Abstract: A method and apparatus are provided. Information associated with a lawful interception of communication data of a user equipment is received. Security information associated with the communication data of the user equipment is provided in response to the received information. The security information is based on a first secret which is shared between a communication network provider and the user equipment.

Abstract: Systems, methods, apparatuses, and computer program products for security of inter-nodal communication for VoiP lawful interception are provided. One method includes receiving, by an access node, at least one identity from an internet protocol multimedia system (IMS) node, the at least one identity used by the IMS node to intercept signaling messages, compiling a target list comprising the at least one identity, receiving a message from the IMS node when a session is established, wherein the message comprises an identity for each of the parties to the session, and comparing the identity for each of the parties to the session with the at least one identity in the target list.

Abstract: A method and apparatus are provided. Information associated with a lawful interception of communication data of a user equipment is received. Security information associated with the communication data of the user equipment is provided in response to the received information. The security information is based on a first secret which is shared between a communication network provider and the user equipment.

Abstract: Methods and apparatuses for activating lawful interception in a network for devices without MSISDN are provided. One method includes receiving an external identifier for a terminal or subscription in a network, and querying a server for an international mobile subscriber identity (IMSI) that is associated with the terminal or subscription identified by the external identifier. The method may also include activating interception in the network using the international mobile subscriber identity (IMSI).

Abstract: A network element comprising a storage configured to maintain downloaded service profiles; a data base configured to maintain a list of identifiers of downloaded service profiles; and a correspondence processor configured to check the availability of a downloaded service profile by referring to the list of identifiers.

Abstract: Usage of nonce-based authentication scheme in a session-based authentication application, usable in a communication system comprising a session control server and an authentication server, which are configured to provide for a session-based authentication application, wherein authentication is based on a nonce-based authentication scheme, comprising an indication of an operation mode of the session control server from the session control server to the authentication server in an authentication request, wherein the operation mode included proxy mode and user agent mode.

Abstract: Authentication of a user of a communication system comprising a session control server and an authentication server, wherein the communication system supports at least two separate authentication schemes, comprising the steps of determining, at the session control server, that a registration request from the user to be authenticated leaves undefined the authentication scheme to be used for authenticating the user; and inquiring, from the authentication server, which authentication scheme is to be used for authenticating the user, said inquiring being based on an identity of the user and pre-stored information at the authentication server on a mapping between user identities and usable authentication schemes.