[VOIPSEC] Re: Voipsec Digest, Vol 2, Issue 33

Christopher A. Martin chris at infravast.com
Mon Feb 28 20:03:19 CST 2005 

I agree. The only problem that I see with using a session border controller
is that a change in the media st4ream for lawful intercept would be
detected, unless all media were forced to the SBC/carrier network...which
would be a huge source of inefficiency...

Christopher A. Martin
P.O. Box 1264
Cedar Hill, Texas 75106
Chris at InfraVAST.com

> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Geoff Devine
> Sent: Monday, February 28, 2005 7:47 AM
> To: Voipsec at voipsa.org
> Subject: Re: [VOIPSEC] Re: Voipsec Digest, Vol 2, Issue 33
> 
> "Robert Foxworth" <rfoxwor1 at tampabay.rr.com> writes:
> 
> > A minor point, but it occurs to me that it is not clear as to
> > whether you meant (1) that the subject of the intercept order
> > should not be able to detect that the sniffing is taking place,
> > i. e. detect that the sniffing is even happening, or (2) that
> > the subject, and/or the others with lawful orders etc. be able
> > to capture the actual data stream itself.
> 
> This isn't exactly a security topic but it's certainly related....
> 
> The requirements of J-STD-025 are that:
> A) The user under surveillance must not be able to detect that they are
> under surveillance
> 
> and
> 
> B) The privacy of the surveillance must be maintained.  (Nobody but the
> ILEC switch administrator who installs the taps is supposed to know
> about it)
> 
> CALEA requires that you provide a call content channel (voice) and a
> call detail channel (who they're talking to).  Historically, the CCC was
> always a T1 line and the CDC was a hairball ASN.1-encoded PDU over X.25
> or IP.
> 
> The CableLabs PacketCable approach to solving this is to add a
> capability to the CMTS (the box that drives a group of cable modems) to
> put specific RTP flows in an envelope tagged by a unique correlation ID
> and fire the packets off to a Lawful Intercept Delivery Function (DF).
> These flows are signaled to the CMTS from the soft switch over a
> COPS-based QoS interface.  Media Gateways are required to have a similar
> capability to handle corner cases where a call is redirected to voice
> mail.  The soft switch, CMTS, and Media Gateway also signal the Lawful
> Intercept Delivery Function (DF) over a RADIUS interface to provide the
> CDC.
> 
> This architecture was extended to handle SIP trunking between soft
> switch networks but the architecture falls over if the other network
> doesn't understand the PacketCable lawful intercept objects in the SIP
> signaling stream.  If a call comes in from a non-Cable SIP network like,
> say, Sprint and the call is forwarded back out the Sprint network,
> nobody is intercepting the call.  Eventually, they're going to be forced
> to introduce a session border controller into the mix to deal with that
> particular issue.
> 
> Geoff
> 
> 
> 
> _______________________________________________
> Voipsec mailing list
> Voipsec at voipsa.org
> http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list