DiLIMS is a Lawful Interception Management System. It provides services to Network Operators, Law Enforcement Agencies (LEA) and Authorization Authorities (AA). Due to flexible architecture of DiLIMS, any vendor network element can be adapted easily.
Lawful interception (LI) is obtaining network communication data in accordance with the rules of lawful authority for the purpose of analysis. Such data generally contains interception related information (calls, locations and network attachments etc...) and content of communication (SMS messages, voice, video and Internet browsing etc...).
General Network Arrangements for Interception (ETSI)
In general, operators of public network infrastructure can undertake LI activities for national security and crime prevention purposes. Operators of network infrastructures has obligation to maintain LI capabilities within their own networks unless otherwise prohibited.
The foundation of LI is the interception of telecommunications by law enforcement agencies, regulatory agencies, administrative agencies, and intelligence services, in accordance with local law. Under some legal systems, implementations may require due process and receiving proper authorization from authorities, an activity that was formerly known as "wiretapping" and has existed since the inception of electronic communications.
Many countries have LI capability requirements and follow standards developed by the European Telecommunications Standards Institute (ETSI) and 3rd Generation Partnership Project (3GPP). To ensure systematic procedures for carrying out interception, while also lowering costs of interception solutions, industry groups and government agencies worldwide have attempted to standardize the technical processes behind lawful interception. ETSI, has been a major driver in lawful interception standards not only for Europe, but worldwide.
The commonly used LI architecture is divided into three stages:
Functional units in LI system
Lawfull Interception may target two types of data:
Voice, video or text message contents. Information exchanged between two or more users of a telecommunications service, excluding Intercept Related Information. This includes information which may, as part of some telecommunications service, be stored by one user for subsequent retrieval by another. For CS network, CC is delivered over standard PCM links. On the other hand, for PS network it can be delivered either as a stream of IP packets with a special correlation header, or as files over FTP.
IRI consists of information about the targeted communication itself. It contains signaling information, source and destination (telephone numbers, IP or MAC addresses, etc.), frequency, duration, time and date of communications. On mobile networks, it may also be possible to trace the geographical origin of the call or location of the targeted subscriber.
Lawful Interception is required in most countries by local authorities to meet regulatory compliance and to prevent and investigate serious crimes. Lawful Interception feature provides the authority via an operator a mechanism for monitoring connection contents and/or connection-related information of network subscribers' calls (voice, video), events (SMS, location update, and etc…) and sessions (GPRS, IMS, and etc...) to fulfill these requirements. Reports containing connection-related information, called IRI(Interception Related Information) are generated and/or connection contents, called CC (Content of Communication) are produced on different recording channels.
DiLIMS provides Lawful Interception management, delivery and mediation functions for Circuit Switch Networks, IMS Networks and Mobile Packet Core Networks. It is a fully functional Lawful Interception Management System that satisfies ETSI handover requirements.
DiLIMS Solution is enhanced from multiple deployments and has matured over time. It is an excellent fit for telecommunication providers operating with any type of vendors’ core network elements (Soft Switches, LIGs, HLRs, Media Gateways, Session Border Controllers and etc...).
DiLIMS supports a large number of Circuit Switch, Packet Switch, Voice and Mobile data use cases, such as strong authentication, alarms, business intelligence and management.
The solution has proven to be easy to adapt to new networks and use cases with a full match rate of IRI and CC combination. DiLIMS Architecture is depicted below.
DiLIMS Architecture
DiLIMS Administrator function has a SOAP Interface to access from North Bound. SOAP interface is used for main interception tasks, such as activation, deactivation and search. For the South Bound interface, DiLIMS supports Telnet/SSH, HTTP/HTTPS interfaces, depending on network element capabilities.
DiLIMS Interface Diagram
DiLIMS is fully compliant with 3GPP and ETSI Lawful Interception standards.
HI1 is the management and control interface. It encompasses web interface between LEMF and DiLIMS Administration Function.
HI2 is the ETSI specified handover interface for IRI transfer. IRI is sent from the Lawful Interception System to LEA. DiLIMS supports both TCP and FTP as transport protocol.
HI3 is the ETSI specified handover interface for CC transfer. DiLIMS supports TCP, UDP and FTP as transport protocol.
For X1, DiLIMS supports CLI(MML), SOAP, TCP, and GRPC protocols.
For X2 and X3, DiLIMS supports TCP, UDP and FTP protocols.
DiLIMS also supports IPSEC for IP Layer security and TLS-1.3 for Transport Layer security.