Tech-invite3GPPspecsSIPRFCs
Overview21222324252627282931323334353637384‑5x

Content for  TS 33.107  Word version:  16.0.0

Top   Top   Up   Prev   Next
0…   4   5…   5A…   6…   7…   7A…   8…   9…   10…   11…   12…   12.2…   12.3…   12.4…   12.5…   13…   14…   15…   16…   17…   18…   19…   20…   21…   22…   23…   A…   B…   C…   D…   E…   F…   G…   H…   I…   J…   L…

 

14  Interception of Generic Bootstrapping Architecture (GBA) Secured Communications |R12|Word‑p. 176

14.1  Introduction

The Generic Bootstrapping Architecure (GBA) is defined in the TS 33.220. This section details the stage 2 Lawful Interception architecture and functions that are needed to provide the GBA based application specific encryption keys from the GBA architecture towards the DF2 for a subscriber that is target of interception.
Figure 14.1 shows the LI architecture for the GBA where the BSF provides the events and associated information towards the DF2 over the X2 interface.
[not reproduced yet]
Figure 14.1: GBA Intercept Configuration
Up

14.2  Provision of Content of Communications

The GBA interception provides the application specific cryptographic keys (aka GBA application specific keys) which are used to decrypt the intercepted communication secured using those GBA application specific keys. Interception of the content of communications for GBA secured services is not part of this section and can be achieved via other methods outlined in this specification. The Ua protocol Id and the NAF Id along with the GBA application specific keys will allow the LEMF to decrypt the received intercepted packets.
Up

14.3  Provision of Intercept Related Information

14.3.1  Provision of Intercept Related Information Data Flow

Figure 14.2 shows the transfer of intercept related information to the DF2. If an event related to a target occurs, the BSF shall send the relevant data to the DF2.
[not reproduced yet]
Figure 14.2: Provision of Intercept Related Information
Up

14.3.2  X2-interfaceWord‑p. 177
The following information needs to be transferred from the BSF to the DF2 in order to allow a DF2 to perform its functionality:
  • target identity;
  • events and associated parameters as defined in clauses 14.3.3 may be provided;
The IRI should be sent to DF2 using a reliable transport mechanism.

14.3.3  GBA LI Events and Event Information

Intercept Related Information (Events) are necessary for the following;
  • Bootstrapping
  • Query from NAF
  • Start of interception with GBA key
A set of possible elements as shown in Table 14.3.1 are used to generate the events.
Element
Description

Observed IMSI
IMSI of the target.
Observed Other Identity
Other Identity of the target.
Event type
Description which type of event is delivered: Bootstrapping, Query from NAF,
Start of interception with GBA key
Event date
Date of the event generation in the BSF
Event time
Time of the event generation in the BSF.
Network Element Identifier
Unique identifier for the element reporting the BSF.
B-TID
Bootstrapping transaction identifier, TS 33.220.
Key lifetime
The lifetime of the key material is set according to the local policy of the BSF, TS 33.220.
Bootstrapping time
The timestamp of the bootstrapping event.
Ks_int_NAF
GBA application specific key (internal), if GBA_U has been used, TS 33.220.
Ks_ext_NAF
GBA application specific key (external), if GBA_U has been used, TS 33.220.
Ks_NAF
GBA application specific key, if GBA_ME has been used, TS 33.220.
Ua protocol id
Ua interface security protocol id defined in Annex H in TS 33.220.
NAF_Id
The FQDN of the NAF, concatenated with the Ua security protocol identifier, TS 33.220.

Up

14.4  Structure of GBA EventsWord‑p. 178

14.4.1  Bootstrapping

This event will be generated when the UE triggers a bootstrapping procedure towards the BSF when the UE wants to interact with a NAF. The actual bootstrapping procedure is defined in the TS 33.220, in sections 4.5.2 and in 5.3.2. The information elements shown in Table 14.4.1 table, if available, will be delivered to the DF2, by the BSF.
Information Element

Observed IMSI
Observed Other Identity
Event Type
Event Time
Event Date
Network Element Identifier
B-TID
Key lifetime
Bootstrapping time

Up

14.4.2  Query from NAFWord‑p. 179
The Query from NAF event is generated when the BSF receives an application specific key query from a NAF in order to retrieve GBA based application specific keys and related information. A new event is generated for each individual query events. The information elements shown in Table 14.4.2 will be delivered to the DF2, if available, by the BSF.
Information Element

Observed IMSI
Observed Other Identity
Event Type
Event Time
Event Date
Network Element Identifier
Ks_ext_NAF
NAF_Id
Ks_int_NAF
Ks_NAF
Key lifetime
Bootstrapping time
Ua protocol id

Up

14.4.3  Start of Interception with GBA key

For start of interception where GBA application specific key is already in use a Start of Interception with GBA key event is generated. The elements, shown in Table 14.4.3 will be delivered to the DF2, if available, by the BSF.
Information Element

Observed IMSI
Observed Other Identity
Event Type
Event Time
Event Date
Network Element Identifier
B-TID [Note]
NAF_Id [Note]
Ks_ext_NAF [Note]
Ks_int_NAF [Note]
Ks_NAF [Note]
Key lifetime [Note]
Bootstrapping time [Note]
Ua protocol id [Note]

Up


Up   Top   ToC