1、 ETSI TS 102 232-1 V3.13.1 (2017-03) Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 1: Handover specification for IP delivery floppy3TECHNICAL SPECIFICATION ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)2 Reference RTS/LI-00142-1 Keywords handover, IP
2、, lawful interception, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present doc
3、ument can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In c
4、ase of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the docu
5、ment may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/p
6、ortal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be mod
7、ified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit
8、 of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)3 Contents Intellectual Property Rights
9、 6g3Foreword . 6g3Modal verbs terminology 6g3Introduction 6g31 Scope 8g32 References 8g32.1 Normative references . 8g32.2 Informative references 10g33 Definitions, symbols and abbreviations . 11g33.1 Definitions 11g33.2 Symbols 11g33.3 Abbreviations . 11g34 General . 13g34.1 Functionality . 13g34.2
10、Intercepted data types . 13g34.2.1 Introduction. 13g34.2.2 Interception at network operator or access provider . 14g34.2.3 Interception at service providers . 14g34.3 Relationship to other standards 14g34.4 Handover for GPRS/UMTS/EPS . 15g34.4.1 PS Access . 15g34.4.2 Applications 16g34.5 Common para
11、meters. 16g35 Headers . 16g35.1 General . 16g35.2 Description and purpose of the header fields . 16g35.2.1 Version 16g35.2.2 LIID 17g35.2.3 Authorization country code. 17g35.2.4 Communication identifier . 17g35.2.5 Sequence number 17g35.2.6 Payload timestamp 18g35.2.7 Payload direction 18g35.2.8 Pay
12、load type 18g35.2.9 Interception type . 19g35.2.10 IRI type . 19g35.2.11 Interception Point Identifier 19g35.2.12 Session direction . 19g35.3 Encoding of header fields . 19g36 Data exchange 20g36.1 Introduction 20g36.2 Handover layer . 20g36.2.1 General 20g36.2.2 Error reporting 21g36.2.3 Aggregatio
13、n of payloads . 22g36.2.4 Sending a large block of application-level data 22g36.2.5 Padding data 22g36.2.6 Payload encryption . 23g36.3 Session layer . 23g36.3.1 General 23g36.3.2 Opening and closing connections . 23g36.3.3 Buffering . 23g3ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)4 6.3.4 Keep-alives
14、. 24g36.3.5 Option negotiation 24g36.3.5.1 Introduction . 24g36.3.5.2 Option negotiation message exchange 25g36.3.6 PDU acknowledgement 26g36.4 Transport layer . 26g36.4.1 Introduction. 26g36.4.2 TCP settings 26g36.4.3 Acknowledging data . 27g36.5 Network layer . 27g37 Delivery networks 27g37.1 Type
15、s of network 27g37.1.1 General 27g37.1.2 Private networks . 27g37.1.3 Public networks with strict control . 28g37.1.4 Public networks with loose control . 28g37.2 Security requirements . 28g37.2.1 General 28g37.2.2 Confidentiality and authentication 28g37.2.3 Integrity 28g37.3 Further delivery requi
16、rements 29g37.3.1 Test data 29g37.3.2 Timeliness. 29g3Annex A (normative): ASN.1 syntax trees . 30g3A.1 ASN.1 syntax tree for HI2 and HI3 headers. 30g3A.2 ASN.1 specification 31g3A.3 Importing parameters from other standards . 40g3Annex B (informative): Requirements . 41g3B.1 Types of intercepted in
17、formation . 41g3B.2 Identification of traffic . 41g3B.3 Performance . 41g3B.4 Timeliness 42g3B.5 Reliability and availability . 42g3B.6 Discarding information. 42g3B.7 Security. 42g3B.8 Other . 43g3Annex C (informative): Notes on TCP tuning 44g3C.1 Implement IETF RFC 5681 44g3C.2 Minimize roundtrip
18、times . 44g3C.3 Enable maximum segment size option . 44g3C.4 Path MTU discovery 44g3C.5 Selective acknowledgement . 44g3C.6 High speed options . 44g3C.7 PUSH flag 45g3C.8 Nagles algorithm 45g3C.9 Buffer size 45g3ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)5 Annex D (informative): IRI-only interception .
19、 46g3D.1 Introduction 46g3D.2 Definition HI information 46g3D.3 IRI deriving 46g3D.4 IRI by post and pre-processing HI3 information 47g3Annex E (informative): Purpose of profiles . 48g3E.0 Background 48g3E.1 Formal definitions 48g3E.2 Purpose of profiles . 48g3Annex F (informative): Traffic manageme
20、nt of the handover interface . 50g3F.0 Rationale . 50g3F.1 Factors to consider . 50g3F.1.0 Background 50g3F.1.1 Burstiness . 50g3F.1.2 Mixed content . 50g3F.1.3 Network facilities for traffic management 51g3F.1.4 Evidentiary considerations . 51g3F.1.5 National considerations 51g3F.2 Traffic manageme
21、nt strategies . 51g3F.3 Bandwidth estimation . 52g3F.4 National considerations 52g3F.5 Implementation considerations . 52g3F.5.1 Volatile versus non-volatile storage . 52g3F.5.2 Maximum buffering time . 53g3F.5.3 Transmission order of buffered data . 53g3F.5.4 Buffer overflow processing 53g3Annex G
22、(normative): Implementation of payload encryption 54g3Annex H (informative): ETSI TS 102 232 family relationship . 55g3Annex I (informative): Option negotiation . 58g3I.0 Summary 58g3I.1 Example use cases 58g3I.1.1 Option negotiation not supported in LGW . 58g3I.1.2 Simple negotiation by both endpoi
23、nts 59g3I.1.3 Simple DF-only option request 60g3I.1.4 Simple LGW-only option request 61g3I.1.5 Complex negotiation 62g3Annex J (normative): Implementation of Integrity Checks 63g3J.1 Definitions 63g3J.2 Process description . 63g3J.3 Example integrity Chain . 64g3Annex K (informative): Change request
24、 history 66g3History 71g3ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)6 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-m
25、embers, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursu
26、ant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present docu
27、ment. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI). The present document is part 1 of a multi-part deliverable covering the Handover Interface and Service-Specific Details (SSD) for IP delivery, as identified below: Part 1: “Handov
28、er specification for IP delivery“; Part 2: “Service-specific details for messaging services“; Part 3: “Service-specific details for internet access services“; Part 4: “Service-specific details for Layer 2 services“; Part 5: “Service-specific details for IP Multimedia Services“; Part 6: “Service-spec
29、ific details for PSTN/ISDN services“; Part 7: “Service-specific details for Mobile Services“. The ASN.1 module is also available as an electronic attachment to the original document from the ETSI site (see clause A.2 for more details). Modal verbs terminology In the present document “shall“, “shall
30、not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct c
31、itation. Introduction The objective of the present document is to form the basis for a standardized handover interface for use by both telecommunications service providers and network operators, including Internet Service Providers that will deliver the interception information required by Law Enfor
32、cement Authorities under various European treaties and national regulations. The present document describes how to handover intercepted information via IP-based networks from a CSP to an LEMF. The present document covers the transportation of traffic, but does not specify functionality within CSPs o
33、r LEMF (see clause 4.1). The present document handles the transportation of intercepted content of communication (CC), intercept-related information (IRI), transport related information (TRI), and HI1 notification information. The tasking and management of Lawful Interception via the HI1 interface i
34、s outside the scope of the present document. ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)7 The present document is intended to be general enough to be used in a variety of situations: it is not focused on a particular IP-based service. The present document therefore provides information that is not depe
35、ndent on the type of service being intercepted. In particular the present document describes delivery mechanisms (clause 6), and the structure and header details (clause 5) for both HI2 and HI3 information. References within the main body of the present document are made if applicable to the 3GPP sp
36、ecification number with in square brackets the reference number as listed in clause 2. In clause 2 “References“ the corresponding ETSI specification number is indicated with a reference to the 3GPP specification number. 3GPP specifications are available faster than the equivalent ETSI specifications
37、. ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)8 1 Scope The present document specifies the general aspects of HI2 and HI3 interfaces for handover via IP based networks. The present document: specifies the modular approach used for specifying IP based handover interfaces; specifies the header(s) to be ad
38、ded to IRI and CC sent over the HI2 and HI3 interfaces respectively; specifies protocols for the transfer of IRI and CC across the handover interfaces; specifies protocol profiles for the handover interface. The present document is designed to be used where appropriate in conjunction with other deli
39、verables that define the service-specific IRI data formats (including ETSI TS 102 227 i.1, ETSI TS 101 909-20-1 33, ETSI TS 101 909-20-2 34, ETSI TS 102 232-2 5, ETSI TS 102 232-3 6, ETSI TS 102 232-4 32, ETSI TS 102 232-5 37 and ETSI TS 102 232-6 36). Where possible, the present document aligns wit
40、h 3GPP TS 33.108 9 and ETSI TS 101 671 4 and supports the requirements and capabilities defined in ETSI TS 101 331 1 and ETSI TR 101 944 i.4. For the handover of intercepted data within GSM/UMTS PS domain, the present document does not override or supersede any specifications or requirements in 3GPP
41、 TS 33.108 9 and ETSI TS 101 671 4. 2 References 2.1 Normative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest versi
42、on of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be found at https:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, E
43、TSI cannot guarantee their long term validity. The following referenced documents are necessary for the application of the present document. 1 ETSI TS 101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 2 ETSI ES 201 158: “Telecommunications security; Lawful Interception (
44、LI); Requirements for network functions“. 3 Void. 4 ETSI TS 101 671: “Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic“. NOTE: Periodically ETSI TS 101 671 is published as ETSI ES 201 671. A reference to the latest version of the TS as above refl
45、ects the latest stable content from ETSI/TC LI. 5 ETSI TS 102 232-2: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 2: Service-specific details for messaging services“. 6 ETSI TS 102 232-3: “Lawful Interception (LI); Handover Interface and Serv
46、ice-Specific Details (SSD) for IP delivery; Part 3: Service-specific details for internet access services“. 7 Void. 8 Void. ETSI ETSI TS 102 232-1 V3.13.1 (2017-03)9 9 ETSI TS 133 108: “Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Handover interface for Lawful Interception (L
47、I) (3GPP TS 33.108)“. 10 ISO 3166-1: “Codes for the representation of names of countries and their subdivisions - Part 1: Country codes“. 11 Recommendation ITU-T X.680: “Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation“. 12 Recommendation ITU-T X.690: “I
48、nformation technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)“. 13 Void. 14 IETF RFC 0791: “Internet Protocol“. 15 IETF RFC 0792: “Internet Control Message Protocol“. 16 IETF RFC 0793: “Transmission Co
49、ntrol Protocol“. 17 IETF RFC 1122: “Requirements for Internet Hosts - Communication Layers“. 18 IETF RFC 1323: “TCP Extensions for High Performance“. 19 IETF RFC 1191: “Path MTU discovery“. 20 IETF RFC 2018: “TCP Selective Acknowledgement Options“. 21 IETF RFC 5246: “The Transport Layer Security (TLS) Protocol Version 1.2“. NOTE 1: IETF RFC 5246 obsoletes IETF RFC 4346: “The Transport Layer Security (TLS) Protocol Version 1.1“ and IETF RFC 3268: “Advanced Encryption Standard (AES) Ciphersuites for
