Tatiana Lucas and Dr. Jerry Lucas, TeleStrategies
03/01/2007
2007 will be the year that intelligence support systems (ISS) will appear on C-level telecom executives’ radar screens. To understand why, consider some background on the relationship between new technologies and regulatory change that is driving ISS deployment.
New telecom technologies, in this case IP, drive changes in regulations. Changes in regulations create the need for new support systems, such as OSS, BSS and now ISS. For example, first-generation cellular technology (AMPS) was developed in the 1970s. The old AT&T wanted a monopoly on AMPS deployment. Regulators said no, stuck to the ruling that granted two licenses per market, and began issuing licenses in 1983.
New startups like Cellular One and even the Bell operating companies needed to get to market ASAP. They couldn’t go to market without OSS or BSS. So presto, there was an immediate need for off-the-shelf billing systems and more. Before 1983 there were no billing system vendors—the telcos developed their own in-house.
Today’s IP revolution has made many telecom regulations obsolete. Here are three regulatory changes coming this year that will raise awareness regarding ISS among C-level telecom executives and will force them to open up their purses to become compliant.
1) CALEA Compliance by May 14
The FCC says carriers must comply with the Communications Assistance for Law Enforcement Act (CALEA) by May 14 this year, or else.
Why CALEA? When the telcos started their big push to digitize the local exchange and began to hype up ISDN, law enforcement agencies realized they had a problem. You couldn’t send an agent to climb up a telephone pole and place a set of alligator clips on the target’s digital phone line to tap it, like Richard Dreyfuss did in the 1987 movie “Stakeout.” So Congress changed the law giving the FCC authority to enforce CALEA. Specifically, telcos had to deploy equipment to support lawful interception. Ironically, the ISDN revolution never happened in the residential market, but digital cellular made CALEA relevant.
Today’s disruptive technology is VoIP over broadband. The FCC, after nearly five years of debate, concluded that if VoIP over broadband looks, walks and quacks like a duck, then it must be a duck. In other words, VoIP over broadband is telephone service, and thus its providers must be CALEA-compliant by May 14, 2007—period.
But this is just a crack in the compliance dam. The flood will come with IP-based converged services. Voice, data and video over the same pipe will cause complexity for CALEA compliance. This flood has three dimensions. The first is data retention of service usage, or tracking what service moves from who to where. Second, presentation of that data must be in a form that makes sense to law enforcement authorities (LEAs) and can be submitted as evidence in court. Third, networking between telecom service providers and LEAs will be problematic. You can’t transmit interceptions like wiretaps economically at 25 Mbps or so and send that intercepted data to the LEA monitoring center, let alone do it for hundreds of simultaneous taps in multiple LEA operations. It would require terabit per second networking.
The bottom line is that it is only a matter of time—maybe this year—until U.S. lawmakers will do as those in Europe are doing. For starters, by September of this year European telecoms and ISPs will have to save call records, in some cases for up to two years, and store them in a fashion that is easily accessible by LEAs, is suitable for court evidence and has consumer privacy safeguards. By 2009 European telecoms will have to save SMS, IM, e-mails and just about everything else for which you can create a data usage record.
Data retention is about intelligence gathering. So if you are an existing mediation or billing vendor, look to add ISS functionality and products to your portfolio now. Expect your telecom and ISP customers to go through the same thought process on data retention already experienced by providers of VoIP over broadband. First comes denial, where they’ll say, “It doesn’t apply to us.” Second, they’ll be depressed and say, “We can’t do it, because the technology does not exist.” Third, they will be outraged at the idea that this could cost ten of millions, maybe billions of dollars. And finally acceptance will come, where telecoms will ask, “Let’s see what ISS products are out there to make us data retention-compliant.”
2) P2P Meets Deep Packet Inspection
One thing law enforcement and intelligence communities have in common with the telecom and the entertainment industries: They all dislike or fear peer-to-peer (P2P) applications.
They don’t like it that bad guys can communicate using P2P applications. P2P networks make it an order of magnitude more difficult to monitor a target’s communication. P2P traffic eludes centralized hosts and is often encrypted. Also, P2P protocols run over any TCP and UDP ports chosen at random. All of this decentralized architecture means P2P protocols are even harder to discover and analyze.
For the telecoms and ISPs, P2P eats up bandwidth and cannibalizes revenue-producing traffic. Most ISPs say that more than half their traffic is P2P. Telecoms say 70 percent or more of broadband access traffic is P2P, and that includes free or almost free services like Skype.
So what are LEAs, the intelligence community and telecoms going to do about P2P? They should deploy a new set of ISS tools that provide deep packet inspection (DPI). The way DPI works is that a tap is placed to intercept traffic at layers 1 and 2. This traffic is split off to a DPI appliance. At this point you can determine at a minimum what application has been carried in the packet stream (Skype, BitTorrent, etc.) and kill it if you choose.
A number of carriers have deployed DPI appliances in telecom networks and use them for both lawful interception and Skype blocking. But what’s a scenario for widespread DPI deployment? It will be related to net neutrality—or more specifically, to the end of net neutrality as the rule. Telecoms will deploy DPI so they can develop a charging strategy based on the application being carried. DPI will identify whether the traffic is P2P, email or Skype, for example, and carriers can then charge accordingly. Once this infrastructure is deployed, it will become part of CALEA.
The reasons net neutrality will not continue in the United States are jobs and politics. Telecoms employ lots of people: more than 1 million jobs are created by wired, wireless and cable operators in the United States. Portal companies like Google and YouTube, on the other hand, do not employ many people. Google, a big net neutrality proponent, has only 8,000 employees worldwide. YouTube had 67 employees when Google acquired it for $1.7 billion. Verizon, by comparison, has 210,000 U.S. employees. The bottom line is that the average member of Congress has 2,000 telco-type employees in his or her district. Given those numbers, how would you vote on net neutrality if you were running for reelection? But, then again, there are all those bloggers and Internet activists hyping net-neutrality. The bottom line is that no net-neutrality political consensus means no legislation. So think DPI deployments!
3) CPNI and Pretexting Meet CMF
The final regulatory actions that will put ISS on the radar have to do with customer proprietary network information (CPNI) and new anti-pretexting laws that Congress passed several months ago. Because of these new rules, telecoms are going to have to step up and protect their customer data against leakage like never before.
Telecom networks typically are, relatively speaking, secure from outside threats. But the IP revolution has exposed critical data, including personal customer information such as Social Security and credit card numbers, to insider threats. The reason pretexting has been so successful is that there is virtually no protection against billing record leakage in this era of self-provisioning and customer self-service. Strong user authorization would help, but call records still need to be protected from insider threats. A carrier can protect this critical data from leakage by deploying a set of ISS appliances to perform content monitoring and filtering (CMF).
Liberalizing how telcos can use CPNI will also create a bigger insider threat. In the days of POTS-only services, it was relatively easy for a telecom operator to secure a customer’s calling behavior data from leakage. This was because no ISS tools were deployed to gather intelligence on individuals except under tight, lawful interception controls within a specified security department.
With converged services there is a need to produce detailed behavioral and demographic data for sales and marketing to show advertisers and others what customers use and who they reach. This creates a new set of problems. The new CPNI rules that the FCC is likely to release shortly will say, for example, that you can only show the collective demographics of all users within certain ZIP codes—not details on individuals. But in order to generate that demographic and behavioral data, you have to record individual user habits. Securing data on 5,000 U.S. wiretaps a year is a piece of cake compared with securing data collected on more than 200 million users. How do you secure such information from an insider attack? You do it with ISS tools such as CMF appliances.
Telecom C-levels will be at a strategic crossroads concerning ISS this year. They can try to stonewall data retention mandates, avoid LEA requirements for DPI deployments as part of CALEA compliance, and claim they have no insider vulnerabilities that could lead to data breaches. Or they can recognize the real need for an overall ISS strategy and build it right from the start.
If you need to know more about data retention, deep packet inspection and content monitoring and filtering, plan to attend TeleStrategies’ upcoming ISS World Conference and Expo, scheduled for May 29–June 1 in Washington, D.C. For a full conference agenda and to register, go to www.telestrategies.com
Email this article
Add a comment
Printer version
Order reprints
RSS Feed
Bookmark article