1、 ETSI TS 133 108 V5.4.0 (2003-06)Technical Specification Universal Mobile Telecommunications System (UMTS);3G security;Handover interface for Lawful Interception (LI)(3GPP TS 33.108 version 5.4.0 Release 5)ETSI ETSI TS 133 108 V5.4.0 (2003-06) 1 3GPP TS 33.108 version 5.4.0 Release 5 Reference RTS/T
2、SGS-0333108v540 Keywords UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies
3、 of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PD
4、F). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status
5、of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, send your comment to: editoretsi.org Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing re
6、striction extend to reproduction in all media. European Telecommunications Standards Institute 2003. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI f
7、or the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 133 108 V5.4.0 (2003-06) 2 3GPP TS 33.108 version 5.4.0 Release 5 Intellectual Property Rights IPRs essential or potentially essential to the
8、present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI i
9、n respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as
10、to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present
11、 document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/
12、webapp.etsi.org/key/queryform.asp . ETSI ETSI TS 133 108 V5.4.0 (2003-06) 3 3GPP TS 33.108 version 5.4.0 Release 5 Contents Intellectual Property Rights2 Foreword.2 Foreword.6 Introduction 6 1 Scope 7 2 References 7 3 Definitions and abbreviations.8 3.1 Definitions8 3.2 Abbreviations .10 4 General .
13、11 4.1 Basic principles for the handover interface 11 4.2 Legal requirements.12 4.3 Functional requirements .12 4.4 Overview of handover interface .12 4.4.1 Handover interface port 2 (HI2) .13 4.4.2 Handover interface port 3 (HI3) .14 4.5 HI2: Interface port for intercept related information14 4.5.1
14、 Data transmission protocols14 4.5.2 Application for IRI (HI2 information) 14 4.5.3 Types of IRI records .15 5 Circuit-switch domain 15 6 Packet data domain.15 6.1 Identifiers .15 6.1.1 Lawful interception identifier .16 6.1.2 Network identifier.16 6.1.3 Correlation number.16 6.2 Performance, reliab
15、ility, and quality 16 6.2.1 Timing 16 6.2.2 Quality 17 6.2.3 Reliability .17 6.3 Security aspects 17 6.4 Quantitative aspects17 6.5 IRI for packet domain.17 6.5.1 Events and information.20 6.5.1.1 REPORT record information 20 6.5.1.2 BEGIN record information .23 6.5.1.3 CONTINUE record information .
16、25 6.5.1.4 END record information .27 6.6 IRI reporting for packet domain at GGSN .28 6.7 Content of communication interception for packet domain at GGSN28 7 Multi-media domain.28 7.1 Identifiers .29 7.1.1 Lawful interception identifier .29 7.1.2 Network identifier.30 7.1.3 Correlation number.30 7.2
17、 IRI for IMS.30 7.2.1 Events and information.31 Annex A (normative): HI2 delivery mechanisms and procedures.32 A.1 ROSE32 ETSI ETSI TS 133 108 V5.4.0 (2003-06) 4 3GPP TS 33.108 version 5.4.0 Release 5 A.1.1 Architecture32 A.1.2 ASE_HI procedures33 A.1.2.1 Sending part33 A.1.2.2 Receiving part.33 A.1
18、.2.3 Data link management 34 A.1.2.3.1 Data link establishment .34 A.1.2.3.2 Data link release34 A.1.2.4 Handling of unrecognized fields and parameters35 A.2 FTP.35 A.2.1 Introduction 35 A.2.2 Usage of the FTP35 A.2.3 Profiles (informative)36 A.2.4 File content .38 A.2.5 Exceptional procedures.38 A.
19、2.6 Other considerations .38 Annex B (normative): Structure of data at the handover interface 40 B.1 Syntax definitions.40 B.2 3GPP object tree.41 B.3 Intercept related information (HI2) 41 B.4 HI3 CC definition.47 Annex C (normative): UMTS HI3 interface 48 C.1 UMTS LI correlation header 48 C.1.1 In
20、troduction 48 C.1.2 Definition of ULIC header version 048 C.1.3 Definition of ULIC header version 149 C.1.4 Exceptional procedure50 C.1.5 Other considerations.50 C.2 FTP.50 C.2.1 Introduction 50 C.2.2 Usage of the FTP50 C.2.3 Exceptional procedures 52 C.2.4 CC contents for FTP.52 C.2.4.1 Fields 52 C
21、.2.4.2 Information element syntax 54 C.2.5 Other considerations.56 Annex D (informative): LEMF requirements - handling of unrecognised fields and parameters57 Annex E (informative): Bibliography.58 Annex F (informative): Void .60 Annex G (informative): United States lawful interception .61 G.1 Deliv
22、ery methods preferences 61 G.2 HI2 delivery methods .61 G.2.1 TPKT/TCP/IP.61 G.2.1.1 Introduction.61 G.2.1.2 Normal Procedures .61 G.2.1.2.1 Usage of TCP/IP when MF initiates TCP Connections 61 G.2.1.2.2 Use of TPKT .61 G.2.1.2.3 Sending of LI messages 62 G.2.1.3 ASN.1 for HI2 Mediation Function Mes
23、sages62 G.2.1.4 Error Procedures .62 G.2.1.5 Security Considerations 62 ETSI ETSI TS 133 108 V5.4.0 (2003-06) 5 3GPP TS 33.108 version 5.4.0 Release 5 G.3 HI3 delivery methods .63 G.3.1 Use of TCP/IP 63 G.3.1.1 Normal Procedures .63 G.3.1.1.1 Usage of TCP/IP when MF initiates TCP Connections 63 G.3.
24、1.1.2 Use of TPKT .63 G.3.1.1.3 Sending of Content of Communication Messages 63 G.3.1.2 ASN.1 for HI3 Mediation Function Messages64 G.3.1.3 Error Procedures .64 G.3.1.4 Security Considerations 64 G.4 Cross reference of terms between J-STD-025-A and 3GPP.65 Annex H (normative): United States lawful i
25、nterception .66 Annex J (informative): Change history .67 History 68 ETSI ETSI TS 133 108 V5.4.0 (2003-06) 6 3GPP TS 33.108 version 5.4.0 Release 5 Foreword This Technical Specification has been produced by the 3rdGeneration Partnership Project (3GPP). The contents of the present document are subjec
26、t to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first di
27、git: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when e
28、ditorial only changes have been incorporated in the document. Introduction This Technical Specification has been produced by 3GPP TSG SA to allow for the standardization in the area of lawful interception of telecommunications. This document addresses the handover interfaces for lawful interception
29、of Packet-Data Services, Circuit Switched Services, and Multimedia Services within the Universal Mobile Telecommunication System (UMTS). The specification defines the handover interfaces for delivery of lawful interception Intercept Related Information (IRI) and Content of Communication (CC) to the
30、Law Enforcement Monitoring Facility. Laws of individual nations and regional institutions (e.g. European Union), and sometimes licensing and operating conditions define a need to intercept telecommunications traffic and related information in modern telecommunications systems. It has to be noted tha
31、t lawful interception shall always be done in accordance with the applicable national or regional laws and technical regulations. Nothing in this specification, including the definitions, is intended to supplant national law. This specification should be used in conjunction with 3GPP TS 33.106 and 3
32、3.107 in the same release. This specification may also be used with earlier releases of 33.106 and 33.107, as well as for earlier releases of UMTS and GPRS. ETSI ETSI TS 133 108 V5.4.0 (2003-06) 7 3GPP TS 33.108 version 5.4.0 Release 5 1 Scope This specification addresses the handover interfaces for
33、 lawful interception of Packet-Data Services, Circuit Switched Services, and Multimedia Services within the UMTS network. The handover interface in this context includes the delivery of Intercept Related Information (HI2) and Content of Communication (HI3) to the Law Enforcement Monitoring Facility.
34、 2 References The following documents contain provisions which, through reference in this text, constitute provisions of the present document. References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. For a specific reference, subsequen
35、t revisions do not apply. For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 1 TR 101 331: “
36、Telecommunications security; Lawful Interception (LI); requirements of Law Enforcement Agencies“. 2 ES 201 158: “Telecommunications security; Lawful Interception (LI); Requirements for network functions“. 3 ETR 330: “Security Techniques Advisory Group (STAG); A guide to legislative and regulatory en
37、vironment“. 4 GSM 09.02: “Digital cellular telecommunications system (Phase 2+); Mobile Application Part (MAP) specification“. 5 ITU-T Recommendation X.680: “Specification of Abstract Syntax Notation One (ASN.1)“. 6 ITU-T Recommendation X.690: “Specification of basic encoding rules for Abstract Synt
38、ax Notation One (ASN.1)“. 7 ITU-T Recommendation X.880: “Information technology - Remote Operations: Concepts, model and notation“. 8 ITU-T Recommendation X.882: “Information technology - Remote Operations: OSI realizations - Remote Operations Service Element (ROSE) protocol specification“. 9 EN 300
39、 940, GSM 04.08: “Digital cellular communications system (Phase 2+); Mobile radio interface layer 3 specification“. 10 TS 101 509 “Digital cellular telecommunications system (Phase 2+); Lawful interception; Stage 2 (GSM 03.33). 11 GSM 03.03: “Digital cellular telecommunications system (Phase 2+); Nu
40、mbering, addressing and identification“. 12 GSM 09.60 (EN 301 347): “Digital cellular telecommunications system (Phase 2+); General Packet Radio Service (GPRS); GPRS tunelling protocol (GTP) across Gn and Gp Interface“. 13 STD 9 “File Transfer Protocol (FTP)“, October 1985. 14 GSM 12.15 “3rd Generat
41、ion Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication Management; Charging GSM call and event data for the Packet Switched (PS) domain)“. ETSI ETSI TS 133 108 V5.4.0 (2003-06) 8 3GPP TS 33.108 version 5.4.0 Release 5 15 STD0005 “Internet Protocol“. 16
42、STD0007 “Transmission Control Protocol“. 17 3GPP TS 29.060 “GPRS Tunnelling Protocol“. 18 3GPP TS 33.106 “Lawful Interception Requirements“. 19 3GPP TS 33.107 “Lawful Interception Architecture and Functions“. 20 3GPP TS 23.107 “QoS Concepts and Architecture“. 21 3GPP TS 24.008: “3GPP Technical Speci
43、fication Group Core Network; Mobile radio interface layer 3 specification“. 22 ES 201 671 version 2.1.1: “Handover Interface for the lawful interception of telecommunications traffic“. 23 J-STD-25-A: “Lawfully Authorized Electronic Surveillance“. 24 ETSI TS 101 671 version 2.3.1: “Handover Interface
44、 for the lawful interception of telecommunications traffic“. 25 3GPP TS 23.003 “3rd Generation Partnership Project; Technical Specification Group Core Network; Numbering, addressing, and identification“. 26 RFC 2543: “SIP: Session Initiation Protocol“. 27 RFC 1006: “ISO Transport Service on top of t
45、he TCP“. 28 RFC 2126: “ISO Transport Service on top of TCP (ITOT)“. 29 ITU-T Recommendation Q.763: “Formats and Codes of the ISDN User Part of Signalling System No. 7“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply
46、. access provider: access provider provides a user of some network with access from the users terminal to that network. NOTE 1: This definition applies specifically for the present document. In a particular case, the access provider and network operator may be a common commercial entity. (to) buffer
47、: temporary storing of information in case the necessary telecommunication connection to transport information to the LEMF is temporarily unavailable. communication: Information transfer according to agreed conventions. content of communication: information exchanged between two or more users of a t
48、elecommunications service, excluding intercept related information. This includes information which may, as part of some telecommunications service, be stored by one user for subsequent retrieval by another. handover interface: physical and logical interface across which the interception measures ar
49、e requested from network operator / access provider / service provider, and the results of interception are delivered from a network operator / access provider / service provider to a law enforcement monitoring facility. identity: technical label which may represent the origin or destination of any telecommunications traffic, as a rule clearly identified by a physical telecommunications identity number (such as a telephone number) or the logical or virtual telecommunications identity number (such as a personal num