Lawful interception
and Retained Data
Presentazione per lOsservatorio Sicurezza
Anfov
Autore:Dionisio Zumerle
Technical Officer - ETSI
dionisio.zumerle@etsi.org
ETSI 2007. All rights reserved
Osservatorio Sicurezza ANFOV - Milano, 14 Novembre 2007
Regulators
Correspondent
Interception Vendors
Providers
target
Mediation Vendors
Handover interface
Collection Vendors
Monitor
Meetings
Three plenary meetings a year (65-75 participants)
Rapporteur meetings on specific technical issues
(4 Rapp meetings per year average, 15-25 participants)
Political
Interception
Business
Retrieval
Handover
Analysis
Legal
process
Relations
Storage
Participation in ETSI TC LI
Law Enforcement Agencies / Governments organisations
NL, UK, DE, AS, S, GR, ES, FR, RU, FIN, IT, NO, CY, HU
USA, CA, AU, KR
Operators
KPN (NL), DT (DE), BT (UK), TeliaSonera (S), Inmarsat, Telenor (NO),
UPC, Telecom Italia, Telstra (AU), T-Mobile (DE), Vodafone (DE)
Manufacturers (switch)
Nokia Siemens Networks, Ericsson, Cisco,
Alcatel Lucent, Nortel, Marconi, Motorola
LI Handover Interface
Handover Interface for Lawful Interception (TS 101 671)
Generic flow of information and procedures and information
elements
Applicable to any future telecommunication network or service
Circuit switched and packet data
Covered technologies:
PSTN/ISDN
GSM
UMTS (CS)
GPRS
TETRA
wireline NGN (including PES)
wireline IMS PSTN simulation
Timestamp
Intercepted call direction (to / from target)
Intercepted call state (in progress, connected)
Address: Calling party / Called party / Forwarded-to-party / ..
E164, TEL URI, IMSI, IMEI, MSISDN, SIP URI,
LIID
Communication Identifier
Sequence number
Timestamp
Payload direction
IRI record type (Begin, Continue, End, Report)
...
SSD
for
E-mail
SSD
for
Internet
SSD
for
Layer-2
SSD
for IP
SSD
for
multimedia
PSTN/ISDN
Services
Services
Services
Services
Services
part 02
part 03
part 04
part 05
part 06
SSD
for
Mobile
Services
part 07
Presentation
Generic Headers
Session
Transport
Handover manager
Delivery session
Transport layer
Network layer
Network
and below
Delivery network
TS 102 232-1
CSP Domain
HI
HI1
LI Administration Function
(AF)
INI1b
INI1a
Intercept Related
Information Internal
Interception
Function (IRI-IIF)
Content of
Communication
Trigger Function
(CCTF)
INI1c
LEA Domain
Authorisation
authority /
Law
Enforcement
Agency
INI2
CCTI
Lawful
Interception
Mediation
Function
(MF)
CCCI
Content of
Communication
Internal Interception
Function (CC-IIF)
INI3
HI2
(IRI)
Law
Enforcement
Agency
HI3
(CC)
World Class
Standards
LI scenario on a VoIP MM platform
(TR 102
528)
CCIF
IRIIF
Remote
End Point
LIAF
LIMF
LEA
LEMF
INI2 Continue(15)
RTP (17)
INI3 RTP (18)
General on security of LI
Protection of Target information
Protection of Rooms, Systems, Connections, Signalling
Local staff
Only authorised personnel has knowledge that interception has been
activated on a target
Target
Target should not be able to detect that interception is taking place
Other parties
Other parties of any telecommunications service should not be able,
by any means, to detect that any interception facility has been
(de)activated or that interception is taking place
DTR/LI-00044
Security framework in Lawful Interception and Retained Data
environment
Retained Data in EU
15th of March 2006: the European Parliament
and the Council of the European Union adopted
Directive 2006/24/EC on Data Retention
Relation of RD to LI
Retention of Data is similar to LI
Process of providing information on private communications
Legally sanctioned
Concerns stored traffic, rather than traffic in transit (LI)
Regulators
LI equipment vendors
Telecom equipment vendors
Communication Service Providers
Wireline
Wireless
Internet services
Successful AND unsuccessful communication attempts
source of a communication
destination of a communication
date, time and duration of a communication
the type of communication
users' communication equipment
location of mobile communication equipment
Service
Provider
Handover Interface HI-B
transmission RD material
Requesting
Authority /
Law
Enforcement
Agency
Successful delivery
LEA
Modular approach
Framework standard
Message sets for request and delivery
Secure and reliable transport
Annex:
PSTN
Annex:
GSM
Annex:
Internet
access
services
Annex:
Multimedia
services
More information
http://portal.etsi.org/li
http://www.etsi.org/WebSite/Technologies/LawfulInterception.aspx