PKI Interception and Monitoring Systems
Total Page:16
File Type:pdf, Size:1020Kb
INTERCEPTION AND MONITORING SYSTEMS PKI ELECTRONIC INTELLIGENCE GmbH GERMANY Interception and Monitoring Systems PKI 1100 Interception Management System PKI 1100 is a complex data monitoring system PKI 1100 can be connected to a wide variety of • Report and logging function for the security and control of a country and its telecommunications networks, each system use is only allowed with the authorization by the being able to support multiple security agencies • The automatic self-check keeps the status security agencies. at the same time. In the process, a strict information of the connected interfaces separation between the security agencies is up to date For intelligence services, PKI 1100 is ensured. The system is a combination of indispensable. Recorded data are analysed, hardware and software to control all types of • Voice and data router, which duplicates the processed and saved. For the monitoring of monitoring activities from different network monitored traffic from the network to the suspects, there is no better way to obtain types. different MCs information about their communication in compliance with the existing law. The most important functions: Support of the most different • Interfaces to PSTN, ISDN, GSM, 3G, LTE, VoIP, telecommunications networks of multiple PKI quotations can only be made directly with the NGN and IP networks security agencies at the same time. relevant government agencies. Here, too, the prerequisite is to carry out a comprehensive • Support of several manufacturers for The most important advantages of the PKI 1100 consultation including an analysis of the proprietary network elements (X1, X2, X3) System: requirements in advance. • Real time overview of all markers, connections • Support of various telecommunications to the network providers and security agencies PKI 1100 can be smoothly integrated into providers (HI1, HI2, HI3) the network infrastructure of the • Each security agency has access to the list of telecommunications provider and controls the • Support of different MCs monitored network nodes, the type of monitoring of suspects or services in supported markers and manufacturer-specific accordance with the legal requirements. • Support of several security agencies options The PKI 1100 system offers connected MCs to • Strict separation of security agencies • Each security agency can view a list of its establish a controlled connection to the transition monitoring activities, the monitoring period and nodes of the network operator. The functionality • Meets the ETSI telecommunications monitoring the list of network elements for which the ensures that the monitoring requests sent by the standards activity is enabled. MC are transmitted to the correct transition nodes and in turn the monitored • Control of system usage by central assignment • If more than one security agency communications are forwarded to the of user rights and roles simultaneously monitors a target, PKI 1100 corresponding MCs. Catalogues are available for download at www.pki-electronic.com 2 Copyright even of extracts by PKI ELECTRONIC Interception and Monitoring Systems Production and Development ensures that each security agency receives a • ISDN (E-DSS1) • Open platform supporting future decoders separate copy of the monitored communication content and of the metadata. • SS7 (ISUP) • Indexing and processing engines automatically analyse large amounts of unstructured data • If monitored communication content or the • IP (UDP, TCP, RTP) metadata cannot be forwarded immediately • Highest security standards offer protection (if for example the connection between the PKI PKI Monitoring Centre against external intrusion and malicious content 1100 system and the security agency is Recording, processing, analysis of monitored such as viruses temporarily not available), PKI 1100 stores the telecommunications data in a buffer memory until it can be System architecture delivered; however, this is limited to a defined The PKI Monitoring Centre (MC) is a The standard configuration of the MC comprises data volume or a certain period. comprehensive platform to display, filter, save the following units: and analyse communication content from • All commands of PKI 1100 and their results are various telecommunications networks. Handover interfaces logged. The logs comprise and save both all • Connection to diverse standardized interfaces actions listed automatically by the system and The PKI MC is a comprehensive system including of network operators all user interactions. The logs are only both all necessary hardware and software. The accessible for the PKI 1100 system success of the tried and tested solution is based • Accept communication from different networks administrators. on more than 30 years of experience and the close cooperation with numerous satisfied • Convert different input formats into a uniform • Network environments whose day profiles customers worldwide. format Processing and storage show high traffic load peaks can be covered by using the load distribution functionality Security agencies and intelligence services use • Processes, controls and saves the monitored (option). this system to monitor suspects to obtain communication information about their communication in • The capacity of the PKI 1100 system can be compliance with the existing law. • Exports and imports data from/to other systems easily extended. The most important advantages and features of Display and evaluation Graphical user interface • As a result of the modular architecture, the PKI the PKI Monitoring Centre: to analyse monitored communication and to 1100 software can be distributed flexibly to the • Flexible, modular and scalable architecture for control the MC available hardware in order to achieve an connection to different networks, such as optimum processing speed. PSTN / ISDN, GSM, 3G, LTE, Next-Generation, Optional functions IP and VoIP networks Diverse analysis tools are available for the MC. Technical standards: Possible extensions are: • ETSI TS-133108 / 3GPP 33.108 • A wide variety of powerful analysis tools enabling comprehensive searches, voice PKI 1100 Information System • ETSI TS-102232-1 analyses, and site-based investigations The PKI Information System allows for the geographical monitoring of suspects in mobile • ETSI TS-102232-3 • Powerful decoders extracting content from the phone networks and shows the location of the recorded Internet traffic, Web 2.0 applications monitored persons and their movements on the • ETSI TS-102232-4 and smartphone apps map. This makes it easy to evaluate movement profiles and to recognize behavioural patterns of • ETSI TS-102232-5 • Ergonomically optimised user interface to persons. facilitate evaluation • ETSI TS-102232-6 Search engine • Markers can be controlled centrally by a flexible The scalable search engine module offers a Supported HI1/2 and X1/2/3 interfaces: system of rights and roles. search function which has been developed • Alcatel NTI especially for the current and future • The MC meets the legal and regulatory requirements of security agencies. It comprises • Ericsson IMS requirements through configurable workflows. all text information processed by the system. • Siemens/NSN PKI Monitoring Centre Voice recognition A turnkey solution preconfigured and tested for a The voice recognition module can recognize • Samsung smooth integration into existing network individual speakers as well as spoken language, infrastructures. gender, age group, key words. Moreover, it offers • SS8 XCPIO the option to convert language into text. Technical characteristics • Nokia • Supports ETSI, 3GPP, CALEA, SORM and a PKI 1100 Interception Management System wide variety of national standards for handover The PKI Interception Management System • Utimaco LIMS/RAI interfaces for circuit-switched telephony and IP enables security agencies to control complex data network topologies from different manufacturers • Huawei NGN and network providers. It provides a central • Regularly tested compatibility with the most provisioning interface to enable or disable • ZTE important network providers monitoring markers directly from the MC. Supported HI3 interfaces: • Scalable interfaces, processing bandwidth, • ISDN (DSS1) memory and number of users Tel.: +49(0)4154 - 98 96 32 • Fax: +49(0)4154 - 740 16 • E-mail: [email protected] Copyright even of extracts by PKI ELECTRONIC 3 Interception and Monitoring Systems GSM Monitoring ACTIVE General Function Mobile phone need contact to a base station to communicate. The active system simulates such a base station and thus enables absolute control of the mobile phones logged in there. The simulated base station allows to control unlimited numbers of mobile phones at the same time. The maximum possible configuration is 64 simultaneous monitored duplex conversations. The targets managed by the system are assigned to the channels on the fly. There is no fixed assignment of targets to dedicate active channels. The system’s principle of operation is as follows: When setting up the system the existing mobile networks are scanned and analysed. Based on this data the monitoring system blends in to the network infrastructure and represents the best possible cell for mobile phones close to the monitoring system. The mobile phones leave their cell and change to the monitoring system where the phones will be registered. In this moment the identity of the phones is gathered and the key for the encryption will be calculated. With this information a clone of target