Product Manager – DataBridge Lawful Intercept, BAE Systems Digital Intelligence
30 Nov 2020
The coming 5G revolution is poised to carve open exciting new opportunities for people, businesses and society – but many security challenges remain. Matthew Meacham examines its impact on lawful interception
Can you imagine life without your phone? For me, and much to my occasional guilt, it’s pretty much by my side from dawn to dusk. It is simply inescapable.
Modern life would be far harder without it – at least that’s what goes through my mind as I find myself scrolling through different apps when I could be reading a book or doing something else. Phones, though, are far more than just our doorway into an online world. The communications data they send can often be used as critical evidence against criminals, which is where Lawful Interception (LI) comes in.
As an obligatory part of telecommunication regulatory compliance, LI has a crucial role to play in protecting the public by enabling Communications Service Providers (CSPs) to share real time communications content and metadata for investigatory purposes. Regulated by law, such interception data forms a key element in national efforts to monitor threats, detect and deter crimes and prosecute criminals.
The fast-approaching 5G revolution brings with it the promise of exciting new advances but also means that LI itself needs to evolve in order to remain fit for purpose. So, what are the challenges faced in doing this?
Facing up to 5G
As I’ve written elsewhere, “5G” stands for the fifth generation technology standard for mobile networks. It has been designed to cater for the very large growth in data and connectivity of today’s society, including advances such as the Internet of Things and Edge computing.
Irrespective of 5G’s pending arrival, LI is a critical service for all licenced CSPs. There are more operators coming into the market but all of them have this obligation which means that interception isn’t going away any time soon.
However the regulatory obligation to provide law enforcement with access to and visibility of targeted users communication content, runs directly into the greater privacy that 5G offers its users. What 5G does better than its predecessor technologies is protect the anonymity of the end user within both the radio and core networks.
This is achieved by enforcing identity concealment on the radio interface and encryption within the 5G core; readily available radio monitoring capabilities can no longer snoop on attributable identifiers and network administrators can no longer peer into traffic as it passes through network infrastructure. A mobile network operator will also not be able to access subscriber data of the virtual operators it hosts as each of them will have their own protections for their own subscribers.
This is where LI products – including our very own DataBridge offering – come in by offering LI capability to fixed, mobile and satellite communication networks and ensuring that CSPs can meet their regulatory compliance demands.
How network operators are deploying 5G
When understanding the impact of 5G on all things LI, it’s useful to track the progress of this technology so far. Its first phase predominately focused on 5G radio and enhanced mobile broadband providing 5G data to mobile devices.
This year, the second phase of 5G has come to fruition and this promises more features and greater interoperability. We’ve seen the market focus on this as the platform to deliver 5G standalone technology. Phase 3, scheduled for 2021, goes a lot further and brings on board many of the long-anticipated 5G features such as edge computing, as well as more LI integration points which are required to support these new services.
Until now, the 5G market has seen a slow evolution with very few CSPs going for a full 5G Stand Alone core This is perhaps unsurprising since each operator has their own buying cycles and where they are deploying 5G standalone they have had to invest in the radio, the core and the optical transport simultaneously.
The 5G LI evolution
It’s already clear that LI will have to change in some form in order to keep up with the encroaching spread of 5G, but the question is how? There are clearly a number of paths for the evolution of LI architecture to take – but within these paths some clear boundaries to stay within.
Take the principles of cloud security, for example. The requirements set out in the telecoms standards and the best practices adopted for cloud hosting are completely different to how an LI systems would have previously been secured if you have today a monolithic software architecture which achieve security through network and hardware isolation. Baking these new security requirements into existing software that isn’t cloud-native by design will likely prove both expensive and constraining.
This helps explain the need for what we call “5G LI Multi Mode Support”. In the short and medium term, the operator is still going to have an obligation to maintain existing LI coverage on their legacy network functions. At the same time, any new LI capability will be required to provide close integration with 5GC Stand Alone network functions.
5G offers the opportunity to re-design LI services for the future but legacy services will not be switched off overnight and a significant period of overlap should be expected. Evolution of the LI architecture needs to take this into account but focus only on the end goal of full LI automation within a zero touch 5GC and you’re likely to end up running two distinct LI platforms with twice the operation for many years. Alternatively if try and shoehorn 5G functionality into 10 year technology stack and you’ll quickly back yourself into a technical cul-de-sac.
When it comes to something as complex and demanding as LI it can be tempting to focus purely on daily challenges. But when deploying LI solutions for 5G networks, it’s important that attention is paid not only to the current requirement but also a view is taken on the specific CSP’s technology roadmap and also a general appreciation of 5G technologies future direction.
This seismic change provides a great opportunity to refresh, renew and rationalise LI technology but it also requires greater focus on close interoperability between the LI functions and the CSP network functions, as well as a deeper understanding of the mobile network architecture that had previously been required.
Get it right, though, and both the mobile user and law enforcement agencies stand to benefit.
About the author
Matthew Meacham is a Product Manager – DataBridge Lawful Intercept, at BAE Systems Applied Intelligence
The coming surge in serverless. ‘Serverless’ is far more than just the latest tech buzzword, says Chris Hesketh. It actually represents a new way of working that can deliver efficiency, cost savings and agility