1、 ETSI TS 102 836-2 V1.1.1 (2009-11)Technical Specification Access, Terminals, Transmission and Multiplexing (ATTM);Lawful Interception (LI);Part 2: Interception of IP Data Service on Cable Operators Broadband IP Network: Internal Network InterfacesETSI ETSI TS 102 836-2 V1.1.1 (2009-11)2Reference DT
2、S/ATTM-02007-2 Keywords access, cable, lawful interception ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Impor
3、tant notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the
4、 Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Infor
5、mation on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No pa
6、rt may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2009. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are Tr
7、ade Marks of ETSI registered for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. LTE is a Trade Mark of ETSI currently being registered for the benefit of its Members and of the 3GPP Organizational Partners
8、. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 836-2 V1.1.1 (2009-11)3Contents Intellectual Property Rights 4g3Foreword . 4g3Introduction 4g31 Scope 5g31.1 Requirements notation 5g32 References 6g32.1 Normative references . 6g32.2 Informative ref
9、erences 7g33 Abbreviations . 7g34 Requirements 8g35 Overview 9g36 Internal Cable Network Interfaces 10g36.1 Introduction 10g36.2 INI1 10g36.2.1 Dynamically assigned IP-addresses 11g36.2.2 DHCPv4 requirements on CMTS . 11g36.2.3 DHCPv6 requirements on CMTS . 12g36.2.4 Non-dynamically assigned IP-addr
10、esses . 12g36.3 INI2b 12g36.4 INI3 - Call Content (CC) of Communication Interface 12g36.4.1 Call Content Connection Identifier . 13g36.4.2 Original IP Header 13g36.4.3 Original other header 13g36.4.5 Original Payload . 14g36.5 SBCF (SNMP based Configuration Function) . 14g37 LI Cable Broadband IP Ne
11、twork Architecture . 14g37.1 Dimensioning and Capacity . 15g37.2 Elements of Cable Broadband IP Network . 15g37.3 Functional Description . 15g37.3.1 LI Process: Interception of provisioning messaging . 16g37.3.2 LI Process: interception of IP data 18g37 Security. 19g3Annex A (informative): Requireme
12、nts listed in Council Resolution of 17 January 1995 20g3History 22g3ETSI ETSI TS 102 836-2 V1.1.1 (2009-11)4Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publ
13、icly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI
14、 Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are,
15、or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Access, Terminals, Transmission and Multiplexing (ATTM). NOTE: An earlier specification to the current document referring to Lawful Interception withi
16、n a Cable Network was produced by ETSI Access and Terminals, subgroup AT-D (Digital). The present document is part 2 of a multi-part deliverable covering Data Over Cable Systems, as identified below: Part 1: “Interception of IP Telephony Service on Cable Operators Broadband IP Network: Intenral Netw
17、ork Interfaces“; Part 2: “Interception of IP Data Service on Cable Operators Broadband IP Network: Intenral Network Interfaces“; Part 3: “Interception of email Service on Cable Operators Broadband IP Network: Intenral Network Interfaces“. Introduction The cable industry in Europe and across other gl
18、obal regions have already deployed broadband cable television Hybrid Fibre/Coaxial (HFC) IP data and telephony networks running the Cable Modem Protocol. The cable industry is in the rapid stages of implementing interfaces that provide the capabilities for lawful interception (LI) of these services
19、in accordance with requirements of Law Enforcement Agencies. The cable industry has recognized the urgent need to develop ETSI Technical Specifications aimed at developing interoperable interface specifications and mechanisms for LI of IP telephony communications services. The present document speci
20、fies the Lawful Interception (LI) and implementation of IP Data services within a Cable Operators Broadband IP Network for the purpose of providing such intercepted information to Law Enforcement Agencies (LEAs). ETSI ETSI TS 102 836-2 V1.1.1 (2009-11)51 Scope The present document specifies the inte
21、rnal network interfaces to enable the lawful interception (LI) of IP Data services over cable operators broadband IP Networks. The current document describes the LI functional elements and interfaces for both the NCS based and SIP protocol signalling architectures within a PacketCable network archit
22、ecture framework. The present document provides the requirements for the internal cable network interfaces and there functions for those network elements within a Cable Operators network that are involved in the production of the interception of call content and call related information relating to
23、the interception target of IP Data communication services. The provision of a (LI) interface for a Cable Operators Broadband IP Network is a national option, however where it is provided it shall be provided as described in the present document. The structure of (LI) in telecommunications is in two
24、parts: The internal interface of a network that is built using a particular technology; and, the external interface (known as the Handover Interface) that links the LEA to the network. Between these two parts is described a LI mediation device (MD) whose functions cater for managing and provisioning
25、 the network elements for interception as well as national variances and delivery of the result of interception. The administration of LI is a function that is typically integrated within the manufactuers MD but may also be a separate device. For the purpose of the current document the administratio
26、n frunction is assumed as integrated within the MD. The subject of the present document is the internal network LI interfaces that lies between the elements of a Cable Operators IP Broadband infrastructure and the functions of the MD. The Handover Interface is out of scope of the present document. T
27、he current document assumes the delivery requirements specified by ETSI Technical Committee Lawful Intercept (TC LI), ES 201 671 2, TS 101 671 3 and TS 102 232 4. In addition the Handover Interface may be the subject of national regulation and therefore the function of the mediation device for deliv
28、ery of the intercepted information to the LEA may also be a matter of national regulation. The document specifies the internal interfaces for IPv4 and IPv6 networks. For systems that are used in networks that only use IPv4, the requirements specific for IPv6 are not applicable. Systems that use SIP
29、based on Packet Cable 2.0 is out of scope of the present document. Systems that use PPPoE over cable networks are out-of-scope. 1.1 Requirements notation If the present document is implemented, the key words “MUST“ and “SHALL“ as well as “REQUIRED“ are to be interpreted as indicating a mandatory asp
30、ect of the present document. The keywords indicating a certain level of significance of a particular requirement that are used throughout the present document are summarized below. MUST This word or the adjective “REQUIRED“ means that the item is an absolute requirement of the present document. MUST
31、 NOT This phrase means that the item is an absolute prohibition of the present document. SHOULD This word or the adjective “RECOMMENDED“ means that there may exist valid reasons in particular circumstances to ignore this item, but the full implications should be understood and the case carefully wei
32、ghed before choosing a different course. SHOULD NOT This phrase means that there may exist valid reasons in particular circumstances when the listed behaviour is acceptable or even useful, but the full implications should be understood and the case carefully weighed before implementing any behaviour
33、 described with this label. MAY This word or the adjective “OPTIONAL“ means that this item is truly optional. One vendor may choose to include the item because a particular marketplace requires it or because it enhances the product, for example; another vendor may omit the same item. ETSI ETSI TS 10
34、2 836-2 V1.1.1 (2009-11)62 References References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For a specific reference, subsequent revisions do not apply. Non-specific reference may be made only to a complete document or a part ther
35、eof and only in the following cases: - if it is accepted that it will be possible to use all future changes of the referenced document for the purposes of the referring document; - for informative references. Referenced documents which are not found to be publicly available in the expected location
36、might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are indispensable for the application of the present
37、 document. For dated references, only the edition cited applies. For non-specific references, the latest edition of the referenced document (including any amendments) applies. 1 Council Resolution of 17 January 1995 on the lawful interception of telecommunications. 2 ETSI ES 201 671: “Lawful Interce
38、ption (LI); Handover interface for the lawful interception of telecommunications traffic“. 3 ETSI TS 101 671: “Lawful Interception (LI); Handover interface for the lawful interception of telecommunications traffic“. 4 ETSI TS 102 232: “Lawful Interception (LI); Handover specification for IP delivery
39、“. 5 ETSI TS 101 909-4: “Digital Broadband Cable Access to the Public Telecommunications Network; IP Multimedia Time Critical Services;Part 4: Network Call Signalling Protocol Partial Endorsement of ITU-T Recommendation J.162 (11/2005), modified“. 6 IETF RFC 3261: “SIP: Session Initiation Protocol“.
40、 7 CableLabs PKT-SP-ESP1.5-IO2-070412: “Electronic Survellience“, April 12 2007. 8 IETF RFC 768/ST0006 (August 1980): “User Datagram Protocol“. 9 IETF RFC 1305 (March 1992): “Network Time Protocol (Version 3) Specification, Implementation and Analysis. 10 IETF RFC 791/STD0005 (September 1981): “Inte
41、rnet Protocol“. 11 Void. 12 Void. 13 IETF RFC 3924: “Cisco Architecture for Lawful Intercept in IP Networks“. 14 ETSI ES 201 158: “Telecommunications security; Lawful Interception (LI); Requirements for network functions“. ETSI ETSI TS 102 836-2 V1.1.1 (2009-11)72.2 Informative references The follow
42、ing referenced documents are not essential to the use of the present document but they assist the user with regard to a particular subject area. For non-specific references, the latest version of the referenced document (including any amendments) applies. i.1 ETSI TR 102 661 (November 2008): “Lawful
43、 Interception (LI); Security framework in Lawful Interception and Retained Data environment“. i.2 ETSI TS 101 331: “Lawful Interception (LI); Requirements of Law Enforcement Agencies“. 3 Abbreviations For the purposes of the present document, the following abbreviations apply: CC Call Content CCC Co
44、mmunication Call Content CMTS Cable Modem Termination System CRD Call Related Details DA Destination AddressDHCP Dynamic Host Configuration Protocol eMTA embedded Media Terminal AdapterHFC Hybrid Fiber Coax HI Handover Interface IAP Intercept Access Point IETF Internet Engineering Task Force IIF Int
45、ernal Intercept Function INI Internal Network Interface IP Internet Protocol IRI Intercept Related Information LEA Law Enforcement AgencyLEMF Law Enforcement Monitoring Facility LI Law Interception LIAF Lawful Interception Administration Function LIMD Lawful Intercept Mediation Device MAC Media Acce
46、ss Control MD Mediation Device MF Mediation FunctionMG Media Gateway MGC Media Gateway Controller MIB Management Information Base MTA Media Terminal Adapter NCS Network-based Call Signalling NWO Network OperatorSBCF SNMP Based Configuration Function SIP Session Initiation Protocol SNMP Simple Networ
47、k Management Protocol SvP Service Provider TAP Tapping TCP Transmission Control Protocol UDP User Data Protocol USM User-based Security Module VACM View-based Access Control Module ETSI ETSI TS 102 836-2 V1.1.1 (2009-11)84 Requirements European cable operators are required to have the capability of
48、intercepting messages passed over their networks system in any form. This capability should be covert, not affect the operation of the system in any discernible way or be detectable by the end user. Therefore, a European implementation for a Cable Broadband IP network should include the following fu
49、nctionality: a) the network equipment needs to be capable of copying all Communication Call Content (CCC) being carried to and from specified target addresses to an additional delivery address specified by the network operator; b) in the short term, for practical reasons, identification of voice related calls (including fax and modem calls) may use E.164 addresses; c) where interception of both data and multi-media content is also required, the delivery address will be specified as an IP address in either the standard IPv4 or
