1、 ETSI TS 102 232-1 V3.16.1 (2018-03) Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 1: Handover specification for IP delivery floppy3TECHNICAL SPECIFICATION ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)2Reference RTS/LI-00152-1 Keywords handover, IP,
2、 lawful interception, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present docu
3、ment can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In ca
4、se of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the docum
5、ent may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/po
6、rtal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modi
7、fied without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare trademar
8、ks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSMand the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)3Contents Intellectual Proper
9、ty Rights 6g3Foreword . 6g3Modal verbs terminology 6g3Introduction 7g31 Scope 8g32 References 8g32.1 Normative references . 8g32.2 Informative references 10g33 Definitions, symbols and abbreviations . 11g33.1 Definitions 11g33.2 Symbols 11g33.3 Abbreviations . 11g34 General . 13g34.1 Functionality .
10、 13g34.2 Intercepted data types . 13g34.2.1 Introduction. 13g34.2.2 Interception at network operator or access provider . 14g34.2.3 Interception at service providers . 14g34.3 Relationship to other standards 14g34.4 Handover for GPRS/UMTS/EPS and 3GPP CS Domains . 16g34.4.1 PS Access . 16g34.4.2 App
11、lications 16g34.5 Common parameters. 16g35 Headers . 16g35.1 General . 16g35.2 Description and purpose of the header fields . 17g35.2.1 Version 17g35.2.2 LIID 17g35.2.3 Authorization country code. 17g35.2.4 Communication identifier . 17g35.2.5 Sequence number 18g35.2.6 Payload timestamp 18g35.2.7 Pa
12、yload direction 18g35.2.8 Payload type 19g35.2.9 Interception type . 19g35.2.10 IRI type . 19g35.2.11 Interception Point Identifier 19g35.2.12 Session direction . 19g35.3 Encoding of header fields . 20g36 Data exchange 20g36.1 Introduction 20g36.2 Handover layer . 21g36.2.1 General 21g36.2.2 Error r
13、eporting 21g36.2.3 Aggregation of payloads . 22g36.2.4 Sending a large block of application-level data 22g36.2.5 Padding data 23g36.2.6 Payload encryption . 23g36.3 Session layer . 23g36.3.1 General 23g36.3.2 Opening and closing connections . 23g36.3.3 Buffering . 24g3ETSI ETSI TS 102 232-1 V3.16.1
14、(2018-03)46.3.4 Keep-alives . 24g36.3.5 Option negotiation 24g36.3.5.1 Introduction . 24g36.3.5.2 Option negotiation message exchange 25g36.3.6 PDU acknowledgement 26g36.4 Transport layer . 27g36.4.1 Introduction. 27g36.4.2 TCP settings 27g36.4.3 Acknowledging data . 27g36.5 Network layer . 27g37 De
15、livery networks 27g37.1 Types of network 27g37.1.1 General 27g37.1.2 Private networks . 28g37.1.3 Public networks with strict control . 28g37.1.4 Public networks with loose control . 28g37.2 Security requirements . 28g37.2.1 General 28g37.2.2 Confidentiality and authentication 28g37.2.3 Integrity 28
16、g37.3 Further delivery requirements 29g37.3.1 Test data 29g37.3.2 Timeliness. 29g3Annex A (normative): ASN.1 syntax trees . 30g3A.1 ASN.1 syntax tree for HI2 and HI3 headers. 30g3A.2 ASN.1 specification 31g3A.3 Importing parameters from other standards . 41g3Annex B (informative): Requirements . 42g
17、3B.1 Types of intercepted information . 42g3B.2 Identification of traffic . 42g3B.3 Performance . 42g3B.4 Timeliness 43g3B.5 Reliability and availability . 43g3B.6 Discarding information. 43g3B.7 Security. 43g3B.8 Other . 44g3Annex C (informative): Notes on TCP tuning 45g3C.1 Implement IETF RFC 5681
18、 45g3C.2 Minimize roundtrip times . 45g3C.3 Enable maximum segment size option . 45g3C.4 Path MTU discovery 45g3C.5 Selective acknowledgement . 45g3C.6 High speed options . 45g3C.7 PUSH flag 46g3C.8 Nagles algorithm 46g3C.9 Buffer size 46g3ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)5Annex D (informativ
19、e): IRI-only interception . 47g3D.1 Introduction 47g3D.2 Definition HI information 47g3D.3 IRI deriving 47g3D.4 IRI by post and pre-processing HI3 information 48g3Annex E (informative): Purpose of profiles . 49g3E.0 Background 49g3E.1 Formal definitions 49g3E.2 Purpose of profiles . 49g3Annex F (inf
20、ormative): Traffic management of the handover interface . 51g3F.0 Rationale . 51g3F.1 Factors to consider . 51g3F.1.0 Background 51g3F.1.1 Burstiness . 51g3F.1.2 Mixed content . 51g3F.1.3 Network facilities for traffic management 52g3F.1.4 Evidentiary considerations . 52g3F.1.5 National consideratio
21、ns 52g3F.2 Traffic management strategies . 52g3F.3 Bandwidth estimation . 53g3F.4 National considerations 53g3F.5 Implementation considerations . 53g3F.5.1 Volatile versus non-volatile storage . 53g3F.5.2 Maximum buffering time . 54g3F.5.3 Transmission order of buffered data . 54g3F.5.4 Buffer overf
22、low processing 54g3Annex G (normative): Implementation of payload encryption 55g3Annex H (informative): ETSI TS 102 232 family relationship . 56g3Annex I (informative): Option negotiation . 59g3I.0 Summary 59g3I.1 Example use cases 59g3I.1.1 Option negotiation not supported in LGW . 59g3I.1.2 Simple
23、 negotiation by both endpoints 60g3I.1.3 Simple DF-only option request 61g3I.1.4 Simple LGW-only option request 62g3I.1.5 Complex negotiation 63g3Annex J (normative): Implementation of Integrity Checks 64g3J.1 Definitions 64g3J.2 Process description . 64g3J.3 Example integrity Chain . 65g3Annex K (i
24、nformative): Change request history 67g3History 72g3ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)6Intellectual Property Rights Essential patents IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is
25、 publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the
26、 ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be
27、, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right
28、to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks. Foreword This Technical Specification (TS) has been produced by ETSI Technical C
29、ommittee Lawful Interception (LI). The present document is part 1 of a multi-part deliverable covering the Handover Interface and Service-Specific Details (SSD) for IP delivery, as identified below: Part 1: “Handover specification for IP delivery“; Part 2: “Service-specific details for messaging ser
30、vices“; Part 3: “Service-specific details for internet access services“; Part 4: “Service-specific details for Layer 2 services“; Part 5: “Service-specific details for IP Multimedia Services“; Part 6: “Service-specific details for PSTN/ISDN services“; Part 7: “Service-specific details for Mobile Ser
31、vices“. The ASN.1 module is also available as an electronic attachment to the original document from the ETSI site (see clause A.2 for more details). Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot
32、“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)7Introduction The objective of the pr
33、esent document is to form the basis for a standardized handover interface for use by both telecommunications service providers and network operators, including Internet Service Providers that will deliver the interception information required by Law Enforcement Authorities under various European tre
34、aties and national regulations. The present document describes how to handover intercepted information via IP-based networks from a CSP to an LEMF. The present document covers the transportation of traffic, but does not specify functionality within CSPs or LEMF (see clause 4.1). The present document
35、 handles the transportation of intercepted Content of Communication (CC), Intercept-Related Information (IRI), transport related information (TRI), and HI1 notification information. The tasking and management of Lawful Interception via the HI1 interface is outside the scope of the present document.
36、The present document is intended to be general enough to be used in a variety of situations: it is not focused on a particular IP-based service. The present document therefore provides information that is not dependent on the type of service being intercepted. In particular the present document desc
37、ribes delivery mechanisms (clause 6), and the structure and header details (clause 5) for both HI2 and HI3 information. References within the main body of the present document are made if applicable to the 3GPP specification number with in square brackets the reference number as listed in clause 2.
38、In clause 2 “References“ the corresponding ETSI specification number is indicated with a reference to the 3GPP specification number. 3GPP specifications are available faster than the equivalent ETSI specifications. ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)81 Scope The present document specifies the g
39、eneral aspects of HI2 and HI3 interfaces for handover via IP based networks. The present document: specifies the modular approach used for specifying IP based handover interfaces; specifies the header(s) to be added to IRI and CC sent over the HI2 and HI3 interfaces respectively; specifies protocols
40、 for the transfer of IRI and CC across the handover interfaces; specifies protocol profiles for the handover interface. The present document is designed to be used where appropriate in conjunction with other deliverables that define the service-specific IRI data formats (including ETSI TS 102 227 i.
41、1, ETSI TS 101 909-20-1 33, ETSI TS 101 909-20-2 34, ETSI TS 102 232-2 5, ETSI TS 102 232-3 6, ETSI TS 102 232-4 32, ETSI TS 102 232-5 37, ETSI TS 102 232-6 36 and ETSI TS 102 232-7 38). Where possible, the present document aligns with ETSI TS 133 108 9 and ETSI TS 101 671 4 and supports the require
42、ments and capabilities defined in ETSI TS 101 331 1 and ETSI TR 101 944 i.4. For the handover of intercepted data within GSM/UMTS PS and CS domains, the present document does not override or supersede any specifications or requirements in ETSI TS 133 108 9 and ETSI TS 101 671 4. 2 References 2.1 Nor
43、mative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments)
44、 applies. Referenced documents which are not found to be publicly available in the expected location might be found at https:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The follo
45、wing referenced documents are necessary for the application of the present document. 1 ETSI TS 101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 2 ETSI ES 201 158: “Telecommunications security; Lawful Interception (LI); Requirements for network functions“. 3 Void. 4 ETSI
46、 TS 101 671: “Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic“. NOTE: Periodically ETSI TS 101 671 is published as ETSI ES 201 671. A reference to the latest version of the TS as above reflects the latest stable content from ETSI/TC LI. 5 ETSI T
47、S 102 232-2: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 2: Service-specific details for messaging services“. 6 ETSI TS 102 232-3: “Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 3: Serv
48、ice-specific details for internet access services“. 7 Void. ETSI ETSI TS 102 232-1 V3.16.1 (2018-03)98 Void. 9 ETSI TS 133 108: “Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Handover interface for Lawful Interception (LI) (3GPP TS 33.108)“. 10 ISO 3166-1: “Codes for the repre
49、sentation of names of countries and their subdivisions - Part 1: Country codes“. 11 Recommendation ITU-T X.680: “Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation“. 12 Recommendation ITU-T X.690: “Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)“. 13 Void. 14 IETF RFC 791: “Internet Protocol“. 15 IETF RFC 792: “Internet Control Message Protocol“. 16 IE
