Rohit Gupta Internet Draft Vivek Bansal draft-rogupta-hss-megaco-legal-intercept-00.txt Hughes Software Systems Expires: July 2003 December 2002 Legal Intercept Package for Megaco/H.248 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [7]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This document proposes a mechanism for MEGACO controlled legal intercept without the use of topology descriptor. Only call content duplication is addressed in this draft. The generation of call data information is outside the scope of this draft. Table of Contents Rohit, Vivek 1 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 Status of this Memo 1 Abstract 1 1. Introduction 3 2. Conventions used in this document 4 3. Legal Intercept Package 4 3.1. Properties 4 3.2. Events 8 3.3. Signals 8 3.4. Statistics 8 3.5. Procedures 8 4. Network Scenarios 10 5. Formal Syntax 12 6. Security Considerations 12 7. IANA Considerations 12 8. References 12 9. Acknowledgments 13 10. Author's Addresses 13 Rohit, Vivek 2 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 1. Introduction Legal Intercept is a regulatory requirement for most of the operators. It allows a Law Enforcement Agency to tap call information and possibly call content traffic in real-time for a specific set of subscribers. Topology descriptor is one of the well-understood methods to do legal intercept on a termination using MEGACO. However, support for Topology descriptor is optional in MEGACO. Besides this, numbers of forums have made this descriptor optional in their interoperability profiles. Since legal intercept is a regulatory requirement, providing support for this would be one of the key requirements for Media Gateway manufacturers. Thus a mechanism which allows legal intercept to be supported without the use of Topology descriptor is required. This draft is aimed at suggesting such a mechanism. A termination under intercept can be viewed as +---------------------------+ | | | | | | | +---------+ | -----+--+--->> +---------+-->> | | | | | T1 | | | | | T2 | | | | | <<----+--|--+-+ <<--------+---- | | | +---------+ | | | | | | | | Context | | | | | +--+--+---------------------+ | | | | | | v v v v Intercepted Stream The termination T1 is assumed to be under intercept and is in a call with termination T2. The media stream received and sent by T1 into Rohit, Vivek 3 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 the context is replicated according to the intercept format as agreed between the service provider and the intercept destination. Thus the intercept can be viewed as more of a termination property rather than a context level property. Termination T1 can take on any form, physical or ephemeral e.g. Analog line, RTP termination, ATM VC etc. It is also possible that simultaneously T2 be also under intercept, in which case another intercepted stream will emanate from T2. The proposed scheme uses the Local Control descriptor along with a new package (LI, defined later in the draft) to achieve this. The semantics of the Local Control descriptor remain unchanged. When intercept is to be enabled on the termination, the parameters are included in the Local Control descriptor. This is an indicator for the gateway to start media replication according to the parameters provided. Modification of the parameters in the updated Local Control descriptor in a subsequent command modifies the replication parameters. Similarly, the removal of parameters from the updated Local Control descriptor in a subsequent command turns off the media replication. Multimedia calls may involve multiple streams and the intercept authority may desire some or all of the streams in the call to be intercepted, for this reason the intercept parameters are inside the stream descriptor. 2. Conventions used in this document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [8]. 3. Legal Intercept Package PackageID: LI (??? To be registered with IANA) Version: 1 Extends: none. This package defines the properties and procedures to allow electronic surveillance on a termination. 3.1. Properties Rohit, Vivek 4 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 Call Content Connection Identifier ---------------------------------- PropertyID: CCCId (0x0001) The Call Content Connection Identifier parameter identifies the correlation Id used for correlating the Call Content with the Call Data at the receiving end. Each CCC Id is identified with a integer value. In case the mode of delivery of media streams towards intercept destination is "COMBINED", CCC Id is used for replicating media streams sent and received by the termination. In case the mode of media stream towards intercept destination is "SEPARATED", then CCC Id is used replicating media streams sent by the termination. Type: Integer Possible values: any possible positive integer value Defined in: LocalControlDescriptor Characteristics: Read/Write Separate Call Content Connection Identifier ---------------------------------- PropertyID: CCCIdSep (0x0002) Separate Call Connection Identifier would be used in case the mode of delivery of media streams towards the intercept destination is "SEPARATED". The CCCIdSep parameter will be used for replicating the media streams received by the termination. Type: Integer Possible values: any possible positive integer value Defined in: LocalControlDescriptor Characteristics: Read/Write Rohit, Vivek 5 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 Intercept Address ------------------ PropertyID: InterceptAddr (0x0003) This parameter identifies the intercept destination transport address to which the media streams are to be replicated. Syntax of the intercept address is as defined for "c=" line in the RFC 2327 for IN SDP and RFC 3108 for ATM SDP. Type: String Possible values: any text string Defined in: LocalControlDescriptor Characteristics: Read/Write Port Number ----------- PropertyID: PortNum (0x0004) If the intercept transport is IP based, then this parameter identifies the port number to be used in addition to the Intercept address parameter. Type: Integer Possible values: any value between 1024 to 65535 Defined in: LocalControlDescriptor Characteristics: Read/Write Delivery Mode --------------- PropertyID: DelvryMode (0x0005) Rohit, Vivek 6 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 This identifies the mode of delivery of media streams between the termination and the intercept destination. Possible values: "Combined" (0x0001) Combined CCC for media streams sent and received by the termination. "Separated" (0x0002) Separated CCC for media streams sent and received by the termination. +-------------------------+ | Context | | +----------+ | -------+--+---->> -+------+--->> | | | | | T1 | | | | | T2 <<-----+--+---++- <<------+----- | | |+----------+ | | | | | +--+---+------------------+ +-+-+- | | Intercepted Media Stream v in Combined Mode v +-------------------------+ | Context | | +----------+ | -------+-+----->> -+------+--->> | | | | | T1 | | | | |T2 <<-----+-|---+-+- <<------+----- | | | +----------+ | | | | | +-+---+-------------------+ | | | | | | Intercepted Media Stream v v in Separated Mode v v Defined in: LocalControlDescriptor Rohit, Vivek 7 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 Characteristics: Read/Write 3.2. Events None. 3.3. Signals None. 3.4. Statistics None. 3.5. Procedures Intercept will be enabled on a termination when ADD/MODIFY/MOVE command is received from MGC for the termination, containing the package parameters as defined above. The intercept will be disabled when SUBTRACT command is received on the same termination. For example, in a call, following ADD command when sent on the Analog termination will enable intercept. 1. If the delivery mode with intercept destination is combined. MEGACO/1 [123.123.123.4]:55555 Transaction = 50003 { Context = $ { Add = A5555 { Media { Stream = 1 { LocalControl { Mode = SendReceive, LI/CCCId = 1234, LI/InterceptAddr="IN IP4 111.111.111.111" LI/PortNum=1222, LI/Mode=Combined } }}, Events=1234{ al/on, dd/ce {DigitMap=Dialplan0}}, Signals {cg/dt}, DigitMap= Dialplan0{(8xxxxxxx)} }}} Rohit, Vivek 8 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 In this case the media streams sent and received by the termination under intercept (A5555) are replicated towards intercept destination address 111.111.111.111 and port number 1222. 2. If the delivery mode with intercept destination is separated. MEGACO/1 [123.123.123.4]:55555 Transaction = 50003 { Context = $ { Add = A5555 { Media { Stream = 1 { LocalControl { Mode = SendReceive, LI/CCCId = 1234, LI/CCCIdSep = 5678, LI/InterceptAddr="IN IP4 111.111.111.111" LI/PortNum=1222, LI/Mode=Separated } }}, Events=1234{ al/on, dd/ce {DigitMap=Dialplan0}}, Signals {cg/dt}, DigitMap= Dialplan0{(8xxxxxxx)} }}} Similarly, this command sent over the ephemeral termination, will enable intercept. 1. If the delivery mode with intercept destination is combined. MEGACO/1 [123.123.123.4]:55555 Transaction = 50003 { Context = $ { Add = $ { Media { Stream = 1 { LocalControl { Mode = SendReceive, LI/CCCId = 1234, LI/InterceptAddr="IN IP4 111.111.111.111" LI/PortNum=1222, LI/Mode=Combined }, Local { v=0 Rohit, Vivek 9 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 c=IN IP4 $ m=audio $ RTP/AVP 4 a=ptime:30 }} } } }} 4. Network Scenarios The scheme discussed above is general and can be applied in a variety of network configurations. Some of the network configurations are discussed here. These are however not an exhaustive list of scenarios. Intercept Access Point (IAP) located in the multi-tenant Residential Gateway under the control of the service provider. +-------------------+ | | | Media Gateway | | Controller | | | +--------^----------+ | |MEGACO | -- +--------v-----+ /\ -<<-->>+ +<<-->>> Analog | Residential | Terminations | Gateway | -- -<<-->>+ (IAP) |<<-->>> /\ +-------+------+ v +-----------v----------+ | | | | Intercept n/w | | | +----------------------+ Rohit, Vivek 10 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 Intercept Access Point (IAP) on the Cable/DSL based Access Network +-------------------+ | | | Media Gateway | | Controller | | | +--------^----------+ | |MEGACO GR303/V5.2 | | | Trunks +---------+ +---------+ | +---v------+ | | | | | V | | V |DSL/ <<---->> <<------->> Trunking <<====>> |Cable <<---->> Voice <<------->> Gateway <<====>> |Network <<---->> Gateway | | (IAP) | | | | <<------->> <<====>> | | | | | | | | | | | +---------+ +---------+ ++---------+ | | +----V-----------------+ | | | Intercept Network | | | +----------------------+ Rohit, Vivek 11 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 Intercept Access Point (IAP) on the PSTN Gateway +------------+ |Media | |Gateway | |Controller | +-----^------+ ^ |MEGACO | Residential | Gateway ----- V -- +-----+ / \ +-----V------+ Trunks /\ ---| <<->> Packet <---> PSTN =<=====>> | | | network | | Gateway | -- ---| <<->> <---> (IAP) =<=====>> /\ +-----+ \ / +--------+---+ ----- | v +--------v----+ | | | Intercept | | network | +-------------+ 5. Formal Syntax Not Applicable. 6. Security Considerations Security considerations are addressed as per Section 10 of RFC-3015 [1]. 7. IANA Considerations The package defined in this document is yet to be registered with IANA. 8. References Normative 1 Cuervo, et al., "Megaco Protocol Version 1.0", RFC 3015, November 2000 Rohit, Vivek 12 INTERNET-DRAFT Legal Intercept Package for Megaco/H.248 December 2002 2 Telcordia, "Lawful Access Feature: Switching Generic Requirements", GR 2973 CORE ISSUE 2, DECEMBER 1998 Informative 3 Bradner, S., "The Internet Standards Process -- Revision 3", BCP 9, RFC 2026, October 1996. 4 Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997 5 PacketCable(TM) Electronic Surveillance Specification, PKT-SP-ESP- D01-991028, October 28, 1999 9. Acknowledgments None 10. Author's Addresses Rohit Gupta Hughes Software Systems, Ltd. Gurgaon, Haryana, India. 122015. Phone: (91)-124-6346666.Ex-3299 Email: rogupta@hss.hns.com Vivek Bansal Hughes Software Systems, Ltd. Gurgaon, Haryana, India. 122015. Phone: (91)- 124-6346666.Ex-3603 Email: vibansal@hss.hns.com Rohit, Vivek 13