ETSI TR 101 750-2002 Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON) Requirements Definition Study Studies into the Impact of Lawful Interception (V1 .pdf

1、ETSI TR 101 750 1.1.2 (2002-01) Technical Repor Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON); Req u i remen ts Def i n it ion Stud y; Studies into the Impact of lawful interception 2 ETSI TR 101 750 VI .I .2 (2002-01) Reference RTR/TIPHON-08001 a Keywords IP, network

2、, security, VolP ETSI 650 Route des Lucioles F-O6921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 O0 Fax: +33 4 93 65 47 16 Siret No 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-prfecture de Grasse (06) No 7803/88 Important notice Individual copies of the pre

3、sent document can be downloaded from: http:l/w.etsi .orq The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case

4、 of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and

5、 other ETSI documents is available at 3 If you find errors in the present document, send your comment to: Cori vriaht Notifica tion No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. O European Teleco

6、mmunications Standards Institute 2002. All rights reserved. ETSI 3 ETSI TR 1 O1 750 VI .I .2 (2002-01) Contents Intellectual Property Rights . .4 Foreword . 4 Introduction . .4 1 2 3 3.1 3.2 4 5 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8 5.9 5.10 5.11 5.12 5.13 6 6.1 6.2 7 Scope 5 References . .5 Definitions a

7、nd abbreviations. . .5 Definitions . 5 Abbreviations 8 General introduction .8 User (LEA) requirements for Lawful Interception .9 General requirements . . Result of interception . . Location information . . Time constraints . . Non disclosure . . . Information trans information protecti Internal sec

8、urity. . . Unchanged state of service, etc. . Technical interface(s) and format requirements. Independence of the Network Operator/Access ProviderSe Temporary obstacles to transmission Identification of the identity to be intercepted . Multiple interception measures . . TIPHON scenarios and role mod

9、el 14 TIPHON scenarios 14 Functional block diagram 14 . r . . Further work. . .16 17 History i ETSI 4 ETSI TR 101 750 VI .I .2 (2002-01) Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these es

10、sential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR O00 314: “Intellectual Property Rights (7PRs); Essential, orpotentially Essential, IPRs notlJied to ETSI in respect ofETSI standards“, which is available from the ETSI Secretariat. Latest update

11、s are available on the ETSI Web server (5). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in SR O00 3 14 (or the updates on the ETSI Web server) which are, or may be,

12、 or may become, essential to the present document. Foreword This Technical Report (TR) has been produced by ETSI Project Telecommunications and Internet Protocol Harmonization Over Networks (TIPHON). I n t rod uct ion The present document has been produced by ETSI Project TIPHON of the European Tele

13、communications Standards Institute (ETSI) in close alliance with the ad-hoc group for TIPHON Security of ETSI Technical Committee Security (TC-SEC) and the Lawful Interception Working Group of TC-SEC. ETSI 5 ETSI TR 101 750 VI .I .2 (2002-01) 1 Scope The present document describes the user (Law Enfo

14、rcement Agencies) requirements for Lawful Interception and the impact in a TIPHON Implementation. It provides an abstract of the requirements 6, 3 and outlines a study on the impact of Lawful Interception for TIPHON compliant systems. The provision of lawful interception on the SCN part of a TIPHON

15、network is already generally addressed and is not considered in the present document. The present document does consider lawful interception in an IP network. NOTE: The present document is a pre-study to identiSl the impact of lawful interception and therefore should lead to a subsequent document wh

16、ich specifies a TIPHON system compliant mechanism to permit the provision of lawful interception according to national law and appropriate standards. The provision of lawful interception is a requirement of national law, which is usually mandatory. From time to time, a network operator/access provid

17、er/service provider shall be required, according to a lawful authorization, to make available results of interception, relating to specific target identities, to a specific Law Enforcement Agency. 2 Re fe re nces For the purposes of this Technical Report (TR) the following references apply: il ETSI

18、ES 201 158: “Telecommunications Security; Lawful Interception (LI); Requirements for network functions“. 21 ETSI ES 201 67 1 : “Telecommunications security; Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic“. ETSI ETR 33 1 : “Security Techniques A

19、dvisory Group (STAG); Definition of user requirements for lawful interception of telecommunications; Requirements of the law enforcement agencies“. ITU-T Recommendation H.323 : “Packet-based multimedia communications systems“. 31 41 51 ETSI TR 10 1 300: “Telecommunications and Internet Protocol Harm

20、onization Over Networks (TIPHON); Description of technical issues“. Official Journal of the European Communities 96/C329/01: “Council Resolution of 17 January 1995 on the lawful interception of telecommunications“. 61 3 3.1 Definitions and abbreviations De fi nit ions For the purposes of the present

21、 document, the following terms and definitions apply: Access Provider (AP): provides a user of some network with access from the users terminal to that network NOTE 1 : This definition applies specifically for the present document. In a particular case, the access provider and network operator may b

22、e a common commercial entity. NOTE 2: The definitions from ETR 33 1 3 have been expanded to include reference to an access provider, where appropriate. (to) buffer: temporary storing of information in case the necessary telecommunication connection to transport information to the LEMF is temporarily

23、 unavailable ETSI 6 ETSI TR 101 750 VI .I .2 (2002-01) call: any connection (fixed or temporary) capable of transferring information between two or more users of a telecommunications system NOTE: In this context a user may be a person or a machine. content of communication: information exchanged bet

24、ween two or more users of a telecommunications service, excluding intercept related information NOTE: This includes information which may, as part of some telecommunications service, be stored by one user for subsequent retrieval by another. Gatekeeper (GK): H.323 entity on the network that provides

25、 address translation and controls access to the network for H.323 terminals, Gateways and MCUs NOTE: The Gatekeeper may also provide other services to the terminals, Gateways and MCU such as bandwidth management and locating Gateways. (See also ITU-T Recommendation H.323 4). Gateway (GW): H.323 Gate

26、way (GW) is an endpoint on the network which provides for real-time, two-way communications between H.323 terminals on the packet based network and other ITU terminals on a switched circuit network, or to another H.323 Gateway NOTE: Other ITU Terminals include those complying with recommendations H.

27、310 (H.320 on B-ISDN), H.320 (ISDN), H.321 (ATM), H.322 (GQOS-LAN), H.234 (GSTN), H.234M (Mobile) and V.70 (DSVD). (See also ITU-T Recommendation H.323 4). H.323 Terminal: endpoint on the network which provides for real-time, two-way communications with another H.323 Terminal, Gateway, or Multipoint

28、 Control Unit (MCU) NOTE: This communication consists of control, indications, audio, moving colour video pictures, andor data between the two terminals. A terminal may provide speech only, speech and data, speech and video, or speech, data and video. (See also ITU-T Recommendation H.323 4). handove

29、r interface: physical and logical interface across which the results of interception are delivered from a network operator/access provider/service provider to an LEMF identity: technical label which may represent the origin or destination of any telecommunications traffic, as a rule clearly identifi

30、ed by a physical telecommunications identity number (such as a telephone number) or the logical or virtual telecommunications identity number (such as a personal number) which the subscriber can assign to a physical access on a case-by-case basis intercept related information: collection of informat

31、ion or data associated with telecommunication services involving the TI, specifically call associated information or data (e.g. unsuccessful call attempts), service associated information or data (e.g. service profile management by subscriber) and location information interception (or Lawful Interce

32、ption): action (based on the law), performed by a network operator/access provider/service provider, of making available certain information and providing that information to an LEMF NOTE: In the present document the term interception is not used to describe the action of observing communications by

33、 an LEA (see below). interception interface: physical and logical locations within the access providerdnetwork operators/service providers telecommunications facilities where access to the content of communication and intercept related information is provided NOTE: The interception interface is not

34、necessarily a single, fixed point. interception measure: technical measure which facilitates the interception of telecommunications traffic pursuant to the relevant national laws and regulations interception subject: person or persons, specified in a lawful authorization, whose telecommunications ar

35、e to be intercepted internal intercepting function: point within a network or network element at which the content of communication is made available ETSI 7 ETSI TR 101 750 VI .I .2 (2002-01) internal network interface: networks internal interface between the Internal Intercepting Function and a med

36、iation device Law Enforcement Agency (LEA): organization authorized by a lawful authorization based on a national law to receive the results of telecommunications interceptions Law Enforcement Monitoring Facility (LEMF): law enforcement facility designated as the transmission destination for the res

37、ults of interception relating to a particular interception subject lawful authorization: permission granted to an LEA under certain conditions to intercept specified telecommunications and requiring co-operation from a network operator/access provider/service provider NOTE: Typically this refers to

38、a warrant or order issued by a lawfully authorized body. location information: information relating to the geographic, physical or logical location of an identity relating to an interception subject mediation device: mechanism which passes information between a network operator/access provider/servi

39、ce provider and a handover interface network element: component of the network structure, such as a local exchange, higher order switch or service control processor Network Operator PO): operator of a public telecommunications infiastructure which permits the conveyance of signals between defined ne

40、twork termination points by wire, by microwave, by optical means or by other electromagnetic means Quality of Service (QoS): quality specification of a telecommunications channel, system, virtual channel, computer-telecommunications session, etc. NOTE: Quality of service may be measured, for example

41、, in terms of signal-to-noise ratio, bit error rate, message throughput rate or call blocking probability. reliability: probability that a system or service performs in a satisfactory manner for a given period of time when used under specific operating conditions result of interception: information

42、relating to a target service, including the content of communication and intercept related information, which is passed by an access provider or network operator or service provider to an LEA NOTE: Intercept related information shall be provided whether or not call activity is taking place. service

43、information: information used by the telecommunications infiastructure in the establishment and operation of a network related service or services NOTE: The information may be established by an access provider, network operator, a service provider or a network user. Service Provider (SP): natural or

44、 legal person providing one or more public telecommunications services whose provision consists wholly or partly in the transmission and routing of signals on a telecommunications network NOTE: Target Identity (TI): identity associated with a target service (see below) used by the interception subje

45、ct target identification: identity which relates to a specific lawful authorization as such A service provider need not necessarily run his own network. NOTE: This might be a serial number or similar. It is not related to the denoted interception subject or subjects. target service: telecommunicatio

46、ns service associated with an interception subject and usually specified in a lawful authorization for interception NOTE: There may be more than one target service associated with a single interception subject. telecommunications: any transfer of signs, signals, writing images, sounds, data or intel

47、ligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photo-optical system ETSI 8 ETSI TR 101 750 VI .I .2 (2002-01) 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: AP cc GK GSM GW HI HI 1 HI2 HI3 II

48、F IN1 IP IRI ISDN LEA LEMF LI MF NWO PSTN QOS SCN ss SP TI Access Provider Content of Communication GateKeeper Global System for Mobile communications Gateway Handover Interface Handover Interface Port 1 (for Administrative Information) Handover Interface Port 2 (for Intercept Related Information) H

49、andover Interface Port 3 (for Content of Communication) Internal Intercepting Function Internal Network Interface Internet Protocol Intercept Related Information Integrated Services Digital Network Law Enforcement Agency Law Enforcement Monitoring Facility Lawful Interception Mediation Function Network Operator Public Switched Telephone Network Quality of Service Switched Circuit Networks Supplementary Service Service Provider Target Identity 4 Genera I i n trod uct ion According to rules set by the laws andor regulations of individual nations there is a nee