Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 33.127  Word version:  18.6.0

Top   Top   None   None   Next
0…   5…   5.4…   5.6…   5.7…   6…   6.2.2…   6.2.3…   6.2.5…   6.3…   6.3.3…   6.3.4…   6.4…   7…   7.3…   7.4…   7.4.7…   7.5…   7.6…   7.7…   7.8…   7.9…   7.10…   7.11…   7.12…   7.13…   7.14…   7.15…   7.16…   8…   A…   A.2…   A.3…   A.4…   B…   D…   E…

 

0  Introductionp. 11

The present document has been produced by the 3GPP TSG SA to standardise Lawful Interception of telecommunications. The present document specifies the architecture and functions required to support Lawful Interception in 3GPP networks. Lawful Interception shall always be done in accordance with the applicable national or regional laws and technical regulations. Such national laws and regulations define the extent to which functional capabilities in the present document are applicable in specific jurisdictions.
Up

1  Scopep. 12

The present document specifies both the architectural and functional system requirements for Lawful Interception (LI) in 3GPP networks. The present document provides an LI architecture supporting both network layer based and service layer based Interception.
National regulations determine the specific set of LI functional capabilities that are applicable to a specific 3GPP operator deployment.

2  Referencesp. 12

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 23.501: "System Architecture for the 5G System".
[3]
TS 33.126: "Lawful interception requirements".
[4]
TS 23.502: "Procedures for the 5G System; Stage 2".
[5]
TS 23.271: "Functional stage 2 description of Location Services (LCS)".
[6]
OMA-TS-MLP-V3_5-20181211-C: "Open Mobile Alliance; Mobile Location Protocol, Candidate Version 3.5", https://www.openmobilealliance.org/release/MLS/V1_4-20181211-C/OMA-TS-MLP-V3_5-20181211-C.pdf".
[7]
ETSI TS 103 120: "Lawful Interception (LI); Interface for warrant information".
[8]
ETSI TS 103 221-1: "Lawful Interception (LI); Internal Network Interfaces; Part 1: X1 ".
[9]
TS 33.501: "Security Architecture and Procedures for the 5G System".
[10]
ETSI GR NFV-SEC 011: "Network Functions Virtualisation (NFV); Security; Report on NFV LI Architecture".
[11]
TS 33.107: "3G Security; Lawful interception architecture and functions".
[12]
TS 23.214: "Architecture enhancements for control and user plane separation of EPC nodes; Stage 2".
[13]
TS 23.228: "IP Multimedia Subsystem (IMS); Stage 2".
[14]
TS 38.413: "NG-RAN; NG Application Protocol (NGAP)".
[15]
TS 33.128: "Protocol and Procedures for Lawful Interception; Stage 3".
[16]
ETSI TS 103 221-2: " Lawful Interception (LI); Internal Network Interfaces; Part 2: X2/X3".
[17]
MMS Architecture OMA-AD-MMS-V1_3-20110913-A.
[18]
Multimedia Messaging Service Encapsulation Protocol OMA-TS-MMS_ENC-V1_3-20110913-A.
[19]
TS 22.140: "Multimedia Messaging Service (MMS); Stage 1".
[20]
ETSI GS NFV-IFA 026: "Network Functions Virtualisation (NFV) Release 3; Management and Orchestration; Architecture enhancement for Security Management Specification".
[21]
TS 33.108: "Handover Interface for Lawful Interception (LI)".
[22]
TS 23.401: "General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access".
[23]
TS 23.402: "Architecture enhancements for non-3GPP accesses".
[24]
TS 23.280: "Common functional architecture to support mission critical services; Stage 2".
[25]
OMA-AD-PoC-V2_1-20110802-A: "Push to talk over Cellular (PoC) Architecture".
[26]
GSMA IR.92: "IMS Profile for Voice and SMS".
[27]
GSMA NG.114: "IMS Profile for Voice, Video and Messaging over 5GS".
[28]
TS 24.147: "Conferencing using the IP Multimedia (IM) Core Network (CN) subsystem; Stage 3".
[29]
ETSI GS NFV-SEC 012: "Network Functions Virtualisation (NFV) Release 3; Security; System architecture specification for execution of sensitive NFV components".
[30]
TS 23.273: "5G System (5GS) Location Services (LCS); Stage 2".
[31]
TS 29.522: "5G System; Network Exposure Function Northbound APIs; Stage3".
[32]
TS 29.122: "T8 reference point for Northbound APIs".
[33]
TS 23.682: "Architecture enhancements to facilitate communications with packet data networks and applications".
[34]
OMA-AD-CPM-V2_2-20170926-C: "Open Mobile Alliance, OMA Converged IP Messaging System Description", http://www.openmobilealliance.org/release/CPM/V2_2-20200907-C/OMA-AD-CPM-V2_2-20170926-C.pdf.
[35]
GSMA RCC.07: "Rich Communication Suite - Advanced Communications Services and Client Specification".
[36]
RFC 4975:  "The Message Session Relay Protocol (MSRP)".
[37]
RFC 6714:  "Connection Establishment for Media Anchoring (CEMA) for the Message Session Relay Protocol (MSRP)".
[38]
RFC 3862:  "Common Presence and Instant Messaging (CPIM): Message Format".
[39]
TS 24.229: "IP Multimedia call control protocol based on Session Initiation Protocol (SIP) and Session Description Protocol (SDP); Stage 3".
[40]
RFC 8224:  "Authenticated Identity Management in the Session Initiation Protocol (SIP)".
[41]
RFC 8946:  "Personal Assertion Token (PASSporT) Extension for Diverted Calls".
[42]
draft-ietf-stir-passport-rcd-26:  "PASSporT Extension for Rich Call Data".
[43]
RFC 7095:  "jCard: The JSON Format for vCard".
[44]
TS 24.196: "Enhanced Calling Name (eCNAM)".
[45]
RFC 8816:  "Secure Telephone Identity Revisited (STIR) Out-of-Band Architecture and Use Cases".
[46]
draft-ietf-stir-messaging-08:  "Messaging Use Cases and Extensions for STIR".
[47]
TS 33.535: "Authentication and Key Management for Applications (AKMA) based on 3GPP credentials in the 5G System (5GS)".
[48]
TS 33.220: "Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA)".
[49]
TS 33.222: "Generic Authentication Architecture (GAA); Access to network application functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS)".
[50]
TS 23.040: "Technical realization of the Short Message Service (SMS)".
[51]
TS 23.558: "Architecture for enabling Edge Applications".
[52]
TS 29.518: "5G System; Access and Mobility Management Services; Stage 3".
[53]
TS 26.501: "5G Media Streaming (5GMS); General description and architecture".
[54]
TS 29.272: "Evolved Packet System (EPS); Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related interfaces based on Diameter protocol".
Up

3  Definitions, symbols and abbreviationsp. 14

3.1  Definitionsp. 14

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.
Content of Communication (CC):
The content of communication as forwarded from the Mediation and Delivery Function 3 (over the LI_HI3 interface) to the Law Enforcement Monitoring Facility.
Control Plane (CP) Entity:
The network elements or network functions responsible for handling the Control Plane Functions. These include the SGW and PGW in EPS without CUPS, the SGW-C and PGW-C in EPS with CUPS and the SMF in 5GS.
CUPS:
As defined in TS 23.214, represents PLMN with architecture enhancements for control and user plane separation of EPC nodes.
Intercept Related Information (IRI):
The intercept related information as forwarded from the Mediation and Delivery Function 2 (over the LI_HI2 interface) to the Law Enforcement Monitoring Facility.
IRI event:
The network procedure or event that created an xIRI in the Point Of Interception.
LI component:
The function and equipment involved in handling the Lawful Interception functionality in the CSP's network.
Lawful Interception Identifier (LIID):
Unique identifier that associates a warrant to Lawful Interception Product delivered by the CSP to the LEA.
LI system:
The collection of all LI components involved in handling the Lawful Interception functionality in the CSP's network.
Non-3GPP Access Entity (N3A Entity):
The network functions responsible for interworking between 3GPP Core Network Functions and Non-3GPP access networks. These include TWIF, TNGF, N3IWF and W-AGF.
Non-local ID:
An identity assigned and managed at a different CSP than the CSP performing LI.
Provisioning:
The action taken by the CSP to provide its Lawful Interception functions information that identifies the target and the specific communication services of interest to the LEA, sourced from the LEA provided warrant.
Triggering:
The action taken by a dedicated function (Triggering Function) to provide another dedicated function (Triggered POI), that Provisioning could not directly be applied to, with information that identifies the specific target communication to be intercepted.
User Plane (UP) Entity:
The network elements or network functions responsible for handling the User Plane Functions. These include the SGW and PGW in EPS without CUPS, the SGW-U and PGW-U in EPS with CUPS and the UPF in 5GS.
Warrant:
The formal mechanism to require Lawful Interception from a LEA served to the CSP on a single target identifier. Depending on jurisdiction also known as: intercept request, intercept order, lawful order, court order, lawful order or judicial order (in association with supporting legislation).
xCC:
The content of communication as forwarded from the Point Of Interception (over the LI_X3) interface to the Mediation and Delivery Function 3.
xIRI:
The intercept related information as forwarded from the Point Of Interception (over the LI_X2) interface to the Mediation and Delivery Function 2.
Up

3.2  Symbolsp. 15

Void

3.3  Abbreviationsp. 15

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.
5GC
5G Core Network
5GMS
5G Media Streaming
5GS
5G System
AAnF
AKMA Anchor Function
AC
Application Client
ACR
Application Context Relocation
ADMF
LI Administration Function
AF
Application Function
AF_ID
Application Function Identity
AKA
Authentication and Key Agreement
A-KID
AKMA Key IDentifier
AKMA
Authentication and Key Management for Applications
AMF
Access and Mobility Management Function
AS
Application Server
AUSF
Authentication Server Function
BBIFF
Bearer Binding Intercept and Forward Function
BSS
Business Support System
CAG
Closed Access Group
CC
Content of Communication
CP
Control Plane
CPIM
Common Presence and Instant Messaging
CPS
Call Placement Service
CSI
Cell Supplemental Information
CSP
Communication Service Provider
CSR
Cell Site Report
CUPS
Control and User Plane Separation
DN
Data Network
DNAI
Data Network Access Identifier
DoNAS
Data over NAS
EAP
Extensible Authentication Protocol
EAS
Edge Application Server
ECGI
E-UTRAN Cell Global Identifier
eCNAM
Enhanced Calling Name
ECSP
Edge Computing Service Provider
E-CSCF
Emergency - Call Session Control Function
EDN
Edge Data Network
EEC
Edge Enabler Client
EECID
Edge Enabler Client IDentifier
EES
Edge Enabler Server
GPSI
Generic Public Subscription Identifier
HMEE
Hardware Mediated Execution Enclave
HR
Home Routed
IBCF
Interconnection Border Control Functions
ICF
Identity Caching Function
IEF
Identity Event Function
IMS-AGW
IMS Access Gateway
IM-MGW
IM Media Gateway
IP
Interception Product
IQF
Identity Query Function
IRI
Intercept Related Information
KAF
AKMA Application Key
KAKMA
AKMA Anchor Key
KID
Key IDentifier
KLI
Decryption key(s) for services encrypted by CSP-provided keys
KSF
Key Server Function
LAF
Location Acquisition Function
LALS
Lawful Access Location Services
LARF
Location Acquisition Requesting Function
LBO
Local Break Out
LEA
Law Enforcement Agency
LEMF
Law Enforcement Monitoring Facility
LI
Lawful Interception
LI CA
Lawful Interception Certificate Authority
LICF
Lawful Interception Control Function
LI_HI1
Lawful Interception Handover Interface 1
LI_HI2
Lawful Interception Handover Interface 2
LI_HI3
Lawful Interception Handover Interface 3
LI_HI4
Lawful Interception Handover Interface 4
LI_HILA
Lawful Interception Handover Interface Location Acquisition
LI_HIQR
Lawful Interception Handover Interface Query Response
LIID
Lawful Interception Identifier
LIPF
Lawful Interception Provisioning Function
LIR
Location Immediate Request
LI_SI
Lawful Interception System Information Interface
LISSF
Lawful Interception State Storage Function
LI_ST
Lawful Interception State Transfer Interface
LI_T1
Lawful Interception Internal Triggering Interface 1
LI_T2
Lawful Interception Internal Triggering Interface 2
LI_T3
Lawful Interception Internal Triggering Interface 3
LI_X0
Lawful Interception Internal Interface 0
LI_X1
Lawful Interception Internal Interface 1
LI_X2
Lawful Interception Internal Interface 2
LI_X2_LA
Lawful Interception Internal Interface 2 Location Acquisition
LI_X3
Lawful Interception Internal Interface 3
LI_X3A
Lawful Interception Internal Interface 3 Aggregator
LI_XEM1
Lawful Interception Internal Interface Event Management Interface 1
LI_XER
Lawful Interception Internal Interface Event Record
LI_XLA
Lawful Interception Internal Interface Location Acquisition
LI_XQR
Lawful Interception Internal Interface Query Response
LMF
Location Management Function
LMISF
LI Mirror IMS State Function
LMISF-CC
LMISF for the handling of CC
LMISF-IRI
LMISF for the handling of IRI
LTF
Location Triggering Function
MA
Multi-Access
MANO
Management and Orchestration
MDF
Mediation and Delivery Function
MDF2
Mediation and Delivery Function 2
MDF3
Mediation and Delivery Function 3
MRFP
Multimedia Resource Function Processor
MSRP
Message Session Relay Protocol
N3A
Non-3GPP Access
N3IWF
Non 3GPP Inter Working Function
N9HR
N9 Home Routed
NAS
Non-Access Stratum
NCGI
NR Cell Global Identity
NEF
Network Exposure Function
NFV
Network Function Virtualisation
NFVI
Network Function Virtualisation Infrastructure
NFVO
Network Function Virtualisation Orchestrator
NIDD
Non-IP Data Delivery
NPLI
Network Provided Location Information
NR
New Radio
NRF
Network Repository Function
NSSF
Network Slice Selection Function
OSS
Operations Support System
PAG
POI Aggregator
PCF
Policy Control Function
P-CSCF
Proxy - Call Session Control Function
PEI
Permanent Equipment Identifier
PGW
PDN Gateway
PGW-C
PDN Gateway Control Plane
PGW-U
PDN Gateway User Plane
POI
Point Of Interception
PLMN
Public Land Mobile Network
PTC
Push to Talk over Cellular
RCD
Rich Call Data
RCS
Rich Communication Suite
S8HR
S8 Home Routed
SCEF
Service Capability Exposure Function
SCS
Service Capability Server
SGW
Serving Gateway
SGW-C
Serving Gateway Control Plane
SGW-U
Serving Gateway User Plane
SHAKEN
Signature-based Handling of Asserted information using toKENs
SIRF
System Information Retrieval Function
S-CSCF
Serving - Call Session Control Function
SIP
Session Initiation Protocol
SMF
Session Management Function
SMSF
SMS-Function
STF
Security Terminating Function
STIR
Secure Telephony Identity Revisited
SUCI
Subscriber Concealed Identifier
SUPI
Subscriber Permanent Identifier
TAI
Tracking Area Identity
TF
Triggering Function
TLS
Transport Layer Security
TNGF
Trusted Non-3GPP Gateway Function
TrGW
Transit Gateway
TWIF
Trusted WLAN Interworking Function
UDM
Unified Data Management
UDR
Unified Data Repository
UDSF
Unstructured Data Storage Function
UPF
User Plane Function
VNF
Virtual Network Function
VNFC
Virtual Network Function Component
W-AFG
Wireline Access Gateway Function
xCC
LI_X3 Content of Communication
xIRI
LI_X2 Intercept Related Information
Up

4  Requirements realisationp. 18

The LI architecture set out in the present document is designed to allow CSP deployments to meet the set of LI requirements described in TS 33.126 that are determined to be applicable by the relevant national regulation for that deployment. For more details on the relationship between LI requirements and national legislation, see clause 4 of TS 33.126.
A CSP may deploy different network technologies or services considered in the present document. A CSP should consider each of these network technologies or services separately with respect to the present document, bearing in mind that a different subset of LI requirements may apply according to relevant national legislation, and that a warrant may require the CSP to intercept multiple network technologies or services.
Up

Up   Top   ToC