1、 AMERICAN NATIONAL STANDARD FOR TELECOMMUNICATIONS ATIS-0300260.1998(R2013) Operations, Administration, Maintenance, and Provisioning (OAM their existence does not in any respect preclude anyone, whether he has approved the standards or not, from manufacturing, marketing, purchasing, or using produc
2、ts, processes, or procedures not conforming to the standards. The American National Standards Institute does not develop standards and will in no circumstances give an interpretation of any American National Standard. Moreover, no person shall have the right or authority to issue an interpretation o
3、f an American National Standard in the name of the American National Standards Institute. Requests for interpretations should be addressed to the secretariat or sponsor whose name appears on the title page of this standard. CAUTION NOTICE: This American National Standard may be revised or withdrawn
4、at any time. The procedures of the American National Standards Institute require that action be taken periodically to reaffirm, revise, or withdraw this standard. Purchasers of American National Standards may receive current information on all standards by calling or writing the American National St
5、andards Institute. Notice of Disclaimer = the value of the parameter is equal to the value of the parameter in the column to the left; O the use of the parameter is optional; - the parameter is not present in the interaction described by the function concerned; C the parameter is conditional; the co
6、ndition is as defined in the parameter. 5.7.2 Provisioning Function Set The following functions shall be used to initially provision or subsequently modify a surveillance: 1. Create laesCase. 2. Delete laesCase. 3. Modify parameters of laesCase. 4. Create Call Content Channel. 5. Delete Call Content
7、 Channel. 6. Modify parameters of Call Content Channel. 7. Create Call Data Channel. 8. Delete Call Data Channel. 9. Modify parameters of Call Data Channel. 10. Create LAES Profile. 11. Delete LAES Profile. 12. Verify Connectivity. ATIS-0300260.1998 13 5.7.2.1 Create laesCase Object Parameter Reques
8、t to NE Response from NE Notes CaseNameID O C Name must be returned by the NE (Naming Attribute) if not supplied by the OS LaesCaseIdentity M O Alpha Numeric value, name provided by Law Enforcement Agency via court order nameOfLEA O O cdcPtr M O Pointer to instance of cdc object cccPtrList C O Prese
9、nt if CCC(s) are needed and available. laesProfilePtr M O Identifies a specific surveillance profile in a NE subjectNetworkID M O accountingManagementCccSource O O see 5.4.4 cccDeliveryType C O applicable only when CCC is present; default value is combined administrativeState O O Default value is un
10、locked; unlocked value implies case is functional startDateAndTime O O If not present, start time = current time endDateAndTime O O If a termination date is not provided, an explicit request is required to remove surveillance. If present, laesCase object will be deleted when the specified date and t
11、ime has been reached. errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. CCC already assigned 2. end time start time ATIS-0300260.1998 14 5.7.2.2 Delete a laesCase Object(s) Parameter Request to NE Response from NE Notes caseNameID C C= This parameter
12、 may not be needed when scoping and filtering are utilized. If specified in request it will be part of response error C Standard CMIP error messages will be generated 5.7.2.3 Modify laesCase Object Parameter Request to NE Response from NE Notes caseNameID M O= cdcPtr O O=cccPtrList O= laesProfilePtr
13、 O O= accountingManagementCccSource O O= See 5.4.4 cccDeliveryType C O= applicable only when CCC is present administrativeState O O= startDateAndTime O O= endDateAndTime O O= errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. end time start time 2. CC
14、C already assigned ATIS-0300260.1998 15 5.7.2.4 Create ccc Object Parameter Request to NE Response from NE Notes cccID O C Name must be returned by the NE (Naming Attribute) if not supplied by the OS cccAddress M O cccTransportProfile M O= operationalState - M AccountingingManagementCccDestination C
15、 O present if a call detail record is generated for the CCC usage errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. cccObjectExistsForCccAddress 5.7.2.5 Delete ccc Object(s) Parameter Request to NE Response from NE Notes cccID C C= This parameter may
16、 not be needed when scoping and filtering are utilized. If specified in request it will be part of response. Errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. cccInUse ATIS-0300260.1998 16 5.7.2.6 Modify ccc Object Parameter Request to NE Response fr
17、om NE Notes cccID M O= cccAddress O O=AccountingManagementCccDestination O O= errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. cccObjectExistsForCccAddress 5.7.2.7 Create cdc Object Parameter Request to NE Response from NE Notes cdcID O C Name must
18、be returned by the NE (Naming Attribute) if not supplied by the OS cdcAddress M O operationalState - M cdcTransportProfile M O errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. cdcObjectExistsForCdcAddress ATIS-0300260.1998 17 5.7.2.8 Delete a cdc Ob
19、ject(s) Parameter Request to NE Response from NE Notes cdcID C C= This parameter may not be needed when scoping and filtering are utilized. If specified in request it will be part of response errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. cdcInUse
20、 5.7.2.9 Modify cdc Object Parameter Request to NE Response from NE Notes cdcID M O= cdcAddress M O=errors C Standard CMIP error messages will be generated plus the following LAES specific errors. 1. cdcObjectExistsForCdcAddress ATIS-0300260.1998 18 5.7.2.10 Create laesProfile Object Parameter Reque
21、st to NE Response from NE Notes laesProfileID O C Name must be returned by the NE (Naming Attribute) if not supplied by the OS. nameOfLaesProfile O O= Administrative name of a profile. Determined by local administration (alphanumeric string). allowedCdcData M O= Data allowed to be delivered over CDC
22、 for this profile. circuitIAPOptions C O= Required if NE supports circuitIAP, this attribute defines what circuit content is to be delivered over the CCCs. packetIAPOptions C O= Required if NE supports packetIAP, this attribute defines what packet data call content will be delivered over the CCCs. e
23、rror C Standard CMIP error messages will be generated. 5.7.2.11 Delete laesProfile Object(s) Arameter Request to NE Response from NE Notes laesProfileID C C= This parameter may not be needed when scoping and filtering are utilized. If specified in request it will be part of response. Error C Standar
24、d CMIP error messages will be generated plus the following LAES specific errors. 1. laesProfileBeingUsedByOneOrMoreLaesCase. ATIS-0300260.1998 19 5.7.2.12 verifyConnectivity Action Parameter Request to NE Response from NE Notes laesCaseIdentity M O laesConnectivityAction M memo O error C Standard CM
25、IP error messages will be generated plus the following LAES specific errors. 1. problemWithCDC. 5.7.3 Administration Function Set The following functions shall be used to administer, monitor, and report surveillance parameters: 1. Report creating a laesCase 2. Report deleting a laesCase 3. Report cr
26、eating a CCC 4. Report deleting a CCC 5. Report creating a CDC 6. Report deleting a CDC 7. Report creating a surveillance profile 8. Report deleting a surveillance profile 9. Report State change of laesCase 10. Report State change of CCC 11. Report State change of CDC 12. Report parameter value chan
27、ge of laesCase 13. Report parameter value change of CDC 14. Report parameter value change of CCC 15. Retrieve laesCase parameter values 16. Retrieve CCC parameter values 17. Retrieve CDC parameter value 18. Retrieve surveillance profile parameter value 5.7.4 Fault Management Function Set The followi
28、ng functions are to inform the LAES OS of surveillance related faults: 1. Report communication loss alarm for CCC/CDC. ATIS-0300260.1998 20 2. Retrieve alarm record from logs. 5.7.5 Security Management Function Set 1. Retrieve security alarm record. 2. Report security service or mechanism violation
29、alarm. 3. Functions to support authentication, confidentiality, using mechanisms as described in clause 6. 6 Communications Security Security for LAES administration is based on ANSI T1.259. 6.1 Authentication Peer entity authentication is achieved by exchanging authenticators at association setup t
30、ime. The authenticators are to be carried in the Authentication-value field of ACSE Association Request (AARQ) and the ACSE Association Response (AARE) Protocol Data Unit (PDUs). The syntax of the authenticators is STASE-A-ASSOCIATE-Information.STASEAuthenticationValue as defined in iso member-body
31、usa(840) ansi-t1-259-1997(o) stase(1) stase-authentication-value(0) abstractSyntax(1) version1(1). That syntax includes an optional encryptedSymmetricKey; it shall be included in the authenticator sent from the manager to the agent in the AARQ, it need not be included in the authenticator sent from
32、the agent to the manager in the AARE. The authenticator syntax also includes an optional certificate; in general there is no need to include that certificate in the authenticator since the manager and the agent usually know each others public key in context of this application. 6.2 Data integrity an
33、d confidentiality Data origin authentication, integrity and data confidentiality are assured by using STASE-ROSE to protect and encrypt all ROSE PDUs on the “a and c” interfaces with DES. Integrity protection shall be provided by computing the HMAC transform of the ROSE PDU, using MD5, and appending
34、 the result to the ROSE PDU before encryption with DES. Therefore the CHOICE for the SR-PDU in STASE-ROSE shall be confidentialMAC. There is no need to use the security algorithm negotiation facility of STASE-ROSE since, only the standard default algorithms are used. The initial DES key is provided
35、in the AARQ at association setup time. The DES key shall be changed at least once a day. Such a change will be done using Encryption Parameters in STASE - ROSE. More specifically, the PublicEncryptedAuthenticationKey component of STASE - ROSE shall be used. ATIS-0300260.1998 21 7 Object Model Defini
36、tions and Descriptions 7.1 Object Classes Inheritance The inheritance hierarchy of this standard is illustrated in Figure 4. The lines represent the subclassing relationships and the vertices represent the managed object classes defined in this standard or used from other standards. The object class
37、 “top“ is at the apex of the classification hierarchy. The “Object Class“ attribute is used to indicate the class of the object. Top is the superclass of all other objects, therefore all managed objects, contain the attribute Object Class. Figure 4 Inheritance Hierarchy 7.2 Conventions used in this
38、Standard Throughout this standard, the following conventions are used: The name of an attribute that is intended to point to a specific object class is composed of the name of that object class followed by the string “Ptr”. If an attribute value is intended to identify different object classes, a de
39、scriptive name is given to that attribute and a description is provided in the attribute behavior. The naming attribute for a managed object is composed of the name of the object class followed by the string “ID”. “X.721”:objectCreationRecord“X.721”:objectDeletionRecord“X.721”:attributeValueChangeRe
40、cord“X.721”:stateChangeRecord“X.721”:alarmRecord“X.721”:eventRecord“X.721”:eventForwardingDiscriminator“X.721”:logRecord“X.721”:log“X.721”:discriminator“M.3100”:managedElement“X.721”:topccc cdclaesCase laesProfileATIS-0300260.1998 22 7.3 Overview of Information Model This subclause provides a genera
41、l description of the managed information contained in the Guidelines for Definition of Managed Objects (GDMO) information model (see Figure 5). 7.4 Object Classes 1 1 1c c cnn ncdcccclaesCasecasePointerList casePointercdcPtr cccPtrList11(0n)(0n)111(01)laesProfilec1n1 1managedElement(0n) 1Figure 5 En
42、tity Relationship Diagram The following object classes shall be used to manage LAES functions in Network Elements. Figure 5 shows the relationship of laesCase object to laesProfile, call data channel and call content channel objects. laesCase object when created and associated with CDC and if necess
43、ary CCC objects enable the information exchange across the “e” reference point (J-STD-025) to operate for given lawfully authorized electronic surveillance. The managed element is imported from ITU-T Rec. M.3100 ccc MANAGED OBJECT CLASS DERIVED FROM “Rec. X.721 | ISO/IEC 10165-2 : 1992“:top; CHARACT
44、ERIZED BY cccPackage PACKAGE BEHAVIOUR cccBehaviour BEHAVIOUR DEFINED AS “An instance of this class is used to provision a call content channel associated with laesCase. See J-STD-025 for details. The relationship between CCCs and laesCase is modified as a result of changing the CCC reference attrib
45、ute in laesCase. A laesCase may use one or more CCCs depending on the type of surveillance. The CCC objects may be pre-provisioned and can be referenced when provisioning a laesCase. Note that any features that are needed on a CCC (e.g., basic line features) are administered outside of this definiti
46、on. The association between the features needed on a CCC and the resource used for CCC is accomplished using the cccTransportProfile. The transport profile is defined either by using a pointer to an object used for transport or a string representing the features required. The accountingManagementCcc
47、Destination specifies the called number to be used in the call detail record containing the usage measurements for the CCC associated with a laesCase (note there shall not be any impact on the subjects CDRs). The ccc object can not be deleted if the casePtr is not NULL. ATIS-0300260.1998 23 The case
48、Ptr attribute is a reverse pointer and will be automatically populated by the NE. The ccc object can only be deleted when the casePtr is an empty list. “; ATTRIBUTES cccID GET SET-BY-CREATE, cccAddress GET-REPLACE cccObjectExistsForCccAddress, cccTransportProfile GET SET-BY-CREATE, “Rec. X.721 | ISO
49、/IEC 10165-2 : 1992“:operationalState GET, casePtr GET, accountingManagementCccDestination GET-REPLACE; NOTIFICATIONS “Rec. X.721 | ISO/IEC 10165-2 : 1992“:communicationsAlarm, “Rec. X.721 | ISO/IEC 10165-2 : 1992“:attributeValueChange, “Rec. X.721 | ISO/IEC 10165-2 : 1992“:objectCreation, “Rec. X.721 | ISO/IEC 10165-2 : 1992“:objectDeletion, “Rec. X.721 | ISO/IEC 10165-2 : 1992“:stateChange; REGISTERED AS laesObjectClass 1; cdc MANAGED OBJECT CLASS DERIVED FROM “Rec. X.721 | ISO/IEC 10165-2 : 1992“:top; CHARACTERIZED B