US Patent 11777998 Secure lawful interception in network elements

A mechanism is provided that enables hiding identities of a target subscriber that is to be subject of lawful interception, LI, when the intercept access point, IAP, is outside the network operator part of the LI domain. Monitoring of data traffic such as over-the-top, OTT, services is enabled while at the same time hiding LI target identities to a network element, NE, containing the IAP. A secure memory area in the NE is dedicated to the LI functionality necessary to intercept and report interception data to the operator part of the LI domain. The interface between the NE and the operator part of the LI domain is the use of a secure injection channel via which the necessary LI software and target information are conveyed between the NE and the operator part of the LI domain.