ImageVerifierCode 换一换
格式:PDF , 页数:64 ,大小:678.54KB ,
资源ID:541425      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-541425.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ATIS 1000013-2015 Lawfully Authorized Electronic Surveillance (LAES) For Internet Access and Services Version 2 (Version 2).pdf)为本站会员(孙刚)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ATIS 1000013-2015 Lawfully Authorized Electronic Surveillance (LAES) For Internet Access and Services Version 2 (Version 2).pdf

1、 AMERICAN NATIONAL STANDARD FOR TELECOMMUNICATIONS ATIS-1000013.v2.2015 Lawfully Authorized Electronic Surveillance (LAES) for Internet Access and Services, Version 2 As a leading technology and solutions development organization, the Alliance for Telecommunications Industry Solutions (ATIS) brings

2、together the top global ICT companies to advance the industrys most pressing business priorities. ATIS nearly 200 member companies are currently working to address the All-IP transition, network functions virtualization, big data analytics, cloud services, device solutions, emergency services, M2M,

3、cyber security, network evolution, quality of service, billing support, operations, and much more. These priorities follow a fast-track development lifecycle from design and innovation through standards, specifications, requirements, business use cases, software toolkits, open source solutions, and

4、interoperability testing. ATIS is accredited by the American National Standards Institute (ANSI). The organization is the North American Organizational Partner for the 3rd Generation Partnership Project (3GPP), a founding Partner of the oneM2M global initiative, a member of and major U.S. contributo

5、r to the International Telecommunication Union (ITU), as well as a member of the Inter-American Telecommunication Commission (CITEL). For more information, visit www.atis.org. AMERICAN NATIONAL STANDARD Approval of an American National Standard requires review by ANSI that the requirements for due p

6、rocess, consensus, and other criteria for approval have been met by the standards developer. Consensus is established when, in the judgment of the ANSI Board of Standards Review, substantial agreement has been reached by directly and materially affected interests. Substantial agreement means much mo

7、re than a simple majority, but not necessarily unanimity. Consensus requires that all views and objections be considered, and that a concerted effort be made towards their resolution. The use of American National Standards is completely voluntary; their existence does not in any respect preclude any

8、one, whether he has approved the standards or not, from manufacturing, marketing, purchasing, or using products, processes, or procedures not conforming to the standards. The American National Standards Institute does not develop standards and will in no circumstances give an interpretation of any A

9、merican National Standard. Moreover, no person shall have the right or authority to issue an interpretation of an American National Standard in the name of the American National Standards Institute. Requests for interpretations should be addressed to the secretariat or sponsor whose name appears on

10、the title page of this standard. CAUTION NOTICE: This American National Standard may be revised or withdrawn at any time. The procedures of the American National Standards Institute require that action be taken periodically to reaffirm, revise, or withdraw this standard. Purchasers of American Natio

11、nal Standards may receive current information on all standards by calling or writing the American National Standards Institute. Notice of Disclaimer or 2) Content Associated Communications Identifying Information. Communications Identifying Information is “reasonably available” to an Internet Access

12、 and Services Provider if it is present at an intercept access point and can be made available without the provider being unduly burdened 6This document is available from the Alliance for Telecommunications Industry Solutions (ATIS), 1200 G Street N.W., Suite 500, Washington, DC 20005. 7This documen

13、t is available from the Alliance for Telecommunications Industry Solutions (ATIS), 1200 G Street N.W., Suite 500, Washington, DC 20005. ATIS-1000013.v2.2015 4 with network modifications. CmII is delivered by the set of messages defined in this Standard and the set of mandatory and conditional parame

14、ters contained therein. 3.1.6 Communication: Any wire or electronic communication, as defined in Ref 4. 3.1.7 Content Associated Communications Identifying Information (CACmII): Communication Identifying Information associated with the delivery and routing of the subjects packets in the network (i.e

15、., the headers of the IP packets). 3.1.8 Dynamic IP Address: An IP address that is temporarily assigned to a subscribers equipment for a limited or specified duration. 3.1.9 Electronic Surveillance: The statutory-based legal authorization, process, and associated technical capabilities and activitie

16、s of LEAs related to the interception of wire, oral, or electronic communications while in transmission. As used herein, also includes the acquisition of communication identifying information. As used herein, surveillance refers to a single communication intercept, pen register, or trap and trace. I

17、ts usage herein does not include administrative subpoenas for obtaining a subscribers billing records and information about a subscribers service that an LEA may employ before the start of a communication intercept, pen register, or trap and trace. 3.1.10 IASP Domain: See 4.1. 3.1.11 Intercept: Defi

18、ned in Ref 4 section 2510(4) to be “the aural or other acquisition of the content of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.” 3.1.12 Intercept Access Point (IAP): A point within an Internet and Access Services Provider domain where

19、some of the communications or communications identifying information of an intercept subjects equipment, facilities, and services are accessed. 3.1.13 Intercept Subject: A subscriber whose communications, communications identifying information, or both, have been authorized by a court to be intercep

20、ted and delivered to a Law Enforcement Agency. The identification of the intercept subject is limited to identifiers used to access the particular equipment, facility, or communication service (e.g., network address, terminal identity, subscription identity). 3.1.14 Intermediate Network: See 4.1. 3.

21、1.15 Internet Service Provider (ISP) Network: See 4.1. 3.1.16 Law Enforcement Agency (LEA): A government entity with the legal authority to conduct electronic surveillance (e.g., the Federal Bureau of Investigation or a state or local police department). 3.1.17 Packet: An IP packet Ref 9, 10. 3.1.18

22、 Packet Data Session: The time interval during which the user is granted resources to send or receive packets to or from the Internet. 3.1.19 Session: A set of multimedia senders and receivers and the data streams flowing from senders to receivers. 3.1.20 Static IP Address: An IP address that is per

23、manently assigned to a subscribers equipment. 3.1.21 Subject: See intercept subject. 3.1.22 Subject Domain: See 4.1. 3.1.23 Surveillance: See electronic surveillance. 3.2 Acronyms AAA Authorization, Authentication, and Accounting AACmII Access Associated CmII AH Authentication Header ANSI American N

24、ational Standards Institute A-PDU or APDU Application Protocol Data Unit ATIS-1000013.v2.2015 5 ASCII American Standard Code for Information Interchange ASN.1 Abstract Syntax Notation One Ref 5 ATIS Alliance for Telecommunication Industry Solutions ATM Asynchronous Transfer Mode CACmII Content Assoc

25、iated CmII CALEA Communications Assistance for Law Enforcement Act. CF Collection Function CHAP Challenge Handshake Authentication Protocol CmC Communication Content CmC-APDU Communication Content Application Protocol Data Unit CmII Communication-Identifying Information. CmII-MF CmII Mediation Funct

26、ion CMTS Cable Modem Termination System CPE Customer Premise Equipment DCCP Datagram Congestion Control Protocol DF Delivery Function DHCP Dynamic Host Configuration Protocol FCC Federal Communications Commission GMT Greenwich Mean Time GWR Gateway Router IAP Intercept Access Point IC-APDU Intercept

27、 Content Application Protocol Data Unit IETF Internet Engineering Task Force IAS Internet Access and Services IASP Internet Access or Services Provider IP Internet Protocol IPCP IP Control Protocol IPsec Internet Protocol Security ITU-T International Telecommunication Union Telecommunication Standar

28、dization Sector LAES Lawfully Authorized Electronic Surveillance LEA Law Enforcement Agency LI Lawful Intercept MAC Media Access Control MF Mediation Function MOC Mandatory Optional Conditional NAS Network Access Server OSI Open Systems Interconnect PADT PPPoE Active Discovery Terminate PC Personal

29、Computer PDU Protocol Data Unit PPP Point-to-Point Protocol PPPoA PPP over ATM PPPoE PPP over Ethernet QoS Quality of Service RADIUS Remote Authentication Dial In User Service ATIS-1000013.v2.2015 6 SA Security Association SCTP Stream Control Transmission Protocol TCP Transmission Control Protocol R

30、ef 7 UDP User Datagram Protocol UTC Coordinated Universal Time VPN Virtual Private Network 3.3 Definitions for “Mandatory,” “Optional,” and 2. IAS Communication Content IAPs (CmC-IAPs). CmII-IAPs and CmC-IAPs are associated with CmII and CmC intercept functions respectively that perform the actual i

31、nterception of CmII and CmC. These CmII and CmC intercept functions are incorporated into one or more network elements. CmII and CmC intercept functions may be collocated within the same network element, or may be distributed among many network elements. See 4.4 for examples of distributions of the

32、IAPs in various network providers within the IASP domain. 4.2.2.1 CmII-IAPs A CmII-IAP captures the information necessary to generate CmII. CmII may be categorized as Access Associated CmII (AACmII) or Content Associated CmII (CACmII). a. Access Associated CmII: CmII associated with communication be

33、tween the subject and the IASP domain for the purposes of login, logout, access authorization, access authentication, or resource allocation caused by the use of, or attempted use of, the IAS network by the subject. All AACmII signaled to and from the network shall be reported to law enforcement. AT

34、IS-1000013.v2.2015 10 b. Content Associated CmII: CmII associated with the delivery and routing of the subjects content in the network, derived from specific fields in the Layer 3 IP headers and Layer 4 headers of the IP packets, as defined 5.2.11 and 5.2.12. Two options exist for delivering CACmII:

35、 Delivering the records for the specified header fields of each intercepted packets to law enforcement; or Delivering summary records. 4.2.2.2 CmC-IAPs A CmC-IAP intercepts the full packets to and from an intercept subject. The CmC-IAP intercepts the required content and presents it to the DF or to

36、the Mediation Function (MF). The CmC-IAP can reside in a number of places. The CmC-IAP used in a particular network is an IASP design decision. 4.2.3 Functional Electronic Surveillance Architecture Figure 4.3 shows a general functional Lawful Intercept (LI) architecture for IAS where both CmC and Cm

37、II are intercepted and delivered to LEAs. This functional architecture assumes that one IASP is providing IAS. Three domains are identified: 1. Subject Domain: Consists of the subjects equipment, network access equipment-facilities, and associated functions. 2. IASP Domain: Consists of the IASPs net

38、work equipment-facilities and associated functions. This could be one or more of the networks in the IASP domain discussed in 4.1. 3. LEA Domain: Consists of LEAs LI collection equipment-facilities and associated functions. The IASP Domain includes the following functions: CmII Access Functions: One

39、 or more functions responsible for isolating and presenting CmII to the CmII MF or DF. CmC Access Functions: One or more functions responsible for isolating and presenting CmC to the CmC MF or DF. CmII Delivery Function: A function responsible for delivering the CmII, which is specified in a lawful

40、authorization, to the LEAs. The CmII DF contains a CmII Application Protocol Data Unit (APDU) Demarcation Point. The CmII APDU Demarcation Point is the point in the DF where a CmII APDU is presented to the delivery method for delivering CmII over the e interface to the LEAs CF. CmC Delivery Function

41、: A function responsible for delivering the CmC, which is specified in a lawful authorization, to the LEAs. The CmC DF contains a CmC APDU Demarcation Point. The CmC APDU Demarcation Point is the point in the DF where CmC is presented to the Delivery Method for delivering CmC over the e interface to

42、 the LEAs Collection Function. CmII Mediation Function: A function responsible for the presentation8of the CmII. This function maps or encapsulates IAS subject access and network signaling messages onto e interface messages. CmC Mediation Function: A function responsible for the presentation9of the

43、CmC. 8Presentation, as used here, means the form and style of the CmII information and includes the conversion or mapping of information from one form or style to another. 9Presentation, as used here, means the form and style of the CmC and includes the conversion of CmC from one form or style to an

44、other. ATIS-1000013.v2.2015 11 As discussed in 4.1, the IASP domain consists of the access network, the intermediate network, and the ISP network. The above functions may be performed by one or more networks in the IASP domain. The following physical demarcation point(s) appear at the boundary betwe

45、en the IASP Domain and the LEA Domain: CmII Physical Demarcation Point: Point where CmII is presented to the LEAs procured functions and facilities for delivering CmII over the e interface to the LEAs Collection Function. CmC Physical Demarcation Point: Point where CmC is presented to the LEAs procu

46、red functions and facilities for delivering CmC over the e interface to the LEAs Collection Function. CmII and CmC physical demarcation points may be one and the same, allowing CmII and CmC to be delivered over the same physical interface. Figure 4.3 Functional LI Architecture for IAS Note that the

47、LI architecture presented in Figure 3 is functional in nature and the functions may be distributed and grouped into various network elements and nodes. In Figure 4.3, the prime () and double prime () symbols indicate that the format of the CmII and CmC may be different. ATIS-1000013.v2.2015 12 The M

48、F and DF are logical functions, not physical entities. They may be implemented in separate physical entities or in a single physical entity. 4.2.4 Demarcation Figure 4.4 shows the A-PDU Demarcation Point to be that point in the DF where the LI-formatted CmII and CmC (i.e., the CmII or CmC A-PDUs) ar

49、e presented to the Delivery Method at Open Systems Interconnect (OSI) Application Layer 710. The Delivery Method then delivers the A-PDUs to the LEAs Collection Function. The DF Application function formats the CmC and CmII into A-PDUs according to the e interface requirements and presents the formatted A-PDUs to the Delivery Method. The Delivery Method, via the selected protocols (e.g., TCP/IP), sends the encapsulated A-PDUs to the CF. 7654321OSIProtocol StackDeliveryMethodDF ApplicationDeliveryFunctione

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1