Content for TS 33.108 Word version: 18.0.0

0 Introduction p. 13

This Technical Specification has been produced by 3GPP TSG SA to allow for the standardization in the area of lawful interception of telecommunications. This document addresses the handover interfaces for lawful interception of Packet-Data Services, Circuit Switched Services, Multimedia Services within the Universal Mobile Telecommunication System (UMTS) and Evolved Packet System (EPS). The specification defines the handover interfaces for delivery of lawful interception Intercept Related Information (IRI) and Content of Communication (CC) to the Law Enforcement Monitoring Facility.

Laws of individual nations and regional institutions (e.g. European Union), and sometimes licensing and operating conditions define a need to intercept telecommunications traffic and related information in modern telecommunications systems. It has to be noted that lawful interception shall always be done in accordance with the applicable national or regional laws and technical regulations. Nothing in this specification, including the definitions, is intended to supplant national law.

This specification should be used in conjunction with TS 33.106 and TS 33.107 in the same release. This specification may also be used with earlier releases of TS 33.106 and TS 33.107, as well as for earlier releases of UMTS and GPRS.

1 Scope p. 14

The present document specifies the handover interfaces for Lawful Interception (LI) of Packet-Data Services, Circuit Switched Services, Multimedia Services within the UMTS network and Evolved Packet System (EPS). The handover interface in this context includes the delivery of Intercept Related Information (IRI) through the Handover Interface 2 (HI2) and Content of Communication (CC) through the Handover Interface 3 (HI3) to the Law Enforcement Monitoring Facility (LEMF).

2 References p. 14

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.

[1]

ETSI TS 101 331: "Lawful Interception (LI); Requirements of Law Enforcement Agencies".

[2]

ETSI ES 201 158: "Telecommunications security; Lawful Interception (LI); Requirements for network functions".

[3]

ETSI ETR 330: "Security Techniques Advisory Group (STAG); A guide to legislative and regulatory environment".

[4]

TS 29.002: "3rd Generation Partnership Project; Technical Specification Group Core Network; Mobile Application Part (MAP) specification".

[5A]

ITU-T Recommendation X.680: "Abstract Syntax Notation One (ASN.1): Specification of Basic Notation".

[5B]

ITU-T Recommendation X.681: "Abstract Syntax Notation One (ASN.1): Information Object Specification".

[5C]

ITU-T Recommendation X.681: "Abstract Syntax Notation One (ASN.1): Constraint Specification".

[5D]

ITU-T Recommendation X.681: "Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 Specifications".

[6]

ITU-T Recommendation X.690: "ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)".

[7]

ITU-T Recommendation X.880: "Information technology - Remote Operations: Concepts, model and notation".

[8] Void.

[9]

TS 24.008: "3GPP Technical Specification Group Core Network; Mobile radio interface Layer 3 specification, Core network protocol; Stage 3".

[10] - [12] Void.

[13]

RFC 0959 (STD 9): "File Transfer Protocol (FTP)".

[14]

TS 32.215: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Telecommunication Management; Charging Management; Charging data description for the Packet Switched (PS) domain)".

[15]

RFC 0791 (STD0005): "Internet Protocol".

[16]

RFC 0793 (STD0007): "Transmission Control Protocol".

[17]

TS 29.060: "3rd Generation Partnership Project; Technical Specification Group Core Network; General Packet Radio Service (GPRS); GPRS Tunnelling Protocol (GTP) across the Gn and Gp interface".

[18]

TS 33.106: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful Interception Requirements".

[19]

TS 33.107: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Lawful interception architecture and functions".

[20]

TS 23.107: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Quality of Service QoS concepts and architecture".

[21] - [22] Void.

[23]

ANSI/J-STD-025-A: "Lawfully Authorized Electronic Surveillance".

[24]

ETSI TS 101 671: "Handover Interface for the lawful interception of telecommunications traffic".

[25]

TS 23.003: "3rd Generation Partnership Project; Technical Specification Group Core Network; Numbering, addressing, and identification".

[26]

RFC 3261: "SIP: Session Initiation Protocol".

[27]

RFC 1006: "ISO Transport Service on top of the TCP".

[28]

RFC 2126: "ISO Transport Service on top of TCP (ITOT)".

[29]

ITU-T Recommendation Q.763: "Signalling System No. 7 - ISDN User Part formats and codes".

[30]

ETSI EN 300 356 (all parts): "Integrated Services Digital Network (ISDN); Signalling System No.7; ISDN User Part (ISUP) version 3 for the international interface".

[31]

ETSI EN 300 403-1 (V1.3.2): "Integrated Services Digital Network (ISDN); Digital Subscriber Signalling System No. one (DSS1) protocol; Signalling network layer for circuit-mode basic call control; Part 1: Protocol specification [ITU-T Recommendation Q.931 (1993), modified]".

[32] - [33] Void

[34]

ITU-T Recommendation Q.931: "ISDN user-network interface layer 3 specification for basic call control".

[35] Void.

[36] Void.

[37]

TS 23.032: "3rd Generation Partnership Project; Technical Specification Group Core Network; Universal Geographical Area Description (GAD)".

[38]

TR 21.905: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Vocabulary for 3GPP Specifications".

[39]

ISO 3166-1: "Codes for the representation of names of countries and their subdivisions - Part 1: Country codes".

[40]

TS 23.228: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; IP Multimedia Subsystem (IMS); Stage 2".

[41]

TS 29.234: "3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals: 3GPP System to Wireless Local Area Network (WLAN) interworking; Stage 3".

[42]

TS 23.060: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; General Packet Radio Service (GPRS); Service description".

[43]

TS 23.234: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP system to Wireless Local Area Network (WLAN) Interworking; System Description".

[44]

TS 23.401: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access".

[45]

TS 23.402: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Architecture enhancements for non-3GPP accesses".

[46]

TS 29.274: "3GPP Evolved Packet System (EPS); Evolved General Packet Radio Access (GPRS) Tunneling Protocol for Control Plane (GTPv2-C); Stage 3".

[47]

TS 24.301: "Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3".

[48]

TS 29.275: "Proxy Mobile IPv6 (PMIPv6) based Mobility and Tunneling protocols; Stage 3".

[49]

TS 24.303: "Mobility management based on Dual-Stack Mobile IPv6; Stage 3".

[50] Void

[51] Void

[52]

TS 24.147: "3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Conferencing Using the IP Multimedia (IM) Core Network (CN) subsystem 3GPP Stage 3".

[53]

TS 29.273: "3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Evolved Packet System (EPS); 3GPP EPS AAA interfaces".

[54]

TS 33.328: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; IP Multimedia Subsystem (IMS) media plane security".

[55]

ATIS-0700005 "Lawfully Authorized Electronic Surveillance (LAES) for 3GPP IMS-based VoIP and other Multimedia Services".

[56]

TS 29.212: "3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Policy and Charging Control(PCC); Reference points".

[57] Void.

[58]

RFC 4217: "Securing FTP with TLS".

[59]

TS 29.272: "3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Evolved Packet System (EPS); Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) related interfaces based on Diameter protocol".

[60]

TS 33.310: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Network Domain Security (NDS); Authentication Framework (AF)".

[61]

RFC 6043: "MIKEY-TICKET: Ticket-Based Modes of Key Distribution in Multimedia Internet KEYing (MIKEY)", available at www.ietf.org

[62]

TS 25.413: "UTRAN Iu interface Radio Access Network Application Part (RANAP) signalling".

[63]

TS 29.279: "Mobile IPv4 (MIPv4) based mobility protocols; Stage 3".

[64]

TS 29.118: "Mobility Management Entity (MME) -Visitor Location Register (VLR) SGs interface specification"

[65]

ANSI/J-STD-025-B: "Lawfully Authorized Electronic Surveillance", July 17, 2006.

[66]

TS 24.007: "Mobile Radio Interface Signalling Layer 3; General Aspects".

[67]

RFC 3966: "The Tel URIs for Telephone Numbers", December, 2004.

[68]

RFC 791: "Internet Protocol"

[69]

RFC 2460: "Internet Protocol, Version 6 (IPv6) Specification".

[70]

RFC 3697: "IPv6 Flow Label Specification".

[71]

RFC 4776: "Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information".

[72]

RFC 5139: "Revised Civic Location Format for Presence Information Data Format Location Object (PIDF-LO)".

[73]

ISO.3166-2: International Organization for Standardization, "Codes for the representation of names of countries and their subdivisions - Part 2: Country subdivision code".

[74]

UPS SB42-4: Universal Postal Union (UPU), "International Postal Address Components and Templates".

[75]

ISO 639-1:2002: "Codes for the representation of names of languages -- Part 1: Alpha-2 code".

[76]

TS 24.229: "IP multimedia call control protocol based on Session Initiation Protocol (SIP) and Session Description Protocol (SDP); Stage 3".

[77]

TS 24.623: "Technical Specification Group Core Network and Terminals; Extensible Markup Language (XML) Configuration Access Protocol (XCAP) over the Ut interface for Manipulating Supplementary Services".

[78]

TS 22.173: "IP Multimedia Core Network Subsystem (IMS) Multimedia Telephony Service and supplementary services; Stage 1".

[79]

TS 24.109: "Universal Mobile Telecommunications System (UMTS); Bootstrapping interface (Ub) and network application function interface (Ua); Protocol details".

[80]

RFC 4825:"The Extensible Markup Language (XML) Configuration Access Protocol (XCAP)".

[81]

RFC 7254: "A Uniform Resource Name Namespace for the Global System for Mobile Communications Association (GSMA) and the International Mobile station Equipment Identity (IMEI)"

[82]

RFC 7255: "Using the International Mobile station Equipment Identity (IMEI) Uniform Resource Name (URN) as an Instance ID".

[83]

TS 22.468: "Group Communication System Enablers for LTE (GCSE_LTE)".

[84]

TS 23.468: "Group Communication System Enablers for LTE (GCSE_LTE); Stage 2".

[85]

TS 25.321: "Medium Access Control (MAC) protocol specification".

[86]

TS 24.371: "Web Real-Time Communications (WebRTC) access to the IP Multimedia (IM) Core Network (CN) subsystem (IMS); Stage 3".

[87]

ITU-T Recommendation E.212: "The international identification plan for public networks and subscriptions".

[88]

OMA MLP TS: "Mobile Location Protocol", OMA-TS-MLP-V3_5-20181211-C.

[89]

MMS Architecture OMA-AD-MMS-V1_3-20110913-A.

[90]

Multimedia Messaging Service Encapsulation Protocol OMA-TS-MMS_ENC-V1_3-20110913-A.

[91]

TS 22.140: "Multimedia Messaging Service (MMS); Stage 1".

[92]

RFC 2822: "Internet Message Format".

[93]

RFC 3551: "RTP Profile for Audio and Video Conferences with Minimal Control".

[94]

RFC 4566: "Session Description Protocol".

[95]

RFC 3550: "Realtime Transport Protocol".

[96]

TS 29.229: "Cx and Dx interfaces based on the Diameter protocol; Protocol details".

[97]

OMA-AD-PoC-V2_1-20110802-A, Architecture Document.

[98]

OMA-TS-PoC_User Plane-V2_1-20110802-A.

[99]

TS 37.340: "Evolved Universal Radio Access (E-UTRA) and NR-Multi-connectivity; Stage 2".

[100]

TS 36.413: "E-UTRAN - S1 Application Protocol (S1AP)".

[101]

TS 29.336: "Home Subscriber Server (HSS) diameter interfaces for interworking with packet data networks and applications".

[102]

RFC 3588: "Diameter Base Protocol".

[103]

RFC 4282: "The Network Access Identifier".

[104]

ETSI TS 102 232-1: "Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 1: Handover specification for IP delivery".

[105]

ETSI TS 102 232-7: "Lawful Interception (LI); Handover Interface and Service-Specific Details (SSD) for IP delivery; Part 7: Service-specific details for Mobile Services".

[106]

TS 33.126: "Lawful interception requirements".

[107]

TS 23.040: "Technical realization of the Short Message Service (SMS)".

[108]

TS 23.038: "Alphabets and language-specific information".

3 Definitions and abbreviations p. 18

3.1 Definitions p. 18

For the purposes of the present document, the terms and definitions given in TR 21.905 and the following apply.

access provider:

access provider provides a user of some network with access from the user's terminal to that network.

(to) buffer:

temporary storing of information in case the necessary telecommunication connection to transport information to the LEMF is temporarily unavailable.

communication:

Information transfer according to agreed conventions.

content of communication:

information exchanged between two or more users of a telecommunications service, excluding intercept related information. This includes information which may, as part of some telecommunications service, be stored by one user for subsequent retrieval by another.

handover interface:

physical and logical interface across which the interception measures are requested from network operator / access provider / service provider, and the results of interception are delivered from a network operator / access provider / service provider to a law enforcement monitoring facility.

identity:

technical label which may represent the origin or destination of any telecommunications traffic, as a rule clearly identified by a physical telecommunications identity number (such as a telephone number) or the logical or virtual telecommunications identity number (such as a personal number) which the subscriber can assign to a physical access on a case-by-case basis.

interception:

action (based on the law), performed by a network operator / access provider / service provider, of making available certain information and providing that information to a law enforcement monitoring facility.

interception configuration information:

information related to the configuration of interception.

interception interface:

physical and logical locations within the network operator's / access provider's / service provider's telecommunications facilities where access to the content of communication and intercept related information is provided. The interception interface is not necessarily a single, fixed point.

interception measure:

technical measure which facilitates the interception of telecommunications traffic pursuant to the relevant national laws and regulations.

intercept related information:

collection of information or data associated with telecommunication services involving the target identity, specifically communication associated information or data (e.g. unsuccessful communication attempts), service associated information or data and location information.

internal intercepting function:

point within a network or network element at which the content of communication and the intercept related information are made available.

internal network interface:

network's internal interface between the Internal Intercepting Function and a mediation device.

invocation and operation:

describes the action and conditions under which the service is brought into operation; in the case of a lawful interception this may only be on a particular communication. It should be noted that when lawful interception is activated, it shall be invoked on all communications (Invocation takes place either subsequent to or simultaneously with activation.). Operation is the procedure which occurs once a service has been invoked.

law enforcement agency:

organization authorized by a lawful authorization based on a national law to request interception measures and to receive the results of telecommunications interceptions.

law enforcement monitoring facility:

law enforcement facility designated as the transmission destination for the results of interception relating to a particular target.

lawful authorization:

permission granted to a LEA under certain conditions to intercept specified telecommunications and requiring co-operation from a network operator / access provider / service provider. Typically this refers to a warrant or order issued by a lawfully authorized body.

lawful interception:

see interception.

lawful interception identifier:

identifier for a particular interception.

Location Dependent Interception:

is interception of a target mobile within a network service area that is restricted to one or several Interception Areas (IA).

location information:

information relating to the geographic, physical or logical location of an identity relating to an target.

mediation device:

equipment, which realizes the mediation function.

mediation function:

mechanism which passes information between a network operator, an access provider or service provider and a handover interface, and information between the internal network interface and the handover interface.

network element:

component of the network structure, such as a local exchange, higher order switch or service control processor.

network element identifier:

uniquely identifies the relevant network element carrying out the lawful interception.

network identifier:

internationally unique identifier that includes a unique identification of the network operator, access provider, or service provider and, optionally, the network element identifier.

network operator:

operator of a public telecommunications infrastructure which permits the conveyance of signals between defined network termination points by wire, by microwave, by optical means or by other electromagnetic means.

precision:

the number of digits with which a numerical value is expressed, e.g. the number of decimal digits or bits.

quality of service:

quality specification of a telecommunications channel, system, virtual channel, computer-telecommunications session, etc. Quality of service may be measured, for example, in terms of signal-to-noise ratio, bit error rate, message throughput rate or call blocking probability.

reliability:

probability that a system or service will perform in a satisfactory manner for a given period of time when used under specific operating conditions.

result of interception:

information relating to a target service, including the content of communication and intercept related information, which is passed by a network operator, an access provider or a service provider to a law enforcement agency. Intercept related information shall be provided whether or not call activity is taking place.

service information:

information used by the telecommunications infrastructure in the establishment and operation of a network related service or services. The information may be established by a network operator, an access provider, a service provider or a network user.

service provider:

natural or legal person providing one or more public telecommunications services whose provision consists wholly or partly in the transmission and routing of signals on a telecommunications network. A service provider needs not necessarily run his own network.

SMS:

Short Message Service gives the ability to send character messages to phones. SMS messages can be MO (mobile originate) or MT(mobile terminate).

target identity:

technical identity (e.g. the interception's target directory number), which uniquely identifies a target. One target may have one or several target identities.

target service:

telecommunications service associated with an target and usually specified in a lawful authorization for interception.

telecommunications:

any transfer of signs, signals, writing images, sounds, data or intelligence of any nature transmitted in whole or in part by a wire, radio, electromagnetic, photoelectronic or photo-optical system.

3.2 Abbreviations p. 20

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply:

A-MSISDN

Additional MSISDN

Access Network

ASE

Application Service Element

ASN.1

Abstract Syntax Notation, Version 1

BER

Basic Encoding Rules

Content of Communication

CSCF

Call Session Control Function

Delivery Function

DSMIP

Dual Stack MIP

e-PDG

Evolved PDG

EPS

Evolved Packet System

E-UTRAN

Evolved UTRAN

FTP

File Transfer Protocol

GGSN

Gateway GPRS Support Node

GPRS

General Packet Radio Service

GSM

Global System for Mobile communications

GSN

GPRS Support Node (SGSN or GGSN)

GTP

GPRS Tunnelling Protocol

Home Agent

Handover Interface

HI1

Handover Interface Port 1 (for Administrative Information)

HI2

Handover Interface Port 2 (for Intercept Related Information)

HI3

Handover Interface Port 3 (for Content of Communication)

HLC

High Layer Compatibility

HSS

Home Subscriber Server

Interception Area

IA5

International Alphabet No. 5

IAP

Interception Access Point

IBCF

Interconnecting Border Control Function

ICI

Interception Configuration Information

Information Element

IIF

Internal Interception Function

IMEI

International Mobile station Equipment Identity

IM-MGW

IMS Media Gateway

IMS

IP Multimedia Core Network Subsystem

IMS-AGW

IMS Acess Gateway

IMSI

International Mobile Subscriber Identity

INI

Internal network interface

Internet Protocol

IP-CAN

IP-Connectivity Access Network

IPS

Internet Protocol Stack

IRI

Intercept Related Information

ITOT

ISO Transport Service on top of TCP

LALS

Lawful Access Location Services

LCS

Location Services

LEA

Law Enforcement Agency

LEMF

Law Enforcement Monitoring Facility

Lawful Interception

LIID

Lawful Interception Identifier

LLC

Lower layer compatibility

LSB

Least significant bit

MAP

Mobile Application Part

MCPTT

Mission Critical Push To Talk

Mobile Entity

Mediation Function

MGCF

Media Gateway Control Function

MIP

Mobile IP

MME

Mobility Management Entity

Mobile Station

MSB

Most significant bit

MSISDN

Mobile Subscriber ISDN Number

MSN

Multiple Subscriber Number

NEID

Network Element Identifier

NID

Network Identifier

NIDD

Non-IP Data Delivery

Network Operator

OA&M

Operation, Administration & Maintenance

P-CSCF

Proxy Call Session Control Function

PDG

Packet Data Gateway

PDN

Packet Data Network

PDN-GW

PDN Gateway

PDP

Packet Data Protocol

PLMN

Public land mobile network

PMIP

Proxy Mobile IP

POC

Push to talk Over Cellular

PSTN

Public Switched Telephone Network

PTC

Push to Talk over Cellular (Encompasses POC and MCPTT services)

Receive direction

S-CSCF

Serving Call Session Control Function

SCEF

Service Capability Exposure Function

SDP

Session Description Protocol

SGSN

Serving GPRS Support Node

S-GW

Serving Gateway

SIP

Session Initiation Protocol

SMAF

Service Management Agent Function

SMF

Service Management Function

SMS

Short Message Service

Service Provider

TAU

Tracking Area Update

TCP

Transmission Control Protocol

Target identity

TLS

Transport Layer Security

Terminal Portability

T-PDU

tunneled PDU

TPKT

Transport Packet

TrGW

Transit Gateway

TWAN

Trusted WLAN Access Network

Transmit direction

User Interaction

ULIC

UMTS LI Correlation

UMTS

Universal Mobile Telecommunication System

URI

Universal Resource Identifier

URL

Universal Resource Locator

UTRAN

Universal Terrestrial Radio Access Network

VPN

Virtual Private Network

WAF

WebRTC Authorisation Function

WebRTC

Web Real Time Communications

WIC

WebRTC IMS Client

WWSF

WebRTC Web Server Function