1、 ETSI TS 133 107 V14.4.0 (2018-01) Universal Mobile Telecommunications System (UMTS); LTE; 3G security; Lawful interception architecture and functions (3GPP TS 33.107 version 14.4.0 Release 14) TECHNICAL SPECIFICATION ETSI ETSI TS 133 107 V14.4.0 (2018-01)13GPP TS 33.107 version 14.4.0 Release 14Ref
2、erence RTS/TSGS-0333107ve40 Keywords LTE,SECURITY,UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important
3、 notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written auth
4、orization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should
5、 be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the follo
6、wing services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF v
7、ersion shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPP
8、TM and LTE are trademarks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSM and the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI TS 133 107 V14.4.0 (2018-01)23GPP T
9、S 33.107 version 14.4.0 Release 14Intellectual Property Rights Essential patents IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can
10、 be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI
11、 IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademark
12、s The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention o
13、f those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refe
14、r to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/ke
15、y/queryform.asp. Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“
16、 and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 133 107 V14.4.0 (2018-01)33GPP TS 33.107 version 14.4.0 Release 14Contents Intellectual Property Rights 2g3Foreword . 2g3Modal verbs terminology 2g3Foreword . 15g3Introduction 15g31 Scope 16g32 Ref
17、erences 16g33 Definitions, symbols and abbreviations. 19g33.1 Definitions 19g33.2 Abbreviations . 20g34 Functional architecture . 22g35 Activation, deactivation and interrogation . 30g35.0 General . 30g35.1 Activation . 31g35.1.0 General 31g35.1.1 X1_1-interface 31g35.1.2 X1_2-interface (IRI) . 33g3
18、5.1.3 X1_3-interface (CC) . 33g35.2 Deactivation . 34g35.2.0 General 34g35.2.1 X1_1-interface 34g35.2.2 X1_2-interface (IRI) . 35g35.2.3 X1_3-interface (CC) . 35g35.3 Interrogation . 36g35.3.0 General 36g35.3.1 Interrogation of the 3G ICEs. 36g35.3.2 Interrogation of Delivery Functions 37g36 Invocat
19、ion of Lawful Interception (LI) for Circuit Switched (CS) services 38g36.0 General . 38g36.1 Provision of Intercept CC - Circuit Switched . 39g36.2 Provision of CC - Short Message Service 40g36.3 Provision of Intercept Related Information 41g36.3.0 General 41g36.3.1 X2-interface 41g36.3.2 Structure
20、of the events 41g36.3.3 Call Related events . 44g36.3.3.1 Call establishment . 44g36.3.3.2 Answer 44g36.3.3.3 Supplementary Services 45g36.3.3.4 Handover . 45g36.3.3.5 Release 45g36.3.4 Non Call Related events . 46g36.3.4.1 SMS. 46g36.3.4.2 Location update . 46g36.3.4.3 Subscriber Controlled Input (
21、SCI) 46g36.3.5 HLR Related events 46g36.3.5.1 Serving system 46g36.3.5.2 HLR subscriber record change 47g36.3.5.3 Cancel location 47g36.3.5.4 Register location . 48g36.4 Intercept cases for circuit switched supplementary services 49g36.4.1 Interception of Multiparty call 49g3ETSI ETSI TS 133 107 V14
22、.4.0 (2018-01)43GPP TS 33.107 version 14.4.0 Release 146.4.2 Interception for Call Forwarding / Call Deflection / ECT 49g37 Invocation of Lawful Interception for GSN Packet Data services . 50g37.0 General . 50g37.1 Provision of Intercept Product - Short Message Service 51g37.2 Provision of Intercept
23、ed Content of Communications - Packet data GSN services . 52g37.2.0 General 52g37.2.1 X3-interface 52g37.3 Provision of Intercept Related Information 53g37.3.0 General 53g37.3.1 X2-interface 54g37.3.2 Structure of the events 54g37.4 Packet Data related events 58g37.4.1 Mobile Station Attach. 58g37.4
24、.2 Mobile Station Detach 59g37.4.3 Packet Data PDP context activation . 59g37.4.4 Start of interception with PDP context active . 60g37.4.5 Packet Data PDP context deactivation 60g37.4.6 RA update . 61g37.4.7 SMS 61g37.4.8 Packet Data PDP context modification . 61g37.4.9 Serving System . 62g37.4.10
25、Start of interception with mobile station attached. 62g37.4.11 Packet Data Header Information . 62g37.4.11.0 Introduction . 62g37.4.11.1 Packet Data Header Report . 62g37.4.11.2 Packet Data Summary Report . 63g37.4.12 HLR subscriber record change 64g37.4.13 Cancel location . 64g37.4.14 Register loca
26、tion . 65g37.4.15 Location information request 65g37.4.16 Void 65g37.5 Void 65g37.6 Interception of the Multimedia Messaging Service (MMS) . 65g37A Invocation of Lawful Interception for Packet Data Multi-media Service 66g37A.1 Provision of content of communications 66g37A.1.A Decryption for IMS Medi
27、a Plane Security . 66g37A.2 Provision of IRI 66g37A.2.1 Provision of IRI with SIP messaging 66g37A.2.2 Provision of IRI with XCAP messages . 67g37A.2.3 Provision of IRI with Diameter or MAP messages related to HSS. 67g37A.2.3.0 General 67g37A.2.3.1 Serving system 68g37A.2.3.2 Subscriber record chang
28、e 69g37A.2.3.3 Registration Termination 70g37A.2.4 Provision of IRI for WebRTC. 71g37A.3 Multi-media events . 71g37A.3.0 General 71g37A.3.1 Mid IMS Session Interception 73g37A.3.1.0 General 73g37A.3.1.1 SDES Media Security . 74g37A.4 Multi-media Call State Control Service Scenarios . 74g37A.5 Push t
29、o talk over Cellular (PoC) . 74g37A.6 SMS over IMS 74g37A.7 LI for KMS based IMS Media Security . 74g37A.7.1 LI Architecture and functions . 74g37A.7.2 Signalling over the Xk interfaces and LI events . 75g37A.7.3 Cooperating KMSs . 76g37A.7.4 Security . 76g37A.7.5 Start of interception for an alread
30、y established IMS media secured session 77g37A.8 IMS IMEI Interception . 77g3ETSI ETSI TS 133 107 V14.4.0 (2018-01)53GPP TS 33.107 version 14.4.0 Release 147A.9 Void 77g38 Security. 78g38.0 General . 78g38.1 Administration security 78g38.2 IRI security . 78g38.2.1 Normal operation 78g38.2.2 Communic
31、ation failure . 79g38.3 CC security . 79g38.4 Security aspects of Lawful Interception (LI) billing 79g38.5 Other security issues . 79g38.5.1 Log files 79g38.5.2 Data consistency . 79g39 Invocation of Lawful Interception (LI) for 3GPP WLAN interworking services 80g39.0 General . 80g39.1 Provision of
32、Intercept Product - Short Message Service 80g39.2 Provision of Intercepted Content of Communications - 3GPP WLAN Interworking services 80g39.2.0 General 80g39.2.1 X3-interface 81g39.3 Provision of Intercept Related Information 81g39.3.0 General 81g39.3.1 X2-interface 82g39.3.2 3GPP WLAN Interworking
33、 LI Events and Event Information . 82g39.4 Structure of I-WLAN Events 89g39.4.1 I-WLAN Access Initiation 89g39.4.2 WLAN Access Termination . 90g39.4.3 I-WLAN Tunnel Establishment 90g39.4.4 I-WLAN Tunnel Disconnect. 91g39.4.5 Start of Intercept with I-WLAN Communication Active 92g39.4.6 Packet Data H
34、eader Information . 93g39.4.6.0 Introduction . 93g39.4.6.1 Packet Data Header Report . 93g39.4.6.2 Packet Data Summary Report . 94g310 Interception of Multimedia Broadcast/MultiCast Service (MBMS) 96g310.0 General . 96g310.1 Provision of Content of Communications 96g310.2 Provision of Intercept Rela
35、ted Information 96g310.2.0 General 96g310.2.1 X2-interface 97g310.2.2 MBMS LI Events and Event Information . 97g310.3 Structure of MBMS Events 99g310.3.1 Service Joining 99g310.3.2 Service Leaving 99g310.3.3 Start of Interception with Service Active 99g310.3.4 Subscription Activation 100g310.3.5 Sub
36、scription Modification 100g310.3.6 Subscription Termination . 101g311 IMS Conference Services . 101g311.1 Background for IMS Conference Services . 101g311.1A Start of Interception for IMS Conference Services 102g311.2 Provision of Intercepted Content of Communication - IMS Conference Services . 102g
37、311.2.0 General 102g311.2.1 X3-interface 103g311.3 Provision of Intercept Related Information for IMS Conference Service 103g311.3.0 General 103g311.3.1 X2-interface 104g311.3.2 IMS Conference Events and Event Information . 104g311.3.3 Structure of Conference Events 108g311.3.3.1 Start of Conference
38、 . 108g311.3.3.2 Party Join 108g3ETSI ETSI TS 133 107 V14.4.0 (2018-01)63GPP TS 33.107 version 14.4.0 Release 1411.3.3.3 Party Leave . 109g311.3.3.3A Conference Bearer Modification . 109g311.3.3.4 Start of Intercept on an Active Conference . 110g311.3.3.5 Conference End . 110g311.3.3.6 Creation of C
39、onference . 111g311.3.3.7 Update of Conference . 111g312 Lawful Interception for Evolved Packet System 112g312.1 LI functional architecture for EPS 112g312.2 Functional requirements for LI in case of E-UTRAN access and GTP based S5/S8. 115g312.2.0 General 115g312.2.1 Provision of Intercept Related I
40、nformation 116g312.2.1.0 General 116g312.2.1.1 X2-interface 116g312.2.1.2 Structure of the events . 116g312.2.2 X3-interface 121g312.2.3 EPS related events 122g312.2.3.1 Attach 122g312.2.3.2 Detach . 122g312.2.3.3 Bearer activation . 123g312.2.3.4 Bearer deactivation 123g312.2.3.5 Bearer modificatio
41、n . 124g312.2.3.6 Start of interception with active bearer . 125g312.2.3.7 Tracking Area/EPS Location Update 125g312.2.3.8 Serving Evolved Packet System 125g312.2.3.9 UE requested PDN connectivity . 126g312.2.3.10 UE requested PDN disconnection . 126g312.2.3.11 UE requested Bearer Resource Modificat
42、ion 126g312.2.3.12 Void. 127g312.2.3.13 Start of interception with E-UTRAN attached UE 127g312.2.3.14 Packet Data Header Information . 127g312.2.3.14.0 Introduction . 127g312.2.3.14.1 Packet Data Header Report 128g312.2.3.14.2 Packet Data Summary Report 128g312.2.3.15 HSS subscriber record change. 1
43、29g312.2.3.16 Cancel location 130g312.2.3.17 Register location . 130g312.2.3.18 Location information request 130g312.3 Functional requirements for LI in case of E-UTRAN access and PMIP based S5/S8 interfaces . 130g312.3.0 General 130g312.3.1 Provision of intercept related information 131g312.3.1.0 G
44、eneral 131g312.3.1.1 X2 interface . 131g312.3.1.2 Structure of the events . 132g312.3.2 X3-interface 135g312.3.3 LI events for E-UTRAN access with PMIP-based S5 or S8 . 135g312.3.3.1 Initial E-UTRAN Attach and UE PDN requested connectivity with PMIP-based S5 or S8 . 135g312.3.3.2 Detach and PDN disc
45、onnection for PMIP-based S5/S8 136g312.3.3.3 Start of interception with active tunnel for PMIP based S5/S8 . 136g312.3.3.4 Dedicated Bearer Procedures for E-UTRAN Access with PMIP-based S5/S8 . 136g312.3.3.5 PDN-GW initiated PDN-disconnection Procedure . 136g312.3.3.6 PMIP Session modification . 137
46、g312.3.3.7 Packet Data Header Information . 137g312.3.3.7.0 Introduction . 137g312.3.3.7.1 Packet Data Header Report 137g312.3.3.7.2 Packet Data Summary Report 138g312.4 Functional requirements for LI in case of trusted non-3GPP IP access . 139g312.4.0 General 139g312.4.1 Provision of Intercept Rela
47、ted Information 140g312.4.1.0 General 140g312.4.1.1 X2-interface 140g312.4.1.2 Structure of the events . 140g3ETSI ETSI TS 133 107 V14.4.0 (2018-01)73GPP TS 33.107 version 14.4.0 Release 1412.4.2 X3-interface 145g312.4.3 LI events for trusted Non-3GPP IP access 145g312.4.3.1 Initial Attach and PDN c
48、onnection activation with PMIPv6 on S2a . 145g312.4.3.2 Initial Attach and PDN connection activation procedures with MIPv4 FACoA on S2a 146g312.4.3.3 Initial Attach and PDN connection activation procedures with DSMIPv6 over S2c 146g312.4.3.4 Detach and PDN disconnection with PMIPv6 on S2a 147g312.4.
49、3.5 Detach and PDN disconnection with MIPv4 FACoA . 147g312.4.3.6 Detach and PDN disconnection with DSMIPv6 on S2c . 147g312.4.3.7 PDN-GW reallocation upon initial attach on s2c 148g312.4.3.8 PDN GW initiated Resource Allocation Deactivation with S2a PMIP . 148g312.4.3.9 PDN GW initiated Resource Allocation Deactivation with S2a MIP v4 . 148g312.4.3.10 Serving Evolved Packet System 149g312.4.3.11 Start of interception with active tunnel or bearer 149g312.4.3.12 PMIP session modification 149g312.4.3.13 DSMIP session modification . 149g312.4.3.14 Bearer activation . 150g312.4.3