|
Cryptome DVDs are offered by Cryptome. Donate $25 for two DVDs of the Cryptome 12-years collection of 46,000 files from June 1996 to June 2008 (~6.7 GB). Click Paypal or mail check/MO made out to John Young, 251 West 89th Street, New York, NY 10024. The collection includes all files of cryptome.org, jya.com, cartome.org, eyeball-series.org and iraq-kill-maim.org, and 23,000 (updated) pages of counter-intelligence dossiers declassified by the US Army Information and Security Command, dating from 1945 to 1985.The DVDs will be sent anywhere worldwide without extra cost. |
20 January 2007
ftp://ftp.3gpp.org/TSG_SA/TSG_SA/TSGS_34/Docs/SP-060691.zip
[Excerpt]
10.31 (LI-7A) - Lawful Interception in the 3GPP Rel-7 Architecture
TD SP-060508 [below] CR to 33.107 with Editorial Updates by Rapporteur. This was provided by SA WG3.
Discussion and conclusion:
It was asked whether the changes are really editorial. The SA WG3 Chairman clarified that the changes do not have any technical significance according to the LI experts. It was decided to change the Category to "F" in TD SP-060659 which was approved. [SP-060659 not available.]
___________________
TD SP-060509 CR to 33.108 on WLAN Interworking Interception Details (v7.0). This was provided by SA WG3.
Discussion and conclusion:
It was noted that this CR had a hanging paragraph, which was corrected in TD SP-060660 [below] and approved.
ftp://ftp.3gpp.org/TSG_SA/TSG_SA/TSGS_33/Docs/SP-060508.zip
Technical Specification Group Services and System Aspects TSGS#33(06)0508
Meeting #33, 25 - 28 September 2006,
Palm Springs, USA
Source SA WG3
Title: CR to 33.107 with Editorial Updates by rapporteur
Document for: Approval
Agenda Item: 10.31
To SA Doc. No. Spec. No. CR No. Rev Rel Cat Title Vers Vers New SA3 Doc. No.
SP-33 SP-060508 33.107 058 - Rel-7 D CR to 33.107 with editorial updates 7.3.0 7.4.0 S3-060560
_________________
3GPP TSG SA WG3 (Security) meeting
#44
S3-060560
Tallinn, Estonia, 11 - 14
July
2006
Agenda Item:
3GPP TSG-SA3
LI Meeting
#22
Tdoc SA3LI0667r1
Montreal, Canada, 28-30
June 2006
CR-Form-v7.1 |
||||||||
CHANGE
REQUEST |
||||||||
|
||||||||
33.107 |
CR |
058 |
- |
7.3.0 |
||||
|
||||||||
For
HELP
on
using this form, see bottom of this page or look at the pop-up text over
the
z[H5]
symbols. |
||||||||
|
|
ME |
|
Radio Access Network |
|
Core Network |
X |
|
||||||||||
Editorial Update by rapporteur |
||||||||||
|
|
|||||||||
SA3-LI |
||||||||||
|
|
|||||||||
LI-7A |
|
11/07/2006 |
||||||||
|
|
|
|
|
||||||
D |
|
Rel-7 |
||||||||
|
Use one of the following
categories:
Detailed explanations of the above categories can |
Use
one of the following releases:
Rel-7
(Release 7)
|
||||||||
|
|
|||||||||
Review of Rel. 7 specification by the group and the rapporteur |
||||||||||
|
|
|||||||||
Improving of wording |
||||||||||
|
|
|||||||||
Misinterpretation might be possible |
||||||||||
|
|
|||||||||
1,
4,
5.1.1,
5.2.2,
5.2.3,
6,
6.1,
7.1,
7.2,
7.2.1,
7.3.2,
7.4 until
7.4.10, 8.5.2
|
||||||||||
|
|
|||||||||
|
Y |
N |
|
|
||||||
|
X |
|
||||||||
affected: |
|
X |
Test
specifications |
|
||||||
|
|
X |
O&M
Specifications |
|
||||||
|
|
|||||||||
|
||||||||||
*****************BEGIN
OF CHANGE
*****************
The present document describes the architecture and functional requirements within a Third Generation Mobile Communication System (3GPP MS).
The specification shows the service requirements from a Law Enforcement point of view only. The aim of this document is to define a 3GPP MS interception system that supports a number of regional interception regulations, but these regulations are not repeated here as they vary. Regional interception requirements shall be met in using specific (regional) mediation functions allowing only required information to be transported.
The handover interfaces for Lawful Interception (LI) of
Packet-Data Services, Circuit Switched Services, and Multimedia Services
within the UMTS network for
Sstage
3 are described in 3GPP TS 33.108 [11].
*****************NEXT CHANGE*****************
The following figures contain the reference configuration for the lawful interception. The circuit-switched configuration is shown in figure 1a. The packet-switched configuration is shown in figure 1b. Intercept configurations for HLR and IMS are shown in figures 1c and 1d. The WLAN interworking configuration is shown in figure 1e. The various entities and interfaces are described in more detail in the succeeding clauses.
PS domain of the UMTS system (GSN and Multimedia Packet
Data services) and 3GPP-WLAN interworking network provide UMTS/GSM
customers mobile equipment (UE) with connectivity service to another
end of the communication. Another end of the communication may be a network
element (server) or another UE. Therefore, UMTS system provides IP layer
[15] services. Hence, UMTS NO/AP is responsible only for IP layer interception
of CC data. In addition to CC data, the LI solution for UMTS offers generation
of IRI records from respective control plane (signalling) messages. The IP
layer connectivity service is needed to support application layer [16] service
provision to UMTS/GSM customers. For instance, the following are examples
of application layer services: email service; web browsing
service;,
FTP
service;,
audio services (e.g. VoIP,
PoC);,
other multimedia services (MBMS, video
telephony);,
etc.
The
Mmajority
of the application layer services require addition of respective server
functionality to the network. Note that it is not necessary that such application
layer SP should be the same commercial entity as the UMTS AP/NO in question.
NOTE 1: For instance in MBMS a BM-SC and especially content providing server may be operated by different commercial entity than UMTS network.
Figure 1a: Circuit switched intercept configuration
Figure 1b: Packet Switched Intercept
configuration
Figure 1c: HLR Intercept
configuration
Figure 1d: IMS-CSCF Intercept configuration
Figure 1e: WLAN Interworking Intercept configuration
The reference configuration is only a logical representation
of the entities involved in lawful interception and does not mandate separate
physical entities.
This
allows for higher levels of integration.
Regional Mediation Functions, which may be transparent or part of the administration and delivery functions, are used to convert information on the HI1, HI2 and HI3 interfaces in the format described in various national or regional specifications. For example, if ES 201 671 [3] or J-STD-025 [8] is used, then the adaptation to HI1, HI2 and HI3 will be as defined in those specifications.
There is one Administration Function (ADMF) in the network. Together with the delivery functions it is used to hide from the 3G ICEs that there might be multiple activations by different Law Enforcement Agencies (LEAs) on the same target. The administration function may be partitioned to ensure separation of the provisioning data from different agencies.
See the remaining clauses of this document for definitions of the X1_1, X1_2, X1_3, X2 and X3 interfaces.
Interception at the Gateways is a national option.
In figure 1a DF3 is responsible for two primary functions:
- Call Control (Signalling) for the Content of Communication (CC); and
- Bearer Transport for the CC.
HI3 is the interface towards the LEMF. It must be able to handle the signalling and the bearer transport for CC.
In figures 1a, 1b and 1e, the HI2 and HI3-interfaces represent the interfaces between the LEA and two delivery functions. The delivery functions are used:
- to distribute the Intercept Related Information (IRI) to the relevant LEA(s) via HI2 (based on IAs, if defined);
- to distribute the Content of Communication (CC) to the relevant LEA(s) via HI3 (based on IAs, if defined).
In figures 1c and 1d the HI2 interface represents the interface between the LEA and the delivery function. The delivery function is used to distribute the Intercept Related Information (IRI) to the relevant LEA(s) via HI2.
NOTE 2: With reference to figure 1c, CC interception does not apply to HLR.
NOTE 3: For IMS, figure 1d relates to the provision of IRI for SIP messages handled by the CSCF. Interception of CC for this case can be done at the GSN under a separate activation and invocation, according to the architecture in Figure 1b (see also clause 7.A.1).
*****************NEXT
CHANGE*****************
The messages sent from the ADMF to the 3G ICEs (X1_1-interface) contain the:
- target identities (MSISDN, IMSI, IMEI, SIP URI or TEL URL, NAI) (see notes 4, 5, 6);
- information whether the Content of Communication (CC) shall be provided (see note 1);
- address of Delivery Function 2 (DF2) for the intercept related information (see note 2);
- address of Delivery Function 3 (DF3) for the intercepted content of communications (see note 3);
- IA in the case of location dependent interception.
NOTE 1:
As an option, the filtering whether intercept
productcontent
of
communications
and/or intercept related information has to
be provided can be part of the delivery functions. (Note that intercept
product
content
of communications options do not apply at the CSCF, HLR and
AAA server). If the option is used, the corresponding information can be
omitted on the X1_1-interface, while "information not present" means "intercept
content
of
communicationsproduct and related information
has to be provided" for
the
ICE. Furthermore the delivery function which is not requested
has to be "pseudo-activated", in order to prevent error cases at
invocation.
NOTE 2: As an option, only a single DF2 is used by and known to every 3G ICE. In this case the address of DF2 can be omitted.
NOTE 3: As an option, only a single DF3 is used by and known to every 3G ICE (except at the CSCFs, HLR and AAA server). In this case the address of DF3 can be omitted.
NOTE 4: Since the IMEI is not available, interception based on IMEI is not applicable at the 3G Gateway. Moreover, in case the IMEI is not available, interception based on IMEI is not applicable at 3G ICEs.
NOTE 5: Interception at the CSCFs is based upon either SIP URI or TEL URL. SIP URI and TEL URL as target identities are not supported by the other ICEs.
NOTE 6: Interception based on NAI is only applicable at AAA server and PDG. As the NAI could be encrypted or based on temporary identity at the PDG, interception based on the NAI is not applicable in those cases in that node.
NOTE 7: Void
If after activation
subsequently
Content of Communications (CC) or Intercept Related Information (IRI) has
to be activated (or deactivated) an "activation change request" with the
same identity of the target is to be sent.
Figure 3: Information flow on X1_1-interface for Lawful Interception activation
Interception of a target can be activated on request from different LEAs and each LEA may request interception via a different identity. In this case, each target identity on which to intercept will need to be sent via separate activation messages from ADMF to the 3G ICEs on the X1_1-interface. Each activation can be for IRI only, or both CC and IRI.
When several LEAs request activation on the same identity
andthen
the ADMF determines that there
areis
an existing
activations
on the
identity.
In this case, the ADMF may (as an implementation option)
send
an additional activation
message(s)
to the 3G ICEs. When the activation needs to change from IRI only to
CC and IRI an activation change message will be sent to the
3G ICEs.
In the case of a secondary interception activation only the relevant LEAs will get the relevant IRIs.
*****************NEXT
CHANGE*****************
.
The message(s) sent from the ADMF to Delivery Function 2 for the deactivation of the Intercept Related Information contains:
- a DF2 activation ID, which uniquely identifies the activation to be deactivated for DF2.
If a target is intercepted by several LEAs and/or several identities simultaneously, a single deactivation is necessary for each combination of LEA and identity.
Figure 7: Information flow on X1_2-interface for Lawful Interception deactivation
For
the deactivating the delivery of the CC the
message(s)
sent from the ADMF to DF3
contains:
- a DF3 activation ID, which uniquely identifies the activation to be deactivated for DF3.
Figure 8: Information flow on X1_3-interface for Lawful Interception deactivation
*****************NEXT
CHANGE*****************
Figure 11 shows an extraction from the reference configuration in figure 1a which is relevant for the invocation of the lawful interception.
Figure 11: Functional model for Lawful Interception invocation
The HI2 and HI3 interfaces represent the interfaces between the LEMF and two delivery functions. Both interfaces are subject to national requirements. They are included for completeness, but are beyond the scope of standardization in this document. The delivery functions are used:
- to convert the information on the X2-interface to the corresponding information on the HI2-interface;
- to convert the information on the X3-interface to the corresponding information on the HI3-interface;
- to distribute the intercept related information to the relevant LEA(s) (based on IAs, if defined);
- to
distribute the intercept
content
of
communicationsproduct to the relevant LEA(s) (based
on IAs, if defined).
For the delivery of the CC and IRI, the 3G MSC Server provides
a correlation number and target identity to the DF2 and DF3 which is used
there
in order to select the different LEAs to which the product shall
be delivered.
NOTE: If interception has been activated for both parties of the call both CC and IRI will be delivered for each party as separate intercept activity.
The Mc interface between the 3G MSC Server and MGW is used to establish intercept and deliver the bearer to DF3.
For Location Dependent Interception, the location dependency check occurs at the establishment of each call. Subsequent dependency checks for simultaneous calls are not required, but can be a national option.
If a target is marked using an IA in the 3G MSC Server, the 3G MSC Server shall perform a location dependency check at call set-up. Only if the target's location matches the IA then the call is intercepted.
If a target is marked using an IA in the DF2, the DF2 shall perform a location dependency check at reception of the first IRI for the call. Only if the targets location matches the IA for certain LEAs is IRI the relayed to these LEAs. All subsequent IRIs for the call are sent to the same LEAs.
If a target is marked using an IA in the DF3, the DF3 signalling function shall perform a location dependency check at reception of the CC. Only if the targets location matches the IA for certain LEAs is the CC relayed to these LEAs.
*****************NEXT
CHANGE*****************
Figure 12 shows the access method for the delivering of CC. The access method shall be a bridged/ T-connection.
Figure 12: Delivery configuration to the LEMF for the interception of a circuit switched call
The signals of both parties of the configuration to be intercepted are delivered separately to the LEMF. The delivery function has no impact on the connection between the subscribers.
The two stublines towards the LEMF are established in parallel to the call set up. For both stublines the address is used which has been provided during activation.
Bearer, and only bearer, is sent from the MGW to the bearer function of DF3.
NOTE: For data calls it is necessary to provide means for fast call establishment towards the LEMF to help ensure that the beginning of the data transmission is delivered.
The following
information needs to be transferred from the 3G MSC Server
(to
be confirmed by SA WG3 LI group) to the DF3 in order to
allow the DF3 to perform its functionality:
- target identity (MSISDN, IMSI or IMEI); note 1
- the target location (if available) or the IAs in case of location dependent interception. note 1
- correlation number (IRI <-> CC);
- direction indication - (Signal from target or signal to target).
NOTE 1: For DF3 internal use only.
Additional information may be provided if required by national laws.
*****************NEXT
CHANGE*****************
Figure 19 shows an SMS transfer from the 3G SGSN node to the LEA. Quasi-parallel to the delivery from / to the mobile subscriber a SMS event, which contains the content and header of the SMS, is generated and sent via the Delivery Function 2P to the LEA in the same way as the Intercept Related Information. National regulations and warrant type determine if a SMS event shall contain only SMS header, or SMS header and SMS content.
The IRI will be delivered to the LEA:
- for a SMS-MO. Dependent on national requirements, delivery shall occur either when the 3G SGSN receives the SMS from the target MS or when the 3G SGSN receives notification that the SMS-Centre successfully received the SMS;
- for a SMS-MT. Dependent on national requirements, delivery shall occur either when the 3G SGSN receives the SMS from the SMS-Centre or when the 3G SGSN receives notification that the target MS successfully received the SMS.
Figure 19: Provision of Intercept Product - Short Message
Service
The access method for the delivering of Packet Data GSN
Intercept Product is based on duplication of packets without modification
at 3G GSN. The duplicated packets with additional information in
thea
header, as described in
the7.2.1
following
clauses, are sent to
DF3P
for further delivery
via
a
tunnelto
the LEA.
Figure 20: Configuration for interception of Packet Data GSN product data
In addition to the intercepted content of communications, the following information needs to be transferred from the 3G GSN to the DF3P in order to allow the DF3P to perform its functionality:
- target identity;
- correlation number;
- time stamp - optional;
- direction (indicates whether T-PDU is MO or MT) - optional;
- the target location (if available) or the IAs in case of location dependent interception.
As a national option, in the case where the 3G GGSN is performing interception of the content of communications, the intercept subject is handed off to another SGSN and the same 3G GGSN continues to handle the content of communications subject to roaming agreements, the 3G GGSN shall continue to perform the interception of the content of communication.
*****************NEXT
CHANGE*****************
There are several different events in which the information is sent to the DF2 if this is required. Details are described in the following clause. The events for interception are configurable (if they are sent to DF2) in the 3G GSN or the HLR and can be suppressed in the DF2.
The following events
are applicable to 3G SGSN:
- Mobile Station Attach;
- Mobile Station Detach;
- PDP context activation;
- Start of interception with mobile station attached (national option);
- Start of intercept with PDP context active;
- PDP context modification;
- PDP context deactivation;
- RA update;
- SMS.
NOTE: 3G GGSN interception is a national option. Location information may not be available in this case.
The following events are applicable to the 3G
GGSN:
- PDP context
activation;
- PDP context
modification;
- PDP context deactivation;
- Start of interception with PDP context active.
The following events are applicable to the
HLR:
- Serving System.
A set of
fields
elements
as shown below can be associated with the events. The events
trigger the transmission of the information from 3G GSN or HLR to DF2. Available
IEs from this set of
fields
elements
as shown below can be extended in the 3G GSN or HLR, if this
is necessary as a national option. DF2 can extend available information if
this is necessary as a national option e.g. a unique number for each surveillance
warrant.
Table 2: Information Events for Packet Data Event Records
Observed MSISDN MSISDN of the target subscriber (monitored subscriber). |
Observed IMSI IMSI of the target subscriber (monitored subscriber). |
Observed IMEI IMEI of the target subscriber (monitored subscriber),it shall be checked for each activation over the radio interface. |
Event type Description which type of event is delivered: MS attach, MS detach, PDP context activation, Start of intercept with PDP context active, PDP context deactivation, SMS, Serving System, Cell and/or RA update. |
Event date Date of the event generation in the 3G GSN or the HLR. |
Event time Time of the event generation in the 3G GSN or the HLR. Timestamp shall be generated relative to GSN or HLR internal clock. |
PDP address The PDP address of the target subscriber. Note that this address might be dynamic. |
Access Point Name The APN of the access point. (Typically the GGSN of the other party). |
Location Information Location Information is the Service Area Identity (SAI), RAI and/or location area identity that is present at the GSN at the time of event record production. |
Old Location Information Location Information of the subscriber before Routing Area Update |
PDP Type The used PDP type. |
Correlation Number The correlation number is used to correlate CC and IRI. |
SMS The SMS content with header which is sent with the SMS-service. The header also includes the SMS-Centre address. |
Network Element Identifier Unique identifier for the element reporting the ICE. |
Failed attach reason Reason for failed attach of the target subscriber. |
Failed context activation reason Reason for failed context activation of the target subscriber. |
IAs The observed Interception Areas. |
Initiator The initiator of the PDP context activation, deactivation or modification request either the network or the 3G MS. |
SMS Initiator SMS indicator whether the SMS is MO or MT. |
Deactivation / termination cause The termination cause of the PDP context. |
QoS This field indicates the Quality of Service associated with the PDP Context procedure. |
Serving System Address Information about the serving system (e.g. serving SGSN number or serving SGSN address). |
For attach an attach-event is generated. When an attach
activation is generated from the mobile to
servicing
3G G SN this event is generated. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
Event Type |
Event Time |
Event Date |
Network Element Identifier |
Location Information |
Failed attach reason |
IAs (if applicable) |
For detach a detach-event is generated, this is for the
common (end) detach. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
Event Type |
Event Time |
Event Date |
Network Element Identifier |
Location Information |
IAs (if applicable) |
For
PDP context activation a PDP context activation-event is generated.
When a PDP context activation is generated
from
the mobile to 3G GSN
a
PDP context
activation-eventthis event is generated. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
PDP address of observed party |
Event Type |
Event Time |
Event Date |
Correlation number |
Access Point Name |
PDP Type |
Network Element Identifier |
Location Information |
Failed context activation reason |
IAs (if applicable) |
Initiator (optional) |
QoS (optional) |
This event will be generated if interception for a target
is started and if the target has at least one PDP context active. If more
then one PDP context are
open,
for each of them an event record is generated. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
PDP address of observed party |
Event Type |
Event Time |
Event Date |
Correlation number |
Access Point Name |
PDP Type |
Network Element Identifier |
Location Information |
Old Location Information (optional) |
IAs (if applicable) |
QoS (optional) |
Initiator (optional) |
Presence of the optional Old Location Information field indicates that PDP context was already active, and being intercepted. However, the absence of this information does not imply that interception has not started in the old location SGSN for an active PDP context.
Start of interception with PDP context active shall be sent regardless of whether a Start of interception with mobile station attached has already been sent.
At PDP context deactivation a PDP context deactivation-event
is generated. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
PDP address of observed party |
Event Type |
Event Time |
Event Date |
Correlation number |
Access point name |
Network Element Identifier |
Location Information |
IAs (if applicable) |
Deactivation cause |
Initiator (optional) |
For each RA update an update-event with the
fields
elements
about the new location is generated. New SGSN shall send the
event, and the old SGSN may optionally send the event as well. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
Event Type |
Event Time |
Event Date |
Network Element Identifier |
Location Information (only for the new SGSN) |
Old Location Information (only for the old SGSN) |
IAs (if applicable) |
NOTE: Once target moves out of the interception area, old SGSN may report the RAU event. Normally, however, the old SGSN does not receive the new SGSNs RAI, while the new SGSN does receive the old SGSNs RAI from UE with the RAU Request message.
For MO-SMS the event is generated in the 3G SGSN. Dependent
on national requirements, event generation shall occur either when the 3G
SGSN receives the SMS from the target MS or when the 3G SGSN receives
notification that the SMS-Centre successfully receives the SMS; for MT-SMS
the event is generated in the 3G SGSN. Dependent on national requirements,
event generation shall occur either when the 3G SGSN receives the SMS from
the SMS-Centre or when the 3G SGSN receives notification that the target
MS successfully received the message. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
Event Type |
Event Time |
Event Date |
Network Element Identifier |
Location Information |
SMS |
SMS Initiator |
IAs (if applicable) |
This event will be generated if interception for a target
is started and if the target has at least one PDP context active. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
PDP address of observed party |
Event Type |
Event Time |
Event Date |
Correlation number |
Access Point Name |
PDP Type |
Network Element Identifier |
Location Information |
IAs (if applicable) |
Initiator |
QoS |
The Serving System report event is generated at the HLR,
when the HLR has detected that the intercept subject has roamed. The
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
Event Type |
Event Time |
Event Date |
Network Element Identifier |
Serving System Address |
This event will be generated if interception has started
for the already attached target. These
fields
elements
will be delivered to the DF2 if available:
Observed MSISDN |
Observed IMSI |
Observed IMEI |
Event Type |
Event Time |
Event Date |
Network Element Identifier |
Location Information |
IAs (if applicable) |
*****************NEXT
CHANGE*****************
The administration function in the 3GPP MS shall be capable
to
of
performing
a periodic consistency check to ensure that the target list of target identities
in all involved 3G MSC Servers, CSCFs, 3G GSNs in the 3GPP MS and the DFs
contain the appropriate target Ids consistent with the intercept orders in
the ADMF. The reference data base is the ADMF data base.
*****************END OF CHANGE
*****************
[H1] Enter the specification number in this box. For example, 04.08 or 31.102. Do not prefix the number with anything . i.e. do not use "TS", "GSM" or "3GPP" etc.
[H2] Enter the CR number here. This number is allocated by the 3GPP support team. It consists of at least three digits, padded with leading zeros if necessary.
[H3] Enter the revision number of the CR here. If it is the first version, use a "-".
[H4] Enter the version of the specification here. This number is the version of the specification to which the CR will be applied if it is approved. Make sure that the latest version of the specification (of the relevant release) is used when creating the CR. If unsure what the latest version is, go to http://www.3gpp.org/specs/specs.htm.
[H5] For help on how to fill out a field, place the mouse pointer over the special symbol closest to the field in question.
[H6] Mark one or more of the boxes with an X.
[H7] SIM / USIM / ISIM applications.
[H8] Enter a concise description of the subject matter of the CR. It should be no longer than one line. Do not use redundant information such as "Change Request number xxx to 3GPP TS xx.xxx".
[H9] Enter the source of the CR. This is either (a) one or several companies or, (b) if a (sub)working group has already reviewed and agreed the CR, then list the group as the source.
[H10] Enter the acronym for the work item which is applicable to the
change. This field is mandatory for category F, B & C CRs for release
4 and later. A list of work item acronyms can be found in the 3GPP work plan.
See
http://www.3gpp.org/ftp/information/work_plan/
.
The list is also included in a MS Excel file included in the zip file containing
the CR cover sheet template.
[H11] Enter the date on which the CR was last revised. Format to be interpretable by English version of MS Windows ® applications, e.g. 19/02/2002.
[H13] Enter a single release code from the list below.
[H14] Enter text which explains why the change is necessary.
[H15] Enter text which describes the most important components of the change. i.e. How the change is made.
[H16] Enter here the consequences if this CR was to be rejected. It is necessary to complete this section only if the CR is of category "F" (i.e. correction).
[H17] Enter the number of each clause which contains changes.
[H18] Tick "yes" box if any other specifications are affected by this change. Else tick "no". You MUST fill in one or the other.
[H19] List here the specifications which are affected or the CRs which are linked.
[H20] Enter any other information which may be needed by the group being requested to approve the CR. This could include special conditions for it's approval which are not listed anywhere else above.
ftp://ftp.3gpp.org/TSG_SA/TSG_SA/TSGS_33/Docs/SP-060660.zip
[DOC converted to HTML.]
Technical Specification Group Services and System
Aspects
TSGS#33(06)0660
Meeting
#33, 25 28 September 2006,
Palm
Springs, USA
Source
SA
Title:
CR to 33.108 on WLAN Interworking Interception Details (Rel
7)
Document
for:
Approval
Agenda
Item:
10.31
Revision of SP-060509 to remove hanging paragraphs.
To |
SA Doc.
No. |
Spec.
No. |
CR No. |
Rev |
Rel |
Cat |
Title |
Vers |
Vers
New |
SA3 Doc.
No. |
SP-33 |
SP-060660 |
33.108 |
088 |
1 |
Rel-7 |
B |
CR to 33.108 on WLAN Interworking
Interception Details (v7.0) |
7.4.0 |
7.5.0 |
- |
3GPP TSG SA WG3 (Security) meeting
#44
(S3-060559)
Tallinn, Estonia, 11
- 14 July
2006
Agenda Item:
CR-Form-v7.1 |
||||||||
CHANGE
REQUEST |
||||||||
|
||||||||
z |
33.108 |
CR |
0088 |
z
rev |
1 |
z Current version: |
7.5.0 |
z |
|
||||||||
For
HELP
on
using this form, see bottom of this page or look at the pop-up text over
the
z
symbols. |
||||||||
|
Proposed change
affects:
z |
UICC
appsz |
|
ME |
|
Radio Access Network |
|
Core Network |
X |
|
||||||||||
Title:
z |
TS 33.108 - WLAN Interworking Interception Details
(v7.0) |
|||||||||
|
|
|||||||||
Source:
z |
SA |
|||||||||
|
|
|||||||||
Work item code:
z |
LI-7A |
|
Date:
z |
27/09/2006 |
||||||
|
|
|
|
|
||||||
Category:
z |
B |
|
Release:
z |
Rel-7 |
||||||
|
Use one of the following
categories:
Detailed explanations of the above categories can |
Use
one of the following releases:
Rel-7
(Release 7)
|
||||||||
|
|
|||||||||
Reason for change:
z |
TS 33.107 defined an approach for handling the LI of WLAN
Interworking. This document
provides changes to TS 33.108 to realize this approach over the Handover
Interfaces (HI2 and HI3) to the LEMF.
|
|||||||||
|
|
|||||||||
Summary of change:
z |
For Interception of WLAN Interworking, add information regarding
Handover Interfaces (HI2 & HI3). |
|||||||||
|
|
|||||||||
Consequences if
z |
Lack of available Handover Interface specification for handling
WLAN Interworking causing possible regulatory
issues. |
|||||||||
|
|
|||||||||
Clauses
affected:
z |
Clause 2, New Clause 8, Annex B.2, and New Annex
B.7 |
|||||||||
|
|
|||||||||
|
Y |
N |
|
|
||||||
Other
specs
z |
|
X |
Other core
specifications
z |
|
||||||
affected: |
|
X |
Test
specifications |
|
||||||
|
|
X |
O&M
Specifications |
|
||||||
|
|
|||||||||
Other
comments:
z |
|
|||||||||
*** FIRST CHANGE Clause
2********
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
· References are either specific (identified by date of publication, edition number, version number, etc.) or nonspecific.
· For a specific reference, subsequent revisions do not apply.
· For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1] ETSI TR 101 331: "Telecommunications security; Lawful Interception (LI); requirements of Law Enforcement Agencies".
[2] ETSI ES 201 158: "Telecommunications security; Lawful Interception (LI); Requirements for network functions".
[3] ETSI ETR 330: "Security Techniques Advisory Group (STAG); A guide to legislative and regulatory environment".
[4] 3GPP TS 29.002: "3rd Generation Partnership Project; Technical Specification Group Core Network; Mobile Application Part (MAP) specification".
[5A] ITUT Recommendation X.680: "Abstract Syntax Notation One (ASN.1): Specification of Basic Notation".
[5B] ITUT Recommendation X.681: "Abstract Syntax Notation One (ASN.1): Information Object Specification".
[5C] ITUT Recommendation X.681: "Abstract Syntax Notation One (ASN.1): Constraint Specification".
[5D] ITUT Recommendation X.681: "Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 Specifications".
[6] ITUT Recommendation X.690: "ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)".
NOTE 1: It is recommended that for [5A], [5B], [5C], [5D] and [6] the 2002 specific versions should be used.
[7] ITUT Recommendation X.880: "Information technology - Remote Operations: Concepts, model and notation".
[8] ITUT Recommendation X.882: "Information technology - Remote Operations: OSI realizations - Remote Operations Service Element (ROSE) protocol specification".
NOTE 2: It is recommended that for [8] the 1994 specific versions should be used.
[9] 3GPP TS 24.008: "3GPP Technical Specification Group Core Network; Mobile radio interface Layer 3 specification, Core network protocol; Stage 3".
[10] Void.
[11] Void.
[12] Void.
[13]
IETF STD 9 (RFC 0959): "File Transfer Protocol
(FTP)".
[14] 3GPP TS 32.215: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication Management; Charging Management; Charging data description for the Packet Switched (PS) domain)".
[15] IETF STD0005 (RFC 0791: "Internet Protocol".
[16] IETF STD0007 (RFC 0793): "Transmission Control Protocol".
[17] 3GPP TS 29.060: "3rd Generation Partnership Project; Technical Specification Group Core Network; General Packet Radio Service (GPRS); GPRS Tunnelling Protocol (GTP) across the Gn and Gp interface".
[18] 3GPP TS 33.106: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful Interception Requirements".
[19] 3GPP TS 33.107: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful interception architecture and functions".
[20] 3GPP TS 23.107: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Quality of Service QoS concepts and architecture".
[21] Void.
[22] Void.
[23]
ANSI/J-STD-025-A: "Lawfully Authorized Electronic
Surveillance".
[24] ETSI TS 101 671: "Handover Interface for the lawful interception of telecommunications traffic".
[25] 3GPP TS 23.003: "3rd Generation Partnership Project; Technical Specification Group Core Network; Numbering, addressing, and identification".
[26] IETF RFC 3261: "SIP: Session Initiation Protocol".
[27] IETF RFC 1006: "ISO Transport Service on top of the TCP".
[28]
IETF RFC 2126: "ISO Transport Service on top of TCP
(ITOT)".
[29] ITU-T Recommendation Q.763: "Signalling System No. 7 - ISDN User Part formats and codes".
[30] ETSI EN 300 356 (all parts): "Integrated Services Digital Network (ISDN); Signalling System No.7; ISDN User Part (ISUP) version 3 for the international interface".
[31] ETSI EN 300 403-1 (V1.3.2): "Integrated Services Digital Network (ISDN); Digital Subscriber Signalling System No. one (DSS1) protocol; Signalling network layer for circuit-mode basic call control; Part 1: Protocol specification [ITU-T Recommendation Q.931 (1993), modified]".
NOTE 3: Reference [31] is specific, because ASN.1 parameter "release-Reason-Of-Intercepted-Call" has the following comment: "Release cause coded in [31] format". In case later version than the given one indicated for ISDN specification ETSI EN 300 4031 has modified format of the "release cause", keeping the reference version specific allows to take proper actions in later versions of this specification.
[32] Void.
[33] Void
[34] ITU-T Recommendation Q.931: "ISDN user-network interface layer 3 specification for basic call control".
[35] Void.
[36] IETF RFC 2806: "URLs for Telephone Calls".
[37] 3GPP TS 23.032: "3rd Generation Partnership Project; Technical Specification Group Core Network; Universal Geographical Area Description (GAD)".
[38] 3GPP TR 21.905: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Vocabulary for 3GPP Specifications".
[39] ISO 3166-1: "Codes for the representation of names of countries and their subdivisions - Part 1: Country codes".
[40]
3GPP TS 23.228: 3rd Generation Partnership Project; Technical
Specification Group Services and System Aspects; IP Multimedia Subsystem
(IMS); Stage
2.
[41] 3GPP TS 29.234: 3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals: 3GPP System to Wireless Local Area Network (WLAN) interworking; Stage 3.
*** NEXT CHANGE NEW CLAUSE
8********
Specific identifiers
are necessary to identify a target for interception uniquely and to correlate
between the data, which is conveyed over the different handover interfaces
(HI2 and HI3). The identifiers are defined in the subsections
below.
For the delivery
of CC and IRI the
PDG
or
AAA
server provide correlation numbers and target identities
to the HI2 and HI3. The correlation number is unique per
I-WLAN
tunnel
and
is used to correlate CC with IRI and the different IRI's of one
I-WLAN
tunnel.
For each target
identity related to an interception measure, the authorized operator (NO/AN/SP)
shall assign a special Lawful Interception Identifier (LIID), which has been
agreed between the LEA and the operator
(NO/AN/SP).
Using an indirect
identification
to
point to a target identity makes it easier to keep the knowledge about a
specific interception target limited within the authorized operator (NO/AN/SP)
and the handling agents at the
LEA.
The LIID is
a component of the CC delivery procedure and of the IRI records. It shall
be used within any information exchanged at the handover interfaces HI2 and
HI3 for identification and correlation
purposes.
The LIID format
shall consist of alphanumeric characters. It might for example, among other
information, contain a lawful authorization reference number, and the date,
when the lawful authorization was
issued.
The authorized
operator (NO/AN/SP) shall either enter a unique LIID for each target identity
of the interception subject or a single LIID for multiple target identities
all pertaining to the same interception
subject.
If more than
one LEA intercepts the same target identity, there shall be unique LIIDs
assigned relating to each
LEA.
The network
identifier (NID) is a mandatory parameter; it should be internationally unique.
It consists of the following two
identifiers.
1)
Operator- (NO/AN/SP) identifier (mandatory):
Unique identification of network operator, access network provider or service
provider.
2)
Network element identifier NEID (optional):
The purpose of the network element identifier is to uniquely identify the
relevant network element carrying out the LI operations, such as LI activation,
IRI record sending,
etc.
A network element identifier may be an IP address or other identifier.
For GSM and UMTS systems deployed in the U.S, the network element identifier
is
required.
The
Correlation Number is unique per
I-WLAN
tunnel
and
used for the following
purposes:
- correlate CC with
IRI (in the
PDG),
- correlate different IRI
records within one
I-WLAN
tunnel (for both PDG and AAA
server).
NOTE: The Correlation
Number is at a minimum unique for each concurrent communication (e.g.
I-WLAN
tunnel)
in
a specific node
(e.g., AAA server or PDG)
of
an
intercept subject within a lawful
authorization.
As
a general principle, within a telecommunication system, IRI, if buffered,
should be buffered for as short a time as
possible.
NOTE: If the transmission
of IRI fails, it may be buffered or
lost.
Subject
to national requirements, the following timing requirements shall be
supported:
- Each IRI data record shall
be sent by the delivery function to the LEMF over the HI2 within seconds
of the detection of the triggering event by the IAP at least 95% of the
time.
- Each IRI data record shall
contain a time-stamp, based on the intercepting
nodes
clock
that
is generated following the detection of the IRI triggering
event.
The
quality of service associated with the result of interception should be (at
least) equal to the quality of service of the original content of communication.
This may be derived from the QoS class used for the original intercepted
session [20]. However, when TCP is used as an OSI layer
4
protocol
across the HI3, real time delivery of the result of the interception cannot
be guaranteed. The QoS used from the operator (NO/AN/SP) to the LEMF is
determined by what operators
(NO/AN/SP) and law enforcement agree
upon.
The
reliability associated with the result of interception should be (at least)
equal to the reliability of the original content of communication. This may
be derived from the QoS class used for the original intercepted
session [20].
Reliability
from the operator (NO/AN/SP) to the LEMF is determined by what operators
(NO/AN/SP) and law enforcement agree
upon.
Security
is defined by national
requirements.
The
number of target interceptions supported is a national
requirement.
The
area of Quantitative Aspects addresses the ability to
perform multiple, simultaneous interceptions within
a provider's network and at each of the relevant intercept access points
within the network. Specifics related to this topic
include:
- The ability to access and
monitor all simultaneous communications originated, received, or redirected
by the interception
subject;
- The ability for multiple
LEAs (up to five) to monitor, simultaneously, the same interception subject
while maintaining unobtrusiveness, including between
agencies;
- The ability of the network
to simultaneously support a number of separate (i.e. multiple interception
subjects) legally authorized interceptions within its service area(s), including
different levels of authorization for each interception, including between
agencies (i.e. IRI only, or IRI and communication
content).
The
IRI will in principle be available in the following phases of a data
transmission:
1. At
I-WLAN
access
initiation
attempt, when the target identity becomes active, at
which time packet transmission may or may not occur
(at
the
set
up of a
I-WLAN
tunnel,
the
target
may be the originating or terminating
party);
2. At the end of a connection, when
the target identity becomes inactive (removal of a
I-WLAN
tunnel);
3. At certain times when relevant
information are
available.
In
addition, information on non-transmission related actions of a target constitute
IRI and is sent via HI2, e.g. information on subscriber controlled
input.
The
IRI may be subdivided into the following
categories:
1. Control information for HI2 (e.g.
correlation
information);
2.
Basic data
communication
information, for standard data transmission between two
parties.
The
events defined in [19] are used to generate records for the delivery via
HI2.
There
are
multiple
different event types received at DF2 level. According to each event, a Record
is sent to the LEMF if this is required. The following table gives the mapping
between event type received at DF2 level and record type sent to the
LEMF.
Table
8.1:
Mapping between
I-WLAN
Events and HI2 records
type
Event
|
IRI
Record Type
|
I-WLAN
Access
Initiation
|
REPORT
|
I-WLAN
Access
Termination
|
REPORT
|
I-WLAN
Tunnel
Establishment
(successful)
|
BEGIN
|
I-WLAN
Tunnel
Establishment
(unsuccessful)
|
REPORT
|
I-WLAN
Tunnel
Disconnect
|
END
|
Start
of intercept with I-WLAN Communication
Active
|
BEGIN
or
REPORT
|
A set of information is used to generate the records. The records used transmit the information from mediation function to LEMF. This set of information can be extended in the ICE or DF2 MF, if this is necessary in a specific country. The following table gives the mapping between information received per event and information sent in records.
For
the event Start of intercept with I-WLAN Communication Active
reported from a AAA server, this event is
reported using
a:
·
REPORT record to provide an indication that I-WLAN
Access Initiation event has already occurred, but there are no tunnels
established yet.
·
BEGIN record to provide an indication that one
or more I-WLAN
Tunnels
are already
established.
Table
8.2:
Mapping between Events information and IRI
information
parameter
|
description
|
HI2
ASN.1 parameter
|
observed
MSISDN
|
Target Identifier with the MSISDN of the target
subscriber (monitored
subscriber).
|
partyInformation
(partyIdentiity)
|
observed
IMSI
|
Target Identifier with the IMSI of the target
subscriber (monitored
subscriber).
|
partyInformation
(partyIdentity)
|
observed
NAI
|
Target Identifier with the
NAI
of the target subscriber (monitored
subscriber).
|
partyInformation
(partyIdentity)
|
event
type
|
Description which type of event is delivered:
I-WLAN
Access Initiation, I-WLAN Access Termination, I-WLAN Tunnel Establishment,
I-WLAN Tunnel Disconnect,
Start
of Intercept with
I-WLAN
Communication
Active, etc.
|
i-WLANevent
|
event
date
|
Date of the event generation in the
PDG
or AAA
server.
|
timeStamp
|
event
time
|
Time of the event generation in the
PDG
or AAA
server.
|
|
WLAN
access
point name
|
The
W-APN
of the access
point.
|
partyInformation
(services-Data-Information)
|
initiator
|
This field indicates whether the
event
being reported is
the
result of an
MS
directed
action
or
network initiated
action
when
either one can initiate the action.
|
initiator
|
correlation
number
|
Unique number for each
I-WLAN
tunnel
delivered
to the LEMF, to help the LEA, to have a correlation between each
I-WLAN
tunnel and the IRI.
|
correlationNumber
|
lawful interception
identifier
|
Unique number for each lawful
authorization.
|
lawfulInterceptionIdentifier
|
WLAN UE Local IP
address
|
The Local
IP
address used by the
target in a WLAN
AN.
|
partyInformation
(services-data-information)
|
WLAN UE
MAC
address
|
MAC
Address
of WLAN UE on the WLAN
|
i-WLANInformation
(wLANMACAddress)
|
WLAN
Remote
IP
address
|
It is
the
IP address of the WLAN UE in the network being accessed by the WLAN UE and
is used in the data packet encapsulated by
the
WLAN UE-initiated tunnel. In
addition, it is the source address used by
applications
in the WLAN UE.
|
partyInformation
(services-data-information)
|
network
identifier
|
Operator ID plus
PDG
or AAA
server
address.
|
networkIdentifier
|
WLAN Operator
name
|
This field identifies the WLAN Operator serving
the intercept subject.
|
i-WLANInformation
(wLANOperatorName)
|
WLAN Location
Name
|
This field
identifies
the name of the location of the WLAN serving the
subject.
|
i-WLANInformation
(wLANLocationName)
|
WLAN Location
Information
|
This field provides
detailed
location information about the WLAN serving the intercept
subject.
|
i-WLANInformation
(wLANLocationInformation)
|
NAS IP/IPv6
address
|
An IP address of the serving
Network
Access
Server.
|
i-WLANInformation
(nasIPIPv6Address)
|
visited PLMN
ID
|
This field identifies the visited PLMN that will
either terminate or tunnel the intercept
subjects communications to the Home
PLMN.
|
visitedPLMNID
|
session
alive
timer
|
Thi field identifies the expected maximum duraton
of
the I-WLAN access being
initiated.
|
i-WLANInformation
(sessionAliveTimer)
|
failed access
reason
|
This field gives information about the reason
for a failed access initiation attempt of the target
subscriber.
|
i-WLANOperationErrorCode
|
session termination
reason
|
This field identifies the reason for the termination
of the I-WLAN
access.
|
i-WLANOperationErrorCode
|
failed tunnel establishment
reason
|
This field gives information
(Authentication
failed or Authorization failed)
about
the reason for a failed tunnel establishment of the target
subscriber.
|
i-WLANOperationErrorCode
|
tunnel disconnect
reason
|
This field gives information about the reason
for tunnel disconnect of the target
subscriber. (For Further
Study).
|
i-WLANOperationErrorCode
|
NOTE: LIID
parameter must be present in each record sent to the
LEMF.
This
clause describes the information sent from the Delivery Function (DF) to
the Law Enforcement Monitoring Facility (LEMF) to support
Lawful
Interception
(LI).
The information is described as records and
information carried by a record. This focus is on describing the information
being transferred to the
LEMF.
The
IRI events and data are encoded into records as defined in the Table
8.1
Mapping between
I-WLAN
Events and HI2 records type and Annex
B.7
Intercept related information (HI2). IRI is described in terms of a 'causing
event' and information associated with that event. Within each IRI
record
there is a set of events and associated information elements to support the
particular service.
The
communication events described in
Table 8.1: Mapping between
I-WLAN
Events and HI2 record type and
Table 8.2: Mapping between Events information and IRI
information convey the basic information for reporting the disposition of
a communication. This clause describes those events and supporting
information.
Each
record described in this clause consists of a set of parameters. Each parameter
is either:
mandatory
(M) - required for
the record,
conditional
(C) - required in
situations where a condition is met (the condition is given in the Description),
or
optional
(O)
- provided at the discretion of the
implementation.
The
information to be carried by each parameter is identified. Both optional
and conditional parameters are considered to be OPTIONAL syntactically in
ASN.1 Stage 3 descriptions. The Stage 2 inclusion takes precedence over Stage
3 syntax.
The
REPORT record is used to report non-communication related subscriber actions
(events) and for reporting unsuccessful packet-mode communication
attempts.
The
REPORT record shall be triggered
when:
- the intercept subject's
WLAN
UE
performs
a
(successful or
unsuccessful)
I-WLAN
access
initiation
procedure (triggered by AAA
server);
- the intercept subject's
WLAN
UE
performs a
I-WLAN
access termination
detach
procedure (triggered by AAA
server);
- the intercept subject's
WLAN
UE
is unsuccessful at performing a
I-WLAN
tunnel
establishment
procedure (triggered by AAA
server or
PDG);
-
the interception
of
a
subjects communications
is
started and the WLAN UE has already successfully performed a I-WLAN access
initiation procedure (triggered by AAA
server), but there are no tunnels
established.
Table
8.3:
I-WLAN
Access
Initiation
REPORT Record
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
I-WLAN
Initiation event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
network
identifier
|
M
|
Shall
be provided.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
WLAN
Operator Name
|
C
|
Provide,
when available, to identify the WLAN operator serving the intercept
subject.
|
WLAN
Location Name
|
C
|
Provide,
when available, to identify the
name
of the
WLAN
location serving the intercept
subject.
|
WLAN
Location Information
|
C
|
Provide,
when
available,
to identify the location
information
of the WLAN serving
the
intercept subject.
|
NAS
IP/IPv6
address
|
C
|
Provide,
when
available,
to
identify the address of the NAS serving the intercept
subject.
|
WLAN
UE MAC address
|
C
|
Provide,
when available, to identify the MAC address of the intercept subject in the
WLAN serving the intercept
subject.
|
visited
PLMN ID
|
C
|
Provide,
when available, to identiy the visited PLMN that will either terminate or
tunnel
the
subjects
communications to the Home
PLMN.
|
session
alive
time
|
C
|
Provide,
when available, to identify the expected maximum duration of the I-WLAN
Access
being
initiated.
|
failed
access
reason
|
C
|
Provide
information about the reason for failed
access
initiation attempts of the target
subscriber.
|
Table
8.4:
I-WLAN
Access
Termination REPORT
Record
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
I-WLAN
Access
Termination event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
network
identifier
|
M
|
Shall
be provided.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
WLAN
Operator
Name
|
C
|
Provide,
when available, to identify the WLAN operator serving the intercept
subject.
|
WLAN
Location
Name
|
C
|
Provide,
when available, to identify the name of the WLAN location serving the intercept
subject.
|
WLAN
Location
Information
|
C
|
Provide,
when authorized, to identify the location information of the WLAN serving
the intercept
subject.
|
NAS
IP/IPv6 address
|
C
|
Provide,
when available, to identify the address of the NAS serving the intercept
subject.
|
WLAN
UE MAC address
|
C
|
Provide,
when available, to identify the MAC address of the intercept subject in the
WLAN serving the intercept
subject.
|
session
termination
reason
|
C
|
Provide
information about the reason for
termination
of
I-WLAN
access
of the target
subscriber.
|
Table
8.5:
I-WLAN
Tunnel
Establishment
(unsuccessful) REPORT
Record -
PDG
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
I-WLAN
Tunnel
Establishment event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
WLAN
access
point name
|
C
|
Provide
to identify
the
packet
data network to which the intercept subject requested to be connected when
the intercept subject's
WLAN
UE
is unsuccessful at performing a
I-WLAN
tunnel
establishment
procedure
(MS to
Network).
|
network
identifier
|
M
|
Shall
be provided.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
WLAN
UE Local IP
address
|
C
|
Provide,
when available, to identify the
IP
address
associated with the intercept
subject in the
WLAN.
|
WLAN
UE Remote IP address
|
C
|
Provide,
when available, to identify the IP address associated with the intercept
subject in the
network
being accessed by the intercept
subject.
|
failed
I-WLAN
tunnel establishment
reason
|
C
|
Provide
information about the reason for failed
I-WLAN
tunnel establishment
attempts
of the target
subscriber.
|
Table 8.6: I-WLAN Tunnel Establishment (unsuccessful)
REPORT Record AAA
Server
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide at least
one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide I-WLAN
Tunnel Establishment event
type.
|
event
date
|
M
|
Provide the
date and time the event is
detected.
|
event
time
|
|
|
WLAN access
point name
|
C
|
Provide to identify
the packet data network to which the intercept subject requested to be connected
when the intercept subject's WLAN UE is unsuccessful at performing a I-WLAN
tunnel establishment procedure (MS to
Network).
|
network
identifier
|
M
|
Shall be provided.
|
lawful intercept
identifier
|
M
|
Shall be
provided.
|
failed I-WLAN
tunnel establishment
reason
|
C
|
Provide information
about the reason for failed I-WLAN tunnel establishment attempts of the target
subscriber.
|
visited
PLMN ID
|
C
|
Provide, when
available, to identiy the visited PLMN that will either terminate or tunnel
the subjects communications to the Home
PLMN.
|
Table
8.7:
Start
of Intercept
With
I-WLAN
Communication
Active REPORT
Record AAA
Server
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide at least
one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
Start
of Intercept With I-WLAN Communication
Active event
type.
|
event
date
|
M
|
Provide the
date and time the event is
detected.
|
event
time
|
|
|
network
identifier
|
M
|
Shall be
provided.
|
lawful intercept
identifier
|
M
|
Shall be
provided.
|
WLAN Operator
Name
|
C
|
Provide, when
available, to identify the WLAN operator serving the intercept
subject.
|
WLAN Location
Name
|
C
|
Provide, when
available, to identify the
name
of the
WLAN
location serving the intercept
subject.
|
WLAN Location
Information
|
C
|
Provide, when
available,
to identify the location
information
of the WLAN serving
the
intercept
subject.
|
NAS IP/IPv6
address
|
C
|
Provide, when
available,
to
identify the address of the NAS serving the intercept
subject.
|
WLAN UE MAC
address
|
C
|
Provide, when
available, to identify the MAC address of the intercept subject in the WLAN
serving the intercept
subject.
|
visited
PLMN ID
|
C
|
Provide, when
available, to identiy the visited PLMN that will either terminate or
tunnel
the
subjects
communications to the Home
PLMN.
|
session
alive
time
|
C
|
Provide, when
available, to identify the expected maximum duration of the I-WLAN
Access
being
initiated.
|
The
BEGIN record is used to convey the first event of
I-WLAN
interworking communication
interception.
The
BEGIN record shall be triggered
when:
-
there is a
successful
establishment of
an
I-WLAN
tunnel (triggered by AAA server or
PDG);
- the interception of a subject's
communications is started and at least one
I-WLAN
tunnel is
established.
If more than one
I-WLAN
tunnel is
established, a BEGIN record shall be generated for each
I-WLAN
tunnel that is
established
(triggered by AAA server or
PDG).
Table
8.8:
I-WLAN
Tunnel
Establishment (successful) BEGIN
Record -
PDG
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
I-WLAN
Tunnel
Establishment event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
WLAN
access
point name
|
C
|
Provide
to identify
the
packet
data network to which the intercept subject requested to be connected when
the intercept subject's
WLAN
UE
is successful at performing a
I-WLAN
tunnel
establishment
procedure.
|
network
identifier
|
M
|
Shall
be provided.
|
WLAN
local IP
address
|
M
|
Provide
to identify
the
IP address associated with the intercept subject in the
WLAN.
|
WLAN
remote IP
address
|
M
|
Provide
to
identify the IP address associated with the intercept
subject in the network being accessed by the intercept
subject for the I-WLAN
tunnel.
|
correlation
number
|
C
|
Provide
to allow correlation of CC and IRI and the correlation of IRI
records.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
Table
8.9:
I-WLAN Tunnel Establishment (successful) BEGIN Record AAA
Server
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
I-WLAN Tunnel Establishment event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
WLAN
access
point name
|
C
|
Provide
to identify the packet data network to which the intercept subject requested
to be connected when the intercept subject's WLAN UE is successful at performing
a I-WLAN
tunnel
establishment
procedure.
|
network
identifier
|
M
|
Shall
be provided.
|
correlation
number
|
C
|
Provide
to allow correlation of IRI records.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
visited
PLMN
ID
|
C
|
Provide
to identify the visited PLMN, if
available.
|
Table
8.10:
Start Of Interception (with
I-WLAN
Tunnel
Established) BEGIN
Record -
PDG
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
IMEI
|
|
|
event
type
|
C
|
Provide
Start Of Interception With
I-WLAN
Communication
Active event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
WLAN
access
point name
|
C
|
Provide
to identify
the
packet
data network to which the intercept subject requested to be connected when
the intercept subject's
WLAN
UE
is successful at performing a
I-WLAN
tunnel
establishment
procedure.
|
network
identifier
|
M
|
Shall
be provided.
|
WLAN
local IP
address
|
M
|
Provide
to identify the IP address associated with the intercept subject in the
WLAN.
|
WLAN
remote IP
address
|
M
|
Provide
to identify the IP address associated with the intercept subject in the network
being accessed by the intercept subject for the I-WLAN
tunnel.
|
correlation
number
|
C
|
Provide
to allow correlation of CC and IRI and the correlation of IRI
records.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
Table
8.11:
Start Of Interception (with I-WLAN Tunnel Established) BEGIN Record
AAA Server
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
IMEI
|
|
|
event
type
|
C
|
Provide
Start Of Interception With I-WLAN Communication Active event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
WLAN
access point name
|
C
|
Provide
to identify the packet data network to which the intercept subject requested
to be connected when the intercept subject's WLAN UE is successful at performing
a I-WLAN tunnel establishment
procedure.
|
network
identifier
|
M
|
Shall
be provided.
|
correlation
number
|
C
|
Provide
to
allow
correlation
of
IRI records.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
visited
PLMN
ID
|
C
|
Provide
to identify the visited PLMN, if
available.
|
WLAN Operator Name
|
C
|
Provide, when available (at the time of event generation), to identify the WLAN operator serving the intercept subject.
|
WLAN Location Name
|
C
|
Provide, when available (at the time of event generation), to identify the name of the WLAN location serving the intercept subject.
|
WLAN Location Information
|
C
|
Provide, when available (at the time of event generation), to identify the location information of the WLAN serving the intercept subject.
|
NAS IP/IPv6 address
|
C
|
Provide, when available (at the time of event generation), to identify the address of the NAS serving the intercept subject.
|
WLAN UE MAC address
|
C
|
Provide, when available (at the time of event generation), to identify the MAC address of the intercept subject in the WLAN serving the intercept subject.
|
session alive time
|
C
|
Provide, when available (at the time of event generation), to identify the expected maximum duration of the I-WLAN Access being initiated.
|
The
END record is used to convey the last event of packet-data
communication.
The
END record shall be triggered
when:
-
I-WLAN tunnel
disconnect
occurs (triggered by the AAA server or the
PDG).
Table
8.12:
I-WLAN
Tunnel
Disconnect END
Record -
PDG
Parameter
|
MOC
|
Description/Conditions
|
observed
MSISDN
|
|
|
observed
IMSI
|
C
|
Provide
at least one and others when
available.
|
observed
NAI
|
|
|
event
type
|
C
|
Provide
I-WLAN Tunnel
Disconnect event
type.
|
event
date
|
M
|
Provide
the date and time the event is
detected.
|
event
time
|
|
|
WLAN
access
point name
|
C
|
Provide
to identify the packet data network to which the intercept subject is
connected.
|
initiator
|
C
|
Provide
to indicate whether the
I-WLAN
tunnel
disconnection is network-initiated, intercept-subject-initiated,
or not available.
|
network
identifier
|
M
|
Shall
be provided.
|
WLAN
local IP
address
|
M
|
Provide
to identify the IP address associated with the intercept subject in the
WLAN.
|
WLAN
remote IP
address
|
M
|
Provide
to identify the IP address associated with the intercept subject in the network
being accessed by the intercept subject for the I-WLAN
tunnel.
|
correlation
number
|
C
|
Provide
to allow correlation of CC and IRI and the correlation of IRI
records.
|
lawful
intercept identifier
|
M
|
Shall
be provided.
|
Table
8.13: I-WLAN Tunnel Disconnect END
Record AAA
Server
Parameter |
MOC |
Description/Conditions |
observed
MSISDN |
|
|
observed
IMSI |
C |
Provide at least one and others when
available. |
observed
NAI |
|
|
event type |
C |
Provide I-WLAN Tunnel Disconnect event
type. |
event date |
M |
Provide the date and time the event is
detected. |
event time |
|
|
WLAN access point
name |
C |
Provide to identify the packet data network to
which the intercept subject is
connected. |
initiator |
C |
Provide to indicate whether the I-WLAN tunnel
disconnection is network-initiated, intercept-subject-initiated, or not
available. |
network
identifier |
M |
Shall be provided.
|
correlation
number |
C |
Provide to allow correlation of IRI
records.
|
lawful intercept
identifier |
M |
Shall be
provided. |
The interface protocols and data structures defined
in Annex B.4, Annex C, and Annex G of this specification are applicable to
the delivery of the intercepted CC for I-WLAN over the HI3 PS
interface. The mandatory or
optionality of the parameters is not changed for
I-WLAN. However the availability
of relevant intercepted information will affect the population of the
parameters.
*** NEXT CHANGE
CLAUSE B.2
(Red
Color in
Diagram)********
*** NEXT CHANGE
NEW CLAUSE B.7********
Declaration of ROSE operation
iwlan-umts-sending-of-IRI
is ROSE delivery mechanism specific. When using FTP delivery mechanism, data
IWLANUmtsIRIsContent
must be considered.
ASN1 description of IRI (HI2
interface)
IWLANUmtsHI2Operations {itu-t(0)
identified-organization(4) etsi(0) securityDomain(2) lawfulintercept(2)
threeGPP(4) hi2wlan(6) r7(7)
version-1
(1)}
DEFINITIONS IMPLICIT TAGS
::=
BEGIN
IMPORTS
OPERATION,
ERROR
FROM Remote-Operations-Information-Objects
{joint-iso-itu-t(2) remote-operations(4) informationObjects(5)
version1(0)}
LawfulInterceptionIdentifier,
TimeStamp,
Network-Identifier,
National-Parameters,
National-HI2-ASN1parameters,
DataNodeAddress,
IPAddress
FROM HI2Operations
{itu-t(0) identified-organization(4) etsi(0)
securityDomain(2)
lawfulIntercept(2) hi2(1)
version10
(10)};
-- Imported from TS 101 671
-- Object Identifier
Definitions
-- Security
DomainId
lawfulInterceptDomainId OBJECT IDENTIFIER ::=
{itu-t(0) identified-organization(4)
etsi(0)
securityDomain(2)
lawfulIntercept(2)}
-- Security
Subdomains
threeGPPSUBDomainId OBJECT IDENTIFIER ::=
{lawfulInterceptDomainId threeGPP(4)}
hi2wlanDomainId OBJECT
IDENTIFIER ::=
{threeGPPSUBDomainId hi2wlan(6) r7(7)
version-1(1)}
iwlan-umts-sending-of-IRI OPERATION ::=
{
ARGUMENT
IWLANUmtsIRIsContent
ERRORS
{ OperationErrors }
CODE
global:{threeGPPSUBDomainId hi2wlan(6)
opcode(1)}
}
-- Class 2 operation . The timer shall be set
to a value between 3 s and 240 s.
-- The timer.default value is
60s.
--
NOTE: The same note
as for HI management operation applies.
IWLANUmtsIRIsContent ::=
CHOICE
{
iWLANumtsiRIContent
IWLANUmtsIRIContent,
iWLANumtsIRISequence
IWLANUmtsIRISequence
}
IWLANUmtsIRISequence ::=
SEQUENCE OF
IWLANUmtsIRIContent
-- Aggregation
of IWLANUmtsIRIContent is an
optional
feature.
-- It may be
applied in cases when at a given point in
time
-- several IRI
records are available for delivery to the same LEA
destination.
-- As a general
rule, records created at any event shall be
sent
-- immediately
and not withheld in the DF or MF in order
to
-- apply
aggragation.
-- When aggregation
is not to be applied,
--
IWLANUmtsIRIContent needs to be chosen.
IWLANUmtsIRIContent ::= CHOICE
{
iRI-Begin-record
[1] IRI-Parameters,
iRI-End-record
[2] IRI-Parameters,
iRI-Report-record [3]
IRI-Parameters,
}
unknown-version
ERROR ::= { CODE local:0}
missing-parameter
ERROR ::= { CODE local:1}
unknown-parameter-value
ERROR ::= { CODE local:2}
unknown-parameter
ERROR ::= { CODE local:3}
OperationErrors
ERROR ::=
{
unknown-version |
missing-parameter |
unknown-parameter-value |
unknown-parameter
}
-- These values may be sent by the LEMF, when
an operation or a parameter is
misunderstood.
IRI-Parameters ::= SEQUENCE
{
hi2iwlanDomainId
[0] OBJECT IDENTIFIER, --
3GPP HI2
WLAN
domain
lawfulInterceptionIdentifier [2]
LawfulInterceptionIdentifier,
-- This identifier is associated to the
target.
timeStamp
[3] TimeStamp,
-- date and time of the event triggering the report.
initiator
[4] ENUMERATED
{
not-Available
(0),
originating-Target
(1),
-- in case of I-WLAN, this indicates that the I-WLAN tunnel disconnect
is WLAN UE
-- requested.
terminating-Target
(2),
-- in case of I-WLAN, this indicates that the I-WLAN tunnel disconnect
is network
-- initiated.
...
} OPTIONAL,
partyInformation
[5]
SET SIZE (1..10) OF PartyInformation OPTIONAL,
-- This parameter provides the concerned party, the identiy(ies) of
the party
--
and
all the information provided by the party.
national-Parameters [6] National-Parameters
OPTIONAL,
networkIdentifier
[7] Network-Identifier OPTIONAL,
i-WLANevent
[8]
I-WLANEvent
OPTIONAL,
correlationNumber [9] CorrelationNumber
OPTIONAL,
i-WLANOperationErrorCode[10] I-WLANOperationErrorCode
OPTIONAL,
i-wLANinformation [11] I-WLANinformation
OPTIONAL,
visitedPLMNID [12]
VisitedPLMNID
OPTIONAL,
national-HI2-ASN1parameters
[255]
National-HI2-ASN1parameters
OPTIONAL,
...
}
-- PARAMETERS
FORMATS
PartyInformation
::= SEQUENCE
{
party-Qualifier
[0]
ENUMERATED
{
iWLAN-Target(1),
...
},
partyIdentity
[1] SEQUENCE
{
imsi
[2] OCTET STRING (SIZE (3..8))
OPTIONAL,
-- See MAP format [4] International Mobile
-- Station Identity E.212 number beginning with Mobile Country
Code
msISDN
[3] OCTET STRING (SIZE (1..9))
OPTIONAL,
-- MSISDN of the target, encoded in the same format as the
AddressString
-- parameters defined in MAP format document [4], §
14.7.8
nai
[7] OCTET
STRING
OPTIONAL,
--
NAI
of
the target, encoded in the same format as
-- defined in
3GPP
TS 29.234
[41].
...
},
services-Data-Information
[2] Services-Data-Information
OPTIONAL,
-- This parameter is used to transmit all the information concerning
the
-- complementary information associated to the basic data
call
...
}
CorrelationNumber
::= OCTET STRING (SIZE(8..20))
I-WLANEvent
::= ENUMERATED
{
i-WLANAccessInitiation
(1),
i-WLANAccessTermination
(2),
i-WLANTunnelEstablishment
(3),
i-WLANTunnelDisconnect
(4),
startOfInterceptionCommunicationActive
(5),
...
}
-- see [19]
Services-Data-Information
::= SEQUENCE
{
i-WLAN-parameters [1] I-WLAN-parameters OPTIONAL,
...
}
I-WLAN-parameters
::= SEQUENCE
{
wlan-local-IP-address-of-the-target
[1] DataNodeAddress
OPTIONAL,
w-APN
[2] OCTET STRING
OPTIONAL,
wlan-remote-IP-address-of-the-target
[3] DataNodeAddress
OPTIONAL,
...
}
I-WLANOperationErrorCode
::= OCTET STRING
-- The parameter shall carry the I-WLAN
failed
tunnel
establishment
reason,
the I-WLAN
Failed
Access
--
Initiation
reason
or
the
I-WLAN
session
termination
reason.
I-WLANinformation
::= SEQUENCE
{
wLANOperatorName
[1] OCTET STRING
OPTIONAL,
wLANLocationName
[2] OCTET
STRING
OPTIONAL,
wLANLocationInformation
[3] OCTET
STRING
OPTIONAL,
nASIPIPv6Address
[4]
IPAddress
OPTIONAL,
wLANMACAddress
[5] OCTET
STRING
OPTIONAL,
sessionAliveTimer
[6]
SessionAliveTime OPTIONAL,
...
--These parameters are defined in 3GPP TS
29.234.
}
VisitedPLMNID
::= OCTET STRING
-- The parameter shall carry the VisitedPLMNID
as defined in 3GPP TS 29.234.
SessionAliveTime ::= OCTET
STRING
--The parameter shall carry the SessionAliveTime
as defined in 3GPP TS 29.234.
END -- OF
IWLANUmtsHI2Operations