WO2018137171A1 - Procédé de traitement de données et système de communication d'interception légale - Google Patents

Procédé de traitement de données et système de communication d'interception légale Download PDF

Info

Publication number
WO2018137171A1
WO2018137171A1 PCT/CN2017/072594 CN2017072594W WO2018137171A1 WO 2018137171 A1 WO2018137171 A1 WO 2018137171A1 CN 2017072594 W CN2017072594 W CN 2017072594W WO 2018137171 A1 WO2018137171 A1 WO 2018137171A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
entity
user plane
distribution function
control plane
Prior art date
Application number
PCT/CN2017/072594
Other languages
English (en)
Chinese (zh)
Inventor
聂胜贤
周润泽
陈中平
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2017/072594 priority Critical patent/WO2018137171A1/fr
Publication of WO2018137171A1 publication Critical patent/WO2018137171A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Definitions

  • the present application relates to the field of lawful interception, and in particular, to a data processing method and a communication system for lawful interception.
  • Lawful interception refers to the law enforcement behavior of the law enforcement agencies (LEA) that are approved by the corresponding authorized authorities to monitor the public communication network communication services according to relevant national laws and public communication network industry norms.
  • LEA law enforcement agencies
  • the control plane entity In a communication architecture in which the control plane entity and the user plane entity are separated, when a user needs to be monitored, the user plane entity needs to frequently report the packet header information for lawful interception to the control plane entity through the Sx interface.
  • the interface between the control plane entity and the user plane entity in addition to carrying the information related to the lawful interception, bears other services, and the frequent reporting of the lawful interception related information will result in an interface between the user plane entity and the control plane entity.
  • the burden is too heavy.
  • the present application provides a data processing method and a communication system for lawful interception, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the present application provides a data processing method for lawful interception, the method comprising:
  • the monitoring function of the control plane entity is activated by the management function entity, and after the monitoring function of the control plane entity is activated, the control plane entity sends the monitoring management information to the user plane entity, and correspondingly, the user plane
  • the entity receives the monitoring management information sent by the control plane entity, where the monitoring management information includes the destination address information of the user plane information in the packet data header event for legal interception, where the destination address information is the address of the second distribution function entity, and the user plane entity
  • the user plane information in the packet header event is sent to the second distribution function entity according to the destination address information.
  • the control plane entity generates control plane information in the packet header event based on the context and transmits control plane information in the packet header event to the first distribution function entity.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the snoop management information also includes associated information.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the user plane information in the packet data header event and the control plane information in the packet data header event carry associated information, and the association information is used to associate user plane information and packet data in the information associated packet header event. Control surface information in the header event.
  • implementation of the present application can be further improved by associating the user plane information in the packet header event with the control plane information in the packet header event.
  • the second distribution function entity after the second distribution function entity receives the user plane information in the packet header event sent by the user plane entity, the second distribution function entity sends the user plane information in the packet header event to the law enforcement interception device; After the distribution function entity receives the control plane information in the packet header event sent by the control plane entity, the first distribution The function entity sends the control plane information in the packet data header event to the law enforcement interception device; after the law enforcement interception device acquires the user plane information in the packet data header event and the control plane information in the packet data header event, the packet data header may be associated according to the association information. User plane information in the event and control plane information in the packet header event.
  • the second distribution function entity after the second distribution function entity receives the user plane information in the packet header event, the second distribution function entity sends the user plane information in the packet header event to the first distribution function entity; the first distribution function After the entity acquires the user plane information in the packet data header event and the control plane information in the packet data header event, the user plane information in the packet header event and the control plane information in the packet header event may be associated according to the association information.
  • the network element of the user plane information in the associated packet data header event and the control plane information in the packet header event can be the law enforcement interception device or the first distribution function entity, which enriches the implementation manner of the embodiment of the present invention.
  • the control plane entity before the control plane entity sends the monitoring management information to the user plane entity, the control plane entity receives the first monitoring activation message sent by the management function entity, and the first monitoring activation message is used to activate the monitoring function of the control plane entity. It is also used to instruct the control plane entity to listen to packet header events.
  • the second distribution function entity receives the second monitoring activation message sent by the management function entity, and the second monitoring activation message is used to activate the second distribution function.
  • the intercepting function of the entity is further configured to instruct the second distribution function entity to forward the user plane information in the packet data header event sent by the user plane entity.
  • the first distribution function entity before the control plane entity sends the monitoring management information to the user plane entity, the first distribution function entity receives a third monitoring activation message sent by the management function entity, and the third monitoring activation message is used to activate the first distribution function.
  • the listening function of the entity is further configured to instruct the first distribution function entity to associate the user plane information in the packet data header event with the control plane information in the packet data header event.
  • the first monitoring activation message is specifically used to instruct the control plane entity to listen to the packet data header event and the communication content, and the monitoring management information is further used to activate the data backup function of the user plane entity, and receive the control plane on the user plane entity.
  • the user plane entity After the interception management information sent by the entity, the user plane entity sends the communication content to the second distribution function entity.
  • the present application further provides a communication system, where the system includes a user plane entity and a control plane entity, wherein the user plane entity is configured to receive the monitoring management information sent by the control plane entity, and the monitoring management information includes: The destination address information of the user plane information in the packet header event, and the user plane information in the packet header event sent to the second distribution function entity according to the destination address information.
  • the control plane entity is configured to generate control plane information in the packet header event based on the context and to send control plane information in the packet header event to the first distribution function entity.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the snoop management information also includes associated information.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the user plane information in the packet data header event and the control plane information in the packet header event carry associated information, and the association information is used to associate user plane information and packet header events in the packet header event.
  • the system also includes a second distribution function entity and a first distribution function entity and law enforcement Listening to the device, wherein the second distribution function entity is configured to send the user plane information in the packet data header event to the law enforcement interception device; the first distribution function entity is configured to send the control plane information in the packet data header event to the law enforcement interception device; The listening device is configured to associate the user plane information in the packet data header event with the control plane information in the packet header event according to the association information.
  • the system further includes a second distribution function entity and a first distribution function entity, wherein the second distribution function is configured to send the user plane information in the packet data header event to the first distribution function entity;
  • the distribution function entity is configured to associate the user plane information in the packet header event and the control plane information in the packet header event according to the association information.
  • the network element of the user plane information in the associated packet data header event and the control plane information in the packet header event can be the law enforcement interception device or the first distribution function entity, which enriches the implementation manner of the embodiment of the present invention.
  • control plane entity is further configured to receive a first monitoring activation message sent by the management function entity, where the first monitoring activation message is used to activate the monitoring function of the control plane entity, and is further used to instruct the control plane entity to listen to the packet data. Head event.
  • the second distribution function entity is further configured to receive a second monitoring message sent by the management function entity, where the second monitoring activation message is used to activate the monitoring function of the second distribution function entity, and is further used to indicate the second The distribution function entity forwards the user plane information in the packet header event sent by the user plane entity.
  • the first distribution function is further configured to receive a third monitoring activation message sent by the management function entity, where the third monitoring activation message is used to activate the monitoring function of the first distribution function entity, and is also used to indicate the first distribution.
  • the functional entity associates the user plane information in the packet header event with the control plane information in the packet header event.
  • the first monitoring activation message is specifically used to instruct the control plane entity to listen to the packet data header event and the communication content
  • the monitoring management information is also used to activate the data backup function of the user plane entity, and the user plane entity receives the monitoring. After the management information, the user plane entity further sends the communication content to the second distribution function entity.
  • the application further provides a data processing method for lawful interception, the method comprising:
  • the user plane entity receives the monitoring management information sent by the control plane entity, and the monitoring management information includes the destination address information of the user plane information in the packet data header event for legal interception, where the destination address information is the address of the first distribution function entity, and the user
  • the polygon entity sends the user plane information in the packet header event to the first distribution function entity according to the destination address information.
  • the control plane entity generates control plane information in the packet header event based on the context and transmits control plane information in the packet header event to the first distribution function entity.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the snoop management information also includes associated information.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the user plane information in the packet data header event and the control plane information in the packet header event carry associated information, and the association information is used to associate user plane information and packet header events in the packet header event.
  • implementation of the present application can be further improved by associating the user plane information in the packet header event with the control plane information in the packet header event.
  • the first distribution function entity after the first distribution function entity receives the user plane information in the packet header event and the control plane information in the packet header event, the first distribution function entity associates the user in the packet header event according to the association information. Control surface information in face information and packet header events.
  • the control plane entity before the control plane entity sends the monitoring management information to the user plane entity, the control plane entity receives the first monitoring activation message sent by the management function entity, where the first monitoring activation message is used to instruct the control plane entity to listen to the packet data. Head event.
  • the first distribution function entity receives a third monitoring activation message sent by the management function entity, and the third monitoring activation message is used to indicate the first distribution function.
  • the entity associates the user plane information in the packet header event and the control plane information in the packet header event.
  • the first monitoring activation message is specifically used to instruct the control plane entity to listen to the packet data header event and the communication content
  • the monitoring management information is further used to activate the data backup function of the user plane entity, and receive the control plane on the user plane entity.
  • the user plane entity further sends the communication content to the second distribution function entity.
  • the application further provides a communication system, where the system includes a user plane entity and a control plane entity, wherein the user plane entity is configured to receive the monitoring management information sent by the control plane entity, and the monitoring management information includes: The destination address information of the user plane information in the packet data header event, the destination address information is an address of the first distribution function entity, and the user plane entity is further configured to send the packet data header event to the first distribution function entity according to the destination address information.
  • the control plane entity is configured to generate control plane information in the packet header event according to the context and send control plane information in the packet header event to the first distribution function entity.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the snoop management information also includes associated information.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the user plane information in the packet data header event and the control plane information in the packet header event carry associated information, and the association information is used to associate user plane information and packet header events in the packet header event.
  • implementation of the present application can be further improved by associating the user plane information in the packet header event with the control plane information in the packet header event.
  • the system further includes a first distribution function entity for associating user plane information in the packet header event and control plane information in the packet header event based on the association information.
  • control plane entity is further configured to receive a first interception activation message sent by the management function entity, where the first interception activation message is used to instruct the control plane entity to listen to the packet data header event.
  • the first distribution function entity is further configured to receive a third interception activation message sent by the management function entity, where the third interception activation message is used to indicate that the first distribution function entity associates the user plane information in the packet data header event. And control plane information in packet header events.
  • the first monitoring activation message is specifically used to instruct the control plane entity to listen to the packet data header event and the communication content, and the monitoring management information is also used to activate the data backup function of the user plane entity, and the user plane entity is also used for The communication content is sent to the second distribution function entity.
  • the application further provides a data processing method for lawful interception, the method comprising:
  • the user plane entity receives the interception management information sent by the control plane entity, and the interception management information includes destination address information and associated information of the user plane information in the packet data header event for legal interception, where the destination address information is the second distribution function entity
  • the address or the address of the third distribution function entity the user plane entity sends the user plane information in the packet data header event to the second distribution function entity or the third distribution function entity according to the destination address information, wherein the user in the packet data header event
  • the face information carries the associated information, and the associated information is used to associate the user plane information in the packet header event with the control plane information in the packet header event.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the monitoring management information is used to activate the data backup function of the user plane entity.
  • the user plane entity After receiving the monitoring management information sent by the control plane entity, the user plane entity further includes the user plane entity sending the communication content to the second distribution function entity.
  • the present application further provides a data processing method for lawful interception, the method comprising:
  • the control plane entity sends the monitoring management information to the user plane entity, where the monitoring management information includes destination address information and associated information of the user plane information in the packet data header event for legal interception, and the destination address information is the address of the second distribution function entity. Or the address of the third distribution function entity.
  • the control plane entity generates control plane information in the packet data header event according to the context, and sends control plane information in the packet data header event to the first distribution function entity, where the control plane information in the packet data header event carries the association information, where The association information is used to associate the user plane information in the packet header event with the control plane information in the packet header event.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which can reduce the interface burden between the user plane entity and the control plane entity.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the control plane entity before the control plane entity sends the monitoring management information to the user plane entity, the control plane entity receives the first monitoring activation message sent by the management function entity, where the first monitoring activation message is used to instruct the control plane entity to listen to the packet data. Head event.
  • the first snoop activation message is specifically used to instruct the control plane entity to listen to packet header events and communication content for lawful interception.
  • the application further provides a data processing method for lawful interception, the method comprising:
  • the law enforcement intercepting device receives the control plane information in the packet data header event sent by the first distribution function entity, wherein the control plane information in the packet data header event carries the associated information.
  • the law enforcement intercepting device receives the user plane information in the packet data header event sent by the second distribution function entity, where the user plane information in the packet data header event carries the associated information.
  • the law enforcement interception device associates the control plane information in the packet header event with the user plane information in the packet header event according to the association information.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the law enforcement interception device receives the communication content sent by the second distribution function entity, wherein The communication content carries the associated information, and the law enforcement interception device associates the control plane information in the packet header event, the user plane information in the packet header event, and the communication content according to the association information.
  • the application further provides a data processing method for lawful interception, the method comprising:
  • the first distribution function entity receives control plane information in a packet header event sent by the control plane entity, wherein the control plane information in the packet header event carries the association information.
  • the first distribution function entity receives the user plane information in the packet data header event sent by the second distribution function entity or the user plane entity, where the user plane information in the packet data header event carries the association information.
  • the first distribution function entity associates the control plane information in the packet header event with the user plane information in the packet header event according to the association information.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the first distribution function entity before the first distribution function entity receives the user plane information in the packet header event and the control plane information in the packet header event, the first distribution function entity receives the third intercept activation sent by the management function entity.
  • the third monitoring activation message is used to activate the listening function of the first distribution function entity, and is further configured to instruct the first distribution function entity to associate the user plane information in the packet data header event with the control plane information in the packet data header event.
  • the application further provides a data processing method for lawful interception, the method comprising:
  • the second distribution function entity receives the user plane information in the packet data header event sent by the user plane entity, where the user plane information in the packet data header event carries the association information.
  • the second distribution function entity sends the user plane information in the packet header event to the law enforcement interception device or the first distribution function entity, so that the law enforcement interception device or the first distribution function entity associates the user plane information in the packet header event according to the association information.
  • control plane information in packet header events are examples of packet header events.
  • the associated information includes a correlation identifier or correlation coefficient or sequence.
  • the second distribution function entity before the second distribution function entity receives the user plane information in the packet data header event sent by the user plane entity, the second distribution function entity receives the second interception activation message sent by the management function entity, and the second interception The activation message is used to activate the listening function of the second distribution function entity, and is further configured to instruct the second distribution function entity to forward the user plane information in the packet data header event sent by the user plane entity.
  • the second distribution function entity receives the communication content sent by the user plane entity, wherein the communication content carries the association information. The second distribution function entity then sends the communication content to the law enforcement interception device.
  • the present application provides a user plane entity having a function of implementing user plane entity behavior in the above method example.
  • the functions may be implemented by hardware or by corresponding software implemented by hardware.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the structure of the user plane entity includes a processor and a communication interface configured to support the user plane entity to perform the corresponding functions in the above methods.
  • the communication interface is configured to support communication between the user plane entity and the control plane entity, the first distribution function entity, or the second distribution function entity.
  • the user plane entity may further include a memory for coupling with the processor, which stores program instructions and data necessary for the user plane entity.
  • the present application provides a control plane entity having the function of implementing the behavior of a control plane entity in the above method examples.
  • the functions may be implemented by hardware or by corresponding software implemented by hardware.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the structure of the control plane entity includes a processor and a communication interface, and the processor is configured Set to support the control plane entity to perform the corresponding functions in the above methods.
  • the communication interface is configured to support communication between the control plane entity and the user plane entity, the first distribution function entity, or the management function entity.
  • the control plane entity may further comprise a memory for coupling with the processor, which stores program instructions and data necessary for the control plane entity.
  • the present application provides a law enforcement interception device having a function of implementing the behavior of a law enforcement listening device in the above method example.
  • the functions may be implemented by hardware or by corresponding software implemented by hardware.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the structure of the law enforcement interception device includes a processor and a communication interface configured to support the law enforcement listening device to perform the corresponding functions in the above methods.
  • the communication interface is for supporting communication between the law enforcement interception device and the management function entity, the first distribution function entity, or the second distribution function entity.
  • the law enforcement listening device can also include a memory for coupling with the processor that holds program instructions and data necessary for the law enforcement listening device.
  • the present application provides a first distribution function entity having a function of implementing the behavior of a first distribution function entity in the above method example.
  • the functions may be implemented by hardware or by corresponding software implemented by hardware.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the first distribution function entity includes a processor and a communication interface configured to support the first distribution function entity to perform a corresponding function in the above method.
  • the communication interface is configured to support communication between the first distribution function entity and the management function entity, the second distribution function entity, the control plane entity, the law enforcement interception device, or the user plane entity.
  • the first distribution function entity may further include a memory for coupling with the processor, which stores program instructions and data necessary for the law enforcement listening device.
  • the present application provides a second distribution function entity having a function of implementing the behavior of the second distribution function entity in the above method example.
  • the functions may be implemented by hardware or by corresponding software implemented by hardware.
  • the hardware or software includes one or more modules corresponding to the functions described above.
  • the structure of the second distribution function entity includes a processor and a communication interface, the processor being configured to support the second distribution function entity to perform a corresponding function in the above method.
  • the communication interface is configured to support communication between the second distribution function entity and the management function entity, the first distribution function entity, the law enforcement interception device, or the user plane entity.
  • the second distribution function entity may further include a memory for coupling with the processor, which stores program instructions and data necessary for the law enforcement listening device.
  • Yet another aspect of the present application provides a computer readable storage medium having instructions stored therein that, when executed on a computer, cause the computer to perform the methods described in the above aspects.
  • the user plane entity receives the interception management information sent by the control plane entity, and the interception management information includes the destination address information of the user plane information in the packet data header event for legal interception, and the control plane entity generates the context information according to the context.
  • the control plane information in the packet header event is grouped, and the control plane information in the packet header event is sent to the first distribution function entity.
  • the user plane entity sends the user plane information in the packet header event to the second distribution function entity according to the destination address information. It can be seen that the user plane entity no longer sends the user plane information in the packet header event to the control plane entity, thereby reducing the interface burden between the user plane entity and the control plane entity.
  • FIG. 1 is a schematic diagram of a possible network architecture provided by the present application.
  • FIG. 2 is a schematic diagram of another possible network architecture provided by the present application.
  • FIG. 3 is a schematic diagram of another possible network architecture provided by the present application.
  • FIG. 4 is a schematic diagram of communication of a data processing method for lawful interception provided by the present application.
  • FIG. 5 is a schematic diagram of communication of another data processing method for lawful interception provided by the present application.
  • FIG. 6 is a schematic diagram of communication of another data processing method for lawful interception provided by the present application.
  • FIG. 7A is a schematic block diagram of a user plane entity provided by the present application.
  • FIG. 7B is a schematic structural diagram of a user plane entity provided by the present application.
  • FIG. 8A is a schematic block diagram of a control plane entity provided by the present application.
  • 8B is a schematic structural diagram of a control plane entity provided by the present application.
  • 9A is a schematic block diagram of a law enforcement listening device provided by the present application.
  • 9B is a schematic structural diagram of a law enforcement listening device provided by the present application.
  • FIG. 10A is a schematic block diagram of a first distribution function entity provided by the present application.
  • FIG. 10B is a schematic structural diagram of a first distribution function entity provided by the present application.
  • 11A is a schematic block diagram of a second distribution function entity provided by the present application.
  • FIG. 11B is a schematic structural diagram of a second distribution function entity provided by the present application.
  • Lawful interception refers to the law enforcement behavior of the law enforcement agencies (LEA) that are approved by the corresponding authorized authorities to monitor the public communication network communication services according to relevant national laws and public communication network industry norms.
  • the Intercept Related Information (IRI) in lawful interception includes Packet Data Header Information.
  • the interception related information in the lawful interception may further include other events in the lawful interception generated by the control plane entity.
  • the packet data header event includes a packet data header report event and a packet data summary report event.
  • the packet data header event includes control plane information in the packet data header event and user plane information in the packet data header event, and the control plane information generated by the control plane entity is a packet event, and may also be referred to as a first event.
  • the packet data header reporting event in the first event includes but is not limited to event type (Event Type), location information (Location Information) and the like, and the packet data statistical reporting event in the first event includes but is not limited to logical function information (Logical Function) Information), User Address Information (UE Address Info) and other information.
  • the user plane information generated by the user plane entity is a packet data header event, It may also be referred to as a second event, and the packet data header reporting event in the second event includes, but is not limited to, a destination port number, a packet size, and the like, and the packet data is reported in the second event. Events include, but are not limited to, source IP address, destination IP address, and the like. This article uses the same description for the above nouns and will not be described again.
  • FIG. 1 is a schematic diagram of a possible network architecture provided by the present application.
  • the network architecture shown in FIG. 1 mainly includes the following network elements:
  • the Control Plane (CP) entity mainly manages and controls the user plane entity, and issues rules for the user plane.
  • the control plane entity sends the monitoring management information to the user plane entity, and sends the control plane information in the packet data header event to the first distribution function entity.
  • User Plane (UP) entity mainly used for data forwarding, and accepts management of control plane entities.
  • the user plane entity does not send the user plane information in the packet data header event of the lawful interception to the control plane entity, but sends the information to the second distribution function entity, and the user plane entity may also be the second distribution function.
  • the entity provides the communication content of the monitored target, such as the content of the data portion of the data packet.
  • the first distribution function entity the first distribution function entity is the DF2 in FIG. 1 , and is mainly used to distribute the Intercept Related Information (IRI).
  • the first distribution function entity receives Control plane information in the packet header event sent by the control plane entity.
  • the second distribution function entity the second distribution function entity is DF3 in FIG. 1, and is mainly used for distributing communication content, for example, the content of the data part in the data packet.
  • the second distribution function entity is further configured to receive and forward the user plane information in the packet data header event sent by the user plane entity.
  • the Law Enforcement Monitoring Facility can receive the lawful interception related information of the first distribution function entity and the communication content delivered by the second distribution function entity, and associate the lawful interception related message with the communication content.
  • the law enforcement interception device can also associate the user plane information in the packet header event with the control plane information in the packet header event.
  • An Administration Function (ADMF) entity is mainly used for receiving control of the law enforcement interception device, and activating the monitoring function of the control plane entity, the first distribution function entity, and the second distribution function entity.
  • ADMF Administration Function
  • FIG. 4 uses FIG. 1 as a network architecture.
  • a possible data processing method in this embodiment of the present application includes:
  • the law enforcement interception device sends a fourth monitoring activation message to the management function entity.
  • the management function entity receives the fourth monitoring activation message sent by the law enforcement interception device. After the law enforcement interception device determines the monitored target, the fourth monitoring activation message is sent to the management function entity, and the fourth monitoring activation message is used to notify the management function entity to start monitoring the monitored target.
  • the management function entity sends a third interception activation message to the first distribution function entity.
  • the first distribution function entity receives the third monitoring activation message sent by the management function entity.
  • the third listener activation message is used to activate the listening function of the first distribution function entity.
  • the management function entity sends a second interception activation message to the second distribution function entity.
  • the second distribution function entity receives the second monitoring activation message sent by the management function entity.
  • the second snoop activation message is used to activate the snooping function of the second distribution function entity.
  • the second monitoring activation message is further used to indicate the first
  • the second distribution function forwards the user plane information in the packet header event sent by the user plane entity to the law enforcement interception device.
  • the management function entity sends a first interception activation message to the control plane entity.
  • control plane entity receives the first interception activation message sent by the management function entity.
  • the first listener activation message is used to activate the listening function of the control plane entity.
  • the first interception activation message is further used to instruct the control plane entity to listen to the packet data header event.
  • the control plane entity sends the monitoring management information to the user plane entity.
  • the user plane entity receives the monitoring management information sent by the control plane entity.
  • the monitoring management information includes the destination address information of the user plane information in the packet data header event for the lawful interception, and is used to indicate that the user entity sends the user plane information in the packet data header event to the destination address, in this embodiment.
  • the destination address information is an address of the second distribution function entity. Specifically, the destination address may be included in a Forwarding Action Rule (FAR).
  • FAR Forwarding Action Rule
  • the monitoring management information may further include association information, including but not limited to related identifiers or correlation coefficients or sequences, etc., which may be used to control user plane information in the packet data header event and control in the packet data header event.
  • association information including but not limited to related identifiers or correlation coefficients or sequences, etc., which may be used to control user plane information in the packet data header event and control in the packet data header event.
  • the association information is a correlation number in the control plane information in the packet data header event
  • the control plane entity may include the correlation coefficient in the intercept management information and send the information to the user plane entity.
  • the user plane information in the packet header event of the user plane entity can carry the same correlation coefficient.
  • the association information of the user plane information in the packet header event is the same as the association information in the packet header event.
  • different associations may also be used.
  • Information, such as control plane entities and user plane entities, can each generate associated information according to preset rules, which is not limited here.
  • the control plane entity sends control plane information in the packet data header event to the first distribution function entity.
  • the first distribution function entity receives control plane information in a packet header event sent by the control plane entity.
  • control plane entity generates the control plane information in the packet data header event according to the context, and the control plane entity may also generate other events in the legal listener other than the packet data header event, and simultaneously or in other steps.
  • the first distribution function entity sends the other event.
  • the other events include bearer activation, bearer modification, bearer deactivation, tracking area update, user equipment (UE) requesting packet data network (PDN) connection, or UE requesting PDN disconnection. There is no limit here.
  • the first distribution function entity sends control plane information in the packet data header event to the law enforcement interception device.
  • the law enforcement interception device receives control plane information in a packet header event sent by the first distribution function entity.
  • the first distribution function entity may send the same to the law enforcement interception device at the same time or in other steps. Other events.
  • the user plane entity sends the user plane information in the packet data header event to the second distribution function entity.
  • the second distribution function entity receives the user plane information in the packet header event sent by the user plane entity.
  • the information generated by the user plane entity other than the user plane information in the packet header event includes using the Usage Report information, the DPI Reporting information, and the downlink data detection reporting information.
  • the application starts reporting information and the application terminates reporting information, etc., and the user entity can be based on the control.
  • the reporting rule (Usage reporting rule, URR) is reported to the control plane entity, and is not mentioned here.
  • steps 406 and 408 there is no order of execution between steps 406 and 408. In some possible implementations, the execution may also be performed in other orders.
  • the second distribution function entity sends the user plane information in the packet data header event to the law enforcement interception device.
  • the law enforcement interception device receives the user plane information in the packet header event sent by the second distribution function entity.
  • the law enforcement interception device monitors the target user according to the control plane information in the packet data header event and the user plane information in the packet data header event.
  • the law enforcement interception device may associate the control plane information in the packet data header event with the user plane information in the packet data header event according to the association information to form a complete packet data header event, thereby monitoring the target user.
  • the law enforcement interception device can also associate the control plane information in the packet header event, the user plane information in the packet header event, and the other events to form a complete interception related information IRI.
  • the law enforcement interception device may also associate the control plane information in the packet data header event with the user plane information in the packet data header event according to other preset rules, which is not limited herein.
  • the first interception activation message is further used to indicate that the control plane entity listens to the packet data header event and the communication content.
  • the monitoring management information is also used to activate the data backup function of the user plane entity.
  • the user plane entity After receiving the monitoring management information of the control plane entity, the user plane entity further includes: the user plane entity sends the communication content to the second sub-function entity, the communication content carries the association information, and the second distribution function entity sends the communication content to the law enforcement interception device, Step 410 is specifically that the law enforcement interception device associates the control plane information in the packet header event, the user plane information in the packet header event, and the communication content according to the association information or other preset rules.
  • step 410 may also associate the other event, packet header event with the law enforcement interception device according to the associated information or other preset rules. Control plane information, user plane information, and communication content in packet header events.
  • the user plane entity does not send the user plane information in the packet header event to the control plane entity, which reduces the interface burden between the user plane entity and the control plane entity, and the embodiment can retain the existing network. Architecture, no need to add additional interfaces.
  • FIG. 2 is a schematic diagram of a possible network architecture provided by the present application.
  • the network architecture shown in FIG. 2 mainly includes the following network elements:
  • the control plane entity mainly manages and controls the user plane entity, and issues rules for the user plane.
  • the control plane entity sends the monitoring management information to the user plane entity, and sends the control plane information in the packet data header event to the first distribution function entity.
  • the user plane entity is mainly used for data forwarding and accepts the management of the control plane entity.
  • the user plane entity does not send the user plane information in the packet data header event of the lawful interception to the control plane entity, but sends the information to the second distribution function entity, and the user plane entity may also be the second distribution function.
  • the entity provides the communication content of the monitored target, such as the content of the data portion of the data packet.
  • the first distribution function entity the first distribution function entity is DF2 in FIG. 2, and is mainly used for distributing legal interception related information.
  • the first distribution function entity receives the control plane information in the packet data header event sent by the control plane entity, and receives the user plane information in the packet data header event sent by the second distribution function entity.
  • the first distribution function entity and the second distribution function entity are connected through an F23 interface.
  • the second distribution function entity, the second distribution function entity is the DF3 in FIG. 2, and is mainly used to distribute the communication content.
  • the second distribution function entity is further configured to receive and forward the packet data header sent by the user plane entity. User face information in the event.
  • the first distribution function entity and the second distribution function entity are connected through an F23 interface.
  • the law enforcement interception device can receive the lawful interception related information of the first distribution function entity and the communication content delivered by the second distribution function entity, and associate the lawful interception related message with the communication content.
  • the management function entity is mainly used for receiving the control of the law enforcement interception device, and the monitoring function of the control plane entity, the first distribution function entity and the second distribution function entity.
  • FIG. 5 uses FIG. 2 as a network architecture.
  • Another possible data processing method in this embodiment of the present application includes:
  • the law enforcement interception device sends a fourth monitoring activation message to the management function entity.
  • Step 501 is similar to step 401 of FIG. 4 and will not be described again.
  • the management function entity sends a third interception activation message to the first distribution function entity.
  • Step 502 is similar to step 402 of FIG. 4 and will not be described again.
  • the third interception activation message is used to instruct the first distribution function entity to associate the user plane information in the packet data header event with the control in the packet data header event, in addition to the monitoring function for activating the first distribution function entity. Information.
  • the management function entity sends a second interception activation message to the second distribution function entity.
  • the second distribution function entity receives the second monitoring activation message sent by the management function entity.
  • the second interception activation message is used to instruct the second distribution function to forward the user plane information in the packet data header event sent by the user plane entity to the first distribution function, in addition to the monitoring function of the second distribution function entity.
  • the management function entity sends a first interception activation message to the control plane entity.
  • Step 504 is similar to step 404 of FIG. 4 and will not be described again.
  • the control plane entity sends the monitoring management information to the user plane entity.
  • Step 505 is similar to step 405 of FIG. 4 and will not be described again.
  • the control plane entity sends control plane information in the packet data header event to the first distribution function entity.
  • Step 506 is similar to step 406 of FIG. 4 and will not be described again.
  • the user plane entity sends the user plane information in the packet data header event to the second distribution function entity.
  • the second distribution function entity receives the user plane information in the packet header event sent by the user plane entity.
  • the information generated by the user plane entity other than the user plane information in the packet header event includes using the Usage Report information, the DPI Reporting information, and the downlink data detection reporting information.
  • the application entity may report the report information and the application termination report information, and the user plane entity may report the report rule sent by the control plane entity to the control plane entity.
  • the second distribution function entity sends the user plane information in the packet data header event to the first distribution function entity.
  • the first distribution function entity receives the user plane information in the packet data header event sent by the second distribution function entity.
  • the data transmission may be performed by adding an F23 interface between the first distribution function entity and the second distribution function entity.
  • the first distribution function entity associates control plane information in the data header event with user plane information in the packet header event.
  • the first distribution function entity may associate the control plane information in the packet data header event with the user plane information in the packet header event packet header event according to the association information to form a complete packet header event.
  • the first distribution function entity may also associate the control plane information in the packet data header event with the user plane information in the packet data header event according to other preset rules, which is not limited herein.
  • the control plane entity may simultaneously send the first distribution function to the first distribution function in step 506.
  • the first distribution function entity may associate the control plane information in the packet header event, the user plane information in the packet header event packet header event, and the other event according to the association information or other preset rules. Form a complete monitoring related information IRI.
  • the first distribution function entity sends a packet data header event to the law enforcement interception device.
  • the law enforcement interception device receives the packet data header event sent by the first distribution function.
  • step 510 may also send the interception related information IRI to the law enforcement interception device for the first distribution function entity.
  • the first interception activation message is further used to instruct the control plane entity to listen to the packet data header event and the communication content.
  • the monitoring management information is also used to activate the data backup function of the user plane entity.
  • the user plane entity After receiving the monitoring management information of the control plane entity, the user plane entity further includes: the user plane entity sends the communication content to the second sub-function entity, the communication content carries the association information, and the second distribution function entity sends the communication content to the law enforcement interception device, After step 510, the law enforcement interception device is further included to associate the IRI and the communication content according to the associated information or other preset rules.
  • the user plane entity no longer sends the user plane information in the packet data header event to the control plane entity, which reduces the interface burden between the user plane entity and the control plane entity, and in this embodiment, the law enforcement interception device Less changes.
  • FIG. 3 is a schematic diagram of a possible network architecture provided by the present application.
  • the network architecture shown in FIG. 3 mainly includes the following network elements:
  • the control plane entity mainly manages and controls the user plane entity, and issues rules for the user plane.
  • the control plane entity sends the monitoring management information to the user plane entity, and sends the control plane information in the packet data header event to the first distribution function entity.
  • the user plane entity is mainly used for data forwarding and accepts the management of the control plane entity.
  • the user plane entity does not send the user plane information in the packet data header event of the lawful interception to the control plane entity, but sends the information to the first distribution function entity, and the user plane entity may also be the second distribution function.
  • the entity provides the communication content of the monitored target, such as the content of the data portion of the data packet.
  • the user plane entity and the first distribution function entity are connected through an X4 interface.
  • the first distribution function entity the first distribution function entity is the DF2 in FIG. 3, and is mainly used to distribute the lawful interception related information.
  • the first distribution function entity receives the packet data header event sent by the control plane entity. Control plane information, and user plane information in the packet header event sent by the user plane entity.
  • the first distribution function entity and the user plane entity are connected through an X4 interface.
  • the second distribution function entity, the second distribution function entity is DF3 in FIG. 3, and is mainly used for distributing communication content.
  • the law enforcement interception device can receive the lawful interception related information of the first distribution function entity and the communication content delivered by the second distribution function entity, and associate the lawful interception related message with the communication content.
  • the management function entity is mainly used for receiving the control of the law enforcement interception device, and the monitoring function of the control plane entity, the first distribution function entity and the second distribution function entity.
  • FIG. 6 uses FIG. 3 as a network architecture.
  • Another possible data processing method in this embodiment of the present application includes:
  • the law enforcement interception device sends a fourth monitoring activation message to the management function entity.
  • Step 601 is similar to step 501 of FIG. 5 and will not be described again.
  • the management function entity sends a third interception activation message to the first distribution function entity.
  • Step 602 is similar to step 502 of FIG. 5 and will not be described again.
  • the management function entity sends a second interception activation message to the second distribution function entity.
  • the second distribution function entity receives the second monitoring activation message sent by the management function entity.
  • the second snoop activation message is used to activate the snooping function of the second distribution function entity.
  • the management function entity sends a first interception activation message to the control plane entity.
  • Step 604 is similar to step 504 of FIG. 5 and will not be described again.
  • the control plane entity sends the monitoring management information to the user plane entity.
  • Step 605 is similar to step 505 of FIG. 5 and will not be described again.
  • the control plane entity sends control plane information in the packet data header event to the first distribution function entity.
  • Step 606 is similar to step 506 of FIG. 5 and will not be described again.
  • the user plane entity sends the user plane information in the packet data header event to the first distribution function entity.
  • the first distribution function entity receives the user plane information in the packet data header event sent by the user plane entity.
  • the data transmission may be performed by adding an X4 interface between the first distribution function entity and the user plane entity.
  • the information generated by the user plane entity other than the user plane information in the packet header event includes using the Usage Report information, the DPI Reporting information, and the downlink data detection reporting information.
  • the application entity may report the report information and the application termination report information, and the user plane entity may report the report rule sent by the control plane entity to the control plane entity.
  • the first distribution function associates control plane information in the data header event with user plane information in the packet header event.
  • Step 608 is similar to step 509 of FIG. 5 and will not be described again.
  • the first distribution function sends a packet data header event to the law enforcement interception device.
  • Step 609 is similar to step 510 of FIG. 5 and will not be described again.
  • the first interception activation message is further used to indicate that the control plane entity also listens to the packet data header event and the communication content.
  • the monitoring management information is also used to activate the data backup function of the user plane entity.
  • the user plane entity After receiving the monitoring management information of the control plane entity, the user plane entity further includes: the user plane entity sends the communication content to the second sub-function entity, the communication content carries the association information, and the second distribution function entity sends the communication content to the law enforcement interception device, Then, after step 609, the law enforcement interception device further associates the IRI and the communication content according to the associated information.
  • the user plane entity does not send the user plane information in the packet header event to the control plane entity, which reduces the interface burden between the user plane entity and the control plane entity, and does not require the second distribution in this embodiment.
  • the function entity forwards the user plane information in the packet data header event to the first distribution function entity, and directly sends the user plane information in the packet data header event to the first distribution function by the user plane entity, thereby reducing signaling interaction.
  • each network element such as a user plane entity, a control plane entity, a law enforcement interception device, a first distribution function entity, a second distribution function entity, etc.
  • each network element such as a user plane entity, a control plane entity, a law enforcement interception device, a first distribution function entity, a second distribution function entity, etc.
  • each network element includes a hardware structure corresponding to performing each function and / or software module.
  • the present application can be implemented in a combination of hardware or hardware and computer software in combination with the elements and algorithm steps of the various examples described in the embodiments disclosed herein. Whether a function is implemented in hardware or computer software to drive hardware depends on the specific application and design constraints of the solution. A person skilled in the art can use different methods to implement the described functions for each particular application, but such implementation should not be considered to be beyond the scope of the present application.
  • the embodiment of the present application may perform a function module division on a user plane entity, a control plane entity, a law enforcement interception device, a first distribution function entity or a second distribution function entity according to the foregoing method example.
  • each function module may be divided according to each function.
  • the above integrated modules can be implemented in the form of hardware or in the form of software functional modules. It should be noted that the division of the module in the embodiment of the present application is schematic, and is only a logical function division, and the actual implementation may have another division manner.
  • FIG. 7A shows a possible structural diagram of the user plane entity involved in the above embodiment.
  • the user plane entity 700 includes a processing module 702 and a communication module 703.
  • the processing module 702 is configured to perform control management on the actions of the user plane entity, for example, the processing module 702 is configured to support the user plane entity to perform the process performed by the user plane entity in FIG. 4 to FIG. 6, and/or used in the description herein. Other processes of technology.
  • the communication module 703 is configured to support communication between the user plane entity and the control plane entity, the second distribution function entity, or the first distribution function entity.
  • the user plane entity may further include a storage module 701 for storing program code and data of the user plane entity.
  • the processing module 702 can be a processor or a controller, for example, a central processing unit (CPU), a general-purpose processor, a digital signal processor (DSP), and an application-specific integrated circuit (Application-Specific). Integrated Circuit (ASIC), Field Programmable Gate Array (FPGA) or other programmable logic device, transistor logic device, hardware component, or any combination thereof. It is possible to implement or carry out the various illustrative logical blocks, modules and circuits described in connection with the present disclosure.
  • the processor may also be a combination of computing functions, for example including one or more microprocessors Combination, combination of DSP and microprocessor, etc.
  • the communication module 703 can be a communication interface, a transceiver, a transceiver circuit, etc., wherein the communication interface is a collective name and can include one or more interfaces, such as an interface between a user plane entity and a control plane entity, a user plane entity, and a second distribution. Interfaces between functional entities, etc.
  • the storage module 701 can be a memory.
  • the processing module 702 is a processor
  • the communication module 703 is a communication interface
  • the storage module 701 is a memory
  • the user plane entity involved in the embodiment of the present application may be the user plane entity shown in FIG. 7B.
  • the user plane entity 710 includes a processor 712, a communication interface 713, and a memory 711.
  • the user plane entity 710 may further include a bus 714.
  • the communication interface 713, the processor 712, and the memory 711 may be connected to each other through a bus 714.
  • the bus 714 may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (abbreviated). EISA) bus and so on.
  • PCI Peripheral Component Interconnect
  • EISA Extended Industry Standard Architecture
  • the bus 714 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in Figure 7B, but it does not mean that there is only one bus or one type of bus.
  • FIG. 8A shows a possible structural diagram of the control plane entity involved in the above embodiment.
  • the control plane entity 800 includes a processing module 802 and a communication module 803.
  • the processing module 802 is configured to control and manage the actions of the control plane entity, for example, the processing module 802 is configured to support the control plane entity to perform the process performed by the control plane entity in FIGS. 4-6, and/or for the techniques described herein Other processes.
  • the communication module 803 is configured to support communication between the control plane entity and the user plane entity, the first distribution function entity, or the management function entity.
  • the control plane entity may also include a storage module 801 for storing program code and data of the control plane entity.
  • the processing module 802 can be a processor or a controller, such as a CPU, a general purpose processor, a DSP, an ASIC, an FPGA, or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. It is possible to implement or carry out the various illustrative logical blocks, modules and circuits described in connection with the present disclosure.
  • the processor may also be a combination of computing functions, for example, including one or more microprocessor combinations, a combination of a DSP and a microprocessor, and the like.
  • the communication module 803 can be a communication interface, a transceiver, a transceiver circuit, etc., wherein the communication interface is a collective name and can include one or more interfaces, such as an interface between a control plane entity and a user plane entity, a control plane entity and a first distribution. Interfaces between functional entities, etc.
  • the storage module 801 can be a memory.
  • control plane entity involved in the embodiment of the present application may be the control plane entity shown in FIG. 8B.
  • the control plane entity 810 includes a processor 812, a communication interface 813, and a memory 811.
  • the control plane entity 810 can also include a bus 814.
  • the communication interface 813, the processor 812, and the memory 811 may be connected to each other through a bus 814; the bus 814 may be a PCI bus or an EISA bus or the like.
  • the bus 814 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in Figure 8B, but it does not mean that there is only one bus or one type of bus.
  • FIG. 9A is a schematic diagram showing a possible structure of the law enforcement listening device involved in the above embodiment.
  • the law enforcement interception device 900 includes a processing module 902 and a communication module 903.
  • the processing module 902 is configured to control and manage the actions of the law enforcement interception device, for example, the processing module 902 is configured to support the law enforcement interception device to perform the processes performed by the law enforcement listening device of FIGS. 4-6, and/or for the techniques described herein. Other processes.
  • the communication module 903 is configured to support communication between the law enforcement interception device and the second distribution function entity, the first distribution function entity, or the management function entity. Law enforcement monitoring equipment A storage module 901 can also be included for storing program code and data of the law enforcement listening device.
  • the processing module 902 can be a processor or a controller, such as a CPU, a general purpose processor, a DSP, an ASIC, an FPGA or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. It is possible to implement or carry out the various illustrative logical blocks, modules and circuits described in connection with the present disclosure.
  • the processor may also be a combination of computing functions, for example, including one or more microprocessor combinations, a combination of a DSP and a microprocessor, and the like.
  • the communication module 903 can be a communication interface, a transceiver, a transceiver circuit, etc., wherein the communication interface is a collective name, and can include one or more interfaces, such as an interface between the law enforcement interception device and the user plane entity, the law enforcement interception device and the first distribution. Interfaces between functional entities, etc.
  • the storage module 901 can be a memory.
  • the law enforcement monitoring device involved in the embodiment of the present application may be the law enforcement listening device shown in FIG. 9B.
  • the law enforcement interception device 910 includes a processor 912, a communication interface 913, and a memory 911.
  • the law enforcement interception device 910 can also include a bus 914.
  • the communication interface 913, the processor 912, and the memory 911 may be connected to each other through a bus 914; the bus 914 may be a PCI bus or an EISA bus or the like.
  • the bus 914 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in Figure 9B, but it does not mean that there is only one bus or one type of bus.
  • FIG. 10A is a schematic diagram showing a possible structure of the first distribution function entity involved in the above embodiment.
  • the first distribution function entity 1000 includes a processing module 1002 and a communication module 1003.
  • the processing module 1002 is configured to control and manage the actions of the first distribution function entity.
  • the processing module 1002 is configured to support the first distribution function entity to perform the process performed by the first distribution function entity in FIG. 4 to FIG. 6, and/or Other processes of the techniques described herein.
  • the communication module 1003 is configured to support communication between the first distribution function entity and the second distribution function entity, the control plane entity, the user plane entity, the law enforcement interception device, or the management function entity.
  • the first distribution function entity may further include a storage module 1001 for storing program codes and data of the first distribution function entity.
  • the processing module 1002 may be a processor or a controller, such as a CPU, a general purpose processor, a DSP, an ASIC, an FPGA or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. It is possible to implement or carry out the various illustrative logical blocks, modules and circuits described in connection with the present disclosure.
  • the processor may also be a combination of computing functions, for example, including one or more microprocessor combinations, a combination of a DSP and a microprocessor, and the like.
  • the communication module 1003 may be a communication interface, a transceiver, a transceiver circuit, etc., wherein the communication interface is a collective name, and may include one or more interfaces, such as an interface between the first distribution function entity and the control plane entity, and the first distribution function entity Interfaces with user plane entities, etc.
  • the storage module 1001 may be a memory.
  • the first distribution function entity involved in the embodiment of the present application may be the first distribution function entity shown in FIG. 10B.
  • the first distribution function entity 1010 includes a processor 1012, a communication interface 1013, and a memory 1011.
  • the first distribution function entity 1010 may further include a bus 1014.
  • the communication interface 1013, the processor 1012, and the memory 1011 may be connected to each other through a bus 1014; the bus 1014 may be a PCI bus or an EISA bus or the like.
  • the bus 1014 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in FIG. 10B, but it does not mean that there is only one bus or one type of bus.
  • FIG. 11A is a schematic diagram showing a possible structure of a second distribution function entity involved in the above embodiment.
  • the second distribution function entity 1100 includes a processing module 1102 and a communication module 1103.
  • the processing module 1102 is configured to control and manage the actions of the second distribution function entity.
  • the processing module 1102 is configured to support the second distribution function entity to perform the process performed by the second distribution function entity in FIG. 4 to FIG. 6, and/or Other processes of the techniques described herein.
  • the communication module 1103 is configured to support communication between the second distribution function entity and the first distribution function entity, the user plane entity, the law enforcement interception device, or the management function entity.
  • the second distribution function entity may further include a storage module 1101 for storing program codes and data of the second distribution function entity.
  • the processing module 1102 can be a processor or a controller, such as a CPU, a general purpose processor, a DSP, an ASIC, an FPGA or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. It is possible to implement or carry out the various illustrative logical blocks, modules and circuits described in connection with the present disclosure.
  • the processor may also be a combination of computing functions, for example, including one or more microprocessor combinations, a combination of a DSP and a microprocessor, and the like.
  • the communication module 1103 can be a communication interface, a transceiver, a transceiver circuit, etc., wherein the communication interface is a collective name, and can include one or more interfaces, such as an interface between the second distribution function entity and the control plane entity, and the second distribution function entity Interfaces with user plane entities, etc.
  • the storage module 1101 can be a memory.
  • the second distribution function entity involved in the embodiment of the present application may be the second distribution function entity shown in FIG. 11B.
  • the second distribution function entity 1110 includes a processor 1112, a communication interface 1113, and a memory 1111.
  • the second distribution function entity 1110 may further include a bus 1114.
  • the communication interface 1113, the processor 1112, and the memory 1111 may be connected to each other through a bus 1114; the bus 1114 may be a PCI bus or an EISA bus or the like.
  • the bus 1114 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is shown in FIG. 11B, but it does not mean that there is only one bus or one type of bus.
  • the management function entity involved in the embodiment of the present application may also have a structure similar to that of FIG. 7A or FIG. 7B, and may perform the behavior of the management function entity involved in the foregoing method example.
  • FIG. 7A or FIG. 7B The detailed introduction is not repeated here.
  • the steps of the method or algorithm described in connection with the disclosure of the embodiments of the present application may be implemented in a hardware manner, or may be implemented by a processor executing software instructions.
  • the software instructions may be composed of corresponding software modules, which may be stored in a random access memory (RAM), a flash memory, a read only memory (ROM), an erasable programmable read only memory ( Erasable Programmable ROM (EPROM), electrically erasable programmable read only memory (EEPROM), registers, hard disk, removable hard disk, compact disk read only (CD-ROM) or any other form of storage medium known in the art.
  • An exemplary storage medium is coupled to the processor to enable the processor to read information from, and write information to, the storage medium.
  • the storage medium can also be an integral part of the processor.
  • the processor and the storage medium can be located in an ASIC.
  • the ASIC can be located in a user plane entity, a control plane entity, a first distribution function entity, a second distribution function entity, or a law enforcement listening device.
  • the processor and the storage medium may also exist as discrete components in the user plane entity, the control plane entity, the first distribution function entity, the second distribution function entity, or the law enforcement interception device.
  • the computer program product includes one or more computer instructions. Loading and executing the computer on a computer
  • the program or function described in the embodiment of the present application is generated in whole or in part when the program is instructed.
  • the computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable device.
  • the computer instructions can be stored in a computer readable storage medium or transferred from one computer readable storage medium to another computer readable storage medium, for example, the computer instructions can be from a website site, computer, server or data center Transfer to another website site, computer, server, or data center by wire (eg, coaxial cable, fiber optic, digital subscriber line (DSL), or wireless (eg, infrared, wireless, microwave, etc.).
  • wire eg, coaxial cable, fiber optic, digital subscriber line (DSL), or wireless (eg, infrared, wireless, microwave, etc.).
  • the computer readable storage medium can be any available media that can be stored by a computer or a data storage device such as a server, data center, or the like that includes one or more available media.
  • the usable medium may be a magnetic medium (eg, a floppy disk, a hard disk, a magnetic tape), an optical medium (eg, a DVD), or a semiconductor medium (such as a solid state disk (SSD)).

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé de traitement de données et un système de communication d'interception légale. Une entité de plan d'utilisateur n'envoie plus d'informations de plan d'utilisateur dans un événement d'en-tête de données par paquets à une entité de plan de commande, ce qui permet de réduire une charge d'interface entre l'entité de plan d'utilisateur et l'entité de plan de commande. Le procédé comprend : la réception par une entité de plan d'utilisateur d'informations de gestion d'interception envoyées par une entité de plan de commande, les informations de gestion d'interception comprenant des informations d'adresse de destination concernant des informations de plan d'utilisateur dans un événement d'en-tête de données par paquets pour une interception légale ; la génération par l'entité de plan de commande d'informations de plan de commande dans l'événement d'en-tête de données par paquets en fonction du contexte et l'envoi des informations de plan de commande dans l'événement d'en-tête de données par paquets à une première entité de fonction de distribution ; et l'envoi par l'entité de plan d'utilisateur des informations de plan d'utilisateur dans l'événement d'en-tête par paquets à une seconde entité de fonction de distribution en fonction des informations d'adresse de destination.
PCT/CN2017/072594 2017-01-25 2017-01-25 Procédé de traitement de données et système de communication d'interception légale WO2018137171A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/072594 WO2018137171A1 (fr) 2017-01-25 2017-01-25 Procédé de traitement de données et système de communication d'interception légale

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/072594 WO2018137171A1 (fr) 2017-01-25 2017-01-25 Procédé de traitement de données et système de communication d'interception légale

Publications (1)

Publication Number Publication Date
WO2018137171A1 true WO2018137171A1 (fr) 2018-08-02

Family

ID=62977841

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/072594 WO2018137171A1 (fr) 2017-01-25 2017-01-25 Procédé de traitement de données et système de communication d'interception légale

Country Status (1)

Country Link
WO (1) WO2018137171A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101141761A (zh) * 2007-09-30 2008-03-12 华为技术有限公司 一种监听的方法、系统及装置
WO2009102245A1 (fr) * 2008-02-14 2009-08-20 Telefonaktiebolaget Lm Ericsson (Publ) Interception légale d'abonnés non-locaux
US20120155333A1 (en) * 2010-12-17 2012-06-21 Electronics And Telecommunications Research Institute Of Daejeon Appratus and method for lawful interception
CN102577316A (zh) * 2011-12-29 2012-07-11 华为技术有限公司 数据监听方法、设备和系统

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101141761A (zh) * 2007-09-30 2008-03-12 华为技术有限公司 一种监听的方法、系统及装置
WO2009102245A1 (fr) * 2008-02-14 2009-08-20 Telefonaktiebolaget Lm Ericsson (Publ) Interception légale d'abonnés non-locaux
US20120155333A1 (en) * 2010-12-17 2012-06-21 Electronics And Telecommunications Research Institute Of Daejeon Appratus and method for lawful interception
CN102577316A (zh) * 2011-12-29 2012-07-11 华为技术有限公司 数据监听方法、设备和系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
OTD: "Discussion on Lawful Interception in split architectures", SA WG3-LI MEETING #61 S3I-160172, 24 April 2016 (2016-04-24), pages 1 - 3, XP055531021 *

Similar Documents

Publication Publication Date Title
KR101814300B1 (ko) 합법적인 인터셉션을 위한 보안 방법
US9979818B2 (en) Caller ID verification
CN102404741B (zh) 移动终端上网异常检测方法和装置
CN112823503B (zh) 一种数据访问方法、数据访问装置及移动终端
US10313290B2 (en) System and method for communicating electronic health information
US20230114680A1 (en) Tunneled monitoring service and method
US20210314434A1 (en) Active Call Verification to Prevent Falsified Caller Information
WO2022126972A1 (fr) Procédé de communication de données, système de gestion de clé, dispositif et support de stockage
CN111064607A (zh) 网络运维系统的管理方法、装置及存储介质
CN112287364A (zh) 数据共享方法、装置、系统、介质及电子设备
US9749422B2 (en) Method and system for telecommunication device monitoring
US11876792B2 (en) Mobile licensing verification intermediary
WO2012089050A1 (fr) Appareil d'interception, procédé d'interception, et système
WO2018137171A1 (fr) Procédé de traitement de données et système de communication d'interception légale
US11824782B2 (en) Rate limiter for database access
US9027139B2 (en) Method for malicious attacks monitoring
WO2011127692A1 (fr) Appareil et procédé de surveillance de messages courts
CN113259436B (zh) 网络请求的处理方法和装置
TWI520548B (zh) Information System and Its Method of Confidential Data Based on Packet Analysis
US11805201B2 (en) Call processing apparatus, call processing method, call processing system and call processing program
WO2008075580A1 (fr) Terminal de communication, terminal, système et procédé de communication et programme
CN106549849A (zh) 报文的处理方法及装置
WO2019091238A1 (fr) Procédé d'anti-interception d'informations, serveur, et support de stockage lisible par ordinateur
Lema et al. Security Enhancement of SIP Protocol in VoIP Communication
US7920542B1 (en) Method and apparatus for providing secure voice/multimedia communications over internet protocol

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17894376

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17894376

Country of ref document: EP

Kind code of ref document: A1