Systems and methods for providing secure communication between an inmate and an outside user are disclosed. In various aspects, account information of both the user and the inmate is stored. A message transmission is received from a first device that includes a header portion and an encrypted payload portion. The system verifies that confidential communication between the inmate and the outside user is permitted based on the header portion and the stored account information. Once verified, the message is transmitted to a second device without decrypting the payload portion of the message.

Methods and apparatuses start lawful interception of an ongoing communication process in an after-handover network environment prior to completing an international handover of a user device. The user device is party of the ongoing communication process and an LI target. The user device being an LI target is determined based on the user device's identity, which is retrieved if the international handover is initiated.

Aspects of the disclosure relate to an automated monitoring of proximate devices. A computing platform may cause a reporting device to detect a target device in a local network, retrieve network data associated with the target device, and send, to an intermediate server, the network data. The computing platform may send, to the intermediate server, a query. The intermediate server may send the network data in response to the query. Based on the network data, the computing platform may determine an amount of time that has elapsed since network activity was previously detected for the target device, and based on a determination that the amount of time exceeds a predetermined time threshold, the computing platform may generate an alert notification indicating that the target device may need to be traced. Subsequently, the alert notification may be sent to the reporting device.

Various embodiments are generally directed to improved channel quality information feedback techniques. In one embodiment, for example, an evolved node B (eNB) may comprise a processor circuit, a communication component for execution by the processor circuit to receive a channel quality index for a physical downlink shared channel (PDSCH), the channel quality index associated with a defined reference resource, and a selection component for execution by the processor circuit to select a modulation and coding scheme (MCS) for transmission over the PDSCH of user equipment (UE) data in one or more resource blocks, the selection component to compensate for a difference between a cell-specific reference signal (CRS) overhead of the defined reference resource and a CRS overhead of the one or more resource blocks when selecting the MCS. Other embodiments are described and claimed.

A system and method for provisionally authenticating a host moving from one router to another router in a network using border gateway protocol (BGP) is disclosed. A host is initially authenticated at a first BGP router, this discovery is advertised to a second BGP router pursuant to BGP with a new extended community indicating successful authentication (or pre-authentication) of the host at the first BGP router. An indication for re-authentication of the host at the second BGP router is then received, which blocks network traffic from the host to the second BGP router. Due to the notification of a previous authentication of the host, the second BGP router begins a provisional authentication session. In response to a successful completion of the provisional authentication session, the host is authorized to transmit network traffic on the second BGP router and subsequently blocked from doing the same at the first BGP router.

Certain embodiments of the invention generally relate to lawful interception of communications for IP Multimedia System-based (IMS-based) voice over IP (VoIP). For example, some embodiments relate to interception of communications including interception for encrypted, transcoded media. A method may include identifying a network node that provides call content interception. The method may also include determining a codec type used at a location of the call content interception at the network node. The method may further include sending a matched codec of the codec type used at the location of the call content interception at the network node to a delivery function in the communications network.

Lawful intercept is supported by providing a network communications device target identifiers in encrypted form. Received encrypted target identifiers are stored in a non-volatile storage device. Before communications interception occurs, one or more encrypted target identifiers are loaded into active memory which is secure and not accessible by a network device operating system administrator. A decryption request is sent to a security device and the result loaded into the secure active memory. Plain text target identifier(s) returned by the security device are loaded directly into the active memory without being stored in the operating system administrator accessible storage device. In the case of a reset resulting in the contents of the active memory being lost, the active memory is repopulated by sending decryption requests using the stored encrypted target identifiers to indicate to the security device the target identifiers which need to be decrypted and reloaded into active memory.

In one embodiment, a telemetry exporter in a network establishes a tunnel between the telemetry exporter and a traffic analysis service. The telemetry exporter obtains packet copies of a plurality of packets sent between devices via the network. The telemetry exporter forms a set of traffic telemetry data by discarding at least a portion of one or more of the packet copies, based on a filter policy. The telemetry exporter applies compression to the formed set of traffic telemetry data. The telemetry exporter sends, via the tunnel, the compressed set of traffic telemetry data to the traffic analysis service for analysis.

The disclosed embodiments are directed toward monitoring and classifying encrypted network traffic. In one embodiment, a method is disclosed comprising intercepting an encrypted network request, the network request transmitted by a client device to a network endpoint; identifying a network service associated with the network endpoint based on unencrypted properties of the encrypted network request; identifying, based on the encrypted network request and a series of subsequent network requests issued by the client device, an action taken by the client device, the action comprising an activity performed during a session established with the network service; and updating a catalog of network interactions using the network service and the action.

A determination is made that an identity of a non-target communicating entity (102) with which a target communicating entity (101) is communicating, is to be obfuscated in any report of lawful interception of the target communicating entity (101) to a law enforcement agency (131). Lawful interception is performed of the target communicating entity (101) and information pertaining to the lawful interception of the target communicating entity (101) is reported to the law enforcement agency (131). The reported information comprises non-obfuscated identity information of the target communicating entity (101) and obfuscated identity information of the non-target communicating entity (102).