digital delight phase 5 review - defending your rights in ... · project accomplishments (cont.)...

Phase 5 Review: Project Digital Delight December 2002 Project Management

Digital Delight

Phase 5 Review

December 4, 2002

b6 b7C

FOR OFFICIAL USE ONLY * * *

ALL IMF0EHATI0N COHTAIHEE HEEEIM IS UNCLASSIFIED PATE 05-30-2007 BY 65179dEh/Ssi:/lm£

Phase 5 Briefing Vers 1.0 1

Review Purpose and Objectives Phase 5 Review: Project Digital Delight December 2002 Project Management

Purpose • To conduct a review of the activities and control products completed

during the Project Digital Delight development effort, review final cost and schedule performance, and provide management direction for implementation and follow on activities.

Phase 5 Review Objectives • Present project accomplishments

• Review Project Closeout Report highlights

• Identify the project team

• Review project cost performance

• Review project schedule performance

• Present completed project activities/control products

• Discuss outstanding issues and lessons learned

• Obtain authorization to close the project Phase S Briefing Vers 1.0 2

* * * FOR OFFICIAL USE ONLY * * *

Project Accomplishments Phase 5 Review: Project Digital Delight December 2002 Project Management

• Goal

- This project successfully accomplished the goal of developing and deploying interim-CALEA access, intercept, and collection capabilities.

• Project Objectives

- Develop engineering prototype systems to support immediate and evolving case requirements

- Implement engineering production systems to support continuing requirements for pre- and interim-CALEA collection

- Provide support and maintenance of both the engineering prototype and engineering production systems

- Provide liaison with federal, state, and local law enforcement, switch vendors, service providers, and commercial collection system developers.



Project Accomplishments (cont.) Phase 5 Review: Project Digital Delight December 2002 Project Management

• Project Approach

- Design, develop, and deploy prototype systems to respond to immediate collection needs:

» Work with technically-trained field agents

» Work with switch manufacturers

» Work with telecommunications service providers.

- Enhance prototype systems designs to offer a robust and mature interim-CALEA collection platform.



Project Accomplishments (cont.) Phase 5 Review: Project Digital Delight December 2002 Project Management

• Technical Performance:

- DCS-3000 system is a suite of access, intercept, collection, and management software and hardware for pen-register/trap-trace, Title III, and Title 50 applications.

- DCS-3000 system architecture is based on client/server technology:

» IBM PC compatible computer systems

» Microsoft Windows NT/2000 operating system compatible

» IP networking and internetworking

• Operational Performance (as of December 2002):

- Deployed in 55 FBI field divisions and numerous resident agencies

- Used to conduct ALL FBI wireless telephone intercepts and an increasing number of wireline intercepts

- Used by more than 60 federal, state, and local law enforcement agencies

- Used by CIS to test and validate Motorola's iDEN CALEA solution in March 2001 Phase 5 Briefing Vers 1.0 5


Project Closeout Report Summary Phase 5 Review: Project Digital Delight December 2002 Project Management

Project Management was executed as planned except as noted below: - At the completion of the originally planned period of performance (12/31/98), CALEA implementation

was still in process and vendor solutions had not been completed; and, additional interim prototype collection capabilities were needed to continue to support field operations. As such, funding levels and the project period were extended.

All Project Objectives were accomplished except as noted below: - None.

Phase S Briefing Vers 1.0 6


Phase 5 Review: Project Digital Delight December 2002 Project Management

Section Chief

lL|i^^ii i«il i:!! i i i

Unit Chief

Originally E. Allen

§| p | Originally

Digital Delight

Support Personnel

Project Leader

Development Contractor

Booz Allen Hamilton

User Representative

b6 b7C



Development Cost Performance Phase 5 Review: Project Digital Delight December 2002 Project Management

Total Planned Project Cost was: $1,500,000

Actual Cost-at-Completion: $3,792,098

Variance ($): $2,292,098

Variance (%): 152%

The variation between the original planned cost and actual cost-at-completion is due to the change in implementation time-frame for CALEA and the lack of commercially available collection systems for CALEA-based intercepts.

Phase S Briefing Vers 1.0 8


Schedule Performance Phase 5 Review: Project Digital Delight December 2002 Project Management

' Period Of performance: Planned: 6/97 to 12/98 Actual: 6/97 to 9/02

- Schedule Variance of 250% Actual 63 months vs Planned 18 months variance was due to delays and uncertainties surrounding the CALEA solutions and the lack of available commercial systems for CALEA-based intercepts.

Milestones

Statement of Need

Internal Concept Proposal

Project Closeout Report

M:1-6 M: 7-12

w M: 13-18

w

M: 19-24 M: 25-30

T

M: 31-36 M: 37-42 M: 43-48

Section Level:

M: 49-66 M: 55-63

Planned if Actual^

w

Project Closeout Report (Phase 5 Review)

* * * FOR OFFICIAL USE ONLY * * * Phase S Briefing Vers 1.0 9

Project Activities Summary Phase 5 Review: Project Digital Delight December 2002 Project Management

Completed Planned Phase 1 and 2 Documentation and Briefings - Statement of Need (SON) Date Completed: 1/28/97

- Internal Concept Proposal Date Completed: 5/15/97

- Technical Requirements Specification Date Completed: None

- System Requirements Review Briefing Date Completed: None

- SRR Report Date Completed: None

- Phase 2 Review Date Completed: 6/13/97

Phase 5 Briefing Vers 1.0 1 0

FOR OFFICIAL USE ONLY'


• Planned Phase 3 Control Products and Unit Level Reviews

- Functional Description (FD)

- System Development Plan (SDP)

- System Design Description (SDD)

- Preliminary Design Review and Report (PDR-R)

- Critical Design Review and Report (CDR-R)

- Acceptance Test Plan and Procedures (TP and TPr)

- Test Readiness Review and Report (TRR-R)

- Phase 3 Review and Report

Date Completed: None








- Planned Phase 4 Control Products and Unit Level Reviews - Acceptance Test Report (TR)

- Technical Manual (TM)

- Training Plan (TrP)

- Installation Plan (IP)

- Operational Readiness Review and Report (TRR-R)

- Phase 4 Review and Report


Date Completed: June 2001

Date Completed: June 2001







Points Of Contact b6 b7C

FBI Technical Point of Contact

- Developer Point of Contact



Lessons Learned Phase 5 Review: Project Digital Delight December 2002 Project Management

• Lesson 1. LINUX vs. Microsoft

- Limited COTS products and system drivers were available for the LINUX operating system

- End users are not familiar with the LINUX operating system

• Lesson 2. Commercial vs. Custom

- Commercial collection systems lag behind changes in electronic surveillance features for new switch software releases

- Law enforcement needs to maintain an awareness of upcoming switch software releases and surveillance features

- DCS-3000 system provides law enforcement with an excellent platform for quickly addressing new surveillance features.

Phase S Briefing Vers 1.0 1 3


Lessons Learned Phase 5 Review: Project Digital Delight December 2002 Project Management

• Lesson 3. Liaison

- Liaison activities with telecommunications carriers and equipment manufacturers are important in anticipating changes in the format and delivery of CALEA and CALEA-like information.

- Regional training for FBI personnel and liaison with telecommunications companies are extremely important to the continued success of the FBI's electronic surveillance mission.



Recap Phase 5 Review: Project Digital Delight December 2002 Project Management

• Presented an overview of the project accomplishments

- Concurrence Q

• Presented an overview of the Project Closeout Report

- Concurrence •

• Reviewed Project activities, control products and technical documents

- Concurrence •

• Reviewed Lessons Learned

- Concurrence Q

• Authorized Closeout of the project

- Authorized •



Project Digital Delight

• Initiated in January 1997 to develop CALEA-interim ELSUR capabilities for newly-deployed PCS and ESMR networks

• Developed DCS-3000 - a new intercept/collection system for new PCS switches (primarily PCS-1900/GSM switches)

PG-16

Project Digital Delight

DCS-3000 is currently deployed in 16 FBI field offices covering:

b2 b7E

PG-17

DCS-3000 System Architecture

b2 b 7 E

PG-18

Intercept Capabilities

DMS-IOO/GSM switch has real-time pen-register and Title-Ill ELSUR capabilities - Compatible with the DCS-3000 system - Currently, 3nly has implemented these

capabilities in 2 MSCs - Atlanta, GA and White Plains, NY

- Motorola DAP/MPS switch does not have any ELSUR capabilities

PG-19

United States Department of Justice Federal Bureau of Investigation

DCS-3000 News

ff$\ Telecommunications Intercept and j ^ y Collection Technology Unit

October 16, 2005

ALL IHFORM&TIOH COBTAIHED HEEEIH IS OTCLAS3IFIEB DATE 05-29-2007 BY 65179/DHH/K3R/LHF

Switch-Based Intercept Team

b6 b7C

2

DCS-3000 News

Topics

DCS-3000 Numbers

PTT Intercepts Valkyrie BW-3000 VoIP Intercepts

DCS-3000 News

DCS-3000 Numbers

More thar in FY2005

ntercepts supported by the DCS-3000

83% Wireless 17% Landline

b2 b7E

4

DCS-3000 News

System Architecture b2 b7E

b2 b7E

5

DCS-3000 News

b2 b7E

DCS-3000 News

b2 b7E

7

DCS-3000 News

b2 b7E

DCS-3000 News b l b7E

Ready I ink

DCS-3000 News

Valkyrie

b2 b7E

10

DCS-3000 News

Valkyrie b2 b7E

DCS-3000 News : :li^H

BW-3000

Many landline carriers now deploying new GR30 intercept capability h2

and others b7E

- CCC delivered via 'dial-out' - CDC delivered via FSK over 'dial-out'

Initial DCS-3000 solution depended on Zoom modem - Zoom modem developed by ATU for switch solution verification - Not suited for high density collections

SBIT developed BW-3000 for large collection sites - Software based FSK demodulators (up to 8 per system) - Seamless integration with existing collection systems

DCS-3000 News

VoIP Intercepts

Many common carriers now deploying VoIP subscriber access technologies Some carriers have already embraced CALEA requirements and have intercept solutions available:

b2 b7E

The solutions deployed by these carriers have forced SBIT to develop a new access model: - CDC and CCC delivery via VPN over the Internet

13

DCS-3000 News

VoIP Intercepts

Neustar acts as technical agent • CDC: Cable Labs (~ J-STD-025A) • CCC: UDP/IP (target differentiation by MAC address)

b2 b7E

Verisign acts as technical agent • CDC: CableLabs • CCC: UDP/IP (target differentiation by UDP port)

Technical issues handled internally S • CDC: CableLabs • CCC: 'Dial Out'

14

DCS-3000 News

VoIP Intercepts

b2 b7E

15

DCS-3000 News ". • - ^ M

Under Development

• CCC audio concentrator for DCS-3000 to RW applications - High density VolP-to-Analog delivery system - Multiple intercepted CCCs will be packed onto T-1

circuit for RW input *l IVSELP. AMBE++, and PCM CCCs H ICCCS b2 • LandlineVolPCCCs •I I and other VoIP PTT CCCs

16

\ii»a

17

I I1 +,< 1 r . u H, i i I'lij ii " in g|g|j^|iii|i<|]iiiiiq|yl vf j f ||||!||l!|

• i j '• .

Telecommunication; i nierce and Collection Techno1 . . I

n1

-JJ-.-H.

Electronic Surveillance in the 21st Century

ALL IHF0RH1TI0H CONTAIHEB HEKEIH 15 UICLASSIFIED DATE 05-29-2007 BY 65179DHH/K3R/LHF

PG-1

ACCESS

COLLECTION

ANALYSIS

PG-2

r ACCESS

^ 4

COLLECTION

ANALYSIS

Interconnection with the switching facilities of the carrier(s) and delivery of the authorized data and/or content to the designated monitoring facility.

i 1 4 1

PG-3

) COLLECTION

ANALYSIS

Support for real time monitoring and the organized electronic storage of call content and associated call-related data by commercial applications at field offices.

PG-4

Key Ete

• - -A

ACCESS

COLLECTION

• i

* t . \ ANALYSIS

*

The application of specialized software tools, against the collected content and/or data, to identify suspects, associations, patterns and other investigative leads.

PG-5

I — "I lT~ I 3T W

SSBfc Key Elements

ANALYSIS

Link Analysis Keyword Spotting Keyword Searching Voice Recognition Voice Identification

PG-6

I I

PG-7

^*U.l.:...i:.:M

,i ' •q-_« l.-4r

*• ~ — - • J - i . iii- i

Collection

PG-8

• • I *«*'• I d '•'•'•• • • •

."• 1

1 A

nn.

b Collection

G J C J

PG-9

o

Lucent 5ESS

I i! I Nortel Nortel GSM DMS-100

PG-10

Circuit

Bridged A^Q§j^ I • ' -h- - | J - — " - • • * • * • •» *• • •"•-1

1 Receive Circuit V j J

X :.__Y^~"._ -----~-^V-Transmit Circuit \ / - . . . . » i " ^

Receive Path

DELIVERY

Transmit Path

Circuit

PG-11

- - - ^ ^ - : I I

:̂ "_-_-_-_-:"j:j

DELIVERY

Receive Path

Transmit Path

PG-12

Service Pmm$kt G

wl

fl|

Incumbent Local Exchange Carrier (ILEC) Competitive Local Exchange Carrier (CLEC) Conventional Cellular Personal Communications Services (PCS) Enhanced Specialized Mobile Radio Satellite nternet Telephony (Voice over IP)

i ^S **& —a fs<& .-H. - t r; /

C C A B A B C i & D E F E S ln

PG-14

o i I i | i " |1 ' i Ij pr ]"p nn-||

1 I '1 I ! Ii "'

Ail! ExpTOî|yg|;< il T

I I i hHr Mil • li ihuiihl—ml I i I In I iiln

- -^MIDWEST """•T*, WIRELESS

_-_--'— f f wast*i*tf

r * ^ * U » f •Hyiîi^MAiî|iilii1|iiii(irja ! % D I Q I P H p

r-̂ iH544^ P^1"^ MM MSMMK

AI s T o u c w PRIMECO

C n C i # t CELLULAR©liEE

Si-ri-iitu Suuilmenl FltK-hlu

PG-15

Switda Venders " " -.. 3"T P Jh J . " 'I : •

• J.I.I I i l . i . . I 1I1I11 • • i lml 11 lilii • m m • • I.I.. • • lull

b2 b7E

1 J

PG-16

"•|-| ~^B TT" '"m- "ilu

T f̂ffls5 Tm^mfiim 3 f f £'~ ?» a":" H • • • • i l l l i h 1 " • " • • — • • •

ASN-1

4fe fia - % * ** ATM/ ^

Basic Rate Interface Serial Port

.9; <"e,

¥ TCP/ip 9 traatirtrt D a n i c t a r .» I

Authentication

Home Location Register

Modem Application layer

RS-232 - * *

tSS&* 255.255.255.0

PG-17

Interim PCS Solutions

Electronic Surveillance Technology Section

Networks Access Development Unit

PG-18

Topics of Discussion • Broadband PCS • ESMR • Current PCS/ESMR Solutions • DCS 3000 Demo

PG-19

PCS Collection System Architecture

b2 b7E

PG-20


b2 b 7 E

PG-21


b2 b7E

PG-22


PG-23

Current Switch Capabilities Switch Type Intercept Technique/Delivery Intercept Equipment

b2 b7C

PG-24

DCS-3000 System • DCS-3000 is currently deployed in more

than 20 FBI field offices covering: - | - 5 switches

- • 3 switches

4 switches

-I I- 2 switches b2

b7E

- - 8 switches

- 2 switches

- 5 switches

- -4 switches PG-25

DCS-3000 System Architecture b2 b7E

PG-26

• •

PCS Solutions

Telecommunications Access Program EST-3

PG-27

• •

Topics of Discussion • Broadband PCS

I 1 b 2

a b7E

• Current PCS/ESMR Solutions • DCS 3000

PG-28

DCS-3000 System

• FBI's first CALEA-paradigm intercept/collections system

• Windows NT-based Client/Server architecture

• Originally developed for PCS/GSM switches

PG-29

DCS-3000 System Currently deployed in more than 40 FBI field offices and 75 MSCs covering:

b2 b7E

PG-30

o •

DCS-3000 Deployments

PG-31

DCS-3000 Intercept/Collection System

b2 b7E

PG-32




PG-33

Topics of Discussion • Broadband PCS • ESMR • Current PCS/ESMR Solutions • DCS 3000 Demo

PG-34

Current Switch Capabilities b2 b7E

PG-35


PG-36




PG-37


• ESMR

• Current PCS/ESMR Solutions

• DCS 3000 Demo

PG-38

Current Switch Capabilities Switch Type Intercept Techniaue/Deliverv Intercept Equipment

b2 b7E

^nnaaaifPMM^aHii*

PG-39

DCS-3000 System DCS-3000 is currently deployed in more than 20 FBI field offices covering:

PG-40


PG-41

PCS Solutions

Telecommunications Access Program EST-3

PG-42


1 b2 m b7E

• Current PCS/ESMR Solutions • DCS 3000 Hands-on Demo

PG-43

DCS-3000 System DCS-3000 is currently deployed in more than 33 FBI field offices covering:

b2 b7E

PG-44

DCS-3000 Deployments

[' ' - - { — r -* K f7-k> «-' fe I ' , 1 - -, , _ J i , - f—=q rtV

^

PG-45

DCS-3000 Intercept/Collection System b2 b7E

PG-46

United States Department of Justice Federal Bureau of Investigation

Telephone Interception

Y%$\ Telecommunications Intercept and L_y Collection Technology Unit

November 30, 2005

ALL IHFORM&TIOH COHTAIBED HEEEIH 15 UNCLASSIFIED DATE 05-29-2007 BY 65179/DHH/KSR/lHF

Topics

• OTD Organization • The Paradigm Shift • DCS-3000and • PTT Interception • VoIP Interception • Local Number Portability • Caller ID Spoofing • Online Resources

Operational Technology Division

•MBIDl£l*=qti: JB^3..E,'L*"fr^fr

iilliiililJHilBllll Slllllfflllllllilllllill llliiilliiiiiiilll

spyisiiiiiiii f t X

U

CALEA ELSURTech | Special imi l«muniHi un Management Projects

Telecom Intercept & Collection

Technology

Audio Technical Technology Operations

Development Coordination

Advanced Telephony

Traditional Intercept Model

C.M.P.

rnflW*TTtn^y

TELCO CENTRAL OFFICE

: m

*» <• u

4

CALEA Intercept Model

FBI OFFICE

nirW^iJ

SWITCH

COLLECTION DEVICE

(e.g. DCS-3000)

CARRIER PROVISIONING FUNCTION

DCS-3000 Numbers

More than in FY2005

intercepts supported by the DCS-3000


b2 b7E

. - - < * T^"""" *

6

System Architecture b2 b7E

b2 b7E

7

DCS-3000f b2 b7E

b2 b7E

• •

b2 b7E

VoIP Intercepts

• Many common carriers now deploying VoIP subscriber access technologies

• Some carriers have already embraced CALEA requirements and have intercept solutions available:

I 1 b2 _ b7E

• The solutions deployed by these carriers have forced OTD to develop a new access model: - CDC and CCC delivery via VPN over the Internet

• #

Local Number Portability

• Required by the Telecommunications Act of 1996 for landline providers

• FCC extended the requirement to wireless carriers in November 2003-WLNP - Permits consumers to switch wireless carriers within the

same geographic area while retaining same phone number - In some cases a number can be ported from a landline

carrier to a wireless carrier • Creates new challenges for law enforcement

- NPA/NXX is not sufficient to determine the subscriber's service provider

- Porting is not reported via CALEA messaging. If a target ports during the period of intercept, the collection will be interrupted until the new carrier is identified and served with a court order

11


3M

10M . ^

2 0 M > /

^^r A

40M

^T •

3 0 M / ^

^f A

I l I I I

.

12


• Neustar Interactive Voice Response (IVR) System - Established by the telecommunications industry

to assist law enforcement - Automated dial-up service handles inquires for

both landline and wireless numbers

b2 b7E

- Not to be used for FISA/classified target numbers

13

Caller ID

• Developed by Bell Labs • Method of displaying calling party

information using the established SS7 data network

• Information is passed from the originating (calling) system to the terminating (called) system/switch and then to the called party

14

Caller ID

b2 b7E

Caller ID Spoofing

b2 b7E

b2 b7E

Taller ID SnnnfiiMF

b2 b7E

17

Caller ID Spoofing

b2 b7E

18

Online Resources

b2 b7E

TICTU has many resources available online (Trilogy):

19

I f r : " • ~ - • • • : • • • ; : • • • • • • : : • • • • Federal Bureau of Investigation Electronic Surveillance Technology Section

s-a_?< Telecommunications Intercept and Collection Technology Unit

TICTU/SBIT Brief Book

Last Update 2006-01-31

ALL IHFOEHiTIOH COIJTAIHED HEEEIH IS DHCLA3SIFIED BATE 06-01-2007 EY 65179 dmh/fcsr/lmfi

PG-1

Traditional Wiretap Model

C.M.P.

J U B ;

'•»**-~i

TELCO CENTRAL

OFFICE

PG-2

• o G E E ) CALEA Wiretap Model

CARRIER PROVISIONING

FUNCTION

PG-3

FM iSST* CALEA Wiretap Model

CDC - Call Data Channel • Typically, TCP/IP or X.25 data connection • Transports pen-register and trap/trace information • One CDC per intercept access point (i.e. switch or

network)

CCC - Call Content Channel • Typically, circuit switched • Transports intercepted content/audio • At least one CCC per target

CALEA CDC and CCC delivered independently

PG-4

DCSnet Backbone Delivery

;SSSJS,,!a,,,,it,,,L,,,Ji.,,E,.,.i; & k i i a ; J ! L J L £ . J i i : ^

H T-Moblta

H Spin) PCS

•VMBfln

B3 Map Saver - \

a

-u ^ — , ^ ^ > —wr* j ^ V

* . * J, - t .

> — »

I Denied Tratte -—

PG-5

• •

CALEA-Enabled Intercepts

CALEA-based intercepts conducted with more than 50 U.S. carriers in 2005


PG-6

b2 b 7 E

FBK CDC Delivery

PG-7

CCC Delivery

b2 b7E

PG-8

DCS 3000[

b2 b7E

PG-9

I t

VoBro Experiences \ X t l M M M I I I « B i n n i M I M M M B B M W ^ M l l i l M M a h i m i W i i y

Many common carriers now deploying VoIP and VoP subscriber access technologies Some carriers have already embraced CALEA requirements and have intercept solutions available:

b2 b7E

The solutions deployed by these carriers have forced the FBI to develop a new access model. - CDC and CCC delivery via VPN over the Internet

PG 10| I'f-ir7'",?!"^! I••' + * X J -i-^ i~ «?"*I -• <• • > .- I L i f J

VoBro Experiences j

b2 b7E

PG 11 £^Mys^i?f

-f m •»• m> m* • • • - ^ »« i I T "r" im mm <™ mm - P I ' " « H I P » « I

VoBro Experiences j b2 b7E

PG 12

*3LiIT<

PG-13

Skype In/Out j

b2 b7E

|]QjF' PG-14

digital delight phase 5 review - defending your rights in ... · project accomplishments (cont.)...

Documents