WO2020048600A1 - Coordinated lawful interception - Google Patents

Coordinated lawful interception Download PDF

Info

Publication number
WO2020048600A1
WO2020048600A1 PCT/EP2018/074011 EP2018074011W WO2020048600A1 WO 2020048600 A1 WO2020048600 A1 WO 2020048600A1 EP 2018074011 W EP2018074011 W EP 2018074011W WO 2020048600 A1 WO2020048600 A1 WO 2020048600A1
Authority
WO
WIPO (PCT)
Prior art keywords
entity
communication session
predetermined
predetermined area
intercepted
Prior art date
Application number
PCT/EP2018/074011
Other languages
French (fr)
Inventor
Klaus Hoffmann
Original Assignee
Nokia Solutions And Networks Gmbh & Co. Kg
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Solutions And Networks Gmbh & Co. Kg filed Critical Nokia Solutions And Networks Gmbh & Co. Kg
Priority to PCT/EP2018/074011 priority Critical patent/WO2020048600A1/en
Publication of WO2020048600A1 publication Critical patent/WO2020048600A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/30Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information
    • H04L63/306Network architectures or network communication protocols for network security for supporting lawful interception, monitoring or retaining of communications or communication related information intercepting packet switched data communications, e.g. Web, Internet or IMS communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/80Arrangements enabling lawful interception [LI]

Landscapes

  • Engineering & Computer Science (AREA)
  • Technology Law (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

There are provided measures for coordinated lawful interception. Such measures exemplarily comprise, at a network function entity in a lawful interception compound, receiving communication session related control plane signaling related to a communication session, adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and forwarding said communication session related control plane signaling. Such measures may exemplarily further comprise, at the network function entity, controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on information on a position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling and a predetermined area.

Description

Title
Coordinated lawful interception
Field
The present invention relates to coordinated lawful interception. More specifically, the present invention exemplarily relates to measures (including methods, apparatuses and computer program products) for realizing coordinated lawful interception.
Background
The present specification generally relates to implementation of policies in relation to lawful interception.
According to the German Ordinance concerning Technical and Organizational Implementation of Measures for the Interception of Telecommunications ("Telekommunikationsijberwachungsverordnung", "TKLIV"), Section 4, it is required that, where the telecommunications system recognizes as part of normal operational procedures that the terminal equipment using the identification to be intercepted is located abroad, the telecommunication shall not be covered, unless the telecommunication to be intercepted is diverted or forwarded to a telecommunications connection or a storage facility located in Germany.
Similar principles and policies are set out for other countries within and outside the European Union. Accordingly, the present invention as set out below is not limited to implementation pf principles according to the TKLIV. Figure 10 shows a schematic diagram of an example of a system environment in relation to a roaming 5G system architecture in a home routed scenario in reference point representation.
Presently, utilization of network function virtualization is increasing.
Figure 11 shows a schematic diagram of an example of a system environment, in particular a network function virtualization management and orchestration (NFV-MANO) architectural framework, in reference point representation.
An implementation of principles and policies in relation to lawful interception when utilizing network function virtualization is not known.
Hence, the problem arises that principles and policies in relation to lawful interception cannot be applied in network scenarios utilizing network function virtualization.
Hence, there is a need to provide for coordinated lawful interception.
Various exemplary embodiments of the present invention aim at addressing at least part of the above issues and/or problems and drawbacks.
Various aspects of exemplary embodiments of the present invention are set out in the appended claims.
According to an exemplary aspect of the present invention, there is provided a method of a network function entity in a lawful interception compound, comprising receiving communication session related control plane signaling related to a communication session, adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and forwarding said communication session related control plane signaling.
According to an exemplary aspect of the present invention, there is provided a method of a repository function entity in a lawful interception compound, comprising receiving, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier, obtaining, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and transmitting, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
According to an exemplary aspect of the present invention, there is provided a method of a network function entity in a lawful interception compound, comprising receiving communication session related control plane signaling related to a communication session, editing said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and forwarding said communication session related control plane signaling.
According to an exemplary aspect of the present invention, there is provided an apparatus of a network function entity in a lawful interception compound, the apparatus comprising at least one processor, at least one memory including computer program code, and at least one interface configured for communication with at least another apparatus, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform receiving communication session related control plane signaling related to a communication session, adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and forwarding said communication session related control plane signaling. According to an exemplary aspect of the present invention, there is provided an apparatus of a repository function entity in a lawful interception compound, the apparatus comprising at least one processor, at least one memory including computer program code, and at least one interface configured for communication with at least another apparatus, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform receiving, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier, obtaining, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and transmitting, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
According to an exemplary aspect of the present invention, there is provided an apparatus of a network function entity in a lawful interception compound, the apparatus comprising at least one processor, at least one memory including computer program code, and at least one interface configured for communication with at least another apparatus, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform receiving communication session related control plane signaling related to a communication session, editing said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and forwarding said communication session related control plane signaling.
According to an exemplary aspect of the present invention, there is provided an apparatus of a network function entity in a lawful interception compound, the apparatus comprising receiving circuitry configured to receive communication session related control plane signaling related to a communication session, adding circuitry configured to add, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and forwarding circuitry configured to forward said communication session related control plane signaling.
According to an exemplary aspect of the present invention, there is provided an apparatus of a repository function entity in a lawful interception compound, the apparatus comprising receiving circuitry configured to receive, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier, obtaining circuitry configured to obtain, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and transmitting circuitry configured to transmit, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
According to an exemplary aspect of the present invention, there is provided an apparatus of a network function entity in a lawful interception compound, the apparatus comprising receiving circuitry configured to receive communication session related control plane signaling related to a communication session, editing circuitry configured to edit said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and forwarding circuitry configured to forward said communication session related control plane signaling.
According to an exemplary aspect of the present invention, there is provided a computer program product comprising computer-executable computer program code which, when the program is run on a computer (e.g. a computer of an apparatus according to any one of the aforementioned apparatus-related exemplary aspects of the present invention), is configured to cause the computer to carry out the method according to any one of the aforementioned method-related exemplary aspects of the present invention. Such computer program product may comprise (or be embodied) a (tangible) computer-readable (storage) medium or the like on which the computer- executable computer program code is stored, and/or the program may be directly loadable into an internal memory of the computer or a processor thereof.
Any one of the above aspects enables an efficient implementation of principles and policies in relation to lawful interception when utilizing network function virtualization to thereby solve at least part of the problems and drawbacks identified in relation to the prior art.
By way of exemplary embodiments of the present invention, there is provided coordinated lawful interception. More specifically, by way of exemplary embodiments of the present invention, there are provided measures and mechanisms for realizing coordinated lawful interception.
Thus, improvement is achieved by methods, apparatuses and computer program products enabling/realizing coordinated lawful interception.
Brief description of the drawings
In the following, the present invention will be described in greater detail by way of non-limiting examples with reference to the accompanying drawings, in which
Figure 1 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,
Figure 2 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,
Figure 3 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention, Figure 4 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,
Figure 5 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,
Figure 6 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention,
Figure 7 is a schematic diagram of a procedure according to exemplary embodiments of the present invention,
Figure 8 is a schematic diagram of a procedure according to exemplary embodiments of the present invention,
Figure 9 is a schematic diagram of a procedure according to exemplary embodiments of the present invention,
Figure 10 shows a schematic diagram of an example of a system environment in reference point representation,
Figure 11 shows a schematic diagram of an example of a system environment in reference point representation,
Figure 12 shows a schematic diagram of an example of a system environment with signaling variants according to exemplary embodiments of the present invention,
Figure 13 is a block diagram alternatively illustrating apparatuses according to exemplary embodiments of the present invention, and Figure 14 is a block diagram alternatively illustrating an apparatus according to exemplary embodiments of the present invention.
Detailed description of drawings and embodiments of the present invention
The present invention is described herein with reference to particular non- limiting examples and to what are presently considered to be conceivable embodiments of the present invention. A person skilled in the art will appreciate that the invention is by no means limited to these examples, and may be more broadly applied.
It is to be noted that the following description of the present invention and its embodiments mainly refers to specifications being used as non-limiting examples for certain exemplary network configurations and deployments. Namely, the present invention and its embodiments are mainly described in relation to 3GPP specifications being used as non-limiting examples for certain exemplary network configurations and deployments. As such, the description of exemplary embodiments given herein specifically refers to terminology which is directly related thereto. Such terminology is only used in the context of the presented non-limiting examples, and does naturally not limit the invention in any way. Rather, any other communication or communication related system deployment, etc. may also be utilized as long as compliant with the features described herein.
In particular, while exemplary embodiments of the present invention are explained with reference to the TKLIV
("Telekommunikationsijberwachungsverordnung") for example purposes only, the present invention as set out below is not limited to implementation of principles according to the TKLIV.
Hereinafter, various embodiments and implementations of the present invention and its aspects or embodiments are described using several variants and/or alternatives. It is generally noted that, according to certain needs and constraints, all of the described variants and/or alternatives may be provided alone or in any conceivable combination (also including combinations of individual features of the various variants and/or alternatives).
According to exemplary embodiments of the present invention, in general terms, there are provided measures and mechanisms for (enabling/realizing) coordinated lawful interception.
Figure 1 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention. The apparatus may be a network entity 10 (of a network function entity in a lawful interception compound) such as a virtual network function or a physical network function comprising a receiving circuitry 11, an adding circuitry 12, and a forwarding circuitry 13. The receiving circuitry 11 receives communication session related control plane signaling related to a communication session. The adding circuitry 12 adds, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity. The forwarding circuitry 13 forwards said communication session related control plane signaling. Figure 7 is a schematic diagram of a procedure according to exemplary embodiments of the present invention. The apparatus according to Figure 1 may perform the method of Figure 7 but is not limited to this method. The method of Figure 7 may be performed by the apparatus of Figure 1 but is not limited to being performed by this apparatus.
As shown in Figure 7, a procedure according to exemplary embodiments of the present invention comprises an operation of receiving (S71) communication session related control plane signaling related to a communication session, an operation of adding (S72), to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and an operation of forwarding (S73) said communication session related control plane signaling. Figure 2 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention. In particular, Figure 2 illustrates a variation of the apparatus shown in Figure 1. The apparatus according to Figure 2 may thus further comprise retrieving circuitry 21, requesting circuitry 22, controlling circuitry 23, checking circuitry 24, ascertaining circuitry 25, performing circuitry 26, inhibiting circuitry 27, subscribing circuitry 28, and/or adapting circuitry 29.
In an embodiment at least some of the functionalities of the apparatus shown in Figure 1 (or 2) may be shared between two physically separate devices forming one operational entity. Therefore, the apparatus may be seen to depict the operational entity comprising one or more physically separate devices for executing at least some of the described processes.
According to a variation of the procedure shown in Figure 7, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of retrieving, from said communication session related control plane signaling, entity identifiers included in said communication session related control plane signaling, and an operation of requesting, from a repository function entity, for each of said entity identifiers included in said communication session related control plane signaling, information on a position of each of entities respectively identified by said entity identifiers included in said communication session related control plane signaling.
According to a variation of the procedure shown in Figure 7, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on said information on a position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling and a predetermined area.
According to a variation of the procedure shown in Figure 7, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of checking, based on said information on said position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling, whether at least one entity of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
According to a variation of the procedure shown in Figure 7, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of ascertaining, whether said terminal to be intercepted is located within said predetermined area.
According to a variation of the procedure shown in Figure 7, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located within said predetermined area.
According to a variation of the procedure shown in Figure 7, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and at least one entity of a predetermined entity type of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
According to a variation of the procedure shown in Figure 7, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of inhibiting said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and no entity of a predetermined entity type of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
According to further exemplary embodiments of the present invention, said predetermined entity type is one of a telecommunications connection and a storage facility.
According to still further exemplary embodiments of the present invention, said predetermined area is at least one of a predetermined physical realm and a predetermined jurisdictional realm.
According to a variation of the procedure shown in Figure 7, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of subscribing, from said repository function entity, for each of said entity identifiers included in said communication session related control plane signaling, position change information.
According to a variation of the procedure shown in Figure 7, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of receiving, from said repository function entity, said position change information for at least one of said entity identifiers included in said communication session related control plane signaling indicative of change of said position of said at least one of said entities identified by said at least one of said entity identifiers included in said communication session related control plane signaling, and an operation of adapting said controlling said interception processing for said communication session terminated at said terminal to be intercepted based on said position change information for said at least one of said entity identifiers included in said communication session related control plane signaling.
The communication session related control plane signaling related to a communication session may be, for example, a session establishment control plane signaling for the communication session or any intermediate control plane signaling after establishment of the communication session.
Although the entity identifier may be provided in the communication session related control plane signaling in any case irrespective of whether a lawful interception situation exists, i.e., irrespective of whether an interception target is set, present, and/or detected, the entity identifier, as potentially used in relation to lawful interception, may be denoted as interception related entity identifier.
Figure 3 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention. The apparatus may be a network entity 30 (of a repository function entity in a lawful interception compound) such as a network repository function comprising a receiving circuitry 31, an obtaining circuitry 32, and a transmitting circuitry 33. The receiving circuitry 31 receives, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier. The obtaining circuitry 32 obtains, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier. The transmitting circuitry 33 transmits, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier. Figure 8 is a schematic diagram of a procedure according to exemplary embodiments of the present invention. The apparatus according to Figure 3 may perform the method of Figure 8 but is not limited to this method. The method of Figure 8 may be performed by the apparatus of Figure 3 but is not limited to being performed by this apparatus.
As shown in Figure 8, a procedure according to exemplary embodiments of the present invention comprises an operation of receiving (S81), from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier, an operation of obtaining (S82), for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and an operation of transmitting (S83), to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
Figure 4 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention. In particular, Figure 4 illustrates a variation of the apparatus shown in Figure 3. The apparatus according to Figure 4 may thus further comprise monitoring circuitry 41.
In an embodiment at least some of the functionalities of the apparatus shown in Figure 3 (or 4) may be shared between two physically separate devices forming one operational entity. Therefore, the apparatus may be seen to depict the operational entity comprising one or more physically separate devices for executing at least some of the described processes.
According to a variation of the procedure shown in Figure 8, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of receiving, from a network function entity, a subscription request for position change information for said at least one entity identified by said respective entity identifier.
According to a variation of the procedure shown in Figure 8, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of monitoring said position of said at least one entity identified by said respective entity identifier, and an operation of, if a change of said position of said at least one entity identified by said respective entity identifier is detected, transmitting, to said network function entity, said position change information for said at least one entity identified by said respective entity identifier indicative of said change of said position of said at least one entity identified by said respective entity identifier.
According to further exemplary embodiments of the present invention, said information on said position of said at least one entity identified by said respective entity identifier is configured by one of a virtual network function managing entity either directly or via an element managing entity, and a network functions virtualization orchestrator entity via an operating support system and/or a business support system.
According to still further exemplary embodiments of the present invention, said information on said position of said at least one entity identified by said respective entity identifier is at least one of information indicative of a physical location of said at least one entity identified by said respective entity identifier and information indicative of whether said at least one entity identified by said respective entity identifier is located within at least one of a predetermined physical realm and a predetermined jurisdictional realm or not.
Figure 5 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention. The apparatus may be a network entity 50 (of a network function entity in a lawful interception compound) such as a virtual network function or a physical network function comprising a receiving circuitry 51, an editing circuitry 52, and a forwarding circuitry 53. The receiving circuitry 51 receives communication session related control plane signaling related to a communication session. The editing circuitry 52 edits said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area. The forwarding circuitry 53 forwards said communication session related control plane signaling. Figure 9 is a schematic diagram of a procedure according to exemplary embodiments of the present invention. The apparatus according to Figure 5 may perform the method of Figure 9 but is not limited to this method. The method of Figure 9 may be performed by the apparatus of Figure 5 but is not limited to being performed by this apparatus.
As shown in Figure 9, a procedure according to exemplary embodiments of the present invention comprises an operation of receiving (S91) communication session related control plane signaling related to a communication session, an operation of editing (S92) said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and an operation of forwarding (S93) said communication session related control plane signaling.
Figure 6 is a block diagram illustrating an apparatus according to exemplary embodiments of the present invention. In particular, Figure 6 illustrates a variation of the apparatus shown in Figure 5. The apparatus according to Figure 6 may thus further comprise retrieving circuitry 601, maintaining circuitry 602, modifying circuitry 603, controlling circuitry 604, ascertaining circuitry 605, performing circuitry 606, inhibiting circuitry 607, adapting circuitry 608, monitoring circuitry 609, and/or broadcasting circuitry 610.
In an embodiment at least some of the functionalities of the apparatus shown in Figure 5 (or 6) may be shared between two physically separate devices forming one operational entity. Therefore, the apparatus may be seen to depict the operational entity comprising one or more physically separate devices for executing at least some of the described processes.
According to a variation of the procedure shown in Figure 9, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of retrieving, from said communication session related control plane signaling, said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
According to a variation of the procedure shown in Figure 9, exemplary details of the editing operation are given, which are inherently independent from each other as such. Such exemplary editing operation according to exemplary embodiments of the present invention may comprise an operation of, if said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area is indicative of that said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area, maintaining said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area. According to a variation of the procedure shown in Figure 9, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of, if a position of said network function entity is located within said predetermined area, modifying said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area to indicate that said least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
According to further exemplary embodiments of the present invention, said position of said network function entity is configured by one of a virtual network function managing entity, a network functions virtualization orchestrator entity, an operating support system and a business support system.
According to a variation of the procedure shown in Figure 9, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
According to a variation of the procedure shown in Figure 9, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of ascertaining, whether said terminal to be intercepted is located within said predetermined area.
According to a variation of the procedure shown in Figure 9, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located within said predetermined area.
According to a variation of the procedure shown in Figure 9, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and said at least one entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
According to a variation of the procedure shown in Figure 9, exemplary details of the controlling operation are given, which are inherently independent from each other as such. Such exemplary controlling operation according to exemplary embodiments of the present invention may comprise an operation of inhibiting said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and no entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area. According to a variation of the procedure shown in Figure 9, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of receiving position change information indicative of a change of a position of a broadcasting communication session node of said communication session terminated at said terminal to be intercepted, and an operation of adapting said controlling said interception processing for said communication session terminated at said terminal to be intercepted based on said position change information.
According to a variation of the procedure shown in Figure 9, exemplary additional operations are given, which are inherently independent from each other as such. According to such variation, an exemplary method according to exemplary embodiments of the present invention may comprise an operation of monitoring an own position of said network function entity, and an operation of, if a change of own position of said network function entity is detected, broadcasting, to each of communication session nodes of said communication session (terminated at said terminal to be intercepted), position change information indicative of said change of own position of said network function entity.
According to still further exemplary embodiments of the present invention, said predetermined entity type is one of a telecommunications connection and a storage facility.
According to still further exemplary embodiments of the present invention, said predetermined area is at least one of a predetermined physical realm and a predetermined jurisdictional realm.
According to still further exemplary embodiments of the present invention, said information on whether at least one entity of said predetermined entity type as said communication session node of said communication session (terminated at said terminal to be intercepted) is located within said predetermined area comprises own leg information on whether at least one entity of said predetermined entity type as said communication session node of an own leg of said communication session (terminated at said terminal to be intercepted) and being a conference communication is located within said predetermined area and remote leg information on whether at least one entity of said predetermined entity type as said communication session node of a remote leg of said communication session (terminated at said terminal to be intercepted) and being said conference communication is located within said predetermined area.
In more specific terms, according to one aspect of the present invention, 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE) / 5G Core / internet protocol (IP) multimedia subsystem (IMS) and the fixed network take into account the full consequences of network functions virtualization (NFV).
Namely, as it is stated for example in the TKLIV in Section 4, it is required that for instance an international communication (e.g. terminal to be intercepted is located outside said predetermined area) which is diverted/forwarded to a storage functionality (as one example of said predetermined entity type) within Germany (as one example of said predetermined area) shall be intercepted, but shall not be intercepted if diverted/forwarded only to storage functionalities outside said predetermined area (e.g. Germany).
Therefore, according to exemplary embodiments of the present invention, the control plane signaling of the involved virtual network functions (VNF) / physical network functions (PNF) collects the identification of all involved nodes in the forward direction and returns it in the backward direction, from each user plane function and control plane function within the network during session establishment of a communication session in relation to the terminal to be intercepted.
According to exemplary embodiments of the present invention, all those VNFs/PNFs (e.g. Interconnection Border Control Functions (IBCF), Proxy Call Session Control Function (P-CSCF), Service Call Session Control Function (S- CSCF), MGCF (Media Gateway Control Function), MG (Media Gateway), Access Management Function (AMF), Session Management Function (SMF), User Plane Function (UPF), Security Edge Protection Proxy (SEPP), PDN Gateway (PGW) / Serving Gateway (SGW), PGW-C, SGW-C, PGW-U and SGW-U) which are mandated to perform interception request from the Network repository function (NRF) for each of the collected VNFs/PNFs the current physical location.
If at least one of the collected VNF/PNF is located inside the jurisdiction/country (being examples of a predetermined physical realm / a predetermined jurisdictional realm), the interception for a call from/to an international UE (terminal to be intercepted and located abroad, i.e., outside the predetermined area, e.g. Germany) shall start during session establishment, in particular if the connected (destination/origination) UE itself is within the jurisdiction/country.
Here, it is noted that depending on the principles/policies to be implemented, only VNFs/PNFs which correspond to a predetermined type are considered. According to exemplary embodiments of the present invention, the predetermined type may be one of a telecommunications connection and a storage facility as cited in Section 4 of the above-discussed TKLIV. However, the predetermined type is not limited to these two examples but may comprise more or less types including or not including the mentions two types.
Furthermore, according to exemplary embodiments of the present invention, all those VNFs/PNFs which are Intercepting Control Elements (ICE), e.g. IBCF, P- CSCF, S-CSCF, SMF, UPF, SEPP, etc., and which are mandated to perform the interception, shall subscribe with the NRF for each VNF/PNF in the chain to be notified about the event when the VNF/PNFs changes the location from/to inside/outside jurisdiction/country (predetermined area). Based on this information, the ICE shall start/stop (i.e. adapt) the interception.
Figure 12 shows a schematic diagram of an example of a system environment with signaling variants according to exemplary embodiments of the present invention. The exemplary embodiments of the one aspect of the present invention are explained in even more specific terms referring to Figure 12.
The operator in question may have, in its network 1201, VNF/PNF 1211 located within the jurisdiction/country 1202 (area of jurisdiction of operator's network) and outside the jurisdiction/country.
Furthermore, the connected UE 1212 may be located inside or outside the jurisdiction/country.
If for instance a calling party from the outside as an international caller (e.g. UE 1212a), communicates with a UE in the operator network (e.g. UE1212d), interception must take place if the called UE or a storage facility is located inside the jurisdiction/country.
According to exemplary embodiments of the present invention, the VNF/PNF add their ID to the control plane signaling 1221 in forward and backward direction at session establishment. Once the IDs had been exchanged, the (each involved) ICE queries (1222) the NRF for the location of the VNF for the IDs exchanged. Additionally, the (each involved) ICE subscribes (1222) for the notification of the change of the location of the corresponding VNFs. Once a change of the VNF takes place, the NRF notifies the ICE's which had subscribed to. According to exemplary embodiments of the present invention, the (each involved) ICE starts/stops (i.e. adapts) the interception depending on the result of the evaluation of the notifications in relation to the locations.
According to exemplary embodiments of the present invention, the NRF as a VNF is configured with the country/jurisdiction either by the virtual network function manager (VNFM) via the element manager (EM) or directly or by the network functions virtualization orchestrator (NFVO) via the operating support system (OSS) / business support system (BSS). According to further exemplary embodiments of the present invention, the NRF, when informing the VNFs/PNFs, provides either the current location or signals whether the VNF/PNF is inside or outside the jurisdiction.
Further, in more specific terms, according to another aspect of the present invention, 3GPP LTE / 5G Core / IMS and the fixed network take into account the full consequences of network functions virtualization.
Namely, as it is stated for example in the TKLIV in Section 4, it is required that for instance an international communication (e.g. terminal to be intercepted is located outside said predetermined area) which is diverted/forwarded to a storage functionality (as one example of said predetermined entity type) within Germany (as one example of said predetermined area) shall be intercepted, but shall not be intercepted if diverted/forwarded only to a storage functionalities outside said predetermined area (e.g. Germany).
Therefore, according to exemplary embodiments of the present invention, each (involved) VNF/PNF adds, for instance based on local configuration via operation and maintenance (OAM), etc., to the control plane signaling during the session establishment in forward and backward direction whether it is physically located inside/outside the jurisdiction/country, including the user plane and control plane functions.
For instance, each VNF/PNF makes notes whether at least one VNF/PNF in forward and/or one VNF/PNF in backward direction was inside the jurisdiction/country.
Based on this information and in accordance with the requirement of e.g. the TKLIV, the ICE starts the lawful interception or not.
Furthermore, if one of the involved VNF/PNFs has been configured such that its physical location has been changed, according to exemplary embodiments of the present invention, the corresponding VNF/PNF signals (broadcasts) the change towards the possibly two remote ends of the chain of VNS/PNFs.
In detail, in a single leg case, if for instance a VNF/PNFs did not receive via signaling the exemplary indication "at least one VNF/PNF inside the jurisdiction/country" for own/current leg but was configured to be inside the jurisdiction/country, this VNF/PNF signals the exemplary indication "at least one VNF/PNF inside the jurisdiction/country" in the forward direction during session establishment.
According to exemplary embodiments of the present invention, any subsequent VNF/PNF acts similar/accordingly.
The last VNF/PNF in the network before leaving the network removes the forward indication and if it was configured to be inside the jurisdiction/country, this VNF/PNF signals in the backwards direction the indication "at least one VNF/PNF inside the jurisdiction/country" during session establishment. If it was not inside the jurisdiction/country, it does not send this indication.
As with the forward indication, if for instance a VNF/PNF did not receive the indication "at least one VNF/PNF inside the jurisdiction/country" but was configured to be inside the jurisdiction/country, this VNF/PNF signals the indication "at least one VNF/PNF inside the jurisdiction/country" in the backward direction during session establishment, until the border VNF/PNF is reached.
According to exemplary embodiments of the present invention, the border VNF/PNF removes the indication from the signaling before the signaling leaves the network.
Further, in a conference case, i.e., in case of a conference call, there might be even multiple remote ends (multi leg case). In that case, according to exemplary embodiments of the present invention, all the related legs of the conference are informed about whether a VNF/PNF of another leg is located inside/outside the jurisdiction/country. Preferably, according to exemplary embodiments of the present invention, a network conference bridge copies that information (indication "at least one VNF/PNF inside the jurisdiction/country") from each leg to the other remaining leg. The information that the indication "at least one VNF/PNF inside the jurisdiction/country" belongs to a remote leg (i.e. it is not related to the own/current leg) is clearly distinguishable for the own/current leg. Namely, this may be implemented by signaling information dedicated for the own/current leg and information dedicated for the remote leg (e.g. attached to the conference bridge).
If, in case a session is already established, a VNF/PNF is (re-)configured to have changed its location, according to exemplary embodiments of the present invention, the respective VNF/PNF signals this location change to its peer and again the intermediate nodes forward this towards/up to the border nodes. These intermediate ICEs shall re-evaluate this information about VNF/PNFs being inside or outside the jurisdiction/country, both for the own/current leg and the remote leg, in order to start/stop (i.e., adapt) the interception.
As mentioned above, Figure 12 shows a schematic diagram of an example of a system environment with signaling variants according to exemplary embodiments of the present invention. The exemplary embodiments of the another aspect of the present invention are explained in even more specific terms referring to Figure 12.
The operator has in its network 1201 VNF/PNFs 1211 located within the jurisdiction/country 1202 and outside the jurisdiction/country. Furthermore, the connected UEs 1212 may be located inside or outside the jurisdiction/country. If, for instance a calling party from the outside as an international caller (e.g. UE 1212a) communicates with a UE (e.g. UE 1212d) in the operator network, interception must take place if the called UE or a storage facility (as examples for entities having the predetermined entity type) is located inside the jurisdiction/country.
In general, according to exemplary embodiments of the present invention, the operator's network may have an OSS/BSS system and the NFVO and VNFM with the corresponding NRF.
For instance the NFVO and VNFM may decide based on operators policy where to place a certain VNF. By OAM means, for instance, via OSS/BSS and/or VNFO/VNFM, each of the VNF/PNF are configured with information about where they currently reside, e.g. inside or outside the jurisdiction of the present network (as an example of the predetermined area).
Based on this configuration, each of the VNF knows its location.
As an example, in case a first VNF signals (implicitly or explicitly) in forward direction that the VNF is inside the jurisdiction and also a second VNF signals (implicitly or explicitly) in backward direction that the VNF is inside the jurisdiction, as a result of the processing according to exemplary embodiments of the present invention, the ICEs in the network concludes that the interception shall take place.
Further, in a case the first VNF is still within the jurisdiction (and signals in forward direction that the VNF is inside the jurisdiction), while the second VNF is outside the jurisdiction (and potentially signals "outside jurisdiction" either implicitly or explicitly towards the first VNF), as a result of the processing according to exemplary embodiments of the present invention, the first VNF on receipt of this signaled information shall start the interception.
Further, in a case the first VNF is not within the jurisdiction (and potentially signals "outside jurisdiction" either implicitly or explicitly towards the first VNF) and the second VNF is outside the jurisdiction (and potentially signals "outside jurisdiction" either implicitly or explicitly towards the first VNF), and no further involved VNF introduces the information that such VNF is inside the jurisdiction, as a result of the processing according to exemplary embodiments of the present invention, no VNF shall start the interception.
In case of any of the VNFs may have been moved for instance based on the decision of the NFVO/VNFM, the respective VNF shall be configured by OAM to be informed about the new location. If the new location of the VNF results in being placed outside the jurisdiction where/when it formerly was placed inside, the VNF shall signal this towards the further involved (neighbor) VNFs/PNFs. These further involved VNFs/PNFs will then adapt the interception processing, if needed, according to the procedures explained above. The other way round, if the new location of the VNF results in being placed inside the jurisdiction where/when it formerly was placed outside, the VNF shall signal this towards the further involved (neighbor) VNFs/PNFs. These further involved VNFs/PNFs will then adapt the interception processing, if needed, according to the procedures explained above.
The above-described procedures and functions may be implemented by respective functional elements, processors, or the like, as described below.
In the foregoing exemplary description of the network entity, only the units that are relevant for understanding the principles of the invention have been described using functional blocks. The network entity may comprise further units that are necessary for its respective operation. However, a description of these units is omitted in this specification. The arrangement of the functional blocks of the devices is not construed to limit the invention, and the functions may be performed by one block or further split into sub-blocks.
When in the foregoing description it is stated that the apparatus, i.e. network entity (or some other means) is configured to perform some function, this is to be construed to be equivalent to a description stating that a (i.e. at least one) processor or corresponding circuitry, potentially in cooperation with computer program code stored in the memory of the respective apparatus, is configured to cause the apparatus to perform at least the thus mentioned function. Also, such function is to be construed to be equivalently implementable by specifically configured circuitry or means for performing the respective function (i.e. the expression "unit configured to" is construed to be equivalent to an expression such as "means for").
In Figure 13 and 14, an alternative illustration of apparatuses according to exemplary embodiments of the present invention is depicted. As indicated in Figure 13 and 14, according to exemplary embodiments of the present invention, the apparatus (network entity) 10' (corresponding to the network entity 10) comprises a processor 131, a memory 132 and an interface 133, which are connected by a bus 134 or the like. Further, according to exemplary embodiments of the present invention, the apparatus (network entity) 30' (corresponding to the network entity 30) comprises a processor 135, a memory 136 and an interface 137, which are connected by a bus 138 or the like, and the apparatuses may be connected via link 139, respectively.
Further, according to exemplary embodiments of the present invention, the apparatus (network entity) 50' (corresponding to the network entity 50) comprises a processor 141, a memory 142 and an interface 143, which are connected by a bus 144 or the like. The apparatuses may be connected with other apparatuses via link 149.
The processor 131/135/141 and/or the interface 133/137/143 may also include a modem or the like to facilitate communication over a (hardwire or wireless) link, respectively. The interface 133/137/143 may include a suitable transceiver coupled to one or more antennas or communication means for (hardwire or wireless) communications with the linked or connected device(s), respectively. The interface 133/137/143 is generally configured to communicate with at least one other apparatus, i.e. the interface thereof.
The memory 132/136/142 may store respective programs assumed to include program instructions or computer program code that, when executed by the respective processor, enables the respective electronic device or apparatus to operate in accordance with the exemplary embodiments of the present invention.
In general terms, the respective devices/apparatuses (and/or parts thereof) may represent means for performing respective operations and/or exhibiting respective functionalities, and/or the respective devices (and/or parts thereof) may have functions for performing respective operations and/or exhibiting respective functionalities.
When in the subsequent description it is stated that the processor (or some other means) is configured to perform some function, this is to be construed to be equivalent to a description stating that at least one processor, potentially in cooperation with computer program code stored in the memory of the respective apparatus, is configured to cause the apparatus to perform at least the thus mentioned function. Also, such function is to be construed to be equivalently implementable by specifically configured means for performing the respective function (i.e. the expression "processor configured to [cause the apparatus to] perform xxx-ing" is construed to be equivalent to an expression such as "means for xxx-ing").
According to exemplary embodiments of the present invention, an apparatus (of a network function entity in a lawful interception compound) representing the network entity 10 comprises at least one processor 131, at least one memory 132 including computer program code, and at least one interface 133 configured for communication with at least another apparatus. The processor (i.e. the at least one processor 131, with the at least one memory 132 and the computer program code) is configured to perform receiving communication session related control plane signaling related to a communication session (thus the apparatus comprising corresponding means for receiving), to perform adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity (thus the apparatus comprising corresponding means for adding), and to perform forwarding said communication session related control plane signaling (thus the apparatus comprising corresponding means for forwarding).
According to further exemplary embodiments of the present invention, an apparatus (of a repository function entity in a lawful interception compound) representing the network entity 30 comprises at least one processor 135, at least one memory 136 including computer program code, and at least one interface 137 configured for communication with at least another apparatus. The processor (i.e. the at least one processor 135, with the at least one memory 136 and the computer program code) is configured to perform receiving, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier (thus the apparatus comprising corresponding means for receiving), to perform obtaining, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier (thus the apparatus comprising corresponding means for obtaining), and to perform transmitting, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier (thus the apparatus comprising corresponding means for transmitting).
According to further exemplary embodiments of the present invention, an apparatus (of a network function entity in a lawful interception compound) representing the network entity 50 comprises at least one processor 141, at least one memory 142 including computer program code, and at least one interface 143 configured for communication with at least another apparatus. The processor (i.e. the at least one processor 141, with the at least one memory 142 and the computer program code) is configured to perform receiving communication session related control plane signaling related to a communication session (thus the apparatus comprising corresponding means for receiving), to perform editing said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area (thus the apparatus comprising corresponding means for editing), and to perform forwarding said communication session related control plane signaling (thus the apparatus comprising corresponding means for forwarding).
For further details regarding the operability/functionality of the individual apparatuses, reference is made to the above description in connection with any one of Figures 1 to 9 and 12, respectively.
For the purpose of the present invention as described herein above, it should be noted that
- method steps likely to be implemented as software code portions and being run using a processor at a network server or network entity (as examples of devices, apparatuses and/or modules thereof, or as examples of entities including apparatuses and/or modules therefore), are software code independent and can be specified using any known or future developed programming language as long as the functionality defined by the method steps is preserved;
- generally, any method step is suitable to be implemented as software or by hardware without changing the idea of the embodiments and its modification in terms of the functionality implemented;
- method steps and/or devices, units or means likely to be implemented as hardware components at the above-defined apparatuses, or any module(s) thereof, (e.g., devices carrying out the functions of the apparatuses according to the embodiments as described above) are hardware independent and can be implemented using any known or future developed hardware technology or any hybrids of these, such as MOS (Metal Oxide Semiconductor), CMOS (Complementary MOS), BiMOS (Bipolar MOS), BiCMOS (Bipolar CMOS), ECL (Emitter Coupled Logic), TTL (Transistor-Transistor Logic), etc., using for example ASIC (Application Specific IC (Integrated Circuit)) components, FPGA (Field-programmable Gate Arrays) components, CPLD (Complex Programmable Logic Device) components or DSP (Digital Signal Processor) components; - devices, units or means (e.g. the above-defined network entity or network register, or any one of their respective units/means) can be implemented as individual devices, units or means, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device, unit or means is preserved;
- an apparatus like the user equipment and the network entity /network register may be represented by a semiconductor chip, a chipset, or a (hardware) module comprising such chip or chipset; this, however, does not exclude the possibility that a functionality of an apparatus or module, instead of being hardware implemented, be implemented as software in a (software) module such as a computer program or a computer program product comprising executable software code portions for execution/being run on a processor;
- a device may be regarded as an apparatus or as an assembly of more than one apparatus, whether functionally in cooperation with each other or functionally independently of each other but in a same device housing, for example.
In general, it is to be noted that respective functional blocks or elements according to above-described aspects can be implemented by any known means, either in hardware and/or software, respectively, if it is only adapted to perform the described functions of the respective parts. The mentioned method steps can be realized in individual functional blocks or by individual devices, or one or more of the method steps can be realized in a single functional block or by a single device.
Generally, any method step is suitable to be implemented as software or by hardware without changing the idea of the present invention. Devices and means can be implemented as individual devices, but this does not exclude that they are implemented in a distributed fashion throughout the system, as long as the functionality of the device is preserved. Such and similar principles are to be considered as known to a skilled person. Software in the sense of the present description comprises software code as such comprising code means or portions or a computer program or a computer program product for performing the respective functions, as well as software (or a computer program or a computer program product) embodied on a tangible medium such as a computer-readable (storage) medium having stored thereon a respective data structure or code means/portions or embodied in a signal or in a chip, potentially during processing thereof.
The present invention also covers any conceivable combination of method steps and operations described above, and any conceivable combination of nodes, apparatuses, modules or elements described above, as long as the above- described concepts of methodology and structural arrangement are applicable.
In view of the above, there are provided measures for coordinated lawful interception. Such measures exemplarily comprise, at a network function entity in a lawful interception compound, receiving communication session related control plane signaling related to a communication session (e.g. session establishment control plane signaling for a communication session or any intermediate control plane signaling after establishment of a communication session), adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and forwarding said communication session related control plane signaling. Such measures may exemplarily further comprise, at the network function entity, controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on information on a position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling and a predetermined area.
Even though the invention is described above with reference to the examples according to the accompanying drawings, it is to be understood that the invention is not restricted thereto. Rather, it is apparent to those skilled in the art that the present invention can be modified in many ways without departing from the scope of the inventive idea as disclosed herein.
List of acronyms and abbreviations
3GPP Third Generation Partnership Project
AMF Access and Mobility Management Function
BSS Business Support System
CSCF Call Session Control Function
EM Element Manager
IMS IP Multimedia System
IBCF Interconnection Border Control Function
ICE Intercepting Control Element
LTE Long Term Evolution
MGCF Media Gateway Control Function
MG Media Gateway
NF Network Function
NRF Network repository Function
OSS Operating Support System
P-CSCF Proxy-CSCF
PGW PDN Gateway
PGW-C PGW Control Plane
PGW-U PGW User Plane
PNF Physical NF
S-CSCF Session-CSCF
SEPP Security Edge Protection Proxy
SGW Session Gateway
SGW-C SGW Control Plane
SGW-U SGW User Plane
SMF Session Management Function
TKLJV "Telekommunikationsijberwachungsverordnung"
UE User Equipment
UPF User Plane Function VNF Virtual NF

Claims

Claims
1. A method of a network function entity in a lawful interception compound, comprising
receiving communication session related control plane signaling related to a communication session,
adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and
forwarding said communication session related control plane signaling.
2. The method according to claim 1, further comprising
retrieving, from said communication session related control plane signaling, entity identifiers included in said communication session related control plane signaling, and
requesting, from a repository function entity, for each of said entity identifiers included in said communication session related control plane signaling, information on a position of each of entities respectively identified by said entity identifiers included in said communication session related control plane signaling.
3. The method according to claim 2, further comprising
controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on said information on a position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling and a predetermined area.
4. The method according to claim 3, wherein
in relation to said controlling, the method further comprises checking, based on said information on said position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling, whether at least one entity of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
5. The method according to claim 3 or 4, wherein
in relation to said controlling, the method further comprises
ascertaining, whether said terminal to be intercepted is located within said predetermined area.
6. The method according to any of claims 3 to 5, wherein
in relation to said controlling, the method further comprises
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located within said predetermined area.
7. The method according to any of claims 3 to 6, wherein
in relation to said controlling, the method further comprises
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and at least one entity of a predetermined entity type of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
8. The method according to any of claims 3 to 7, wherein
in relation to said controlling, the method further comprises
inhibiting said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and no entity of a predetermined entity type of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
9. The method according to claim 7 or 8, wherein
said predetermined entity type is one of a telecommunications connection and a storage facility.
10. The method according to any of claims 3 to 9, wherein
said predetermined area is at least one of a predetermined physical realm and a predetermined jurisdictional realm.
11. The method according to any of claims 3 to 10, further comprising
subscribing, from said repository function entity, for each of said entity identifiers included in said communication session related control plane signaling, position change information.
12. The method according to claim 11, further comprising
receiving, from said repository function entity, said position change information for at least one of said entity identifiers included in said communication session related control plane signaling indicative of change of said position of said at least one of said entities identified by said at least one of said entity identifiers included in said communication session related control plane signaling, and
adapting said controlling said interception processing for said communication session terminated at said terminal to be intercepted based on said position change information for said at least one of said entity identifiers included in said communication session related control plane signaling.
13. A method of a repository function entity in a lawful interception compound, comprising
receiving, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier, obtaining, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and
transmitting, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
14. The method according to claim 13, further comprising
receiving, from a network function entity, a subscription request for position change information for said at least one entity identified by said respective entity identifier.
15. The method according to claim 14, further comprising
monitoring said position of said at least one entity identified by said respective entity identifier, and
if a change of said position of said at least one entity identified by said respective entity identifier is detected,
transmitting, to said network function entity, said position change information for said at least one entity identified by said respective entity identifier indicative of said change of said position of said at least one entity identified by said respective entity identifier.
16. The method according to any of claims 13 to 15, wherein
said information on said position of said at least one entity identified by said respective entity identifier is configured by one of a virtual network function managing entity either directly or via an element managing entity, and a network functions virtualization orchestrator entity via an operating support system and/or a business support system.
17. The method according to any of claims 13 to 16, wherein
said information on said position of said at least one entity identified by said respective entity identifier is at least one of information indicative of a physical location of said at least one entity identified by said respective entity identifier and information indicative of whether said at least one entity identified by said respective entity identifier is located within at least one of a predetermined physical realm and a predetermined jurisdictional realm or not.
18. A method of a network function entity in a lawful interception compound, comprising
receiving communication session related control plane signaling related to a communication session,
editing said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and
forwarding said communication session related control plane signaling.
19. The method according to claim 18, further comprising
retrieving, from said communication session related control plane signaling, said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
20. The method according to claim 19, wherein
if said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area is indicative of that said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area, in relation to said editing, the method further comprises
maintaining said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
21. The method according to claim 19 or 20, wherein if a position of said network function entity is located within said predetermined area, the method further comprises
modifying said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area to indicate that said least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
22. The method according to claim 21, wherein
said position of said network function entity is configured by one of a virtual network function managing entity, a network functions virtualization orchestrator entity, an operating support system and a business support system.
23. The method according to any of claims 19 to 22, further comprising
controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
24. The method according to claim 23, wherein
in relation to said controlling, the method further comprises
ascertaining, whether said terminal to be intercepted is located within said predetermined area.
25. The method according to claim 23 or 24, wherein
in relation to said controlling, the method further comprises
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located within said predetermined area.
26. The method according to any of claims 23 to 25, wherein
in relation to said controlling, the method further comprises
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and said at least one entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
27. The method according to any of claims 23 to 26, wherein
in relation to said controlling, the method further comprises
inhibiting said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and no entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
28. The method according to any of claims 23 to 27, further comprising
receiving position change information indicative of a change of a position of a broadcasting communication session node of said communication session terminated at said terminal to be intercepted, and
adapting said controlling said interception processing for said communication session terminated at said terminal to be intercepted based on said position change information.
29. The method according to any of claims 18 to 28, further comprising
monitoring an own position of said network function entity, and if a change of said own position of said network function entity is detected, broadcasting, to each of communication session nodes of said communication session, position change information indicative of said change of said own position of said network function entity.
30. The method according to any of claims 18 to 29, wherein
said predetermined entity type is one of a telecommunications connection and a storage facility.
31. The method according to any of claims 18 to 30, wherein
said predetermined area is at least one of a predetermined physical realm and a predetermined jurisdictional realm.
32. The method according to any of claims 18 to 31, wherein
said information on whether at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area comprises own leg information on whether at least one entity of said predetermined entity type as said communication session node of an own leg of said communication session and being a conference communication is located within said predetermined area and remote leg information on whether at least one entity of said predetermined entity type as said communication session node of a remote leg of said communication session and being said conference communication is located within said predetermined area.
33. An apparatus of a network function entity in a lawful interception compound, the apparatus comprising
at least one processor,
at least one memory including computer program code, and
at least one interface configured for communication with at least another apparatus,
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : receiving communication session related control plane signaling related to a communication session, adding, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and
forwarding said communication session related control plane signaling.
34. The apparatus according to claim 33, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : retrieving, from said communication session related control plane signaling, entity identifiers included in said communication session related control plane signaling, and
requesting, from a repository function entity, for each of said entity identifiers included in said communication session related control plane signaling, information on a position of each of entities respectively identified by said entity identifiers included in said communication session related control plane signaling.
35. The apparatus according to claim 34, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on said information on a position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling and a predetermined area.
36. The apparatus according to claim 35, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
checking, based on said information on said position of each of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling, whether at least one entity of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
37. The apparatus according to claim 35 or 36, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
ascertaining, whether said terminal to be intercepted is located within said predetermined area.
38. The apparatus according to any of claims 35 to 37, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located within said predetermined area.
39. The apparatus according to any of claims 35 to 38, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and at least one entity of a predetermined entity type of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
40. The apparatus according to any of claims 35 to 39, wherein in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
inhibiting said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and no entity of a predetermined entity type of said entities respectively identified by said entity identifiers included in said communication session related control plane signaling is located within said predetermined area.
41. The apparatus according to claim 39 or 40, wherein
said predetermined entity type is one of a telecommunications connection and a storage facility.
42. The apparatus according to any of claims 35 to 41, wherein
said predetermined area is at least one of a predetermined physical realm and a predetermined jurisdictional realm.
43. The apparatus according to any of claims 35 to 42, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : subscribing, from said repository function entity, for each of said entity identifiers included in said communication session related control plane signaling, position change information.
44. The apparatus according to claim 43, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : receiving, from said repository function entity, said position change information for at least one of said entity identifiers included in said communication session related control plane signaling indicative of change of said position of said at least one of said entities identified by said at least one of said entity identifiers included in said communication session related control plane signaling, and
adapting said controlling said interception processing for said communication session terminated at said terminal to be intercepted based on said position change information for said at least one of said entity identifiers included in said communication session related control plane signaling.
45. An apparatus of a repository function entity in a lawful interception compound, the apparatus comprising
at least one processor,
at least one memory including computer program code, and
at least one interface configured for communication with at least another apparatus,
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : receiving, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier,
obtaining, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and
transmitting, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
46. The apparatus according to claim 45, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : receiving, from a network function entity, a subscription request for position change information for said at least one entity identified by said respective entity identifier.
47. The apparatus according to claim 46, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : monitoring said position of said at least one entity identified by said respective entity identifier, and
if a change of said position of said at least one entity identified by said respective entity identifier is detected,
transmitting, to said network function entity, said position change information for said at least one entity identified by said respective entity identifier indicative of said change of said position of said at least one entity identified by said respective entity identifier.
48. The apparatus according to any of claims 45 to 47, wherein
said information on said position of said at least one entity identified by said respective entity identifier is configured by one of a virtual network function managing entity either directly or via an element managing entity, and a network functions virtualization orchestrator entity via an operating support system and/or a business support system.
49. The apparatus according to any of claims 45 to 48, wherein
said information on said position of said at least one entity identified by said respective entity identifier is at least one of information indicative of a physical location of said at least one entity identified by said respective entity identifier and information indicative of whether said at least one entity identified by said respective entity identifier is located within at least one of a predetermined physical realm and a predetermined jurisdictional realm or not.
50. An apparatus of a network function entity in a lawful interception compound, the apparatus comprising
at least one processor,
at least one memory including computer program code, and
at least one interface configured for communication with at least another apparatus,
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : receiving communication session related control plane signaling related to a communication session,
editing said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and
forwarding said communication session related control plane signaling.
51. The apparatus according to claim 50, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : retrieving, from said communication session related control plane signaling, said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
52. The apparatus according to claim 51, wherein
if said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area is indicative of that said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area, in relation to said editing, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform:
maintaining said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
53. The apparatus according to claim 51 or 52, wherein
if a position of said network function entity is located within said predetermined area, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
modifying said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area to indicate that said least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area.
54. The apparatus according to claim 53, wherein
said position of said network function entity is configured by one of a virtual network function managing entity, a network functions virtualization orchestrator entity, an operating support system and a business support system.
55. The apparatus according to any of claims 51 to 54, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : controlling, if said communication session is terminated at a terminal to be intercepted, an interception processing for said communication session terminated at said terminal to be intercepted based on said information on whether said at least one entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
56. The apparatus according to claim 55, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
ascertaining, whether said terminal to be intercepted is located within said predetermined area.
57. The apparatus according to claim 55 or 56, wherein in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located within said predetermined area.
58. The apparatus according to any of claims 55 to 57, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
performing said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and said at least one entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
59. The apparatus according to any of claims 55 to 58, wherein
in relation to said controlling, the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform :
inhibiting said interception processing for said communication session terminated at said terminal to be intercepted, if said terminal to be intercepted is located outside said predetermined area and no entity of said predetermined entity type as said communication session node of said communication session terminated at said terminal to be intercepted is located within said predetermined area.
60. The apparatus according to any of claims 55 to 59, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : receiving position change information indicative of a change of a position of a broadcasting communication session node of said communication session terminated at said terminal to be intercepted, and
adapting said controlling said interception processing for said communication session terminated at said terminal to be intercepted based on said position change information.
61. The apparatus according to any of claims 50 to 60, wherein
the at least one processor, with the at least one memory and the computer program code, being configured to cause the apparatus to perform : monitoring an own position of said network function entity, and if a change of said own position of said network function entity is detected, broadcasting, to each of communication session nodes of said communication session, position change information indicative of said change of said own position of said network function entity.
62. The apparatus according to any of claims 50 to 61, wherein
said predetermined entity type is one of a telecommunications connection and a storage facility.
63. The apparatus according to any of claims 50 to 62, wherein
said predetermined area is at least one of a predetermined physical realm and a predetermined jurisdictional realm.
64. The apparatus according to any of claims 50 to 63, wherein
said information on whether at least one entity of said predetermined entity type as said communication session node of said communication session is located within said predetermined area comprises own leg information on whether at least one entity of said predetermined entity type as said communication session node of an own leg of said communication session and being a conference communication is located within said predetermined area and remote leg information on whether at least one entity of said predetermined entity type as said communication session node of a remote leg of said communication session and being said conference communication is located within said predetermined area.
65. An apparatus of a network function entity in a lawful interception compound, the apparatus comprising
receiving circuitry configured to receive communication session related control plane signaling related to a communication session,
adding circuitry configured to add, to said communication session related control plane signaling, an own entity identifier, said own entity identifier identifying said network function entity, and
forwarding circuitry configured to forward said communication session related control plane signaling.
66. An apparatus of a repository function entity in a lawful interception compound, the apparatus comprising
receiving circuitry configured to receive, from a network function entity, a request for information on a position of at least one entity identified by a respective entity identifier,
obtaining circuitry configured to obtain, for each of said at least one entity identified by said respective entity identifier, said information on said position of said at least one entity identified by said respective entity identifier, and transmitting circuitry configured to transmit, to said network function entity, said information on said position of said at least one entity identified by said respective entity identifier.
67. An apparatus of a network function entity in a lawful interception compound, the apparatus comprising
receiving circuitry configured to receive communication session related control plane signaling related to a communication session,
editing circuitry configured to edit said communication session related control plane signaling to include information on whether at least one entity of a predetermined entity type as a communication session node of said communication session is located within a predetermined area, and forwarding circuitry configured to forward said communication session related control plane signaling.
68. A computer program product comprising computer-executable computer program code which, when the program is run on a computer, is configured to cause the computer to carry out the method according to any one of claims 1 to 12, 13 to 17 or 18 to 32.
69. The computer program product according to claim 68, wherein the computer program product comprises a computer-readable medium on which the computer-executable computer program code is stored, and/or wherein the program is directly loadable into an internal memory of the computer or a processor thereof.
PCT/EP2018/074011 2018-09-06 2018-09-06 Coordinated lawful interception WO2020048600A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2018/074011 WO2020048600A1 (en) 2018-09-06 2018-09-06 Coordinated lawful interception

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2018/074011 WO2020048600A1 (en) 2018-09-06 2018-09-06 Coordinated lawful interception

Publications (1)

Publication Number Publication Date
WO2020048600A1 true WO2020048600A1 (en) 2020-03-12

Family

ID=63528776

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2018/074011 WO2020048600A1 (en) 2018-09-06 2018-09-06 Coordinated lawful interception

Country Status (1)

Country Link
WO (1) WO2020048600A1 (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1460876A2 (en) * 2003-03-18 2004-09-22 Openwave Systems Inc. Lawful intercept service
WO2016060597A1 (en) * 2014-10-16 2016-04-21 Telefonaktiebolaget L M Ericsson (Publ) Lawful intercept management modules and methods for li configuration of an internal interception function in a cloud based network

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1460876A2 (en) * 2003-03-18 2004-09-22 Openwave Systems Inc. Lawful intercept service
WO2016060597A1 (en) * 2014-10-16 2016-04-21 Telefonaktiebolaget L M Ericsson (Publ) Lawful intercept management modules and methods for li configuration of an internal interception function in a cloud based network

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
"Lawful Interception (LI); Cloud/Virtual Services (CLI);Cloud_Output_DenHaag_CM_LI(14)R31028", ETSI DRAFT; CLOUD_OUTPUT_DENHAAG_CM_LI(14)R31028, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI), 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS ; FRANCE, vol. LI, no. V0.4.0, 8 May 2014 (2014-05-08), pages 1 - 107, XP014182850 *
"Network Feature Virtualisation; Security; Lawful Interception problem statement and consequences for NFV;ETSI GS abc xxx", ETSI DRAFT; ETSI GS ABC XXX, EUROPEAN TELECOMMUNICATIONS STANDARDS INSTITUTE (ETSI), 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS ; FRANCE, vol. ISG - NFV, no. V0.0.6, 14 May 2015 (2015-05-14), pages 1 - 28, XP014241999 *
TR TKÜV: "Technische Richtlinie zur Umsetzung gesetzlihcer Massnahmen zur Ueberwachung der Telekommunikation, Erteilung von Auskuenften", 14 June 2017 (2017-06-14), Internet, pages 1 - 185, XP055590841, Retrieved from the Internet <URL:https://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Anbieterpflichten/OeffentlicheSicherheit/TechnUmsetzung110/Downloads/TR%20TKUEV%20Version%207.0%20pdf%20deutsch.pdf?__blob=publicationFile&v=1> [retrieved on 20190522] *

Similar Documents

Publication Publication Date Title
US9294618B2 (en) Call-back to a UE that has made an emergency call via a visited IMS network
US9560082B2 (en) Method and network device establishing a binding between a plurality of separate sessions in a network
JP5032462B2 (en) CS and PS registration cooperation method in multi-operator core network
CN107006042B (en) Configuration techniques for emergency sessions
US11824903B2 (en) Voice service restoration after element failure
US20190380028A1 (en) User equipment identity implementation in mobile edge scenarios
US8675640B2 (en) Method, apparatus, and system for connecting to called terminal
US10447650B2 (en) Method of dynamic updating of information obtained from a DNS server
US8335485B2 (en) Call routing
WO2013156061A1 (en) Failure handling within a network implementing srvcc
US20220060521A1 (en) Automated IPv4-IPv6 Selection for Voice Network Elements
WO2013163945A1 (en) Method for reporting machine type communication event and device thereof
CN106941669B (en) Wireless communication method and P-CSCF (proxy Call Session control function) equipment
EP2898647B1 (en) Methods and apparatus for processing an ims session
US10397965B2 (en) System and method of determining real-time location and status of voice-over Wi-Fi (VoWiFi) users in heterogeneous network environment
US9648050B2 (en) Routing of a service request aimed at an IMS subscriber
WO2020143917A1 (en) Interception of unsuccessful communication attempts
WO2020048600A1 (en) Coordinated lawful interception
US20150264629A1 (en) User location based network registration
WO2020147974A1 (en) Lawful interception for international communication
EP2418818B1 (en) Network entity for managing communications towards a user entity over a communication network
KR102286082B1 (en) Vioce call service swiching system, gateway apparatus and service swiching apparatus and control method each of them
KR102094206B1 (en) Vioce call service swiching system, gateway apparatus and service swiching apparatus and control method each of them
EP3079332B1 (en) Trusted user location information for users accessing a trusted domain via an un-trusted network
WO2017041818A1 (en) Emergency call domain transfer in a mobile communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18766219

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18766219

Country of ref document: EP

Kind code of ref document: A1