1、 ETSI TS 102 232 V1.5.1 (2006-10)Technical Specification Lawful Interception (LI);Handover specification for IP deliveryETSI ETSI TS 102 232 V1.5.1 (2006-10) 2 Reference RTS/LI-00034 Keywords handover, IP, Lawful Interception, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRA
2、NCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may b
3、e made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF versio
4、n kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If
5、 you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to repr
6、oduction in all media. European Telecommunications Standards Institute 2006. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Me
7、mbers. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 102 232 V1.5.1 (2006-10) 3 Contents Intellectual Property Rights6 Foreword.6 Introduction 6 1 Scope 7 2 References 7 3 Definitions and abbreviations.9 3.1 Definitions
8、9 3.2 Abbreviations .9 4 General .10 4.1 Functionality.10 4.2 Intercepted data types.10 4.2.1 Interception at network operator or access provider.11 4.2.2 Interception at service providers.11 4.3 Relationship to other standards 11 4.3.1 Handover for GPRS / UMTS PS 12 5 Headers.12 5.1 General .12 5.2
9、 Description and purpose of the header fields .13 5.2.1 Version13 5.2.2 LIID 13 5.2.3 Authorization country code.13 5.2.4 Communication identifier .13 5.2.5 Sequence number14 5.2.6 Payload timestamp14 5.2.7 Payload direction 14 5.2.8 Payload type14 5.2.9 Interception type .15 5.2.10 IRI type .15 5.2
10、.11 Interception Point Identifier15 5.3 Encoding of header fields.15 6 Data exchange 15 6.1 Introduction 15 6.2 Handover layer .16 6.2.1 General16 6.2.2 Error reporting 17 6.2.3 Aggregation of payloads.17 6.2.4 Sending a large block of application-level data 17 6.2.5 Padding data18 6.3 Session layer
11、.18 6.3.1 General18 6.3.2 Opening and closing connections .18 6.3.3 Buffering.19 6.3.4 Keep-alives .19 6.4 Transport layer .19 6.4.1 Introduction.19 6.4.2 TCP settings20 6.4.3 Acknowledging data .20 6.5 Network layer.20 7 Delivery networks 20 7.1 Types of network20 7.1.1 General20 ETSI ETSI TS 102 2
12、32 V1.5.1 (2006-10) 4 7.1.2 Private networks .20 7.1.3 Public networks with strict control .20 7.1.4 Public networks with loose control.21 7.2 Security requirements.21 7.2.1 General21 7.2.2 Confidentiality and authentication21 7.2.3 Integrity 21 7.3 Further delivery requirements 22 7.3.1 Test data22
13、 7.3.2 Timeliness.23 Annex A (normative): ASN.1 syntax trees .24 A.1 ASN.1 syntax tree for HI2 and HI3 headers.24 A.2 ASN.1 specification24 A.3 Importing parameters from other standards .28 Annex B (informative): Requirements .29 B.1 Types of intercepted information .29 B.2 Identification of traffic
14、 .29 B.3 Performance .29 B.4 Timeliness 30 B.5 Reliability and availability .30 B.6 Discarding information.30 B.7 Security.30 B.8 Other.31 Annex C (informative): Notes on TCP tuning32 C.1 Implement RFC 2581 .32 C.2 Minimize roundtrip times.32 C.3 Enable maximum segment size option.32 C.4 Path MTU di
15、scovery 32 C.5 Selective acknowledgement .32 C.6 High speed options.32 C.7 PUSH flag 33 C.8 Nagles algorithm33 C.9 Buffer size 33 Annex D (informative): IRI-only interception .34 D.1 Introduction 34 D.2 Definition HI information 34 D.3 IRI deriving 34 D.4 IRI by post and pre-processing HI3 informati
16、on35 Annex E (informative): Purpose of profiles .36 E.1 Formal definitions 36 E.2 Purpose of profiles .36 ETSI ETSI TS 102 232 V1.5.1 (2006-10) 5 Annex F (informative): Traffic management of the handover interface.38 F.1 Background 38 F.1.1 Burstiness .38 F.1.2 Mixed content.38 F.1.3 Network facilit
17、ies for traffic management39 F.1.4 Evidentiary considerations .39 F.1.5 National considerations 39 F.2 Traffic management strategies .39 F.3 Bandwidth estimation.40 F.4 National considerations 40 F.5 Implementation considerations.40 F.5.1 Volatile versus non-volatile storage .40 F.5.2 Maximum buffer
18、ing time .41 F.5.3 Transmission order of buffered data.41 F.5.4 Buffer overflow processing 41 Annex G (informative): Bibliography.42 Annex H (informative): Change request history43 History 44 ETSI ETSI TS 102 232 V1.5.1 (2006-10) 6 Intellectual Property Rights IPRs essential or potentially essential
19、 to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified t
20、o ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be g
21、iven as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Lawful Interception (LI).
22、Introduction The objective of the present document is to form the basis for a standardized handover interface for use by both telecommunications service providers and network operators, including Internet Service Providers, that will deliver the interception information required by Law Enforcement A
23、uthorities under various European treaties and national regulations. The present document describes how to handover intercepted information via IP-based networks from a CSP to an LEMF. The present document covers the transportation of traffic, but does not specify functionality within CSPs or LEMF (
24、see clause 4.1). It handles the transportation of intercepted traffic (HI3) and intercept-related information (HI2) but not the tasking and management of Lawful Interception (HI1). The present document is intended to be general enough to be used in a variety of situations: it is not focused on a par
25、ticular IP-based service. The specification therefore provides information that is not dependent on the type of service being intercepted. In particular the present document describes delivery mechanisms (clause 6), and the structure and header details (clause 5) for both HI2 and HI3 information. ET
26、SI ETSI TS 102 232 V1.5.1 (2006-10) 7 1 Scope The present document specifies the general aspects of HI2 and HI3 interfaces for handover via IP based networks. The present document: specifies the modular approach used for specifying IP based handover interfaces. specifies the header(s) to be added to
27、 IRI and CC sent over the HI2 and HI3 interfaces respectively. specifies protocols for the transfer of IRI and CC across the handover interfaces. specifies protocol profiles for the handover interface. The present document is designed to be used where appropriate in conjunction with other deliverabl
28、es that define the service-specific IRI data formats (including TS 102 227 (see “bibliography“), TS 101 909-20-1 33, TS 101 909-20-2 34, TS 102 233 5 and TS 102 234 6). Where possible, the present document aligns with 3GPP TS 33.108 9 and TS 101 671 4 and supports the requirements and capabilities d
29、efined in TS 101 331 1 and TR 101 944 7. For the handover of intercepted data within GSM/UMTS PS domain, the present document does not override or supersede any specifications or requirements in TS 133.108 9 and TS 101 671 4. 2 References The following documents contain provisions which, through ref
30、erence in this text, constitute provisions of the present document. References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply. For a non-specific reference, the latest versio
31、n applies. Referenced documents which are not found to be publicly available in the expected location might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 1 ETSI TS
32、101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 2 ETSI ES 201 158: “Telecommunications security; Lawful Interception (LI); Requirements for network functions“. 3 Void. 4 ETSI TS 101 671: “Lawful Interception (LI); Handover interface for the lawful interception of telec
33、ommunications traffic“. NOTE: Periodically TS 101 671 is published as ES 201 671. A reference to the latest version of the TS as above reflects the latest stable content from ETSI/TC LI. 5 ETSI TS 102 233: “Lawful Interception (LI); Service specific details for E-mail services“. 6 ETSI TS 102 234: “
34、Lawful Interception (LI); Service-specific details for internet access services“. 7 ETSI TR 101 944: “Telecommunications Security; Lawful Interception (LI); Issues on IP Interception“. ETSI ETSI TS 102 232 V1.5.1 (2006-10) 8 8 ETSI ETR 232: “Security Techniques Advisory Group (STAG); Glossary of sec
35、urity terminology“. 9 ETSI TS 133 108: “Universal Mobile Telecommunications System (UMTS); 3G security; Handover interface for Lawful Interception (LI) (3GPP TS 33.108)“. 10 ISO 3166-1: “Codes for the representation of names of countries and their subdivisions - Part 1: Country codes“. 11 ITU-T Reco
36、mmendation X.680: “Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation“. 12 ITU-T Recommendation X.690: “Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Ru
37、les (DER)“. 13 FIPS PUB 186-2: “Digital Signature Standard (DSS)“. 14 IETF RFC 0791: “Internet Protocol“. 15 IETF RFC 0792: “Internet Control Message Protocol“. 16 IETF RFC 0793: “Transmission Control Protocol“. 17 IETF RFC 1122: “Requirements for Internet Hosts - Communication Layers“. 18 IETF RFC
38、1323: “TCP Extensions for High Performance“. 19 IETF RFC 1191: “Path MTU discovery“. 20 IETF RFC 2018: “TCP Selective Acknowledgement Options“. 21 IETF RFC 2246: “The TLS Protocol Version 1.0“. 22 IETF RFC 2460: “Internet Protocol, Version 6 (IPv6) Specification“. 23 IETF RFC 2581: “TCP Congestion C
39、ontrol“. 24 IETF RFC 2821: “Simple Mail Transfer Protocol“. 25 IETF RFC 2822: “Internet Message Format“. 26 IETF RFC 2923: “TCP Problems with Path MTU Discovery“. 27 IETF RFC 2988: “Computing TCPs Retransmission Timer“. 28 IETF RFC 3174: “US Secure Hash Algorithm 1 (SHA1)“. 29 IETF RFC 3268: “Advanc
40、ed Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)“. 30 IETF RFC 3280: “Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile“. 31 ISO/IEC TR 10000-1: “Information technology - Framework and taxonomy of International Standardized
41、 Profiles - Part 1: General principles and documentation framework“. 32 ETSI TS 102 815: “Lawful Interception (LI); Service-specific details for Layer 2 Lawful Interception“. 33 ETSI TS 101 909-20-1: “Digital Broadband Cable Access to the Public Telecommunications Network; IP Multimedia Time Critica
42、l Services; Part 20: Lawful Interception; Sub-part 1: CMS based Voice Telephony Services“. 34 ETSI TS 101 909-20-2: “Digital Broadband Cable Access to the Public Telecommunications Network; IP Multimedia Time Critical Services; Part 20: Lawful Interception; Sub-part 2: Streamed multimedia services“.
43、 ETSI ETSI TS 102 232 V1.5.1 (2006-10) 9 35 ETSI TR 102 503: “ASN.1 Object Identifiers in Lawful Interception Specifications“. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in TS 101 671 4, ES 201 158 2, TS 101 331 1 and the
44、 following apply: Communications Service Provider (CSP): term used to cover those organizations (e.g. Service Providers (SvP), Network Operators (NWO) or Access Providers (AP) who are obliged by law to provide interception international standardized profile: internationally agreed-to, harmonized doc
45、ument which describes one or more profiles profile: set of one or more base standards and/or international standardized profiles, and, where applicable, the identification of chosen classes, conforming subsets, options and parameters of those base standards, or International Standardized Profiles ne
46、cessary to accomplish a particular function Transport Related Information (TRI): information which is sent across a Handover Interface in order to maintain, test or secure the interface. NOTE: It does not include any CC or IRI 3.2 Abbreviations For the purposes of the present document, the following
47、 abbreviations apply: 3GPP Third Generation Partnership Project AP Access Provider ASN.1 Abstract Syntax Notation One BER Basic Encoding Rules CC Content of Communication CID Communication IDentifier CIN Communication Identity Number CSP Communications Service Provider DCC Delivery Country Code DF D
48、elivery Function DSL Digital Subscriber Line GPRS General Packet Radio Service GSM Global System for Mobile communications HI1 Handover Interface 1 (for Administrative Information) HI2 Handover Interface 2 (for Intercept Related Information) HI3 Handover Interface 3 (for Content of Communication) HM
49、 Handover Manager ICMP Internet Control Message Protocol IP Internet Protocol IPSec IP Security IRI Intercept Related Information ISP Internet Service Provider LEA Law Enforcement Agency LEMF Law Enforcement Monitoring Facility LGW Law enforcement monitoring facility GateWay LI Lawful Interception LIID Lawful Interception IDentifier MD Mediation Device MF Mediation Function (at CSP) MSS Maximum Segment Size MTU Maximum Transmission Unit ETSI ETSI TS 102 232 V1.5.1 (2
