Emergency Services & Regulatory Compliance
Internet Telephony Conference & Expo
February 5-7, 2003, Miami, FL
Cemal T. Dikmen, Ph.D.
SS8 Networks
General Manager
Lawful Intercept Products
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Agenda
1. CALEA

Introduction

Electronic Surveillance Model

Lawful intercept in VoIP network

Data Intercept
2. E.911

Basics of E.911

Routing & IN Functions

PSAP Functionality

Basic E.911 Architecture
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
2
Communications Assistance
for Law Enforcement Act
CALEA
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
3
Lawful Interception is …
… NOT about listening to people’s
private conversations.
It is about fighting organized crime
and terrorism.
It is about protecting the government
and the good citizens from
organized crime and terrorism.
It is about providing the necessary
tools to the Law Enforcement to do
their job better.
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
4
Market Conditions for Vendors
 Lawful Intercept is a regulatory mandate in US and in many
other countries with complex dynamics
 Market is mostly well defined and out there
 Predictable (because it is a mandate with certain timelines)
 Unpredictable (because of extensions for timelines)
 Variety of standards and proprietary switch interfaces
 Lawful Intercept is not revenue generating for the customer
 Nobody wants to buy anything unless they have to
 Everybody waits until the last moment
 Service Providers want to minimize the capital expenditure and the
operational cost without sacrificing quality  Cost and Quality are the
keys to success
 Products which can reduce the operational cost of lawful intercept
shall be the winners
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
5
CALEA Electronic Surveillance Model
Telecommunications Service Provider
Law Enforcement Agency
Court
Order
Provisioning
of Warrant
Provisioning
Access
Function
(AF)
Intercept
Access
Point
Call Data Events
Call Content
Proprietary
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Delivery
Function
(DF)
Call Data Channel
Collection
Function
(CF)
Call Content Channel
J-STD-025
PacketCable
ETSI
6
Lawful Intercept Technology Components
 Access Function (AF)
 Network Elements (CO Switches, Routers, Trunking Gateways, Softswitches,
CMTS) that provide access to and replication of intercepted traffic.
 Sniffers and splitters that can passively monitor network traffic
 Delivery Function (DF)
 Database of target and warrant information
 Provisioning interface
 Proprietary interfaces to AFs
 Standards based (J-STD-025, ETSI, TIIT, PacketCable) delivery of intercepted
traffic to CFs
 Collection Function (CF)
 Collects and records lawfully authorized intercepted communications (e.g., call
content) and call-identifying information for Law Enforcement Agencies
 Provides analysis tools to the Law Enforcement Agents
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
7
Lawful Intercept in VoIP Network
Service Provider Domain
Provisioning
of Warrant
LI Administration
Function
Gatekeeper,
SIP Proxy,
Call Agent
Law Enforcement
Collection Function
DELIVERY
FUNCTION
Customer
Premise IAD
(SIP, H.323, or MGCP
based Gateway)
Call
Control
Call
Control
RTP Stream
Target
Subscriber
Aggregation
Router
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Customer
Premise
IAD
Aggregation
Router
8
PacketCable Voice Intercept – Edge Routers
Service Provider Domain
Provisioning
of Warrant
LI Administration
Function
Gatekeeper,
SIP Proxy,
Call Agent
Law Enforcement
Collection Function
Admin
CDC
CDC
DELIVERY
FUNCTION
Customer
Premise IAD
(SIP, H.323, or MGCP
based Gateway)
Call
Control
COPS
Request
Call
Control
Voice
Packets
RTP Stream
Target
Subscriber
CCC
Aggregation
Router
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Customer
Premise
IAD
Aggregation
Router
9
PacketCable Voice Intercept – Trunking GW
Service Provider Domain
Provisioning
of Warrant
LI Administration
Function
Gatekeeper,
SIP Proxy,
Call Agent
Admin
CDC
Call
Forward to
PSTN
CDC
XCIPIO SSDF
DELIVERY
FUNCTION
CCC
MGCP
Target
Subscriber
Voice
Packets
Call
Control
Customer
Premise IAD
(SIP, H.323, or MGCP
based Gateway)
Law Enforcement
Collection Function
Call to
Target
PSTN
Aggregation
Router
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Gateway
Forwarded
Call
10
Proprietary Solutions – Edge Routers
Service Provider Domain
Provisioning
of Warrant
LI Administration
Function
Gatekeeper,
SIP Proxy,
Call Agent
Law Enforcement
Collection Function
Admin
CDC
CDC
DELIVERY
FUNCTION
Customer
Premise IAD
(SIP, H.323, or MGCP
based Gateway)
Call
Control
Proprietary
Request
Voice
Packets
Call
Control
RTP Stream
Target
Subscriber
CCC
Aggregation
Router
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Customer
Premise
IAD
Aggregation
Router
11
Proprietary Solutions – Trunking GW
Service Provider Domain
Provisioning
of Warrant
LI Administration
Function
Gatekeeper,
SIP Proxy,
Call Agent
Law Enforcement
Collection Function
Admin
CDC
Call
Forward to
PSTN
CDC
XCIPIO SSDF
DELIVERY
FUNCTION
CCC
Proprietary
Target
Subscriber
Voice
Packets
Call
Control
Customer
Premise IAD
(SIP, H.323, or MGCP
based Gateway)
Call to
Target
PSTN
Aggregation
Router
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
Gateway
Forwarded
Call
12
Data Intercept via Passive Monitoring
Service Provider Domain
Provisioning
of Warrant
LI Administration
Function
Law Enforcement
Collection Function
AAA Server
CDC
XCIPIO
IADF
DELIVERY
FUNCTION
Provisioning
SNIFFER
Report New
IP Address
Assigned
CCC
Report
Intercepted
Data
DHCP
Authenticate
SNIFFER
Data Stream
Target
Subscriber
Internet
Aggregation
Router
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
13
Technical Challenges
 It is extremely difficult to capture call identifying information and call
content in some of the call features, specifically for the features
implemented within the customer premise IAD.
 Some of the “FBI Punch List” items are extremely difficult to
implement since they involve call features implemented within the
customer premise IAD.
 Dialed Digit Extraction (another Punch List item) is also very difficult
to implement.
 Most of the network elements (Call Agents, Gatekeepers, Trunking
Gateways, Aggregation Routers, CMTS, etc.) need to support this
feature within the distributed IP environment.
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
14
Emergency Services
E.911
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
15
E.911 Basics
 E.911 establishes a regulatory framework for delivering
emergency services over telephony infrastructure
 Design and regulations were based on (then) existing circuit-
switched infrastructure
 Packet-based technologies present new challenges within the E.911 framework –
particularly as they relate to location
 Most VoIP deployments currently classify themselves as “secondary line” and
“exempt” from E.911 regulations
 E.911 infrastructure varies widely from large metropolitan areas to
small rural locations
 Metro areas are sophisticated and highly concentrated, operating 24x7
 Rural areas are often very distributed, only operative during parts of the day, and
can be quickly overloaded in the case of emergencies such as flooding, tornados,
etc.
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
16
Two Types of “E.911” Requirements
 Statutory Requirements
 Legal framework requiring carriers to provide Emergency Services
 Includes Lifeline (power from the switch)
 Includes 911 Services (routing, call camp, force line open, etc).
 Applies only to Primary Line services and can be waived by consent of the
customer
 DeFacto Requirements
 If a 911 call is dropped or lifeline not delivered, the carrier will most likely be sued
 Recent court judgments average around $30 million for successful plaintiffs
 Applies to secondary and primary line – if the victim can prove he/she did not
know this was a secondary line (there is no label on the phone), they will most
probably win the case
 VoIP is subject to DeFacto Emergency services today
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
17
Aspects of E.911 Service
Four Elements of an E.911 Service
 Lifeline: Providing power to the device in the case of power outage
 Signaling: Call state signaling between the switch and the E.911
trunks to the Public Safety Answering Point (PSAP)
 Routing and Name Delivery: Looking up calling party name and
address and determining optimal PSAP to send the call to (with
backup PSAPs in the case primaries are not available)
 PSAP Processing: Automatic Call Distributor (ACD) -level call
queuing and features executed at the PSAP
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
18
Lifeline
 Phone network does this over twisted pairs
 Most VoIP solutions are not offering lifeline or are using battery
backup
 Batteries are often larger and more expensive than the IP terminals
themselves
 A battery backup could double as a kitchen table
 Power over LAN solutions are now available but not widely deployed
 Lifeline will be provided by either the end-device manufacturer (battery
backup) or the IP network through an access router adjunct system
 Lifeline is currently the most difficult of the emergency services to
tackle for IP providers
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
19
Signaling
 E.911 calls are processed over dedicated trunks from the switch to the
PSAPs
 Most 911 trunks today are still MF-based
 Spec for SS7 was approved in the early 90s, but never widely deployed
 In addition to call setup, E.911 trunks must provide one-way call tear down
– only the receiving party can release the circuit.
 Few, if any, Media Gateway manufacturers support MF signaling to the
E.911 spec
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
20
Routing and IN Functions
 Intelligent Network functions are the core of E.911 services
 When a call is placed to E.911, the users name and location must be retrieved
 Based on location and factors like time of day, a PSAP route list is invoked
 Calls are routed to the correct E.911 trunk with delivery of calling party name
and address
 SS8 provides the IN functions for E.911 today (but assumes static location)
 Location is the big issue for call routing
 If the IP device can be assumed to reside at a static location, traditional E.911
services are easy to deliver
 However, this cannot be assumed – the user may take a SIP phone or end device
and plug it in to any LAN, register, and make calls
 Determining the location of the user is an ongoing issue – solutions such as GPS
have been proposed, but….
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
21
PSAP Functionality
 At each PSAP, the operator has a series of tools to answer, dispatch and
resolve an E.911 call
 PSAP tools are similar to those in a traditional call center, with specific
functionality for emergency services
 Much of this equipment is currently old and difficult to manage
 ACD functions such as queuing, prioritization, session keep-alive, recording,
and forwarding/pooling
 Currently, PSAPs only take PSTN trunks – eventually this will evolve to
complete IP connectivity between the network and the PSAP
 IP technology will actually improve many PSAPs by incorporating presence,
parallel forking, and PC integration
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
22
Elements of E.911 (where functions live)
 Lifeline
 End devices (battery) and/or network transmission
 Signaling
 Media Gateways supporting MF and E.911 SS7
 IN/Routing
 IN platform vendors such as SS8
 PSAP Call Control
 ACD and PBX providers, including E.911 providers like Entrado and
Telcontrol
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
23
A Basic E.911 Network Architecture
IP-Enabled PSAP
Call Routing, Location Services,
Calling Party Name/Address
(Overall Network Logic)
SIP
SERVICE
CONTROLER
Gatekeeper,
SIP Proxy,
Call Agent
IP
Access Network
SIP
Traditional PSAP
Carrier
Backbone
MGW
MF Trunks
MGCP/ SIP
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
24
Summary
 E.911 will become a major requirement for VoIP operators in the
near future
 Legal mandates are being avoided for the moment, but de facto
exposure still exists
 Primary line service is the 2004 goal for most operators
 Call Routing and Network logic is currently resolved by vendors like
SS8, but the issue of location is outstanding
 Lifeline power services are still evolving
 MF interfaces to legacy PSAPs
 Evolution of IP-Enabled PSAPs will streamline delivery and help
make PSAPs more efficient
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.
25
Thank You ! ! !
Cemal Dikmen
cemal.dikmen@SS8.com
Phone: +1.203.925.6185
http://www.ss8.com
Copyright © 2003, SS8 Networks, Inc. Proprietary. Do Not Copy or Distribute Without Permission.