How to legally intercept IoT traffic at the network edge?

The increasing popularity of Internet of Things (IoT) applications and smart devices has led to the coexistence of 4G and 5G networks. Mobile network operators (MNOs) gain efficiencies and save costs by consolidating their lawful interception solutions.

These solutions are one of many sources for increasingly complex law enforcement missions, with the vast number of different devices connected to the internet. The range of potential sources of information under investigation presents unique challenges to legitimate intelligence gathering.

Multi-Purpose

IoT devices have a variety of uses including consumer, commercial and industrial, each of which offers different opportunities for useful interception. Even in the consumer sector, IoT applications include artificial intelligence assistants, smart home appliances, and critical safety systems for autonomous driving

To provide rapid response in these uses, mobile network operators place computer processing power close to the data Generate network edges for points. This is the foundation of Multi-Access Edge Computing (MEC), a core enabler of the Internet of Things.

In cloud-enabled network topologies, edge network services are dynamically created and eliminated as needed, making interception complex compared to older static networks with predictable structures. Additionally, data created and consumed at the edge does not return to the network core. Therefore, interception of this traffic must be done at the edge, which requires minute-by-minute responses to changing network topologies.

Custom Network

Services that perform 5G network workloads, such as User Plane Functions (UPF) and Virtual Radio Access Network (vRAN), based on virtual network functions (VNF), which replicates core network elements at the edge of the network.

These virtual functions are built to be wired together to implement more complex functionality and can be instantiated and terminated on demand at any edge location on the network.

For example, when a UPF instance is started at the edge of the network for packet delivery, the platform starts the Communication Content Packet Aggregator (CCPAG). It provides an X3 interface for transmitting locally intercepted traffic to a centralized intermediary entity, or directly to the requesting authority.

These dynamic architectures are often very complex and change rapidly, making software-defined networking (including features such as high-speed discovery and routing table updates) important in maintaining their performance

Information Centric Network

Information Centric Network (ICN) automates network discovery and visibility across dynamically defined networks. For example, if a local outage of UPF is established at the edge and a file cache is created there, the ICN service can identify changes to legitimate intelligence agencies, providing an up-to-date understanding of the local network environment.

Network slicing is one of the key technologies of 5G networks, which can provide different service levels in a general network. From a network traffic perspective, a slicing is a logical network overlay that allows traffic to be prioritized by service class

This allows critical flows with low latency and security requirements to have high priority, such as emergency call. These characteristics of network traffic are part of the complete picture required by intermediation platforms.

Unified interception of 4G and 5G

The transition from 4G to 5G networks is often gradual and uneven. On the one hand, many operators are offering 5G services through their 4G core. On the other hand, many are deploying 4G services using the same distributed cloud-native architecture as 5G. However, ETSI defines CCPAG as a 5G technology, which is a significant limitation in a world where MNO networks consist of various combinations of 4G and 5G technologies, including at the network edge.

The Content Packet Aggregator (XCPAG) uniquely extends CCPAG functionality beyond the 5G network to include 4G traffic. XCPAG supports interception of 5G and 4G data while maintaining CCPAG industry-standard fidelity, enabling it to interoperate with existing CCPAG implementations across vendors through a cloud-ready architecture. XCPAG is able to respond to network topology changes with low latency, including the instantiation of new VNFs.

Surges in network demand, such as major sporting events, may cause many VNFs to be launched at specific network edge sites. In addition to discovering and co-locating XCPAG instances where needed, the platform maintains security features and certificates to quickly establish and maintain secure connections to every on-demand 4G and 5G network element, allowing first responders to make Respond efficiently.

As more IoT devices connect to 4G and 5G networks, the ability to unify basic lawful intelligence functions across networks is critical to public safety.

The above is the detailed content of How to legally intercept IoT traffic at the network edge?. For more information, please follow other related articles on the PHP Chinese website!