1、 ETSI TR 103 690 V1.1.1 (2012-02) Lawful Interception (LI); eWarrant Interface Technical Report ETSI ETSI TR 103 690 V1.1.1 (2012-02) 2Reference DTR/LI-00069 Keywords eWarrant, interception, retention, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42
2、00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more
3、than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific netw
4、ork drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the p
5、resent document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. Eu
6、ropean Telecommunications Standards Institute 2012. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Pa
7、rtners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 690 V1.1.1 (2012-02) 3Contents Intellectual Property Rights 5g3Foreword . 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 6g33 Definitions and abbreviatio
8、ns . 7g33.1 Definitions 7g33.2 Abbreviations . 8g34 The eWarrant Interface . 8g34.1 Reference model . 8g34.2 Outsourcing to Trusted Third Party 9g34.3 The eWarrant Interface port . 9g34.4 Framework for the interface . 9g35 eWarrant interface messages and flows . 10g35.1 Normal message flows . 11g35.
9、2 Chained message flows 11g36 eWarrant Interface messages 11g36.1 Messages - common header 12g36.1.1 MessageVersion 12g36.1.2 MessageType. 12g36.1.3 MessageID 12g36.1.4 MessageSourceID . 12g36.1.5 MessageRecipientID . 13g36.1.6 MessageTimestamp . 13g36.1.7 MessageRef . 13g36.1.8 MessageAssurance 13g
10、36.1.9 MessageSecurity . 13g36.2 Generic Content for Request Messages 13g36.2.1 WarrantID. 13g36.2.2 WarrantSourceID . 13g36.2.3 WarrantCspID 13g36.2.4 WarrantTimestamp . 13g36.2.5 WarrantRef . 13g36.2.6 WarrantTargetID 14g36.2.7 WarrantPriority 14g36.2.8 WarrantLegalRef 14g36.2.9 WarrantTimespan .
11、14g36.2.10 WarrantMetadata . 14g36.2.11 WarrantTechspec 14g36.2.12 WarrantDelivery . 14g36.2.13 ApprovalID . 14g36.2.14 ApprovalSourceID 14g36.2.15 ApprovalTimestamp 14g36.2.16 ApprovalSupplemental 14g36.3 Generic Content for Response Messages . 14g36.3.1 RequestStatus 15g37 Information exchange . 1
12、5g37.1 General . 15g38 Security and Assurance Methods . 15g38.1 Application level security and assurance 15g38.1.1 Digital signatures 15g38.2 Transport, Connection and Device level security and assurance measures 16g3ETSI ETSI TR 103 690 V1.1.1 (2012-02) 48.3 Additional Assurance Measures . 16g38.3.
13、1 Continuous Security Monitoring . 16g3Annex A: Encoded Data Elements 18g3A.1 Summary 18g3A.1.1 Use of this annex 18g3A.1.2 Choice of data modelling language 18g3A.1.3 Overview 18g3A.1.4 Schematic representation of data 19g3A.2 XML definitions . 19g3A.2.1 General . 19g3A.2.1.1 Introduction. 19g3Anne
14、x B: Warrant process flow . 20g3Annex C: Interoperability with manual and legacy techniques . 21g3C.1 Introduction 21g3C.2 Description . 21g3Annex D: eWarrant requirements 22g3D.1 General . 22g3D.2 eWarrant . 22g3D.3 eWarrant interface 22g3Annex E: Change Request History . 23g3History 24g3ETSI ETSI
15、TR 103 690 V1.1.1 (2012-02) 5Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 00
16、0 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investiga
17、tion, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Report (TR
18、) has been produced by ETSI Technical Committee Lawful Interception (LI). ETSI ETSI TR 103 690 V1.1.1 (2012-02) 61 Scope The present document presents a high-level description of an interface mechanism - the eWarrant Interface - for receipt of requests for measures producing real-time or stored info
19、rmation by an issuing authority possessing lawful authorization to initiate such a request. The eWarrant Interface is a generic, extensible interface intended to be fully compatible with all existing kinds of requests for these purposes - as well as support future ones, including local requirements
20、and languages or character sets. The eWarrant Interface is not intended to replace existing implementation-specific mechanisms found, for example, in the Retained Data Handover Interface. The present document describes an electronic interface. Annex B describes work flow for an eWarrant in different
21、 jurisdictions and a means for discovering related information. Annex C describes how this interface may be adapted and made interoperable for manual and legacy techniques. The present document provides a high-level description of the interface mechanism. It defines basic principles of interoperabil
22、ity, and provides recommendations for the types of data that are delivered. It provides a recommendation on the choice of data modelling languages, but the present document does not give a normative structure for the delivery of eWarrant messages. It is envisaged that a later Technical Specification
23、 will add the required details for a full implementation. 2 References References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version
24、of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI c
25、annot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of the present document. Not applicable. 2.2 Informative references The following referenced documents are not necessary for the application of the present document
26、 but they assist the user with regard to a particular subject area. i.1 ETSI TS 102 657: “Lawful Interception (LI); Retained data handling; Handover interface for the request and delivery of retained data“. i.2 FIPS PUB 186-2: “Digital Signature Standard (DSS)“. i.3 ETSI TS 102 042: “Electronic Sign
27、atures and Infrastructures (ESI); Policy requirements for certification authorities issuing public key certificates“. i.4 Trusted Network Connect. Trusted Computing Group. Integrity Measurement Collectors - TCG Version (IF-IMC, Specification ver. 1.2 Rev. 8, 5 February 2007). Integrity Measurement V
28、erifiers - TCG Version (IF-IMV Specification ver. 1.2 Rev. 8, 5 February 2007). Trusted Network Connect Client-Server - TCG Version (IF-TNCCS TLV Binding Specification ver. 2.0 Rev. 16, 22 January 2010). ETSI ETSI TR 103 690 V1.1.1 (2012-02) 7Trusted Network Connect Client-Server Statement of Health
29、 - TCG Version (IF-TNCCS-SOH TLV Binding Specification Ver. 2.0 Rev. 10, 23 January 2008). Policy Enforcement Point - TCG Version (IF-PEP Protocol Bindings for RADIUS Specification ver. 1.1 Rev. 0.7, 5 February 2007). Binding for SOAP - TCG Version (IF-MAP Specification ver. 2.0 Rev. 36, 30 July 201
30、0). Platform Trust Services Interface - TCG Version (IF-PTS Specification ver. 1.0 Rev. 1.0, 17 November 2006). Clientless Endpoint Support Profile - TCG Version (CESP Specification ver. 1.0 Rev. 13, 18 May 2009). i.5 Trusted Platform Modules. Trusted Computing Group. Design Principles - TCG Version
31、 (TPM Main, Part 1, Specification ver. 1.2, Level 2 Rev. 103, 9 July 2007), ISO/IEC Version (11889-2, 2009-05-15, Information technology - TPM - Part 2). TPM Structures - TCG Version (TPM Main, Part 2. Specification ver. 1.2, Level 2 Rev. 103, 9 July 2007), ISO/IEC Version (11889-3, 2009-05-15, Info
32、rmation technology - TPM - Part 3). Commands - TCG Version (TPM Main, Part 3, Specification ver. 1.2, Level 2 Rev. 103, 9 July 2007), ISO/IEC Version (11889-4, 2009-05-15, Information technology - TPM - Part 4). The TPM 1.2 specifications have also been adopted as ISO/IEC 11889. Overview - TCG Versi
33、on (N/A), ISO/IEC Version (11889-1, 2009-05-15, Information technology - TPM - Part 1). i.6 NIST SP 800-137: “Information Security Continuous Monitoring for Federal Information Systems and Organizations, December 2010“. i.7 “CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical
34、Reference Architecture“, NIST Interagency Report 7756, February 2011. i.8 ITU-T Recommendation X.1500 (04/2011): “Overview of Cybersecurity information exchange (CYBEX)“. i.9 OASIS: “7 Steps to Electronic Filing with Electronic Court Filing 4.0“. i.10 IETF RFC 2818: “HTTP Over TLS“. 3 Definitions an
35、d abbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: authority: any organization or official possessing the legal authority to issue or approve an eWarrant NOTE: Authorities can be divided into Issuing Authority or Approving Authority.
36、approving authority: any organization or official possessing the legal authority to approve an eWarrant, frequently a judicial official Communications Service Provider (CSP): generic description covering Access Provider, Service Provider and Network Operator eWarrant: request for the production of i
37、nformation pursuant to the present document eWarrant interface: physical and logical interface across which the production measures are requested from a CSP, and the results are delivered from a CSP to a designated location NOTE: The interface also includes chained message flows associated with the
38、request. ETSI ETSI TR 103 690 V1.1.1 (2012-02) 8Handover Interface 1 (HI1): data interface supporting the receipt of eWarrant requests pursuant to the present document issuing authority: any organization or official possessing the legal authority to issue an eWarrant, frequently a LEA official lawfu
39、l authorization: permission granted to an Issuing Authority under certain conditions to intercept specified telecommunications and requiring co-operation from a CSP Law Enforcement Agency (LEA): organization or official authorized by a lawful authorization based on the applicable jurisdiction to req
40、uest and receive the results of telecommunications interceptions or retained data trusted third party: entity lawfully acting on behalf an authorized organization, LEA, or CSP for the purposes of facilitating the implementation of an eWarrant 3.2 Abbreviations For the purposes of the present documen
41、t, the following abbreviations apply: ASN.1 Abstract Syntax Notation One CSP Communications Service Provider EVCP Extended Validation Certificates Policy EVCP+ enhanced Validation Certificate Policies HI Handover Interface HTTP HyperText Transfer Protocol ICT Information and Communications Technolog
42、y LEA Law Enforcement Agency LEMF Law Enforcement Monitoring Facility LI Lawful Interception OS Operating System TCG Trusted Computing Group TLS Transport Layer Security TNC Trusted Network Connect TPM Trusted Platform Module TTP Trusted Third Party XML eXtensible Markup Language 4 The eWarrant Inte
43、rface 4.1 Reference model In order to implement the eWarrant Interface capabilities, a one-port structure between the Issuing Authorities or Approving Authorities and Communications Service Providers (CSPs) is established such that eWarrant request information is logically distinguished from all oth
44、er interfaces. The eWarrant requests and responses occur through HI1. Figure 1 is the eWarrant Interface reference model for the request of production of real-time or stored information and a response indicating receipt and the action taken, including messages in a flow change described in clause 5.
45、 ETSI ETSI TR 103 690 V1.1.1 (2012-02) 9Figure 1: Functional handover diagram showing eWarrant Interface Each of these two parties can be expanded to show some of their internal functions. This is not to prescribe how implementations of the present document must be organized, and is purely informati
46、onal. Any internal functions and the interfaces between them are not part of the present document. 4.2 Outsourcing to Trusted Third Party A CSP or Issuing Authority or Approving Authority may outsource some of their functions to a Trusted Third Party (TTP). It is a jurisdictional option whether or n
47、ot outsourcing is allowed, or additional conditions apply. 4.3 The eWarrant Interface port Handover Interface port 1 (HI1) supports eWarrant implementations by enabling administrative, request and response information to be conveyed in the form of messages from/to the Issuing Authority or Approving
48、Authority and the organization at the CSP responsible for accepting eWarrants. The present document does not describe XML or ASN.1 encoded message content. The HI1 interface may cross borders between countries. This possibility is subject to corresponding local/jurisdictional jurisdiction and/or int
49、er-jurisdictional agreements. 4.4 Framework for the interface The present document describes a framework that can apply to eWarrant implementations. It defines no services - only a means for specifying and conveying specific information as depicted in figure 2. These details consist of a RequestMessage and Response Message. The responses are intended only for simple acknowledgement of receipt of requests or approvals, as well as reporting significant error conditions. ETSI ETSI TR 103 690 V1.1.1 (2012-02) 10Figure 2: Interface Framework The framework define
