1、 ETSI TS 102 232-1 V3.11.1 (2016-03) Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 1: Handover specification for IP delivery floppy3TECHNICAL SPECIFICATION ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)2 Reference RTS/LI-00132-1 Keywords handover, IP
2、, Lawful Interception, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present doc
3、ument can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In c
4、ase of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the docu
5、ment may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi
6、.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified with
7、out the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Me
8、mbers. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)3 Contents Intellectual Property Rights 6g3Forewo
9、rd . 6g3Modal verbs terminology 6g3Introduction 6g31 Scope 8g32 References 8g32.1 Normative references . 8g32.2 Informative references 10g33 Definitions, symbols and abbreviations . 11g33.1 Definitions 11g33.2 Symbols 11g33.3 Abbreviations . 11g34 General . 13g34.1 Functionality . 13g34.2 Intercepte
10、d data types . 13g34.2.1 Introduction. 13g34.2.2 Interception at network operator or access provider . 14g34.2.3 Interception at service providers . 14g34.3 Relationship to other standards 14g34.4 Handover for GPRS/UMTS/EPS . 15g34.4.1 PS Access . 15g34.4.2 Applications 16g34.5 Common parameters. 16
11、g35 Headers . 16g35.1 General . 16g35.2 Description and purpose of the header fields . 16g35.2.1 Version 16g35.2.2 LIID 16g35.2.3 Authorization country code. 17g35.2.4 Communication identifier . 17g35.2.5 Sequence number 17g35.2.6 Payload timestamp 18g35.2.7 Payload direction 18g35.2.8 Payload type
12、18g35.2.9 Interception type . 18g35.2.10 IRI type . 18g35.2.11 Interception Point Identifier 19g35.2.12 Session direction . 19g35.3 Encoding of header fields . 19g36 Data exchange 19g36.1 Introduction 19g36.2 Handover layer . 20g36.2.1 General 20g36.2.2 Error reporting 21g36.2.3 Aggregation of paylo
13、ads . 21g36.2.4 Sending a large block of application-level data 21g36.2.5 Padding data 22g36.2.6 Payload encryption . 22g36.3 Session layer . 22g36.3.1 General 22g36.3.2 Opening and closing connections . 22g36.3.3 Buffering . 23g36.3.4 Keep-alives . 23g3ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)4 6.3.
14、5 Option negotiation 24g36.3.5.1 Introduction . 24g36.3.5.2 Option negotiation message exchange 24g36.3.6 PDU acknowledgement 25g36.4 Transport layer . 26g36.4.1 Introduction. 26g36.4.2 TCP settings 26g36.4.3 Acknowledging data . 26g36.5 Network layer . 26g37 Delivery networks 26g37.1 Types of netwo
15、rk 26g37.1.1 General 26g37.1.2 Private networks . 27g37.1.3 Public networks with strict control . 27g37.1.4 Public networks with loose control . 27g37.2 Security requirements . 27g37.2.1 General 27g37.2.2 Confidentiality and authentication 27g37.2.3 Integrity 27g37.3 Further delivery requirements 29
16、g37.3.1 Test data 29g37.3.2 Timeliness. 29g3Annex A (normative): ASN.1 syntax trees . 30g3A.1 ASN.1 syntax tree for HI2 and HI3 headers. 30g3A.2 ASN.1 specification 31g3A.3 Importing parameters from other standards . 40g3Annex B (informative): Requirements . 41g3B.1 Types of intercepted information
17、. 41g3B.2 Identification of traffic . 41g3B.3 Performance . 41g3B.4 Timeliness 42g3B.5 Reliability and availability . 42g3B.6 Discarding information. 42g3B.7 Security. 42g3B.8 Other . 43g3Annex C (informative): Notes on TCP tuning 44g3C.1 Implement IETF RFC 5681 44g3C.2 Minimize roundtrip times . 44
18、g3C.3 Enable maximum segment size option . 44g3C.4 Path MTU discovery 44g3C.5 Selective acknowledgement . 44g3C.6 High speed options . 44g3C.7 PUSH flag 44g3C.8 Nagles algorithm 45g3C.9 Buffer size 45g3ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)5 Annex D (informative): IRI-only interception . 46g3D.1 I
19、ntroduction 46g3D.2 Definition HI information 46g3D.3 IRI deriving 46g3D.4 IRI by post and pre-processing HI3 information 46g3Annex E (informative): Purpose of profiles . 48g3E.0 Background 48g3E.1 Formal definitions 48g3E.2 Purpose of profiles . 48g3Annex F (informative): Traffic management of the
20、handover interface . 50g3F.0 Rationale . 50g3F.1 Factors to consider . 50g3F.1.0 Background 50g3F.1.1 Burstiness . 50g3F.1.2 Mixed content . 50g3F.1.3 Network facilities for traffic management 51g3F.1.4 Evidentiary considerations . 51g3F.1.5 National considerations 51g3F.2 Traffic management strateg
21、ies . 51g3F.3 Bandwidth estimation . 52g3F.4 National considerations 52g3F.5 Implementation considerations . 52g3F.5.1 Volatile versus non-volatile storage . 52g3F.5.2 Maximum buffering time . 53g3F.5.3 Transmission order of buffered data . 53g3F.5.4 Buffer overflow processing 53g3Annex G (normative
22、): Implementation of payload encryption 54g3Annex H (informative): ETSI TS 102 232 family relationship . 55g3Annex I (informative): Option negotiation . 58g3I.0 Summary 58g3I.1 Example use cases 58g3I.1.1 Option negotiation not supported in LGW . 58g3I.1.2 Simple negotiation by both endpoints 59g3I.
23、1.3 Simple DF-only option request 60g3I.1.4 Simple LGW-only option request 61g3I.1.5 Complex negotiation 62g3Annex J (informative): Change request history 63g3History 67g3ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)6 Intellectual Property Rights IPRs essential or potentially essential to the present doc
24、ument may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect o
25、f ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other
26、IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI). The present document is part 1 of
27、a multi-part deliverable covering the Handover Interface and Service-Specific Details (SSD) for IP delivery, as identified below: Part 1: “Handover specification for IP delivery“; Part 2: “Service-specific details for messaging services“; Part 3: “Service-specific details for internet access service
28、s“; Part 4: “Service-specific details for Layer 2 services“; Part 5: “Service-specific details for IP Multimedia Services“; Part 6: “Service-specific details for PSTN/ISDN services“; Part 7: “Service-specific details for Mobile Services“. The ASN.1 module is also available as an electronic attachmen
29、t to the original document from the ETSI site (see clause A.2 for more details). Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafti
30、ng Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Introduction The objective of the present document is to form the basis for a standardized handover interface for use by both telecommunications s
31、ervice providers and network operators, including Internet Service Providers, that will deliver the interception information required by Law Enforcement Authorities under various European treaties and national regulations. The present document describes how to handover intercepted information via IP
32、-based networks from a CSP to an LEMF. The present document covers the transportation of traffic, but does not specify functionality within CSPs or LEMF (see clause 4.1). It handles the transportation of intercepted traffic (HI3) and intercept-related information (HI2) but not the tasking and manage
33、ment of Lawful Interception (HI1). The present document is intended to be general enough to be used in a variety of situations: it is not focused on a particular IP-based service. The present document therefore provides information that is not dependent on the type of service being intercepted. In p
34、articular the present document describes delivery mechanisms (clause 6), and the structure and header details (clause 5) for both HI2 and HI3 information. ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)7 References within the main body of the present document are made if applicable to the 3GPP specificatio
35、n number with in square brackets the reference number as listed in clause 2. In clause 2 “References“ the corresponding ETSI specification number is indicated with a reference to the 3GPP specification number. 3GPP specifications are available faster than the equivalent ETSI specifications. ETSI ETS
36、I TS 102 232-1 V3.11.1 (2016-03)8 1 Scope The present document specifies the general aspects of HI2 and HI3 interfaces for handover via IP based networks. The present document: specifies the modular approach used for specifying IP based handover interfaces; specifies the header(s) to be added to IRI
37、 and CC sent over the HI2 and HI3 interfaces respectively; specifies protocols for the transfer of IRI and CC across the handover interfaces; specifies protocol profiles for the handover interface. The present document is designed to be used where appropriate in conjunction with other deliverables t
38、hat define the service-specific IRI data formats (including ETSI TS 102 227 i.1, ETSI TS 101 909-20-1 33, ETSI TS 101 909-20-2 34, ETSI TS 102 232-2 5, ETSI TS 102 232-3 6, ETSI TS 102 232-4 32, ETSI TS 102 232-5 37 and ETSI TS 102 232-6 36). Where possible, the present document aligns with 3GPP TS
39、33.108 9 and ETSI TS 101 671 4 and supports the requirements and capabilities defined in ETSI TS 101 331 1 and ETSI TR 101 944 i.4. For the handover of intercepted data within GSM/UMTS PS domain, the present document does not override or supersede any specifications or requirements in 3GPP TS 33.108
40、 9 and ETSI TS 101 671 4. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the
41、referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot
42、guarantee their long term validity. The following referenced documents are necessary for the application of the present document. 1 ETSI TS 101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 2 ETSI ES 201 158: “Telecommunications security; Lawful Interception (LI); Requir
43、ements for network functions“. 3 Void. 4 ETSI TS 101 671: “Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic“. NOTE: Periodically ETSI TS 101 671 is published as ETSI ES 201 671. A reference to the latest version of the TS as above reflects the la
44、test stable content from ETSI/TC LI. 5 ETSI TS 102 232-2: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 2: Service-specific details for messaging services“. 6 ETSI TS 102 232-3: “Lawful Interception (LI); Handover Interface and Service-Specifi
45、c Details (SSD) for IP delivery; Part 3: Service-specific details for internet access services“. 7 Void. 8 Void. ETSI ETSI TS 102 232-1 V3.11.1 (2016-03)9 9 ETSI TS 133 108: “Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Handover interface for Lawful Interception (LI) (3GPP TS
46、 33.108)“. 10 ISO 3166-1: “Codes for the representation of names of countries and their subdivisions - Part 1: Country codes“. 11 Recommendation ITU-T X.680: “Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation“. 12 Recommendation ITU-T X.690: “Information
47、technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)“. 13 Void. 14 IETF RFC 0791: “Internet Protocol“. 15 IETF RFC 0792: “Internet Control Message Protocol“. 16 IETF RFC 0793: “Transmission Control Proto
48、col“. 17 IETF RFC 1122: “Requirements for Internet Hosts - Communication Layers“. 18 IETF RFC 1323: “TCP Extensions for High Performance“. 19 IETF RFC 1191: “Path MTU discovery“. 20 IETF RFC 2018: “TCP Selective Acknowledgement Options“. 21 IETF RFC 5246: “The Transport Layer Security (TLS) Protocol
49、 Version 1.2“. NOTE 1: IETF RFC 5246 obsoletes IETF RFC 4346: “The Transport Layer Security (TLS) Protocol Version 1.1“ and IETF RFC 3268: “Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)“ which was referenced until ETSI TS 102 232-1 (V2.6.1). NOTE 2: IETF RFC 4346 obsoletes IETF RFC 2246: “The TLS Protocol Version 1.0“. 22 IETF RFC 2460: “Internet Protocol, Version 6 (IPv6) Specification“. 23 IETF RFC 5681: “TCP Congestion Control“. NOTE: IETF RFC 5681 obsole
