Tech-invite3GPPspecsSIPRFCs
Overview21222324252627282931323334353637384‑5x

Content for  TS 33.126  Word version:  16.2.0

Top   Top   None   None   Next
0…   5…   6…   A…

 

0  IntroductionWord‑p. 4
The present document has been produced by the 3GPP TSG SA to enable standardisation of Lawful Interception (LI) of telecommunications. The present document provides requirements for Lawful Interception.
Laws of individual nations and regional institutions, and sometimes licensing and operating conditions, define a need to intercept targeted telecommunications traffic and related information in communication systems. Lawful Interception applies in accordance with applicable national or regional laws and technical regulations.
Up

1  ScopeWord‑p. 5
The present document specifies Stage 1 Lawful Interception requirements for 3GPP networks and services.
Regional interception requirements can be satisfied by meeting the correct subset of requirements from the present document. Which CSP services are subject to Lawful Interception is defined by national regulations.
The presence of a requirement in the present document does not in itself imply or mandate that a 3GPP operator has an obligation to implement any network service capability, which is not otherwise required to meet LI obligation compliance in relation to specific regulated services, offered by that 3GPP operator. Only those specific requirements and sub-clauses of the present document which are applicable to specific network and/or service capabilities implemented in a 3GPP operator's network will be considered in scope for that operator. In all cases, laws and regulations define which requirements are applicable to 3GPP operators in each country relative to the services offered by each 3GPP operator.
As such not all requirements in the present document will apply in all national jurisdictions or to all 3GPP operator deployments (e.g. if an operator does not offer voice services, then voice LI requirement in the present document do not apply).
The interception system defined in the present document provides LI based on specific target identifiers.
Up

2  References

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]  TR 21.905   "Vocabulary for 3GPP Specifications".
[2]  ETSI GS NFV-SEC 012: "Network Functions Virtualisation (NFV) Release 3; Security; System architecture specification for execution of sensitive NFV components".
[3]  TS 33.127   "Lawful interception architecture and functions".
[4]  TS 33.128   "Handover interface for Lawful Interception (LI)".
[5]  ETSI TS 103 280: "Lawful Interception (LI); Dictionary for common parameters".
[6]  ISO/IEC 27000: "Information technology; Security techniques; Information security management systems - Overview and vocabulary".
[7]  ETSI TS 102 165-1: "Telecommunications and Internet converged Services and Protocols for Advanced Networking (CYBER); Methods and protocols; Part 1: Method and proforma for Threat, Risk, Vulnerability Analysis".
[8]  ATIS-I-0000068: "Evolution to an Artifical Intelligence Enabled Network" (White Paper - September 2018).
Up

3  Definitions and abbreviationsWord‑p. 6

3.1  Definitions

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.
activation/deactivation:
The large time scale action (i.e. on the same order as subscription lifetimes, that encompass multiple sessions, e.g. subscribing to "call hold" service). (See also Invocation).
Artificial Intelligence:
Artificial Intelligence is typically considered to be a system that performs some form of reasoning, planning or object management, using knowledge as well as perceived information that, in the past, required human intervention. (Definition from ATIS-I-0000068, White Paper "Evolution to an Artifical Intelligence Enabled Network" [8]).
capture:
The action taken by the CSP to separate and copy the communications associated with a target identifier.
Content of Communication (CC):
Information exchanged between two or more users of a communications service, excluding intercept related information. This includes information which may, as part of some communications service, be stored by one user for subsequent retrieval by another.
context of communication:
Information needed to recreate the state known in the CSP's network of the Target Communication. For example the direction of initiation on communication (to or from), direction of data flow (to or from), direction association with the identifiers to and from addresses), actions taken by the CSP on behalf of the target or identity translations.
Communication Service Provider (CSP):
The entity that owns or operates the network that provides a service to a subscriber.
delivery:
The action taken by the CSP to perform the necessary correlation and processing of communications associated with a target, and delivering the result to the LEA.
de-provisioning:
The action taken by the CSP, that may be in response to an interception termination request from the LEA, or automatically once the warrant period has expired, to remove from its network functions the information and reporting pertaining to the target.
detection:
The action taken by the CSP to identify communications associated with a target identifier.
edge interception:
Interception performed in less secure locations that could be at customer's premises e.g. H(e)NB, ProSe relays.
group identifier:
A group identity provides a reference to a defined group of one or more users. The use of this group identity applies to all users in the group.
interception:
The actions of Provisioning, Detection, Capture, Delivery, and De-Provisioning.
interception product:
The Intercept Related Information (IRI) and/or Content of Communication (CC) generated as a result of isolating the target's communications or identities for the purpose of delivery to the requesting LEA.
Intercept Related Information (IRI):
Information or data associated with communication services involving the target identity, specifically communication associated information or data (e.g. unsuccessful communication attempts), service associated information or data, and location information.
invocation:
The short, intra-session time scale action (i.e. the activation of the hold feature in the middle of a call session). (See also Activation).
Lawful Access Location Services (LALS):
Action performed by a CSP of obtaining a target's location information by means of Location Services (LCS), and providing that information to an LEA.
Lawful Interception (LI):
Actions taken by the CSP that include: provisioning the target identity in the network to enable isolation of target communications (separating it from other users' communications), duplicating the communications for the purpose of sending the copy to the LEA, and handing over the Interception Product to the LEA that served the CSP with the warrant. An interception is associated with exactly one warrant.
lawful interception identifiers:
Target identifying details as defined in ETSI TS 103 280 [5].
LI delivery latency:
The time between isolation in the Point of Interception and delivery of the Product of Interception at the LEA at the agreed point of handover.
location information:
Information relating to the geographic/ physical or logical location of a target.
Mediation and Delivery Function (MDF):
Functions that convert the CSP internal formats and protocols to the agreed formats and protocols for handover from the CSP to the LEA.
party role:
The role of a user identifies whether the user was for example the initiating party or the addressed party or intermediate addressed party in a communication.
production:
The actions of Detection, Capture, and Delivery.
provisioning:
The action taken by the CSP to insert into its network functions information that identifies the target and the specific communication services of interest to the LEA, sourced from the LEA provided warrant.
target communication:
All communications, communication attempts (successful or not), and network interactions that originate from, are directed to, are controlled by, or are associated with, the target's identifiers, equipment, facilities or services, including actions taken by the network on behalf of the target, that are available in the CSP's network.
target identity:
A network or service identity that uniquely identifies a target for interception from all other non-targets within one or more CSP services. One target may have one or several target identities. The target identity can be a long term subscription based identity, a short term network identity, a public available identity or an internal used (private) identity.
third party:
A resource or entity which is not fully owned and fully controlled by the CSP.
warrant:
The formal mechanism to require Lawful Interception from a LEA served to the CSP on a single target identifier. Depending on jurisdiction also known as: intercept request, intercept order, lawful order, court order, lawful order or judicial order (in association with supporting legislation).
Up

3.2  AbbreviationsWord‑p. 7
For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.
ADMF
ADMinistration Function
CAT
Customized Alerting Tone
CC
Content of Communication
CRS
Customized Ringing Signal
CSP
Communications Service Provider
gNB
5G NodeB
GUTI
Globally Unique Temporary Identifier
HeNB
Home eNodeB
H(e)NB
HNB and HeNB
HNB
Home NodeB
IRI
Intercept Related Information
LALS
Lawful Access Location Services
LEA
Law Enforcement Agency
LEMF
Law Enforcement Monitoring Facility
LI
Lawful Interception
MC
Mission Critical
MCPTT
Mission Critical Push to Talk
MDF
Mediation and Delivery Function
POI
Point Of Interception
SUCI
SUbscription Concealed Identifier
SUPI
SUbscription Permanent Identifier
UTC
Coordinated Universal Time
Up

4  Jurisdiction specific Lawful Interception requirementsWord‑p. 8
Lawful Interception requirements are subject to jurisdiction specific regulations and should be interpreted accordingly.
Requirements called out in jurisdiction specific Lawful Interception regulatory requirements are supported by the system defined in the present document.
Lawful Interception requirements often have national requirements specific to local jurisdictions relating to operational aspects of interception (e.g., interception equipment location and interception scope).

Up   Top   ToC