DESC:
FORM 2
THE PATENTS ACT, 1970
(39 of 1970)
&
THE PATENTS RULES, 2003

COMPLETE SPECIFICATION
(See section 10 and rule 13)
1. TITLE OF THE INVENTION
METHOD AND SYSTEM FOR PERFORMING LAWFUL INTERCEPTION FOR MANAGING SERVICES IN A NETWORK
2. APPLICANT(S)
Name Nationality Address
JIO PLATFORMS LIMITED INDIAN Office - 101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad - 380006, Gujarat, India
3. PREAMBLE TO THE DESCRIPTION

The following specification particularly describes the invention and the manner in which it is to be performed.

RESERVATION OF RIGHTS
[001] A portion of the disclosure of this patent document contains material, which is subject to intellectual property rights such as, but are not limited to, copyright, design, trademark, integrated circuit (IC) layout design, and/or trade dress protection, belonging to Jio Platforms Limited (JPL) or its affiliates (herein after referred as owner). The owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all rights whatsoever. All rights to such intellectual property are fully reserved by the owner.
TECHNICAL FIELD
[002] The present disclosure relates generally to a field of wireless communications. More particularly, the present disclosure relates to a system and a method for performing a lawful interception for managing services in a network.
DEFINITION
[003] As used in the present disclosure, the following terms are generally intended to have the meaning as set forth below, except to the extent that the context in which they are used to indicate otherwise.
[004] The expression ‘Lawful Interception’ used hereinafter in the specification refers to a security process in which intercepted telecommunications information, including voice calls, video calls, text messages, electronic mail (emails) traffic, and internet traffic corresponding to User Equipments (UEs) associated with a particular subscriber or subscribers associated with organizations, is collected and provided to the LIM system.
[005] The expression ‘Business Telecom Application Server (BTAS)’ used hereinafter in the specification refers to a Telecom Application Server (TAS) that is a network component that provides and manages advanced telephony and multimedia services within a network.
[006] The expression ‘at least one information header’ used hereinafter in the specification refers to a customizable header that enables a transmission of service related information beyond standard protocol specifications, facilitating tailored service deployments and enhanced functionality across the network.
[007] The expression ‘Wireless Local Network (WLN)- history- information’ used hereinafter in the specification refers to a header that conveys specific details corresponding to services (e.g., voice calling services, video calling services, etc.) associated with a UE, such as a cause of an event (e.g., a diverted call), an original number, a modified number, etc.
[008] The expression ‘an Enterprise (ENT)-history-information’ used hereinafter in the specification refers to a header that carries relevant information for integrating services between a fixed network and a mobile network such as information related to a convergence between the fixed network and the mobile network, such as details about a find-me or a follow-me service, or a Fixed-Mobile Convergence (FMC) service activation or deactivation, contextual information about the UE, etc.
BACKGROUND
[009] The following description of related art is intended to provide background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section be used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of prior art.
[010] Wireless communication technology has rapidly evolved over the past few decades. A First Generation (1G) of the wireless communication technology was an analog technology that offered only voice services. Further, when a Second-Generation (2G) technology was introduced, text messaging and data services became possible. A Third Generation (3G) technology marked an introduction of a high-speed internet access, a mobile video calling, and location-based services. A Fourth Generation (4G) technology revolutionized wireless communication in terms of faster data speeds, improved network coverage, and security. Currently, a Fifth Generation (5G) technology is being deployed, with even faster data speeds, lower latency, and an ability to connect multiple devices simultaneously. With each generation, the wireless communication technology has become more advanced, sophisticated, and capable of delivering more services to its users.
[011] In many countries, network operators and Internet Service Providers (ISP) are obliged by legal requirements to provide and store traffic data generated from public telecommunications and Internet services for a purpose of detection, investigation and prosecution of crime and criminal offences.
[012] Lawful interception denotes a security process in which a network operator of a telecommunication network (i.e., a wireless network) or a network service provider (NSP) of telecommunication services (e.g., an internet provider, an Internet Protocol (IP) telephony provider, etc.) allows a nationally authorized office or an authorized authority which is generally referred to as a Law Enforcement Agency (LEA), to access telecommunication processes and contents (e.g. telephone calls, e-mail traffic, fax traffic, call-related data such as dialed telephone number, a telephone number of an incoming call, etc.) for a particular subscriber. The lawful interception usually allows the nationally authorized office or the authorized authority to process and monitor the telecommunication processes, including the content within the telecommunication processes of the particular subscriber that are taking place therein.
[013] The lawful interception of the telecommunication network during non-standard call forwarding type services can be implemented and fulfilled by providing all call forwarding details in non-customizable fixed header configurations. However, the existing non-customizable fixed header configurations used for reporting details of the non-standard call forwarding type services are inefficient in fulfilling requirements of the lawful interception of the telecommunication network when using the non-standard call forwarding type services such as Business Telecom Application Server (BTAS) services.
[014] There is, therefore, a need in the art to provide a method and a system that can overcome the shortcomings of the existing prior arts.
SUMMARY
[015] In an exemplary embodiment, a method for performing a lawful interception for managing services in a network is disclosed. The method includes receiving at least one service request corresponding to at least one service associated with at least one User Equipment (UE). The method further includes dynamically generating at least one information header comprising a plurality of information corresponding to the at least one service associated with the at least one UE. The method further includes transmitting the at least one information header comprising the plurality of information to at least one of a Lawful Interception and Monitoring (LIM) system and one or more network components. The LIM system is configured to perform the lawful interception corresponding to the at least one service associated with the at least one UE within the network based on the at least one information header. The one or more network components are configured to provide the at least one service based on the at least one service request and the at least one information header.
[016] In an embodiment, the at least one information header is a customizable header comprising the plurality of corresponding to the at least one service.
[017] In an embodiment, the method further includes encoding the plurality of information within the at least one information header associated with the at least one service.
[018] In an embodiment, the plurality of information within the at least one information header is decoded by at least one of the LIM system and the one or more network components.
[019] In an embodiment, the plurality of information comprises a Wireless Local Network (WLN)- history- information and an Enterprise (ENT)-history-information.
[020] In an embodiment, the BTAS is configured to append the ENT-history-information in a Session Initiation Protocol (SIP) message after sending an invite request to a proxy server for initiating the at least one service.
[021] The present disclosure discloses a system for performing a lawful interception for managing services in a network. The system includes a processing unit and a memory coupled to the processing unit and configured to store instructions executable by the processing unit causes the processing unit to receive at least one service request corresponding to at least one service associated with at least one User Equipment (UE). The processing unit is further configured to dynamically generate at least one information header comprising a plurality of information corresponding to the at least one service associated with the at least one UE. The processing unit is further configured to transmit the at least one information header comprising the plurality of information to at least one of a Lawful Interception and Monitoring (LIM) system or/and one or more network components. The LIM system is configured to perform the lawful interception corresponding to the at least one service associated with the at least one UE in the network based on the at least one information header. The one or more network components are configured to provide the at least one service based on the at least one service request and the at least one information header.
[022] In an embodiment, the at least one information header is a customizable header comprising the plurality of information corresponding to the at least one service.
[023] In an embodiment, the processing unit is further configured to encode the plurality of information within the at least one information header associated with the at least one service.
[024] In an embodiment, the plurality of information within the at least one information header is decoded by at least one of the LIM system and the one or more network components.
[025] In some embodiments, the plurality of information comprises a Wireless Local Network (WLN)- history-information and an Enterprise (ENT)-history-information.
[026] In an embodiment, the BTAS is configured to append the ENT-history-information in a Session Initiation Protocol (SIP) message after sending an invite request to a proxy server for initiating the at least one service.
[027] The present disclosure discloses a User Equipment (UE) communicatively coupled with a network. The coupling includes a step of receiving, by the network, a connection request from the UE. The coupling includes a step of sending, by the network, an acknowledgment of the connection request to the UE. The coupling includes a step of transmitting a plurality of signals in response to the connection request. Based on the connection request, a lawful interception for managing services in the network is performed.
[028] The foregoing general description of the illustrative embodiments and the following detailed description thereof are merely exemplary aspects of the teachings of this disclosure and are not restrictive.
OBJECTS OF THE PRESENT DISCLOSURE
[029] An object of the present disclosure is to provide a method and a system for performing a lawful interception for managing services in a network.
[030] Another object of the present disclosure is to provide a customized lawful interception support for non-standard forwarding services offered by a Business Telecom Application Server (BTAS).
[031] Another object of the present disclosure is to provides support to a Lawful Interception and Monitoring (LIM) systems associated with Law Enforcement Agencies (LEAs) for performing the lawful interception using information within customizable headers (i.e., at least one information header).
[032] Another object of the present disclosure is to ensure that all non-standard forwarding services deployed by the BTAS comply with regulatory requirements for the lawful interception, data protection, and privacy, thereby avoiding legal risks and penalties.
BRIEF DESCRIPTION OF THE ACCOMPANYING DRAWING
[033] The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Some drawings may indicate the components using block diagrams and may not represent the internal circuitry of each component. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components, electronic components or circuitry commonly used to implement such components.
[034] FIG. 1 illustrates an exemplary network architecture for implementing a system for performing a lawful interception for managing services in a network, in accordance with an embodiment of the present disclosure.
[035] FIG. 2 illustrates an exemplary block diagram of the system configured for performing a lawful interception for managing services in the network, in accordance with an embodiment of the present disclosure.
[036] FIG. 3 illustrates an exemplary architecture for performing a lawful interception for managing services in the network, in accordance with an embodiment of the disclosure.
[037] FIG. 4 illustrates an exemplary process flow of a method for performing the lawful interception for managing services in the network, in accordance with an embodiment of the present disclosure.
[038] FIG. 5 illustrates an example computer system in which or with which the embodiments of the present disclosure may be implemented.
[039] The foregoing shall be more apparent from the following more detailed description of the disclosure.
LIST OF REFERENCE NUMERALS
100 – Network architecture
102-1, 102-2…102-N – Plurality of Users
104-1, 104-2…104-N – Plurality of User Equipments
106 – Network
108 – System
110 – Entity
112 – Centralized Server
200 – Block Diagram
202 – Memory
204 – A Plurality of Interfaces
206 – Processing Unit
208 - Database
300 – Exemplary Architecture
302 – Long-Term Evolution Radio Access Network (LTE RAN)
304 – Evolved Node B (eNB)
306 – Servicing Gateway (S-GW) or Packet Data Network (PDN) Gateway (P-GW)
308 – Mobility Management Entity (MME)
310 – Internet Protocol (IP) Multimedia System (IMS)
312 – Proxy Call Session Control Function (P-CSCF)
314 – Servicing Call Session Control Function (S-CSCF)
316 – Telecom Application Server (TAS)
318 – Access Gateway (AGW)
320 – Interfacing unit
322 – Administration Function (ADMF)
324 – Mediation Function (MF) or Delivery Function (DF) 2
326 – Mediation Function (MF) or Delivery Function (DF) 3
400 – Flow diagram
500 – Computer System
510 – External Storage Device
520 – Bus
530 – Main Memory
540 – Read Only Memory
550 – Mass Storage Device
560 – Communication Port
570 – Processor
DETAILED DESCRIPTION
[040] In the following description, for the purposes of explanation, various specific details are set forth in order to provide a thorough understanding of embodiments of the present disclosure. It will be apparent, however, that embodiments of the present disclosure may be practiced without these specific details. Several features described hereafter can each be used independently of one another or with any combination of other features. An individual feature may not address any of the problems discussed above or might address only some of the problems discussed above. Some of the problems discussed above might not be fully addressed by any of the features described herein. Example embodiments of the present disclosure are described below, as illustrated in various drawings in which like reference numerals refer to the same parts throughout the different drawings.
[029] The ensuing description provides exemplary embodiments only, and is not intended to limit the scope, applicability, or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiments will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It should be understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope of the disclosure as set forth.
[030] Specific details are given in the following description to provide a thorough understanding of the embodiments. However, it will be understood by one of ordinary skill in the art that the embodiments may be practiced without these specific details. For example, circuits, systems, networks, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail. In other instances, well-known circuits, processes, algorithms, structures, and techniques may be shown without unnecessary detail in order to avoid obscuring the embodiments.
[031] Also, it is noted that individual embodiments may be described as a process that is depicted as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed but could have additional steps not included in a figure. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination can correspond to a return of the function to the calling function or the main function.
[032] The word “exemplary” and/or “demonstrative” is used herein to mean serving as an example, instance, or illustration. For the avoidance of doubt, the subject matter disclosed herein is not limited by such examples. In addition, any aspect or design described herein as “exemplary” and/or “demonstrative” is not necessarily to be construed as preferred or advantageous over other aspects or designs, nor is it meant to preclude equivalent exemplary structures and techniques known to those of ordinary skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,” and other similar words are used in either the detailed description or the claims, such terms are intended to be inclusive like the term “comprising” as an open transition word without precluding any additional or other elements.
[033] Reference throughout this specification to “one embodiment” or “an embodiment” or “an instance” or “one instance” means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present disclosure. Thus, the appearances of the phrases “in one embodiment” or “in an embodiment” in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.
[034] The terminology used herein is to describe particular embodiments only and is not intended to be limiting the disclosure. As used herein, the singular forms “a”, “an”, and “the” are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term “and/or” includes any combinations of one or more of the associated listed items. It should be noted that the terms “mobile device”, “user equipment”, “user device”, “communication device”, “device” and similar terms are used interchangeably for the purpose of describing the invention. These terms are not intended to limit the scope of the invention or imply any specific functionality or limitations on the described embodiments. The use of these terms is solely for convenience and clarity of description. The invention is not limited to any particular type of device or equipment, and it should be understood that other equivalent terms or variations thereof may be used interchangeably without departing from the scope of the invention as defined herein.
[035] As used herein, an “electronic device”, or “portable electronic device”, or “user device” or “communication device” or “user equipment” or “device” refers to any electrical, electronic, electromechanical and computing device. The user device is capable of receiving and/or transmitting one or parameters, performing function/s, communicating with other user devices and transmitting data to the other user devices. The user equipment may have a processor, a display, a memory, a battery and an input-means such as a hard keypad and/or a soft keypad. The user equipment may be capable of operating on any radio access technology including but not limited to IP-enabled communication, Zig Bee, Bluetooth, Bluetooth Low Energy, Near Field Communication, Z-Wave, Wi-Fi, Wi-Fi direct, etc. For instance, the user equipment may include, but not limited to, a mobile phone, smartphone, virtual reality (VR) devices, augmented reality (AR) devices, laptop, a general-purpose computer, desktop, personal digital assistant, tablet computer, mainframe computer, or any other device as may be obvious to a person skilled in the art for implementation of the features of the present disclosure.
[036] Further, the user device may also comprise a “processor” or “processing unit” includes processing unit, wherein processor refers to any logic circuitry for processing instructions. The processor may be a general-purpose processor, a special purpose processor, a conventional processor, a digital signal processor, a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits, Field Programmable Gate Array circuits, any other type of integrated circuits, etc. The processor may perform signal coding data processing, input/output processing, and/or any other functionality that enables the working of the system according to the present disclosure. More specifically, the processor is a hardware processor.
[037] As portable electronic devices and wireless technologies continue to improve and grow in popularity, the advancing wireless technologies for data transfer are also expected to evolve and replace the older generations of technologies. In the field of wireless data communications, the dynamic advancement of various generations of cellular technology are also seen. The development, in this respect, has been incremental in the order of second generation (2G), third generation (3G), fourth generation (4G), and now fifth generation (5G), and more such generations are expected to continue in the forthcoming time.
[038] While considerable emphasis has been placed herein on the components and component parts of the preferred embodiments, it will be appreciated that many embodiments can be made and that many changes can be made in the preferred embodiments without departing from the principles of the disclosure. These and other changes in the preferred embodiment as well as other embodiments of the disclosure will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing descriptive matter is to be interpreted merely as illustrative of the disclosure and not as a limitation.
[039] In a Fifth Generation (5G) network, non-standard call forwarding type services provide non customizable fixed headers with a fixed configuration to fulfil the lawful interception of data flow in the telecommunication network. However, existing non-customizable fixed header configurations of the non-standard call forwarding type services are inefficient in fulfilling the lawful interception requirement of the 5G network, i.e., telecommunication network, when dealing with the non-standard call forwarding type services such as Business Telecom Application Server (BTAS) services, e.g., a ‘find-me or follow-me’ service or a Fixed Mobile Convergence (FMC) service.
[040] Accordingly, there is a need for a technique that facilitates flexibility in providing lawful interception and regulatory-related requirements for a network (e.g., the telecommunication network) when non-standard call forwarding services such as BTAS services are used.
[041] The present disclosure aims to overcome the above-mentioned and other existing problems in this technology field by providing a system and a method that provides customized lawful interception support for different BTAS services.
[042] Embodiments herein relate to a method for performing a lawful interception for managing services in a network (e.g., the telecommunication network). In particular, at least one service request corresponding to at least one service associated with at least one User Equipment (UE) may be received by a Business Telecom Application Server (BTAS). Upon receiving the at least one service request, the BTAS may generate at least one information header corresponding to the at least one service associated with the at least one UE. The at least one information header includes a plurality of information associated with the at least one service. Further, the plurality of information within the at least one information header is encoded. Once the at least one information header is generated, the generated at least one information header is transmitted to a Lawful Interception and Monitoring (LIM) system and one or more network components to perform the lawful interception corresponding to the at least one service associated with the at least one UE within the network.
[043] The various embodiments throughout the disclosure will be explained in more detail with reference to FIG. 1- FIG. 5.
[044] FIG. 1 illustrates an exemplary network architecture 100 for implementing a system 108 for performing a lawful interception for managing services in a network, in accordance with an embodiment of the present disclosure. In some embodiments, the lawful interception may be denoted as LI. Further, in an embodiment, the network (i.e., a network 106), for example may be a telecommunication network, such as, a Fourth Generation (4G) network, a Fifth Generation (5G) network, a Sixth Generation (6G) network, and the like. In an embodiment, the network architecture 100 may include one or more computing devices or User Equipments (UEs) 104-1, 104-2…104-N associated with one or more users 102-1, 102-2…102-N in an environment. A person of ordinary skill in the art will understand that one or more users 102-1, 102-2…102-N may be individually referred to as the user 102 and collectively referred to as the users 102. Similarly, a person of ordinary skill in the art will understand that one or more UEs 104-1, 104-2…104-N may be individually referred to as the UE 104 and collectively referred to as the UEs 104. A person of ordinary skill in the art will appreciate that the terms “computing device(s)” and “user equipment” may be used interchangeably throughout the disclosure. Although three UEs 104 are depicted in FIG. 1, however, any number of the UEs 104 may be included without departing from the scope of the ongoing description.
[045] In an embodiment, the UE 104 may include smart devices operating in a smart environment, for example, an Internet of Things (IoT) system. In such an embodiment, the UE 104 may include, but is not limited to, smart phones, smart watches, smart sensors (e.g., a mechanical sensor, a thermal sensor, an electrical sensor, a magnetic sensor, etc.), networked appliances, networked peripheral devices, networked lighting system, communication devices, networked vehicle accessories, networked vehicular devices, smart accessories, tablets, smart televisions (TVs), computers, smart security systems, smart home systems, other devices for monitoring or interacting with or for the user 102 and/or entities, or any combination thereof. A person of ordinary skill in the art will appreciate that the UE 104 may include, but is not limited to, intelligent, multi-sensing, network-connected devices, that can integrate seamlessly with each other and/or with a central server or a cloud-computing system or any other device that is network-connected.
[046] In an embodiment, the UE 104 may include, but is not limited to, a handheld wireless communication device (e.g., a mobile phone, a smart phone, a phablet device, and so on), a wearable computer device (e.g., a head-mounted display computer device, a head-mounted camera device, a wristwatch computer device, and so on), a Global Positioning System (GPS) device, a laptop computer, a tablet computer, or another type of portable computer, a media playing device, a portable gaming system, and/or any other type of computer device with wireless communication capabilities, and the like. In an embodiment, the UE 104 may include, but is not limited to, any electrical, electronic, electro-mechanical, or an equipment, or a combination of one or more of the above devices such as virtual reality (VR) devices, augmented reality (AR) devices, a laptop, a general-purpose computer, a desktop, a personal digital assistant, a tablet computer, a mainframe computer, or any other computing device. Further, the UE 104 may include one or more in-built or externally coupled accessories including, but not limited to, a visual aid device such as a camera, an audio aid, a microphone, a keyboard, and input devices for receiving input from the user 102 or an entity 110 such as a touch pad, a touch enabled screen, an electronic pen, and the like. A person of ordinary skill in the art will appreciate that the UE 104 may not be restricted to the mentioned devices and various other devices may be used.
[047] In FIG. 1, the UE 104 may communicate with the system 108 through the network 106. In particular, the UE 104 may be communicatively coupled with the network 106. The coupling including steps of receiving, by the network 106, a connection request from the UE 104. Upon receiving the connection request, the coupling including steps of sending, by the network 106, an acknowledgment of the connection request to the UE 104. Further, the coupling including steps of transmitting a plurality of signals in response to the connection request. The plurality of signals is responsible for communicating with the system 108 to perform the lawful interception for managing the services in the network 106.
[048] In an embodiment, the network 106 may include at least one of the 4G network, the 5G network, the 6G network, or the like. The network 106 may enable the UE 104 to communicate with other devices in the network architecture 100 and/or with the system 108. The network 106 may include a wireless card or some other transceiver connection to facilitate this communication. In another embodiment, the network 106 may be implemented as, or include any of a variety of different communication technologies such as a wide area network (WAN), a local area network (LAN), a wireless network, a mobile network, a Virtual Private Network (VPN), an internet, an intranet, a public network, a private network, a packet-switched network, a circuit-switched network, an ad hoc network, an infrastructure network, a Public-Switched Telephone Network (PSTN), a cable network, a cellular network, a satellite network, a fiber optic network, or some combination thereof. In another embodiment, the network 106 includes, by way of example but not limitation, at least a portion of one or more networks having one or more nodes that transmit, receive, forward, generate, buffer, store, route, switch, process, or a combination thereof, etc. one or more messages, packets, signals, waves, voltage or current levels, some combination thereof, or so forth.
[049] Although FIG. 1 shows exemplary components of the network architecture 100, in other embodiments, the network architecture 100 may include fewer components, different components, differently arranged components, or additional functional components than depicted in FIG. 1. Additionally, or alternatively, one or more components of the network architecture 100 may perform functions described as being performed by one or more other components of the network architecture 100.
[050] FIG. 2 illustrates an exemplary block diagram 200 of the system 108 configured for performing the lawful interception for managing the services in the network 106, in accordance with an embodiment of the present disclosure. FIG. 2 is explained in conjunction with FIG. 1. The network may correspond to the telecommunication network. Examples of the network includes, the 4G network, the 5G network, the 6G network, and the like.
[051] The system 108 includes one or more processor(s) or a processing unit 206. The one or more processor(s) may be implemented as one or more microprocessors, microcomputers, microcontrollers, digital signal processors, central processing units, logic circuitries, and/or any devices that process data based on operational instructions. Among other capabilities, one or more processor(s) may be configured to fetch and execute computer-readable instructions stored in a memory 202 of the system 108. The memory 202 may be configured to store one or more computer-readable instructions or routines in a non-transitory computer-readable storage medium, which may be fetched and executed to create or share data packets over a network service. The memory 202 may comprise any non-transitory storage device including, for example, a volatile memory such as a Random-Access Memory (RAM), or a non-volatile memory such as an Erasable Programmable Read-Only Memory (EPROM), a flash memory, and the like.
[052] In an embodiment, the system 108 may include an interface(s) 204. The interface(s) 204 may comprise a variety of interfaces, for example, interfaces for data input and output devices (I/O), storage devices, and the like. The interface(s) 204 may facilitate communication through the system 108. The interface(s) 204 may also provide a communication pathway for one or more components of the system 108. Examples of such components include, but are not limited to, the processing unit 206 and a database 208. In an embodiment, the processing unit 206 may correspond to the one or more processor(s).
[053] The processing unit 206 may be configured to receive at least one service request corresponding to at least one service associated with at least one UE. The at least one service corresponding to the at least one UE may include, but is not limited to, a Voice over Internet Protocol (VoIP) service, such as a video calling service, a voice calling service, and text messaging service. VoIP video calling services allow users to have real-time video conversations over the internet. VoIP voice calling services let users make voice calls over the internet instead of through traditional phone lines. VoIP text messaging services enable users to send and receive text messages over the internet.
[054] Upon receiving the at least one service request, the processing unit 206 is configured to generate at least one information header. In an aspect, the at least one information header includes a plurality of information corresponding to the at least one service associated with the at least one UE. The at least one information header is a customizable header that includes the plurality of information corresponding to the at least one service. The plurality of information may include a Wireless Local Network (WLN) - history-information and an Enterprise (ENT)- history-information. In an embodiment, the plurality of information within the at least one information header is encoded using one or more encryption algorithms. Examples of the one or more encryption algorithms may include an Advanced Encryption Standard (AES) algorithm, a Rivest-Shamir-Adleman (RSA) algorithm, an Elliptic Curve Digital Signature Algorithm (ECDSA), an International Data Encryption Algorithm (IDEA), and the like. The plurality of information associated with the at least one service is further explained in detail in conjunction with FIG. 3 and FIG. 4.
[055] Further, the processing unit 206 is configured to transmit the at least one generated information header having the plurality of information to a Lawful Interception and Monitoring (LIM) system and one or more network components. The LIM is configured to perform the lawful interception corresponding to the at least one service associated with the at least one UE in the network (106) based on the at least one received information header. For example, the at least one UE may correspond to the UE 104. To perform the lawful interception, the LIM system is configured for decoding the plurality of information within the at least one information header. In addition, to provide the at least one service to the at least one UE, the one or more network components are configured to decode the plurality of information within the at least one information header. In an embodiment, the plurality of information is decoded using one or more decoding algorithms corresponding to the one or more encryption algorithms. Examples of the one or more decoding algorithms may include, the AES algorithm, the RSA algorithm, an Elliptic Curve Cryptography (ECC) algorithm, and the like. The AES algorithm a is a symmetric key algorithm that encrypts and decrypts data (i.e., the plurality of information) using the same key. The AES algorithm operates on fixed-size blocks of data (128 bits) and supports key sizes of 128, 192, or 256 bits, providing strong security and efficiency. The RSA algorithm is an asymmetric algorithm that uses a pair of keys, i.e., a public key for encryption and a private key for decryption. The RSA algorithm relies on the mathematical difficulty of factoring large prime numbers, making it secure for transmitting sensitive. The ECC algorithm is another form of an asymmetric algorithm that uses properties of elliptic curves over finite fields. The ECC algorithm provides similar levels of security to the RSA algorithm but with much smaller key sizes, making it efficient for use in constrained environments like mobile devices (e.g., the UE 104). The ECDSA is a digital signature algorithm that uses elliptic curve cryptography to create and verify signatures. The ECDSA offers strong security with smaller key sizes compared to traditional methods like the RSA algorithm, making it efficient for authentication and integrity verification. The IDEA is a symmetric key block cipher that operates on 64-bit blocks using a 128-bit key. The IDEA employs a series of operations including modular addition, multiplication, and bitwise XOR to provide robust encryption, widely used in various applications for secure data transmission. As already known to the person skilled in art, the lawful interception is a security process in which intercepted telecommunications information including voice calls, video calls, text messages, electronic mails (emails) traffic, and internet traffic corresponding to UEs associated with an individual (i.e., a particular subscriber) or individuals (subscribers) associated with organizations is collected and provided to the LIM system (i.e., the system 108). The LIM system may be associated with Law Enforcement Agencies (LEAs).
[056] In an embodiment, the processing unit 206 may be implemented as a combination of a hardware and programming (for example, programmable instructions) to implement one or more functionalities of the processing unit 206. In examples described herein, such combinations of hardware and programming may be implemented in several different ways. For example, the programming for the processing unit 206 may be processor-executable instructions stored on a non-transitory machine-readable storage medium and the hardware for the processing unit 206 may comprise a processing resource (for example, one or more processors), to execute such instructions. In the present examples, the machine-readable storage medium may store instructions that, when executed by the processing resource, implement the processing unit 206. In such examples, the system 108 may comprise the machine-readable storage medium storing the instructions and the processing resource to execute the instructions, or the machine-readable storage medium may be separate but accessible to the system 108 and the processing resource. In other examples, the processing unit 206 may be implemented by electronic circuitry.
[057] FIG. 3 illustrates an exemplary architecture 300 for performing the lawful interception for managing the services in the network (i.e., the network 106) is illustrated, in accordance with an embodiment of the present disclosure. FIG. 3 is explained in conjunction with FIGS. 1 and 2.
[058] FIG. 3 depicts, a UE A, a UE B, a Long-Term Evolution Radio Access Network (LTE RAN) 302, an Internet Protocol (IP) Multimedia System (IMP) 310, and an interfacing unit 320. The LTE RAN 302 includes an evolved Node B (eNB) 304, a Servicing Gateway (S-GW) or a Packet Data Network (PDN) Gateway (P-GW) 306, and a Mobility Management Entity (MME) 308. Further, the IMS 310 includes a Proxy Call Session Control Function (P-CSCF) 312, a Servicing Call Session Control Function (S-CSCF) 314, a Telecom Application Server (TAS) 316, and an Access Gateway (AGW) 318. It should be noted that, the IMS 310 may correspond to the system 108. Further, the TAS 316 may correspond to the BTAS. In an embodiment, the TAS 316 is a network component that provides and manages advanced telephony and multimedia services within the LTE RAN 302. The interfacing unit 320 includes an Administration Function (ADMF) 322, a Mediation Function (MF) or a Delivery Function (DF) 2, i.e., MF/DF2 324, and a MF or a DF3, i.e., MF/DF3 326. In an aspect, the LTE RAN 302 is a component of a network (e.g., the network 106) responsible for providing wireless communication between a UE (i.e., the UE 104) and the network core. The LTE RAN 302 includes the eNB 304 that is configured to manage radio resources, handles user data transmission, and supports mobility and connection management for seamless service delivery.
[059] The interfacing unit 320 is configured to enable interaction of the IMS 310 with the LIM system (not shown). In particular, the interfacing unit 320 is configured to transmit the plurality of information within the at least one information header from the IMS 310 to the LIM system that is associated with a LEA. The plurality of information is transmitted by the interfacing unit 320 to the LIM system to perform the lawful interception corresponding to services for managing the services in the network (e.g., the LTE RAN 302). In some embodiment, the at least one information header includes the plurality of information that may be transmitted to one or more components (i.e., the P-CSCF 312, the S-CSCF 314, etc.) within the IMS 310 to provide the at least one service to the UE A based on the at least one request received from the UE A. The P-CSCF 312 is a network component (also referred to as a network element) situated at the ingress point of the IMS network, interfacing directly with the UE. It is configured to receive and process SIP signaling messages from the UE. Upon reception, the P-CSCF is responsible for routing these SIP messages to the appropriate S-CSCF (e.g., the S-CSCF 314) based on pre-defined routing mechanisms. Additionally, the P-CSCF 312 may implement security measures such as SIP message encryption and decryption. The P-CSCF 312 facilitates the registration process by managing registration requests from the UE and provides service discovery capabilities to direct the UE to a correct S-CSCF (e.g., the S-CSCF 314) for session management purposes. The S-CSCF 314 operates as a central control entity within the IMS network, tasked with the management and oversight of SIP sessions. Upon receiving SIP requests routed through the P-CSCF 312, the S-CSCF 314 is responsible for the establishment, modification, and termination of sessions. It utilizes user profiles stored within a Home Subscriber Server (HSS) to determine the appropriate session handling procedures and to invoke relevant application servers as needed. The S-CSCF 314 ensures that the services requested by the UE are executed in accordance with the user's profile and applicable network policies. Additionally, the S-CSCF 314 performs authorization checks to validate the user's entitlement to access specific services and resources.
[060] Consider a scenario where a user (e.g., the user 102) of the UE A (e.g., the UE 104) that is associated with the LTE RAN 302 (e.g., the network 106) wants to connect a user associated with the UE B via a video call. In this scenario, the UE A may try establishing a communication session, i.e., a video calling session with the UE B. In order to establish the video calling session, the eNodeB 304 may be responsible for transmitting and receiving radio signals to and from the UE A. As depicted, the eNodeB 304 may be in communication with the S-GW/ P-GW 306 and the MME 308. The S-GW/ P-GW 306 is in communication with the P-CSCF 312 and the AGW 318. In an embodiment, the S-GW of the S-GW/P-GW 306 may forward and route data packets (e.g., a Session Initiation Protocol (SIP) message) associated with the UE A to and from the eNodeB 304 during the communication session (i.e., the video calling session). Further, the P-GW of the S-GW/P-GW 306 may be a connecting node between the UE A and an external network, e.g., the IMS 310. Further, the MME 308 may act as a key control node in the LTE RAN 302. The MME 308 may be responsible for managing a mobility of the UE A by tracking a location of the UE A, initiating and managing bearer paths for data packets transfer, ensuring authentication and security of the UE A, and coordinating handovers between a base station (i.e., the eNodeB 304) associated with the UE A and other base stations based on the location of the UE A.
[061] Further, the IMS 310 is configured to deliver multimedia communications services such as the VoIP, i.e., the voice calling services and the video calling services, or the text messaging services, over the LTE RAN 302 (e.g., the network 106). In continuation to the above scenario, where the UE A wants to establish the video calling session with the UE B. In this scenario, the IMS 310 may be configured to deliver a video calling multimedia service over the LTE RAN 302 to the UE B. For this, the P-CSCF 312 may act as an entry point (or a first point of contact) for the UE A that is initiating the video calling session. A primary purpose of the P-CSCF 312 is to manage a session initiation (i.e., a video calling session initiation), route SIP messages (also referred as SIP signaling messages), and enforce policies related to a session setup and a Quality of Service (QoS), ensuring efficient and secure communication over the LTE RAN 302. Examples of the policies related to the session setup may include a session initiation and authorization policy, a capacity management policy, roaming agreements, a bandwidth allocation, and the like. Examples of the policies related to the QoS may include, traffic prioritization, bandwidth management, latency management, and the like.
[062] As depicted in present FIG. 3, the P-CSCF 312 may be connected with the S-CSCF 314 and the AGW 318. In addition, the P-CSCP 312 may be also in connection with the ADMF 322 via ‘X1’ interface. The ADMF 322 is configured to manage configuration and operational aspects of the one or more network components (e.g., the P-CSCF 312, the S-CSCF 314, etc), including service management and monitoring of the network (i.e., the network 106). In particular, the P-CSCP 312 may be configured to deliver information including the intercepted telecommunications (i.e., information of the video calling session) and associated metadata from the UE A or network elements (such as router, switches, etc.) where interception occurs, to the ADMF 322 via the ‘X1’ interface. Further, this information is transferred to the LIM system via a Handover Interface (HI) 1 interface port. It should be note that, intercepted telecommunications generally refer to electronic communications that are monitored and recorded, such as phone calls, text messages, emails, and internet data, corresponding to a subscriber’s equipment, e.g., the UE A. Further, the P-CSCF 312 is configured to transfer the SIP messages received from the UE A to the S-CSCF 314.
[063] The S-CSCF 314 is configured to authenticate the UE A and authorizes an access of a service, e.g., the video calling service (i.e., the at least one service) based on policies defined by the network operator or the network service provider (NSP) for the UE A. Examples of the policies defined by the network operator or the NSP for the UE A may include access control policies, QoS policies, security policies, and the like. The S-CSCF 314 may communicate with the DF 2 of the MF/DF2 324 via an ‘X2’ interface. In other words, in some embodiment, the S-CSCF 314 transfers data, such as session setup information, service control and authorization information, etc., associated with the service of the UE A, to the DF 2. This data is further transmitted by the MF of the MF/DF2 324 to the LIM system via a HI2 interface port. The MF acts as an intermediary component that facilitates the extraction, transformation, and routing of the data (i.e., the plurality of information) to the LIM system associated with an authorized LEA. Further, the DF2 is a component that is responsible for the secure and efficient transmission of the data to the LIM system. In other words, the DF2 ensures that the data is delivered accurately, securely, and in compliance with relevant laws, to the LIM system.
[064] Further, the TAS 316, i.e., the BTAS may be in connection with the P-CSCF 312 and the S-CSCF 314. The TAS 316 may provide intelligence and logic necessary to implement advanced services such as the non-standard call forwarding type services, e.g., ‘the find-me or the follow-me’ services and the FMC services, etc., that provides and fulfils lawful interception requirement of the LTE RAN 302. The advance services may also be as the BTAS services. In particular, when the UE A initiates the service request, e.g., the video calling request (i.e., the at least one service request) corresponding to the video call service, the P-CSCF 312 may receive the service request and forwards the service request to the S-CSCF 314. Further, the S-CSCF 314 may communicate with the TAS 316 to determine how the service request should be handled based on the advanced services applied on the UE B with which the UE A wants to establish the video calling session. For example, if the call forwarding services are activated by the user of the UE B, then the TAS 316 may provide information (i.e., the plurality of information) associated with the UE B to the S-CSCF 314. Upon receiving the plurality of information, the S-CSCF 314 may identify a modified number associated with the UE B with which the video calling session of the UE A needs to be established.
[065] Further, the AGW 318 that is coupled to the P-CSCF 312 and is configured to provide a media relay feature for routing and managing network traffic coming from the UE A, towards an original number associated with the UE B or the modified number associated with the UE B. In other words, the AGW 318 may ensure that data packets within the network traffic that is coming from the UE A are appropriately directed towards the UE B based on the advanced services associated with the UE B. The data packets are directed through the LTE RAN 302 and other core network components (e.g., the P-CSCF 312, the S-CSCF 314, etc.). Further, the AWG 318 is configured to transfer a content of communication associated with the UE A and the UE B to the DF3 of the MF/DF3 326 via an ‘X3’ interface. The DF3 is a component that is configured to perform effective and compliant transmission of the data (i.e., the plurality of information) related to particular services or protocols (e.g., the SIP). Further, the content of communication is further transmitted to the LIM system via an HI3 interface port for performing the lawful inspection corresponding to the video call service (i.e., the at least one service).
[066] In an operative aspect, when the at least one service request (e.g., the video calling request) corresponding to the at least one service (i.e., the video calling service) associated with the at least one UE, i.e., the UE A is received by the TAS 316, then the TAS 316 is configured to generate the at least one information header associated with the at least one service. In an aspect, the at least one information header includes the plurality of information associated with the at least one service (i.e., the video call service) associated with the UE A. In an embodiment, the plurality of information of the at least one information header is encoded.
[067] In an example, the at least one information header include a Wireless Local Network (WLN)-history-information and an Enterprise (ENT)-history-information. The WLN-history-information, for example, may include a cause of an event (e.g., a diverted call or a rejected call, a diverted message or a rejected message) associated with the at least one service, the original number (e.g., a contact number initially dialed by a user of the UE A, a contact number to which a text message was forwarded by the UE A, etc.), the modified number (e.g., a contact number to which a call is diverted from the initially dialed contact number, a contact number to which the text message is diverted, etc.), information of an advance service (e.g., the call forwarding service) that caused the event, and the like.
[068] Further, the ENT-history-information, for example, may include information related to a convergence between a fixed network (e.g., a wired network) and a mobile network (e.g., a wireless network) associated with the UE B, such as details about a find me service activation or deactivation, contextual information about the UE B or a network type (e.g., the fixed network or the mobile network) being used by the UE B, service-specific parameters or identifiers for routing or service delivery, and the like. In an embodiment, the ENT-history-information is appended by the BTAS within the protocol message (e.g., the SIP message). In an example, the BTAS may be configured to append the ENT-history-information for the find me service in a SIP message associated with a SIP after an invite request is sent to a proxy server (e.g., a session board controller) for initiating the at least one service. In another example, the BTAS is configured to append the ENT-history-information for the find me service when the user of the UE B may have activated the call forwarding service. In order to activate the call forwarding service, the user of the UE B may press a feature code (e.g., *AA) for activating the call forwarding service of a contact number (i.e., the original number) associated with the UE B to another contact number (i.e., the modified number) associated with the UE B or a UE Z. In yet another example, the BTAS may configured to append the ENT-history-information for the follow me service after the user of the UE B may have availed or activated call forwarding services on his contact number (i.e., the original number) using a feature code (e.g., #ABC) to another contact number (i.e., the modified number) associated with the UE B or a UE C.
[069] The at least one information header that is generated by the TAS 316 is transmitted to the LIM system via the HI1 interface port, the HI2 interface port, and the HI3 interface port of the interfacing unit 320. The lawful interception of the at least one service is performed by the LIM system based on the at least one information header. Further, the LIM system may perform the lawful interception of the at least one service (i.e., the video call service) associated with the at least one UE (e.g., the UE A) in the LTE RAN 302 as and when required. For this, the LIM system is configured to decode the plurality of information within the at least one information header. In some embodiment, the TAS 316 provides a support to the LIM system to decode the plurality of information within the at least one information header.
[070] Therefore, different non-standard forwarding services and their lawful interception regulatory related requirements are simultaneously implemented in the TAS 316, i.e., the BTAS. This, in turn, enhances flexibility in providing the lawful interception regulatory related requirements of the network (e.g., the LTE RAN 302) to the LIM system. A method of performing the lawful inspection for managing the services in the network is further explained in detail in conjunction with FIG. 4.
[071] FIG. 4 illustrates an exemplary flow diagram 400 for performing the lawful interception for managing the services in a network (e.g., the network 106), in accordance with an embodiment of the present disclosure. FIG. 4 is explained in conjunction with FIGS. 1, 2, and 3. The network may correspond to the telecommunication network. Examples of the network includes, the 4G network, the 5G network, the 6G network, and the like. Each step of the method 400 may be performed by the processing unit 206 of the system 108. The system 108 may correspond to the IMS 310. In particular, each step of the method 400 may be performed by the TAS 316, i.e., the BTAS of the IMS 310.
[072] In order to performing the lawful interception for managing the services in the network, initially, at step 402, the at least one service request may be received corresponding to the at least one service associated with at least one UE. The at least one service corresponding to the at least one UE may include but is not limited to, the video calling service, the voice calling service, the text messaging service, etc. The at least one UE, for example, may correspond to the UE A. In an embodiment, the at least one service request may correspond to a message, or a signal initiated by a UE (i.e., the at least one UE) to access specific network services, such as the voice calling service, video calling service, the text messaging service, data sessions, etc. The at least one service request typically contain essential information for a service provisioning, including user identifiers and service parameters, facilitating seamless integration and management within a network architecture. In an embodiment, the message, or the signal may be the SIP message or a SIP signal that will be initiated by the UE.
[073] Upon receiving the at least one service request, at step 404, the at least one information header may be dynamically generated corresponding to the at least one service associated with the at least one UE. In other words, the at least one information header may be generated in real-time based on the at least one service request associated with the at least one UE. The at least one information header includes the plurality of information associated with the at least one service. The at least one information header is the customizable header including the plurality of information corresponding to the at least one service. In an embodiment, the at least one information header is generated based on advanced services (i.e., the non-standard forwarding services) associated with a UE corresponding to which the at least one service request is received from the at least one UE. The non-standard forwarding service may include, but are not limited to the selective call forwarding, the time based forwarding, the sequential ringing, the priority forwarding, and the location-based forwarding. Further, the plurality of information within the at least one information header is encoded using the one or more encryption algorithms. Examples of the one or more encryption algorithms may include the AES algorithm, the RSA algorithm, the ECDSA, the IDEA, and the like.
[074] As already known to the person skilled in art, the customizable header may correspond to a header within a protocol message (such as SIP message, a Hypertext Transfer Protocol (HTTP) message, a diameter, etc.) that can be defined or modified by the network operators or the NSPs. The customizable header enables a transmission of service related information beyond standard protocol specifications, facilitating tailored service deployments and enhanced functionality across the network. In other words, the customizable header may be typically designed to carry information that is specific to a particular service, an application, or an operational requirement within the network. In an embodiment, based on the SIP message or the SIP signal that is initiated by the UE, a SIP header (also referred to as a SIP history information header) including history information of the at least one service associated with the UE is generated. The SIP header includes a unique Identifier (ID) associated with the UE for which the lawful interception needs to be performed using the LIM system associated with the LEA. However, in the present invention, an information header (i.e., the at least one information) corresponding to the WLN-history-information and the ENT-history-information is generated by the BTAS upon receiving the at least one service request from the UE.
[075] The plurality of information within the at least one information header includes the WLN-history-information and the ENT-history-information. The WLN-history-information, for example, may include the cause of the event (e.g., the diverted call or the rejected call) associated with the at least one service (e.g., the video calling service), the original number (e.g., the contact number initially dialed by the user of the UE A), the modified number (e.g., the contact number to which a call is diverted from the initially dialed contact number), information of a non-standard forwarding service (also known as a BTAS service) activated on a UE (e.g., the UE B) that caused the event, and the like. The ENT-history-information, for example, may include information related to the convergence between the fixed network and the mobile network, such as details about the find me / follow me service or the FMC service activation or deactivation, contextual information about the UE B or the network type (e.g., the fixed network or the mobile network) being used by the UE B, the service-specific parameters or identifiers for routing or the at least one service delivery, and the like. Examples of the FMC service, may include, the single number reach service, the unified messaging, the integrated billing, the location based service, etc. In particular, in addition to the usage of the WLN-history-information while generating the at least one information header, the BTAS is configured to append the ENT-history-information within the protocol message (e.g., the SIP message) after sending the invite request to the proxy server for initiating the at least one service.
[076] By way of an example, consider a scenario when the UE A send the at least one service request, e.g., a text message request for the at least one service, i.e., the text messaging service to the BTAS (i.e., the TAS 316) for transmitting the text message to another UE, e.g., the UE B. Upon receiving the text message request, the BTAS is configured to generate the at least one header information including the plurality of information corresponding to the text message service. In this scenario, the BTAS gathers the plurality of information associated with the text message service from the network, the UE A, and the UE B to generate the at least one information header. Now suppose, a text forwarding service has been activated by the user of the UE B. In this case, the plurality of information gathered by the BTAS to generate the at least one information header includes the WLN-history-information (e.g., the contact number of the UE A, the contact number selected by the UE A, i.e., the contact number of the UE B, the modified number associated with the UE B, the BTAS service opted by the UE B, and the like) and the ENT-history-information (e.g., the location based service associated with the UE B). Further, the BTAS may generate the plurality of information based on real-time data preset in a form of routing tables. The real-time data includes routing information associated with a plurality of UEs associated with a plurality of users.
[077] Further, at step 408, the at least one information header may be transmitted to the LIM system and the one or more network components (e.g., the P-CSCF 312, S-CSCF-314, etc.). The at least one information header is transmitted to the LIM system to perform the lawful interception of the at least one service associated with the at least one UE in the network 104. Further, the at least one information header is transmitted to the one or more components to provide the at least one service to the UE based on the at least one service request. In some embodiment, the one or more network components uses the generated at least one information header for transmitting the text message associated with the UE A to an appropriate contact number, e.g., the modified contact number associated with the UE B. In an embodiment, the SIP messages exchanged between the UE and the proxy server (or an application server) are extracted by the LIM system to perform the lawful interception corresponding to the UE. The SIP messages generated by the UE do not contain the detailed information and are less tailored to the lawful interception needs of the LIM system associated with a specific LEA Whereas, in the present invention, the at least one information header is generated based on the plurality of information associated with the UE by the BTAS. Further, the BTAS transmits the at least one information header to the LIM system. The at least one information header generated by the BTAS contains detailed information corresponding to the at least one service associated with the UE that is tailored for performing the lawful interception.
[078] In an embodiment, the lawful inspection of data flow associated with the at least one service may be performed. The lawful inspection is performed based on the at least one information header. In order to perform the lawful inspection, the at least one information header is decoded to access the plurality of information within the at least one information header. In an embodiment, the plurality of information is decoded using the one or more decoding algorithms corresponding to the one or more encryption algorithms. Examples of the one or more decoding algorithms may include, the AES decoding algorithm, the RSA decoding algorithm, the ECC decoding algorithm, and the like. As already known to the person skilled in art, the lawful interception is the security process in which intercepted telecommunications including the telephone calls, the text messages, the electronic mails (emails) traffic, and the internet traffic corresponding to the UE is collected and provided to the LIM system. The LIM system may be associated with the LEA. The LEA may use the collected intercepted telecommunications to perform the lawful inspection of the services (i.e., the at least one services) using the LIM system.
[079] FIG. 5 illustrates an exemplary computer system 500 in which or with which embodiments of the present disclosure may be implemented. As shown in FIG. 5, the computer system 500 may include an external storage device 510, a bus 520, a main memory 530, a read-only memory 540, a mass storage device 550, communication port(s) 560, and a processor 570. A person skilled in the art will appreciate that the computer system 500 may include more than one processor and communication ports. The processor 570 may include various modules associated with embodiments of the present disclosure. The communication port(s) 560 may be any of an RS-232 port for use with a modem-based dialup connection, a 10/100 Ethernet port, a Gigabit or 10 Gigabit port using copper or fiber, a serial port, a parallel port, or other existing or future ports. The communication port(s) 560 may be chosen depending on a network, such a Local Area Network (LAN), Wide Area Network (WAN), or any network to which the computer system 500 connects.
[080] The main memory 530 may be random access memory (RAM), or any other dynamic storage device commonly known in the art. The read-only memory 540 may be any static storage device(s) e.g., but not limited to, a Programmable Read Only Memory (PROM) chips for storing static information e.g., start-up or Basic Input/Output System (BIOS) instructions for the processor 570. The mass storage device 550 may be any current or future mass storage solution, which can be used to store information and/or instructions. The mass storage device 550 includes, but is not limited to, Parallel Advanced Technology Attachment (PATA) or Serial Advanced Technology Attachment (SATA) hard disk drives or solid-state drives (internal or external, e.g., having Universal Serial Bus (USB) and/or Firewire interfaces), one or more optical discs, a Redundant Array of Independent Disks (RAID) storage, e.g. an array of disks.
[081] The bus 520 communicatively couples the processor 570 with the other memory, storage, and communication blocks. The bus 520 may be, e.g. a Peripheral Component Interconnect (PCI)/PCI Extended (PCI-X) bus, Small Computer System Interface (SCSI), Universal Serial Bus (USB), or the like, for connecting expansion cards, drives, and other subsystems as well as other buses, such a front side bus (FSB), which connects the processor 570 to the computer system 500.
[082] Optionally, operator and administrative interfaces, e.g. a display, keyboard, joystick, and a cursor control device, may also be coupled to the bus 520 to support direct operator interaction with the computer system 500. Other operator and administrative interfaces can be provided through network connections connected through the communication port(s) 560. Components described above are meant only to exemplify various possibilities. In no way should the aforementioned exemplary computer system 500 limit the scope of the present disclosure.
[083] While the foregoing describes various embodiments of the invention, other and further embodiments of the invention may be devised without departing from the basic scope thereof. The scope of the invention is determined by the claims that follow. The invention is not limited to the described embodiments, versions or examples, which are included to enable a person having ordinary skill in the art to make and use the invention when combined with information and knowledge available to the person having ordinary skill in the art.
[084] The method and system of the present disclosure may be implemented in a number of ways. For example, the methods and systems of the present disclosure may be implemented by software, hardware, firmware, or any combination of software, hardware, and firmware. The above-described order for the steps of the method is for illustration only, and the steps of the method of the present disclosure are not limited to the order specifically described above unless specifically stated otherwise. Further, in some embodiments, the present disclosure may also be embodied as programs recorded in a recording medium, the programs including machine-readable instructions for implementing the methods according to the present disclosure. Thus, the present disclosure also covers a recording medium storing a program for executing the method according to the present disclosure.
[085] While considerable emphasis has been placed herein on the preferred embodiments, it will be appreciated that many embodiments can be made and that many changes can be made in the preferred embodiments without departing from the principles of the disclosure. These and other changes in the preferred embodiments of the disclosure will be apparent to those skilled in the art from the disclosure herein, whereby it is to be distinctly understood that the foregoing descriptive matter is to be implemented merely as illustrative of the disclosure and not as a limitation.
[086] The present disclosure provides technical advancement related to lawful interception for managing services in the network. This advancement addresses the limitations of existing solutions by generating customized information headers (i.e., the least one information header) to fulfil the lawful interception requirement of the network. In addition, the present disclosure supports decoding the generated customized information headers at a LIM system. The present disclosure facilitates compliance of all deployed non-standard forwarding services with lawful interception related regulatory requirements for the lawful interception, data protection, and privacy, thereby avoiding legal risks and penalties. The present disclosure provides flexibility in simultaneously providing the lawful interception related regulatory requirements for different non-standard forwarding services provided by the BTAS.
ADVANTAGES OF THE PRESENT DISCLOSURE
[087] The present disclosure provides a method and a system for performing a lawful interception for managing services in a network.
[088] The present disclosure provides a customized lawful interception support for different services (e.g., non-standard forwarding services) offered by a Business Telecom Application Server (BTAS).
[089] The present disclosure provides a support to LIM systems associated with LEAs for performing the lawful interception using information within customizable headers (i.e., at least one information header).
[090] The present disclosure facilitates compliance of all deployed non-standard forwarding services with regulatory requirements for the lawful interception, data protection, and privacy, thereby avoiding legal risks and penalties.

,CLAIMS:Claims
We claim:
1. A method (400) for performing a lawful interception for managing services in a network (106), wherein the method (400) comprising:
receiving (402), by a Business Telecom Application Server (BTAS), at least one service request corresponding to at least one service associated with at least one User Equipment (UE);
dynamically generating (404), by the BTAS, at least one information header comprising a plurality of information corresponding to the at least one service associated with at least one UE; and
transmitting (406), by the BTAS, the at least one information header comprising the plurality of information to at least one of a Lawful Interception and Monitoring (LIM) system and one or more network components, wherein the LIM system is configured to perform the lawful interception corresponding to the at least one service associated with the at least one UE in the network (106) based on the at least one information header, and the one or more network components are configured to provide the at least one service based on the at least one service request and the at least one information header.

2. The method (400) as claimed in claim 1, wherein the at least one information header is a customizable header comprising the plurality of information corresponding to the at least one service.

3. The method (400) as claimed in claim 1, further comprising:
encoding, by the BTAS, the plurality of information within the at least one information header associated with the at least one service.

4. The method (400) as claimed in claim 1, wherein the plurality of information within the at least one information header is decoded by at least one of the LIM system and the one or more network components.

5. The method (400) as claimed in claim 1, wherein the plurality of information comprises a Wireless Local Network (WLN)- history- information and an Enterprise (ENT)-history-information.

6. The method (400) as claimed in claim 5, wherein the BTAS is configured to append the ENT-history-information in a Session Initiation Protocol (SIP) message after sending an invite request to a proxy server for initiating the at least one service.

7. A system (108) for performing a lawful interception for managing services in a network (106), wherein the system (108) comprising:
a memory (202); and
a processing unit (206) coupled to the memory (202), configured to:
receive (402) at least one service request corresponding to at least one service associated with at least one User Equipment (UE);
dynamically generate (404) at least one information header comprising a plurality of information corresponding to the at least one service associated with at least one UE; and
transmit (406) the at least one information header comprising the plurality of information to at least one of a Lawful Interception and Monitoring (LIM) system and one or more network components, wherein the LIM system is configured to perform the lawful interception corresponding to the at least one service associated with the at least one UE in the network (106) based on the at least one information header, and the one or more network components are configured to provide the at least one service based on the at least one service request and the at least one information header.

8. The system (108) as claimed in claim 7, wherein the at least one information header is a customizable header comprising the plurality of information corresponding to the at least one service.

9. The system (108) as claimed in claim 7, wherein the processing unit (206) is configured to:
encode the plurality of information within the at least one information header associated with the at least one service.

10. The system (108) as claimed in claim 7, wherein the plurality of information within the at least one information header is decoded by at least one of the LIM system and the one or more network components.

11. The system (108) as claimed in claim 7, wherein the plurality of information comprises a Wireless Local Network (WLN)-history-information and an Enterprise (ENT)-history-information.

12. The system (108) as claimed in claim 11, wherein the BTAS is configured to append the ENT-history-information in a Session Initiation Protocol (SIP) message after sending an invite request to a proxy server for initiating the at least one service.

13. A user equipment (UE) communicatively coupled with a network (106), the coupling comprises steps of:
receiving, by the network (106), a connection request from the UE;
sending, by the network (106), an acknowledgment of the connection request to the UE; and
transmitting a plurality of signals in response to the connection request, wherein based on the connection request, a lawful interception for managing services within the network (106) is performed by the method (400) as claimed in claim 1.