|
|
|
|
| |
# |
|
# |
|
# |
|
# |
|
# |
|
# |
|
# |
|
# |
|
|
| |
# |
|
# LI |
|
# |
|
# |
|
# |
|
# |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| | |
| |
| | |
| |
Chairman: |
Peter van der Arend |
Vice Chairman: |
Stefan Bjornson |
Technical Officer: |
Carmine Rizzo |
|
| |
|
Vodafone Group PLC |
|
Cecratech |
|
ETSI |
|
| |
|
|
Vice Chairman: |
Scott Cadzow |
|
|
|
| |
|
|
|
Cadzow Communications |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 101 331
|
|
Lawful interception Requirements of Law Enforcement Agencies |
The present document gives guidance for lawful interception of telecommunications in the area of co-operation by
network operators, access providers, and service providers. It provides a set of requirements relating to handover
interfaces for the interception by law enforcement and state security agencies. Requirements with regard to
telecommunications services provided from areas outside national boundaries are not fully developed yet and therefore
only some preliminary requirements have been annexed for information.
The present document describes the requirements from a Law Enforcement Agency's (LEA's) point of view.
Not all requirements necessarily apply in one individual nation.
These requirements shall be used to derive specific network requirements and furthermore to standardize handover
interfaces.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 101 671
|
|
Handover interface for the lawful interception of telecommunications traffic |
The present document is step 3 of a three-step approach to describe a generic Handover Interface (HI) for the provision
of lawful interception from a Network Operator, an Access Provider or a Service Provider (NWO/AP/SvP) to the
Law Enforcement Agencies (LEAs). The provision of lawful interception is a requirement of national law, which is
usually mandatory for the operation of any telecommunication service.
Step 1 contains the requirements for lawful interception from a users (LEAs) point of view and is published in
TS 101 331.
Step 2 describes the derived network functions and the general architecture (or functional model) and is published in
ES 201 158.
The present document specifies:
|
| - |
the generic flow of information as well as the procedures and information elements, which are applicable to
any future telecommunication network or service;
| |
| - |
the network/service specific protocols relating to the provision of lawful interception at the Handover Interface
(HI), for the following networks/services:
|
| - |
switched circuit; and
| |
| - |
packet data.
|
|
The technologies covered in the present document are: GSM, TETRA, GPRS, ISDN, PSTN, fixed NGN (including
PSTN/ISDN emulation) and fixed IMS PSTN simulation.
|
| NOTE: |
As new networks and/or services are developed, the present document will be expanded as the relevant
standards become available.
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI ES 201 671
|
|
Handover interface for the lawful interception of telecommunications traffic |
The present document is step 3 of a three-step approach to describe a generic Handover Interface (HI) for the provision
of lawful interception from a Network Operator, an Access Provider or a Service Provider (NWO/AP/SvP) to the
Law Enforcement Agencies (LEAs). The provision of lawful interception is a requirement of national law, which is
usually mandatory for the operation of any telecommunication service.
Step 1 contains the requirements for lawful interception from a users (LEAs) point of view and is published in
TS 101 331.
Step 2 describes the derived network functions and the general architecture (or functional model) and is published in
ES 201 158.
The present document specifies:
|
| - |
the generic flow of information as well as the procedures and information elements, which are applicable to
any future telecommunication network or service;
| |
| - |
the network/service specific protocols relating to the provision of lawful interception at the Handover Interface
(HI), for the following networks/services:
|
| - |
switched circuit; and
| |
| - |
packet data.
|
|
The technologies covered in the present document are: GSM, TETRA, GPRS, ISDN, PSTN, fixed NGN (including
PSTN/ISDN emulation) and fixed IMS PSTN simulation.
|
| NOTE: |
As new networks and/or services are developed, the present document will be expanded as the relevant
standards become available.
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TR 101 943
|
|
Concepts of Interception in a Generic Network Architecture |
The present document provides a high-level informative overview and principles regarding implementation of LI for
telecommunications. Details about these principles is covered in other documents that address specific technologies and
network types.
The following areas are covered here:
|
| - |
A general discussion about the role and position of Lawful Interception related to public communication
services.
| |
| - |
Origin of LI requirements - overview of characteristics of national legislation and regulations as well as
international cooperation on LI.
| |
| - |
A high-level description of LI related to an abstract model of communications systems
(service/control/connectivity layers).
| |
| - |
Discussion of interception at access service level versus application service.
| |
| - |
Discussion of interception of IN services.
| |
| - |
Overview of issues regarding interception of IP traffic.
| |
| - |
Description of internal interfaces and internal network units involved in LI processing.
| |
| - |
Description of handover interfaces and interface protocols with some practical hints regarding implementation
choices.
| |
| - |
Discussion about security issues, related to the standard threat model described in ETR 332.
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 232
|
|
Handover specification for IP delivery |
The present document specifies the general aspects of HI2 and HI3 interfaces for handover via IP based networks.
The present document:
|
| - |
specifies the modular approach used for specifying IP based handover interfaces.
| |
| - |
specifies the header(s) to be added to IRI and CC sent over the HI2 and HI3 interfaces respectively.
| |
| - |
specifies protocols for the transfer of IRI and CC across the handover interfaces.
| |
| - |
specifies protocol profiles for the handover interface.
|
The present document is designed to be used where appropriate in conjunction with other deliverables that define the
service-specific IRI data formats (including TS 102 227 (see "bibliography"), TS 101 909-20-1,
TS 101 909-20-2, TS 102 233 and TS 102 234). Where possible, the present document aligns with
3GPP TS 33.108 and TS 101 671 and supports the requirements and capabilities defined in TS 101 331 and
TR 101 944.
For the handover of intercepted data within GSM/UMTS PS domain, the present document does not override or
supersede any specifications or requirements in 3GPP TS 33.108 and TS 101 671.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 232-1
|
Handover Interface and Service-Specific Details (SSD) for IP delivery
Part 1: Handover specification for IP delivery |
The present document specifies the general aspects of HI2 and HI3 interfaces for handover via IP based networks.
The present document:
|
| - |
specifies the modular approach used for specifying IP based handover interfaces;
| |
| - |
specifies the header(s) to be added to IRI and CC sent over the HI2 and HI3 interfaces respectively;
| |
| - |
specifies protocols for the transfer of IRI and CC across the handover interfaces;
| |
| - |
specifies protocol profiles for the handover interface.
|
The present document is designed to be used where appropriate in conjunction with other deliverables that define the
service-specific IRI data formats (including TS 102 227, TS 101 909-20-1, TS 101 909-20-2,
TS 102 232-2 and TS 102 232-3). Where possible, the present document aligns with 3GPP TS 33.108
and TS 101 671 and supports the requirements and capabilities defined in TS 101 331 and TR 101 944.
For the handover of intercepted data within GSM/UMTS PS domain, the present document does not override or
supersede any specifications or requirements in 3GPP TS 33.108 and TS 101 671.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 232-2
|
Handover Interface and Service-Specific Details (SSD) for IP delivery
Part 2: Service-specific details for E-mail services |
The present document contains a stage 1 like description of the interception information in relation to the process of
sending and receiving E-mail. The present document also contains a stage 2 like description of when Intercept Related
Information (IRI) and Content of Communication (CC) shall be sent, and what information it shall contain.
It is recognized that "Instant Messenger" and "Chat" applications are another way of exchanging electronic text
messages. While the present document may be applicable to such applications it is in no way a goal of the present
document to address these methods of electronic text messaging.
The definition of handover transport and encoding of HI2 and HI3 is outside the scope of the present document. Refer
to TS 102 232-1.
The present document is designed to be used where appropriate in conjunction with other deliverables that define the
service specific IRI data formats. The present document aligns with 3GPP TS 33.108, TS 101 671,
TS 101 331 and TR 101 944.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 232-3
|
Handover Interface and Service-Specific Details (SSD) for IP delivery
Part 3: Service-specific details for internet access services |
The present document contains a stage 1 description of the interception information in relation to the process of binding
a "target identity" to an IP address when providing Internet access and a stage 2 description of when
Intercept Related Information (IRI) and Content of Communication (CC) shall be sent, and what information it shall
contain.
The study shall include but not be restricted to IRI based on application of Dynamic Host Configuration Protocol
(DHCP) and Remote Authentication Dial-in User Service (RADIUS) technology for binding a "target identity" to an
IP address and CC for the intercepted IP packets.
The definition of the Handover Interface 2 (HI2) and Handover Interface 3 (HI3) is outside the scope of the present
document. For the handover interface is referred to TS 102 232-1.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 232-4
|
Handover Interface and Service-Specific Details (SSD) for IP delivery
Part 4: Service-specific details for Layer 2 services |
The present document specifies Lawful Interception for an Access Provider that has access to layer 2 session
information and that is not required to have layer 3 information. In this case, the focus of Lawful Interception (LI) for IP
Network Access is on the portion of the network, commonly referred to as "layer 2 interception", that facilitates
subscriber access to the Public IP network.
The present document describes the LI at the interception domain of the access network.
The specification contains:
|
| - |
a stage 1 description of the Lawful Interception service;
| |
| - |
a stage 2 description of the information flows between the functional entities (including the information
elements involved) and triggering events; and
| |
| - |
a stage 3 description of the protocol and procedures to be used in mapping from stage 2 information flows and
elements to Intercept Related Information (IRI) and Content of Communication (CC).
|
The present document is consistent with the definition of the Handover Interface, as described in TS 102 232-1.
|
| NOTE 1: |
Layer 3 interception is described in TS 102 232-3.
| |
| NOTE 2: |
Layer 2 interception is not applicable to the PS domain of the GSM/UMTS networks (3GPP TS 23.060).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 233
|
|
Service specific details for E-mail services |
The present document contains a stage 1 like description of the interception information in relation to the process of
sending and receiving E-mail. The present document also contains a stage 2 like description of when Intercept Related
Information (IRI) and Content of Communication (CC) shall be sent, and what information it shall contain.
It is recognized that "Instant Messenger" and "Chat" applications are another way of exchanging electronic text
messages. While the present document may be applicable to such applications it is in no way a goal of the present
document to address these methods of electronic text messaging.
The definition of handover transport and encoding of HI2 and HI3 is outside the scope of the present document. Refer
to TS 102 232.
The present document is designed to be used where appropriate in conjunction with other deliverables that define the
service specific IRI data formats. The present document aligns with TS 133 108, TS 101 671, TS 101 331
and TR 101 944.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 234
|
|
Service-specific details for internet access services |
The present document contains a stage 1 description of the interception information in relation to the process of binding
a "target identity" to an IP address when providing Internet access and a stage 2 description of when
Intercept Related Information (IRI) and Content of Communication (CC) shall be sent, and what information it shall
contain.
The study shall include but not be restricted to IRI based on application of Dynamic Host Configuration Protocol
(DHCP) and Remote Authentication Dial-in User Service (RADIUS) technology for binding a "target identity" to an
IP address and CC for the intercepted IP packets.
The definition of the Handover Interface 2 (HI2) and Handover Interface 3 (HI3) is outside the scope of the present
document. For the handover interface is referred to TS 102 232.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TR 102 519
|
|
Lawful Interception of public Wireless LAN Internet Access |
The present document provides an overview of the issues and challenges regarding the Lawful Interception of Public
Internet Access by means of Wireless LAN technology as defined in the IEEE 802.11 specification and possible
approaches for dealing with these issues, considering different architectures and business models.
The present document is applicable to public Internet access. The private use of Wireless LAN technology is excluded.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TR 102 528
|
|
Interception domain Architecture for IP networks |
The present document describes a high level reference architecture for supporting lawful interception in network
operator and communication service providers" domain for IP networks.
The document contains:
|
| - |
A reference model in the network operator and communication service provider domain.
| |
| - |
A High level description of Internal Network Functions and Interfaces.
| |
| - |
Application of the reference model to voice and multimedia over IP services, data layer 3 and layer 2 services.
|
It does not intend to replace any existing document which specifies network operator and communication service
provider's architecture and internal network interfaces. The present document does not override or supersede any
specifications or requirements for the lawful interception within GSM/UMTS PS domain, which is defined in
3GPP TS 33.106 and 3GPP TS 33.107.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TR 102 661
|
|
Security framework in Lawful Interception and Retained Data environment |
The scope of the present document is to recommend a framework for the secure provision of Lawful Interception (LI)
and Data Retention (DR) services of a Communication Service Provider (CSP) towards the Law Enforcement Agencies.
This framework aims to guarantee security in terms of confidentiality, integrity, forward secrecy, forward integrity and
non-repudiation within CSP's LI and DR systems, operations and CSP internal and external interfaces for the delivery
of IRI, CC and DR data towards any LEAs.
The present document initially describes the assets to be protected and then analyses the related security threats. Finally
it recommends a range of security measures and controls necessary for achieving the desired level of security. The
security measures content contains an unbreakable set of security categories where most of the measures, for each
category, are indispensable controls while some others can be optionally chosen for creating a tighter security
framework. Annexes are also defined. Annex A lists all recommended measures and controls, associates these measures
with the respective systems, services and interfaces and also with the respective threats that aims to overcome. Annex B
provides a secure logging infrastructure. Annex C provides a solution for protecting the retained data during the
operation of the DR service while annex D provides a guide for cryptographic algorithms.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 656
|
|
Requirements of Law Enforcement Agencies for handling Retained Data |
The present document gives guidance for the delivery and associated issues of retained data of telecommunications and
subscribers. It provides a set of requirements relating to handover interfaces for the retained traffic data and subscriber
data by law enforcement and other authorized requesting authorities. The requirements are to support the
implementation of Directive 2006/24/EC of the European Parliament and of the Council of 15 March 2006 on the
retention of data.
The present document describes the requirements from a Law Enforcement Agency's (LEA's) point of view.
Not all requirements necessarily apply in one individual nation.
These requirements may be used to derive specific network requirements and furthermore to standardize handover
interfaces.
The present document gives the requirements for the delivery of Retained Data (in line with TS 101 331 for LI).
|
| NOTE: |
Reading the present document it should be taken in account that:
|
|
| - |
This is an ETSI document and will not only apply to countries falling under the Directive (not only EU
countries). Limitations in what data to be retained are a national issue. The present document and the
Handover specification are not mandatory.
| |
| - |
Where necessary the present document will clarify functionality of the Directive. The Directive text
sometimes seems to combine issues from a telecom perspective. The Directive text might use ambiguous
wording from a telecom perspective. Additional issues could be added to fulfil national requirements.
|
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 657
|
|
Handover interface for the request and delivery of retained data |
The present document contains handover requirements and a handover specification for the data that is identified in EU
Directive 2006/24/EC on Data Retention. The handover requirements from TS 102 656 are derived from the
requirements contained in and implied by the EU Directive and by other national legislations. The present document
considers both the requesting of retained data and the delivery of the results.
The present document defines an electronic interface. An informative annex describes how this interface may be
adapted for manual techniques. Apart from in annex I, the present document does not consider manual techniques.
|
|
|
|
|
|
|
|
|
|
|
| |
|
ETSI TS 102 815
|
|
Service-specific details for Layer 2 Lawful Interception |
The present document specifies Lawful Interception for an Access Provider that has access to layer 2 session
information and that is not required to have layer 3 information. In this case, the focus of Lawful Interception (LI) for IP
Network Access is on the portion of the network, commonly referred to as "layer 2 interception", that facilitates
subscriber access to the Public IP network.
The present document describes the LI at the interception domain of the access network.
The specification contains:
|
| - |
a stage 1 description of the Lawful Interception service;
| |
| - |
a stage 2 description of the information flows between the functional entities (including the information
elements involved) and triggering events; and
| |
| - |
a stage 3 description of the protocol and procedures to be used in mapping from stage 2 information flows and
elements to Intercept Related Information (IRI) and Content of Communication (CC).
|
The present document is consistent with the definition of the Handover Interface, as described in TS 102 232.
|
| NOTE 1: |
Layer 3 interception is described in TS 102 234.
| |
| NOTE 2: |
Layer 2 interception is not applicable to the PS domain of the GSM/UMTS networks (3GPP TS 23.060).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
