Products

Lawful Interception (ALIS)  l   Data Retention (ADRIS)  l   Brochures

The ALIS Platform

The Aqsacom Lawful Interception System (ALIS) is the core product of Aqsacom. ALIS is essentially a mediation system that:

• Collects intercepted data and content from pertinent network elements
• Formats the collected intercepted data and content into standards-compliant data formats
• Delivers the formatted interception data and content to law enforcement

ALIS operates as a real-time mediation platform to satisfy a variety of lawful interception requests. It assures an interception implementation that is non intrusive, totally transparent and independent of the underlying connectivity technology.

The system's client/server layered architecture comprises two functional entities: ALIS-M for target provisioning and central system management and ALIS-D for the mediation and delivery of interception content.

ALIS-M is the management platform which manages the interception sessions, instructs the network elements to start / end interception, while constantly monitoring the status of the network elements to alert the network operator of a fault condition.

ALIS-D is the collection platform that receives the interception content and data from the network elements, formats this information, then sends the results to law enforcement.

The following figure provides an overview of the ALIS architecture:

Management and Provisioning

The management and provisioning entity, ALIS-M, holds the intelligence of the system and is responsible for the provisioning, workflow synchronisation, confidentiality and security of the access to the data. Multi-administration support and the provisioning features give the user an optimal flexibility and security to start, stop, query and modify lawful interception operations.

An array of interception criteria is supported by ALIS-M. These include MSISDN, IMSI, IMEI, IP address, Mac, address, User ID, Geographical criteria such Origin, destination or Cell ID etc.

The friendly graphical user interface (GUI) allows for the automation of many of the operational tasks like for example, the automatic triggering or stopping of an interception operation at a predefined date and time.

Consistency checks are used to guarantee the coherence between the data in the network internal interception functions and the interception specifications in ALIS?s database. Consistency checks can be initiated both manually and automatically. As historical data is paramount to law enforcement purposes, consistency check operations are systematically logged in the activity Log.

To allow for the provisioning operations to be performed by third party applications, Electronic Provisioning Processing Capabilities for 3rd party application is also supported.

Mediation

ALIS-d supports the mediation aspects of the lawful interception operations. AQSACOM?s patented technology of Network Connectors and Technology Connectors, ensure total network and vendor transparency.

Mediation operations are performed upon the interception content (IRI/CDC, CC/CCC) to match the format constraints imposed by the different regulatory bodies and standard organisations (e.g. ETSI, CALEA, ETSI-NL) or any other national requirement. Some of the technological areas covered by ALIS?s comprehensive mediation capabilities are:

• TDM coded voice for both PSTN and PLMN networks with support for the leading industry codecs, e.g. G711, G723.1, G729, etc.
• VoIP coded voice with support for the leading industry codecs, e.g. G711, G723.1, G729, etc.
• E-mail
• IP data streams, e.g. web pages, etc.

in short, everything over IP.

Delivery

ALIS-d supports the delivery requirements of the lawful interception operations. Delivery of the interception content is forwarded to the concerned LEA/MC using secure data links. Alternatively, delivery of the IRI/CII can be carried out using the Short Message Services (SMS). Delivery of the IRI/CII via a FAX is also supported. If required, the interception content can be buffered for a predefined time duration. Transfer to external medium such as DAT tape or a CDROM is also possible under special circumstances.

Delivery mechanisms based on open standards such as ROSE or FTP are used to communicate with the other components of the lawful interception chain. The security of the connections between the different elements is guaranteed by the usage of trusted paths with support for open standards like IPSEC and SSL.

Interception Access Points (IAP)

IAPs are the logical points within the carrier's network where the capture of the interception content takes place. These are implemented as either Internal Interception Functions (IIF) or by External Interception Functions (EIF). For those cases when no Internal Interception Function (IIF) is available in the network, ALIS can be enhanced with Interception Function capabilities and behave as a passive, non-intrusive information sniffer.

The following EIFs are part of the ALIS suite:

• SS7 Enabled EIF
• GPRS Enabled EIF
• SMS Enabled EIF
• E-mail Enabled EIF
• IP Enabled EIF
• VoIP Enabled EIF

Authentication, Access Methods and Security

Stringent system access control rules apply. Access can take place locally (e.g. through a LAN), remotely via a WAN or through remote access using a secure dial up connection with a user-identity exchange and a call-back procedure. The user authentication is performed over trusted paths and can take multiple forms, from entry of a User ID and Complex Password combination to authentication based a biometrics. ALIS supports biometric access control technology using finger or eye print reading. Access attempts using data about the target and the operator responsible for the provisioning of the operation are systematically time stamped and logged. Access to these data is subject to stringent authentication and authorization procedures including biometric access control and encryption algorithms. For optimal security, the information exchange between the access point (e.g. eye print reading device) and the user authentication entity is performed over a secure link with encryption. This makes biometrics access control a means to clearly identify who does what on the system.

Hardware

ALIS operates on commercial off-the-shelf Intel chassis running Windows Server (2000 or 2003), Linux, or Solaris. All network interface cards are also off-the-shelf, with no proprietary hardware required. Configurations are available that conform to a variety of installation mandates, including NEBS compliance.

High Reliability Operation

ALIS can be configured in a number of different configurations to assure uninterupted operation in the event of hardware, network, or other failure. For example, multiple ALIS-D platforms can be managed by a single ALIS-M platform. This configuration not only allows for failover from one ALIS-D platform to the other, it also enables the distribution of the mediation and delivery traffic flows over multiple ALIS-D systems. Such a configuration is especially useful when a carrier's network is distributed over many distant locations.

Data Retention: The Aqsacom Data Retention Intelligence System

Thanks to AQSACOM's award winning and well tested approaches to the lawful interception of communications traffic in multi-service environments, ADRIS (AQSACOM Data Retention Intelligence System) leverages AQSACOM's proven experience to solve the data retention challenges of today and of the future.

ADRIS delivers:

• A future-proof approach to data retention that adapts to evolutions in the regulatory and communications services environments. ADRIS will support the newly emerging data retention storage and delivery formats.
• True multiservice support. Thanks to the built-in network mediation capabilities of ADRIS, one ADRIS system supports the data retention needs for a variety of services, including wireline or wireless voice, voice-over-IP, and wireline or wireless IP services (email, messaging, web, P2P, etc.)
• Full protection of all retained data through a comprehensive data security scheme. AQSACOM applies the same rigorous security measures in the handling of retained data as it does in its lawful interception systems. ADRIS assures protection against network intrusion and unauthorized users through multiple levels of authentication. The system can also apply data encryption and authentication to both the storage and transport of retained data.
• Scalability. ADRIS' modular architecture, which is derived from AQSACOM's proven lawful interception technology, supports a scalable data retention solution that grows with the service provider's traffic flow and breadth of services.
• Long term viability. AQSACOM is now establishing partnerships with recognized vendors of storage systems and equipment. Such partnerships will ensure comprehensive, on-going support of ADRIS-based systems over the long term.

Technical Description of ADRIS

Three principal modules make up ADRIS (see figure below). The ADRIS Collection & Storage Module is responsible for the collection of retained data. This module can import transactional data from legacy platforms (e.g., billing systems) for non real time Data Retention; however, a more dynamic, future-proof application of this module is in the real time collection of live event data from switches, routers, probes, applications servers, and other network components . Once collected, the data are transformed on-the-fly (for real-time Data Retention) into an internal representation by the Data Collection Mediation Function, then sent to the Data Retention Repository (a large scale storage system). The ADRIS Consultation Module supports the querying of retained data that are stored in the Repository. This module contains the Retained Data Retrieval Function, which supports the Handover Interface (HI) with Law Enforcement Agencies to ensure a standards-compliant and secure means of requesting and obtaining the retained data. The Administration Module provisions ADRIS communications with the required Law Enforcement Agencies. This module also instructs the Data Collection Mediation Function and network elements on what data are to be collected, while monitoring the data collection and delivery operations.

Brochures