Critical issues forum
This presentation is the property of its rightful owner.
Sponsored Links
1 / 60

Critical Issues Forum PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Critical Issues Forum. i3 – The future and beyond Brian Rosen Emergicom. Caveats for this session. Lots of different stakeholders here – I’ll be moving back and forth among messages to each of them

Download Presentation

Critical Issues Forum

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Critical issues forum

Critical Issues Forum

i3 – The future and beyond

Brian Rosen


Caveats for this session

Caveats for this session

  • Lots of different stakeholders here – I’ll be moving back and forth among messages to each of them

  • I’ll cover some things at a very high level initially, and later go into some more detail on them

  • Some repetition of Henning and others’ points

  • i3 isn’t agreed yet, this is my opinion of how things will turn out

Reminder of the basic emergency call problem

Reminder of the basic Emergency Call problem

  • Determine a call is an emergency call

  • Route the call to the correct PSAP

  • Include the location of the caller so help can be dispatched to the right place

  • Include a way to call back if disconnected

The sierra leone problem

The “Sierra Leone” problem

  • Patron at a Starbucks café has a laptop with WiFi connection to the Internet

  • VPN Tunnel exists to Patron’s employer

  • Softclient on laptop connected to employer’s VoIP PBX

  • An accident happens, and the patron dials 9-1-1 for help

Sierra leone cont so what

Sierra Leone cont. – So What?

  • The Starbucks is in Chicago

  • The employer is Sierra Leone Trading Intl

  • Its VSP is Sierra Leone VoIP Services Pty

  • Its ISP is Cable and Wireless

  • Starbucks uses T-Mobile to supply the hotspot

  • There are no contractual relationships except that between S.L. Trading and S.L. VoIP

  • There is clearly no contractual, legal or other relationship between the Chicago PSAP and any entity in Sierra Leone

Assumptions for i3

Assumptions for i3

  • PSAP is on the Internet (maybe behind a big firewall)

  • Call taker answers VoIP call, not a gateway to existing technology

  • Databases can change

  • Database access mechanisms can change

  • Not necessarily a carrier in the path

  • Inherently multimedia: Voice, video, image, text,..

  • Addresses are not necessarily numbers (e.164)

Challenges for i3

Challenges for i3

  • PSAP is on the Internet (maybe behind a big firewall)

  • Call taker answers VoIP call, not a gateway to existing technology

  • Databases can change

  • Database access mechanisms can change

  • Not necessarily a carrier in the path

  • Inherently multimedia: Voice, video, image, text,..

  • Addresses are not necessarily numbers (e.164)

Psap is on the internet

PSAP is on the Internet

  • This means that anyone can place a 9-1-1 call to the PSAP

  • Must deal with viruses, Denial of Service attack, etc. directed to the PSAP

  • Need to have the routing database publicly available to all

Call taker answers voip

Call taker answers VoIP

  • Implies that the design of the PSAP changes from a TDM switch (SR + PBX) to a data network

  • Must make VoIP protocol choices

Databases can change

Databases can change

  • More information can be provided

  • Data can be reorganized to better fit the source and use of the data

  • Need to figure out how to populate and maintain the data accurately

Data access mechanisms can change

Data Access Mechanisms can change

  • New, IP based protocols will be used to access the data

  • These protocols are, for the most part, promulgated by the IETF, a new partner for the 9-1-1 community

  • Data will be public, raising security and privacy concerns

Not necessarily a carrier

Not necessarily a carrier

  • Anyone can set up a VoIP system

  • Large enterprises/organizations probably will, much as they run their own email system

  • Means that you cannot rely on a carrier to do data management and validation

  • Means that you cannot rely on a carrier to deal with problems

Inherently multimedia

Inherently Multimedia

  • Will support video, images and text (Instant Messaging) from the start

  • Means that the “phone” at the call taker workstation is NOT a simple VoIP set

  • Work towards passing this media towards the responder

  • Implies recording systems change

I3 it s bigger than just us

i3: It’s bigger than just us

  • The U.S. (or even North America) can’t design their own system

    • The Sierra Leone Problem

    • Roamers from, say, Japan

    • Purchases by local citizens of equipment from other countries

  • There are NO national variants of any Internet protocol

  • The solution is to make the solution an international solution, primarily promulgated in the IETF

  • NENA can have significant influence in this process

How this will work at least at i3

How this will work (at least at i3)

  • The phone learns its location from the LOCAL environment

    • DHCP supplies location when the laptop gets it’s IP address

    • This is the right location, before the VPN tunnel is established

  • Location is carried in the signaling, with the call

  • There is an available routing database so that anyone, worldwide, can route the call to the correct PSAP

This will be a significant change to the psap

This will be a significant change to the PSAP

  • It’s not really possible to gateway VoIP calls to existing systems, we will gateway PSTN calls to VoIP

  • Not limited to voice

  • Much more data associated with the call

  • Much more routing flexibility that existing systems, especially in the Selective Router, can supply

  • And one more thing

The current 9 1 1 system is dangerously vulnerable to deliberate attack

The Current 9-1-1 system is dangerously vulnerable to deliberate attack

  • Current congestion control mechanisms limit the number of calls into the PSAP to a very small number

  • Current Internet Viruses can infect 10s of thousands of machines, more than 50% of which have modems connected to existing PSTN lines

  • If a virus was directed to call 9-1-1, wait for answer, hang up and try again from thousands of machines spread out all over the country, the entire 9-1-1 system would be taken down. Not related to VoIP.

  • Such a virus has ALREADY been written, but not widely deployed

  • There is no defense available to stop this kind of attack

Routing is non trivial especially in north america

Routing is non trivial, especially in North America

  • There are approximately 6,134 PSAPs in North America

  • Each has a service boundary

  • They are NOT necessarily aligned to any political (state/county/city) boundary

  • Call must be routed to the correct PSAP

  • There are databases that exist for civic and geo locations that tell you where to route the calls

  • But currently, access to them is restricted, and has cost associated with it

  • Other areas are easier (one PSAP for a country) others are harder (no existing database)

Location in enterprises

Location In Enterprises

  • Getting to the right “address” is not enough

    • Think of this as the “yelling” test

  • All enterprises who have large facilities will need to provide more specific location information

  • We’re going to make this as easy as possible, but it’s still going to be some level of burden on enterprise

Making location work in enterprise voip

Making Location work in Enterprise VoIP

  • Same basic idea – phone learns location from its local environment

    • Could be proprietary to your VoIP vendor

    • Standards based approaches are feasible now

    • RFC3046 describes a mechanism to determine the switch port a packet arrived on

    • Or check out LLDP-MED

  • This gives you the basis to use a (manually maintained) wiremap database (room number to switch port) to determine location – and that is where the cost is

  • DHCP can be used to supply this location to phones

  • Location to building/suite/floor/room can be specified

Location for residential voip

Location for Residential VoIP

  • Voice Service Providers don’t have much of a role because they don’t know where the customer is AND THEY DON’T HAVE A RELATIONSHIP WITH ANYONE WHO DOES

  • The ISP may or may not know, but if they don’t they have a relationship with someone who does

  • The Access Infrastructure Provider knows where the customer is

Access infrastructure providers

Access Infrastructure Providers

  • “First Mile” infrastructure owner, wireline or wireless

  • Wireline AIPs already have a notion of a Service Address, and a wiremap (or equivalent) database

  • I believe ALL AIPs, regardless of technology, and regardless of whether they offer voice/video/text services, must supply location

  • It’s likely that regulation will be required, and it’s likely to happen

  • Fixed wireless (e.g. WiMax) vendors; plan on GPS receivers or triangulation mechanisms

  • You heard it here first

Critical issues forum


  • If you are the AIP, you supply location to endpoints

  • If you aren’t, contract with the AIP to get it

  • If there is a system spec on all infrastructure including all end points, you can use any mechanism you like to get location to the endpoint

  • If you don’t have such control, support at least DHCP

Cascaded location

Cascaded Location

  • Applicable to things like WiFi

  • “AP” gets location from its environment, and relays it to its endpoints

  • If possible, supply more specific location

    • The “yell test” again

  • Works for things like café hotspots

Next up sip phone vendors

Next Up - SIP Phone Vendors

  • You have to get location from the environment as described

  • If you do digit analysis in the phone, you have to learn the local emergency call number for the environment the phone is in

    • We are working on standards for this

  • When you detect an emergency call, or the downstream proxy tells you its an emergency call, you must supply location

Sip phone vendors cont

SIP Phone Vendors, cont.

  • Because location is sensitive, IETF standards REQUIRE sips (TLS) for emergency calls

  • PLEASE implement this now, pretty please

  • Supply a good callback in Contact

    • Good as in, “reachable from the PSAP”

  • Implement blind and supervised transfer (REFER/Replaces)

  • 3rd Party Call Control (for conferencing)

Sip proxy vendors your turn

SIP Proxy Vendors – Your turn

  • For i3, you need to implement routing based on location

    • This is the charter of the new IETF ECRIT working group

    • A DNS based approach will work, others may or may not, we’ll see

  • You have to implement TLS too

  • Allow callback from the PSAP

    • Probably more a configuration thing

What if you don t support sip

What if you don’t support SIP?

  • The standard interface to PSAPs, at least in North America, will be SIP

  • Other vendors will have to gateway to SIP to send emergency calls

  • Most vendors already support SIP, because most inter-enterprise/inter-carrier peering is SIP

  • Must include location, as per SIP standards on the call

Vsp responsibilities

VSP Responsibilities

  • Deploy TLS

    • So, beat up your (SBC) vendors. It’s the Right Thing To Do

  • For i3, simple routing decision

    • Look up location in a database (DNS for example)

    • Forward call to where it says to

    • No 3rd parties

    • Some proposals have the lookup occurring prior to placing a call, I think that won’t work but we’ll see

  • Allow callbacks to Contact header

  • May need identity assertions

Other communications service providers have a role too

Other communications service providers have a role too

  • Video telephony/conferencing vendors, i3 PSAPs will take the calls

    • Also applies to camera phones

  • IM vendors, i3 PSAPs will take the calls

  • And for everyone, there will be a new generation of “TDD” devices based on SIP and interactive text streams. Please plan on supporting them

I3 status

i3 Status

  • “Long Term Definition” working group in NENA VoIP/Packet Technical Committee

    • Currently writing requirements

    • Will finish as early in CY2005 as I can push them

  • IETF ECRIT Working Group

    • Probably will be chartered within a month

    • Specifically limited to routing calls

    • VoIP allows international roaming, and effectively international addresses (TNs/URIs) – Need a single global standard

    • There are NO national variants of IETF (Internet) protocols

Other information that comes with the call

Other information that comes WITH THE CALL

  • Caller languages

    • automatically route to PSAP or call taker that speaks French

    • Accept-Language: fr

  • Caller media preferences

    • automatically route to PSAP or call taker that can deal with typed text

    • Accept-Contact: *;text;require



  • Really, there are only two ways to determine location

  • Measure it (e.g. GPS)

  • Type it in (street address)

    • Hopefully, a carrier (or enterprise) function

    • If you started with a civic (street address) don’t translate

      • Or we have to worry about what database you used to translate

    • PSAPs might have good databases

      • But the general case is there will be errors in conversion

      • Always send the original data

      • We can handle multiple forms, if you have both, send them

Getting location on wired phones

Getting location on wired phones

  • “DHCP” = protocol to get local infrastructure information

  • Commonly used to assign the IP address to a device

  • Now has a way to report location

  • The entity that assigns (the first) IP address knows where the wire is

Routing a call to the right psap

Routing a call to the right PSAP

  • Many entities will route

    • Not necessarily a carrier, remember?

    • Carrier may not be local (Sierra Leone)

  • Need a globally accessible routing database

    • Which returns the “URI” of the PSAP (like a phone number)

    • But in VoIP, we can “Authenticate” a caller

    • Which means we only accept “9-1-1” calls

The routing database

The routing database

  • Must be able to route civic and geo locations

  • Must be able to be local, regional, national in scope, with exceptions

    • E.G. All calls to State of Florida go to [email protected]

    • Except Dade county, which goes to [email protected]

  • Must be readable by anyone, but writable only by the PSAP/9-1-1 authority

    • Readers must be confident data is authentic and has not been modified

Proposal not yet agreed

Proposal (not yet agreed)

  • Use the “Domain Name System”

  • Normally used to translate a domain name (like to an IP address (like

  • The DNS is

    • Distributed

    • Hierarchical

    • Redundant

    • Reliable

    • And (with DNSSEC), secure

What do you mean hierarchical

What do you mean Hierarchical?

  • Multiple levels

    • Top level domain (like .com)

    • Second level domain (like yahoo)

    • N-level domain (

  • For 9-1-1 we will use

    • contains the URL of the PSAP that serves 123 Main Street

    • would be the location reported for room 235 on the 5th floor of the Newco suite at 123 Main St.

Dns is reliable

DNS is reliable

  • Multiple copies of the “authoritative” data geographically distributed

    • E.G. St. Louis could have copies of Pittsburgh’s entries in the DNS

  • DNS servers “cache” copies of the data

  • Caches can supply data even if connections to authoritative servers are down

  • DNS has not hard failed in last 15 years

Dns is distributed

DNS is distributed

  • Domains are “delegated” by higher level domain (e.g. Commonwealth of Pennsylvania delegates to Allegheny county, only Allegheny county can put data in that domain

  • Allegheny County has multiple copies of, PA has multiple copies of, and they are in different servers

  • Building Owners and Tenants can be delegated their entries and supply data themselves, or contract with someone else to do it

  • DNS servers cache data locally = lots of copies all over the world

  • Data has a lifetime (i.e. cached data times out and must be prefetched from authoritative source)

Dns is secure

DNS is secure

  • Cryptographic technology to assure

    • Only the authoritative server created the data

    • No “man in the middle”

    • No modification to the data

  • Provides the basis to assure callers they reach the real PSAP when they call 9-1-1

Psaps on the internet no way

PSAPs on the Internet – No Way!

  • Way

    • The calls are on the Internet, so in some way, the PSAP is on the Internet

    • Yes, it may be that many calls come from a carrier over a private net

    • But many calls will really come over the “big I” Internet

  • But that does not mean each PSAP is directly on the Internet

  • Emergency Services Networks behind large firewalls

    • Might be state level, or more likely, city/county level interconnected up to state level

    • All public safety networks would be connected to these ESNs

    • But put a firewall between the ESN and your PSAP, please

Please don t say trusted

Please don’t say “trusted”

  • Never trust

  • Always verify

  • Use cryptography

    • Authenticate

    • Integrity Protect

    • Privacy Protect

  • You want the data that is out there anyway

  • Allow access, but protect against intruders

  • Requires

    • Skills (not usually found in local IT groups)

    • Lots of bandwidth (gigabits) from the Internet

Response to denial of service attack

Response to Denial of Service Attack

  • Unlike the current system, the i3 PSAP will have reasonable defenses for DoS attacks

  • Signaling channels will handle 10s of thousands of calls

  • Firewalls will filter out bad calls

  • “Leakers” will be directed to any available call takers, and will only happen once per infected machine

  • Firewall mechanisms will be flexible, and capable of being dynamically modified

  • PSAPs will be on managed networks not directly accessible from the Internet

Legacy infrastructure

Legacy infrastructure

  • Sure, wireline/wireless PSTN will be the majority of the calls for a while

    • Latest forecasts show 40% of wireline calls in U.S. will be VoIP within 5 years

  • Gateway PSTN into VoIP PSAP

    • We’ll start with a gateway from S/R to the PSAP

    • But VoIP will have many new functions S/Rs can’t do

    • So expect to gateway CO to PSAP, eliminating the S/R eventually

      • This might take a while

  • DNS can tell you if PSAP is i3 upgraded!

Get ready there is no ali in i3

Get ready: there is no ALI in i3

  • Location comes with the call

  • We can dynamically query the MSAG equivalent as the call arrives for ESN and other data associated with the location

  • This means we don’t need the ALI

  • And we can get rid of all the processes to maintain it

  • We’ll keep a simple form of it for PSTN

There is no esn

There is no ESN

  • We have to build a mechanism to define the service boundary of a PSAP for both civic and geo

  • We can use the same mechanism to define the service boundaries of any number of responders

  • We don’t need codes

  • A query to the new MSAG will return the URI (address & ELT equivalent) of the responders for the location

Eventually there is no selective router

Eventually, there is no Selective Router

  • The S/R is the root of the existing deliberate attack mechanism

  • The S/R cannot transfer calls outside of the PSTN

  • The S/R cannot handle non voice media streams

  • The S/R cannot break the phone number/location mapping problem

  • So, we’ll phase it out

Phasing out the s r

Phasing out the S/R

  • i3 will start with only VoIP calls coming in direct to the PSAP via IP

  • We will deploy a gateway between the S/R and the PSAP to convert PSTN and wireless calls to VoIP. It will use the existing ALI

  • Wireless can convert to VoIP at any time (no MPC required, just put location in the VoIP signaling)

  • Then we will move the gateway to be positioned between the C5 and the PSAP, bypassing the S/R

  • Eventually, I hope the PSTN carriers will deploy their own simple phone number to location mapping, and then we can decommission the ALI

Routing flexibility in i3

Routing Flexibility in i3

  • We will have much more flexibility to route calls

    • Within the PSAP

      • By media type (TDD), language preference, location

    • Between PSAPs

      • Transfer to any i3 PSAP or responder WITH ALL DATA INCLUDING LOCATION

  • Failure routes can be to any PSAP willing to accept the calls

  • Route changes can be made dynamically, by PSAP management

I3 will lead to much more flexibility in disaster routing

i3 will lead to much more flexibility in disaster routing

  • Let’s talk about congestion control

  • No one deserves a busy

  • Busy is the networks response to no resources available to help, usually, no call takers

  • Callers get 1 bit of information from a busy – no one will help you, you are on your own

  • PSAPs get no information from a busy; you don’t even know that it occurred

  • Responders might be maxed out too, but they want to triage. First come first served is NOT appropriate

  • And you can’t triage if you don’t get all the data

Disaster routing in i3

Disaster Routing in i3

  • We can, if we want to, route calls to any i3 PSAP anywhere in the country

  • There are about 20,000+ trained call takers on duty at any one shift

  • We can build databases that any PSAP can access and add data to (who, where what, how bad, …)

  • We can provide instructions to callers

  • We can, in some circumstances, provide first aid instructions

Why would we do this

Why would we do this

  • Major system failure

  • Widespread disaster which overwhelms all regional facilities

  • Deliberate attack which tricks existing firewall techniques until custom filters can be developed and deployed (maybe hours or a day)

We would only do it when both sides agree

We would only do it when both sides agree

  • Sending PSAP has to enable offload

  • Receiving PSAP(s) has to accept offload

  • One or more groups will have to develop criteria and response plans so call takers can be trained

  • It’s a disaster, we don’t need to use the same criteria and responses we would under normal circumstances

Lots of data will be available

Lots of data will be available

  • We can create data that is associated with a location

  • Yes, you could put it in the GIS, but it makes more sense to actually construct a distributed database that ties all information we have about a structure

  • We can delegate parts of this to building owners, if they are willing

  • The structure data can be made available to responders as well as call takers and dispatchers

Data on callers

Data on callers

  • VoIP has a notion of a user, distinct from the device (phone)

  • We can create an (opt-in!) database of information about a caller

    • Medical data

    • In an emergency, contact,…

  • Callers can roam, and the data comes with them

Psaps will look a lot different

PSAPs will look a lot different

  • Not much of current PSAP systems will survive

  • There is no switch (S/R, PBX, ..), it’s all in the data network

  • Things like loggers will change (video, text, new data)

  • You’ll still have a call taker workstation, CAD and radio console, but completely new code/functions/data organization

  • Some operational differences, but mostly new capabilities; call answering isn’t going to change radically



  • You can’t get a surcharge on CSPs, because they are not local and there may not even be one

  • What you can do is to have a surcharge on the Access Infrastructure Provider

  • Doesn’t matter if they aren’t the CSP, their facilities are used to place 9-1-1 calls

  • Would apply uniformly to all AIPs, which includes existing facilities based wireline and wireless vendors, even cable companies

  • They are always local, and always subject to regulation

  • Also no ALI, and the MSAG has to be free, so the surcharge is all you get.

Funding access infrastructure provider burden and reimbursement

Funding, Access Infrastructure Provider burden and reimbursement

  • This proposal loads the AIP with new responsibilities

    • Providing Location

    • Collecting and remitting surcharge

  • With those responsibilities, there are costs

  • There is precedent (wireless) to allow cost recovery from surcharge revenue

  • This may make the scheme more palatable to the AIPs



  • Phone Vendors – you have work to do

  • Proxy Server vendors – you have work to do

  • SBC vendors – you have work to do

  • Access Infrastructure providers – you have work to do

  • Internet Service Providers – you have work to do

  • Communications Service Providers – you have work to do

  • Enterprises – you have work to do

  • PSAP CPE vendors – you have work to do

  • PSAPs – your life will change, and you have work to do

  • Login