1、i ATIS-1000678.v3.2015 Lawfully Authorized Electronic Surveillance (LAES) for Voice over Internet Protocol in Wireline Telecommunications Networks, Version 3 Alliance for Telecommunications Industry Solutions Approved: July 21, 2015 Abstract This Standard defines the interfaces between a Telecommuni
2、cation Service Provider (TSP) and a Law Enforcement Agency (LEA) to assist the LEA in conducting lawfully authorized electronic surveillance for Voice over Internet Protocol (VoIP) in Wireline Telecommunications Networks. Version 1 of T1.678 (T1.678-2004) provides support for Voice over Packet (VoP)
3、 services utilizing basic SIP call control and basic H.323 call control for IP. Version 2 of T1.678 (ATIS-1000678.v2.2006) adds support for supplementary services such as hold/retrieve, multi-party calls, and call transfer. Version 3 (ATIS-1000678.20xx) incorporates ATIS-1000678.a.v2.2007 (Supplemen
4、t A to ATIS-1000678.v2.2006), ATIS-1000678.b.v2.2010 (Supplement B to ATIS-1000678.v2.2006), and provides clarifications, corrections, and enhancements. Version 3 also removes support for H.323 call control for IP. Upon publication, this Standard supersedes and replaces ATIS-1000678.v2.2006, ATIS-10
5、00678.a.v2.2007, and ATIS-1000678.b.v2.2010. This document provides the mechanisms to perform lawfully authorized electronic surveillance of VoIP subject to the appropriate legal and regulatory environment. It is not the intent of this document to imply or impact any pending Communications Assistanc
6、e for Law Enforcement Act (CALEA) regulatory decisions related to VoIP. NOTE Annex A, ASN.1 Definitions, of this Standard has also been formatted as a separate plain text file and electronically packaged with this standard. AMERICAN NATIONAL STANDARD FOR TELECOMMUNICATIONS ATIS-1000678.v3.2015 Lawfu
7、lly Authorized Electronic Surveillance (LAES) for Voice over Internet Protocol in Wireline Telecommunications Networks, Version 3 As a leading technology and solutions development organization, the Alliance for Telecommunications Industry Solutions (ATIS) brings together the top global ICT companies
8、 to advance the industrys most pressing business priorities. ATIS nearly 200 member companies are currently working to address the All-IP transition, network functions virtualization, big data analytics, cloud services, device solutions, emergency services, M2M, cyber security, network evolution, qu
9、ality of service, billing support, operations, and much more. These priorities follow a fast-track development lifecycle from design and innovation through standards, specifications, requirements, business use cases, software toolkits, open source solutions, and interoperability testing. ATIS is acc
10、redited by the American National Standards Institute (ANSI). The organization is the North American Organizational Partner for the 3rd Generation Partnership Project (3GPP), a founding Partner of the oneM2M global initiative, a member of and major U.S. contributor to the International Telecommunicat
11、ion Union (ITU), as well as a member of the Inter-American Telecommunication Commission (CITEL). For more information, visit www.atis.org. AMERICAN NATIONAL STANDARD Approval of an American National Standard requires review by ANSI that the requirements for due process, consensus, and other criteria
12、 for approval have been met by the standards developer. Consensus is established when, in the judgment of the ANSI Board of Standards Review, substantial agreement has been reached by directly and materially affected interests. Substantial agreement means much more than a simple majority, but not ne
13、cessarily unanimity. Consensus requires that all views and objections be considered, and that a concerted effort be made towards their resolution. The use of American National Standards is completely voluntary; their existence does not in any respect preclude anyone, whether he has approved the stan
14、dards or not, from manufacturing, marketing, purchasing, or using products, processes, or procedures not conforming to the standards. The American National Standards Institute does not develop standards and will in no circumstances give an interpretation of any American National Standard. Moreover,
15、no person shall have the right or authority to issue an interpretation of an American National Standard in the name of the American National Standards Institute. Requests for interpretations should be addressed to the secretariat or sponsor whose name appears on the title page of this standard. CAUT
16、ION NOTICE: This American National Standard may be revised or withdrawn at any time. The procedures of the American National Standards Institute require that action be taken periodically to reaffirm, revise, or withdraw this standard. Purchasers of American National Standards may receive current inf
17、ormation on all standards by calling or writing the American National Standards Institute. Notice of Disclaimer direction is a party or place to which a call is re-directed or the party or place from which it came, either incoming or outgoing (e.g., redirected-to party or redirected-from party); ori
18、gin is a party initiating a call (e.g., calling party), or a place from which a call is initiated; and termination is a party or place at the end of a communication path (e.g., the called or call-receiving party, or the switch of a party that has placed another party on hold). 3.1.7 called party: Th
19、e destination party of a call. 3.1.8 call identity: A call identity is a value that uniquely identifies a particular call, call leg, or session. 3.1.9 calling party: The originating party of a call. 3.1.10 Call Content Channel (CCC) Identity: The CCC Identity (CCCIdentity) value identifies the CCC o
20、r pair of CCCs used for conveying call content. 3.1.11 CII Mediation Function (CII-MF): A function that maps (rather than encapsulates) VoIP subject access and network signaling messages onto e-interface messages (as defined in this standard). 3.1.12 Collection Function (CF): Defined in Ref 4 to be
21、“the location where lawfully authorized intercepted communications and call-identifying information is collected by a law enforcement agency (LEA).” 3.1.13 communication: Any wire or electronic communication, as defined in Ref 5. 3.1.14 Communication Management System (CMS): Network element that pro
22、vides communication management functions for communications to and from the intercept subject. 8This document is available from the Alliance for Telecommunications Industry Solutions (ATIS), 1200 G Street N.W., Suite 500, Washington, DC 20005 ATIS-1000678.v3.2015 5 3.1.15 complete: A call attempt th
23、at is answered. 3.1.16 connection: A relationship between two or more parties of a call to allow communication between them. 3.1.17 content: Defined in Ref 5 (8) to be “when used with respect to any wire or electronic communications, includes any information concerning the substance, purport, or mea
24、ning of that communication.” 3.1.18 cut-through: When an endpoint has received via call signaling the information needed to communicate with the remote endpoint and a communication path exists between the endpoint and the remote endpoint. 3.1.19 destination: See call-identifying information. 3.1.20
25、direction: See call-identifying information. 3.1.21 Direct Signal Reporting (DSR): Reporting of VoIP subject access and network signaling to LEA(s) via encapsulation (rather than mapping of parameters by a CII-MF). 3.1.22 electronic communications: Defined in Ref 5 (12) to be “any transfer of signs,
26、 signals, writing, images, sounds, data, or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectric, or photo-optical system.” 3.1.23 electronic surveillance: The statutory-based legal authorization, process, and associated technical capabilities a
27、nd activities of LEAs related to the interception of wire, oral, or electronic communications while in transmission. As used herein, also includes the acquisition of call-identifying information. As used herein, surveillance refers to a single communication intercept, pen register, or trap and trace
28、. Its usage herein does not include administrative subpoenas for obtaining a subscribers billing records and information about a subscribers service that an LEA may employ before the start of a communication intercept, pen register, or trap and trace. 3.1.24 feature code: The digits (0-9) or symbols
29、 (*, #) used to invoke or access a feature. 3.1.25 intercept: Defined in Ref 5 (4) to be “the aural or other acquisition of the content of any wire, electronic, or oral communication through the use of any electronic, mechanical, or other device.” 3.1.26 Intercept Access Point (IAP): A point within
30、a telecommunication system or VoIP network where some of the communications or call-identifying information of an intercept subjects equipment, facilities, and services are accessed. 3.1.27 intercept subject: A telecommunication service subscriber whose communications, call-identifying information,
31、or both, have been authorized by a court to be intercepted and delivered to an LEA. The identification of the intercept subject is limited to identifiers used to access the particular equipment, facility, or communication service (e.g., network address, terminal identity, subscription identity). 3.1
32、.28 Law Enforcement Agency (LEA): A government entity with the legal authority to conduct electronic surveillance (e.g., the Federal Bureau of Investigation or a local police department). 3.1.29 Leg: A representation of a telecommunication path towards some addressable entity. 3.1.30 Media Stream: T
33、he stream of Real Time Protocol (RTP) packets using a specific destination transport address. There is a media stream per media announcement in the SDP of a call. In RTP terminology, an RTP session is the same as a media stream. 3.1.31 origin: See call-identifying information. 3.1.32 origination: An
34、 outgoing call attempt. 3.1.33 release: Ending of a call or session as indicated by call signaling.93.1.34 session: When used alone (e.g., not “RTP session”), the exchange of data between participants or systems using the Session Initiation Protocol (SIP) protocol. For instance, a call is an example
35、 of a session. 3.1.35 SIP dialog: A peer-to-peer SIP relationship between two UAs that persists for some time. A SIP dialog is established by SIP messages. A SIP dialog is identified by a call identifier, local tag, and remote tag. 3.1.36 SIP Direct Signal Reporting (SIP-DSR): Reporting of SIP subje
36、ct access and network signaling to LEA(s) via encapsulation (rather than mapping of parameters by a CII-MF). 9RFC 3261 (SIP) Ref 6 uses the term terminate to mean the ending or release of a session. ATIS-1000678.v3.2015 6 3.1.37 subject: See intercept subject. 3.1.38 surveillance: See electronic sur
37、veillance. 3.1.39 Telecommunications Service Provider (TSP): An entity that provides telecommunication services to Customers and other users. A Telecommunications Service Provider may or may not operate a network. A Telecommunications Service Provider may or may not be a Customer of another Telecomm
38、unications Service Provider. 3.1.40 termination: An incoming call attempt. See also call-identifying information. 3.1.41 transmission: The act of transferring communications from one location or another by a wire, radio, electromagnetic, photo electronic, or photo optical system. 3.1.42 User Agent (
39、UA): A logical entity that can act as both a user agent client and user agent server. 3.1.43 wireline: Refers to traditional wire-based telephone service. 3.2 Acronyms AAA Administration, Authorization, and Authentication AE Associate Equipment AMPS Advanced Mobile Phone System ANS American National
40、 Standard ANSI American National Standards Institute A-PDU or APDU Application Protocol Data Unit ASN.1 Abstract Syntax Notation One Ref 10 ATIS Alliance for Telecommunication Industry Solutions BTBUA Back-to-Back User Agent C Conditional (parameter) CALEA Communications Assistance for Law Enforceme
41、nt Act. CC Call Content CC-APDU Call Content Delivery Application Protocol Data Unit CC-IAP Call Content Intercept Access Point CCC Call Content Channel CF Collection Function CII Call-Identifying Information. CII-IAP Call-Identifying Information Intercept Access Point CII-MF CII Mediation Function
42、CMS Communication Management System CPE Customer Premise Equipment DDE Dialed Digit Extraction DF Delivery Function DNIC Data Network Identification Code DSR Direct Signal Reporting DTMF Dual Tone Multiple Frequency FCC Federal Communications Commission GPS Global Positioning System GSM Global Syste
43、m for Mobile (telecommunications) IAP Intercept Access Point. ATIS-1000678.v3.2015 7 IEEE Institute of Electrical and Electronic Engineers IETF Internet Engineering Task Force IP Internet Protocol ISDN Integrated Services Digital Network ITU-T International Telecommunication Union Telecommunication
44、Standardization Sector LAES Lawfully Authorized Electronic Surveillance LAESP LAES Protocol LEA Law Enforcement Agency LI Lawful Intercept M Mandatory (parameter) MAC Media Access Control MF Mediation Function MIME Multipurpose Internet Mail Extensions MOC Mandatory/Optional/Conditional O Optional (
45、parameter) OSI Open Systems Interconnect PDU Protocol Data Unit PTSC Packet Technologies and Systems Committee PSTN Public Switched Telephone Network QoS Quality of Service RFC Request For Comments RTP Real-Time Transport Protocol SCTE Society of Cable Telecommunications Engineers SDP Session Descri
46、ption Protocol SE Subject Equipment SIP Session Initiation Protocol. SIP-DSR SIP Direct Signal Reporting SMS Short Message Service TCP Transmission Control Protocol TDD Terminal Device for the Deaf TDM Time Division Multiplexing TN Telephone Number TSP Telecommunication Service Provider UA User Agen
47、t UDP User Datagram Protocol URI Uniform Resource Identifier VoIP Voice over Internet Protocol VoP Voice Services over Packet ATIS-1000678.v3.2015 8 3.3 Definitions for “Mandatory,” “Optional,” o Requested to be released; or o Reported to have been released. o This includes when the VoIP network (e.
48、g., SIP Redirect Server) releases a VoIP call or session to provide updated destination address information. TerminationAttempt: A VoIP call or session termination attempt to an intercept subject has been detected. 5.2.1.2 Signaling Events The following call events associated with signaling are defi
49、ned for VoIP calls: DialedDigitExtraction: The Dialed Digit Extraction (DDE) event reports digits dialed by a subject when a session is established to another TSPs service for processing and routing. However, CII DDE event reporting does not require a TSP to assure that a connection is with another TSPs service. When a subject has dialed or signaled digits in the VoIP content stream after the session is established from the perspective of the TSP, DDE reporting shall be performed on a per lawful authorization basis. The reporting shall be accomplished by the net