signaling intercepting unit is connected to the KMS, and configured to send the intercepting data to the LEMF;
所述 LEMF, 将从所述信令截取单元中获得的监听数据与从 IMS网元 获得的监听数据进行关联; 根据关联后的监听数据进行监听。  The LEMF associates the interception data obtained from the signaling intercepting unit with the intercepted data obtained from the IMS network element; and performs monitoring according to the associated intercepted data.
其中, 所述信令截取单元单独设置或者与 IMS网元中的信令截取单元 DF2合设。  The signaling intercepting unit is separately set or combined with the signaling intercepting unit DF2 in the IMS network element.
其中, 所述信令截取单元与 IMS网元中的信令截取单元 DF2合设的情 况下,  Wherein, when the signaling intercepting unit is combined with the signaling intercepting unit DF2 in the IMS network element,
合设后的信令截取单元, 用于将从所述 IMS网元和所述 KMS截取的 监听数据先进行信息关联后, 再发送给所述 LEMF; 或者, 将从所述 IMS 网元和所述 KMS截取的监听数据直接发送给所述 LEMF,由所述 LEMF进 行信息关联。 a set of interception units for intercepting the intercepted data intercepted by the IMS network element and the KMS, and then sending the data to the LEMF; or, the IMS network element and the IMS network element The interception data intercepted by the KMS is directly sent to the LEMF, and the LEMF is Line information association.
其中, 所述信息关联所釆用的信息包括以下之一或任意组合: 时间戳、 呼叫方的用户地址、 接收方的用户地址。  The information used by the information association includes one or any combination of the following: a timestamp, a user address of the calling party, and a user address of the recipient.
其中, 所述信令截取单元单独设置的情况下,  Wherein, when the signaling intercepting unit is separately set,
所述 IMS网元的信令截取单元 DF2, 用于将从所述 IMS网元截取的监 听数据发送给所述 LEMF;  The signaling intercepting unit DF2 of the IMS network element is configured to send the interception data intercepted by the IMS network element to the LEMF;
所述信令截取单元, 用于将从所述 KMS 截取的监听数据发送给所述 LEMF;  The signaling intercepting unit is configured to send interception data intercepted from the KMS to the LEMF;
所述 LEMF根据从 DF2及所述信令截取单元中接收到的数据, 进行信 息关联。  The LEMF performs information association based on data received from DF2 and the signaling intercepting unit.
其中, 所述信息关联所釆用的信息包括以下之一或任意组合: 时间戳、 呼叫方的用户地址、 接收方的用户地址。  The information used by the information association includes one or any combination of the following: a timestamp, a user address of the calling party, and a user address of the recipient.
一种基于密钥管理服务器的 IMS媒体安全的合法监听系统, 该系统包 括: ADMF、 IMS网元和 LEMF; 其特征在于, 该系统还包括: KMS和信 令截取单元,  A lawful interception system for IMS media security based on a key management server, the system comprising: ADMF, IMS network element and LEMF; wherein the system further comprises: a KMS and a signaling interception unit,
所述信令截取单元, 用于从所述 IMS网元获得监听数据, 并将其发送 给所述 KMS;  The signaling intercepting unit is configured to obtain monitoring data from the IMS network element, and send the monitoring data to the KMS;
所述 KMS,与所述信令截取单元相连,用于对所述监听数据进行解析, 并将解析结果返回信令截取单元。  The KMS is connected to the signaling intercepting unit, configured to parse the interception data, and return the parsing result to the signaling intercepting unit.
其中,所述信令截取单元为 IMS网元中的信令截取单元 DF2的情况下 , 所述 DF2, 用于发送所述监听数据给所述 KMS时, 在所述监听数据中 包含 MIKEY-Ticket信息。  In the case that the signaling intercepting unit is the signaling intercepting unit DF2 in the IMS network element, the DF2 is configured to include the MIKEY-Ticket in the intercepting data when the intercepting data is sent to the KMS. information.
其中,所述 DF2将所述监听数据中包含的 MIKEY-Ticket信息发送到所 述 KMS;  The DF2 sends the MIKEY-Ticket information included in the interception data to the KMS;
所述 KMS, 进一步用于根据所述 MIKEY-Ticket信息解析, 并将解析 结果返回给所述 DF2。 The KMS is further configured to parse according to the MIKEY-Ticket information, and parse the The result is returned to the DF2.
其中,所述信令截取单元为 IMS网元中的信令截取单元 DF2的情况下, 所述 DF2, 根据本地策略, 识别出从 IMS网元中获得不可信消息后, 将从所述 IMS网元和信令面获取的信息发送到 KMS, 从所述 IMS网元获 取的信息包括:被监听用户所使用的 KMS-ID、事件的时间戳中的至少一种; 从所述信令面获取的信息包括: 呼叫方的用户标识符、 接收方的用户标识 符中的至少一种;  In the case that the signaling intercepting unit is the signaling intercepting unit DF2 in the IMS network element, the DF2, according to the local policy, identifies that after obtaining the untrusted message from the IMS network element, the IMS network will be obtained from the IMS network. The information obtained by the element and the signaling plane is sent to the KMS, and the information obtained from the IMS network element includes: at least one of a KMS-ID used by the monitored user and a timestamp of the event; The information includes: at least one of a caller's user identifier and a recipient's user identifier;
所述 KMS, 进一步用于根据 DF2所提供的从所述 IMS网元和信令面 获取的信息, 找到对应的 MIKEY-Ticket信息, 进行解析, 并将解析结果发 送给 DF2。  The KMS is further configured to find the corresponding MIKEY-Ticket information according to the information obtained from the IMS network element and the signaling plane provided by the DF2, parse the information, and send the parsing result to the DF2.
本发明为了实现引入 KMS这一新增网元后,对基于 KMS的 IMS媒体 安全的合法监听, 包括两种系统实现方案, 即为: 引入 KMS这一新增网元 后分别对应的推(PUSH )方案和拉(PULL )方案。 其中, PUSH方案中, 该系统包括: 新增的 KMS和信令截取单元; 新增的 KMS与 ADMF相连, 用于从 ADMF接收监听命令, 主动向信令截取单元发送监听数据; 新增的 信令截取单元, 用于从 KMS和 IMS网元截取监听数据。  In order to realize the lawful interception of the KMS-based IMS media security after the introduction of the newly added network element of the KMS, the present invention includes two system implementation schemes, namely: the introduction of the corresponding network element after the introduction of the KMS (PUSH) ) Scheme and pull (PULL) scheme. The PUSH solution includes: a new KMS and a signaling intercepting unit; the newly added KMS is connected to the ADMF, and is configured to receive a listening command from the ADMF, and actively send the monitoring data to the signaling intercepting unit; An intercepting unit is configured to intercept the intercepting data from the KMS and the IMS network element.
釆用本发明, 能实现对基于 KMS的 IMS媒体安全的合法监听, 为基 于 KMS的安全通信技术方案, 所对应提供的切实有效的监听方案。 附图说明  The invention can realize the lawful interception of the KMS-based IMS media security, and provides an effective and effective monitoring solution corresponding to the KMS-based secure communication technology solution. DRAWINGS
图 1为现有 MIKEY-Ticket的系统架构图;  Figure 1 is a system architecture diagram of an existing MIKEY-Ticket;
图 2为现有 MIKEY-Ticket中定义的三个密钥协商交互流程的示意图; 图 3为现有 REQUEST_INIT消息的示意图;  2 is a schematic diagram of three key negotiation interaction processes defined in the existing MIKEY-Ticket; FIG. 3 is a schematic diagram of an existing REQUEST_INIT message;
图 4为现有 REQUEST_RESP消息的示意图;  Figure 4 is a schematic diagram of an existing REQUEST_RESP message;
图 5为现有 TRANSFER_INIT消息的示意图;  Figure 5 is a schematic diagram of an existing TRANSFER_INIT message;
图 6为现有 RESOLVE_INIT消息的示意图; 图 7为现有 RESOLVE_RESP消息的示意图; 6 is a schematic diagram of an existing RESOLVE_INIT message; 7 is a schematic diagram of an existing RESOLVE_RESP message;
图 8为现有 TRANSFER_RESP消息的示意图;  Figure 8 is a schematic diagram of an existing TRANSFER_RESP message;
图 9为现有已标准化的控制面的 IMS合法监听系统架构图;  Figure 9 is a structural diagram of an IMS lawful interception system of a conventional standardized control plane;
图 10为本发明系统的 KMS-PUSH方案的系统架构图;  10 is a system architecture diagram of a KMS-PUSH scheme of the system of the present invention;
图 11为应用本发明系统的 KMS-PUSH架构下, KMS和其他监听网元 的接口示意图;  11 is a schematic diagram of an interface between a KMS and other listening network elements in a KMS-PUSH architecture to which the system of the present invention is applied;
图 12为应用本发明系统的 KMS-PUSH架构下, 被叫方被布控时的监 听流程示意图;  12 is a schematic diagram of a monitoring process when a called party is controlled by a KMS-PUSH architecture using the system of the present invention;
图 13为应用本发明系统的 KMS-PUSH架构下, 呼叫方被布控时的监 听流程示意图;  13 is a schematic diagram of a monitoring process when a calling party is controlled by a KMS-PUSH architecture using the system of the present invention;
图 14为本发明系统的 KMS-PULL方案的系统架构图;  14 is a system architecture diagram of a KMS-PULL scheme of the system of the present invention;
图 15应用为本发明系统的 KMS-PULL架构下, 监控对象为被叫方时 的消息流程示意图;  FIG. 15 is a schematic diagram of a message flow when a monitoring object is a called party under the KMS-PULL architecture of the system of the present invention;
图 16为应用本发明系统的 KMS-PULL架构下, 监控对象为呼叫方时 的消息流程示意图。 具体实施方式  16 is a schematic diagram of a message flow when a monitoring object is a calling party in a KMS-PULL architecture to which the system of the present invention is applied. detailed description
本发明的基本思想是: 为了实现引入 KMS 这一新增网元后, 对基于 KMS 的 IMS媒体安全的合法监听, 包括两种系统实现方案, 即为: 引入 KMS这一新增网元后分别对应的 PUSH方案和 PULL方案。  The basic idea of the present invention is: To implement the lawful interception of the KMS-based IMS media security after the introduction of the newly added network element of the KMS, including two system implementation schemes, namely: introducing the newly added network element of the KMS Corresponding PUSH scheme and PULL scheme.
下面结合附图对技术方案的实施作进一步的详细描述。  The implementation of the technical solution will be further described in detail below with reference to the accompanying drawings.
一种基于 KMS的 IMS媒体安全的合法监听系统, 为了实现引入 KMS 这一新增网元后, 对基于 KMS的 IMS媒体安全的合法监听, 包括两种系 统实现方案, 即为: 引入 KMS这一新增网元后分别对应的 PUSH方案和 PULL方案,也可以称为 KMS-PUSH系统架构方案和 KMS-PULL系统架构 方案。 釆用 KMS-PUSH系统架构时, 系统即为基于 KMS的 PUSH模式的 系统; 釆用 KMS-PULL系统架构时, 系统即为基于 KMS的 PULL模式的 系统。 A KMS-based IMS media security lawful interception system, in order to implement the legal monitoring of KMS-based IMS media security after the introduction of the newly added network element of KMS, includes two system implementation schemes, namely: introducing KMS The PUSH scheme and the PULL scheme corresponding to the newly added NEs may also be referred to as a KMS-PUSH system architecture scheme and a KMS-PULL system architecture scheme. When using the KMS-PUSH system architecture, the system is based on the KMS-based PUSH mode. System; When using the KMS-PULL system architecture, the system is a KMS-based PULL mode system.
这里需要指出的是:本发明既然是基于 KMS的安全通信技术方案下所 提供的切实有效的监听方案, 由于基于 KMS的安全通信技术方案不依赖于 信令面的安全, 因此, 本发明的监听方案也不依赖于信令面的安全。 本发 明主要包括以下内容:  It should be pointed out here that the present invention is an effective monitoring solution provided under the KMS-based secure communication technology solution. Since the KMS-based secure communication technology solution does not depend on the security of the signaling plane, the monitoring of the present invention The solution also does not depend on the security of the signaling plane. The present invention mainly includes the following contents:
针对 KMS-PUSH方案而言,如图 10, 图 11所示即为 KMS-PUSH方案 的系统架构, 从图 10可以看出: ADMF作为用于向网元发送监听指令的实 体, 对 IMS网元和 KMS单独发出监听命令, IMS网元和 KMS独立向 DF2 和 DF2'发监听数据。  For the KMS-PUSH scheme, as shown in FIG. 10 and FIG. 11, the system architecture of the KMS-PUSH scheme is shown in FIG. 10: ADMF is used as an entity for sending a listening instruction to a network element, and an IMS network element is used. The monitoring command is issued separately from the KMS, and the IMS network element and the KMS independently send monitoring data to DF2 and DF2'.
这里, DF2 和 DF2,即为信令截取单元的具体实现, DF2 的全称为 Delivery Function 2, 可称为传送单元; DF2,也可称为传送单元, 表示在功 能上区别于 DF2的传送单元。 针对传送单元而言, 传送单元在合法监听中 用来截取信令面数据, 并且将截取到的信息转换成标准格式, 发送到监听 中心( LEMF, Law Enforcement Monitoring Facility )。 在实际应用中对于信 令截取单元的处理包括两种方式: 一种方式, 可以将 DF2和 DF2,作为不同 的网络实体, 也就是说, 在信令截取单元中分别独立配置两个功能单元, 即 DF2和 DF2,, 以各自实现不同的功能, 这样进行的功能划分能提高系统 整体运行速度和效率; 另一种方式: 可以将 DF2和 DF2, 整合为同一个网 络实体, 也就是说, 在信令截取单元中仅仅配置一个功能单元, 该功能单 元整合了 DF2和 DF2,的全部功能, 并不作功能划分, 比如, 信令截取单元 的具体实现可以仅仅是 DF2, 不过该 DF2的含义指升级的 DF2, 既包括现 有 DF2的功能, 也包括 DF2,的功能, 以区别于现有技术中的 DF2。  Here, DF2 and DF2 are the specific implementations of the signaling interception unit. The full name of DF2 is called Delivery Function 2, which can be called the transmission unit. DF2, also called the transmission unit, represents the transmission unit that is functionally different from DF2. For the transmitting unit, the transmitting unit is used to intercept the signaling plane data in the lawful interception, and converts the intercepted information into a standard format and sends it to the Listening Center (LEMF, Law Enforcement Monitoring Facility). In practical applications, the processing of the signaling intercepting unit includes two modes: one way, DF2 and DF2 can be used as different network entities, that is, two functional units are separately configured in the signaling intercepting unit, That is, DF2 and DF2, to achieve different functions, respectively, so that the functional division can improve the overall operating speed and efficiency of the system; Another way: DF2 and DF2 can be integrated into the same network entity, that is, in Only one functional unit is configured in the signaling interception unit. The functional unit integrates all functions of DF2 and DF2, and does not perform functional division. For example, the specific implementation of the signaling interception unit may be only DF2, but the meaning of the DF2 refers to an upgrade. The DF2, which includes both the functions of the existing DF2 and the functions of the DF2, is distinguished from the DF2 in the prior art.
这里, DF2和 DF2,将监听数据发到 LEMF进行信息关联, 如果 DF2 和 DF2,是同一个网络实体, 则 DF2可以将 IMS网元和 KMS发来的监听数 据先关联后发给 LEMF, 或直接发给 LEMF, 由 LEMF关联。如图 11所示, KMS和 ADMF有 Xl_l接口, 用来接收来自 ADMF的监听指令; KMS和 DF2有 X2接口,用来向 DF2传送跟监听对象有关的票据解析请求( Resolve Init ), 票据解析结果(Resolve Resp ), 票据申请请求( Request Init ), 票据 申请响应 ( Request Resp ), 事件发生的时间等信息。 DF2和 DF2,消息的关 联可以通过无法通过信令面篡改的信息来关联, 如时间的时间戳、 呼叫方 和接受方的用户地址等。 Here, DF2 and DF2 send the interception data to LEMF for information association. If DF2 and DF2 are the same network entity, DF2 can send the number of listeners sent by IMS network element and KMS. It is first sent to LEMF, or directly to LEMF, and is associated with LEMF. As shown in Figure 11, KMS and ADMF have an Xl_l interface for receiving listener commands from ADMF; KMS and DF2 have X2 interfaces for transmitting a ticket resolution request (Resolve Init) related to the listener object to DF2, and the ticket parsing result (Resolve Resp), Request Init, Request Resp, time of event occurrence, etc. DF2 and DF2, the association of messages can be related by information that cannot be tampered with by the signaling plane, such as time stamp of the time, the user address of the calling party and the recipient, and so on.
针对 KMS-PULL方案而言, 如图 14所示即为 KMS PULL方案的系统 架构, DF2从 IMS 网元截取目标用户的会话消息, 如果会话信息中包含 MIKEY-Ticket消息, 则 DF2根据本地策略, 比如分针对可信和不可信的不 同策略来决定向 KMS发送监听命令的内容, 如果 DF2从信令面截取到消 息可信, DF2可以直接将截取到的 Ticket发到 KMS , 获得 Ticket的解析结 果。 如果 DF2从信令面截取到的信息不可信, DF2从 IMS网元中获得被监 听用户的所使用的 KMS-ID, 将从 IMS 网元中获得事件的时间戳, 和从信 令面获取的不易被篡改的信息如呼叫双方的用户标识符等发送到指定 KMS。 KMS根据 DF2提供信息, 找到相关的 Ticket, 并将 Ticket的解析结 果发送给 DF2。 DF2可以将 Ticket的解析结果发送给 LEMF, 由 LEMF来 做 Ticket信息和呼叫信息的关联。 也可以自己实现 Ticket信息和呼叫信息 的关联处理, 并将处理过的信息发送给 LEMF。 DF2向 KMS发送监听命令 的时候, 根据本地策略, 决定发送到 KMS的数据。  For the KMS-PULL scheme, as shown in Figure 14, the system architecture of the KMS PULL scheme is adopted. DF2 intercepts the session message of the target user from the IMS network element. If the session information includes the MIKEY-Ticket message, the DF2 is based on the local policy. For example, for different trusted and untrusted policies, the content of the interception command is sent to the KMS. If the DF2 intercepts the message from the signaling plane, the DF2 can directly send the intercepted ticket to the KMS to obtain the analysis result of the ticket. If the information intercepted by the DF2 from the signaling plane is not trusted, the DF2 obtains the KMS-ID used by the monitored user from the IMS network element, obtains the timestamp of the event from the IMS network element, and obtains the timestamp from the signaling plane. Information that is not easily falsified, such as the user identifier of both parties to the call, is sent to the designated KMS. KMS provides information based on DF2, finds the relevant ticket, and sends the ticket resolution to DF2. DF2 can send the result of the analysis of the ticket to LEMF, and the association between the ticket information and the call information is performed by LEMF. It is also possible to implement the association processing of the ticket information and the call information by itself, and send the processed information to the LEMF. When DF2 sends a listen command to KMS, it decides the data to be sent to KMS according to the local policy.
以下对本发明进行举例阐述。  The invention is illustrated by way of example below.
系统实施例一: 本发明系统的 KMS-PUSH架构时的实施例, 信令截取 单元包括 DF2和 DF2,, 且 DF2和 DF2,分别独立设置。 本实施例中, DF2 作为 IMS网元的信令截取单元, DF2, 作为 KMS的信令截取单元。  System Embodiment 1: In the embodiment of the KMS-PUSH architecture of the system of the present invention, the signaling intercepting unit includes DF2 and DF2, and DF2 and DF2 are independently set. In this embodiment, DF2 is used as a signaling intercepting unit of the IMS network element, and DF2 is used as a signaling intercepting unit of the KMS.
如图 10所示, 该系统包括: ADMF, P-CSCF、 S-CSCF、 KMS, DF2、 DF2,和 LEMF; 其中 , P-CSCF和 S-CSCF都属于 IMS网元。 As shown in FIG. 10, the system includes: ADMF, P-CSCF, S-CSCF, KMS, DF2. DF2, and LEMF; wherein, both the P-CSCF and the S-CSCF belong to the IMS network element.
ADMF, 用于向 KMS发出监听命令。  ADMF, used to issue a listen command to KMS.
KMS , 与 ADMF相连, 还与 DF2,相连, 用于从 ADMF接收监听命令 后, 向 DF2'发送监听数据。  KMS, connected to ADMF, is also connected to DF2, and is used to send monitoring data to DF2' after receiving a listening command from ADMF.
P-CSCF和 S-CSCF,用于从 ADMF接收监听命令,主动向 DF2发送监 听数据。  The P-CSCF and the S-CSCF are used to receive the listening command from the ADMF and actively send the monitoring data to the DF2.
DF2, 用于将从 P-CSCF和 S-CSCF截取的监听数据发送给 LEMF, 由 LEMF进行信息关联。  DF2, used to send the interception data intercepted from the P-CSCF and the S-CSCF to the LEMF, and the LEMF performs information association.
DF2' , 用于将从 KMS截取的监听数据发送给 LEMF, 由 LEMF进行 信息关联。  DF2' is used to send the interception data intercepted from the KMS to the LEMF, and the LEMF performs the information association.
LEMF, 用于将从 DF2和 DF2, 中获得的监听数据与从 IMS网元获得 的监听数据进行关联; 根据关联后的监听数据进行监听。  LEMF is used to associate the intercepted data obtained from DF2 and DF2 with the intercepted data obtained from the IMS network element; and listen according to the associated intercepted data.
这里需要指出的是: 本系统实施例中的信令截取单元所包括的 DF2和 DF2,是分别独立设置的。 也就是说, 此时 DF2和 DF2,为不同的网络实体, 分别起作用。  It should be noted here that the DF2 and DF2 included in the signaling intercepting unit in the embodiment of the system are separately set. That is to say, at this time, DF2 and DF2 are different network entities, respectively.
这里, KMS-PUSH架构时, 信令截取单元所包括的 DF2和 DF2, 能整 合为一个升级的网络实体, 信令截取单元即为升级的网络实体。 与以上系 统实施例一的不同之处仅在于:将 DF2和 DF2,整合后构成的一个升级的网 络实体作为信令截取单元。也就是说,此时 DF2和 DF2,为同一个网络实体。  Here, in the KMS-PUSH architecture, the DF2 and DF2 included in the signaling interception unit can be integrated into an upgraded network entity, and the signaling interception unit is an upgraded network entity. The only difference from the first embodiment of the above system is that an upgraded network entity formed by integrating DF2 and DF2 is used as a signaling intercepting unit. That is to say, at this time, DF2 and DF2 are the same network entity.
DF2和 DF2,是同一个网络实体时,如图 11所示的接口示意图可以看出: KMS和 ADMF有 Xl_l接口, 用来接收来自 ADMF的监听指令; KMS和 DF2有 X2接口, 用来向 DF2传送跟监听对象有关的 Resolve Init, Resolve Resp, Request Init, Request Resp, 事件发生的时间等信息。  When DF2 and DF2 are the same network entity, the interface diagram shown in Figure 11 can be seen: KMS and ADMF have Xl_l interface for receiving listening commands from ADMF; KMS and DF2 have X2 interfaces for DF2 The Resolve Init, Resolve Resp, Request Init, Request Resp, and the time when the event occurred are transmitted.
系统实施例二: 本发明系统的 KMS-PULL架构时的实施例 , 且信令截 取单元为 IMS网元的信令截取单元的情况, IMS网元的信令截取单元仍以 DF2表示。 如图 14所示, 该系统包括: ADMF、 P-CSCF, S-CSCF, KMS , DF2和 LEMF; 其中 , P-CSCF和 S-CSCF都属于 IMS网元。 System Embodiment 2: Embodiment of the KMS-PULL architecture of the system of the present invention, and the signaling intercepting unit is a signaling intercepting unit of the IMS network element, and the signaling intercepting unit of the IMS network element still uses DF2 said. As shown in FIG. 14, the system includes: ADMF, P-CSCF, S-CSCF, KMS, DF2, and LEMF; wherein, both the P-CSCF and the S-CSCF belong to the IMS network element.
DF2, 用于从 P-CSCF和 S-CSCF截取监听数据目标用户的会话消息, 根据所述监听数据釆用不同的本地策略向 KMS发送针对监听命令的内容。 这里需要指出的是: 监听数据也可以称为目标用户的会话消息。  DF2, configured to intercept, from the P-CSCF and the S-CSCF, a session message of the target user of the interception data, and send the content for the interception command to the KMS according to the interception data using different local policies. It should be noted here that the interception data can also be referred to as the session message of the target user.
KMS , 与 DF2相连, 用于根据所述针对监听命令的内容进行解析, 并 将解析结果返回 DF2。 这里需要指出的是: 此处涉及的监听命令与上述系 统实施例一中涉及的监听命令表达不同含义, 即为: 二者虽然都属于监听 命令, 但是具体内容和格式可能不一样, 上述系统实施例一中涉及的监听 命令是 ADMF和 KMS之间的; 而此处涉及的监听命令是 DF2和 KMS之 间的, 二者的接口和参数都可能不一样, 不作赘述。  KMS, connected to DF2, is configured to parse according to the content of the listening command, and return the parsing result to DF2. It should be pointed out here that the listening command involved here has different meanings from the listening command involved in the first embodiment of the system, that is: both of them belong to the listening command, but the specific content and format may be different, the above system implementation The interception command involved in the first example is between ADMF and KMS; the listener command involved here is between DF2 and KMS, and the interfaces and parameters of the two may be different, and will not be described again.
针对不同的本地策略, DF2向 KMS发送针对监听命令的内容包括以下 两种具体实现:  For different local policies, the content that DF2 sends to the KMS for the listening command includes the following two specific implementations:
一: DF2用于当釆用针对可信消息的本地策略时, DF2直接将截取到 消息中的 Ticket发送到 KMS。  One: DF2 is used to send the ticket intercepted to the message to the KMS when the local policy for trusted messages is used.
相应的, KMS用于根据 Ticket直接解析, 并将针对 Ticket的解析结果 返回给 DF2。  Correspondingly, KMS is used to parse directly according to the ticket, and returns the parsing result for the ticket to DF2.
二: DF2用于当釆用针对不可信消息的本地策略时, DF2将从 P-CSCF 和 S-CSCF和信令面获取的信息发送到 KMS; 其中, 从 P-CSCF和 S-CSCF 获取的信息包括: 被监听用户所使用的 KMS-ID、事件的时间戳中的至少一 种; 从信令面获取的信息包括: 呼叫方的用户标识符、 接收方的用户标识 符中的至少一种。  Two: DF2 is used to transmit the information acquired from the P-CSCF and the S-CSCF and the signaling plane to the KMS when the local policy for the untrusted message is used; wherein, the information obtained from the P-CSCF and the S-CSCF The information includes: at least one of a KMS-ID used by the monitored user, and a timestamp of the event; the information acquired from the signaling plane includes: at least one of a caller's user identifier and a recipient's user identifier. .
相应的, KMS用于根据 DF2所提供的从 P-CSCF和 S-CSCF和信令面 获取的信息, 找到相关的 Ticket, 并将 Ticket的解析结果发送给 DF2。  Correspondingly, the KMS is used to find the relevant ticket according to the information obtained from the P-CSCF and the S-CSCF and the signaling plane provided by the DF2, and send the result of the ticket analysis to the DF2.
以下对应用本发明系统架构下的信令交互流程进行举例阐述。 应用实例一: 当应用本发明系统的 KMS-PUSH架构时的实例,如图 12 所示是当接收方 (用户 B )是监控对象时的消息流程, 包括以下步骤: The following describes the signaling interaction process under the system architecture of the present invention. Application Example 1: When applying the KMS-PUSH architecture of the system of the present invention, as shown in FIG. 12, the message flow when the receiver (User B) is the monitoring object includes the following steps:
步骤 101: 用户 A向 KMS_A发送 Ticket请求消息。  Step 101: User A sends a Ticket Request message to KMS_A.
步骤 102: KMS_A收到用户 A的请求后,将密钥和 Ticket通过 Request Res 消息发给用户 A。  Step 102: After receiving the request of the user A, the KMS_A sends the key and the ticket to the user A through the Request Res message.
步骤 103: 用户 A向 IMS网络发送 Transfer Init消息。  Step 103: User A sends a Transfer Init message to the IMS network.
步骤 104: IMS网络向 DF2转发收到的 Transfer Init消息。  Step 104: The IMS network forwards the received Transfer Init message to the DF2.
步骤 105: IMS网络向用户 B转发 Transfer Init消息  Step 105: The IMS network forwards the Transfer Init message to User B.
步骤 106: 用户 B向 KMS_B发送 Ticket解析请求 Resolve Init。  Step 106: User B sends a ticket resolution request Resolve Init to KMS_B.
步骤 107: KMS_B转发 Ticket解析请求 Resolve Init到 DF2,。  Step 107: KMS_B forwards the ticket resolution request Resolve Init to DF2,.
步骤 108: KMS_B发送 Ticket解析请求 Resolve Init到 KMS_A。  Step 108: KMS_B sends a ticket resolution request Resolve Init to KMS_A.
步骤 109: KMS_A发送 Ticket解析结果 Resolve Res 给 KMS_B。 步骤 110: KMS_B发送 Ticket解析结果 Resolve Res 给 DF2, .  Step 109: KMS_A sends the ticket resolution result Resolve Res to KMS_B. Step 110: KMS_B sends the ticket resolution result Resolve Res to DF2, .
步骤 Ill : KMS_B发送 Ticket解析结果 Resolve Res 发给用户 B。 步骤 112: 用户 B将向 IMS网络发送 Transfer Res 消息。  Step Ill: KMS_B sends the ticket resolution result Resolve Res is sent to user B. Step 112: User B will send a Transfer Res message to the IMS network.
步骤 113: IMS网络向 DF2转发 Transfer Res 消息。  Step 113: The IMS network forwards the Transfer Res message to the DF2.
步骤 114: IMS网络向用户 A发送 Transfer Res 消息。  Step 114: The IMS network sends a Transfer Res message to User A.
应用实例二: 当应用本发明系统的 KMS-PUSH架构时的实例,如图 13 所示是当发起方 (用户 A )是监控对象时的消息流程, 包括以下步骤: 步骤 201: 用户 A向 KMS_A发送 Ticket请求消息。  Application Example 2: When applying the KMS-PUSH architecture of the system of the present invention, as shown in FIG. 13, the message flow when the initiator (user A) is the monitoring object includes the following steps: Step 201: User A to KMS_A Send a ticket request message.
步骤 202: KMS_A向 DF2,转发 Ticket请求消息。  Step 202: KMS_A forwards the Ticket Request message to DF2.
步骤 203: KMS_A收到用户 A的请求后,将密钥和 Ticket通过 Request Res 消息发给用户 A。  Step 203: After receiving the request of the user A, the KMS_A sends the key and the ticket to the user A through the Request Res message.
步骤 204: KMS_A将 Request Res 消息转发给 DF2'。  Step 204: KMS_A forwards the Request Res message to DF2'.
步骤 205: 用户 A向 IMS网络发送 Transfer Init消息。 步骤 206: IMS网络向 DF2转发收到的 Transfer Init消息。 Step 205: User A sends a Transfer Init message to the IMS network. Step 206: The IMS network forwards the received Transfer Init message to the DF2.
步骤 207: IMS网络向用户 B转发 Transfer Init消息。  Step 207: The IMS network forwards the Transfer Init message to User B.
步骤 208: 用户 B向 KMS— B发送 Ticket解析请求 Resolve Init。  Step 208: User B sends a ticket resolution request Resolve Init to KMS-B.
步骤 209: KMS_B发送 Ticket解析请求 Resolve Init到 KMS_A。  Step 209: KMS_B sends a ticket resolution request Resolve Init to KMS_A.
步骤 210: KMS_A转发 Resolve Init到 DF2'。  Step 210: KMS_A forwards Resolve Init to DF2'.
步骤 211 : KMS_A发送 Ticket解析结果 Resolve Res 给 KMS_B。  Step 211: KMS_A sends the ticket resolution result Resolve Res to KMS_B.
步骤 212: KMS_A发送 Ticket解析结果 Resolve Res 给 DF2,。  Step 212: KMS_A sends the ticket resolution result Resolve Res to DF2,.
步骤 213: KMS_B发送 Ticket解析结果 Resolve Resp给用户 B。  Step 213: KMS_B sends the ticket resolution result Resolve Resp to user B.
步骤 214: 用户 B将向 IMS网络发送 Transfer Res 消息。  Step 214: User B will send a Transfer Res message to the IMS network.
步骤 215: IMS网络向 DF2转发 Transfer Res 消息。  Step 215: The IMS network forwards the Transfer Res message to the DF2.
步骤 216: IMS网络向用户 A发送 Transfer Res 消息。  Step 216: The IMS network sends a Transfer Res message to User A.
应用实例.三: 当应用本发明系统的 KMS- PULL架构时的实例, 如图 Application example. Three: When applying the KMS-PULL architecture of the system of the present invention, as shown in the figure
15所示, 当信令面不可信, 并且当用户 B是监听对象时的监听流程, 包括 以下步骤 15 shows that when the signaling plane is not trusted, and the user B is the listening process when listening to the object, the following steps are included.
步骤 301 : 用户 A向 KMS_A发送 Ticket请求消息。  Step 301: User A sends a Ticket Request message to KMS_A.
步骤 302: KMS_A收到用户 A的请求后,将密钥和 Ticket通过 Request Step 302: After receiving the request of user A, KMS_A passes the key and the ticket through the Request.
Res 消息发给用户 A。 The Res message is sent to user A.
步骤 303: 用户 A向 IMS网络发送 Transfer Init消息。  Step 303: User A sends a Transfer Init message to the IMS network.
步骤 304: IMS网络向 DF2转发收到的 Transfer Init消息, 以及用户 B 的 KMS-ID (及 KMS_B ), 已经事件发生的时间戳等信息。  Step 304: The IMS network forwards the received Transfer Init message to the DF2, and the KMS-ID (and KMS_B) of the user B, the timestamp of the event, and the like.
步骤 305: DF2将事件发生的时间戳 , 和从 Transfer Init消息中获取不 易在信令面被篡改的信息比如呼叫上方的身份标识, 发送到 KMS_B。  Step 305: The DF2 sends the timestamp of the event and the information that is not easily falsified on the signaling plane, such as the identity above the call, from the Transfer Init message to KMS_B.
步骤 306: IMS网络向用户 B转发 Transfer Init消息。  Step 306: The IMS network forwards the Transfer Init message to User B.
步骤 307: 用户 B向 KMS_B发送 Ticket解析请求 Resolve Init。  Step 307: User B sends a ticket resolution request Resolve Init to KMS_B.
步骤 308: KMS_B发送 Ticket解析请求 Resolve Init到 KMS_A。 步骤 309: KMS_A发送 Ticket解析结果 Resolve Resp给 KMS_B。 Step 308: KMS_B sends a ticket resolution request Resolve Init to KMS_A. Step 309: KMS_A sends a ticket resolution result Resolve Resp to KMS_B.
步骤 310: KMS_B发送 Ticket解析结果 Resolve Resp给 DF2。  Step 310: KMS_B sends the ticket resolution result Resolve Resp to DF2.
步骤 311 : KMS_B发送 Ticket解析结果 Resolve Resp给用户 B。  Step 311: KMS_B sends the ticket resolution result Resolve Resp to user B.
步骤 312: 用户 B将向 IMS网络发送 Transfer Resp消息。  Step 312: User B will send a Transfer Resp message to the IMS network.
步骤 313: IMS网络向 DF2转发 Transfer Res 消息。  Step 313: The IMS network forwards the Transfer Res message to the DF2.
步骤 314: IMS网络向用户 A发送 Transfer Res 消息。  Step 314: The IMS network sends a Transfer Res message to User A.
应用实例四: 当应用本发明系统的 KMS- PULL架构时的实例, 如图 16所示, 当信令面不可信, 并且当呼叫方 (用户 A )是监听对象时的监听 流程, 包括以下步骤:  Application Example 4: When the KMS-PULL architecture of the system of the present invention is applied, as shown in FIG. 16, when the signaling plane is not trusted, and the calling party (User A) is the listening process, the following steps are included. :
步骤 401: 用户 A向 KMS_A发送 Ticket请求消息。  Step 401: User A sends a Ticket Request message to KMS_A.
步骤 402: KMS_A收到用户 A的请求后,将密钥和 Ticket通过 Request Res 消息发给用户 A。  Step 402: After receiving the request of the user A, the KMS_A sends the key and the ticket to the user A through the Request Res message.
步骤 403: 用户 A向 IMS网络发送 Transfer Init消息。  Step 403: User A sends a Transfer Init message to the IMS network.
步骤 404: IMS网络向 DF2转发收到的 Transfer Init消息, 以及用户 A 的 KMS-ID (及 KMS_A ), 已经事件发生的时间戳等信息。  Step 404: The IMS network forwards the received Transfer Init message to the DF2, and the KMS-ID (and KMS_A) of the user A, the timestamp of the event, and the like.
步骤 405: DF2将事件发生的时间戳, 和从 Transfer Init消息中获取不 易在信令面被篡改的信息比如呼叫上方的身份标识, 发送到 KMS_A。  Step 405: The DF2 sends the timestamp of the event and the information that is not easily falsified on the signaling plane, such as the identity above the call, from the Transfer Init message to the KMS_A.
步骤 406: IMS网络向用户 B转发 Transfer Init消息。  Step 406: The IMS network forwards the Transfer Init message to User B.
步骤 407: 用户 B向 KMS_B发送 Ticket解析请求 Resolve Init。  Step 407: User B sends a ticket resolution request Resolve Init to KMS_B.
步骤 408: KMS_B发送 Ticket解析请求 Resolve Init到 KMS_A。  Step 408: KMS_B sends a ticket resolution request Resolve Init to KMS_A.
步骤 409: KMS_A发送 Ticket解析结果 Resolve Resp给 DF2。  Step 409: KMS_A sends the ticket resolution result Resolve Resp to DF2.
步骤 410: KMS_A发送 Ticket解析结果 Resolve Resp给 KMS_B。 步骤 411: KMS_B发送 Ticket解析结果 Resolve Resp给用户 B。  Step 410: KMS_A sends the ticket resolution result Resolve Resp to KMS_B. Step 411: KMS_B sends the ticket resolution result Resolve Resp to user B.
步骤 412: 用户 B将向 IMS网络发送 Transfer Res 消息。  Step 412: User B will send a Transfer Res message to the IMS network.
步骤 413: IMS网络向 DF2转发 Transfer Res 消息。 步骤 414: IMS网络向用户 A发送 Transfer Res 消息。 Step 413: The IMS network forwards the Transfer Res message to the DF2. Step 414: The IMS network sends a Transfer Res message to User A.
这里, 对以上文字包括附图中文字的中英文进行说明: BSF指服务功 能; Media Key指媒体密钥; KMS指密钥管理服务器; NAF指应用服务器; Here, the above text includes the Chinese and English characters in the figure: BSF refers to the service function; Media Key refers to the media key; KMS refers to the key management server; NAF refers to the application server;
Key-info指; P-CSCF指代理呼叫会话控制单元; S-CSCF指服务呼叫会话 控制单元; Request Init指票据请求; Request Res 指票据请求结果; TransferKey-info refers to; P-CSCF refers to proxy call session control unit; S-CSCF refers to service call session control unit; Request Init refers to ticket request; Request Res refers to ticket request result; Transfer
Init指票据传输请求; Transfer Resp指票据传输请求应答; Resolve Init指票 据解析请求; Resolve Resp指票据解析结果信息。 Init refers to the ticket transfer request; Transfer Resp refers to the ticket transfer request response; Resolve Init refers to the ticket resolution request; and Resolve Resp refers to the ticket resolution result information.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 Claim
1、 一种基于密钥管理服务器 KMS的 IMS媒体安全的合法监听系统, 该系统包括: 管理实体(ADMF )、 IP多媒体子系统(IMS ) 网元和监听中 心 (LEMF ); 其特征在于, 该系统还包括: KMS和信令截取单元; 其中, 所述 ADMF, 用于向所述 KMS发出监听命令;  A lawful interception system for IMS media security based on a key management server KMS, the system comprising: a management entity (ADMF), an IP Multimedia Subsystem (IMS) network element, and a Listening Center (LEMF); The system further includes: a KMS and a signaling intercepting unit; wherein the ADMF is configured to send a listening command to the KMS;
所述 KMS, 与所述 ADMF相连, 用于从所述 ADMF接收所述监听命 令后, 向所述信令截取单元发送监听数据;  The KMS is connected to the ADMF, and is configured to send the interception data to the signaling intercepting unit after receiving the intercepting command from the ADMF;
所述信令截取单元, 与所述 KMS 相连, 用于将所述监听数据发送给 LEMF;  The signaling intercepting unit is connected to the KMS, and configured to send the intercepting data to the LEMF;
所述 LEMF, 将从所述信令截取单元中获得的监听数据与从 IMS网元 获得的监听数据进行关联; 根据关联后的监听数据进行监听。  The LEMF associates the interception data obtained from the signaling intercepting unit with the intercepted data obtained from the IMS network element; and performs monitoring according to the associated intercepted data.
2、 根据权利要求 1所述的系统, 其特征在于, 所述信令截取单元单独 设置或者与 IMS网元中的信令截取单元 DF2合设。  2. The system according to claim 1, wherein the signaling intercepting unit is separately provided or combined with the signaling intercepting unit DF2 in the IMS network element.
3、根据权利要求 2所述的系统,其特征在于,所述信令截取单元与 IMS 网元中的信令截取单元 DF2合设的情况下,  The system according to claim 2, wherein, when the signaling intercepting unit is combined with the signaling intercepting unit DF2 in the IMS network element,
合设后的信令截取单元, 用于将从所述 IMS网元和所述 KMS截取的 监听数据先进行信息关联后, 再发送给所述 LEMF; 或者, 将从所述 IMS 网元和所述 KMS截取的监听数据直接发送给所述 LEMF,由所述 LEMF进 行信息关联。  a set of interception units for intercepting the intercepted data intercepted by the IMS network element and the KMS, and then sending the data to the LEMF; or, the IMS network element and the IMS network element The interception data intercepted by the KMS is directly sent to the LEMF, and the LEMF performs information association.
4、 根据权利要求 3所述的系统, 其特征在于, 所述信息关联所釆用的 信息包括以下之一或任意组合: 时间戳、 呼叫方的用户地址、 接收方的用 户地址。  4. The system according to claim 3, wherein the information used by the information association comprises one or any combination of the following: a timestamp, a user address of the calling party, and a user address of the recipient.
5、 根据权利要求 2所述的系统, 其特征在于, 所述信令截取单元单独 设置的情况下,  5. The system according to claim 2, wherein, in the case where the signaling intercepting unit is separately set,
所述 IMS网元的信令截取单元 DF2, 用于将从所述 IMS网元截取的监 听数据发送给所述 LEMF; a signaling intercepting unit DF2 of the IMS network element, configured to intercept the IMS network element Listening data is sent to the LEMF;
所述信令截取单元, 用于将从所述 KMS 截取的监听数据发送给所述 LEMF;  The signaling intercepting unit is configured to send interception data intercepted from the KMS to the LEMF;
所述 LEMF根据从 DF2及所述信令截取单元中接收到的数据, 进行信 息关联。  The LEMF performs information association based on data received from DF2 and the signaling intercepting unit.
6、 根据权利要求 5所述的系统, 其特征在于, 所述信息关联所釆用的 信息包括以下之一或任意组合: 时间戳、 呼叫方的用户地址、 接收方的用 户地址。  The system according to claim 5, wherein the information used by the information association comprises one or any combination of the following: a timestamp, a caller's user address, and a recipient's user address.
7、一种基于密钥管理服务器的 IMS媒体安全的合法监听系统, 该系统 包括: ADMF、 IMS网元和 LEMF; 其特征在于, 该系统还包括: KMS和 信令截取单元; 其中,  7. A lawful interception system for IMS media security based on a key management server, the system comprising: an ADMF, an IMS network element, and a LEMF; wherein the system further comprises: a KMS and a signaling intercepting unit;
所述信令截取单元, 用于从所述 IMS网元获得监听数据, 并将其发送 给所述 KMS;  The signaling intercepting unit is configured to obtain monitoring data from the IMS network element, and send the monitoring data to the KMS;
所述 KMS,与所述信令截取单元相连,用于对所述监听数据进行解析, 并将解析结果返回信令截取单元。  The KMS is connected to the signaling intercepting unit, configured to parse the interception data, and return the parsing result to the signaling intercepting unit.
8、根据权利要求 7所述的系统,其特征在于,所述信令截取单元为 IMS 网元中的信令截取单元 DF2的情况下 ,  The system according to claim 7, wherein the signaling intercepting unit is a signaling intercepting unit DF2 in the IMS network element,
所述 DF2, 用于发送所述监听数据给所述 KMS时, 在所述监听数据中 包含 MIKEY-Ticket信息。  The DF2, when the intercept data is sent to the KMS, includes MIKEY-Ticket information in the intercept data.
9、 根据权利要求 8所述的系统, 其特征在于, 所述 DF2将所述监听数 据中包含的 MIKEY-Ticket信息发送到所述 KMS;  The system according to claim 8, wherein the DF2 sends the MIKEY-Ticket information included in the interception data to the KMS;
所述 KMS, 进一步用于根据所述 MIKEY-Ticket信息解析, 并将解析 结果返回给所述 DF2。  The KMS is further configured to parse according to the MIKEY-Ticket information, and return the parsing result to the DF2.
10、 根据权利要求 7所述的系统, 其特征在于, 所述信令截取单元为 IMS网元中的信令截取单元 DF2的情况下, 所述 DF2, 根据本地策略, 识别出从 IMS网元中获得不可信消息后, 将从所述 IMS网元和信令面获取的信息发送到 KMS, 从所述 IMS网元获 取的信息包括:被监听用户所使用的 KMS-ID、事件的时间戳中的至少一种; 从所述信令面获取的信息包括: 呼叫方的用户标识符、 接收方的用户标识 符中的至少一种; The system according to claim 7, wherein, in the case that the signaling intercepting unit is the signaling intercepting unit DF2 in the IMS network element, The DF2, according to the local policy, identifies that the information obtained from the IMS network element and the signaling plane is sent to the KMS after obtaining the untrusted message from the IMS network element, and the information obtained from the IMS network element includes: At least one of a KMS-ID used by the monitored user, and a timestamp of the event; the information obtained from the signaling plane includes: at least one of a caller's user identifier and a recipient's user identifier;
所述 KMS, 进一步用于根据 DF2所提供的从所述 IMS网元和信令面 获取的信息, 找到对应的 MIKEY-Ticket信息, 进行解析, 并将解析结果发 送给 DF2。  The KMS is further configured to find the corresponding MIKEY-Ticket information according to the information obtained from the IMS network element and the signaling plane provided by the DF2, parse the information, and send the parsing result to the DF2.
PCT/CN2011/072020 2010-04-19 2011-03-21 Lawful interception system for ims media security based on key management server WO2011131070A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201010150834.2 2010-04-19
CN201010150834.2A CN102223356B (en) 2010-04-19 2010-04-19 Lawful interception system for media security of Internet protocol (IP) multimedia subsystem (IMS) based on key management server (KMS)

Publications (1)

Publication Number Publication Date
WO2011131070A1 true WO2011131070A1 (en) 2011-10-27

Family

ID=44779787

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2011/072020 WO2011131070A1 (en) 2010-04-19 2011-03-21 Lawful interception system for ims media security based on key management server

Country Status (2)

Country Link
CN (1) CN102223356B (en)
WO (1) WO2011131070A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013104072A1 (en) * 2012-01-12 2013-07-18 Research In Motion Limited System and method of lawful access to secure communications
US9083509B2 (en) 2012-01-12 2015-07-14 Blackberry Limited System and method of lawful access to secure communications
US9413530B2 (en) 2012-01-12 2016-08-09 Blackberry Limited System and method of lawful access to secure communications

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546442B (en) * 2012-07-17 2018-10-23 中兴通讯股份有限公司 The communication monitoring method and device of browser
US9948628B2 (en) * 2013-02-07 2018-04-17 Nokia Technologies Oy Method for enabling lawful interception by providing security information

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1642115A (en) * 2004-01-16 2005-07-20 华为技术有限公司 System and method for realizing IP multimedia business monitoring
CN1960292A (en) * 2005-10-31 2007-05-09 华为技术有限公司 Monitoring method, as well as device and system for collecting monitored data
CN101013691A (en) * 2007-02-01 2007-08-08 刘华友 Insulated gate bipolar transistor module

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101106449B (en) * 2006-07-13 2010-05-12 华为技术有限公司 System and method for realizing multi-party communication security
CN101043691B (en) * 2007-04-28 2012-01-11 中兴通讯股份有限公司 Legal monitor method for IMS network
US20090180614A1 (en) * 2008-01-10 2009-07-16 General Instrument Corporation Content protection of internet protocol (ip)-based television and video content delivered over an ip multimedia subsystem (ims)-based network

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1642115A (en) * 2004-01-16 2005-07-20 华为技术有限公司 System and method for realizing IP multimedia business monitoring
CN1960292A (en) * 2005-10-31 2007-05-09 华为技术有限公司 Monitoring method, as well as device and system for collecting monitored data
CN101013691A (en) * 2007-02-01 2007-08-08 刘华友 Insulated gate bipolar transistor module

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2013104072A1 (en) * 2012-01-12 2013-07-18 Research In Motion Limited System and method of lawful access to secure communications
US9083509B2 (en) 2012-01-12 2015-07-14 Blackberry Limited System and method of lawful access to secure communications
US9264227B2 (en) 2012-01-12 2016-02-16 Blackberry Limited System and method of lawful access to secure communications
US9413530B2 (en) 2012-01-12 2016-08-09 Blackberry Limited System and method of lawful access to secure communications
US9871827B2 (en) 2012-01-12 2018-01-16 Blackberry Limited System and method of lawful access to secure communications

Also Published As

Publication number Publication date
CN102223356B (en) 2015-06-03
CN102223356A (en) 2011-10-19

Similar Documents

Publication Publication Date Title
US11943262B2 (en) Securing method for lawful interception
US9537837B2 (en) Method for ensuring media stream security in IP multimedia sub-system
KR101013427B1 (en) End-to-end protection of media stream encryption keys for voice-over-IP systems
CN101420413B (en) Session cipher negotiating method, authentication server and network appliance
CN102006294B (en) IP multimedia subsystem (IMS) multimedia communication method and system as well as terminal and IMS core network
US20110154022A1 (en) Method and Apparatus for Machine-to-Machine Communication
US20090182668A1 (en) Method and apparatus to enable lawful intercept of encrypted traffic
US8990563B2 (en) Sending protected data in a communication network
WO2011041962A1 (en) Method and system for end-to-end session key negotiation which support lawful interception
WO2011131055A1 (en) Method, system and apparatus for implementing secure call forwarding
CN111756726A (en) SIP security authentication method supporting State cipher algorithm
CN1983921B (en) Method and system for realizing end to end media fluid safety
WO2011131070A1 (en) Lawful interception system for ims media security based on key management server
WO2017197968A1 (en) Data transmission method and device
US20030154408A1 (en) Method and apparatus for secured unified public communication network based on IP and common channel signaling
US20240097903A1 (en) Ipcon mcdata session establishment method
Belmekki et al. Enhances security for IMS client
Tao et al. A lightweight authentication scheme for Session Initiation Protocol
CN117320004A (en) Mobile network zero trust system and method based on IPv6 extension head
Blom et al. Key management and protection for IP multimedia
Kultti Secure text in sip based voip
Traynor et al. Vulnerabilities in Voice over IP
Zawadzki The VoIP communication security protocols

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11771523

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11771523

Country of ref document: EP

Kind code of ref document: A1