ETSI TS 102 232-4-2017 Lawful Interception (LI) Handover Interface and Service-Specific Details (SSD) for IP delivery Part 4 Service-specific details for Layer 2 services (V3 4 1 I.pdf

1、 ETSI TS 102 232-4 V3.3.1 (2017-03) Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 4: Service-specific details for Layer 2 services floppy3TECHNICAL SPECIFICATION ETSI ETSI TS 102 232-4 V3.3.1 (2017-03)2 Reference RTS/LI-00142-4 Keywords IP, Law

2、ful Interception, layer 2, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present

3、 document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI.

4、In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the

5、document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: http

6、s:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be

7、 modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the ben

8、efit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 232-4 V3.3.1 (2017-03)3 Contents Intellectual Property Rig

9、hts 5g3Foreword . 5g3Modal verbs terminology 5g3Introduction 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 7g33 Definitions and abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 8g34 General . 9g34.1 Access network 9g34.1.0 Overview 9g34.1.1 Scenario

10、1 . 9g34.1.2 Scenario 2 . 10g34.1.3 Scenario 3 . 11g34.1.4 Scenario 4 . 11g34.2 Lawful Interception (LI) requirements . 12g34.2.0 Introduction. 12g34.2.1 Target identity . 12g34.2.2 Result of interception 12g34.2.3 Intercept related information messages. 13g34.2.4 Time constraints 13g35 System model

11、 . 13g35.1 Reference configuration . 13g35.2 Reference states 14g35.2.1 Logon 14g35.2.2 Data transport 14g35.2.3 Logoff . 15g35.2.4 Unexpected connection loss 15g36 Intercept Related Information 16g36.1 IRI events . 16g36.2 HI2 attributes 17g37 Content of Communication (CC) . 17g38 ASN.1 for IRI and

12、 CC 18g38.1 ASN.1 specification 18g3Annex A (normative): Reference network topologies . 22g3A.0 Introduction 22g3A.1 xDSL access . 22g3A.1.0 Overview 22g3A.1.1 Events and information 22g3A.2 Cable modem access 28g3A.3 WLAN access . 28g3Annex B (informative): Stage 1 - RADIUS characteristics . 29g3B.

13、0 Introduction 29g3ETSI ETSI TS 102 232-4 V3.3.1 (2017-03)4 B.1 Network topology . 29g3B.1.0 RADIUS deployment options. 29g3B.1.1 RADIUS proxy . 29g3Annex C (informative): Change Request History 31g3History 33g3ETSI ETSI TS 102 232-4 V3.3.1 (2017-03)5 Intellectual Property Rights IPRs essential or p

14、otentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essent

15、ial, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee ca

16、n be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception

17、(LI). The present document is part 4 of a multi-part deliverable. Full details of the entire series can be found in part 1 2. The ASN.1 module is also available as an electronic attachment to the original document from the ETSI site (see for more details clause 8.1). Modal verbs terminology In the p

18、resent document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverab

19、les except when used in direct citation. Introduction The present document focuses on layer 2 interception of IP-encoded information. It is to be used in conjunction with ETSI TS 102 232-1 2, in which the handling of the intercepted information is described. ETSI ETSI TS 102 232-4 V3.3.1 (2017-03)6

20、1 Scope The present document specifies Lawful Interception for an Access Provider that has access to layer 2 session information and that is not required to have layer 3 information. In this case, the focus of Lawful Interception (LI) for IP Network Access is on the portion of the network, commonly

21、referred to as “layer 2 interception“, that facilitates subscriber access to the Public IP network. The present document describes the LI at the interception domain of the access network. The specification contains: a stage 1 description of the Lawful Interception service; a stage 2 description of t

22、he information flows between the functional entities (including the information elements involved) and triggering events; and a stage 3 description of the protocol and procedures to be used in mapping from stage 2 information flows and elements to Intercept Related Information (IRI) and Content of C

23、ommunication (CC). The present document is consistent with the definition of the Handover Interface, as described in ETSI TS 102 232-1 2. NOTE 1: Layer 3 interception is described in ETSI TS 102 232-3 12. NOTE 2: Layer 2 interception is not applicable to the PS domain of the GSM/UMTS networks (ETSI

24、TS 123 060 15). 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced

25、 document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at https:/docbox.etsi.org/Reference/. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee

26、 their long term validity. The following referenced documents are necessary for the application of the present document. 1 Void. 2 ETSI TS 102 232-1: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 1: Handover specification for IP delivery“. 3 I

27、ETF RFC 1122: “Requirements for Internet Hosts - Communication Layers“. 4 IETF RFC 1570: “PPP LCP Extensions“. 5 IETF RFC 3046: “DHCP Relay Agent Information Option“. 6 Recommendation ITU-T X.680: “Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation“. 7 Rec

28、ommendation ITU-T E.164: “The international public telecommunication numbering plan“. 8 IETF RFC 2341: “Cisco Layer Two Forwarding (Protocol) “L2F“. 9 IETF RFC 2637: “Point-to-Point Tunneling Protocol (PPTP)“. ETSI ETSI TS 102 232-4 V3.3.1 (2017-03)7 10 IETF RFC 2661: “Layer Two Tunneling Protocol “

29、L2TP“. 11 IETF RFC 1661: “The Point-to-Point Protocol (PPP)“. 12 ETSI TS 102 232-3: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 3: Service-specific details for internet access services“. 13 ETSI TS 102 232-2: “Lawful Interception (LI); Hando

30、ver Interface and Service-Specific Details (SSD) for IP delivery; Part 2: Service-specific details for messaging services“. 14 ETSI TS 101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 15 ETSI TS 123 060: “Digital cellular telecommunications system (Phase 2+); Universal

31、Mobile Telecommunications System (UMTS); General Packet Radio Service (GPRS); Service description; Stage 2 (3GPP TS 23.060)“. 16 IETF RFC 2684: “Multiprotocol Encapsulation over ATM Adaptation Layer 5“. 17 Void. 18 IETF RFC 2427: “Multiprotocol Interconnect over Frame Relay“. 2.2 Informative referen

32、ces References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. NOTE

33、: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1

34、 ETSI TR 102 503: “Lawful Interception (LI); ASN.1 Object Identifiers in Lawful Interception and Retained data handling Specifications“. i.2 ETSI TS 101 909-20-1: “Digital Broadband Cable Access to the Public Telecommunications Network; IP Multimedia Time Critical Services; Part 20: Lawful Intercept

35、ion; Sub-part 1: CMS based Voice Telephony Services“. i.3 ETSI TS 101 909-20-2: “Digital Broadband Cable Access to the Public Telecommunications Network; IP Multimedia Time Critical Services; Part 20: Lawful Interception; Sub-part 2: Streamed multimedia services“. 3 Definitions and abbreviations 3.1

36、 Definitions For the purposes of the present document, the terms and definitions given in ETSI TS 102 232-1 2, ETSI TS 102 232-3 12 and the following apply: Access Provider (AP): Communication Service Provider (CSP), providing access to networks NOTE 1: APs generally provide dial-up access through a

37、 modem and PPP connection, though companies that offer Internet access with other devices, such as cable modems or wireless connections, could also be considered APs. NOTE 2: In the context of the present document, the network access is defined as IP-based network access to the Internet. ETSI ETSI T

38、S 102 232-4 V3.3.1 (2017-03)8 access service: set of access methods provided to a user to access a service and/or a supplementary service NOTE: In the context of the present document, the service to be accessed is defined as the Internet. Application Service Provider (ASP): third-party entity that m

39、anages and distributes software-based services and solutions to customers across a wide area network from a central data centre NOTE: In the context of the present document, a company that offers services that are accessible to users who have connectivity via the Internet. interconnect network: netw

40、ork connecting the AP and the IAP, across which the layer 2 tunnel is established Internet Access Provider (IAP): company that provides access to the Internet NOTE: The IAP provides subscribers a username, password and an IP address that enables subscribers to log onto the Internet for virtual conne

41、ctivity to Application Service Providers. layer 2: link layer, as defined in IETF RFC 1122 3 layer 2 interception: lawful interception using technology that can access layer 2 information Physical Line Termination Point (PLTP): point in the access providers infrastructure where the physical line to

42、the customer is terminated EXAMPLE: xDSL-line termination point, Cable-line termination point, Ethernet-line termination point. tunnel router: router that is an endpoint of a layer 2 tunnel; there are at least two tunnel routers for each layer 2 tunnel 3.2 Abbreviations For the purposes of the prese

43、nt document, the following abbreviations apply: AAA Authentication, Authorization and Accounting ADSL Asymmetric Digital Subscriber Line AP Access Provider ASN.1 Abstract Syntax Notation 1 ASP Application Service ProviderATM Asynchronous Transfer Mode CC Content of Communication CIN Communication Id

44、entity Number CMTS Cable Modem Termination System CPE Customer Premises Equipment CR Change Request CSP Communications Service Provider DF Delivery Function DHCP Dynamic Host Configuration Protocol DSL Digital Subscriber Line DSLAM Digital Subscriber Line Access Multiplexer HI1 Handover Interface 1

45、(for Administrative Information) HI2 Handover Interface 2 (for Intercept Related Information) HI3 Handover Interface 3 (for Content of Communication) IAP Internet Access Provider IAS Internet Access Service INI Internal Network Interface IP Internet Protocol IRI Intercept Related Information ISDN In

46、tegrated Services Digital Network L2F Layer 2 Forwarding L2TP Layer 2 Tunneling Protocol LAES Lawful Authorized Electronic Surveillance LAN Local Area Network LCP Link Control Protocol LEA Law Enforcement AgencyETSI ETSI TS 102 232-4 V3.3.1 (2017-03)9 LEMF Law Enforcement Monitoring Facility LI Lawf

47、ul Interception LIID Lawful Interception IDentifier MAC Media Access Control MD Mediation Device MF Mediation Function MOC Mandatory/Optional/Conditional NAS Network Access Server OID Object IDentifier PDU Protocol Data Unit PLTP Physical Line Termination Point PPP Point-to-Point Protocol PPTP Point

48、-to-Point Tunneling Protocol PS Packet Switched PSTN Public Switched Telephone Network RADIUS Remote Authentication Dial In User Service RFC IETF Request For Comment SP Service Provider TC Technical Committee VoIP Voice over Internet Protocol WLAN Wireless Local Area Network xDSL Digital Subscriber

49、Line technologies 4 General 4.1 Access network 4.1.0 Overview An access network provides layer 2 connectivity from the Physical Line Termination Point (PLTP) for end-users to an Application Service Provider (ASP) through an Internet Access Provider (IAP). The access provided may be via a telephone, cable, or wireless-network. The present document describes the LI at the access network. The figures contained in the following clauses do not necessarily refer to physical configurations but identify the business r