KR102191362B1 - Method and apparatus for lawful interception for device supporting device to device communication - Google Patents

Abstract

Disclosed is a method and apparatus for legitimate interception of a terminal supporting terminal-to-terminal communication. After activating the interception operation, the terminal to be intercepted stores information transmitted/received with the other terminal through inter-terminal communication, and transmits an interception report including the stored information.

Description

[Method and apparatus for lawful interception for device supporting device to device communication]

The present invention relates to a method and apparatus for legitimate interception of a terminal supporting terminal-to-terminal communication, and more particularly, a method performed between a network and a terminal to collect communication contents of a terminal that performs terminal-to-terminal communication It is about.

Recently, a device to device service (D2D service) has emerged that transmits and receives signals and data directly between terminals (devices) without going through a network entity such as a base station.

A terminal supporting the D2D service acquires synchronization with a neighboring terminal and then discovers a neighboring terminal using a preset time point and resource. Thereafter, the terminal may initiate D2D communication by obtaining device information of the discovered nearby terminal. Here, the device information may include identification information of nearby terminals, interest, and application program information. In addition, when a terminal supporting a D2D service interworks with a base station, time and resource information is set from the base station, and the neighboring terminal can be searched accordingly.

On the other hand, legal interception (LI) refers to a legally binding agency that legally collects the communication contents of the person to be communicated with for the purpose of collecting and grasping information for the public interest, arrest of criminals, and other various reasons. Currently, in most countries legal wiretapping is stipulated by law, and when a national wiretapping agency requests such a legal wiretapping, the telecommunications service provider is obligated to provide a legal wiretapping function. Collects data or voice classified into CC (Content of Communication) and IRI (Interception Related Information).

In North America, legal wiretapping is regulated through a provision called the Communications Assistance for Law Enforcement Act (CALEA). In addition, in recent years, there is a trend to force legal interception of data communication services such as VoIP (Voice over Internet Protocol) as well as voice communication services through mobile communication networks.

In the LTE (Long Term Evolution) system, data and voice are transmitted by communication between a user equipment (UE) and an evolved packet core (EPC). Therefore, for legitimate eavesdropping on the terminal, the LEMF (Law Enforcement Monitoring Facility) of the eavesdropping agency can perform eavesdropping by taking over information from an entity (e.g., P-GW) located at the end of the LTE operator's network.

However, in the case of D2D communication, since the terminal does not use the network of the communication service provider, the conventional wiretapping technique cannot be applied as it is. In addition, since distortion such as deformation and omission of information may occur in the terminal, a technology for preventing this is required.

The technical problem to be achieved by the present invention is to provide a method for enabling legitimate interception of terminal-to-terminal communication.

An embodiment of the present invention for achieving the above technical problem is an interception report method of a terminal performing inter-terminal communication, comprising: activating an interception operation; Storing information transmitted/received to/from a counterpart terminal through communication between the terminals; And transmitting an interception report including the stored information.

An embodiment of the present invention for achieving the above technical problem is an interception report method of a terminal performing inter-terminal communication, comprising the steps of: transmitting a resource allocation request for inter-terminal communication with a counterpart terminal to a network; Receiving an interception report command from the network to simultaneously connect a path for communication between the terminals and a path between the terminal and the network; And transmitting data for communication between the terminals to the counterpart terminal and the network.

An embodiment of the present invention for achieving the above technical problem is a method of intercepting a base station for a terminal performing inter-terminal communication, the method comprising: receiving an interception start command for the terminal from a core network; Receiving a resource allocation request for communication between the terminals from the terminal; Transmitting an interception report command to the terminal to set the transmission power of the terminal to a level capable of interception; Allocating resources for communication between the terminals to the terminal; Overhearing, by the terminal, data transmitted to the counterpart terminal through the communication between the terminals; And transmitting an interception report to the core network.

An embodiment of the present invention for achieving the above technical problem is a method of intercepting a base station for a terminal performing inter-terminal communication, the method comprising: receiving an interception start command for the terminal from a core network; Receiving a resource allocation request for communication between the terminals from the terminal; Transmitting an interception report command to simultaneously connect a path for communication between the terminals and a path between the terminal and the network to the terminal; And receiving data for communication between the terminals from the terminal.

An embodiment of the present invention for achieving the above technical problem is a method of intercepting a proxy terminal with respect to a target terminal performing inter-terminal communication, receiving search-related information for intercepting the target terminal from the core network. step; Checking a search signal of the target terminal based on the search related information; Locking-on the target terminal; And acquiring information generated in communication between terminals of the target terminal.

An embodiment of the present invention for achieving the above technical problem is an interception method of an interception apparatus for a target terminal performing inter-terminal communication, comprising: performing authentication for interception on a core network to which the target terminal belongs; Receiving information on the target terminal from the core network; Transmitting an interception start command to the core network based on the information of the target terminal; And receiving an interception report including interception data for the target terminal.

An embodiment of the present invention for achieving the above technical problem is an interception report device of a terminal performing communication between terminals, comprising: a transmission/reception unit for transmitting and receiving signals and data with a network; And a control unit for activating an interception operation, storing information transmitted/received to/from the counterpart terminal through communication between the terminals, and controlling to transmit an interception report including the stored information.

An embodiment of the present invention for achieving the above technical problem is an interception report device of a terminal performing communication between terminals, comprising: a transmission/reception unit for transmitting and receiving signals and data with a network; And transmitting a resource allocation request for communication between terminals with a counterpart terminal to a network, and receiving an interception report command to simultaneously connect a path for communication between the terminals and a path between the terminal and the network from the network, and the And a control unit for controlling transmission of data for communication between terminals to the counterpart terminal and the network.

An embodiment of the present invention for achieving the above technical problem is an interception apparatus of a base station for a terminal for performing communication between terminals, comprising: a transceiver for transmitting and receiving signals and data with the terminal; An interface unit for transmitting and receiving signals and networks with the core network; And an interception report command for receiving an interception initiation command for the terminal from the core network, receiving a resource allocation request for inter-terminal communication from the terminal, and setting the transmit power of the terminal to a level capable of interception. To the terminal, allocating resources for the inter-terminal communication to the terminal, overhearing the data transmitted by the terminal to the counterpart terminal by the inter-terminal communication, and interception report to the core network It includes; a control unit for controlling to transmit.

An embodiment of the present invention for achieving the above technical problem is an interception apparatus of a base station for a terminal performing inter-terminal communication, comprising: a transceiver for transmitting and receiving signals and data with the terminal; An interface unit for transmitting and receiving signals and networks with the core network; And receiving an interception initiation command for the terminal from the core network, receiving a resource allocation request for communication between the terminals from the terminal, and providing a path for communication between the terminals and a path between the terminal and the network to the terminal. And a control unit that transmits an interception report command for simultaneous connection, and controls to receive data for communication between the terminals from the terminal.

An embodiment of the present invention for achieving the above technical problem is an interception apparatus of a proxy terminal for a target terminal performing inter-terminal communication, and a transceiver for transmitting and receiving signals and data to and from the target terminal through communication between the terminals ; And receiving search-related information for interception of the target terminal from the core network, checking a search signal of the target terminal based on the search-related information, locking-on the target terminal, and It includes; a control unit for obtaining information generated in the communication between the terminals of the target terminal.

An embodiment of the present invention for achieving the above technical problem is an interception apparatus for performing interception on a target terminal performing inter-terminal communication, comprising: an interface unit for transmitting and receiving signals and data with a core network to which the target terminal belongs; And performing authentication for interception with respect to the core network, receiving information of the target terminal from the core network, transmitting an interception initiation command to the core network based on the information of the target terminal, and transmitting a command to the target terminal. It includes; a control unit for controlling to receive an interception report including interception data for.

According to the method and apparatus for legitimate interception of a terminal supporting terminal-to-terminal communication according to the present invention, the terminal can obtain information transmitted and received in communication between terminals that do not transmit data through a network entity.

1 is a diagram for explaining a conventional legal interception process;
2A is a diagram showing an embodiment of a system architecture to which the present invention is applicable;
2B is a diagram showing another embodiment of a system architecture to which the present invention is applicable;
3 is a view for explaining a tapping process according to the first and second embodiments of the present invention;
4 is a flow chart showing an interception process according to the first embodiment of the present invention;
5 is a flow chart showing an interception process according to a second embodiment of the present invention;
6 is a view for explaining a tapping process according to the third and fourth embodiments of the present invention;
7 is a flowchart showing a process of interception of a proxy terminal according to a third embodiment of the present invention;
8 is a flowchart illustrating a process of interception of a proxy terminal according to a fourth embodiment of the present invention;
9 is a diagram showing another embodiment in which a proxy terminal is selected in the third and fourth embodiments of the present invention;
10 is a diagram for explaining an interception process according to a fifth embodiment of the present invention;
11 is a flow chart showing an interception process according to a fifth embodiment of the present invention;
12 is a diagram showing a configuration of a terminal according to a sixth embodiment of the present invention;
13 is a flow chart showing an interception process according to a seventh embodiment of the present invention;
14 is a diagram showing a configuration of a base station according to an embodiment of the present invention;
15 is a diagram showing the configuration of a monitoring device of a monitoring engine according to an embodiment of the present invention
16 is a diagram showing the configuration of a proxy terminal according to an embodiment of the present invention, and,
17 is a diagram showing the configuration of a monitoring device of a monitoring engine according to an embodiment of the present invention.

Hereinafter, preferred embodiments of the present invention will be described with reference to the accompanying drawings. Further, in describing the present invention, when it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description thereof will be omitted. This is to more clearly convey the gist of the present invention by omitting unnecessary description.

For the same reason, some components in the accompanying drawings are exaggerated, omitted, or schematically illustrated. In addition, the size of each component does not fully reflect the actual size. The same reference numerals are assigned to the same or corresponding components in each drawing.

In addition, in describing the embodiments of the present invention in detail, an LTE system and an LTE-Advanced (LTE-A) system will be described as an example, but the main subject of the present invention is that the present invention is applied to other communication systems in which similar technologies are implemented. It can be applied with slight modifications within the range not significantly departing from the scope of the invention, which will be possible at the judgment of a person skilled in the art of the present invention.

First, prior to describing an embodiment of the present invention, a conventional legal wiretapping technique will be described.

1 is a diagram for explaining a conventional legal wiretapping process.

Referring to FIG. 1, when the target terminal 110 communicates with the other terminal 130 through the base station 120 and the P-GW 140 of the core network, the LEMF 150 of the interception agency -Request the GW 140 or S-GW to collect the communication contents of the intercepted terminal. At this time, when interception setting information for intercepting the communication contents of the interception target terminal 110 according to the interception request of the LEMF 150 is received from the CSCF (Call Session Control Function), the P-GW 140 is the corresponding interception target terminal. The content of communication for 110 is transmitted to the LEMF 150 through the Internet network 160.

However, when the intercepted terminal 110 communicates with the counterpart terminal 130 by D2D communication without going through the network, the LEMF 150 collects the communication contents because the information transmitted between the terminals does not reach the base station 120 Difficult to do.

Therefore, in the present invention, even when the target terminal 110 performs D2D communication, the present invention proposes a method capable of performing legal interception of communication contents.

2A is a diagram showing an embodiment of a system architecture to which the present invention is applicable.

Referring to Figure 2a, each terminal (UE) (200, 210) has a ProSe (Proximity-based Services) application (APP) (201, 211) for D2D communication, the connection between the terminals (200, 210) Is by PC5 interface. In addition, all terminals 200 and 210 have Delivery Functions 202 and 212 for legitimate interception according to the present invention. The delivery function 202 of the eavesdropping target terminal 200 is matched with the delivery function 263 provided at the eavesdropping agency side to have a logical connection relationship. Here, the delivery functions 202 and 212 may be referred to as LI functions.

The access network of the terminals 200 and 210 may be an Evolved Universal Terrestrial Radio Access Network (E-UTRAN) 220 configured with a base station (eNodeB) of an LTE network. In this case, the server and the monitoring device of the LTE network may be configured as a separate operator network or a single operator network. The E-UTRAN 220 is connected to the terminal 200 through an LTE-Uu interface, and communicates with the EPC 230, which is a core network, through an S1 interface.

The EPC 230 initiates interception of the eavesdropping target terminal 200 in response to a request for intercepting communication data from the interception agency. Initiation of interception may be performed by extracting the interception target identification information for the interception target terminal 200 and setting the interception standby state, or by storing the terminal information of the interception target terminal 200 in a separate storage device.

Accordingly, the EPC 230 maintains an interception standby state for the interception target terminal 200, and when the interception target terminal 200 requests inter-terminal communication through the access network 220, the interception target terminal 200 It collects the contents of communication (CC) about and delivers it to the monitoring device.

The ProSe Function 240 manages security, authentication, and related information (eg, discovery code) to support communication and discovery between terminals, and the ProSe App Server 250 is a ProSe Application 201, 211) As a server that operates related information, it can be operated by a third party developer or business operator.

The monitoring agency is equipped with a LEMF 260, and the LEMF 260 is a control unit (Administration Function, ADMF) 261 in charge of overall control of the monitoring process through mediation functions 262 and 264 and related to monitoring. They are respectively connected to a delivery function 263 that transfers various data.

The ADMF 261 performs a legal wiretapping management function, that is, command management for wiretapping, and transfers wiretapping-related control and wiretapping requirements for bearer data to the Delivery Function 263. In addition, the delivery function 263 transmits control data of the intercepted terminal 200 and intercepted bearer data input from the ADMF 261 to the mediation function 264.

Here, the interception-related control data is interception-related information (IRI), and the bearer data is the communication content (CC). The types of legally intercepted information are divided into Content of Communication (CC) and Interception Related Information (IRI), and the content of communication (CC) refers to the content of a clear text call between the subject to be intercepted. Related information (IRI) is communication related information indicating whether a successful call is successful, terminal discovery information, service related information such as customer-specific service profiles, user location information, Layer 2 MAC, PDCP, and Layer 3 IP information, and transmission, It is classified by receiving ID, etc.

FIG. 2B is a diagram showing another embodiment of a system architecture to which the present invention is applicable.

2B, each terminal (UE) has a ProSe (Proximity-based Services) application (APP) 201, 211 for D2D communication, and the connection between the terminals 200 and 210 is performed by a PC5 interface. All. In addition, all the terminals 200 and 210 have LI functions 202 and 212 for legal interception according to the present invention. The LI function 202 of the eavesdropping target terminal 200 is matched with the delivery function 263 provided at the eavesdropping agency side to have a logical connection relationship.

The access network of the terminals 200 and 210 may be an Evolved Universal Terrestrial Radio Access Network (E-UTRAN) 220 configured with a base station (eNodeB) of an LTE network. In this case, the server and the monitoring device of the LTE network may be configured as a separate operator network or a single operator network. The E-UTRAN 220 is connected to the terminal 200 through an LTE-Uu interface, and communicates with the EPC 230, which is a core network, through an S1 interface.

The ProSe Function 240 manages security, authentication, and related information (eg, discovery code) to support communication and discovery between terminals, and the ProSe App Server 250 is a ProSe Application 201, 211) As a server that operates related information, it can be operated by a third party developer or business operator.

The Prose Function initiates interception of the eavesdropping target terminal in response to a request for interception of communication data between terminals from the interception agency. Initiation of interception may be performed by extracting the interception target identification information for the interception target terminal and setting the interception standby state, or by storing the terminal information of the interception target terminal 200 in a separate storage device.

Accordingly, the Prose Function maintains the intercepted standby state for the eavesdropping target terminal 200, and when the intercepted terminal requests communication between terminals through the access network, it collects the communication details (CC) for the intercepted terminal To pass.

The monitoring agency is equipped with a LEMF 260, and the LEMF 260 is a control unit (Administration Function, ADMF) 261 in charge of overall control of the monitoring process through mediation functions 262 and 264 and related to monitoring. They are respectively connected to a delivery function 263 that transfers various data.

The ADMF 261 performs a legal wiretapping management function, that is, command management for wiretapping, and transfers wiretapping-related control and wiretapping requirements for bearer data to the Delivery Function 263. In addition, the delivery function 263 transmits control data of the intercepted terminal 200 and intercepted bearer data input from the ADMF 261 to the mediation function 264.

Here, the interception-related control data is interception-related information (IRI), and the bearer data is the communication content (CC). The types of legally intercepted information are divided into Content of Communication (CC) and Interception Related Information (IRI), and the content of communication (CC) refers to the content of a clear text call between the subject to be intercepted. Related information (IRI) is communication related information indicating whether a successful call is successful, terminal discovery information, service related information such as customer-specific service profiles, user location information, Layer 2 MAC, PDCP, and Layer 3 IP information, and transmission, It is classified by receiving ID, etc.

3 is a diagram for explaining a tapping process according to the first and second embodiments of the present invention.

Referring to FIG. 3, communication content and information related to interception transmitted in the process of performing D2D communication between the target terminal (hereinafter referred to as'target terminal') 310 and the other terminal 320 are the target terminal 310. It is transmitted to the monitoring agency 340 through the connected network entity 330.

4 is a flow chart showing an interception process according to the first embodiment of the present invention.

4, the LEMF 433 of the LEA (Law Enforcement Agency), which is an interception agency, transmits a LI Activation Request to the ADMF 432, which is a control unit, in step 451, and the ADMF 432 requests to initiate interception. Accordingly, in step 452, an authentication process (Authentication, Authorization, Accounting) with the core network EPC 420 is performed, and in step 453, information on the target terminal 410 such as International Mobile Subscriber Identity (IMSI) is obtained. The authentication process and transmission of information from the target terminal may be performed by a Home Subscriber Server (HSS) of the core network 420.

In step 454, the ADMF 432 transmits a LI Activation Command including the information of the target terminal 410 directly to the EPC 420, the Prose Function, or the terminal to intercept the target terminal 410. Command. At this time, the operation may vary depending on the system architecture and the network entity that receives the interception start command. For example, when a mobility management entity (MME) receives the message and is in charge of activation, the MME may perform an operation differently depending on whether the terminal has D2D capability based on the received ID information of the terminal. I can. As one assumption, the UE registers its capability to the MME through the Initial Attach procedure. If the terminal has D2D capability and is currently in D2D operation, the MME prepares an operation for D2D monitoring activation (LI Enable). If necessary, the MME can secure an ID for D2D through communication with the ProSE Function.

If the terminal has only D2D capability and is not in D2D operation, the MME prepares the terminal for D2D LI Enable operation according to an embodiment. Here, the D2D LI Enable operation may be referred to as a D2D LI Activation operation.

Finally, if the UE does not have D2D Capability, as an example, the MME commands LI Enable for the IP packet through communication with the P-GW as the existing operation. As another example, the MME reports that there is no D2D Capability in response, and the ADMF 432 commands the P-GW to LI Activation as the existing operation.

As another example, when the Prose Function receives the LI Activation Message, it prepares LI based on the ProSe ID of the terminal it has. The Prose Function prepares a 3GPP ID through communication with the MME when necessary.

Steps 451 to 454 described above are defined as a'common process for initiating tapping'. In this specification, an embodiment according to an LTE interception operation is described, and a detailed configuration of the interception process may vary according to a system configuration.

Meanwhile, the target terminal 410 activates (Enables or Activates) the interception operation in step 461. As a factor that triggers activation of eavesdropping, there is a method of activating the eavesdropping operation according to the policy since the target terminal 410 downloads or has a policy of an LEA, a country, or an operator first. That is, when a user subscribes to a service provider, a LI-related policy may be implanted in the terminal or delivered to the terminal in an OTA (Over the Air) method.

As another method, there is a method of receiving a LI Activation Command transmitted from an LEA and activating an eavesdropping operation according to a condition included in the message. The LI Activation Command includes configuration information related to monitoring, such as a monitoring range and a monitoring time. According to the above method, the target terminal 410 that has activated the tapping operation is in the LI Enable state. Here, the interception initiation command may be transmitted in different ways or through different network entities according to the system architecture.

According to the system architecture shown in FIG. 2A, for example, an MME receiving an activation command from ADMF 432 transmits a LI Activation Command message to the NAS interface connected to the terminal using the ID of the target terminal. As another example, the MME receiving the ADMF Activation command from the ADMF 432 uses the ID of the target terminal to transmit the LI Activation Command message to the eNB connected to the terminal through the S1 interface, and the eNB delivers it to the terminal through RRC. As another example, the MME receiving the activation command from the ADMF 432 transmits the LI Activation Command to the Prose Function 240 through the PC4 Interface, and the Prose Function 240 is the PC5 Interface connected to the terminal using the ID of the target terminal. LI Activation Command message is delivered to.

According to the system architecture shown in FIG. 2B, the Prose Function 240 receiving the LI command from the ADMF 432 transmits the LI Activation Command message to the PC3 Interface connected to the terminal using the ID of the target terminal.

In some embodiments, the AMDF 432 may directly transmit the LI Activation Command to the terminal using IP Connection.

The target terminal 410 in the interception activated state stores Tx and/or (and/or) Rx information generated in a communication process between terminals in a storage device. At this time, the stored content is based on the pre-configured or commanded operation when tapping is activated. The storage device may include a memory inside the target terminal 410 and an external storage device. Furthermore, no external connection is allowed to the storage device in which the information of communication between terminals is stored, and the stored information cannot be modified accordingly.

As a first embodiment in which the target terminal stores information generated in communication between terminals, the location of the target terminal if the target terminal downloads or has a policy of an LEA, a country, or a business operator, and the interception operation is activated according to the corresponding policy. That is, Tx and/or Rx information of communication between terminals is stored in the storage device regardless of network coverage (In Coverage) or out of coverage area (Out of Coverage).

On the other hand, when the target terminal receives the LI Activation Command message from the AMDF 432, the EPC entity, or the Prose Function 240 and activates the tapping, the method of performing the tapping operation varies according to the location of the target terminal.

As some embodiments in which the target terminal stores information occurring in inter-terminal communication, if the target terminal exists in In coverage, it stores Tx and/or Rx information based on a configuration included in the LI Activation Command message. . On the other hand, as some embodiments in which the target terminal 410 stores information generated in inter-terminal communication, when the target terminal 410 is located in an out of coverage area in step 462, according to the condition of interception activation, as follows: Perform other actions. If the terminal is in the state of being tapped and activated by receiving a LI Activation Command Message from AMDF (432), EPC Entity or Prose Function (240) when the terminal is located in In Coverage, the terminal in Out of Coverage configures the LI Activation Command Message. It stores Tx and/or Rx information according to. On the other hand, if the terminal does not receive the LI Activation Command Message from the AMDF 432, EPC Entity or Prose Function 240 when the terminal is located in coverage, the terminal does not store Tx and/or Rx information. The Tx/Rx information may include the search related information and communication contents described above.

As a method of determining whether the terminal is located in a shadow area, various methods such as RLF declaration of 3GPP LTE exist, and the method of the system to which the terminal is connected may be followed.

Thereafter, the target terminal 410 includes the communication information between terminals stored in the storage device in the LI Report and reports it to the delivery function 431 of the LEA in step 466. At this time, the flow of the interception report message delivered to the delivery function varies according to the system architecture. Detailed explanations are given in the interception reporting process below. Basically, the interception report message is transmitted over the IP network, and can be delivered through another interface (for example, NAS, etc.) depending on the capacity of the message or other conditions. The LEMF 433 completes the interception by receiving the interception report of the target terminal 410 through the Delivery Function 310 in step 467.

As a method for the target terminal 410 to initiate an interception report, various embodiments are possible as follows.

First, there is a method of reporting according to the policy since the target terminal 410 downloads or has a policy of an LEA, a country, or an operator in advance. For example, when the target terminal 410 is located in a shaded area and returns to network coverage as in step 464, it may immediately report stored communication information between terminals. As another example, the target terminal 410 may initiate an interception report when the stored communication information between terminals exceeds a certain amount. In addition, the interception report message can be transmitted according to a certain period of time.

As another method, there is a method of receiving a LI Report Command transmitted from the EPC 420 and activating an interception operation according to a condition included in the message. For interception reporting according to an embodiment proposed by the present invention, the EPC 420 performs an interception report operation differently according to the communication being performed by the target terminal 410. If the target terminal 410 does not have D2D Capability, the EPC 420 performs an interception operation according to the conventional interception method described in FIG. 2. On the other hand, if the target terminal 410 is currently performing a D2D operation or has D2D capability, the EPC 420 sends a LI Report Command message to the target terminal 410 to instruct the target terminal 410 to report communication information between terminals. The LI Report Command message can be delivered in four ways depending on the system architecture.

First, the ADMF 432 may directly transmit the LI Report Command message to the target terminal through IP or OTA.

Second, after ADMF 432 transmits the LI Report Command message to the MME among EPC entities, the MME transmits the LI Report Command message to the terminal through the NAS or the LI Report Command message to the RRC through the eNB. I can.

Third, the MME can transmit to the terminal through the Prose Function 240.

Fourth, after the ADMF 432 transmits the LI Report Command Message to the Prose Function 240, the Prose server transmits the LI Report Command Message to the terminal through the PC.

The target terminal 410 may report information stored in the storage device upon receiving the interception report command. Since the interception start command message may include interception conditions (interception time and interception request information, etc.), the EPC 420 may determine whether the transmission of the interception report command is valid. In addition, the interception start command message may include the address of the destination to which the report will be delivered. The target terminal 410 may transmit an interception report (LI Report) to the address.

The interception report process of the present invention is detailed as follows. The target terminal 410 may report transmission/reception search information and communication information of the target terminal through an interception report.

First transmitted when the received communication information is reported, the communication information includes a layer 2 or 3 ID of a receiving terminal or a group ID of the terminal. Since the ID information of the transmitting terminal is included when receiving a packet from the transmitting terminal, it can be obtained. In the case of the ID information of the receiving terminal, its own ID is used.

In addition, when reporting communication information to be transmitted, the communication information also includes a Layer 2 or 3 ID of the receiving terminal or a Group ID of the receiving terminal. The ID information of the receiving terminal is generated in Application, Layer 2 or Layer 3, that is, inside the terminal. In the case of the ID of the transmitting terminal, the transmitting terminal may include its own ID in the communication information as necessary.

According to an embodiment, the ID included in the communication information may be an ID allocated for D2D communication. The terminal may transmit report information composed of the ID and other IRI and CC according to the system architecture configuration. For example, if the ADMF 432 directly triggers the report to the terminal, the LI Report Command Message includes the address of the LEA's delivery function 431 as the destination address. Therefore, the terminal directly delivers the LI Report information to the delivery function 431 using IP communication.

As another example, if the EPC's MME triggers the LI Report, the LI Report Command Message includes the address of the LEA's delivery function 431 as the destination address or the P-GW address. At this time, if the P-GW address is the destination, the ADMF 432 has issued the LI Activation command to the P-GW, and the P-GW can know the address of the Delivery Function 431 at the Activation step, so the D2D Report is sent to the Delivery Function ( 431) can be forwarded. Another reporting method using the P-GW as a destination is a method of setting a bearer for the LI Report with the P-GW.

As another example, when the Prose function 240 triggers the report, the address of the Prose Function 240 is inserted as the destination address, and when the Prose Function 240 receives the Report information from the target terminal, it is transferred to the Delivery Function (431). Forwarding the above report. Upon arrival at the Delivery Function 431, the Delivery Function 431 delivers the IRI and CC to the LEMF 433.

The ADMF 432 may know subscriber information in advance, and may know it using communication information reported by the target terminal 410. For example, the ADMF 432 may acquire subscriber information by using an ID included in the communication information.

In order to obtain subscriber information from the ID information, the delivery function 431 transmits a subscriber matching request message to the EPC 420 or the ProSE function 240. If the EPC 420 receives the subscriber matching request message, it transmits a message requesting the ID information to the ProSe Function 240. On the other hand, when the ProSE Function 240 receives the message, it requests Subscriber (IMSI, etc.) information from the EPC 420 with a 3GPP ID (S-TMSI) that it maps to the ID. Thereafter, the EPC 420 acquires subscriber information through the HSS as needed. EPC (420) or ProSe Function (240) responds to the Subscriber information to the Delivery Function (431) with a Subscriber Matching Response message, and the Delivery Function (431) delivers the Subscriber information, IRI and CC to the LEMF (433).

In the case of search information, in general, it may be configured in various ways according to embodiments. As an example, generation of a discovery code, which is one of discovery information, may be generated by the ProSe Function 240. At this time, the uniqueness of the location and time of the search code depends on the ProSe Function. Alternatively, the search code may be generated according to a rule determined by the App or may be generated in advance. In addition, in the case of the search, the method of broadcasting to an unspecified number of people is not specified and transmitted, so that the search information itself does not include an ID that can directly determine the terminal.

Therefore, the search information reported by the terminal is configured by the method proposed in the present invention. If the target terminal 410 reports the discovery information to be transmitted by the target terminal 410, the target terminal 410 includes its D2D ID and discovery code in the report. On the other hand, in the case of the discovery information received by the target terminal 410, the target terminal 410 includes its D2D ID, the sender's D2D ID or APP ID, and the discovery code analyzed in some cases in the report.

The LI Report message generated in this way is delivered to the Delivery Function 431 in various ways according to the system architecture. For example, if the ADMF 432 directly triggers a report to the terminal, the terminal includes the address of the LEA's delivery function 431 as the destination address in the LI Report Command Message. Therefore, the terminal directly delivers the report information to the delivery function 431 using IP communication.

As another example, if the EPC MME triggers the report, the LI Report Command Message includes the address of the LEA's delivery function 431 as the destination address or the P-GW address. At this time, if the P-GW address is the destination, the ADMF 432 has issued the LI Activation command to the P-GW, and the P-GW can know the address of the Delivery Function 432 at the Activation stage, or use the bearer for report to P-GW. Since it is created, the D2D Report can be forwarded to the Delivery Function. In the above two cases, when the report information arrives at the delivery function 431, an operation for analyzing the discovery code information is performed in various ways proposed by the present invention. As a first example, when the Delivery Function 431 transmits the included Tx and Rx D2D ID information and Discovery Code to the ProSe Function 240, the ProSe Function 240 uses the Discovery Code Mapping Table that it has. Thus, the search-related information is responded to the Delivery Function 431. As another example, there is a method in which the Delivery Function 431 directly inquires the App server 250 for the Application ID included in the Report to receive search information.

As another example, when the Prose function 240 triggers a report, the address of the Prose Function 240 is inserted as the destination address. When the Prose Function 240 receives Report information from the target terminal, the Prose Function 240 Responds to the Delivery Function 431 using the Discovery Code Mapping Table owned by itself, or, if necessary, receives the information from the Prose App server through the PC2 interface and delivers it to the Delivery Function.

When the ADMF 432 does not know the subscriber information, when the report information arrives at the delivery function 431, the operation to obtain subscriber information from the ID information included in the report by various methods proposed by the present invention Can be done. As a first example, when the delivery function 431 transmits the included Tx and Rx information to the ProSe function 240, the ProSe function 240 transmits the UE to the EPC 420 using the ID Mapping Table that it has. When the ID of the EPC (S-TMSI, etc.) is transmitted, the EPC 420 responds to the Delivery Function 431 by acquiring subscriber information of Tx and Rx. Alternatively, if the ProSe Function 240 can directly map IMSI and D2D ID, it immediately responds to the Delivery Function 431. As a second example, when the delivery function 431 transmits the included Tx and Rx information to the EPC 420, the EPC 420 inquires the ProSe function 240 for the information. When the ProSe Function 240 transmits the EPC ID (S-TMSI, etc.) of the UE to the EPC 420 using the ID Mapping Table it has, the EPC 420 transmits subscriber information of Tx and Rx. Acquires and responds to the Delivery Function (431). In both of the above examples, if the EPC 420 has a Mapping Table, the response procedure is reversed.

Another way to deliver the generated LI Report message to the Delivery Function 431 is to directly deliver Tx and Rx information in the application layer in the terminal. As another example, if the ID of the Delivery Function included in the LI Report message is an Application ID, there is a method in which the Delivery Function 431 directly inquires the App server 250 to receive user information. FIG. 5 is a first aspect of the present invention. It is a flow chart showing the tapping process according to the second embodiment.

5, in step 560, a process of initiating interception between the EPC 540 and the LEA is performed. The process of initiating tapping may include steps 451 to 454 of FIG. 4.

In step 571, the EPC 540 transmits a LI Activation Command to the E-UTRAN 530 to instruct the target terminal 520 to intercept. Interception initiation order may include interception conditions (interception time, interception request information, etc.). The E-UTRAN 530 may intercept the target terminal 520 during the valid time of the message in response to the interception start command.

As in step 572 within the valid time of the interception initiation command message, the target terminal 520 reports the buffer status to the E-UTRAN 530 in order to request radio resources for communication between the terminals with the counterpart terminal 510 (Buffer Status Report , BSR), the eavesdropping of the E-UTRAN 530 is triggered. In response, the E-UTRAN 530 transmits a LI Report Command to the target terminal 520 in step 573.

The eavesdropping report command of the E-UTRAN 530 includes a command to adjust the power of the target terminal 520 so that the E-UTRAN 530 can eavesdrop on the communication contents of the target terminal 520 between terminals. As an example of adjusting the power of the target terminal 520, a method of adjusting a physical power level to a degree that can reach the E-UTRAN 530 and a range of preset'short','long', etc. It is possible to insert a range class. In addition, the interception report command includes a command that prevents the UE from changing to the IDLE state while LI Activation is activated by the E-UTRAN. That is, the target terminal of LI always performs D2D in the connected state.

The target terminal 520 adjusts the transmission range according to the interception report command by performing power configuration in step 574. As an embodiment, the target terminal 520 may transmit a power setting response to the E-UTRAN 530 in the adjusted transmission range. Transmission of the power setting response may be omitted.

The E-UTRAN 530 allocates transmission resources to the target terminal 520 in step 575, and the target terminal 520 transmits data to the counterpart terminal 510 according to the power set by the E-UTRAN 530 in step 576. Transmit. The E-UTRAN 530 overhears the data transmitted from the target terminal 520 in step 577.

Meanwhile, a method similar to data interception may be applied as a method for the E-UTRAN 530 to intercept search related information. The E-UTRAN 530, which received the command to start tapping from the EPC 540, includes a command to perform power configuration in the tapping report command and transmits it to the target terminal 520. Thereafter, the target terminal 520 transmits the discovery information to the designated or allocated resource section with corresponding power setting, and the E-UTRAN 530 may participate in the section to obtain discovery related information.

The E-UTRAN 530, which overhears the IRI and CC related to the target terminal 520, transmits a LI Report including the information intercepted in step 578 to the Delivery Function 551 of the interception agency. At this time, the interception report may be transmitted over the IP by encapsulating the LEA IP in a PDCP-level data packet using the function of the E-UTRAN 530 proposed in the present invention. LEMF 553 ) Completes the interception by receiving an interception report (LI Report) through the delivery function 551 in step 579.

When the ADMF 432 does not know the subscriber information, when the LI Report information arrives at the Delivery Function 551, the subscriber information is obtained from the ID information included in the report by various methods proposed by the present invention. Perform the operation for As a first example, when the Delivery Function 551 transmits the included Tx and Rx information to the ProSe Function 240, the ProSe Function 240 sends the UE to the EPC 540 using the ID Mapping Table that it has. When the ID of the EPC (S-TMSI, etc.) is transmitted, the EPC 540 responds to the delivery function 551 by acquiring subscriber information of Tx and Rx. Alternatively, if the ProSe Function 240 can directly map the IMSI and D2D ID, it immediately responds to the Delivery Function 551. As a second example, when the delivery function 551 transmits the included Tx and Rx information to the EPC 540, the EPC 540 inquires the ProSe function 240 for the information. When the ProSe Function 240 transmits the EPC ID (S-TMSI, etc.) of the UE to the EPC 540 using the ID Mapping Table it has, the EPC 540 transmits subscriber information of Tx and Rx. Acquires and responds to the Delivery Function (551). In both of the above examples, if the EPC 540 has the Mapping Table, the response procedure is reversed. In some embodiments, in the second embodiment of FIG. 5, the target terminal 520 further performs step 573-1. I can. The target terminal 520 activates the interception operation in step 573-1. As a factor that triggers activation of eavesdropping, there is a method of activating the eavesdropping operation according to the policy since the target terminal 520 downloads or has a policy of an LEA, a country, or an operator first. As another method, there is a method of receiving a LI Activation Command transmitted from an LEA and activating an eavesdropping operation according to a condition included in the message. The LI Activation Command includes configuration information related to monitoring, such as a monitoring range and a monitoring time. According to the above method, the target terminal 520 that has activated the tapping operation is in a LI Enable state.

When the E-UTRAN 530 performs a LI Activation Command to the target terminal 520 in step 573 and the target terminal 520 receives the tapping initiation command, step 573-1 may be performed. have. In addition, when the target terminal 520 is in an activated state of tapping, step 574 may be performed.

6 is a view for explaining a tapping process according to the third and fourth embodiments of the present invention.

Referring to FIG. 6, information exchanged by the target terminal 610 with the counterpart terminal 620 through inter-terminal communication is transmitted to the proxy terminal 630 performing interception, and the proxy terminal 630 transmits the interception content to the network. It reports to the interception agency 650 through 640. The proxy terminal 630 may be a terminal manufactured for a special purpose for firefighters, police officers, etc. in charge of public safety nets.

7 is a flowchart illustrating a process of interception of a proxy terminal according to a third embodiment of the present invention.

Referring to FIG. 7, the proxy terminal 710 searches for the target terminal 720 by performing an authentication process for the EPC 740 for interception in step 761 and requesting information (IMSI, etc.) of the target terminal 720 Perform the procedure for The HSS of the EPC 740 may be responsible for authentication of the proxy terminal 710 and transmission of information to the target terminal 720.

After receiving the information of the target terminal 720, the proxy terminal 710 transmits a LI Activation Command including the information of the target terminal 720 to the EPC or Prose Function 740 in step 762 Request information for performing interception of the terminal 720.

As an example, the EPC 740 receives the command to initiate interception from the proxy terminal 710 and then transmits the discovery related information required to check the proximity of the target terminal 720 in step 763. It transmits a request (ProSe UE Interception Request) for discovery related information used by the target terminal 720 to the function 750. Accordingly, the ProSe Function 750 transmits a response (ProSe UE Interception Response) including the information requested in step 764 to the EPC 740. The EPC 740 having obtained the search-related information transmits a LI Activation Response including the search-related information to the proxy terminal 710 in step 765.

As another example, the Prose sever 750 transmits, including the LI Activation Response, search-related information necessary to check the proximity of the target terminal 720 after receiving the interception initiation command from the proxy terminal. do

In step 766, the proxy terminal 710 creates information (eg, a target code) that the target terminal 720 currently uses for search as a target list.

Thereafter, the proxy terminal 710 participates in the search process in step 767, and checks the proximity to the target terminal 720 by referring to the target list. When the search is successfully performed and proximity is confirmed, the proxy terminal 710 locks on the target terminal 720 in step 768.

When the target terminal 720 activates interception in step 769 according to the method described above, the target terminal 720 stores Tx/Rx information of communication between terminals in step 770. The proxy terminal 710 may obtain information of communication between terminals stored by the target terminal 720.

As an embodiment, the proxy terminal 710 transmits a LI Report Command to the target terminal 720 in step 771, and a LI Report including information on communication between terminals in step 772. Can receive.

As another embodiment, the proxy terminal 710 transmits an interception report command (LI Report Command) to the EPC or the Prose function 740 in step 773, and the EPC 740 intercepts report to the target terminal 720 in step 774. The command is transmitted, and the target terminal 720 may include communication information between terminals in the interception report according to the information of the proxy terminal 710 included in the interception report command in step 775 and transmit it to the proxy terminal 710.

8 is a flowchart illustrating a process of interception of a proxy terminal according to a fourth embodiment of the present invention.

Referring to FIG. 8, the proxy terminal 810 searches for the target terminal 830 by performing an authentication process for the EPC 850 for interception in step 871 and requesting information (IMSI, etc.) of the target terminal 830. Perform the procedure for The HSS of the EPC 850 may be responsible for authentication of the proxy terminal 810 and transmission of information to the target terminal 830.

After receiving the information of the target terminal 830, the proxy terminal 810 transmits a LI Activation Command including the information of the target terminal 830 to the EPC 850 in step 872, and the target terminal 830 Request information to conduct interception of ). In this case, the entity of the corresponding EPC 850 may vary according to the network configuration.

The EPC 850 receives the command to initiate interception from the proxy terminal 810 and then transmits discovery-related information necessary to check the proximity of the target terminal 830 in step 873. ) To a request for discovery-related information used by the target terminal 830 (ProSe UE Interception Request). Accordingly, the ProSe Function 860 transmits a response (ProSe UE Interception Response) including the information requested in step 874 to the EPC 850.

The EPC 850 having acquired the discovery-related information transmits a LI Activation Response including the discovery-related information to the proxy terminal 810 in step 875. In step 877, the proxy terminal 810 creates information (eg, a target code) currently used by the target terminal 830 for search as a target list.

In some embodiments, after receiving the information of the target terminal 830, the proxy terminal 810 transmits a LI Activation Command including the information of the target terminal 830 to the Prose Function 860 in step 872. It transmits and requests information for performing an interception of the target terminal 830.

Prose sever (865) after receiving an interception initiation command from the proxy terminal (810), includes the search-related information necessary to check the proximity (Proximity) of the target terminal (830) in the interception initiation response (LI Activation Response), , Transmits the emotion initiation response to the proxy terminal 810. In step 877, the proxy terminal 810 creates information (eg, a target code) currently used by the target terminal 830 for search as a target list.

Thereafter, the proxy terminal 810 participates in the search process in step 878 and checks the proximity to the target terminal 830 by referring to the target list. When the search is successfully performed and proximity is confirmed, the proxy terminal 810 locks on the target terminal 830 in step 879.

Meanwhile, the entity 850 that has received the LI Activation Command such as EPC or Prose Function transmits a LI Activation Command to the E-UTRAN 840 in step 876 so that the E-UTRAN 840 sends the target terminal 830 ) To intercept. The E-UTRAN 840 monitors the target terminal 830 during the valid time of the tapping start command message after receiving the tapping start command. If the target terminal 830 transmits a radio resource request (BSR) for data transmission to the E-UTRAN 840 in step 880 within the valid time of the message, interception is triggered, and the E-UTRAN 840 is step 881 Instructs the target terminal 830 to prepare for interception by transmitting a LI Ready message to the proxy terminal 810 in FIG. The proxy terminal 810 may obtain information on resources within a cell of the target terminal 830 and a security key for wireless communication through the interception preparation message.

Thereafter, the E-UTRAN 830 allocates radio resources to the target terminal 830 and the proxy terminal 810 in step 882. When the target terminal 830 transmits data to the counterpart terminal 820 through inter-terminal communication in step 883, the proxy terminal 810 overhears the corresponding resource section in step 884 to complete interception.

9 is a diagram showing another embodiment in which a proxy terminal is selected in the third and fourth embodiments of the present invention.

Referring to FIG. 9, in step 961, a LI Activation process between the EPC 940 and the LEA 960 is performed. The process of initiating tapping in step 961 includes steps 451 to 454 of FIG. 4. Through the interception initiation process, the LEA 960 may obtain information (IMSI, etc.) of the target terminal 920 from the EPC 940 and search for a suitable proxy terminal 910 near the target terminal 920. The HSS of the EPC 940 may perform authentication and information transmission of the target terminal 920 during the interception initiation process.

Thereafter, when the entity (MME) of the EPC 940 receives the LI Activation message from the ADMF 261, the EPC 940 is in step 962 to obtain information related to inter-terminal discovery and communication of the target terminal 920. Sends an information request (ProSe UE Interception Request) to the ProSe Function 950. In step 963, the ProSe Function 950 transmits a response (ProSe UE Interception Response) message including inter-terminal discovery-related information, such as a discovery code registered by the target terminal 920, and inter-terminal communication-related information. Accordingly, the EPC 940 may select one or more suitable proxy terminals 910.

In some embodiments, when the Prose Function 950 receives the LI Activation message from the ADMF 261, the Prose Function 950 is stored information related to inter-terminal discovery and communication of the target terminal 920 Prepare. Accordingly, the Prose Function 950 may select one or more suitable interception terminals 910.

As an example of selecting the proxy terminal 910, the EPC 940 or the Prose Function 950 transmits a Select Proxy Device message to the directly selected proxy terminal 910 as in step 966 based on location information. I can. In addition, as another example, a proxy selection request message is transmitted to the MME or possible candidate terminals in the cell as in step 964, and a proxy selection response message from the proxy terminal 910 available in step 965 The proxy terminal 910 may be selected by receiving.

The proxy terminal 910 that has obtained the search-related information from the EPC 940 or the Prose Fucntion 950 creates a list of information such as a search code used by the target terminal 920 for search in step 967. Thereafter, the proxy terminal 910 participates in the search process in step 968 and checks the proximity to the target terminal 920 based on the target list. When the search is successfully performed and proximity is confirmed, the proxy terminal 910 locks on the target terminal 920 in step 969.

Steps 769 to 775 of FIG. 7 or steps 880 to 884 of FIG. 8 may be equally applied to the process of interception of the proxy terminal 910 after locking-on of the target terminal 920, so detailed description Is omitted.

10 is a view for explaining a tapping process according to a fifth embodiment of the present invention.

Referring to FIG. 10, when the interception agency 1050 requests interception of the target terminal 1010, the network 1040 sends the ProSe terminals 1020 and 1030 within a certain area centered on the target terminal 1010. The identification information of the target terminal 1010 and the registered search code are transmitted. The ProSe terminals 1020 and 1030 may notify the network 1040 even when an unregistered discovery code as well as a registered discovery code transmitted from the target terminal 1010 is found. Hereinafter, it will be described in detail.

11 is a flowchart showing a wiretapping process according to a fifth embodiment of the present invention.

Referring to FIG. 11, there is a target terminal 1120 and an interception terminal 1110 that intercepts the target terminal 1120. Both the target terminal 1120 and the interception terminal 1110 are terminals having communication capability between terminals.

In step 1161, a common process for LI Actiavtion is performed. The common process may be different depending on the system architecture. In step 1161, the ADMF 261 may transmit the LI Activation message to the EPC 1130 or the Prose Function 1140.

In step 1161, a LI Activation process may be performed between the EPC 1130 and the LEA 1150. The process of initiating tapping in step 1161 includes steps 451 to 454 of FIG. 4. Through the interception initiation process, the LEA 1150 may obtain information (IMSI, etc.) of the target terminal 1120 from the EPC 1130 and search for an appropriate interception terminal 1110 near the target terminal 1120. The HSS of the EPC 1130 may perform authentication and information transmission of the target terminal 1120 during the interception initiation process.

When the Entity (MME) of the EPC 1130 receives the LI Activation message from the ADMF 261, the ProSe Function 1140 is sent to the ProSe Function 1140 in step 1162 to obtain information related to inter-terminal discovery and communication of the target terminal 1120. Send an information request (ProSe UE Interception Request). The ProSe Function 1140 transmits a response (ProSe UE Interception Response) message including information related to discovery between terminals, such as a discovery code registered by the target terminal 1120 in step 1163, and information related to communication between terminals.

When the Prose Function 1140 receives the LI Activation message from the ADMF 261, the Prose Function 1140 prepares stored information related to inter-terminal discovery and communication of the target terminal 1120. Accordingly, the EPC 1130 or the Prose Function 1130 may select one or more suitable interception terminals 1110. In some embodiments, the ProSe Function 1140 may transmit a ProSe UE Interception message including inter-terminal discovery-related information, such as a discovery code registered by the target terminal 1120 in step 1163, and inter-terminal communication-related information.

The EPC 1130 transmits an interception report command (LI Report Command) to the interception terminal 1110 selected in step 1164 using the NAS. As an example of the selection method, the EPC 1130 selects the interception terminal 1110 based on the cell to which the target terminal 1120 is accessed or based on a tracking area (TA) of the target terminal 1120. I can.

In some embodiments, the Prose Function 1140 transmits a LI Report Command to the tapping terminal 1110 selected in step 1164 using the PC3. In this case, step 1163 may not be performed. As an example of the selection method, the Prose Function 1140 may determine the interception terminal 1110 based on a cell to which the target terminal 1120 is connected or a tracking area (TA) of the target terminal 1120. You can choose.

The interception terminal 1110 acquires search-related information through an interception report command, and in step 1165, the target terminal 1120 creates information such as a search code used for a search as a target list. Thereafter, the interception terminal 1110 participates in the search process of the target terminal 1120 in step 1166, and intercepts the IRI of the target terminal 1120 by referring to the target list.

Thereafter, the interception terminal 1110 performs an interception report (LI Report) in step 1167 according to a condition set in the interception report command, periodically, or according to a preset trigger condition.

The LI Report message is delivered to the Delivery Function 263 in various ways according to the network architecture. For example, if the ADMF 261 directly triggers a report to the terminal, the terminal includes the address of the LEA's delivery function 263 as the destination address in the LI Report Command Message. Therefore, the terminal directly delivers the report information to the delivery function 263 using IP communication.

As another example, if the MME of the EPC 1130 triggers the report, the LI Report Command Message includes the address of the LEA's delivery function 263 as the destination address or the P-GW address. At this time, the ADMF 261 has given the LI Activation command to the P-GW, and the P-GW can know the address of the Delivery Function 263 in the Activation step or has created a dedicated bearer for LI Report. The message may be forwarded to the delivery function 263 through the dedicated bearer.

In the case of the above two examples, when LI Report information arrives at the Delivery Function 263, an operation for analyzing the Discovery Code information is performed in various ways proposed by the present invention. For example, when the delivery function 263 transmits the included Tx and Rx D2D ID information and discovery code to the ProSe function 1140, the ProSe function 1140 uses the Discovery Code Mapping Table that it has. It responds to the delivery function 263 with information related to the discovery. As another example, there is a method in which the delivery function 263 directly inquires the App server 250 for the application ID included in the report to receive search information.

As another example, when the Prose function (1140) triggers the report, the address of the Prose Function (1140) is inserted as the destination address, and when the Prose Function (1140) receives LI Report information from the target terminal, the Prose Function (1140) Responds to the Delivery Function (263) using the Discovery Code Mapping Table owned by itself, or, if necessary, receives the information from the Prose App server through the PC2 interface and delivers it to the Delivery Function (263).

In some embodiments, the LEA 1150 may receive the interception report from the delivery function 263 in step 1168 to complete the interception.

12 is a flow chart showing an interception process according to a sixth embodiment of the present invention.

Referring to FIG. 12, in order for the target terminal 1220 to intercept data transmitted and received by performing communication between the counterpart terminal 1210 and the terminal, the LI Activation process between the EPC 1240 and the LEA is performed in step 1261. Performed. The process of initiating tapping in step 1261 includes steps 451 to 454 of FIG. 4.

In step 1262, the EPC 1240 transmits a LI Activation Command to the E-UTRAN 1230 to instruct the target terminal 1220 to be tapped. The interception initiation order may include interception conditions (eg, interception time and interception request information, etc.). The E-UTRAN 1230 may intercept the target terminal 1220 during the valid time of the message in response to the interception start command.

As in step 1263 within the valid time of the interception initiation command message, the target terminal 1220 reports the buffer status to the E-UTRAN 1230 to request radio resources for communication between the terminals with the counterpart terminal 1210. , BSR), the eavesdropping of the E-UTRAN 1230 is triggered. In response, the E-UTRAN 1230 transmits a LI Report Command to the target terminal 1220 in step 1264.

The interception report command transmitted by the E-UTRAN 1230 includes a command to simultaneously connect a communication path between the target terminal 1220 and the counterpart terminal 1210 and a communication path between the target terminal 1220 and the base station. . Accordingly, the target terminal 1220 prepares to transmit data by setting a communication path with the EPC 1240, if necessary. At this time, if there is a data bearer that has been previously set and used, the above process can be omitted.

Thereafter, the E-UTRAN 1230 allocates resources to the target terminal 1220, and the allocated resources may vary according to the following specific embodiments.

First, the E-UTRAN 1230 may simultaneously allocate resources for communication between terminals and a transmission resource to a base station, and allow the target terminal 1220 to transmit data through two paths. In this case, the target terminal 1220 may transmit data for communication between terminals through a communication path between terminals as in step 1265, and at the same time, may also transmit data to a network as in step 1266.

The E-UTRAN 1230 encapsulates the IP address of the intercepting agency in a PDCP-level data packet received from the terminal, and sends a LI Report at step 1267 to the intercepting agency's Delivery Function (1251). Transfer to. LEMF (1253) of the interception agency receives the interception report from the delivery function (1251) in step 1268, and completes the interception process.

In some embodiments, if the MME of the EPC 1240 triggers the report, the LI Report Command Message includes the address of the LEA's delivery function 1251 as the destination address or the P-GW address. At this time, ADMF(1252) has given LI Activation command to P-GW, and P-GW can know the address of Delivery Function(1251) in Activation stage or has made a dedicated bearer for LI Report, so E-UTRAN 1230 may forward the LI Report message to the delivery function 1251 through the dedicated bearer.

Meanwhile, the E-UTRAN 1230 may allow the target terminal 1220 to transmit data for communication between terminals to the EPC 1240. Accordingly, the target terminal 1220 transmits the data to the EPC in step 1269, and the EPC 1240 transmits the interception report to the LEMF 1253 through the delivery function 1251 in step 1270. Also, in step 1271, data of communication between terminals is transmitted to the counterpart terminal 1210.

13 is a flowchart illustrating a tapping process according to a seventh embodiment of the present invention.

Referring to FIG. 13, in step 1360, an interception initiation process between the EPC 540 and the LEA is performed. Interception initiation process may include steps 451 to 454 of FIG. 4. Additionally, in this embodiment, the EPC 540 transmits a LI Activation Command to the E-UTRAN in step 571 to instruct the target terminal to be intercepted. Interception initiation order may include interception conditions (interception time, interception request information, etc.). The E-UTRAN may intercept the target terminal during the valid time of the message in response to the interception start command.

Therefore, the triggering (LI Enable) (step 1373-1) of the interception of the terminal follows the same method as the above-described embodiment (the first embodiment or the second embodiment), and in this embodiment additionally, the effective time of the interception start command message If the target terminal 520 transmits a buffer status report (BSR) to the E-UTRAN 530 in step 1372 in order to request a radio resource for communication between the terminals with the other terminal as in the step in, Interception of the E-UTRAN 530 is triggered. In response, the E-UTRAN 530 transmits a LI ActivationCommand to the target terminal 520 in step 1373.

The command to initiate interception of the E-UTRAN includes a command to adjust the communication resource and direction of the target terminal so that the E-UTRAN 530 can intercept the communication contents of the target terminal 520 between terminals. As an example of adjusting the communication resource and direction of the target terminal 520, the E-UTRAN 530 is a resource for D2D communication by setting a time difference from the method of simultaneously opening a connection between D2D communication and the resource to be delivered to the E-UTRAN. It is possible to transmit information to separately allocate resources to be reported to E-UTRAN through and Uplink.

In step 1375, the E-UTRAN 530 allocates transmission resources to the target terminal 520 according to the above method, and the target terminal 520 is a counterpart terminal according to the resources set by the E-UTRAN 530 in step 1376 ( 510). If the configured method opens a simultaneous connection, when the target terminal 520 transmits data to the counterpart terminal 510, the target terminal 520 sends the target terminal to the E-UTRAN 530 through other resources and antennas allocated in step 1376-1. The data transmitted from 520 is transmitted. If the E-UTRAN allocates C-RNTI for Lawful Interception for Uplink or transmits the resource block itself in another configuration method, the E-UTRAN 530 transmits the data from the target terminal 520 to the corresponding resource after the data transmission between terminals Send the data. That is, step 1376-1 may be performed after step 1376.

E-UTRAN 530 receiving the IRI and CC related to the target terminal 520 transmits a LI Report including the information intercepted in step 1378 to the delivery function 551 of the intercepting agency. In this case, the interception report may be transmitted over the IP by encapsulating the LEA IP in a PDCP-level data packet using the function of the E-UTRAN 530 proposed in the present invention. The LEMF 553 receives a LI Report through the Delivery Function 551 in step 1379 to complete the interception.

When the LI Report information arrives at the Delivery Function 551, an operation for obtaining Subscriber information from ID information included in the Report is performed in various ways proposed by the present invention. As a first example, when the Delivery Function 551 transmits the included Tx and Rx information to the ProSe Function 240, the ProSe Function 240 sends the UE to the EPC 540 using the ID Mapping Table that it has. When the ID of the EPC (S-TMSI, etc.) is transmitted, the EPC 540 responds to the delivery function 551 by acquiring subscriber information of Tx and Rx. Alternatively, if the ProSe Function 240 can directly map the IMSI and D2D ID, it immediately responds to the Delivery Function 551. As a second example, when the delivery function 551 transmits the included Tx and Rx information to the EPC 540, the EPC 540 inquires the ProSe function 240 for the information. When the ProSe Function 240 transmits the EPC ID (S-TMSI, etc.) of the UE to the EPC 540 using the ID Mapping Table it has, the EPC 540 transmits subscriber information of Tx and Rx. Acquires and responds to the Delivery Function (551). In both of the above examples, if the EPC 540 has a Mapping Table, the response procedure is reversed.

14 is a diagram showing the configuration of a terminal according to an embodiment of the present invention.

Referring to FIG. 14, a terminal according to an embodiment of the present invention may include a transmission/reception unit 1310, a control unit 1320, and a storage unit 1330. In addition, the control unit 1320 may include an inter-terminal communication control unit 1321 and an interception data management unit 1322 for inter-terminal communication and interception report of the terminal. Hereinafter, a description of each part of FIG. 14 includes only a description of an operation according to an embodiment of the present invention.

The transmission/reception unit 1310 transmits and receives signals and data to and from the network, and specifically requests resource allocation for communication between terminals under the control of the control unit 1320 or receives a report command of intercepted data from the network, and accordingly transmits an interception report. Perform. In addition, the transmission/reception unit 1310 may transmit and receive signals and data to and from other terminals through communication between terminals. The storage unit 1330 stores Tx/Rx information of communication between terminals under the control of the control unit 1320.

The inter-terminal communication control unit 1321 of the control unit 1320 corresponds to the ProSe APP of FIG. 2 and controls the transceiving unit 1310 to perform communication between terminals. In addition, the interception data management unit 13322 corresponds to the delivery function of FIG. 2, and transmits the Tx/Rx information stored in the storage unit 1330 in the interception report message. A detailed description of the operation in the interception process of the terminal according to the embodiment of the present invention has been previously mentioned, and thus is omitted.

15 is a diagram showing the configuration of a base station according to an embodiment of the present invention.

Referring to FIG. 15, a base station according to an embodiment of the present invention may include a transmission/reception unit 1410, an interface unit 1420, a control unit 1430, and a storage unit 1440. The transmission/reception unit 1410 communicates with a terminal through a wireless interface, and the interface unit 1420 communicates with a core network. In addition, the storage unit 1440 stores various types of information necessary to perform an interception process according to an embodiment of the present invention.

The control unit 1430 may include a communication control unit 1430 between terminals, an interception data management unit 1432 and an interception execution unit 1433. The inter-terminal communication control unit 1430 may allocate resources for inter-terminal communication to the terminal according to an embodiment of the present invention, and at this time, adjust the transmission power of the terminal for interception. The interception data management unit 1432 corresponds to the delivery function and transmits the interception report received from the terminal to the core network. The wiretapping execution unit 1433 corresponds to the ADMF provided in the wiretapping agency, and performs an operation of transmitting the wiretapping command to the terminal according to the wiretapping command from the core network. A detailed description of the performing of the interception process by the base station is the same as the embodiment described above, and thus will be omitted.

16 is a diagram showing the configuration of a proxy terminal according to an embodiment of the present invention.

Referring to FIG. 16, a proxy terminal according to an embodiment of the present invention includes a transmission/reception unit 1510, a control unit 1520, and a storage unit 1530, and the control unit 1520 is an interception process according to an embodiment of the present invention. In order to perform the operation, a communication control unit 1521 between terminals, an interception data management unit 1522, and an interception execution unit 1523 are provided.

The transmission/reception unit 1510 transmits and receives signals and data to and from a network and a target terminal under the control of the controller 1520. In addition, the storage unit 1530 may store various types of information for performing an interception process according to an embodiment of the present invention, for example, a target list generated based on a search code of a target terminal.

The control unit 1520 may include an inter-terminal communication control unit 1521, an interception data management unit 1522, and an interception performance unit 1523. The inter-terminal communication control unit 1521 is a component for controlling to participate in a search process of a target terminal, and the interception data management unit 1522 is a component for reporting information acquired by tapping on the target terminal. In addition, the interception execution unit 1523 performs a function of instructing the target terminal to report interception.

17 is a diagram showing the configuration of a monitoring device of a monitoring engine according to an embodiment of the present invention.

Referring to FIG. 17, the monitoring device according to the present invention may include a transmission/reception unit 1610, a control unit 1620, and a storage unit 1630.

The interface unit 1610 communicates with the core network, and the storage unit 1630 stores various types of information necessary to perform an interception process according to an embodiment of the present invention. The control unit 1620 includes an interception data management unit 1621 and An interception performing unit 1622 may be provided. The interception data management unit 1621 corresponds to the delivery function and receives an interception report from the core network. The interception execution unit 1622 corresponds to the ADMF and performs authentication for interception for the EPC.

Those of ordinary skill in the art to which the present invention pertains will appreciate that the present invention can be implemented in other specific forms without changing the technical spirit or essential features thereof. Therefore, it should be understood that the embodiments described above are illustrative and non-limiting in all respects. The scope of the present invention is indicated by the scope of the claims to be described later rather than the detailed description, and all changes or modified forms derived from the meaning and scope of the claims and their equivalent concepts are included in the scope of the present invention. Must be interpreted.

Meanwhile, in the present specification and drawings, a preferred embodiment of the present invention has been disclosed, and although specific terms are used, this is only used in a general meaning to easily describe the technical content of the present invention and to aid understanding of the present invention. It is not intended to limit the scope of the invention. In addition to the embodiments disclosed herein, it is apparent to those of ordinary skill in the art that other modified examples based on the technical idea of the present invention can be implemented.

Claims (71)

In the interception method of a first terminal for performing communication between terminals,
communicating with a second terminal through device-to-device communication (D2D communication);
Identifying transmission/reception information between the first terminal and the second terminal; And
Including the step of transmitting a legitimate interception report including the transmission and reception information in a ProSe (proximity-based services) function,
The transmission/reception information is characterized in that after the first terminal transmits the legitimate interception report to the ProSe function, it is transmitted from the ProSe function to a law enforcement monitoring facility (LEMF),
The legitimate interception report comprises at least one of layer 2 IDs (identifiers), layer 3 IDs, group IDs, and legitimate interception times of the transmitter and the receiver. The method of claim 1,
The method of claim 1, wherein the transmission/reception information is related to performing legitimate interception by a ProSe function. The method of claim 1,
The transmission/reception information includes at least one of interception related information (IRI) or contents of communication (CC). The method of claim 1,
When the first terminal is in a coverage area, the first terminal periodically transmits the legitimate interception report including the transmission/reception information to the ProSe function. The method of claim 1,
When the first terminal is out of the coverage area, the first terminal stores the transmission/reception information,
When the first terminal is located back to the coverage area, the first terminal transmits the legitimate interception report including the transmission/reception information to the ProSe function. The method of claim 1,
The method characterized in that the transmission and reception information is transmitted from the ProSe function to the LEMF through a delivery function. In the method of intercepting the ProSe (proximity-based services) function,
Receiving a legitimate interception report including transmission/reception information between the first terminal and the second terminal from the first terminal; And
And transmitting the transmission/reception information to a delivery function,
The transmission/reception information is transmitted to a law enforcement monitoring facility (LEMF) after the ProSe function receives the legitimate interception report from the first terminal,
The legitimate interception report includes at least one of layer 2 IDs (identifiers), layer 3 IDs, group IDs, or legal interception times of the transmitter and the receiver. The method of claim 7,
The method comprising at least one of interception related information (IRI) or contents of communication (CC) in the transmission/reception information. The method of claim 7,
When the first terminal is in a coverage area, the first terminal periodically transmits the legitimate interception report including the transmission/reception information to the ProSe function. The method of claim 7,
When the first terminal is out of the coverage area, the first terminal stores the transmission/reception information,
When the first terminal is located back to the coverage area, the first terminal transmits the legitimate interception report including the transmission/reception information to the ProSe function. In the first terminal to perform legal wiretapping,
A transceiver for transmitting and receiving signals; And
Responsible for controlling device-to-device communication (D2D communication) between the first terminal and the second terminal, identifying transmission/reception information between the first terminal and the second terminal, and using a proximity-based services (ProSe) function. It consists of a control unit that manages the transmission of the legitimate interception report including the transmission and reception information, and
The transmission/reception information is transmitted from the ProSe function to a law enforcement monitoring facility (LEMF) after the terminal transmits the legitimate interception report to the ProSe function,
The legitimate interception report includes at least one of layer 2 IDs (identifiers), layer 3 IDs, group IDs, and legitimate interception times of the transmitter and the receiver. The method of claim 11,
The terminal, characterized in that the transmission and reception information is related to performing a legitimate interception by a ProSe function. The method of claim 11,
When the first terminal is in a coverage area, the first terminal periodically transmits the legitimate interception report including the transmission/reception information to the ProSe function. The method of claim 11,
When the first terminal is out of the coverage area, the first terminal stores the transmission/reception information,
When the first terminal is located back into the coverage area, the first terminal transmits the legitimate interception report including the transmission/reception information to the ProSe function. The method of claim 11,
The terminal, characterized in that the transmission and reception information is transmitted to the LEMF from the ProSe function through a delivery function In the ProSe (proximity-based services) function device that performs legal interception,
A transceiver for transmitting and receiving signals; And
It is composed of a control unit that receives a legitimate interception report including transmission/reception information between the first terminal and the second terminal from the first terminal, and manages the transmission of the transmission/reception information as a delivery function, and
The transmission/reception information is transmitted to a law enforcement monitoring facility (LEMF) after the ProSe function receives the legitimate interception report from the first terminal,
The legitimate interception report includes at least one of layer 2 IDs (identifiers), layer 3 IDs, group IDs, and legal interception times of the transmitter and the receiver. delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete delete

Images