After the terrorist attacks in Mumbai on 26/11, the Indian government realized the urgent need for strengthening its apparatus for centralized monitoring of all types of communications network and preventing the misuse of such systems. The current rules of DoT define such deployments of monitoring solutions at the edge of the licensed operators' networks that give lawful access to Indian security agencies. This has left the discretion of purchase of such lawful monitoring solutions complying with TEC GRs in the hands of the licensed operators which are finally approved by DoT. Such a policy has led to the deployment of a variety of proprietary technical solutions-largely from Israeli suppliers-where the Indian security agencies are faced with the challenge of co-relating and coordinating on outputs of such assortment of technical solutions deployed across India.
Additionally, the Indian government is also very concerned with the reported loss of its revenue on account of under-reporting of actual revenues by licensed operators to reduce their tax burden. This has compelled the government to undertake independent audit of various operators' books of account, recently.
Till the opening of the Indian telecom market in the 90s, national telecommunications was largely based on fixed line network-a turf that was solely operated by DoT through BSNL/MTNL which deployed a variety of telecom switches procured under tender process on its fixed line networks. Mid 90s saw the opening of telecom operations to private players and the emergence of wireless communications which led to a deployment of many new switches. Today, India has an assorted network of a variety of telecom switches originating from various manufacturers as also a rapidly growing IP network-all of which do not have the interface available for deployment of lawful monitoring solutions, as it is the need of security agencies today.
Hence, the challenge is to synchronize the lawful monitoring outputs gathered across (a) various switches (b) deployed on various networks-TDM, cable, or IP, wireline or wireless (c) of various operators (d) from various lawful monitoring platforms deployed across India.
The above challenge can only be met through the active involvement of the following:
All security agencies
All licensed operators along with their suppliers of switches and lawful monitoring solutions
Experts from telecom, broadband, IT, and legal arenas. The process of establishing a centralized lawful monitoring network requires the setting up of an administrative process as also proper technical direction for its successful implementation in a manner where it covers all means of communication as listed below:
Administrative Process
Since a technically powerful lawful monitoring setup is prone to misuse and can seriously compromise the privacy of individuals by the state machinery, it is necessary to define an independent central authority for this task that reports, and is accountable only to the President of India. Warrants for lawful monitoring have to be issued by a proper authority prior to tapping of a persons' various means of communications to meet national security requirements. Adequate safeguards should be in place in the system to prevent circumvention of procedure by any user.
All requirements of security agencies for monitoring various means of communications should be conveyed to such a central authority which in turn should moderate such requests in a manner where privacy of an individual is only allowed to be compromised with the sole objective of fulfilling a national security need.
Additionally, a team of technical experts from telecom and IT industry (both from the public and private sector) should be available to the central authority for technically addressing the needs of the security agencies.
The central authority should function through the deployment of state level monitoring centers (say twenty-five to twenty-eight across India) which in turn are linked to four regional monitoring offices across India for redundancy. This will also ensure fool-proof working of all monitoring activities in a legitimate manner, and duly provide audit trails for establishing its ethical use at all levels.
Technical Process
With sincere intentions, DoT has tried to indigenously develop and deploy uniform lawful monitoring platform among Indian ISPs, but this system wherever deployed has not met the national needs. Our ISP network continues to be poorly monitored. At present, a majority of the ISP traffic is monitored only at the international gateways of India. Thus leaving a large chunk of intra-country traffic unmonitored even at NIXI. Additionally, a lot of money has been spent over many years to indigenously develop a voice monitoring solution, but this has still not seen the light of the day. In these circumstances, the Indian government no longer has the luxury of time available with them to experiment and develop such a nationwide TDM and IP monitoring solution de-novo.
For the above task, we need to comb the international markets and shortlist vendors based on their global performance and market standing. We need to globally hunt and shortlist for cutting-edge technical products/features that support centralized operations for monitoring both TDM and IP in a converged manner. The sole merit for consideration should be to attain uniform deployment across India for monitoring all means of communications.
Legacy deployments made by licensed operators to meet regulatory requirements need to be fully utilized for building a centralized lawful monitoring solution. This involves getting all licensed operators, their suppliers of switches and lawful monitoring solutions to be brought together to address this national need. Since all current deployments of lawful monitoring are required to be ETSI compliant, their outputs have to be made available to a centralized monitoring center in a uniform standard based format for aggregation, correlation, and forensic processing. Those switches/solutions whose lawful monitoring outputs cannot be integrated into a central system will necessarily have to use passive probes for monitoring or dumped in case passive monitoring becomes too expensive.
At the first stage, it would be best to deploy centralized lawful monitoring for all wireless operators (GSM/CDMA) since their switch deployments post 1995 are already meeting lawful monitoring requirements as per TEC GRs. This exercise can be completed within one year. Within six months of commencing the above, all ILD operators should also be advised to gear-up for providing their lawful monitoring platform outputs in a uniform standard based format for aggregation, correlation and forensic processing. At the same time, fixed line network of BSNL and MTNL should be enabled for 100% monitoring, based on deployment of uniform passive probes, wherever required. This exercise should be completed in the second year.
All satellite means of communications should also be brought under the ambit of centralized lawful monitoring towards the end of second year.
Shortlisting Solution
Internationally sourced technical solutions for lawful monitoring that can fully meet national needs should only be shortlisted for deployment on an all India basis provided they observe certain standards.
They should strongly support central management with administrative intercepts being possible from one server with several terminals at low operational cost. This should be capable of providing a central overview, control, and logging in of all LI actions.
Even while operable across multiple networks, targets should preferably be intercepted in their home network.
Solution should support multiple vendors' switches with IOT tested with each switch vendor.
It should support multiple services that enables monitoring of any telecom service (GSM, GPRS, WCDMA, CDMA, 3G, LTE, PSTN, IP, etc).It should be capable of integrating with existing remotely located LI systems of third parties. Also, be capable of integrating with outsourced business models procured from trusted third parties.
It should be fully compliant to ETSI and TEC defined standards yet simple enough to operate where LI operator is not required to know any technical details. At the same time the platform should be highly secure that prevents its misuse.
Segregation of data and logs of multiple LEAs where each LEA manages its own intercepts, protected against access by other LEAs is important. It should be capable of verification of target activation and automatic deletion of 'false targets'.
Consistency check for each network element, even 'behind' remote LI management systems and capability of defining a list of target IDs blocked from interception are of significance too.
Architecture should be fully modular and scalable with disaster proof operability of the rest of the network even when some other part of it becomes dysfunctional for any reason.
Additionally, other basics requirements should not be ignored too.
OS for IP probes for such a platform should be based on open standards. Mediation and lawful interception monitoring solution (LIMS) back-end should comprise with the standards, commercial off-the-shelf hardware that is widely available.Source code for deployed software-even when imported should be available from national sources-under safe custody of a custodian third party in an escrow account.
Technology should not permit any kind of overseas remote access.
Encryption should be sourced locally. Back-end network connecting the remote points of interception to the central node should be completely secure and isolated from operators' commercial networks.
While deploying a centralized lawful monitoring solution, full emphasis should be given to building a very secure carrier grade data retention solution that has these key features:
Collects communications data (CDR, IPDR) and subscriber data from any telecommunications network
; retains large amounts of data in a powerful and secure data warehouse
; provides fast search and analytics in billions of data records
;automates request processing and delivers data to authorized agencies by fax, email, or secure IP interfaces.
If the data captured and stored is not processed and used timely by the Indian LEAs for national security, it can defeat the whole purpose of deploying a centralized lawful monitoring solution.
Given the multiple means of communications that are available from various operators across India, and the growing security environment requirements due to terrorist activities, a centralized lawful monitoring solution as an umbrella system has become a national need that can no longer be debated. Such a system needs to be made operational at the earliest using time tested global technologies. We do not have the luxury of time at hand to go about building such a system from our available national resources which lacks interfaces to all available switches presently deployed across India.
Lalit K Chandak, President, Span Telecom
vadmail@cybermedia.co.in