InfBrok100

Benefits:

• Available as a license and as SaaS
• Very high security standards
• Full functionality (Lawful Disclosure, Lawful Interception, AAV, additional features and interfaces)
• TKG compliance ensured through maintenance TKG-Compliance

You can license InfBrok100 as a hosted and managed service. The multi-tenant application is hosted on specially secured systems at DIaLOGIKa or a partner facility. We set up the external interfaces to authorized authorities on your behalf.

For national connectivity via ETSI-ESB, we use a SINA box installed at DIaLOGIKa; for EMAIL-ESB, an email server is provided.

When a new request from an authorized authority is received that requires your interaction, a notification email is sent to the responsible staff. They can log in via HTTPS using their web browser and personal credentials to process the request—for example, by entering subscriber data responses or uploading traffic data.

Together with partner companies, we also offer InfBrok100 as a full managed service solution. This includes the communication with authorities, responses to information requests, and the provisioning of lawful interception measures.

If you choose installation in your own environment, we can deploy InfBrok100 via remote access or support you with installation and updates. We support Linux and Windows systems, as well as PostgreSQL, Oracle, and MySQL databases.

Adjustments to legal changes are included in the maintenance contract at no additional cost. We promptly and professionally integrate them into InfBrok100, enabling you to remain compliant at all times.

We can assist you in completing the sample concept templates required by the German Federal Network Agency (BNetzA).

We provide a tailored online onboarding session at system rollout.

InfBrok100 meets the extremely high security requirements associated with handling confidential documents and personal data, as defined by the Technical Guidelines (e.g., encryption and use of SINA boxes).

Throughout all development phases, we prioritize security by applying modern cryptographic algorithms, automated OWASP dependency checks, static code analysis, and regular penetration testing. Our development team undergoes continuous software security training.

Authentication can be performed via username/password (optionally with two-factor authentication (TOTP) and client certificates) or Single Sign-On (SSO). InfBrok100 supports SAML and LDAP protocols.

InfBrok100 features a fine-grained role and permission system compliant with TKÜV requirements, allowing flexible assignment tailored to your workflows.

Different user profiles (e.g., operator, administrator, quality manager) can be configured according to your organizational structure, ensuring controlled access to sensitive data.

All user actions are logged in accordance with TKÜV, supporting audit requirements within a robust role and permission framework.

Each task is time-monitored. If a defined maximum duration is exceeded, an escalation process is triggered.

All states and intermediate results are persistently stored in a database, ensuring continued operation without data loss (e.g., after power failures).

InfBrok100 can be easily adapted to customer-specific requirements. Its three-tier architecture allows simple customization of the graphical user interface.

InfBrok100 and its traffic data storage system (IB-CDR) can retrieve subscriber and traffic data from multiple sources (billing, customer care, network elements, mediation devices, etc.), including InfBrok90 (§112/§173 system).

Alternatively, systems can integrate via REST APIs. Manual data entry and CSV uploads are also supported.

Lawful Disclosure comprises the following types of information requests:

InfBrok100 receives requests via ETSI-ESB in accordance with the Technical Guideline TR TKÜV and supports the validation of judicial orders . Responses can be uploaded as CSV files or automatically provided via a JSON interface to the data source system. Additional delivery interfaces can be supported upon request.

When generating reports, the application adopts the ETSI interface format. Real-time traffic data can be handled like lawful interception, but without content delivery.

A cabinet decision from April 2026 proposes the introduction of preservation orders. This would allow public prosecutors to require that traffic data generated within a specific time period be retained (including future data) for up to three months. Based on a court production order referring to such a preservation order, the data—or a subset thereof — can then be retrieved.

A cabinet decision from April 2026 proposes retaining IP address data for three months. This would enable authorities to determine which user was assigned a specific IP address at a given point in time over a longer period.

Manual subscriber data requests can be received via ETSI-ESB and EMAIL-ESB interfaces defined in the technical guideline TR TVÜV published by the BNetzA (for automated requests pursuant to Section 173 TKG, we offer a separate product, InfBrok90).

Response data can be retrieved from customer systems via a predefined JSON interface, then supplemented manually or entered entirely through an input form. Integration with existing interfaces is also possible. For dynamic IP address requests, traffic data can be used to determine the result.

Responses are delivered either in ETSI format or as DOCX files (when using EMAIL-ESB). DOCX files are generated using customizable templates. Subscriber data disclosures related to IP addresses are also supported under the Digital Services Act (DSA), including specific statistical requirements.

Both mobile network location requests (Section 171 TKG) and IP-based location requests can be processed with InfBrok100. Existing interfaces can be integrated for rapid data retrieval, and a user interface is also available.

Lawful Interception includes the following measures:

Measures can be received via ETSI-ESB or EMAIL-ESB. InfBrok100 supports the full workflow, including emergency orders, extensions, and deactivations. The lawful interception is carried out via an interface to the lawful interception (LI) system.

Requests for real-time traffic data are received via ETSI-ESB or EMAIL-ESB and implemented similarly to lawful interception within the LI system—however, without the delivery of content data.

In cases of copyright infringement, law firms are permitted to request IP addresses with timestamps from providers in order to identify the user assigned to the IP address at that time. InfBrok100 supports the processing of import files and the generation of response files.

• Abuse detection: To support internal misuse detection, files containing IP addresses and timestamps can be matched with the corresponding subscriber identities.
• Fraud case investigations: For investigations involving unauthorized use of telecommunications services (Section 12 TDDDG), the same interfaces as for subscriber data requests can be used. Since these cases are often complex, InfBrok100 allows the definition of workflows to guide case handlers in preparing responses to authorities.

For further internal investigations, configurable workflows support flexible data capture and document generation. Full-text search and case-linking capabilities help identify and visualize relationships between incidents.

If customers are harassed by calls, they can request a trap trace measure. To implement this in accordance with Section 14 TDDDG, InfBrok100 can access traffic data to identify the caller and retrieve subscriber data or request it from other providers. Required documentation is automatically generated.

Phone numbers used by certain groups (e.g., emergency services) can be granted priority status upon request. For example, fixed-line numbers may receive prioritized fault resolution, or mobile numbers may be allocated higher bandwidth. InfBrok100 supports both management and technical implementation.

The Federal Network Agency (BNetzA) and other authorized entities may require IP providers to block specific websites for a defined period. InfBrok100 supports administration and technical implementation of such measures.

In many areas, especially in handling lawful interception measures, employees must undergo security clearance by the Ministry of the Interior. Required forms must be completed and updated regularly. InfBrok100 enables document storage and deadline management.

InfBrok100 includes a template system for automatically generating customized text documents (e.g., reports, trap trace requests and responses).

InfBrok100 supports interfaces to financial accounting systems (e.g., CSV export for SAP), enabling automatic generation of billing data based on fee schedules (JVEG), with optional manual completion. Collective billing compliant with TR TKÜV are included.

InfBrok100 supports processing requests for multiple obligated companies within a single installation.

InfBrok100 provides IB-CDR, a structure optimized for efficient ingestion and querying of traffic data, covering all information required under the TKG. Thanks to optimized storage mechanisms, several billion CDRs (Call Detail Records) per day can be stored and efficiently searched.

Alternatively, traffic data can be retrieved from existing systems (e.g., billing systems).

Subscriber data can be stored in the same database used by InfBrok90 for automated disclosure requests. Data loading processes are highly configurable and adaptable to customer-specific data structures.

Due to e-Evidence requirements and expected legislative changes in Germany, InfBrok100 is being extended to support preservation orders.

In this context, a preservation order means that an authority can require data to be identified and stored without yet being delivered. A separate court order is required for retrieval. This is particularly relevant for traffic data and IP session data, which are typically deleted after a few days.

It is essential that preserved data can be searched efficiently, as subsequent orders may only request subsets of the stored data. Efficient deletion mechanisms are also required. To meet these requirements, a dedicated database schema or a separate database instance is implemented.

A wide range of German and European laws and regulations define which interfaces must or may be used for communication between the various stakeholders. InfBrok100 supports the following interfaces to authorities:

This interface, based on the transmission of XML files via HTTP within a VPN secured by SINA boxes (in accordance with TR TKÜV 7.2 ff. and ETSI TS 102 657), enables efficient processing of requests. Operators only need to review the legal order and no longer need to manually enter data.

This interface is mandatory for providers with more than 100,000 subscribers. It is secured by a SINA box managed by the German Federal Network Agency (BNetzA) and provided by Secunet.

The receipt and sending of PGP-encrypted emails can be fully handled within InfBrok100, ensuring end-to-end encryption throughout the entire process. Key management is integrated into the system.

For international OTT providers (Over-the-Top services such as messaging platforms), the use of ETSI TS 103 120 is specified in TR TKÜV. In this case, no SINA box is required; communication is carried out via mutual TLS (mTLS).

• Our solution: InfBrok100/OTT

The e-Evidence framework requires the transmission of XML files via the decentralized e-CODEX network. Each member state must establish a central node to which the systems of authorities and providers can connect. In Germany, this node will be operated by the IT Center of the Ministry of Justice of North Rhine-Westphalia.

The exact interface is defined in ETSI specification TS 104 144.

• Our solution: InfBrok100/E-Evidence