DESC:
FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003

COMPLETE SPECIFICATION
(See section 10 and rule 13)
1. TITLE OF THE INVENTION
SYSTEM AND METHOD OF TRACING CALL FLOW DATA OF A USER IN A NETWORK
2. APPLICANT(S)
NAME NATIONALITY ADDRESS
JIO PLATFORMS LIMITED INDIAN OFFICE-101, SAFFRON, NR. CENTRE POINT, PANCHWATI 5 RASTA, AMBAWADI, AHMEDABAD 380006, GUJARAT, INDIA
3.PREAMBLE TO THE DESCRIPTION

THE FOLLOWING SPECIFICATION PARTICULARLY DESCRIBES THE NATURE OF THIS INVENTION AND THE MANNER IN WHICH IT IS TO BE PERFORMED.

FIELD OF THE INVENTION
[0001] The present disclosure relates to wireless networks, more particularly relates to system and method of tracing call flow data of a user in networks.
BACKGROUND OF THE INVENTION
[0002] The emergence of 5th Generation (5G) networks offers substantial improvements in data speeds, latency, and connectivity, enabling a wide range of applications and services. Within such networks, Network Functions (NFs) play a crucial role in facilitating communication between various components of the network. An SCP (Service Communication Proxy) manages communications between various network functions (NFs). The SCP proxy effectively interconnects all Network Functions (NFs) and facilitating seamless communication between them. This positions the SCP Proxy as an optimal candidate for tracing the progression of call flows for individual users or IMSIs (International Mobile Subscriber Identities). It is required in the SCP Proxy to trace these call flows comprehensively from start to finish.
[0003] To ensure comprehensive tracing, the requirement is to log both request headers and data as well as response headers and data in user call flows. The logging of these data is necessary to track the sequence of actions during a communication session accurately. These data may be sensitive and private to User/IMSI. Due to the sensitive nature of subscriber data, it's crucial to log this information securely. Encrypting the trace data adds a layer of protection against unauthorized access. Implementing encryption for communication between Network Functions (NFs) can lead to increased CPU usage, higher latency, and potential impacts on application performance. The encryption process is computationally intensive, causing delays in sending and receiving messages. This can negatively affect the user experience and overall system efficiency.
[0004] Balancing the need for security with maintaining performance efficiency is a critical consideration in this scenario. Thus, there exists a need to address the abovesaid critical challenges and explore encryption methods that minimize the impact on CPU resources, potentially leveraging hardware acceleration for encryption tasks. With the aim on the same, the present invention discloses a system and method for securely tracing user call flow data in 5G networks.
BRIEF SUMMARY OF THE INVENTION
[0005] One or more embodiments of the present disclosure provide a system and a method of tracing call flow data of a user in networks.
[0006] In one aspect of the present invention, a method of tracing call flow data of a user in a network is disclosed. The method includes the step of receiving, by the one or more processors, a command pertaining to trace the call flow data of the user from a network function. The method includes the step of adding, by the one or more processors, a random character set to an actual character set in response to receiving the command. The actual character set includes the request and response data of the call. The method includes the step of shuffling, by the one or more processors, a result of the addition of the random character set and the actual character set to create a shuffled character set. The method includes the step of assigning, by the one or more processors, a unique index for each character of the shuffled character set to create a map of the unique index against each character of the shuffled character set. The method includes the step of encrypting, by the one or more processors, the map utilizing a public key. The method includes the step of translating, by the one or more processor, each character of the actual character set of the request and response data with the corresponding unique index from the created map. The method further includes the step of logging, by the one or more processors, the encoded translation via a log file to write logs pertaining to the call flow data into the log file, and thereby tracing the call flow data of the user.
[0007] In one embodiment, the command pertaining to trace the call flow data pertains to the user, based on at least one of, an International Mobile Subscriber Identity (IMSI).
[0008] In one embodiment, the random character set is created by the one or more processors utilizing dummy characters for the purpose of encoding.
[0009] In one embodiment, the public key is stored in a database unit subsequent to encryption of the map, wherein the public key is retrieved from the database unit in order to decode the map, and wherein the public key is at least one of a Rivest, Shamir, Adleman (RSA) public key.
[0010] In one embodiment, the logging of the encoded request and response data is continued until the trace command is disabled for the user.
[0011] In one embodiment, the random character set includes at least one of, dummy characters for encoding.
[0012] In another aspect of the present invention, a system for tracing call flow data of a user in a network is disclosed. The system includes a Command Line Interface (CLI) module. The CLI module is configured to receive a command pertaining to trace the call flow data of the user from a network function. The system includes a logging module. The logging module is configured to add a random character set to an actual character set in response to receiving the command. The actual character set includes the request and response data of the call. The logging module is configured to shuffle a result of the addition of the random character set and the actual character set to create a shuffled character set. The logging module is configured to assign a unique index for each of the characters of the shuffled character set to create a map of the unique index against each of the character of the shuffled character set. The logging module is configured to encrypt the map utilizing a public key. The logging module is configured to translate each character of the actual character set of the request and response data with the corresponding unique index from the created map. Further, the logging module is configured to log the encoded translation via a log file to write logs pertaining to the call flow data into the log file, and thereby tracing the call flow data of the user.
[0013] Other features and aspects of this invention will be apparent from the following description and the accompanying drawings. The features and advantages described in this summary and in the following detailed description are not all-inclusive, and particularly, many additional features and advantages will be apparent to one of ordinary skill in the relevant art, in view of the drawings, specification, and claims hereof. Moreover, it should be noted that the language used in the specification has been principally selected for readability and instructional purposes and may not have been selected to delineate or circumscribe the inventive subject matter, resort to the claims being necessary to determine such inventive subject matter.
BRIEF DESCRIPTION OF THE DRAWINGS
[0014] The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Some drawings may indicate the components using block diagrams and may not represent the internal circuitry of each component. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components, electronic components or circuitry commonly used to implement such components.
[0015] FIG. 1 is an exemplary block diagram of an environment for tracing call flow data of a user in a network, according to various embodiments of the present invention;
[0016] FIG. 2 is a schematic representation of the present system of FIG. 1 for tracing call flow data of a user in the network, according to various embodiments of the present invention;
[0017] FIG. 3 is a block diagram of an architecture that can be implemented in the system of FIG.2, according to one or more embodiments of the present invention;
[0018] FIG. 4 shows a flow diagram of a method for tracing call flow data of the user in the network, according to various embodiments of the present invention; and
[0019] FIG. 5 shows a flow chart illustrating a method for tracing call flow data of the user in the network, according to various embodiments of the present invention.
[0020] The foregoing shall be more apparent from the following detailed description of the invention.
DETAILED DESCRIPTION OF THE INVENTION
[0021] Some embodiments of the present disclosure, illustrating all its features, will now be discussed in detail. It must also be noted that as used herein and in the appended claims, the singular forms "a", "an" and "the" include plural references unless the context clearly dictates otherwise.
[0022] Various modifications to the embodiment will be readily apparent to those skilled in the art and the generic principles herein may be applied to other embodiments. However, one of ordinary skill in the art will readily recognize that the present disclosure including the definitions listed here below are not intended to be limited to the embodiments illustrated but is to be accorded the widest scope consistent with the principles and features described herein.
[0023] A person of ordinary skill in the art will readily ascertain that the illustrated steps detailed in the figures and here below are set out to explain the exemplary embodiments shown, and it should be anticipated that ongoing technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope and spirit of the disclosed embodiments.
[0024] As per various embodiments depicted, the present invention discloses the systems and methods for securely tracing user call flow data in 5G networks. The present invention provides a faster mechanism that improves system performance as well as protecting user data. In the present invention, a MAP of all the alphabets along with some dummy alphabets is created during tracing of a call flow data for a specific user. The map of all the alphabets provides randomness in the characters of the request and response. All the characters of the map are then shuffled, and each character in the shuffled set is assigned with a unique index. The created map is then encrypted using an RSA Public key. After the map is created and saved in a file, each character of log data is replaced with the corresponding unique index and the log file is written to complete the tracing.
[0025] Referring to FIG. 1, FIG. 1 illustrates an exemplary block diagram of an environment 100 for tracing call flow data in a network 104, according to one or more embodiments of the present invention. The environment 100 includes at least one User Equipment (UE) 102-1 configured to at least transmit a request from the at least one UE 102-1 to avail one or more services, such as, but not limited to, voice and data. At least one of the UE 102-1 from the one or more UEs 102-1, 102-2,…102-n is communicatively connected to a system 106 via a network 104. The one or more UEs 102-1, 102-2,…102-n will henceforth collectively and individually be referred to as “the UE 102” without limiting the scope and deviating from the scope of the present disclosure.
[0026] More information regarding the same will be provided with reference to the following figures.
[0027] In another embodiment, one or more services may not be limited to calling and may include messaging, delivering of multimedia.
[0028] The UE 102 includes, but are not limited to, a handheld wireless communication device (e.g., a mobile phone, a smart phone, a tablet device, and so on), a wearable computer device (e.g., a head-mounted display computer device, a head-mounted camera device, a wristwatch computer device, and so on), a Global Positioning System (GPS) device, a laptop computer, a tablet computer, or another type of portable computer, a media playing device, a portable gaming system, and/or any other type of computer device with wireless communication capabilities, and the like.
[0029] The environment 100 further includes a remote server 108 communicably coupled to the UE 102 via the network 104. The remote server 108 may include by way of example but not limitation, one or more of a standalone server, a server blade, a server rack, a bank of servers, a server farm, hardware supporting a part of a cloud service or system, a home server, hardware running a virtualized server, one or more processors executing code to function as a server, one or more machines performing server-side functionality as described herein, at least a portion of any of the above, some combination thereof. In an embodiment, the entity may include, but is not limited to, a vendor, a network operator, a company, an organization, a university, a lab facility, a business enterprise, a defense facility, or any other facility that provides content.
[0030] The network 104 includes, by way of example but not limitation, one or more of a wireless network, a wired network, an internet, an intranet, a public network, a private network, a packet-switched network, a circuit-switched network, an ad hoc network, an infrastructure network, a Public-Switched Telephone Network (PSTN), a cable network, a cellular network, a satellite network, a fiber optic network, or some combination thereof. The network 104 may include, but is not limited to, a Third Generation (3G), a Fourth Generation (4G), a Fifth Generation (5G), a Sixth Generation (6G), a New Radio (NR), a Narrow Band Internet of Things (NB-IoT), an Open Radio Access Network (O-RAN), and the like.
[0031] The network 104 includes, by the way of example but not limitation, one or more wireless interfaces/protocols such as, for example, 802.11 (Wi-Fi), 802.15 (including Bluetooth™), 802.16 (Wi-Max), 802.22, Cellular standards such as CDMA, CDMA2000, WCDMA, Radio Frequency (e.g., RFID), Infrared, laser, Near Field Magnetics, etc.
[0032] The environment further includes the system 106 communicably coupled to the remote server 108 and the UE 102 via the network 104. The system 106 is configured to trace a call flow data of the UE 102 in the network 104. Further, the system 106 is adapted to be embedded within the remote server 108 or is embedded as the individual entity. However, for the purpose of description, the system 106 is described as an integral part of the remote server 108, without deviating from the scope of the present disclosure.
[0033] Operational and construction features of the system 106 will be explained in detail with respect to the following figures.
[0034] Referring to FIG. 2, FIG. 2 illustrates a schematic representation of the present system 106 of FIG. 2 workflow, according to various embodiments of the present invention. As per the illustrated embodiment, the system 106 includes one or more processors 202, a memory 204, and Input/Output (I/O) user interface 206, a display 208, an input device 210 and a database 216. The one or more processors 202, hereinafter referred to as the processor 202 may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, state machines, logic circuitries, single board computers, and/or any devices that manipulate signals based on operational instructions. As per the illustrated embodiment, the system 106 includes one processor 202. However, it is to be noted that the system 106 may include multiple processors as per the requirement and without deviating from the scope of the present disclosure. Among other capabilities, the processor 202 is configured to fetch and execute computer-readable instructions stored in the memory 204.
[0035] The memory 204 may be configured to store one or more computer-readable instructions or routines in a non-transitory computer-readable storage medium, which may be fetched and executed to create or share data packets over a network service. The memory 204 may include any non-transitory storage device including, for example, volatile memory such as RAM, or non-volatile memory such as EPROM, flash memory, and the like. In an embodiment, the I/O user interface 206 includes a variety of interfaces, for example, interfaces for data input and output devices, referred to as Input/Output (I/O) devices, storage devices, and the like. The I/O user interface 206 facilitates communication of the system 106. In one embodiment, the I/O user interface 206 provides a communication pathway for one or more components of the system 106.
[0036] The I/O interface unit 206 may include functionality similar to at least a portion of functionality implemented by one or more computer system interfaces such as those described herein and/or generally known to one having ordinary skill in the art. The I/O interface unit 206 may be rendered on the display unit 208, implemented using LCD display technology, OLED display technology, and/or other types of conventional display technology. The display unit 208 is integrated within the system 106 or connected externally. Further the request may be configured to receive request, queries, or information from the user by using the input device 210. The input device 210 may include, but not limited to, keyboard, buttons, scroll wheels, cursors, touchscreen sensors, audio command interfaces, magnetic strip reader, optical scanner, etc.
[0037] The system 106, may further comprise the database 216. The database 216 may be communicably connected to the processor 202, and the memory 204. The database 216 is configured to store and retrieve the relevant call flow data and the log data of the call flow of the UE 102.
[0038] Further, the processor 202, in an embodiment, may be implemented as a combination of hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processor 202. In the examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the processor 202 may be processor-executable instructions stored on a non-transitory machine-readable storage medium and the hardware for processor 202 may comprise a processing resource (for example, one or more processors), to execute such instructions. In the present examples, the memory 204 may store instructions that, when executed by the processing resource, implement the processor 202. In such examples, the system 106 may comprise the memory 204 storing the instructions and the processing resource to execute the instructions, or the memory 204 may be separate but accessible to the system 106 and the processing resource. In other examples, the processor 202 may be implemented by electronic circuitry.
[0039] In order for the system 106 to trace the call flow data of the user in the network 104, the processor 202 includes a Command Line Interface (CLI) module 212 and a logging module 214, communicably coupled to each other. In an embodiment, the operations and functionalities of the CLI module 212 and the logging module 214, can be used in combination or interchangeably.
[0040] The CLI module 212 of the processor 202 is communicably connected to the UE 102 of the user, via the network 104. Accordingly, the CLI module 212 is configured to receive a command pertaining to trace the call flow data of the user from a Network Function (NF). In one embodiment, the command pertaining to trace the call flow data pertains to the UE 102, based on at least one of the IMSI of the UE 102. The command pertaining to trace the call flow data of the user is typically issued via a terminal or interface connected to the UE 102, where the user specifies the requirement to trace the call flow data. In one embodiment, the call flow data includes the request and the response data of the user call flow. The CLI module 212 interprets the details provided, such as the IMSI of the UE 102 or any specific tracing instructions. The CLI module 212 then communicates with a relevant Network Function (NF) responsible for handling the call flow data. The interaction involves querying the NF to retrieve the call flow data related to the specified UE 102.
[0041] In one embodiment, the NF is the Network Repository Function (NRF). The NRF provides the NF service registration and discovery. The NRF enables the NFs to identify appropriate services in the network 104. The NRF works as a centralized repository for all the NF in the operator’s network. Further, the NRF provides details of the at least one of the IMSI of the UE 102 of the user. The IMSI is stored in a subscriber identification module (SIM) inside the UE 102 and is transmitted by the UE 102 to the appropriate network in which the SIM is associated. In one embodiment, every UE 102 has an IMSI number stored within the SIM. When the UE 102 attempts to connect to the network 104, the Mobile Network Operators (MNOs) utilize the IMSI for the purposes of authentication. In an exemplary embodiment, when a new Session Management Function (SMF) is deployed in the network 104, the SMF registers itself with the NRF. During registration, the SMF provides details like its service capabilities, address, and any other relevant information.
[0042] The IMSI is a unique number that the MNO uses to recognize individual subscribers. Further, the IMSI consists of the Mobile Country Code (MCC) which defines the country a subscriber primarily operates within. In one embodiment, the MCC is either a two- or three-digit identifier used for identifying a subscriber associated with the specific MNO.
[0043] Based on receipt of the call flow data from the CLI module 212, the CLI module 212 transmits the received call flow data to the logging module 214 for further tracing process. The logging module 214 of the processor 202 is communicably connected to the CLI module 212. Upon receiving the tracing command of the call flow data of the user from the CLI module 212, the logging module 214 is configured to add a random character set to an actual character set. The logging module 214 is utilized for enhancing data security, obfuscation, or ensuring unique identification of the logged data. In one embodiment, the actual character set includes the request and response data of the call flow data of the user from the UE 102.
[0044] In one embodiment, the random character set is generated by the processors 202 of the system 106. The random character set includes a dummy character set for the purpose of encoding. The random character set is used to anonymize the data, protect user privacy, or differentiate between different log entries to avoid duplication or collision.
[0045] Further, the logging module 214 is configured to shuffle the result of the addition of the random character set to the actual character set. The shuffling typically involves rearranging the characters in the sequence in a random order. A random key is assigned to each character and then sorting the character set based on these keys, effectively randomizing the order. After the shuffling process is complete, the logging module 214 generates the shuffled character set. The shuffled character set is a final result, which is used for logging, anonymization, or security purposes.
[0046] In one embodiment, the actual character set includes an American Standard Code for Information Interchange (ASCII) character set. The ASCII is a character encoding standard for electronic communication. The ASCII codes represent text in computers, telecommunications equipment, and other devices.
[0047] The standard ASCII character set includes a binary value from 0 (000 0000) through 127 (111 1111), the characters a-z, A-Z, 0-9 and a selection of special characters such as punctuation marks.
[0048] In one embodiment, the dummy characters include a random non-ASCII character. The few non-ASCII character set are mentioned below:
© Copyright sign
® Registered sign
? Service mark
™ Trade mark sign
? Mill sign
¢ Cent sign
¤ Generic currency sign
€ Euro sign
£ Pound sign
¢ Costa Rica colon sign
¥ Japan yen sign
? Nigeria naira sign
? India (et al.) rupee sign
? South Korea won sign
? Thailand baht sign
? Vietnam dong sign
? Historical ECU sign
? Historical France franc sign
£ Historical Italy lira sign
P Historical Spain peseta sign
? Cr Historical Brazil cruzeiro sign
µ mu sign
[0049] In one embodiment, the logging module 214 is configured to assign a unique index for each of the characters of the shuffled character set. Upon shuffling, the sequence of characters is generated. In an example, the sequence of characters is “A2Bc7YZ891”. The logging module 214 assigns the unique index to each character in the shuffled set, typically starting from a base value (such as 0 or 1). Based on the example, the first character “A” is assigned the index “0”, the second character “2” is assigned the index “1”, the third character “B” is assigned the index “2”. The assigning process continues until each character in the shuffled set has a corresponding unique index. Based on assigning the unique index, the logging module 214 is configured to generate a map of the assigned unique index against each character of the shuffled character set.
[0050] The logging module 214 generates the map, typically as a dictionary or associative array, where each character is paired with its assigned unique index. Upon mapping of the assigned unique index, the map is stored in a data structure that allows the logging module 214 to reference the characters by their assigned unique index. The map is used for subsequent processing, retrieval, or validation steps.
[0051] In one embodiment, the unique indexes are the indexes that help in maintaining the data integrity by ensuring that no rows of data in a table have identical key values.
[0052] For example, in the Tabe 1
The actual character set includes (A1, A2, A3, A4, A5). The random characters set includes (R1, R2, R3, R4, R5). The shuffled character set includes (R4, A3, A5, R2, A1).
Actual Characters Random Characters Shuffled characters Index value Map
A1
A2
A3
A4
A5 R1
R2
R3
R4
R5 R4
A3
A5
R2
A1 I1
I2
I3
I4
I5 I0-A1, R1, R4
I1-A2, R2, A3
I2-A3, R3, A5
I3-A4, R4, R2
I4-A5, R5, A1

[0053] In one embodiment, the logging module 214 is configured to assign the unique index for each of the characters of the shuffled character set and generates the map of the assigned unique index against each character of the shuffled character set. After generating the map of the of the shuffled character set, the logging module 214 is further configured to encrypt the generated map of the shuffled character set by using a public key. The map, which contains the unique index and corresponding characters, is first serialized or converted into a format suitable for encryption, which involves turning the map into a string or binary data. The logging module 214 uses the public key, which is part of an asymmetric encryption system. The public key is typically provided by a trusted source and is used specifically for encrypting data.
[0054] In one embodiment, the public key is at least one of a Rivest, Shamir, Adleman (RSA) public key. In one embodiment, the RSA public key is a cryptographic algorithm used for a specific security services or purposes. The RSA public key enables public key encryption to secure sensitive data, particularly the call flow data of the user from the UE 102. The logging module 214 takes the serialized map and encrypts it using the public key. The public key is applied to the map data through the chosen encryption algorithm. During encryption, the map data is transformed into ciphertext, a scrambled and unreadable form of the data that can only be decrypted using the corresponding private key.
[0055] In one embodiment, the public key is stored in a database unit 216 subsequent to encryption of the generated map of the assigned unique index against each character of the shuffled character set. In another embodiment, the public key is retrieved from the database unit 216 in order to decode the generated map.
[0056] The logging module 214 is configured to translate each character of the actual character set of the call flow data with the corresponding encrypted generated map of the shuffled character set and further generates an encoded translation of the call flow data. If the map of the shuffled character set is encrypted, the logging module 214 must first decrypt it using the corresponding private key. This step recovers the original map that pairs each character of the shuffled set with its unique index. After decryption, the map is accessible in its original form, allowing the logging module 214 to use it for translation.
[0057] In one embodiment, the encoded translation of the call flow data is shown in the below table.
Actual Characters Random Characters Shuffled characters Index value Map Encoded translation
A1
A2
A3
A4
A5 R1
R2
R3
R4
R5 R4
A3
A5
R2
A1 I1
I2
I3
I4
I5 I0-A1, R1, R4
I1-A2, R2, A3
I2-A3, R3, A5
I3-A4, R4, R2
I4-A5, R5, A1 00010001
00100010
01000100
10001000
01000100
[0058] Each character in the actual character set is replaced with the corresponding character from the shuffled set, as dictated by the map. After all characters in the actual character set are translated using the map, the logging module 214 compiles the translated characters into a new sequence. The sequence of translated characters forms the encoded translation of the call flow data. This translation is effectively an encoded version of the original data, based on the shuffled character set. The encoded translation of the call flow data is generated and can be stored, transmitted, or further processed as needed. This encoded version protects the original data's integrity and ensures that it can only be understood by those who have access to the necessary decryption and translation keys.
[0059] The logging module 214 creates log data from the encoded translation. The log data includes the encoded call flow information that reflects the call flow events and data in an obscured format. Furthermore, the logging module 214 is configured to generate the log data of the encoded translation and maintain the log data pertaining to the call flow data into the database unit 216, and thereby tracing the call flow data of the UE 102. By storing the encoded translation in the database unit 216, the system can trace the call flow data associated with the UE 102.
[0060] In one embodiment, the log data includes information of operations, activities, usage patterns, what data were accessed and what changes were made to the data in the system 106.
[0061] In one embodiment, the logging of the encoded request and response data is continued until the trace command is disabled for the user. The logging of the encoded request and response data refer to the process of transforming the original call flow data into a different format that is typically obscured or secured through encoding mechanisms. The original request and response data are collected. The collected data may be formatted into a structured form suitable for encoding. The shuffled character set is used to replace the original characters. The shuffled character set is created by shuffling a predefined set of characters or symbols. Each character in the original request and response data is replaced by its corresponding character from the shuffled character set using the previously created map. The encoded data might be further encrypted using a cryptographic algorithm and a public key to enhance security. Encryption transforms the encoded data into an unreadable format that requires decryption to be understood. The result of the encoding process is a new version of the request and response data where the characters have been replaced according to the shuffled character set. The encoded data is not directly readable in its transformed form.
[0062] In an embodiment, the trace command is a specific instruction or set of instructions issued to the system to initiate and control the tracing of call flow data within the network 104. The trace commands are typically used in network management and troubleshooting to capture detailed information about network traffic, including requests and responses. In an example, to start tracing the call flow data for the user with IMSI 1234567890, issue the command: TRACE start --user=IMSI1234567890." If the user wants to trace the call flow data for the IMSI 1234567890 for a duration of 60 seconds, use the command: TRACE start --user=IMSI1234567890 --duration=60."
[0063] The logging module 216 is configured to log the encoded translation via the log file to write logs pertaining to the call flow data into the log file, and thereby tracing the call flow data of the user. The log file is designated or created where the encoded translation data is stored. The log file serves as a record of all logged data. The log file may be managed by the system to handle large volumes of data, ensuring that the file is properly formatted and accessible. The logging module 216 writes the encoded translation data into the log file. This operation involves appending or writing data in a structured format. Each entry in the log file corresponds to a piece of encoded call flow data, capturing the interactions between the user's device and the network 104.
[0064] By doing so, the sensitive call flow data of the user is secured from the hackers since the log data is maintained in the database 216 that does not have the map in the decrypted format. The central processing unit (CPU) cycle with a shorter cycle time is observed based on the tracing steps, since the characters of the call flow data are translated to other characters, which leads to faster processing and improves the system 106 performance.
[0065] FIG. 3 is a block diagram of an architecture 300 that can be implemented in the system of FIG.2, according to one or more embodiments of the present invention.
[0066] The CLI module 212 is communicably connected to the UE 102 of the user, via the network 104. Accordingly, the CLI module 212 is configured to receive the command pertaining to trace the call flow data of the user from the NF. In one embodiment, the command pertaining to trace the call flow data pertains to the UE 102, based on at least one of the IMSI of the UE 102. The command pertaining to trace the call flow data of the user is typically issued via a terminal or interface connected to the UE 102, where the user specifies the requirement to trace the call flow data. In one embodiment, the call flow data includes the request and the response data of the user call flow. The CLI module 212 interprets the details provided, such as the IMSI of the UE 102 or any specific tracing instructions. The CLI module 212 then communicates with a relevant NF responsible for handling the call flow data. The interaction involves querying the NF to retrieve the call flow data related to the specified UE 102.
[0067] The logging module 214 is configured to assign the unique index for each of the characters of the shuffled character set. Based on assigning the unique index, the logging module 214 is configured to generate a map of the assigned unique index against each character of the shuffled character set. The logging module 214 generates the map, typically as a dictionary or associative array, where each character is paired with its assigned unique index. Upon mapping of the assigned unique index, the map is stored in a data structure that allows the logging module 214 to reference the characters by their assigned unique index.
[0068] The logging module 214 is configured to encrypt the map utilizing the public key. In one embodiment, the public key is at least one of a Rivest, Shamir, Adleman (RSA) public key 302. In one embodiment, the RSA public key 302 is a cryptographic algorithm used for a specific security services or purposes. The RSA public key 302 enables public key encryption to secure sensitive data, particularly the call flow data of the user from the UE 102. The logging module 214 takes the serialized map and encrypts it using the public key. The RSA public key 302 is applied to the map data through the chosen encryption algorithm. During encryption, the map data is transformed into ciphertext, a scrambled and unreadable form of the data that can only be decrypted using the corresponding private key.
[0069] In one embodiment, the public key is stored in a database unit 216 subsequent to encryption of the generated map of the assigned unique index against each character of the shuffled character set. In another embodiment, the public key is retrieved from the database unit 216 in order to decode the generated map.
[0070] Upon receiving the command pertaining to trace the call flow data of the user from the NF and enabling the public key encryption to secure sensitive data, particularly the call flow data of the user from the UE 102 by the RSA public key 302, which are transmitted to a tracing module 306. The tracing module 306 is configured to transmit the public key encryption to create the RSA public key encrypted translation map 304 for tracing the call flow data of the user of the UE 102.
[0071] Further, the tracing module 306 is transmitted to a Hypertext Transfer Protocol/2.0 (HTTP/2.0) request and response translator module 308. The HTTP/2.0 request and response translator module 308 is responsible for translating, framing, and managing HTTP/2.0 requests and responses. The HTTP/2.0 request and response translator module 308 handles protocol conversion, frame management, header compression, flow control, error handling, priority management, and connection management. By performing these functions, the HTTP/2.0 request and response translator module 308 ensures efficient and correct processing of HTTP/2.0 communications, contributing to improved performance and reliability in web interactions.
[0072] Upon translating, framing, and managing the HTTP/2.0 requests and responses, the logging module 214 creates log data from the encoded translation. The log data includes the encoded call flow information that reflects the call flow events and data in an obscured format. Furthermore, the logging module 214 is configured to generate the log data of the encoded translation and maintain the log data pertaining to the call flow data into the database unit 216, and thereby tracing the call flow data of the UE 102. By storing the encoded translation in the database unit 216, the system can trace the call flow data associated with the UE 102.
[0073] FIG. 4 illustrates a flow chart of the method 400 of tracing call flow data of the user in the network 104, according to one or more embodiments of the present invention. The method 400 is adapted to trace the call flow data of the user in the network 104. For the purpose of description, the method 400 is described with the embodiments as illustrated in FIG 1 and should nowhere be construed as limiting the scope of the present disclosure.
[0074] At step 401, the method 400 includes the step of receiving the command pertaining to trace the call flow data of the UE 102 from the NF. In one embodiment, the command pertaining to trace the call flow data pertains to the UE 102. The UE 102 is identified based on the IMSI of the UE 102 of the user.
[0075] At step 402, the method 400 includes the step of adding the random character set to an actual character set in response to receiving the command for tracing the call flow data of the UE 102 from the CLI module 212. The actual character set includes the request and response data of the call flow data of the UE 102 of the user. The random character set is generated by the processors 202 of the system 106. The random character set includes the dummy character set for the purpose of encoding.
[0076] At step 403, the method 400 includes the step of shuffling the random character set and the actual character set to generate the shuffled character set.
[0077] At step 404, the method 400 includes the step of assigning the unique index for each character of the generated shuffled character set. Further, generates the map of the assigned unique index against each character of the shuffled character set.
[0078] At step 405, the method 400 includes the step of encrypting the generated map of the shuffled character set by using the public key. The public key is the RSA public key. The RSA public key enables the public key encryption, to secure the sensitive data, particularly the call flow data of the UE 102.
[0079] Further, the public key is stored in the database unit 216 subsequent to encryption of the generated map of the shuffled character set. In an embodiment, the public key is retrieved from the database unit 216 in order to decode the encrypted map of the shuffled character set.
[0080] At step 406, the method 400 includes the step of translating each character of the actual character set of the request and response data with the corresponding encrypted generated map of the shuffled character set and further generates an encoded translation of the call flow data.
[0081] At step 407, the method 400 includes the step of logging the encoded translation and maintaining the log data pertaining to the call flow data into the database unit 216, and thereby tracing the call flow data of the UE 102. The log data includes information of operations, activities, usage patterns, what data were accessed and what changes were made to the data in the system 106.
[0082] In one embodiment, the logging of the encoded request and response data is continued until the trace command is disabled for the user.
[0083] FIG. 5 shows the flow chart illustrating a method 500 for tracing call flow data of the user in the network 104, according to various embodiments of the present invention.
[0084] At step 501, the method 500 includes the step of receiving the command pertaining to trace the call flow data of the user from the NF by the CLI module 212. In one embodiment, the command pertaining to trace the call flow data pertains to the UE 102, based on at least one of the IMSI of the UE 102. The command pertaining to trace the call flow data of the user is typically issued via a terminal or interface connected to the UE 102, where the user specifies the requirement to trace the call flow data. In one embodiment, the call flow data includes the request and the response data of the user call flow. The CLI module 212 interprets the details provided, such as the IMSI of the UE 102 or any specific tracing instructions. The CLI module 212 then communicates with the relevant NF responsible for handling the call flow data. The interaction involves querying the NF to retrieve the call flow data related to the specified UE 102.
[0085] The IMSI is a unique number that the MNO use to recognize individual subscribers. Further, the IMSI consists of the Mobile Country Code (MCC) which defines the country a subscriber primarily operates within. In one embodiment, the MCC is either a two- or three-digit identifier used for identifying a subscriber associated with the specific MNO.
[0086] At step 502, the method 500 includes the step of upon receiving the tracing command of the call flow data of the user from the CLI module 212, the logging module 214 is configured to create the random character set to the actual character set. The logging module 214 is utilized for enhancing data security, obfuscation, or ensuring unique identification of the logged data. In one embodiment, the actual character set includes the request and response data of the call flow data of the user from the UE 102.
[0087] At step 503, the method 500 includes the step of mixing the random character set with the dummy character set and assigning each character with the unique index and creating the map. The logging module 214 is configured to assign the unique index for each of the characters of the shuffled character set and generates the map of the assigned unique index against each character of the shuffled character set. After generating the map of the shuffled character set, the logging module 214 is further configured to encrypt the generated map of the shuffled character set by using the public key. The logging module 214 uses the public key, which is part of an asymmetric encryption system. The public key is typically provided by a trusted source and is used specifically for encrypting data.
[0088] In one embodiment, the public key is stored in a database unit 216 subsequent to encryption of the generated map of the assigned unique index against each character of the shuffled character set. In another embodiment, the public key is retrieved from the database unit 216 in order to decode the generated map.
[0089] At step 504, the method includes the step of encrypting the map using the RSA public key and stored in the database unit 216 so that the public key is used to decode the encoded log files for future. The logging module 214 translates each character of the actual character set of the call flow data with the corresponding encrypted generated map of the shuffled character set and further generates an encoded translation of the call flow data. If the map of the shuffled character set is encrypted, the logging module 214 must first decrypt it using the corresponding private key. This step recovers the original map that pairs each character of the shuffled set with its unique index. After decryption, the map is accessible in its original form, allowing the logging module 214 to use it for translation.
[0090] At step 505, the method includes the step of replacing the character with the corresponding ID from the created map for each HTTP request and response.
[0091] At step 506, the method includes the step of logging the encoded HTTP request and response based on replacing the character with the corresponding ID from the created map for each HTTP request and response.
[0092] At step 507, the method includes the step of determining whether the trace command is disabled for the user. If the trace command is disabled for the user, the tracing the call flow data of the UE 102 of the user is stopped. At step 508, if the trace command is not disabled for the user, again the step 505 continues, replacing the character with the corresponding ID from the created map for each HTTP request and response.
[0093] In an embodiment, the present invention further discloses a non-transitory computer-readable medium having stored thereon computer-readable instructions. The computer-readable instructions are executed by a processor 400.The processor 400 is configured to receive a command pertaining to trace the call flow data of the user from a network function. The processor 400 is further configured to add a random character set to an actual character set in response to receipt of the command, the actual character set includes the request and response data of the call. The processor 400 is further configured to shuffle as a result of the addition of the random character set and the actual character set to create a shuffled character set. The processor 400 is further configured to assign a unique index for each of the characters of the shuffled character set to create a map of the unique index against each of the character of the shuffled character set. The processor 400 is configured to encrypt the map utilizing a public key. The processor 400 is configured to translate each character of the actual character set of the request and response data with the corresponding unique index from the created map. The processor 400 is further configured to log the encoded translation via a log file to write logs pertaining to the call flow data into the log file, and thereby tracing the call flow data of the user.
[0094] A person of ordinary skill in the art will readily ascertain that the illustrated embodiments and steps in description and drawings (FIG.1-5) are set out to explain the exemplary embodiments shown, and it should be anticipated that ongoing technological development will change the manner in which particular functions are performed. These examples are presented herein for purposes of illustration, and not limitation. Further, the boundaries of the functional building blocks have been arbitrarily defined herein for the convenience of the description. Alternative boundaries can be defined so long as the specified functions and relationships thereof are appropriately performed. Alternatives (including equivalents, extensions, variations, deviations, etc., of those described herein) will be apparent to persons skilled in the relevant art(s) based on the teachings contained herein. Such alternatives fall within the scope and spirit of the disclosed embodiments.
[0095] The present disclosure incorporates technical advancement by providing a faster and secure process of tracing the user call flow data within 5G networks. The method provides a faster and secure process since the method involves encryption and translation of characters into characters importing. The CPU cycle with a shorter cycle time is observed in the present invention since characters are translated into other characters. No data loss while encoding and decoding data. Further, encoded log does not require specialized handling. Very less latency is added between the request and response data. Further, the present invention secures the sensitive data of the user from hackers since the log data does not have the map in the decrypted format.
[0096] The present invention offers multiple advantages over the prior art and the above listed are a few examples to emphasize on some of the advantageous features. The listed advantages are to be read in a non-limiting manner.

REFERENCE NUMERALS
[0097] Environment - 100;
[0098] User Equipment- 102;
[0099] Network - 104;
[00100] System-106;
[00101] Server-108;
[00102] Processor(s) -202;
[00103] Memory- 204;
[00104] Input/Output (I/O) user interface-206;
[00105] Display- 208;
[00106] Input device-210;
[00107] Command Line Interface (CLI) module- 212;
[00108] Logging module-214;
[00109] Database unit-216;
[00110] RSA public key- 302;
[00111] RSA public key encrypted translation map – 304;
[00112] Tracing module- 306;
[00113] HTTP/2.0 request & response translator module- 308.
,CLAIMS:CLAIMS
We Claim
1. A method (300) of tracing call flow data of a user in a network (104), the method (300) comprising the steps of:
receiving (301), by the one or more processors (202), a command pertaining to trace the call flow data of the user from a network function;
adding (302), by the one or more processors (202), a random character set to an actual character set in response to receiving the command, the actual character set includes the request and response data of the call;
shuffling (303), by the one or more processors (202), a result of the addition of the random character set and the actual character set to create a shuffled character set;
assigning (304), by the one or more processors (202), a unique index for each character of the shuffled character set to create a map of the unique index against each character of the shuffled character set;
encrypting (305), by the one or more processors (202), the map utilizing a public key;
translating (306), by the one or more processor (202), each character of the actual character set of the request and response data with the corresponding unique index from the created map; and
logging (307), by the one or more processors (202), the encoded translation via a log file to write logs pertaining to the call flow data into the log file, and thereby tracing the call flow data of the user.

2. The method (300) as claimed in claim 1, wherein the command pertaining to trace the call flow data pertains to the user, based on at least one of, an International Mobile Subscriber Identity (IMSI).

3. The method (300) as claimed in claim 1, wherein the random character set is created by the one or more processors (202) utilizing dummy characters for the purpose of encoding.

4. The method (300) as claimed in claim 1, wherein the public key is stored in a database unit (216) subsequent to encryption of the map, wherein the public key is retrieved from the database unit (216) in order to decode the map, and wherein the public key is at least one of a Rivest, Shamir, Adleman (RSA) public key.

5. The method (300) as claimed in claim 1, wherein the logging of the encoded request and response data is continued until the trace command is disabled for the user.

6. A system (106) for tracing call flow data of a user in a network (104), the system comprising:
a Command Line Interface (CLI) module (212) configured to, receive, a command pertaining to trace the call flow data of the user from a network function;
a logging module (214) configured to:
add, a random character set to an actual character set in response to receiving the command, the actual character set includes the request and response data of the call;
shuffle, a result of the addition of the random character set and the actual character set to create a shuffled character set;
assign, a unique index for each of the character of the shuffled character set to create a map of the unique index against each of the character of the shuffled character set;
encrypt, the map utilizing a public key;
translate, each character of the actual character set of the request and response data with the corresponding unique index from the created map; and
log, the encoded translation via a log file to write logs pertaining to the call flow data into the log file, and thereby tracing the call flow data of the user.

7. The system (106) as claimed in claim 6, wherein the command pertaining to trace the call flow data pertains to the user, based on at least one of, an International Mobile Subscriber Identity (IMSI).

8. The system (106) as claimed in claim 6, wherein the random character set is created by the one or more processors (202) utilizing dummy characters for the purpose of encoding.

9. The system (106) as claimed in claim 6, wherein the public key is stored in a database unit (216) subsequent to encryption of the map, wherein the public key is retrieved from the database unit (216) in order to decode the map, and wherein the public key is at least one of a Rivest, Shamir, Adleman (RSA) public key.

10. The system (106) as claimed in claim 6, wherein the logging of the encoded request and response data is continued until the trace command is disabled for the user.